* [meta-fsl-ppc][PATCH 1/6] add cs4315-firmware license file Cortina
@ 2014-07-24 7:48 ting.liu
2014-07-24 7:48 ` [meta-fsl-ppc][PATCH 2/6] add more generic SOC_FAMILY name t1/t2/t4/b4 ting.liu
` (3 more replies)
0 siblings, 4 replies; 5+ messages in thread
From: ting.liu @ 2014-07-24 7:48 UTC (permalink / raw)
To: meta-freescale
From: Ting Liu <b28495@freescale.com>
Signed-off-by: Ting Liu <b28495@freescale.com>
---
custom-licenses/Cortina | 51 +++++++++++++++++++++++++++++++++++++++++++++++
1 files changed, 51 insertions(+), 0 deletions(-)
create mode 100644 custom-licenses/Cortina
diff --git a/custom-licenses/Cortina b/custom-licenses/Cortina
new file mode 100644
index 0000000..a68417c
--- /dev/null
+++ b/custom-licenses/Cortina
@@ -0,0 +1,51 @@
+DEFINITIONS:“Device” is the product described in this document or document set. “Cortina” is Cortina Systems, Inc.
+“Software” is the software used with the Device, including the Application Programmable Interface (“API”). “You” are a
+customer, or potential customer, of Devices with whom Cortina has an NDA.
+LICENSE:Subject to the restrictions below, Cortina grants to You a non-exclusive, non-assignable, non-transferable,
+royalty-free copyright license to (1) copy and modify the source code of the API; (2) incorporate the API in object code
+form or as a library into Your software which is solely used with Your products (that incorporate the Devices); and (3)
+distribute to Your customer, inobject code form only, the API.
+RESTRICTIONS:The Software must be used solely in conjunction with the Devices and solely for Your internal
+evaluation, demonstration, software application development anddistribution for production purposes, either with an
+Cortina platform that contains the Device or with Your own product that incorporates the Device. Notwithstanding
+anything to the contrary, the API can be incorporated into Your software as described above and distributed to Your
+customers in object code form only. You may not distribute the Software as a stand-alone product. You shall not cause
+the incorporation, modification or distribution of the Software to become subject to any open source licenses. You will
+make reasonable efforts to discontinue the distribution of any portions of the Software that You are licensed hereunder
+to distribute upon Cortina’s release of an update, upgrade or new version of the Software. You agree that You are
+solely responsible for supporting any code which You modify, incorporate or distribute. You may not reverse-assemble,
+reverse-compile, or otherwise reverse-engineer any Software provided in binary or machine readable form.
+Distribution of the Software is also subject to the following limitations: You (i) are solely responsible to Your customers
+for any update or support obligation or other liability which may arise from the modification, incorporation, and
+distribution of the Software, (ii) do notmake any statement that Your product is“certified,” or that its performance is
+guaranteed, by Cortina, (iii) do not use Cortina's name or trademarks to market Your product without prior written
+permission, (iv) shall prohibit disassembly and reverse engineering, and (v) shall indemnify, hold harmless, and defend
+Cortina and its suppliers from and against any claims or lawsuits, including attorney's fees, that arise or result from
+Your distribution of any product.
+OWNERSHIP OF SOFTWARE AND COPYRIGHTS.The title to all copies of the Software remains with Cortina or its
+suppliers. The Software is copyrighted and protected by the laws of the United States and other countries, and
+international treaty provisions. You may not remove any copyright notices from the Software. Cortina may make
+changes to the Software, or to items referenced therein, at any timewithout notice, but is not obligated to support or
+update the Software. Except as otherwise expressly provided,Cortina grants no express or implied right under Cortina
+patents, copyrights, trademarks, or other intellectual property rights.
+DISCLAIMER OF WARRANTIES.THE SOFTWARE IS PROVIDED “AS IS” WITHOUT ANY EXPRESS OR IMPLIED
+WARRANTY OF ANY KIND. CORTINA AND ITS SUPPLIERSHEREBY DISCLAIM ALL WARRANTIES, INCLUDING
+ANY IMPLIED WARRANTIES OF MERCHANTABILITY, NONINFRINGEMENT, OR FITNESS FOR A PARTICULAR
+PURPOSE.
+LIMITATION OF LIABILITY.IN NO EVENT SHALL CORTINA OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES
+WHATSOEVER (INCLUDING, WITHOUT LIMITATION, LOST PROFITS, BUSINESS INTERRUPTION, OR LOST
+INFORMATION) ARISING OUT OF THE USE OF OR INABILITY TO USE THE SOFTWARE, EVEN IF CORTINA HAS
+BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
+TERMINATION OF THIS LICENSE.Cortina may terminate this license at any time if You violate its terms. Upon
+termination, You will immediately destroy the Software or return all copies of the Software to Cortina.
+APPLICABLE LAWS.Claims arising under this license shall be governed by the laws of the State of Delaware,
+excluding its principles of conflict of laws. The provisions of the United Nations Convention on Contracts for the
+International Sale of Goods shall not apply to this license.You shall not export, either directly or indirectly, any
+Software or derived object code without first obtaining any required license or other approval from the applicable
+governmental entity, including the U.S. Department of Commerce or any other agency or department of the United
+States Government if required. This isthe entire agreement and understanding between You and Cortina relating to
+this subject matter, and no amendments will be effective unless in a writing signed by both parties.
+GOVERNMENT RESTRICTED RIGHTS.The Software is provided with “RESTRICTED RIGHTS.” Use, duplication, or
+disclosure by the Government issubject to restrictions as set forth in FAR52.227-14 and DFAR252.227-7013 et seq. or
+its successor. Use of the Software by the Government constitutes acknowledgment of Cortina's proprietary rights
+therein. Contractor or Manufacturer is Cortina.
--
1.7.3.4
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [meta-fsl-ppc][PATCH 2/6] add more generic SOC_FAMILY name t1/t2/t4/b4
2014-07-24 7:48 [meta-fsl-ppc][PATCH 1/6] add cs4315-firmware license file Cortina ting.liu
@ 2014-07-24 7:48 ` ting.liu
2014-07-24 7:48 ` [meta-fsl-ppc][PATCH 3/6] fmlib: use SOC_FAMILY as override ting.liu
` (2 subsequent siblings)
3 siblings, 0 replies; 5+ messages in thread
From: ting.liu @ 2014-07-24 7:48 UTC (permalink / raw)
To: meta-freescale
From: Ting Liu <b28495@freescale.com>
currently the SOC_FAMILY name only cover 32b/64b for each one. add
a more generic one to make it more usable.
Signed-off-by: Ting Liu <b28495@freescale.com>
---
conf/machine/b4420qds-64b.conf | 2 +-
conf/machine/b4420qds.conf | 2 +-
conf/machine/b4860qds-64b.conf | 2 +-
conf/machine/b4860qds.conf | 2 +-
conf/machine/t1040rdb-64b.conf | 2 +-
conf/machine/t1040rdb.conf | 2 +-
conf/machine/t1042rdb-64b.conf | 2 +-
conf/machine/t1042rdb.conf | 2 +-
conf/machine/t2080qds-64b.conf | 2 +-
conf/machine/t2080qds.conf | 2 +-
conf/machine/t2080rdb-64b.conf | 2 +-
conf/machine/t2080rdb.conf | 2 +-
conf/machine/t4160qds-64b.conf | 2 +-
conf/machine/t4160qds.conf | 2 +-
conf/machine/t4240qds-64b.conf | 2 +-
conf/machine/t4240qds.conf | 2 +-
conf/machine/t4240rdb-64b.conf | 2 +-
conf/machine/t4240rdb.conf | 2 +-
18 files changed, 18 insertions(+), 18 deletions(-)
diff --git a/conf/machine/b4420qds-64b.conf b/conf/machine/b4420qds-64b.conf
index a623c84..c0487d9 100644
--- a/conf/machine/b4420qds-64b.conf
+++ b/conf/machine/b4420qds-64b.conf
@@ -6,7 +6,7 @@
require conf/machine/include/e6500-64b.inc
-SOC_FAMILY = "b4420"
+SOC_FAMILY = "b4:b4420"
UBOOT_MACHINES ?= "B4420QDS"
KERNEL_DEVICETREE ?= "b4420qds.dtb b4420qds-usdpaa.dtb"
KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/85xx/e6500rev2_defconfig"
diff --git a/conf/machine/b4420qds.conf b/conf/machine/b4420qds.conf
index fa1187b..94ab1d3 100644
--- a/conf/machine/b4420qds.conf
+++ b/conf/machine/b4420qds.conf
@@ -6,7 +6,7 @@
require conf/machine/include/e6500.inc
-SOC_FAMILY = "b4420"
+SOC_FAMILY = "b4:b4420"
UBOOT_MACHINES ?= "B4420QDS"
KERNEL_DEVICETREE ?= "b4420qds.dtb b4420qds-usdpaa.dtb"
KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/85xx/e6500rev2_defconfig"
diff --git a/conf/machine/b4860qds-64b.conf b/conf/machine/b4860qds-64b.conf
index 3ba5648..acc72d4 100644
--- a/conf/machine/b4860qds-64b.conf
+++ b/conf/machine/b4860qds-64b.conf
@@ -6,7 +6,7 @@
require conf/machine/include/e6500-64b.inc
-SOC_FAMILY = "b4860"
+SOC_FAMILY = "b4:b4860"
UBOOT_MACHINES ?= "B4860QDS"
KERNEL_DEVICETREE ?= "b4860qds.dtb b4860qds-usdpaa.dtb"
KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/85xx/e6500rev2_defconfig"
diff --git a/conf/machine/b4860qds.conf b/conf/machine/b4860qds.conf
index 972d29f..c2d28ed 100644
--- a/conf/machine/b4860qds.conf
+++ b/conf/machine/b4860qds.conf
@@ -6,7 +6,7 @@
require conf/machine/include/e6500.inc
-SOC_FAMILY = "b4860"
+SOC_FAMILY = "b4:b4860"
UBOOT_MACHINES ?= "B4860QDS"
KERNEL_DEVICETREE ?= "b4860qds.dtb b4860qds-usdpaa.dtb"
KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/85xx/e6500rev2_defconfig"
diff --git a/conf/machine/t1040rdb-64b.conf b/conf/machine/t1040rdb-64b.conf
index b4ea5c8..603bc30 100644
--- a/conf/machine/t1040rdb-64b.conf
+++ b/conf/machine/t1040rdb-64b.conf
@@ -6,7 +6,7 @@
require conf/machine/include/e5500-64b.inc
-SOC_FAMILY = "t1040"
+SOC_FAMILY = "t1:t1040"
UBOOT_MACHINES ?= "T1040RDB"
KERNEL_DEVICETREE ?= "t1040rdb.dtb t1040rdb-usdpaa.dtb"
KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/t1040_64bit_smp_defconfig"
diff --git a/conf/machine/t1040rdb.conf b/conf/machine/t1040rdb.conf
index 684cf8e..eaac98f 100644
--- a/conf/machine/t1040rdb.conf
+++ b/conf/machine/t1040rdb.conf
@@ -6,7 +6,7 @@
require conf/machine/include/e5500.inc
-SOC_FAMILY = "t1040"
+SOC_FAMILY = "t1:t1040"
UBOOT_MACHINES ?= "T1040RDB"
KERNEL_DEVICETREE ?= "t1040rdb.dtb t1040rdb-usdpaa.dtb"
KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/t1040_32bit_smp_defconfig"
diff --git a/conf/machine/t1042rdb-64b.conf b/conf/machine/t1042rdb-64b.conf
index 0141e10..c3f7838 100644
--- a/conf/machine/t1042rdb-64b.conf
+++ b/conf/machine/t1042rdb-64b.conf
@@ -6,7 +6,7 @@
require conf/machine/include/e5500-64b.inc
-SOC_FAMILY = "t1042"
+SOC_FAMILY = "t1:t1042"
UBOOT_MACHINES ?= "T1042RDB_PI"
KERNEL_DEVICETREE ?= "t1042rdb_pi.dtb"
KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/t1040_64bit_smp_defconfig"
diff --git a/conf/machine/t1042rdb.conf b/conf/machine/t1042rdb.conf
index 1f13d86..feb5049 100644
--- a/conf/machine/t1042rdb.conf
+++ b/conf/machine/t1042rdb.conf
@@ -6,7 +6,7 @@
require conf/machine/include/e5500.inc
-SOC_FAMILY = "t1042"
+SOC_FAMILY = "t1:t1042"
UBOOT_MACHINES ?= "T1042RDB_PI"
KERNEL_DEVICETREE ?= "t1042rdb_pi.dtb"
KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/t1040_32bit_smp_defconfig"
diff --git a/conf/machine/t2080qds-64b.conf b/conf/machine/t2080qds-64b.conf
index e2b5682..6b0f943 100644
--- a/conf/machine/t2080qds-64b.conf
+++ b/conf/machine/t2080qds-64b.conf
@@ -6,7 +6,7 @@
require conf/machine/include/e6500-64b.inc
-SOC_FAMILY = "t2080"
+SOC_FAMILY = "t2:t2080"
UBOOT_MACHINES ?= "T2080QDS T2080QDS_SDCARD T2080QDS_SPIFLASH T2080QDS_NAND T2080QDS_SRIO_PCIE_BOOT"
KERNEL_DEVICETREE ?= "t2080qds.dtb t2080qds-usdpaa.dtb"
KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/85xx/e6500rev2_defconfig"
diff --git a/conf/machine/t2080qds.conf b/conf/machine/t2080qds.conf
index dfa6b09..c675aec 100644
--- a/conf/machine/t2080qds.conf
+++ b/conf/machine/t2080qds.conf
@@ -6,7 +6,7 @@
require conf/machine/include/e6500.inc
-SOC_FAMILY = "t2080"
+SOC_FAMILY = "t2:t2080"
UBOOT_MACHINES ?= "T2080QDS T2080QDS_SDCARD T2080QDS_SPIFLASH T2080QDS_NAND T2080QDS_SRIO_PCIE_BOOT"
KERNEL_DEVICETREE ?= "t2080qds.dtb t2080qds-usdpaa.dtb"
KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/85xx/e6500rev2_defconfig"
diff --git a/conf/machine/t2080rdb-64b.conf b/conf/machine/t2080rdb-64b.conf
index 5d4eed4..22f3f0f 100644
--- a/conf/machine/t2080rdb-64b.conf
+++ b/conf/machine/t2080rdb-64b.conf
@@ -6,7 +6,7 @@
require conf/machine/include/e6500-64b.inc
-SOC_FAMILY = "t2080"
+SOC_FAMILY = "t2:t2080"
UBOOT_MACHINES ?= "T2080RDB T2080RDB_SDCARD T2080RDB_SPIFLASH T2080RDB_NAND T2080RDB_SRIO_PCIE_BOOT"
KERNEL_DEVICETREE ?= "t2080rdb.dtb t2080rdb-usdpaa.dtb"
KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/85xx/e6500rev2_defconfig"
diff --git a/conf/machine/t2080rdb.conf b/conf/machine/t2080rdb.conf
index 08d2dd7..67b6d92 100644
--- a/conf/machine/t2080rdb.conf
+++ b/conf/machine/t2080rdb.conf
@@ -6,7 +6,7 @@
require conf/machine/include/e6500.inc
