2 # SPDX-License-Identifier: BSD-3-Clause
4 . ${DIR}/trs_aesgcm_common_defs.sh
6 SGW_CMD_XPRM='-w 300 -l'
10 ssh ${REMOTE_HOST} ip xfrm policy flush
11 ssh ${REMOTE_HOST} ip xfrm state flush
13 ssh ${REMOTE_HOST} ip xfrm policy add \
14 src ${REMOTE_IPV4} dst ${LOCAL_IPV4} \
15 dir out ptype main action allow \
16 tmpl proto esp mode transport reqid 1
18 ssh ${REMOTE_HOST} ip xfrm policy add \
19 src ${LOCAL_IPV4} dst ${REMOTE_IPV4} \
20 dir in ptype main action allow \
21 tmpl proto esp mode transport reqid 2
23 ssh ${REMOTE_HOST} ip xfrm state add \
24 src ${REMOTE_IPV4} dst ${LOCAL_IPV4} \
25 proto esp spi 7 reqid 1 mode transport replay-window 64 \
26 aead "rfc4106\(gcm\(aes\)\)" \
27 0xdeadbeefdeadbeefdeadbeefdeadbeefdeadbeef 128
29 ssh ${REMOTE_HOST} ip xfrm state add \
30 src ${LOCAL_IPV4} dst ${REMOTE_IPV4} \
31 proto esp spi 7 reqid 2 mode transport replay-window 64 \
32 aead "rfc4106\(gcm\(aes\)\)" \
33 0xdeadbeefdeadbeefdeadbeefdeadbeefdeadbeef 128
35 ssh ${REMOTE_HOST} ip xfrm policy list
36 ssh ${REMOTE_HOST} ip xfrm state list
43 ssh ${REMOTE_HOST} ip xfrm policy add \
44 src ${REMOTE_IPV6} dst ${LOCAL_IPV6} \
45 dir out ptype main action allow \
46 tmpl proto esp mode transport reqid 3
48 ssh ${REMOTE_HOST} ip xfrm policy add \
49 src ${LOCAL_IPV6} dst ${REMOTE_IPV6} \
50 dir in ptype main action allow \
51 tmpl proto esp mode transport reqid 4
53 ssh ${REMOTE_HOST} ip xfrm state add \
54 src ${REMOTE_IPV6} dst ${LOCAL_IPV6} \
55 proto esp spi 9 reqid 3 mode transport replay-window 64 \
56 aead "rfc4106\(gcm\(aes\)\)" \
57 0xdeadbeefdeadbeefdeadbeefdeadbeefdeadbeef 128
59 ssh ${REMOTE_HOST} ip xfrm state add \
60 src ${LOCAL_IPV6} dst ${REMOTE_IPV6} \
61 proto esp spi 9 reqid 4 mode transport replay-window 64 \
62 aead "rfc4106\(gcm\(aes\)\)" \
63 0xdeadbeefdeadbeefdeadbeefdeadbeefdeadbeef 128
65 ssh ${REMOTE_HOST} ip xfrm policy list
66 ssh ${REMOTE_HOST} ip xfrm state list