PRE-TEST

moon# ipsec start --debug-all
Starting strongSwan 4.2.17 IPsec [starter]...
| Default route found: iface=eth0, addr=192.168.0.1, nexthop=192.168.0.254
| Loading config setup
|   plutodebug=control
|   crlcheckinterval=180
|   strictcrlpolicy=no
|   charonstart=no
| Loading conn %default
|   ikelifetime=60m
|   keylife=20m
|   rekeymargin=3m
|   keyingtries=1
| Loading conn 'net-net'
|   also=host-host
|   also=moon-net
|   also=sun-net
| Loading conn 'host-host'
|   also=moon
|   also=sun
|   auto=add
| Loading conn 'rw'
|   right=%any
|   also=moon
|   also=moon-net
|   auto=add
| Loading conn 'moon'
|   left=192.168.0.1
|   leftcert=moonCert.pem
|   leftid=@moon.strongswan.org
|   leftfirewall=yes
|   also=host-host
| Loading conn 'moon-net'
|   leftsubnet=10.1.0.0/16
| Loading conn 'sun'
|   right=192.168.0.2
|   rightid=@sun.strongswan.org
| Loading conn 'sun-net'
|   rightsubnet=10.2.0.0/16
| conn 'net-net' includes 'sun-net'
|   rightsubnet=10.2.0.0/16
| conn 'net-net' includes 'moon-net'
|   leftsubnet=10.1.0.0/16
| conn 'net-net' includes 'sun'
|   right=192.168.0.2
|   rightid=@sun.strongswan.org
# detected also loop
  conn 'net-net' cannot include 'host-host'
| conn 'net-net' includes 'moon'
| conn 'net-net' includes 'host-host'
| conn 'host-host' includes 'sun'
# detected also loop
  conn 'host-host' cannot include 'host-host'
| conn 'host-host' includes 'moon'
| conn 'rw' includes 'moon-net'
| conn 'rw' includes 'sun'
# detected also loop
  conn 'rw' cannot include 'moon'
| conn 'rw' includes 'host-host'
| conn 'rw' includes 'moon'
| conn 'moon' includes 'sun'
# detected also loop
  conn 'moon' cannot include 'moon'
| conn 'moon' includes 'host-host'
### 4 parsing errors (4 fatal) ###
unable to start strongSwan -- fatal errors in config

moon# sleep 1


TEST

moon# cat /var/log/auth.log | grep 'detected also loop' [YES]
Jul 20 15:25:01 moon ipsec_starter[23428]: # detected also loop
Jul 20 15:25:01 moon ipsec_starter[23428]: # detected also loop
Jul 20 15:25:02 moon ipsec_starter[23428]: # detected also loop
Jul 20 15:25:02 moon ipsec_starter[23428]: # detected also loop

moon# cat /var/log/auth.log | grep 'errors in config' [YES]
Jul 20 15:25:02 moon ipsec_starter[23428]: unable to start strongSwan -- fatal errors in config


POST-TEST