Annotation of embedaddon/strongswan/src/ipsec/_ipsec.in, revision 1.1
1.1 ! misho 1: #! @IPSEC_SHELL@
! 2: # prefix command to run stuff from our programs directory
! 3: # Copyright (C) 1998-2002 Henry Spencer.
! 4: # Copyright (C) 2006-2014 Andreas Steffen
! 5: # Copyright (C) 2006 Martin Willi
! 6: #
! 7: # This program is free software; you can redistribute it and/or modify it
! 8: # under the terms of the GNU General Public License as published by the
! 9: # Free Software Foundation; either version 2 of the License, or (at your
! 10: # option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
! 11: #
! 12: # This program is distributed in the hope that it will be useful, but
! 13: # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
! 14: # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
! 15: # for more details.
! 16:
! 17: # define a minimum PATH environment in case it is not set
! 18: PATH=${PATH:-"/sbin:/bin:/usr/sbin:/usr/bin"}
! 19: export PATH
! 20:
! 21: # set daemon name
! 22: [ -z "$DAEMON_NAME" ] && DAEMON_NAME="charon"
! 23:
! 24: # name and version of the ipsec implementation
! 25: OS_NAME=`uname -s`
! 26: IPSEC_NAME="@IPSEC_NAME@"
! 27: IPSEC_VERSION="U@IPSEC_VERSION@/K`uname -r`"
! 28:
! 29: # where the private directory and the config files are
! 30: IPSEC_DIR="@IPSEC_DIR@"
! 31: IPSEC_BINDIR="@IPSEC_BINDIR@"
! 32: IPSEC_SBINDIR="@IPSEC_SBINDIR@"
! 33: IPSEC_CONFDIR="@IPSEC_CONFDIR@"
! 34: IPSEC_PIDDIR="@IPSEC_PIDDIR@"
! 35: IPSEC_SCRIPT="@IPSEC_SCRIPT@"
! 36:
! 37: IPSEC_STARTER_PID="${IPSEC_PIDDIR}/starter.${DAEMON_NAME}.pid"
! 38: IPSEC_CHARON_PID="${IPSEC_PIDDIR}/${DAEMON_NAME}.pid"
! 39:
! 40: IPSEC_STROKE="${IPSEC_DIR}/stroke"
! 41: IPSEC_STARTER="${IPSEC_DIR}/starter"
! 42:
! 43: export IPSEC_DIR IPSEC_BINDIR IPSEC_SBINDIR IPSEC_CONFDIR IPSEC_PIDDIR IPSEC_SCRIPT IPSEC_VERSION IPSEC_NAME IPSEC_STARTER_PID IPSEC_CHARON_PID
! 44:
! 45: IPSEC_DISTRO="University of Applied Sciences Rapperswil, Switzerland"
! 46:
! 47: command_dir="$IPSEC_DIR"
! 48:
! 49: case "$1" in
! 50: '')
! 51: echo "$IPSEC_SCRIPT command [arguments]"
! 52: echo
! 53: echo "Use --help for a list of commands, or refer to the $IPSEC_SCRIPT(8) man page."
! 54: echo "See <http://www.strongswan.org> for more general information."
! 55: exit 0
! 56: ;;
! 57: --help)
! 58: echo "$IPSEC_SCRIPT command [arguments]"
! 59: echo
! 60: echo "Commands:"
! 61: echo " start|restart [arguments]"
! 62: echo " update|reload|stop"
! 63: echo " up|down|route|unroute <connectionname>"
! 64: echo " down-srcip <start> [<end>]"
! 65: echo " status|statusall [<connectionname>]"
! 66: echo " listalgs|listpubkeys|listcerts [--utc]"
! 67: echo " listcacerts|listaacerts|listocspcerts [--utc]"
! 68: echo " listacerts|listgroups|listcainfos [--utc]"
! 69: echo " listcrls|listocsp|listplugins|listall [--utc]"
! 70: echo " listcounters|resetcounters [name]"
! 71: echo " leases [<poolname> [<address>]]"
! 72: echo " rereadsecrets|rereadcacerts|rereadaacerts"
! 73: echo " rereadocspcerts|rereadacerts|rereadcrls|rereadall"
! 74: echo " purgecerts|purgecrls|purgeike|purgeocsp"
! 75: echo " scepclient|pki"
! 76: echo " stroke"
! 77: echo " version"
! 78: echo
! 79: echo "Refer to the $IPSEC_SCRIPT(8) man page for details."
! 80: echo "Some commands have their own man pages, e.g. pki(1) or scepclient(8)."