-SOC_FAMILY = "t2080"
+SOC_FAMILY = "t2:t2080"
UBOOT_MACHINES ?= "T2080RDB T2080RDB_SDCARD T2080RDB_SPIFLASH T2080RDB_NAND T2080RDB_SRIO_PCIE_BOOT"
KERNEL_DEVICETREE ?= "t2080rdb.dtb t2080rdb-usdpaa.dtb"
KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/85xx/e6500rev2_defconfig"
diff --git a/conf/machine/t4160qds-64b.conf b/conf/machine/t4160qds-64b.conf
index 3f35e57..970e54e 100644
--- a/conf/machine/t4160qds-64b.conf
+++ b/conf/machine/t4160qds-64b.conf
@@ -6,7 +6,7 @@
require conf/machine/include/e6500-64b.inc
-SOC_FAMILY = "t4160"
+SOC_FAMILY = "t4:t4160"
UBOOT_MACHINES ?= "T4160QDS"
KERNEL_DEVICETREE ?= "t4240qds.dtb t4240qds-usdpaa.dtb"
KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/85xx/e6500rev2_defconfig"
diff --git a/conf/machine/t4160qds.conf b/conf/machine/t4160qds.conf
index f87b58e..66c114e 100644
--- a/conf/machine/t4160qds.conf
+++ b/conf/machine/t4160qds.conf
@@ -6,7 +6,7 @@
require conf/machine/include/e6500.inc
-SOC_FAMILY = "t4160"
+SOC_FAMILY = "t4:t4160"
UBOOT_MACHINES ?= "T4160QDS"
KERNEL_DEVICETREE ?= "t4240qds.dtb t4240qds-usdpaa.dtb"
KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/85xx/e6500rev2_defconfig"
diff --git a/conf/machine/t4240qds-64b.conf b/conf/machine/t4240qds-64b.conf
index 510b813..5d1c12a 100644
--- a/conf/machine/t4240qds-64b.conf
+++ b/conf/machine/t4240qds-64b.conf
@@ -6,7 +6,7 @@
require conf/machine/include/e6500-64b.inc
-SOC_FAMILY = "t4240"
+SOC_FAMILY = "t4:t4240"
UBOOT_MACHINES ?= "T4240QDS"
KERNEL_DEVICETREE ?= "t4240qds.dtb t4240qds-usdpaa.dtb"
KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/85xx/e6500rev2_defconfig"
diff --git a/conf/machine/t4240qds.conf b/conf/machine/t4240qds.conf
index 58e5200..06673fa 100644
--- a/conf/machine/t4240qds.conf
+++ b/conf/machine/t4240qds.conf
@@ -6,7 +6,7 @@
require conf/machine/include/e6500.inc
-SOC_FAMILY = "t4240"
+SOC_FAMILY = "t4:t4240"
UBOOT_MACHINES ?= "T4240QDS"
KERNEL_DEVICETREE ?= "t4240qds.dtb t4240qds-usdpaa.dtb"
KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/85xx/e6500rev2_defconfig"
diff --git a/conf/machine/t4240rdb-64b.conf b/conf/machine/t4240rdb-64b.conf
index ea45895..0974066 100644
--- a/conf/machine/t4240rdb-64b.conf
+++ b/conf/machine/t4240rdb-64b.conf
@@ -6,7 +6,7 @@
require conf/machine/include/e6500-64b.inc
-SOC_FAMILY = "t4240"
+SOC_FAMILY = "t4:t4240"
UBOOT_MACHINES ?= "T4240RDB"
KERNEL_DEVICETREE ?= "t4240rdb.dtb t4240rdb-usdpaa.dtb t4240rdb-usdpaa-shared-interfaces.dtb"
KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/85xx/e6500rev2_defconfig"
diff --git a/conf/machine/t4240rdb.conf b/conf/machine/t4240rdb.conf
index ec9c5bb..e4c31f9 100644
--- a/conf/machine/t4240rdb.conf
+++ b/conf/machine/t4240rdb.conf
@@ -6,7 +6,7 @@
require conf/machine/include/e6500.inc
-SOC_FAMILY = "t4240"
+SOC_FAMILY = "t4:t4240"
UBOOT_MACHINES ?= "T4240RDB"
KERNEL_DEVICETREE ?= "t4240rdb.dtb t4240rdb-usdpaa.dtb t4240rdb-usdpaa-shared-interfaces.dtb"
KERNEL_DEFCONFIG ?= "${S}/arch/powerpc/configs/85xx/e6500rev2_defconfig"
--
1.7.3.4
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [meta-fsl-ppc][PATCH 3/6] fmlib: use SOC_FAMILY as override
2014-07-24 7:48 [meta-fsl-ppc][PATCH 1/6] add cs4315-firmware license file Cortina ting.liu
2014-07-24 7:48 ` [meta-fsl-ppc][PATCH 2/6] add more generic SOC_FAMILY name t1/t2/t4/b4 ting.liu
@ 2014-07-24 7:48 ` ting.liu
2014-07-24 7:48 ` [meta-fsl-ppc][PATCH 5/6] libvirt: add bbappend for qoriq-ppc customizations ting.liu
2014-07-24 7:48 ` [meta-fsl-ppc][PATCH 6/6] ipsec-demo (scripts and configuration files) add recipe ting.liu
3 siblings, 0 replies; 5+ messages in thread
From: ting.liu @ 2014-07-24 7:48 UTC (permalink / raw)
To: meta-freescale
From: Ting Liu <b28495@freescale.com>
Signed-off-by: Ting Liu <b28495@freescale.com>
---
recipes-dpaa/fmlib/fmlib_git.bb | 8 +++-----
1 files changed, 3 insertions(+), 5 deletions(-)
diff --git a/recipes-dpaa/fmlib/fmlib_git.bb b/recipes-dpaa/fmlib/fmlib_git.bb
index d59d6ac..04b94a3 100644
--- a/recipes-dpaa/fmlib/fmlib_git.bb
+++ b/recipes-dpaa/fmlib/fmlib_git.bb
@@ -22,12 +22,10 @@ COMPATIBLE_HOST ?= "(none)"
EXTRA_OEMAKE = "DESTDIR=${D} PREFIX=${prefix} LIB_DEST_DIR=${libdir} \
CROSS_COMPILE=${TARGET_PREFIX} KERNEL_SRC=${STAGING_KERNEL_DIR}"
+COMPILE_TARGET = "libfm-${TARGET_ARCH_FMLIB}.a"
+COMPILE_TARGET_t1 = "libfm-${TARGET_ARCH_FMLIB}-fmv3.a"
do_compile () {
- if [ "t1040" = "${SOC_FAMILY}" -o "t1042" = "${SOC_FAMILY}" ];then
- oe_runmake libfm-${TARGET_ARCH_FMLIB}-fmv3.a
- else
- oe_runmake libfm-${TARGET_ARCH_FMLIB}.a
- fi
+ oe_runmake ${COMPILE_TARGET}
}
do_compile_virtclass-native () {
--
1.7.3.4
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [meta-fsl-ppc][PATCH 5/6] libvirt: add bbappend for qoriq-ppc customizations
2014-07-24 7:48 [meta-fsl-ppc][PATCH 1/6] add cs4315-firmware license file Cortina ting.liu
2014-07-24 7:48 ` [meta-fsl-ppc][PATCH 2/6] add more generic SOC_FAMILY name t1/t2/t4/b4 ting.liu
2014-07-24 7:48 ` [meta-fsl-ppc][PATCH 3/6] fmlib: use SOC_FAMILY as override ting.liu
@ 2014-07-24 7:48 ` ting.liu
2014-07-24 7:48 ` [meta-fsl-ppc][PATCH 6/6] ipsec-demo (scripts and configuration files) add recipe ting.liu
3 siblings, 0 replies; 5+ messages in thread
From: ting.liu @ 2014-07-24 7:48 UTC (permalink / raw)
To: meta-freescale
From: Ting Liu <b28495@freescale.com>
* add customized qemu.conf to enable cgroup device and add /dev/net/tun
device as cgroup
* add customized PKGCONFIG as not all features supported on ppc boards.
Signed-off-by: Ting Liu <b28495@freescale.com>
---
.../libvirt/libvirt/qoriq-ppc/qemu.conf | 465 ++++++++++++++++++++
recipes-virtualization/libvirt/libvirt_%.bbappend | 9 +
2 files changed, 474 insertions(+), 0 deletions(-)
create mode 100644 recipes-virtualization/libvirt/libvirt/qoriq-ppc/qemu.conf
create mode 100644 recipes-virtualization/libvirt/libvirt_%.bbappend
diff --git a/recipes-virtualization/libvirt/libvirt/qoriq-ppc/qemu.conf b/recipes-virtualization/libvirt/libvirt/qoriq-ppc/qemu.conf
new file mode 100644
index 0000000..cc22fa1
--- /dev/null
+++ b/recipes-virtualization/libvirt/libvirt/qoriq-ppc/qemu.conf
@@ -0,0 +1,465 @@
+# Master configuration file for the QEMU driver.
+# All settings described here are optional - if omitted, sensible
+# defaults are used.
+
+# VNC is configured to listen on 127.0.0.1 by default.
+# To make it listen on all public interfaces, uncomment
+# this next option.
+#
+# NB, strong recommendation to enable TLS + x509 certificate
+# verification when allowing public access
+#
+#vnc_listen = "0.0.0.0"
+
+# Enable this option to have VNC served over an automatically created
+# unix socket. This prevents unprivileged access from users on the
+# host machine, though most VNC clients do not support it.
+#
+# This will only be enabled for VNC configurations that do not have
+# a hardcoded 'listen' or 'socket' value. This setting takes preference
+# over vnc_listen.
+#
+#vnc_auto_unix_socket = 1
+
+# Enable use of TLS encryption on the VNC server. This requires
+# a VNC client which supports the VeNCrypt protocol extension.
+# Examples include vinagre, virt-viewer, virt-manager and vencrypt
+# itself. UltraVNC, RealVNC, TightVNC do not support this
+#
+# It is necessary to setup CA and issue a server certificate
+# before enabling this.
+#
+#vnc_tls = 1
+
+
+# Use of TLS requires that x509 certificates be issued. The
+# default it to keep them in /etc/pki/libvirt-vnc. This directory
+# must contain
+#
+# ca-cert.pem - the CA master certificate
+# server-cert.pem - the server certificate signed with ca-cert.pem
+# server-key.pem - the server private key
+#
+# This option allows the certificate directory to be changed
+#
+#vnc_tls_x509_cert_dir = "/etc/pki/libvirt-vnc"
+
+
+# The default TLS configuration only uses certificates for the server
+# allowing the client to verify the server's identity and establish
+# an encrypted channel.
+#
+# It is possible to use x509 certificates for authentication too, by
+# issuing a x509 certificate to every client who needs to connect.
+#
+# Enabling this option will reject any client who does not have a
+# certificate signed by the CA in /etc/pki/libvirt-vnc/ca-cert.pem
+#
+#vnc_tls_x509_verify = 1
+
+
+# The default VNC password. Only 8 letters are significant for
+# VNC passwords. This parameter is only used if the per-domain
+# XML config does not already provide a password. To allow
+# access without passwords, leave this commented out. An empty
+# string will still enable passwords, but be rejected by QEMU,
+# effectively preventing any use of VNC. Obviously change this
+# example here before you set this.
+#
+#vnc_password = "XYZ12345"
+
+
+# Enable use of SASL encryption on the VNC server. This requires
+# a VNC client which supports the SASL protocol extension.
+# Examples include vinagre, virt-viewer and virt-manager
+# itself. UltraVNC, RealVNC, TightVNC do not support this
+#
+# It is necessary to configure /etc/sasl2/qemu.conf to choose
+# the desired SASL plugin (eg, GSSPI for Kerberos)
+#
+#vnc_sasl = 1
+
+
+# The default SASL configuration file is located in /etc/sasl2/
+# When running libvirtd unprivileged, it may be desirable to
+# override the configs in this location. Set this parameter to
+# point to the directory, and create a qemu.conf in that location
+#
+#vnc_sasl_dir = "/some/directory/sasl2"
+
+
+# QEMU implements an extension for providing audio over a VNC connection,
+# though if your VNC client does not support it, your only chance for getting
+# sound output is through regular audio backends. By default, libvirt will
+# disable all QEMU sound backends if using VNC, since they can cause
+# permissions issues. Enabling this option will make libvirtd honor the
+# QEMU_AUDIO_DRV environment variable when using VNC.
+#
+#vnc_allow_host_audio = 0
+
+
+
+# SPICE is configured to listen on 127.0.0.1 by default.
+# To make it listen on all public interfaces, uncomment
+# this next option.
+#
+# NB, strong recommendation to enable TLS + x509 certificate
+# verification when allowing public access
+#
+#spice_listen = "0.0.0.0"
+
+
+# Enable use of TLS encryption on the SPICE server.
+#
+# It is necessary to setup CA and issue a server certificate
+# before enabling this.
+#
+#spice_tls = 1
+
+
+# Use of TLS requires that x509 certificates be issued. The
+# default it to keep them in /etc/pki/libvirt-spice. This directory
+# must contain
+#
+# ca-cert.pem - the CA master certificate
+# server-cert.pem - the server certificate signed with ca-cert.pem
+# server-key.pem - the server private key
+#
+# This option allows the certificate directory to be changed.
+#
+#spice_tls_x509_cert_dir = "/etc/pki/libvirt-spice"
+
+
+# The default SPICE password. This parameter is only used if the
+# per-domain XML config does not already provide a password. To
+# allow access without passwords, leave this commented out. An
+# empty string will still enable passwords, but be rejected by
+# QEMU, effectively preventing any use of SPICE. Obviously change
+# this example here before you set this.
+#
+#spice_password = "XYZ12345"
+
+
+# Enable use of SASL encryption on the SPICE server. This requires
+# a SPICE client which supports the SASL protocol extension.
+#
+# It is necessary to configure /etc/sasl2/qemu.conf to choose
+# the desired SASL plugin (eg, GSSPI for Kerberos)
+#
+#spice_sasl = 1
+
+# The default SASL configuration file is located in /etc/sasl2/
+# When running libvirtd unprivileged, it may be desirable to
+# override the configs in this location. Set this parameter to
+# point to the directory, and create a qemu.conf in that location
+#
+#spice_sasl_dir = "/some/directory/sasl2"
+
+
+# By default, if no graphical front end is configured, libvirt will disable
+# QEMU audio output since directly talking to alsa/pulseaudio may not work
+# with various security settings. If you know what you're doing, enable
+# the setting below and libvirt will passthrough the QEMU_AUDIO_DRV
+# environment variable when using nographics.
+#
+#nographics_allow_host_audio = 1
+
+
+# Override the port for creating both VNC and SPICE sessions (min).
+# This defaults to 5900 and increases for consecutive sessions
+# or when ports are occupied, until it hits the maximum.
+#
+# Minimum must be greater than or equal to 5900 as lower number would
+# result into negative vnc display number.
+#
+# Maximum must be less than 65536, because higher numbers do not make
+# sense as a port number.
+#
+#remote_display_port_min = 5900
+#remote_display_port_max = 65535
+
+# VNC WebSocket port policies, same rules apply as with remote display
+# ports. VNC WebSockets use similar display <-> port mappings, with
+# the exception being that ports starts from 5700 instead of 5900.
