libhydra {
plugins {
attr-sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
}
moon::ipsec pool --del bigpool 2> /dev/null
moon::ipsec pool --del dns 2> /dev/null
moon::ipsec pool --del nbns 2> /dev/null
-moon::rm /etc/ipsec.d/ipsec.*
-moon::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql > /etc/ipsec.d/ipsec.sql
-moon::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
+moon::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql > /etc/db.d/ipsec.sql
+moon::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
moon::ipsec pool --add bigpool --start 10.3.0.1 --end 10.3.3.232 --timeout 0 2> /dev/null
moon::ipsec pool --addattr dns --server PH_IP_WINNETOU 2> /dev/null
moon::ipsec pool --addattr dns --server PH_IP_VENUS 2> /dev/null
# Used for IPsec logging purposes
#
IPSECHOSTS="moon carol dave"
+
+# Guest instances on which databases are used
+#
+DBHOSTS="moon"
libhydra {
plugins {
attr-sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
}
moon::ipsec pool --del bigpool 2> /dev/null
moon::ipsec pool --del dns 2> /dev/null
moon::ipsec pool --del nbns 2> /dev/null
-moon::rm /etc/ipsec.d/ipsec.*
-moon::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql > /etc/ipsec.d/ipsec.sql
-moon::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
+moon::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql > /etc/db.d/ipsec.sql
+moon::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
moon::ipsec pool --add bigpool --start 10.3.0.1 --end 10.3.3.232 --timeout 0 2> /dev/null
moon::ipsec pool --addattr dns --server PH_IP_WINNETOU 2> /dev/null
moon::ipsec pool --addattr dns --server PH_IP_VENUS 2> /dev/null
# Used for IPsec logging purposes
#
IPSECHOSTS="moon carol dave"
+
+# Guest instances on which databases are used
+#
+DBHOSTS="moon"
libhydra {
plugins {
attr-sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
}
moon::ipsec stop
moon::ipsec pool --del pool0 2> /dev/null
moon::ipsec pool --del pool1 2> /dev/null
-moon::rm /etc/ipsec.d/ipsec.*
-moon::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql > /etc/ipsec.d/ipsec.sql
-moon::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
+moon::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql > /etc/db.d/ipsec.sql
+moon::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
moon::ipsec pool --add pool0 --start 10.3.0.1 --end 10.3.0.1 --timeout 48 2> /dev/null
moon::ipsec pool --add pool1 --start 10.3.1.1 --end 10.3.1.1 --timeout 48 2> /dev/null
moon::ipsec pool --status 2> /dev/null
# Used for IPsec logging purposes
#
IPSECHOSTS="moon carol dave"
+
+# Guest instances on which databases are used
+#
+DBHOSTS="moon"
libhydra {
plugins {
attr-sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
}
moon::ipsec pool --delattr dns --server PH_IP_VENUS --pool intpool --identity venus.strongswan.org 2> /dev/null
moon::ipsec pool --delattr dns --server PH_IP_ALICE --pool intpool --identity alice@strongswan.org 2> /dev/null
moon::ipsec pool --delattr dns --server PH_IP_WINNETOU --pool extpool 2> /dev/null
-moon::rm /etc/ipsec.d/ipsec.*
-moon::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql > /etc/ipsec.d/ipsec.sql
-moon::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
+moon::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql > /etc/db.d/ipsec.sql
+moon::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
moon::ipsec pool --add extpool --start 10.3.0.1 --end 10.3.1.244 --timeout 48 2> /dev/null
moon::ipsec pool --add intpool --start 10.4.0.1 --end 10.4.1.244 --timeout 0 2> /dev/null
moon::ipsec pool --addattr dns --server PH_IP_VENUS --pool intpool --identity venus.strongswan.org 2> /dev/null
# Used for IPsec logging purposes
#
IPSECHOSTS="alice venus moon carol dave"
+
+# Guest instances on which databases are used
+#
+DBHOSTS="moon"
libhydra {
plugins {
attr-sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
}
carol::iptables-restore < /etc/iptables.flush
alice::iptables-restore < /etc/iptables.flush
moon::ipsec pool --del intpool 2> /dev/null
-moon::rm /etc/ipsec.d/ipsec.*
-moon::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql > /etc/ipsec.d/ipsec.sql
-moon::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
+moon::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql > /etc/db.d/ipsec.sql
+moon::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
moon::ipsec pool --add intpool --start 10.4.0.1 --end 10.4.1.244 --timeout 0 2> /dev/null
moon::iptables-restore < /etc/iptables.rules
carol::iptables-restore < /etc/iptables.rules
# Used for IPsec logging purposes
#
IPSECHOSTS="alice moon carol"
+
+# Guest instances on which databases are used
+#
+DBHOSTS="moon"
libhydra {
plugins {
attr-sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
}
alice::ip -6 route del default via fec1:\:1
carol::ipsec stop
moon::ipsec stop
-moon::rm /etc/ipsec.d/ipsec.*
-moon::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql > /etc/ipsec.d/ipsec.sql
-moon::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
+moon::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql > /etc/db.d/ipsec.sql
+moon::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
moon::ipsec pool --add v4_pool --start 10.3.0.1 --end 10.3.1.244 --timeout 48 2> /dev/null
moon::ipsec pool --add v6_pool --start fec3:\:1 --end fec3:\:fe --timeout 48 2> /dev/null
alice::ip -6 route add default via fec1:\:1
# Used for IPsec logging purposes
#
IPSECHOSTS="moon carol"
+
+# Guest instances on which databases are used
+#
+DBHOSTS="moon"
moon::iptables-restore < /etc/iptables.flush
carol::iptables-restore < /etc/iptables.flush
alice::iptables-restore < /etc/iptables.flush
-moon::rm /etc/ipsec.d/ipsec.*
charon {
plugins {
sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown sqlite sql
charon {
plugins {
sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown sqlite sql
