From 8fe7b1d6a2b8f2096de7278ac5860e870a5ef360 Mon Sep 17 00:00:00 2001 From: Ting Liu Date: Sat, 7 Nov 2020 22:17:28 +0800 Subject: [PATCH] ipsec-demo: remove as it depends on ipsec-tools ipsec-tools has security issues and has been ABANDONED. Recipe was removed from meta-networking too. Signed-off-by: Ting Liu --- .../ipsec-demo/ipsec-demo/test_setkey/README | 77 ------------------- .../auto_left.conf-3des-sha1-tunnel | 32 -------- .../auto_right.conf-3des-sha1-tunnel | 31 -------- .../ipsec-demo/test_setkey/flush-setkey | 4 - .../ipsec-demo/test_setkey/ipsec.conf.left | 29 ------- .../ipsec-demo/test_setkey/ipsec.conf.right | 28 ------- .../ipsec-demo/test_setkey/ipsec.secrets.left | 3 - .../test_setkey/ipsec.secrets.right | 8 -- .../test_setkey/ipsec_ikev1.conf.left | 39 ---------- .../test_setkey/ipsec_ikev1.conf.right | 34 -------- .../test_setkey/left.conf-3des-md5-transport | 23 ------ .../test_setkey/left.conf-3des-md5-tunnel | 42 ---------- .../test_setkey/left.conf-3des-sha1-transport | 22 ------ .../test_setkey/left.conf-3des-sha1-tunnel | 42 ---------- .../left.conf-3des-sha256-transport | 23 ------ .../test_setkey/left.conf-3des-sha256-tunnel | 42 ---------- .../test_setkey/left.conf-aes-md5-transport | 23 ------ .../test_setkey/left.conf-aes-md5-tunnel | 42 ---------- .../test_setkey/left.conf-aes-sha1-transport | 22 ------ .../test_setkey/left.conf-aes-sha1-tunnel | 42 ---------- .../left.conf-aes-sha256-transport | 23 ------ .../test_setkey/left.conf-aes-sha256-tunnel | 42 ---------- .../test_setkey/left.conf-null-null-transport | 23 ------ .../test_setkey/left.conf-null-null-tunnel | 42 ---------- .../ipsec-demo/test_setkey/left.ipv4 | 2 - .../ipsec-demo/test_setkey/moonCert.pem | 25 ------ .../ipsec-demo/test_setkey/moonKey.pem | 27 ------- .../ipsec-demo/test_setkey/pingsizes.sh | 19 ----- .../ipsec-demo/test_setkey/pingsizest.sh | 19 ----- .../ipsec-demo/ipsec-demo/test_setkey/psk.txt | 2 - .../ipsec-demo/test_setkey/racoon.conf | 22 ------ .../test_setkey/right.conf-3des-md5-transport | 23 ------ .../test_setkey/right.conf-3des-md5-tunnel | 42 ---------- .../right.conf-3des-sha1-transport | 22 ------ .../test_setkey/right.conf-3des-sha1-tunnel | 41 ---------- .../right.conf-3des-sha256-transport | 23 ------ .../test_setkey/right.conf-3des-sha256-tunnel | 42 ---------- .../test_setkey/right.conf-aes-md5-transport | 23 ------ .../test_setkey/right.conf-aes-md5-tunnel | 42 ---------- .../test_setkey/right.conf-aes-sha1-transport | 22 ------ .../test_setkey/right.conf-aes-sha1-tunnel | 41 ---------- .../right.conf-aes-sha256-transport | 23 ------ .../test_setkey/right.conf-aes-sha256-tunnel | 42 ---------- .../right.conf-null-null-transport | 23 ------ .../test_setkey/right.conf-null-null-tunnel | 42 ---------- .../ipsec-demo/test_setkey/right.ipv4 | 2 - .../ipsec-demo/ipsec-demo/test_setkey/setup | 47 ----------- .../ipsec-demo/test_setkey/setup_left | 13 ---- .../ipsec-demo/test_setkey/setup_right | 13 ---- .../ipsec-demo/test_setkey/strongswan.conf | 19 ----- .../ipsec-demo/test_setkey/strongswanCert.pem | 22 ------ .../ipsec-demo/test_setkey/strongswan_left | 10 --- .../ipsec-demo/test_setkey/strongswan_right | 10 --- .../ipsec-demo/test_setkey/sunCert.pem | 25 ------ .../ipsec-demo/test_setkey/sunKey.pem | 27 ------- .../ipsec-demo/ipsec-demo_0.1.bb | 26 ------- 56 files changed, 1519 deletions(-) delete mode 100644 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/README delete mode 100755 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/auto_left.conf-3des-sha1-tunnel delete mode 100755 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/auto_right.conf-3des-sha1-tunnel delete mode 100755 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/flush-setkey delete mode 100644 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.conf.left delete mode 100644 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.conf.right delete mode 100644 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.secrets.left delete mode 100644 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.secrets.right delete mode 100644 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec_ikev1.conf.left delete mode 100644 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec_ikev1.conf.right delete mode 100755 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-md5-transport delete mode 100755 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-md5-tunnel delete mode 100755 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha1-transport delete mode 100755 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha1-tunnel delete mode 100755 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha256-transport delete mode 100755 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha256-tunnel delete mode 100755 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-md5-transport delete mode 100755 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-md5-tunnel delete mode 100755 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha1-transport delete mode 100755 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha1-tunnel delete mode 100755 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha256-transport delete mode 100755 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha256-tunnel delete mode 100755 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-null-null-transport delete mode 100755 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-null-null-tunnel delete mode 100755 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.ipv4 delete mode 100644 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/moonCert.pem delete mode 100644 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/moonKey.pem delete mode 100755 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/pingsizes.sh delete mode 100755 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/pingsizest.sh delete mode 100644 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/psk.txt delete mode 100644 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/racoon.conf delete mode 100755 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-md5-transport delete mode 100755 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-md5-tunnel delete mode 100755 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha1-transport delete mode 100755 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha1-tunnel delete mode 100755 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha256-transport delete mode 100755 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha256-tunnel delete mode 100755 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-md5-transport delete mode 100755 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-md5-tunnel delete mode 100755 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha1-transport delete mode 100755 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha1-tunnel delete mode 100755 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha256-transport delete mode 100755 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha256-tunnel delete mode 100755 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-null-null-transport delete mode 100755 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-null-null-tunnel delete mode 100755 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.ipv4 delete mode 100755 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/setup delete mode 100755 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/setup_left delete mode 100755 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/setup_right delete mode 100644 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswan.conf delete mode 100644 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswanCert.pem delete mode 100755 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswan_left delete mode 100755 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswan_right delete mode 100644 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/sunCert.pem delete mode 100644 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/sunKey.pem delete mode 100644 dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo_0.1.bb diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/README b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/README deleted file mode 100644 index 9578982d..