+#
+#remote_websocket_port_min = 5700
+#remote_websocket_port_max = 65535
+
+# The default security driver is SELinux. If SELinux is disabled
+# on the host, then the security driver will automatically disable
+# itself. If you wish to disable QEMU SELinux security driver while
+# leaving SELinux enabled for the host in general, then set this
+# to 'none' instead. It's also possible to use more than one security
+# driver at the same time, for this use a list of names separated by
+# comma and delimited by square brackets. For example:
+#
+# security_driver = [ "selinux", "apparmor" ]
+#
+# Notes: The DAC security driver is always enabled; as a result, the
+# value of security_driver cannot contain "dac". The value "none" is
+# a special value; security_driver can be set to that value in
+# isolation, but it cannot appear in a list of drivers.
+#
+#security_driver = "selinux"
+
+# If set to non-zero, then the default security labeling
+# will make guests confined. If set to zero, then guests
+# will be unconfined by default. Defaults to 1.
+#security_default_confined = 1
+
+# If set to non-zero, then attempts to create unconfined
+# guests will be blocked. Defaults to 0.
+#security_require_confined = 1
+
+# The user for QEMU processes run by the system instance. It can be
+# specified as a user name or as a user id. The qemu driver will try to
+# parse this value first as a name and then, if the name doesn't exist,
+# as a user id.
+#
+# Since a sequence of digits is a valid user name, a leading plus sign
+# can be used to ensure that a user id will not be interpreted as a user
+# name.
+#
+# Some examples of valid values are:
+#
+# user = "qemu" # A user named "qemu"
+# user = "+0" # Super user (uid=0)
+# user = "100" # A user named "100" or a user with uid=100
+#
+#user = "root"
+
+# The group for QEMU processes run by the system instance. It can be
+# specified in a similar way to user.
+#group = "root"
+
+# Whether libvirt should dynamically change file ownership
+# to match the configured user/group above. Defaults to 1.
+# Set to 0 to disable file ownership changes.
+#dynamic_ownership = 1
+
+
+# What cgroup controllers to make use of with QEMU guests
+#
+# - 'cpu' - use for schedular tunables
+# - 'devices' - use for device whitelisting
+# - 'memory' - use for memory tunables
+# - 'blkio' - use for block devices I/O tunables
+# - 'cpuset' - use for CPUs and memory nodes
+# - 'cpuacct' - use for CPUs statistics.
+#
+# NB, even if configured here, they won't be used unless
+# the administrator has mounted cgroups, e.g.:
+#
+# mkdir /dev/cgroup
+# mount -t cgroup -o devices,cpu,memory,blkio,cpuset none /dev/cgroup
+#
+# They can be mounted anywhere, and different controllers
+# can be mounted in different locations. libvirt will detect
+# where they are located.
+#
+#cgroup_controllers = [ "cpu", "devices", "memory", "blkio", "cpuset", "cpuacct" ]
+
+# This is the basic set of devices allowed / required by
+# all virtual machines.
+#
+# As well as this, any configured block backed disks,
+# all sound device, and all PTY devices are allowed.
+#
+# This will only need setting if newer QEMU suddenly
+# wants some device we don't already know about.
+#
+cgroup_device_acl = [
+ "/dev/null", "/dev/full", "/dev/zero",
+ "/dev/random", "/dev/urandom",
+ "/dev/ptmx", "/dev/kvm", "/dev/kqemu",
+ "/dev/rtc", "/dev/hpet", "/dev/vfio/vfio", "/dev/net/tun"
+]
+
+
+# The default format for Qemu/KVM guest save images is raw; that is, the
+# memory from the domain is dumped out directly to a file. If you have
+# guests with a large amount of memory, however, this can take up quite
+# a bit of space. If you would like to compress the images while they
+# are being saved to disk, you can also set "lzop", "gzip", "bzip2", or "xz"
+# for save_image_format. Note that this means you slow down the process of
+# saving a domain in order to save disk space; the list above is in descending
+# order by performance and ascending order by compression ratio.
+#
+# save_image_format is used when you use 'virsh save' or 'virsh managedsave'
+# at scheduled saving, and it is an error if the specified save_image_format
+# is not valid, or the requested compression program can't be found.
+#
+# dump_image_format is used when you use 'virsh dump' at emergency
+# crashdump, and if the specified dump_image_format is not valid, or
+# the requested compression program can't be found, this falls
+# back to "raw" compression.
+#
+# snapshot_image_format specifies the compression algorithm of the memory save
+# image when an external snapshot of a domain is taken. This does not apply
+# on disk image format. It is an error if the specified format isn't valid,
+# or the requested compression program can't be found.
+#
+#save_image_format = "raw"
+#dump_image_format = "raw"
+#snapshot_image_format = "raw"
+
+# When a domain is configured to be auto-dumped when libvirtd receives a
+# watchdog event from qemu guest, libvirtd will save dump files in directory
+# specified by auto_dump_path. Default value is /var/lib/libvirt/qemu/dump
+#
+#auto_dump_path = "/var/lib/libvirt/qemu/dump"
+
+# When a domain is configured to be auto-dumped, enabling this flag
+# has the same effect as using the VIR_DUMP_BYPASS_CACHE flag with the
+# virDomainCoreDump API. That is, the system will avoid using the
+# file system cache while writing the dump file, but may cause
+# slower operation.
+#
+#auto_dump_bypass_cache = 0
+
+# When a domain is configured to be auto-started, enabling this flag
+# has the same effect as using the VIR_DOMAIN_START_BYPASS_CACHE flag
+# with the virDomainCreateWithFlags API. That is, the system will
+# avoid using the file system cache when restoring any managed state
+# file, but may cause slower operation.
+#
+#auto_start_bypass_cache = 0
+
+# If provided by the host and a hugetlbfs mount point is configured,
+# a guest may request huge page backing. When this mount point is
+# unspecified here, determination of a host mount point in /proc/mounts
+# will be attempted. Specifying an explicit mount overrides detection
+# of the same in /proc/mounts. Setting the mount point to "" will
+# disable guest hugepage backing.
+#
+# NB, within this mount point, guests will create memory backing files
+# in a location of $MOUNTPOINT/libvirt/qemu
+#
+#hugetlbfs_mount = "/dev/hugepages"
+
+
+# Path to the setuid helper for creating tap devices. This executable
+# is used to create <source type='bridge'> interfaces when libvirtd is
+# running unprivileged. libvirt invokes the helper directly, instead
+# of using "-netdev bridge", for security reasons.
+#bridge_helper = "/usr/libexec/qemu-bridge-helper"
+
+
+
+# If clear_emulator_capabilities is enabled, libvirt will drop all
+# privileged capabilities of the QEmu/KVM emulator. This is enabled by
+# default.
+#
+# Warning: Disabling this option means that a compromised guest can
+# exploit the privileges and possibly do damage to the host.
+#
+#clear_emulator_capabilities = 1
+
+
+# If enabled, libvirt will have QEMU set its process name to
+# "qemu:VM_NAME", where VM_NAME is the name of the VM. The QEMU
+# process will appear as "qemu:VM_NAME" in process listings and
+# other system monitoring tools. By default, QEMU does not set
+# its process title, so the complete QEMU command (emulator and
+# its arguments) appear in process listings.
+#
+#set_process_name = 1
+
+
+# If max_processes is set to a positive integer, libvirt will use
+# it to set the maximum number of processes that can be run by qemu
+# user. This can be used to override default value set by host OS.
+# The same applies to max_files which sets the limit on the maximum
+# number of opened files.
+#
+#max_processes = 0
+#max_files = 0
+
+
+
+# mac_filter enables MAC addressed based filtering on bridge ports.
+# This currently requires ebtables to be installed.
+#
+#mac_filter = 1
+
+
+# By default, PCI devices below non-ACS switch are not allowed to be assigned
+# to guests. By setting relaxed_acs_check to 1 such devices will be allowed to
+# be assigned to guests.
+#
+#relaxed_acs_check = 1
+
+
+# If allow_disk_format_probing is enabled, libvirt will probe disk
+# images to attempt to identify their format, when not otherwise
+# specified in the XML. This is disabled by default.
+#
+# WARNING: Enabling probing is a security hole in almost all
+# deployments. It is strongly recommended that users update their
+# guest XML <disk> elements to include <driver type='XXXX'/>
+# elements instead of enabling this option.
+#
+#allow_disk_format_probing = 1
+
+
+# To enable 'Sanlock' project based locking of the file
+# content (to prevent two VMs writing to the same
+# disk), uncomment this
+#
+#lock_manager = "sanlock"
+
+
+
+# Set limit of maximum APIs queued on one domain. All other APIs
+# over this threshold will fail on acquiring job lock. Specially,
+# setting to zero turns this feature off.
+# Note, that job lock is per domain.
+#
+#max_queued = 0
+
+###################################################################
+# Keepalive protocol:
+# This allows qemu driver to detect broken connections to remote
+# libvirtd during peer-to-peer migration. A keepalive message is
+# sent to the deamon after keepalive_interval seconds of inactivity
+# to check if the deamon is still responding; keepalive_count is a
+# maximum number of keepalive messages that are allowed to be sent
+# to the deamon without getting any response before the connection
+# is considered broken. In other words, the connection is
+# automatically closed approximately after
+# keepalive_interval * (keepalive_count + 1) seconds since the last
+# message received from the deamon. If keepalive_interval is set to
+# -1, qemu driver will not send keepalive requests during
+# peer-to-peer migration; however, the remote libvirtd can still
+# send them and source libvirtd will send responses. When
+# keepalive_count is set to 0, connections will be automatically
+# closed after keepalive_interval seconds of inactivity without
+# sending any keepalive messages.
+#
+#keepalive_interval = 5
+#keepalive_count = 5
+
+
+
+# Use seccomp syscall whitelisting in QEMU.
+# 1 = on, 0 = off, -1 = use QEMU default
+# Defaults to -1.
+#
+#seccomp_sandbox = 1
+
+
+
+# Override the listen address for all incoming migrations. Defaults to
+# 0.0.0.0 or :: in case if both host and qemu are capable of IPv6.
+#migration_address = "127.0.0.1"
+
+
+# Override the port range used for incoming migrations.
+#
+# Minimum must be greater than 0, however when QEMU is not running as root,
+# setting the minimum to be lower than 1024 will not work.
+#
+# Maximum must not be greater than 65535.
+#
+#migration_port_min = 49152
+#migration_port_max = 49215
diff --git a/recipes-virtualization/libvirt/libvirt_%.bbappend b/recipes-virtualization/libvirt/libvirt_%.bbappend
new file mode 100644
index 0000000..c7e6d32
--- /dev/null
+++ b/recipes-virtualization/libvirt/libvirt_%.bbappend
@@ -0,0 +1,9 @@
+PACKAGECONFIG_qoriq-ppc = "qemu yajl lxc test remote macvtap libvirtd netcf udev python"
+
+FILESEXTRAPATHS_prepend := "${THISDIR}/${BPN}:"
+SRC_URI_append_qoriq-ppc = " file://qemu.conf"
+
+do_install_append_qoriq-ppc() {
+ install -m 0644 ${WORKDIR}/qemu.conf ${D}${sysconfdir}/libvirt/qemu.conf
+}
+
--
1.7.3.4
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [meta-fsl-ppc][PATCH 6/6] ipsec-demo (scripts and configuration files) add recipe
2014-07-24 7:48 [meta-fsl-ppc][PATCH 1/6] add cs4315-firmware license file Cortina ting.liu
` (2 preceding siblings ...)
2014-07-24 7:48 ` [meta-fsl-ppc][PATCH 5/6] libvirt: add bbappend for qoriq-ppc customizations ting.liu
@ 2014-07-24 7:48 ` ting.liu
3 siblings, 0 replies; 5+ messages in thread
From: ting.liu @ 2014-07-24 7:48 UTC (permalink / raw)
To: meta-freescale
From: Ting Liu <b28495@freescale.com>
There are some ipsec demo scripts and configuration files for qoriq
boards. add a recipe to hold them.
Signed-off-by: Ting Liu <b28495@freescale.com>
---
.../ipsec-demo/ipsec-demo/test_setkey/README | 77 ++++++++++++++++++++
.../test_setkey/auto_left.conf-3des-sha1-tunnel | 32 ++++++++
.../test_setkey/auto_right.conf-3des-sha1-tunnel | 31 ++++++++
.../ipsec-demo/ipsec-demo/test_setkey/flush-setkey | 4 +
.../ipsec-demo/test_setkey/ipsec.conf.left | 29 ++++++++
.../ipsec-demo/test_setkey/ipsec.conf.right | 28 +++++++
.../ipsec-demo/test_setkey/ipsec.secrets.left | 3 +
.../ipsec-demo/test_setkey/ipsec.secrets.right | 8 ++
.../ipsec-demo/test_setkey/ipsec_ikev1.conf.left | 39 ++++++++++
.../ipsec-demo/test_setkey/ipsec_ikev1.conf.right | 34 +++++++++
.../test_setkey/left.conf-3des-md5-transport | 23 ++++++
.../test_setkey/left.conf-3des-md5-tunnel | 42 +++++++++++
.../test_setkey/left.conf-3des-sha1-transport | 22 ++++++
.../test_setkey/left.conf-3des-sha1-tunnel | 42 +++++++++++
.../test_setkey/left.conf-3des-sha256-transport | 23 ++++++
.../test_setkey/left.conf-3des-sha256-tunnel | 42 +++++++++++
.../test_setkey/left.conf-aes-md5-transport | 23 ++++++
.../test_setkey/left.conf-aes-md5-tunnel | 42 +++++++++++
.../test_setkey/left.conf-aes-sha1-transport | 22 ++++++
.../test_setkey/left.conf-aes-sha1-tunnel | 42 +++++++++++
.../test_setkey/left.conf-aes-sha256-transport | 23 ++++++
.../test_setkey/left.conf-aes-sha256-tunnel | 42 +++++++++++
.../test_setkey/left.conf-null-null-transport | 23 ++++++
.../test_setkey/left.conf-null-null-tunnel | 42 +++++++++++
.../ipsec-demo/ipsec-demo/test_setkey/left.ipv4 | 2 +
.../ipsec-demo/ipsec-demo/test_setkey/moonCert.pem | 25 +++++++
.../ipsec-demo/ipsec-demo/test_setkey/moonKey.pem | 27 +++++++
.../ipsec-demo/ipsec-demo/test_setkey/pingsizes.sh | 19 +++++
.../ipsec-demo/test_setkey/pingsizest.sh | 19 +++++
.../ipsec-demo/ipsec-demo/test_setkey/psk.txt | 2 +
.../ipsec-demo/ipsec-demo/test_setkey/racoon.conf | 22 ++++++
.../test_setkey/right.conf-3des-md5-transport | 23 ++++++
.../test_setkey/right.conf-3des-md5-tunnel | 42 +++++++++++
.../test_setkey/right.conf-3des-sha1-transport | 22 ++++++
.../test_setkey/right.conf-3des-sha1-tunnel | 41 +++++++++++
.../test_setkey/right.conf-3des-sha256-transport | 23 ++++++
.../test_setkey/right.conf-3des-sha256-tunnel | 42 +++++++++++
.../test_setkey/right.conf-aes-md5-transport | 23 ++++++
.../test_setkey/right.conf-aes-md5-tunnel | 42 +++++++++++
.../test_setkey/right.conf-aes-sha1-transport | 22 ++++++
.../test_setkey/right.conf-aes-sha1-tunnel | 41 +++++++++++
.../test_setkey/right.conf-aes-sha256-transport | 23 ++++++
.../test_setkey/right.conf-aes-sha256-tunnel | 42 +++++++++++
.../test_setkey/right.conf-null-null-transport | 23 ++++++
.../test_setkey/right.conf-null-null-tunnel | 42 +++++++++++
.../ipsec-demo/ipsec-demo/test_setkey/right.ipv4 | 2 +
.../ipsec-demo/ipsec-demo/test_setkey/setup | 47 ++++++++++++
.../ipsec-demo/ipsec-demo/test_setkey/setup_left | 13 ++++
.../ipsec-demo/ipsec-demo/test_setkey/setup_right | 13 ++++
.../ipsec-demo/test_setkey/strongswan.conf | 19 +++++
.../ipsec-demo/test_setkey/strongswanCert.pem | 22 ++++++
.../ipsec-demo/test_setkey/strongswan_left | 10 +++
.../ipsec-demo/test_setkey/strongswan_right | 10 +++
.../ipsec-demo/ipsec-demo/test_setkey/sunCert.pem | 25 +++++++
.../ipsec-demo/ipsec-demo/test_setkey/sunKey.pem | 27 +++++++
recipes-connectivity/ipsec-demo/ipsec-demo_0.1.bb | 25 +++++++
56 files changed, 1518 insertions(+), 0 deletions(-)
create mode 100644 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/README
create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/auto_left.conf-3des-sha1-tunnel
create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/auto_right.conf-3des-sha1-tunnel
create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/flush-setkey
create mode 100644 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.conf.left
create mode 100644 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.conf.right
create mode 100644 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.secrets.left
create mode 100644 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.secrets.right
create mode 100644 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec_ikev1.conf.left
create mode 100644 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec_ikev1.conf.right
create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-md5-transport
create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-md5-tunnel
create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha1-transport
create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha1-tunnel
create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha256-transport
create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha256-tunnel
create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-md5-transport
create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-md5-tunnel
create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha1-transport
create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha1-tunnel
create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha256-transport
create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha256-tunnel
create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-null-null-transport
create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-null-null-tunnel
create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.ipv4
create mode 100644 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/moonCert.pem
create mode 100644 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/moonKey.pem
create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/pingsizes.sh
create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/pingsizest.sh
create mode 100644 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/psk.txt
create mode 100644 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/racoon.conf
create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-md5-transport
create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-md5-tunnel
create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha1-transport
create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha1-tunnel
create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha256-transport
create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha256-tunnel
create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-md5-transport
create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-md5-tunnel
create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha1-transport
create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha1-tunnel
create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha256-transport
create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha256-tunnel
create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-null-null-transport
create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-null-null-tunnel
create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.ipv4
create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/setup
create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/setup_left
create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/setup_right
create mode 100644 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswan.conf
create mode 100644 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswanCert.pem
create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswan_left
create mode 100755 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswan_right
create mode 100644 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/sunCert.pem
create mode 100644 recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/sunKey.pem
create mode 100644 recipes-connectivity/ipsec-demo/ipsec-demo_0.1.bb
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/README b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/README
new file mode 100644
index 0000000..9578982
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/README
@@ -0,0 +1,77 @@
+test_setkey script usage
+
+The scripts in this directory may be used for testing
+native Linux IPsec with the talitos driver as a loadable module.
