use iptables-restore in all ikev2 firewall scenarios
authorAndreas Steffen <andreas.steffen@strongswan.org>
Sun, 6 Jan 2013 07:43:51 +0000 (08:43 +0100)
committerTobias Brunner <tobias@strongswan.org>
Thu, 17 Jan 2013 15:55:00 +0000 (16:55 +0100)
commitd815235d17a0391fa5f72bb61a37b3a9fc57cdc7
treef890eab0bb94ae133809a471e2f3b3e363cfcae0
parent28b7db2b3c09acb617d38dae07611a9b833aee33
use iptables-restore in all ikev2 firewall scenarios
245 files changed:
testing/tests/ikev2/after-2038-certs/posttest.dat
testing/tests/ikev2/after-2038-certs/pretest.dat
testing/tests/ikev2/alg-3des-md5/posttest.dat
testing/tests/ikev2/alg-3des-md5/pretest.dat
testing/tests/ikev2/alg-aes-ccm/posttest.dat
testing/tests/ikev2/alg-aes-ccm/pretest.dat
testing/tests/ikev2/alg-aes-ctr/posttest.dat
testing/tests/ikev2/alg-aes-ctr/pretest.dat
testing/tests/ikev2/alg-aes-gcm/posttest.dat
testing/tests/ikev2/alg-aes-gcm/pretest.dat
testing/tests/ikev2/alg-aes-xcbc/posttest.dat
testing/tests/ikev2/alg-aes-xcbc/pretest.dat
testing/tests/ikev2/alg-blowfish/posttest.dat
testing/tests/ikev2/alg-blowfish/pretest.dat
testing/tests/ikev2/alg-modp-subgroup/posttest.dat
testing/tests/ikev2/alg-modp-subgroup/pretest.dat
testing/tests/ikev2/alg-sha256-96/posttest.dat
testing/tests/ikev2/alg-sha256-96/pretest.dat
testing/tests/ikev2/alg-sha256/posttest.dat
testing/tests/ikev2/alg-sha256/pretest.dat
testing/tests/ikev2/alg-sha384/posttest.dat
testing/tests/ikev2/alg-sha384/pretest.dat
testing/tests/ikev2/alg-sha512/posttest.dat
testing/tests/ikev2/alg-sha512/pretest.dat
testing/tests/ikev2/config-payload-swapped/posttest.dat
testing/tests/ikev2/config-payload-swapped/pretest.dat
testing/tests/ikev2/config-payload/posttest.dat
testing/tests/ikev2/config-payload/pretest.dat
testing/tests/ikev2/critical-extension/posttest.dat
testing/tests/ikev2/critical-extension/pretest.dat
testing/tests/ikev2/default-keys/hosts/moon/etc/init.d/iptables [deleted file]
testing/tests/ikev2/default-keys/hosts/moon/etc/iptables.rules [new file with mode: 0644]
testing/tests/ikev2/default-keys/posttest.dat
testing/tests/ikev2/default-keys/pretest.dat
testing/tests/ikev2/dhcp-dynamic/hosts/moon/etc/init.d/iptables [deleted file]
testing/tests/ikev2/dhcp-dynamic/hosts/moon/etc/iptables.rules [new file with mode: 0644]
testing/tests/ikev2/dhcp-dynamic/posttest.dat
testing/tests/ikev2/dhcp-dynamic/pretest.dat
testing/tests/ikev2/dhcp-static-client-id/hosts/moon/etc/init.d/iptables [deleted file]
testing/tests/ikev2/dhcp-static-client-id/hosts/moon/etc/iptables.rules [new file with mode: 0644]
testing/tests/ikev2/dhcp-static-client-id/posttest.dat
testing/tests/ikev2/dhcp-static-client-id/pretest.dat
testing/tests/ikev2/dhcp-static-mac/hosts/moon/etc/init.d/iptables [deleted file]
testing/tests/ikev2/dhcp-static-mac/hosts/moon/etc/iptables.rules [new file with mode: 0644]
testing/tests/ikev2/dhcp-static-mac/posttest.dat