! 81: exit 0
! 82: ;;
! 83: --versioncode)
! 84: echo "$IPSEC_VERSION"
! 85: exit 0
! 86: ;;
! 87: --directory)
! 88: echo "$IPSEC_DIR"
! 89: exit 0
! 90: ;;
! 91: --confdir)
! 92: echo "$IPSEC_CONFDIR"
! 93: exit 0
! 94: ;;
! 95: --piddir)
! 96: echo "$IPSEC_PIDDIR"
! 97: exit 0
! 98: ;;
! 99: down)
! 100: shift
! 101: if [ "$#" -ne 1 ]
! 102: then
! 103: echo "Usage: $IPSEC_SCRIPT down <connection name>"
! 104: exit 2
! 105: fi
! 106: rc=7
! 107: if [ -e $IPSEC_CHARON_PID ]
! 108: then
! 109: $IPSEC_STROKE down "$1"
! 110: rc="$?"
! 111: fi
! 112: exit "$rc"
! 113: ;;
! 114: down-srcip)
! 115: shift
! 116: if [ "$#" -lt 1 ]
! 117: then
! 118: echo "Usage: $IPSEC_SCRIPT down-srcip <start> [<end>]"
! 119: exit 2
! 120: fi
! 121: rc=7
! 122: if [ -e $IPSEC_CHARON_PID ]
! 123: then
! 124: $IPSEC_STROKE down-srcip $*
! 125: rc="$?"
! 126: fi
! 127: exit "$rc"
! 128: ;;
! 129: leases)
! 130: op="$1"
! 131: rc=7
! 132: shift
! 133: if [ -e $IPSEC_CHARON_PID ]
! 134: then
! 135: case "$#" in
! 136: 0) $IPSEC_STROKE "$op" ;;
! 137: 1) $IPSEC_STROKE "$op" "$1" ;;
! 138: *) $IPSEC_STROKE "$op" "$1" "$2" ;;
! 139: esac
! 140: rc="$?"
! 141: fi
! 142: exit "$rc"
! 143: ;;
! 144: listalgs|listpubkeys|listplugins|\
! 145: listcerts|listcacerts|listaacerts|\
! 146: listacerts|listgroups|listocspcerts|\
! 147: listcainfos|listcrls|listocsp|listall|\
! 148: rereadsecrets|rereadcacerts|rereadaacerts|\
! 149: rereadacerts|rereadocspcerts|rereadcrls|\
! 150: rereadall|purgeocsp|listcounters|resetcounters)
! 151: op="$1"
! 152: rc=7
! 153: shift
! 154: if [ -e $IPSEC_CHARON_PID ]
! 155: then
! 156: $IPSEC_STROKE "$op" "$@"
! 157: rc="$?"
! 158: fi
! 159: exit "$rc"
! 160: ;;
! 161: purgeike|purgecrls|purgecerts)
! 162: rc=7
! 163: if [ -e $IPSEC_CHARON_PID ]
! 164: then
! 165: $IPSEC_STROKE "$1"
! 166: rc="$?"
! 167: fi
! 168: exit "$rc"
! 169: ;;
! 170: reload)
! 171: rc=7
! 172: if [ -e $IPSEC_STARTER_PID ]
! 173: then
! 174: echo "Reloading strongSwan IPsec configuration..." >&2
! 175: kill -USR1 `cat $IPSEC_STARTER_PID` 2>/dev/null && rc=0
! 176: else
! 177: echo "Reloading strongSwan IPsec failed: starter is not running" >&2
! 178: fi
! 179: exit "$rc"
! 180: ;;
! 181: restart)
! 182: $IPSEC_SBINDIR/$IPSEC_SCRIPT stop
! 183: sleep 2
! 184: shift
! 185: exec $IPSEC_SBINDIR/$IPSEC_SCRIPT start "$@"
! 186: ;;
! 187: route|unroute)
! 188: op="$1"
! 189: rc=7
! 190: shift
! 191: if [ "$#" -ne 1 ]
! 192: then
! 193: echo "Usage: $IPSEC_SCRIPT $op <connection name>"
! 194: exit 2
! 195: fi
! 196: if [ -e $IPSEC_CHARON_PID ]
! 197: then
! 198: $IPSEC_STROKE "$op" "$1"
! 199: rc="$?"
! 200: fi
! 201: exit "$rc"
! 202: ;;
! 203: secrets)
! 204: rc=7
! 205: if [ -e $IPSEC_CHARON_PID ]
! 206: then
! 207: $IPSEC_STROKE rereadsecrets
! 208: rc="$?"
! 209: fi
! 210: exit "$rc"
! 211: ;;
! 212: start)
! 213: shift
! 214: if [ -d /var/lock/subsys ]; then
! 215: touch /var/lock/subsys/ipsec
! 216: fi
! 217: exec $IPSEC_STARTER --daemon $DAEMON_NAME "$@"
! 218: ;;
! 219: status|statusall)
! 220: op="$1"
! 221: # Return value is slightly different for the status command:
! 222: # 0 - service up and running
! 223: # 1 - service dead, but /var/run/ pid file exists
! 224: # 2 - service dead, but /var/lock/ lock file exists
! 225: # 3 - service not running (unused)
! 226: # 4 - service status unknown :-(
! 227: # 5--199 reserved (5--99 LSB, 100--149 distro, 150--199 appl.)
