search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Drop main() prototype. Syncs with NetBSD-8
[minix.git] / etc / rc.d / ipsec
blobd5fc0caf78929e33a013b1afd4dc4b6d8fdfc290
1 #!/bin/sh
2 #
3 # $NetBSD: ipsec,v 1.13 2013/09/12 19:52:50 christos Exp $
4 #
5
6 # PROVIDE: ipsec
7 # REQUIRE: root bootconf mountcritlocal tty
8 # BEFORE: DAEMON
9
10 $_rc_subr_loaded . /etc/rc.subr
11
12 name="ipsec"
13 rcvar=$name
14 start_precmd="ipsec_prestart"
15 start_cmd="ipsec_start"
16 stop_precmd="test -f /etc/ipsec.conf"
17 stop_cmd="ipsec_stop"
18 reload_cmd="ipsec_reload"
19 extra_commands="reload"
20
21 ipsec_prestart()
22 {
23 if [ ! -f /etc/ipsec.conf ]; then
24 warn "/etc/ipsec.conf not readable; ipsec start aborted."
25
26 stop_boot
27 return 1
28 fi
29 return 0
30 }
31
32 ipsec_getip() {
33 ifconfig $1 | while read what address rest; do
34 case "$what" in
35 inet) echo "$address";;
36 esac
37 done
38 }
39
40 ipsec_load() {
41 if [ -z "$1" ]; then
42 /sbin/setkey -f /etc/ipsec.conf
43 else
44 sed -e "s/@LOCAL_ADDR@/$1/" < /etc/ipsec.conf | \
45 /sbin/setkey -f -
46 fi
47 }
48
49 ipsec_configure() {
50 while true; do
51 local addr="$(ipsec_getip "$ipsec_flags")"
52 case "$addr" in
53 '') sleep 1;;
54 "0.0.0.0") sleep 1;;
55 *) ipsec_load "$addr"; return;;
56 esac
57 done &
58 }
59
60 ipsec_start()
61 {
62 echo "Installing ipsec manual keys/policies."
63 if [ -n "$ipsec_flags" ]; then
64 ipsec_configure
65 else
66 ipsec_load
67 fi
68 }
69
70 ipsec_stop()
71 {
72 echo "Clearing ipsec manual keys/policies."
73
74 # still not 100% sure if we would like to do this.
75 # it is very questionable to do this during shutdown session, since
76 # it can hang any of remaining IPv4/v6 session.
77 #
78 /sbin/setkey -F
79 /sbin/setkey -FP
80 }
81
82 ipsec_reload()
83 {
84 echo "Reloading ipsec manual keys/policies."
85 ipsec_stop
86 ipsec_start
87 }
88
89 load_rc_config $name
90 run_rc_command "$1"
MINIX 3 (repo.or.cz mirror)