aboutsummaryrefslogtreecommitdiffstats
path: root/sysconfig/network-scripts
diff options
context:
space:
mode:
authorMiloslav Trmac <mitr@volny.cz>2006-11-15 01:37:02 +0000
committerMiloslav Trmac <mitr@volny.cz>2006-11-15 01:37:02 +0000
commit4137cc5bf1430055f65a867b7b3b2245fec19f52 (patch)
tree09f7ccc425815b6dd27788f07db9c239ffa1719b /sysconfig/network-scripts
parent10fa5cbefcffc30ddb589195dffb8a1114734b13 (diff)
downloadinitscripts-4137cc5bf1430055f65a867b7b3b2245fec19f52.tar
initscripts-4137cc5bf1430055f65a867b7b3b2245fec19f52.tar.gz
initscripts-4137cc5bf1430055f65a867b7b3b2245fec19f52.tar.bz2
initscripts-4137cc5bf1430055f65a867b7b3b2245fec19f52.tar.xz
initscripts-4137cc5bf1430055f65a867b7b3b2245fec19f52.zip
Add a way to manually manage racoon.conf, e.g. to handle separate tunnels with
a shared peer endpoint (#159343)
Diffstat (limited to 'sysconfig/network-scripts')
-rwxr-xr-xsysconfig/network-scripts/ifdown-ipsec2
-rwxr-xr-xsysconfig/network-scripts/ifup-ipsec10
2 files changed, 7 insertions, 5 deletions
diff --git a/sysconfig/network-scripts/ifdown-ipsec b/sysconfig/network-scripts/ifdown-ipsec
index 82a71a9a..56b31c43 100755
--- a/sysconfig/network-scripts/ifdown-ipsec
+++ b/sysconfig/network-scripts/ifdown-ipsec
@@ -76,7 +76,7 @@ ${EXCLUDE_SRCNET:+spddelete $SPD_SRC $SPD_SRC any -P out;}
${EXCLUDE_SRCNET:+spddelete $SPD_SRC $SPD_SRC any -P in;}
EOF
-if [ "$KEYING" = "automatic" ]; then
+if [ "$KEYING" = "automatic" -a -n "$IKE_METHOD" ]; then
racoontmp=`mktemp /etc/racoon/racoon.XXXXXX`
grep -v "^include \"/etc/racoon/$DST.conf\";" /etc/racoon/racoon.conf >> $racoontmp
mv -f $racoontmp /etc/racoon/racoon.conf
diff --git a/sysconfig/network-scripts/ifup-ipsec b/sysconfig/network-scripts/ifup-ipsec
index ebad848c..882722fd 100755
--- a/sysconfig/network-scripts/ifup-ipsec
+++ b/sysconfig/network-scripts/ifup-ipsec
@@ -158,7 +158,7 @@ spdadd $SPD_DST $SPD_SRC any -P in ipsec
;
EOF
-if [ "$KEYING" = "automatic" ]; then
+if [ "$KEYING" = "automatic" -a -n "$IKE_METHOD" ]; then
if [ "$IKE_METHOD" = "PSK" ]; then
tmpfile=`mktemp /etc/racoon/psk.XXXXXX`
grep -v "^$DST" /etc/racoon/psk.txt > $tmpfile
@@ -223,9 +223,11 @@ EOF
grep -v "^include \"/etc/racoon/$DST.conf\";" /etc/racoon/racoon.conf >> $racoontmp
echo "include \"/etc/racoon/$DST.conf\";" >> $racoontmp
mv -f $racoontmp /etc/racoon/racoon.conf
- if pidof -x /usr/sbin/racoon > /dev/null 2>&1 ; then
- killall -HUP /usr/sbin/racoon
- else
+fi
+if [ "$KEYING" = "automatic" ]; then
+ if ! pidof -x /usr/sbin/racoon > /dev/null 2>&1 ; then
/usr/sbin/racoon
+ elif [ -n "$IKE_METHOD" ]; then
+ killall -HUP /usr/sbin/racoon
fi
fi