xref: /dpdk/examples/ipsec-secgw/test/tun_aescbc_sha1_defs.sh (revision 9dbc4e21e752ca98e23205c3d1bac53e03e934b3) 
1#! /bin/bash
2# SPDX-License-Identifier: BSD-3-Clause
3
4. ${DIR}/tun_aescbc_sha1_common_defs.sh
5
6SGW_CMD_XPRM="${DPDK_VARS} ${DPDK_MODE} ${SGW_CMD_XPRM}"
7
8config_remote_xfrm_44()
9{
10	ssh ${REMOTE_HOST} ip xfrm policy flush
11	ssh ${REMOTE_HOST} ip xfrm state flush
12
13	ssh ${REMOTE_HOST} ip xfrm policy add \
14src ${REMOTE_IPV4} dst ${LOCAL_IPV4} \
15dir out ptype main action allow \
16tmpl src ${REMOTE_IPV4} dst ${LOCAL_IPV4} \
17proto esp mode tunnel reqid 1
18
19	ssh ${REMOTE_HOST} ip xfrm policy add \
20src ${LOCAL_IPV4} dst ${REMOTE_IPV4} \
21dir in ptype main action allow \
22tmpl src ${LOCAL_IPV4} dst ${REMOTE_IPV4} \
23proto esp mode tunnel reqid 2
24
25	ssh ${REMOTE_HOST} ip xfrm state add \
26src ${REMOTE_IPV4} dst ${LOCAL_IPV4} \
27proto esp spi 7 reqid 1 mode tunnel replay-window 64 ${XFRM_ESN} \
28auth sha1 0xdeadbeefdeadbeefdeadbeefdeadbeefdeadbeef \
29enc aes 0xdeadbeefdeadbeefdeadbeefdeadbeef
30
31	ssh ${REMOTE_HOST} ip xfrm state add \
32src ${LOCAL_IPV4} dst ${REMOTE_IPV4} \
33proto esp spi 7 reqid 2 mode tunnel replay-window 64 ${XFRM_ESN} \
34auth sha1 0xdeadbeefdeadbeefdeadbeefdeadbeefdeadbeef \
35enc aes 0xdeadbeefdeadbeefdeadbeefdeadbeef
36
37	ssh ${REMOTE_HOST} ip xfrm policy list
38	ssh ${REMOTE_HOST} ip xfrm state list
39}
40
41config_remote_xfrm_46()
42{
43	ssh ${REMOTE_HOST} ip xfrm policy flush
44	ssh ${REMOTE_HOST} ip xfrm state flush
45
46	ssh ${REMOTE_HOST} ip xfrm policy add \
47src ${REMOTE_IPV4} dst ${LOCAL_IPV4} \
48dir out ptype main action allow \
49tmpl src ${REMOTE_IPV6} dst ${LOCAL_IPV6} \
50proto esp mode tunnel reqid 1
51
52	ssh ${REMOTE_HOST} ip xfrm policy add \
53src ${LOCAL_IPV4} dst ${REMOTE_IPV4} \
54dir in ptype main action allow \
55tmpl src ${LOCAL_IPV6} dst ${REMOTE_IPV6} \
56proto esp mode tunnel reqid 2
57
58	ssh ${REMOTE_HOST} ip xfrm state add \
59src ${REMOTE_IPV6} dst ${LOCAL_IPV6} \
60proto esp spi 6 reqid 1 mode tunnel replay-window 64 ${XFRM_ESN} \
61auth sha1 0xdeadbeefdeadbeefdeadbeefdeadbeefdeadbeef \
62enc aes 0xdeadbeefdeadbeefdeadbeefdeadbeef \
63sel src ${REMOTE_IPV4} dst ${LOCAL_IPV4}
64
65	ssh ${REMOTE_HOST} ip xfrm state add \
66src ${LOCAL_IPV6} dst ${REMOTE_IPV6} \
67proto esp spi 6 reqid 2 mode tunnel replay-window 64 ${XFRM_ESN} \
68auth sha1 0xdeadbeefdeadbeefdeadbeefdeadbeefdeadbeef \
69enc aes 0xdeadbeefdeadbeefdeadbeefdeadbeef \