+
+It's assumed that these scripts have been placed in the directory
+named /test_setkey.
+
+The scripts setup_left and setup_right configure the ip addresses
+for two boards named 'left' and 'right', which are two gateways for
+an IPsec tunnel. Connect the eth1 interfaces of left and right boards together.
+For smartbits testing, connect eth0 on each board to a smartbits port.
+For other testing (ping, netperf, iperf), connect eth0 on each board to another system.
+
+The scripts named left.conf-* and right.conf-* are setkey scripts
+which configure the IPsec SA and SPD entries.
+The scripts ending in -tunnel use tunnel mode IPsec, and the scripts
+ending in -transport used transport mode IPsec.
+Transport mode is useful for quickly testing security functionality
+using ping or netperf between two boards.
+Tunnel mode can be used for testing throughput using smartbits or other
+performance test equipment.
+
+There is a top level script called 'setup' which
+is used for a one-step setup on the left and right boards.
+'setup' uses two or three parameters. The first parameter is the side, left or right.
+The second parameter is the setkey suffix for the left.conf- and right.conf- files.
+If the third parameter is supplied, the setup will modprobe that name, so
+typically you should provide talitos as the third parameter if you want to load the driver.
+If you have built the talitos driver into the kernel, omit the third parameter to setup.
+You may test software encryption if talitos is built as a module and you omit the third parameter.
+
+Below are example uses of the 'setup' script.
+
+1) One-step setup for smartbits
+ Use a tunnel mode setup on each side.
+ AES-HMAC-SHA1:
+ Left side:
+ /test_setkey/setup left aes-sha1-tunnel talitos
+ Right side:
+ /test_setkey/setup right aes-sha1-tunnel talitos
+
+ 3DES-HMAC-SHA1:
+ Left side:
+ /test_setkey/setup left 3des-sha1-tunnel talitos
+ Right side:
+ /test_setkey/setup right 3des-sha1-tunnel talitos
+
+2) One-step setup for testing ping, netperf, or iperf between two boards.
+ Use a transport mode setup on each side.
+ AES-HMAC-SHA1:
+ Left side:
+ /test_setkey/setup left aes-sha1-transport talitos
+ Right side:
+ /test_setkey/setup right aes-sha1-transport talitos
+
+ 3DES-HMAC-SHA1:
+ Left side:
+ /test_setkey/setup left 3des-sha1-transport talitos
+ Right side:
+ /test_setkey/setup right 3des-sha1-transport talitos
+
+3) Testing ipv4
+ To test ipv4 (with no security) over the two gateways, use steps below.
+ Testing ipv4 is helpful to get your smartbits configuration verified
+ and also establish a baseline performance for throughput.
+
+ On the left board:
+ cd /test_setkey
+ ./setup_left
+ ./left.ipv4
+
+ On the right board:
+ cd /test_setkey
+ ./setup_right
+ ./right.ipv4
+
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/auto_left.conf-3des-sha1-tunnel b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/auto_left.conf-3des-sha1-tunnel
new file mode 100755
index 0000000..6bd6c5d
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/auto_left.conf-3des-sha1-tunnel
@@ -0,0 +1,32 @@
+#!/usr/sbin/setkey -f
+#
+#
+# Example ESP Tunnel for VPN.
+#
+# ========= ESP =========
+# | |
+# Network-A Gateway-A Gateway-B Network-B
+# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24
+#
+# ====== 83xx board A ====== ===== 83xx board B =====
+# | | | |
+# eth0 eth1 eth1 eth0
+# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130
+#
+#
+# Board A setup
+#
+# Flush the SAD and SPD
+flush;
+spdflush;
+
+# I am gateway A (eth0:192.168.1.130, eth1:200.200.200.10)
+#
+# Security policies
+spdadd 192.168.1.0/24 192.168.2.0/24 any -P out ipsec
+ esp/tunnel/200.200.200.10-200.200.200.20/require;
+
+spdadd 192.168.2.0/24 192.168.1.0/24 any -P in ipsec
+ esp/tunnel/200.200.200.20-200.200.200.10/require;
+
+
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/auto_right.conf-3des-sha1-tunnel b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/auto_right.conf-3des-sha1-tunnel
new file mode 100755
index 0000000..eebf307
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/auto_right.conf-3des-sha1-tunnel
@@ -0,0 +1,31 @@
+#!/usr/sbin/setkey -f
+#
+#
+# Example ESP Tunnel for VPN.
+#
+# ========= ESP =========
+# | |
+# Network-A Gateway-A Gateway-B Network-B
+# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24
+#
+# ====== 83xx board A ====== ===== 83xx board B =====
+# | | | |
+# eth0 eth1 eth1 eth0
+# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130
+#
+#
+# Board B setup
+# Flush the SAD and SPD
+flush;
+spdflush;
+
+# I am gateway B (eth0:192.168.2.130, eth1:200.200.200.20)
+#
+# Security policies
+
+spdadd 192.168.2.0/24 192.168.1.0/24 any -P out ipsec
+ esp/tunnel/200.200.200.20-200.200.200.10/require;
+
+spdadd 192.168.1.0/24 192.168.2.0/24 any -P in ipsec
+ esp/tunnel/200.200.200.10-200.200.200.20/require;
+
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/flush-setkey b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/flush-setkey
new file mode 100755
index 0000000..0be3056
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/flush-setkey
@@ -0,0 +1,4 @@
+#!/usr/sbin/setkey -f
+
+flush;
+spdflush;
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.conf.left b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.conf.left
new file mode 100644
index 0000000..d9d6c0c
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.conf.left
@@ -0,0 +1,29 @@
+# /etc/ipsec.conf - strongSwan IPsec configuration file
+
+config setup
+ charondebug="chd 2, knl 2"
+ crlcheckinterval=180
+ strictcrlpolicy=no
+ plutostart=no
+
+conn %default
+ ikelifetime=60m
+ keylife=20m
+ rekeymargin=3m
+ keyingtries=1
+ keyexchange=ikev2
+ type=tunnel
+ auth=esp
+ compress=no
+ mobike=no
+
+conn net-net
+ left=200.200.200.10
+ leftsubnet=192.168.1.0/24
+ leftcert=moonCert.pem
+ leftid="C=CH, O=Linux strongSwan, CN=moon.strongswan.org"
+ leftfirewall=yes
+ right=200.200.200.20
+ rightsubnet=192.168.2.0/24
+ rightid="C=CH, O=Linux strongSwan, CN=sun.strongswan.org"
+ auto=add
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.conf.right b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.conf.right
new file mode 100644
index 0000000..c14dee2
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.conf.right
@@ -0,0 +1,28 @@
+# /etc/ipsec.conf - strongSwan IPsec configuration file
+
+config setup
+ charondebug="chd 2, knl 2"
+ crlcheckinterval=180
+ strictcrlpolicy=no
+ plutostart=no
+
+conn %default
+ ikelifetime=60m
+ keylife=20m
+ rekeymargin=3m
+ keyingtries=1
+ keyexchange=ikev2
+ auth=esp
+ compress=no
+ mobike=no
+
+conn net-net
+ left=200.200.200.20
+ leftcert=sunCert.pem
+ leftid="C=CH, O=Linux strongSwan, CN=sun.strongswan.org"
+ leftsubnet=192.168.2.0/24
+ leftfirewall=yes
+ right=200.200.200.10
+ rightid="C=CH, O=Linux strongSwan, CN=moon.strongswan.org"
+ rightsubnet=192.168.1.0/24
+ auto=add
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.secrets.left b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.secrets.left
new file mode 100644
index 0000000..e86d6aa
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.secrets.left
@@ -0,0 +1,3 @@
+# /etc/ipsec.secrets - strongSwan IPsec secrets file
+
+: RSA moonKey.pem
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.secrets.right b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.secrets.right
new file mode 100644
index 0000000..1095b74
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec.secrets.right
@@ -0,0 +1,8 @@
+# /etc/ipsec.secrets - strongSwan IPsec secrets file
+
+: RSA sunKey.pem
+
+
+
+
+
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec_ikev1.conf.left b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec_ikev1.conf.left
new file mode 100644
index 0000000..55025db
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec_ikev1.conf.left
@@ -0,0 +1,39 @@
+# /etc/ipsec.conf - strongSwan IPsec configuration file
+
+config setup
+ plutodebug=control
+ crlcheckinterval=180
+ strictcrlpolicy=no
+ charonstart=no
+
+conn %default
+ ikelifetime=60m
+ keylife=20m
+ rekeymargin=3m
+ keyingtries=1
+ keyexchange=ikev1
+ left=200.200.200.10
+ leftcert=moonCert.pem
+ leftid="C=CH, O=Linux strongSwan, CN=moon.strongswan.org"
+ leftfirewall=yes
+
+conn net-net
+ left=%defaultroute
+ leftsubnet=192.168.1.0/24
+ leftcert=moonCert.pem
+ right=200.200.200.20
+ rightsubnet=192.168.2.0/24
+ rightid="C=CH, O=Linux strongSwan, CN=sun.strongswan.org"
+ auto=add
+
+conn host-host
+ left=%defaultroute
+ leftcert=moonCert.pem
+ right=200.200.200.20
+ rightid="C=CH, O=Linux strongSwan, CN=sun.strongswan.org"
+ auto=add
+
+conn rw
+ leftsubnet=192.168.1.0/24
+ right=%any
+ auto=add
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec_ikev1.conf.right b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec_ikev1.conf.right
new file mode 100644
index 0000000..479791e
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/ipsec_ikev1.conf.right
@@ -0,0 +1,34 @@
+# /etc/ipsec.conf - strongSwan IPsec configuration file
+
+config setup
+ plutodebug=control
+ crlcheckinterval=180
+ strictcrlpolicy=no
+ charonstart=no
+
+conn %default
+ ikelifetime=60m
+ keylife=20m
+ rekeymargin=3m
+ keyingtries=1
+ keyexchange=ikev1
+ left=200.200.200.20
+ leftcert=sunCert.pem
+ leftid="C=CH, O=Linux strongSwan, CN=sun.strongswan.org"
+ leftfirewall=yes
+
+conn net-net
+ left=%defaultroute
+ leftsubnet=192.168.2.0/24
+ leftcert=sunCert.pem
+ right=200.200.200.10
+ rightsubnet=192.168.1.0/24
+ rightid="C=CH, O=Linux strongSwan, CN=moon.strongswan.org"
+ auto=add
+
+conn host-host
+ left=%defaultroute
+ leftcert=sunCert.pem
+ right=200.200.200.10
+ rightid="C=CH, O=Linux strongSwan, CN=moon.strongswan.org"
+ auto=add
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-md5-transport b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-md5-transport
new file mode 100755
index 0000000..5422771
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-md5-transport
@@ -0,0 +1,23 @@
+#!/usr/sbin/setkey -f
+#I am 200.200.200.10
+
+flush;
+spdflush;
+
+# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity)
+# and hmac-md5 authentication using 128 bit long keys
+add 200.200.200.10 200.200.200.20 esp 0x10513
+ -E 3des-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831
+ -A hmac-md5 0xd5f603abc8cd9d19319ca32fb955b10f;
+
+add 200.200.200.20 200.200.200.10 esp 0x10514
+ -E 3des-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df
+ -A hmac-md5 0x1dd90b4c32dcbe9d37b555a23df5170e;
+
+
+spdadd 200.200.200.20 200.200.200.10 any -P in ipsec
+ esp/transport//require;
+
+spdadd 200.200.200.10 200.200.200.20 any -P out ipsec
+ esp/transport//require;
+
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-md5-tunnel b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-md5-tunnel
new file mode 100755
index 0000000..52bf9c3
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-md5-tunnel
@@ -0,0 +1,42 @@
+#!/usr/sbin/setkey -f
+#
+#
+# Example ESP Tunnel for VPN.
