ipsec revision 1.5
1#!/bin/sh 2# 3# $NetBSD: ipsec,v 1.5 2000/07/21 01:16:07 lukem Exp $ 4# 5 6# PROVIDE: ipsec 7# REQUIRE: root beforenetlkm mountcritlocal tty 8 9# it does not really require beforenetlkm. 10 11. /etc/rc.subr 12 13name="ipsec" 14start_precmd="ipsec_prestart" 15start_cmd="ipsec_start" 16stop_precmd="checkyesno ipsec && [ -f /etc/ipsec.conf ]" 17stop_cmd="ipsec_stop" 18reload_precmd="$stop_precmd" 19reload_cmd="ipsec_reload" 20extra_commands="reload" 21 22ipsec_prestart() 23{ 24 if ! checkyesno ipsec; then 25 return 1 26 fi 27 if [ ! -f /etc/ipsec.conf ]; then 28 warn "/etc/ipsec.conf not readable; ipsec start aborted." 29 # 30 # If booting directly to multiuser, send SIGTERM to 31 # the parent (/etc/rc) to abort the boot 32 # 33 if [ "$autoboot" = yes ]; then 34 echo "ERROR: ABORTING BOOT (sending SIGTERM to parent)!" 35 kill -TERM $$ 36 exit 1 37 fi 38 return 1 39 fi 40 return 0 41} 42 43ipsec_start() 44{ 45 echo "Installing ipsec manual keys/policies." 46 /sbin/setkey -f /etc/ipsec.conf 47} 48 49ipsec_stop() 50{ 51 echo "Clearing ipsec manual keys/policies." 52 53 # still not 100% sure if we would like to do this. 54 # it is very questionable to do this during shutdown session, since 55 # it can hang any of remaining IPv4/v6 session. 56 # 57 /sbin/setkey -F 58 /sbin/setkey -FP 59} 60 61ipsec_reload() 62{ 63 echo "Reloading ipsec manual keys/policies." 64 /sbin/setkey -F 65 /sbin/setkey -FP 66 /sbin/setkey -f /etc/ipsec.conf 67} 68 69load_rc_config $name 70run_rc_command "$1" 71