Sophie

Sophie

distrib > Mageia > 5 > x86_64 > by-pkgid > 07d9982376eade7c83deb0575fd16b32 > files > 1

ipsec-tools-0.8.1-5.mga5.src.rpm

#!/bin/sh
#
# ipsec-setkey         This script set and unset ipsec rules
#
# chkconfig: 345 8 91
# description: This script set and unset ipsec rules at statup time.
#
# config: /etc/ipsec.conf

### BEGIN INIT INFO
# Provides: ipsec-setkey
# Required-Start: $network
# Required-Stop: $network
# Default-Start: 3 4 5
# Short-Description: Deal with ipsec rules
# Description: setkey adds, updates, dumps, or flushes Security Association Database
#              (SAD) entries as well as Security Policy Database (SPD) entries in the
#              kernel.
### END INIT INFO

. /etc/init.d/functions

. /etc/sysconfig/network

IPSEC_CONFIG="/etc/ipsec.conf"

if [ ! -f $IPSEC_CONFIG ]; then
    exit 0
fi

function ipsec_start() {
    gprintf "Loading %s modules:" "ipsec"
    err=0
    modprobe esp4 2>&1 >/dev/null || err=1
    modprobe ah4 2>&1 > /dev/null || err=1
    modprobe ipcomp 2>&1 > /dev/null || err=1
    if [ "$NETWORKING_IPV6" = "yes" ]; then
	    modprobe esp6 2>&1 > /dev/null || err=1
	    modprobe ah6 2>&1 > /dev/null || err=1
	    modprobe ipcomp6 2>&1 > /dev/null || err=1
    fi
    [ $err = 0 ] && success || failure
    echo
    gprintf "Starting %s:" "ipsec-setkey"
    /sbin/setkey -f $IPSEC_CONFIG
    RETVAL=$?
    if [ "$RETVAL" -eq "0" ]; then
	    touch /var/lock/subsys/ipsec-setkey
	    success
    else
	    failure
    fi
    echo
    return $[$RETVAL|$err]
}

function ipsec_stop() {
    gprintf "Stopping %s:" "ipsec-setkey"
    err=0
    /sbin/setkey -F || err=1
    /sbin/setkey -FP || err=1
    if [ "$err" -eq "0" ]; then
	    if [ -f /var/lock/subsys/ipsec-setkey ]; then
		    rm -f /var/lock/subsys/ipsec-setkey
		    success
	    else
		    failure
	    fi
    else
	    failure
    fi
    echo
    return $err
}

function ipsec_status() {
    # quite ugly, but ... well 
    /sbin/setkey -D
    /sbin/setkey -DP
    if [ -f /var/lock/subsys/ipsec-setkey ]; then
	gprintf "%s is active\n"  "Ipsec-setkey"
    else
	gprintf "%s is not active\n" "Ipsec-setkey"
    fi
    return 0
}

case "$1" in
    start)
	ipsec_start
	RETVAL=$?
	;;
    stop)
	ipsec_stop
	RETVAL=$?
	;;
    restart|reload)
	ipsec_stop
	ipsec_start
	RETVAL1=$?
	# if we have modified some rules, racoon must be restarted
	service racoon condrestart
	RETVAL2=$?
	RETVAL=$[$RETVAL1|$RETVAL2]
	;;
    condrestart)
	if [ -f /var/lock/subsys/ipsec-setkey ]; then
	    ipsec_stop
	    ipsec_start
	    RETVAL=$?
	fi
	;;
    status)
	ipsec_status
	RETVAL=$?
	;;
    *)
	gprintf "Usage: %s:\n" "$(basename $0) {start|stop|restart|status}"
	RETVAL=1
	;;
esac

exit $RETVAL

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional