ipsec revision 1.11.8.1
1 #!/bin/sh 2 # 3 # $NetBSD: ipsec,v 1.11.8.1 2014/05/22 11:27:20 yamt Exp $ 4 # 5 6 # PROVIDE: ipsec 7 # REQUIRE: root bootconf mountcritlocal tty 8 # BEFORE: DAEMON 9 10 $_rc_subr_loaded . /etc/rc.subr 11 12 name="ipsec" 13 rcvar=$name 14 start_precmd="ipsec_prestart" 15 start_cmd="ipsec_start" 16 stop_precmd="test -f /etc/ipsec.conf" 17 stop_cmd="ipsec_stop" 18 reload_cmd="ipsec_reload" 19 extra_commands="reload" 20 21 ipsec_prestart() 22 { 23 if [ ! -f /etc/ipsec.conf ]; then 24 warn "/etc/ipsec.conf not readable; ipsec start aborted." 25 26 stop_boot 27 return 1 28 fi 29 return 0 30 } 31 32 ipsec_getip() { 33 ifconfig $1 | while read what address rest; do 34 case "$what" in 35 inet) echo "$address";; 36 esac 37 done 38 } 39 40 ipsec_load() { 41 if [ -z "$1" ]; then 42 /sbin/setkey -f /etc/ipsec.conf 43 else 44 sed -e "s/@LOCAL_ADDR@/$1/" < /etc/ipsec.conf | \ 45 /sbin/setkey -f - 46 fi 47 } 48 49 ipsec_configure() { 50 while true; do 51 local addr="$(ipsec_getip "$ipsec_flags")" 52 case "$addr" in 53 '') sleep 1;; 54 "0.0.0.0") sleep 1;; 55 *) ipsec_load "$addr"; return;; 56 esac 57 done & 58 } 59 60 ipsec_start() 61 { 62 echo "Installing ipsec manual keys/policies." 63 if [ -n "$ipsec_flags" ]; then 64 ipsec_configure 65 else 66 ipsec_load 67 fi 68 } 69 70 ipsec_stop() 71 { 72 echo "Clearing ipsec manual keys/policies." 73 74 # still not 100% sure if we would like to do this. 75 # it is very questionable to do this during shutdown session, since 76 # it can hang any of remaining IPv4/v6 session. 77 # 78 /sbin/setkey -F 79 /sbin/setkey -FP 80 } 81 82 ipsec_reload() 83 { 84 echo "Reloading ipsec manual keys/policies." 85 ipsec_stop 86 ipsec_start 87 } 88 89 load_rc_config $name 90 run_rc_command "$1" 91
Indexes created Tue Oct 28 02:10:10 GMT 2025