[Openswan Users] Road warrior test on lan

Federico fviel at comune.belluno.it
Thu Mar 9 12:23:06 CET 2006


Skipped content of type multipart/alternative-------------- next part --------------
multilinus
Thu Mar  9 12:01:43 CET 2006
+ _________________________ version
+ ipsec --version
Linux Openswan U2.2.0/K2.4.27-2-386 (native)
See `ipsec --copyright' for copyright information.
+ _________________________ proc/version
+ cat /proc/version
Linux version 2.4.27-2-386 (horms at tabatha.lab.ultramonkey.org) (gcc version 3.3.5 (Debian 1:3.3.5-12)) #1 Mon May 16 16:47:51 JST 2005
+ _________________________ proc/net/ipsec_eroute
+ test -r /proc/net/ipsec_eroute
+ _________________________ netstat-rn
+ netstat -nr
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
10.6.3.132      10.6.3.132      255.255.255.255 UGH       0 0          0 eth0
10.6.3.128      0.0.0.0         255.255.255.128 U         0 0          0 eth0
10.6.100.0      0.0.0.0         255.255.255.0   U         0 0          0 eth1
0.0.0.0         10.6.3.129      0.0.0.0         UG        0 0          0 eth0
+ _________________________ proc/net/ipsec_spi
+ test -r proc/net/ipsec_spi
+ _________________________ proc/net/ipsec_spigrp
+ test -r /proc/net/ipsec_spigrp
+ _________________________ proc/net/ipsec_tncfg
+ test -r /proc/net/ipsec_tncfg
+ _________________________ proc/net/pfkey
+ test -r /proc/net/pfkey
+ cat /proc/net/pfkey
sk       RefCnt Rmem   Wmem   User   Inode
+ _________________________ setkey-D
+ setkey -D
10.6.3.133 10.6.3.132 
	esp mode=tunnel spi=2680898582(0x9fcb4416) reqid=16389(0x00004005)
	E: 3des-cbc  3d97830a e6366157 134af78c 8ba84c9b 7cadeaef 554fdd77
	A: hmac-md5  0a413dd2 c5ccc1c9 c0923a5d 8b2b865f
	seq=0x00000000 replay=64 flags=0x00000000 state=mature 
	created: Mar  9 11:13:17 2006	current: Mar  9 12:01:43 2006
	diff: 2906(s)	hard: 0(s)	soft: 0(s)
	last: Mar  9 11:14:55 2006	hard: 0(s)	soft: 0(s)
	current: 336(bytes)	hard: 0(bytes)	soft: 0(bytes)
	allocated: 3	hard: 0	soft: 0
	sadb_seq=1 pid=5890 refcnt=0
10.6.3.132 10.6.3.133 
	esp mode=tunnel spi=2125545048(0x7eb13e58) reqid=16389(0x00004005)
	E: 3des-cbc  4f76151f d6f87375 a2c97a81 71361aee 8f9d562c d7836869
	A: hmac-md5  2bc1e637 287bb07d c60c6765 84436f55
	seq=0x00000000 replay=64 flags=0x00000000 state=mature 
	created: Mar  9 11:13:16 2006	current: Mar  9 12:01:43 2006
	diff: 2907(s)	hard: 0(s)	soft: 0(s)
	last: Mar  9 11:13:17 2006	hard: 0(s)	soft: 0(s)
	current: 244368(bytes)	hard: 0(bytes)	soft: 0(bytes)
	allocated: 2910	hard: 0	soft: 0
	sadb_seq=0 pid=5890 refcnt=0
+ _________________________ setkey-D-P
+ setkey -D -P
10.6.3.132[any] 10.6.100.0/24[any] any
	in ipsec
	esp/tunnel/10.6.3.132-10.6.3.133/unique#16389
	created: Mar  9 11:13:16 2006  lastused:                     
	lifetime: 0(s) validtime: 0(s)
	spid=312 seq=8 pid=5891
	refcnt=1
10.6.100.0/24[any] 10.6.3.132[any] any
	out ipsec
	esp/tunnel/10.6.3.133-10.6.3.132/unique#16389
	created: Mar  9 11:13:17 2006  lastused: Mar  9 11:14:57 2006
	lifetime: 0(s) validtime: 0(s)
	spid=329 seq=7 pid=5891
	refcnt=1
10.6.3.132[any] 10.6.100.0/24[any] any
	fwd ipsec
	esp/tunnel/10.6.3.132-10.6.3.133/unique#16389
	created: Mar  9 11:13:16 2006  lastused: Mar  9 12:01:43 2006
	lifetime: 0(s) validtime: 0(s)
	spid=322 seq=6 pid=5891
	refcnt=2
(per-socket policy) 
	in none
	created: Mar  9 11:13:07 2006  lastused:                     
	lifetime: 0(s) validtime: 0(s)
	spid=299 seq=5 pid=5891
	refcnt=1
(per-socket policy) 
	in none
	created: Mar  9 11:13:07 2006  lastused: Mar  9 11:58:26 2006
	lifetime: 0(s) validtime: 0(s)
	spid=283 seq=4 pid=5891
	refcnt=1
(per-socket policy) 
	in none
	created: Mar  9 11:13:07 2006  lastused:                     
	lifetime: 0(s) validtime: 0(s)
	spid=267 seq=3 pid=5891
	refcnt=1
(per-socket policy) 
	out none
	created: Mar  9 11:13:07 2006  lastused:                     
	lifetime: 0(s) validtime: 0(s)
	spid=308 seq=2 pid=5891
	refcnt=1
(per-socket policy) 
	out none
	created: Mar  9 11:13:07 2006  lastused: Mar  9 11:58:26 2006
	lifetime: 0(s) validtime: 0(s)
	spid=292 seq=1 pid=5891
	refcnt=1
(per-socket policy) 
	out none
	created: Mar  9 11:13:07 2006  lastused:                     
	lifetime: 0(s) validtime: 0(s)
	spid=276 seq=0 pid=5891
	refcnt=1
+ _________________________ proc/sys/net/ipsec-star
+ test -d /proc/sys/net/ipsec
+ _________________________ ipsec/status
+ ipsec auto --status
000 interface lo/lo 127.0.0.1
000 interface eth0/eth0 10.6.3.133
000 interface eth1/eth1 10.6.100.254
000 %myid = (none)
000 debug raw+crypt+parsing+emitting+control+lifecycle+klips+dns+oppo+controlmore+pfkey+nattraversal+x509
000  
000 algorithm ESP encrypt: id=2, name=ESP_DES, ivlen=8, keysizemin=64, keysizemax=64
000 algorithm ESP encrypt: id=3, name=ESP_3DES, ivlen=8, keysizemin=192, keysizemax=192
000 algorithm ESP encrypt: id=7, name=ESP_BLOWFISH, ivlen=8, keysizemin=40, keysizemax=448
000 algorithm ESP encrypt: id=11, name=ESP_NULL, ivlen=0, keysizemin=0, keysizemax=0
000 algorithm ESP encrypt: id=12, name=ESP_AES, ivlen=8, keysizemin=128, keysizemax=256
000 algorithm ESP encrypt: id=252, name=ESP_SERPENT, ivlen=8, keysizemin=128, keysizemax=256
000 algorithm ESP encrypt: id=253, name=ESP_TWOFISH, ivlen=8, keysizemin=128, keysizemax=256
000 algorithm ESP auth attr: id=1, name=AUTH_ALGORITHM_HMAC_MD5, keysizemin=128, keysizemax=128
000 algorithm ESP auth attr: id=2, name=AUTH_ALGORITHM_HMAC_SHA1, keysizemin=160, keysizemax=160
000 algorithm ESP auth attr: id=5, name=AUTH_ALGORITHM_HMAC_SHA2_256, keysizemin=256, keysizemax=256
000 algorithm ESP auth attr: id=251, name=(null), keysizemin=0, keysizemax=0
000  
000 algorithm IKE encrypt: id=7, name=OAKLEY_AES_CBC, blocksize=16, keydeflen=128
000 algorithm IKE encrypt: id=5, name=OAKLEY_3DES_CBC, blocksize=8, keydeflen=192
000 algorithm IKE hash: id=2, name=OAKLEY_SHA, hashsize=20
000 algorithm IKE hash: id=1, name=OAKLEY_MD5, hashsize=16
000 algorithm IKE dh group: id=2, name=OAKLEY_GROUP_MODP1024, bits=1024
000 algorithm IKE dh group: id=5, name=OAKLEY_GROUP_MODP1536, bits=1536
000 algorithm IKE dh group: id=14, name=OAKLEY_GROUP_MODP2048, bits=2048
000 algorithm IKE dh group: id=15, name=OAKLEY_GROUP_MODP3072, bits=3072
000 algorithm IKE dh group: id=16, name=OAKLEY_GROUP_MODP4096, bits=4096
000 algorithm IKE dh group: id=17, name=OAKLEY_GROUP_MODP6144, bits=6144
000 algorithm IKE dh group: id=18, name=OAKLEY_GROUP_MODP8192, bits=8192
000  
000 stats db_ops.c: {curr_cnt, total_cnt, maxsz} :context={0,0,0} trans={0,0,0} attrs={0,0,0} 
000  
000 "road": 10.6.100.0/24===10.6.3.133[@multilinus.multibel.it]...%any[@multibel1.multibel.it]; unrouted; eroute owner: #0
000 "road":   ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0
000 "road":   policy: RSASIG+ENCRYPT+TUNNEL+PFS; prio: 24,32; interface: eth0; 
000 "road":   newest ISAKMP SA: #0; newest IPsec SA: #0; 
000 "road":   IKE algorithms wanted: 5_000-1-5, 5_000-1-2, 5_000-2-5, 5_000-2-2, flags=-strict
000 "road":   IKE algorithms found:  5_192-1_128-5, 5_192-1_128-2, 5_192-2_160-5, 5_192-2_160-2, 
000 "road":   ESP algorithms wanted: 3_000-1, 3_000-2, flags=-strict
000 "road":   ESP algorithms loaded: 3_000-1, 3_000-2, flags=-strict
000 "road"[1]: 10.6.100.0/24===10.6.3.133[@multilinus.multibel.it]...10.6.3.132[@multibel1.multibel.it]; erouted; eroute owner: #2
000 "road"[1]:   ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0
000 "road"[1]:   policy: RSASIG+ENCRYPT+TUNNEL+PFS; prio: 24,32; interface: eth0; 
000 "road"[1]:   newest ISAKMP SA: #3; newest IPsec SA: #2; 
000 "road"[1]:   IKE algorithms wanted: 5_000-1-5, 5_000-1-2, 5_000-2-5, 5_000-2-2, flags=-strict
000 "road"[1]:   IKE algorithms found:  5_192-1_128-5, 5_192-1_128-2, 5_192-2_160-5, 5_192-2_160-2, 
000 "road"[1]:   IKE algorithm newest: 3DES_CBC_192-MD5-MODP1536
000 "road"[1]:   ESP algorithms wanted: 3_000-1, 3_000-2, flags=-strict
000 "road"[1]:   ESP algorithms loaded: 3_000-1, 3_000-2, flags=-strict
000 "road"[1]:   ESP algorithm newest: 3DES_0-HMAC_MD5; pfsgroup=<Phase1>
000  
000 #3: "road"[1] 10.6.3.132 STATE_MAIN_R3 (sent MR3, ISAKMP SA established); EVENT_SA_REPLACE in 3133s; newest ISAKMP
000 #2: "road"[1] 10.6.3.132 STATE_QUICK_R2 (IPsec SA established); EVENT_SA_REPLACE in 25624s; newest IPSEC; eroute owner
000 #2: "road"[1] 10.6.3.132 esp.9fcb4416 at 10.6.3.132 esp.7eb13e58 at 10.6.3.133 tun.0 at 10.6.3.132 tun.0 at 10.6.3.133
000 #1: "road"[1] 10.6.3.132 STATE_MAIN_R3 (sent MR3, ISAKMP SA established); EVENT_SA_REPLACE in 422s
000  
+ _________________________ ifconfig-a
+ ifconfig -a
eth0      Link encap:Ethernet  HWaddr 00:13:D4:B2:D4:8B  
          inet addr:10.6.3.133  Bcast:10.255.255.255  Mask:255.255.255.128
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:645595 errors:0 dropped:0 overruns:0 frame:0
          TX packets:107615 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:164807835 (157.1 MiB)  TX bytes:8102422 (7.7 MiB)
          Interrupt:19 Base address:0xed00 

eth1      Link encap:Ethernet  HWaddr 00:13:49:24:4C:4C  
          inet addr:10.6.100.254  Bcast:10.255.255.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:2044 errors:0 dropped:0 overruns:0 frame:0
          TX packets:670 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:486855 (475.4 KiB)  TX bytes:65954 (64.4 KiB)
          Interrupt:18 Base address:0xee00 

eth2      Link encap:Ethernet  HWaddr 00:13:49:24:5E:B5  
          BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)
          Interrupt:19 Base address:0xe000 

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:148625 errors:0 dropped:0 overruns:0 frame:0
          TX packets:148625 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:12254252 (11.6 MiB)  TX bytes:12254252 (11.6 MiB)

+ _________________________ ipsec_verify
+ ipsec verify --nocolour
Checking your system to see if IPsec got installed and started correctly:
Version check and ipsec on-path                                  	[OK]
Linux Openswan U2.2.0/K2.4.27-2-386 (native)
Checking for IPsec support in kernel                             	[OK]
Checking for RSA private key (/etc/ipsec.secrets)                	[OK]
Checking that pluto is running                                   	[OK]
Two or more interfaces found, checking IP forwarding             	[OK]
Checking NAT and MASQUERADEing                                   	[OK]
Checking for 'ip' command                                        	[OK]
Checking for 'iptables' command                                  	[OK]
Checking for 'setkey' command for native IPsec stack support     	[OK]

Opportunistic Encryption DNS checks:
   Looking for TXT in forward dns zone: multilinus               	[MISSING]
   Does the machine have at least one non-private address?       	[FAILED]
+ _________________________ mii-tool
+ '[' -x /sbin/mii-tool ']'
+ /sbin/mii-tool -v
eth0: negotiated 100baseTx-FD, link ok
  product info: vendor 00:00:00, model 0 rev 0
  basic mode:   autonegotiation enabled
  basic status: autonegotiation complete, link ok
  capabilities: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD
  advertising:  100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD
  link partner: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD flow-control
eth1: negotiated 100baseTx-FD, link ok
  product info: vendor 00:00:00, model 0 rev 0
  basic mode:   autonegotiation enabled
  basic status: autonegotiation complete, link ok
  capabilities: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD
  advertising:  100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD
  link partner: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD
SIOCGMIIPHY on 'eth2' failed: Invalid argument
+ _________________________ ipsec/directory
+ ipsec --directory
/usr/lib/ipsec
+ _________________________ hostname/fqdn
+ hostname --fqdn
localhost.localdomain
+ _________________________ hostname/ipaddress
+ hostname --ip-address
127.0.0.1 
+ _________________________ uptime
+ uptime
 12:01:46 up  2:38,  6 users,  load average: 0.02, 0.04, 0.00
+ _________________________ ps
+ ps alxwf
+ egrep -i 'ppid|pluto|ipsec|klips'
F   UID   PID  PPID PRI  NI   VSZ  RSS WCHAN  STAT TTY        TIME COMMAND
0     0  5870  4874  16   0  2628 1328 wait4  S+   pts/4      0:00          \_ /bin/sh /usr/lib/ipsec/barf
1     0  5941  5870  15   0  2628 1328 -      R+   pts/4      0:00              \_ /bin/sh /usr/lib/ipsec/barf
1     0  4303     1   9   0  2204 1104 wait4  S    pts/3      0:00 /bin/bash /usr/lib/ipsec/_plutorun --debug all --uniqueids yes --nocrsend  --strictcrlpolicy  --nat_traversal  --keep_alive  --force_keepalive  --disable_port_floating  --virtual_private  --crlcheckinterval 0 --ocspuri  --dump  --opts  --stderrlog  --wait no --pre  --post  --log daemon.error --pid /var/run/pluto.pid
1     0  4307  4303   9   0  2204 1112 wait4  S    pts/3      0:00  \_ /bin/bash /usr/lib/ipsec/_plutorun --debug all --uniqueids yes --nocrsend  --strictcrlpolicy  --nat_traversal  --keep_alive  --force_keepalive  --disable_port_floating  --virtual_private  --crlcheckinterval 0 --ocspuri  --dump  --opts  --stderrlog  --wait no --pre  --post  --log daemon.error --pid /var/run/pluto.pid
4     0  4314  4307   9   0  2348 1240 select S    pts/3      0:00  |   \_ /usr/lib/ipsec/pluto --nofork --secretsfile /etc/ipsec.secrets --ipsecdir /etc/ipsec.d --debug-all --uniqueids
0     0  4352  4314   9   0  1312  284 select S    pts/3      0:00  |       \_ _pluto_adns -d
0     0  4308  4303   8   0  2180 1088 pipe_w S    pts/3      0:00  \_ /bin/sh /usr/lib/ipsec/_plutoload --wait no --post 
0     0  4304     1   9   0  1376  384 pipe_w S    pts/3      0:00 logger -s -p daemon.error -t ipsec__plutorun
+ _________________________ ipsec/showdefaults
+ ipsec showdefaults
routephys=eth0
routevirt=ipsec0
routeaddr=10.6.3.133
routenexthop=10.6.3.129
+ _________________________ ipsec/conf
+ ipsec _include /etc/ipsec.conf
+ ipsec _keycensor

#< /etc/ipsec.conf 1
# /etc/ipsec.conf - Openswan IPsec configuration file
# RCSID $Id: ipsec.conf.in,v 1.13 2004/03/24 04:14:39 ken Exp $

# This file:  /usr/share/doc/openswan/ipsec.conf-sample
#
# Manual:     ipsec.conf.5


version	2.0	# conforms to second version of ipsec.conf specification

# basic configuration
config setup
	# Debug-logging controls:  "none" for (almost) none, "all" for lots.
	# klipsdebug=none
	plutodebug=all #"control parsing"
	#plutostderrlog=

# Add connections here

# road-warrior VPN connection
conn road
	# Left security gateway, subnet behind it, next hop toward right.
	left=10.6.3.133
	leftid=@multilinus.multibel.it
	leftsubnet=10.6.100.0/24
	leftrsasigkey=[keyid AQN74Z87R]
	# Right road-warrior
	rightnexthop=%direct
	right=%any
	rightid=@multibel1.multibel.it
	rightrsasigkey=[keyid AQO9mjElL]
	# To authorize this connection, but not actually start it, at startup,
	# uncomment this.
	auto=add

#Disable Opportunistic Encryption

#< /etc/ipsec.d/examples/no_oe.conf 1
# 'include' this file to disable Opportunistic Encryption.
# See /usr/share/doc/openswan/policygroups.html for details.
#
# RCSID $Id: no_oe.conf.in,v 1.1 2004/01/20 19:24:23 sam Exp $
conn block 
    auto=ignore

conn private 
    auto=ignore

conn private-or-clear 
    auto=ignore

conn clear-or-private 
    auto=ignore

conn clear 
    auto=ignore

conn packetdefault 
    auto=ignore

#> /etc/ipsec.conf 38
+ _________________________ ipsec/secrets
+ ipsec _include /etc/ipsec.secrets
+ ipsec _secretcensor

#< /etc/ipsec.secrets 1
: RSA	{
	# RSA 2048 bits   multilinus   Tue Feb  7 17:51:12 2006
	# for signatures only, UNSAFE FOR ENCRYPTION
	#pubkey=[keyid AQN74Z87R]
	Modulus: [...]
	PublicExponent: [...]
	# everything after this point is secret
	PrivateExponent: [...]
	Prime1: [...]
	Prime2: [...]
	Exponent1: [...]
	Exponent2: [...]
	Coefficient: [...]
	}
+ _________________________ ipsec/listall
+ ipsec auto --listall
000  
000 List of Public Keys:
000  
000 Mar 09 11:13:07 2006, 2048 RSA Key AQO9mjElL, until --- -- --:--:-- ---- ok (expires never)
000        ID_FQDN '@multibel1.multibel.it'
000 Mar 09 11:13:07 2006, 2048 RSA Key AQN74Z87R, until --- -- --:--:-- ---- ok (expires never)
000        ID_FQDN '@multilinus.multibel.it'
+ '[' /etc/ipsec.d/policies ']'
++ basename /etc/ipsec.d/policies/block
+ base=block
+ _________________________ ipsec/policies/block
+ cat /etc/ipsec.d/policies/block
# This file defines the set of CIDRs (network/mask-length) to which
# communication should never be allowed.
#
# See /usr/share/doc/openswan/policygroups.html for details.
#
# $Id: block.in,v 1.4 2003/02/17 02:22:15 mcr Exp $
#

++ basename /etc/ipsec.d/policies/clear
+ base=clear
+ _________________________ ipsec/policies/clear
+ cat /etc/ipsec.d/policies/clear
# This file defines the set of CIDRs (network/mask-length) to which
# communication should always be in the clear.
#
# See /usr/share/doc/openswan/policygroups.html for details.
#
# $Id: clear.in,v 1.4 2003/02/17 02:22:15 mcr Exp $
#
++ basename /etc/ipsec.d/policies/clear-or-private
+ base=clear-or-private
+ _________________________ ipsec/policies/clear-or-private
+ cat /etc/ipsec.d/policies/clear-or-private
# This file defines the set of CIDRs (network/mask-length) to which
# we will communicate in the clear, or, if the other side initiates IPSEC,
# using encryption.  This behaviour is also called "Opportunistic Responder".
#
# See /usr/share/doc/openswan/policygroups.html for details.
#
# $Id: clear-or-private.in,v 1.4 2003/02/17 02:22:15 mcr Exp $
#
++ basename /etc/ipsec.d/policies/private
+ base=private
+ _________________________ ipsec/policies/private
+ cat /etc/ipsec.d/policies/private
# This file defines the set of CIDRs (network/mask-length) to which
# communication should always be private (i.e. encrypted).
# See /usr/share/doc/openswan/policygroups.html for details.
#
# $Id: private.in,v 1.4 2003/02/17 02:22:15 mcr Exp $
#
++ basename /etc/ipsec.d/policies/private-or-clear
+ base=private-or-clear
+ _________________________ ipsec/policies/private-or-clear
+ cat /etc/ipsec.d/policies/private-or-clear
# This file defines the set of CIDRs (network/mask-length) to which
# communication should be private, if possible, but in the clear otherwise.
#
# If the target has a TXT (later IPSECKEY) record that specifies
# authentication material, we will require private (i.e. encrypted)
# communications.  If no such record is found, communications will be
# in the clear.
#
# See /usr/share/doc/openswan/policygroups.html for details.
#
# $Id: private-or-clear.in,v 1.5 2003/02/17 02:22:15 mcr Exp $
#

0.0.0.0/0
+ _________________________ ipsec/ls-libdir
+ ls -l /usr/lib/ipsec
total 1376
-rwxr-xr-x  1 root root  15404 May 24  2005 _confread
-rwxr-xr-x  1 root root   4612 May 24  2005 _copyright
-rwxr-xr-x  1 root root   2380 May 24  2005 _include
-rwxr-xr-x  1 root root   1476 May 24  2005 _keycensor
-rwxr-xr-x  1 root root   9784 May 24  2005 _pluto_adns
-rwxr-xr-x  1 root root   3586 May 24  2005 _plutoload
-rwxr-xr-x  1 root root   7165 May 24  2005 _plutorun
-rwxr-xr-x  1 root root  10494 May 24  2005 _realsetup
-rwxr-xr-x  1 root root   1976 May 24  2005 _secretcensor
-rwxr-xr-x  1 root root   9013 May 24  2005 _startklips
-rwxr-xr-x  1 root root  12313 May 24  2005 _updown
-rwxr-xr-x  1 root root   7572 May 24  2005 _updown_x509
-rwxr-xr-x  1 root root  19222 May 24  2005 auto
-rwxr-xr-x  1 root root  10224 May 24  2005 barf
-rwxr-xr-x  1 root root    816 May 24  2005 calcgoo
-rwxr-xr-x  1 root root  80792 May 24  2005 eroute
-rwxr-xr-x  1 root root   1942 May 24  2005 ipsec_pr.template
-rwxr-xr-x  1 root root  60664 May 24  2005 klipsdebug
-rwxr-xr-x  1 root root   2462 May 24  2005 look
-rwxr-xr-x  1 root root   7118 May 24  2005 mailkey
-rwxr-xr-x  1 root root  16190 May 24  2005 manual
-rwxr-xr-x  1 root root   1874 May 24  2005 newhostkey
-rwxr-xr-x  1 root root  53196 May 24  2005 pf_key
-rwxr-xr-x  1 root root 590808 May 24  2005 pluto
-rwxr-xr-x  1 root root   6616 May 24  2005 ranbits
-rwxr-xr-x  1 root root  18584 May 24  2005 rsasigkey
-rwxr-xr-x  1 root root    766 May 24  2005 secrets
-rwxr-xr-x  1 root root  17570 May 24  2005 send-pr
lrwxrwxrwx  1 root root     17 Jan 25 12:50 setup -> /etc/init.d/ipsec
-rwxr-xr-x  1 root root   1048 May 24  2005 showdefaults
-rwxr-xr-x  1 root root   4365 May 24  2005 showhostkey
-rwxr-xr-x  1 root root 118200 May 24  2005 spi
-rwxr-xr-x  1 root root  68408 May 24  2005 spigrp
-rwxr-xr-x  1 root root  81752 May 24  2005 starter
-rwxr-xr-x  1 root root   9744 May 24  2005 tncfg
-rwxr-xr-x  1 root root  10189 May 24  2005 verify
-rwxr-xr-x  1 root root  42968 May 24  2005 whack
+ _________________________ ipsec/ls-execdir
+ ls -l /usr/lib/ipsec
total 1376
-rwxr-xr-x  1 root root  15404 May 24  2005 _confread
-rwxr-xr-x  1 root root   4612 May 24  2005 _copyright
-rwxr-xr-x  1 root root   2380 May 24  2005 _include
-rwxr-xr-x  1 root root   1476 May 24  2005 _keycensor
-rwxr-xr-x  1 root root   9784 May 24  2005 _pluto_adns
-rwxr-xr-x  1 root root   3586 May 24  2005 _plutoload
-rwxr-xr-x  1 root root   7165 May 24  2005 _plutorun
-rwxr-xr-x  1 root root  10494 May 24  2005 _realsetup
-rwxr-xr-x  1 root root   1976 May 24  2005 _secretcensor
-rwxr-xr-x  1 root root   9013 May 24  2005 _startklips
-rwxr-xr-x  1 root root  12313 May 24  2005 _updown
-rwxr-xr-x  1 root root   7572 May 24  2005 _updown_x509
-rwxr-xr-x  1 root root  19222 May 24  2005 auto
-rwxr-xr-x  1 root root  10224 May 24  2005 barf
-rwxr-xr-x  1 root root    816 May 24  2005 calcgoo
-rwxr-xr-x  1 root root  80792 May 24  2005 eroute
-rwxr-xr-x  1 root root   1942 May 24  2005 ipsec_pr.template
-rwxr-xr-x  1 root root  60664 May 24  2005 klipsdebug
-rwxr-xr-x  1 root root   2462 May 24  2005 look
-rwxr-xr-x  1 root root   7118 May 24  2005 mailkey
-rwxr-xr-x  1 root root  16190 May 24  2005 manual
-rwxr-xr-x  1 root root   1874 May 24  2005 newhostkey
-rwxr-xr-x  1 root root  53196 May 24  2005 pf_key
-rwxr-xr-x  1 root root 590808 May 24  2005 pluto
-rwxr-xr-x  1 root root   6616 May 24  2005 ranbits
-rwxr-xr-x  1 root root  18584 May 24  2005 rsasigkey
-rwxr-xr-x  1 root root    766 May 24  2005 secrets
-rwxr-xr-x  1 root root  17570 May 24  2005 send-pr
lrwxrwxrwx  1 root root     17 Jan 25 12:50 setup -> /etc/init.d/ipsec
-rwxr-xr-x  1 root root   1048 May 24  2005 showdefaults
-rwxr-xr-x  1 root root   4365 May 24  2005 showhostkey
-rwxr-xr-x  1 root root 118200 May 24  2005 spi
-rwxr-xr-x  1 root root  68408 May 24  2005 spigrp
-rwxr-xr-x  1 root root  81752 May 24  2005 starter
-rwxr-xr-x  1 root root   9744 May 24  2005 tncfg
-rwxr-xr-x  1 root root  10189 May 24  2005 verify
-rwxr-xr-x  1 root root  42968 May 24  2005 whack
+ _________________________ ipsec/updowns
++ ls /usr/lib/ipsec
++ egrep updown
+ cat /usr/lib/ipsec/_updown
#! /bin/sh
# iproute2 version, default updown script
#
# Copyright (C) 2003-2004 Nigel Meteringham
# Copyright (C) 2003-2004 Tuomo Soini
# Copyright (C) 2002-2004 Michael Richardson <mcr at xelerance.com>
# 
# This program is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by the
# Free Software Foundation; either version 2 of the License, or (at your
# option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
# 
# This program is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
# or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
# for more details.
#
# RCSID $Id: _updown.ip2.in,v 1.11 2004/06/01 13:30:57 ken Exp $



# CAUTION:  Installing a new version of FreeS/WAN will install a new
# copy of this script, wiping out any custom changes you make.  If
# you need changes, make a copy of this under another name, and customize
# that, and use the (left/right)updown parameters in ipsec.conf to make
# FreeS/WAN use yours instead of this default one.

