diff options
| -rw-r--r-- | extra/ipsec-tools/APKBUILD | 40 | ||||
| -rw-r--r-- | extra/ipsec-tools/racoon.confd | 19 | ||||
| -rw-r--r-- | extra/ipsec-tools/racoon.initd | 58 |
3 files changed, 117 insertions, 0 deletions
diff --git a/extra/ipsec-tools/APKBUILD b/extra/ipsec-tools/APKBUILD new file mode 100644 index 0000000000..f58b065889 --- /dev/null +++ b/extra/ipsec-tools/APKBUILD @@ -0,0 +1,40 @@ +# Maintainer: Natanael Copa <ncopa@alpinelinux.org> +pkgname=ipsec-tools +pkgver=0.8_alpha20090126 +_myver=0.8-alpha20090126 +pkgrel=0 +pkgdesc="User-space IPsec tools for various IPsec implementations" +url="http://ipsec-tools.sourceforge.net/" +license="BSD" +depends="openssl uclibc" +makedepends="openssl-dev" +subpackages="$pkgname-doc $pkgname-dev" +source="http://downloads.sourceforge.net/$pkgname/$pkgname-$_myver.tar.gz + racoon.initd + racoon.confd + " + +build() { + cd "$srcdir/$pkgname-$_myver" + + ./configure --prefix=/usr \ + --sysconfdir=/etc \ + --mandir=/usr/share/man \ + --infodir=/usr/share/info \ + --localstatedir=/var/lib \ + --with-kernel-headers=/usr/include \ + --disable-security-context \ + --enable-adminport \ + --enable-dpd \ + --enable-frag \ + --enable-hybrid \ + --enable-ipv6 \ + --enable-natt + make || return 1 + make DESTDIR="$pkgdir" install + + install -D -m755 ../racoon.initd "$pkgdir"/etc/init.d/racoon + install -D -m644 ../racoon.confd "$pkgdir"/etc/conf.d/racoon +} + +md5sums="0fc1cc3fd2a014d11e33400202ee09fc ipsec-tools-0.8-alpha20090126.tar.gz" diff --git a/extra/ipsec-tools/racoon.confd b/extra/ipsec-tools/racoon.confd new file mode 100644 index 0000000000..66f8ed7674 --- /dev/null +++ b/extra/ipsec-tools/racoon.confd @@ -0,0 +1,19 @@ +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-firewall/ipsec-tools/files/racoon.conf.d,v 1.3 2004/07/14 23:29:57 agriffis Exp $ + +# Config file for /etc/init.d/racoon + +# See the manual pages for racoon or run `racoon --help` +# for valid command-line options + +RACOON_OPTS="-4" + +RACOON_CONF="/etc/racoon/racoon.conf" +RACOON_PSK_FILE="/etc/racoon/psk.txt" +SETKEY_CONF="/etc/ipsec.conf" + +# Comment or remove the following if you don't want the policy tables +# to be flushed when racoon is stopped. + +RACOON_RESET_TABLES="true" diff --git a/extra/ipsec-tools/racoon.initd b/extra/ipsec-tools/racoon.initd new file mode 100644 index 0000000000..16fdec7e3a --- /dev/null +++ b/extra/ipsec-tools/racoon.initd @@ -0,0 +1,58 @@ +#!/sbin/runscript +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +depend() { + before netmount + use net +} + +checkconfig() { + if [ ! -e ${SETKEY_CONF} ] ; then + eerror "You need to configure setkey before starting racoon." + return 1 + fi + if [ ! -e ${RACOON_CONF} ] ; then + eerror "You need a configuration file to start racoon." + return 1 + fi + if [ ! -z ${RACOON_PSK_FILE} ] ; then + if [ ! -f ${RACOON_PSK_FILE} ] ; then + eerror "PSK file not found as specified." + eerror "Set RACOON_PSK_FILE in /etc/conf.d/racoon." + return 1 + fi + case "`ls -Lldn ${RACOON_PSK_FILE}`" in + -r--------*) + ;; + *) + eerror "Your defined PSK file should be mode 400 for security!" + return 1 + ;; + esac + fi +} + +start() { + checkconfig || return 1 + einfo "Loading ipsec policies from ${SETKEY_CONF}." + /usr/sbin/setkey -f ${SETKEY_CONF} + if [ $? -eq 1 ] ; then + eerror "Error while loading ipsec policies" + fi + ebegin "Starting racoon" + start-stop-daemon -S -x /usr/sbin/racoon -- -f ${RACOON_CONF} ${RACOON_OPTS} + eend $? +} + +stop() { + ebegin "Stopping racoon" + start-stop-daemon -K -p /var/run/racoon.pid + eend $? + if [ -n "${RACOON_RESET_TABLES}" ]; then + ebegin "Flushing policy entries" + /usr/sbin/setkey -F + /usr/sbin/setkey -FP + eend $? + fi +} |