ipsec revision 1.3
1 #!/bin/sh 2 # 3 # $NetBSD: ipsec,v 1.3 2000/06/14 03:24:16 itojun Exp $ 4 # 5 6 # PROVIDE: ipsec 7 # REQUIRE: root beforenetlkm mountcritlocal tty 8 9 # it does not really require beforenetlkm. 10 11 . /etc/rc.subr 12 13 name="ipsec" 14 start_cmd="ipsec_start" 15 stop_precmd="checkyesno ipsec && [ -f /etc/ipsec.conf ]" 16 stop_cmd="ipsec_stop" 17 reload_precmd="$stop_precmd" 18 reload_cmd="ipsec_reload" 19 extra_commands="reload" 20 21 ipsec_start() 22 { 23 if ! checkyesno ipsec; then 24 return 0 25 fi 26 27 # if /etc/ipsec.conf isn't readable, abort the boot rather 28 # than risk a security problem 29 # 30 if [ ! -f /etc/ipsec.conf ]; then 31 err 1 "/etc/ipsec.conf not readable; ipsec start aborted." 32 fi 33 # XXX should check if ipsec.conf is secure enough 34 # 35 echo "Installing ipsec manual keys/policies." 36 /sbin/setkey -f /etc/ipsec.conf 37 } 38 39 ipsec_stop() 40 { 41 echo "Clearing ipsec manual keys/policies." 42 43 # still not 100% sure if we would like to do this. 44 # it is very questionable to do this during shutdown session, since 45 # it can hang any of remaining IPv4/v6 session. 46 # 47 /sbin/setkey -F 48 /sbin/setkey -FP 49 } 50 51 ipsec_reload() 52 { 53 echo "Reloading ipsec manual keys/policies." 54 /sbin/setkey -F 55 /sbin/setkey -FP 56 /sbin/setkey -f /etc/ipsec.conf 57 } 58 59 load_rc_config $name 60 run_rc_command "$1" 61
Indexes created Mon Oct 27 20:09:55 GMT 2025