2 # SPDX-License-Identifier: BSD-3-Clause
4 . ${DIR}/trs_aescbc_sha1_common_defs.sh
6 SGW_CMD_XPRM='-e -w 300 -l'
10 ssh ${REMOTE_HOST} ip xfrm policy flush
11 ssh ${REMOTE_HOST} ip xfrm state flush
13 ssh ${REMOTE_HOST} ip xfrm policy add \
14 src ${REMOTE_IPV4} dst ${LOCAL_IPV4} \
15 dir out ptype main action allow \
16 tmpl proto esp mode transport reqid 1
18 ssh ${REMOTE_HOST} ip xfrm policy add \
19 src ${LOCAL_IPV4} dst ${REMOTE_IPV4} \
20 dir in ptype main action allow \
21 tmpl proto esp mode transport reqid 2
23 ssh ${REMOTE_HOST} ip xfrm state add \
24 src ${REMOTE_IPV4} dst ${LOCAL_IPV4} \
25 proto esp spi 7 reqid 1 mode transport replay-window 64 flag esn \
26 auth sha1 0xdeadbeefdeadbeefdeadbeefdeadbeefdeadbeef \
27 enc aes 0xdeadbeefdeadbeefdeadbeefdeadbeef
29 ssh ${REMOTE_HOST} ip xfrm state add \
30 src ${LOCAL_IPV4} dst ${REMOTE_IPV4} \
31 proto esp spi 7 reqid 2 mode transport replay-window 64 flag esn \
32 auth sha1 0xdeadbeefdeadbeefdeadbeefdeadbeefdeadbeef \
33 enc aes 0xdeadbeefdeadbeefdeadbeefdeadbeef
35 ssh ${REMOTE_HOST} ip xfrm policy list
36 ssh ${REMOTE_HOST} ip xfrm state list
43 ssh ${REMOTE_HOST} ip xfrm policy add \
44 src ${REMOTE_IPV6} dst ${LOCAL_IPV6} \
45 dir out ptype main action allow \
46 tmpl proto esp mode transport reqid 3
48 ssh ${REMOTE_HOST} ip xfrm policy add \
49 src ${LOCAL_IPV6} dst ${REMOTE_IPV6} \
50 dir in ptype main action allow \
51 tmpl proto esp mode transport reqid 4
53 ssh ${REMOTE_HOST} ip xfrm state add \
54 src ${REMOTE_IPV6} dst ${LOCAL_IPV6} \
55 proto esp spi 9 reqid 3 mode transport replay-window 64 flag esn \
56 auth sha1 0xdeadbeefdeadbeefdeadbeefdeadbeefdeadbeef \
57 enc aes 0xdeadbeefdeadbeefdeadbeefdeadbeef
59 ssh ${REMOTE_HOST} ip xfrm state add \
60 src ${LOCAL_IPV6} dst ${REMOTE_IPV6} \
61 proto esp spi 9 reqid 4 mode transport replay-window 64 flag esn \
62 auth sha1 0xdeadbeefdeadbeefdeadbeefdeadbeefdeadbeef \
63 enc aes 0xdeadbeefdeadbeefdeadbeefdeadbeef
65 ssh ${REMOTE_HOST} ip xfrm policy list
66 ssh ${REMOTE_HOST} ip xfrm state list