mirror of
https://github.com/strongswan/strongswan.git
synced 2025-10-05 00:00:45 -04:00
35392aa869
While the alias is available after enabling the unit, we don't actually do that in our testing environment (adding a symlink manually would work too, then again, why not just use the proper name?).
18 lines
738 B
Plaintext
18 lines
738 B
Plaintext
moon::iptables-restore < /etc/iptables.rules
|
|
sun::iptables-restore < /etc/iptables.rules
|
|
moon::ip tunnel add gre-moon local PH_IP_MOON remote PH_IP_SUN mode gre key 42
|
|
moon::ip link set gre-moon up
|
|
moon::ip route add 10.2.0.0/16 dev gre-moon
|
|
moon::iptables -A FORWARD -i gre-moon -j ACCEPT
|
|
moon::iptables -A FORWARD -o gre-moon -j ACCEPT
|
|
sun::ip tunnel add gre-sun local PH_IP_SUN remote PH_IP_MOON mode gre key 42
|
|
sun::ip link set gre-sun up
|
|
sun::ip route add 10.1.0.0/16 dev gre-sun
|
|
sun::iptables -A FORWARD -i gre-sun -j ACCEPT
|
|
sun::iptables -A FORWARD -o gre-sun -j ACCEPT
|
|
moon::systemctl start strongswan
|
|
sun::systemctl start strongswan
|
|
moon::expect-connection gw-gw
|
|
sun::expect-connection gw-gw
|
|
moon::swanctl --initiate --child gre
|