charon {
plugins {
sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown sqlite sql attr-sql
libhydra {
plugins {
attr-sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
}
moon::iptables-restore < /etc/iptables.flush
carol::iptables-restore < /etc/iptables.flush
dave::iptables-restore < /etc/iptables.flush
-moon::rm /etc/ipsec.d/ipsec.*
-carol::rm /etc/ipsec.d/ipsec.*
-dave::rm /etc/ipsec.d/ipsec.*
-~
moon::rm /etc/ipsec.d/cacerts/*
carol::rm /etc/ipsec.d/cacerts/*
dave::rm /etc/ipsec.d/cacerts/*
-moon::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql
-carol::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql
-dave::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql
-moon::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
-carol::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
-dave::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
+moon::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/db.d/ipsec.sql
+carol::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/db.d/ipsec.sql
+dave::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/db.d/ipsec.sql
+moon::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
+carol::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
+dave::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
moon::ipsec pool --leases 2> /dev/null
moon::iptables-restore < /etc/iptables.rules
carol::iptables-restore < /etc/iptables.rules
# Used for IPsec logging purposes
#
IPSECHOSTS="moon carol dave"
+
+# Guest instances on which databases are used
+#
+DBHOSTS="$IPSECHOSTS"
charon {
plugins {
sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown sqlite sql
charon {
plugins {
sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown sqlite sql
charon {
plugins {
sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown sqlite sql attr-sql
libhydra {
plugins {
attr-sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
}
moon::iptables-restore < /etc/iptables.flush
carol::iptables-restore < /etc/iptables.flush
dave::iptables-restore < /etc/iptables.flush
-moon::rm /etc/ipsec.d/ipsec.*
-carol::rm /etc/ipsec.d/ipsec.*
-dave::rm /etc/ipsec.d/ipsec.*
-~
moon::rm /etc/ipsec.d/cacerts/*
carol::rm /etc/ipsec.d/cacerts/*
dave::rm /etc/ipsec.d/cacerts/*
-moon::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql
-carol::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql
-dave::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql
-moon::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
-carol::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
-dave::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
+moon::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/db.d/ipsec.sql
+carol::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/db.d/ipsec.sql
+dave::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/db.d/ipsec.sql
+moon::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
+carol::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
+dave::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
moon::ipsec pool --leases 2> /dev/null
moon::iptables-restore < /etc/iptables.rules
carol::iptables-restore < /etc/iptables.rules
# Used for IPsec logging purposes
#
IPSECHOSTS="moon carol dave"
+
+# Guest instances on which databases are used
+#
+DBHOSTS="$IPSECHOSTS"
charon {
plugins {
sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown sqlite sql resolve
charon {
plugins {
sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown sqlite sql resolve
charon {
plugins {
sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown sqlite sql attr-sql
libhydra {
plugins {
attr-sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
}
moon::iptables-restore < /etc/iptables.flush
carol::iptables-restore < /etc/iptables.flush
dave::iptables-restore < /etc/iptables.flush
-moon::rm /etc/ipsec.d/ipsec.*
-carol::rm /etc/ipsec.d/ipsec.*
-dave::rm /etc/ipsec.d/ipsec.*
-~
+moon::dbdir-remove
+carol::dbdir-remove
+dave::dbdir-remove
moon::rm /etc/ipsec.d/cacerts/*
carol::rm /etc/ipsec.d/cacerts/*
dave::rm /etc/ipsec.d/cacerts/*
-moon::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql
-carol::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql
-dave::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql
-moon::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
-carol::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
-dave::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
+moon::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/db.d/ipsec.sql
+carol::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/db.d/ipsec.sql
+dave::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/db.d/ipsec.sql
+moon::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
+carol::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
+dave::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
moon::iptables-restore < /etc/iptables.rules
carol::iptables-restore < /etc/iptables.rules
dave::iptables-restore < /etc/iptables.rules
# Used for IPsec logging purposes
#
IPSECHOSTS="moon carol dave"
+
+# Guest instances on which databases are used
+#
+DBHOSTS="$IPSECHOSTS"
charon {
plugins {
sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown sqlite sql
charon {
plugins {
sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown sqlite sql
charon {
plugins {
sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown sqlite sql attr-sql
libhydra {
plugins {
attr-sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
}
carol::ipsec stop
dave::ipsec stop
moon::ipsec stop
-moon::rm /etc/ipsec.d/ipsec.*
-carol::rm /etc/ipsec.d/ipsec.*
-dave::rm /etc/ipsec.d/ipsec.*
-~
moon::rm /etc/ipsec.d/cacerts/*
carol::rm /etc/ipsec.d/cacerts/*
dave::rm /etc/ipsec.d/cacerts/*
-moon::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql
