Test Information

TitleProcessing invalid Next Payload field *
CommandLine./SGW/SG_R_RFC2408_3_4_1_P2_NP.seq -pkt ./SGW/SG_R_RFC2408_3_4_1_P2_NP.def test_phase=2 test_type=BASIC -log 256.html -ti Processing invalid Next Payload field *
TestVersionundefined
ToolVersionREL_3_0_8
Start2006/03/16 16:27:28
Tn/usr/local/v6eval//etc//tn.def
Nu/usr/local/v6eval//etc//nut.def
Pkt./SGW/SG_R_RFC2408_3_4_1_P2_NP.def
Systemfreebsd-i386
TargetNameFreeBSD 5.4-RELEASE
HostNametarget1.tahi.org
Typerouter

Test Sequence Execution Log

16:27:28Start

 *** Target IKE initialization phase ***
Target: Reset IKE SA entries: saddump
16:27:29 vRemote(ikeResetSA.rmt) ``/usr/local/v6eval//bin/freebsd-i386//ikeResetSA.rmt -t freebsd-i386 -u root -p v6eval -d cuad0 -o 1 saddump '' 
Connected

target1# 
target1# /usr/sbin/setkey -c <<EOD
dump;
flush;
EOD? dump;
? 
flush;
? EOD

The result of line 1: No SAD entries.
target1# 
target1# sendMessagesSync: never got /usr/sbin/setkey -c <<EODdump;flush;EOD
echo $status
0
target1# kill -TERM `head -1 /var/run/racoon.pid`
head: /var/run/racoon.pid: No such file or directory

target1# 
target1# echo $status
1
target1# /bin/rm -f /var/run/racoon.pid

target1# 
target1# echo $status
0
~
[EOT]

Target: Clear SPD entries: spddump
16:27:36 vRemote(ipsecResetSPD.rmt) ``/usr/local/v6eval//bin/freebsd-i386//ipsecResetSPD.rmt -t freebsd-i386 -u root -p v6eval -d cuad0 -o 1 spddump '' 
Connected

target1# 
target1# /usr/sbin/setkey -c <<EOD
spddump;
spdflush? spddump;
;
EOD

? spdflush;
EOD

? EOD
The result of line 1: No SPD entries.
target1# 
target1# sendMessagesSync: never got /usr/sbin/setkey -c <<EODspddump;spdflush;EOD
echo $status
0
~
[EOT]

Target: Set SPD entries: src=3ffe:501:ffff:100::/64 dst=3ffe:501:ffff:104::/64 tsrc=3ffe:501:ffff:102::1 tdst=3ffe:501:ffff:103::11 upperspec=any direction=out protocol=PROTO_IPSEC_ESP mode=Tunnel
16:27:42 vRemote(ipsecSetSPD.rmt) ``/usr/local/v6eval//bin/freebsd-i386//ipsecSetSPD.rmt -t freebsd-i386 -u root -p v6eval -d cuad0 -o 1 src=3ffe:501:ffff:100::/64 dst=3ffe:501:ffff:104::/64 tsrc=3ffe:501:ffff:102::1 tdst=3ffe:501:ffff:103::11 upperspec=any direction=out protocol=PROTO_IPSEC_ESP mode=Tunnel '' 
Connected

target1# 
target1# /usr/sbin/setkey -c <<EOD
spdadd 3ffe:501:ffff:100::/64 3ffe:501:ffff:104::/64
       any
       -P out ipsec
       esp/tunnel/3ffe:501:ffff:102::1-3ffe:501:ffff:103::11/require
;
spddump;
EOD

? spdadd 3ffe:501:ffff:100::/64 3ffe:501:ffff:104::/64
       any
       -P out ipsec
       esp/tunnel/3ffe:501:ffff:102::1-3ffe:501:ffff:103::11/require
;
spddump;
EOD

