blob: cbf6e22e35516430350c7ee8118a15c6dd113056 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
|
#!/sbin/openrc-run
# Copyright 1999-2016 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Id$
extra_commands="checkconfig"
extra_started_commands="reload"
: ${FWKNOPD_BINARY:=/usr/sbin/fwknopd}
: ${FWKNOPD_CONFDIR:=/etc/fwknop}
: ${FWKNOPD_CONFIG:=${FWKNOPD_CONFDIR}/fwknopd.conf}
: ${FWKNOPD_PIDFILE:=/run/fwknop/${SVCNAME}.pid}
depend() {
after iptables ip6tables ebtables firewall
use logger
if [ "${rc_need+set}" = "set" ]; then
: # Do nothing, the user has explicitly set rc_need
elif [ -f "${FWKNOPD_CONFIG}" ]; then
local x warn_intf
for x in $(awk '/^[[:blank:]]*PCAP_INTF/{ sub(";$", ""); print $2 }' "${FWKNOPD_CONFIG}" 2>/dev/null); do
warn_intf="${warn_intf} ${x}"
done
if [ -n "${warn_intf}" ]; then
need net
ewarn "You are binding an interface in PCAP_INTF statement in your fwknopd.conf!"
ewarn "You must add rc_need=\"net.FOO\" to your /etc/conf.d/${SVCNAME},"
ewarn "where FOO is the following interface(s):"
ewarn "${warn_intf}"
else
# If PCAP_INTF and PCAP_FILE are not set, then fwknopd uses eth0
if ! grep -q '^[[:blank:]]*PCAP_FILE' "${FWKNOPD_CONFIG}"; then
need net
ewarn "You are not binding any interface in PCAP_INTF statement in your fwknopd.conf,"
ewarn "neither you are providing PCAP_FILE option. Thus fwknopd will listen on eth0."
ewarn "You must add rc_need=\"net.eth0\" to your /etc/conf.d/${SVCNAME}."
fi
fi
fi
}
checkconfig() {
if [ ! -e "${FWKNOPD_CONFDIR}"/fwknopd.conf ]; then
eerror "You need ${FWKNOPD_CONFDIR}/fwknopd.conf file to run fwknopd"
eerror "Example is located at /etc/fwknop/fwknopd.conf.example"
return 1
fi
if [ ! -e "${FWKNOPD_CONFDIR}"/access.conf ]; then
eerror "You need ${FWKNOPD_CONFDIR}/access.conf file to run fwknopd"
eerror "Example is located at /etc/fwknop/access.conf.example"
return 1
fi
[ "${FWKNOPD_PIDFILE}" != "/run/fwknop/${SVCNAME}.pid" ] \
&& FWKNOPD_OPTS="${FWKNOPD_OPTS} --pid-file=${FWKNOPD_PIDFILE}"
[ "${FWKNOPD_CONFDIR}" != "/etc/fwknop" ] \
&& FWKNOPD_OPTS="${FWKNOPD_OPTS} \
--config=${FWKNOPD_CONFDIR}/fwknopd.conf \
--access-file=${FWKNOPD_CONFDIR}/access.conf"
return 0
}
start() {
checkconfig || return 1
ebegin "Starting ${SVCNAME}"
start-stop-daemon --start \
--exec ${FWKNOPD_BINARY} --pidfile ${FWKNOPD_PIDFILE} \
-- ${FWKNOPD_OPTS}
eend $?
}
stop() {
if [ "${RC_CMD}" = "restart" ]; then
checkconfig || return 1
fi
ebegin "Stopping ${SVCNAME}"
start-stop-daemon --stop --pidfile ${FWKNOPD_PIDFILE}
eend $?
}
reload() {
checkconfig || return 1
ebegin "Reloading ${SVCNAME} configuration"
start-stop-daemon --signal HUP --pidfile ${FWKNOPD_PIDFILE}
eend $?
}
|
GitWeb