east:~#
 route delete -net 192.0.1.0 netmask 255.255.255.0
east:~#
 route delete -net default
east:~#
 route add -net default gw 192.1.2.45
east:~#
 ipsec setup start
ipsec_setup: Starting Libreswan IPsec VERSION
east:~#
 /testing/pluto/basic-pluto-01/eroutewait.sh trap
east:~#
 ipsec look
east NOW
0.0.0.0/0          -> 0.0.0.0/0          => %trap
ipsec0->eth1 mtu=16260(9999)->1500
ROUTING TABLE
192.1.2.0/24 dev eth1  proto kernel  scope link  src 192.1.2.23 
192.1.2.0/24 dev ipsec0  proto kernel  scope link  src 192.1.2.23 
0.0.0.0/1 via 192.1.2.45 dev ipsec0 
128.0.0.0/1 via 192.1.2.45 dev ipsec0 
default via 192.1.2.45 dev eth1 
east:~#
 ipsec auto --add clear
east:~#
 ipsec whack --listen
002 listening for IKE messages
002 forgetting secrets
002 loading secrets from "/etc/ipsec.secrets"
002 loaded private key for keyid: PPK_RSA:ADEADBEEF
002 loaded private key for keyid: PPK_RSA:ADEADBEEF
002 loading group "/etc/ipsec.d/policies/clear"
east:~#
 ipsec eroute
0          0.0.0.0/0          -> 0.0.0.0/0          => %trap
east:~#
 ipsec auto --route clear
east:~#
 ipsec eroute
0          0.0.0.0/0          -> 0.0.0.0/0          => %trap
0          192.1.2.23/32      -> 192.0.1.0/24       => %pass
0          192.1.2.23/32      -> 192.1.2.129/32     => %pass
0          192.1.2.23/32      -> 192.1.2.130/32     => %pass
0          192.1.2.23/32      -> 192.1.2.254/32     => %pass
east:~#
 echo end
end
east:~#
 ping -c 8 -n 192.0.1.1
PING 192.0.1.1 (192.0.1.1): 56 data bytes
64 bytes from 192.0.1.1: icmp_seq=0 ttl=257 time=999 ms
64 bytes from 192.0.1.1: icmp_seq=1 ttl=257 time=999 ms
64 bytes from 192.0.1.1: icmp_seq=2 ttl=257 time=999 ms
64 bytes from 192.0.1.1: icmp_seq=3 ttl=257 time=999 ms
64 bytes from 192.0.1.1: icmp_seq=4 ttl=257 time=999 ms
64 bytes from 192.0.1.1: icmp_seq=5 ttl=257 time=999 ms
64 bytes from 192.0.1.1: icmp_seq=6 ttl=257 time=999 ms
64 bytes from 192.0.1.1: icmp_seq=7 ttl=257 time=999 ms

--- 192.0.1.1 ping statistics ---
8 packets transmitted, 8 packets received, 0% packet loss
round-trip min/avg/max = 3.1/4.5/9.26 ms
east:~#
 ipsec look
east NOW
0.0.0.0/0          -> 0.0.0.0/0          => %trap
192.1.2.23/32      -> 192.0.1.0/24       => %pass
192.1.2.23/32      -> 192.1.2.129/32     => %pass
192.1.2.23/32      -> 192.1.2.130/32     => %pass
192.1.2.23/32      -> 192.1.2.254/32     => %pass
ipsec0->eth1 mtu=16260(9999)->1500
ROUTING TABLE
192.1.2.129 dev ipsec0  scope link 
192.1.2.130 dev ipsec0  scope link 
192.1.2.254 dev ipsec0  scope link 
192.1.2.0/24 dev eth1  proto kernel  scope link  src 192.1.2.23 
192.1.2.0/24 dev ipsec0  proto kernel  scope link  src 192.1.2.23 
192.0.1.0/24 dev ipsec0  scope link 
0.0.0.0/1 via 192.1.2.45 dev ipsec0 
128.0.0.0/1 via 192.1.2.45 dev ipsec0 
default via 192.1.2.45 dev eth1 
east:~#
 echo end
end
east:~#
 

east:~#
 ipsec setup stop
IPSEC EVENT: KLIPS device ipsec0 shut down.
ipsec_setup: Stopping Libreswan IPsec...
east:~#
 kill `cat /var/run/klogd.pid`; cat /tmp/klog.log
klogd 1.3-3#33.1, log source = /proc/kmsg started.
east:~#
 halt -p -f
System halted.