ipsec revision 78344
1#!/bin/sh 2# 3# $NetBSD: ipsec,v 1.5 2000/07/21 01:16:07 lukem Exp $ 4# 5 6# PROVIDE: ipsec 7# REQUIRE: root beforenetlkm mountcritlocal tty 8 9# it does not really require beforenetlkm. 10 11. /etc/rc.subr 12 13name="ipsec" 14rcvar=$name 15start_precmd="ipsec_prestart" 16start_cmd="ipsec_start" 17stop_precmd="test -f /etc/ipsec.conf" 18stop_cmd="ipsec_stop" 19reload_cmd="ipsec_reload" 20extra_commands="reload" 21 22ipsec_prestart() 23{ 24 if [ ! -f /etc/ipsec.conf ]; then 25 warn "/etc/ipsec.conf not readable; ipsec start aborted." 26 # 27 # If booting directly to multiuser, send SIGTERM to 28 # the parent (/etc/rc) to abort the boot 29 # 30 if [ "$autoboot" = yes ]; then 31 echo "ERROR: ABORTING BOOT (sending SIGTERM to parent)!" 32 kill -TERM $$ 33 exit 1 34 fi 35 return 1 36 fi 37 return 0 38} 39 40ipsec_start() 41{ 42 echo "Installing ipsec manual keys/policies." 43 /sbin/setkey -f /etc/ipsec.conf 44} 45 46ipsec_stop() 47{ 48 echo "Clearing ipsec manual keys/policies." 49 50 # still not 100% sure if we would like to do this. 51 # it is very questionable to do this during shutdown session, since 52 # it can hang any of remaining IPv4/v6 session. 53 # 54 /sbin/setkey -F 55 /sbin/setkey -FP 56} 57 58ipsec_reload() 59{ 60 echo "Reloading ipsec manual keys/policies." 61 /sbin/setkey -F 62 /sbin/setkey -FP 63 /sbin/setkey -f /etc/ipsec.conf 64} 65 66load_rc_config $name 67run_rc_command "$1" 68