18f600988SFan Zhang#! /bin/bash 21dc48bceSStephen Hemminger# SPDX-License-Identifier: BSD-3-Clause 38f600988SFan Zhang 48f600988SFan Zhang. ${DIR}/trs_aesctr_sha1_common_defs.sh 58f600988SFan Zhang 6*9dbc4e21SMariusz DrostSGW_CMD_XPRM="${DPDK_VARS} ${DPDK_MODE} ${SGW_CMD_XPRM}" 78f600988SFan Zhang 8*9dbc4e21SMariusz Drostconfig_remote_xfrm_44() 98f600988SFan Zhang{ 108f600988SFan Zhang ssh ${REMOTE_HOST} ip xfrm policy flush 118f600988SFan Zhang ssh ${REMOTE_HOST} ip xfrm state flush 128f600988SFan Zhang 138f600988SFan Zhang ssh ${REMOTE_HOST} ip xfrm policy add \ 148f600988SFan Zhangsrc ${REMOTE_IPV4} dst ${LOCAL_IPV4} \ 158f600988SFan Zhangdir out ptype main action allow \ 168f600988SFan Zhangtmpl proto esp mode transport reqid 1 178f600988SFan Zhang 188f600988SFan Zhang ssh ${REMOTE_HOST} ip xfrm policy add \ 198f600988SFan Zhangsrc ${LOCAL_IPV4} dst ${REMOTE_IPV4} \ 208f600988SFan Zhangdir in ptype main action allow \ 218f600988SFan Zhangtmpl proto esp mode transport reqid 2 228f600988SFan Zhang 238f600988SFan Zhang ssh ${REMOTE_HOST} ip xfrm state add \ 248f600988SFan Zhangsrc ${REMOTE_IPV4} dst ${LOCAL_IPV4} \ 25*9dbc4e21SMariusz Drostproto esp spi 7 reqid 1 mode transport replay-window 64 ${XFRM_ESN} \ 268f600988SFan Zhangauth sha1 0xdeadbeefdeadbeefdeadbeefdeadbeefdeadbeef \ 278f600988SFan Zhangenc "rfc3686\(ctr\(aes\)\)" 0xdeadbeefdeadbeefdeadbeefdeadbeefdeadbeef 288f600988SFan Zhang 298f600988SFan Zhang ssh ${REMOTE_HOST} ip xfrm state add \ 308f600988SFan Zhangsrc ${LOCAL_IPV4} dst ${REMOTE_IPV4} \ 31*9dbc4e21SMariusz Drostproto esp spi 7 reqid 2 mode transport replay-window 64 ${XFRM_ESN} \ 328f600988SFan Zhangauth sha1 0xdeadbeefdeadbeefdeadbeefdeadbeefdeadbeef \ 338f600988SFan Zhangenc "rfc3686\(ctr\(aes\)\)" 0xdeadbeefdeadbeefdeadbeefdeadbeefdeadbeef 348f600988SFan Zhang 358f600988SFan Zhang ssh ${REMOTE_HOST} ip xfrm policy list 368f600988SFan Zhang ssh ${REMOTE_HOST} ip xfrm state list 378f600988SFan Zhang} 388f600988SFan Zhang 39*9dbc4e21SMariusz Drostconfig_remote_xfrm_66() 408f600988SFan Zhang{ 41*9dbc4e21SMariusz Drost ssh ${REMOTE_HOST} ip xfrm policy flush 42*9dbc4e21SMariusz Drost ssh ${REMOTE_HOST} ip xfrm state flush 438f600988SFan Zhang 448f600988SFan Zhang ssh ${REMOTE_HOST} ip xfrm policy add \ 458f600988SFan Zhangsrc ${REMOTE_IPV6} dst ${LOCAL_IPV6} \ 468f600988SFan Zhangdir out ptype main action allow \ 478f600988SFan Zhangtmpl proto esp mode transport reqid 3 488f600988SFan Zhang 498f600988SFan Zhang ssh ${REMOTE_HOST} ip xfrm policy add \ 508f600988SFan Zhangsrc ${LOCAL_IPV6} dst ${REMOTE_IPV6} \ 518f600988SFan Zhangdir in ptype main action allow \ 528f600988SFan Zhangtmpl proto esp mode transport reqid 4 538f600988SFan Zhang 548f600988SFan Zhang 558f600988SFan Zhang ssh ${REMOTE_HOST} ip xfrm state add \ 568f600988SFan Zhangsrc ${REMOTE_IPV6} dst ${LOCAL_IPV6} \ 57*9dbc4e21SMariusz Drostproto esp spi 9 reqid 3 mode transport replay-window 64 ${XFRM_ESN} \ 588f600988SFan Zhangauth sha1 0xdeadbeefdeadbeefdeadbeefdeadbeefdeadbeef \ 598f600988SFan Zhangenc "rfc3686\(ctr\(aes\)\)" 0xdeadbeefdeadbeefdeadbeefdeadbeefdeadbeef 608f600988SFan Zhang 618f600988SFan Zhang ssh ${REMOTE_HOST} ip xfrm state add \ 628f600988SFan Zhangsrc ${LOCAL_IPV6} dst ${REMOTE_IPV6} \ 63*9dbc4e21SMariusz Drostproto esp spi 9 reqid 4 mode transport replay-window 64 ${XFRM_ESN} \ 648f600988SFan Zhangauth sha1 0xdeadbeefdeadbeefdeadbeefdeadbeefdeadbeef \ 658f600988SFan Zhangenc "rfc3686\(ctr\(aes\)\)" 0xdeadbeefdeadbeefdeadbeefdeadbeefdeadbeef 668f600988SFan Zhang 678f600988SFan Zhang ssh ${REMOTE_HOST} ip xfrm policy list 688f600988SFan Zhang ssh ${REMOTE_HOST} ip xfrm state list 698f600988SFan Zhang} 70