Stop ipsec at core38 update.

[people/pmueller/ipfire-2.x.git] / config / rootfiles / core / 38 / update.sh

diff --git a/config/rootfiles/core/38/update.sh b/config/rootfiles/core/38/update.sh
index d15b829d16900bdad9bf6f81f54bb8ddf24226b9..17f657e62a0aa686f6faa1a860577572f85bec52 100644 (file)
--- a/config/rootfiles/core/38/update.sh
+++ b/config/rootfiles/core/38/update.sh
@@ -50,6 +50,14 @@ echo usr/lib/ipsec >> /opt/pakfire/tmp/ROOTFILES
 echo usr/libexec/ipsec >> /opt/pakfire/tmp/ROOTFILES
 tar cjvf /var/ipfire/backup/core-upgrade_$KVER.tar.bz2 \
     -C / -T /opt/pakfire/tmp/ROOTFILES --exclude='#*' > /dev/null 2>&1
+
+#
+# Stop Sevices
+#
+/etc/init.d/collectd stop
+/etc/init.d/squid stop
+/etc/init.d/ipsec stop
+
 echo
 echo Update Kernel to $KVER ...
 # Remove old kernel, configs, initrd, modules ...
@@ -67,12 +75,6 @@ rm -rf /lib/modules/*-ipfire
 rm -rf /usr/lib/ipsec
 rm -rf /usr/libexec/ipsec
 
-#
-# Stop Sevices
-#
-/etc/init.d/collectd stop
-/etc/init.d/squid stop
-
 #
 # Backup grub.conf
 #
@@ -175,7 +177,21 @@ if [ -e /var/ipfire/qos/enable ]; then
 fi
 #
 #
-# Todo convert ipsec.conf from open to strongswan...
+# convert ipsec.conf from openswan to strongswan...
+mv /var/ipfire/vpn/ipsec.conf /var/ipfire/vpn/ipsec.conf.org
+cat /var/ipfire/vpn/ipsec.conf.org | \
+grep -v "disablearrivalcheck=" | \
+grep -v "klipsdebug=" | \
+grep -v "leftfirewall=" | \
+grep -v "charonstart=" | \
+grep -v "aggrmode=" > /var/ipfire/vpn/ipsec.conf
+sed -i "s|ipsec[0-9]=||g" /var/ipfire/vpn/ipsec.conf
+sed -i "s|nat_t ||g" /var/ipfire/vpn/ipsec.conf
+sed -i "s|klips ||g" /var/ipfire/vpn/ipsec.conf
+sed -i "s|^conn [A-Za-z].*$|&\n\tleftfirewall=yes|g" /var/ipfire/vpn/ipsec.conf
+sed -i "s|^config setup$|&\n\tcharonstart=no|g" /var/ipfire/vpn/ipsec.conf
+chown nobody:nobody /var/ipfire/vpn/ipsec.conf
+chmod 644 /var/ipfire/vpn/ipsec.conf
 #
 #
 # Start Sevices