aboutsummaryrefslogtreecommitdiffstats
path: root/sysconfig/network-scripts/ifdown-ipsec
diff options
context:
space:
mode:
authorBill Nottingham <notting@redhat.com>2003-07-02 22:37:43 +0000
committerBill Nottingham <notting@redhat.com>2003-07-02 22:37:43 +0000
commit6b78527ef407b08b4e2c26f0709375b366e66283 (patch)
tree5db9039928a64e1fd43afdc49ddec36ad2f827c0 /sysconfig/network-scripts/ifdown-ipsec
parent927f8ea11a053120ff7395de0ecf2648dadc8028 (diff)
downloadinitscripts-6b78527ef407b08b4e2c26f0709375b366e66283.tar
initscripts-6b78527ef407b08b4e2c26f0709375b366e66283.tar.gz
initscripts-6b78527ef407b08b4e2c26f0709375b366e66283.tar.bz2
initscripts-6b78527ef407b08b4e2c26f0709375b366e66283.tar.xz
initscripts-6b78527ef407b08b4e2c26f0709375b366e66283.zip
add ifdown-ipsec
Diffstat (limited to 'sysconfig/network-scripts/ifdown-ipsec')
-rwxr-xr-xsysconfig/network-scripts/ifdown-ipsec29
1 files changed, 29 insertions, 0 deletions
diff --git a/sysconfig/network-scripts/ifdown-ipsec b/sysconfig/network-scripts/ifdown-ipsec
new file mode 100755
index 00000000..d5f8ec50
--- /dev/null
+++ b/sysconfig/network-scripts/ifdown-ipsec
@@ -0,0 +1,29 @@
+#!/bin/bash
+PATH=/sbin:/usr/sbin/:/bin:/usr/bin
+
+cd /etc/sysconfig/network-scripts
+. network-functions
+
+CONFIG=$1
+[ -f "${CONFIG}" ] || CONFIG=ifcfg-${1}
+source_config
+
+if [ -z "$SRC" ]; then
+ SRC=`ip -o route get to $DST | sed "s|.*src \([^ ]*\).*|\1|"`
+fi
+
+if [ "$KEYING" = "manual" ]; then
+ setkey -c << EOF
+delete $SRC $DST ah $SPI_AH_OUT;
+delete $DST $SRC ah $SPI_AH_IN;
+delete $SRC $DST esp $SPI_ESP_OUT;
+delete $DST $SRC esp $SPI_ESP_IN;
+EOF
+fi
+
+setkey -c << EOF
+spddelete $SRC $DST any -P out;
+spddelete $DST $SRC any -P in;
+EOF
+
+/etc/sysconfig/network-scripts/ifdown-post $CONFIG