Test Information

TitleProcessing invalid proposal(ESP Authentication) *
CommandLine./SGW/SG_R_RFC2408_5_4_2_3_P2_SA_3.seq -pkt ./SGW/SG_R_RFC2408_5_4_2_3_P2_SA_3.def test_phase=2 test_type=BASIC -log 263.html -ti Processing invalid proposal(ESP Authentication) *
TestVersionundefined
ToolVersionREL_3_0_8
Start2006/03/16 16:34:59
Tn/usr/local/v6eval//etc//tn.def
Nu/usr/local/v6eval//etc//nut.def
Pkt./SGW/SG_R_RFC2408_5_4_2_3_P2_SA_3.def
Systemfreebsd-i386
TargetNameFreeBSD 5.4-RELEASE
HostNametarget1.tahi.org
Typerouter

Test Sequence Execution Log

16:34:59Start

 *** Target IKE initialization phase ***
Target: Reset IKE SA entries: saddump
16:35:00 vRemote(ikeResetSA.rmt) ``/usr/local/v6eval//bin/freebsd-i386//ikeResetSA.rmt -t freebsd-i386 -u root -p v6eval -d cuad0 -o 1 saddump '' 
Connected

target1# 
target1# /usr/sbin/setkey -c <<EOD
dump;
flush;
EOD

? dump;
? flush;
? EOD
The result of line 1: No SAD entries.
target1# 
target1# sendMessagesSync: never got /usr/sbin/setkey -c <<EODdump;flush;EOD
echo $status
0
target1# kill -TERM `head -1 /var/run/racoon.pid`
head: /var/run/racoon.pid: No such file or directory

target1# 
target1# echo $status
1
target1# /bin/rm -f /var/run/racoon.pid

target1# 
target1# echo $status
0
~
[EOT]

Target: Clear SPD entries: spddump
16:35:07 vRemote(ipsecResetSPD.rmt) ``/usr/local/v6eval//bin/freebsd-i386//ipsecResetSPD.rmt -t freebsd-i386 -u root -p v6eval -d cuad0 -o 1 spddump '' 
Connected

target1# 
target1# /usr/sbin/setkey -c <<EOD
spddump;
spdflus? spddump;
h;
EOD

? spdflush;
EOD

? EOD
The result of line 1: No SPD entries.
target1# 
target1# sendMessagesSync: never got /usr/sbin/setkey -c <<EODspddump;spdflush;EOD
echo $status
0
~
[EOT]

Target: Set SPD entries: src=3ffe:501:ffff:100::/64 dst=3ffe:501:ffff:104::/64 tsrc=3ffe:501:ffff:102::1 tdst=3ffe:501:ffff:103::11 upperspec=any direction=out protocol=PROTO_IPSEC_ESP mode=Tunnel
16:35:13 vRemote(ipsecSetSPD.rmt) ``/usr/local/v6eval//bin/freebsd-i386//ipsecSetSPD.rmt -t freebsd-i386 -u root -p v6eval -d cuad0 -o 1 src=3ffe:501:ffff:100::/64 dst=3ffe:501:ffff:104::/64 tsrc=3ffe:501:ffff:102::1 tdst=3ffe:501:ffff:103::11 upperspec=any direction=out protocol=PROTO_IPSEC_ESP mode=Tunnel '' 
Connected

target1# 
target1# /usr/sbin/setkey -c <<EOD
spdadd 3ffe:501:ffff:100::/64 3ffe:501:ffff:104::/64
       any
       -P out ipsec
       esp/tunnel/3ffe:501:ffff:102::1-3ffe:501:ffff:103::11/require
;
spddump;
EOD

? spdadd 3ffe:501:ffff:100::/64 3ffe:501:ffff:104::/64
       any
       -P out ipsec
       esp/tunnel/3ffe:501:ffff:102::1-3ffe:501:ffff:103::11/require
;
spddump;
EOD

