1: #! @LOCALPREFIX@/bin/perl
2:
3: if ($< != 0) {
4: print STDERR "must be root to invoke this\n";
5: exit 1;
6: }
7:
8: $mode = 'add';
9: while ($i = shift @ARGV) {
10: if ($i eq '-d') {
11: $mode = 'delete';
12: } else {
13: print STDERR "usage: scriptdump [-d]\n";
14: exit 1;
15: }
16: }
17:
18: open(IN, "setkey -D |") || die;
19: foreach $_ (<IN>) {
20: if (/^[^\t]/) {
21: ($src, $dst) = split(/\s+/, $_);
22: } elsif (/^\t(esp|ah) mode=(\S+) spi=(\d+).*reqid=(\d+)/) {
23: ($proto, $ipsecmode, $spi, $reqid) = ($1, $2, $3, $4);
24: } elsif (/^\tE: (\S+) (.*)/) {
25: $ealgo = $1;
26: $ekey = $2;
27: $ekey =~ s/\s//g;
28: $ekey =~ s/^/0x/g;
29: } elsif (/^\tA: (\S+) (.*)/) {
30: $aalgo = $1;
31: $akey = $2;
32: $akey =~ s/\s//g;
33: $akey =~ s/^/0x/g;
34: } elsif (/^\tseq=(0x\d+) replay=(\d+) flags=(0x\d+) state=/) {
35: print "$mode $src $dst $proto $spi";
36: $replay = $2;
37: print " -u $reqid" if $reqid;
38: if ($mode eq 'add') {
39: print " -m $ipsecmode -r $replay" if $replay;
40: if ($proto eq 'esp') {
41: print " -E $ealgo $ekey" if $ealgo;
42: print " -A $aalgo $akey" if $aalgo;
43: } elsif ($proto eq 'ah') {
44: print " -A $aalgo $akey" if $aalgo;
45: }
46: }
47: print ";\n";
48:
49: $src = $dst = $upper = $proxy = '';
50: $ealgo = $ekey = $aalgo = $akey = '';
51: }
52: }
53: close(IN);
54:
55: exit 0;
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to scriptdump.pl CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / ipsec-tools / src / setkey