Add a means of starting an IKE daemon from the rc system at an appropriate

time during the boot process. This is needed in the case where NFS mounts from servers reachable only via IPSEC are in /etc/fstab. PR: conf/42497 Submitted by: Volker Stolz Approved by: re (rwatson)
2003-11-28 17:28:42 +00:00 · 2003-11-28 17:28:42 +00:00 · a2ed0b4e3d
commit a2ed0b4e3d
parent cd6c4060c8
2 changed files with 21 additions and 0 deletions
--- a/etc/defaults/rc.conf
+++ b/etc/defaults/rc.conf
@ -71,6 +71,9 @@ firewall_logging="NO"		# Set to YES to enable events logging
 firewall_flags=""		# Flags passed to ipfw when type is a file
 ip_portrange_first="NO"		# Set first dynamically allocated port
 ip_portrange_last="NO"		# Set last dynamically allocated port
+ike_enable="NO"			# Enable IKE daemon (usually racoon or isakmpd)
+ike_program="/usr/local/sbin/isakmpd"	# Path to IKE daemon
+ike_flags=""			# Additional flags for IKE daemon
 ipsec_enable="NO"		# Set to YES to run setkey on ipsec_file
 ipsec_file="/etc/ipsec.conf"	# Name of config file for setkey
 natd_program="/sbin/natd"	# path to natd, if you want a different one.
--- a/etc/rc.d/ike
+++ b/etc/rc.d/ike
@ -0,0 +1,18 @@
+#!/bin/sh
+#
+# $FreeBSD$
+#
+
+# PROVIDE: ike
+# REQUIRE: root beforenetlkm mountcritlocal
+# BEFORE:  DAEMON
+# KEYWORD: FreeBSD
+
+. /etc/rc.subr
+
+name="ike"
+rcvar=`set_rcvar`
+extra_commands="reload"
+
+load_rc_config $name
+run_rc_command "$1"