Gitiles
Code Review Sign In
gerrit.osmocom.org / osmo-ttcn3-hacks / 50db4c99eccdb6e329df01e8c37c7fb689789e26 / . / asterisk / IMS_ipsec_setup.sh
blob: 7c76679f16ed3c39dfa66c02cd0b09c4dda68521 [file] [log] [blame]
Pau Espin Pedrola674d612024-05-14 19:56:33 +0200[diff] [blame]1#!/bin/sh
2
3# use: ipset_setup.sh \
4# $LOC_IP $LOC_PORT_C $LOC_SPI_C $LOC_PORT_S $LOC_SPI_S \
5# $REM_IP $REM_PORT_C $REM_SPI_C $REM_PORT_S $REM_SPI_S \
6# $AUTH_KEY
7
8LOC_IP="${1}"
9LOC_PORT_C="${2}"
10LOC_SPI_C="${3}"
11LOC_PORT_S="${4}"
12LOC_SPI_S="${5}"
13REM_IP="${6}"
14REM_PORT_C="${7}"
15REM_SPI_C="${8}"
16REM_PORT_S="${9}"
17REM_SPI_S="${10}"
18AUTH_KEY="${11}"
19
20set -x
21
22# Clean up state from previous tests:
23ip xfrm policy flush
24ip xfrm state flush
25
26# use: ip_xfrm <src_ip> <src_port> <dst_ip> <dst_port> <spi>
27ip_xfrm_state() {
28 ip xfrm state add \
29 src "${1}" dst "${3}" proto esp spi "${5}" reqid "${5}" mode transport \
30 replay-window 32 \
31 auth-trunc sha1 "${AUTH_KEY}" 96 \
32 enc cipher_null "" \
33 sel src "${1}/32" dst "${3}/32" sport "${2}" dport "${4}"
34}
35
36# TTCN3(Srv) -> Asterisk(Cli): REM_SPI_C
37ip_xfrm_state "${LOC_IP}" "${LOC_PORT_S}" "${REM_IP}" "${REM_PORT_C}" "${REM_SPI_C}"
38
39# TTCN3(Cli) -> Asterisk(Srv): REM_SPI_S
40ip_xfrm_state "${LOC_IP}" "${LOC_PORT_C}" "${REM_IP}" "${REM_PORT_S}" "${REM_SPI_S}"
41
42# Asterisk(Cli) -> TTCN3(Srv): LOC_SPI_S
43ip_xfrm_state "${REM_IP}" "${REM_PORT_C}" "${LOC_IP}" "${LOC_PORT_S}" "${LOC_SPI_S}"
44
45# Asterisk(Srv) -> TTCN3(Cli): LOC_SPI_C
46ip_xfrm_state "${REM_IP}" "${REM_PORT_S}" "${LOC_IP}" "${LOC_PORT_C}" "${LOC_SPI_C}"
47
48# use: ip_xfrm <src_ip> <src_port> <dst_ip> <dst_port> <req_id> <dir>
49ip_xfrm_policy() {
50 ip xfrm policy add \
51 src "${1}/32" dst "${3}/32" sport "${2}" dport "${4}" \
52 dir "${6}" \
53 tmpl src "${1}" dst "${3}" \
54 proto esp reqid "${5}" mode transport
55}
56
57# TTCN3(Srv) -> Asterisk(Cli): REM_SPI_C out
58ip_xfrm_policy "${LOC_IP}" "${LOC_PORT_S}" "${REM_IP}" "${REM_PORT_C}" "${REM_SPI_C}" "out"
59
60# TTCN3(Cli) -> Asterisk(Srv): REM_SPI_S out
61ip_xfrm_policy "${LOC_IP}" "${LOC_PORT_C}" "${REM_IP}" "${REM_PORT_S}" "${REM_SPI_S}" "out"
62
63# Asterisk(Cli) -> TTCN3(Srv): LOC_SPI_S in
64ip_xfrm_policy "${REM_IP}" "${REM_PORT_C}" "${LOC_IP}" "${LOC_PORT_S}" "${LOC_SPI_S}" "in"
65
66# Asterisk(Srv) -> TTCN3(Cli): LOC_SPI_C in
67ip_xfrm_policy "${REM_IP}" "${REM_PORT_S}" "${LOC_IP}" "${LOC_PORT_C}" "${LOC_SPI_C}" "in"
68
69#ip xfrm state
70#ip xfrm policy