libexec/rc/rc.d/ipsec

   1 #!/bin/sh
   2 #
   3 # $FreeBSD$
   4 #
   5
   6 # PROVIDE: ipsec
   7 # REQUIRE: FILESYSTEMS
   8 # BEFORE:  DAEMON mountcritremote
   9 # KEYWORD: nojailvnet
  10
  11 . /etc/rc.subr
  12
  13 name="ipsec"
  14 desc="Internet Protocol Security protocol"
  15 rcvar="ipsec_enable"
  16 start_precmd="ipsec_prestart"
  17 start_cmd="ipsec_start"
  18 stop_precmd="test -f $ipsec_file"
  19 stop_cmd="ipsec_stop"
  20 reload_cmd="ipsec_reload"
  21 extra_commands="reload"
  22 ipsec_program="/sbin/setkey"
  23 required_modules="ipsec"
  24 # ipsec_file is set by rc.conf
  25
  26 ipsec_prestart()
  27 {
  28         if [ ! -f "$ipsec_file" ]; then
  29                 warn "$ipsec_file not readable; ipsec start aborted."
  30                 stop_boot
  31                 return 1
  32         fi
  33         return 0
  34 }
  35
  36 ipsec_start()
  37 {
  38         echo "Installing ipsec manual keys/policies."
  39         ${ipsec_program} -f $ipsec_file
  40 }
  41
  42 ipsec_stop()
  43 {
  44         echo "Clearing ipsec manual keys/policies."
  45
  46         # Still not 100% sure if we would like to do this.
  47         # It is very questionable to do this during shutdown session
  48         # since it can hang any of the remaining IPv4/v6 sessions.
  49         #
  50         ${ipsec_program} -F
  51         ${ipsec_program} -FP
  52 }
  53
  54 ipsec_reload()
  55 {
  56         echo "Reloading ipsec manual keys/policies."
  57         ${ipsec_program} -f "$ipsec_file"
  58 }
  59
  60 load_rc_config $name
  61 run_rc_command "$1"