diff options
| author | Colin Guthrie <colin@mageia.org> | 2011-11-03 22:26:54 +0000 |
|---|---|---|
| committer | Colin Guthrie <colin@mageia.org> | 2011-11-03 22:26:54 +0000 |
| commit | 1e6179bf54cbc84b4ad33480e7f2f713418bb28a (patch) | |
| tree | 794b2654be506d551421bcc47d3ad97822e2861c /sysconfig/network-scripts/ifdown-ipsec | |
| parent | 87589b49d1543595188dcb26aa5a09d33e5e0a4e (diff) | |
| parent | 6ce3e4700baa4e37e6b16e4160c00b2ebea58d81 (diff) | |
| download | initscripts-1e6179bf54cbc84b4ad33480e7f2f713418bb28a.tar initscripts-1e6179bf54cbc84b4ad33480e7f2f713418bb28a.tar.gz initscripts-1e6179bf54cbc84b4ad33480e7f2f713418bb28a.tar.bz2 initscripts-1e6179bf54cbc84b4ad33480e7f2f713418bb28a.tar.xz initscripts-1e6179bf54cbc84b4ad33480e7f2f713418bb28a.zip | |
Merge commit 'initscripts-9.34-1' into mga-34
This brings our fully patched initscripts branch up to version 9.34.
Some code was not easily merged and thus not all functionality relating
to multiple IP addresses per interface were merged in.
Conflicts:
Makefile
lang.csh
lang.sh
prefdm
rc.d/init.d/functions
rc.d/init.d/netfs
rc.d/init.d/network
rc.d/rc
rc.d/rc.local
rc.d/rc.sysinit
service
sysconfig.txt
sysconfig/network-scripts/ifdown-eth
sysconfig/network-scripts/ifup-eth
sysconfig/network-scripts/ifup-ipv6
sysconfig/network-scripts/ifup-sit
sysconfig/network-scripts/ifup-tunnel
sysconfig/network-scripts/network-functions
systemd/system/fedora-sysinit-unhack.service
Diffstat (limited to 'sysconfig/network-scripts/ifdown-ipsec')
| -rwxr-xr-x | sysconfig/network-scripts/ifdown-ipsec | 86 |
1 files changed, 0 insertions, 86 deletions
diff --git a/sysconfig/network-scripts/ifdown-ipsec b/sysconfig/network-scripts/ifdown-ipsec deleted file mode 100755 index 85133784..00000000 --- a/sysconfig/network-scripts/ifdown-ipsec +++ /dev/null @@ -1,86 +0,0 @@ -#!/bin/bash -PATH=/sbin:/usr/sbin/:/bin:/usr/bin - -cd /etc/sysconfig/network-scripts -. ./network-functions - -CONFIG=$1 -[ -f "${CONFIG}" ] || CONFIG=ifcfg-${1} -source_config - -if [ -n "$KEY_AH" -o -n "$KEY_ESP" ]; then - KEYING=manual -fi - - -if [ -n "$IKE_PSK" ]; then - KEYING=automatic - IKE_METHOD=PSK -fi - -if [ -n "$IKE_CERTFILE" ]; then - KEYING=automatic - IKE_METHOD=X509 -fi - -if [ -n "$IKE_PEER_CERTFILE" ]; then - KEYING=automatic - IKE_METHOD=X509 -fi - -if [ -n "$IKE_DNSSEC" ]; then - KEYING=automatic - IKE_METHOD=X509 -fi -if [ -n "$RSA_KEY" ]; then - KEYING=automatic - IKE_METHOD=RSA -fi - -[ -n "$IKE_METHOD" ] && KEYING=automatic -[ -z "$KEYING" ] && KEYING=manual - -if [ -z "$SRC" ]; then - SRC=$(ip -o route get to $DST | sed "s|.*src \([^ ]*\).*|\1|") -fi - -if [ -n "$SRCNET" -o -n "$DSTNET" ]; then - MODE=tunnel - [ -z "$SRCNET" ] && SRCNET="$SRC/32" - [ -z "$DSTNET" ] && DSTNET="$DST/32" - SPD_SRC=$SRCNET - SPD_DST=$DSTNET - # If SRCNET is a subnet of DSTNET, exclude SRCNET<->SRCNET communication - if [ "${SRCNET##*/}" -gt "${DSTNET##*/}" ] \ - && [ "$(ipcalc -n "${SRCNET%%/*}/${DSTNET##*/}")" \ - = "NETWORK=${DSTNET%%/*}" ]; then - EXCLUDE_SRCNET=yes - fi - [ -z "$SRCGW" ] && SRCGW=$(ip -o route get to $SRCNET | sed "s|.*src \([^ ]*\).*|\1|") - ip route del to $DSTNET via $SRCGW src $SRCGW -else - MODE=transport - SPD_SRC=$SRC - SPD_DST=$DST - unset EXCLUDE_SRCNET -fi - -setkey -c << EOF -${SPI_AH_OUT:+delete $SRC $DST ah $SPI_AH_OUT;} -${SPI_AH_IN:+delete $DST $SRC ah $SPI_AH_IN;} -${SPI_ESP_OUT:+delete $SRC $DST esp $SPI_ESP_OUT;} -${SPI_ESP_IN:+delete $DST $SRC esp $SPI_ESP_IN;} -spddelete $SPD_SRC $SPD_DST any -P out; -spddelete $SPD_DST $SPD_SRC any -P in; -${EXCLUDE_SRCNET:+spddelete $SPD_SRC $SPD_SRC any -P out;} -${EXCLUDE_SRCNET:+spddelete $SPD_SRC $SPD_SRC any -P in;} -EOF - -if [ "$KEYING" = "automatic" -a -n "$IKE_METHOD" ]; then - racoontmp=$(mktemp /etc/racoon/racoon.XXXXXX) - grep -v "^include \"/etc/racoon/$DST.conf\";" /etc/racoon/racoon.conf >> $racoontmp - mv -f $racoontmp /etc/racoon/racoon.conf - pidof -x /usr/sbin/racoon > /dev/null 2>&1 && killall -HUP racoon -fi - -/etc/sysconfig/network-scripts/ifdown-post $CONFIG |