70sel src ${LOCAL_IPV4} dst ${REMOTE_IPV4}
71
72	ssh ${REMOTE_HOST} ip xfrm policy list
73	ssh ${REMOTE_HOST} ip xfrm state list
74}
75
76config_remote_xfrm_64()
77{
78	ssh ${REMOTE_HOST} ip xfrm policy flush
79	ssh ${REMOTE_HOST} ip xfrm state flush
80
81	ssh ${REMOTE_HOST} ip xfrm policy add \
82src ${REMOTE_IPV6} dst ${LOCAL_IPV6} \
83dir out ptype main action allow \
84tmpl src ${REMOTE_IPV4} dst ${LOCAL_IPV4} \
85proto esp mode tunnel reqid 1
86
87	ssh ${REMOTE_HOST} ip xfrm policy add \
88src ${LOCAL_IPV6} dst ${REMOTE_IPV6} \
89dir in ptype main action allow \
90tmpl src ${LOCAL_IPV4} dst ${REMOTE_IPV4} \
91proto esp mode tunnel reqid 2
92
93	ssh ${REMOTE_HOST} ip xfrm state add \
94src ${REMOTE_IPV4} dst ${LOCAL_IPV4} \
95proto esp spi 8 reqid 1 mode tunnel replay-window 64 ${XFRM_ESN} \
96auth sha1 0xdeadbeefdeadbeefdeadbeefdeadbeefdeadbeef \
97enc aes 0xdeadbeefdeadbeefdeadbeefdeadbeef \
98sel src ${REMOTE_IPV6} dst ${LOCAL_IPV6}
99
100	ssh ${REMOTE_HOST} ip xfrm state add \
101src ${LOCAL_IPV4} dst ${REMOTE_IPV4} \
102proto esp spi 8 reqid 2 mode tunnel replay-window 64 ${XFRM_ESN} \
103auth sha1 0xdeadbeefdeadbeefdeadbeefdeadbeefdeadbeef \
104enc aes 0xdeadbeefdeadbeefdeadbeefdeadbeef \
105sel src ${LOCAL_IPV6} dst ${REMOTE_IPV6}
106
107	ssh ${REMOTE_HOST} ip xfrm policy list
108	ssh ${REMOTE_HOST} ip xfrm state list
109}
110
111config_remote_xfrm_66()
112{
113	ssh ${REMOTE_HOST} ip xfrm policy flush
114	ssh ${REMOTE_HOST} ip xfrm state flush
115
116	ssh ${REMOTE_HOST} ip xfrm policy add \
117src ${REMOTE_IPV6} dst ${LOCAL_IPV6} \
118dir out ptype main action allow \
119tmpl src ${REMOTE_IPV6} dst ${LOCAL_IPV6} \
120proto esp mode tunnel reqid 3
121
122	ssh ${REMOTE_HOST} ip xfrm policy add \
123src ${LOCAL_IPV6} dst ${REMOTE_IPV6} \
124dir in ptype main action allow \
125tmpl src ${LOCAL_IPV6} dst ${REMOTE_IPV6} \
126proto esp mode tunnel reqid 4
127
128	ssh ${REMOTE_HOST} ip xfrm state add \
129src ${REMOTE_IPV6} dst ${LOCAL_IPV6} \
130proto esp spi 9 reqid 3 mode tunnel replay-window 64 ${XFRM_ESN} \
131auth sha1 0xdeadbeefdeadbeefdeadbeefdeadbeefdeadbeef \
132enc aes 0xdeadbeefdeadbeefdeadbeefdeadbeef
133
134	ssh ${REMOTE_HOST} ip xfrm state add \
135src ${LOCAL_IPV6} dst ${REMOTE_IPV6} \
136proto esp spi 9 reqid 4 mode tunnel replay-window 64 ${XFRM_ESN} \
137auth sha1 0xdeadbeefdeadbeefdeadbeefdeadbeefdeadbeef \
138enc aes 0xdeadbeefdeadbeefdeadbeefdeadbeef
139
140	ssh ${REMOTE_HOST} ip xfrm policy list
141	ssh ${REMOTE_HOST} ip xfrm state list
142}
143