1#!/bin/sh 2# 3# $NetBSD: ipsec,v 1.8 2004/08/13 18:08:03 mycroft Exp $ 4# 5 6# PROVIDE: ipsec 7# REQUIRE: root beforenetlkm mountcritlocal tty 8# BEFORE: DAEMON 9 10# it does not really require beforenetlkm. 11 12$_rc_subr_loaded . /etc/rc.subr 13 14name="ipsec" 15rcvar=$name 16start_precmd="ipsec_prestart" 17start_cmd="ipsec_start" 18stop_precmd="test -f /etc/ipsec.conf" 19stop_cmd="ipsec_stop" 20reload_cmd="ipsec_reload" 21extra_commands="reload" 22 23ipsec_prestart() 24{ 25 if [ ! -f /etc/ipsec.conf ]; then 26 warn "/etc/ipsec.conf not readable; ipsec start aborted." 27 # 28 # If booting directly to multiuser, send SIGTERM to 29 # the parent (/etc/rc) to abort the boot 30 # 31 if [ "$autoboot" = yes ]; then 32 echo "ERROR: ABORTING BOOT (sending SIGTERM to parent)!" 33 kill -TERM $$ 34 exit 1 35 fi 36 return 1 37 fi 38 return 0 39} 40 41ipsec_start() 42{ 43 echo "Installing ipsec manual keys/policies." 44 /sbin/setkey -f /etc/ipsec.conf 45} 46 47ipsec_stop() 48{ 49 echo "Clearing ipsec manual keys/policies." 50 51 # still not 100% sure if we would like to do this. 52 # it is very questionable to do this during shutdown session, since 53 # it can hang any of remaining IPv4/v6 session. 54 # 55 /sbin/setkey -F 56 /sbin/setkey -FP 57} 58 59ipsec_reload() 60{ 61 echo "Reloading ipsec manual keys/policies." 62 /sbin/setkey -F 63 /sbin/setkey -FP 64 /sbin/setkey -f /etc/ipsec.conf 65} 66 67load_rc_config $name 68run_rc_command "$1" 69