LC_ALL=C export LC_ALL

# things that this script gets (from ipsec_pluto(8) man page)
#
#
#      PLUTO_VERSION
#              indicates  what  version of this interface is being
#              used.  This document describes version  1.1.   This
#              is upwardly compatible with version 1.0.
#
#       PLUTO_VERB
#              specifies the name of the operation to be performed
#              (prepare-host, prepare-client, up-host, up-client,
#              down-host, or down-client).  If the address family
#              for security gateway to security gateway communica­
#              tions is IPv6, then a suffix of -v6 is added to the
#              verb.
#
#       PLUTO_CONNECTION
#              is the name of the  connection  for  which  we  are
#              routing.
#
#       PLUTO_CONN_POLICY
#              the policy of the connection, as in:
#     RSASIG+ENCRYPT+TUNNEL+PFS+DONTREKEY+OPPORTUNISTIC+failureDROP+lKOD+rKOD  
#
#       PLUTO_NEXT_HOP
#              is the next hop to which packets bound for the peer
#              must be sent.
#
#       PLUTO_INTERFACE
#              is the name of the ipsec interface to be used.
#
#       PLUTO_ME
#              is the IP address of our host.
#
#       PLUTO_MY_CLIENT
#              is the IP address / count of our client subnet.  If
#              the  client  is  just  the  host,  this will be the
#              host's own IP address / max (where max  is  32  for
#              IPv4 and 128 for IPv6).
#
#       PLUTO_MY_CLIENT_NET
#              is the IP address of our client net.  If the client
#              is just the host, this will be the  host's  own  IP
#              address.
#
#       PLUTO_MY_CLIENT_MASK
#              is  the  mask for our client net.  If the client is
#              just the host, this will be 255.255.255.255.
#
#       PLUTO_MY_SOURCEIP
#              if non-empty, then the source address for the route will be
#              set to this IP address.
#
#       PLUTO_PEER
#              is the IP address of our peer.
#
#       PLUTO_PEER_CLIENT
#              is the IP address / count of the peer's client sub­
#              net.   If the client is just the peer, this will be
#              the peer's own IP address / max (where  max  is  32
#              for IPv4 and 128 for IPv6).
#
#       PLUTO_PEER_CLIENT_NET
#              is the IP address of the peer's client net.  If the
#              client is just the peer, this will  be  the  peer's
#              own IP address.
#
#       PLUTO_PEER_CLIENT_MASK
#              is  the  mask  for  the  peer's client net.  If the
#              client   is   just   the   peer,   this   will   be
#              255.255.255.255.
#
# PLUTO_CONNECTION_TYPE
#

# check interface version
case "$PLUTO_VERSION" in
1.[0])	# Older Pluto?!?  Play it safe, script may be using new features.
	echo "$0: obsolete interface version \`$PLUTO_VERSION'," >&2
	echo "$0: 	called by obsolete Pluto?" >&2
	exit 2
	;;
1.*)	;;
*)	echo "$0: unknown interface version \`$PLUTO_VERSION'" >&2
	exit 2
	;;
esac

# check parameter(s)
case "$1:$*" in
':')			# no parameters
	;;
ipfwadm:ipfwadm)	# due to (left/right)firewall; for default script only
	;;
custom:*)		# custom parameters (see above CAUTION comment)
	;;
*)	echo "$0: unknown parameters \`$*'" >&2
	exit 2
	;;
esac

# utility functions for route manipulation
# Meddling with this stuff should not be necessary and requires great care.
uproute() {
	doroute add
	ip route flush cache
}
downroute() {
	doroute delete
	ip route flush cache
}

uprule() {
	# policy based advanced routing
	if [ -n "$PLUTO_IPROUTETABLE" ] && [ "$PLUTO_IPROUTETABLE" != "main" ]
	then
	    dorule delete
	    dorule add
	fi
	# virtual sourceip support
	if [ -n "$PLUTO_MY_SOURCEIP" ] && ["$PLUTO_MY_SOURCEIP" != "no" ]
	then
	    addsource
	    changesource
	fi
	ip route flush cache
}

downrule() {
	if [ -n "$PLUTO_MY_SOURCEIP" ] && [ "$PLUTO_IPROUTETABLE" != "main" ]
	then
	    dorule delete
	    ip route flush cache
	fi
}

addsource() {
	st=0
	if ! ip -o route get ${PLUTO_MY_SOURCEIP%/*} | grep -q ^local
	then
	    it="ip addr add ${PLUTO_MY_SOURCEIP%/*}/32 dev $PLUTO_INTERFACE"
	    oops="`eval $it 2>&1`"
	    st=$?
	    if test " $oops" = " " -a " $st" != " 0"
	    then
		oops="silent error, exit status $st"
	    fi
	    if test " $oops" != " " -o " $st" != " 0"
	    then
		echo "$0: addsource \`$it' failed ($oops)" >&2
	    fi
	fi
	return $st
}

changesource() {
	st=0
	parms="$PLUTO_PEER_CLIENT"
	parms2="dev $PLUTO_INTERFACE"
	parms3="src ${PLUTO_MY_SOURCEIP%/*}"
	if [ -n "$PLUTO_IPROUTETABLE" ] && [ "$PLUTO_IPROUTETABLE" != "main" ]
	then
	    parms3="$parms3 table '$PLUTO_IPROUTETABLE'"
	fi
 	case "$PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK" in
 	"0.0.0.0/0.0.0.0")
		# opportunistic encryption work around
		it=
 		;;
 	esac
	oops="`eval $it 2>&1`"
 	st=$?
	if test " $oops" = " " -a " $st" != " 0"
 	then
	    oops="silent error, exit status $st"
	fi
	if test " $oops" != " " -o " $st" != " 0"
	then
	    echo "$0: changesource \`$it' failed ($oops)" >&2
 	fi
 	return $st
}

dorule() {
	st=0
	it2=
	iprule="from $PLUTO_MY_CLIENT"
	iprule2="to $PLUTO_PEER_CLIENT table $PLUTO_IPROUTETABLE"
	case "$PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK" in
	"0.0.0.0/0.0.0.0")
		# opportunistic encryption work around
		st=0
		;;
	*)
		if test "$PLUTO_MY_SOURCEIP" = "no"
		then
		    if test "$PLUTO_ME" = "${PLUTO_MY_CLIENT%/*}"
		    then
			it="ip rule $1 iif lo $iprule2"
		    else
			it="ip rule $1 $iprule $iprule2"
		    fi
		else
		    if test "${PLUTO_MY_SOURCEIP%/*}" = "${PLUTO_MY_CLIENT%/*}"
		    then
			it="ip rule $1 iif lo $iprule2"
		    else
			it="ip rule $1 $iprule $iprule2"
			it2="ip rule $1 iif lo $iprule2"
		    fi
		fi
		oops="`eval $it 2>&1`"
		st=$?
		if test " $oops" = " " -a " $st" != " 0"
		then
		    oops="silent error, exit status $st"
		fi
		case "$oops" in
		'RTNETLINK answers: No such process'*)
			# This is what ip rule gives
			# for "could not find such a rule"
			oops=
			st=0
			;;
		esac
		if test " $oops" != " " -o " $st" != " 0"
		then
		    echo "$0: dorule \`$it' failed ($oops)" >&2
		fi
		if test "$st" = "0" -a -n "$it2"
		then
		    oops="`eval $it2 2>&1`"
		    st=$?
		    if test " $oops" = " " -a " $st" != " 0"
		    then
			oops="silent error, exit status $st"
		    fi
		    case "$oops" in
		    'RTNETLINK answers: No such process'*)
			    # This is what ip rule gives
			    # for "could not find such a rule"
			    oops=
			    st=0
			    ;;
		    esac
		    if test " $oops" != " " -o " $st" != " 0"
		    then
			echo "$0: dorule \`$it2' failed ($oops)" >&2
		    fi
		fi
		;;
	    esac
	return $st
}


doroute() {
	st=0
	parms="$PLUTO_PEER_CLIENT"
	parms2=
	if [ -n "$PLUTO_NEXT_HOP" ]
	then
	   parms2="via $PLUTO_NEXT_HOP"
	fi
	parms2="$parms2 dev $PLUTO_INTERFACE"
	parms3=
	if [ -n "$PLUTO_IPROUTETABLE" ] && [ "$PLUTO_IPROUTETABLE" != "main" ]
	then
	    parms3="table $PLUTO_IPROUTETABLE"
	fi

	if [ -z "$PLUTO_MY_SOURCEIP" ]
	then
	    if [ -f /etc/sysconfig/defaultsource ]
	    then
		. /etc/sysconfig/defaultsource
		if [ -n "$DEFAULTSOURCE" ]
		then
		    PLUTO_MY_SOURCEIP=$DEFAULTSOURCE
		fi
	    fi
        fi

	if test "$1" = "add" -a -n "$PLUTO_MY_SOURCEIP" 
	then
	    addsource
	    parms3="$parms3 src ${PLUTO_MY_SOURCEIP%/*}"
	fi

	case "$PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK" in
	"0.0.0.0/0.0.0.0")
		# opportunistic encryption work around
		# need to provide route that eclipses default, without 
		# replacing it.
		it="ip route $1 0.0.0.0/1 $parms2 &&
			ip route $1 128.0.0.0/1 $parms2"
		;;
	*)	it="ip route $1 $parms $parms2 $parms3"
		;;
	esac
	oops="`eval $it 2>&1`"
	st=$?
	if test " $oops" = " " -a " $st" != " 0"
	then
	    oops="silent error, exit status $st"
	fi
	if test " $oops" != " " -o " $st" != " 0"
	then
	    echo "$0: doroute \`$it' failed ($oops)" >&2
	fi
	return $st
}
 

# the big choice
case "$PLUTO_VERB:$1" in
prepare-host:*|prepare-client:*)
	# delete possibly-existing route (preliminary to adding a route)
	case "$PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK" in
	"0.0.0.0/0.0.0.0")
		# need to provide route that eclipses default, without 
		# replacing it.
		parms1="0.0.0.0/1"
		parms2="128.0.0.0/1"
		it="ip route delete $parms1 2>&1 ; ip route delete $parms2 2>&1"
		oops="`ip route delete $parms1 2>&1 ; ip route delete $parms2 2>&1`"
		;;
	*)
		parms="$PLUTO_PEER_CLIENT"
		it="ip route delete $parms 2>&1"
		oops="`ip route delete $parms 2>&1`"
		;;
	esac
	status="$?"
	if test " $oops" = " " -a " $status" != " 0"
	then
		oops="silent error, exit status $status"
	fi
	case "$oops" in
	*'RTNETLINK answers: No such process'*)	
		# This is what route (currently -- not documented!) gives
		# for "could not find such a route".
		oops=
		status=0
		;;
	esac
	if test " $oops" != " " -o " $status" != " 0"
	then
		echo "$0: \`$it' failed ($oops)" >&2
	fi
	exit $status
	;;
route-host:*|route-client:*)
	# connection to me or my client subnet being routed
	uproute
	;;
unroute-host:*|unroute-client:*)
	# connection to me or my client subnet being unrouted
	downroute
	;;
up-host:*)
	# connection to me coming up
	# If you are doing a custom version, firewall commands go here.
	;;
down-host:*)
	# connection to me going down
	# If you are doing a custom version, firewall commands go here.
	;;
up-client:)
	# connection to my client subnet coming up
	# If you are doing a custom version, firewall commands go here.
	;;
down-client:)
	# connection to my client subnet going down
	# If you are doing a custom version, firewall commands go here.
	;;
up-client:ipfwadm)
	# connection to client subnet, with (left/right)firewall=yes, coming up
	# This is used only by the default updown script, not by your custom
	# ones, so do not mess with it; see CAUTION comment up at top.
	ipfwadm -F -i accept -b -S $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK \
		-D $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK
	;;
down-client:ipfwadm)
	# connection to client subnet, with (left/right)firewall=yes, going down
	# This is used only by the default updown script, not by your custom
	# ones, so do not mess with it; see CAUTION comment up at top.
	ipfwadm -F -d accept -b -S $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK \
		-D $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK
	;;
#
# IPv6
#
prepare-host-v6:*|prepare-client-v6:*)
	;;
route-host-v6:*|route-client-v6:*)
	# connection to me or my client subnet being routed
	#uproute_v6
	;;
unroute-host-v6:*|unroute-client-v6:*)
	# connection to me or my client subnet being unrouted
	#downroute_v6
	;;
up-host-v6:*)
	# connection to me coming up
	# If you are doing a custom version, firewall commands go here.
	;;
down-host-v6:*)
	# connection to me going down
	# If you are doing a custom version, firewall commands go here.
	;;
up-client-v6:)
	# connection to my client subnet coming up
	# If you are doing a custom version, firewall commands go here.
	;;
down-client-v6:)
	# connection to my client subnet going down
	# If you are doing a custom version, firewall commands go here.
	;;
*)	echo "$0: unknown verb \`$PLUTO_VERB' or parameter \`$1'" >&2
	exit 1
	;;
esac
+ cat /usr/lib/ipsec/_updown_x509
#! /bin/sh
#
# customized updown script
#

# logging of VPN connections
#
# tag put in front of each log entry:
TAG=vpn
#
# syslog facility and priority used:
FAC_PRIO=local0.notice
#
# to create a special vpn logging file, put the following line into
# the syslog configuration file /etc/syslog.conf:
#
# local0.notice                   -/var/log/vpn
#
# check interface version
case "$PLUTO_VERSION" in
1.[0])	# Older Pluto?!?  Play it safe, script may be using new features.
	echo "$0: obsolete interface version \`$PLUTO_VERSION'," >&2
	echo "$0: 	called by obsolete Pluto?" >&2
	exit 2
	;;
1.*)	;;
*)	echo "$0: unknown interface version \`$PLUTO_VERSION'" >&2
	exit 2
	;;
esac

# check parameter(s)
case "$1:$*" in
':')			# no parameters
	;;
ipfwadm:ipfwadm)	# due to (left/right)firewall; for default script only
	;;
custom:*)		# custom parameters (see above CAUTION comment)
	;;
*)	echo "$0: unknown parameters \`$*'" >&2
	exit 2
	;;
esac

# utility functions for route manipulation
# Meddling with this stuff should not be necessary and requires great care.
uproute() {
	doroute add
}
downroute() {
	doroute del
}
doroute() {
	parms="-net $PLUTO_PEER_CLIENT_NET netmask $PLUTO_PEER_CLIENT_MASK"
	parms2="dev $PLUTO_INTERFACE gw $PLUTO_NEXT_HOP"
	case "$PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK" in
	"0.0.0.0/0.0.0.0")
		# horrible kludge for obscure routing bug with opportunistic
		it="route $1 -net 0.0.0.0 netmask 128.0.0.0 $parms2 &&"
		it="$it route $1 -net 128.0.0.0 netmask 128.0.0.0 $parms2"
		route $1 -net 0.0.0.0 netmask 128.0.0.0 $parms2 &&
			route $1 -net 128.0.0.0 netmask 128.0.0.0 $parms2
		;;
	*)	it="route $1 $parms $parms2"
		route $1 $parms $parms2
		;;
	esac
	st=$?
	if test $st -ne 0
	then
		# route has already given its own cryptic message
		echo "$0: \`$it' failed" >&2
		if test " $1 $st" = " add 7"
		then
			# another totally undocumented interface -- 7 and
			# "SIOCADDRT: Network is unreachable" means that
			# the gateway isn't reachable.
			echo "$0: (incorrect or missing nexthop setting??)" >&2
		fi
	fi
	return $st
}

# are there port numbers?
if [ "$PLUTO_MY_PORT" != 0 ]
then
	S_MY_PORT="--sport $PLUTO_MY_PORT"
	D_MY_PORT="--dport $PLUTO_MY_PORT"
fi
if [ "$PLUTO_PEER_PORT" != 0 ]
then
	S_PEER_PORT="--sport $PLUTO_PEER_PORT"
	D_PEER_PORT="--dport $PLUTO_PEER_PORT"
fi

# the big choice
case "$PLUTO_VERB:$1" in
prepare-host:*|prepare-client:*)
	# delete possibly-existing route (preliminary to adding a route)
	case "$PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK" in
	"0.0.0.0/0.0.0.0")
		# horrible kludge for obscure routing bug with opportunistic
		parms1="-net 0.0.0.0 netmask 128.0.0.0"
		parms2="-net 128.0.0.0 netmask 128.0.0.0"
		it="route del $parms1 2>&1 ; route del $parms2 2>&1"
		oops="`route del $parms1 2>&1 ; route del $parms2 2>&1`"
		;;
	*)
		parms="-net $PLUTO_PEER_CLIENT_NET netmask $PLUTO_PEER_CLIENT_MASK"
		it="route del $parms 2>&1"
		oops="`route del $parms 2>&1`"
		;;
	esac
	status="$?"
	if test " $oops" = " " -a " $status" != " 0"
	then
		oops="silent error, exit status $status"
	fi
	case "$oops" in
	'SIOCDELRT: No such process'*)
		# This is what route (currently -- not documented!) gives
		# for "could not find such a route".
		oops=
		status=0
		;;
	esac
	if test " $oops" != " " -o " $status" != " 0"
	then
		echo "$0: \`$it' failed ($oops)" >&2
	fi
	exit $status
	;;
route-host:*|route-client:*)
	# connection to me or my client subnet being routed
	uproute
	;;
unroute-host:*|unroute-client:*)
	# connection to me or my client subnet being unrouted
	downroute
	;;
up-host:*)
	# connection to me coming up
	# If you are doing a custom version, firewall commands go here.
	iptables -I INPUT 1 -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
	    -s $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $S_PEER_PORT \
	    -d $PLUTO_ME $D_MY_PORT -j ACCEPT
	iptables -I OUTPUT 1 -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
	    -s $PLUTO_ME $S_MY_PORT \
	    -d $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $D_PEER_PORT -j ACCEPT
	#
	if [ "$PLUTO_PEER_CLIENT" == "$PLUTO_PEER/32" ]
	then
	  logger -t $TAG -p $FAC_PRIO \
	    "+ `echo -e $PLUTO_PEER_ID` $PLUTO_PEER -- $PLUTO_ME"
	else
	  logger -t $TAG -p $FAC_PRIO \
	    "+ `echo -e $PLUTO_PEER_ID` $PLUTO_PEER_CLIENT == $PLUTO_PEER -- $PLUTO_ME"
	fi
	;;
down-host:*)
	# connection to me going down
	# If you are doing a custom version, firewall commands go here.
	iptables -D INPUT -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
	    -s $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $S_PEER_PORT \
	    -d $PLUTO_ME $D_MY_PORT -j ACCEPT
	iptables -D OUTPUT -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
	    -s $PLUTO_ME $S_MY_PORT \
	    -d $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $D_PEER_PORT -j ACCEPT
	#
	if [ "$PLUTO_PEER_CLIENT" == "$PLUTO_PEER/32" ]
	then
	  logger -t $TAG -p $FAC_PRIO -- \
	    "- `echo -e $PLUTO_PEER_ID` $PLUTO_PEER -- $PLUTO_ME"
	else
	  logger -t $TAG -p $FAC_PRIO -- \
	  "- `echo -e $PLUTO_PEER_ID` $PLUTO_PEER_CLIENT == $PLUTO_PEER -- $PLUTO_ME"
	fi
	;;
up-client:)
        # connection to my client subnet coming up
	# If you are doing a custom version, firewall commands go here.
	iptables -I FORWARD 1 -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
	    -s $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK $S_MY_PORT \
	    -d $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $D_PEER_PORT -j ACCEPT
	iptables -I FORWARD 1 -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
	    -s $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $S_PEER_PORT \
	    -d $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK $D_MY_PORT -j ACCEPT
	#
	if [ "$PLUTO_PEER_CLIENT" == "$PLUTO_PEER/32" ]
	then
	  logger -t $TAG -p $FAC_PRIO \
	    "+ `echo -e $PLUTO_PEER_ID` $PLUTO_PEER -- $PLUTO_ME == $PLUTO_MY_CLIENT"
	else
	  logger -t $TAG -p $FAC_PRIO \
	    "+ `echo -e $PLUTO_PEER_ID` $PLUTO_PEER_CLIENT == $PLUTO_PEER -- $PLUTO_ME == $PLUTO_MY_CLIENT"
	fi
	;;
down-client:)
        # connection to my client subnet going down
        # If you are doing a custom version, firewall commands go here.
	iptables -D FORWARD -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
	    -s $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK $S_MY_PORT \
	    -d $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $D_PEER_PORT -j ACCEPT
	iptables -D FORWARD -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
	    -s $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $S_PEER_PORT \
	    -d $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK $D_MY_PORT -j ACCEPT
	#
	if [ "$PLUTO_PEER_CLIENT" == "$PLUTO_PEER/32" ]
	then
	  logger -t $TAG -p $FAC_PRIO -- \
	    "- `echo -e $PLUTO_PEER_ID` $PLUTO_PEER -- $PLUTO_ME == $PLUTO_MY_CLIENT"
	else
	  logger -t $TAG -p $FAC_PRIO -- \
	    "- `echo -e $PLUTO_PEER_ID` $PLUTO_PEER_CLIENT == $PLUTO_PEER -- $PLUTO_ME == $PLUTO_MY_CLIENT"
	fi
	;;
up-client:ipfwadm)
	# connection to client subnet, with (left/right)firewall=yes, coming up
	# This is used only by the default updown script, not by your custom
	# ones, so do not mess with it; see CAUTION comment up at top.
	ipfwadm -F -i accept -b -S $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK \
		-D $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK
	;;
down-client:ipfwadm)
	# connection to client subnet, with (left/right)firewall=yes, going down
	# This is used only by the default updown script, not by your custom
	# ones, so do not mess with it; see CAUTION comment up at top.
	ipfwadm -F -d accept -b -S $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK \
		-D $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK
	;;
*)	echo "$0: unknown verb \`$PLUTO_VERB' or parameter \`$1'" >&2
	exit 1
	;;
esac
+ _________________________ proc/net/dev
+ cat /proc/net/dev
Inter-|   Receive                                                |  Transmit
 face |bytes    packets errs drop fifo frame compressed multicast|bytes    packets errs drop fifo colls carrier compressed
    lo:12260821  148705    0    0    0     0          0         0 12260821  148705    0    0    0     0       0          0
  eth0:164808575  645601    0    0    0     0          0         0  8103048  107624    0    0    0     0       0          0
  eth1:  487419    2048    0    0    0     0          0         0    66356     672    0    0    0     0       0          0
  eth2:       0       0    0    0    0     0          0         0        0       0    0    0    0     0       0          0
+ _________________________ proc/net/route
+ cat /proc/net/route
Iface	Destination	Gateway 	Flags	RefCnt	Use	Metric	Mask		MTU	Window	IRTT                                                       
eth0	8403060A	8403060A	0007	0	0	0	FFFFFFFF	0	0	0                                                                               
eth0	8003060A	00000000	0001	0	0	0	80FFFFFF	0	0	0                                                                               
eth1	0064060A	00000000	0001	0	0	0	00FFFFFF	0	0	0                                                                               
eth0	00000000	8103060A	0003	0	0	0	00000000	0	0	0                                                                               
+ _________________________ proc/sys/net/ipv4/ip_forward
+ cat /proc/sys/net/ipv4/ip_forward
1
+ _________________________ proc/sys/net/ipv4/conf/star-rp_filter
+ cd /proc/sys/net/ipv4/conf
+ egrep '^' all/rp_filter default/rp_filter eth0/rp_filter eth1/rp_filter lo/rp_filter
all/rp_filter:1
default/rp_filter:1
eth0/rp_filter:1
eth1/rp_filter:1
lo/rp_filter:1
+ _________________________ uname-a
+ uname -a
Linux multilinus 2.4.27-2-386 #1 Mon May 16 16:47:51 JST 2005 i686 GNU/Linux
+ _________________________ config-built-with
+ test -r /proc/config_built_with
+ _________________________ redhat-release
+ test -r /etc/redhat-release
+ test -r /etc/fedora-release
+ _________________________ proc/net/ipsec_version
+ test -r /proc/net/ipsec_version
+ test -r /proc/net/pfkey
++ uname -r
+ echo 'native PFKEY (2.4.27-2-386) support detected '
native PFKEY (2.4.27-2-386) support detected 
+ _________________________ ipfwadm
+ test -r /sbin/ipfwadm
+ ipfwadm -F -l -n -e
Generic IP Firewall Chains not in this kernel
+ _________________________
+ ipfwadm -I -l -n -e
Generic IP Firewall Chains not in this kernel
+ _________________________
+ ipfwadm -O -l -n -e
Generic IP Firewall Chains not in this kernel
+ _________________________
+ ipfwadm -M -l -n -e
Generic IP Firewall Chains not in this kernel
+ _________________________ ipchains
+ test -r /sbin/ipchains
+ ipchains -L -v -n
ipchains: Incompatible with this kernel
+ _________________________
+ ipchains -M -L -v -n
ipchains: cannot open file `/proc/net/ip_masquerade'
+ _________________________ iptables
+ test -r /sbin/iptables
+ iptables -L -v -n
Chain INPUT (policy ACCEPT 121K packets, 10M bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain FORWARD (policy ACCEPT 249 packets, 19077 bytes)
 pkts bytes target     prot opt in     out     source               destination         
 6647  558K DROP       icmp --  *      *       10.6.3.128/25        0.0.0.0/0           icmp type 8 

Chain OUTPUT (policy ACCEPT 113K packets, 9990K bytes)
 pkts bytes target     prot opt in     out     source               destination         
+ _________________________
+ iptables -t nat -L -v -n
Chain PREROUTING (policy ACCEPT 4663 packets, 497K bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain POSTROUTING (policy ACCEPT 913 packets, 55871 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 894 packets, 54169 bytes)
 pkts bytes target     prot opt in     out     source               destination         
+ _________________________
+ iptables -t mangle -L -v -n
Chain PREROUTING (policy ACCEPT 79957 packets, 6937K bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain INPUT (policy ACCEPT 75472 packets, 6495K bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain FORWARD (policy ACCEPT 4283 packets, 359K bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 70617 packets, 6468K bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain POSTROUTING (policy ACCEPT 70754 packets, 6479K bytes)
 pkts bytes target     prot opt in     out     source               destination         
+ _________________________ proc/modules
+ test -f /proc/modules
+ cat /proc/modules
iptable_mangle          2040   0 (autoclean) (unused)
iptable_nat            14766   0 (autoclean) (unused)
ip_conntrack           17000   0 (autoclean) [iptable_nat]
iptable_filter          1644   1 (autoclean)
ip_tables              10400   5 [iptable_mangle iptable_nat iptable_filter]
input                   3040   0 (autoclean)
apm                     8428   1 (autoclean)
parport_pc             19432   1 (autoclean)
lp                      5540   0 (autoclean)
parport                21608   1 (autoclean) [parport_pc lp]
af_packet              11048   2 (autoclean)
deflate                 1068   0 (autoclean)
zlib_deflate           16760   0 (autoclean) [deflate]
twofish                34476   0 (autoclean)
serpent                11564   0 (autoclean)
aes                    31488   0 (autoclean)
blowfish                8428   0 (autoclean)
des                     9932   2 (autoclean)
sha256                  7820   0 (autoclean)
sha1                    7052   0 (autoclean)
md5                     2572   2 (autoclean)
crypto_null              812   0 (autoclean)
xfrm_user               7172   0 (unused)
ipcomp                  3376   0 (unused)
esp4                    5520   2
ah4                     3664   0 (unused)
af_key                 17904   0
ehci-hcd               14764   0 (unused)
nvidia               3645692  12
usb-ohci               16488   0 (unused)
usbcore                52268   1 [ehci-hcd usb-ohci]
i810_audio             21372   1
ac97_codec             11252   0 [i810_audio]
soundcore               3268   2 [i810_audio]
ide-scsi                8272   0
8139too                12328   2
mii                     1952   0 [8139too]
crc32                   2848   0 [8139too]
ide-disk               12448   0
ide-detect               288   0 (unused)
ide-cd                 27072   0
cdrom                  26212   0 [ide-cd]
ide-core               91832   0 [ide-scsi ide-disk ide-detect ide-cd]
rtc                     5768   0 (autoclean)
ext3                   65388   1 (autoclean)
jbd                    34628   1 (autoclean) [ext3]
sd_mod                 10764   4 (autoclean)
sata_sis                1588   2 (autoclean)
libata                 21732   0 (autoclean) [sata_sis]
scsi_mod               86052   3 (autoclean) [ide-scsi sd_mod sata_sis libata]
unix                   12752 217 (autoclean)
+ _________________________ proc/meminfo
+ cat /proc/meminfo
        total:    used:    free:  shared: buffers:  cached:
Mem:  927129600 300302336 626827264        0 44457984 121520128
Swap: 1998733312        0 1998733312
MemTotal:       905400 kB
MemFree:        612136 kB
MemShared:           0 kB
Buffers:         43416 kB
Cached:         118672 kB
SwapCached:          0 kB
Active:         102968 kB
Inactive:       154876 kB
HighTotal:           0 kB
HighFree:            0 kB
LowTotal:       905400 kB
LowFree:        612136 kB
SwapTotal:     1951888 kB
SwapFree:      1951888 kB
+ _________________________ proc/net/ipsec-ls
+ test -f /proc/net/ipsec_version
+ _________________________ usr/src/linux/.config
+ test -f /proc/config.gz
++ uname -r
+ test -f /lib/modules/2.4.27-2-386/build/.config
+ egrep 'CONFIG_NETLINK|CONFIG_IPSEC|CONFIG_NET_KEY|CONFIG_INET|CONFIG_IP'
++ uname -r
+ cat /lib/modules/2.4.27-2-386/build/.config
CONFIG_NETLINK_DEV=m
CONFIG_NET_KEY=m
CONFIG_INET=y
CONFIG_IP_MULTICAST=y
CONFIG_IP_ADVANCED_ROUTER=y
CONFIG_IP_MULTIPLE_TABLES=y
CONFIG_IP_ROUTE_FWMARK=y
CONFIG_IP_ROUTE_NAT=y
CONFIG_IP_ROUTE_MULTIPATH=y
CONFIG_IP_ROUTE_TOS=y
CONFIG_IP_ROUTE_VERBOSE=y
# CONFIG_IP_PNP is not set
CONFIG_IP_MROUTE=y
CONFIG_IP_PIMSM_V1=y
CONFIG_IP_PIMSM_V2=y
# CONFIG_INET_ECN is not set
CONFIG_INET_AH=m
CONFIG_INET_ESP=m
CONFIG_INET_IPCOMP=m
CONFIG_IP_NF_CONNTRACK=m
CONFIG_IP_NF_FTP=m
CONFIG_IP_NF_AMANDA=m
CONFIG_IP_NF_TFTP=m
CONFIG_IP_NF_IRC=m
CONFIG_IP_NF_QUEUE=m
CONFIG_IP_NF_IPTABLES=m
CONFIG_IP_NF_MATCH_LIMIT=m
CONFIG_IP_NF_MATCH_MAC=m
CONFIG_IP_NF_MATCH_PKTTYPE=m
CONFIG_IP_NF_MATCH_MARK=m
CONFIG_IP_NF_MATCH_MULTIPORT=m
CONFIG_IP_NF_MATCH_TOS=m
CONFIG_IP_NF_MATCH_RECENT=m
CONFIG_IP_NF_MATCH_ECN=m
CONFIG_IP_NF_MATCH_DSCP=m
CONFIG_IP_NF_MATCH_AH_ESP=m
CONFIG_IP_NF_MATCH_LENGTH=m
CONFIG_IP_NF_MATCH_TTL=m
CONFIG_IP_NF_MATCH_TCPMSS=m
CONFIG_IP_NF_MATCH_HELPER=m
CONFIG_IP_NF_MATCH_STATE=m
CONFIG_IP_NF_MATCH_CONNTRACK=m
CONFIG_IP_NF_MATCH_UNCLEAN=m
CONFIG_IP_NF_MATCH_OWNER=m
CONFIG_IP_NF_FILTER=m
CONFIG_IP_NF_TARGET_REJECT=m
CONFIG_IP_NF_TARGET_MIRROR=m
CONFIG_IP_NF_NAT=m
CONFIG_IP_NF_NAT_NEEDED=y
CONFIG_IP_NF_TARGET_MASQUERADE=m
CONFIG_IP_NF_TARGET_REDIRECT=m
CONFIG_IP_NF_NAT_AMANDA=m
CONFIG_IP_NF_NAT_LOCAL=y
CONFIG_IP_NF_NAT_SNMP_BASIC=m
CONFIG_IP_NF_NAT_IRC=m
CONFIG_IP_NF_NAT_FTP=m
CONFIG_IP_NF_NAT_TFTP=m
CONFIG_IP_NF_MANGLE=m
CONFIG_IP_NF_TARGET_TOS=m
CONFIG_IP_NF_TARGET_ECN=m
CONFIG_IP_NF_TARGET_DSCP=m
CONFIG_IP_NF_TARGET_MARK=m
CONFIG_IP_NF_TARGET_LOG=m
CONFIG_IP_NF_TARGET_ULOG=m
CONFIG_IP_NF_TARGET_TCPMSS=m
CONFIG_IP_NF_ARPTABLES=m
CONFIG_IP_NF_ARPFILTER=m
CONFIG_IP_NF_ARP_MANGLE=m
CONFIG_IP_NF_COMPAT_IPCHAINS=m
CONFIG_IP_NF_NAT_NEEDED=y
CONFIG_IP_NF_COMPAT_IPFWADM=m
CONFIG_IP_NF_NAT_NEEDED=y
CONFIG_IP_VS=m
# CONFIG_IP_VS_DEBUG is not set
CONFIG_IP_VS_TAB_BITS=12
CONFIG_IP_VS_RR=m
CONFIG_IP_VS_WRR=m
CONFIG_IP_VS_LC=m
CONFIG_IP_VS_WLC=m
CONFIG_IP_VS_LBLC=m
CONFIG_IP_VS_LBLCR=m
CONFIG_IP_VS_DH=m
CONFIG_IP_VS_SH=m
CONFIG_IP_VS_SED=m
CONFIG_IP_VS_NQ=m
CONFIG_IP_VS_FTP=m
CONFIG_IPV6=m
CONFIG_IPV6_PRIVACY=y
CONFIG_IP6_NF_QUEUE=m
CONFIG_IP6_NF_IPTABLES=m
CONFIG_IP6_NF_MATCH_LIMIT=m
CONFIG_IP6_NF_MATCH_MAC=m
CONFIG_IP6_NF_MATCH_RT=m
CONFIG_IP6_NF_MATCH_OPTS=m
CONFIG_IP6_NF_MATCH_FRAG=m
CONFIG_IP6_NF_MATCH_HL=m
CONFIG_IP6_NF_MATCH_MULTIPORT=m
CONFIG_IP6_NF_MATCH_OWNER=m
CONFIG_IP6_NF_MATCH_MARK=m
CONFIG_IP6_NF_MATCH_IPV6HEADER=m
CONFIG_IP6_NF_MATCH_AHESP=m
CONFIG_IP6_NF_MATCH_LENGTH=m
CONFIG_IP6_NF_MATCH_EUI64=m
CONFIG_IP6_NF_FILTER=m
CONFIG_IP6_NF_TARGET_LOG=m
CONFIG_IP6_NF_MANGLE=m
CONFIG_IP6_NF_TARGET_MARK=m
CONFIG_INET6_AH=m
CONFIG_INET6_ESP=m
CONFIG_INET6_IPCOMP=m
CONFIG_IPV6_TUNNEL=m
CONFIG_IP_SCTP=m
CONFIG_IPX=m
# CONFIG_IPX_INTERN is not set
CONFIG_IPDDP=m
CONFIG_IPDDP_ENCAP=y
CONFIG_IPDDP_DECAP=y
CONFIG_IPHASE5526=m
CONFIG_IPPP_FILTER=y
CONFIG_IPMI_HANDLER=m
# CONFIG_IPMI_PANIC_EVENT is not set
CONFIG_IPMI_DEVICE_INTERFACE=m
CONFIG_IPMI_KCS=m
CONFIG_IPMI_WATCHDOG=m
+ _________________________ etc/syslog.conf
+ cat /etc/syslog.conf
#  /etc/syslog.conf	Configuration file for syslogd.
#
#			For more information see syslog.conf(5)
#			manpage.

