move more extra packages from ./trunk to ./packages
git-svn-id: svn://svn.openwrt.org/openwrt/packages@12359 3c298f89-4303-0410-b956-a3cf2f4a3e73
This commit is contained in:
nico
158
net/openswan/files/ipsec.init
Executable file
158
net/openswan/files/ipsec.init
Executable file
@ -0,0 +1,158 @@
|
||||
#!/bin/sh /etc/rc.common
|
||||
# IPsec startup and shutdown script
|
||||
# Copyright (C) 1998, 1999, 2001 Henry Spencer.
|
||||
# Copyright (C) 2002 Michael Richardson <mcr@freeswan.org>
|
||||
# Copyright (C) 2006 OpenWrt.org
|
||||
#
|
||||
# This program is free software; you can redistribute it and/or modify it
|
||||
# under the terms of the GNU General Public License as published by the
|
||||
# Free Software Foundation; either version 2 of the License, or (at your
|
||||
# option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
|
||||
#
|
||||
# This program is distributed in the hope that it will be useful, but
|
||||
# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
||||
# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
||||
# for more details.
|
||||
#
|
||||
# RCSID $Id: setup.in,v 1.122.6.1 2005/07/25 19:17:03 ken Exp $
|
||||
#
|
||||
# ipsec init.d script for starting and stopping
|
||||
# the IPsec security subsystem (KLIPS and Pluto).
|
||||
#
|
||||
# This script becomes /etc/rc.d/init.d/ipsec (or possibly /etc/init.d/ipsec)
|
||||
# and is also accessible as "ipsec setup" (the preferred route for human
|
||||
# invocation).
|
||||
#
|
||||
# The startup and shutdown times are a difficult compromise (in particular,
|
||||
# it is almost impossible to reconcile them with the insanely early/late
|
||||
# times of NFS filesystem startup/shutdown). Startup is after startup of
|
||||
# syslog and pcmcia support; shutdown is just before shutdown of syslog.
|
||||
#
|
||||
# chkconfig: 2345 47 76
|
||||
# description: IPsec provides encrypted and authenticated communications; \
|
||||
# KLIPS is the kernel half of it, Pluto is the user-level management daemon.
|
||||
|
||||
START=60
|
||||
script_init() {
|
||||
me='ipsec setup' # for messages
|
||||
|
||||
# where the private directory and the config files are
|
||||
IPSEC_EXECDIR="${IPSEC_EXECDIR-/usr/libexec/ipsec}"
|
||||
IPSEC_LIBDIR="${IPSEC_LIBDIR-/usr/lib/ipsec}"
|
||||
IPSEC_SBINDIR="${IPSEC_SBINDIR-/usr/sbin}"
|
||||
IPSEC_CONFS="${IPSEC_CONFS-/etc}"
|
||||
|
||||
if test " $IPSEC_DIR" = " " # if we were not called by the ipsec command
|
||||
then
|
||||
# we must establish a suitable PATH ourselves
|
||||
PATH="${IPSEC_SBINDIR}":/sbin:/usr/sbin:/usr/local/bin:/bin:/usr/bin
|
||||
export PATH
|
||||
|
||||
IPSEC_DIR="$IPSEC_LIBDIR"
|
||||
export IPSEC_DIR IPSEC_CONFS IPSEC_LIBDIR IPSEC_EXECDIR
|
||||
fi
|
||||
|
||||
# Check that the ipsec command is available.
|
||||
found=
|
||||
for dir in `echo $PATH | tr ':' ' '`
|
||||
do
|
||||
if test -f $dir/ipsec -a -x $dir/ipsec
|
||||
then
|
||||
found=yes
|
||||
break # NOTE BREAK OUT
|
||||
fi
|
||||
done
|
||||
if ! test "$found"
|
||||
then
|
||||
echo "cannot find ipsec command -- \`$1' aborted" |
|
||||
logger -s -p daemon.error -t ipsec_setup
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Pick up IPsec configuration (until we have done this, successfully, we
|
||||
# do not know where errors should go, hence the explicit "daemon.error"s.)
|
||||
# Note the "--export", which exports the variables created.
|
||||
eval `ipsec _confread $config --optional --varprefix IPSEC --export --type config setup`
|
||||
|
||||
if test " $IPSEC_confreadstatus" != " "
|
||||
then
|
||||
case $1 in
|
||||
stop|--stop|_autostop)
|
||||
echo "$IPSEC_confreadstatus -- \`$1' may not work" |
|
||||
logger -s -p daemon.error -t ipsec_setup;;
|
||||
|
||||
*) echo "$IPSEC_confreadstatus -- \`$1' aborted" |
|
||||
logger -s -p daemon.error -t ipsec_setup;
|
||||
exit 1;;
|
||||
esac
|
||||
fi
|
||||
|
||||
IPSEC_confreadsection=${IPSEC_confreadsection:-setup}
|
||||
export IPSEC_confreadsection
|
||||
|
||||
IPSECsyslog=${IPSECsyslog-daemon.error}
|
||||
export IPSECsyslog
|
||||
|
||||
# misc setup
|
||||
umask 022
|
||||
|
||||
mkdir -p /var/run/pluto
|
||||
}
|
||||
|
||||
script_command() {
|
||||
if [ "${USER}" != "root" ]
|
||||
then
|
||||
echo "permission denied (must be superuser)" |
|
||||
logger -s -p $IPSECsyslog -t ipsec_setup 2>&1
|
||||
exit 1
|
||||
fi
|
||||
# make sure all required directories exist
|
||||
if [ ! -d /var/run/pluto ]
|
||||
then
|
||||
mkdir -p /var/run/pluto
|
||||
fi
|
||||
if [ ! -d /var/lock/subsys ]
|
||||
then
|
||||
mkdir -p /var/lock/subsys
|
||||
fi
|
||||
tmp=/var/run/pluto/ipsec_setup.st
|
||||
outtmp=/var/run/pluto/ipsec_setup.out
|
||||
(
|
||||
ipsec _realsetup $1
|
||||
echo "$?" >$tmp
|
||||
) > ${outtmp} 2>&1
|
||||
st=$?
|
||||
if test -f $tmp
|
||||
then
|
||||
st=`cat $tmp`
|
||||
rm -f $tmp
|
||||
fi
|
||||
if [ -f ${outtmp} ]; then
|
||||
cat ${outtmp} | logger -s -p $IPSECsyslog -t ipsec_setup 2>&1
|
||||
rm -f ${outtmp}
|
||||
fi
|
||||
}
|
||||
|
||||
|
||||
start() {
|
||||
script_init start "$@"
|
||||
script_command start "$@"
|
||||
}
|
||||
|
||||
stop() {
|
||||
script_init stop "$@"
|
||||
script_command stop "$@"
|
||||
}
|
||||
|
||||
restart() {
|
||||
script_init stop "$@"
|
||||
script_command stop "$@"
|
||||
script_command start "$@"
|
||||
}
|
||||
|
||||
status() {
|
||||
script_init status "$@"
|
||||
ipsec _realsetup status
|
||||
}
|
||||
EXTRA_COMMANDS=status
|
||||
EXTRA_HELP=" status Show the status of the service"
|
||||
Reference in New Issue
Block a user