On Wed, 11 Mar 2020 at 09:10, Paul Wouters <[email protected]> wrote: > > I pulled the first part of the change as I discovered tests running: > > ipsec status | grep STATE_ > > that's wrong at so many levels. > > It is, but it was easy. But those can be changed to "ipsec briefstatus" > which also just displays the states, without depending on the STATE_ > string. But it will change the output slightly so it will require fixing > up a bunch of tests.
Is that sufficient. For instance: --- MASTER/testing/pluto/certoe-18-pass-then-go-slash24-keyingtries1/road.console.txt +++ OUTPUT/testing/pluto/certoe-18-pass-then-go-slash24-keyingtries1/road.console.txt @@ -105,11 +105,14 @@ # there should be no %pass shunts on either side and an active tunnel and no partial IKE states road # ipsec briefstatus -000 #2: "private-or-clear#192.1.2.0/24"[2] ...192.1.2.23:500 STATE_PARENT_R2 (received v2I2, PARENT SA established); EVENT_SA_REKEY in XXs; newest ISAKMP; idle; -000 #3: "private-or-clear#192.1.2.0/24"[2] ...192.1.2.23:500 STATE_V2_IPSEC_R (IPsec SA established); EVENT_SA_REKEY in XXs; newest IPSEC; eroute owner; isakmp#2; idle; +000 +000 State Information: DDoS cookies not required, Accepting new IKE connections +000 IKE SAs: total(1), half-open(0), open(0), authenticated(1), anonymous(0) +000 IPsec SAs: total(1), authenticated(1), anonymous(0) +000 _______________________________________________ Swan-dev mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan-dev
