Pastebin launched a little side project called VERYVIRAL.com, check it out ;-) Want more features on Pastebin? Sign Up, it's FREE!
Guest

Dutchy

By: a guest on Oct 8th, 2009  |  syntax: None  |  size: 9.64 KB  |  views: 84  |  expires: Never
download  |  raw  |  embed  |  report abuse  |  print
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
  1. =========================== debian machine ===========================
  2. #!/usr/sbin/setkey -f
  3.  
  4. # NOTE: Do not use this file if you use racoon with racoon-tool
  5. # utility. racoon-tool will setup SAs and SPDs automatically using
  6. # /etc/racoon/racoon-tool.conf configuration.
  7. #
  8.  
  9. ## Flush the SAD and SPD
  10. #
  11. flush;
  12. spdflush;
  13.  
  14. ## Some sample SPDs for use racoon
  15. #
  16. # spdadd 10.10.100.1 10.10.100.2 any -P out ipsec
  17. #    esp/transport//require;
  18. #
  19. # spdadd 10.10.100.2 10.10.100.1 any -P in ipsec
  20. #    esp/transport//require;
  21. #
  22. #add fe80::230:48ff:fed8:820%eth0 fe80::20b:cdff:fe2f:b724%eth0 esp 123456 -E rijndael-cbc 0x12345678901234567890123456789012 -A hmac-sha1 0x1234567890123456789012345678901234567890 ;
  23.  
  24. # AH SAs using 128 bit long keys
  25. add fe80::230:48ff:fed8:820%eth0 fe80::20b:cdff:fe2f:b724%eth0 ah 0x200 -A hmac-md5
  26. 0xc0291ff014dccdd03874d9e8e4cdf3e6;
  27. add fe80::20b:cdff:fe2f:b724%eth0 fe80::230:48ff:fed8:820%eth0 ah 0x300 -A hmac-md5
  28. 0x96358c90783bbfa3d7b196ceabe0536b;
  29.  
  30. # ESP SAs using 192 bit long keys (168 + 24 parity)
  31. add fe80::230:48ff:fed8:820%eth0 fe80::20b:cdff:fe2f:b724%eth0 esp 0x201 -E 3des-cbc
  32. 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831;
  33. add fe80::20b:cdff:fe2f:b724%eth0 fe80::230:48ff:fed8:820%eth0 esp 0x301 -E 3des-cbc
  34. 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df;
  35.  
  36. # Security policies
  37. spdadd fe80::230:48ff:fed8:820%eth0 fe80::20b:cdff:fe2f:b724%eth0 any -P out ipsec
  38.            esp/transport//require
  39.            ah/transport//require;
  40.  
  41. spdadd fe80::20b:cdff:fe2f:b724%eth0 fe80::230:48ff:fed8:820%eth0 any -P in ipsec
  42.            esp/transport//require
  43.            ah/transport//require;
  44.  
  45.  
  46. =========================== freebsd machine ===========================
  47. #!/sbin/setkey -f
  48.  
  49. # NOTE: Do not use this file if you use racoon with racoon-tool
  50. # utility. racoon-tool will setup SAs and SPDs automatically using
  51. # /etc/racoon/racoon-tool.conf configuration.
  52. #
  53.  
  54. ## Flush the SAD and SPD
  55. #
  56. flush;
  57. spdflush;
  58.  
  59. ## Some sample SPDs for use racoon
  60. #
  61. # spdadd 10.10.100.1 10.10.100.2 any -P out ipsec
  62. #    esp/transport//require;
  63. #
  64. # spdadd 10.10.100.2 10.10.100.1 any -P in ipsec
  65. #    esp/transport//require;
  66. #
  67. #add fe80::20b:cdff:fe2f:b724%bge1 fe80::230:48ff:fed8:820%bge1 esp 123456 -E rijndael-cbc 0x12345678901234567890123456789012 -A hmac-sha1 0x1234567890123456789012345678901234567890 ;
  68.  
  69. # AH SAs using 128 bit long keys
  70. add fe80::230:48ff:fed8:820%bge1 fe80::20b:cdff:fe2f:b724%bge1 ah 0x200 -A hmac-md5
  71. 0xc0291ff014dccdd03874d9e8e4cdf3e6;
  72. add fe80::20b:cdff:fe2f:b724%bge1 fe80::230:48ff:fed8:820%bge1 ah 0x300 -A hmac-md5
  73. 0x96358c90783bbfa3d7b196ceabe0536b;
  74.  
  75. # ESP SAs using 192 bit long keys (168 + 24 parity)
  76. add fe80::230:48ff:fed8:820%bge1 fe80::20b:cdff:fe2f:b724%bge1 esp 0x201 -E 3des-cbc
  77. 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831;
  78. add fe80::20b:cdff:fe2f:b724%bge1 fe80::230:48ff:fed8:820%bge1 esp 0x301 -E 3des-cbc
  79. 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df;
  80.  
