./loadbob adjusting ipsec.d to ../../../functional/10-defaultroute/bob
./loadbob loading secrets from "../../../functional/10-defaultroute/bob.secrets"
./loadbob   loaded private key file '../../../functional/10-defaultroute/bob/private/bobKey.pem' (1675 bytes)
./loadbob loaded private key for keyid: PPK_RSA:AwEAAbXtb
| processing whack message of size: A
| processing whack message of size: A
processing whack msg time: X size: Y
| find_host_pair: looking for me=<none>:500 %any him=<none>:500 any-match
| find_host_pair: concluded with <none>
| found_host_pair_conn (check_connection_end): %any:500 %any/%any:500 -> hp:none
| find_host_pair: looking for me=<none>:500 %any him=<none>:500 any-match
| find_host_pair: concluded with <none>
| found_host_pair_conn (check_connection_end): %any:500 %any/%any:500 -> hp:none
| Added new connection nat-t with policy RSASIG+ENCRYPT+TUNNEL+PFS+IKEv2ALLOW+SAREFTRACK
./loadbob   loading certificate from bobCert.pem
./loadbob   loaded host cert file '../../../functional/10-defaultroute/bob/certs/bobCert.pem' (1489 bytes)
| certificate is valid
| counting wild cards for bob@strongswan.org is 0
| counting wild cards for (none) is 15
| orient nat-t checking against if: eth0 (AF_INET:10.2.0.10:500)
| orient nat-t matching on public/private keys: this=no[%any] that=yes[%defaultroute]
|   orient nat-t matched on that having private key
|   picking maching interface for family[0,0]: <family:0> resulted in: 10.2.0.10
|   orient nat-t finished with: 1 [10.2.0.10]
| find_host_pair: looking for me=<invalid>:500 %any him=<invalid>:500 exact-match
| find_host_pair: concluded with <none>
| connect_to_host_pair: <invalid>:500 %any <invalid>:500 -> hp:none
| find_ID_host_pair: looking for me=bob@strongswan.org him=<any> (exact)
|   concluded with <none>
./loadbob adding connection: "nat-t"
| %any[bob@strongswan.org]...%any===10.1.0.0/16
| ike_life: 3600s; ipsec_life: 1200s; rekey_margin: 180s; rekey_fuzz: 100%; keyingtries: 1; policy: RSASIG+ENCRYPT+TUNNEL+PFS+IKEv2ALLOW+SAREFTRACK
RC=0 "nat-t": %any[bob@strongswan.org]...%any===10.1.0.0/16; unrouted; eroute owner: #0
RC=0 "nat-t":     myip=unset; hisip=unset; mycert=bobCert.pem;
RC=0 "nat-t":   CAs: 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA'...'%any'
RC=0 "nat-t":   ike_life: 3600s; ipsec_life: 1200s; rekey_margin: 180s; rekey_fuzz: 100%; keyingtries: 1
RC=0 "nat-t":   policy: RSASIG+ENCRYPT+TUNNEL+PFS+IKEv2ALLOW+SAREFTRACK+lKOD+rKOD; prio: 16,0; interface: eth0; kind=CK_PERMANENT
|   orient nat-t finished with: 1 [10.2.0.10]
./loadbob deleting connection
| pass 0: considering CHILD SAs to delete
| pass 1: considering PARENT SAs to delete
./loadbob leak: issuer dn, item size: X
./loadbob leak: keep id name, item size: X
./loadbob leak: pubkey entry, item size: X
./loadbob leak: pubkey, item size: X
./loadbob leak: issuer dn, item size: X
./loadbob leak: keep id name, item size: X
./loadbob leak: pubkey entry, item size: X
./loadbob leak: pubkey, item size: X
./loadbob leak: certificate filename, item size: X
./loadbob leak: 2 * id list, item size: X
./loadbob leak: secret, item size: X
./loadbob leak: policies path, item size: X
./loadbob leak: ocspcerts path, item size: X
./loadbob leak: aacerts path, item size: X
./loadbob leak: certs path, item size: X
./loadbob leak: private path, item size: X
./loadbob leak: crls path, item size: X
./loadbob leak: cacert path, item size: X
./loadbob leak: acert path, item size: X
./loadbob leak: override ipsec.d, item size: X
./loadbob leak: default conf var_dir, item size: X
./loadbob leak: default conf conffile, item size: X
./loadbob leak: default conf ipsecd_dir, item size: X
./loadbob leak: default conf ipsec_conf_dir, item size: X
./loadbob leak detective found Z leaks, total size X
Pre-amble (offset: X): #!-pluto-whack-file- recorded on FOO
processing nat-t