-carol::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql
-dave::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql
-moon::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
-carol::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
-dave::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
+moon::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/db.d/ipsec.sql
+carol::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/db.d/ipsec.sql
+dave::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/db.d/ipsec.sql
+moon::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
+carol::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
+dave::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
moon::ipsec pool --status 2> /dev/null
moon::ipsec pool --leases 2> /dev/null
moon::ipsec start
# Used for IPsec logging purposes
#
IPSECHOSTS="moon carol dave"
+
+# Guest instances on which databases are used
+#
+DBHOSTS="$IPSECHOSTS"
charon {
plugins {
sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown sqlite sql
charon {
plugins {
sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown sqlite sql
charon {
plugins {
sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown sqlite sql attr-sql
libhydra {
plugins {
attr-sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
}
carol::ipsec stop
dave::ipsec stop
moon::ipsec stop
-moon::rm /etc/ipsec.d/ipsec.*
-carol::rm /etc/ipsec.d/ipsec.*
-dave::rm /etc/ipsec.d/ipsec.*
-~
moon::rm /etc/ipsec.d/cacerts/*
carol::rm /etc/ipsec.d/cacerts/*
dave::rm /etc/ipsec.d/cacerts/*
-moon::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql
-carol::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql
-dave::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql
-moon::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
-carol::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
-dave::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
+moon::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/db.d/ipsec.sql
+carol::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/db.d/ipsec.sql
+dave::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/db.d/ipsec.sql
+moon::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
+carol::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
+dave::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
moon::ipsec pool --status 2> /dev/null
moon::ipsec start
carol::ipsec start
# Used for IPsec logging purposes
#
IPSECHOSTS="moon carol dave"
+
+# Guest instances on which databases are used
+#
+DBHOSTS="$IPSECHOSTS"
charon {
plugins {
sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown sqlite sql
charon {
plugins {
sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown sqlite sql
charon {
plugins {
sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown sqlite sql
moon::iptables-restore < /etc/iptables.flush
carol::iptables-restore < /etc/iptables.flush
dave::iptables-restore < /etc/iptables.flush
-moon::rm /etc/ipsec.d/ipsec.*
-carol::rm /etc/ipsec.d/ipsec.*
-dave::rm /etc/ipsec.d/ipsec.*
-~
moon::rm /etc/ipsec.d/cacerts/*
carol::rm /etc/ipsec.d/cacerts/*
dave::rm /etc/ipsec.d/cacerts/*
-moon::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql
-carol::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql
-dave::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql
-moon::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
-carol::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
-dave::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
+moon::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/db.d/ipsec.sql
+carol::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/db.d/ipsec.sql
+dave::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/db.d/ipsec.sql
+moon::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
+carol::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
+dave::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
moon::iptables-restore < /etc/iptables.rules
carol::iptables-restore < /etc/iptables.rules
dave::iptables-restore < /etc/iptables.rules
# Used for IPsec logging purposes
#
IPSECHOSTS="moon carol dave"
+
+# Guest instances on which databases are used
+#
+DBHOSTS="$IPSECHOSTS"
charon {
plugins {
sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown sqlite sql
charon {
plugins {
sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown sqlite sql
sun::ipsec stop
moon::iptables-restore < /etc/iptables.flush
sun::iptables-restore < /etc/iptables.flush
-moon::rm /etc/ipsec.d/ipsec.*
-sun::rm /etc/ipsec.d/ipsec.*
moon::rm /etc/ipsec.d/cacerts/*
sun::rm /etc/ipsec.d/cacerts/*
-moon::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql
-sun::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql
-moon::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
-sun::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
+moon::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/db.d/ipsec.sql
+sun::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/db.d/ipsec.sql
+moon::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
+sun::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
moon::iptables-restore < /etc/iptables.rules
sun::iptables-restore < /etc/iptables.rules
moon::ipsec start
# Corresponding block diagram
#
DIAGRAM="a-m-w-s-b.png"
-
+
# Guest instances on which tcpdump is to be started
#
TCPDUMPHOSTS="sun"
# Used for IPsec logging purposes
#
IPSECHOSTS="moon sun"
+
+# Guest instances on which databases are used
+#
+DBHOSTS="$IPSECHOSTS"
charon {
plugins {
sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce hmac stroke kernel-netlink socket-default updown sqlite sql
charon {
plugins {
sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce hmac stroke kernel-netlink socket-default updown sqlite sql