testing/tests/ikev2/dhcp-static-mac/pretest.dat
testing/tests/ikev2/double-nat-net/hosts/bob/etc/iptables.rules [new file with mode: 0644]
testing/tests/ikev2/double-nat-net/posttest.dat
testing/tests/ikev2/double-nat-net/pretest.dat
testing/tests/ikev2/double-nat/hosts/bob/etc/iptables.rules [new file with mode: 0644]
testing/tests/ikev2/double-nat/posttest.dat
testing/tests/ikev2/double-nat/pretest.dat
testing/tests/ikev2/dynamic-initiator/posttest.dat
testing/tests/ikev2/dynamic-initiator/pretest.dat
testing/tests/ikev2/dynamic-two-peers/posttest.dat
testing/tests/ikev2/dynamic-two-peers/pretest.dat
testing/tests/ikev2/esp-alg-aes-gmac/posttest.dat
testing/tests/ikev2/esp-alg-aes-gmac/pretest.dat
testing/tests/ikev2/esp-alg-md5-128/posttest.dat
testing/tests/ikev2/esp-alg-md5-128/pretest.dat
testing/tests/ikev2/esp-alg-null/posttest.dat
testing/tests/ikev2/esp-alg-null/pretest.dat
testing/tests/ikev2/esp-alg-sha1-160/posttest.dat
testing/tests/ikev2/esp-alg-sha1-160/pretest.dat
testing/tests/ikev2/farp/posttest.dat
testing/tests/ikev2/farp/pretest.dat
testing/tests/ikev2/force-udp-encaps/hosts/sun/etc/init.d/iptables [deleted file]
testing/tests/ikev2/force-udp-encaps/hosts/sun/etc/iptables.rules [new file with mode: 0644]
testing/tests/ikev2/force-udp-encaps/posttest.dat
testing/tests/ikev2/force-udp-encaps/pretest.dat
testing/tests/ikev2/host2host-cert/posttest.dat
testing/tests/ikev2/host2host-cert/pretest.dat
testing/tests/ikev2/host2host-swapped/posttest.dat
testing/tests/ikev2/host2host-swapped/pretest.dat
testing/tests/ikev2/host2host-transport/posttest.dat
testing/tests/ikev2/host2host-transport/pretest.dat
testing/tests/ikev2/ip-pool-db/posttest.dat
testing/tests/ikev2/ip-pool-db/pretest.dat
testing/tests/ikev2/ip-pool-wish/posttest.dat
testing/tests/ikev2/ip-pool-wish/pretest.dat
testing/tests/ikev2/ip-pool/posttest.dat
testing/tests/ikev2/ip-pool/pretest.dat
testing/tests/ikev2/ip-two-pools-db/hosts/alice/etc/init.d/iptables [deleted file]
testing/tests/ikev2/ip-two-pools-db/hosts/moon/etc/init.d/iptables [deleted file]
testing/tests/ikev2/ip-two-pools-db/hosts/moon/etc/iptables.rules [new file with mode: 0644]
testing/tests/ikev2/ip-two-pools-db/hosts/venus/etc/init.d/iptables [deleted file]
testing/tests/ikev2/ip-two-pools-db/posttest.dat
testing/tests/ikev2/ip-two-pools-db/pretest.dat
testing/tests/ikev2/ip-two-pools-mixed/hosts/alice/etc/init.d/iptables [deleted file]
testing/tests/ikev2/ip-two-pools-mixed/hosts/moon/etc/init.d/iptables [deleted file]
testing/tests/ikev2/ip-two-pools-mixed/hosts/moon/etc/iptables.rules [new file with mode: 0644]
testing/tests/ikev2/ip-two-pools-mixed/posttest.dat
testing/tests/ikev2/ip-two-pools-mixed/pretest.dat
testing/tests/ikev2/ip-two-pools/hosts/alice/etc/init.d/iptables [deleted file]
testing/tests/ikev2/ip-two-pools/hosts/moon/etc/init.d/iptables [deleted file]