#
# First some standard logfiles.  Log by facility.
#

auth,authpriv.*			/var/log/auth.log
*.*;auth,authpriv.none		-/var/log/syslog
#cron.*				/var/log/cron.log
daemon.*			-/var/log/daemon.log
kern.*				-/var/log/kern.log
lpr.*				-/var/log/lpr.log
mail.*				-/var/log/mail.log
user.*				-/var/log/user.log
uucp.*				/var/log/uucp.log

#
# Logging for the mail system.  Split it up so that
# it is easy to write scripts to parse these files.
#
mail.info			-/var/log/mail.info
mail.warn			-/var/log/mail.warn
mail.err			/var/log/mail.err

# Logging for INN news system
#
news.crit			/var/log/news/news.crit
news.err			/var/log/news/news.err
news.notice			-/var/log/news/news.notice

#
# Some `catch-all' logfiles.
#
*.=debug;\
	auth,authpriv.none;\
	news.none;mail.none	-/var/log/debug
*.=info;*.=notice;*.=warn;\
	auth,authpriv.none;\
	cron,daemon.none;\
	mail,news.none		-/var/log/messages

#
# Emergencies are sent to everybody logged in.
#
*.emerg				*

#
# I like to have messages displayed on the console, but only on a virtual
# console I usually leave idle.
#
#daemon,mail.*;\
#	news.=crit;news.=err;news.=notice;\
#	*.=debug;*.=info;\
#	*.=notice;*.=warn	/dev/tty8

# The named pipe /dev/xconsole is for the `xconsole' utility.  To use it,
# you must invoke `xconsole' with the `-file' option:
# 
#    $ xconsole -file /dev/xconsole [...]
#
# NOTE: adjust the list below, or you'll go crazy if you have a reasonably
#      busy site..
#
daemon.*;mail.*;\
	news.crit;news.err;news.notice;\
	*.=debug;*.=info;\
	*.=notice;*.=warn	|/dev/xconsole

