sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-06 00:00:47 -04:00
Code Issues Projects Releases Wiki Activity
strongswan/testing/tests/ikev2/net2net-dscp/pretest.dat
Tobias Brunner 6910347d1a testing: Add DSCP scenario that uses simple labels 
Instead of creating two IKE_SAs with different identities, this scenario
uses simple labels to select the correct child config.
2022-04-14 18:42:01 +02:00

17 lines
943 B
Plaintext
Raw Blame History

moon::iptables-restore < /etc/iptables.rules
sun::iptables-restore < /etc/iptables.rules
alice::iptables -t mangle -A OUTPUT -p icmp -j DSCP --set-dscp-class BE
venus::iptables -t mangle -A OUTPUT -p icmp -j DSCP --set-dscp-class EF
moon::iptables -t mangle -A PREROUTING -m dscp --dscp-class BE -j MARK --set-mark 10
moon::iptables -t mangle -A PREROUTING -m dscp --dscp-class EF -j MARK --set-mark 20
bob::iptables -t mangle -A OUTPUT -d PH_IP_ALICE -p icmp -j DSCP --set-dscp-class BE
bob::iptables -t mangle -A OUTPUT -d PH_IP_VENUS -p icmp -j DSCP --set-dscp-class EF
sun::iptables -t mangle -A PREROUTING -m dscp --dscp-class BE -j MARK --set-mark 10
sun::iptables -t mangle -A PREROUTING -m dscp --dscp-class EF -j MARK --set-mark 20
sun::systemctl start strongswan
moon::systemctl start strongswan
sun::expect-connection dscp
moon::expect-connection dscp
moon::swanctl --initiate --child net-be
moon::swanctl --initiate --child net-ef
Reference in New Issue View Git Blame Copy Permalink