📄 west-console.txt
字号:
west:~# namedwest:~# ifdown eth1west:~# ifconfig eth1 inet 192.1.2.45 netmask 255.255.255.224 upwest:~# route add -net default gw 192.1.2.62west:~# : try default routewest:~# ping -c 1 -n 192.1.2.62PING 192.1.2.62 (192.1.2.62): 56 data bytes64 bytes from 192.1.2.62: icmp_seq=0 ttl=257 time=999 ms--- 192.1.2.62 ping statistics ---1 packets transmitted, 1 packets received, 0% packet lossround-trip min/avg/max = 3.1/4.5/9.26 mswest:~# : try hitting east before doing IPsecwest:~# ping -c 1 -n 192.1.2.23PING 192.1.2.23 (192.1.2.23): 56 data bytes64 bytes from 192.1.2.23: icmp_seq=0 ttl=257 time=999 ms--- 192.1.2.23 ping statistics ---1 packets transmitted, 1 packets received, 0% packet lossround-trip min/avg/max = 3.1/4.5/9.26 mswest:~# ipsec setup startipsec_setup: Starting Openswan IPsec VERSIONwest:~# /testing/pluto/bin/wait-until-pluto-startedwest:~# ipsec auto --add us-to-anyonewest:~# ipsec auto --route us-to-anyonewest:~# ipsec auto --replace clearwest:~# ipsec whack --listen002 listening for IKE messages002 forgetting secrets002 loading secrets from "/etc/ipsec.secrets"002 loading group "/etc/ipsec.d/policies/clear"west:~# ipsec auto --route clearwest:~# : check out if .23 has proper TXT record.west:~# dig 23.2.1.192.in-addr.arpa. txt; <<>> DiG VERSION<<>> 23.2.1.192.in-addr.arpa. txt;; global options: printcmd;; Got answer:;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12345;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0;; QUESTION SECTION:;23.2.1.192.in-addr.arpa. IN TXT;; ANSWER SECTION:23.2.1.192.in-addr.arpa. 604800 IN TXT "X-IPsec-Server(10)=192.1.2.23" " AQN3cn11FrBVbZhWGwRnFDAf8O9FHBmBIyIvmvt0kfkI2UGDDq8k+vYgRkwBZDviLd1p3SkL30LzuV0rqG3vBriqaAUUGoCQ0UMgsuX+k01bROLsqGB1QNXYvYiPLsnoDhKd2Gx9MUMHEjwwEZeyskMT5k91jvoAZvdEkg+9h7urbJ+kRQ4e+IHkMUrreDGwGVptV/hYQVCD54RZep6xp5ymaKRCDgMpzWvlzO80fP7JDjSZf9LI/MMu6c+qwX" "IKnWoNha75IhFyLWniVczxK2RdhmMhLsi0kC0CoOwWDSIEOb+5zbECDjjud+SF5tT8qRCWnSomX8jtbCdZ50WraQlL";; Query time: 25 msec;; SERVER: 127.0.0.1#53(127.0.0.1);; WHEN: DATE;; MSG SIZE rcvd: SIZEwest:~# ipsec lookwest NOW192.0.1.0/24 -> 0.0.0.0/0 => %trap (0)192.1.2.45/32 -> 192.0.2.0/24 => %pass (0)192.1.2.45/32 -> 192.1.2.0/24 => %pass (0)192.1.2.45/32 -> 192.1.2.129/32 => %pass (12)192.1.2.45/32 -> 192.1.2.130/32 => %pass (4)192.1.2.45/32 -> 192.1.2.254/32 => %pass (12)ipsec0->eth1 mtu=16260(1500)->1500Destination Gateway Genmask Flags MSS Window irtt Iface0.0.0.0 192.1.2.62 0.0.0.0 UG 0 0 0 eth10.0.0.0 192.1.2.62 128.0.0.0 UG 0 0 0 ipsec0128.0.0.0 192.1.2.62 128.0.0.0 UG 0 0 0 ipsec0192.0.2.0 192.1.2.62 255.255.255.0 UG 0 0 0 ipsec0192.1.2.0 192.1.2.62 255.255.255.0 UG 0 0 0 ipsec0192.1.2.129 192.1.2.62 255.255.255.255 UGH 0 0 0 ipsec0192.1.2.130 192.1.2.62 255.255.255.255 UGH 0 0 0 ipsec0192.1.2.254 192.1.2.62 255.255.255.255 UGH 0 0 0 ipsec0192.1.2.32 0.0.0.0 255.255.255.224 U 0 0 0 eth1192.1.2.32 0.0.0.0 255.255.255.224 U 0 0 0 ipsec0west:~# echo endendwest:~# west:~#west:~# ipsec eroute0 0.0.0.0/0 -> 0.0.0.0/0 => %trap0 192.0.1.0/24 -> 0.0.0.0/0 => %trap0 192.1.2.45/32 -> 192.0.2.0/24 => %pass2 192.1.2.45/32 -> 192.1.2.0/24 => %pass12 192.1.2.45/32 -> 192.1.2.129/32 => %pass4 192.1.2.45/32 -> 192.1.2.130/32 => %pass12 192.1.2.45/32 -> 192.1.2.254/32 => %pass⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -