IPSEC_PIDDIR="@IPSEC_PIDDIR@"
IPSEC_STARTER_PID="${IPSEC_PIDDIR}/starter.pid"
-IPSEC_PLUTO_PID="${IPSEC_PIDDIR}/pluto.pid"
IPSEC_CHARON_PID="${IPSEC_PIDDIR}/charon.pid"
-IPSEC_WHACK="${IPSEC_DIR}/whack"
IPSEC_STROKE="${IPSEC_DIR}/stroke"
IPSEC_STARTER="${IPSEC_DIR}/starter"
-export IPSEC_DIR IPSEC_SBINDIR IPSEC_CONFDIR IPSEC_PIDDIR IPSEC_VERSION IPSEC_NAME IPSEC_STARTER_PID IPSEC_PLUTO_PID IPSEC_CHARON_PID
+export IPSEC_DIR IPSEC_SBINDIR IPSEC_CONFDIR IPSEC_PIDDIR IPSEC_VERSION IPSEC_NAME IPSEC_STARTER_PID IPSEC_CHARON_PID
IPSEC_DISTRO="Institute for Internet Technologies and Applications\nUniversity of Applied Sciences Rapperswil, Switzerland"
echo " update|reload|stop"
echo " up|down|route|unroute <connectionname>"
echo " status|statusall [<connectionname>]"
- echo " ready"
echo " listalgs|listpubkeys|listcerts [--utc]"
echo " listcacerts|listaacerts|listocspcerts [--utc]"
echo " listacerts|listgroups|listcainfos [--utc]"
echo " rereadcacerts|rereadaacerts|rereadocspcerts"
echo " rereadacerts|rereadcrls|rereadall"
echo " purgeocsp|purgecrls|purgecerts|purgeike"
- echo " scencrypt|scdecrypt <value> [--inbase <base>] [--outbase <base>] [--keyid <id>]"
echo " openac"
- echo " pluto"
echo " scepclient"
echo " secrets"
echo " starter"
echo " version"
- echo " whack"
echo " stroke"
echo
echo "Some of these functions have their own manual pages, e.g. ipsec_scepclient(8)."
exit 2
fi
rc=7
- if [ -e $IPSEC_PLUTO_PID ]
- then
- $IPSEC_WHACK --name "$1" --terminate
- rc="$?"
- fi
if [ -e $IPSEC_CHARON_PID ]
then
$IPSEC_STROKE down "$1"
listcards|rereadgroups)
op="$1"
shift
- if [ -e $IPSEC_PLUTO_PID ]
- then
- $IPSEC_WHACK "$@" "--$op"
- rc="$?"
- fi
if [ -e $IPSEC_CHARON_PID ]
then
exit 3
op="$1"
rc=7
shift
- if [ -e $IPSEC_PLUTO_PID ]
- then
- case "$#" in
- 0) $IPSEC_WHACK "--$op" ;;
- 1) $IPSEC_WHACK "--$op" --name "$1" ;;
- *) $IPSEC_WHACK "--$op" --name "$1" --lease-addr "$2" ;;
- esac
- rc="$?"
- fi
if [ -e $IPSEC_CHARON_PID ]
then
case "$#" in
op="$1"
rc=7
shift
- if [ -e $IPSEC_PLUTO_PID ]
- then
- $IPSEC_WHACK "$@" "--$op"
- rc="$?"
- fi
if [ -e $IPSEC_CHARON_PID ]
then
$IPSEC_STROKE "$op" "$@"
fi
exit "$rc"
;;
-ready)
- shift
- if [ -e $IPSEC_PLUTO_PID ]
- then
- $IPSEC_WHACK --listen
- exit 0
- else
- exit 7
- fi
- ;;
reload)
rc=7
if [ -e $IPSEC_STARTER_PID ]
echo "Usage: ipsec $op <connection name>"
exit 2
fi
- if [ -e $IPSEC_PLUTO_PID ]
- then
- $IPSEC_WHACK --name "$1" "--$op"
- rc="$?"
- fi
if [ -e $IPSEC_CHARON_PID ]
then
$IPSEC_STROKE "$op" "$1"
fi
exit "$rc"
;;
-scencrypt|scdecrypt)
- op="$1"
- shift
- if [ -e $IPSEC_PLUTO_PID ]
- then
- $IPSEC_WHACK "--$op" "$@"
- exit "$?"
- else
- exit 7
- fi
- ;;
secrets)
rc=7
- if [ -e $IPSEC_PLUTO_PID ]
- then
- $IPSEC_WHACK --rereadsecrets
- rc="$?"
- fi
if [ -e $IPSEC_CHARON_PID ]
then
$IPSEC_STROKE rereadsecrets
shift
if [ $# -eq 0 ]
then
- if [ -e $IPSEC_PLUTO_PID ]
- then
- $IPSEC_WHACK "--$op"
- fi
if [ -e $IPSEC_CHARON_PID ]
then
$IPSEC_STROKE "$op"
fi
else
- if [ -e $IPSEC_PLUTO_PID ]
- then
- $IPSEC_WHACK --name "$1" "--$op"
- fi
if [ -e $IPSEC_CHARON_PID ]
then
$IPSEC_STROKE "$op" "$1"
exit 2
fi
rc=7
- if [ -e $IPSEC_PLUTO_PID ]
- then
- $IPSEC_WHACK --name "$1" --initiate
- rc="$?"
- fi
if [ -e $IPSEC_CHARON_PID ]
then
$IPSEC_STROKE up "$1"