+ _________________________ etc/resolv.conf
+ cat /etc/resolv.conf
search comunebl.it
nameserver 10.6.3.130
nameserver 10.6.0.20
+ _________________________ lib/modules-ls
+ ls -ltr /lib/modules
total 8
drwxr-xr-x  5 root root 4096 Dec 19 16:28 2.4.27-2-386
drwxr-xr-x  4 root root 4096 Jan 25 13:08 2.4.27-2-686-smp
+ _________________________ proc/ksyms-netif_rx
+ test -r /proc/ksyms
+ egrep netif_rx /proc/ksyms
c01ba0fa netif_rx_R86c60d40
+ _________________________ lib/modules-netif_rx
+ modulegoo kernel/net/ipv4/ipip.o netif_rx
+ set +x
2.4.27-2-386:          U netif_rx_R86c60d40
2.4.27-2-686-smp:          U netif_rx_Rsmp_6381047f
+ _________________________ kern.debug
+ test -f /var/log/kern.debug
+ _________________________ klog
+ sed -n '14429,$p' /var/log/syslog
+ egrep -i 'ipsec|klips|pluto'
+ cat
Mar  9 11:13:07 localhost ipsec_setup: Starting Openswan IPsec U2.2.0/K2.4.27-2-386...
+ _________________________ plog
+ sed -n '6401,$p' /var/log/auth.log
+ egrep -i pluto
+ cat
Mar  9 11:13:07 localhost ipsec__plutorun: Starting Pluto subsystem...
Mar  9 11:13:07 localhost pluto[4314]: Starting Pluto (Openswan Version 2.2.0 X.509-1.5.4 PLUTO_USES_KEYRR)
Mar  9 11:13:07 localhost pluto[4314]:   including NAT-Traversal patch (Version 0.6c) [disabled]
Mar  9 11:13:07 localhost pluto[4314]: | opening /dev/urandom
Mar  9 11:13:07 localhost pluto[4314]: | inserting event EVENT_REINIT_SECRET, timeout in 3600 seconds
Mar  9 11:13:07 localhost pluto[4314]: ike_alg_register_enc(): Activating OAKLEY_AES_CBC: Ok (ret=0)
Mar  9 11:13:07 localhost pluto[4314]: | process 4314 listening for PF_KEY_V2 on file descriptor 6
Mar  9 11:13:07 localhost pluto[4314]: Using Linux 2.6 IPsec interface code
Mar  9 11:13:07 localhost pluto[4314]: | pfkey_lib_debug:pfkey_msg_hdr_build: 
Mar  9 11:13:07 localhost pluto[4314]: | pfkey_lib_debug:pfkey_msg_hdr_build: on_entry &pfkey_ext=0p0xbfffe5c0 pfkey_ext=0p0xbffff610 *pfkey_ext=0p(nil). 
Mar  9 11:13:07 localhost pluto[4314]: | pfkey_lib_debug:pfkey_msg_hdr_build: on_exit &pfkey_ext=0p0xbfffe5c0 pfkey_ext=0p0xbffff610 *pfkey_ext=0p0x80eee50. 
Mar  9 11:13:07 localhost pluto[4314]: | pfkey_lib_debug:pfkey_msg_build: pfkey_msg=0p0x80eee68 allocated 16 bytes, &(extensions[0])=0p0xbffff610 
Mar  9 11:13:07 localhost pluto[4314]: | pfkey_lib_debug:pfkey_msg_build: extensions permitted=00000001, seen=00000001, required=00000001. 
Mar  9 11:13:07 localhost pluto[4314]: | pfkey_lib_debug:pfkey_msg_parse: parsing message ver=2, type=7(register), errno=0, satype=2(AH), len=2, res=0, seq=1, pid=4314. 
Mar  9 11:13:07 localhost pluto[4314]: | pfkey_lib_debug:pfkey_msg_parse: remain=0, ext_type=0(reserved), ext_len=0. 
Mar  9 11:13:07 localhost pluto[4314]: | pfkey_lib_debug:pfkey_msg_parse: extensions permitted=00000001, required=00000001. 
Mar  9 11:13:07 localhost pluto[4314]: | pfkey_lib_debug:pfkey_msg_parse: extensions permitted=00000001, seen=00000001, required=00000001. 
Mar  9 11:13:07 localhost pluto[4314]: | finish_pfkey_msg: SADB_REGISTER message 1 for AH 
Mar  9 11:13:07 localhost pluto[4314]: |   02 07 00 02  02 00 00 00  01 00 00 00  da 10 00 00
Mar  9 11:13:07 localhost pluto[4314]: | pfkey_get: SADB_REGISTER message 1
Mar  9 11:13:07 localhost pluto[4314]: | AH registered with kernel.
Mar  9 11:13:07 localhost pluto[4314]: | pfkey_lib_debug:pfkey_msg_hdr_build: 
Mar  9 11:13:07 localhost pluto[4314]: | pfkey_lib_debug:pfkey_msg_hdr_build: on_entry &pfkey_ext=0p0xbfffe5c0 pfkey_ext=0p0xbffff610 *pfkey_ext=0p(nil). 
Mar  9 11:13:07 localhost pluto[4314]: | pfkey_lib_debug:pfkey_msg_hdr_build: on_exit &pfkey_ext=0p0xbfffe5c0 pfkey_ext=0p0xbffff610 *pfkey_ext=0p0x80eee50. 
Mar  9 11:13:07 localhost pluto[4314]: | pfkey_lib_debug:pfkey_msg_build: pfkey_msg=0p0x80eee68 allocated 16 bytes, &(extensions[0])=0p0xbffff610 
Mar  9 11:13:07 localhost pluto[4314]: | pfkey_lib_debug:pfkey_msg_build: extensions permitted=00000001, seen=00000001, required=00000001. 
Mar  9 11:13:07 localhost pluto[4314]: | pfkey_lib_debug:pfkey_msg_parse: parsing message ver=2, type=7(register), errno=0, satype=3(ESP), len=2, res=0, seq=2, pid=4314. 
Mar  9 11:13:07 localhost pluto[4314]: | pfkey_lib_debug:pfkey_msg_parse: remain=0, ext_type=0(reserved), ext_len=0. 
Mar  9 11:13:07 localhost pluto[4314]: | pfkey_lib_debug:pfkey_msg_parse: extensions permitted=00000001, required=00000001. 
Mar  9 11:13:07 localhost pluto[4314]: | pfkey_lib_debug:pfkey_msg_parse: extensions permitted=00000001, seen=00000001, required=00000001. 
Mar  9 11:13:07 localhost pluto[4314]: | finish_pfkey_msg: SADB_REGISTER message 2 for ESP 
Mar  9 11:13:07 localhost pluto[4314]: |   02 07 00 03  02 00 00 00  02 00 00 00  da 10 00 00
Mar  9 11:13:07 localhost pluto[4314]: | pfkey_get: SADB_REGISTER message 2
Mar  9 11:13:07 localhost pluto[4314]: | alg_init():memset(0x80eba80, 0, 2016) memset(0x80ec260, 0, 2048) 
Mar  9 11:13:07 localhost pluto[4314]: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: sadb_msg_len=15 sadb_supported_len=40
Mar  9 11:13:07 localhost pluto[4314]: | kernel_alg_add():satype=3, exttype=14, alg_id=251
Mar  9 11:13:07 localhost pluto[4314]: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[0], exttype=14, satype=3, alg_id=251, alg_ivlen=0, alg_minbits=0, alg_maxbits=0, res=0, ret=1
Mar  9 11:13:07 localhost pluto[4314]: | kernel_alg_add():satype=3, exttype=14, alg_id=2
Mar  9 11:13:07 localhost pluto[4314]: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[1], exttype=14, satype=3, alg_id=2, alg_ivlen=0, alg_minbits=128, alg_maxbits=128, res=0, ret=1
Mar  9 11:13:07 localhost pluto[4314]: | kernel_alg_add():satype=3, exttype=14, alg_id=3
Mar  9 11:13:07 localhost pluto[4314]: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[2], exttype=14, satype=3, alg_id=3, alg_ivlen=0, alg_minbits=160, alg_maxbits=160, res=0, ret=1
Mar  9 11:13:07 localhost pluto[4314]: | kernel_alg_add():satype=3, exttype=14, alg_id=5
Mar  9 11:13:07 localhost pluto[4314]: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[3], exttype=14, satype=3, alg_id=5, alg_ivlen=0, alg_minbits=256, alg_maxbits=256, res=0, ret=1
Mar  9 11:13:07 localhost pluto[4314]: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: sadb_msg_len=15 sadb_supported_len=64
Mar  9 11:13:07 localhost pluto[4314]: | kernel_alg_add():satype=3, exttype=15, alg_id=11
Mar  9 11:13:07 localhost pluto[4314]: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[4], exttype=15, satype=3, alg_id=11, alg_ivlen=0, alg_minbits=0, alg_maxbits=0, res=0, ret=1
Mar  9 11:13:07 localhost pluto[4314]: | kernel_alg_add():satype=3, exttype=15, alg_id=2
Mar  9 11:13:07 localhost pluto[4314]: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[5], exttype=15, satype=3, alg_id=2, alg_ivlen=8, alg_minbits=64, alg_maxbits=64, res=0, ret=1
Mar  9 11:13:07 localhost pluto[4314]: | kernel_alg_add():satype=3, exttype=15, alg_id=3
Mar  9 11:13:07 localhost pluto[4314]: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[6], exttype=15, satype=3, alg_id=3, alg_ivlen=8, alg_minbits=192, alg_maxbits=192, res=0, ret=1
Mar  9 11:13:07 localhost pluto[4314]: | kernel_alg_add():satype=3, exttype=15, alg_id=7
Mar  9 11:13:07 localhost pluto[4314]: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[7], exttype=15, satype=3, alg_id=7, alg_ivlen=8, alg_minbits=40, alg_maxbits=448, res=0, ret=1
Mar  9 11:13:07 localhost pluto[4314]: | kernel_alg_add():satype=3, exttype=15, alg_id=12
Mar  9 11:13:07 localhost pluto[4314]: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[8], exttype=15, satype=3, alg_id=12, alg_ivlen=8, alg_minbits=128, alg_maxbits=256, res=0, ret=1
Mar  9 11:13:07 localhost pluto[4314]: | kernel_alg_add():satype=3, exttype=15, alg_id=252
Mar  9 11:13:07 localhost pluto[4314]: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[9], exttype=15, satype=3, alg_id=252, alg_ivlen=8, alg_minbits=128, alg_maxbits=256, res=0, ret=1
Mar  9 11:13:07 localhost pluto[4314]: | kernel_alg_add():satype=3, exttype=15, alg_id=253
Mar  9 11:13:07 localhost pluto[4314]: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[10], exttype=15, satype=3, alg_id=253, alg_ivlen=8, alg_minbits=128, alg_maxbits=256, res=0, ret=1
Mar  9 11:13:07 localhost pluto[4314]: | ESP registered with kernel.
Mar  9 11:13:07 localhost pluto[4314]: | pfkey_lib_debug:pfkey_msg_hdr_build: 
Mar  9 11:13:07 localhost pluto[4314]: | pfkey_lib_debug:pfkey_msg_hdr_build: on_entry &pfkey_ext=0p0xbfffe5c0 pfkey_ext=0p0xbffff610 *pfkey_ext=0p(nil). 
Mar  9 11:13:07 localhost pluto[4314]: | pfkey_lib_debug:pfkey_msg_hdr_build: on_exit &pfkey_ext=0p0xbfffe5c0 pfkey_ext=0p0xbffff610 *pfkey_ext=0p0x80eee50. 
Mar  9 11:13:07 localhost pluto[4314]: | pfkey_lib_debug:pfkey_msg_build: pfkey_msg=0p0x80eee68 allocated 16 bytes, &(extensions[0])=0p0xbffff610 
Mar  9 11:13:07 localhost pluto[4314]: | pfkey_lib_debug:pfkey_msg_build: extensions permitted=00000001, seen=00000001, required=00000001. 
Mar  9 11:13:07 localhost pluto[4314]: | pfkey_lib_debug:pfkey_msg_parse: parsing message ver=2, type=7(register), errno=0, satype=9(IPIP), len=2, res=0, seq=3, pid=4314. 
Mar  9 11:13:07 localhost pluto[4314]: | pfkey_lib_debug:pfkey_msg_parse: remain=0, ext_type=0(reserved), ext_len=0. 
Mar  9 11:13:07 localhost pluto[4314]: | pfkey_lib_debug:pfkey_msg_parse: extensions permitted=00000001, required=00000001. 
Mar  9 11:13:07 localhost pluto[4314]: | pfkey_lib_debug:pfkey_msg_parse: extensions permitted=00000001, seen=00000001, required=00000001. 
Mar  9 11:13:07 localhost pluto[4314]: | finish_pfkey_msg: SADB_REGISTER message 3 for IPCOMP 
Mar  9 11:13:07 localhost pluto[4314]: |   02 07 00 09  02 00 00 00  03 00 00 00  da 10 00 00
Mar  9 11:13:07 localhost pluto[4314]: | pfkey_get: SADB_REGISTER message 3
Mar  9 11:13:07 localhost pluto[4314]: | IPCOMP registered with kernel.
Mar  9 11:13:07 localhost pluto[4314]: Changing to directory '/etc/ipsec.d/cacerts'
Mar  9 11:13:07 localhost pluto[4314]: Could not change to directory '/etc/ipsec.d/aacerts'
Mar  9 11:13:07 localhost pluto[4314]: Changing to directory '/etc/ipsec.d/ocspcerts'
Mar  9 11:13:07 localhost pluto[4314]: Changing to directory '/etc/ipsec.d/crls'
Mar  9 11:13:07 localhost pluto[4314]:   Warning: empty directory
Mar  9 11:13:07 localhost pluto[4314]: | inserting event 11??, timeout in 46013 seconds
Mar  9 11:13:07 localhost pluto[4314]: | next event EVENT_REINIT_SECRET in 3600 seconds
Mar  9 11:13:07 localhost pluto[4314]: |  
Mar  9 11:13:07 localhost pluto[4314]: | *received whack message
Mar  9 11:13:07 localhost pluto[4314]: | next event EVENT_REINIT_SECRET in 3600 seconds
Mar  9 11:13:07 localhost pluto[4314]: |  
Mar  9 11:13:07 localhost pluto[4314]: | *received whack message
Mar  9 11:13:07 localhost pluto[4314]: | next event EVENT_REINIT_SECRET in 3600 seconds
Mar  9 11:13:07 localhost pluto[4314]: |  
Mar  9 11:13:07 localhost pluto[4314]: | *received whack message
Mar  9 11:13:07 localhost pluto[4314]: | Added new connection road with policy RSASIG+ENCRYPT+TUNNEL+PFS
Mar  9 11:13:07 localhost pluto[4314]: | from whack: got --esp=3des-md5,3des-sha1
Mar  9 11:13:07 localhost pluto[4314]: | alg_info_parse_str() ealg_buf=3des aalg_buf=md5eklen=0  aklen=0
Mar  9 11:13:07 localhost pluto[4314]: | enum_search_prefix () calling enum_search(0x80cdfb4, "ESP_3DES")
Mar  9 11:13:07 localhost pluto[4314]: | parser_alg_info_add() ealg_getbyname("3des")=3
Mar  9 11:13:07 localhost pluto[4314]: | enum_search_prefix () calling enum_search(0x80ce280, "AUTH_ALGORITHM_HMAC_MD5")
Mar  9 11:13:07 localhost pluto[4314]: | parser_alg_info_add() aalg_getbyname("md5")=1
Mar  9 11:13:07 localhost pluto[4314]: | __alg_info_esp_add() ealg=3 aalg=1 cnt=1
Mar  9 11:13:07 localhost pluto[4314]: | alg_info_parse_str() ealg_buf=3des aalg_buf=sha1eklen=0  aklen=0
Mar  9 11:13:07 localhost pluto[4314]: | enum_search_prefix () calling enum_search(0x80cdfb4, "ESP_3DES")
Mar  9 11:13:07 localhost pluto[4314]: | parser_alg_info_add() ealg_getbyname("3des")=3
Mar  9 11:13:07 localhost pluto[4314]: | enum_search_prefix () calling enum_search(0x80ce280, "AUTH_ALGORITHM_HMAC_SHA1")
Mar  9 11:13:07 localhost pluto[4314]: | parser_alg_info_add() aalg_getbyname("sha1")=2
Mar  9 11:13:07 localhost pluto[4314]: | __alg_info_esp_add() ealg=3 aalg=2 cnt=2
Mar  9 11:13:07 localhost pluto[4314]: | esp string values: 3_000-1, 3_000-2, flags=-strict
Mar  9 11:13:07 localhost pluto[4314]: | from whack: got --ike=3des-md5,3des-sha
Mar  9 11:13:07 localhost pluto[4314]: | alg_info_parse_str() ealg_buf=3des aalg_buf=md5eklen=0  aklen=0
Mar  9 11:13:07 localhost pluto[4314]: | enum_search_prefix () calling enum_search(0x80ce3fc, "OAKLEY_3DES")
Mar  9 11:13:07 localhost pluto[4314]: | enum_search_ppfixi () calling enum_search(0x80ce3fc, "OAKLEY_3DES_CBC")
Mar  9 11:13:07 localhost pluto[4314]: | parser_alg_info_add() ealg_getbyname("3des")=5
Mar  9 11:13:07 localhost pluto[4314]: | enum_search_prefix () calling enum_search(0x80ce424, "OAKLEY_MD5")
Mar  9 11:13:07 localhost pluto[4314]: | parser_alg_info_add() aalg_getbyname("md5")=1
Mar  9 11:13:07 localhost pluto[4314]: | __alg_info_ike_add() ealg=5 aalg=1 modp_id=5, cnt=1
Mar  9 11:13:07 localhost pluto[4314]: | __alg_info_ike_add() ealg=5 aalg=1 modp_id=2, cnt=2
Mar  9 11:13:07 localhost pluto[4314]: | alg_info_parse_str() ealg_buf=3des aalg_buf=shaeklen=0  aklen=0
Mar  9 11:13:07 localhost pluto[4314]: | enum_search_prefix () calling enum_search(0x80ce3fc, "OAKLEY_3DES")
Mar  9 11:13:07 localhost pluto[4314]: | enum_search_ppfixi () calling enum_search(0x80ce3fc, "OAKLEY_3DES_CBC")
Mar  9 11:13:07 localhost pluto[4314]: | parser_alg_info_add() ealg_getbyname("3des")=5
Mar  9 11:13:07 localhost pluto[4314]: | enum_search_prefix () calling enum_search(0x80ce424, "OAKLEY_SHA")
Mar  9 11:13:07 localhost pluto[4314]: | parser_alg_info_add() aalg_getbyname("sha")=2
Mar  9 11:13:07 localhost pluto[4314]: | __alg_info_ike_add() ealg=5 aalg=2 modp_id=5, cnt=3
Mar  9 11:13:07 localhost pluto[4314]: | __alg_info_ike_add() ealg=5 aalg=2 modp_id=2, cnt=4
Mar  9 11:13:07 localhost pluto[4314]: | ike string values: 5_000-1-5, 5_000-1-2, 5_000-2-5, 5_000-2-2, flags=-strict
Mar  9 11:13:07 localhost pluto[4314]: | counting wild cards for @multilinus.multibel.it is 0
Mar  9 11:13:07 localhost pluto[4314]: | sendcert is 3
Mar  9 11:13:07 localhost pluto[4314]: | counting wild cards for @multibel1.multibel.it is 0
Mar  9 11:13:07 localhost pluto[4314]: | sendcert is 3
Mar  9 11:13:07 localhost pluto[4314]: | based upon policy, the connection is a template.
Mar  9 11:13:07 localhost pluto[4314]: | alg_info_addref() alg_info->ref_cnt=1
Mar  9 11:13:07 localhost pluto[4314]: | alg_info_addref() alg_info->ref_cnt=1
Mar  9 11:13:07 localhost pluto[4314]: | alg_info_addref() alg_info->ref_cnt=2
Mar  9 11:13:07 localhost pluto[4314]: | alg_info_addref() alg_info->ref_cnt=2
Mar  9 11:13:07 localhost pluto[4314]: added connection description "road"
Mar  9 11:13:07 localhost pluto[4314]: | 10.6.100.0/24===10.6.3.133[@multilinus.multibel.it]...%any[@multibel1.multibel.it]
Mar  9 11:13:07 localhost pluto[4314]: | ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; policy: RSASIG+ENCRYPT+TUNNEL+PFS
Mar  9 11:13:07 localhost pluto[4314]: | next event EVENT_REINIT_SECRET in 3600 seconds
Mar  9 11:13:07 localhost pluto[4314]: |  
Mar  9 11:13:07 localhost pluto[4314]: | *received whack message
Mar  9 11:13:07 localhost pluto[4314]: listening for IKE messages
Mar  9 11:13:07 localhost pluto[4314]: | found lo with address 127.0.0.1
Mar  9 11:13:07 localhost pluto[4314]: | found eth0 with address 10.6.3.133
Mar  9 11:13:07 localhost pluto[4314]: | found eth1 with address 10.6.100.254
Mar  9 11:13:07 localhost pluto[4314]: adding interface eth1/eth1 10.6.100.254
Mar  9 11:13:07 localhost pluto[4314]: adding interface eth0/eth0 10.6.3.133
Mar  9 11:13:07 localhost pluto[4314]: adding interface lo/lo 127.0.0.1
Mar  9 11:13:07 localhost pluto[4314]: | could not open /proc/net/if_inet6
Mar  9 11:13:07 localhost pluto[4314]: loading secrets from "/etc/ipsec.secrets"
Mar  9 11:13:07 localhost pluto[4314]: | loaded private key for keyid: PPK_RSA:AQN74Z87R
Mar  9 11:13:07 localhost pluto[4314]: | next event EVENT_REINIT_SECRET in 3600 seconds
Mar  9 11:13:15 localhost pluto[4314]: |  
Mar  9 11:13:15 localhost pluto[4314]: | *received 176 bytes from 10.6.3.132:500 on eth0
Mar  9 11:13:15 localhost pluto[4314]: |   70 dc 4e a5  c0 44 b1 4c  00 00 00 00  00 00 00 00
Mar  9 11:13:15 localhost pluto[4314]: |   01 10 02 00  00 00 00 00  00 00 00 b0  00 00 00 94
Mar  9 11:13:15 localhost pluto[4314]: |   00 00 00 01  00 00 00 01  00 00 00 88  00 01 00 04
Mar  9 11:13:15 localhost pluto[4314]: |   03 00 00 20  00 01 00 00  80 0b 00 01  80 0c 0e 10
Mar  9 11:13:15 localhost pluto[4314]: |   80 01 00 05  80 02 00 01  80 03 00 03  80 04 00 05
Mar  9 11:13:15 localhost pluto[4314]: |   03 00 00 20  01 01 00 00  80 0b 00 01  80 0c 0e 10
Mar  9 11:13:15 localhost pluto[4314]: |   80 01 00 05  80 02 00 01  80 03 00 03  80 04 00 02
Mar  9 11:13:15 localhost pluto[4314]: |   03 00 00 20  02 01 00 00  80 0b 00 01  80 0c 0e 10
Mar  9 11:13:15 localhost pluto[4314]: |   80 01 00 05  80 02 00 02  80 03 00 03  80 04 00 05
Mar  9 11:13:15 localhost pluto[4314]: |   00 00 00 20  03 01 00 00  80 0b 00 01  80 0c 0e 10
Mar  9 11:13:15 localhost pluto[4314]: |   80 01 00 05  80 02 00 02  80 03 00 03  80 04 00 02
Mar  9 11:13:15 localhost pluto[4314]: | **parse ISAKMP Message:
Mar  9 11:13:15 localhost pluto[4314]: |    initiator cookie:
Mar  9 11:13:15 localhost pluto[4314]: |   70 dc 4e a5  c0 44 b1 4c
Mar  9 11:13:15 localhost pluto[4314]: |    responder cookie:
Mar  9 11:13:15 localhost pluto[4314]: |   00 00 00 00  00 00 00 00
Mar  9 11:13:15 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_SA
Mar  9 11:13:15 localhost pluto[4314]: |    ISAKMP version: ISAKMP Version 1.0
Mar  9 11:13:15 localhost pluto[4314]: |    exchange type: ISAKMP_XCHG_IDPROT
Mar  9 11:13:15 localhost pluto[4314]: |    flags: none
Mar  9 11:13:15 localhost pluto[4314]: |    message ID:  00 00 00 00
Mar  9 11:13:15 localhost pluto[4314]: |    length: 176
Mar  9 11:13:15 localhost pluto[4314]: | ***parse ISAKMP Security Association Payload:
Mar  9 11:13:15 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_NONE
Mar  9 11:13:15 localhost pluto[4314]: |    length: 148
Mar  9 11:13:15 localhost pluto[4314]: |    DOI: ISAKMP_DOI_IPSEC
Mar  9 11:13:15 localhost pluto[4314]: | alg_info_addref() alg_info->ref_cnt=3
Mar  9 11:13:15 localhost pluto[4314]: | alg_info_addref() alg_info->ref_cnt=3
Mar  9 11:13:15 localhost pluto[4314]: | alg_info_addref() alg_info->ref_cnt=4
Mar  9 11:13:15 localhost pluto[4314]: | alg_info_addref() alg_info->ref_cnt=4
Mar  9 11:13:15 localhost pluto[4314]: | instantiated "road" for 10.6.3.132
Mar  9 11:13:15 localhost pluto[4314]: | creating state object #1 at 0x80efca8
Mar  9 11:13:15 localhost pluto[4314]: | ICOOKIE:  70 dc 4e a5  c0 44 b1 4c
Mar  9 11:13:15 localhost pluto[4314]: | RCOOKIE:  1c 1d 70 9c  52 0c 37 8c
Mar  9 11:13:15 localhost pluto[4314]: | peer:  0a 06 03 84
Mar  9 11:13:15 localhost pluto[4314]: | state hash entry 25
Mar  9 11:13:15 localhost pluto[4314]: | inserting event EVENT_SO_DISCARD, timeout in 0 seconds for #1
Mar  9 11:13:15 localhost pluto[4314]: "road"[1] 10.6.3.132 #1: responding to Main Mode from unknown peer 10.6.3.132
Mar  9 11:13:15 localhost pluto[4314]: | **emit ISAKMP Message:
Mar  9 11:13:15 localhost pluto[4314]: |    initiator cookie:
Mar  9 11:13:15 localhost pluto[4314]: |   70 dc 4e a5  c0 44 b1 4c
Mar  9 11:13:15 localhost pluto[4314]: |    responder cookie:
Mar  9 11:13:15 localhost pluto[4314]: |   1c 1d 70 9c  52 0c 37 8c
Mar  9 11:13:15 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_SA
Mar  9 11:13:15 localhost pluto[4314]: |    ISAKMP version: ISAKMP Version 1.0
Mar  9 11:13:15 localhost pluto[4314]: |    exchange type: ISAKMP_XCHG_IDPROT
Mar  9 11:13:15 localhost pluto[4314]: |    flags: none
Mar  9 11:13:15 localhost pluto[4314]: |    message ID:  00 00 00 00
Mar  9 11:13:15 localhost pluto[4314]: | ***emit ISAKMP Security Association Payload:
Mar  9 11:13:15 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_NONE
Mar  9 11:13:15 localhost pluto[4314]: |    DOI: ISAKMP_DOI_IPSEC
Mar  9 11:13:15 localhost pluto[4314]: | ****parse IPsec DOI SIT:
Mar  9 11:13:15 localhost pluto[4314]: |    IPsec DOI SIT: SIT_IDENTITY_ONLY
Mar  9 11:13:15 localhost pluto[4314]: | ****parse ISAKMP Proposal Payload:
Mar  9 11:13:15 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_NONE
Mar  9 11:13:15 localhost pluto[4314]: |    length: 136
Mar  9 11:13:15 localhost pluto[4314]: |    proposal number: 0
Mar  9 11:13:15 localhost pluto[4314]: |    protocol ID: PROTO_ISAKMP
Mar  9 11:13:15 localhost pluto[4314]: |    SPI size: 0
Mar  9 11:13:15 localhost pluto[4314]: |    number of transforms: 4
Mar  9 11:13:15 localhost pluto[4314]: | *****parse ISAKMP Transform Payload (ISAKMP):
Mar  9 11:13:15 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_T
Mar  9 11:13:15 localhost pluto[4314]: |    length: 32
Mar  9 11:13:15 localhost pluto[4314]: |    transform number: 0
Mar  9 11:13:15 localhost pluto[4314]: |    transform ID: KEY_IKE
Mar  9 11:13:15 localhost pluto[4314]: | ******parse ISAKMP Oakley attribute:
Mar  9 11:13:15 localhost pluto[4314]: |    af+type: OAKLEY_LIFE_TYPE
Mar  9 11:13:15 localhost pluto[4314]: |    length/value: 1
Mar  9 11:13:15 localhost pluto[4314]: |    [1 is OAKLEY_LIFE_SECONDS]
Mar  9 11:13:15 localhost pluto[4314]: | ******parse ISAKMP Oakley attribute:
Mar  9 11:13:15 localhost pluto[4314]: |    af+type: OAKLEY_LIFE_DURATION
Mar  9 11:13:15 localhost pluto[4314]: |    length/value: 3600
Mar  9 11:13:15 localhost pluto[4314]: | ******parse ISAKMP Oakley attribute:
Mar  9 11:13:15 localhost pluto[4314]: |    af+type: OAKLEY_ENCRYPTION_ALGORITHM
Mar  9 11:13:15 localhost pluto[4314]: |    length/value: 5
Mar  9 11:13:15 localhost pluto[4314]: |    [5 is OAKLEY_3DES_CBC]
Mar  9 11:13:15 localhost pluto[4314]: | ike_alg_enc_ok(ealg=5,key_len=0): blocksize=8, keyminlen=192, keydeflen=192, keymaxlen=192, ret=1
Mar  9 11:13:15 localhost pluto[4314]: | ******parse ISAKMP Oakley attribute:
Mar  9 11:13:15 localhost pluto[4314]: |    af+type: OAKLEY_HASH_ALGORITHM
Mar  9 11:13:15 localhost pluto[4314]: |    length/value: 1
Mar  9 11:13:15 localhost pluto[4314]: |    [1 is OAKLEY_MD5]
Mar  9 11:13:15 localhost pluto[4314]: | ******parse ISAKMP Oakley attribute:
Mar  9 11:13:15 localhost pluto[4314]: |    af+type: OAKLEY_AUTHENTICATION_METHOD
Mar  9 11:13:15 localhost pluto[4314]: |    length/value: 3
Mar  9 11:13:15 localhost pluto[4314]: |    [3 is OAKLEY_RSA_SIG]
Mar  9 11:13:15 localhost pluto[4314]: | ******parse ISAKMP Oakley attribute:
Mar  9 11:13:15 localhost pluto[4314]: |    af+type: OAKLEY_GROUP_DESCRIPTION
Mar  9 11:13:15 localhost pluto[4314]: |    length/value: 5
Mar  9 11:13:15 localhost pluto[4314]: |    [5 is OAKLEY_GROUP_MODP1536]
Mar  9 11:13:15 localhost pluto[4314]: | Oakley Transform 0 accepted
Mar  9 11:13:15 localhost pluto[4314]: | ****emit IPsec DOI SIT:
Mar  9 11:13:15 localhost pluto[4314]: |    IPsec DOI SIT: SIT_IDENTITY_ONLY
Mar  9 11:13:15 localhost pluto[4314]: | ****emit ISAKMP Proposal Payload:
Mar  9 11:13:15 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_NONE
Mar  9 11:13:15 localhost pluto[4314]: |    proposal number: 0
Mar  9 11:13:15 localhost pluto[4314]: |    protocol ID: PROTO_ISAKMP
Mar  9 11:13:15 localhost pluto[4314]: |    SPI size: 0
Mar  9 11:13:15 localhost pluto[4314]: |    number of transforms: 1
Mar  9 11:13:15 localhost pluto[4314]: | *****emit ISAKMP Transform Payload (ISAKMP):
Mar  9 11:13:15 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_NONE
Mar  9 11:13:15 localhost pluto[4314]: |    transform number: 0
Mar  9 11:13:15 localhost pluto[4314]: |    transform ID: KEY_IKE
Mar  9 11:13:15 localhost pluto[4314]: | emitting 24 raw bytes of attributes into ISAKMP Transform Payload (ISAKMP)
Mar  9 11:13:15 localhost pluto[4314]: | attributes  80 0b 00 01  80 0c 0e 10  80 01 00 05  80 02 00 01
Mar  9 11:13:15 localhost pluto[4314]: |   80 03 00 03  80 04 00 05
Mar  9 11:13:15 localhost pluto[4314]: | emitting length of ISAKMP Transform Payload (ISAKMP): 32
Mar  9 11:13:15 localhost pluto[4314]: | emitting length of ISAKMP Proposal Payload: 40
Mar  9 11:13:15 localhost pluto[4314]: | emitting length of ISAKMP Security Association Payload: 52
Mar  9 11:13:15 localhost pluto[4314]: | sender checking NAT-t: 0 and 0
Mar  9 11:13:15 localhost pluto[4314]: | emitting length of ISAKMP Message: 80
Mar  9 11:13:15 localhost pluto[4314]: "road"[1] 10.6.3.132 #1: transition from state (null) to state STATE_MAIN_R1
Mar  9 11:13:15 localhost pluto[4314]: | sending 80 bytes for STATE_MAIN_R0 through eth0 to 10.6.3.132:500:
Mar  9 11:13:15 localhost pluto[4314]: |   70 dc 4e a5  c0 44 b1 4c  1c 1d 70 9c  52 0c 37 8c
Mar  9 11:13:15 localhost pluto[4314]: |   01 10 02 00  00 00 00 00  00 00 00 50  00 00 00 34
Mar  9 11:13:15 localhost pluto[4314]: |   00 00 00 01  00 00 00 01  00 00 00 28  00 01 00 01
Mar  9 11:13:15 localhost pluto[4314]: |   00 00 00 20  00 01 00 00  80 0b 00 01  80 0c 0e 10
Mar  9 11:13:15 localhost pluto[4314]: |   80 01 00 05  80 02 00 01  80 03 00 03  80 04 00 05
Mar  9 11:13:15 localhost pluto[4314]: | inserting event EVENT_RETRANSMIT, timeout in 10 seconds for #1
Mar  9 11:13:15 localhost pluto[4314]: | next event EVENT_RETRANSMIT in 10 seconds for #1
Mar  9 11:13:15 localhost pluto[4314]: |  
Mar  9 11:13:15 localhost pluto[4314]: | *received 244 bytes from 10.6.3.132:500 on eth0
Mar  9 11:13:15 localhost pluto[4314]: |   70 dc 4e a5  c0 44 b1 4c  1c 1d 70 9c  52 0c 37 8c
Mar  9 11:13:15 localhost pluto[4314]: |   04 10 02 00  00 00 00 00  00 00 00 f4  0a 00 00 c4
Mar  9 11:13:15 localhost pluto[4314]: |   18 b5 c2 b5  94 68 c1 56  c8 b9 bb 5c  ad 4d ba 29
Mar  9 11:13:15 localhost pluto[4314]: |   ad 32 5e d4  c7 0a d8 e1  e6 fc 7f b8  17 27 b9 a5
Mar  9 11:13:15 localhost pluto[4314]: |   81 4a 41 5f  af e9 9e 35  42 6b cc 39  77 b4 51 17
Mar  9 11:13:15 localhost pluto[4314]: |   2b 49 7d 23  00 9c 62 ac  5c fb af a5  da 9a 19 77
Mar  9 11:13:15 localhost pluto[4314]: |   b2 f5 0e f0  b9 9a 75 cc  e9 e6 76 6a  85 e4 b0 3b
Mar  9 11:13:15 localhost pluto[4314]: |   cb 69 c8 7d  79 77 2d b7  b5 eb 43 6b  23 77 a2 6f
Mar  9 11:13:15 localhost pluto[4314]: |   90 10 e9 10  9e 4a d2 bb  16 03 e5 b4  26 12 1b 14
Mar  9 11:13:15 localhost pluto[4314]: |   99 b3 75 1e  6e 8f 27 61  fd 7e b3 40  f8 e7 dd 3e
Mar  9 11:13:15 localhost pluto[4314]: |   c5 c6 9e d3  5b eb 93 bc  ec 0e 86 99  82 d3 b7 ac
Mar  9 11:13:15 localhost pluto[4314]: |   ca 5e f6 02  99 18 21 bd  f9 e0 f7 d2  9c 0b 87 4f
Mar  9 11:13:15 localhost pluto[4314]: |   ec 04 c7 40  40 ca ac 3a  f1 cb 04 bb  4e 3d 0d 22