testing/tests/ikev2/ip-two-pools/hosts/moon/etc/iptables.rules [new file with mode: 0644]
testing/tests/ikev2/ip-two-pools/posttest.dat
testing/tests/ikev2/ip-two-pools/pretest.dat
testing/tests/ikev2/mobike-nat/hosts/alice/etc/init.d/iptables [deleted file]
testing/tests/ikev2/mobike-nat/hosts/alice/etc/iptables.rules [new file with mode: 0644]
testing/tests/ikev2/mobike-nat/hosts/sun/etc/init.d/iptables [deleted file]
testing/tests/ikev2/mobike-nat/hosts/sun/etc/iptables.rules [new file with mode: 0644]
testing/tests/ikev2/mobike-nat/posttest.dat
testing/tests/ikev2/mobike-nat/pretest.dat
testing/tests/ikev2/mobike-virtual-ip/hosts/alice/etc/init.d/iptables [deleted file]
testing/tests/ikev2/mobike-virtual-ip/hosts/alice/etc/iptables.rules [new file with mode: 0644]
testing/tests/ikev2/mobike-virtual-ip/hosts/sun/etc/init.d/iptables [deleted file]
testing/tests/ikev2/mobike-virtual-ip/hosts/sun/etc/iptables.rules [new file with mode: 0644]
testing/tests/ikev2/mobike-virtual-ip/posttest.dat
testing/tests/ikev2/mobike-virtual-ip/pretest.dat
testing/tests/ikev2/mobike/hosts/alice/etc/init.d/iptables [deleted file]
testing/tests/ikev2/mobike/hosts/alice/etc/iptables.rules [new file with mode: 0644]
testing/tests/ikev2/mobike/hosts/sun/etc/init.d/iptables [deleted file]
testing/tests/ikev2/mobike/hosts/sun/etc/iptables.rules [new file with mode: 0644]
testing/tests/ikev2/mobike/posttest.dat
testing/tests/ikev2/mobike/pretest.dat
testing/tests/ikev2/mult-auth-rsa-eap-sim-id/hosts/moon/etc/init.d/iptables [deleted file]
testing/tests/ikev2/mult-auth-rsa-eap-sim-id/hosts/moon/etc/iptables.rules [new file with mode: 0644]
testing/tests/ikev2/multi-level-ca-ldap/hosts/moon/etc/init.d/iptables [deleted file]
testing/tests/ikev2/multi-level-ca-ldap/hosts/moon/etc/iptables.rules [new file with mode: 0644]
testing/tests/ikev2/multi-level-ca-ldap/posttest.dat
testing/tests/ikev2/multi-level-ca-ldap/pretest.dat
testing/tests/ikev2/nat-rw-mark/hosts/sun/etc/iptables.rules [new file with mode: 0644]
testing/tests/ikev2/nat-rw-mark/posttest.dat
testing/tests/ikev2/nat-rw-mark/pretest.dat
testing/tests/ikev2/nat-rw-psk/hosts/sun/etc/iptables.rules [new file with mode: 0644]
testing/tests/ikev2/nat-rw-psk/posttest.dat
testing/tests/ikev2/nat-rw-psk/pretest.dat
testing/tests/ikev2/nat-rw/hosts/sun/etc/iptables.rules [new file with mode: 0644]
testing/tests/ikev2/nat-rw/posttest.dat
testing/tests/ikev2/nat-rw/pretest.dat
testing/tests/ikev2/nat-virtual-ip/posttest.dat
testing/tests/ikev2/nat-virtual-ip/pretest.dat
testing/tests/ikev2/net2net-cert/posttest.dat
testing/tests/ikev2/net2net-cert/pretest.dat
testing/tests/ikev2/net2net-esn/posttest.dat
testing/tests/ikev2/net2net-esn/pretest.dat
testing/tests/ikev2/net2net-pgp-v3/posttest.dat
testing/tests/ikev2/net2net-pgp-v3/pretest.dat
testing/tests/ikev2/net2net-pgp-v4/posttest.dat