?        any
?        -P out ipsec
?        esp/tunnel/3ffe:501:ffff:102::1-3ffe:501:ffff:103::11/require
? ;
? spddump;
? EOD
3ffe:501:ffff:100::/64[any] 3ffe:501:ffff:104::/64[any] any
        out ipsec
        esp/tunnel/3ffe:501:ffff:102::1-3ffe:501:ffff:103::11/require
        created: Mar 16 16:42:23 2006  lastused: Mar 16 16:42:23 2006
        lifetime: 0(s) validtime: 0(s)
        spid=19662 seq=0 pid=3502
        refcnt=1
target1# 
target1# sendMessagesSync: never got /usr/sbin/setkey -c <<EODspdadd 3ffe:501:ffff:100::/64 3ffe:501:ffff:104::/64       any       -P out ipsec       esp/tunnel/3ffe:501:ffff:102::1-3ffe:501:ffff:103::11/require;spddump;EOD
echo $status
0
~
[EOT]

Target: Set SPD entries: dst=3ffe:501:ffff:100::/64 src=3ffe:501:ffff:104::/64 tdst=3ffe:501:ffff:102::1 tsrc=3ffe:501:ffff:103::11 upperspec=any direction=in protocol=PROTO_IPSEC_ESP mode=Tunnel
16:35:19 vRemote(ipsecSetSPD.rmt) ``/usr/local/v6eval//bin/freebsd-i386//ipsecSetSPD.rmt -t freebsd-i386 -u root -p v6eval -d cuad0 -o 1 dst=3ffe:501:ffff:100::/64 src=3ffe:501:ffff:104::/64 tdst=3ffe:501:ffff:102::1 tsrc=3ffe:501:ffff:103::11 upperspec=any direction=in protocol=PROTO_IPSEC_ESP mode=Tunnel '' 
Connected

target1# 
target1# /usr/sbin/setkey -c <<EOD
spdadd 3ffe:501:ffff:104::/64 3ffe:501:ffff:100::/64
       any
       -P in ipsec
       esp/tunnel/3ffe:501:ffff:103::11-3ffe:501:ffff:102::1/require
;
spddump;
EOD

? spdadd 3ffe:501:ffff:104::/64 3ffe:501:ffff:100::/64
       any
       -P in ipsec
       esp/tunnel/3ffe:501:ffff:103::11-3ffe:501:ffff:102::1/require
;
spddump;
EOD

?        any
?        -P in ipsec
?        esp/tunnel/3ffe:501:ffff:103::11-3ffe:501:ffff:102::1/require
? ;
? spddump;
? EOD
3ffe:501:ffff:104::/64[any] 3ffe:501:ffff:100::/64[any] any
        in ipsec
        esp/tunnel/3ffe:501:ffff:103::11-3ffe:501:ffff:102::1/require
        created: Mar 16 16:42:29 2006  lastused: Mar 16 16:42:29 2006
        lifetime: 0(s) validtime: 0(s)
        spid=19663 seq=1 pid=3503
        refcnt=1
3ffe:501:ffff:100::/64[any] 3ffe:501:ffff:104::/64[any] any
        out ipsec
        esp/tunnel/3ffe:501:ffff:102::1-3ffe:501:ffff:103::11/require
        created: Mar 16 16:42:23 2006  lastused: Mar 16 16:42:23 2006
        lifetime: 0(s) validtime: 0(s)
        spid=19662 seq=0 pid=3503
        refcnt=1
target1# 
target1# sendMessagesSync: never got /usr/sbin/setkey -c <<EODspdadd 3ffe:501:ffff:104::/64 3ffe:501:ffff:100::/64       any       -P in ipsec       esp/tunnel/3ffe:501:ffff:103::11-3ffe:501:ffff:102::1/require;spddump;EOD
echo $status
0
~
[EOT]

