#!/usr/sbin/setkey -f
#
# SPD for 10.0.0.23
#

# Flush the SAD and SPD
flush;
spdflush;

spdadd 10.0.0.23 10.0.0.42 any -P out ipsec
       esp/transport//require
       ah/transport//require;

spdadd 10.0.0.42 10.0.0.23 any -P in ipsec
       esp/transport//require
       ah/transport//require;

# AH SAD entries with 160 bit keys
add 10.0.0.23 10.0.0.42 ah 0x200 -A hmac-sha1 0x46915c30ed7e2465b42861b6ab19f2772813020c;
add 10.0.0.42 10.0.0.23 ah 0x300 -A hmac-sha1 0xc4dac594f8228e0b94a54758f7fbf2fdf4e37f3e;

# ESP SAD entries with 192 bit keys
add 10.0.0.23 10.0.0.42 esp 0x201 -E rijndael-cbc 0xa3993b3dfc41ef0a1aa8d168a8bf2c27e48249ac17b61e09;
add 10.0.0.42 10.0.0.23 esp 0x301 -E rijndael-cbc 0x8f6498928ba354bd45cfad147f54c67b3b742896b3bafc02;
