bakabtw/packages
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[packages] strongswan: introduce /etc/ipsec.user file

Browse Source 
enable user to add their own ip (or other) rules using
/etc/ipsec.user file on events like IPsec tunnel state change

Signed-off-by: Luka Perkov <luka@openwrt.org>

git-svn-id: svn://svn.openwrt.org/openwrt/packages@36462 3c298f89-4303-0410-b956-a3cf2f4a3e73
This commit is contained in:
luka 2013-04-26 23:53:56 +00:00
parent bdb4c63f61
commit 7e30a29dfd
3 changed files with 27 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
net/strongswan/Makefile
View File

@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=strongswan
PKG_VERSION:=5.0.2
PKG_RELEASE:=1
PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=http://download.strongswan.org/
@ -346,6 +346,7 @@ EXTRA_LDFLAGS+= -Wl,-rpath-link,$(STAGING_DIR)/usr/lib
define Package/strongswan/conffiles
/etc/ipsec.conf
/etc/ipsec.secrets
/etc/ipsec.user
/etc/strongswan.conf
endef
@ -427,6 +428,8 @@ define Plugin/updown/install
$(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins
$(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/{_updown,_updown_espmark} $(1)/usr/lib/ipsec/
$(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-updown.so $(1)/usr/lib/ipsec/plugins/
$(INSTALL_DIR) $(1)/etc
$(INSTALL_CONF) ./files/ipsec.user $(1)/etc/
endef
define Plugin/whitelist/install

6
net/strongswan/files/ipsec.user Normal file
View File

@ -0,0 +1,6 @@
# This file is interpreted as shell script.
# Put your custom ip rules here, they will
# be executed with each call to the script
# /usr/lib/ipsec/_updown which by default
# strongswan executes.

17
net/strongswan/patches/300-include-ipsec-user-script.patch Normal file
View File

@ -0,0 +1,17 @@
--- a/src/_updown/_updown.in
+++ b/src/_updown/_updown.in
@@ -16,11 +16,9 @@
# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
# for more details.
-# CAUTION: Installing a new version of strongSwan will install a new
-# copy of this script, wiping out any custom changes you make. If
-# you need changes, make a copy of this under another name, and customize
-# that, and use the (left/right)updown parameters in ipsec.conf to make
-# strongSwan use yours instead of this default one.
+# Add your custom ip rules to the /etc/ipsec.user file if you need that functionality.
+
+[ -e /etc/ipsec.user ] && . /etc/ipsec.user "$1"
# things that this script gets (from ipsec_pluto(8) man page)
#