+#
+# ========= ESP =========
+# | |
+# Network-A Gateway-A Gateway-B Network-B
+# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24
+#
+# ====== 83xx board A ====== ===== 83xx board B =====
+# | | | |
+# eth0 eth1 eth1 eth0
+# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130
+#
+#
+# Board A setup
+#
+# Flush the SAD and SPD
+flush;
+spdflush;
+
+# I am gateway A (eth0:192.168.1.130, eth1:200.200.200.10)
+#
+# Security policies
+spdadd 192.168.1.0/24 192.168.2.0/24 any -P out ipsec
+ esp/tunnel/200.200.200.10-200.200.200.20/require;
+
+spdadd 192.168.2.0/24 192.168.1.0/24 any -P in ipsec
+ esp/tunnel/200.200.200.20-200.200.200.10/require;
+
+
+# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity)
+# and hmac-md5 authentication using 128 bit long keys
+add 200.200.200.10 200.200.200.20 esp 0x201 -m tunnel
+ -E 3des-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831
+ -A hmac-md5 0xd5f603abc8cd9d19319ca32fb955b10f;
+
+add 200.200.200.20 200.200.200.10 esp 0x301 -m tunnel
+ -E 3des-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df
+ -A hmac-md5 0x1dd90b4c32dcbe9d37b555a23df5170e;
+
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha1-transport b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha1-transport
new file mode 100755
index 0000000..e5ee005
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha1-transport
@@ -0,0 +1,22 @@
+#!/usr/sbin/setkey -f
+#I am 200.200.200.10
+
+flush;
+spdflush;
+
+# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity)
+# and hmac-sha1 authentication using 160 bit long keys
+add 200.200.200.10 200.200.200.20 esp 0x10513
+ -E 3des-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831
+ -A hmac-sha1 0xe9c43acd5e8d779b6e09c87347852708ab49bdd3;
+
+add 200.200.200.20 200.200.200.10 esp 0x10514
+ -E 3des-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df
+ -A hmac-sha1 0xea6856479330dc9c17b8f6c37e2a895363d83f21;
+
+spdadd 200.200.200.20 200.200.200.10 any -P in ipsec
+ esp/transport//require;
+
+spdadd 200.200.200.10 200.200.200.20 any -P out ipsec
+ esp/transport//require;
+
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha1-tunnel b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha1-tunnel
new file mode 100755
index 0000000..eb2881d
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha1-tunnel
@@ -0,0 +1,42 @@
+#!/usr/sbin/setkey -f
+#
+#
+# Example ESP Tunnel for VPN.
+#
+# ========= ESP =========
+# | |
+# Network-A Gateway-A Gateway-B Network-B
+# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24
+#
+# ====== 83xx board A ====== ===== 83xx board B =====
+# | | | |
+# eth0 eth1 eth1 eth0
+# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130
+#
+#
+# Board A setup
+#
+# Flush the SAD and SPD
+flush;
+spdflush;
+
+# I am gateway A (eth0:192.168.1.130, eth1:200.200.200.10)
+#
+# Security policies
+spdadd 192.168.1.0/24 192.168.2.0/24 any -P out ipsec
+ esp/tunnel/200.200.200.10-200.200.200.20/require;
+
+spdadd 192.168.2.0/24 192.168.1.0/24 any -P in ipsec
+ esp/tunnel/200.200.200.20-200.200.200.10/require;
+
+
+# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity)
+# and hmac-sha1 authentication using 160 bit long keys
+add 200.200.200.10 200.200.200.20 esp 0x201 -m tunnel
+ -E 3des-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831
+ -A hmac-sha1 0xe9c43acd5e8d779b6e09c87347852708ab49bdd3;
+
+add 200.200.200.20 200.200.200.10 esp 0x301 -m tunnel
+ -E 3des-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df
+ -A hmac-sha1 0xea6856479330dc9c17b8f6c37e2a895363d83f21;
+
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha256-transport b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha256-transport
new file mode 100755
index 0000000..b528632
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha256-transport
@@ -0,0 +1,23 @@
+#!/usr/sbin/setkey -f
+#I am 200.200.200.10
+
+flush;
+spdflush;
+
+# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity)
+# and hmac-sha2-256 authentication using 256 bit long keys
+add 200.200.200.10 200.200.200.20 esp 0x10513
+ -E 3des-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831
+ -A hmac-sha2-256 0x4de03bebf6beb4fdef5a67d349a09580466cc4e54503333b2a5fd34538c91198;
+
+add 200.200.200.20 200.200.200.10 esp 0x10514
+ -E 3des-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df
+ -A hmac-sha2-256 0x5e01eb780b7ecc074ca2ca4fa4a5ea2ff841c977da0ce61c49d1fe767ea5452c;
+
+
+spdadd 200.200.200.20 200.200.200.10 any -P in ipsec
+ esp/transport//require;
+
+spdadd 200.200.200.10 200.200.200.20 any -P out ipsec
+ esp/transport//require;
+
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha256-tunnel b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha256-tunnel
new file mode 100755
index 0000000..e7726f0
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-3des-sha256-tunnel
@@ -0,0 +1,42 @@
+#!/usr/sbin/setkey -f
+#
+#
+# Example ESP Tunnel for VPN.
+#
+# ========= ESP =========
+# | |
+# Network-A Gateway-A Gateway-B Network-B
+# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24
+#
+# ====== 83xx board A ====== ===== 83xx board B =====
+# | | | |
+# eth0 eth1 eth1 eth0
+# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130
+#
+#
+# Board A setup
+#
+# Flush the SAD and SPD
+flush;
+spdflush;
+
+# I am gateway A (eth0:192.168.1.130, eth1:200.200.200.10)
+#
+# Security policies
+spdadd 192.168.1.0/24 192.168.2.0/24 any -P out ipsec
+ esp/tunnel/200.200.200.10-200.200.200.20/require;
+
+spdadd 192.168.2.0/24 192.168.1.0/24 any -P in ipsec
+ esp/tunnel/200.200.200.20-200.200.200.10/require;
+
+
+# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity)
+# and hmac-sha2-256 authentication using 256 bit long keys
+add 200.200.200.10 200.200.200.20 esp 0x10513 -m tunnel
+ -E 3des-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831
+ -A hmac-sha2-256 0x4de03bebf6beb4fdef5a67d349a09580466cc4e54503333b2a5fd34538c91198;
+
+add 200.200.200.20 200.200.200.10 esp 0x10514 -m tunnel
+ -E 3des-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df
+ -A hmac-sha2-256 0x5e01eb780b7ecc074ca2ca4fa4a5ea2ff841c977da0ce61c49d1fe767ea5452c;
+
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-md5-transport b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-md5-transport
new file mode 100755
index 0000000..96f5783
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-md5-transport
@@ -0,0 +1,23 @@
+#!/usr/sbin/setkey -f
+#I am 200.200.200.10
+
+flush;
+spdflush;
+
+# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity)
+# and hmac-md5 authentication using 128 bit long keys
+add 200.200.200.10 200.200.200.20 esp 0x10513
+ -E aes-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831
+ -A hmac-md5 0xd5f603abc8cd9d19319ca32fb955b10f;
+
+add 200.200.200.20 200.200.200.10 esp 0x10514
+ -E aes-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df
+ -A hmac-md5 0x1dd90b4c32dcbe9d37b555a23df5170e;
+
+
+spdadd 200.200.200.20 200.200.200.10 any -P in ipsec
+ esp/transport//require;
+
+spdadd 200.200.200.10 200.200.200.20 any -P out ipsec
+ esp/transport//require;
+
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-md5-tunnel b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-md5-tunnel
new file mode 100755
index 0000000..b2cf84b
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-md5-tunnel
@@ -0,0 +1,42 @@
+#!/usr/sbin/setkey -f
+#
+#
+# Example ESP Tunnel for VPN.
+#
+# ========= ESP =========
+# | |
+# Network-A Gateway-A Gateway-B Network-B
+# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24
+#
+# ====== 83xx board A ====== ===== 83xx board B =====
+# | | | |
+# eth0 eth1 eth1 eth0
+# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130
+#
+#
+# Board A setup
+#
+# Flush the SAD and SPD
+flush;
+spdflush;
+
+# I am gateway A (eth0:192.168.1.130, eth1:200.200.200.10)
+#
+# Security policies
+spdadd 192.168.1.0/24 192.168.2.0/24 any -P out ipsec
+ esp/tunnel/200.200.200.10-200.200.200.20/require;
+
+spdadd 192.168.2.0/24 192.168.1.0/24 any -P in ipsec
+ esp/tunnel/200.200.200.20-200.200.200.10/require;
+
+
+# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity)
+# and hmac-md5 authentication using 128 bit long keys
+add 200.200.200.10 200.200.200.20 esp 0x201 -m tunnel
+ -E aes-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831
+ -A hmac-md5 0xd5f603abc8cd9d19319ca32fb955b10f;
+
+add 200.200.200.20 200.200.200.10 esp 0x301 -m tunnel
+ -E aes-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df
+ -A hmac-md5 0x1dd90b4c32dcbe9d37b555a23df5170e;
+
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha1-transport b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha1-transport
new file mode 100755
index 0000000..f3ffaf5
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha1-transport
@@ -0,0 +1,22 @@
+#!/usr/sbin/setkey -f
+#I am 200.200.200.10
+
+flush;
+spdflush;
+
+# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity)
+# and hmac-sha1 authentication using 160 bit long keys
+add 200.200.200.10 200.200.200.20 esp 0x10513
+ -E aes-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831
+ -A hmac-sha1 0xe9c43acd5e8d779b6e09c87347852708ab49bdd3;
+
+add 200.200.200.20 200.200.200.10 esp 0x10514
+ -E aes-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df
+ -A hmac-sha1 0xea6856479330dc9c17b8f6c37e2a895363d83f21;
+
+spdadd 200.200.200.20 200.200.200.10 any -P in ipsec
+ esp/transport//require;
+
+spdadd 200.200.200.10 200.200.200.20 any -P out ipsec
+ esp/transport//require;
+
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha1-tunnel b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha1-tunnel
new file mode 100755
index 0000000..1ab7874
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha1-tunnel
@@ -0,0 +1,42 @@
+#!/usr/sbin/setkey -f
+#
+#
+# Example ESP Tunnel for VPN.
+#
+# ========= ESP =========
+# | |
+# Network-A Gateway-A Gateway-B Network-B
+# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24
+#
+# ====== 83xx board A ====== ===== 83xx board B =====
+# | | | |
+# eth0 eth1 eth1 eth0
+# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130
+#
+#
+# Board A setup
+#
+# Flush the SAD and SPD
+flush;
+spdflush;
+
+# I am gateway A (eth0:192.168.1.130, eth1:200.200.200.10)
+#
+# Security policies
+spdadd 192.168.1.0/24 192.168.2.0/24 any -P out ipsec
+ esp/tunnel/200.200.200.10-200.200.200.20/require;
+
+spdadd 192.168.2.0/24 192.168.1.0/24 any -P in ipsec
+ esp/tunnel/200.200.200.20-200.200.200.10/require;
+
+
+# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity)
+# and hmac-sha1 authentication using 160 bit long keys
+add 200.200.200.10 200.200.200.20 esp 0x201 -m tunnel
+ -E aes-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831
+ -A hmac-sha1 0xe9c43acd5e8d779b6e09c87347852708ab49bdd3;
+
+add 200.200.200.20 200.200.200.10 esp 0x301 -m tunnel
+ -E aes-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df
+ -A hmac-sha1 0xea6856479330dc9c17b8f6c37e2a895363d83f21;
+
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha256-transport b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha256-transport
new file mode 100755
index 0000000..d2645d6
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha256-transport
@@ -0,0 +1,23 @@
+#!/usr/sbin/setkey -f
+#I am 200.200.200.10
+
+flush;
+spdflush;
+
+# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity)
+# and hmac-sha2-256 authentication using 256 bit long keys
+add 200.200.200.10 200.200.200.20 esp 0x10513
+ -E aes-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831
+ -A hmac-sha2-256 0x4de03bebf6beb4fdef5a67d349a09580466cc4e54503333b2a5fd34538c91198;
+
+add 200.200.200.20 200.200.200.10 esp 0x10514
+ -E aes-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df
+ -A hmac-sha2-256 0x5e01eb780b7ecc074ca2ca4fa4a5ea2ff841c977da0ce61c49d1fe767ea5452c;
+
+
+spdadd 200.200.200.20 200.200.200.10 any -P in ipsec
+ esp/transport//require;
+
+spdadd 200.200.200.10 200.200.200.20 any -P out ipsec
+ esp/transport//require;
+
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha256-tunnel b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha256-tunnel
new file mode 100755
index 0000000..8ed697d
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-sha256-tunnel
@@ -0,0 +1,42 @@
+#!/usr/sbin/setkey -f
+#
+#
+# Example ESP Tunnel for VPN.
+#
+# ========= ESP =========
+# | |
+# Network-A Gateway-A Gateway-B Network-B
+# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24
+#
+# ====== 83xx board A ====== ===== 83xx board B =====
+# | | | |
+# eth0 eth1 eth1 eth0
+# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130
+#
+#
+# Board A setup
+#
+# Flush the SAD and SPD
+flush;
+spdflush;
+
+# I am gateway A (eth0:192.168.1.130, eth1:200.200.200.10)
+#
+# Security policies
+spdadd 192.168.1.0/24 192.168.2.0/24 any -P out ipsec
+ esp/tunnel/200.200.200.10-200.200.200.20/require;
+
+spdadd 192.168.2.0/24 192.168.1.0/24 any -P in ipsec
+ esp/tunnel/200.200.200.20-200.200.200.10/require;
+
+
+# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity)
+# and hmac-sha2-256 authentication using 256 bit long keys
+add 200.200.200.10 200.200.200.20 esp 0x10513 -m tunnel
+ -E aes-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831
+ -A hmac-sha2-256 0x4de03bebf6beb4fdef5a67d349a09580466cc4e54503333b2a5fd34538c91198;
+
+add 200.200.200.20 200.200.200.10 esp 0x10514 -m tunnel
+ -E aes-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df
+ -A hmac-sha2-256 0x5e01eb780b7ecc074ca2ca4fa4a5ea2ff841c977da0ce61c49d1fe767ea5452c;
+
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-null-null-transport b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-null-null-transport
new file mode 100755
index 0000000..84275d0
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-null-null-transport
@@ -0,0 +1,23 @@
+#!/usr/sbin/setkey -f
+#I am 200.200.200.10
+
+flush;
+spdflush;
+
+# ESP SAs doing null encryption
+# and null authentication
+add 200.200.200.10 200.200.200.20 esp 0x10513
+ -E null
+ -A null;
+
+add 200.200.200.20 200.200.200.10 esp 0x10514
+ -E null
+ -A null;
+
+
+spdadd 200.200.200.20 200.200.200.10 any -P in ipsec
+ esp/transport//require;
+
+spdadd 200.200.200.10 200.200.200.20 any -P out ipsec
+ esp/transport//require;
+
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-null-null-tunnel b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-null-null-tunnel
new file mode 100755
index 0000000..478d14a
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-null-null-tunnel
@@ -0,0 +1,42 @@
+#!/usr/sbin/setkey -f
+#
+#
+# Example ESP Tunnel for VPN.