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/README +++ /dev/null @@ -1,77 +0,0 @@ -test_setkey script usage - -The scripts in this directory may be used for testing -native Linux IPsec with the talitos driver as a loadable module. - -It's assumed that these scripts have been placed in the directory -named /test_setkey. - -The scripts setup_left and setup_right configure the ip addresses -for two boards named 'left' and 'right', which are two gateways for -an IPsec tunnel. Connect the eth1 interfaces of left and right boards together. -For smartbits testing, connect eth0 on each board to a smartbits port. -For other testing (ping, netperf, iperf), connect eth0 on each board to another system. - -The scripts named left.conf-* and right.conf-* are setkey scripts -which configure the IPsec SA and SPD entries. -The scripts ending in -tunnel use tunnel mode IPsec, and the scripts -ending in -transport used transport mode IPsec. -Transport mode is useful for quickly testing security functionality -using ping or netperf between two boards. -Tunnel mode can be used for testing throughput using smartbits or other -performance test equipment. - -There is a top level script called 'setup' which -is used for a one-step setup on the left and right boards. -'setup' uses two or three parameters. The first parameter is the side, left or right. -The second parameter is the setkey suffix for the left.conf- and right.conf- files. -If the third parameter is supplied, the setup will modprobe that name, so -typically you should provide talitos as the third parameter if you want to load the driver. -If you have built the talitos driver into the kernel, omit the third parameter to setup. -You may test software encryption if talitos is built as a module and you omit the third parameter. - -Below are example uses of the 'setup' script. - -1) One-step setup for smartbits - Use a tunnel mode setup on each side. - AES-HMAC-SHA1: - Left side: - /test_setkey/setup left aes-sha1-tunnel talitos - Right side: - /test_setkey/setup right aes-sha1-tunnel talitos - - 3DES-HMAC-SHA1: - Left side: - /test_setkey/setup left 3des-sha1-tunnel talitos - Right side: - /test_setkey/setup right 3des-sha1-tunnel talitos - -2) One-step setup for testing ping, netperf, or iperf between two boards. - Use a transport mode setup on each side. - AES-HMAC-SHA1: - Left side: - /test_setkey/setup left aes-sha1-transport talitos - Right side: - /test_setkey/setup right aes-sha1-transport talitos - - 3DES-HMAC-SHA1: - Left side: - /test_setkey/setup left 3des-sha1-transport talitos - Right side: - /test_setkey/setup right 3des-sha1-transport talitos - -3) Testing ipv4 - To test ipv4 (with no security) over the two gateways, use steps below. - Testing ipv4 is helpful to get your smartbits configuration verified - and also establish a baseline performance for throughput. - - On the left board: - cd /test_setkey - ./setup_left - ./left.ipv4 - - On the right board: - cd /test_setkey - ./setup_right - ./right.ipv4 - diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/auto_left.conf-3des-sha1-tunnel b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/auto_left.conf-3des-sha1-tunnel deleted file mode 100755 index 6bd6c5d8..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/auto_left.conf-3des-sha1-tunnel +++ /dev/null @@ -1,32 +0,0 @@ -#!/usr/sbin/setkey -f -# -# -# Example ESP Tunnel for VPN. -# -# ========= ESP ========= -# | | -# Network-A Gateway-A Gateway-B Network-B -# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24 -# -# ====== 83xx board A ====== ===== 83xx board B ===== -# | | | | -# eth0 eth1 eth1 eth0 -# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130 -# -# -# Board A setup -# -# Flush the SAD and SPD -flush; -spdflush; - -# I am gateway A (eth0:192.168.1.130, eth1:200.200.200.10) -# -# Security policies -spdadd 192.168.1.0/24 192.168.2.0/24 any -P out ipsec - esp/tunnel/200.200.200.10-200.200.200.20/require; - -spdadd 192.168.2.0/24 192.168.1.0/24 any -P in ipsec - esp/tunnel/200.200.200.20-200.200.200.10/require; - - diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/auto_right.conf-3des-sha1-tunnel b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/auto_right.conf-3des-sha1-tunnel deleted file mode 100755 index eebf307a..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/auto_right.conf-3des-sha1-tunnel +++ /dev/null @@ -1,31 +0,0 @@ -#!/usr/sbin/setkey -f -# -# -# Example ESP Tunnel for VPN. -# -# ========= ESP ========= -# | | -# Network-A Gateway-A Gateway-B Network-B -# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24 -# -# ====== 83xx board A ====== ===== 83xx board B ===== -# | | | | -# eth0 eth1 eth1 eth0 -# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130 -# -# -# Board B setup -# Flush the SAD and SPD -flush; -spdflush; - -# I am gateway B (eth0:192.168.2.130, eth1:200.200.200.20) -# -# Security policies - -spdadd 192.168.2.0/24 192.168.1.0/24 any -P out ipsec - esp/tunnel/200.200.200.20-200.200.200.10/require; - -spdadd 192.168.1.0/24 192.168.2.0/24 any -P in ipsec - esp/tunnel/200.200.200.10-200.200.200.20/require; - diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/flush-setkey b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/flush-setkey deleted file mode 100755 index 0be30562..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/flush-setkey +++ /dev/null @@ -1,4 +0,0 @@ -#!/usr/sbin/setkey -f - -flush; -spdflush; diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.conf.left b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.conf.left deleted file mode 100644 index d9d6c0c6..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.conf.left +++ /dev/null @@ -1,29 +0,0 @@ -# /etc/ipsec.conf - strongSwan IPsec configuration file - -config setup - charondebug="chd 2, knl 2" - crlcheckinterval=180 - strictcrlpolicy=no - plutostart=no - -conn %default - ikelifetime=60m - keylife=20m - rekeymargin=3m - keyingtries=1 - keyexchange=ikev2 - type=tunnel - auth=esp - compress=no - mobike=no - -conn net-net - left=200.200.200.10 - leftsubnet=192.168.1.0/24 - leftcert=moonCert.pem - leftid="C=CH, O=Linux strongSwan, CN=moon.strongswan.org" - leftfirewall=yes - right=200.200.200.20 - rightsubnet=192.168.2.0/24 - rightid="C=CH, O=Linux strongSwan, CN=sun.strongswan.org" - auto=add diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.conf.right b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.conf.right deleted file mode 100644 index c14dee2b..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.conf.right +++ /dev/null @@ -1,28 +0,0 @@ -# /etc/ipsec.conf - strongSwan IPsec configuration file - -config setup - charondebug="chd 2, knl 2" - crlcheckinterval=180 - strictcrlpolicy=no - plutostart=no - -conn %default - ikelifetime=60m - keylife=20m - rekeymargin=3m - keyingtries=1 - keyexchange=ikev2 - auth=esp - compress=no - mobike=no - -conn net-net - left=200.200.200.20 - leftcert=sunCert.pem - leftid="C=CH, O=Linux strongSwan, CN=sun.strongswan.org" - leftsubnet=192.168.2.0/24 - leftfirewall=yes - right=200.200.200.10 - rightid="C=CH, O=Linux strongSwan, CN=moon.strongswan.org" - rightsubnet=192.168.1.0/24 - auto=add diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.secrets.left b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.secrets.left deleted file mode 100644 index e86d6aa5..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.secrets.left +++ /dev/null @@ -1,3 +0,0 @@ -# /etc/ipsec.secrets - strongSwan IPsec secrets file - -: RSA moonKey.pem diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.secrets.right b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.secrets.right deleted file mode 100644 index 1095b74c..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.secrets.right +++ /dev/null @@ -1,8 +0,0 @@ -# /etc/ipsec.secrets - strongSwan IPsec secrets file - -: RSA sunKey.pem - - - - - diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec_ikev1.conf.left b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec_ikev1.conf.left deleted file mode 100644 index 55025dbc..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec_ikev1.conf.left +++ /dev/null @@ -1,39 +0,0 @@ -# /etc/ipsec.conf - strongSwan IPsec configuration file - -config setup - plutodebug=control - crlcheckinterval=180 - strictcrlpolicy=no - charonstart=no - -conn %default - ikelifetime=60m - keylife=20m - rekeymargin=3m - keyingtries=1 - keyexchange=ikev1 - left=200.200.200.10 - leftcert=moonCert.pem - leftid="C=CH, O=Linux strongSwan, CN=moon.strongswan.org" - leftfirewall=yes - -conn net-net - left=%defaultroute - leftsubnet=192.168.1.0/24 - leftcert=moonCert.pem - right=200.200.200.20 - rightsubnet=192.168.2.0/24 - rightid="C=CH, O=Linux strongSwan, CN=sun.strongswan.org" - auto=add - -conn host-host - left=%defaultroute - leftcert=moonCert.pem - right=200.200.200.20 - rightid="C=CH, O=Linux strongSwan, CN=sun.strongswan.org" - auto=add - -conn rw - leftsubnet=192.168.1.0/24 - right=%any - auto=add diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec_ikev1.conf.right b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec_ikev1.conf.right deleted file mode 100644 index 479791ea..