Target: Set IKE SA entries: dst=3ffe:501:ffff:103::11 dst_port=500 exchange_mode=main doi=ipsec_doi situation=identity_only isakmp_src_id_type=address isakmp_src_id=3ffe:501:ffff:102::1 dh_group=2 lifetime=28800 lifetime_unit=seconds encryption_algorithm=3des hash_algorithm=sha1 authentication_method=pre_shared_key key_id=3ffe:501:ffff:103::11 key_value=0x494b452d54455354 ph2_id_type=address ph2_src_id=3ffe:501:ffff:100::/64 ph2_dst_id=3ffe:501:ffff:104::/64 ph2_src_upper=any ph2_dst_upper=any ipsec_p_num=1 ipsec_p1_t_num=1 ph2_p1_t1_lt=8 ph2_p1_t1_lt_unit=hour ph2_p1_t1_enc_alg=ESP_3DES ph2_p1_t1_auth_mtd=HMAC_SHA
16:35:25 vRemote(ikeSetSA.rmt) ``/usr/local/v6eval//bin/freebsd-i386//ikeSetSA.rmt -t freebsd-i386 -u root -p v6eval -d cuad0 -o 1 dst=3ffe:501:ffff:103::11 dst_port=500 exchange_mode=main doi=ipsec_doi situation=identity_only isakmp_src_id_type=address isakmp_src_id=3ffe:501:ffff:102::1 dh_group=2 lifetime=28800 lifetime_unit=seconds encryption_algorithm=3des hash_algorithm=sha1 authentication_method=pre_shared_key key_id=3ffe:501:ffff:103::11 key_value=0x494b452d54455354 ph2_id_type=address ph2_src_id=3ffe:501:ffff:100::/64 ph2_dst_id=3ffe:501:ffff:104::/64 ph2_src_upper=any ph2_dst_upper=any ipsec_p_num=1 ipsec_p1_t_num=1 ph2_p1_t1_lt=8 ph2_p1_t1_lt_unit=hour ph2_p1_t1_enc_alg=ESP_3DES ph2_p1_t1_auth_mtd=HMAC_SHA '' 
Connected

target1# 
target1# ~[set] echocheck

target1# 
target1# ~[put] freebsd-i386.psk.txt /tmp/psk.txt
Dtarget1# 
target1# 
target1# /bin/chmod 600 /tmp/psk.txt
target1# echo $status
0
target1# ~[set] echocheck

target1# 
target1# ~[put] freebsd-i386.ike.conf /tmp/ike.conf
Dtarget1# 

target1# 
target1# test -f /var/run/racoon.pid &&kill -TERM `head -1 /var/run/racoon.pid`

target1# 
target1# echo $status
1
target1# /usr/local/sbin/racoon -f /tmp/ike.conf

target1# 
target1# echo $status
0
~
[EOT]
16:35:38 vRemote(ikeEnable.rmt) ``/usr/local/v6eval//bin/freebsd-i386//ikeEnable.rmt -t freebsd-i386 -u root -p v6eval -d cuad0 -o 1 '' 






*** Target initialization phase ***




16:35:39Start Capturing Packets (Link0)





16:35:39Start Capturing Packets (Link1)







*** Target pre-test seaquence ***
*** Phase-1 1st message send ***




16:35:39Clear Captured Packets (Link0)







16:35:39
vSend(Link0,isakmp_phase1_send_1st)


Send 1st message from HOST2(TN)








*** Phase-1 2nd message recieve ***





16:35:39
vRecv(Link0,isakmp_phase1_recv_2nd router_ns_multi router_ns_uni_link1 router_ns_uni_tll_sll_link1 router_ns_multi_llt_link1 router_ns_uni_sll router_ns_uni router_ns_multi_llt router_ns_uni_sll_link1 router_ns_multi_link1 router_ns_uni_tll_sll) timeout:5 cntLimit:0 seektime:0


Recv 2nd message from HOST1(NUT)











OK payload_check
*** Phase-1 3rd message send ***




16:35:39Clear Captured Packets (Link0)







16:35:40
vSend(Link0,isakmp_phase1_send_3rd)


Send 3rd message from HOST2(TN)








*** Phase-1 4th message recieve ***





16:35:40
vRecv(Link0,isakmp_phase1_recv_4th router_ns_multi router_ns_uni_link1 router_ns_uni_tll_sll_link1 router_ns_multi_llt_link1 router_ns_uni_sll router_ns_uni router_ns_multi_llt router_ns_uni_sll_link1 router_ns_multi_link1 router_ns_uni_tll_sll) timeout:5 cntLimit:0 seektime:0


Recv 4th message from HOST1(NUT)











OK payload_check
*** Phase-1 5th message send ***




16:35:40Clear Captured Packets (Link0)







16:35:41
vSend(Link0,isakmp_phase1_send_5th)


Send 5th message from HOST2(TN)








*** Phase-1 6th message recieve ***





16:35:41
vRecv(Link0,isakmp_phase1_recv_6th router_ns_multi router_ns_uni_link1 router_ns_uni_tll_sll_link1 router_ns_multi_llt_link1 router_ns_uni_sll router_ns_uni router_ns_multi_llt router_ns_uni_sll_link1 router_ns_multi_link1 router_ns_uni_tll_sll) timeout:5 cntLimit:0 seektime:0


