ipsec revision 1.1
1 #!/bin/sh 2 # 3 # $NetBSD: ipsec,v 1.1 2000/06/13 16:29:54 itojun Exp $ 4 # 5 6 # PROVIDE: ipsec 7 # REQUIRE: root beforenetlkm mountcritlocal tty 8 9 # it does not really require beforenetlkm. 10 11 . /etc/rc.subr 12 13 name="ipsec" 14 start_cmd="ipsec_start" 15 stop_precmd="checkyesno ipsec && [ -f /etc/ipsec.conf ]" 16 stop_cmd="ipsec_stop" 17 reload_precmd="$stop_precmd" 18 reload_cmd="ipsec_reload" 19 extra_commands="reload" 20 21 ipsec_start() 22 { 23 if ! checkyesno ipsec; then 24 return 0 25 fi 26 27 # if /etc/ipsec.conf isn't readable, abort the boot rather 28 # than risk a security problem 29 # 30 if [ ! -f /etc/ipsec.conf ]; then 31 err 1 "/etc/ipsec.conf not readable; ipsec start aborted." 32 fi 33 echo "Installing ipsec manual keys/policies." 34 /sbin/setkey -f /etc/ipsec.conf 35 } 36 37 ipsec_stop() 38 { 39 echo "Clearing ipesc manual keys/policies." 40 41 # still not 100% sure if we would like to do this. 42 # it is very questionable to do this during shutdown session, since 43 # it can hang any of remaining IPv4/v6 session. 44 # 45 /sbin/setkey -F 46 /sbin/setkey -FP 47 } 48 49 ipsec_reload() 50 { 51 echo "Reloading ipsec manual keys/policies." 52 /sbin/setkey -F 53 /sbin/setkey -FP 54 /sbin/setkey -f /etc/ipsec.conf 55 } 56 57 load_rc_config $name 58 run_rc_command "$1" 59
Indexes created Thu Oct 30 23:09:54 GMT 2025