testing/tests/ikev2/net2net-pgp-v4/pretest.dat
testing/tests/ikev2/net2net-psk-dscp/posttest.dat
testing/tests/ikev2/net2net-psk-dscp/pretest.dat
testing/tests/ikev2/net2net-psk-fail/posttest.dat
testing/tests/ikev2/net2net-psk-fail/pretest.dat
testing/tests/ikev2/net2net-psk/posttest.dat
testing/tests/ikev2/net2net-psk/pretest.dat
testing/tests/ikev2/net2net-pubkey/posttest.dat
testing/tests/ikev2/net2net-pubkey/pretest.dat
testing/tests/ikev2/net2net-rfc3779/posttest.dat
testing/tests/ikev2/net2net-rfc3779/pretest.dat
testing/tests/ikev2/net2net-route/posttest.dat
testing/tests/ikev2/net2net-route/pretest.dat
testing/tests/ikev2/net2net-rsa/posttest.dat
testing/tests/ikev2/net2net-rsa/pretest.dat
testing/tests/ikev2/net2net-same-nets/posttest.dat
testing/tests/ikev2/net2net-same-nets/pretest.dat
testing/tests/ikev2/net2net-start/posttest.dat
testing/tests/ikev2/net2net-start/pretest.dat
testing/tests/ikev2/protoport-dual/posttest.dat
testing/tests/ikev2/protoport-dual/pretest.dat
testing/tests/ikev2/protoport-route/posttest.dat
testing/tests/ikev2/protoport-route/pretest.dat
testing/tests/ikev2/reauth-early/posttest.dat
testing/tests/ikev2/reauth-early/pretest.dat
testing/tests/ikev2/reauth-late/posttest.dat
testing/tests/ikev2/reauth-late/pretest.dat
testing/tests/ikev2/rw-eap-aka-id-rsa/posttest.dat
testing/tests/ikev2/rw-eap-aka-id-rsa/pretest.dat
testing/tests/ikev2/rw-eap-aka-rsa/posttest.dat
testing/tests/ikev2/rw-eap-aka-rsa/pretest.dat
testing/tests/ikev2/rw-eap-dynamic/posttest.dat
testing/tests/ikev2/rw-eap-dynamic/pretest.dat
testing/tests/ikev2/rw-eap-md5-class-radius/hosts/moon/etc/init.d/iptables [deleted file]
testing/tests/ikev2/rw-eap-md5-class-radius/hosts/moon/etc/iptables.rules [new file with mode: 0644]
testing/tests/ikev2/rw-eap-md5-class-radius/posttest.dat
testing/tests/ikev2/rw-eap-md5-class-radius/pretest.dat
testing/tests/ikev2/rw-eap-md5-id-prompt/posttest.dat
testing/tests/ikev2/rw-eap-md5-id-prompt/pretest.dat
testing/tests/ikev2/rw-eap-md5-id-radius/hosts/moon/etc/init.d/iptables [deleted file]
testing/tests/ikev2/rw-eap-md5-id-radius/hosts/moon/etc/iptables.rules [new file with mode: 0644]
testing/tests/ikev2/rw-eap-md5-id-radius/posttest.dat
testing/tests/ikev2/rw-eap-md5-id-radius/pretest.dat
testing/tests/ikev2/rw-eap-md5-radius/hosts/moon/etc/init.d/iptables [deleted file]
testing/tests/ikev2/rw-eap-md5-radius/hosts/moon/etc/iptables.rules [new file with mode: 0644]
testing/tests/ikev2/rw-eap-md5-radius/posttest.dat
testing/tests/ikev2/rw-eap-md5-radius/pretest.dat
testing/tests/ikev2/rw-eap-md5-rsa/posttest.dat
testing/tests/ikev2/rw-eap-md5-rsa/pretest.dat
testing/tests/ikev2/rw-eap-mschapv2-id-rsa/posttest.dat
testing/tests/ikev2/rw-eap-mschapv2-id-rsa/pretest.dat
testing/tests/ikev2/rw-eap-peap-md5/posttest.dat
testing/tests/ikev2/rw-eap-peap-md5/pretest.dat
