diff options
Diffstat (limited to 'src/racoon/samples/roadwarrior/client/phase1-up.sh')
| -rwxr-xr-x | src/racoon/samples/roadwarrior/client/phase1-up.sh | 77 |
1 files changed, 0 insertions, 77 deletions
diff --git a/src/racoon/samples/roadwarrior/client/phase1-up.sh b/src/racoon/samples/roadwarrior/client/phase1-up.sh deleted file mode 100755 index e45b648..0000000 --- a/src/racoon/samples/roadwarrior/client/phase1-up.sh +++ /dev/null @@ -1,77 +0,0 @@ -#!/bin/sh - -# -# sa-up.sh local configuration for a new SA -# -PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin - -case `uname -s` in -NetBSD) - DEFAULT_GW=`netstat -rn | awk '($1 == "default"){print $2}'` - ;; -Linux) - DEFAULT_GW=`netstat -rn | awk '($1 == "0.0.0.0"){print $2}'` - ;; -esac - -echo $@ -echo "LOCAL_ADDR = ${LOCAL_ADDR}" -echo "LOCAL_PORT = ${LOCAL_PORT}" -echo "REMOTE_ADDR = ${REMOTE_ADDR}" -echo "REMOTE_PORT = ${REMOTE_PORT}" -echo "DEFAULT_GW = ${DEFAULT_GW}" -echo "INTERNAL_ADDR4 = ${INTERNAL_ADDR4}" -echo "INTERNAL_DNS4 = ${INTERNAL_DNS4}" - -echo ${INTERNAL_ADDR4} | grep '[0-9]' > /dev/null || exit 0 -echo ${DEFAULT_GW} | grep '[0-9]' > /dev/null || exit 0 - -test -f /etc/resolv.conf.bak || cp /etc/resolv.conf /etc/resolv.conf.bak -echo "# Generated by racoon on `date`" > /etc/resolv.conf -echo "nameserver ${INTERNAL_DNS4}" >> /etc/resolv.conf - -case `uname -s` in -NetBSD) - if=`netstat -rn|awk '($1 == "default"){print $7}'` - ifconfig ${if} alias ${INTERNAL_ADDR4} netmask ${INTERNAL_NETMASK4} - route delete default - route add default ${DEFAULT_GW} -ifa ${INTERNAL_ADDR4} - route add ${REMOTE_ADDR} ${DEFAULT_GW} - ;; -Linux) - if=`netstat -rn|awk '($1 == "0.0.0.0"){print $8}'` - ifconfig ${if}:1 ${INTERNAL_ADDR4} - route delete default - route add ${REMOTE_ADDR} gw ${DEFAULT_GW} dev ${if} - route add default gw ${DEFAULT_GW} dev ${if}:1 - ;; -esac - -# Use this for a NAT-T setup -LOCAL="${LOCAL_ADDR}[${LOCAL_PORT}]" -REMOTE="${REMOTE_ADDR}[${REMOTE_PORT}]" - -# Use this for a non NAT-T setup -#LOCAL="${LOCAL_ADDR}" -#REMOTE="${REMOTE_ADDR}" - - -echo " -spdadd ${INTERNAL_ADDR4}/32[any] 0.0.0.0/0[any] any - -P out ipsec esp/tunnel/${LOCAL}-${REMOTE}/require; -spdadd 0.0.0.0/0[any] ${INTERNAL_ADDR4}[any] any - -P in ipsec esp/tunnel/${REMOTE}-${LOCAL}/require; -" | setkey -c - -# -# XXX This is a workaround for Linux forward policies problem. -# Someone familiar with forward policies please fix this properly. -# -case `uname -s` in -Linux) - echo " - spddelete 0.0.0.0/0[any] ${INTERNAL_ADDR4}[any] any - -P fwd ipsec esp/tunnel/${REMOTE}-${LOCAL}/require; - " | setkey -c - ;; -esac |