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec_ikev1.conf.right +++ /dev/null @@ -1,34 +0,0 @@ -# /etc/ipsec.conf - strongSwan IPsec configuration file - -config setup - plutodebug=control - crlcheckinterval=180 - strictcrlpolicy=no - charonstart=no - -conn %default - ikelifetime=60m - keylife=20m - rekeymargin=3m - keyingtries=1 - keyexchange=ikev1 - left=200.200.200.20 - leftcert=sunCert.pem - leftid="C=CH, O=Linux strongSwan, CN=sun.strongswan.org" - leftfirewall=yes - -conn net-net - left=%defaultroute - leftsubnet=192.168.2.0/24 - leftcert=sunCert.pem - right=200.200.200.10 - rightsubnet=192.168.1.0/24 - rightid="C=CH, O=Linux strongSwan, CN=moon.strongswan.org" - auto=add - -conn host-host - left=%defaultroute - leftcert=sunCert.pem - right=200.200.200.10 - rightid="C=CH, O=Linux strongSwan, CN=moon.strongswan.org" - auto=add diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-md5-transport b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-md5-transport deleted file mode 100755 index 5422771b..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-md5-transport +++ /dev/null @@ -1,23 +0,0 @@ -#!/usr/sbin/setkey -f -#I am 200.200.200.10 - -flush; -spdflush; - -# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) -# and hmac-md5 authentication using 128 bit long keys -add 200.200.200.10 200.200.200.20 esp 0x10513 - -E 3des-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 - -A hmac-md5 0xd5f603abc8cd9d19319ca32fb955b10f; - -add 200.200.200.20 200.200.200.10 esp 0x10514 - -E 3des-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df - -A hmac-md5 0x1dd90b4c32dcbe9d37b555a23df5170e; - - -spdadd 200.200.200.20 200.200.200.10 any -P in ipsec - esp/transport//require; - -spdadd 200.200.200.10 200.200.200.20 any -P out ipsec - esp/transport//require; - diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-md5-tunnel b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-md5-tunnel deleted file mode 100755 index 52bf9c3f..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-md5-tunnel +++ /dev/null @@ -1,42 +0,0 @@ -#!/usr/sbin/setkey -f -# -# -# Example ESP Tunnel for VPN. -# -# ========= ESP ========= -# | | -# Network-A Gateway-A Gateway-B Network-B -# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24 -# -# ====== 83xx board A ====== ===== 83xx board B ===== -# | | | | -# eth0 eth1 eth1 eth0 -# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130 -# -# -# Board A setup -# -# Flush the SAD and SPD -flush; -spdflush; - -# I am gateway A (eth0:192.168.1.130, eth1:200.200.200.10) -# -# Security policies -spdadd 192.168.1.0/24 192.168.2.0/24 any -P out ipsec - esp/tunnel/200.200.200.10-200.200.200.20/require; - -spdadd 192.168.2.0/24 192.168.1.0/24 any -P in ipsec - esp/tunnel/200.200.200.20-200.200.200.10/require; - - -# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) -# and hmac-md5 authentication using 128 bit long keys -add 200.200.200.10 200.200.200.20 esp 0x201 -m tunnel - -E 3des-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 - -A hmac-md5 0xd5f603abc8cd9d19319ca32fb955b10f; - -add 200.200.200.20 200.200.200.10 esp 0x301 -m tunnel - -E 3des-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df - -A hmac-md5 0x1dd90b4c32dcbe9d37b555a23df5170e; - diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha1-transport b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha1-transport deleted file mode 100755 index e5ee0054..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha1-transport +++ /dev/null @@ -1,22 +0,0 @@ -#!/usr/sbin/setkey -f -#I am 200.200.200.10 - -flush; -spdflush; - -# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) -# and hmac-sha1 authentication using 160 bit long keys -add 200.200.200.10 200.200.200.20 esp 0x10513 - -E 3des-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 - -A hmac-sha1 0xe9c43acd5e8d779b6e09c87347852708ab49bdd3; - -add 200.200.200.20 200.200.200.10 esp 0x10514 - -E 3des-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df - -A hmac-sha1 0xea6856479330dc9c17b8f6c37e2a895363d83f21; - -spdadd 200.200.200.20 200.200.200.10 any -P in ipsec - esp/transport//require; - -spdadd 200.200.200.10 200.200.200.20 any -P out ipsec - esp/transport//require; - diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha1-tunnel b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha1-tunnel deleted file mode 100755 index eb2881db..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha1-tunnel +++ /dev/null @@ -1,42 +0,0 @@ -#!/usr/sbin/setkey -f -# -# -# Example ESP Tunnel for VPN. -# -# ========= ESP ========= -# | | -# Network-A Gateway-A Gateway-B Network-B -# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24 -# -# ====== 83xx board A ====== ===== 83xx board B ===== -# | | | | -# eth0 eth1 eth1 eth0 -# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130 -# -# -# Board A setup -# -# Flush the SAD and SPD -flush; -spdflush; - -# I am gateway A (eth0:192.168.1.130, eth1:200.200.200.10) -# -# Security policies -spdadd 192.168.1.0/24 192.168.2.0/24 any -P out ipsec - esp/tunnel/200.200.200.10-200.200.200.20/require; - -spdadd 192.168.2.0/24 192.168.1.0/24 any -P in ipsec - esp/tunnel/200.200.200.20-200.200.200.10/require; - - -# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) -# and hmac-sha1 authentication using 160 bit long keys -add 200.200.200.10 200.200.200.20 esp 0x201 -m tunnel - -E 3des-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 - -A hmac-sha1 0xe9c43acd5e8d779b6e09c87347852708ab49bdd3; - -add 200.200.200.20 200.200.200.10 esp 0x301 -m tunnel - -E 3des-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df - -A hmac-sha1 0xea6856479330dc9c17b8f6c37e2a895363d83f21; - diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha256-transport b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha256-transport deleted file mode 100755 index b5286320..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha256-transport +++ /dev/null @@ -1,23 +0,0 @@ -#!/usr/sbin/setkey -f -#I am 200.200.200.10 - -flush; -spdflush; - -# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) -# and hmac-sha2-256 authentication using 256 bit long keys -add 200.200.200.10 200.200.200.20 esp 0x10513 - -E 3des-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 - -A hmac-sha2-256 0x4de03bebf6beb4fdef5a67d349a09580466cc4e54503333b2a5fd34538c91198; - -add 200.200.200.20 200.200.200.10 esp 0x10514 - -E 3des-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df - -A hmac-sha2-256 0x5e01eb780b7ecc074ca2ca4fa4a5ea2ff841c977da0ce61c49d1fe767ea5452c; - - -spdadd 200.200.200.20 200.200.200.10 any -P in ipsec - esp/transport//require; - -spdadd 200.200.200.10 200.200.200.20 any -P out ipsec - esp/transport//require; - diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha256-tunnel b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha256-tunnel deleted file mode 100755 index e7726f08..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha256-tunnel +++ /dev/null @@ -1,42 +0,0 @@ -#!/usr/sbin/setkey -f -# -# -# Example ESP Tunnel for VPN. -# -# ========= ESP ========= -# | | -# Network-A Gateway-A Gateway-B Network-B -# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24 -# -# ====== 83xx board A ====== ===== 83xx board B ===== -# | | | | -# eth0 eth1 eth1 eth0 -# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130 -# -# -# Board A setup -# -# Flush the SAD and SPD -flush; -spdflush; - -# I am gateway A (eth0:192.168.1.130, eth1:200.200.200.10) -# -# Security policies -spdadd 192.168.1.0/24 192.168.2.0/24 any -P out ipsec - esp/tunnel/200.200.200.10-200.200.200.20/require; - -spdadd 192.168.2.0/24 192.168.1.0/24 any -P in ipsec - esp/tunnel/200.200.200.20-200.200.200.10/require; - - -# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) -# and hmac-sha2-256 authentication using 256 bit long keys -add 200.200.200.10 200.200.200.20 esp 0x10513 -m tunnel - -E 3des-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 - -A hmac-sha2-256 0x4de03bebf6beb4fdef5a67d349a09580466cc4e54503333b2a5fd34538c91198; - -add 200.200.200.20 200.200.200.10 esp 0x10514 -m tunnel - -E 3des-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df - -A hmac-sha2-256 0x5e01eb780b7ecc074ca2ca4fa4a5ea2ff841c977da0ce61c49d1fe767ea5452c; - diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-md5-transport b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-md5-transport deleted file mode 100755 index 96f57837..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-md5-transport +++ /dev/null @@ -1,23 +0,0 @@ -#!