diff options
| author |   Tim Yamin <plasmaroo@gentoo.org> | 2003-12-16 18:04:49 +0000 |
|---|---|---|
| committer | Tim Yamin <plasmaroo@gentoo.org> | 2003-12-16 18:04:49 +0000 |
| commit | b9b41c6361f7700fb6ee17903b59f19d931eda14 (patch) | |
| tree | 75d4ebe03e0b97958f62d4db1be3d7d20cb3e339 /net-firewall/ipsec-tools/files | |
| parent | Masked on sparc as firebird currently depends on x86 binaries and is masked o... (diff) | |
| download | gentoo-2-b9b41c6361f7700fb6ee17903b59f19d931eda14.tar.gz gentoo-2-b9b41c6361f7700fb6ee17903b59f19d931eda14.tar.bz2 gentoo-2-b9b41c6361f7700fb6ee17903b59f19d931eda14.zip | |
Initial import; resolves bug #26796.
Diffstat (limited to 'net-firewall/ipsec-tools/files')
| -rw-r--r-- | net-firewall/ipsec-tools/files/digest-ipsec-tools-0.2.2 | 1 | ||||
| -rw-r--r-- | net-firewall/ipsec-tools/files/ipsec.conf.sample | 10 | ||||
| -rw-r--r-- | net-firewall/ipsec-tools/files/racoon.conf.d | 13 | ||||
| -rw-r--r-- | net-firewall/ipsec-tools/files/racoon.init.d | 51 |
4 files changed, 75 insertions, 0 deletions
diff --git a/net-firewall/ipsec-tools/files/digest-ipsec-tools-0.2.2 b/net-firewall/ipsec-tools/files/digest-ipsec-tools-0.2.2 new file mode 100644 index 000000000000..c9741d4d8fdd --- /dev/null +++ b/net-firewall/ipsec-tools/files/digest-ipsec-tools-0.2.2 @@ -0,0 +1 @@ +MD5 c7d6d7b89ffc102041daf6e9615ff9ab ipsec-tools-0.2.2.tar.gz 680563 diff --git a/net-firewall/ipsec-tools/files/ipsec.conf.sample b/net-firewall/ipsec-tools/files/ipsec.conf.sample new file mode 100644 index 000000000000..078d5baf5fe8 --- /dev/null +++ b/net-firewall/ipsec-tools/files/ipsec.conf.sample @@ -0,0 +1,10 @@ +#!/usr/sbin/setkey -f + +flush; +spdflush; + +spdadd xxx.xxx.xxx.xxx/32 0.0.0.0/0 any + -P out ipsec esp/tunnel/xxx.xxx.xxx.xxx-yyy.yyy.yyy.yyy/require; + +spdadd 0.0.0.0/0 xxx.xxx.xxx.xxx/32 any + -P in ipsec esp/tunnel/yyy.yyy.yyy.yyy-xxx.xxx.xxx.xxx/require; diff --git a/net-firewall/ipsec-tools/files/racoon.conf.d b/net-firewall/ipsec-tools/files/racoon.conf.d new file mode 100644 index 000000000000..8d2f2c3483b1 --- /dev/null +++ b/net-firewall/ipsec-tools/files/racoon.conf.d @@ -0,0 +1,13 @@ +# Copyright 1999-2003 Gentoo Technologies, Inc. +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-firewall/ipsec-tools/files/racoon.conf.d,v 1.1 2003/12/16 18:04:33 plasmaroo Exp $ + +# Config file for /etc/init.d/racoon + +# see man pages for racoon or run `racoon --help` +# for valid cmdline options +RACOON_OPTS="-4" + +RACOON_CONF="/etc/racoon/racoon.conf" +RACOON_PSK_FILE="/etc/racoon/psk.txt" +SETKEY_CONF="/etc/ipsec.conf" diff --git a/net-firewall/ipsec-tools/files/racoon.init.d b/net-firewall/ipsec-tools/files/racoon.init.d new file mode 100644 index 000000000000..35728362befe --- /dev/null +++ b/net-firewall/ipsec-tools/files/racoon.init.d @@ -0,0 +1,51 @@ +#!/sbin/runscript +# Copyright 1999-2002 Gentoo Technologies, Inc. +# Distributed under the terms of the GNU General Public License v2 + +depend() { + use net +} + +checkconfig() { + if [ ! -e ${SETKEY_CONF} ] ; then + eerror "You need to configure setkey before starting racoon." + return 1 + fi + if [ ! -e ${RACOON_CONF} ] ; then + eerror "You need a configuration file to start racoon." + return 1 + fi + if [ ! -z ${RACOON_PSK_FILE} ] ; then + if [ ! -f ${RACOON_PSK_FILE} ] ; then + eerror "PSK file not found as specified." + eerror "Set RACOON_PSK_FILE in /etc/conf.d/racoon." + return 1 + fi + case "`ls -Lldn ${RACOON_PSK_FILE}`" in + -r--------*) + ;; + *) + eerror "Your defined PSK file should be mode 400 for security!" + return 1 + ;; + esac + fi +} + +start() { + checkconfig || return 1 + einfo "Loading ipsec policies from ${SETKEY_CONF}." + /usr/sbin/setkey -f ${SETKEY_CONF} + if [ $? -eq 1 ] ; then + eerror "Error while loading ipsec policies" + fi + ebegin "Starting racoon" + /usr/sbin/racoon -f ${RACOON_CONF} ${RACOON_OPTS} + eend $? +} + +stop() { + ebegin "Stopping racoon" + kill `cat /var/run/racoon.pid` + eend $? +} |