  81. # Security policies
  82. spdadd fe80::20b:cdff:fe2f:b724%bge1 fe80::230:48ff:fed8:820%bge1 any -P out ipsec
  83.            esp/transport//require
  84.            ah/transport//require;
  85.  
  86. spdadd fe80::230:48ff:fed8:820%bge1 fe80::20b:cdff:fe2f:b724%bge1 any -P in ipsec
  87.            esp/transport//require
  88.            ah/transport//require;
  89.  
  90.  
  91. =========================== outputs debian machine ===========================
  92. root@bolderbast:/etc# setkey -D
  93. fe80::230:48ff:fed8:820 fe80::20b:cdff:fe2f:b724
  94.         ah mode=transport spi=512(0x00000200) reqid=0(0x00000000)
  95.         A: hmac-md5  c0291ff0 14dccdd0 3874d9e8 e4cdf3e6
  96.         seq=0x00000000 replay=0 flags=0x00000000 state=mature
  97.         created: Oct  8 20:25:46 2009   current: Oct  8 20:46:58 2009
  98.         diff: 1272(s)   hard: 0(s)      soft: 0(s)
  99.         last: Oct  8 20:38:51 2009      hard: 0(s)      soft: 0(s)
  100.         current: 496(bytes)     hard: 0(bytes)  soft: 0(bytes)
  101.         allocated: 7    hard: 0 soft: 0
  102.         sadb_seq=1 pid=14767 refcnt=0
  103. fe80::20b:cdff:fe2f:b724 fe80::230:48ff:fed8:820
  104.         ah mode=transport spi=768(0x00000300) reqid=0(0x00000000)
  105.         A: hmac-md5  96358c90 783bbfa3 d7b196ce abe0536b
  106.         seq=0x00000000 replay=0 flags=0x00000000 state=mature
  107.         created: Oct  8 20:25:46 2009   current: Oct  8 20:46:58 2009
  108.         diff: 1272(s)   hard: 0(s)      soft: 0(s)
  109.         last: Oct  8 20:38:51 2009      hard: 0(s)      soft: 0(s)
  110.         current: 224(bytes)     hard: 0(bytes)  soft: 0(bytes)
  111.         allocated: 4    hard: 0 soft: 0
  112.         sadb_seq=2 pid=14767 refcnt=0
  113. fe80::230:48ff:fed8:820 fe80::20b:cdff:fe2f:b724
  114.         esp mode=transport spi=513(0x00000201) reqid=0(0x00000000)
  115.         E: 3des-cbc  7aeaca3f 87d060a1 2f4a4487 d5a5c335 5920fae6 9a96c831
  116.         seq=0x00000000 replay=0 flags=0x00000000 state=mature
  117.         created: Oct  8 20:25:46 2009   current: Oct  8 20:46:58 2009
  118.         diff: 1272(s)   hard: 0(s)      soft: 0(s)
  119.         last: Oct  8 20:38:51 2009      hard: 0(s)      soft: 0(s)
  120.         current: 328(bytes)     hard: 0(bytes)  soft: 0(bytes)
  121.         allocated: 7    hard: 0 soft: 0
  122.         sadb_seq=3 pid=14767 refcnt=0
  123. fe80::20b:cdff:fe2f:b724 fe80::230:48ff:fed8:820
  124.         esp mode=transport spi=769(0x00000301) reqid=0(0x00000000)
  125.         E: 3des-cbc  f6ddb555 acfd9d77 b03ea384 3f265325 5afe8eb5 573965df
  126.         seq=0x00000000 replay=0 flags=0x00000000 state=mature
  127.         created: Oct  8 20:25:46 2009   current: Oct  8 20:46:58 2009
  128.         diff: 1272(s)   hard: 0(s)      soft: 0(s)
  129.         last: Oct  8 20:38:51 2009      hard: 0(s)      soft: 0(s)
  130.         current: 128(bytes)     hard: 0(bytes)  soft: 0(bytes)
  131.         allocated: 4    hard: 0 soft: 0
  132.         sadb_seq=0 pid=14767 refcnt=0
  133.  
  134. root@bolderbast:/etc# setkey -DP
  135. fe80::230:48ff:fed8:820[any] fe80::20b:cdff:fe2f:b724[any] any
  136.         out prio def ipsec
  137.         esp/transport//require
  138.         ah/transport//require
  139.         created: Oct  8 20:25:46 2009  lastused: Oct  8 20:38:58 2009
  140.         lifetime: 0(s) validtime: 0(s)
  141.         spid=10996065 seq=1 pid=14768
  142.         refcnt=3
  143. fe80::20b:cdff:fe2f:b724[any] fe80::230:48ff:fed8:820[any] any
  144.         in prio def ipsec
  145.         esp/transport//require
  146.         ah/transport//require
  147.         created: Oct  8 20:25:46 2009  lastused: Oct  8 20:38:58 2009
  148.         lifetime: 0(s) validtime: 0(s)
  149.         spid=10996072 seq=2 pid=14768
  150.         refcnt=1
  151. fe80::20b:cdff:fe2f:b724[any] fe80::230:48ff:fed8:820[any] any
  152.         fwd prio def ipsec
  153.         esp/transport//require
  154.         ah/transport//require
  155.         created: Oct  8 20:25:46 2009  lastused:
  156.         lifetime: 0(s) validtime: 0(s)
  157.         spid=10996082 seq=0 pid=14768
  158.         refcnt=1
  159.  
