testing: Use reauthentication and set CHILD_SA rekey time, bytes and packets limits
authorAndreas Steffen <andreas.steffen@strongswan.org>
Tue, 3 May 2016 16:24:55 +0000 (18:24 +0200)
committerAndreas Steffen <andreas.steffen@strongswan.org>
Wed, 4 May 2016 16:13:52 +0000 (18:13 +0200)
testing/tests/swanctl/net2net-cert/hosts/moon/etc/swanctl/swanctl.conf
testing/tests/swanctl/net2net-cert/hosts/sun/etc/swanctl/swanctl.conf

index b1c005b..9034651 100755 (executable)
@@ -19,11 +19,15 @@ connections {
             remote_ts = 10.2.0.0/16 
 
             updown = /usr/local/libexec/ipsec/_updown iptables
+            rekey_time = 5400
+            rekey_bytes = 500000000
+            rekey_packets = 1000000
             esp_proposals = aes128gcm128-modp3072
          }
       }
       version = 2
       mobike = no
+      reauth_time = 10800
       proposals = aes128-sha256-modp3072
    }
 }
index c351213..2b9ddcf 100755 (executable)
@@ -19,11 +19,15 @@ connections {
             remote_ts = 10.1.0.0/16 
 
             updown = /usr/local/libexec/ipsec/_updown iptables
+            rekey_time = 5400
+            rekey_bytes = 500000000
+            rekey_packets = 1000000
             esp_proposals = aes128gcm128-modp3072
          }
       }
       version = 2
       mobike = no
+      reauth_time = 10800
       proposals = aes128-sha256-modp3072
    }
 }