diff options
author | Bill Nottingham <notting@redhat.com> | 2005-03-28 20:43:03 +0000 |
---|---|---|
committer | Bill Nottingham <notting@redhat.com> | 2005-03-28 20:43:03 +0000 |
commit | 827c3b3e2a8f96a4064c9cfbeb1823e3f1ace5ea (patch) | |
tree | 2453fcef69b2a21a84d8664537cc8fae73ea0d6e | |
parent | 88584f95df8990226fdc2121cfeb12ad77eafc45 (diff) | |
download | initscripts-827c3b3e2a8f96a4064c9cfbeb1823e3f1ace5ea.tar initscripts-827c3b3e2a8f96a4064c9cfbeb1823e3f1ace5ea.tar.gz initscripts-827c3b3e2a8f96a4064c9cfbeb1823e3f1ace5ea.tar.bz2 initscripts-827c3b3e2a8f96a4064c9cfbeb1823e3f1ace5ea.tar.xz initscripts-827c3b3e2a8f96a4064c9cfbeb1823e3f1ace5ea.zip |
add proper ipsec route (#146169, #140654)
-rwxr-xr-x | sysconfig/network-scripts/ifdown-ipsec | 5 | ||||
-rwxr-xr-x | sysconfig/network-scripts/ifup-ipsec | 6 |
2 files changed, 7 insertions, 4 deletions
diff --git a/sysconfig/network-scripts/ifdown-ipsec b/sysconfig/network-scripts/ifdown-ipsec index cbc8e2df..ffaaa3a3 100755 --- a/sysconfig/network-scripts/ifdown-ipsec +++ b/sysconfig/network-scripts/ifdown-ipsec @@ -61,8 +61,9 @@ EOF else [ -z "$SRCNET" ] && SRCNET="$SRC/32" [ -z "$DSTNET" ] && DSTNET="$DST/32" - - ip route del to $DSTNET via $DST + + [ -z "$SRCGW" ] && SRCGW=`ip -o route get to $SRCNET | sed "s|.*src \([^ ]*\).*|\1|"` + ip route del to $DSTNET via $SRCGW src $SRCGW /sbin/setkey -c >/dev/null 2>&1 << EOF spddelete $SRCNET $DSTNET any -P out; diff --git a/sysconfig/network-scripts/ifup-ipsec b/sysconfig/network-scripts/ifup-ipsec index 4751b5cc..0314f71a 100755 --- a/sysconfig/network-scripts/ifup-ipsec +++ b/sysconfig/network-scripts/ifup-ipsec @@ -137,7 +137,8 @@ EOF [ -z "$SRCNET" ] && SRCNET="$SRC/32" [ -z "$DSTNET" ] && DSTNET="$DST/32" - ip route add to $DSTNET via $DST + [ -z "$SRCGW" ] && SRCGW=`ip -o route get to $SRCNET | sed "s|.*src \([^ ]*\).*|\1|"` + ip route add to $DSTNET via $SRCGW src $SRCGW /sbin/setkey -c >/dev/null 2>&1 << EOF delete $SRC $DST ah $SPI_AH_OUT; @@ -191,7 +192,8 @@ EOF [ -z "$SRCNET" ] && SRCNET="$SRC/32" [ -z "$DSTNET" ] && DSTNET="$DST/32" - ip route add to $DSTNET via $DST + [ -z "$SRCGW" ] && SRCGW=`ip -o route get to $SRCNET | sed "s|.*src \([^ ]*\).*|\1|"` + ip route add to $DSTNET via $SRCGW src $SRCGW /sbin/setkey -c >/dev/null 2>&1 << EOF spddelete $SRCNET $DSTNET any -P out; |