1#!/bin/sh 2# 3# $FreeBSD$ 4# 5 6# PROVIDE: ipsec 7# REQUIRE: FILESYSTEMS 8# BEFORE: DAEMON mountcritremote 9# KEYWORD: nojailvnet 10 11. /etc/rc.subr 12 13name="ipsec" 14desc="Internet Protocol Security protocol" 15rcvar="ipsec_enable" 16start_precmd="ipsec_prestart" 17start_cmd="ipsec_start" 18stop_precmd="test -f $ipsec_file" 19stop_cmd="ipsec_stop" 20reload_cmd="ipsec_reload" 21extra_commands="reload" 22ipsec_program="/sbin/setkey" 23# ipsec_file is set by rc.conf 24 25ipsec_prestart() 26{ 27 if [ ! -f "$ipsec_file" ]; then 28 warn "$ipsec_file not readable; ipsec start aborted." 29 stop_boot 30 return 1 31 fi 32 return 0 33} 34 35ipsec_start() 36{ 37 echo "Installing ipsec manual keys/policies." 38 ${ipsec_program} -f $ipsec_file 39} 40 41ipsec_stop() 42{ 43 echo "Clearing ipsec manual keys/policies." 44 45 # Still not 100% sure if we would like to do this. 46 # It is very questionable to do this during shutdown session 47 # since it can hang any of the remaining IPv4/v6 sessions. 48 # 49 ${ipsec_program} -F 50 ${ipsec_program} -FP 51} 52 53ipsec_reload() 54{ 55 echo "Reloading ipsec manual keys/policies." 56 ${ipsec_program} -f "$ipsec_file" 57} 58 59load_rc_config $name 60run_rc_command "$1" 61