diff options
author | Bill Nottingham <notting@redhat.com> | 2003-07-02 22:37:43 +0000 |
---|---|---|
committer | Bill Nottingham <notting@redhat.com> | 2003-07-02 22:37:43 +0000 |
commit | 6b78527ef407b08b4e2c26f0709375b366e66283 (patch) | |
tree | 5db9039928a64e1fd43afdc49ddec36ad2f827c0 | |
parent | 927f8ea11a053120ff7395de0ecf2648dadc8028 (diff) | |
download | initscripts-6b78527ef407b08b4e2c26f0709375b366e66283.tar initscripts-6b78527ef407b08b4e2c26f0709375b366e66283.tar.gz initscripts-6b78527ef407b08b4e2c26f0709375b366e66283.tar.bz2 initscripts-6b78527ef407b08b4e2c26f0709375b366e66283.tar.xz initscripts-6b78527ef407b08b4e2c26f0709375b366e66283.zip |
add ifdown-ipsec
-rwxr-xr-x | sysconfig/network-scripts/ifdown-ipsec | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/sysconfig/network-scripts/ifdown-ipsec b/sysconfig/network-scripts/ifdown-ipsec new file mode 100755 index 00000000..d5f8ec50 --- /dev/null +++ b/sysconfig/network-scripts/ifdown-ipsec @@ -0,0 +1,29 @@ +#!/bin/bash +PATH=/sbin:/usr/sbin/:/bin:/usr/bin + +cd /etc/sysconfig/network-scripts +. network-functions + +CONFIG=$1 +[ -f "${CONFIG}" ] || CONFIG=ifcfg-${1} +source_config + +if [ -z "$SRC" ]; then + SRC=`ip -o route get to $DST | sed "s|.*src \([^ ]*\).*|\1|"` +fi + +if [ "$KEYING" = "manual" ]; then + setkey -c << EOF +delete $SRC $DST ah $SPI_AH_OUT; +delete $DST $SRC ah $SPI_AH_IN; +delete $SRC $DST esp $SPI_ESP_OUT; +delete $DST $SRC esp $SPI_ESP_IN; +EOF +fi + +setkey -c << EOF +spddelete $SRC $DST any -P out; +spddelete $DST $SRC any -P in; +EOF + +/etc/sysconfig/network-scripts/ifdown-post $CONFIG |