west:~#
 TESTNAME=dpd-01
west:~#
 source /testing/pluto/bin/westlocal.sh
west:~#
 ipsec setup start
ipsec_setup: Starting Openswan IPsec VERSION
west:~#
 sleep 5
west:~#
 ipsec auto --add west-east
west:~#
 ping -q -c 8 -n 192.1.2.23
PING 192.1.2.23 (192.1.2.23): 56 data bytes

--- 192.1.2.23 ping statistics ---
8 packets transmitted, 8 packets received, 0% packet loss
round-trip min/avg/max = 3.1/4.5/9.26 ms
west:~#
 ipsec auto --up west-east
104 "west-east" #1: STATE_MAIN_I1: initiate
003 "west-east" #1: received Vendor ID payload [Openswan 
003 "west-east" #1: received Vendor ID payload [Dead Peer Detection]
106 "west-east" #1: STATE_MAIN_I2: sent MI2, expecting MR2
108 "west-east" #1: STATE_MAIN_I3: sent MI3, expecting MR3
004 "west-east" #1: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
117 "west-east" #2: STATE_QUICK_I1: initiate
004 "west-east" #2: STATE_QUICK_I2: sent QI2, IPsec SA established
west:~#
 echo "Tunnel should be up"
Tunnel should be up
west:~#
 ipsec eroute
0          192.1.2.45/32      -> 192.1.2.23/32      => tun0x1002@192.1.2.23
west:~#
 sleep 15
west:~#
 echo "Setting up block"
Setting up block
west:~#
 iptables -I INPUT -s 192.1.2.23/32 -d 0/0 -j DROP
west:~#
 iptables -I OUTPUT -d 192.1.2.23/32 -s 0/0 -j DROP
west:~#
 sleep 10
west:~#
 ipsec eroute
0          192.1.2.45/32      -> 192.1.2.23/32      => tun0x1002@192.1.2.23
west:~#
 sleep 10
west:~#
 ipsec eroute
0          192.1.2.45/32      -> 192.1.2.23/32      => %trap
west:~#
 sleep 10
west:~#
 echo "Tunnel should be down"
Tunnel should be down
west:~#
 ipsec eroute
0          192.1.2.45/32      -> 192.1.2.23/32      => %trap
west:~#
 echo "Removing block"
Removing block
west:~#
 iptables -D INPUT -s 192.1.2.23/32 -d 0/0 -j DROP
west:~#
 iptables -D OUTPUT -d 192.1.2.23/32 -s 0/0 -j DROP
west:~#
 ping -q -c 8 -n 192.1.2.23
PING 192.1.2.23 (192.1.2.23): 56 data bytes

--- 192.1.2.23 ping statistics ---
8 packets transmitted, 0 packets received, 100% packet loss
west:~#
 echo "Tunnel should be up"
Tunnel should be up
west:~#
 ipsec eroute
7          192.1.2.45/32      -> 192.1.2.23/32      => %hold
west:~#
 echo end
end
west:~#
 

west:~#
 echo end
end
west:~#

