src/functions/functions.util \
src/functions/functions.vlan \
src/functions/functions.ipsec \
+ src/functions/functions.vpn \
src/functions/functions.vpn-security-policies \
src/functions/functions.wireless \
src/functions/functions.wpa_supplicant \
IPSEC_VALID_MODES="gre-transport tunnel vti"
IPSEC_VALID_AUTH_MODES="PSK psk"
+cli_ipsec() {
+ local action=${1}
+ shift 1
+
+ case "${action}" in
+ connection)
+ cli_ipsec_connection $@
+ ;;
+ *)
+ error "Unrecognized argument: ${action}"
+ exit ${EXIT_ERROR}
+ ;;
+ esac
+}
+
+cli_ipsec_connection() {
+ if ipsec_connection_exists ${1}; then
+ local connection=${1}
+ local key=${2}
+ key=${key//-/_}
+ shift 2
+
+ case "${key}" in
+ authentication|inactivity-timout|local|mode|peer|remote|security-policy)
+ ipsec_connection_${key} ${connection} $@
+ ;;
+ *)
+ error "Unrecognized argument: ${key}"
+ exit ${EXIT_ERROR}
+ ;;
+ esac
+ else
+ local action=${1}
+ shift
+
+ case "${action}" in
+ new)
+ ipsec_connection_new $@
+ ;;
+ destroy)
+ ipsec_connection_destroy $@
+ ;;
+ ""|*)
+ if [ -n "${action}" ]; then
+ error "Unrecognized argument: '${action}'"
+ fi
+ exit ${EXIT_ERROR}
+ ;;
+ esac
+ fi
+}
+
# This function writes all values to a via ${connection} specificated VPN IPsec configuration file
ipsec_connection_write_config() {
assert [ $# -ge 1 ]
--- /dev/null
+#!/bin/bash
+###############################################################################
+# #
+# IPFire.org - A linux based firewall #
+# Copyright (C) 2017 IPFire Network Development Team #
+# #
+# This program is free software: you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation, either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# This program is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with this program. If not, see <http://www.gnu.org/licenses/>. #
+# #
+###############################################################################
+
+cli_vpn() {
+ local action=${1}
+ shift 1
+
+ case "${action}" in
+ ipsec)
+ cli_ipsec $@
+ ;;
+ security-policies)
+ cli_vpn_security_policies $@
+ ;;
+ *)
+ error "Unrecognized argument: ${action}"
+ exit ${EXIT_ERROR}
+ ;;
+ esac
+}
[CURVE25519]="curve25519"
)
+cli_vpn_security_policies() {
+ local action
+ local security_policy
+
+ if vpn_security_policy_exists ${1}; then
+ security_policy=${1}
+ key=${2}
+ shift 2
+
+ case "${key}" in
+ cipher|compression|integrity|lifetime|pfs|show)
+ vpn_security_policies_${key} ${security_policy} $@
+ ;;
+ group-type)
+ vpn_security_policies_group_type ${security_policy} $@
+ ;;
+ key-exchange)
+ vpn_security_policies_key_exchange ${security_policy} $@
+ ;;
+ *)
+ error "Unrecognized argument: ${key}"
+ exit ${EXIT_ERROR}
+ ;;
+ esac
+ else
+ action=${1}
+ shift
+
+ case "${action}" in
+ new)
+ vpn_security_policies_new $@
+ ;;
+ destroy)
+ vpn_security_policies_destroy $@
+ ;;
+ ""|*)
+ if [ -n "${action}" ]; then
+ error "Unrecognized argument: '${action}'"
+ fi
+ exit ${EXIT_ERROR}
+ ;;
+ esac
+ fi
+}
+
# This functions checks if a policy is readonly
# returns true when yes and false when no
vpn_security_policies_check_readonly() {
exit ${EXIT_OK}
}
-cli_vpn() {
- local action=${1}
- shift 1
-
- case "${action}" in
- security-policies)
- cli_vpn_security_policies $@
- ;;
- ipsec)
- cli_vpn_ipsec $@
- ;;
- *)
- error "Unrecognized argument: ${action}"
- exit ${EXIT_ERROR}
- ;;
- esac
-}
-
-cli_vpn_ipsec() {
- local action=${1}
- shift 1
-
- case "${action}" in
- connection)
- cli_vpn_ipsec_connection $@
- ;;
- *)
- error "Unrecognized argument: ${action}"
- exit ${EXIT_ERROR}
- ;;
- esac
-}
-
-cli_vpn_ipsec_connection() {
- if ipsec_connection_exists ${1}; then
- local connection=${1}
- local key=${2}
- key=${key//-/_}
- shift 2
-
- case "${key}" in
- authentication|inactivity-timout|local|mode|peer|remote|security-policy)
- ipsec_connection_${key} ${connection} $@
- ;;
- *)
- error "Unrecognized argument: ${key}"
- exit ${EXIT_ERROR}
- ;;
- esac
- else
- local action=${1}
- shift
-
- case "${action}" in
- new)
- ipsec_connection_new $@
- ;;
- destroy)
- ipsec_connection_destroy $@
- ;;
- ""|*)
- if [ -n "${action}" ]; then
- error "Unrecognized argument: '${action}'"
- fi
- exit ${EXIT_ERROR}
- ;;
- esac
- fi
-}
-
-cli_vpn_security_policies() {
-
- local action
- local security_policy
-
- if vpn_security_policy_exists ${1}; then
-
- security_policy=${1}
- key=${2}
- shift 2
-
- case "${key}" in
- cipher|compression|integrity|lifetime|pfs|show)
- vpn_security_policies_${key} ${security_policy} $@
- ;;
- group-type)
- vpn_security_policies_group_type ${security_policy} $@
- ;;
- key-exchange)
- vpn_security_policies_key_exchange ${security_policy} $@
- ;;
- *)
- error "Unrecognized argument: ${key}"
- exit ${EXIT_ERROR}
- ;;
- esac
- else
- action=${1}
- shift
-
- case "${action}" in
- new)
- vpn_security_policies_new $@
- ;;
- destroy)
- vpn_security_policies_destroy $@
- ;;
- ""|*)
- if [ -n "${action}" ]; then
- error "Unrecognized argument: '${action}'"
- fi
- exit ${EXIT_ERROR}
- ;;
- esac
- fi
-}
-
# Process the given action
case "${action}" in
init)