iptables -t nat -F
nic #
 iptables -F
nic #
 # NAT to NIC's address
nic #
 # NAT UDP 500,4500 to NICs address with sport
nic #
 iptables -t nat -A POSTROUTING -s 192.1.3.0/24 -p udp --sport 4500  -j SNAT --to-source 192.1.2.254:2500-2700
nic #
 iptables -t nat -A POSTROUTING -s 192.1.3.0/24 -p udp --sport 500  -j SNAT --to-source 192.1.2.254:3500-3700
nic #
 iptables -t nat -A POSTROUTING -s 192.1.3.0/24 -j SNAT --to-source 192.1.2.254
nic #
 # A tunnel should have established with non-zero byte counters
nic #
 ping -n -c 4 192.1.2.23
PING 192.1.2.23 (192.1.2.23) 56(84) bytes of data.
64 bytes from 192.1.2.23: icmp_seq=1 ttl=64 time=0.XXX ms
64 bytes from 192.1.2.23: icmp_seq=2 ttl=64 time=0.XXX ms
64 bytes from 192.1.2.23: icmp_seq=3 ttl=64 time=0.XXX ms
64 bytes from 192.1.2.23: icmp_seq=4 ttl=64 time=0.XXX ms
--- 192.1.2.23 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time XXXX
rtt min/avg/max/mdev = 0.XXX/0.XXX/0.XXX/0.XXX ms
nic #
 # jacob two two for east?
nic #
 ipsec whack --trafficstatus
-bash: ipsec: command not found
nic #
 ipsec whack --trafficstatus
-bash: ipsec: command not found
nic #
 ../../pluto/bin/ipsec-look.sh
nic #
 # you should see both RSA and NULL
nic #
 grep IKEv2_AUTH_ /tmp/pluto.log
grep: /tmp/pluto.log: No such file or directory
nic #
nic #
 ../bin/check-for-core.sh
nic #
 if [ -f /sbin/ausearch ]; then ausearch -r -m avc -ts recent ; fi

