diff options
| author | bz <bz@FreeBSD.org> | 2007-11-28 20:33:58 +0000 |
|---|---|---|
| committer | bz <bz@FreeBSD.org> | 2007-11-28 20:33:58 +0000 |
| commit | 479ef69e28a29f87e0e593edd116dd8dfb8211db (patch) | |
| tree | cd3492da46a75b7c2714be2704e583aaf122abe2 /tools/regression/netinet/tcpconnect/README.tcp-md5 | |
| parent | 29461b8ede07005970600b6dbf378bf4919e1219 (diff) | |
| download | FreeBSD-src-479ef69e28a29f87e0e593edd116dd8dfb8211db.zip FreeBSD-src-479ef69e28a29f87e0e593edd116dd8dfb8211db.tar.gz | |
Add support for tcpmd5 tests.
Add README.tcpmd5 to describe how to build a simple test setup
and run tests.
Convert compile time options to run time options [1].
Discussed with: rwatson
Suggested by: rwatson [1]
Diffstat (limited to 'tools/regression/netinet/tcpconnect/README.tcp-md5')
| -rw-r--r-- | tools/regression/netinet/tcpconnect/README.tcp-md5 | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/tools/regression/netinet/tcpconnect/README.tcp-md5 b/tools/regression/netinet/tcpconnect/README.tcp-md5 new file mode 100644 index 0000000..c509023 --- /dev/null +++ b/tools/regression/netinet/tcpconnect/README.tcp-md5 @@ -0,0 +1,30 @@ +# $FreeBSD$ + +To test tcp-md5 do: + +* compile and install kernel with TCP_SIGNATURE support + +* add this to /etc/ipsec.conf (the md5 'secret' is just a sample) + add 127.0.0.1 127.0.0.1 tcp 0x1000 -A tcp-md5 "0e3a9ac42ceca8260f1d6fbc46a9707c"; + +* enable it in /etc/rc.conf with + ipsec_enable="YES" + and apply it with sh /etc/rc.d/ipsec start + + [ off course you can also manually add it using setkey(8) ] + +* compile tcpconnect in here running: + make + +* start tcpdump (secret as above, port is just a sample): + tcpdump -l -n -i lo0 -s 0 -M "0e3a9ac42ceca8260f1d6fbc46a9707c" tcp and port 2345 + +* run the server (use same port as given to tcpdump): + ./tcpconnect server 2345 + +* run the client (use same port as given to tcpdump): + ./tcpconnect client 127.0.0.1 2345 1 tcpmd5 + +* check tcpdump output + +# end |
