cubixle/packages
1
0
Fork 0
mirror of https://github.com/novatiq/packages.git synced 2026-04-30 07:28:39 +01:00
Code Issues Packages Projects Releases Wiki Activity

ipsec-tools: racoon uci integration

Browse Source 
Signed-Off-By: Vitaly Protsko <villy@sft.ru>
---
 b/net/ipsec-tools/Makefile            |   16 -
 b/net/ipsec-tools/files/functions.sh  |  137 +++++++++
 b/net/ipsec-tools/files/p1client-down |   41 ++
 b/net/ipsec-tools/files/p1client-up   |   41 ++
 b/net/ipsec-tools/files/racoon        |  109 +++++++
 b/net/ipsec-tools/files/racoon.init   |  478 +++++++++++++++++++++++++++++++++-
 b/net/ipsec-tools/files/vpnctl        |   19 +
 net/ipsec-tools/files/racoon.conf     |   36 --
 8 files changed, 824 insertions(+), 53 deletions(-)
This commit is contained in:
aTanW
2015-03-10 16:24:22 +03:00
parent 96ef85a37e
commit 2564e407d2
8 changed files with 824 additions and 53 deletions
Download Patch File Download Diff File Expand all files Collapse all files
net/ipsec-tools/files/p1client-down
+41
View File
@@ -0,0 +1,41 @@
#!/bin/sh
#
log="logger -t p1client-down[$$]"
. /lib/functions.sh
. /etc/racoon/functions.sh
if [ -z "$SPLIT_INCLUDE_CIDR" ]; then
$log "Connection without server-pushed routing is not supported"
exit 1
fi
$log "Shutting down tunnel to server $REMOTE_ADDR"
$log "Closing tunnel(-s) to $SPLIT_INCLUDE_CIDR through $INTERNAL_ADDR4"
config_load racoon
config_get confIntZone racoon int_zone lan
config_get confExtZone racoon ext_zone wan
manage_fw del $confIntZone $confExtZone "$INTERNAL_ADDR4 $SPLIT_INCLUDE_CIDR"
data=$(get_zoneiflist $confIntZone)
if [ -n "$data" ]; then
for item in $data ; do
network_get_subnet locnet $item
if [ -n "$locnet" ]; then
manage_sa del "$locnet" "$SPLIT_INCLUDE_CIDR" $REMOTE_ADDR $INTERNAL_ADDR4
else
$log "Can not find subnet on interface $item"
fi
done
else
$log "Can not find subnets in zone $confIntZone"
fi
get_fieldval data dev "$(/usr/sbin/ip route get $REMOTE_ADDR)"
ip address del $INTERNAL_ADDR4/32 dev $data
# EOF /etc/racoon/p1client-down