1#!/bin/sh 2# 3# $FreeBSD$ 4# 5 6# PROVIDE: ipsec 7# REQUIRE: FILESYSTEMS 8# BEFORE: DAEMON mountcritremote 9# KEYWORD: nojail 10 11. /etc/rc.subr 12 13name="ipsec" 14rcvar="ipsec_enable" 15start_precmd="ipsec_prestart" 16start_cmd="ipsec_start" 17stop_precmd="test -f $ipsec_file" 18stop_cmd="ipsec_stop" 19reload_cmd="ipsec_reload" 20extra_commands="reload" 21ipsec_program="/sbin/setkey" 22# ipsec_file is set by rc.conf 23 24ipsec_prestart() 25{ 26 if [ ! -f "$ipsec_file" ]; then 27 warn "$ipsec_file not readable; ipsec start aborted." 28 stop_boot 29 return 1 30 fi 31 return 0 32} 33 34ipsec_start() 35{ 36 echo "Installing ipsec manual keys/policies." 37 ${ipsec_program} -f $ipsec_file 38} 39 40ipsec_stop() 41{ 42 echo "Clearing ipsec manual keys/policies." 43 44 # Still not 100% sure if we would like to do this. 45 # It is very questionable to do this during shutdown session 46 # since it can hang any of the remaining IPv4/v6 sessions. 47 # 48 ${ipsec_program} -F 49 ${ipsec_program} -FP 50} 51 52ipsec_reload() 53{ 54 echo "Reloading ipsec manual keys/policies." 55 ${ipsec_program} -f "$ipsec_file" 56} 57 58load_rc_config $name 59run_rc_command "$1" 60