ipsec revision 1.12
1#!/bin/sh 2# 3# $NetBSD: ipsec,v 1.12 2013/06/14 16:37:55 christos Exp $ 4# 5 6# PROVIDE: ipsec 7# REQUIRE: root bootconf mountcritlocal tty 8# BEFORE: DAEMON 9 10$_rc_subr_loaded . /etc/rc.subr 11 12name="ipsec" 13rcvar=$name 14start_precmd="ipsec_prestart" 15start_cmd="ipsec_start" 16stop_precmd="test -f /etc/ipsec.conf" 17stop_cmd="ipsec_stop" 18reload_cmd="ipsec_reload" 19extra_commands="reload" 20 21ipsec_prestart() 22{ 23 if [ ! -f /etc/ipsec.conf ]; then 24 warn "/etc/ipsec.conf not readable; ipsec start aborted." 25 26 stop_boot 27 return 1 28 fi 29 return 0 30} 31 32ipsec_getip() { 33 ifconfig $1 | while read what address rest; do 34 case "$what" in 35 inet) echo "$address";; 36 esac 37 done 38} 39 40ipsec_start() 41{ 42 echo "Installing ipsec manual keys/policies." 43 if [ -n "$ipsec_flags" ]; then 44 sed -e "s/@LOCAL_ADDR@/$(ipsec_getip "$ipsec_flags")/" \ 45 < /etc/ipsec.conf | /sbin/setkey -f - 46 else 47 /sbin/setkey -f /etc/ipsec.conf 48 fi 49} 50 51ipsec_stop() 52{ 53 echo "Clearing ipsec manual keys/policies." 54 55 # still not 100% sure if we would like to do this. 56 # it is very questionable to do this during shutdown session, since 57 # it can hang any of remaining IPv4/v6 session. 58 # 59 /sbin/setkey -F 60 /sbin/setkey -FP 61} 62 63ipsec_reload() 64{ 65 echo "Reloading ipsec manual keys/policies." 66 ipsec_stop 67 ipsec_start 68} 69 70load_rc_config $name 71run_rc_command "$1" 72