aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorBill Nottingham <notting@redhat.com>2003-09-11 04:32:07 +0000
committerBill Nottingham <notting@redhat.com>2003-09-11 04:32:07 +0000
commit7ad26c601b706ea3bad39a696311acd7f2fec27a (patch)
tree8e3cdb0dbe4d7e1b237a9e7714e0346866282b8c
parentcc183971840b8ca4ca07d135d65270416e7a1c92 (diff)
downloadinitscripts-7ad26c601b706ea3bad39a696311acd7f2fec27a.tar
initscripts-7ad26c601b706ea3bad39a696311acd7f2fec27a.tar.gz
initscripts-7ad26c601b706ea3bad39a696311acd7f2fec27a.tar.bz2
initscripts-7ad26c601b706ea3bad39a696311acd7f2fec27a.tar.xz
initscripts-7ad26c601b706ea3bad39a696311acd7f2fec27a.zip
ipv6 fixes - detect automatic keying better, fix variable names for
tunneling
-rwxr-xr-xsysconfig/network-scripts/ifup-ipsec17
1 files changed, 9 insertions, 8 deletions
diff --git a/sysconfig/network-scripts/ifup-ipsec b/sysconfig/network-scripts/ifup-ipsec
index 9602af0a..5de55bc8 100755
--- a/sysconfig/network-scripts/ifup-ipsec
+++ b/sysconfig/network-scripts/ifup-ipsec
@@ -91,6 +91,7 @@ else
MODE=host
fi
+[ -n "$IKE_METHOD" ] && KEYING=automatic
[ -z "$KEYING" ] && KEYING=manual
# Get source address
@@ -153,13 +154,13 @@ ${KEY_AH_IN:+add $DST $SRC ah $SPI_AH_IN -m tunnel -A ${AH_PROTO_IN:-$AH_PROTO}
${KEY_AH_OUT:+add $SRC $DST ah $SPI_AH_OUT -m tunnel -A ${AH_PROTO_OUT:-$AH_PROTO} $(echo '"')$KEY_AH_OUT$(echo '"');}
spdadd $SRCNET $DSTNET any -P out ipsec
- ${KEY_ESP_OUT:+esp/tunnel/$SRC-$DEST/require}
- ${KEY_AH_OUT:+ah/tunnel/$SRC-$DEST/require}
+ ${KEY_ESP_OUT:+esp/tunnel/$SRC-$DST/require}
+ ${KEY_AH_OUT:+ah/tunnel/$SRC-$DST/require}
;
spdadd $DSTNET $SRCNET any -P in ipsec
- ${KEY_ESP_IN:+esp/tunnel/$DEST-$SRC/require}
- ${KEY_AH_IN:+ah/tunnel/$DEST-$SRC/require}
+ ${KEY_ESP_IN:+esp/tunnel/$DST-$SRC/require}
+ ${KEY_AH_IN:+ah/tunnel/$DST-$SRC/require}
;
EOF
fi
@@ -193,13 +194,13 @@ spddelete $SRCNET $DSTNET any -P out;
spddelete $DSTNET $SRCNET any -P in;
spdadd $SRCNET $DSTNET any -P out ipsec
- esp/tunnel/$SRC-$DEST/require
- ah/tunnel/$SRC-$DEST/require
+ esp/tunnel/$SRC-$DST/require
+ ah/tunnel/$SRC-$DST/require
;
spdadd $DSTNET $SRCNET any -P in ipsec
- esp/tunnel/$DEST-$SRC/require
- ah/tunnel/$DEST-$SRC/require
+ esp/tunnel/$DST-$SRC/require
+ ah/tunnel/$DST-$SRC/require
;
EOF
fi