Recv 6th message from HOST1(NUT)











OK payload_check
*** Target testing phase start ***
*** Phase-2 1st message send ***




16:35:41Clear Captured Packets (Link0)





16:35:41Clear Captured Packets (Link1)







16:35:42
vSend(Link0,isakmp_phase2_send)


Send Phase-2 1st message (HDR*, HASH(1), SA, Ni) from HOST2(TN)








*** Phase-2 2nd message recv ***





16:35:42
vRecv(Link0,isakmp_phase2_recv_2nd router_ns_multi router_ns_uni_link1 router_ns_uni_tll_sll_link1 router_ns_multi_llt_link1 router_ns_uni_sll router_ns_uni router_ns_multi_llt router_ns_uni_sll_link1 router_ns_multi_link1 router_ns_uni_tll_sll) timeout:5 cntLimit:0 seektime:0

!!!  ISAKMP PayloadLength decode(41968) over remain size(40)

recv unexpect packet at 16:35:42



Receive Neighbor Solicitation from SGW1(NUT)











16:35:44
vSend(Link0,router_na)


Send Neighbor Advertisement(TN)






16:35:45
vRecv(Link0,isakmp_phase2_recv_2nd router_ns_multi router_ns_uni_link1 router_ns_uni_tll_sll_link1 router_ns_multi_llt_link1 router_ns_uni_sll router_ns_uni router_ns_multi_llt router_ns_uni_sll_link1 router_ns_multi_link1 router_ns_uni_tll_sll) timeout:5 cntLimit:0 seektime:0

vRecv() return status=1










NG:Receive no packets
OK:Phase-2 2nd message is not returned.
 Check the proposal to confirm it is valid(ESP Authentication) is PASS
*** Target test finish ***




16:35:50Stop Capturing Packets (Link0)





16:35:50Stop Capturing Packets (Link1)







Target: Reset IKE SA entries: saddump



16:35:50

vRemote(ikeResetSA.rmt) ``/usr/local/v6eval//bin/freebsd-i386//ikeResetSA.rmt -t freebsd-i386 -u root -p v6eval -d cuad0 -o 1  saddump ''

Connected

target1# 
target1# /usr/sbin/setkey -c <<EOD
dump;
flush;? dump;

EOD

? flush;
EOD

? EOD
The result of line 1: No SAD entries.
target1# 
target1# sendMessagesSync: never got /usr/sbin/setkey -c <<EODdump;flush;EOD
echo $status
0
target1# kill -TERM `head -1 /var/run/racoon.pid`

target1# 
target1# echo $status
0
target1# /bin/rm -f /var/run/racoon.pid

target1# 
target1# echo $status
0
~
[EOT]







Target: Clear SPD entries: spddump



16:35:56

vRemote(ipsecResetSPD.rmt) ``/usr/local/v6eval//bin/freebsd-i386//ipsecResetSPD.rmt -t freebsd-i386 -u root -p v6eval -d cuad0 -o 1  spddump ''

Connected

target1# 
target1# /usr/sbin/setkey -c <<EOD
spddump;
spdflush;? spddump;

EOD

? spdflush;
EOD

? EOD
3ffe:501:ffff:104::/64[any] 3ffe:501:ffff:100::/64[any] any
        in ipsec
        esp/tunnel/3ffe:501:ffff:103::11-3ffe:501:ffff:102::1/require
        created: Mar 16 16:42:29 2006  lastused: Mar 16 16:42:29 2006
        lifetime: 0(s) validtime: 0(s)
        spid=19663 seq=1 pid=3513
        refcnt=1
3ffe:501:ffff:100::/64[any] 3ffe:501:ffff:104::/64[any] any
        out ipsec
        esp/tunnel/3ffe:501:ffff:102::1-3ffe:501:ffff:103::11/require
        created: Mar 16 16:42:23 2006  lastused: Mar 16 16:42:23 2006
        lifetime: 0(s) validtime: 0(s)
        spid=19662 seq=0 pid=3513
        refcnt=1
target1# 
target1# sendMessagesSync: never got /usr/sbin/setkey -c <<EODspddump;spdflush;EOD
echo $status
0
~
[EOT]







OK




16:36:02End




Packet Reverse Log