Annotation of elwix/config/etc/default/racoon/roadwarrior/client/phase1-down.sh, revision 1.1.1.1
1.1 misho 1: #!/bin/sh
2:
3: #
4: # sa-down.sh local configuration for a new SA
5: #
6:
7: PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin
8:
9: case `uname -s` in
10: NetBSD)
11: DEFAULT_GW=`netstat -rn | awk '($1 == "default"){print $2}'`
12: ;;
13: Linux)
14: DEFAULT_GW=`netstat -rn | awk '($1 == "0.0.0.0"){print $2}'`
15: ;;
16: esac
17:
18: echo $@
19: echo "LOCAL_ADDR = ${LOCAL_ADDR}"
20: echo "LOCAL_PORT = ${LOCAL_PORT}"
21: echo "REMOTE_ADDR = ${REMOTE_ADDR}"
22: echo "REMOTE_PORT = ${REMOTE_PORT}"
23: echo "DEFAULT_GW = ${DEFAULT_GW}"
24: echo "INTERNAL_ADDR4 = ${INTERNAL_ADDR4}"
25: echo "INTERNAL_DNS4 = ${INTERNAL_DNS4}"
26:
27: echo ${INTERNAL_ADDR4} | grep '[0-9]' > /dev/null || exit 0
28: echo ${DEFAULT_GW} | grep '[0-9]' > /dev/null || exit 0
29:
30: test -f /etc/resolv.conf.bak && cp /etc/resolv.conf.bak /etc/resolv.conf
31:
32: case `uname -s` in
33: NetBSD)
34: if=`netstat -rn|awk '($1 == "default"){print $7}'`
35: ifconfig ${if} delete ${INTERNAL_ADDR4}
36: route delete default
37: route delete ${REMOTE_ADDR}
38: route add default ${DEFAULT_GW} -ifa ${LOCAL_ADDR}
39: ;;
40: Linux)
41: if=`netstat -rn|awk '($1 == "0.0.0.0"){print $8}'`
42: route delete default
43: route delete ${REMOTE_ADDR}
44: ifconfig ${if}:1 del ${INTERNAL_ADDR4}
45: route add default gw ${DEFAULT_GW}
46:
47: #
48: # XXX This is a workaround because Linux seems to ignore
49: # the deleteall commands below. This is bad because it flushes
50: # any SAD instead of flushing what needs to be flushed.
51: # Someone using Linux please fix it
52: #
53: setkey -F
54: ;;
55: esac
56:
57: # Use this for a NAT-T setup
58: LOCAL="${LOCAL_ADDR}[${LOCAL_PORT}]"
59: REMOTE="${REMOTE_ADDR}[${REMOTE_PORT}]"
60:
61: # Use this for a non NAT-T setup
62: #LOCAL="${LOCAL_ADDR}"
63: #REMOTE="${REMOTE_ADDR}"
64:
65: echo "
66: deleteall ${REMOTE_ADDR} ${LOCAL_ADDR} esp;
67: deleteall ${LOCAL_ADDR} ${REMOTE_ADDR} esp;
68: spddelete ${INTERNAL_ADDR4}/32[any] 0.0.0.0/0[any] any
69: -P out ipsec esp/tunnel/${LOCAL}-${REMOTE}/require;
70: spddelete 0.0.0.0/0[any] ${INTERNAL_ADDR4}[any] any
71: -P in ipsec esp/tunnel/${REMOTE}-${LOCAL}/require;
72: " | setkey -c
73:
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to phase1-down.sh CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / elwix / config / etc / default / racoon / roadwarrior / client