1afce00360
in keeping the scripts under rc.d in sync with us. So, begin removal of NetBSD specific stuff (which made our scripts more complicated than necessary), starting with the NetBSD KEYWORD.
82 lines
1.5 KiB
Bash
Executable File
82 lines
1.5 KiB
Bash
Executable File
#!/bin/sh
|
|
#
|
|
# $NetBSD: ipsec,v 1.7 2002/03/22 04:33:58 thorpej Exp $
|
|
# $FreeBSD$
|
|
#
|
|
|
|
# PROVIDE: ipsec
|
|
# REQUIRE: root beforenetlkm mountcritlocal
|
|
# BEFORE: DAEMON
|
|
# KEYWORD: FreeBSD
|
|
|
|
# it does not really require beforenetlkm.
|
|
|
|
. /etc/rc.subr
|
|
|
|
name="ipsec"
|
|
rcvar=`set_rcvar`
|
|
start_precmd="ipsec_prestart"
|
|
start_cmd="ipsec_start"
|
|
stop_precmd="test -f /etc/ipsec.conf"
|
|
stop_cmd="ipsec_stop"
|
|
reload_cmd="ipsec_reload"
|
|
extra_commands="reload"
|
|
|
|
case ${OSTYPE} in
|
|
FreeBSD)
|
|
ipsec_program="/usr/sbin/setkey"
|
|
# ipsec_file is set by rc.conf
|
|
;;
|
|
NetBSD)
|
|
ipsec_program="/sbin/setkey"
|
|
ipsec_file="/etc/ipsec.conf"
|
|
;;
|
|
esac
|
|
|
|
ipsec_prestart()
|
|
{
|
|
if [ ! -f "$ipsec_file" ]; then
|
|
warn "$ipsec_file not readable; ipsec start aborted."
|
|
#
|
|
# If booting directly to multiuser, send SIGTERM to
|
|
# the parent (/etc/rc) to abort the boot
|
|
#
|
|
if [ "$autoboot" = yes ]; then
|
|
echo "ERROR: ABORTING BOOT (sending SIGTERM to parent)!"
|
|
kill -TERM $$
|
|
exit 1
|
|
fi
|
|
return 1
|
|
fi
|
|
return 0
|
|
}
|
|
|
|
ipsec_start()
|
|
{
|
|
echo "Installing ipsec manual keys/policies."
|
|
${ipsec_program} -f $ipsec_file
|
|
}
|
|
|
|
ipsec_stop()
|
|
{
|
|
echo "Clearing ipsec manual keys/policies."
|
|
|
|
# still not 100% sure if we would like to do this.
|
|
# it is very questionable to do this during shutdown session, since
|
|
# it can hang any of remaining IPv4/v6 session.
|
|
#
|
|
${ipsec_program} -F
|
|
${ipsec_program} -FP
|
|
}
|
|
|
|
ipsec_reload()
|
|
{
|
|
echo "Reloading ipsec manual keys/policies."
|
|
${ipsec_program} -F
|
|
${ipsec_program} -FP
|
|
${ipsec_program} -f "$ipsec_file"
|
|
}
|
|
|
|
load_rc_config $name
|
|
run_rc_command "$1"
|