sun::ipsec stop
moon::iptables-restore < /etc/iptables.flush
sun::iptables-restore < /etc/iptables.flush
-moon::rm /etc/ipsec.d/ipsec.*
-sun::rm /etc/ipsec.d/ipsec.*
moon::rm /etc/ipsec.d/cacerts/*
sun::rm /etc/ipsec.d/cacerts/*
-moon::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql
-sun::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql
-moon::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
-sun::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
+moon::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/db.d/ipsec.sql
+sun::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/db.d/ipsec.sql
+moon::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
+sun::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
moon::iptables-restore < /etc/iptables.rules
sun::iptables-restore < /etc/iptables.rules
moon::ipsec start
# Corresponding block diagram
#
DIAGRAM="a-m-w-s-b.png"
-
+
# Guest instances on which tcpdump is to be started
#
TCPDUMPHOSTS="sun"
# Used for IPsec logging purposes
#
IPSECHOSTS="moon sun"
+
+# Guest instances on which databases are used
+#
+DBHOSTS="$IPSECHOSTS"
charon {
plugins {
sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown sqlite sql
charon {
plugins {
sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown sqlite sql
sun::ipsec stop
moon::iptables-restore < /etc/iptables.flush
sun::iptables-restore < /etc/iptables.flush
-moon::rm /etc/ipsec.d/ipsec.*
-sun::rm /etc/ipsec.d/ipsec.*
moon::rm /etc/ipsec.d/cacerts/*
sun::rm /etc/ipsec.d/cacerts/*
-moon::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql
-sun::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql
-moon::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
-sun::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
+moon::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/db.d/ipsec.sql
+sun::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/db.d/ipsec.sql
+moon::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
+sun::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
moon::iptables-restore < /etc/iptables.rules
sun::iptables-restore < /etc/iptables.rules
sun::ipsec start
# Corresponding block diagram
#
DIAGRAM="a-v-m-w-s-b.png"
-
+
# Guest instances on which tcpdump is to be started
#
TCPDUMPHOSTS="sun"
# Used for IPsec logging purposes
#
IPSECHOSTS="moon sun"
+
+# Guest instances on which databases are used
+#
+DBHOSTS="$IPSECHOSTS"
charon {
plugins {
sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown sqlite sql
charon {
plugins {
sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown sqlite sql
sun::ipsec stop
moon::iptables-restore < /etc/iptables.flush
sun::iptables-restore < /etc/iptables.flush
-moon::rm /etc/ipsec.d/ipsec.*
-sun::rm /etc/ipsec.d/ipsec.*
moon::rm /etc/ipsec.d/cacerts/*
sun::rm /etc/ipsec.d/cacerts/*
-moon::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql
-sun::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql
-moon::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
-sun::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
+moon::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/db.d/ipsec.sql
+sun::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/db.d/ipsec.sql
+moon::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
+sun::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
moon::iptables-restore < /etc/iptables.rules
sun::iptables-restore < /etc/iptables.rules
sun::ipsec start
# Corresponding block diagram
#
DIAGRAM="a-v-m-w-s-b.png"
-
+
# Guest instances on which tcpdump is to be started
#
TCPDUMPHOSTS="sun"
# Used for IPsec logging purposes
#
IPSECHOSTS="moon sun"
+
+# Guest instances on which databases are used
+#
+DBHOSTS="$IPSECHOSTS"
charon {
plugins {
sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
load = test-vectors aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown sqlite sql
charon {
plugins {
sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
load = test-vectors aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown sqlite sql
charon {
plugins {
sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
load = test-vectors aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown sqlite sql
moon::iptables-restore < /etc/iptables.flush
carol::iptables-restore < /etc/iptables.flush
dave::iptables-restore < /etc/iptables.flush
-moon::rm /etc/ipsec.d/ipsec.*
-carol::rm /etc/ipsec.d/ipsec.*
-dave::rm /etc/ipsec.d/ipsec.*
-~
moon::rm /etc/ipsec.d/cacerts/*
carol::rm /etc/ipsec.d/cacerts/*
dave::rm /etc/ipsec.d/cacerts/*
-moon::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql
-carol::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql
-dave::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql
-moon::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
-carol::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
-dave::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
+moon::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/db.d/ipsec.sql
+carol::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/db.d/ipsec.sql
+dave::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/db.d/ipsec.sql
+moon::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
+carol::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
+dave::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
moon::iptables-restore < /etc/iptables.rules
carol::iptables-restore < /etc/iptables.rules
dave::iptables-restore < /etc/iptables.rules
# Used for IPsec logging purposes
#
IPSECHOSTS="moon carol dave"
+
+# Guest instances on which databases are used
+#
+DBHOSTS="$IPSECHOSTS"
charon {
plugins {
sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
load = aes des sha1 sha2 md5 fips-prf pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown sqlite sql eap-aka eap-aka-3gpp2