+#
+# ========= ESP =========
+# | |
+# Network-A Gateway-A Gateway-B Network-B
+# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24
+#
+# ====== 83xx board A ====== ===== 83xx board B =====
+# | | | |
+# eth0 eth1 eth1 eth0
+# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130
+#
+#
+# Board A setup
+#
+# Flush the SAD and SPD
+flush;
+spdflush;
+
+# I am gateway A (eth0:192.168.1.130, eth1:200.200.200.10)
+#
+# Security policies
+spdadd 192.168.1.0/24 192.168.2.0/24 any -P out ipsec
+ esp/tunnel/200.200.200.10-200.200.200.20/require;
+
+spdadd 192.168.2.0/24 192.168.1.0/24 any -P in ipsec
+ esp/tunnel/200.200.200.20-200.200.200.10/require;
+
+
+# ESP SAs doing null encryption
+# and null authentication
+add 200.200.200.10 200.200.200.20 esp 0x201 -m tunnel
+ -E null
+ -A null;
+
+add 200.200.200.20 200.200.200.10 esp 0x301 -m tunnel
+ -E null
+ -A null;
+
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.ipv4 b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.ipv4
new file mode 100755
index 0000000..e219f2a
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.ipv4
@@ -0,0 +1,2 @@
+set -v
+route add -net 192.168.2.0 netmask 255.255.255.0 gw 200.200.200.20
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/moonCert.pem b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/moonCert.pem
new file mode 100644
index 0000000..d5c970f
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/moonCert.pem
@@ -0,0 +1,25 @@
+-----BEGIN CERTIFICATE-----
+MIIEIjCCAwqgAwIBAgIBFzANBgkqhkiG9w0BAQsFADBFMQswCQYDVQQGEwJDSDEZ
+MBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEbMBkGA1UEAxMSc3Ryb25nU3dhbiBS
+b290IENBMB4XDTA5MDgyNzEwMDMzMloXDTE0MDgyNjEwMDMzMlowRjELMAkGA1UE
+BhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xHDAaBgNVBAMTE21vb24u
+c3Ryb25nc3dhbi5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDK
+L2M91Lu6BYYhWxWgMS9z9TMSTwszm5rhO7ZIsCtMRo4PAeYw+++SGXt3CPXb/+p+
+SWKGlm11rPE71eQ3ehgh2C3hAurfmWO0iQQaCw+fdreeIVCqOQIOP6UqZ327h5yY
+YpHk8VQv4vBJTpxclU1PqnWheqe1ZlLxsW773LRml/fQt/UgvJkCBTZZONLNMfK+
+7TDnYaVsAtncgvDN78nUNEe2qY92KK7SrBJ6SpUEg49m51F+XgsGcsgWVHS85on3
+Om/G48crLEVJjdu8CxewSRVgb+lPJWzHd8QsU0Vg/7vlqs3ZRMyNtNKrr4opSvVb
+A6agGlTXhDCreDiXU8KHAgMBAAGjggEaMIIBFjAJBgNVHRMEAjAAMAsGA1UdDwQE
+AwIDqDAdBgNVHQ4EFgQUapx00fiJeYn2WpTpifH6w2SdKS4wbQYDVR0jBGYwZIAU
+XafdcAZRMn7ntm2zteXgYOouTe+hSaRHMEUxCzAJBgNVBAYTAkNIMRkwFwYDVQQK
+ExBMaW51eCBzdHJvbmdTd2FuMRswGQYDVQQDExJzdHJvbmdTd2FuIFJvb3QgQ0GC
+AQAwHgYDVR0RBBcwFYITbW9vbi5zdHJvbmdzd2FuLm9yZzATBgNVHSUEDDAKBggr
+BgEFBQcDATA5BgNVHR8EMjAwMC6gLKAqhihodHRwOi8vY3JsLnN0cm9uZ3N3YW4u
+b3JnL3N0cm9uZ3N3YW4uY3JsMA0GCSqGSIb3DQEBCwUAA4IBAQCctXg2xeMozaTV
+jiBL1P8MY9uEH5JtU0EceQ1RbI5/2vGRdnECND9oADY5vamaaE2Mdq2Qh/vlXnML
+o3ii5ELjsQlYdTYZOcMOdcUUXYvbbFX1cwpkBhyBl1H25KptHcgQ/HnceKp3kOuq
+wYOYjgwePXulcpWXx0E2QtQCFQQZFPyEWeNJxH0oglg53QPXfHY9I2/Gukj5V0bz
+p7ME0Gs8KdnYdmbbDqzQgPsta96/m+HoJlsrVF+4Gqihj6BWMBQ2ybjPWZdG3oH9
+25cE8v60Ry98D0Z/tygbAUFnh5oOvaf642paVgc3aoA77I8U+UZjECxISoiHultY
+7QTufOwP
+-----END CERTIFICATE-----
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/moonKey.pem b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/moonKey.pem
new file mode 100644
index 0000000..4d99866
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/moonKey.pem
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEAyi9jPdS7ugWGIVsVoDEvc/UzEk8LM5ua4Tu2SLArTEaODwHm
+MPvvkhl7dwj12//qfklihpZtdazxO9XkN3oYIdgt4QLq35ljtIkEGgsPn3a3niFQ
+qjkCDj+lKmd9u4ecmGKR5PFUL+LwSU6cXJVNT6p1oXqntWZS8bFu+9y0Zpf30Lf1
+ILyZAgU2WTjSzTHyvu0w52GlbALZ3ILwze/J1DRHtqmPdiiu0qwSekqVBIOPZudR
+fl4LBnLIFlR0vOaJ9zpvxuPHKyxFSY3bvAsXsEkVYG/pTyVsx3fELFNFYP+75arN
+2UTMjbTSq6+KKUr1WwOmoBpU14Qwq3g4l1PChwIDAQABAoIBACBFB/Xqajv6fbn9
+K6pxrz02uXwGmacXAtVIDoPzejWmXS4QA4l17HrJDmelSnhelDKry8nnYHkTrTz7
+mn0wQ4HDWy86o/okJUG/TKRLd6bf79aRQqqohqd3iQkHk43GyzuXH+oGioVKF0fc
+ACDWw4wfjL7FMNdHCZ4Bz9DrHO/ysHe9B6rvSYm3VZRhSxaneIkaLkkDadKpVx3f
+XNFlMxY4qKPJYYSoJZ61iMqrO7+rnA93tmyDDs8PKU3BtnpfNrdePgleJHhk8Zqy
+Ev2/NOCSUxbKE8NCtLpGTs+T0qjjnu4k3WPd3ZOBAan0uPDekHZeHB/aXGLhYcxx
+J5SurqECgYEA+F1gppkER5Jtoaudt/CUpdQ1sR9wxf75VBqJ4FiYABGQz9xlG4oj
+zL/o572s0iV3bwFpnQa+WuWrxGkP6ZuB/Z82npc0N/vLou/b4dxvg4n7K+eOOEf0
+8FMjsse2tqTIXKCqcmQnR0NPQ1jwuvEKsXP5w/JOlnRXAXnd4jxsJI0CgYEA0GaT
+61ySttUW9jC3mxuY6jkQy8TEQqR3nOFvWwmCXIWOpN/MTTPus+Telxp/pdKhU+mo
+PmX3Unyne5PvwleWDq3YzltX5ZDZGJ5UJlKuNnfGIzQ6OcHRbb7zBpQG6qSRPuug
+bgo688hTnb1L59nK88zWVK45euf6pyuoI+SwIGMCgYEA7yvE8knyhBXvezuv0z1b
+eGHmHp5/VDwY0DQKSEAoiBBiWrkLqLybgwXf/KJ8dZZc8En08aFX2GLJyYe/KiB1
+ys3ypEBJqgvRayP+o/9KZ+qNNRd0rqAksPXvL7ABNNt0kzapTSVDae3Yu6s/j1am
+DIL5qAeERIDedG5uDPpQzdUCgYB7MtjpP63ABhLv8XbpbBQnCxtByw3W89F+Xcrt
+v55gQdhE4cSuMzA/CuMH4vNpPS6AI9aBJNhj3CtKo/cOJachAGb1/wvkO5ALvLW0
+fhZdPstUTnDJain7vfF/hwzbs/PlhXgu9T9KlLfRvXFdG+Sd4g8mumRiozcLkoRw
+y6XPTwKBgDJP+s9wXmdG90HST/aqC7FKrVXLpB63dY5swNUfQP6sa0pFnON0r0JC
+h/YCsGFFIAebQ2uOkM3g3f9nkwTp7910ov+/5uThvRI2w2BBPy0mVuALPjyyF1Z2
+cb9zpyKiIuXoXRCf4sd8r1lR9bn0Fxx0Svpxf+fpMGSI5quHNBKY
+-----END RSA PRIVATE KEY-----
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/pingsizes.sh b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/pingsizes.sh
new file mode 100755
index 0000000..faefb24
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/pingsizes.sh
@@ -0,0 +1,19 @@
+#!/bin/bash
+#
+# Usage: ./pingsizes.sh 1440 20 (or greater)
+#
+
+PINGDEST=${PINGDEST:-200.200.200.10}
+k=$1
+lim="$((k+$2))"
+((k-=1))
+while [ "$k" != "$lim" ] ; do
+ echo -n "ping -s $((k+=1)) : "
+ ping -i 1000 -c 1 -s $k $PINGDEST | grep packets &
+ sleep 1
+ PID=`ps -eaf | grep 'ping -i' | grep -v grep | sed 's/[ ][ ]*/ /g' | cut -d " " -f 2`
+ if [ -n "$PID" ] ; then
+ echo "****************** killing $PID"
+ kill $PID > /dev/null
+ fi
+done
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/pingsizest.sh b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/pingsizest.sh
new file mode 100755
index 0000000..d5ff0f7
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/pingsizest.sh
@@ -0,0 +1,19 @@
+#!/bin/bash
+#
+# Usage: ./pingsizes.sh 1440 20 (or greater)
+#
+
+PINGDEST=${PINGDEST:-200.200.200.10}
+k=$1
+lim="$((k+$2))"
+((k-=1))
+while [ "$k" != "$lim" ] ; do
+ echo ping -s $((k+=1))
+ ping -i 1000 -c 1 -s $k $PINGDEST &
+ sleep 1
+ PID=`ps -eaf | grep 'ping -i' | sed 's/[ ][ ]*/ /g' | cut -d " " -f 2`
+ if [ -n "$PID" ] ; then
+ echo "****************** killing $PID"
+ kill $PID
+ fi
+done
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/psk.txt b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/psk.txt
new file mode 100644
index 0000000..46c1ff4
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/psk.txt
@@ -0,0 +1,2 @@
+200.200.200.20 secretkeyracoon
+200.200.200.10 secretkeyracoon
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/racoon.conf b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/racoon.conf
new file mode 100644
index 0000000..cf561f5
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/racoon.conf
@@ -0,0 +1,22 @@
+path pre_shared_key "/test_setkey/psk.txt" ;
+
+ remote anonymous
+ {
+ exchange_mode main ;
+ lifetime time 1 hour ;
+ proposal {
+ encryption_algorithm 3des;
+ hash_algorithm sha1;
+ authentication_method pre_shared_key ;
+ dh_group 2 ;
+ }
+ }
+
+ sainfo anonymous
+ {
+ pfs_group 2;
+ lifetime time 1 hour ;
+ encryption_algorithm 3des ;
+ authentication_algorithm hmac_sha1 ;
+ compression_algorithm deflate ;
+ }
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-md5-transport b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-md5-transport
new file mode 100755
index 0000000..7f82fb4
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-md5-transport
@@ -0,0 +1,23 @@
+#!/usr/sbin/setkey -f
+#I am 200.200.200.20
+
+flush;
+spdflush;
+
+# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity)
+# and hmac-md5 authentication using 128 bit long keys
+add 200.200.200.10 200.200.200.20 esp 0x10513
+ -E 3des-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831
+ -A hmac-md5 0xd5f603abc8cd9d19319ca32fb955b10f;
+
+add 200.200.200.20 200.200.200.10 esp 0x10514
+ -E 3des-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df
+ -A hmac-md5 0x1dd90b4c32dcbe9d37b555a23df5170e;
+
+
+spdadd 200.200.200.20 200.200.200.10 any -P out ipsec
+ esp/transport//require;
+
+spdadd 200.200.200.10 200.200.200.20 any -P in ipsec
+ esp/transport//require;
+
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-md5-tunnel b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-md5-tunnel
new file mode 100755
index 0000000..5a75257
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-md5-tunnel
@@ -0,0 +1,42 @@
+#!/usr/sbin/setkey -f
+#
+#
+# Example ESP Tunnel for VPN.
+#
+# ========= ESP =========
+# | |
+# Network-A Gateway-A Gateway-B Network-B
+# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24
+#
+# ====== 83xx board A ====== ===== 83xx board B =====
+# | | | |
+# eth0 eth1 eth1 eth0
+# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130
+#
+#
+# Board B setup
+#
+# Flush the SAD and SPD
+flush;
+spdflush;
+
+# I am gateway B (eth0:192.168.2.130, eth1:200.200.200.20)
+#
+# Security policies
+spdadd 192.168.2.0/24 192.168.1.0/24 any -P out ipsec
+ esp/tunnel/200.200.200.20-200.200.200.10/require;
+
+spdadd 192.168.1.0/24 192.168.2.0/24 any -P in ipsec
+ esp/tunnel/200.200.200.10-200.200.200.20/require;
+
+
+# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity)
+# and hmac-md5 authentication using 128 bit long keys
+add 200.200.200.10 200.200.200.20 esp 0x201 -m tunnel
+ -E 3des-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831
+ -A hmac-md5 0xd5f603abc8cd9d19319ca32fb955b10f;
+
+add 200.200.200.20 200.200.200.10 esp 0x301 -m tunnel
+ -E 3des-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df
+ -A hmac-md5 0x1dd90b4c32dcbe9d37b555a23df5170e;
+
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha1-transport b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha1-transport
new file mode 100755
index 0000000..6ef885d
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha1-transport
@@ -0,0 +1,22 @@
+#!/usr/sbin/setkey -f
+#I am 200.200.200.20
+
+flush;
+spdflush;
+
+# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity)
+# and hmac-sha1 authentication using 160 bit long keys
+add 200.200.200.10 200.200.200.20 esp 0x10513
+ -E 3des-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831
+ -A hmac-sha1 0xe9c43acd5e8d779b6e09c87347852708ab49bdd3;
+
+add 200.200.200.20 200.200.200.10 esp 0x10514
+ -E 3des-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df
+ -A hmac-sha1 0xea6856479330dc9c17b8f6c37e2a895363d83f21;
+
+# Security policies
+spdadd 200.200.200.20 200.200.200.10 any -P out ipsec
+ esp/transport//require;
+
+spdadd 200.200.200.10 200.200.200.20 any -P in ipsec
+ esp/transport//require;
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha1-tunnel b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha1-tunnel
new file mode 100755
index 0000000..16c3157
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha1-tunnel
@@ -0,0 +1,41 @@
+#!/usr/sbin/setkey -f
+#
+#
+# Example ESP Tunnel for VPN.