Mar  9 11:13:15 localhost pluto[4314]: |   10 dc a5 48  9e ba f1 82  1f 06 28 de  b2 2e 6e 48
Mar  9 11:13:15 localhost pluto[4314]: |   00 00 00 14  b3 e6 17 e6  e4 c1 a0 f1  4b 67 56 0f
Mar  9 11:13:15 localhost pluto[4314]: |   5c 80 32 34
Mar  9 11:13:15 localhost pluto[4314]: | **parse ISAKMP Message:
Mar  9 11:13:15 localhost pluto[4314]: |    initiator cookie:
Mar  9 11:13:15 localhost pluto[4314]: |   70 dc 4e a5  c0 44 b1 4c
Mar  9 11:13:15 localhost pluto[4314]: |    responder cookie:
Mar  9 11:13:15 localhost pluto[4314]: |   1c 1d 70 9c  52 0c 37 8c
Mar  9 11:13:15 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_KE
Mar  9 11:13:15 localhost pluto[4314]: |    ISAKMP version: ISAKMP Version 1.0
Mar  9 11:13:15 localhost pluto[4314]: |    exchange type: ISAKMP_XCHG_IDPROT
Mar  9 11:13:15 localhost pluto[4314]: |    flags: none
Mar  9 11:13:15 localhost pluto[4314]: |    message ID:  00 00 00 00
Mar  9 11:13:15 localhost pluto[4314]: |    length: 244
Mar  9 11:13:15 localhost pluto[4314]: | ICOOKIE:  70 dc 4e a5  c0 44 b1 4c
Mar  9 11:13:15 localhost pluto[4314]: | RCOOKIE:  1c 1d 70 9c  52 0c 37 8c
Mar  9 11:13:15 localhost pluto[4314]: | peer:  0a 06 03 84
Mar  9 11:13:15 localhost pluto[4314]: | state hash entry 25
Mar  9 11:13:15 localhost pluto[4314]: | peer and cookies match on #1, provided msgid 00000000 vs 00000000
Mar  9 11:13:15 localhost pluto[4314]: | state object #1 found, in STATE_MAIN_R1
Mar  9 11:13:15 localhost pluto[4314]: | ***parse ISAKMP Key Exchange Payload:
Mar  9 11:13:15 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_NONCE
Mar  9 11:13:15 localhost pluto[4314]: |    length: 196
Mar  9 11:13:15 localhost pluto[4314]: | ***parse ISAKMP Nonce Payload:
Mar  9 11:13:15 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_NONE
Mar  9 11:13:15 localhost pluto[4314]: |    length: 20
Mar  9 11:13:15 localhost pluto[4314]: | **emit ISAKMP Message:
Mar  9 11:13:15 localhost pluto[4314]: |    initiator cookie:
Mar  9 11:13:15 localhost pluto[4314]: |   70 dc 4e a5  c0 44 b1 4c
Mar  9 11:13:15 localhost pluto[4314]: |    responder cookie:
Mar  9 11:13:15 localhost pluto[4314]: |   1c 1d 70 9c  52 0c 37 8c
Mar  9 11:13:15 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_KE
Mar  9 11:13:15 localhost pluto[4314]: |    ISAKMP version: ISAKMP Version 1.0
Mar  9 11:13:15 localhost pluto[4314]: |    exchange type: ISAKMP_XCHG_IDPROT
Mar  9 11:13:15 localhost pluto[4314]: |    flags: none
Mar  9 11:13:15 localhost pluto[4314]: |    message ID:  00 00 00 00
Mar  9 11:13:15 localhost pluto[4314]: | DH public value received:
Mar  9 11:13:15 localhost pluto[4314]: |   18 b5 c2 b5  94 68 c1 56  c8 b9 bb 5c  ad 4d ba 29
Mar  9 11:13:15 localhost pluto[4314]: |   ad 32 5e d4  c7 0a d8 e1  e6 fc 7f b8  17 27 b9 a5
Mar  9 11:13:15 localhost pluto[4314]: |   81 4a 41 5f  af e9 9e 35  42 6b cc 39  77 b4 51 17
Mar  9 11:13:15 localhost pluto[4314]: |   2b 49 7d 23  00 9c 62 ac  5c fb af a5  da 9a 19 77
Mar  9 11:13:15 localhost pluto[4314]: |   b2 f5 0e f0  b9 9a 75 cc  e9 e6 76 6a  85 e4 b0 3b
Mar  9 11:13:15 localhost pluto[4314]: |   cb 69 c8 7d  79 77 2d b7  b5 eb 43 6b  23 77 a2 6f
Mar  9 11:13:15 localhost pluto[4314]: |   90 10 e9 10  9e 4a d2 bb  16 03 e5 b4  26 12 1b 14
Mar  9 11:13:15 localhost pluto[4314]: |   99 b3 75 1e  6e 8f 27 61  fd 7e b3 40  f8 e7 dd 3e
Mar  9 11:13:15 localhost pluto[4314]: |   c5 c6 9e d3  5b eb 93 bc  ec 0e 86 99  82 d3 b7 ac
Mar  9 11:13:15 localhost pluto[4314]: |   ca 5e f6 02  99 18 21 bd  f9 e0 f7 d2  9c 0b 87 4f
Mar  9 11:13:15 localhost pluto[4314]: |   ec 04 c7 40  40 ca ac 3a  f1 cb 04 bb  4e 3d 0d 22
Mar  9 11:13:15 localhost pluto[4314]: |   10 dc a5 48  9e ba f1 82  1f 06 28 de  b2 2e 6e 48
Mar  9 11:13:15 localhost pluto[4314]: | inI2: checking NAT-t: 0 and 0
Mar  9 11:13:15 localhost pluto[4314]: | Local DH secret:
Mar  9 11:13:15 localhost pluto[4314]: |   03 c8 ed 16  d5 d0 6e 99  99 cb 57 26  17 bf 0d 2b
Mar  9 11:13:15 localhost pluto[4314]: |   8f a5 60 64  16 7b bf 47  9e f5 b4 30  7c c0 1a c5
Mar  9 11:13:15 localhost pluto[4314]: | Public DH value sent:
Mar  9 11:13:15 localhost pluto[4314]: |   74 30 b0 59  ad 1a 76 2a  94 68 c3 51  cb bb e0 e9
Mar  9 11:13:15 localhost pluto[4314]: |   a8 be 96 6d  e0 6f e2 16  9b 34 fc 0e  97 aa 41 4a
Mar  9 11:13:15 localhost pluto[4314]: |   47 ee 1c b3  53 b3 39 23  ae f8 cd b9  71 fb 9e b9
Mar  9 11:13:15 localhost pluto[4314]: |   a8 be e2 61  9c 88 36 73  f1 f6 e3 dd  22 a1 d7 13
Mar  9 11:13:15 localhost pluto[4314]: |   4b a9 2f ae  1b 5a 32 47  1b 6d 21 9c  3c 8b 44 c3
Mar  9 11:13:15 localhost pluto[4314]: |   12 62 5a 07  05 19 ea bd  e0 b6 7e 87  f5 c3 cb 83
Mar  9 11:13:15 localhost pluto[4314]: |   01 23 34 6f  0d e2 cb e5  e1 55 1b 1a  06 b8 8f 75
Mar  9 11:13:15 localhost pluto[4314]: |   a0 a3 8b 2b  98 f9 15 44  47 5a 98 c5  7c 04 93 47
Mar  9 11:13:15 localhost pluto[4314]: |   bf 8d 4c 12  67 6c c0 1b  0f f9 b7 74  83 53 c0 15
Mar  9 11:13:15 localhost pluto[4314]: |   e2 2c 69 60  50 56 24 52  db e0 18 7e  ec cf 3c 21
Mar  9 11:13:15 localhost pluto[4314]: |   74 19 6e 82  91 69 6a ac  5b 89 d3 76  8f c2 0f 75
Mar  9 11:13:15 localhost pluto[4314]: |   72 2b 05 67  9d fd 2b a1  40 d9 c9 87  56 7d 9f 2a
Mar  9 11:13:15 localhost pluto[4314]: | ***emit ISAKMP Key Exchange Payload:
Mar  9 11:13:15 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_NONCE
Mar  9 11:13:15 localhost pluto[4314]: | emitting 192 raw bytes of keyex value into ISAKMP Key Exchange Payload
Mar  9 11:13:15 localhost pluto[4314]: | keyex value  74 30 b0 59  ad 1a 76 2a  94 68 c3 51  cb bb e0 e9
Mar  9 11:13:15 localhost pluto[4314]: |   a8 be 96 6d  e0 6f e2 16  9b 34 fc 0e  97 aa 41 4a
Mar  9 11:13:15 localhost pluto[4314]: |   47 ee 1c b3  53 b3 39 23  ae f8 cd b9  71 fb 9e b9
Mar  9 11:13:15 localhost pluto[4314]: |   a8 be e2 61  9c 88 36 73  f1 f6 e3 dd  22 a1 d7 13
Mar  9 11:13:15 localhost pluto[4314]: |   4b a9 2f ae  1b 5a 32 47  1b 6d 21 9c  3c 8b 44 c3
Mar  9 11:13:15 localhost pluto[4314]: |   12 62 5a 07  05 19 ea bd  e0 b6 7e 87  f5 c3 cb 83
Mar  9 11:13:15 localhost pluto[4314]: |   01 23 34 6f  0d e2 cb e5  e1 55 1b 1a  06 b8 8f 75
Mar  9 11:13:15 localhost pluto[4314]: |   a0 a3 8b 2b  98 f9 15 44  47 5a 98 c5  7c 04 93 47
Mar  9 11:13:15 localhost pluto[4314]: |   bf 8d 4c 12  67 6c c0 1b  0f f9 b7 74  83 53 c0 15
Mar  9 11:13:15 localhost pluto[4314]: |   e2 2c 69 60  50 56 24 52  db e0 18 7e  ec cf 3c 21
Mar  9 11:13:15 localhost pluto[4314]: |   74 19 6e 82  91 69 6a ac  5b 89 d3 76  8f c2 0f 75
Mar  9 11:13:15 localhost pluto[4314]: |   72 2b 05 67  9d fd 2b a1  40 d9 c9 87  56 7d 9f 2a
Mar  9 11:13:15 localhost pluto[4314]: | emitting length of ISAKMP Key Exchange Payload: 196
Mar  9 11:13:15 localhost pluto[4314]: | ***emit ISAKMP Nonce Payload:
Mar  9 11:13:15 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_NONE
Mar  9 11:13:15 localhost pluto[4314]: | emitting 16 raw bytes of Nr into ISAKMP Nonce Payload
Mar  9 11:13:15 localhost pluto[4314]: | Nr  da ad 44 1b  1e f2 7a 36  7d cd a2 d6  05 0c 59 c5
Mar  9 11:13:15 localhost pluto[4314]: | emitting length of ISAKMP Nonce Payload: 20
Mar  9 11:13:15 localhost pluto[4314]: | emitting length of ISAKMP Message: 244
Mar  9 11:13:15 localhost pluto[4314]: | compute_dh_shared(): time elapsed (OAKLEY_GROUP_MODP1536): 5929 usec
Mar  9 11:13:15 localhost pluto[4314]: | DH shared secret:
Mar  9 11:13:15 localhost pluto[4314]: |   01 2c e4 4f  c8 04 9f c0  6e 7a c6 43  8c 74 12 1f
Mar  9 11:13:15 localhost pluto[4314]: |   0d fb c2 93  eb 3a d1 15  39 e4 89 22  4e 3b 16 b8
Mar  9 11:13:15 localhost pluto[4314]: |   ef 21 6b b5  cb 31 7d 60  f3 06 e3 d0  31 84 17 e2
Mar  9 11:13:15 localhost pluto[4314]: |   e9 d6 ff 37  cc d8 d1 b9  5c 1f 38 2a  61 4a 2e 13
Mar  9 11:13:15 localhost pluto[4314]: |   78 69 20 9f  c2 0a 5f fc  cc b5 57 cc  48 f8 3b 29
Mar  9 11:13:15 localhost pluto[4314]: |   4f 8e 93 f5  3d dd b7 8e  96 e0 6b 8a  7a 81 f5 08
Mar  9 11:13:15 localhost pluto[4314]: |   90 2a ae 7a  f5 8b ea cf  bb 08 e2 91  79 e1 ca cf
Mar  9 11:13:15 localhost pluto[4314]: |   fd d0 96 bb  04 ae 75 1c  96 69 5f bc  fa e3 94 53
Mar  9 11:13:15 localhost pluto[4314]: |   df 26 1f 20  9d 26 2a cb  11 3d 64 76  99 47 02 b6
Mar  9 11:13:15 localhost pluto[4314]: |   ef 8d 2e 44  78 89 c2 51  17 b5 ee 54  b0 82 58 dd
Mar  9 11:13:15 localhost pluto[4314]: |   83 f5 57 74  71 1a 2c d8  a0 fd 88 a1  ec ce d1 bc
Mar  9 11:13:15 localhost pluto[4314]: |   32 4c e4 44  7e d9 6e 7e  dc e7 81 3a  ed c4 05 23
Mar  9 11:13:15 localhost pluto[4314]: | DH_i:  18 b5 c2 b5  94 68 c1 56  c8 b9 bb 5c  ad 4d ba 29
Mar  9 11:13:15 localhost pluto[4314]: |   ad 32 5e d4  c7 0a d8 e1  e6 fc 7f b8  17 27 b9 a5
Mar  9 11:13:15 localhost pluto[4314]: |   81 4a 41 5f  af e9 9e 35  42 6b cc 39  77 b4 51 17
Mar  9 11:13:15 localhost pluto[4314]: |   2b 49 7d 23  00 9c 62 ac  5c fb af a5  da 9a 19 77
Mar  9 11:13:15 localhost pluto[4314]: |   b2 f5 0e f0  b9 9a 75 cc  e9 e6 76 6a  85 e4 b0 3b
Mar  9 11:13:15 localhost pluto[4314]: |   cb 69 c8 7d  79 77 2d b7  b5 eb 43 6b  23 77 a2 6f
Mar  9 11:13:15 localhost pluto[4314]: |   90 10 e9 10  9e 4a d2 bb  16 03 e5 b4  26 12 1b 14
Mar  9 11:13:15 localhost pluto[4314]: |   99 b3 75 1e  6e 8f 27 61  fd 7e b3 40  f8 e7 dd 3e
Mar  9 11:13:15 localhost pluto[4314]: |   c5 c6 9e d3  5b eb 93 bc  ec 0e 86 99  82 d3 b7 ac
Mar  9 11:13:15 localhost pluto[4314]: |   ca 5e f6 02  99 18 21 bd  f9 e0 f7 d2  9c 0b 87 4f
Mar  9 11:13:15 localhost pluto[4314]: |   ec 04 c7 40  40 ca ac 3a  f1 cb 04 bb  4e 3d 0d 22
Mar  9 11:13:15 localhost pluto[4314]: |   10 dc a5 48  9e ba f1 82  1f 06 28 de  b2 2e 6e 48
Mar  9 11:13:15 localhost pluto[4314]: | DH_r:  74 30 b0 59  ad 1a 76 2a  94 68 c3 51  cb bb e0 e9
Mar  9 11:13:15 localhost pluto[4314]: |   a8 be 96 6d  e0 6f e2 16  9b 34 fc 0e  97 aa 41 4a
Mar  9 11:13:15 localhost pluto[4314]: |   47 ee 1c b3  53 b3 39 23  ae f8 cd b9  71 fb 9e b9
Mar  9 11:13:15 localhost pluto[4314]: |   a8 be e2 61  9c 88 36 73  f1 f6 e3 dd  22 a1 d7 13
Mar  9 11:13:15 localhost pluto[4314]: |   4b a9 2f ae  1b 5a 32 47  1b 6d 21 9c  3c 8b 44 c3
Mar  9 11:13:15 localhost pluto[4314]: |   12 62 5a 07  05 19 ea bd  e0 b6 7e 87  f5 c3 cb 83
Mar  9 11:13:15 localhost pluto[4314]: |   01 23 34 6f  0d e2 cb e5  e1 55 1b 1a  06 b8 8f 75
Mar  9 11:13:15 localhost pluto[4314]: |   a0 a3 8b 2b  98 f9 15 44  47 5a 98 c5  7c 04 93 47
Mar  9 11:13:15 localhost pluto[4314]: |   bf 8d 4c 12  67 6c c0 1b  0f f9 b7 74  83 53 c0 15
Mar  9 11:13:15 localhost pluto[4314]: |   e2 2c 69 60  50 56 24 52  db e0 18 7e  ec cf 3c 21
Mar  9 11:13:15 localhost pluto[4314]: |   74 19 6e 82  91 69 6a ac  5b 89 d3 76  8f c2 0f 75
Mar  9 11:13:15 localhost pluto[4314]: |   72 2b 05 67  9d fd 2b a1  40 d9 c9 87  56 7d 9f 2a
Mar  9 11:13:15 localhost pluto[4314]: | Skeyid:    93 7e 73 9a  ac ec 01 06  3a ad 84 c0  3a 60 84 3b
Mar  9 11:13:15 localhost pluto[4314]: | Skeyid_d:  98 51 36 04  00 e5 27 10  2e 6d 3a 49  6c 0a 8f 62
Mar  9 11:13:15 localhost pluto[4314]: | Skeyid_a:  9d cf d6 33  ae 89 5f aa  b6 e4 d3 24  45 e4 c6 ca
Mar  9 11:13:15 localhost pluto[4314]: | Skeyid_e:  cc 63 db 3f  f6 1f 22 46  31 b2 d0 3c  73 34 bc 7d
Mar  9 11:13:15 localhost pluto[4314]: | enc key:  df b2 c2 95  c4 12 73 fb  b0 f7 7f 2c  00 82 1a 8a
Mar  9 11:13:15 localhost pluto[4314]: |   9c 17 27 6e  86 f4 f2 68
Mar  9 11:13:15 localhost pluto[4314]: | IV:  a9 bd 28 57  88 e5 5e 5f  19 6a 87 bf  2d cd b0 4d
Mar  9 11:13:15 localhost pluto[4314]: "road"[1] 10.6.3.132 #1: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Mar  9 11:13:15 localhost pluto[4314]: | sending 244 bytes for STATE_MAIN_R1 through eth0 to 10.6.3.132:500:
Mar  9 11:13:15 localhost pluto[4314]: |   70 dc 4e a5  c0 44 b1 4c  1c 1d 70 9c  52 0c 37 8c
Mar  9 11:13:15 localhost pluto[4314]: |   04 10 02 00  00 00 00 00  00 00 00 f4  0a 00 00 c4
Mar  9 11:13:15 localhost pluto[4314]: |   74 30 b0 59  ad 1a 76 2a  94 68 c3 51  cb bb e0 e9
Mar  9 11:13:15 localhost pluto[4314]: |   a8 be 96 6d  e0 6f e2 16  9b 34 fc 0e  97 aa 41 4a
Mar  9 11:13:15 localhost pluto[4314]: |   47 ee 1c b3  53 b3 39 23  ae f8 cd b9  71 fb 9e b9
Mar  9 11:13:15 localhost pluto[4314]: |   a8 be e2 61  9c 88 36 73  f1 f6 e3 dd  22 a1 d7 13
Mar  9 11:13:15 localhost pluto[4314]: |   4b a9 2f ae  1b 5a 32 47  1b 6d 21 9c  3c 8b 44 c3
Mar  9 11:13:15 localhost pluto[4314]: |   12 62 5a 07  05 19 ea bd  e0 b6 7e 87  f5 c3 cb 83
Mar  9 11:13:15 localhost pluto[4314]: |   01 23 34 6f  0d e2 cb e5  e1 55 1b 1a  06 b8 8f 75
Mar  9 11:13:15 localhost pluto[4314]: |   a0 a3 8b 2b  98 f9 15 44  47 5a 98 c5  7c 04 93 47
Mar  9 11:13:15 localhost pluto[4314]: |   bf 8d 4c 12  67 6c c0 1b  0f f9 b7 74  83 53 c0 15
Mar  9 11:13:15 localhost pluto[4314]: |   e2 2c 69 60  50 56 24 52  db e0 18 7e  ec cf 3c 21
Mar  9 11:13:15 localhost pluto[4314]: |   74 19 6e 82  91 69 6a ac  5b 89 d3 76  8f c2 0f 75
Mar  9 11:13:15 localhost pluto[4314]: |   72 2b 05 67  9d fd 2b a1  40 d9 c9 87  56 7d 9f 2a
Mar  9 11:13:15 localhost pluto[4314]: |   00 00 00 14  da ad 44 1b  1e f2 7a 36  7d cd a2 d6
Mar  9 11:13:15 localhost pluto[4314]: |   05 0c 59 c5
Mar  9 11:13:15 localhost pluto[4314]: | inserting event EVENT_RETRANSMIT, timeout in 10 seconds for #1
Mar  9 11:13:15 localhost pluto[4314]: | next event EVENT_RETRANSMIT in 10 seconds for #1
Mar  9 11:13:15 localhost pluto[4314]: |  
Mar  9 11:13:15 localhost pluto[4314]: | *received 324 bytes from 10.6.3.132:500 on eth0
Mar  9 11:13:15 localhost pluto[4314]: |   70 dc 4e a5  c0 44 b1 4c  1c 1d 70 9c  52 0c 37 8c
Mar  9 11:13:15 localhost pluto[4314]: |   05 10 02 01  00 00 00 00  00 00 01 44  4f e1 69 6e
Mar  9 11:13:15 localhost pluto[4314]: |   4a 8a 5f a7  07 56 1c 90  72 e1 6d 5c  c5 6c 37 8f
Mar  9 11:13:15 localhost pluto[4314]: |   36 c9 bb 77  28 bb f0 2a  14 6a 83 14  a8 af e6 35
Mar  9 11:13:15 localhost pluto[4314]: |   88 67 8a 87  5d 29 70 3e  9e ce c3 4c  36 1d 5a a3
Mar  9 11:13:15 localhost pluto[4314]: |   6b fa 0e 33  fe 93 72 2c  0b 42 65 4f  ef 7b e6 37
Mar  9 11:13:15 localhost pluto[4314]: |   c5 6e 27 4b  c4 b2 b8 d3  c8 3c 64 a3  be cc 0c 13
Mar  9 11:13:15 localhost pluto[4314]: |   c3 a4 d3 20  82 2b a5 1f  e5 00 15 c9  67 19 e8 7a
Mar  9 11:13:15 localhost pluto[4314]: |   a3 12 e0 98  bc a8 14 5e  58 0f 76 88  25 c4 2b 76
Mar  9 11:13:15 localhost pluto[4314]: |   c7 e9 d7 cf  25 49 42 54  c7 b5 ae 26  f1 9a 12 dd
Mar  9 11:13:15 localhost pluto[4314]: |   f7 c8 b2 43  4e 39 07 2a  15 42 69 4f  04 7d 5d 07
Mar  9 11:13:15 localhost pluto[4314]: |   60 1e 0a 09  ee ed c7 6e  6e 4e cf e8  a4 39 e8 17
Mar  9 11:13:15 localhost pluto[4314]: |   e0 58 f4 72  44 89 61 70  b0 65 71 05  1d 79 f8 58
Mar  9 11:13:15 localhost pluto[4314]: |   72 e7 01 f2  6a 14 fd 4f  ec 6e 48 c1  47 00 55 26
Mar  9 11:13:15 localhost pluto[4314]: |   f5 c9 84 cc  2b 2e e5 ec  cb 4d cc 50  f9 3e 7a d0
Mar  9 11:13:15 localhost pluto[4314]: |   49 79 8f ef  6b 6a 28 36  8f 23 21 8f  6d b6 0f 1f
Mar  9 11:13:15 localhost pluto[4314]: |   46 39 a4 62  5e f9 31 2a  2a 2a 6f 3b  9b 7e a9 7e
Mar  9 11:13:15 localhost pluto[4314]: |   f2 f7 8b 8a  54 d4 09 d8  91 ac d0 fa  27 4c 3f a9
Mar  9 11:13:15 localhost pluto[4314]: |   d7 a0 a5 c3  dd d2 87 40  68 3d 2f 7c  15 75 55 f0
Mar  9 11:13:15 localhost pluto[4314]: |   a7 ca 69 a4  5c ca 9f ef  88 19 c2 b1  fb 57 21 98
Mar  9 11:13:15 localhost pluto[4314]: |   f7 95 e8 64
Mar  9 11:13:15 localhost pluto[4314]: | **parse ISAKMP Message:
Mar  9 11:13:15 localhost pluto[4314]: |    initiator cookie:
Mar  9 11:13:15 localhost pluto[4314]: |   70 dc 4e a5  c0 44 b1 4c
Mar  9 11:13:15 localhost pluto[4314]: |    responder cookie:
Mar  9 11:13:15 localhost pluto[4314]: |   1c 1d 70 9c  52 0c 37 8c
Mar  9 11:13:15 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_ID
Mar  9 11:13:15 localhost pluto[4314]: |    ISAKMP version: ISAKMP Version 1.0
Mar  9 11:13:15 localhost pluto[4314]: |    exchange type: ISAKMP_XCHG_IDPROT
Mar  9 11:13:15 localhost pluto[4314]: |    flags: ISAKMP_FLAG_ENCRYPTION
Mar  9 11:13:15 localhost pluto[4314]: |    message ID:  00 00 00 00
Mar  9 11:13:15 localhost pluto[4314]: |    length: 324
Mar  9 11:13:15 localhost pluto[4314]: | ICOOKIE:  70 dc 4e a5  c0 44 b1 4c
Mar  9 11:13:15 localhost pluto[4314]: | RCOOKIE:  1c 1d 70 9c  52 0c 37 8c
Mar  9 11:13:15 localhost pluto[4314]: | peer:  0a 06 03 84
Mar  9 11:13:15 localhost pluto[4314]: | state hash entry 25
Mar  9 11:13:15 localhost pluto[4314]: | peer and cookies match on #1, provided msgid 00000000 vs 00000000
Mar  9 11:13:15 localhost pluto[4314]: | state object #1 found, in STATE_MAIN_R2
Mar  9 11:13:15 localhost pluto[4314]: | received encrypted packet from 10.6.3.132:500
Mar  9 11:13:15 localhost pluto[4314]: | decrypting 296 bytes using algorithm OAKLEY_3DES_CBC
Mar  9 11:13:15 localhost pluto[4314]: | decrypted:
Mar  9 11:13:15 localhost pluto[4314]: |   09 00 00 1d  02 00 00 00  6d 75 6c 74  69 62 65 6c
Mar  9 11:13:15 localhost pluto[4314]: |   31 2e 6d 75  6c 74 69 62  65 6c 2e 69  74 00 00 01
Mar  9 11:13:15 localhost pluto[4314]: |   04 6d 1b d2  33 44 a9 50  f3 48 b1 bf  e8 4f 54 16
Mar  9 11:13:15 localhost pluto[4314]: |   bc c5 61 c1  c5 ba 0f 04  a6 78 08 38  1d 56 90 a5
Mar  9 11:13:15 localhost pluto[4314]: |   0b 54 2a fd  b5 0b f7 a6  f9 c7 b3 93  f2 88 4e b2
Mar  9 11:13:15 localhost pluto[4314]: |   70 9c 6a d4  0d bb 8a e5  cf 98 42 de  74 4d 64 48
Mar  9 11:13:15 localhost pluto[4314]: |   15 ae ce fa  80 f0 89 c7  37 9a b1 24  68 29 71 87
Mar  9 11:13:15 localhost pluto[4314]: |   2d 1e a0 0c  be d5 8a 45  0a 06 95 ee  37 b1 18 14
Mar  9 11:13:15 localhost pluto[4314]: |   7d 3c 1a 10  bb a3 4c 42  c7 67 3e e9  9d bc 6e 89
Mar  9 11:13:15 localhost pluto[4314]: |   84 83 00 d2  8e fe 82 24  d1 72 76 a5  50 34 85 66
Mar  9 11:13:15 localhost pluto[4314]: |   14 bb 01 7c  08 72 f4 4e  b1 80 e1 ac  6a 4a 86 c5
Mar  9 11:13:15 localhost pluto[4314]: |   c6 98 68 4d  b7 c7 ad d4  37 70 8f 08  05 88 3f ef
Mar  9 11:13:15 localhost pluto[4314]: |   bf 8e 8b d6  d1 e8 2c 09  72 c9 05 33  c1 e3 7a 22
Mar  9 11:13:15 localhost pluto[4314]: |   69 49 aa 83  fc 6d 92 29  27 36 f1 fd  bc b3 e2 1b
Mar  9 11:13:15 localhost pluto[4314]: |   93 a6 fb 08  35 2b 1e 62  41 41 37 77  e2 08 a7 8e
Mar  9 11:13:15 localhost pluto[4314]: |   ec e0 78 40  9e 9b 5f 4b  e0 3a c6 78  84 4b d8 ee
Mar  9 11:13:15 localhost pluto[4314]: |   4c bc 6d a4  ab b7 91 0e  9d 21 d0 00  58 40 c1 66
Mar  9 11:13:15 localhost pluto[4314]: |   fe 3c 9b ff  b3 c8 35 c0  36 e9 d4 08  ab 62 a2 c3
Mar  9 11:13:15 localhost pluto[4314]: |   e7 00 00 00  00 00 00 00
Mar  9 11:13:15 localhost pluto[4314]: | next IV:  fb 57 21 98  f7 95 e8 64
Mar  9 11:13:15 localhost pluto[4314]: | ***parse ISAKMP Identification Payload:
Mar  9 11:13:15 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_SIG
Mar  9 11:13:15 localhost pluto[4314]: |    length: 29
Mar  9 11:13:15 localhost pluto[4314]: |    ID type: ID_FQDN
Mar  9 11:13:15 localhost pluto[4314]: |    DOI specific A: 0
Mar  9 11:13:15 localhost pluto[4314]: |    DOI specific B: 0
Mar  9 11:13:15 localhost pluto[4314]: | ***parse ISAKMP Signature Payload:
Mar  9 11:13:15 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_NONE
Mar  9 11:13:15 localhost pluto[4314]: |    length: 260
Mar  9 11:13:15 localhost pluto[4314]: | removing 7 bytes of padding
Mar  9 11:13:15 localhost pluto[4314]: "road"[1] 10.6.3.132 #1: Peer ID is ID_FQDN: '@multibel1.multibel.it'
Mar  9 11:13:15 localhost pluto[4314]: | refine_connection: starting with road
Mar  9 11:13:15 localhost pluto[4314]: |   trusted_ca called with a=(empty) b=(empty)
Mar  9 11:13:15 localhost pluto[4314]: | refine_connection: happy with starting point: road
Mar  9 11:13:15 localhost pluto[4314]: | offered CA: '%none'
Mar  9 11:13:15 localhost pluto[4314]: | hashing 144 bytes of SA
Mar  9 11:13:15 localhost pluto[4314]: | required CA is '%any'
Mar  9 11:13:15 localhost pluto[4314]: |   trusted_ca called with a=(empty) b=(empty)
Mar  9 11:13:15 localhost pluto[4314]: | key issuer CA is '%any'
Mar  9 11:13:15 localhost pluto[4314]: | an RSA Sig check passed with *AQO9mjElL [preloaded key]
Mar  9 11:13:15 localhost pluto[4314]: | authentication succeeded
Mar  9 11:13:15 localhost pluto[4314]: | thinking about whether to send my certificate:
Mar  9 11:13:15 localhost pluto[4314]: |   I have RSA key: OAKLEY_RSA_SIG cert.type: CERT_NONE 
Mar  9 11:13:15 localhost pluto[4314]: |   sendcert: CERT_ALWAYSSEND and I did not get a certificate request 
Mar  9 11:13:15 localhost pluto[4314]: |   so do not send cert.
Mar  9 11:13:15 localhost pluto[4314]: "road"[1] 10.6.3.132 #1: I did not send a certificate because I do not have one.
Mar  9 11:13:15 localhost pluto[4314]: | **emit ISAKMP Message:
Mar  9 11:13:15 localhost pluto[4314]: |    initiator cookie:
Mar  9 11:13:15 localhost pluto[4314]: |   70 dc 4e a5  c0 44 b1 4c
Mar  9 11:13:15 localhost pluto[4314]: |    responder cookie:
Mar  9 11:13:15 localhost pluto[4314]: |   1c 1d 70 9c  52 0c 37 8c
Mar  9 11:13:15 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_ID
Mar  9 11:13:15 localhost pluto[4314]: |    ISAKMP version: ISAKMP Version 1.0
Mar  9 11:13:15 localhost pluto[4314]: |    exchange type: ISAKMP_XCHG_IDPROT
Mar  9 11:13:15 localhost pluto[4314]: |    flags: ISAKMP_FLAG_ENCRYPTION
Mar  9 11:13:15 localhost pluto[4314]: |    message ID:  00 00 00 00
Mar  9 11:13:15 localhost pluto[4314]: | ***emit ISAKMP Identification Payload (IPsec DOI):
Mar  9 11:13:15 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_SIG
Mar  9 11:13:15 localhost pluto[4314]: |    ID type: ID_FQDN
Mar  9 11:13:15 localhost pluto[4314]: |    Protocol ID: 0
Mar  9 11:13:15 localhost pluto[4314]: |    port: 0
Mar  9 11:13:15 localhost pluto[4314]: | emitting 22 raw bytes of my identity into ISAKMP Identification Payload (IPsec DOI)
Mar  9 11:13:15 localhost pluto[4314]: | my identity  6d 75 6c 74  69 6c 69 6e  75 73 2e 6d  75 6c 74 69
Mar  9 11:13:15 localhost pluto[4314]: |   62 65 6c 2e  69 74
Mar  9 11:13:15 localhost pluto[4314]: | emitting length of ISAKMP Identification Payload (IPsec DOI): 30
Mar  9 11:13:15 localhost pluto[4314]: | hashing 144 bytes of SA
Mar  9 11:13:15 localhost pluto[4314]: | looking for secret for @multilinus.multibel.it->@multibel1.multibel.it of kind PPK_RSA
Mar  9 11:13:15 localhost pluto[4314]: | signing hash with RSA Key *AQN74Z87R
Mar  9 11:13:15 localhost pluto[4314]: | ***emit ISAKMP Signature Payload:
Mar  9 11:13:15 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_NONE
Mar  9 11:13:15 localhost pluto[4314]: | emitting 256 raw bytes of SIG_R into ISAKMP Signature Payload
Mar  9 11:13:15 localhost pluto[4314]: | SIG_R  33 a3 36 ba  b9 63 d7 8f  65 59 9c 0c  45 f6 f5 a9
Mar  9 11:13:15 localhost pluto[4314]: |   c2 e7 1a 90  44 fe 98 20  c2 c9 06 24  a3 f2 6e 27
Mar  9 11:13:15 localhost pluto[4314]: |   3b c3 5d 09  0c ff 8f 14  07 b9 1b d5  c2 f1 cb d2
Mar  9 11:13:15 localhost pluto[4314]: |   0d 85 dd a7  63 e6 65 8e  93 4d ed b5  0e 5b 63 5e
Mar  9 11:13:15 localhost pluto[4314]: |   93 98 b9 e5  cb bf 7a 78  20 c2 6d 3c  03 b3 66 87
Mar  9 11:13:15 localhost pluto[4314]: |   f3 cd b9 54  ca a7 ff 6b  4d b6 c0 4c  1d 54 c8 b0
Mar  9 11:13:15 localhost pluto[4314]: |   b7 9e ee 08  54 ff 78 e8  57 2f 0b 8b  62 6d f9 a5
Mar  9 11:13:15 localhost pluto[4314]: |   76 c9 b1 fa  0f 02 05 9c  d5 08 00 72  ad 45 2c ba
Mar  9 11:13:15 localhost pluto[4314]: |   39 82 ee 91  02 5a 46 c8  f8 c6 08 db  ac 00 bc e9
Mar  9 11:13:15 localhost pluto[4314]: |   ea b8 1e 7f  cc 2b 67 7c  fe a3 cb a8  51 1b 36 ae
Mar  9 11:13:15 localhost pluto[4314]: |   1d cb ab fa  58 06 4b 19  6f b7 c5 87  00 c6 e5 ff
Mar  9 11:13:15 localhost pluto[4314]: |   03 dd bd cf  ad e1 77 2a  e2 82 31 5e  73 4d 5f 3c
Mar  9 11:13:15 localhost pluto[4314]: |   e4 43 4b 5a  b9 e7 24 fd  c7 39 35 f3  15 17 a3 46
Mar  9 11:13:15 localhost pluto[4314]: |   0e 97 a2 74  61 7e 1d f3  21 51 91 df  d6 6f 1c c8
Mar  9 11:13:15 localhost pluto[4314]: |   f0 b1 ec d4  b1 7f b4 ec  cb 20 3c 89  5c d4 d3 71
Mar  9 11:13:15 localhost pluto[4314]: |   dc b0 72 ad  ef 3a 35 4b  a0 c7 8b c8  b4 18 1d bc
Mar  9 11:13:15 localhost pluto[4314]: | emitting length of ISAKMP Signature Payload: 260
Mar  9 11:13:15 localhost pluto[4314]: | encrypting:
Mar  9 11:13:15 localhost pluto[4314]: |   09 00 00 1e  02 00 00 00  6d 75 6c 74  69 6c 69 6e
Mar  9 11:13:15 localhost pluto[4314]: |   75 73 2e 6d  75 6c 74 69  62 65 6c 2e  69 74 00 00
Mar  9 11:13:15 localhost pluto[4314]: |   01 04 33 a3  36 ba b9 63  d7 8f 65 59  9c 0c 45 f6
Mar  9 11:13:15 localhost pluto[4314]: |   f5 a9 c2 e7  1a 90 44 fe  98 20 c2 c9  06 24 a3 f2
Mar  9 11:13:15 localhost pluto[4314]: |   6e 27 3b c3  5d 09 0c ff  8f 14 07 b9  1b d5 c2 f1
Mar  9 11:13:15 localhost pluto[4314]: |   cb d2 0d 85  dd a7 63 e6  65 8e 93 4d  ed b5 0e 5b
Mar  9 11:13:15 localhost pluto[4314]: |   63 5e 93 98  b9 e5 cb bf  7a 78 20 c2  6d 3c 03 b3
Mar  9 11:13:15 localhost pluto[4314]: |   66 87 f3 cd  b9 54 ca a7  ff 6b 4d b6  c0 4c 1d 54
Mar  9 11:13:15 localhost pluto[4314]: |   c8 b0 b7 9e  ee 08 54 ff  78 e8 57 2f  0b 8b 62 6d
Mar  9 11:13:15 localhost pluto[4314]: |   f9 a5 76 c9  b1 fa 0f 02  05 9c d5 08  00 72 ad 45
Mar  9 11:13:15 localhost pluto[4314]: |   2c ba 39 82  ee 91 02 5a  46 c8 f8 c6  08 db ac 00
Mar  9 11:13:15 localhost pluto[4314]: |   bc e9 ea b8  1e 7f cc 2b  67 7c fe a3  cb a8 51 1b
Mar  9 11:13:15 localhost pluto[4314]: |   36 ae 1d cb  ab fa 58 06  4b 19 6f b7  c5 87 00 c6
Mar  9 11:13:15 localhost pluto[4314]: |   e5 ff 03 dd  bd cf ad e1  77 2a e2 82  31 5e 73 4d
Mar  9 11:13:15 localhost pluto[4314]: |   5f 3c e4 43  4b 5a b9 e7  24 fd c7 39  35 f3 15 17
Mar  9 11:13:15 localhost pluto[4314]: |   a3 46 0e 97  a2 74 61 7e  1d f3 21 51  91 df d6 6f
Mar  9 11:13:15 localhost pluto[4314]: |   1c c8 f0 b1  ec d4 b1 7f  b4 ec cb 20  3c 89 5c d4
Mar  9 11:13:15 localhost pluto[4314]: |   d3 71 dc b0  72 ad ef 3a  35 4b a0 c7  8b c8 b4 18
Mar  9 11:13:15 localhost pluto[4314]: |   1d bc
Mar  9 11:13:15 localhost pluto[4314]: | emitting 6 zero bytes of encryption padding into ISAKMP Message
Mar  9 11:13:15 localhost pluto[4314]: | encrypting using OAKLEY_3DES_CBC
Mar  9 11:13:15 localhost pluto[4314]: | next IV:  63 bf f3 e4  3a 47 b5 b7
Mar  9 11:13:15 localhost pluto[4314]: | emitting length of ISAKMP Message: 324
Mar  9 11:13:15 localhost pluto[4314]: | last encrypted block of Phase 1:
Mar  9 11:13:15 localhost pluto[4314]: |   63 bf f3 e4  3a 47 b5 b7
Mar  9 11:13:15 localhost pluto[4314]: "road"[1] 10.6.3.132 #1: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Mar  9 11:13:15 localhost pluto[4314]: | sending 324 bytes for STATE_MAIN_R2 through eth0 to 10.6.3.132:500:
Mar  9 11:13:15 localhost pluto[4314]: |   70 dc 4e a5  c0 44 b1 4c  1c 1d 70 9c  52 0c 37 8c
Mar  9 11:13:15 localhost pluto[4314]: |   05 10 02 01  00 00 00 00  00 00 01 44  8a a3 af 51
Mar  9 11:13:15 localhost pluto[4314]: |   23 fa 23 ed  b1 7d f3 c1  2a d6 da 52  14 19 2a 1b
Mar  9 11:13:15 localhost pluto[4314]: |   ed 6a eb d8  09 b9 1f d2  4d af 6b bf  df 99 45 1e
Mar  9 11:13:15 localhost pluto[4314]: |   19 6f 49 63  da 62 5e 59  00 da 1f c6  5b 2c ff ce
Mar  9 11:13:15 localhost pluto[4314]: |   1e 5f 4e 1b  6f 47 40 f2  ad 65 f7 b1  79 53 58 e9
Mar  9 11:13:15 localhost pluto[4314]: |   f5 61 4e e3  64 3d d2 e7  c3 1a 9c f8  8c 51 e3 ab
Mar  9 11:13:15 localhost pluto[4314]: |   bb 33 c0 96  89 e8 f6 86  01 a6 05 e2  2a 04 99 8a
Mar  9 11:13:15 localhost pluto[4314]: |   e8 80 b9 21  a9 2d 60 58  d2 22 5d d0  c2 5d 04 f2
Mar  9 11:13:15 localhost pluto[4314]: |   92 0d 6a 01  ae b6 68 27  dc 0e ed 3a  aa 7b 97 58
Mar  9 11:13:15 localhost pluto[4314]: |   0b 93 f8 30  d1 52 b6 44  f3 58 03 67  47 c4 54 78
Mar  9 11:13:15 localhost pluto[4314]: |   22 81 7e 0f  5d e3 86 13  62 87 b6 a7  cf b6 fc 64
Mar  9 11:13:15 localhost pluto[4314]: |   a1 94 bd 11  4a cd d0 4e  11 60 59 0f  d2 51 8d 08
Mar  9 11:13:15 localhost pluto[4314]: |   e2 5c 1e a3  7e 5c a0 90  a6 15 b7 2a  ff 25 e7 e0
Mar  9 11:13:15 localhost pluto[4314]: |   78 f8 99 ea  f1 1c 0f 26  f7 c1 b1 fd  58 1e e9 23
Mar  9 11:13:15 localhost pluto[4314]: |   fb 6c fd dd  ff 92 60 d4  0b 6b 36 20  40 f2 ec af
Mar  9 11:13:15 localhost pluto[4314]: |   35 28 53 25  b2 e7 8c 1c  0a 3f ad db  44 6b c4 55
Mar  9 11:13:15 localhost pluto[4314]: |   d7 d7 97 9d  b2 a5 72 77  e6 46 7f e5  c1 06 c0 ea
Mar  9 11:13:15 localhost pluto[4314]: |   22 90 fb bb  94 08 60 20  35 a1 76 fd  b7 72 3a 6f
Mar  9 11:13:15 localhost pluto[4314]: |   df b4 a7 8b  0e d3 b8 36  ab 79 b0 ae  63 bf f3 e4
Mar  9 11:13:15 localhost pluto[4314]: |   3a 47 b5 b7
Mar  9 11:13:15 localhost pluto[4314]: | inserting event EVENT_SA_REPLACE, timeout in 3330 seconds for #1
Mar  9 11:13:15 localhost pluto[4314]: "road"[1] 10.6.3.132 #1: sent MR3, ISAKMP SA established
Mar  9 11:13:15 localhost pluto[4314]: | next event EVENT_SA_REPLACE in 3330 seconds for #1
Mar  9 11:13:15 localhost pluto[4314]: |  
Mar  9 11:13:15 localhost pluto[4314]: | *received 380 bytes from 10.6.3.132:500 on eth0
Mar  9 11:13:15 localhost pluto[4314]: |   70 dc 4e a5  c0 44 b1 4c  1c 1d 70 9c  52 0c 37 8c
Mar  9 11:13:15 localhost pluto[4314]: |   08 10 20 01  ae 62 6a 91  00 00 01 7c  65 a9 84 33
Mar  9 11:13:15 localhost pluto[4314]: |   e7 38 76 bb  28 ca ad 4c  db fc dc 74  d0 ff a1 17
Mar  9 11:13:15 localhost pluto[4314]: |   e4 f0 02 25  7b da 49 87  b3 92 51 0d  91 ce 73 44
Mar  9 11:13:15 localhost pluto[4314]: |   0a 8c dc ba  d1 70 05 0b  a7 e2 5f e3  97 e6 ca 77
Mar  9 11:13:15 localhost pluto[4314]: |   34 82 35 18  86 9c 79 7f  cb c8 6c e1  8a 24 08 69
Mar  9 11:13:15 localhost pluto[4314]: |   9c 90 b5 50  b2 15 e5 17  c9 25 89 78  a4 eb f9 57
Mar  9 11:13:15 localhost pluto[4314]: |   4a c7 21 15  fe 9a 37 7c  50 c4 35 af  d4 fd 92 aa
Mar  9 11:13:15 localhost pluto[4314]: |   9c fb 66 cd  ff e7 16 93  1a 0f 22 78  f0 6d be 20
Mar  9 11:13:15 localhost pluto[4314]: |   87 c6 5a c9  f4 62 2d 64  01 78 c2 7d  ce 9d c9 60
Mar  9 11:13:15 localhost pluto[4314]: |   1b 5b 1f 5b  ac 9c b2 a3  26 ae 47 de  93 aa a3 6b
Mar  9 11:13:15 localhost pluto[4314]: |   ed 55 9b 9a  01 c3 f5 5e  1f cf 4d 7d  0d b8 cf da
Mar  9 11:13:15 localhost pluto[4314]: |   49 ee 99 61  23 84 d0 0c  38 9d 31 9c  12 1f ce 6f
Mar  9 11:13:15 localhost pluto[4314]: |   eb 7a 8e 1b  70 77 f7 72  08 e9 e0 82  63 fe 55 3c
Mar  9 11:13:15 localhost pluto[4314]: |   8b 73 0f 3b  b0 f3 d7 1c  3e 30 b8 b9  c9 21 ba a9
Mar  9 11:13:15 localhost pluto[4314]: |   61 15 5c c5  30 2e 37 69  79 20 a7 6b  ee 6e 0b fb
Mar  9 11:13:15 localhost pluto[4314]: |   50 b1 4d 9c  31 5c 61 f3  82 c7 12 99  07 fe 1c 4b
Mar  9 11:13:15 localhost pluto[4314]: |   eb 7a 0e 1e  9d a7 8d 65  5f 7b e7 63  3f 16 0b 3e
Mar  9 11:13:15 localhost pluto[4314]: |   18 b2 e8 eb  d4 cd ed fb  b1 46 53 27  5b 64 97 23
Mar  9 11:13:15 localhost pluto[4314]: |   9d ed 8f 91  fd 90 aa b4  9d 9c 0f 26  38 23 82 9f
Mar  9 11:13:15 localhost pluto[4314]: |   f6 74 28 58  77 86 98 73  70 88 bc 49  8b f0 84 1a
Mar  9 11:13:15 localhost pluto[4314]: |   7d 86 8e 96  5d 3e 2f 3f  9b e9 54 7f  10 59 e1 22
Mar  9 11:13:15 localhost pluto[4314]: |   a1 6b 6d 84  50 d0 02 31  26 e4 82 92  17 92 43 87
Mar  9 11:13:15 localhost pluto[4314]: |   f1 86 a4 b9  e5 25 28 89  13 32 d4 03
Mar  9 11:13:15 localhost pluto[4314]: | **parse ISAKMP Message:
Mar  9 11:13:15 localhost pluto[4314]: |    initiator cookie:
Mar  9 11:13:15 localhost pluto[4314]: |   70 dc 4e a5  c0 44 b1 4c
Mar  9 11:13:15 localhost pluto[4314]: |    responder cookie:
Mar  9 11:13:15 localhost pluto[4314]: |   1c 1d 70 9c  52 0c 37 8c
Mar  9 11:13:15 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_HASH
Mar  9 11:13:15 localhost pluto[4314]: |    ISAKMP version: ISAKMP Version 1.0
Mar  9 11:13:15 localhost pluto[4314]: |    exchange type: ISAKMP_XCHG_QUICK
Mar  9 11:13:15 localhost pluto[4314]: |    flags: ISAKMP_FLAG_ENCRYPTION
Mar  9 11:13:15 localhost pluto[4314]: |    message ID:  ae 62 6a 91
Mar  9 11:13:15 localhost pluto[4314]: |    length: 380
Mar  9 11:13:16 localhost pluto[4314]: | ICOOKIE:  70 dc 4e a5  c0 44 b1 4c
Mar  9 11:13:16 localhost pluto[4314]: | RCOOKIE:  1c 1d 70 9c  52 0c 37 8c
Mar  9 11:13:16 localhost pluto[4314]: | peer:  0a 06 03 84
Mar  9 11:13:16 localhost pluto[4314]: | state hash entry 25
Mar  9 11:13:16 localhost pluto[4314]: | peer and cookies match on #1, provided msgid ae626a91 vs 00000000
Mar  9 11:13:16 localhost pluto[4314]: | state object not found
Mar  9 11:13:16 localhost pluto[4314]: | ICOOKIE:  70 dc 4e a5  c0 44 b1 4c
Mar  9 11:13:16 localhost pluto[4314]: | RCOOKIE:  1c 1d 70 9c  52 0c 37 8c
Mar  9 11:13:16 localhost pluto[4314]: | peer:  0a 06 03 84
Mar  9 11:13:16 localhost pluto[4314]: | state hash entry 25
Mar  9 11:13:16 localhost pluto[4314]: | peer and cookies match on #1, provided msgid 00000000 vs 00000000
Mar  9 11:13:16 localhost pluto[4314]: | state object #1 found, in STATE_MAIN_R3
Mar  9 11:13:16 localhost pluto[4314]: | last Phase 1 IV:  63 bf f3 e4  3a 47 b5 b7
Mar  9 11:13:16 localhost pluto[4314]: | last Phase 1 IV:  63 bf f3 e4  3a 47 b5 b7
Mar  9 11:13:16 localhost pluto[4314]: | computed Phase 2 IV:
Mar  9 11:13:16 localhost pluto[4314]: |   17 4b e7 d7  eb eb c4 87  3c 51 9c 93  e8 e9 2f f5
Mar  9 11:13:16 localhost pluto[4314]: | received encrypted packet from 10.6.3.132:500
Mar  9 11:13:16 localhost pluto[4314]: | decrypting 352 bytes using algorithm OAKLEY_3DES_CBC
Mar  9 11:13:16 localhost pluto[4314]: | decrypted:
Mar  9 11:13:16 localhost pluto[4314]: |   01 00 00 14  b6 b4 72 27  de 1b 4d 74  44 13 a1 9c
Mar  9 11:13:16 localhost pluto[4314]: |   99 5a 16 b1  0a 00 00 50  00 00 00 01  00 00 00 01
Mar  9 11:13:16 localhost pluto[4314]: |   00 00 00 44  00 03 04 02  9f cb 44 16  03 00 00 1c
Mar  9 11:13:16 localhost pluto[4314]: |   00 03 00 00  80 03 00 05  80 04 00 01  80 01 00 01
Mar  9 11:13:16 localhost pluto[4314]: |   80 02 70 80  80 05 00 01  00 00 00 1c  01 03 00 00
Mar  9 11:13:16 localhost pluto[4314]: |   80 03 00 05  80 04 00 01  80 01 00 01  80 02 70 80
Mar  9 11:13:16 localhost pluto[4314]: |   80 05 00 02  04 00 00 14  f5 09 95 c0  85 d4 38 4f
Mar  9 11:13:16 localhost pluto[4314]: |   a3 9b 35 fc  50 91 8f 75  05 00 00 c4  0a 65 89 43
Mar  9 11:13:16 localhost pluto[4314]: |   eb 76 6f 86  c6 37 4b 69  90 b6 16 49  90 ac 30 ab
Mar  9 11:13:16 localhost pluto[4314]: |   53 95 b6 b7  2e 30 98 47  f5 f0 47 e9  9b 89 3e 90
Mar  9 11:13:16 localhost pluto[4314]: |   b5 68 ab 60  e4 4b 58 c5  f2 79 c9 66  fe 50 ba 02
Mar  9 11:13:16 localhost pluto[4314]: |   1c ff 17 af  ed 7a e4 f1  2f bf 27 b4  87 ac 71 2d
Mar  9 11:13:16 localhost pluto[4314]: |   4f 74 79 33  d4 f9 61 f1  a5 03 28 c2  5b f1 12 5b
Mar  9 11:13:16 localhost pluto[4314]: |   2d 7f 69 76  18 3e 38 e3  21 e7 1e 3c  8c 13 32 38
Mar  9 11:13:16 localhost pluto[4314]: |   c8 88 ff 91  0d 98 48 96  ff ed 03 23  38 27 f4 d8
Mar  9 11:13:16 localhost pluto[4314]: |   35 69 58 75  3b f2 47 0c  85 1a b4 54  2b 57 a2 12
Mar  9 11:13:16 localhost pluto[4314]: |   e3 ca ca 9b  22 be 86 de  bb 7f a1 8f  56 64 3e 5f
Mar  9 11:13:16 localhost pluto[4314]: |   2b 2e 3f 59  af 4e fe 7e  79 cd e7 4d  5c 1f fd be
Mar  9 11:13:16 localhost pluto[4314]: |   20 7d 35 74  71 5a 24 f2  bd ce 95 d8  04 55 2f 38
Mar  9 11:13:16 localhost pluto[4314]: |   35 91 43 06  0d d6 ae f6  3a 23 6b 57  05 00 00 10
Mar  9 11:13:16 localhost pluto[4314]: |   04 00 00 00  0a 06 03 84  ff ff ff ff  00 00 00 10
Mar  9 11:13:16 localhost pluto[4314]: |   04 00 00 00  0a 06 64 00  ff ff ff 00  00 00 00 00
Mar  9 11:13:16 localhost pluto[4314]: | next IV:  e5 25 28 89  13 32 d4 03
Mar  9 11:13:16 localhost pluto[4314]: | ***parse ISAKMP Hash Payload:
Mar  9 11:13:16 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_SA
Mar  9 11:13:16 localhost pluto[4314]: |    length: 20
Mar  9 11:13:16 localhost pluto[4314]: | ***parse ISAKMP Security Association Payload:
Mar  9 11:13:16 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_NONCE
Mar  9 11:13:16 localhost pluto[4314]: |    length: 80
Mar  9 11:13:16 localhost pluto[4314]: |    DOI: ISAKMP_DOI_IPSEC
Mar  9 11:13:16 localhost pluto[4314]: | ***parse ISAKMP Nonce Payload:
Mar  9 11:13:16 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_KE
Mar  9 11:13:16 localhost pluto[4314]: |    length: 20
Mar  9 11:13:16 localhost pluto[4314]: | ***parse ISAKMP Key Exchange Payload:
Mar  9 11:13:16 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_ID
Mar  9 11:13:16 localhost pluto[4314]: |    length: 196
Mar  9 11:13:16 localhost pluto[4314]: | ***parse ISAKMP Identification Payload (IPsec DOI):
Mar  9 11:13:16 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_ID
Mar  9 11:13:16 localhost pluto[4314]: |    length: 16
Mar  9 11:13:16 localhost pluto[4314]: |    ID type: ID_IPV4_ADDR_SUBNET
Mar  9 11:13:16 localhost pluto[4314]: |    Protocol ID: 0
Mar  9 11:13:16 localhost pluto[4314]: |    port: 0
Mar  9 11:13:16 localhost pluto[4314]: | ***parse ISAKMP Identification Payload (IPsec DOI):
Mar  9 11:13:16 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_NONE
Mar  9 11:13:16 localhost pluto[4314]: |    length: 16
Mar  9 11:13:16 localhost pluto[4314]: |    ID type: ID_IPV4_ADDR_SUBNET
Mar  9 11:13:16 localhost pluto[4314]: |    Protocol ID: 0
Mar  9 11:13:16 localhost pluto[4314]: |    port: 0
Mar  9 11:13:16 localhost pluto[4314]: | removing 4 bytes of padding
Mar  9 11:13:16 localhost pluto[4314]: | HASH(1) computed:
Mar  9 11:13:16 localhost pluto[4314]: |   b6 b4 72 27  de 1b 4d 74  44 13 a1 9c  99 5a 16 b1
Mar  9 11:13:16 localhost pluto[4314]: | peer client is subnet 10.6.3.132/32
Mar  9 11:13:16 localhost pluto[4314]: | peer client protocol/port is 0/0
Mar  9 11:13:16 localhost pluto[4314]: | our client is subnet 10.6.100.0/24
Mar  9 11:13:16 localhost pluto[4314]: | our client protocol/port is 0/0
Mar  9 11:13:16 localhost pluto[4314]: | find_client_connection starting with road
Mar  9 11:13:16 localhost pluto[4314]: |   looking for 10.6.100.0/24:0/0 -> 10.6.3.132/32:0/0
Mar  9 11:13:16 localhost pluto[4314]: |   concrete checking against sr#0 10.6.100.0/24 -> 10.6.3.132/32
Mar  9 11:13:16 localhost pluto[4314]: |    match_id a=@multibel1.multibel.it b=@multibel1.multibel.it
Mar  9 11:13:16 localhost pluto[4314]: |   match_id called with a=@multibel1.multibel.it b=@multibel1.multibel.it
Mar  9 11:13:16 localhost pluto[4314]: |   trusted_ca called with a=(empty) b=(empty)
Mar  9 11:13:16 localhost pluto[4314]: |   fc_try trying road:10.6.100.0/24:0/0 -> 10.6.3.132/32:0/0 vs road:10.6.100.0/24:0/0 -> 10.6.3.132/32:0/0
Mar  9 11:13:16 localhost pluto[4314]: |   fc_try concluding with road [128]
Mar  9 11:13:16 localhost pluto[4314]: |   fc_try road gives road
Mar  9 11:13:16 localhost pluto[4314]: |   concluding with d = road
Mar  9 11:13:16 localhost pluto[4314]: | duplicating state object #1
Mar  9 11:13:16 localhost pluto[4314]: | creating state object #2 at 0x80f0948
Mar  9 11:13:16 localhost pluto[4314]: | ICOOKIE:  70 dc 4e a5  c0 44 b1 4c
Mar  9 11:13:16 localhost pluto[4314]: | RCOOKIE:  1c 1d 70 9c  52 0c 37 8c
Mar  9 11:13:16 localhost pluto[4314]: | peer:  0a 06 03 84
Mar  9 11:13:16 localhost pluto[4314]: | state hash entry 25
Mar  9 11:13:16 localhost pluto[4314]: | inserting event EVENT_SO_DISCARD, timeout in 0 seconds for #2
Mar  9 11:13:16 localhost pluto[4314]: | **emit ISAKMP Message:
Mar  9 11:13:16 localhost pluto[4314]: |    initiator cookie:
Mar  9 11:13:16 localhost pluto[4314]: |   70 dc 4e a5  c0 44 b1 4c
Mar  9 11:13:16 localhost pluto[4314]: |    responder cookie:
Mar  9 11:13:16 localhost pluto[4314]: |   1c 1d 70 9c  52 0c 37 8c
Mar  9 11:13:16 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_HASH
Mar  9 11:13:16 localhost pluto[4314]: |    ISAKMP version: ISAKMP Version 1.0
Mar  9 11:13:16 localhost pluto[4314]: |    exchange type: ISAKMP_XCHG_QUICK
Mar  9 11:13:16 localhost pluto[4314]: |    flags: ISAKMP_FLAG_ENCRYPTION
Mar  9 11:13:16 localhost pluto[4314]: |    message ID:  ae 62 6a 91
Mar  9 11:13:16 localhost pluto[4314]: | ***emit ISAKMP Hash Payload:
Mar  9 11:13:16 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_SA
Mar  9 11:13:16 localhost pluto[4314]: | emitting 16 zero bytes of HASH into ISAKMP Hash Payload
Mar  9 11:13:16 localhost pluto[4314]: | emitting length of ISAKMP Hash Payload: 20
Mar  9 11:13:16 localhost pluto[4314]: | ***emit ISAKMP Security Association Payload:
Mar  9 11:13:16 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_NONCE
Mar  9 11:13:16 localhost pluto[4314]: |    DOI: ISAKMP_DOI_IPSEC
Mar  9 11:13:16 localhost pluto[4314]: | ****parse IPsec DOI SIT:
Mar  9 11:13:16 localhost pluto[4314]: |    IPsec DOI SIT: SIT_IDENTITY_ONLY
Mar  9 11:13:16 localhost pluto[4314]: | ****parse ISAKMP Proposal Payload:
Mar  9 11:13:16 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_NONE
Mar  9 11:13:16 localhost pluto[4314]: |    length: 68
Mar  9 11:13:16 localhost pluto[4314]: |    proposal number: 0
Mar  9 11:13:16 localhost pluto[4314]: |    protocol ID: PROTO_IPSEC_ESP
Mar  9 11:13:16 localhost pluto[4314]: |    SPI size: 4
Mar  9 11:13:16 localhost pluto[4314]: |    number of transforms: 2
Mar  9 11:13:16 localhost pluto[4314]: | parsing 4 raw bytes of ISAKMP Proposal Payload into SPI
Mar  9 11:13:16 localhost pluto[4314]: | SPI  9f cb 44 16
Mar  9 11:13:16 localhost pluto[4314]: | *****parse ISAKMP Transform Payload (ESP):
Mar  9 11:13:16 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_T
Mar  9 11:13:16 localhost pluto[4314]: |    length: 28
Mar  9 11:13:16 localhost pluto[4314]: |    transform number: 0
Mar  9 11:13:16 localhost pluto[4314]: |    transform ID: ESP_3DES
Mar  9 11:13:16 localhost pluto[4314]: | ******parse ISAKMP IPsec DOI attribute:
Mar  9 11:13:16 localhost pluto[4314]: |    af+type: GROUP_DESCRIPTION
Mar  9 11:13:16 localhost pluto[4314]: |    length/value: 5
Mar  9 11:13:16 localhost pluto[4314]: |    [5 is OAKLEY_GROUP_MODP1536]
Mar  9 11:13:16 localhost pluto[4314]: | ******parse ISAKMP IPsec DOI attribute:
Mar  9 11:13:16 localhost pluto[4314]: |    af+type: ENCAPSULATION_MODE
Mar  9 11:13:16 localhost pluto[4314]: |    length/value: 1
Mar  9 11:13:16 localhost pluto[4314]: |    [1 is ENCAPSULATION_MODE_TUNNEL]
Mar  9 11:13:16 localhost pluto[4314]: | ******parse ISAKMP IPsec DOI attribute:
Mar  9 11:13:16 localhost pluto[4314]: |    af+type: SA_LIFE_TYPE
Mar  9 11:13:16 localhost pluto[4314]: |    length/value: 1
Mar  9 11:13:16 localhost pluto[4314]: |    [1 is SA_LIFE_TYPE_SECONDS]
Mar  9 11:13:16 localhost pluto[4314]: | ******parse ISAKMP IPsec DOI attribute:
Mar  9 11:13:16 localhost pluto[4314]: |    af+type: SA_LIFE_DURATION
Mar  9 11:13:16 localhost pluto[4314]: |    length/value: 28800
Mar  9 11:13:16 localhost pluto[4314]: | ******parse ISAKMP IPsec DOI attribute:
Mar  9 11:13:16 localhost pluto[4314]: |    af+type: AUTH_ALGORITHM
Mar  9 11:13:16 localhost pluto[4314]: |    length/value: 1
Mar  9 11:13:16 localhost pluto[4314]: |    [1 is AUTH_ALGORITHM_HMAC_MD5]
Mar  9 11:13:16 localhost pluto[4314]: | kernel_alg_esp_enc_ok(3,0): alg_id=3, alg_ivlen=8, alg_minbits=192, alg_maxbits=192, res=0, ret=1
Mar  9 11:13:16 localhost pluto[4314]: | kernel_alg_esp_enc_keylen():alg_id=3, keylen=24
Mar  9 11:13:16 localhost pluto[4314]: | ****emit IPsec DOI SIT:
Mar  9 11:13:16 localhost pluto[4314]: |    IPsec DOI SIT: SIT_IDENTITY_ONLY
Mar  9 11:13:16 localhost pluto[4314]: | ****emit ISAKMP Proposal Payload:
Mar  9 11:13:16 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_NONE
Mar  9 11:13:16 localhost pluto[4314]: |    proposal number: 0
Mar  9 11:13:16 localhost pluto[4314]: |    protocol ID: PROTO_IPSEC_ESP
Mar  9 11:13:16 localhost pluto[4314]: |    SPI size: 4
Mar  9 11:13:16 localhost pluto[4314]: |    number of transforms: 1
Mar  9 11:13:16 localhost pluto[4314]: | netlink_get_spi: allocated 0x7eb13e58 for esp.0 at 10.6.3.133
Mar  9 11:13:16 localhost pluto[4314]: | emitting 4 raw bytes of SPI into ISAKMP Proposal Payload
Mar  9 11:13:16 localhost pluto[4314]: | SPI  7e b1 3e 58
Mar  9 11:13:16 localhost pluto[4314]: | *****emit ISAKMP Transform Payload (ESP):
Mar  9 11:13:16 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_NONE
Mar  9 11:13:16 localhost pluto[4314]: |    transform number: 0
Mar  9 11:13:16 localhost pluto[4314]: |    transform ID: ESP_3DES
Mar  9 11:13:16 localhost pluto[4314]: | emitting 20 raw bytes of attributes into ISAKMP Transform Payload (ESP)
Mar  9 11:13:16 localhost pluto[4314]: | attributes  80 03 00 05  80 04 00 01  80 01 00 01  80 02 70 80
Mar  9 11:13:16 localhost pluto[4314]: |   80 05 00 01
Mar  9 11:13:16 localhost pluto[4314]: | emitting length of ISAKMP Transform Payload (ESP): 28
Mar  9 11:13:16 localhost pluto[4314]: | emitting length of ISAKMP Proposal Payload: 40
Mar  9 11:13:16 localhost pluto[4314]: | emitting length of ISAKMP Security Association Payload: 52
Mar  9 11:13:16 localhost pluto[4314]: | DH public value received:
Mar  9 11:13:16 localhost pluto[4314]: |   0a 65 89 43  eb 76 6f 86  c6 37 4b 69  90 b6 16 49
Mar  9 11:13:16 localhost pluto[4314]: |   90 ac 30 ab  53 95 b6 b7  2e 30 98 47  f5 f0 47 e9
Mar  9 11:13:16 localhost pluto[4314]: |   9b 89 3e 90  b5 68 ab 60  e4 4b 58 c5  f2 79 c9 66
Mar  9 11:13:16 localhost pluto[4314]: |   fe 50 ba 02  1c ff 17 af  ed 7a e4 f1  2f bf 27 b4
Mar  9 11:13:16 localhost pluto[4314]: |   87 ac 71 2d  4f 74 79 33  d4 f9 61 f1  a5 03 28 c2
Mar  9 11:13:16 localhost pluto[4314]: |   5b f1 12 5b  2d 7f 69 76  18 3e 38 e3  21 e7 1e 3c
Mar  9 11:13:16 localhost pluto[4314]: |   8c 13 32 38  c8 88 ff 91  0d 98 48 96  ff ed 03 23
Mar  9 11:13:16 localhost pluto[4314]: |   38 27 f4 d8  35 69 58 75  3b f2 47 0c  85 1a b4 54
Mar  9 11:13:16 localhost pluto[4314]: |   2b 57 a2 12  e3 ca ca 9b  22 be 86 de  bb 7f a1 8f
Mar  9 11:13:16 localhost pluto[4314]: |   56 64 3e 5f  2b 2e 3f 59  af 4e fe 7e  79 cd e7 4d
Mar  9 11:13:16 localhost pluto[4314]: |   5c 1f fd be  20 7d 35 74  71 5a 24 f2  bd ce 95 d8
Mar  9 11:13:16 localhost pluto[4314]: |   04 55 2f 38  35 91 43 06  0d d6 ae f6  3a 23 6b 57
Mar  9 11:13:16 localhost pluto[4314]: "road"[1] 10.6.3.132 #2: responding to Quick Mode
Mar  9 11:13:16 localhost pluto[4314]: | ***emit ISAKMP Nonce Payload:
Mar  9 11:13:16 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_KE
Mar  9 11:13:16 localhost pluto[4314]: | emitting 16 raw bytes of Nr into ISAKMP Nonce Payload
Mar  9 11:13:16 localhost pluto[4314]: | Nr  7e ba 3c 89  88 a1 86 e8  37 c7 5e 58  46 9d 77 6b
Mar  9 11:13:16 localhost pluto[4314]: | emitting length of ISAKMP Nonce Payload: 20
Mar  9 11:13:16 localhost pluto[4314]: | Local DH secret:
Mar  9 11:13:16 localhost pluto[4314]: |   eb f2 a6 3d  fb 7d 20 00  08 a0 8e 49  8d 01 f6 38
Mar  9 11:13:16 localhost pluto[4314]: |   55 75 11 d8  ed 19 e6 b0  f4 1f d9 6b  0d 25 02 2d
Mar  9 11:13:16 localhost pluto[4314]: | Public DH value sent:
Mar  9 11:13:16 localhost pluto[4314]: |   ae 80 90 a3  c4 ac 7a 67  b3 78 2d 88  7a 03 e3 04
Mar  9 11:13:16 localhost pluto[4314]: |   f2 92 5f 28  88 84 b0 08  c3 61 15 a0  bf eb d1 16
Mar  9 11:13:16 localhost pluto[4314]: |   d5 91 6c c5  fc 96 4f f4  4f 1e 8e a3  82 ca 54 ab
Mar  9 11:13:16 localhost pluto[4314]: |   bf 1d 54 e7  18 ec 44 3c  05 7f bd a5  ef 0b ae 4f
Mar  9 11:13:16 localhost pluto[4314]: |   6f e9 b4 b3  29 ae c7 d5  48 c6 70 76  94 fd a7 de
Mar  9 11:13:16 localhost pluto[4314]: |   58 d0 ef 5c  08 cb 9b bf  2e 1a 35 f7  14 93 89 df
Mar  9 11:13:16 localhost pluto[4314]: |   e1 bb 18 f6  7d 78 06 15  86 77 83 18  1b a0 a3 cd
Mar  9 11:13:16 localhost pluto[4314]: |   e1 7c ac 48  ea 04 f7 9c  1e f4 a8 82  ae 6c ad f2
Mar  9 11:13:16 localhost pluto[4314]: |   1b 90 93 b2  f1 be 82 43  43 e1 65 2c  c8 5b dc af
Mar  9 11:13:16 localhost pluto[4314]: |   97 5c 29 f6  24 32 8c a4  15 d3 e9 5f  8c 74 ff 9e
Mar  9 11:13:16 localhost pluto[4314]: |   db d5 3e 50  00 8f 05 b7  56 e3 fc ed  fc a4 1d 85
Mar  9 11:13:16 localhost pluto[4314]: |   fc ec 1b b8  95 52 4a 66  72 b8 06 31  d4 ff 39 68
Mar  9 11:13:16 localhost pluto[4314]: | ***emit ISAKMP Key Exchange Payload:
Mar  9 11:13:16 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_ID
Mar  9 11:13:16 localhost pluto[4314]: | emitting 192 raw bytes of keyex value into ISAKMP Key Exchange Payload
Mar  9 11:13:16 localhost pluto[4314]: | keyex value  ae 80 90 a3  c4 ac 7a 67  b3 78 2d 88  7a 03 e3 04
Mar  9 11:13:16 localhost pluto[4314]: |   f2 92 5f 28  88 84 b0 08  c3 61 15 a0  bf eb d1 16
Mar  9 11:13:16 localhost pluto[4314]: |   d5 91 6c c5  fc 96 4f f4  4f 1e 8e a3  82 ca 54 ab
Mar  9 11:13:16 localhost pluto[4314]: |   bf 1d 54 e7  18 ec 44 3c  05 7f bd a5  ef 0b ae 4f
Mar  9 11:13:16 localhost pluto[4314]: |   6f e9 b4 b3  29 ae c7 d5  48 c6 70 76  94 fd a7 de
Mar  9 11:13:16 localhost pluto[4314]: |   58 d0 ef 5c  08 cb 9b bf  2e 1a 35 f7  14 93 89 df
Mar  9 11:13:16 localhost pluto[4314]: |   e1 bb 18 f6  7d 78 06 15  86 77 83 18  1b a0 a3 cd
Mar  9 11:13:16 localhost pluto[4314]: |   e1 7c ac 48  ea 04 f7 9c  1e f4 a8 82  ae 6c ad f2
Mar  9 11:13:16 localhost pluto[4314]: |   1b 90 93 b2  f1 be 82 43  43 e1 65 2c  c8 5b dc af
Mar  9 11:13:16 localhost pluto[4314]: |   97 5c 29 f6  24 32 8c a4  15 d3 e9 5f  8c 74 ff 9e
Mar  9 11:13:16 localhost pluto[4314]: |   db d5 3e 50  00 8f 05 b7  56 e3 fc ed  fc a4 1d 85
Mar  9 11:13:16 localhost pluto[4314]: |   fc ec 1b b8  95 52 4a 66  72 b8 06 31  d4 ff 39 68
Mar  9 11:13:16 localhost pluto[4314]: | emitting length of ISAKMP Key Exchange Payload: 196
Mar  9 11:13:16 localhost pluto[4314]: | compute_dh_shared(): time elapsed (OAKLEY_GROUP_MODP1536): 5714 usec
Mar  9 11:13:16 localhost pluto[4314]: | DH shared secret:
Mar  9 11:13:16 localhost pluto[4314]: |   7a 28 99 4a  18 5f 49 15  c0 4e c8 0f  d1 de b2 79
Mar  9 11:13:16 localhost pluto[4314]: |   72 8c 2d e2  87 1b 22 8c  ed d1 8e 0e  56 cf a7 ce
Mar  9 11:13:16 localhost pluto[4314]: |   ea e0 0c 07  ff 97 cb c9  5f e9 f4 d9  cc 0f ea de
Mar  9 11:13:16 localhost pluto[4314]: |   88 45 8c 5e  fd 08 17 ba  db 0e ac 74  c3 ac 09 a9
Mar  9 11:13:16 localhost pluto[4314]: |   76 74 60 38  1e 85 68 4b  2c e5 7d 7d  e3 76 85 81
Mar  9 11:13:16 localhost pluto[4314]: |   d9 3e b3 bd  a6 57 ee 87  9d 8b b6 f1  99 6e 21 e5
Mar  9 11:13:16 localhost pluto[4314]: |   60 b8 d6 20  c2 cf e7 cd  16 f8 30 dc  f6 44 09 81
Mar  9 11:13:16 localhost pluto[4314]: |   2c 9e 7f b5  ac c7 9e 2d  fe ba 16 c0  0e e3 11 93
Mar  9 11:13:16 localhost pluto[4314]: |   66 92 e7 11  0c b3 0f 49  08 e1 9d f0  11 fb 74 40
Mar  9 11:13:16 localhost pluto[4314]: |   50 74 32 bc  16 62 fe 29  50 b2 ee ce  53 e0 62 48
Mar  9 11:13:16 localhost pluto[4314]: |   e5 e3 65 42  fe 74 23 c3  bf 56 08 b1  9a c8 80 a9
Mar  9 11:13:16 localhost pluto[4314]: |   45 98 63 d9  39 4d d1 28  c0 13 4a 09  a0 a8 48 5c
Mar  9 11:13:16 localhost pluto[4314]: | emitting 16 raw bytes of IDci into ISAKMP Message
Mar  9 11:13:16 localhost pluto[4314]: | IDci  05 00 00 10  04 00 00 00  0a 06 03 84  ff ff ff ff
Mar  9 11:13:16 localhost pluto[4314]: | emitting 16 raw bytes of IDcr into ISAKMP Message
Mar  9 11:13:16 localhost pluto[4314]: | IDcr  00 00 00 10  04 00 00 00  0a 06 64 00  ff ff ff 00
Mar  9 11:13:16 localhost pluto[4314]: | HASH(2) computed:
Mar  9 11:13:16 localhost pluto[4314]: |   cd 1b ee de  e9 0a 74 de  26 3f 68 67  5d 87 24 cf
Mar  9 11:13:16 localhost pluto[4314]: | compute_proto_keymat:needed_len (after ESP enc)=24
Mar  9 11:13:16 localhost pluto[4314]: | compute_proto_keymat:needed_len (after ESP auth)=40
Mar  9 11:13:16 localhost pluto[4314]: | KEYMAT computed:
Mar  9 11:13:16 localhost pluto[4314]: |   4f 76 15 1f  d6 f8 73 75  a2 c9 7a 81  71 36 1a ee
Mar  9 11:13:16 localhost pluto[4314]: |   8f 9d 56 2c  d7 83 68 69  2b c1 e6 37  28 7b b0 7d
Mar  9 11:13:16 localhost pluto[4314]: |   c6 0c 67 65  84 43 6f 55
Mar  9 11:13:16 localhost pluto[4314]: | Peer KEYMAT computed:
Mar  9 11:13:16 localhost pluto[4314]: |   3d 97 83 0a  e6 36 61 57  13 4a f7 8c  8b a8 4c 9b
Mar  9 11:13:16 localhost pluto[4314]: |   7c ad ea ef  55 4f dd 77  0a 41 3d d2  c5 cc c1 c9
Mar  9 11:13:16 localhost pluto[4314]: |   c0 92 3a 5d  8b 2b 86 5f
Mar  9 11:13:16 localhost pluto[4314]: | install_inbound_ipsec_sa() checking if we can route
Mar  9 11:13:16 localhost pluto[4314]: | route owner of "road"[1] 10.6.3.132 unrouted: NULL; eroute owner: NULL
Mar  9 11:13:16 localhost pluto[4314]: | could_route called for road (kind=CK_INSTANCE)
Mar  9 11:13:16 localhost pluto[4314]: | add inbound eroute 10.6.3.132/32:0 --0-> 10.6.100.0/24:0 => tun.10000 at 10.6.3.133 (raw_eroute)
Mar  9 11:13:16 localhost pluto[4314]: | encrypting:
Mar  9 11:13:16 localhost pluto[4314]: |   01 00 00 14  cd 1b ee de  e9 0a 74 de  26 3f 68 67
Mar  9 11:13:16 localhost pluto[4314]: |   5d 87 24 cf  0a 00 00 34  00 00 00 01  00 00 00 01
Mar  9 11:13:16 localhost pluto[4314]: |   00 00 00 28  00 03 04 01  7e b1 3e 58  00 00 00 1c
Mar  9 11:13:16 localhost pluto[4314]: |   00 03 00 00  80 03 00 05  80 04 00 01  80 01 00 01
Mar  9 11:13:16 localhost pluto[4314]: |   80 02 70 80  80 05 00 01  04 00 00 14  7e ba 3c 89
Mar  9 11:13:16 localhost pluto[4314]: |   88 a1 86 e8  37 c7 5e 58  46 9d 77 6b  05 00 00 c4
Mar  9 11:13:16 localhost pluto[4314]: |   ae 80 90 a3  c4 ac 7a 67  b3 78 2d 88  7a 03 e3 04
Mar  9 11:13:16 localhost pluto[4314]: |   f2 92 5f 28  88 84 b0 08  c3 61 15 a0  bf eb d1 16
Mar  9 11:13:16 localhost pluto[4314]: |   d5 91 6c c5  fc 96 4f f4  4f 1e 8e a3  82 ca 54 ab