charon {
plugins {
sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
load = aes des sha1 sha2 md5 fips-prf pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql eap-aka eap-aka-3gpp2
carol::ipsec stop
moon::iptables-restore < /etc/iptables.flush
carol::iptables-restore < /etc/iptables.flush
-moon::rm /etc/ipsec.d/ipsec.*
-carol::rm /etc/ipsec.d/ipsec.*
-~
moon::rm /etc/ipsec.d/cacerts/*
carol::rm /etc/ipsec.d/cacerts/*
-moon::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql
-carol::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql
-moon::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
-carol::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
+moon::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/db.d/ipsec.sql
+carol::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/db.d/ipsec.sql
+moon::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
+carol::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
moon::iptables-restore < /etc/iptables.rules
carol::iptables-restore < /etc/iptables.rules
moon::ipsec start
# Used for IPsec logging purposes
#
IPSECHOSTS="moon carol"
+
+# Guest instances on which databases are used
+#
+DBHOSTS="$IPSECHOSTS"
charon {
plugins {
sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce hmac stroke kernel-netlink socket-default updown sqlite sql
charon {
plugins {
sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce hmac stroke kernel-netlink socket-default updown sqlite sql
charon {
plugins {
sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce hmac stroke kernel-netlink socket-default updown sqlite sql
moon::iptables-restore < /etc/iptables.flush
carol::iptables-restore < /etc/iptables.flush
dave::iptables-restore < /etc/iptables.flush
-moon::rm /etc/ipsec.d/ipsec.*
-carol::rm /etc/ipsec.d/ipsec.*
-dave::rm /etc/ipsec.d/ipsec.*
-~
moon::rm /etc/ipsec.d/cacerts/*
carol::rm /etc/ipsec.d/cacerts/*
dave::rm /etc/ipsec.d/cacerts/*
-moon::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql
-carol::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql
-dave::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql
-moon::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
-carol::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
-dave::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
+moon::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/db.d/ipsec.sql
+carol::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/db.d/ipsec.sql
+dave::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/db.d/ipsec.sql
+moon::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
+carol::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
+dave::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
moon::iptables-restore < /etc/iptables.rules
carol::iptables-restore < /etc/iptables.rules
dave::iptables-restore < /etc/iptables.rules
# Used for IPsec logging purposes
#
IPSECHOSTS="moon carol dave"
+
+# Guest instances on which databases are used
+#
+DBHOSTS="$IPSECHOSTS"
charon {
plugins {
sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce hmac stroke kernel-netlink socket-default updown sqlite sql
charon {
plugins {
sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce hmac stroke kernel-netlink socket-default updown sqlite sql
charon {
plugins {
sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce hmac stroke kernel-netlink socket-default updown sqlite sql
alice::"ip route del fec0:\:/16 via fec1:\:1"
carol::"ip route del fec1:\:/16 via fec0:\:1"
dave::"ip route del fec1:\:/16 via fec0:\:1"
-moon::rm /etc/ipsec.d/ipsec.*
-carol::rm /etc/ipsec.d/ipsec.*
-dave::rm /etc/ipsec.d/ipsec.*
moon::rm /etc/ipsec.d/cacerts/*
carol::rm /etc/ipsec.d/cacerts/*
dave::rm /etc/ipsec.d/cacerts/*
-moon::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql
-carol::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql
-dave::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql
-moon::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
-carol::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
-dave::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
+moon::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/db.d/ipsec.sql
+carol::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/db.d/ipsec.sql
+dave::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/db.d/ipsec.sql
+moon::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
+carol::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
+dave::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
moon::iptables-restore < /etc/iptables.rules
carol::iptables-restore < /etc/iptables.rules
dave::iptables-restore < /etc/iptables.rules
# Used for IPsec logging purposes
#
IPSECHOSTS="moon carol dave"
+
+# Guest instances on which databases are used
+#
+DBHOSTS="$IPSECHOSTS"
charon {
plugins {
sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown sqlite sql
charon {
plugins {
sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown sqlite sql
charon {
plugins {
sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown sqlite sql
moon::iptables-restore < /etc/iptables.flush
carol::iptables-restore < /etc/iptables.flush
dave::iptables-restore < /etc/iptables.flush
-moon::rm /etc/ipsec.d/ipsec.*
-carol::rm /etc/ipsec.d/ipsec.*
-dave::rm /etc/ipsec.d/ipsec.*
-~
moon::rm /etc/ipsec.d/cacerts/*
carol::rm /etc/ipsec.d/cacerts/*
dave::rm /etc/ipsec.d/cacerts/*
-moon::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql
-carol::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql
-dave::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql
-moon::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
-carol::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
-dave::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