  160. =========================== outputs freebsd machine ===========================
  161. root@zwarejongens:/etc# setkey -D
  162. fe80:2::20b:cdff:fe2f:b724 fe80:2::230:48ff:fed8:820
  163.         esp mode=any spi=769(0x00000301) reqid=0(0x00000000)
  164.         E: 3des-cbc  f6ddb555 acfd9d77 b03ea384 3f265325 5afe8eb5 573965df
  165.         seq=0x00000000 replay=0 flags=0x00000040 state=mature
  166.         created: Oct  8 20:42:45 2009   current: Oct  8 20:44:52 2009
  167.         diff: 127(s)    hard: 0(s)      soft: 0(s)
  168.         last:                           hard: 0(s)      soft: 0(s)
  169.         current: 0(bytes)       hard: 0(bytes)  soft: 0(bytes)
  170.         allocated: 0    hard: 0 soft: 0
  171.         sadb_seq=3 pid=32628 refcnt=1
  172. fe80:2::230:48ff:fed8:820 fe80:2::20b:cdff:fe2f:b724
  173.         esp mode=any spi=513(0x00000201) reqid=0(0x00000000)
  174.         E: 3des-cbc  7aeaca3f 87d060a1 2f4a4487 d5a5c335 5920fae6 9a96c831
  175.         seq=0x00000000 replay=0 flags=0x00000040 state=mature
  176.         created: Oct  8 20:42:45 2009   current: Oct  8 20:44:52 2009
  177.         diff: 127(s)    hard: 0(s)      soft: 0(s)
  178.         last:                           hard: 0(s)      soft: 0(s)
  179.         current: 0(bytes)       hard: 0(bytes)  soft: 0(bytes)
  180.         allocated: 0    hard: 0 soft: 0
  181.         sadb_seq=2 pid=32628 refcnt=1
  182. fe80:2::20b:cdff:fe2f:b724 fe80:2::230:48ff:fed8:820
  183.         ah mode=any spi=768(0x00000300) reqid=0(0x00000000)
  184.         A: hmac-md5  96358c90 783bbfa3 d7b196ce abe0536b
  185.         seq=0x00000000 replay=0 flags=0x00000040 state=mature
  186.         created: Oct  8 20:42:45 2009   current: Oct  8 20:44:52 2009
  187.         diff: 127(s)    hard: 0(s)      soft: 0(s)
  188.         last:                           hard: 0(s)      soft: 0(s)
  189.         current: 0(bytes)       hard: 0(bytes)  soft: 0(bytes)
  190.         allocated: 0    hard: 0 soft: 0
  191.         sadb_seq=1 pid=32628 refcnt=1
  192. fe80:2::230:48ff:fed8:820 fe80:2::20b:cdff:fe2f:b724
  193.         ah mode=any spi=512(0x00000200) reqid=0(0x00000000)
  194.         A: hmac-md5  c0291ff0 14dccdd0 3874d9e8 e4cdf3e6
  195.         seq=0x00000000 replay=0 flags=0x00000040 state=mature
  196.         created: Oct  8 20:42:45 2009   current: Oct  8 20:44:52 2009
  197.         diff: 127(s)    hard: 0(s)      soft: 0(s)
  198.         last:                           hard: 0(s)      soft: 0(s)
  199.         current: 0(bytes)       hard: 0(bytes)  soft: 0(bytes)
  200.         allocated: 0    hard: 0 soft: 0
  201.         sadb_seq=0 pid=32628 refcnt=1
  202.  
  203. root@zwarejongens:/etc# setkey -DP
  204. fe80:2::230:48ff:fed8:820[any] fe80:2::20b:cdff:fe2f:b724[any] any
  205.         in ipsec
  206.         esp/transport//require
  207.         ah/transport//require
  208.         created: Oct  8 20:42:45 2009  lastused: Oct  8 20:42:45 2009
  209.         lifetime: 0(s) validtime: 0(s)
  210.         spid=16397 seq=1 pid=32627
  211.         refcnt=1
  212. fe80:2::20b:cdff:fe2f:b724[any] fe80:2::230:48ff:fed8:820[any] any
  213.         out ipsec
  214.         esp/transport//require
  215.         ah/transport//require
  216.         created: Oct  8 20:42:45 2009  lastused: Oct  8 20:42:45 2009
  217.         lifetime: 0(s) validtime: 0(s)
  218.         spid=16396 seq=0 pid=32627
  219.         refcnt=1