/usr/sbin/setkey -f -#I am 200.200.200.10 - -flush; -spdflush; - -# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) -# and hmac-md5 authentication using 128 bit long keys -add 200.200.200.10 200.200.200.20 esp 0x10513 - -E aes-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 - -A hmac-md5 0xd5f603abc8cd9d19319ca32fb955b10f; - -add 200.200.200.20 200.200.200.10 esp 0x10514 - -E aes-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df - -A hmac-md5 0x1dd90b4c32dcbe9d37b555a23df5170e; - - -spdadd 200.200.200.20 200.200.200.10 any -P in ipsec - esp/transport//require; - -spdadd 200.200.200.10 200.200.200.20 any -P out ipsec - esp/transport//require; - diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-md5-tunnel b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-md5-tunnel deleted file mode 100755 index b2cf84bf..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-md5-tunnel +++ /dev/null @@ -1,42 +0,0 @@ -#!/usr/sbin/setkey -f -# -# -# Example ESP Tunnel for VPN. -# -# ========= ESP ========= -# | | -# Network-A Gateway-A Gateway-B Network-B -# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24 -# -# ====== 83xx board A ====== ===== 83xx board B ===== -# | | | | -# eth0 eth1 eth1 eth0 -# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130 -# -# -# Board A setup -# -# Flush the SAD and SPD -flush; -spdflush; - -# I am gateway A (eth0:192.168.1.130, eth1:200.200.200.10) -# -# Security policies -spdadd 192.168.1.0/24 192.168.2.0/24 any -P out ipsec - esp/tunnel/200.200.200.10-200.200.200.20/require; - -spdadd 192.168.2.0/24 192.168.1.0/24 any -P in ipsec - esp/tunnel/200.200.200.20-200.200.200.10/require; - - -# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) -# and hmac-md5 authentication using 128 bit long keys -add 200.200.200.10 200.200.200.20 esp 0x201 -m tunnel - -E aes-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 - -A hmac-md5 0xd5f603abc8cd9d19319ca32fb955b10f; - -add 200.200.200.20 200.200.200.10 esp 0x301 -m tunnel - -E aes-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df - -A hmac-md5 0x1dd90b4c32dcbe9d37b555a23df5170e; - diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha1-transport b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha1-transport deleted file mode 100755 index f3ffaf5c..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha1-transport +++ /dev/null @@ -1,22 +0,0 @@ -#!/usr/sbin/setkey -f -#I am 200.200.200.10 - -flush; -spdflush; - -# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) -# and hmac-sha1 authentication using 160 bit long keys -add 200.200.200.10 200.200.200.20 esp 0x10513 - -E aes-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 - -A hmac-sha1 0xe9c43acd5e8d779b6e09c87347852708ab49bdd3; - -add 200.200.200.20 200.200.200.10 esp 0x10514 - -E aes-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df - -A hmac-sha1 0xea6856479330dc9c17b8f6c37e2a895363d83f21; - -spdadd 200.200.200.20 200.200.200.10 any -P in ipsec - esp/transport//require; - -spdadd 200.200.200.10 200.200.200.20 any -P out ipsec - esp/transport//require; - diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha1-tunnel b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha1-tunnel deleted file mode 100755 index 1ab7874f..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha1-tunnel +++ /dev/null @@ -1,42 +0,0 @@ -#!/usr/sbin/setkey -f -# -# -# Example ESP Tunnel for VPN. -# -# ========= ESP ========= -# | | -# Network-A Gateway-A Gateway-B Network-B -# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24 -# -# ====== 83xx board A ====== ===== 83xx board B ===== -# | | | | -# eth0 eth1 eth1 eth0 -# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130 -# -# -# Board A setup -# -# Flush the SAD and SPD -flush; -spdflush; - -# I am gateway A (eth0:192.168.1.130, eth1:200.200.200.10) -# -# Security policies -spdadd 192.168.1.0/24 192.168.2.0/24 any -P out ipsec - esp/tunnel/200.200.200.10-200.200.200.20/require; - -spdadd 192.168.2.0/24 192.168.1.0/24 any -P in ipsec - esp/tunnel/200.200.200.20-200.200.200.10/require; - - -# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) -# and hmac-sha1 authentication using 160 bit long keys -add 200.200.200.10 200.200.200.20 esp 0x201 -m tunnel - -E aes-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 - -A hmac-sha1 0xe9c43acd5e8d779b6e09c87347852708ab49bdd3; - -add 200.200.200.20 200.200.200.10 esp 0x301 -m tunnel - -E aes-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df - -A hmac-sha1 0xea6856479330dc9c17b8f6c37e2a895363d83f21; - diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha256-transport b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha256-transport deleted file mode 100755 index d2645d6f..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha256-transport +++ /dev/null @@ -1,23 +0,0 @@ -#!/usr/sbin/setkey -f -#I am 200.200.200.10 - -flush; -spdflush; - -# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) -# and hmac-sha2-256 authentication using 256 bit long keys -add 200.200.200.10 200.200.200.20 esp 0x10513 - -E aes-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 - -A hmac-sha2-256 0x4de03bebf6beb4fdef5a67d349a09580466cc4e54503333b2a5fd34538c91198; - -add 200.200.200.20 200.200.200.10 esp 0x10514 - -E aes-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df - -A hmac-sha2-256 0x5e01eb780b7ecc074ca2ca4fa4a5ea2ff841c977da0ce61c49d1fe767ea5452c; - - -spdadd 200.200.200.20 200.200.200.10 any -P in ipsec - esp/transport//require; - -spdadd 200.200.200.10 200.200.200.20 any -P out ipsec - esp/transport//require; - diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha256-tunnel b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha256-tunnel deleted file mode 100755 index 8ed697d1..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha256-tunnel +++ /dev/null @@ -1,42 +0,0 @@ -#!/usr/sbin/setkey -f -# -# -# Example ESP Tunnel for VPN. -# -# ========= ESP ========= -# | | -# Network-A Gateway-A Gateway-B Network-B -# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24 -# -# ====== 83xx board A ====== ===== 83xx board B ===== -# | | | | -# eth0 eth1 eth1 eth0 -# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130 -# -# -# Board A setup -# -# Flush the SAD and SPD -flush; -spdflush; - -# I am gateway A (eth0:192.168.1.130, eth1:200.200.200.10) -# -# Security policies -spdadd 192.168.1.0/24 192.168.2.0/24 any -P out ipsec - esp/tunnel/200.200.200.10-200.200.200.20/require; - -spdadd 192.168.2.0/24 192.168.1.0/24 any -P in ipsec - esp/tunnel/200.200.200.20-200.200.200.10/require; - - -# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) -# and hmac-sha2-256 authentication using 256 bit long keys -add 200.200.200.10 200.200.200.20 esp 0x10513 -m tunnel - -E aes-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 - -A hmac-sha2-256 0x4de03bebf6beb4fdef5a67d349a09580466cc4e54503333b2a5fd34538c91198; - -add 200.200.200.20 200.200.200.10 esp 0x10514 -m tunnel - -E aes-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df - -A hmac-sha2-256 0x5e01eb780b7ecc074ca2ca4fa4a5ea2ff841c977da0ce61c49d1fe767ea5452c; - diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-null-null-transport b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-null-null-transport deleted file mode 100755 index 84275d07..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-null-null-transport +++ /dev/null @@ -1,23 +0,0 @@ -#!/usr/sbin/setkey -f -#I am 200.200.200.10 - -flush; -spdflush; - -# ESP SAs doing null encryption -# and null authentication -add 200.200.200.10 200.200.200.20 esp 0x10513 - -E null - -A null; - -add 200.200.200.20 200.200.200.10 esp 0x10514 - -E null - -A null; - - -spdadd 200.200.200.20 200.200.200.10 any -P in ipsec - esp/transport//require; - -spdadd 200.200.200.10 200.200.200.20 any -P out ipsec - esp/transport//require; - diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-null-null-tunnel b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-null-null-tunnel deleted file mode 100755 index 478d14a8..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-null-null-tunnel +++ /dev/null @@ -1,42 +0,0 @@ -#!/usr/sbin/setkey -f -# -# -# Example ESP Tunnel for VPN. -# -# ========= ESP ========= -# | | -# Network-A Gateway-A Gateway-B Network-B -# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24 -# -# ====== 83xx board A ====== ===== 83xx board B ===== -# | | | | -# eth0 eth1 eth1 eth0 -# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130 -# -# -# Board A setup -# -# Flush the SAD and SPD -flush; -spdflush; - -# I am gateway A (eth0:192.168.1.130, eth1:200.200.200.10) -# -# Security policies -spdadd 192.168.1.0/24 192.168.2.0/24 any -P out ipsec - esp/tunnel/200.200.200.10-200.200.200.20/require; - -spdadd 192.168.2.0/24 192.168.1.0/24 any -P in ipsec - esp/tunnel/200.200.200.20-200.200.200.10/require; - - -# ESP SAs doing null encryption -# and null authentication -add 200.200.200.10 200.200.200.20 esp 0x201 -m tunnel - -E null - -A null; - -add 200.200.200.20 200.200.200.10 esp 0x301 -m tunnel - -E null - -A null; - diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.ipv4 b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.ipv4 deleted file mode 100755 index e219f2ad..