+moon::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/db.d/ipsec.sql
+carol::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/db.d/ipsec.sql
+dave::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/db.d/ipsec.sql
+moon::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
+carol::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
+dave::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
moon::iptables-restore < /etc/iptables.rules
carol::iptables-restore < /etc/iptables.rules
dave::iptables-restore < /etc/iptables.rules
# Used for IPsec logging purposes
#
IPSECHOSTS="moon carol dave"
+
+# Guest instances on which databases are used
+#
+DBHOSTS="$IPSECHOSTS"
charon {
plugins {
sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
load = aes des sha1 sha2 md5 pem pkcs1 pubkey gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown sqlite sql
charon {
plugins {
sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
load = aes des sha1 sha2 md5 pem pkcs1 pubkey gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown sqlite sql
charon {
plugins {
sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
load = aes des sha1 sha2 md5 pem pkcs1 pubkey gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown sqlite sql
moon::iptables-restore < /etc/iptables.flush
carol::iptables-restore < /etc/iptables.flush
dave::iptables-restore < /etc/iptables.flush
-moon::rm /etc/ipsec.d/ipsec.db
-carol::rm /etc/ipsec.d/ipsec.db
-dave::rm /etc/ipsec.d/ipsec.db
-~
moon::rm /etc/ipsec.d/cacerts/*
carol::rm /etc/ipsec.d/cacerts/*
dave::rm /etc/ipsec.d/cacerts/*
-moon::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql
-carol::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql
-dave::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql
-moon::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
-carol::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
-dave::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
+moon::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/db.d/ipsec.sql
+carol::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/db.d/ipsec.sql
+dave::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/db.d/ipsec.sql
+moon::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
+carol::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
+dave::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
moon::iptables-restore < /etc/iptables.rules
carol::iptables-restore < /etc/iptables.rules
dave::iptables-restore < /etc/iptables.rules
# Used for IPsec logging purposes
#
IPSECHOSTS="moon carol dave"
+
+# Guest instances on which databases are used
+#
+DBHOSTS="$IPSECHOSTS"
charon {
plugins {
sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
load = aes des sha1 sha2 md5 pem pkcs1 pubkey gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown sqlite sql
charon {
plugins {
sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
load = aes des sha1 sha2 md5 pem pkcs1 pubkey gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown sqlite sql
charon {
plugins {
sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
load = aes des sha1 sha2 md5 pem pkcs1 pubkey gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown sqlite sql
moon::iptables-restore < /etc/iptables.flush
carol::iptables-restore < /etc/iptables.flush
dave::iptables-restore < /etc/iptables.flush
-moon::rm /etc/ipsec.d/ipsec.db
-carol::rm /etc/ipsec.d/ipsec.db
-dave::rm /etc/ipsec.d/ipsec.db
-~
moon::rm /etc/ipsec.d/cacerts/*
carol::rm /etc/ipsec.d/cacerts/*
dave::rm /etc/ipsec.d/cacerts/*
-moon::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql
-carol::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql
-dave::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql
-moon::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
-carol::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
-dave::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
+moon::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/db.d/ipsec.sql
+carol::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/db.d/ipsec.sql
+dave::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/db.d/ipsec.sql
+moon::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
+carol::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
+dave::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
moon::iptables-restore < /etc/iptables.rules
carol::iptables-restore < /etc/iptables.rules
dave::iptables-restore < /etc/iptables.rules
# Used for IPsec logging purposes
#
IPSECHOSTS="moon carol dave"
+
+# Guest instances on which databases are used
+#
+DBHOSTS="$IPSECHOSTS"
charon {
plugins {
sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown sqlite sql
charon {
plugins {
sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
attr-sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown sqlite sql attr-sql
charon {
plugins {
sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown sqlite sql
alice::ipsec stop
venus::ipsec stop
sun::iptables-restore < /etc/iptables.flush
-alice::rm /etc/ipsec.d/ipsec.*
-venus::rm /etc/ipsec.d/ipsec.*
-sun::rm /etc/ipsec.d/ipsec.*
moon::iptables -t nat -F
\ No newline at end of file
alice::rm /etc/ipsec.d/cacerts/*
venus::rm /etc/ipsec.d/cacerts/*
sun::rm /etc/ipsec.d/cacerts/*
-alice::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql
-venus::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql
-sun::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql
-alice::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
-venus::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
-sun::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
+alice::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/db.d/ipsec.sql
+venus::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/db.d/ipsec.sql