testing/tests/ikev2/rw-eap-peap-mschapv2/posttest.dat
testing/tests/ikev2/rw-eap-peap-mschapv2/pretest.dat
testing/tests/ikev2/rw-eap-peap-radius/hosts/moon/etc/init.d/iptables [deleted file]
testing/tests/ikev2/rw-eap-peap-radius/hosts/moon/etc/iptables.rules [new file with mode: 0644]
testing/tests/ikev2/rw-eap-peap-radius/posttest.dat
testing/tests/ikev2/rw-eap-peap-radius/pretest.dat
testing/tests/ikev2/rw-eap-sim-id-radius/hosts/moon/etc/init.d/iptables [deleted file]
testing/tests/ikev2/rw-eap-sim-id-radius/hosts/moon/etc/iptables.rules [new file with mode: 0644]
testing/tests/ikev2/rw-eap-sim-id-radius/posttest.dat
testing/tests/ikev2/rw-eap-sim-id-radius/pretest.dat
testing/tests/ikev2/rw-eap-sim-only-radius/hosts/moon/etc/init.d/iptables [deleted file]
testing/tests/ikev2/rw-eap-sim-only-radius/hosts/moon/etc/iptables.rules [new file with mode: 0644]
testing/tests/ikev2/rw-eap-sim-only-radius/posttest.dat
testing/tests/ikev2/rw-eap-sim-only-radius/pretest.dat
testing/tests/ikev2/rw-eap-sim-radius/hosts/moon/etc/init.d/iptables [deleted file]
testing/tests/ikev2/rw-eap-sim-radius/hosts/moon/etc/iptables.rules [new file with mode: 0644]
testing/tests/ikev2/rw-eap-sim-radius/posttest.dat
testing/tests/ikev2/rw-eap-sim-radius/pretest.dat
testing/tests/ikev2/rw-eap-sim-rsa/posttest.dat
testing/tests/ikev2/rw-eap-sim-rsa/pretest.dat
testing/tests/ikev2/rw-eap-tls-fragments/posttest.dat
testing/tests/ikev2/rw-eap-tls-fragments/pretest.dat
testing/tests/ikev2/rw-eap-tls-only/posttest.dat
testing/tests/ikev2/rw-eap-tls-only/pretest.dat
testing/tests/ikev2/rw-eap-ttls-only/posttest.dat
testing/tests/ikev2/rw-eap-ttls-only/pretest.dat
testing/tests/ikev2/rw-eap-ttls-phase2-piggyback/posttest.dat
testing/tests/ikev2/rw-eap-ttls-phase2-piggyback/pretest.dat
testing/tests/ikev2/rw-hash-and-url/posttest.dat
testing/tests/ikev2/rw-hash-and-url/pretest.dat
testing/tests/ikev2/rw-pkcs8/posttest.dat
testing/tests/ikev2/rw-pkcs8/pretest.dat
testing/tests/ikev2/rw-psk-fqdn/posttest.dat
testing/tests/ikev2/rw-psk-fqdn/pretest.dat
testing/tests/ikev2/rw-psk-ipv4/posttest.dat
testing/tests/ikev2/rw-psk-ipv4/pretest.dat
testing/tests/ikev2/rw-psk-no-idr/posttest.dat
testing/tests/ikev2/rw-psk-no-idr/pretest.dat
testing/tests/ikev2/rw-psk-rsa-mixed/posttest.dat
testing/tests/ikev2/rw-psk-rsa-mixed/pretest.dat
testing/tests/ikev2/rw-psk-rsa-split/posttest.dat
testing/tests/ikev2/rw-psk-rsa-split/pretest.dat
testing/tests/ikev2/rw-whitelist/posttest.dat
testing/tests/ikev2/rw-whitelist/pretest.dat
testing/tests/ikev2/strong-keys-certs/posttest.dat
testing/tests/ikev2/strong-keys-certs/pretest.dat
testing/tests/ikev2/two-certs/posttest.dat
testing/tests/ikev2/two-certs/pretest.dat
testing/tests/ikev2/virtual-ip-override/posttest.dat
testing/tests/ikev2/virtual-ip-override/pretest.dat
testing/tests/ikev2/virtual-ip/posttest.dat
testing/tests/ikev2/virtual-ip/pretest.dat