Module Name: src
Committed By: christos
Date: Fri Jun 14 16:37:55 UTC 2013
Modified Files:
src/etc/rc.d: ipsec
Log Message:
if ipsec_flags is given, treat it as an interface name and change @LOCAL_ADDR@
to the IP address for it. This makes dynamic addresses work during autoconf.
Also while here in restart, re-use start and stop instead of duplicating them.
To generate a diff of this commit:
cvs rdiff -u -r1.11 -r1.12 src/etc/rc.d/ipsec
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/etc/rc.d/ipsec
diff -u src/etc/rc.d/ipsec:1.11 src/etc/rc.d/ipsec:1.12
--- src/etc/rc.d/ipsec:1.11 Sat Nov 22 15:23:33 2008
+++ src/etc/rc.d/ipsec Fri Jun 14 12:37:55 2013
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# $NetBSD: ipsec,v 1.11 2008/11/22 20:23:33 tsutsui Exp $
+# $NetBSD: ipsec,v 1.12 2013/06/14 16:37:55 christos Exp $
#
# PROVIDE: ipsec
@@ -29,10 +29,23 @@ ipsec_prestart()
return 0
}
+ipsec_getip() {
+ ifconfig $1 | while read what address rest; do
+ case "$what" in
+ inet) echo "$address";;
+ esac
+ done
+}
+
ipsec_start()
{
echo "Installing ipsec manual keys/policies."
- /sbin/setkey -f /etc/ipsec.conf
+ if [ -n "$ipsec_flags" ]; then
+ sed -e "s/@LOCAL_ADDR@/$(ipsec_getip "$ipsec_flags")/" \
+ < /etc/ipsec.conf | /sbin/setkey -f -
+ else
+ /sbin/setkey -f /etc/ipsec.conf
+ fi
}
ipsec_stop()
@@ -50,9 +63,8 @@ ipsec_stop()
ipsec_reload()
{
echo "Reloading ipsec manual keys/policies."
- /sbin/setkey -F
- /sbin/setkey -FP
- /sbin/setkey -f /etc/ipsec.conf
+ ipsec_stop
+ ipsec_start
}
load_rc_config $name