?        any
?        -P out ipsec
?        esp/tunnel/3ffe:501:ffff:102::1-3ffe:501:ffff:103::11/require
? ;
? spddump;
? EOD
3ffe:501:ffff:100::/64[any] 3ffe:501:ffff:104::/64[any] any
        out ipsec
        esp/tunnel/3ffe:501:ffff:102::1-3ffe:501:ffff:103::11/require
        created: Mar 16 16:34:52 2006  lastused: Mar 16 16:34:52 2006
        lifetime: 0(s) validtime: 0(s)
        spid=19522 seq=0 pid=3384
        refcnt=1
target1# 
target1# sendMessagesSync: never got /usr/sbin/setkey -c <<EODspdadd 3ffe:501:ffff:100::/64 3ffe:501:ffff:104::/64       any       -P out ipsec       esp/tunnel/3ffe:501:ffff:102::1-3ffe:501:ffff:103::11/require;spddump;EOD
echo $status
0
~
[EOT]

Target: Set SPD entries: dst=3ffe:501:ffff:100::/64 src=3ffe:501:ffff:104::/64 tdst=3ffe:501:ffff:102::1 tsrc=3ffe:501:ffff:103::11 upperspec=any direction=in protocol=PROTO_IPSEC_ESP mode=Tunnel
16:27:48 vRemote(ipsecSetSPD.rmt) ``/usr/local/v6eval//bin/freebsd-i386//ipsecSetSPD.rmt -t freebsd-i386 -u root -p v6eval -d cuad0 -o 1 dst=3ffe:501:ffff:100::/64 src=3ffe:501:ffff:104::/64 tdst=3ffe:501:ffff:102::1 tsrc=3ffe:501:ffff:103::11 upperspec=any direction=in protocol=PROTO_IPSEC_ESP mode=Tunnel '' 
Connected

target1# 
target1# /usr/sbin/setkey -c <<EOD
spdadd 3ffe:501:ffff:104::/64 3ffe:501:ffff:100::/64
       any
       -P in ipsec
       esp/tunnel/3ffe:501:ffff:103::11-3ffe:501:ffff:102::1/require
;
spddump;
EOD

? spdadd 3ffe:501:ffff:104::/64 3ffe:501:ffff:100::/64
       any
       -P in ipsec
       esp/tunnel/3ffe:501:ffff:103::11-3ffe:501:ffff:102::1/require
;
spddump;
EOD

?        any
?        -P in ipsec
?        esp/tunnel/3ffe:501:ffff:103::11-3ffe:501:ffff:102::1/require
? ;
? spddump;
? EOD
3ffe:501:ffff:104::/64[any] 3ffe:501:ffff:100::/64[any] any
        in ipsec
        esp/tunnel/3ffe:501:ffff:103::11-3ffe:501:ffff:102::1/require
        created: Mar 16 16:34:59 2006  lastused: Mar 16 16:34:59 2006
        lifetime: 0(s) validtime: 0(s)
        spid=19523 seq=1 pid=3385
        refcnt=1
3ffe:501:ffff:100::/64[any] 3ffe:501:ffff:104::/64[any] any
        out ipsec
        esp/tunnel/3ffe:501:ffff:102::1-3ffe:501:ffff:103::11/require
        created: Mar 16 16:34:52 2006  lastused: Mar 16 16:34:52 2006
        lifetime: 0(s) validtime: 0(s)
        spid=19522 seq=0 pid=3385
        refcnt=1
target1# 
target1# sendMessagesSync: never got /usr/sbin/setkey -c <<EODspdadd 3ffe:501:ffff:104::/64 3ffe:501:ffff:100::/64       any       -P in ipsec       esp/tunnel/3ffe:501:ffff:103::11-3ffe:501:ffff:102::1/require;spddump;EOD
echo $status
0
~
[EOT]

