From 7ad26c601b706ea3bad39a696311acd7f2fec27a Mon Sep 17 00:00:00 2001 From: Bill Nottingham Date: Thu, 11 Sep 2003 04:32:07 +0000 Subject: ipv6 fixes - detect automatic keying better, fix variable names for tunneling --- sysconfig/network-scripts/ifup-ipsec | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/sysconfig/network-scripts/ifup-ipsec b/sysconfig/network-scripts/ifup-ipsec index 9602af0a..5de55bc8 100755 --- a/sysconfig/network-scripts/ifup-ipsec +++ b/sysconfig/network-scripts/ifup-ipsec @@ -91,6 +91,7 @@ else MODE=host fi +[ -n "$IKE_METHOD" ] && KEYING=automatic [ -z "$KEYING" ] && KEYING=manual # Get source address @@ -153,13 +154,13 @@ ${KEY_AH_IN:+add $DST $SRC ah $SPI_AH_IN -m tunnel -A ${AH_PROTO_IN:-$AH_PROTO} ${KEY_AH_OUT:+add $SRC $DST ah $SPI_AH_OUT -m tunnel -A ${AH_PROTO_OUT:-$AH_PROTO} $(echo '"')$KEY_AH_OUT$(echo '"');} spdadd $SRCNET $DSTNET any -P out ipsec - ${KEY_ESP_OUT:+esp/tunnel/$SRC-$DEST/require} - ${KEY_AH_OUT:+ah/tunnel/$SRC-$DEST/require} + ${KEY_ESP_OUT:+esp/tunnel/$SRC-$DST/require} + ${KEY_AH_OUT:+ah/tunnel/$SRC-$DST/require} ; spdadd $DSTNET $SRCNET any -P in ipsec - ${KEY_ESP_IN:+esp/tunnel/$DEST-$SRC/require} - ${KEY_AH_IN:+ah/tunnel/$DEST-$SRC/require} + ${KEY_ESP_IN:+esp/tunnel/$DST-$SRC/require} + ${KEY_AH_IN:+ah/tunnel/$DST-$SRC/require} ; EOF fi @@ -193,13 +194,13 @@ spddelete $SRCNET $DSTNET any -P out; spddelete $DSTNET $SRCNET any -P in; spdadd $SRCNET $DSTNET any -P out ipsec - esp/tunnel/$SRC-$DEST/require - ah/tunnel/$SRC-$DEST/require + esp/tunnel/$SRC-$DST/require + ah/tunnel/$SRC-$DST/require ; spdadd $DSTNET $SRCNET any -P in ipsec - esp/tunnel/$DEST-$SRC/require - ah/tunnel/$DEST-$SRC/require + esp/tunnel/$DST-$SRC/require + ah/tunnel/$DST-$SRC/require ; EOF fi -- cgit v1.2.1