Mar  9 11:13:16 localhost pluto[4314]: |   bf 1d 54 e7  18 ec 44 3c  05 7f bd a5  ef 0b ae 4f
Mar  9 11:13:16 localhost pluto[4314]: |   6f e9 b4 b3  29 ae c7 d5  48 c6 70 76  94 fd a7 de
Mar  9 11:13:16 localhost pluto[4314]: |   58 d0 ef 5c  08 cb 9b bf  2e 1a 35 f7  14 93 89 df
Mar  9 11:13:16 localhost pluto[4314]: |   e1 bb 18 f6  7d 78 06 15  86 77 83 18  1b a0 a3 cd
Mar  9 11:13:16 localhost pluto[4314]: |   e1 7c ac 48  ea 04 f7 9c  1e f4 a8 82  ae 6c ad f2
Mar  9 11:13:16 localhost pluto[4314]: |   1b 90 93 b2  f1 be 82 43  43 e1 65 2c  c8 5b dc af
Mar  9 11:13:16 localhost pluto[4314]: |   97 5c 29 f6  24 32 8c a4  15 d3 e9 5f  8c 74 ff 9e
Mar  9 11:13:16 localhost pluto[4314]: |   db d5 3e 50  00 8f 05 b7  56 e3 fc ed  fc a4 1d 85
Mar  9 11:13:16 localhost pluto[4314]: |   fc ec 1b b8  95 52 4a 66  72 b8 06 31  d4 ff 39 68
Mar  9 11:13:16 localhost pluto[4314]: |   05 00 00 10  04 00 00 00  0a 06 03 84  ff ff ff ff
Mar  9 11:13:16 localhost pluto[4314]: |   00 00 00 10  04 00 00 00  0a 06 64 00  ff ff ff 00
Mar  9 11:13:16 localhost pluto[4314]: | encrypting using OAKLEY_3DES_CBC
Mar  9 11:13:16 localhost pluto[4314]: | next IV:  b6 7e c3 ed  a1 52 e8 a6
Mar  9 11:13:16 localhost pluto[4314]: | emitting length of ISAKMP Message: 348
Mar  9 11:13:16 localhost pluto[4314]: "road"[1] 10.6.3.132 #2: transition from state (null) to state STATE_QUICK_R1
Mar  9 11:13:16 localhost pluto[4314]: | sending 348 bytes for STATE_QUICK_R0 through eth0 to 10.6.3.132:500:
Mar  9 11:13:16 localhost pluto[4314]: |   70 dc 4e a5  c0 44 b1 4c  1c 1d 70 9c  52 0c 37 8c
Mar  9 11:13:16 localhost pluto[4314]: |   08 10 20 01  ae 62 6a 91  00 00 01 5c  01 1c 9f ff
Mar  9 11:13:16 localhost pluto[4314]: |   2e 18 48 2d  55 44 50 9c  51 c0 62 a9  98 ba d1 51
Mar  9 11:13:16 localhost pluto[4314]: |   b6 c2 de fc  bb 84 18 b7  e0 e8 ab 1a  bc 32 54 95
Mar  9 11:13:16 localhost pluto[4314]: |   44 f3 a6 55  aa de b5 bf  62 6e 1a c7  a7 42 0e 05
Mar  9 11:13:16 localhost pluto[4314]: |   ae 2b 36 20  16 cb 63 c4  a0 2c 91 b0  b4 9e af 3d
Mar  9 11:13:16 localhost pluto[4314]: |   da 1c 7c 02  58 fe 1e 1b  5b 0c 64 ed  a0 d1 b2 7d
Mar  9 11:13:16 localhost pluto[4314]: |   c7 08 03 1d  46 7c c3 ea  9d cf 4f fa  16 1d 3a 7f
Mar  9 11:13:16 localhost pluto[4314]: |   70 fb 9a 40  ac fd 3e 38  c6 8c f1 70  2d ff 78 36
Mar  9 11:13:16 localhost pluto[4314]: |   c1 57 a3 fb  a7 f7 b4 cb  85 a7 c2 df  cd a0 ae 57
Mar  9 11:13:16 localhost pluto[4314]: |   86 db ce e6  79 ac e9 3b  52 c7 c9 c1  56 7b 3a 07
Mar  9 11:13:16 localhost pluto[4314]: |   87 46 1a 44  2f 96 75 b2  69 14 0f eb  dd ec 87 3d
Mar  9 11:13:16 localhost pluto[4314]: |   c5 2f d5 fb  c8 30 95 48  58 7d a6 fd  34 dc 45 21
Mar  9 11:13:16 localhost pluto[4314]: |   4b 78 39 5d  84 8a de d2  32 d2 f6 1a  0f 4b 94 62
Mar  9 11:13:16 localhost pluto[4314]: |   08 27 c0 23  4d 8c 7e 4c  70 2b 1d 78  47 fd 38 c3
Mar  9 11:13:16 localhost pluto[4314]: |   0e c4 0c 4b  96 be 39 e2  6a 19 60 c2  fd 3d 0e 9e
Mar  9 11:13:16 localhost pluto[4314]: |   45 ef 63 32  2d 60 78 c3  97 5d f8 ca  8b 06 26 54
Mar  9 11:13:16 localhost pluto[4314]: |   7a 4d 22 3b  57 dd 11 0b  b8 43 b2 67  2b ec 52 41
Mar  9 11:13:16 localhost pluto[4314]: |   29 0e 98 43  7b 9d b3 5b  97 03 84 b4  72 ba df 0a
Mar  9 11:13:16 localhost pluto[4314]: |   f4 b9 2a c2  5a 97 d5 37  c5 a2 2e 27  54 fb 33 96
Mar  9 11:13:16 localhost pluto[4314]: |   32 1b 44 5a  e7 c6 b3 cb  d1 3c ae 9d  44 1b c8 9c
Mar  9 11:13:16 localhost pluto[4314]: |   29 56 05 6b  b6 7e c3 ed  a1 52 e8 a6
Mar  9 11:13:16 localhost pluto[4314]: | inserting event EVENT_RETRANSMIT, timeout in 10 seconds for #2
Mar  9 11:13:16 localhost pluto[4314]: | next event EVENT_RETRANSMIT in 10 seconds for #2
Mar  9 11:13:17 localhost pluto[4314]: |  
Mar  9 11:13:17 localhost pluto[4314]: | *received 52 bytes from 10.6.3.132:500 on eth0
Mar  9 11:13:17 localhost pluto[4314]: |   70 dc 4e a5  c0 44 b1 4c  1c 1d 70 9c  52 0c 37 8c
Mar  9 11:13:17 localhost pluto[4314]: |   08 10 20 01  ae 62 6a 91  00 00 00 34  ec 5e 83 32
Mar  9 11:13:17 localhost pluto[4314]: |   da 4a 1c 45  49 f9 16 2d  04 d5 a4 56  ee 16 a2 94
Mar  9 11:13:17 localhost pluto[4314]: |   bd 91 de b7
Mar  9 11:13:17 localhost pluto[4314]: | **parse ISAKMP Message:
Mar  9 11:13:17 localhost pluto[4314]: |    initiator cookie:
Mar  9 11:13:17 localhost pluto[4314]: |   70 dc 4e a5  c0 44 b1 4c
Mar  9 11:13:17 localhost pluto[4314]: |    responder cookie:
Mar  9 11:13:17 localhost pluto[4314]: |   1c 1d 70 9c  52 0c 37 8c
Mar  9 11:13:17 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_HASH
Mar  9 11:13:17 localhost pluto[4314]: |    ISAKMP version: ISAKMP Version 1.0
Mar  9 11:13:17 localhost pluto[4314]: |    exchange type: ISAKMP_XCHG_QUICK
Mar  9 11:13:17 localhost pluto[4314]: |    flags: ISAKMP_FLAG_ENCRYPTION
Mar  9 11:13:17 localhost pluto[4314]: |    message ID:  ae 62 6a 91
Mar  9 11:13:17 localhost pluto[4314]: |    length: 52
Mar  9 11:13:17 localhost pluto[4314]: | ICOOKIE:  70 dc 4e a5  c0 44 b1 4c
Mar  9 11:13:17 localhost pluto[4314]: | RCOOKIE:  1c 1d 70 9c  52 0c 37 8c
Mar  9 11:13:17 localhost pluto[4314]: | peer:  0a 06 03 84
Mar  9 11:13:17 localhost pluto[4314]: | state hash entry 25
Mar  9 11:13:17 localhost pluto[4314]: | peer and cookies match on #2, provided msgid ae626a91 vs ae626a91
Mar  9 11:13:17 localhost pluto[4314]: | state object #2 found, in STATE_QUICK_R1
Mar  9 11:13:17 localhost pluto[4314]: | received encrypted packet from 10.6.3.132:500
Mar  9 11:13:17 localhost pluto[4314]: | decrypting 24 bytes using algorithm OAKLEY_3DES_CBC
Mar  9 11:13:17 localhost pluto[4314]: | decrypted:
Mar  9 11:13:17 localhost pluto[4314]: |   00 00 00 14  19 f9 c1 d7  2a 51 7e 79  7b c3 83 a5
Mar  9 11:13:17 localhost pluto[4314]: |   6a e7 5d 7b  00 00 00 00
Mar  9 11:13:17 localhost pluto[4314]: | next IV:  ee 16 a2 94  bd 91 de b7
Mar  9 11:13:17 localhost pluto[4314]: | ***parse ISAKMP Hash Payload:
Mar  9 11:13:17 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_NONE
Mar  9 11:13:17 localhost pluto[4314]: |    length: 20
Mar  9 11:13:17 localhost pluto[4314]: | removing 4 bytes of padding
Mar  9 11:13:17 localhost pluto[4314]: | HASH(3) computed:  19 f9 c1 d7  2a 51 7e 79  7b c3 83 a5  6a e7 5d 7b
Mar  9 11:13:17 localhost pluto[4314]: | install_ipsec_sa() for #2: outbound only
Mar  9 11:13:17 localhost pluto[4314]: | route owner of "road"[1] 10.6.3.132 unrouted: NULL; eroute owner: NULL
Mar  9 11:13:17 localhost pluto[4314]: | could_route called for road (kind=CK_INSTANCE)
Mar  9 11:13:17 localhost pluto[4314]: | sr for #2: unrouted
Mar  9 11:13:17 localhost pluto[4314]: | route owner of "road"[1] 10.6.3.132 unrouted: NULL; eroute owner: NULL
Mar  9 11:13:17 localhost pluto[4314]: | route_and_eroute with c: road (next: none) ero:null esr:{(nil)} ro:null rosr:{(nil)} and state: 2
Mar  9 11:13:17 localhost pluto[4314]: | eroute_connection add eroute 10.6.100.0/24:0 --0-> 10.6.3.132/32:0 => tun.0 at 10.6.3.132 (raw_eroute)
Mar  9 11:13:17 localhost pluto[4314]: |   trusted_ca called with a=(empty) b=(empty)
Mar  9 11:13:17 localhost pluto[4314]: | executing up-client: 2>&1 PLUTO_VERSION='1.1' PLUTO_VERB='up-client' PLUTO_CONNECTION='road' PLUTO_NEXT_HOP='10.6.3.132' PLUTO_INTERFACE='eth0' PLUTO_ME='10.6.3.133' PLUTO_MY_ID='@multilinus.multibel.it' PLUTO_MY_CLIENT='10.6.100.0/24' PLUTO_MY_CLIENT_NET='10.6.100.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_PEER='10.6.3.132' PLUTO_PEER_ID='@multibel1.multibel.it' PLUTO_PEER_CLIENT='10.6.3.132/32' PLUTO_PEER_CLIENT_NET='10.6.3.132' PLUTO_PEER_CLIENT_MASK='255.255.255.255' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_CONN_POLICY='RSASIG+ENCRYPT+TUNNEL+PFS'  ipsec _updown
Mar  9 11:13:17 localhost pluto[4314]: | route_and_eroute: firewall_notified: true
Mar  9 11:13:17 localhost pluto[4314]: |   trusted_ca called with a=(empty) b=(empty)
Mar  9 11:13:17 localhost pluto[4314]: | executing prepare-client: 2>&1 PLUTO_VERSION='1.1' PLUTO_VERB='prepare-client' PLUTO_CONNECTION='road' PLUTO_NEXT_HOP='10.6.3.132' PLUTO_INTERFACE='eth0' PLUTO_ME='10.6.3.133' PLUTO_MY_ID='@multilinus.multibel.it' PLUTO_MY_CLIENT='10.6.100.0/24' PLUTO_MY_CLIENT_NET='10.6.100.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_PEER='10.6.3.132' PLUTO_PEER_ID='@multibel1.multibel.it' PLUTO_PEER_CLIENT='10.6.3.132/32' PLUTO_PEER_CLIENT_NET='10.6.3.132' PLUTO_PEER_CLIENT_MASK='255.255.255.255' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_CONN_POLICY='RSASIG+ENCRYPT+TUNNEL+PFS'  ipsec _updown
Mar  9 11:13:17 localhost pluto[4314]: |   trusted_ca called with a=(empty) b=(empty)
Mar  9 11:13:17 localhost pluto[4314]: | executing route-client: 2>&1 PLUTO_VERSION='1.1' PLUTO_VERB='route-client' PLUTO_CONNECTION='road' PLUTO_NEXT_HOP='10.6.3.132' PLUTO_INTERFACE='eth0' PLUTO_ME='10.6.3.133' PLUTO_MY_ID='@multilinus.multibel.it' PLUTO_MY_CLIENT='10.6.100.0/24' PLUTO_MY_CLIENT_NET='10.6.100.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_PEER='10.6.3.132' PLUTO_PEER_ID='@multibel1.multibel.it' PLUTO_PEER_CLIENT='10.6.3.132/32' PLUTO_PEER_CLIENT_NET='10.6.3.132' PLUTO_PEER_CLIENT_MASK='255.255.255.255' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_CONN_POLICY='RSASIG+ENCRYPT+TUNNEL+PFS'  ipsec _updown
Mar  9 11:13:17 localhost pluto[4314]: | route_and_eroute: instance "road"[1] 10.6.3.132, setting eroute_owner {spd=0x80efa5c,sr=0x80efa5c} to #2 (was #0) (newest_ipsec_sa=#0)
Mar  9 11:13:17 localhost pluto[4314]: | inI2: instance road[1], setting newest_ipsec_sa to #2 (was #0) (spd.eroute=#2)
Mar  9 11:13:17 localhost pluto[4314]: "road"[1] 10.6.3.132 #2: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Mar  9 11:13:17 localhost pluto[4314]: | inserting event EVENT_SA_REPLACE, timeout in 28530 seconds for #2
Mar  9 11:13:17 localhost pluto[4314]: "road"[1] 10.6.3.132 #2: IPsec SA established {ESP=>0x9fcb4416 <0x7eb13e58}
Mar  9 11:13:17 localhost pluto[4314]: | next event EVENT_SA_REPLACE in 3328 seconds for #1
Mar  9 11:56:40 localhost pluto[4314]: |  
Mar  9 11:56:40 localhost pluto[4314]: | *received whack message
Mar  9 11:56:40 localhost pluto[4314]: | kernel_alg_esp_enc_ok(3,0): alg_id=3, alg_ivlen=8, alg_minbits=192, alg_maxbits=192, res=0, ret=1
Mar  9 11:56:40 localhost pluto[4314]: | next event EVENT_SA_REPLACE in 725 seconds for #1
Mar  9 11:56:40 localhost pluto[4314]: |  
Mar  9 11:56:40 localhost pluto[4314]: | *received whack message
Mar  9 11:56:40 localhost pluto[4314]: | kernel_alg_esp_enc_ok(3,0): alg_id=3, alg_ivlen=8, alg_minbits=192, alg_maxbits=192, res=0, ret=1
Mar  9 11:56:40 localhost pluto[4314]: | next event EVENT_SA_REPLACE in 725 seconds for #1
Mar  9 11:56:42 localhost pluto[4314]: |  
Mar  9 11:56:42 localhost pluto[4314]: | *received whack message
Mar  9 11:56:42 localhost pluto[4314]: | next event EVENT_SA_REPLACE in 723 seconds for #1
Mar  9 11:57:19 localhost pluto[4314]: |  
Mar  9 11:57:19 localhost pluto[4314]: | *received whack message
Mar  9 11:57:19 localhost pluto[4314]: | kernel_alg_esp_enc_ok(3,0): alg_id=3, alg_ivlen=8, alg_minbits=192, alg_maxbits=192, res=0, ret=1
Mar  9 11:57:19 localhost pluto[4314]: | next event EVENT_SA_REPLACE in 686 seconds for #1
Mar  9 11:57:19 localhost pluto[4314]: |  
Mar  9 11:57:19 localhost pluto[4314]: | *received whack message
Mar  9 11:57:19 localhost pluto[4314]: | kernel_alg_esp_enc_ok(3,0): alg_id=3, alg_ivlen=8, alg_minbits=192, alg_maxbits=192, res=0, ret=1
Mar  9 11:57:19 localhost pluto[4314]: | next event EVENT_SA_REPLACE in 686 seconds for #1
Mar  9 11:57:21 localhost pluto[4314]: |  
Mar  9 11:57:21 localhost pluto[4314]: | *received whack message
Mar  9 11:57:21 localhost pluto[4314]: | next event EVENT_SA_REPLACE in 684 seconds for #1
Mar  9 11:57:57 localhost pluto[4314]: |  
Mar  9 11:57:57 localhost pluto[4314]: | *received whack message
Mar  9 11:57:57 localhost pluto[4314]: | kernel_alg_esp_enc_ok(3,0): alg_id=3, alg_ivlen=8, alg_minbits=192, alg_maxbits=192, res=0, ret=1
Mar  9 11:57:57 localhost pluto[4314]: | next event EVENT_SA_REPLACE in 648 seconds for #1
Mar  9 11:57:57 localhost pluto[4314]: |  
Mar  9 11:57:57 localhost pluto[4314]: | *received whack message
Mar  9 11:57:57 localhost pluto[4314]: | kernel_alg_esp_enc_ok(3,0): alg_id=3, alg_ivlen=8, alg_minbits=192, alg_maxbits=192, res=0, ret=1
Mar  9 11:57:57 localhost pluto[4314]: | next event EVENT_SA_REPLACE in 648 seconds for #1
Mar  9 11:58:00 localhost pluto[4314]: |  
Mar  9 11:58:00 localhost pluto[4314]: | *received whack message
Mar  9 11:58:00 localhost pluto[4314]: | next event EVENT_SA_REPLACE in 645 seconds for #1
Mar  9 11:58:26 localhost pluto[4314]: |  
Mar  9 11:58:26 localhost pluto[4314]: | *received 176 bytes from 10.6.3.132:500 on eth0
Mar  9 11:58:26 localhost pluto[4314]: |   c1 07 f0 35  8a 80 67 6e  00 00 00 00  00 00 00 00
Mar  9 11:58:26 localhost pluto[4314]: |   01 10 02 00  00 00 00 00  00 00 00 b0  00 00 00 94
Mar  9 11:58:26 localhost pluto[4314]: |   00 00 00 01  00 00 00 01  00 00 00 88  00 01 00 04
Mar  9 11:58:26 localhost pluto[4314]: |   03 00 00 20  00 01 00 00  80 0b 00 01  80 0c 0e 10
Mar  9 11:58:26 localhost pluto[4314]: |   80 01 00 05  80 02 00 01  80 03 00 03  80 04 00 05
Mar  9 11:58:26 localhost pluto[4314]: |   03 00 00 20  01 01 00 00  80 0b 00 01  80 0c 0e 10
Mar  9 11:58:26 localhost pluto[4314]: |   80 01 00 05  80 02 00 01  80 03 00 03  80 04 00 02
Mar  9 11:58:26 localhost pluto[4314]: |   03 00 00 20  02 01 00 00  80 0b 00 01  80 0c 0e 10
Mar  9 11:58:26 localhost pluto[4314]: |   80 01 00 05  80 02 00 02  80 03 00 03  80 04 00 05
Mar  9 11:58:26 localhost pluto[4314]: |   00 00 00 20  03 01 00 00  80 0b 00 01  80 0c 0e 10
Mar  9 11:58:26 localhost pluto[4314]: |   80 01 00 05  80 02 00 02  80 03 00 03  80 04 00 02
Mar  9 11:58:26 localhost pluto[4314]: | **parse ISAKMP Message:
Mar  9 11:58:26 localhost pluto[4314]: |    initiator cookie:
Mar  9 11:58:26 localhost pluto[4314]: |   c1 07 f0 35  8a 80 67 6e
Mar  9 11:58:26 localhost pluto[4314]: |    responder cookie:
Mar  9 11:58:26 localhost pluto[4314]: |   00 00 00 00  00 00 00 00
Mar  9 11:58:26 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_SA
Mar  9 11:58:26 localhost pluto[4314]: |    ISAKMP version: ISAKMP Version 1.0
Mar  9 11:58:26 localhost pluto[4314]: |    exchange type: ISAKMP_XCHG_IDPROT
Mar  9 11:58:26 localhost pluto[4314]: |    flags: none
Mar  9 11:58:26 localhost pluto[4314]: |    message ID:  00 00 00 00
Mar  9 11:58:26 localhost pluto[4314]: |    length: 176
Mar  9 11:58:26 localhost pluto[4314]: | ***parse ISAKMP Security Association Payload:
Mar  9 11:58:26 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_NONE
Mar  9 11:58:26 localhost pluto[4314]: |    length: 148
Mar  9 11:58:26 localhost pluto[4314]: |    DOI: ISAKMP_DOI_IPSEC
Mar  9 11:58:26 localhost pluto[4314]: | creating state object #3 at 0x80f0f20
Mar  9 11:58:26 localhost pluto[4314]: | ICOOKIE:  c1 07 f0 35  8a 80 67 6e
Mar  9 11:58:26 localhost pluto[4314]: | RCOOKIE:  c7 be 1f f8  44 33 91 97
Mar  9 11:58:26 localhost pluto[4314]: | peer:  0a 06 03 84
Mar  9 11:58:26 localhost pluto[4314]: | state hash entry 0
Mar  9 11:58:26 localhost pluto[4314]: | inserting event EVENT_SO_DISCARD, timeout in 0 seconds for #3
Mar  9 11:58:26 localhost pluto[4314]: "road"[1] 10.6.3.132 #3: responding to Main Mode from unknown peer 10.6.3.132
Mar  9 11:58:26 localhost pluto[4314]: | **emit ISAKMP Message:
Mar  9 11:58:26 localhost pluto[4314]: |    initiator cookie:
Mar  9 11:58:26 localhost pluto[4314]: |   c1 07 f0 35  8a 80 67 6e
Mar  9 11:58:26 localhost pluto[4314]: |    responder cookie:
Mar  9 11:58:26 localhost pluto[4314]: |   c7 be 1f f8  44 33 91 97
Mar  9 11:58:26 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_SA
Mar  9 11:58:26 localhost pluto[4314]: |    ISAKMP version: ISAKMP Version 1.0
Mar  9 11:58:26 localhost pluto[4314]: |    exchange type: ISAKMP_XCHG_IDPROT
Mar  9 11:58:26 localhost pluto[4314]: |    flags: none
Mar  9 11:58:26 localhost pluto[4314]: |    message ID:  00 00 00 00
Mar  9 11:58:26 localhost pluto[4314]: | ***emit ISAKMP Security Association Payload:
Mar  9 11:58:26 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_NONE
Mar  9 11:58:26 localhost pluto[4314]: |    DOI: ISAKMP_DOI_IPSEC
Mar  9 11:58:26 localhost pluto[4314]: | ****parse IPsec DOI SIT:
Mar  9 11:58:26 localhost pluto[4314]: |    IPsec DOI SIT: SIT_IDENTITY_ONLY
Mar  9 11:58:26 localhost pluto[4314]: | ****parse ISAKMP Proposal Payload:
Mar  9 11:58:26 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_NONE
Mar  9 11:58:26 localhost pluto[4314]: |    length: 136
Mar  9 11:58:26 localhost pluto[4314]: |    proposal number: 0
Mar  9 11:58:26 localhost pluto[4314]: |    protocol ID: PROTO_ISAKMP
Mar  9 11:58:26 localhost pluto[4314]: |    SPI size: 0
Mar  9 11:58:26 localhost pluto[4314]: |    number of transforms: 4
Mar  9 11:58:26 localhost pluto[4314]: | *****parse ISAKMP Transform Payload (ISAKMP):
Mar  9 11:58:26 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_T
Mar  9 11:58:26 localhost pluto[4314]: |    length: 32
Mar  9 11:58:26 localhost pluto[4314]: |    transform number: 0
Mar  9 11:58:26 localhost pluto[4314]: |    transform ID: KEY_IKE
Mar  9 11:58:26 localhost pluto[4314]: | ******parse ISAKMP Oakley attribute:
Mar  9 11:58:26 localhost pluto[4314]: |    af+type: OAKLEY_LIFE_TYPE
Mar  9 11:58:26 localhost pluto[4314]: |    length/value: 1
Mar  9 11:58:26 localhost pluto[4314]: |    [1 is OAKLEY_LIFE_SECONDS]
Mar  9 11:58:26 localhost pluto[4314]: | ******parse ISAKMP Oakley attribute:
Mar  9 11:58:26 localhost pluto[4314]: |    af+type: OAKLEY_LIFE_DURATION
Mar  9 11:58:26 localhost pluto[4314]: |    length/value: 3600
Mar  9 11:58:26 localhost pluto[4314]: | ******parse ISAKMP Oakley attribute:
Mar  9 11:58:26 localhost pluto[4314]: |    af+type: OAKLEY_ENCRYPTION_ALGORITHM
Mar  9 11:58:26 localhost pluto[4314]: |    length/value: 5
Mar  9 11:58:26 localhost pluto[4314]: |    [5 is OAKLEY_3DES_CBC]
Mar  9 11:58:26 localhost pluto[4314]: | ike_alg_enc_ok(ealg=5,key_len=0): blocksize=8, keyminlen=192, keydeflen=192, keymaxlen=192, ret=1
Mar  9 11:58:26 localhost pluto[4314]: | ******parse ISAKMP Oakley attribute:
Mar  9 11:58:26 localhost pluto[4314]: |    af+type: OAKLEY_HASH_ALGORITHM
Mar  9 11:58:26 localhost pluto[4314]: |    length/value: 1
Mar  9 11:58:26 localhost pluto[4314]: |    [1 is OAKLEY_MD5]
Mar  9 11:58:26 localhost pluto[4314]: | ******parse ISAKMP Oakley attribute:
Mar  9 11:58:26 localhost pluto[4314]: |    af+type: OAKLEY_AUTHENTICATION_METHOD
Mar  9 11:58:26 localhost pluto[4314]: |    length/value: 3
Mar  9 11:58:26 localhost pluto[4314]: |    [3 is OAKLEY_RSA_SIG]
Mar  9 11:58:26 localhost pluto[4314]: | ******parse ISAKMP Oakley attribute:
Mar  9 11:58:26 localhost pluto[4314]: |    af+type: OAKLEY_GROUP_DESCRIPTION
Mar  9 11:58:26 localhost pluto[4314]: |    length/value: 5
Mar  9 11:58:26 localhost pluto[4314]: |    [5 is OAKLEY_GROUP_MODP1536]
Mar  9 11:58:26 localhost pluto[4314]: | Oakley Transform 0 accepted
Mar  9 11:58:26 localhost pluto[4314]: | ****emit IPsec DOI SIT:
Mar  9 11:58:26 localhost pluto[4314]: |    IPsec DOI SIT: SIT_IDENTITY_ONLY
Mar  9 11:58:26 localhost pluto[4314]: | ****emit ISAKMP Proposal Payload:
Mar  9 11:58:26 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_NONE
Mar  9 11:58:26 localhost pluto[4314]: |    proposal number: 0
Mar  9 11:58:26 localhost pluto[4314]: |    protocol ID: PROTO_ISAKMP
Mar  9 11:58:26 localhost pluto[4314]: |    SPI size: 0
Mar  9 11:58:26 localhost pluto[4314]: |    number of transforms: 1
Mar  9 11:58:26 localhost pluto[4314]: | *****emit ISAKMP Transform Payload (ISAKMP):
Mar  9 11:58:26 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_NONE
Mar  9 11:58:26 localhost pluto[4314]: |    transform number: 0
Mar  9 11:58:26 localhost pluto[4314]: |    transform ID: KEY_IKE
Mar  9 11:58:26 localhost pluto[4314]: | emitting 24 raw bytes of attributes into ISAKMP Transform Payload (ISAKMP)
Mar  9 11:58:26 localhost pluto[4314]: | attributes  80 0b 00 01  80 0c 0e 10  80 01 00 05  80 02 00 01
Mar  9 11:58:26 localhost pluto[4314]: |   80 03 00 03  80 04 00 05
Mar  9 11:58:26 localhost pluto[4314]: | emitting length of ISAKMP Transform Payload (ISAKMP): 32
Mar  9 11:58:26 localhost pluto[4314]: | emitting length of ISAKMP Proposal Payload: 40
Mar  9 11:58:26 localhost pluto[4314]: | emitting length of ISAKMP Security Association Payload: 52
Mar  9 11:58:26 localhost pluto[4314]: | sender checking NAT-t: 0 and 0
Mar  9 11:58:26 localhost pluto[4314]: | emitting length of ISAKMP Message: 80
Mar  9 11:58:26 localhost pluto[4314]: "road"[1] 10.6.3.132 #3: transition from state (null) to state STATE_MAIN_R1
Mar  9 11:58:26 localhost pluto[4314]: | sending 80 bytes for STATE_MAIN_R0 through eth0 to 10.6.3.132:500:
Mar  9 11:58:26 localhost pluto[4314]: |   c1 07 f0 35  8a 80 67 6e  c7 be 1f f8  44 33 91 97
Mar  9 11:58:26 localhost pluto[4314]: |   01 10 02 00  00 00 00 00  00 00 00 50  00 00 00 34
Mar  9 11:58:26 localhost pluto[4314]: |   00 00 00 01  00 00 00 01  00 00 00 28  00 01 00 01
Mar  9 11:58:26 localhost pluto[4314]: |   00 00 00 20  00 01 00 00  80 0b 00 01  80 0c 0e 10
Mar  9 11:58:26 localhost pluto[4314]: |   80 01 00 05  80 02 00 01  80 03 00 03  80 04 00 05
Mar  9 11:58:26 localhost pluto[4314]: | inserting event EVENT_RETRANSMIT, timeout in 10 seconds for #3
Mar  9 11:58:26 localhost pluto[4314]: | next event EVENT_RETRANSMIT in 10 seconds for #3
Mar  9 11:58:26 localhost pluto[4314]: |  
Mar  9 11:58:26 localhost pluto[4314]: | *received 244 bytes from 10.6.3.132:500 on eth0
Mar  9 11:58:26 localhost pluto[4314]: |   c1 07 f0 35  8a 80 67 6e  c7 be 1f f8  44 33 91 97
Mar  9 11:58:26 localhost pluto[4314]: |   04 10 02 00  00 00 00 00  00 00 00 f4  0a 00 00 c4
Mar  9 11:58:26 localhost pluto[4314]: |   03 08 4e 68  66 a4 cc 46  3d ba d0 ab  12 81 d7 aa
Mar  9 11:58:26 localhost pluto[4314]: |   e1 f6 df b8  29 83 0b 49  05 04 77 5a  5d 8e ea cf
Mar  9 11:58:26 localhost pluto[4314]: |   d8 58 27 28  9a 41 35 91  16 a5 f2 e1  af fa 3f f8
Mar  9 11:58:26 localhost pluto[4314]: |   83 c2 85 15  c3 5d 93 69  1f 79 0d 66  e0 ec f6 7b
Mar  9 11:58:26 localhost pluto[4314]: |   4e fa dc 75  36 4f 65 5c  45 92 0a d3  85 a9 b8 24
Mar  9 11:58:26 localhost pluto[4314]: |   2c cd f6 15  83 39 c2 17  40 3d 0d 1e  4e b9 0b d1
Mar  9 11:58:26 localhost pluto[4314]: |   11 11 04 a6  c1 d9 a4 d8  ab 01 63 b3  d1 47 66 73
Mar  9 11:58:26 localhost pluto[4314]: |   a1 29 b6 e9  e6 2b 0d cb  8b 61 b7 b5  fb c5 2b 2d
Mar  9 11:58:26 localhost pluto[4314]: |   67 22 c1 51  b5 66 3e a3  79 2a 96 87  73 48 de f9
Mar  9 11:58:26 localhost pluto[4314]: |   9f 7f 77 f1  a0 bd fd 10  d7 3c da 1b  14 ec 76 cc
Mar  9 11:58:26 localhost pluto[4314]: |   7f 00 fb 28  de ea 48 86  0d f6 f2 80  72 8a b7 b5
Mar  9 11:58:26 localhost pluto[4314]: |   bd 03 c4 d7  7b f3 e9 07  14 6b 33 a3  32 c6 fc 4d
Mar  9 11:58:26 localhost pluto[4314]: |   00 00 00 14  90 dd 95 a3  ee e1 38 d4  d4 f1 90 a2
Mar  9 11:58:26 localhost pluto[4314]: |   b8 f7 65 2d
Mar  9 11:58:26 localhost pluto[4314]: | **parse ISAKMP Message:
Mar  9 11:58:26 localhost pluto[4314]: |    initiator cookie:
Mar  9 11:58:26 localhost pluto[4314]: |   c1 07 f0 35  8a 80 67 6e
Mar  9 11:58:26 localhost pluto[4314]: |    responder cookie:
Mar  9 11:58:26 localhost pluto[4314]: |   c7 be 1f f8  44 33 91 97
Mar  9 11:58:26 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_KE
Mar  9 11:58:26 localhost pluto[4314]: |    ISAKMP version: ISAKMP Version 1.0
Mar  9 11:58:26 localhost pluto[4314]: |    exchange type: ISAKMP_XCHG_IDPROT
Mar  9 11:58:26 localhost pluto[4314]: |    flags: none
Mar  9 11:58:26 localhost pluto[4314]: |    message ID:  00 00 00 00
Mar  9 11:58:26 localhost pluto[4314]: |    length: 244
Mar  9 11:58:26 localhost pluto[4314]: | ICOOKIE:  c1 07 f0 35  8a 80 67 6e
Mar  9 11:58:26 localhost pluto[4314]: | RCOOKIE:  c7 be 1f f8  44 33 91 97
Mar  9 11:58:26 localhost pluto[4314]: | peer:  0a 06 03 84
Mar  9 11:58:26 localhost pluto[4314]: | state hash entry 0
Mar  9 11:58:26 localhost pluto[4314]: | peer and cookies match on #3, provided msgid 00000000 vs 00000000
Mar  9 11:58:26 localhost pluto[4314]: | state object #3 found, in STATE_MAIN_R1
Mar  9 11:58:26 localhost pluto[4314]: | ***parse ISAKMP Key Exchange Payload:
Mar  9 11:58:26 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_NONCE
Mar  9 11:58:26 localhost pluto[4314]: |    length: 196
Mar  9 11:58:26 localhost pluto[4314]: | ***parse ISAKMP Nonce Payload:
Mar  9 11:58:26 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_NONE
Mar  9 11:58:26 localhost pluto[4314]: |    length: 20
Mar  9 11:58:26 localhost pluto[4314]: | **emit ISAKMP Message:
Mar  9 11:58:26 localhost pluto[4314]: |    initiator cookie:
Mar  9 11:58:26 localhost pluto[4314]: |   c1 07 f0 35  8a 80 67 6e
Mar  9 11:58:26 localhost pluto[4314]: |    responder cookie:
Mar  9 11:58:26 localhost pluto[4314]: |   c7 be 1f f8  44 33 91 97
Mar  9 11:58:26 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_KE
Mar  9 11:58:26 localhost pluto[4314]: |    ISAKMP version: ISAKMP Version 1.0
Mar  9 11:58:26 localhost pluto[4314]: |    exchange type: ISAKMP_XCHG_IDPROT
Mar  9 11:58:26 localhost pluto[4314]: |    flags: none
Mar  9 11:58:26 localhost pluto[4314]: |    message ID:  00 00 00 00
Mar  9 11:58:26 localhost pluto[4314]: | DH public value received:
Mar  9 11:58:26 localhost pluto[4314]: |   03 08 4e 68  66 a4 cc 46  3d ba d0 ab  12 81 d7 aa
Mar  9 11:58:26 localhost pluto[4314]: |   e1 f6 df b8  29 83 0b 49  05 04 77 5a  5d 8e ea cf
Mar  9 11:58:26 localhost pluto[4314]: |   d8 58 27 28  9a 41 35 91  16 a5 f2 e1  af fa 3f f8
Mar  9 11:58:26 localhost pluto[4314]: |   83 c2 85 15  c3 5d 93 69  1f 79 0d 66  e0 ec f6 7b
Mar  9 11:58:26 localhost pluto[4314]: |   4e fa dc 75  36 4f 65 5c  45 92 0a d3  85 a9 b8 24
Mar  9 11:58:26 localhost pluto[4314]: |   2c cd f6 15  83 39 c2 17  40 3d 0d 1e  4e b9 0b d1
Mar  9 11:58:26 localhost pluto[4314]: |   11 11 04 a6  c1 d9 a4 d8  ab 01 63 b3  d1 47 66 73
Mar  9 11:58:26 localhost pluto[4314]: |   a1 29 b6 e9  e6 2b 0d cb  8b 61 b7 b5  fb c5 2b 2d
Mar  9 11:58:26 localhost pluto[4314]: |   67 22 c1 51  b5 66 3e a3  79 2a 96 87  73 48 de f9
Mar  9 11:58:26 localhost pluto[4314]: |   9f 7f 77 f1  a0 bd fd 10  d7 3c da 1b  14 ec 76 cc
Mar  9 11:58:26 localhost pluto[4314]: |   7f 00 fb 28  de ea 48 86  0d f6 f2 80  72 8a b7 b5
Mar  9 11:58:26 localhost pluto[4314]: |   bd 03 c4 d7  7b f3 e9 07  14 6b 33 a3  32 c6 fc 4d
Mar  9 11:58:26 localhost pluto[4314]: | inI2: checking NAT-t: 0 and 0
Mar  9 11:58:26 localhost pluto[4314]: | Local DH secret:
Mar  9 11:58:26 localhost pluto[4314]: |   6b 69 ec 64  67 bf 04 14  33 33 78 72  5e 03 75 ba
Mar  9 11:58:26 localhost pluto[4314]: |   81 10 62 9c  23 3f 83 d6  c3 9f 2a 8b  bb b7 da a0
