From 98233e636af71ec441ad68f32e35d430c3264281 Mon Sep 17 00:00:00 2001
From: Sergey Matveev <stargrave@stargrave.org>
Date: Fri, 10 Jan 2020 23:59:00 +0300
Subject: [PATCH] =?utf8?q?strongSwan=20=D0=B1=D0=B5=D0=B7=20=D0=BF=D1=80?=
 =?utf8?q?=D0=BE=D0=B1=D0=BB=D0=B5=D0=BC=20=D1=80=D0=B0=D0=B1=D0=BE=D1=82?=
 =?utf8?q?=D0=B0=D0=B5=D1=82=20=D1=81=20if=5Fipsec=20=D1=82=D1=83=D0=BD?=
 =?utf8?q?=D0=BD=D0=B5=D0=BB=D1=8F=D0=BC=D0=B8?=
MIME-Version: 1.0
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: 8bit

ÐÐ°ÑÑ Ð»ÐµÑ Ð½Ð°Ð·Ð°Ð´ Ð² 4fd50729cbda852f89101b587ec7483fdda2108c Ð¿Ð¸ÑÐ°Ð» ÑÑÐ¾ Ð²
FreeBSD ÐµÑÑÑ Ð²Ð¾Ð·Ð¼Ð¾Ð¶Ð½Ð¾ÑÑÑ ÑÐ¾Ð·Ð´Ð°Ð½Ð¸Ñ ipsec-Ð¸Ð½ÑÐµÑÑÐµÐ¹ÑÐ¾Ð² ÐºÐ¾ÑÐ¾ÑÑÐµ
Ð°Ð²ÑÐ¾Ð¼Ð°ÑÐ¸ÑÐµÑÐºÐ¸ ÑÑÑÐ°Ð½Ð°Ð²Ð»Ð¸Ð²Ð°ÑÑ SP Ð² ÑÐ´ÑÐ¾ Ñ ÑÑÐ½Ð½ÐµÐ»Ð»Ð¸ÑÐ¾Ð²Ð°Ð½Ð¸ÐµÐ¼ Ð¿Ð°ÐºÐµÑÐ¾Ð² Ð¿Ð¾ ÑÑÐ¸Ð¼
Ð¸Ð½ÑÐµÑÑÐµÐ¹ÑÐ°Ð¼ ÑÐ¾Ð´ÑÑÐ¸Ñ. ÐÐ¾ Ñ ÑÐ¾Ð³Ð´Ð° ÑÐµÑÑÐ¸ÑÐ¾Ð²Ð°Ð» ÑÑÐ¾ Ñ racoon-Ð¾Ð¼, Ñ ÐºÐ¾ÑÐ¾ÑÐ¾Ð³Ð¾
ÑÐ¶Ðµ Ð´Ð°Ð²Ð½Ð¾ ÑÐ»ÐµÐ·. strongSwan Ð¾ÐºÐ°Ð·Ð°Ð»Ð¾ÑÑ Ð½Ðµ ÑÐ»Ð¾Ð¶Ð½Ð¾ Ð¿Ð¾Ð´ÑÑÐ¶Ð¸ÑÑ Ñ ÑÑÐ¸Ð¼Ð¸ SP,
Ð¿ÑÐ¾ÑÑÐ¾ ÑÐºÐ°Ð·Ð°Ð² ÑÑÐ¾ Ð½Ðµ Ð½Ð°Ð´Ð¾ ÑÐ²Ð½Ð¾ ÑÑÑÐ°Ð½Ð°Ð²Ð»Ð¸Ð²Ð°ÑÑ policies Ð¸ "ÑÐ²ÑÐ·Ð°ÑÑ" reqid
ÑÐ¾Ð·Ð´Ð°Ð½Ð½Ð¾Ð³Ð¾ ÑÑÐ½Ð½ÐµÐ»Ñ Ñ Ð¿ÑÐ°Ð²Ð¸Ð»Ð¾Ð¼ Ð¸Ð· strongSwan. ÐÐ°Ð¿ÑÐ¸Ð¼ÐµÑ:

    ipsec0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1400
            tunnel inet6 fc00::7a00 --> fc00::98f1
            inet6 fe80::9a40:bbff:fe45:e810%ipsec0/64 scopeid 0x8
            inet6 fd::dc/64
            groups: ipsec
            reqid: 12345
            nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>

    conn SOME-REMOTE
            left=fc00::7a00
            right=fc00::98f1
            type=tunnel
            rightid=@SOME.stargrave.org
            auto=start
            installpolicy=no
            reqid=12345

ÐÑÐ¸ Ð¿ÑÐ¾ÑÐ¾Ð¶Ð´ÐµÐ½Ð¸Ð¸ ÑÑÐ°ÑÐ¸ÐºÐ° ipsec0 Ð·Ð°Ð¿ÑÐ¾ÑÐ¸Ñ Ð½Ð°Ð»Ð¸ÑÐ¸Ðµ SA, strongSwan ÐµÐ³Ð¾
Ð¿ÑÐµÐ´Ð¾ÑÑÐ°Ð²Ð¸Ñ, ÑÑÐ°ÑÐ¸Ðº Ð±ÑÐ´ÐµÑ ÑÐ¾Ð´Ð¸ÑÑ Ð·Ð°ÑÐ¸ÑÑÐ¾Ð²Ð°Ð½Ð½ÑÐ¼.
-- 
2.48.1