Target: Set IKE SA entries: dst=3ffe:501:ffff:103::11 dst_port=500 exchange_mode=main doi=ipsec_doi situation=identity_only isakmp_src_id_type=address isakmp_src_id=3ffe:501:ffff:102::1 dh_group=2 lifetime=28800 lifetime_unit=seconds encryption_algorithm=3des hash_algorithm=sha1 authentication_method=pre_shared_key key_id=3ffe:501:ffff:103::11 key_value=0x494b452d54455354 ph2_id_type=address ph2_src_id=3ffe:501:ffff:100::/64 ph2_dst_id=3ffe:501:ffff:104::/64 ph2_src_upper=any ph2_dst_upper=any ipsec_p_num=1 ipsec_p1_t_num=1 ph2_p1_t1_lt=8 ph2_p1_t1_lt_unit=hour ph2_p1_t1_enc_alg=ESP_3DES ph2_p1_t1_auth_mtd=HMAC_SHA
16:27:54 vRemote(ikeSetSA.rmt) ``/usr/local/v6eval//bin/freebsd-i386//ikeSetSA.rmt -t freebsd-i386 -u root -p v6eval -d cuad0 -o 1 dst=3ffe:501:ffff:103::11 dst_port=500 exchange_mode=main doi=ipsec_doi situation=identity_only isakmp_src_id_type=address isakmp_src_id=3ffe:501:ffff:102::1 dh_group=2 lifetime=28800 lifetime_unit=seconds encryption_algorithm=3des hash_algorithm=sha1 authentication_method=pre_shared_key key_id=3ffe:501:ffff:103::11 key_value=0x494b452d54455354 ph2_id_type=address ph2_src_id=3ffe:501:ffff:100::/64 ph2_dst_id=3ffe:501:ffff:104::/64 ph2_src_upper=any ph2_dst_upper=any ipsec_p_num=1 ipsec_p1_t_num=1 ph2_p1_t1_lt=8 ph2_p1_t1_lt_unit=hour ph2_p1_t1_enc_alg=ESP_3DES ph2_p1_t1_auth_mtd=HMAC_SHA '' 
Connected

target1# 
target1# ~[set] echocheck

target1# 
target1# ~[put] freebsd-i386.psk.txt /tmp/psk.txt
Dtarget1# 
target1# 
target1# /bin/chmod 600 /tmp/psk.txt
target1# echo $status
0
target1# ~[set] echocheck

target1# 
target1# ~[put] freebsd-i386.ike.conf /tmp/ike.conf
Dtarget1# 
target1# 
target1# test -f /var/run/racoon.pid &&kill -TERM `head -1 /var/run/racoon.pid`

target1# 
target1# echo $status
1
target1# /usr/local/sbin/racoon -f /tmp/ike.conf

target1# 
target1# echo $status
0
~
[EOT]
16:28:08 vRemote(ikeEnable.rmt) ``/usr/local/v6eval//bin/freebsd-i386//ikeEnable.rmt -t freebsd-i386 -u root -p v6eval -d cuad0 -o 1 '' 






*** Target initialization phase ***




16:28:09Start Capturing Packets (Link0)





16:28:09Start Capturing Packets (Link1)







*** Target pre-test seaquence ***
*** Phase-1 1st message send ***




16:28:09Clear Captured Packets (Link0)







16:28:09
vSend(Link0,isakmp_phase1_send_1st)


Send 1st message from HOST2(TN)








*** Phase-1 2nd message recieve ***





16:28:09
vRecv(Link0,isakmp_phase1_recv_2nd router_ns_multi router_ns_uni_link1 router_ns_uni_tll_sll_link1 router_ns_multi_llt_link1 router_ns_uni_sll router_ns_uni router_ns_multi_llt router_ns_uni_sll_link1 router_ns_multi_link1 router_ns_uni_tll_sll) timeout:5 cntLimit:0 seektime:0


Receive Neighbor Solicitation from SGW1(NUT)











16:28:09
vSend(Link0,router_na)


Send Neighbor Advertisement(TN)






16:28:10
vRecv(Link0,isakmp_phase1_recv_2nd router_ns_multi router_ns_uni_link1 router_ns_uni_tll_sll_link1 router_ns_multi_llt_link1 router_ns_uni_sll router_ns_uni router_ns_multi_llt router_ns_uni_sll_link1 router_ns_multi_link1 router_ns_uni_tll_sll) timeout:5 cntLimit:0 seektime:0


Recv 2nd message from HOST1(NUT)











OK payload_check
*** Phase-1 3rd message send ***




16:28:10Clear Captured Packets (Link0)







16:28:10
vSend(Link0,isakmp_phase1_send_3rd)


Send 3rd message from HOST2(TN)








*** Phase-1 4th message recieve ***





16:28:10
vRecv(Link0,isakmp_phase1_recv_4th router_ns_multi router_ns_uni_link1 router_ns_uni_tll_sll_link1 router_ns_multi_llt_link1 router_ns_uni_sll router_ns_uni router_ns_multi_llt router_ns_uni_sll_link1 router_ns_multi_link1 router_ns_uni_tll_sll) timeout:5 cntLimit:0 seektime:0


Recv 4th message from HOST1(NUT)











