conntrack -F makes ikev2/nat-rw scenario to work always

author Andreas Steffen <andreas.steffen@strongswan.org>

Wed, 10 Jul 2013 15:07:56 +0000 (17:07 +0200)

committer Andreas Steffen <andreas.steffen@strongswan.org>

Wed, 10 Jul 2013 15:50:25 +0000 (17:50 +0200)
author Andreas Steffen <andreas.steffen@strongswan.org>
Wed, 10 Jul 2013 15:07:56 +0000 (17:07 +0200)
committer Andreas Steffen <andreas.steffen@strongswan.org>
Wed, 10 Jul 2013 15:50:25 +0000 (17:50 +0200)
diff --git a/testing/tests/ikev2/nat-rw/pretest.dat b/testing/tests/ikev2/nat-rw/pretest.dat

index d701a1d..f58e82a 100644 (file)
--- a/testing/tests/ikev2/nat-rw/pretest.dat
+++ b/testing/tests/ikev2/nat-rw/pretest.dat
@@ -1,6 +1,7 @@
  alice::iptables-restore < /etc/iptables.rules
  venus::iptables-restore < /etc/iptables.rules
  sun::iptables-restore < /etc/iptables.rules
+moon::conntrack -F
  moon::iptables -t nat -A POSTROUTING -o eth0 -s 10.1.0.0/16 -p udp -j SNAT --to-source PH_IP_MOON:1024-1100
  moon::iptables -t nat -A POSTROUTING -o eth0 -s 10.1.0.0/16 -p tcp -j SNAT --to-source PH_IP_MOON:2000-2100
  alice::ipsec start
author	Andreas Steffen <andreas.steffen@strongswan.org>
	Wed, 10 Jul 2013 15:07:56 +0000 (17:07 +0200)
committer	Andreas Steffen <andreas.steffen@strongswan.org>
	Wed, 10 Jul 2013 15:50:25 +0000 (17:50 +0200)