+sun::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql /etc/ipsec.d/data.sql > /etc/db.d/ipsec.sql
+alice::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
+venus::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
+sun::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
sun::iptables-restore < /etc/iptables.rules
moon::iptables -t nat -A POSTROUTING -o eth0 -s 10.1.0.0/16 -p udp -j SNAT --to-source PH_IP_MOON:1024-1100
moon::iptables -t nat -A POSTROUTING -o eth0 -s 10.1.0.0/16 -p tcp -j SNAT --to-source PH_IP_MOON:2000-2100
# Used for IPsec logging purposes
#
IPSECHOSTS="alice venus sun"
+
+# Guest instances on which databases are used
+#
+DBHOSTS="alice venus sun"
plugins {
attr-sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
}
-moon::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql > /etc/ipsec.d/ipsec.sql
-moon::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
+moon::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql > /etc/db.d/ipsec.sql
+moon::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
moon::ipsec pool --add big_pool --start 10.3.0.1 --end 10.3.3.232 --timeout 0 2> /dev/null
moon::ipsec pool --addattr dns --server PH_IP_WINNETOU 2> /dev/null
moon::ipsec pool --addattr dns --server PH_IP_VENUS 2> /dev/null
#
IPSECHOSTS="moon carol dave"
+# Guest instances on which databases are used
+#
+DBHOSTS="moon"
+
# charon controlled by swanctl
#
SWANCTL=1
libimcv {
load = random nonce openssl pubkey sqlite
debug_level = 3
- database = sqlite:///etc/pts/config.db
+ database = sqlite:///etc/db.d/config.db
policy_script = ipsec imv_policy_manager
assessment_result = no
}
attest {
- database = sqlite:///etc/pts/config.db
+ database = sqlite:///etc/db.d/config.db
}
dave::ipsec stop
alice::killall radiusd
alice::rm /etc/freeradius/sites-enabled/inner-tunnel-second
-alice::umount /etc/pts
carol::echo 1 > /proc/sys/net/ipv4/ip_forward
moon::iptables-restore < /etc/iptables.flush
carol::iptables-restore < /etc/iptables.flush
dave::echo aabbccddeeff11223344556677889900 > /var/lib/dbus/machine-id
alice::ln -s /etc/freeradius/sites-available/inner-tunnel-second /etc/freeradius/sites-enabled/inner-tunnel-second
alice::cat /etc/freeradius/sites-enabled/inner-tunnel-second
-alice::mv /etc/pts/data1.sql /tmp/
-alice::mount -t ramfs -o size=5m ramfs /etc/pts
-alice::mv /tmp/data1.sql /etc/pts/
alice::sed -i "s:DEBIAN_VERSION:\`cat /etc/debian_version\`:" /etc/pts/data1.sql
-alice::cd /usr/local/share/strongswan/templates/database/imv; cat tables.sql data.sql /etc/pts/data1.sql | sqlite3 /etc/pts/config.db
+alice::cd /usr/local/share/strongswan/templates/database/imv; cat tables.sql data.sql /etc/pts/data1.sql | sqlite3 /etc/db.d/config.db
alice::LEAK_DETECTIVE_DISABLE=1 LOG4CXX_CONFIGURATION=/etc/tnc/log4cxx.properties radiusd
alice::cat /etc/tnc_config
carol::cat /etc/tnc_config
#
RADIUSHOSTS="alice"
+# Guest instances on which databases are used
+#
+DBHOSTS="alice"
}
libimcv {
- database = sqlite:///etc/pts/config.db
+ database = sqlite:///etc/db.d/config.db
policy_script = ipsec imv_policy_manager
plugins {
imv-attestation {
attest {
load = random nonce openssl sqlite
- database = sqlite:///etc/pts/config.db
+ database = sqlite:///etc/db.d/config.db
}
carol::iptables-restore < /etc/iptables.flush
dave::iptables-restore < /etc/iptables.flush
carol::echo 1 > /proc/sys/net/ipv4/ip_forward
-moon::umount /etc/pts
dave::iptables-restore < /etc/iptables.rules
carol::echo 0 > /proc/sys/net/ipv4/ip_forward
dave::echo aabbccddeeff11223344556677889900 > /var/lib/dbus/machine-id
-moon::mv /etc/pts/data1.sql /tmp/
-moon::mount -t ramfs -o size=5m ramfs /etc/pts
-moon::mv /tmp/data1.sql /etc/pts/
moon::sed -i "s:DEBIAN_VERSION:\`cat /etc/debian_version\`:" /etc/pts/data1.sql
-moon::cd /usr/local/share/strongswan/templates/database/imv; cat tables.sql data.sql /etc/pts/data1.sql | sqlite3 /etc/pts/config.db
+moon::cd /usr/local/share/strongswan/templates/database/imv; cat tables.sql data.sql /etc/pts/data1.sql | sqlite3 /etc/db.d/config.db
moon::cat /etc/tnc_config
carol::cat /etc/tnc_config
dave::cat /etc/tnc_config
#
IPSECHOSTS="moon carol dave"
-# Guest instances on which FreeRadius is started
+# Guest instances on which databases are used
#
-RADIUSHOSTS=
-
+DBHOSTS="moon"
}
libimcv {
- database = sqlite:///etc/pts/config.db
+ database = sqlite:///etc/db.d/config.db
policy_script = ipsec imv_policy_manager
}
attest {
load = random nonce openssl sqlite
- database = sqlite:///etc/pts/config.db
+ database = sqlite:///etc/db.d/config.db
}
carol::iptables-restore < /etc/iptables.flush
dave::iptables-restore < /etc/iptables.flush
carol::echo 1 > /proc/sys/net/ipv4/ip_forward
-moon::umount /etc/pts
dave::iptables-restore < /etc/iptables.rules
carol::echo 0 > /proc/sys/net/ipv4/ip_forward
dave::echo aabbccddeeff11223344556677889900 > /var/lib/dbus/machine-id
-moon::mv /etc/pts/data1.sql /tmp/
-moon::mount -t ramfs -o size=5m ramfs /etc/pts
-moon::mv /tmp/data1.sql /etc/pts/
moon::sed -i "s/NOW/`date +%s`/g" /etc/pts/data1.sql
moon::sed -i "s:DEBIAN_VERSION:\`cat /etc/debian_version\`:" /etc/pts/data1.sql
-moon::cd /usr/local/share/strongswan/templates/database/imv; cat tables.sql data.sql /etc/pts/data1.sql | sqlite3 /etc/pts/config.db
+moon::cd /usr/local/share/strongswan/templates/database/imv; cat tables.sql data.sql /etc/pts/data1.sql | sqlite3 /etc/db.d/config.db
moon::cat /etc/tnc_config
carol::cat /etc/tnc_config
dave::cat /etc/tnc_config
#
IPSECHOSTS="moon carol dave"
-# Guest instances on which FreeRadius is started
+# Guest instances on which databases are used
#
-RADIUSHOSTS=
-
+DBHOSTS="moon"
\ No newline at end of file
[db]
DJANGO_DB_URL=sqlite:////var/www/tnc/django.db
-STRONGTNC_DB_URL = sqlite:////etc/pts/config.db
+STRONGTNC_DB_URL = sqlite:////etc/db.d/config.db
[localization]