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.ipv4 +++ /dev/null @@ -1,2 +0,0 @@ -set -v -route add -net 192.168.2.0 netmask 255.255.255.0 gw 200.200.200.20 diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/moonCert.pem b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/moonCert.pem deleted file mode 100644 index d5c970f4..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/moonCert.pem +++ /dev/null @@ -1,25 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIEIjCCAwqgAwIBAgIBFzANBgkqhkiG9w0BAQsFADBFMQswCQYDVQQGEwJDSDEZ -MBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEbMBkGA1UEAxMSc3Ryb25nU3dhbiBS -b290IENBMB4XDTA5MDgyNzEwMDMzMloXDTE0MDgyNjEwMDMzMlowRjELMAkGA1UE -BhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xHDAaBgNVBAMTE21vb24u -c3Ryb25nc3dhbi5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDK -L2M91Lu6BYYhWxWgMS9z9TMSTwszm5rhO7ZIsCtMRo4PAeYw+++SGXt3CPXb/+p+ -SWKGlm11rPE71eQ3ehgh2C3hAurfmWO0iQQaCw+fdreeIVCqOQIOP6UqZ327h5yY -YpHk8VQv4vBJTpxclU1PqnWheqe1ZlLxsW773LRml/fQt/UgvJkCBTZZONLNMfK+ -7TDnYaVsAtncgvDN78nUNEe2qY92KK7SrBJ6SpUEg49m51F+XgsGcsgWVHS85on3 -Om/G48crLEVJjdu8CxewSRVgb+lPJWzHd8QsU0Vg/7vlqs3ZRMyNtNKrr4opSvVb -A6agGlTXhDCreDiXU8KHAgMBAAGjggEaMIIBFjAJBgNVHRMEAjAAMAsGA1UdDwQE -AwIDqDAdBgNVHQ4EFgQUapx00fiJeYn2WpTpifH6w2SdKS4wbQYDVR0jBGYwZIAU -XafdcAZRMn7ntm2zteXgYOouTe+hSaRHMEUxCzAJBgNVBAYTAkNIMRkwFwYDVQQK -ExBMaW51eCBzdHJvbmdTd2FuMRswGQYDVQQDExJzdHJvbmdTd2FuIFJvb3QgQ0GC -AQAwHgYDVR0RBBcwFYITbW9vbi5zdHJvbmdzd2FuLm9yZzATBgNVHSUEDDAKBggr -BgEFBQcDATA5BgNVHR8EMjAwMC6gLKAqhihodHRwOi8vY3JsLnN0cm9uZ3N3YW4u -b3JnL3N0cm9uZ3N3YW4uY3JsMA0GCSqGSIb3DQEBCwUAA4IBAQCctXg2xeMozaTV -jiBL1P8MY9uEH5JtU0EceQ1RbI5/2vGRdnECND9oADY5vamaaE2Mdq2Qh/vlXnML -o3ii5ELjsQlYdTYZOcMOdcUUXYvbbFX1cwpkBhyBl1H25KptHcgQ/HnceKp3kOuq -wYOYjgwePXulcpWXx0E2QtQCFQQZFPyEWeNJxH0oglg53QPXfHY9I2/Gukj5V0bz -p7ME0Gs8KdnYdmbbDqzQgPsta96/m+HoJlsrVF+4Gqihj6BWMBQ2ybjPWZdG3oH9 -25cE8v60Ry98D0Z/tygbAUFnh5oOvaf642paVgc3aoA77I8U+UZjECxISoiHultY -7QTufOwP ------END CERTIFICATE----- diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/moonKey.pem b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/moonKey.pem deleted file mode 100644 index 4d99866f..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/moonKey.pem +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEowIBAAKCAQEAyi9jPdS7ugWGIVsVoDEvc/UzEk8LM5ua4Tu2SLArTEaODwHm -MPvvkhl7dwj12//qfklihpZtdazxO9XkN3oYIdgt4QLq35ljtIkEGgsPn3a3niFQ -qjkCDj+lKmd9u4ecmGKR5PFUL+LwSU6cXJVNT6p1oXqntWZS8bFu+9y0Zpf30Lf1 -ILyZAgU2WTjSzTHyvu0w52GlbALZ3ILwze/J1DRHtqmPdiiu0qwSekqVBIOPZudR -fl4LBnLIFlR0vOaJ9zpvxuPHKyxFSY3bvAsXsEkVYG/pTyVsx3fELFNFYP+75arN -2UTMjbTSq6+KKUr1WwOmoBpU14Qwq3g4l1PChwIDAQABAoIBACBFB/Xqajv6fbn9 -K6pxrz02uXwGmacXAtVIDoPzejWmXS4QA4l17HrJDmelSnhelDKry8nnYHkTrTz7 -mn0wQ4HDWy86o/okJUG/TKRLd6bf79aRQqqohqd3iQkHk43GyzuXH+oGioVKF0fc -ACDWw4wfjL7FMNdHCZ4Bz9DrHO/ysHe9B6rvSYm3VZRhSxaneIkaLkkDadKpVx3f -XNFlMxY4qKPJYYSoJZ61iMqrO7+rnA93tmyDDs8PKU3BtnpfNrdePgleJHhk8Zqy -Ev2/NOCSUxbKE8NCtLpGTs+T0qjjnu4k3WPd3ZOBAan0uPDekHZeHB/aXGLhYcxx -J5SurqECgYEA+F1gppkER5Jtoaudt/CUpdQ1sR9wxf75VBqJ4FiYABGQz9xlG4oj -zL/o572s0iV3bwFpnQa+WuWrxGkP6ZuB/Z82npc0N/vLou/b4dxvg4n7K+eOOEf0 -8FMjsse2tqTIXKCqcmQnR0NPQ1jwuvEKsXP5w/JOlnRXAXnd4jxsJI0CgYEA0GaT -61ySttUW9jC3mxuY6jkQy8TEQqR3nOFvWwmCXIWOpN/MTTPus+Telxp/pdKhU+mo -PmX3Unyne5PvwleWDq3YzltX5ZDZGJ5UJlKuNnfGIzQ6OcHRbb7zBpQG6qSRPuug -bgo688hTnb1L59nK88zWVK45euf6pyuoI+SwIGMCgYEA7yvE8knyhBXvezuv0z1b -eGHmHp5/VDwY0DQKSEAoiBBiWrkLqLybgwXf/KJ8dZZc8En08aFX2GLJyYe/KiB1 -ys3ypEBJqgvRayP+o/9KZ+qNNRd0rqAksPXvL7ABNNt0kzapTSVDae3Yu6s/j1am -DIL5qAeERIDedG5uDPpQzdUCgYB7MtjpP63ABhLv8XbpbBQnCxtByw3W89F+Xcrt -v55gQdhE4cSuMzA/CuMH4vNpPS6AI9aBJNhj3CtKo/cOJachAGb1/wvkO5ALvLW0 -fhZdPstUTnDJain7vfF/hwzbs/PlhXgu9T9KlLfRvXFdG+Sd4g8mumRiozcLkoRw -y6XPTwKBgDJP+s9wXmdG90HST/aqC7FKrVXLpB63dY5swNUfQP6sa0pFnON0r0JC -h/YCsGFFIAebQ2uOkM3g3f9nkwTp7910ov+/5uThvRI2w2BBPy0mVuALPjyyF1Z2 -cb9zpyKiIuXoXRCf4sd8r1lR9bn0Fxx0Svpxf+fpMGSI5quHNBKY ------END RSA PRIVATE KEY----- diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/pingsizes.sh b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/pingsizes.sh deleted file mode 100755 index faefb245..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/pingsizes.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash -# -# Usage: ./pingsizes.sh 1440 20 (or greater) -# - -PINGDEST=${PINGDEST:-200.200.200.10} -k=$1 -lim="$((k+$2))" -((k-=1)) -while [ "$k" != "$lim" ] ; do - echo -n "ping -s $((k+=1)) : " - ping -i 1000 -c 1 -s $k $PINGDEST | grep packets & - sleep 1 - PID=`ps -eaf | grep 'ping -i' | grep -v grep | sed 's/[ ][ ]*/ /g' | cut -d " " -f 2` - if [ -n "$PID" ] ; then - echo "****************** killing $PID" - kill $PID > /dev/null - fi -done diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/pingsizest.sh b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/pingsizest.sh deleted file mode 100755 index d5ff0f7d..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/pingsizest.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash -# -# Usage: ./pingsizes.sh 1440 20 (or greater) -# - -PINGDEST=${PINGDEST:-200.200.200.10} -k=$1 -lim="$((k+$2))" -((k-=1)) -while [ "$k" != "$lim" ] ; do - echo ping -s $((k+=1)) - ping -i 1000 -c 1 -s $k $PINGDEST & - sleep 1 - PID=`ps -eaf | grep 'ping -i' | sed 's/[ ][ ]*/ /g' | cut -d " " -f 2` - if [ -n "$PID" ] ; then - echo "****************** killing $PID" - kill $PID - fi -done diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/psk.txt b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/psk.txt deleted file mode 100644 index 46c1ff41..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/psk.txt +++ /dev/null @@ -1,2 +0,0 @@ -200.200.200.20 secretkeyracoon -200.200.200.10 secretkeyracoon diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/racoon.conf b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/racoon.conf deleted file mode 100644 index cf561f51..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/racoon.conf +++ /dev/null @@ -1,22 +0,0 @@ -path pre_shared_key "/test_setkey/psk.txt" ; - - remote anonymous - { - exchange_mode main ; - lifetime time 1 hour ; - proposal { - encryption_algorithm 3des; - hash_algorithm sha1; - authentication_method pre_shared_key ; - dh_group 2 ; - } - } - - sainfo anonymous - { - pfs_group 2; - lifetime time 1 hour ; - encryption_algorithm 3des ; - authentication_algorithm hmac_sha1 ; - compression_algorithm deflate ; - } diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-md5-transport b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-md5-transport deleted file mode 100755 index 7f82fb46..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-md5-transport +++ /dev/null @@ -1,23 +0,0 @@ -#!/usr/sbin/setkey -f -#I am 200.200.200.20 - -flush; -spdflush; - -# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) -# and hmac-md5 authentication using 128 bit long keys -add 200.200.200.10 200.200.200.20 esp 0x10513 - -E 3des-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 - -A hmac-md5 0xd5f603abc8cd9d19319ca32fb955b10f; - -add 200.200.200.20 200.200.200.10 esp 0x10514 - -E 3des-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df - -A hmac-md5 0x1dd90b4c32dcbe9d37b555a23df5170e; - - -spdadd 200.200.200.20 200.200.200.10 any -P out ipsec - esp/transport//require; - -spdadd 200.200.200.10 200.200.200.20 any -P in ipsec - esp/transport//require; - diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-md5-tunnel b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-md5-tunnel deleted file mode 100755 index 5a752579..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-md5-tunnel +++ /dev/null @@ -1,42 +0,0 @@ -#!