From 6a55100ce1229185900c10346d9a6b132a2ee8c1 Mon Sep 17 00:00:00 2001 From: ms Date: Sat, 27 Oct 2007 21:28:35 +0000 Subject: [PATCH] IPSec script was missing. git-svn-id: http://svn.ipfire.org/svn/ipfire/trunk@1012 ea5c0bd1-69bd-2848-81d8-4f18e57aeed8 --- doc/packages-list.txt | 5 - src/initscripts/init.d/ipsec | 178 +++++++++++++++++++++++++++++++++++ 2 files changed, 178 insertions(+), 5 deletions(-) create mode 100644 src/initscripts/init.d/ipsec diff --git a/doc/packages-list.txt b/doc/packages-list.txt index 6aacfbbbba..39e9bb80c9 100644 --- a/doc/packages-list.txt +++ b/doc/packages-list.txt @@ -103,8 +103,6 @@ * httpd-2.2.2 * hwdata * iana-etc-2.10 -* icecast-2.3.1 -* icegenerator-0.5.5-pre2 * inetutils-1.4.2 * ipac-ng-1.31 * ipaddr-1.2 @@ -168,7 +166,6 @@ * module-init-tools-3.2.2 * mpc-0.12.1 * mpd-0.13.0 -* mpeg2dec-0.4.0b * mpfire-ipfire * mpg123-0.59r * mtd-CVS-20070507 @@ -248,13 +245,11 @@ * util-linux-2.12r * vim-7.0 * vlan.1.9 -* vlc-0.8.6c * vsftpd-2.0.5 * wget-1.10.2 * whatmask-1.2 * which-2.16 * wireless_tools.28 * xmbmon205 -* xvidcore-1.1.0 * zaptel-1.4.4 * zlib-1.2.3 diff --git a/src/initscripts/init.d/ipsec b/src/initscripts/init.d/ipsec new file mode 100644 index 0000000000..e37074742c --- /dev/null +++ b/src/initscripts/init.d/ipsec @@ -0,0 +1,178 @@ +#!/bin/sh +# IPsec startup and shutdown script +# Copyright (C) 1998, 1999, 2001 Henry Spencer. +# Copyright (C) 2002 Michael Richardson +# +# This program is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation; either version 2 of the License, or (at your +# option) any later version. See . +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY +# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +# for more details. +# +# RCSID $Id: setup.in,v 1.122.6.3 2006/10/26 23:54:32 paul Exp $ +# +# ipsec init.d script for starting and stopping +# the IPsec security subsystem (KLIPS and Pluto). +# +# This script becomes /etc/rc.d/init.d/ipsec (or possibly /etc/init.d/ipsec) +# and is also accessible as "ipsec setup" (the preferred route for human +# invocation). +# +# The startup and shutdown times are a difficult compromise (in particular, +# it is almost impossible to reconcile them with the insanely early/late +# times of NFS filesystem startup/shutdown). Startup is after startup of +# syslog and pcmcia support; shutdown is just before shutdown of syslog. +# +# chkconfig: 2345 47 76 +# description: IPsec provides encrypted and authenticated communications; \ +# KLIPS is the kernel half of it, Pluto is the user-level management daemon. + +me='ipsec setup' # for messages + +# where the private directory and the config files are +IPSEC_EXECDIR="${IPSEC_EXECDIR-/usr/libexec/ipsec}" +IPSEC_LIBDIR="${IPSEC_LIBDIR-/usr/lib/ipsec}" +IPSEC_SBINDIR="${IPSEC_SBINDIR-/usr/sbin}" +IPSEC_CONFS="${IPSEC_CONFS-/etc}" + +if test " $IPSEC_DIR" = " " # if we were not called by the ipsec command +then + # we must establish a suitable PATH ourselves + PATH="${IPSEC_SBINDIR}":/sbin:/usr/sbin:/usr/local/bin:/bin:/usr/bin + export PATH + + IPSEC_DIR="$IPSEC_LIBDIR" + export IPSEC_DIR IPSEC_CONFS IPSEC_LIBDIR IPSEC_EXECDIR +fi + +# Check that the ipsec command is available. +found= +for dir in `echo $PATH | tr ':' ' '` +do + if test -f $dir/ipsec -a -x $dir/ipsec + then + found=yes + break # NOTE BREAK OUT + fi +done +if ! test "$found" +then + echo "cannot find ipsec command -- \`$1' aborted" | + logger -s -p daemon.error -t ipsec_setup + exit 1 +fi + +# accept a few flags + +export IPSEC_setupflags +IPSEC_setupflags="" + +config="" + +for dummy +do + case "$1" in + --showonly|--show) IPSEC_setupflags="$1" ;; + --config) config="--config $2" ; shift ;; + *) break ;; + esac + shift +done + + +# Pick up IPsec configuration (until we have done this, successfully, we +# do not know where errors should go, hence the explicit "daemon.error"s.) +# Note the "--export", which exports the variables created. +eval `ipsec _confread $config --optional --varprefix IPSEC --export --type config setup` + +if test " $IPSEC_confreadstatus" != " " +then + case $1 in + stop|--stop|_autostop) + echo "$IPSEC_confreadstatus -- \`$1' may not work" | + logger -s -p daemon.error -t ipsec_setup;; + + *) echo "$IPSEC_confreadstatus -- \`$1' aborted" | + logger -s -p daemon.error -t ipsec_setup; + exit 1;; + esac +fi + +IPSEC_confreadsection=${IPSEC_confreadsection:-setup} +export IPSEC_confreadsection + +IPSECsyslog=${IPSECsyslog-daemon.error} +export IPSECsyslog + +# misc setup +umask 022 + +mkdir -p /var/run/pluto + + +# do it +case "$1" in + start|--start|stop|--stop|_autostop|_autostart) + if test " `id -u`" != " 0" + then + echo "permission denied (must be superuser)" | + logger -s -p $IPSECsyslog -t ipsec_setup 2>&1 + exit 1 + fi + tmp=/var/run/pluto/ipsec_setup.st + outtmp=/var/run/pluto/ipsec_setup.out + ( + ipsec _realsetup $1 + echo "$?" >$tmp + ) > ${outtmp} 2>&1 + st=$? + if test -f $tmp + then + st=`cat $tmp` + rm -f $tmp + fi + if [ -f ${outtmp} ]; then + cat ${outtmp} | logger -s -p $IPSECsyslog -t ipsec_setup 2>&1 + rm -f ${outtmp} + fi + sleep 20 && chown root:nobody /var/run/pluto -R && chmod 770 /var/run/pluto -R && ln -sf /var/run/pluto/pluto.pid /var/run/pluto.pid 2>&1 & + exit $st + ;; + + restart|--restart|force-reload) + $0 $IPSEC_setupflags stop + $0 $IPSEC_setupflags start + ;; + + _autorestart) # for internal use only + $0 $IPSEC_setupflags _autostop + $0 $IPSEC_setupflags _autostart + ;; + + status|--status) + ipsec _realsetup $1 + exit + ;; + + --version) + echo "$me $IPSEC_VERSION" + exit 0 + ;; + + --help) + echo "Usage: $me [ --showonly ] {--start|--stop|--restart}" + echo " $me --status" + exit 0 + ;; + + *) + echo "Usage: $me [ --showonly ] {--start|--stop|--restart}" + echo " $me --status" + exit 2 +esac + +exit 0 -- 2.39.2