LANGUAGE_CODE=en-us
libimcv {
debug_level = 3
- database = sqlite:///etc/pts/config.db
+ database = sqlite:///etc/db.d/config.db
policy_script = ipsec imv_policy_manager
plugins {
dave::ipsec stop
alice::ipsec stop
alice::service apache2 stop
-alice::umount /etc/pts
moon::iptables-restore < /etc/iptables.flush
carol::iptables-restore < /etc/iptables.flush
dave::iptables-restore < /etc/iptables.flush
dave::cat /etc/tnc_config
carol::echo 0 > /proc/sys/net/ipv4/ip_forward
dave::echo aabbccddeeff11223344556677889900 > /var/lib/dbus/machine-id
-alice::mv /etc/pts/data1.sql /tmp/
-alice::mount -t ramfs -o size=5m ramfs /etc/pts
-alice::mv /tmp/data1.sql /etc/pts/
alice::sed -i "s/NOW/`date +%s`/g" /etc/pts/data1.sql
alice::sed -i "s:DEBIAN_VERSION:\`cat /etc/debian_version\`:" /etc/pts/data1.sql
-alice::cd /usr/local/share/strongswan/templates/database/imv; cat tables.sql data.sql /etc/pts/data1.sql | sqlite3 /etc/pts/config.db
-alice::chgrp -R www-data /etc/pts; chmod -R g+w /etc/pts
+alice::cd /usr/local/share/strongswan/templates/database/imv; cat tables.sql data.sql /etc/pts/data1.sql | sqlite3 /etc/db.d/config.db
+alice::chgrp -R www-data /etc/db.d/config.db; chmod -R g+w /etc/db.d/config.db
alice::/var/www/tnc/manage.py setpassword strongSwan strongSwan
alice::service apache2 start
alice::ipsec start
#
IPSECHOSTS="moon carol dave alice"
-# Guest instances on which FreeRadius is started
+# Guest instances on which databases are used
#
-RADIUSHOSTS=
+DBHOSTS="alice"
[db]
DJANGO_DB_URL=sqlite:////var/www/tnc/django.db
-STRONGTNC_DB_URL = sqlite:////etc/pts/config.db
+STRONGTNC_DB_URL = sqlite:////etc/db.d/config.db
[localization]
LANGUAGE_CODE=en-us
}
libimcv {
- database = sqlite:///etc/pts/config.db
+ database = sqlite:///etc/db.d/config.db
policy_script = ipsec imv_policy_manager
plugins {
winnetou::ip route del 10.1.0.0/16 via 192.168.0.1
alice::ipsec stop
alice::service apache2 stop
-alice::umount /etc/pts
alice::iptables-restore < /etc/iptables.flush
carol::iptables-restore < /etc/iptables.flush
dave::iptables-restore < /etc/iptables.flush
carol::echo 0 > /proc/sys/net/ipv4/ip_forward
dave::echo aabbccddeeff11223344556677889900 > /var/lib/dbus/machine-id
dave::cat /etc/tnc_config
-alice::mv /etc/pts/data1.sql /tmp/
-alice::mount -t ramfs -o size=5m ramfs /etc/pts
-alice::mv /tmp/data1.sql /etc/pts/
alice::sed -i "s/NOW/`date +%s`/g" /etc/pts/data1.sql
alice::sed -i "s:DEBIAN_VERSION:\`cat /etc/debian_version\`:" /etc/pts/data1.sql
-alice::cd /usr/local/share/strongswan/templates/database/imv; cat tables.sql data.sql /etc/pts/data1.sql | sqlite3 /etc/pts/config.db
-alice::chgrp -R www-data /etc/pts; chmod -R g+w /etc/pts
+alice::cd /usr/local/share/strongswan/templates/database/imv; cat tables.sql data.sql /etc/pts/data1.sql | sqlite3 /etc/db.d/config.db
+alice::chgrp -R www-data /etc/db.d/config.db; chmod -R g+w /etc/db.d/config.db
alice::/var/www/tnc/manage.py setpassword strongSwan strongSwan
alice::service apache2 start
alice::ipsec start
#
IPSECHOSTS="carol moon dave alice"
-# Guest instances on which FreeRadius is started
+# Guest instances on which databases are used
#
-RADIUSHOSTS=
-
+DBHOSTS="alice"
}
libimcv {
- database = sqlite:///etc/pts/config.db
+ database = sqlite:///etc/db.d/config.db
policy_script = ipsec imv_policy_manager
plugins {
imv-attestation {
attest {
load = random nonce openssl sqlite
- database = sqlite:///etc/pts/config.db
+ database = sqlite:///etc/db.d/config.db
}
carol::iptables-restore < /etc/iptables.flush
dave::iptables-restore < /etc/iptables.flush
carol::echo 1 > /proc/sys/net/ipv4/ip_forward
-moon::umount /etc/pts
dave::iptables-restore < /etc/iptables.rules
carol::echo 0 > /proc/sys/net/ipv4/ip_forward
dave::echo aabbccddeeff11223344556677889900 > /var/lib/dbus/machine-id
-moon::mv /etc/pts/data1.sql /tmp/
-moon::mount -t ramfs -o size=5m ramfs /etc/pts
-moon::mv /tmp/data1.sql /etc/pts/
moon::sed -i "s:DEBIAN_VERSION:\`cat /etc/debian_version\`:" /etc/pts/data1.sql
-moon::cd /usr/local/share/strongswan/templates/database/imv; cat tables.sql data.sql /etc/pts/data1.sql | sqlite3 /etc/pts/config.db
+moon::cd /usr/local/share/strongswan/templates/database/imv; cat tables.sql data.sql /etc/pts/data1.sql | sqlite3 /etc/db.d/config.db
moon::cat /etc/tnc_config
carol::cat /etc/tnc_config
dave::cat /etc/tnc_config
#
IPSECHOSTS="moon carol dave"
-# Guest instances on which FreeRadius is started
+# Guest instances on which databases are used
#
-RADIUSHOSTS=
+DBHOSTS="moon"
}
libimcv {
- database = sqlite:///etc/pts/config.db
+ database = sqlite:///etc/db.d/config.db
policy_script = ipsec imv_policy_manager
plugins {
imv-attestation {
attest {
load = random nonce openssl sqlite
- database = sqlite:///etc/pts/config.db
+ database = sqlite:///etc/db.d/config.db
}
carol::iptables-restore < /etc/iptables.flush
dave::iptables-restore < /etc/iptables.flush
carol::echo 1 > /proc/sys/net/ipv4/ip_forward
-moon::umount /etc/pts
dave::iptables-restore < /etc/iptables.rules
carol::echo 0 > /proc/sys/net/ipv4/ip_forward
dave::echo aabbccddeeff11223344556677889900 > /var/lib/dbus/machine-id
-moon::mv /etc/pts/data1.sql /tmp/
-moon::mount -t ramfs -o size=5m ramfs /etc/pts
-moon::mv /tmp/data1.sql /etc/pts/
moon::sed -i "s:DEBIAN_VERSION:\`cat /etc/debian_version\`:" /etc/pts/data1.sql
-moon::cd /usr/local/share/strongswan/templates/database/imv; cat tables.sql data.sql /etc/pts/data1.sql | sqlite3 /etc/pts/config.db
+moon::cd /usr/local/share/strongswan/templates/database/imv; cat tables.sql data.sql /etc/pts/data1.sql | sqlite3 /etc/db.d/config.db
moon::cat /etc/tnc_config
carol::cat /etc/tnc_config
dave::cat /etc/tnc_config
#
IPSECHOSTS="moon carol dave"
-# Guest instances on which FreeRadius is started
+# Guest instances on which databases are used
#
-RADIUSHOSTS=
+DBHOSTS="moon"