Home | History | Annotate | Line # | Download | only in rc.d
ipsec revision 1.3.2.1 
      1      1.1  itojun #!/bin/sh
      2      1.1  itojun #
      3  1.3.2.1   lukem # $NetBSD: ipsec,v 1.3.2.1 2000/08/09 18:47:13 lukem Exp $
      4      1.1  itojun #
      5      1.1  itojun 
      6      1.1  itojun # PROVIDE: ipsec
      7      1.1  itojun # REQUIRE: root beforenetlkm mountcritlocal tty
      8      1.1  itojun 
      9      1.1  itojun #	it does not really require beforenetlkm.
     10      1.1  itojun 
     11      1.1  itojun . /etc/rc.subr
     12      1.1  itojun 
     13      1.1  itojun name="ipsec"
     14  1.3.2.1   lukem start_precmd="ipsec_prestart"
     15      1.1  itojun start_cmd="ipsec_start"
     16      1.1  itojun stop_precmd="checkyesno ipsec && [ -f /etc/ipsec.conf ]"
     17      1.1  itojun stop_cmd="ipsec_stop"
     18      1.1  itojun reload_precmd="$stop_precmd"
     19      1.1  itojun reload_cmd="ipsec_reload"
     20      1.1  itojun extra_commands="reload"
     21      1.1  itojun 
     22  1.3.2.1   lukem ipsec_prestart()
     23      1.1  itojun {
     24      1.1  itojun 	if ! checkyesno ipsec; then
     25  1.3.2.1   lukem 		return 1
     26      1.1  itojun 	fi
     27      1.1  itojun 	if [ ! -f /etc/ipsec.conf ]; then
     28  1.3.2.1   lukem 		warn "/etc/ipsec.conf not readable; ipsec start aborted."
     29  1.3.2.1   lukem 			#
     30  1.3.2.1   lukem 			# If booting directly to multiuser, send SIGTERM to
     31  1.3.2.1   lukem 			# the parent (/etc/rc) to abort the boot
     32  1.3.2.1   lukem 			#
     33  1.3.2.1   lukem 		if [ "$autoboot" = yes ]; then
     34  1.3.2.1   lukem 			echo "ERROR: ABORTING BOOT (sending SIGTERM to parent)!"
     35  1.3.2.1   lukem 			kill -TERM $$
     36  1.3.2.1   lukem 			exit 1
     37  1.3.2.1   lukem 		fi
     38  1.3.2.1   lukem 		return 1
     39      1.1  itojun 	fi
     40  1.3.2.1   lukem 	return 0
     41  1.3.2.1   lukem }
     42  1.3.2.1   lukem 
     43  1.3.2.1   lukem ipsec_start()
     44  1.3.2.1   lukem {
     45      1.1  itojun 	echo "Installing ipsec manual keys/policies."
     46      1.1  itojun 	/sbin/setkey -f /etc/ipsec.conf
     47      1.1  itojun }
     48      1.1  itojun 
     49      1.1  itojun ipsec_stop()
     50      1.1  itojun {
     51      1.3  itojun 	echo "Clearing ipsec manual keys/policies."
     52      1.1  itojun 
     53      1.1  itojun 	# still not 100% sure if we would like to do this.
     54      1.1  itojun 	# it is very questionable to do this during shutdown session, since
     55      1.1  itojun 	# it can hang any of remaining IPv4/v6 session.
     56      1.1  itojun 	#
     57      1.1  itojun 	/sbin/setkey -F
     58      1.1  itojun 	/sbin/setkey -FP
     59      1.1  itojun }
     60      1.1  itojun 
     61      1.1  itojun ipsec_reload()
     62      1.1  itojun {
     63      1.1  itojun 	echo "Reloading ipsec manual keys/policies."
     64      1.1  itojun 	/sbin/setkey -F
     65      1.1  itojun 	/sbin/setkey -FP
     66      1.1  itojun 	/sbin/setkey -f /etc/ipsec.conf
     67      1.1  itojun }
     68      1.1  itojun 
     69      1.1  itojun load_rc_config $name
     70      1.1  itojun run_rc_command "$1"
     71