/usr/sbin/setkey -f -# -# -# Example ESP Tunnel for VPN. -# -# ========= ESP ========= -# | | -# Network-A Gateway-A Gateway-B Network-B -# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24 -# -# ====== 83xx board A ====== ===== 83xx board B ===== -# | | | | -# eth0 eth1 eth1 eth0 -# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130 -# -# -# Board B setup -# -# Flush the SAD and SPD -flush; -spdflush; - -# I am gateway B (eth0:192.168.2.130, eth1:200.200.200.20) -# -# Security policies -spdadd 192.168.2.0/24 192.168.1.0/24 any -P out ipsec - esp/tunnel/200.200.200.20-200.200.200.10/require; - -spdadd 192.168.1.0/24 192.168.2.0/24 any -P in ipsec - esp/tunnel/200.200.200.10-200.200.200.20/require; - - -# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) -# and hmac-md5 authentication using 128 bit long keys -add 200.200.200.10 200.200.200.20 esp 0x201 -m tunnel - -E 3des-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 - -A hmac-md5 0xd5f603abc8cd9d19319ca32fb955b10f; - -add 200.200.200.20 200.200.200.10 esp 0x301 -m tunnel - -E 3des-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df - -A hmac-md5 0x1dd90b4c32dcbe9d37b555a23df5170e; - diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha1-transport b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha1-transport deleted file mode 100755 index 6ef885d4..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha1-transport +++ /dev/null @@ -1,22 +0,0 @@ -#!/usr/sbin/setkey -f -#I am 200.200.200.20 - -flush; -spdflush; - -# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) -# and hmac-sha1 authentication using 160 bit long keys -add 200.200.200.10 200.200.200.20 esp 0x10513 - -E 3des-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 - -A hmac-sha1 0xe9c43acd5e8d779b6e09c87347852708ab49bdd3; - -add 200.200.200.20 200.200.200.10 esp 0x10514 - -E 3des-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df - -A hmac-sha1 0xea6856479330dc9c17b8f6c37e2a895363d83f21; - -# Security policies -spdadd 200.200.200.20 200.200.200.10 any -P out ipsec - esp/transport//require; - -spdadd 200.200.200.10 200.200.200.20 any -P in ipsec - esp/transport//require; diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha1-tunnel b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha1-tunnel deleted file mode 100755 index 16c31578..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha1-tunnel +++ /dev/null @@ -1,41 +0,0 @@ -#!/usr/sbin/setkey -f -# -# -# Example ESP Tunnel for VPN. -# -# ========= ESP ========= -# | | -# Network-A Gateway-A Gateway-B Network-B -# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24 -# -# ====== 83xx board A ====== ===== 83xx board B ===== -# | | | | -# eth0 eth1 eth1 eth0 -# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130 -# -# -# Board B setup -# Flush the SAD and SPD -flush; -spdflush; - -# I am gateway B (eth0:192.168.2.130, eth1:200.200.200.20) -# -# Security policies - -spdadd 192.168.2.0/24 192.168.1.0/24 any -P out ipsec - esp/tunnel/200.200.200.20-200.200.200.10/require; - -spdadd 192.168.1.0/24 192.168.2.0/24 any -P in ipsec - esp/tunnel/200.200.200.10-200.200.200.20/require; - -# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) -# and hmac-sha1 authentication using 160 bit long keys -add 200.200.200.10 200.200.200.20 esp 0x201 -m tunnel - -E 3des-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 - -A hmac-sha1 0xe9c43acd5e8d779b6e09c87347852708ab49bdd3; - -add 200.200.200.20 200.200.200.10 esp 0x301 -m tunnel - -E 3des-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df - -A hmac-sha1 0xea6856479330dc9c17b8f6c37e2a895363d83f21; - diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha256-transport b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha256-transport deleted file mode 100755 index b9772092..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha256-transport +++ /dev/null @@ -1,23 +0,0 @@ -#!/usr/sbin/setkey -f -#I am 200.200.200.20 - -flush; -spdflush; - -# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) -# and hmac-sha2-256 authentication using 256 bit long keys -add 200.200.200.10 200.200.200.20 esp 0x10513 - -E 3des-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 - -A hmac-sha2-256 0x4de03bebf6beb4fdef5a67d349a09580466cc4e54503333b2a5fd34538c91198; - -add 200.200.200.20 200.200.200.10 esp 0x10514 - -E 3des-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df - -A hmac-sha2-256 0x5e01eb780b7ecc074ca2ca4fa4a5ea2ff841c977da0ce61c49d1fe767ea5452c; - - -spdadd 200.200.200.20 200.200.200.10 any -P out ipsec - esp/transport//require; - -spdadd 200.200.200.10 200.200.200.20 any -P in ipsec - esp/transport//require; - diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha256-tunnel b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha256-tunnel deleted file mode 100755 index e7c5b4e6..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha256-tunnel +++ /dev/null @@ -1,42 +0,0 @@ -#!/usr/sbin/setkey -f -# -# -# Example ESP Tunnel for VPN. -# -# ========= ESP ========= -# | | -# Network-A Gateway-A Gateway-B Network-B -# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24 -# -# ====== 83xx board A ====== ===== 83xx board B ===== -# | | | | -# eth0 eth1 eth1 eth0 -# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130 -# -# -# Board A setup -# -# Flush the SAD and SPD -flush; -spdflush; - -# I am gateway B (eth0:192.168.2.130, eth1:200.200.200.20) -# -# Security policies -spdadd 192.168.2.0/24 192.168.1.0/24 any -P out ipsec - esp/tunnel/200.200.200.20-200.200.200.10/require; - -spdadd 192.168.1.0/24 192.168.2.0/24 any -P in ipsec - esp/tunnel/200.200.200.10-200.200.200.20/require; - - -# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) -# and hmac-sha2-256 authentication using 256 bit long keys -add 200.200.200.10 200.200.200.20 esp 0x10513 -m tunnel - -E 3des-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 - -A hmac-sha2-256 0x4de03bebf6beb4fdef5a67d349a09580466cc4e54503333b2a5fd34538c91198; - -add 200.200.200.20 200.200.200.10 esp 0x10514 -m tunnel - -E 3des-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df - -A hmac-sha2-256 0x5e01eb780b7ecc074ca2ca4fa4a5ea2ff841c977da0ce61c49d1fe767ea5452c; - diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-md5-transport b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-md5-transport deleted file mode 100755 index 5d55d001..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-md5-transport +++ /dev/null @@ -1,23 +0,0 @@ -#!/usr/sbin/setkey -f -#I am 200.200.200.20 - -flush; -spdflush; - -# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) -# and hmac-md5 authentication using 128 bit long keys -add 200.200.200.10 200.200.200.20 esp 0x10513 - -E aes-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 - -A hmac-md5 0xd5f603abc8cd9d19319ca32fb955b10f; - -add 200.200.200.20 200.200.200.10 esp 0x10514 - -E aes-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df - -A hmac-md5 0x1dd90b4c32dcbe9d37b555a23df5170e; - - -spdadd 200.200.200.20 200.200.200.10 any -P out ipsec - esp/transport//require; - -spdadd 200.200.200.10 200.200.200.20 any -P in ipsec - esp/transport//require; - diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-md5-tunnel b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-md5-tunnel deleted file mode 100755 index f49bd54a..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-md5-tunnel +++ /dev/null @@ -1,42 +0,0 @@ -#!/usr/sbin/setkey -f -# -# -# Example ESP Tunnel for VPN. -# -# ========= ESP ========= -# | | -# Network-A Gateway-A Gateway-B Network-B -# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24 -# -# ====== 83xx board A ====== ===== 83xx board B ===== -# | | | | -# eth0 eth1 eth1 eth0 -# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130 -# -# -# Board B setup -# -# Flush the SAD and SPD -flush; -spdflush; - -# I am gateway B (eth0:192.168.2.130, eth1:200.200.200.20) -# -# Security policies -spdadd 192.168.2.0/24 192.168.1.0/24 any -P out ipsec - esp/tunnel/200.200.200.20-200.200.200.10/require; - -spdadd 192.168.1.0/24 192.168.2.0/24 any -P in ipsec - esp/tunnel/200.200.200.10-200.200.200.20/require; - - -# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) -# and hmac-md5 authentication using 128 bit long keys -add 200.200.200.10 200.200.200.20 esp 0x201 -m tunnel - -E aes-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 - -A hmac-md5 0xd5f603abc8cd9d19319ca32fb955b10f; - -add 200.200.200.20 200.200.200.10 esp 0x301 -m tunnel - -E aes-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df - -A hmac-md5 0x1dd90b4c32dcbe9d37b555a23df5170e; - diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha1-transport b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha1-transport deleted file mode 100755 index d9c65a45..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha1-transport +++ /dev/null @@ -1,22 +0,0 @@ -#!