1# 2# this is test configuration for unique policy on loopback. 3# 4 5spdflush; 6# connection to 9999 encrypted, reverse no encrypted. 7spdadd ::1 ::1[9999] tcp 8 -P out ipsec 9 esp/transport//unique:2 ; 10 11# Session encrypted. Inbound policy check takes place non-strictly. 12spdadd ::1 ::1[9998] tcp 13 -P out ipsec 14 esp/transport//unique:1 ; 15spdadd ::1[9998] ::1 tcp 16 -P in ipsec 17 esp/transport//unique:2 ; 18spdadd ::1[9998] ::1 tcp 19 -P out ipsec 20 esp/transport//unique:1 ; 21 22# Cause new SA to be acquired. 23spdadd ::1 ::1[9997] tcp 24 -P out ipsec 25 esp/transport//unique ; 26 27# Used proper SA. 28spdadd ::1 ::1[9996] tcp 29 -P out ipsec 30 esp/transport//require ; 31 32# reqid will be updated by kernel. 33spdadd ::1 ::1[9995] tcp 34 -P out ipsec 35 esp/transport//unique:28000 ; 36 37flush; 38add ::1 ::1 esp 0x1001 39 -u 1 40 -E des-cbc "kamekame"; 41add ::1 ::1 esp 0x1002 42 -u 2 43 -E des-cbc "hogehoge"; 44