Mar  9 11:58:26 localhost pluto[4314]: | Public DH value sent:
Mar  9 11:58:26 localhost pluto[4314]: |   9f 76 e2 7c  aa 8c ab e1  d1 7c 10 31  ff df 25 3d
Mar  9 11:58:26 localhost pluto[4314]: |   74 bb fe f4  96 c2 cc 0e  f0 57 32 1b  39 af ab 7e
Mar  9 11:58:26 localhost pluto[4314]: |   3e db e3 ac  fe 0b 53 5c  90 5e 0b 25  f5 0b 6c 1a
Mar  9 11:58:26 localhost pluto[4314]: |   32 61 fa 37  66 b8 a1 9b  04 f7 e6 1d  20 0d 2b 5b
Mar  9 11:58:26 localhost pluto[4314]: |   7b 89 39 7d  cf f7 b5 82  23 c9 2d d8  2b 4c 76 e1
Mar  9 11:58:26 localhost pluto[4314]: |   8f d2 82 a8  54 75 63 2a  53 7c 4a e0  a1 be 81 34
Mar  9 11:58:26 localhost pluto[4314]: |   de 95 cd fc  74 11 20 08  1d cd bd ce  9e a9 8f cf
Mar  9 11:58:26 localhost pluto[4314]: |   5d ef 00 93  0a 4b 77 a6  1e b6 b5 42  e9 2b a5 49
Mar  9 11:58:26 localhost pluto[4314]: |   53 9f a8 23  20 62 7f ec  6b e4 f3 a5  f3 7e 5b 79
Mar  9 11:58:26 localhost pluto[4314]: |   50 3e 02 ca  88 df 2e e7  34 25 6a aa  a4 7d bc 1e
Mar  9 11:58:26 localhost pluto[4314]: |   9a f0 93 1f  0b d2 a4 02  f2 23 6f 2c  6d b4 43 02
Mar  9 11:58:26 localhost pluto[4314]: |   61 b3 c9 5d  5c f3 9f d4  e3 e8 52 f3  82 90 b3 0d
Mar  9 11:58:26 localhost pluto[4314]: | ***emit ISAKMP Key Exchange Payload:
Mar  9 11:58:26 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_NONCE
Mar  9 11:58:26 localhost pluto[4314]: | emitting 192 raw bytes of keyex value into ISAKMP Key Exchange Payload
Mar  9 11:58:26 localhost pluto[4314]: | keyex value  9f 76 e2 7c  aa 8c ab e1  d1 7c 10 31  ff df 25 3d
Mar  9 11:58:26 localhost pluto[4314]: |   74 bb fe f4  96 c2 cc 0e  f0 57 32 1b  39 af ab 7e
Mar  9 11:58:26 localhost pluto[4314]: |   3e db e3 ac  fe 0b 53 5c  90 5e 0b 25  f5 0b 6c 1a
Mar  9 11:58:26 localhost pluto[4314]: |   32 61 fa 37  66 b8 a1 9b  04 f7 e6 1d  20 0d 2b 5b
Mar  9 11:58:26 localhost pluto[4314]: |   7b 89 39 7d  cf f7 b5 82  23 c9 2d d8  2b 4c 76 e1
Mar  9 11:58:26 localhost pluto[4314]: |   8f d2 82 a8  54 75 63 2a  53 7c 4a e0  a1 be 81 34
Mar  9 11:58:26 localhost pluto[4314]: |   de 95 cd fc  74 11 20 08  1d cd bd ce  9e a9 8f cf
Mar  9 11:58:26 localhost pluto[4314]: |   5d ef 00 93  0a 4b 77 a6  1e b6 b5 42  e9 2b a5 49
Mar  9 11:58:26 localhost pluto[4314]: |   53 9f a8 23  20 62 7f ec  6b e4 f3 a5  f3 7e 5b 79
Mar  9 11:58:26 localhost pluto[4314]: |   50 3e 02 ca  88 df 2e e7  34 25 6a aa  a4 7d bc 1e
Mar  9 11:58:26 localhost pluto[4314]: |   9a f0 93 1f  0b d2 a4 02  f2 23 6f 2c  6d b4 43 02
Mar  9 11:58:26 localhost pluto[4314]: |   61 b3 c9 5d  5c f3 9f d4  e3 e8 52 f3  82 90 b3 0d
Mar  9 11:58:26 localhost pluto[4314]: | emitting length of ISAKMP Key Exchange Payload: 196
Mar  9 11:58:26 localhost pluto[4314]: | ***emit ISAKMP Nonce Payload:
Mar  9 11:58:26 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_NONE
Mar  9 11:58:26 localhost pluto[4314]: | emitting 16 raw bytes of Nr into ISAKMP Nonce Payload
Mar  9 11:58:26 localhost pluto[4314]: | Nr  30 dc 2e a8  99 a0 25 c9  4e 7a 00 eb  64 d1 bd f3
Mar  9 11:58:26 localhost pluto[4314]: | emitting length of ISAKMP Nonce Payload: 20
Mar  9 11:58:26 localhost pluto[4314]: | emitting length of ISAKMP Message: 244
Mar  9 11:58:26 localhost pluto[4314]: | compute_dh_shared(): time elapsed (OAKLEY_GROUP_MODP1536): 5712 usec
Mar  9 11:58:26 localhost pluto[4314]: | DH shared secret:
Mar  9 11:58:26 localhost pluto[4314]: |   73 33 cd d8  92 04 df c8  8b 66 05 1e  ac 4d cd 77
Mar  9 11:58:26 localhost pluto[4314]: |   31 a1 8d 24  06 b6 27 eb  48 ee 1c a3  19 b5 fc c6
Mar  9 11:58:26 localhost pluto[4314]: |   29 b0 53 47  cc 2d 3c 89  e8 76 c7 08  12 b5 9c 43
Mar  9 11:58:26 localhost pluto[4314]: |   be 8d b8 8a  4b f2 1a 88  e5 47 0e 8b  a2 a6 14 d2
Mar  9 11:58:26 localhost pluto[4314]: |   c5 0d 23 c0  7f fe 65 b8  d9 65 54 57  9a 91 7b 90
Mar  9 11:58:26 localhost pluto[4314]: |   95 86 15 53  0f 3e f1 8a  24 90 51 1f  4b ef 2f 57
Mar  9 11:58:26 localhost pluto[4314]: |   1d 7a 69 71  56 16 35 ab  22 d6 f2 04  7a 26 6b 49
Mar  9 11:58:26 localhost pluto[4314]: |   57 5e 14 37  33 13 88 9c  61 8e 80 28  3f f3 54 39
Mar  9 11:58:26 localhost pluto[4314]: |   a8 c4 f3 4e  76 41 2b 5c  e6 62 bc c8  c1 37 9c a1
Mar  9 11:58:26 localhost pluto[4314]: |   9c a8 d3 51  3e 9a e3 ad  a6 b8 fe 81  f9 ce 1d 66
Mar  9 11:58:26 localhost pluto[4314]: |   52 e8 54 ee  66 5c 46 56  d1 c7 40 08  4d dd 01 e2
Mar  9 11:58:26 localhost pluto[4314]: |   79 27 e1 ef  d9 39 af d2  90 62 f9 2b  1c e3 d6 2b
Mar  9 11:58:26 localhost pluto[4314]: | DH_i:  03 08 4e 68  66 a4 cc 46  3d ba d0 ab  12 81 d7 aa
Mar  9 11:58:26 localhost pluto[4314]: |   e1 f6 df b8  29 83 0b 49  05 04 77 5a  5d 8e ea cf
Mar  9 11:58:26 localhost pluto[4314]: |   d8 58 27 28  9a 41 35 91  16 a5 f2 e1  af fa 3f f8
Mar  9 11:58:26 localhost pluto[4314]: |   83 c2 85 15  c3 5d 93 69  1f 79 0d 66  e0 ec f6 7b
Mar  9 11:58:26 localhost pluto[4314]: |   4e fa dc 75  36 4f 65 5c  45 92 0a d3  85 a9 b8 24
Mar  9 11:58:26 localhost pluto[4314]: |   2c cd f6 15  83 39 c2 17  40 3d 0d 1e  4e b9 0b d1
Mar  9 11:58:26 localhost pluto[4314]: |   11 11 04 a6  c1 d9 a4 d8  ab 01 63 b3  d1 47 66 73
Mar  9 11:58:26 localhost pluto[4314]: |   a1 29 b6 e9  e6 2b 0d cb  8b 61 b7 b5  fb c5 2b 2d
Mar  9 11:58:26 localhost pluto[4314]: |   67 22 c1 51  b5 66 3e a3  79 2a 96 87  73 48 de f9
Mar  9 11:58:26 localhost pluto[4314]: |   9f 7f 77 f1  a0 bd fd 10  d7 3c da 1b  14 ec 76 cc
Mar  9 11:58:26 localhost pluto[4314]: |   7f 00 fb 28  de ea 48 86  0d f6 f2 80  72 8a b7 b5
Mar  9 11:58:26 localhost pluto[4314]: |   bd 03 c4 d7  7b f3 e9 07  14 6b 33 a3  32 c6 fc 4d
Mar  9 11:58:26 localhost pluto[4314]: | DH_r:  9f 76 e2 7c  aa 8c ab e1  d1 7c 10 31  ff df 25 3d
Mar  9 11:58:26 localhost pluto[4314]: |   74 bb fe f4  96 c2 cc 0e  f0 57 32 1b  39 af ab 7e
Mar  9 11:58:26 localhost pluto[4314]: |   3e db e3 ac  fe 0b 53 5c  90 5e 0b 25  f5 0b 6c 1a
Mar  9 11:58:26 localhost pluto[4314]: |   32 61 fa 37  66 b8 a1 9b  04 f7 e6 1d  20 0d 2b 5b
Mar  9 11:58:26 localhost pluto[4314]: |   7b 89 39 7d  cf f7 b5 82  23 c9 2d d8  2b 4c 76 e1
Mar  9 11:58:26 localhost pluto[4314]: |   8f d2 82 a8  54 75 63 2a  53 7c 4a e0  a1 be 81 34
Mar  9 11:58:26 localhost pluto[4314]: |   de 95 cd fc  74 11 20 08  1d cd bd ce  9e a9 8f cf
Mar  9 11:58:26 localhost pluto[4314]: |   5d ef 00 93  0a 4b 77 a6  1e b6 b5 42  e9 2b a5 49
Mar  9 11:58:26 localhost pluto[4314]: |   53 9f a8 23  20 62 7f ec  6b e4 f3 a5  f3 7e 5b 79
Mar  9 11:58:26 localhost pluto[4314]: |   50 3e 02 ca  88 df 2e e7  34 25 6a aa  a4 7d bc 1e
Mar  9 11:58:26 localhost pluto[4314]: |   9a f0 93 1f  0b d2 a4 02  f2 23 6f 2c  6d b4 43 02
Mar  9 11:58:26 localhost pluto[4314]: |   61 b3 c9 5d  5c f3 9f d4  e3 e8 52 f3  82 90 b3 0d
Mar  9 11:58:26 localhost pluto[4314]: | Skeyid:    b6 7a cb 00  50 d7 ef 7f  67 09 4e 58  43 46 20 5e
Mar  9 11:58:26 localhost pluto[4314]: | Skeyid_d:  a5 59 a4 27  29 18 fe cc  1d 6d 9a 6e  60 e2 d5 f1
Mar  9 11:58:26 localhost pluto[4314]: | Skeyid_a:  61 01 bc e9  4b 8d 06 77  b3 a1 72 d4  65 6b e9 8f
Mar  9 11:58:26 localhost pluto[4314]: | Skeyid_e:  ce b8 8e 7e  c0 8b 8c 41  51 a4 d7 34  c1 f4 05 4f
Mar  9 11:58:26 localhost pluto[4314]: | enc key:  25 44 5a cc  ee de 2a 95  bb b4 83 7f  45 9b d8 af
Mar  9 11:58:26 localhost pluto[4314]: |   d2 4a 02 bc  a7 cd 02 b6
Mar  9 11:58:26 localhost pluto[4314]: | IV:  b3 ec 15 77  a1 47 e6 65  65 14 3b db  ae b9 2c 15
Mar  9 11:58:26 localhost pluto[4314]: "road"[1] 10.6.3.132 #3: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Mar  9 11:58:26 localhost pluto[4314]: | sending 244 bytes for STATE_MAIN_R1 through eth0 to 10.6.3.132:500:
Mar  9 11:58:26 localhost pluto[4314]: |   c1 07 f0 35  8a 80 67 6e  c7 be 1f f8  44 33 91 97
Mar  9 11:58:26 localhost pluto[4314]: |   04 10 02 00  00 00 00 00  00 00 00 f4  0a 00 00 c4
Mar  9 11:58:26 localhost pluto[4314]: |   9f 76 e2 7c  aa 8c ab e1  d1 7c 10 31  ff df 25 3d
Mar  9 11:58:26 localhost pluto[4314]: |   74 bb fe f4  96 c2 cc 0e  f0 57 32 1b  39 af ab 7e
Mar  9 11:58:26 localhost pluto[4314]: |   3e db e3 ac  fe 0b 53 5c  90 5e 0b 25  f5 0b 6c 1a
Mar  9 11:58:26 localhost pluto[4314]: |   32 61 fa 37  66 b8 a1 9b  04 f7 e6 1d  20 0d 2b 5b
Mar  9 11:58:26 localhost pluto[4314]: |   7b 89 39 7d  cf f7 b5 82  23 c9 2d d8  2b 4c 76 e1
Mar  9 11:58:26 localhost pluto[4314]: |   8f d2 82 a8  54 75 63 2a  53 7c 4a e0  a1 be 81 34
Mar  9 11:58:26 localhost pluto[4314]: |   de 95 cd fc  74 11 20 08  1d cd bd ce  9e a9 8f cf
Mar  9 11:58:26 localhost pluto[4314]: |   5d ef 00 93  0a 4b 77 a6  1e b6 b5 42  e9 2b a5 49
Mar  9 11:58:26 localhost pluto[4314]: |   53 9f a8 23  20 62 7f ec  6b e4 f3 a5  f3 7e 5b 79
Mar  9 11:58:26 localhost pluto[4314]: |   50 3e 02 ca  88 df 2e e7  34 25 6a aa  a4 7d bc 1e
Mar  9 11:58:26 localhost pluto[4314]: |   9a f0 93 1f  0b d2 a4 02  f2 23 6f 2c  6d b4 43 02
Mar  9 11:58:26 localhost pluto[4314]: |   61 b3 c9 5d  5c f3 9f d4  e3 e8 52 f3  82 90 b3 0d
Mar  9 11:58:26 localhost pluto[4314]: |   00 00 00 14  30 dc 2e a8  99 a0 25 c9  4e 7a 00 eb
Mar  9 11:58:26 localhost pluto[4314]: |   64 d1 bd f3
Mar  9 11:58:26 localhost pluto[4314]: | inserting event EVENT_RETRANSMIT, timeout in 10 seconds for #3
Mar  9 11:58:26 localhost pluto[4314]: | next event EVENT_RETRANSMIT in 10 seconds for #3
Mar  9 11:58:26 localhost pluto[4314]: |  
Mar  9 11:58:26 localhost pluto[4314]: | *received 324 bytes from 10.6.3.132:500 on eth0
Mar  9 11:58:26 localhost pluto[4314]: |   c1 07 f0 35  8a 80 67 6e  c7 be 1f f8  44 33 91 97
Mar  9 11:58:26 localhost pluto[4314]: |   05 10 02 01  00 00 00 00  00 00 01 44  ec 50 cf 46
Mar  9 11:58:26 localhost pluto[4314]: |   07 46 65 82  11 72 47 1c  57 5e 6c aa  bd 14 46 64
Mar  9 11:58:26 localhost pluto[4314]: |   e9 0a a2 ea  ad 54 ae 06  51 ac a4 e7  b9 a2 fe ee
Mar  9 11:58:26 localhost pluto[4314]: |   16 44 12 e2  bb c4 99 3b  a9 41 e5 13  73 30 5f 14
Mar  9 11:58:26 localhost pluto[4314]: |   2e 3a c4 f7  21 6d 78 c4  00 fa 17 ca  6d 84 d4 ab
Mar  9 11:58:26 localhost pluto[4314]: |   37 65 b2 af  e6 2e 51 77  31 76 b6 14  22 a5 dc dd
Mar  9 11:58:26 localhost pluto[4314]: |   62 26 61 a0  79 7c df 89  f7 05 ee c6  6d 1b 98 f4
Mar  9 11:58:26 localhost pluto[4314]: |   4e fd 27 7c  ed 9f 9a 20  fb 0a 96 d8  6a 70 cf a4
Mar  9 11:58:26 localhost pluto[4314]: |   02 c4 3a 3b  a6 7c 5f a0  e4 3c 66 c6  81 f7 30 72
Mar  9 11:58:26 localhost pluto[4314]: |   29 04 1c 31  e7 ce 09 9b  09 5b 71 eb  34 b6 80 cf
Mar  9 11:58:26 localhost pluto[4314]: |   bc 99 c0 83  41 b0 b5 0e  de b0 c6 19  4d 29 b5 e5
Mar  9 11:58:26 localhost pluto[4314]: |   d3 eb 9f 80  af 6a a2 95  51 39 6b a5  59 35 78 ea
Mar  9 11:58:26 localhost pluto[4314]: |   f6 ab 1b f2  8c 86 1c 70  98 08 7e 81  f0 41 c6 6e
Mar  9 11:58:26 localhost pluto[4314]: |   2d 22 b6 d7  a9 a2 6b 93  d7 51 39 ea  db 60 22 7b
Mar  9 11:58:26 localhost pluto[4314]: |   68 ee 08 c3  fd 01 f7 01  f4 b2 b3 d9  e9 56 a6 60
Mar  9 11:58:26 localhost pluto[4314]: |   11 9e ae 9c  91 2b 03 44  62 db 78 f1  7e 47 9c cb
Mar  9 11:58:26 localhost pluto[4314]: |   c5 67 3f 30  6a f2 66 47  61 75 e9 aa  55 72 b3 89
Mar  9 11:58:26 localhost pluto[4314]: |   0e ef 6a 75  67 65 30 7c  dc 21 73 a0  25 b9 42 9f
Mar  9 11:58:26 localhost pluto[4314]: |   30 47 0c 28  04 9f 58 87  4d 9a 46 b5  63 fa 46 c0
Mar  9 11:58:26 localhost pluto[4314]: |   aa 54 40 e6
Mar  9 11:58:26 localhost pluto[4314]: | **parse ISAKMP Message:
Mar  9 11:58:26 localhost pluto[4314]: |    initiator cookie:
Mar  9 11:58:26 localhost pluto[4314]: |   c1 07 f0 35  8a 80 67 6e
Mar  9 11:58:26 localhost pluto[4314]: |    responder cookie:
Mar  9 11:58:26 localhost pluto[4314]: |   c7 be 1f f8  44 33 91 97
Mar  9 11:58:26 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_ID
Mar  9 11:58:26 localhost pluto[4314]: |    ISAKMP version: ISAKMP Version 1.0
Mar  9 11:58:26 localhost pluto[4314]: |    exchange type: ISAKMP_XCHG_IDPROT
Mar  9 11:58:26 localhost pluto[4314]: |    flags: ISAKMP_FLAG_ENCRYPTION
Mar  9 11:58:26 localhost pluto[4314]: |    message ID:  00 00 00 00
Mar  9 11:58:26 localhost pluto[4314]: |    length: 324
Mar  9 11:58:26 localhost pluto[4314]: | ICOOKIE:  c1 07 f0 35  8a 80 67 6e
Mar  9 11:58:26 localhost pluto[4314]: | RCOOKIE:  c7 be 1f f8  44 33 91 97
Mar  9 11:58:26 localhost pluto[4314]: | peer:  0a 06 03 84
Mar  9 11:58:26 localhost pluto[4314]: | state hash entry 0
Mar  9 11:58:26 localhost pluto[4314]: | peer and cookies match on #3, provided msgid 00000000 vs 00000000
Mar  9 11:58:26 localhost pluto[4314]: | state object #3 found, in STATE_MAIN_R2
Mar  9 11:58:26 localhost pluto[4314]: | received encrypted packet from 10.6.3.132:500
Mar  9 11:58:26 localhost pluto[4314]: | decrypting 296 bytes using algorithm OAKLEY_3DES_CBC
Mar  9 11:58:26 localhost pluto[4314]: | decrypted:
Mar  9 11:58:26 localhost pluto[4314]: |   09 00 00 1d  02 00 00 00  6d 75 6c 74  69 62 65 6c
Mar  9 11:58:26 localhost pluto[4314]: |   31 2e 6d 75  6c 74 69 62  65 6c 2e 69  74 00 00 01
Mar  9 11:58:26 localhost pluto[4314]: |   04 09 2d d0  8f 94 e0 9f  c6 d2 2d 65  e7 a9 30 85
Mar  9 11:58:26 localhost pluto[4314]: |   a2 5a 98 eb  75 3e b6 4b  96 fa fe 7a  5d 41 74 b8
Mar  9 11:58:26 localhost pluto[4314]: |   05 c0 f6 a2  64 99 10 b1  de 06 aa dd  19 a7 e5 69
Mar  9 11:58:26 localhost pluto[4314]: |   41 eb e1 ef  40 a6 aa be  5c 6f 0a 62  0d 6a e4 20
Mar  9 11:58:26 localhost pluto[4314]: |   3a 32 3a d8  ad db 50 24  07 34 6e 12  63 53 d6 f4
Mar  9 11:58:26 localhost pluto[4314]: |   74 5a 6b 97  b6 cd 8f 3b  04 96 0e 56  01 51 37 b9
Mar  9 11:58:26 localhost pluto[4314]: |   b5 95 b1 be  2e 07 46 5f  8f 61 59 ad  b7 d4 fa 88
Mar  9 11:58:26 localhost pluto[4314]: |   02 5d 18 be  cf 44 b5 bc  7b ca 80 1e  cb b2 2f 4f
Mar  9 11:58:26 localhost pluto[4314]: |   c8 f1 64 34  69 b6 91 81  48 b1 86 be  04 1a 61 6a
Mar  9 11:58:26 localhost pluto[4314]: |   19 5f 85 f2  39 20 d2 03  68 93 50 86  53 3c de d9
Mar  9 11:58:26 localhost pluto[4314]: |   29 1c f8 96  71 15 e3 29  0f 3f 6a 65  60 2b 50 91
Mar  9 11:58:26 localhost pluto[4314]: |   8e 7d 36 ce  25 c1 f7 12  27 09 60 84  f6 ad d0 28
Mar  9 11:58:26 localhost pluto[4314]: |   39 4d 13 61  a4 08 38 da  3c 4e e0 2d  f9 98 58 8f
Mar  9 11:58:26 localhost pluto[4314]: |   40 32 c9 dd  d0 b2 77 ba  c8 c1 23 57  1c b7 bf de
Mar  9 11:58:26 localhost pluto[4314]: |   f4 ac 5f bc  c6 27 9c c8  c8 e8 d2 a0  eb 4b 40 88
Mar  9 11:58:26 localhost pluto[4314]: |   ff 42 25 d3  99 3e 95 ef  e2 c6 75 c1  eb 4c 5d 75
Mar  9 11:58:26 localhost pluto[4314]: |   e9 00 00 00  00 00 00 00
Mar  9 11:58:26 localhost pluto[4314]: | next IV:  63 fa 46 c0  aa 54 40 e6
Mar  9 11:58:26 localhost pluto[4314]: | ***parse ISAKMP Identification Payload:
Mar  9 11:58:26 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_SIG
Mar  9 11:58:26 localhost pluto[4314]: |    length: 29
Mar  9 11:58:26 localhost pluto[4314]: |    ID type: ID_FQDN
Mar  9 11:58:26 localhost pluto[4314]: |    DOI specific A: 0
Mar  9 11:58:26 localhost pluto[4314]: |    DOI specific B: 0
Mar  9 11:58:26 localhost pluto[4314]: | ***parse ISAKMP Signature Payload:
Mar  9 11:58:26 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_NONE
Mar  9 11:58:26 localhost pluto[4314]: |    length: 260
Mar  9 11:58:26 localhost pluto[4314]: | removing 7 bytes of padding
Mar  9 11:58:26 localhost pluto[4314]: "road"[1] 10.6.3.132 #3: Peer ID is ID_FQDN: '@multibel1.multibel.it'
Mar  9 11:58:26 localhost pluto[4314]: | refine_connection: starting with road
Mar  9 11:58:26 localhost pluto[4314]: |   trusted_ca called with a=(empty) b=(empty)
Mar  9 11:58:26 localhost pluto[4314]: | refine_connection: happy with starting point: road
Mar  9 11:58:26 localhost pluto[4314]: | offered CA: '%none'
Mar  9 11:58:26 localhost pluto[4314]: | hashing 144 bytes of SA
Mar  9 11:58:26 localhost pluto[4314]: | required CA is '%any'
Mar  9 11:58:26 localhost pluto[4314]: |   trusted_ca called with a=(empty) b=(empty)
Mar  9 11:58:26 localhost pluto[4314]: | key issuer CA is '%any'
Mar  9 11:58:26 localhost pluto[4314]: | an RSA Sig check passed with *AQO9mjElL [preloaded key]
Mar  9 11:58:26 localhost pluto[4314]: | authentication succeeded
Mar  9 11:58:26 localhost pluto[4314]: | thinking about whether to send my certificate:
Mar  9 11:58:26 localhost pluto[4314]: |   I have RSA key: OAKLEY_RSA_SIG cert.type: CERT_NONE 
Mar  9 11:58:26 localhost pluto[4314]: |   sendcert: CERT_ALWAYSSEND and I did not get a certificate request 
Mar  9 11:58:26 localhost pluto[4314]: |   so do not send cert.
Mar  9 11:58:26 localhost pluto[4314]: "road"[1] 10.6.3.132 #3: I did not send a certificate because I do not have one.
Mar  9 11:58:26 localhost pluto[4314]: | **emit ISAKMP Message:
Mar  9 11:58:26 localhost pluto[4314]: |    initiator cookie:
Mar  9 11:58:26 localhost pluto[4314]: |   c1 07 f0 35  8a 80 67 6e
Mar  9 11:58:26 localhost pluto[4314]: |    responder cookie:
Mar  9 11:58:26 localhost pluto[4314]: |   c7 be 1f f8  44 33 91 97
Mar  9 11:58:26 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_ID
Mar  9 11:58:26 localhost pluto[4314]: |    ISAKMP version: ISAKMP Version 1.0
Mar  9 11:58:26 localhost pluto[4314]: |    exchange type: ISAKMP_XCHG_IDPROT
Mar  9 11:58:26 localhost pluto[4314]: |    flags: ISAKMP_FLAG_ENCRYPTION
Mar  9 11:58:26 localhost pluto[4314]: |    message ID:  00 00 00 00
Mar  9 11:58:26 localhost pluto[4314]: | ***emit ISAKMP Identification Payload (IPsec DOI):
Mar  9 11:58:26 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_SIG
Mar  9 11:58:26 localhost pluto[4314]: |    ID type: ID_FQDN
Mar  9 11:58:26 localhost pluto[4314]: |    Protocol ID: 0
Mar  9 11:58:26 localhost pluto[4314]: |    port: 0
Mar  9 11:58:26 localhost pluto[4314]: | emitting 22 raw bytes of my identity into ISAKMP Identification Payload (IPsec DOI)
Mar  9 11:58:26 localhost pluto[4314]: | my identity  6d 75 6c 74  69 6c 69 6e  75 73 2e 6d  75 6c 74 69
Mar  9 11:58:26 localhost pluto[4314]: |   62 65 6c 2e  69 74
Mar  9 11:58:26 localhost pluto[4314]: | emitting length of ISAKMP Identification Payload (IPsec DOI): 30
Mar  9 11:58:26 localhost pluto[4314]: | hashing 144 bytes of SA
Mar  9 11:58:26 localhost pluto[4314]: | looking for secret for @multilinus.multibel.it->@multibel1.multibel.it of kind PPK_RSA
Mar  9 11:58:26 localhost pluto[4314]: | signing hash with RSA Key *AQN74Z87R
Mar  9 11:58:26 localhost pluto[4314]: | ***emit ISAKMP Signature Payload:
Mar  9 11:58:26 localhost pluto[4314]: |    next payload type: ISAKMP_NEXT_NONE
Mar  9 11:58:26 localhost pluto[4314]: | emitting 256 raw bytes of SIG_R into ISAKMP Signature Payload
Mar  9 11:58:26 localhost pluto[4314]: | SIG_R  5a b8 b3 22  61 06 c5 02  06 61 fc 03  66 01 b8 51
Mar  9 11:58:26 localhost pluto[4314]: |   32 be 61 51  30 53 64 74  04 e3 8d df  2c c6 13 39
Mar  9 11:58:26 localhost pluto[4314]: |   41 66 c2 b2  2f 15 c8 da  12 e6 5f 75  59 c9 ab 02
Mar  9 11:58:26 localhost pluto[4314]: |   cb 80 dc dc  ae d8 24 96  05 fb fb ce  0d 07 b6 a5
Mar  9 11:58:26 localhost pluto[4314]: |   ca 1a 35 7e  6e dc 19 e1  60 b2 1d 93  40 0d 20 8d
Mar  9 11:58:26 localhost pluto[4314]: |   12 d5 22 7e  43 9e a3 40  4f aa 23 ee  71 10 bd 1f
Mar  9 11:58:26 localhost pluto[4314]: |   38 09 be 66  86 bd a7 6b  15 7c 1a 5a  70 e9 58 14
Mar  9 11:58:26 localhost pluto[4314]: |   14 7e 33 9c  8e 1c 91 0b  7c eb 3d aa  ea 8b 0a 35
Mar  9 11:58:26 localhost pluto[4314]: |   05 2b bb e3  c9 44 97 ab  41 fb 91 d5  94 11 12 37
Mar  9 11:58:26 localhost pluto[4314]: |   e3 76 6e cb  41 25 64 56  03 ca 62 ef  5c b9 1e 91
Mar  9 11:58:26 localhost pluto[4314]: |   29 02 bc 01  56 3b 45 12  ad 46 cd 71  db d5 70 24
Mar  9 11:58:26 localhost pluto[4314]: |   04 59 8f 0b  a7 5d 2a 44  c7 21 2f c5  83 49 14 f5
Mar  9 11:58:26 localhost pluto[4314]: |   d3 03 96 92  90 ff da 0f  55 1c 9d a3  ab 5b 36 d8
Mar  9 11:58:26 localhost pluto[4314]: |   6b 25 a8 f5  43 36 80 ff  99 8e 17 97  6a 1e 67 cf
Mar  9 11:58:26 localhost pluto[4314]: |   98 0d 60 72  eb ff a7 9d  cf 0e 3e cf  59 e3 03 8c
Mar  9 11:58:26 localhost pluto[4314]: |   2d 71 fc d5  a0 24 fe 40  d9 14 80 42  56 d6 b2 c5
Mar  9 11:58:26 localhost pluto[4314]: | emitting length of ISAKMP Signature Payload: 260
Mar  9 11:58:26 localhost pluto[4314]: | encrypting:
Mar  9 11:58:26 localhost pluto[4314]: |   09 00 00 1e  02 00 00 00  6d 75 6c 74  69 6c 69 6e
Mar  9 11:58:26 localhost pluto[4314]: |   75 73 2e 6d  75 6c 74 69  62 65 6c 2e  69 74 00 00
Mar  9 11:58:26 localhost pluto[4314]: |   01 04 5a b8  b3 22 61 06  c5 02 06 61  fc 03 66 01
Mar  9 11:58:26 localhost pluto[4314]: |   b8 51 32 be  61 51 30 53  64 74 04 e3  8d df 2c c6
Mar  9 11:58:26 localhost pluto[4314]: |   13 39 41 66  c2 b2 2f 15  c8 da 12 e6  5f 75 59 c9
Mar  9 11:58:26 localhost pluto[4314]: |   ab 02 cb 80  dc dc ae d8  24 96 05 fb  fb ce 0d 07
Mar  9 11:58:26 localhost pluto[4314]: |   b6 a5 ca 1a  35 7e 6e dc  19 e1 60 b2  1d 93 40 0d
Mar  9 11:58:26 localhost pluto[4314]: |   20 8d 12 d5  22 7e 43 9e  a3 40 4f aa  23 ee 71 10
Mar  9 11:58:26 localhost pluto[4314]: |   bd 1f 38 09  be 66 86 bd  a7 6b 15 7c  1a 5a 70 e9
Mar  9 11:58:26 localhost pluto[4314]: |   58 14 14 7e  33 9c 8e 1c  91 0b 7c eb  3d aa ea 8b
Mar  9 11:58:26 localhost pluto[4314]: |   0a 35 05 2b  bb e3 c9 44  97 ab 41 fb  91 d5 94 11
Mar  9 11:58:26 localhost pluto[4314]: |   12 37 e3 76  6e cb 41 25  64 56 03 ca  62 ef 5c b9
Mar  9 11:58:26 localhost pluto[4314]: |   1e 91 29 02  bc 01 56 3b  45 12 ad 46  cd 71 db d5
Mar  9 11:58:26 localhost pluto[4314]: |   70 24 04 59  8f 0b a7 5d  2a 44 c7 21  2f c5 83 49
Mar  9 11:58:26 localhost pluto[4314]: |   14 f5 d3 03  96 92 90 ff  da 0f 55 1c  9d a3 ab 5b
Mar  9 11:58:26 localhost pluto[4314]: |   36 d8 6b 25  a8 f5 43 36  80 ff 99 8e  17 97 6a 1e
Mar  9 11:58:26 localhost pluto[4314]: |   67 cf 98 0d  60 72 eb ff  a7 9d cf 0e  3e cf 59 e3
Mar  9 11:58:26 localhost pluto[4314]: |   03 8c 2d 71  fc d5 a0 24  fe 40 d9 14  80 42 56 d6
Mar  9 11:58:26 localhost pluto[4314]: |   b2 c5
Mar  9 11:58:26 localhost pluto[4314]: | emitting 6 zero bytes of encryption padding into ISAKMP Message
Mar  9 11:58:26 localhost pluto[4314]: | encrypting using OAKLEY_3DES_CBC
Mar  9 11:58:26 localhost pluto[4314]: | next IV:  a1 a8 3e fc  52 55 32 c5
Mar  9 11:58:26 localhost pluto[4314]: | emitting length of ISAKMP Message: 324
Mar  9 11:58:26 localhost pluto[4314]: | last encrypted block of Phase 1:
Mar  9 11:58:26 localhost pluto[4314]: |   a1 a8 3e fc  52 55 32 c5
Mar  9 11:58:26 localhost pluto[4314]: "road"[1] 10.6.3.132 #3: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Mar  9 11:58:26 localhost pluto[4314]: | sending 324 bytes for STATE_MAIN_R2 through eth0 to 10.6.3.132:500:
Mar  9 11:58:26 localhost pluto[4314]: |   c1 07 f0 35  8a 80 67 6e  c7 be 1f f8  44 33 91 97
Mar  9 11:58:26 localhost pluto[4314]: |   05 10 02 01  00 00 00 00  00 00 01 44  e0 98 38 fd
Mar  9 11:58:26 localhost pluto[4314]: |   6c 6f d3 6c  e6 8c e3 64  33 69 34 d9  b2 93 48 1d
Mar  9 11:58:26 localhost pluto[4314]: |   d5 77 e5 14  32 23 ec 1a  f0 83 e4 cc  51 78 bc a5
Mar  9 11:58:26 localhost pluto[4314]: |   b6 54 97 b3  36 c8 dd 6e  c5 0b 6a e9  c4 14 27 ea
Mar  9 11:58:26 localhost pluto[4314]: |   8a 14 8a 90  ca 06 05 34  4c 93 c3 73  87 74 39 e8
Mar  9 11:58:26 localhost pluto[4314]: |   20 d7 8d 86  a0 17 6e da  5d fe 74 62  4a c5 c1 7c
Mar  9 11:58:26 localhost pluto[4314]: |   84 85 2e 44  c3 94 0e cc  91 de d2 18  08 3c e9 95
Mar  9 11:58:26 localhost pluto[4314]: |   c0 00 77 17  ae 2f 39 d7  bb fd 9d 66  e7 55 33 71
Mar  9 11:58:26 localhost pluto[4314]: |   a6 21 b1 37  7f 68 ad be  eb fc 6e 40  82 a1 31 70
Mar  9 11:58:26 localhost pluto[4314]: |   1c 1a b2 0a  c1 3c 81 90  79 66 79 b4  6d ce 65 fa
Mar  9 11:58:26 localhost pluto[4314]: |   5b 3b fe a7  b8 b3 24 21  9e c6 06 4a  64 b1 8d 81
Mar  9 11:58:26 localhost pluto[4314]: |   87 0f b5 96  8b d3 fd 23  6a b4 ac 10  11 61 dc 0b
Mar  9 11:58:26 localhost pluto[4314]: |   33 94 e8 af  26 fc 11 b6  e9 01 bc 91  80 5c 49 ab
Mar  9 11:58:26 localhost pluto[4314]: |   18 b3 65 0e  b9 bc b2 e5  97 a3 97 4f  19 20 66 11
Mar  9 11:58:26 localhost pluto[4314]: |   85 2b a8 62  19 1d ce ce  b9 ef b2 cd  82 51 01 f9
Mar  9 11:58:26 localhost pluto[4314]: |   97 d6 30 53  5e b2 2c c2  f0 34 40 ac  aa d1 67 34
Mar  9 11:58:26 localhost pluto[4314]: |   0c a5 dc 84  09 20 78 e5  2e b8 e8 dc  a6 ca 5f 49
Mar  9 11:58:26 localhost pluto[4314]: |   d2 c0 f8 e4  b0 36 b0 60  c4 20 56 13  e5 78 d6 fd
Mar  9 11:58:26 localhost pluto[4314]: |   f6 b6 1a a9  62 14 3b 53  a4 95 49 a0  a1 a8 3e fc
Mar  9 11:58:26 localhost pluto[4314]: |   52 55 32 c5
Mar  9 11:58:26 localhost pluto[4314]: | inserting event EVENT_SA_REPLACE, timeout in 3330 seconds for #3
Mar  9 11:58:26 localhost pluto[4314]: "road"[1] 10.6.3.132 #3: sent MR3, ISAKMP SA established
Mar  9 11:58:26 localhost pluto[4314]: | next event EVENT_SA_REPLACE in 619 seconds for #1
Mar  9 11:59:03 localhost pluto[4314]: |  
Mar  9 11:59:03 localhost pluto[4314]: | *received whack message
Mar  9 11:59:03 localhost pluto[4314]: | kernel_alg_esp_enc_ok(3,0): alg_id=3, alg_ivlen=8, alg_minbits=192, alg_maxbits=192, res=0, ret=1
Mar  9 11:59:03 localhost pluto[4314]: | next event EVENT_SA_REPLACE in 582 seconds for #1
Mar  9 11:59:04 localhost pluto[4314]: |  
Mar  9 11:59:04 localhost pluto[4314]: | *received whack message
Mar  9 11:59:04 localhost pluto[4314]: | kernel_alg_esp_enc_ok(3,0): alg_id=3, alg_ivlen=8, alg_minbits=192, alg_maxbits=192, res=0, ret=1
Mar  9 11:59:04 localhost pluto[4314]: | next event EVENT_SA_REPLACE in 581 seconds for #1
Mar  9 11:59:06 localhost pluto[4314]: |  
Mar  9 11:59:06 localhost pluto[4314]: | *received whack message
Mar  9 11:59:06 localhost pluto[4314]: | next event EVENT_SA_REPLACE in 579 seconds for #1
Mar  9 12:01:43 localhost pluto[4314]: |  
Mar  9 12:01:43 localhost pluto[4314]: | *received whack message
Mar  9 12:01:43 localhost pluto[4314]: | kernel_alg_esp_enc_ok(3,0): alg_id=3, alg_ivlen=8, alg_minbits=192, alg_maxbits=192, res=0, ret=1
Mar  9 12:01:43 localhost pluto[4314]: | next event EVENT_SA_REPLACE in 422 seconds for #1
Mar  9 12:01:44 localhost pluto[4314]: |  
Mar  9 12:01:44 localhost pluto[4314]: | *received whack message
Mar  9 12:01:44 localhost pluto[4314]: | kernel_alg_esp_enc_ok(3,0): alg_id=3, alg_ivlen=8, alg_minbits=192, alg_maxbits=192, res=0, ret=1
Mar  9 12:01:44 localhost pluto[4314]: | next event EVENT_SA_REPLACE in 421 seconds for #1
Mar  9 12:01:46 localhost pluto[4314]: |  
Mar  9 12:01:46 localhost pluto[4314]: | *received whack message
Mar  9 12:01:46 localhost pluto[4314]: | next event EVENT_SA_REPLACE in 419 seconds for #1
+ _________________________ date
+ date
Thu Mar  9 12:01:46 CET 2006


More information about the Users mailing list