! 228: shift
! 229: if [ $# -eq 0 ]
! 230: then
! 231: if [ -e $IPSEC_CHARON_PID ]
! 232: then
! 233: $IPSEC_STROKE "$op"
! 234: fi
! 235: else
! 236: if [ -e $IPSEC_CHARON_PID ]
! 237: then
! 238: $IPSEC_STROKE "$op" "$1"
! 239: fi
! 240: fi
! 241: if [ -e $IPSEC_STARTER_PID ]
! 242: then
! 243: kill -0 `cat $IPSEC_STARTER_PID` 2>/dev/null
! 244: exit $?
! 245: fi
! 246: exit 3
! 247: ;;
! 248: stop)
! 249: # stopping a not-running service is considered as success
! 250: if [ -e $IPSEC_STARTER_PID ]
! 251: then
! 252: echo "Stopping strongSwan IPsec..." >&2
! 253: spid=`cat $IPSEC_STARTER_PID`
! 254: if [ -n "$spid" ]
! 255: then
! 256: kill $spid 2>/dev/null
! 257: loop=110
! 258: while [ $loop -gt 0 ] ; do
! 259: kill -0 $spid 2>/dev/null || break
! 260: sleep 0.1 2>/dev/null
! 261: if [ $? -ne 0 ]
! 262: then
! 263: sleep 1
! 264: loop=$(($loop - 9))
! 265: fi
! 266: loop=$(($loop - 1))
! 267: done
! 268: if [ $loop -le 0 ]
! 269: then
! 270: kill -KILL $spid 2>/dev/null
! 271: rm -f $IPSEC_STARTER_PID
! 272: fi
! 273: fi
! 274: else
! 275: echo "Stopping strongSwan IPsec failed: starter is not running" >&2
! 276: fi
! 277: if [ -d /var/lock/subsys ]; then
! 278: rm -f /var/lock/subsys/ipsec
! 279: fi
! 280: exit 0
! 281: ;;
! 282: up)
! 283: shift
! 284: if [ "$#" -ne 1 ]
! 285: then
! 286: echo "Usage: $IPSEC_SCRIPT up <connection name>"
! 287: exit 2
! 288: fi
! 289: rc=7
! 290: if [ -e $IPSEC_CHARON_PID ]
! 291: then
! 292: $IPSEC_STROKE up "$1"
! 293: rc="$?"
! 294: fi
! 295: exit "$rc"
! 296: ;;
! 297: update)
! 298: if [ -e $IPSEC_STARTER_PID ]
! 299: then
! 300: echo "Updating strongSwan IPsec configuration..." >&2
! 301: kill -HUP `cat $IPSEC_STARTER_PID`
! 302: exit 0
! 303: else
! 304: echo "Updating strongSwan IPsec failed: starter is not running" >&2
! 305: exit 7
! 306: fi
! 307: ;;
! 308: aikgen|pki)
! 309: # programs in BINDIR may be called directly, these two are listed for legacy reasons
! 310: command_dir="$IPSEC_BINDIR"
! 311: # fall through
! 312: ;;
! 313: attest|conftest|dumm|irdumm|pool|pt-tls-client|scepclient|stroke|\
! 314: duplicheck|error-notify|imv_policy_manager|load-tester|lookip|whitelist|\
! 315: _updown|_imv_policy)
! 316: # fall through
! 317: ;;
! 318: copyright|--copyright)
! 319: set _copyright
! 320: # fall through
! 321: ;;
! 322: version|--version)
! 323: printf "$OS_NAME $IPSEC_NAME $IPSEC_VERSION\n"
! 324: printf "$IPSEC_DISTRO\n"
! 325: printf "See '$IPSEC_SCRIPT --copyright' for copyright information.\n"
! 326: exit 0
! 327: ;;
! 328: --*)
! 329: echo "$0: unknown option \`$1' (perhaps command name was omitted?)" >&2
! 330: exit 2
! 331: ;;
! 332: *)
! 333: echo "$0: unknown command \`$1' (\`$IPSEC_SCRIPT --help' for list)" >&2
! 334: exit 2
! 335: ;;
! 336: esac
! 337:
! 338: cmd="$1"
! 339: shift
! 340:
! 341: path="$command_dir/$cmd"
! 342:
! 343: if [ ! -x "$path" ]
! 344: then
! 345: echo "$0: unknown command \`$cmd' (\`$IPSEC_SCRIPT --help' for list)" >&2
! 346: exit 2
! 347: fi
! 348:
! 349: exec $path "$@"
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to _ipsec.in CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / ipsec