/usr/sbin/setkey -f -#I am 200.200.200.20 - -flush; -spdflush; - -# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) -# and hmac-sha1 authentication using 160 bit long keys -add 200.200.200.10 200.200.200.20 esp 0x10513 - -E aes-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 - -A hmac-sha1 0xe9c43acd5e8d779b6e09c87347852708ab49bdd3; - -add 200.200.200.20 200.200.200.10 esp 0x10514 - -E aes-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df - -A hmac-sha1 0xea6856479330dc9c17b8f6c37e2a895363d83f21; - -# Security policies -spdadd 200.200.200.20 200.200.200.10 any -P out ipsec - esp/transport//require; - -spdadd 200.200.200.10 200.200.200.20 any -P in ipsec - esp/transport//require; diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha1-tunnel b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha1-tunnel deleted file mode 100755 index 1f10136a..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha1-tunnel +++ /dev/null @@ -1,41 +0,0 @@ -#!/usr/sbin/setkey -f -# -# -# Example ESP Tunnel for VPN. -# -# ========= ESP ========= -# | | -# Network-A Gateway-A Gateway-B Network-B -# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24 -# -# ====== 83xx board A ====== ===== 83xx board B ===== -# | | | | -# eth0 eth1 eth1 eth0 -# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130 -# -# -# Board B setup -# Flush the SAD and SPD -flush; -spdflush; - -# I am gateway B (eth0:192.168.2.130, eth1:200.200.200.20) -# -# Security policies - -spdadd 192.168.2.0/24 192.168.1.0/24 any -P out ipsec - esp/tunnel/200.200.200.20-200.200.200.10/require; - -spdadd 192.168.1.0/24 192.168.2.0/24 any -P in ipsec - esp/tunnel/200.200.200.10-200.200.200.20/require; - -# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) -# and hmac-sha1 authentication using 160 bit long keys -add 200.200.200.10 200.200.200.20 esp 0x201 -m tunnel - -E aes-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 - -A hmac-sha1 0xe9c43acd5e8d779b6e09c87347852708ab49bdd3; - -add 200.200.200.20 200.200.200.10 esp 0x301 -m tunnel - -E aes-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df - -A hmac-sha1 0xea6856479330dc9c17b8f6c37e2a895363d83f21; - diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha256-transport b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha256-transport deleted file mode 100755 index 817a8bd4..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha256-transport +++ /dev/null @@ -1,23 +0,0 @@ -#!/usr/sbin/setkey -f -#I am 200.200.200.20 - -flush; -spdflush; - -# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) -# and hmac-sha2-256 authentication using 256 bit long keys -add 200.200.200.10 200.200.200.20 esp 0x10513 - -E aes-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 - -A hmac-sha2-256 0x4de03bebf6beb4fdef5a67d349a09580466cc4e54503333b2a5fd34538c91198; - -add 200.200.200.20 200.200.200.10 esp 0x10514 - -E aes-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df - -A hmac-sha2-256 0x5e01eb780b7ecc074ca2ca4fa4a5ea2ff841c977da0ce61c49d1fe767ea5452c; - - -spdadd 200.200.200.20 200.200.200.10 any -P out ipsec - esp/transport//require; - -spdadd 200.200.200.10 200.200.200.20 any -P in ipsec - esp/transport//require; - diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha256-tunnel b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha256-tunnel deleted file mode 100755 index 9bca18fb..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha256-tunnel +++ /dev/null @@ -1,42 +0,0 @@ -#!/usr/sbin/setkey -f -# -# -# Example ESP Tunnel for VPN. -# -# ========= ESP ========= -# | | -# Network-A Gateway-A Gateway-B Network-B -# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24 -# -# ====== 83xx board A ====== ===== 83xx board B ===== -# | | | | -# eth0 eth1 eth1 eth0 -# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130 -# -# -# Board A setup -# -# Flush the SAD and SPD -flush; -spdflush; - -# I am gateway B (eth0:192.168.2.130, eth1:200.200.200.20) -# -# Security policies -spdadd 192.168.2.0/24 192.168.1.0/24 any -P out ipsec - esp/tunnel/200.200.200.20-200.200.200.10/require; - -spdadd 192.168.1.0/24 192.168.2.0/24 any -P in ipsec - esp/tunnel/200.200.200.10-200.200.200.20/require; - - -# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity) -# and hmac-sha2-256 authentication using 256 bit long keys -add 200.200.200.10 200.200.200.20 esp 0x10513 -m tunnel - -E aes-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831 - -A hmac-sha2-256 0x4de03bebf6beb4fdef5a67d349a09580466cc4e54503333b2a5fd34538c91198; - -add 200.200.200.20 200.200.200.10 esp 0x10514 -m tunnel - -E aes-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df - -A hmac-sha2-256 0x5e01eb780b7ecc074ca2ca4fa4a5ea2ff841c977da0ce61c49d1fe767ea5452c; - diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-null-null-transport b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-null-null-transport deleted file mode 100755 index 26dfe2e1..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-null-null-transport +++ /dev/null @@ -1,23 +0,0 @@ -#!/usr/sbin/setkey -f -#I am 200.200.200.20 - -flush; -spdflush; - -# ESP SAs doing null encryption -# and null authentication -add 200.200.200.10 200.200.200.20 esp 0x10513 - -E null - -A null; - -add 200.200.200.20 200.200.200.10 esp 0x10514 - -E null - -A null; - - -spdadd 200.200.200.20 200.200.200.10 any -P out ipsec - esp/transport//require; - -spdadd 200.200.200.10 200.200.200.20 any -P in ipsec - esp/transport//require; - diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-null-null-tunnel b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-null-null-tunnel deleted file mode 100755 index bc4f38eb..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-null-null-tunnel +++ /dev/null @@ -1,42 +0,0 @@ -#!/usr/sbin/setkey -f -# -# -# Example ESP Tunnel for VPN. -# -# ========= ESP ========= -# | | -# Network-A Gateway-A Gateway-B Network-B -# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24 -# -# ====== 83xx board A ====== ===== 83xx board B ===== -# | | | | -# eth0 eth1 eth1 eth0 -# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130 -# -# -# Board B setup -# -# Flush the SAD and SPD -flush; -spdflush; - -# I am gateway B (eth0:192.168.2.130, eth1:200.200.200.20) -# -# Security policies -spdadd 192.168.2.0/24 192.168.1.0/24 any -P out ipsec - esp/tunnel/200.200.200.20-200.200.200.10/require; - -spdadd 192.168.1.0/24 192.168.2.0/24 any -P in ipsec - esp/tunnel/200.200.200.10-200.200.200.20/require; - - -# ESP SAs doing null encryption -# and null authentication -add 200.200.200.10 200.200.200.20 esp 0x201 -m tunnel - -E null - -A null; - -add 200.200.200.20 200.200.200.10 esp 0x301 -m tunnel - -E null - -A null; - diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.ipv4 b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.ipv4 deleted file mode 100755 index 67cd1b2c..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.ipv4 +++ /dev/null @@ -1,2 +0,0 @@ -set -v -route add -net 192.168.1.0 netmask 255.255.255.0 gw 200.200.200.10 diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/setup b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/setup deleted file mode 100755 index 9e6fa7fa..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/setup +++ /dev/null @@ -1,47 +0,0 @@ -# setup - quick setup for left or right side of ipsec test -# see README for example use. - -SCRIPT_HOME=/test_setkey/ -cd $SCRIPT_HOME - -export PATH=$SCRIPT_HOME:$PATH - -if [ "$1" != "left" -a "$1" != "right" ] ; then - echo "Usage: $0 side [config] [driver]" - echo " where side is either left or right." - echo " where config is either" - echo " aes-sha1-tunnel (default)" - echo " or 3des-sha1-tunnel" - echo " if driver is supplied, script does 'modprobe driver'" - exit 1 -fi - -SIDE=$1 -POLICY_CFG=$SIDE.conf -DEFAULT_POLICY=aes-sha1-tunnel - -if [ -n "$2" ] ; then - POLICY=$2 -else - POLICY=$DEFAULT_POLICY -fi - -SETKEY_FILE=$POLICY_CFG-$POLICY - -if [ ! -f $SETKEY_FILE ] ; then - echo "Missing setkey command file: $SETKEY_FILE" - exit 1 -fi - -# modprobe any driver name given as last parameter -if [ -n "$3" ] ; then - modprobe $3 -fi - -SETUP_CMD_FILE=./setup_$SIDE -. $SETUP_CMD_FILE - -$SETKEY_FILE - -setkey -D -setkey -D -P diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/setup_left b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/setup_left deleted file mode 100755 index da769099..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/setup_left +++ /dev/null @@ -1,13 +0,0 @@ -# board on left setup -set -v -ifconfig eth0 down -ifconfig eth0 hw ether 00:04:9F:11:22:33 -ifconfig eth0 192.168.1.130 netmask 255.255.255.0 -ifconfig eth0 up -ifconfig eth1 down -ifconfig eth1 hw ether 00:E0:0C:00:7D:FD -ifconfig eth1 200.200.200.10 netmask 255.255.255.0 -ifconfig eth1 up -arp -s 192.168.1.21 00:00:00:00:00:01 -route add default dev eth1 -echo 1 > /proc/sys/net/ipv4/ip_forward diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/setup_right b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/setup_right deleted file mode 100755 index f0e333ee..