blob: c5f88d4931c006e3c20900e98e4f59c5f8c09510 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
|
#!/sbin/runscript
# Copyright 1999-2004 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
depend() {
before netmount
use net
after firewall
provide ipsec
}
checkconfig() {
if [ ! -e ${SETKEY_CONF} ] ; then
eerror "You need to configure setkey before starting racoon."
return 1
fi
if [ ! -e ${RACOON_CONF} ] ; then
eerror "You need a configuration file to start racoon."
return 1
fi
if [ ! -z ${RACOON_PSK_FILE} ] ; then
if [ ! -f ${RACOON_PSK_FILE} ] ; then
eerror "PSK file not found as specified."
eerror "Set RACOON_PSK_FILE in /etc/conf.d/racoon."
return 1
fi
case "`ls -Lldn ${RACOON_PSK_FILE}`" in
-r--------*)
;;
*)
eerror "Your defined PSK file should be mode 400 for security!"
return 1
;;
esac
fi
}
start() {
checkconfig || return 1
einfo "Loading ipsec policies from ${SETKEY_CONF}."
/usr/sbin/setkey ${SETKEY_OPTS} -f ${SETKEY_CONF}
if [ $? -eq 1 ] ; then
eerror "Error while loading ipsec policies"
fi
ebegin "Starting racoon"
start-stop-daemon -S -x /usr/sbin/racoon -- -f ${RACOON_CONF} ${RACOON_OPTS}
eend $?
}
stop() {
ebegin "Stopping racoon"
start-stop-daemon -K -p /var/run/racoon.pid
eend $?
if [ -n "${RACOON_RESET_TABLES}" ]; then
ebegin "Flushing policy entries"
/usr/sbin/setkey -F
/usr/sbin/setkey -FP
eend $?
fi
}
|