OK payload_check
*** Phase-1 5th message send ***




16:28:11Clear Captured Packets (Link0)







16:28:11
vSend(Link0,isakmp_phase1_send_5th)


Send 5th message from HOST2(TN)








*** Phase-1 6th message recieve ***





16:28:12
vRecv(Link0,isakmp_phase1_recv_6th router_ns_multi router_ns_uni_link1 router_ns_uni_tll_sll_link1 router_ns_multi_llt_link1 router_ns_uni_sll router_ns_uni router_ns_multi_llt router_ns_uni_sll_link1 router_ns_multi_link1 router_ns_uni_tll_sll) timeout:5 cntLimit:0 seektime:0


Recv 6th message from HOST1(NUT)











OK payload_check
*** Target testing phase start ***
*** Phase-2 1st message send ***




16:28:12Clear Captured Packets (Link0)





16:28:12Clear Captured Packets (Link1)







16:28:12
vSend(Link0,isakmp_phase2_send)


Send Phase-2 1st message (HDR*, HASH(1), SA, Ni) from HOST2(TN)








*** Phase-2 2nd message recv ***





16:28:12
vRecv(Link0,isakmp_phase2_recv_2nd router_ns_multi router_ns_uni_link1 router_ns_uni_tll_sll_link1 router_ns_multi_llt_link1 router_ns_uni_sll router_ns_uni router_ns_multi_llt router_ns_uni_sll_link1 router_ns_multi_link1 router_ns_uni_tll_sll) timeout:5 cntLimit:0 seektime:0

!!!  ISAKMP PayloadLength decode(62288) over remain size(40)

recv unexpect packet at 16:28:12


vRecv() return status=1










OK:Phase-2 2nd message is not returned.
Check the Next Payload field to confirm it is valid is PASS
*** Target test finish ***




16:28:17Stop Capturing Packets (Link0)





16:28:17Stop Capturing Packets (Link1)







Target: Reset IKE SA entries: saddump



16:28:18

vRemote(ikeResetSA.rmt) ``/usr/local/v6eval//bin/freebsd-i386//ikeResetSA.rmt -t freebsd-i386 -u root -p v6eval -d cuad0 -o 1  saddump ''

Connected

target1# 
target1# /usr/sbin/setkey -c <<EOD
dump;
flush;? dump;

EOD

? flush;
EOD

? EOD
The result of line 1: No SAD entries.
target1# 
target1# sendMessagesSync: never got /usr/sbin/setkey -c <<EODdump;flush;EOD
echo $status
0
target1# kill -TERM `head -1 /var/run/racoon.pid`

target1# 
target1# echo $status
0
target1# /bin/rm -f /var/run/racoon.pid

target1# 
target1# echo $status
0
~
[EOT]







Target: Clear SPD entries: spddump



16:28:24

vRemote(ipsecResetSPD.rmt) ``/usr/local/v6eval//bin/freebsd-i386//ipsecResetSPD.rmt -t freebsd-i386 -u root -p v6eval -d cuad0 -o 1  spddump ''

Connected

target1# 
target1# /usr/sbin/setkey -c <<EOD
spddump;
spdf? spddump;
lush;
EOD

? spdflush;
EOD

? EOD
3ffe:501:ffff:104::/64[any] 3ffe:501:ffff:100::/64[any] any
        in ipsec
        esp/tunnel/3ffe:501:ffff:103::11-3ffe:501:ffff:102::1/require
        created: Mar 16 16:34:59 2006  lastused: Mar 16 16:34:59 2006
        lifetime: 0(s) validtime: 0(s)
        spid=19523 seq=1 pid=3398
        refcnt=1
3ffe:501:ffff:100::/64[any] 3ffe:501:ffff:104::/64[any] any
        out ipsec
        esp/tunnel/3ffe:501:ffff:102::1-3ffe:501:ffff:103::11/require
        created: Mar 16 16:34:52 2006  lastused: Mar 16 16:34:52 2006
        lifetime: 0(s) validtime: 0(s)
        spid=19522 seq=0 pid=3398
        refcnt=1
target1# 
target1# sendMessagesSync: never got /usr/sbin/setkey -c <<EODspddump;spdflush;EOD
echo $status
0
~
[EOT]







OK




16:28:30End




Packet Reverse Log