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/setup_right +++ /dev/null @@ -1,13 +0,0 @@ -# board on right setup -set -v -ifconfig eth0 down -ifconfig eth0 hw ether 00:E0:0C:00:01:FD -ifconfig eth0 192.168.2.130 netmask 255.255.255.0 -ifconfig eth0 up -ifconfig eth1 down -ifconfig eth1 hw ether 00:E0:0C:00:00:FD -ifconfig eth1 200.200.200.20 netmask 255.255.255.0 -ifconfig eth1 up -arp -s 192.168.2.21 00:00:00:00:00:02 -route add default dev eth1 -echo 1 > /proc/sys/net/ipv4/ip_forward diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswan.conf b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswan.conf deleted file mode 100644 index 1701f4ab..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswan.conf +++ /dev/null @@ -1,19 +0,0 @@ -# strongswan.conf - strongSwan configuration file - -charon { - load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac xcbc stroke kernel-netlink socket-raw updown - multiple_authentication = no -} - -pluto { - - # plugins to load in pluto - #load = aes des sha1 md5 sha2 hmac gmp random pubkey - -} - -libstrongswan { - - # set to no, the DH exponent size is optimized - # dh_exponent_ansi_x9_42 = no -} diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswanCert.pem b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswanCert.pem deleted file mode 100644 index 0865ad22..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswanCert.pem +++ /dev/null @@ -1,22 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDuDCCAqCgAwIBAgIBADANBgkqhkiG9w0BAQsFADBFMQswCQYDVQQGEwJDSDEZ -MBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEbMBkGA1UEAxMSc3Ryb25nU3dhbiBS -b290IENBMB4XDTA0MDkxMDEwMDExOFoXDTE5MDkwNzEwMDExOFowRTELMAkGA1UE -BhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xGzAZBgNVBAMTEnN0cm9u -Z1N3YW4gUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL/y -X2LqPVZuWLPIeknK86xhz6ljd3NNhC2z+P1uoCP3sBMuZiZQEjFzhnKcbXxCeo2f -FnvhOOjrrisSuVkzuu82oxXD3fIkzuS7m9V4E10EZzgmKWIf+WuNRfbgAuUINmLc -4YGAXBQLPyzpP4Ou48hhz/YQo58Bics6PHy5v34qCVROIXDvqhj91P8g+pS+F21/ -7P+CH2jRcVIEHZtG8M/PweTPQ95dPzpYd2Ov6SZ/U7EWmbMmT8VcUYn1aChxFmy5 -gweVBWlkH6MP+1DeE0/tL5c87xo5KCeGK8Tdqpe7sBRC4pPEEHDQciTUvkeuJ1Pr -K+1LwdqRxo7HgMRiDw8CAwEAAaOBsjCBrzASBgNVHRMBAf8ECDAGAQH/AgEBMAsG -A1UdDwQEAwIBBjAdBgNVHQ4EFgQUXafdcAZRMn7ntm2zteXgYOouTe8wbQYDVR0j -BGYwZIAUXafdcAZRMn7ntm2zteXgYOouTe+hSaRHMEUxCzAJBgNVBAYTAkNIMRkw -FwYDVQQKExBMaW51eCBzdHJvbmdTd2FuMRswGQYDVQQDExJzdHJvbmdTd2FuIFJv -b3QgQ0GCAQAwDQYJKoZIhvcNAQELBQADggEBACOSmqEBtBLR9aV3UyCI8gmzR5in -Lte9aUXXS+qis6F2h2Stf4sN+Nl6Gj7REC6SpfEH4wWdwiUL5J0CJhyoOjQuDl3n -1Dw3dE4/zqMZdyDKEYTU75TmvusNJBdGsLkrf7EATAjoi/nrTOYPPhSUZvPp/D+Y -vORJ9Ej51GXlK1nwEB5iA8+tDYniNQn6BD1MEgIejzK+fbiy7braZB1kqhoEr2Si -7luBSnU912sw494E88a2EWbmMvg2TVHPNzCpVkpNk7kifCiwmw9VldkqYy9y/lCa -Epyp7lTfKw7cbD04Vk8QJW782L6Csuxkl346b17wmOqn8AZips3tFsuAY3w= ------END CERTIFICATE----- diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswan_left b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswan_left deleted file mode 100755 index e55c3e42..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswan_left +++ /dev/null @@ -1,10 +0,0 @@ -#strongswan on left board -set -v -cp -rf ipsec.conf.left /etc/ipsec.conf -cp -rf ipsec.secrets.left /etc/ipsec.secrets -cp -rf strongswan.conf /etc/ -cp -rf strongswanCert.pem /etc/ipsec.d/cacerts/ -cp -rf moonCert.pem /etc/ipsec.d/certs/ -mkdir /etc/ipsec.d/private -cp -rf sunKey.pem /etc/ipsec.d/private/ -cp -rf moonKey.pem /etc/ipsec.d/private/ diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswan_right b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswan_right deleted file mode 100755 index bcdbb731..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswan_right +++ /dev/null @@ -1,10 +0,0 @@ -#strongswan on left board -set -v -cp -rf ipsec.conf.right /etc/ipsec.conf -cp -rf ipsec.secrets.right /etc/ipsec.secrets -cp -rf strongswan.conf /etc/ -cp -rf strongswanCert.pem /etc/ipsec.d/cacerts/ -cp -rf sunCert.pem /etc/ipsec.d/certs/ -mkdir /etc/ipsec.d/private -cp -rf sunKey.pem /etc/ipsec.d/private/ -cp -rf moonKey.pem /etc/ipsec.d/private/ diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/sunCert.pem b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/sunCert.pem deleted file mode 100644 index d0937bab..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/sunCert.pem +++ /dev/null @@ -1,25 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIEIDCCAwigAwIBAgIBFjANBgkqhkiG9w0BAQsFADBFMQswCQYDVQQGEwJDSDEZ -MBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEbMBkGA1UEAxMSc3Ryb25nU3dhbiBS -b290IENBMB4XDTA5MDgyNzA5NTkwNFoXDTE0MDgyNjA5NTkwNFowRTELMAkGA1UE -BhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xGzAZBgNVBAMTEnN1bi5z -dHJvbmdzd2FuLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN+V -VIpn6Q5jaU//EN6p6A5cSfUfhBK0mFa2laFFZh/Y0h66AXqqrQ3X917h7YNsSk68 -oowY9h9I3gOx7hNVBsJr2VjdYC+b0q5NTha09/A5mimv/prYj6o0yawxoPjoDs9Y -h7D7Kf+F8fkgk0stlHJZX66J7dNrFXbg1xBld+Ep5Or2FbEZ9QWUpRQTuhdpNt/4 -9YuxQ59DemY9IRbwsrKCHH0mGrJsDdqeb0ap+8QvSXHjCt1fr9MNKWaAFAQLKQI4 -e0da1ntPCEQLeE833+NNRBgGufk0KqGT3eAXqrxa9AEIUJnVcPexQdqUMjcUpXFb -8WNzRWB8Egh3BDK6FsECAwEAAaOCARkwggEVMAkGA1UdEwQCMAAwCwYDVR0PBAQD -AgOoMB0GA1UdDgQWBBRW1p4v2qihzRlcI1PnxbZwluML+zBtBgNVHSMEZjBkgBRd -p91wBlEyfue2bbO15eBg6i5N76FJpEcwRTELMAkGA1UEBhMCQ0gxGTAXBgNVBAoT -EExpbnV4IHN0cm9uZ1N3YW4xGzAZBgNVBAMTEnN0cm9uZ1N3YW4gUm9vdCBDQYIB -ADAdBgNVHREEFjAUghJzdW4uc3Ryb25nc3dhbi5vcmcwEwYDVR0lBAwwCgYIKwYB -BQUHAwEwOQYDVR0fBDIwMDAuoCygKoYoaHR0cDovL2NybC5zdHJvbmdzd2FuLm9y -Zy9zdHJvbmdzd2FuLmNybDANBgkqhkiG9w0BAQsFAAOCAQEAo37LYT9Awx0MK/nA -FZpPJqUr0Ey+O5Ukcsdx7nd00SlmpiQRY8KmuRXCBQnDEgdLstd3slQjT0pJEgWF -0pzxybnI6eOzYAhLfhart+X1hURiNGbXjggm2s4I5+K32bVIkNEqlsYnd/6F9oo5 -ZNO0/eTTruLZfkNe/zchBGKe/Z7MacVwlYWWCbMtBV4K1d5dGcRRgpQ9WivDlmat -Nh9wlscDSgSGk3HJkbxnq695VN7zUbDWAUvWWhV5bIDjlAR/xyT9ApqIxiyVVRul -fYrE7U05Hbt6GgAroAKLp6qJup9+TxQAKSjKIwJ0hf7OuYyQ8TZtVHS7AOhm+T/5 -G/jGGA== ------END CERTIFICATE----- diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/sunKey.pem b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/sunKey.pem deleted file mode 100644 index d8fad9aa..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/sunKey.pem +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEpAIBAAKCAQEA35VUimfpDmNpT/8Q3qnoDlxJ9R+EErSYVraVoUVmH9jSHroB -eqqtDdf3XuHtg2xKTryijBj2H0jeA7HuE1UGwmvZWN1gL5vSrk1OFrT38DmaKa/+ -mtiPqjTJrDGg+OgOz1iHsPsp/4Xx+SCTSy2Ucllfront02sVduDXEGV34Snk6vYV -sRn1BZSlFBO6F2k23/j1i7FDn0N6Zj0hFvCysoIcfSYasmwN2p5vRqn7xC9JceMK -3V+v0w0pZoAUBAspAjh7R1rWe08IRAt4Tzff401EGAa5+TQqoZPd4BeqvFr0AQhQ -mdVw97FB2pQyNxSlcVvxY3NFYHwSCHcEMroWwQIDAQABAoIBADH51hjN2zk9HVgl -QmcTAWzcUie5cLMhrP+M9mtC8O3jcCwwFY6OwfnbMU8DHy0GMqHg5lB8b99UUVPw -HLAzjDw/ESkc6pgZs4EEhJTsxJLsvTnePgHssEgyXnXf7gRVEqJkPohfy+Zy0UCH -eIUQXiMlOQ7xg7iDMhwNa+UdWSt539DztSKilQn2xdPZjFnMT0/prvl4NA/8Zn54 -/SdWDq5yRdLWb6EK1V7yJ3687GXR1jzGtgy7TXuncUJVTYgX7RdP1Tn6gWD8YAQ/ -RfT0DdWYm4WHSgSb9/NW8lBZH2yy3hg+lNgofXEvTfBkO5QyW31LIr0tCV6zhJIc -Y9MxaKUCgYEA9sktaXfhPLe0ECjdeQEOq5EKuDrCviSKCOuAV4BDSOsdw6+5LWfY -Vb/oke8N70lL3RCblcj1pOKWUi2O/SpEJdDRduiw2gM9cXt3/bChSTHC4TsIxxN/ -Db9OGg72kZ4sRY5Au+zyAAQYBwXhFWux194Jk5qK0JblNG9J5QMqZDcCgYEA5+5h -BgHUMEO+pdME5lAiSc5PcNTejpA6j+OikCh4/HFXy3C/dLx+Cs1+egw64c8iVaIv -NEo7n7E9I0e3XqanPRXhMnBRrP+39OVsWPmZ18Li2Hi84KwJyi8Y11l3XJOqaYpF -wMVUuZpxR0dfG5k/5GwT/tEkmQBglOgG3m2zUMcCgYEA4m3Vd9ahV5dp5AXKpzKc -JjiPMFfhxJo7+FEz0ZUCp03qYljBu/Jy4MKS/grrqyiCLdQGHNlk4SNxLvdUId78 -5gGBnuuDEJU2dAAIKUE9yq2YlBUZSacOxStI2snt28/X6P3LUWHm7LLU5OS1D3Vf -mKPF/6MlSJuas5CEqVZNN+MCgYBH9Qh7IaQgmVQUBKVXg3Mv7OduvUyTdKIGtHxi -N3xZ7hxsDP4JjNWaKmlcGmFGX8pqQRheI83d3NJ4GK8GmbP3Wst0p65fezMqsudr -r30QmPFicgs/tYCQDw6o+aPzwAi2F+VOSqrfrtAIaldSq7hL+VA21dKB+cD9UgOX -jPd+TwKBgQCbKeg2QNS2qhPIG9eaqJDROuxmxb/07d7OBctgMgxVvKhqW9hW42Sy -gJ59fyz5QjFBaSfcOdf4gkKyEawVo45/q6ymIQU37R4vF4CW9Z3CfaIbwJp7LcHV -zH07so/HNsZua6GWCSCLJU5MeCRiZzk2RFiS9KIaLP4gZndv4lXOiQ== ------END RSA PRIVATE KEY----- diff --git a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo_0.1.bb b/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo_0.1.bb deleted file mode 100644 index 1a4ae6dd..00000000 --- a/dynamic-layers/networking-layer/recipes-connectivity/ipsec-demo/ipsec-demo_0.1.bb +++ /dev/null @@ -1,26 +0,0 @@ -SUMMARY = "Scripts and configuration files for ipsec demo" -LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420" - -RDEPENDS_${PN} = "ipsec-tools bash" - -inherit allarch - -SRC_URI = "file://test_setkey" - -S = "${WORKDIR}" - -do_configure[noexec] = "1" -do_compile[noexec] = "1" - -do_install(){ - install -d ${D}${datadir} - cp -a ${WORKDIR}/test_setkey ${D}${datadir}/ - chown -R root:root ${D}${datadir}/test_setkey -} - -FILES_${PN} = "${datadir}/*" - -COMPATIBLE_MACHINE = "(qoriq)" -PACKAGE_ARCH = "${MACHINE_SOCARCH}" - -- 2.40.1