+#
+# ========= ESP =========
+# | |
+# Network-A Gateway-A Gateway-B Network-B
+# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24
+#
+# ====== 83xx board A ====== ===== 83xx board B =====
+# | | | |
+# eth0 eth1 eth1 eth0
+# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130
+#
+#
+# Board B setup
+# Flush the SAD and SPD
+flush;
+spdflush;
+
+# I am gateway B (eth0:192.168.2.130, eth1:200.200.200.20)
+#
+# Security policies
+
+spdadd 192.168.2.0/24 192.168.1.0/24 any -P out ipsec
+ esp/tunnel/200.200.200.20-200.200.200.10/require;
+
+spdadd 192.168.1.0/24 192.168.2.0/24 any -P in ipsec
+ esp/tunnel/200.200.200.10-200.200.200.20/require;
+
+# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity)
+# and hmac-sha1 authentication using 160 bit long keys
+add 200.200.200.10 200.200.200.20 esp 0x201 -m tunnel
+ -E 3des-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831
+ -A hmac-sha1 0xe9c43acd5e8d779b6e09c87347852708ab49bdd3;
+
+add 200.200.200.20 200.200.200.10 esp 0x301 -m tunnel
+ -E 3des-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df
+ -A hmac-sha1 0xea6856479330dc9c17b8f6c37e2a895363d83f21;
+
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha256-transport b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha256-transport
new file mode 100755
index 0000000..b977209
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha256-transport
@@ -0,0 +1,23 @@
+#!/usr/sbin/setkey -f
+#I am 200.200.200.20
+
+flush;
+spdflush;
+
+# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity)
+# and hmac-sha2-256 authentication using 256 bit long keys
+add 200.200.200.10 200.200.200.20 esp 0x10513
+ -E 3des-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831
+ -A hmac-sha2-256 0x4de03bebf6beb4fdef5a67d349a09580466cc4e54503333b2a5fd34538c91198;
+
+add 200.200.200.20 200.200.200.10 esp 0x10514
+ -E 3des-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df
+ -A hmac-sha2-256 0x5e01eb780b7ecc074ca2ca4fa4a5ea2ff841c977da0ce61c49d1fe767ea5452c;
+
+
+spdadd 200.200.200.20 200.200.200.10 any -P out ipsec
+ esp/transport//require;
+
+spdadd 200.200.200.10 200.200.200.20 any -P in ipsec
+ esp/transport//require;
+
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha256-tunnel b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha256-tunnel
new file mode 100755
index 0000000..e7c5b4e
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-3des-sha256-tunnel
@@ -0,0 +1,42 @@
+#!/usr/sbin/setkey -f
+#
+#
+# Example ESP Tunnel for VPN.
+#
+# ========= ESP =========
+# | |
+# Network-A Gateway-A Gateway-B Network-B
+# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24
+#
+# ====== 83xx board A ====== ===== 83xx board B =====
+# | | | |
+# eth0 eth1 eth1 eth0
+# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130
+#
+#
+# Board A setup
+#
+# Flush the SAD and SPD
+flush;
+spdflush;
+
+# I am gateway B (eth0:192.168.2.130, eth1:200.200.200.20)
+#
+# Security policies
+spdadd 192.168.2.0/24 192.168.1.0/24 any -P out ipsec
+ esp/tunnel/200.200.200.20-200.200.200.10/require;
+
+spdadd 192.168.1.0/24 192.168.2.0/24 any -P in ipsec
+ esp/tunnel/200.200.200.10-200.200.200.20/require;
+
+
+# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity)
+# and hmac-sha2-256 authentication using 256 bit long keys
+add 200.200.200.10 200.200.200.20 esp 0x10513 -m tunnel
+ -E 3des-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831
+ -A hmac-sha2-256 0x4de03bebf6beb4fdef5a67d349a09580466cc4e54503333b2a5fd34538c91198;
+
+add 200.200.200.20 200.200.200.10 esp 0x10514 -m tunnel
+ -E 3des-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df
+ -A hmac-sha2-256 0x5e01eb780b7ecc074ca2ca4fa4a5ea2ff841c977da0ce61c49d1fe767ea5452c;
+
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-md5-transport b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-md5-transport
new file mode 100755
index 0000000..5d55d00
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-md5-transport
@@ -0,0 +1,23 @@
+#!/usr/sbin/setkey -f
+#I am 200.200.200.20
+
+flush;
+spdflush;
+
+# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity)
+# and hmac-md5 authentication using 128 bit long keys
+add 200.200.200.10 200.200.200.20 esp 0x10513
+ -E aes-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831
+ -A hmac-md5 0xd5f603abc8cd9d19319ca32fb955b10f;
+
+add 200.200.200.20 200.200.200.10 esp 0x10514
+ -E aes-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df
+ -A hmac-md5 0x1dd90b4c32dcbe9d37b555a23df5170e;
+
+
+spdadd 200.200.200.20 200.200.200.10 any -P out ipsec
+ esp/transport//require;
+
+spdadd 200.200.200.10 200.200.200.20 any -P in ipsec
+ esp/transport//require;
+
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-md5-tunnel b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-md5-tunnel
new file mode 100755
index 0000000..f49bd54
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-md5-tunnel
@@ -0,0 +1,42 @@
+#!/usr/sbin/setkey -f
+#
+#
+# Example ESP Tunnel for VPN.
+#
+# ========= ESP =========
+# | |
+# Network-A Gateway-A Gateway-B Network-B
+# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24
+#
+# ====== 83xx board A ====== ===== 83xx board B =====
+# | | | |
+# eth0 eth1 eth1 eth0
+# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130
+#
+#
+# Board B setup
+#
+# Flush the SAD and SPD
+flush;
+spdflush;
+
+# I am gateway B (eth0:192.168.2.130, eth1:200.200.200.20)
+#
+# Security policies
+spdadd 192.168.2.0/24 192.168.1.0/24 any -P out ipsec
+ esp/tunnel/200.200.200.20-200.200.200.10/require;
+
+spdadd 192.168.1.0/24 192.168.2.0/24 any -P in ipsec
+ esp/tunnel/200.200.200.10-200.200.200.20/require;
+
+
+# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity)
+# and hmac-md5 authentication using 128 bit long keys
+add 200.200.200.10 200.200.200.20 esp 0x201 -m tunnel
+ -E aes-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831
+ -A hmac-md5 0xd5f603abc8cd9d19319ca32fb955b10f;
+
+add 200.200.200.20 200.200.200.10 esp 0x301 -m tunnel
+ -E aes-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df
+ -A hmac-md5 0x1dd90b4c32dcbe9d37b555a23df5170e;
+
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha1-transport b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha1-transport
new file mode 100755
index 0000000..d9c65a4
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha1-transport
@@ -0,0 +1,22 @@
+#!/usr/sbin/setkey -f
+#I am 200.200.200.20
+
+flush;
+spdflush;
+
+# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity)
+# and hmac-sha1 authentication using 160 bit long keys
+add 200.200.200.10 200.200.200.20 esp 0x10513
+ -E aes-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831
+ -A hmac-sha1 0xe9c43acd5e8d779b6e09c87347852708ab49bdd3;
+
+add 200.200.200.20 200.200.200.10 esp 0x10514
+ -E aes-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df
+ -A hmac-sha1 0xea6856479330dc9c17b8f6c37e2a895363d83f21;
+
+# Security policies
+spdadd 200.200.200.20 200.200.200.10 any -P out ipsec
+ esp/transport//require;
+
+spdadd 200.200.200.10 200.200.200.20 any -P in ipsec
+ esp/transport//require;
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha1-tunnel b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha1-tunnel
new file mode 100755
index 0000000..1f10136
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha1-tunnel
@@ -0,0 +1,41 @@
+#!/usr/sbin/setkey -f
+#
+#
+# Example ESP Tunnel for VPN.
+#
+# ========= ESP =========
+# | |
+# Network-A Gateway-A Gateway-B Network-B
+# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24
+#
+# ====== 83xx board A ====== ===== 83xx board B =====
+# | | | |
+# eth0 eth1 eth1 eth0
+# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130
+#
+#
+# Board B setup
+# Flush the SAD and SPD
+flush;
+spdflush;
+
+# I am gateway B (eth0:192.168.2.130, eth1:200.200.200.20)
+#
+# Security policies
+
+spdadd 192.168.2.0/24 192.168.1.0/24 any -P out ipsec
+ esp/tunnel/200.200.200.20-200.200.200.10/require;
+
+spdadd 192.168.1.0/24 192.168.2.0/24 any -P in ipsec
+ esp/tunnel/200.200.200.10-200.200.200.20/require;
+
+# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity)
+# and hmac-sha1 authentication using 160 bit long keys
+add 200.200.200.10 200.200.200.20 esp 0x201 -m tunnel
+ -E aes-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831
+ -A hmac-sha1 0xe9c43acd5e8d779b6e09c87347852708ab49bdd3;
+
+add 200.200.200.20 200.200.200.10 esp 0x301 -m tunnel
+ -E aes-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df
+ -A hmac-sha1 0xea6856479330dc9c17b8f6c37e2a895363d83f21;
+
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha256-transport b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha256-transport
new file mode 100755
index 0000000..817a8bd
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha256-transport
@@ -0,0 +1,23 @@
+#!/usr/sbin/setkey -f
+#I am 200.200.200.20
+
+flush;
+spdflush;
+
+# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity)
+# and hmac-sha2-256 authentication using 256 bit long keys
+add 200.200.200.10 200.200.200.20 esp 0x10513
+ -E aes-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831
+ -A hmac-sha2-256 0x4de03bebf6beb4fdef5a67d349a09580466cc4e54503333b2a5fd34538c91198;
+
+add 200.200.200.20 200.200.200.10 esp 0x10514
+ -E aes-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df
+ -A hmac-sha2-256 0x5e01eb780b7ecc074ca2ca4fa4a5ea2ff841c977da0ce61c49d1fe767ea5452c;
+
+
+spdadd 200.200.200.20 200.200.200.10 any -P out ipsec
+ esp/transport//require;
+
+spdadd 200.200.200.10 200.200.200.20 any -P in ipsec
+ esp/transport//require;
+
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha256-tunnel b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha256-tunnel
new file mode 100755
index 0000000..9bca18f
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-aes-sha256-tunnel
@@ -0,0 +1,42 @@
+#!/usr/sbin/setkey -f
+#
+#
+# Example ESP Tunnel for VPN.
+#
+# ========= ESP =========
+# | |
+# Network-A Gateway-A Gateway-B Network-B
+# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24
+#
+# ====== 83xx board A ====== ===== 83xx board B =====
+# | | | |
+# eth0 eth1 eth1 eth0
+# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130
+#
+#
+# Board A setup
+#
+# Flush the SAD and SPD
+flush;
+spdflush;
+
+# I am gateway B (eth0:192.168.2.130, eth1:200.200.200.20)
+#
+# Security policies
+spdadd 192.168.2.0/24 192.168.1.0/24 any -P out ipsec
+ esp/tunnel/200.200.200.20-200.200.200.10/require;
+
+spdadd 192.168.1.0/24 192.168.2.0/24 any -P in ipsec
+ esp/tunnel/200.200.200.10-200.200.200.20/require;
+
+
+# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity)
+# and hmac-sha2-256 authentication using 256 bit long keys
+add 200.200.200.10 200.200.200.20 esp 0x10513 -m tunnel
+ -E aes-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831
+ -A hmac-sha2-256 0x4de03bebf6beb4fdef5a67d349a09580466cc4e54503333b2a5fd34538c91198;
+
+add 200.200.200.20 200.200.200.10 esp 0x10514 -m tunnel
+ -E aes-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df
+ -A hmac-sha2-256 0x5e01eb780b7ecc074ca2ca4fa4a5ea2ff841c977da0ce61c49d1fe767ea5452c;
+
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-null-null-transport b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-null-null-transport
new file mode 100755
index 0000000..26dfe2e
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-null-null-transport
@@ -0,0 +1,23 @@
+#!/usr/sbin/setkey -f
+#I am 200.200.200.20
+
+flush;
+spdflush;
+
+# ESP SAs doing null encryption
+# and null authentication
+add 200.200.200.10 200.200.200.20 esp 0x10513
+ -E null
+ -A null;
+
+add 200.200.200.20 200.200.200.10 esp 0x10514
+ -E null
+ -A null;
+
+
+spdadd 200.200.200.20 200.200.200.10 any -P out ipsec
+ esp/transport//require;
+
+spdadd 200.200.200.10 200.200.200.20 any -P in ipsec
+ esp/transport//require;
+
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-null-null-tunnel b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-null-null-tunnel
new file mode 100755
index 0000000..bc4f38e
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.conf-null-null-tunnel
@@ -0,0 +1,42 @@
+#!/usr/sbin/setkey -f
+#
+#
+# Example ESP Tunnel for VPN.
+#
+# ========= ESP =========
+# | |
+# Network-A Gateway-A Gateway-B Network-B
+# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24
+#
+# ====== 83xx board A ====== ===== 83xx board B =====
+# | | | |
+# eth0 eth1 eth1 eth0
+# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130
+#
+#
+# Board B setup
+#
+# Flush the SAD and SPD
+flush;
+spdflush;
+
+# I am gateway B (eth0:192.168.2.130, eth1:200.200.200.20)
+#
+# Security policies
+spdadd 192.168.2.0/24 192.168.1.0/24 any -P out ipsec
+ esp/tunnel/200.200.200.20-200.200.200.10/require;
+
+spdadd 192.168.1.0/24 192.168.2.0/24 any -P in ipsec
+ esp/tunnel/200.200.200.10-200.200.200.20/require;
+
+
+# ESP SAs doing null encryption
+# and null authentication
+add 200.200.200.10 200.200.200.20 esp 0x201 -m tunnel
+ -E null
+ -A null;
+
+add 200.200.200.20 200.200.200.10 esp 0x301 -m tunnel
+ -E null
+ -A null;
+
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.ipv4 b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.ipv4
new file mode 100755
index 0000000..67cd1b2
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/right.ipv4
@@ -0,0 +1,2 @@
+set -v
+route add -net 192.168.1.0 netmask 255.255.255.0 gw 200.200.200.10
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/setup b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/setup
new file mode 100755
index 0000000..9e6fa7f
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/setup
@@ -0,0 +1,47 @@
+# setup - quick setup for left or right side of ipsec test
+# see README for example use.
+
+SCRIPT_HOME=/test_setkey/
+cd $SCRIPT_HOME
+
+export PATH=$SCRIPT_HOME:$PATH
+
+if [ "$1" != "left" -a "$1" != "right" ] ; then
+ echo "Usage: $0 side [config] [driver]"
+ echo " where side is either left or right."
+ echo " where config is either"
+ echo " aes-sha1-tunnel (default)"
+ echo " or 3des-sha1-tunnel"
+ echo " if driver is supplied, script does 'modprobe driver'"
+ exit 1
+fi
+
+SIDE=$1
+POLICY_CFG=$SIDE.conf
+DEFAULT_POLICY=aes-sha1-tunnel
+
+if [ -n "$2" ] ; then
+ POLICY=$2
+else
+ POLICY=$DEFAULT_POLICY
+fi
+
+SETKEY_FILE=$POLICY_CFG-$POLICY
+
+if [ ! -f $SETKEY_FILE ] ; then
+ echo "Missing setkey command file: $SETKEY_FILE"
+ exit 1
+fi
+
+# modprobe any driver name given as last parameter
+if [ -n "$3" ] ; then
+ modprobe $3
+fi
+
+SETUP_CMD_FILE=./setup_$SIDE
+. $SETUP_CMD_FILE
+
+$SETKEY_FILE
+
+setkey -D
+setkey -D -P
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/setup_left b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/setup_left
new file mode 100755
index 0000000..da76909
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/setup_left
@@ -0,0 +1,13 @@
+# board on left setup
+set -v
+ifconfig eth0 down
+ifconfig eth0 hw ether 00:04:9F:11:22:33
+ifconfig eth0 192.168.1.130 netmask 255.255.255.0
+ifconfig eth0 up
+ifconfig eth1 down
+ifconfig eth1 hw ether 00:E0:0C:00:7D:FD
+ifconfig eth1 200.200.200.10 netmask 255.255.255.0
+ifconfig eth1 up
+arp -s 192.168.1.21 00:00:00:00:00:01
+route add default dev eth1
+echo 1 > /proc/sys/net/ipv4/ip_forward
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/setup_right b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/setup_right
new file mode 100755
index 0000000..f0e333e
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/setup_right
@@ -0,0 +1,13 @@
+# board on right setup
+set -v
+ifconfig eth0 down
+ifconfig eth0 hw ether 00:E0:0C:00:01:FD
+ifconfig eth0 192.168.2.130 netmask 255.255.255.0
+ifconfig eth0 up
+ifconfig eth1 down
+ifconfig eth1 hw ether 00:E0:0C:00:00:FD
+ifconfig eth1 200.200.200.20 netmask 255.255.255.0
+ifconfig eth1 up
+arp -s 192.168.2.21 00:00:00:00:00:02
+route add default dev eth1
+echo 1 > /proc/sys/net/ipv4/ip_forward
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswan.conf b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswan.conf
new file mode 100644
index 0000000..1701f4a
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswan.conf
@@ -0,0 +1,19 @@
+# strongswan.conf - strongSwan configuration file
+
+charon {
+ load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac xcbc stroke kernel-netlink socket-raw updown
+ multiple_authentication = no
+}
+
+pluto {
+
+ # plugins to load in pluto
+ #load = aes des sha1 md5 sha2 hmac gmp random pubkey
+
+}
+
+libstrongswan {
+
+ # set to no, the DH exponent size is optimized
+ # dh_exponent_ansi_x9_42 = no
+}
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswanCert.pem b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswanCert.pem
new file mode 100644
index 0000000..0865ad2
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswanCert.pem
@@ -0,0 +1,22 @@
+-----BEGIN CERTIFICATE-----
+MIIDuDCCAqCgAwIBAgIBADANBgkqhkiG9w0BAQsFADBFMQswCQYDVQQGEwJDSDEZ
+MBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEbMBkGA1UEAxMSc3Ryb25nU3dhbiBS
+b290IENBMB4XDTA0MDkxMDEwMDExOFoXDTE5MDkwNzEwMDExOFowRTELMAkGA1UE
+BhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xGzAZBgNVBAMTEnN0cm9u
+Z1N3YW4gUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL/y
+X2LqPVZuWLPIeknK86xhz6ljd3NNhC2z+P1uoCP3sBMuZiZQEjFzhnKcbXxCeo2f
+FnvhOOjrrisSuVkzuu82oxXD3fIkzuS7m9V4E10EZzgmKWIf+WuNRfbgAuUINmLc
+4YGAXBQLPyzpP4Ou48hhz/YQo58Bics6PHy5v34qCVROIXDvqhj91P8g+pS+F21/
+7P+CH2jRcVIEHZtG8M/PweTPQ95dPzpYd2Ov6SZ/U7EWmbMmT8VcUYn1aChxFmy5
+gweVBWlkH6MP+1DeE0/tL5c87xo5KCeGK8Tdqpe7sBRC4pPEEHDQciTUvkeuJ1Pr
+K+1LwdqRxo7HgMRiDw8CAwEAAaOBsjCBrzASBgNVHRMBAf8ECDAGAQH/AgEBMAsG
+A1UdDwQEAwIBBjAdBgNVHQ4EFgQUXafdcAZRMn7ntm2zteXgYOouTe8wbQYDVR0j
+BGYwZIAUXafdcAZRMn7ntm2zteXgYOouTe+hSaRHMEUxCzAJBgNVBAYTAkNIMRkw
+FwYDVQQKExBMaW51eCBzdHJvbmdTd2FuMRswGQYDVQQDExJzdHJvbmdTd2FuIFJv
+b3QgQ0GCAQAwDQYJKoZIhvcNAQELBQADggEBACOSmqEBtBLR9aV3UyCI8gmzR5in
+Lte9aUXXS+qis6F2h2Stf4sN+Nl6Gj7REC6SpfEH4wWdwiUL5J0CJhyoOjQuDl3n
+1Dw3dE4/zqMZdyDKEYTU75TmvusNJBdGsLkrf7EATAjoi/nrTOYPPhSUZvPp/D+Y
+vORJ9Ej51GXlK1nwEB5iA8+tDYniNQn6BD1MEgIejzK+fbiy7braZB1kqhoEr2Si
+7luBSnU912sw494E88a2EWbmMvg2TVHPNzCpVkpNk7kifCiwmw9VldkqYy9y/lCa
+Epyp7lTfKw7cbD04Vk8QJW782L6Csuxkl346b17wmOqn8AZips3tFsuAY3w=
+-----END CERTIFICATE-----
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswan_left b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswan_left
new file mode 100755
index 0000000..e55c3e4
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswan_left
@@ -0,0 +1,10 @@
+#strongswan on left board
+set -v
+cp -rf ipsec.conf.left /etc/ipsec.conf
+cp -rf ipsec.secrets.left /etc/ipsec.secrets
+cp -rf strongswan.conf /etc/
+cp -rf strongswanCert.pem /etc/ipsec.d/cacerts/
+cp -rf moonCert.pem /etc/ipsec.d/certs/
+mkdir /etc/ipsec.d/private
+cp -rf sunKey.pem /etc/ipsec.d/private/
+cp -rf moonKey.pem /etc/ipsec.d/private/
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswan_right b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswan_right
new file mode 100755
index 0000000..bcdbb73
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/strongswan_right
@@ -0,0 +1,10 @@
+#strongswan on left board
+set -v
+cp -rf ipsec.conf.right /etc/ipsec.conf
+cp -rf ipsec.secrets.right /etc/ipsec.secrets
+cp -rf strongswan.conf /etc/
+cp -rf strongswanCert.pem /etc/ipsec.d/cacerts/
+cp -rf sunCert.pem /etc/ipsec.d/certs/
+mkdir /etc/ipsec.d/private
+cp -rf sunKey.pem /etc/ipsec.d/private/
+cp -rf moonKey.pem /etc/ipsec.d/private/
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/sunCert.pem b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/sunCert.pem
new file mode 100644
index 0000000..d0937ba
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/sunCert.pem
@@ -0,0 +1,25 @@
+-----BEGIN CERTIFICATE-----
+MIIEIDCCAwigAwIBAgIBFjANBgkqhkiG9w0BAQsFADBFMQswCQYDVQQGEwJDSDEZ
+MBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEbMBkGA1UEAxMSc3Ryb25nU3dhbiBS
+b290IENBMB4XDTA5MDgyNzA5NTkwNFoXDTE0MDgyNjA5NTkwNFowRTELMAkGA1UE
+BhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xGzAZBgNVBAMTEnN1bi5z
+dHJvbmdzd2FuLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN+V
+VIpn6Q5jaU//EN6p6A5cSfUfhBK0mFa2laFFZh/Y0h66AXqqrQ3X917h7YNsSk68
+oowY9h9I3gOx7hNVBsJr2VjdYC+b0q5NTha09/A5mimv/prYj6o0yawxoPjoDs9Y
+h7D7Kf+F8fkgk0stlHJZX66J7dNrFXbg1xBld+Ep5Or2FbEZ9QWUpRQTuhdpNt/4
+9YuxQ59DemY9IRbwsrKCHH0mGrJsDdqeb0ap+8QvSXHjCt1fr9MNKWaAFAQLKQI4
+e0da1ntPCEQLeE833+NNRBgGufk0KqGT3eAXqrxa9AEIUJnVcPexQdqUMjcUpXFb
+8WNzRWB8Egh3BDK6FsECAwEAAaOCARkwggEVMAkGA1UdEwQCMAAwCwYDVR0PBAQD
+AgOoMB0GA1UdDgQWBBRW1p4v2qihzRlcI1PnxbZwluML+zBtBgNVHSMEZjBkgBRd
+p91wBlEyfue2bbO15eBg6i5N76FJpEcwRTELMAkGA1UEBhMCQ0gxGTAXBgNVBAoT
+EExpbnV4IHN0cm9uZ1N3YW4xGzAZBgNVBAMTEnN0cm9uZ1N3YW4gUm9vdCBDQYIB
+ADAdBgNVHREEFjAUghJzdW4uc3Ryb25nc3dhbi5vcmcwEwYDVR0lBAwwCgYIKwYB
+BQUHAwEwOQYDVR0fBDIwMDAuoCygKoYoaHR0cDovL2NybC5zdHJvbmdzd2FuLm9y
+Zy9zdHJvbmdzd2FuLmNybDANBgkqhkiG9w0BAQsFAAOCAQEAo37LYT9Awx0MK/nA
+FZpPJqUr0Ey+O5Ukcsdx7nd00SlmpiQRY8KmuRXCBQnDEgdLstd3slQjT0pJEgWF
+0pzxybnI6eOzYAhLfhart+X1hURiNGbXjggm2s4I5+K32bVIkNEqlsYnd/6F9oo5
+ZNO0/eTTruLZfkNe/zchBGKe/Z7MacVwlYWWCbMtBV4K1d5dGcRRgpQ9WivDlmat
+Nh9wlscDSgSGk3HJkbxnq695VN7zUbDWAUvWWhV5bIDjlAR/xyT9ApqIxiyVVRul
+fYrE7U05Hbt6GgAroAKLp6qJup9+TxQAKSjKIwJ0hf7OuYyQ8TZtVHS7AOhm+T/5
+G/jGGA==
+-----END CERTIFICATE-----
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/sunKey.pem b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/sunKey.pem
new file mode 100644
index 0000000..d8fad9a
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/sunKey.pem
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEA35VUimfpDmNpT/8Q3qnoDlxJ9R+EErSYVraVoUVmH9jSHroB
+eqqtDdf3XuHtg2xKTryijBj2H0jeA7HuE1UGwmvZWN1gL5vSrk1OFrT38DmaKa/+
+mtiPqjTJrDGg+OgOz1iHsPsp/4Xx+SCTSy2Ucllfront02sVduDXEGV34Snk6vYV
+sRn1BZSlFBO6F2k23/j1i7FDn0N6Zj0hFvCysoIcfSYasmwN2p5vRqn7xC9JceMK
+3V+v0w0pZoAUBAspAjh7R1rWe08IRAt4Tzff401EGAa5+TQqoZPd4BeqvFr0AQhQ
+mdVw97FB2pQyNxSlcVvxY3NFYHwSCHcEMroWwQIDAQABAoIBADH51hjN2zk9HVgl
+QmcTAWzcUie5cLMhrP+M9mtC8O3jcCwwFY6OwfnbMU8DHy0GMqHg5lB8b99UUVPw
+HLAzjDw/ESkc6pgZs4EEhJTsxJLsvTnePgHssEgyXnXf7gRVEqJkPohfy+Zy0UCH
+eIUQXiMlOQ7xg7iDMhwNa+UdWSt539DztSKilQn2xdPZjFnMT0/prvl4NA/8Zn54
+/SdWDq5yRdLWb6EK1V7yJ3687GXR1jzGtgy7TXuncUJVTYgX7RdP1Tn6gWD8YAQ/
+RfT0DdWYm4WHSgSb9/NW8lBZH2yy3hg+lNgofXEvTfBkO5QyW31LIr0tCV6zhJIc
+Y9MxaKUCgYEA9sktaXfhPLe0ECjdeQEOq5EKuDrCviSKCOuAV4BDSOsdw6+5LWfY
+Vb/oke8N70lL3RCblcj1pOKWUi2O/SpEJdDRduiw2gM9cXt3/bChSTHC4TsIxxN/
+Db9OGg72kZ4sRY5Au+zyAAQYBwXhFWux194Jk5qK0JblNG9J5QMqZDcCgYEA5+5h
+BgHUMEO+pdME5lAiSc5PcNTejpA6j+OikCh4/HFXy3C/dLx+Cs1+egw64c8iVaIv
+NEo7n7E9I0e3XqanPRXhMnBRrP+39OVsWPmZ18Li2Hi84KwJyi8Y11l3XJOqaYpF
+wMVUuZpxR0dfG5k/5GwT/tEkmQBglOgG3m2zUMcCgYEA4m3Vd9ahV5dp5AXKpzKc
+JjiPMFfhxJo7+FEz0ZUCp03qYljBu/Jy4MKS/grrqyiCLdQGHNlk4SNxLvdUId78
+5gGBnuuDEJU2dAAIKUE9yq2YlBUZSacOxStI2snt28/X6P3LUWHm7LLU5OS1D3Vf
+mKPF/6MlSJuas5CEqVZNN+MCgYBH9Qh7IaQgmVQUBKVXg3Mv7OduvUyTdKIGtHxi
+N3xZ7hxsDP4JjNWaKmlcGmFGX8pqQRheI83d3NJ4GK8GmbP3Wst0p65fezMqsudr
+r30QmPFicgs/tYCQDw6o+aPzwAi2F+VOSqrfrtAIaldSq7hL+VA21dKB+cD9UgOX
+jPd+TwKBgQCbKeg2QNS2qhPIG9eaqJDROuxmxb/07d7OBctgMgxVvKhqW9hW42Sy
+gJ59fyz5QjFBaSfcOdf4gkKyEawVo45/q6ymIQU37R4vF4CW9Z3CfaIbwJp7LcHV
+zH07so/HNsZua6GWCSCLJU5MeCRiZzk2RFiS9KIaLP4gZndv4lXOiQ==
+-----END RSA PRIVATE KEY-----
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo_0.1.bb b/recipes-connectivity/ipsec-demo/ipsec-demo_0.1.bb
new file mode 100644
index 0000000..5607060
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo_0.1.bb
@@ -0,0 +1,25 @@
+SUMMARY = "Scripts and configuration files for ipsec demo"
+LICENSE = "MIT"
+LIC_FILES_CHKSUM = "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420"
+
+RDEPENDS_${PN} = "ipsec-tools"
+
+inherit allarch
+
+SRC_URI = "file://test_setkey"
+
+do_configure() {
+ :
+}
+
+do_compile() {
+ :
+}
+
+do_install(){
+ install -d ${D}${datadir}
+ cp -a ${WORKDIR}/test_setkey ${D}${datadir}/
+}
+
+FILES_${PN} = "${datadir}/*"
+
--
1.7.3.4
^ permalink raw reply related [flat|nested] 5+ messages in thread
end of thread, other threads:[~2014-07-24 7:46 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2014-07-24 7:48 [meta-fsl-ppc][PATCH 1/6] add cs4315-firmware license file Cortina ting.liu
2014-07-24 7:48 ` [meta-fsl-ppc][PATCH 2/6] add more generic SOC_FAMILY name t1/t2/t4/b4 ting.liu
2014-07-24 7:48 ` [meta-fsl-ppc][PATCH 3/6] fmlib: use SOC_FAMILY as override ting.liu
2014-07-24 7:48 ` [meta-fsl-ppc][PATCH 5/6] libvirt: add bbappend for qoriq-ppc customizations ting.liu
2014-07-24 7:48 ` [meta-fsl-ppc][PATCH 6/6] ipsec-demo (scripts and configuration files) add recipe ting.liu
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.