1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
|
east:~# D=/testing/scripts/ipsec.conf-restart-01
east:~# export IPSEC_CONFS="$D/etc-norestart"
east:~# ipsec setup --showonly start | sed -e 's=\(Starting Openswan IPsec \).*\.\.\.=\1DATE...='
ipsec_setup: PATH=/usr/local/sbin:/sbin:/usr/sbin:/usr/local/sbin:/usr/local/bin:/bin:/usr/bin
ipsec_setup: test ! -f /var/run/ipsec_setup.pid || { echo "Openswan IPsec apparently already running, start aborted" ; exit 1 ; }
ipsec_setup: echo "Starting Openswan IPsec VER"
ipsec_setup: rm -f /var/run/ipsec_setup.pid
ipsec_setup: test -r /dev/random || { echo "...unable to start Openswan IPsec, no /dev/random!" ; exit 1 ; }
ipsec_setup: test -r /dev/urandom || { echo "...unable to start Openswan IPsec, no /dev/urandom!" ; exit 1 ; }
ipsec_setup: echo $$ > /var/run/ipsec_setup.pid
ipsec_setup: test -s /var/run/ipsec_setup.pid || { echo "...unable to create /var/run/ipsec_setup.pid, aborting start!" ; rm -f /var/run/ipsec_setup.pid ; exit 1 ; }
ipsec_setup: > /var/run/ipsec.info
ipsec_setup: ipsec _startklips --info /var/run/ipsec.info --debug "" --omtu "" --fragicmp "" --hidetos "" --rpfilter "0" --log "daemon.error" %defaultroute || { rm -f /var/run/ipsec_setup.pid ; exit 1 ; }
ipsec_setup: test -f /proc/net/ipsec_version || test -f /proc/net/pfkey || { echo "OOPS, should have aborted! Broken shell!" ; exit 1 ; }
ipsec_setup: test -d /var/lock/subsys && touch /var/lock/subsys/ipsec
ipsec_setup: ipsec _plutorun --debug "" --uniqueids "yes" --nocrsend "" --strictcrlpolicy "" --nat_traversal "" --keep_alive "" --force_keepalive "" --disable_port_floating "" --virtual_private "" --crlcheckinterval "0" --ocspuri "" --dump "" --opts "" --stderrlog "" --wait "no" --pre "" --post "" --log "daemon.error" --plutorestartoncrash true --pid "/var/run/pluto.pid" || { ifl=` ifconfig | sed -n -e "/^ipsec/s/ .*//p" ` ; test "X$ifl" != "X" && for i in $ifl ; do ifconfig $i down ; ipsec tncfg --detach --virtual $i ; done ; test -r /proc/net/ipsec_klipsdebug && ipsec klipsdebug --none ; ipsec eroute --clear ; ipsec spi --clear ; lsmod 2>&1 | grep "^ipsec" > /dev/null && rmmod ipsec ; rm -f /var/run/ipsec_setup.pid ; exit 1 ; }
ipsec_setup: echo "...Openswan IPsec started" | logger -p daemon.error -t ipsec_setup
east:~# export IPSEC_CONFS="$D/etc-restart"
east:~# ipsec setup --showonly start | sed -e 's=\(Starting Openswan IPsec \).*\.\.\.=\1DATE...='
ipsec_setup: PATH=/usr/local/sbin:/sbin:/usr/sbin:/usr/local/sbin:/usr/local/bin:/bin:/usr/bin
ipsec_setup: test ! -f /var/run/ipsec_setup.pid || { echo "Openswan IPsec apparently already running, start aborted" ; exit 1 ; }
ipsec_setup: echo "Starting Openswan IPsec VER"
ipsec_setup: rm -f /var/run/ipsec_setup.pid
ipsec_setup: test -r /dev/random || { echo "...unable to start Openswan IPsec, no /dev/random!" ; exit 1 ; }
ipsec_setup: test -r /dev/urandom || { echo "...unable to start Openswan IPsec, no /dev/urandom!" ; exit 1 ; }
ipsec_setup: echo $$ > /var/run/ipsec_setup.pid
ipsec_setup: test -s /var/run/ipsec_setup.pid || { echo "...unable to create /var/run/ipsec_setup.pid, aborting start!" ; rm -f /var/run/ipsec_setup.pid ; exit 1 ; }
ipsec_setup: > /var/run/ipsec.info
ipsec_setup: ipsec _startklips --info /var/run/ipsec.info --debug "" --omtu "" --fragicmp "" --hidetos "" --rpfilter "0" --log "daemon.error" %defaultroute || { rm -f /var/run/ipsec_setup.pid ; exit 1 ; }
ipsec_setup: test -f /proc/net/ipsec_version || test -f /proc/net/pfkey || { echo "OOPS, should have aborted! Broken shell!" ; exit 1 ; }
ipsec_setup: test -d /var/lock/subsys && touch /var/lock/subsys/ipsec
ipsec_setup: ipsec _plutorun --debug "" --uniqueids "yes" --nocrsend "" --strictcrlpolicy "" --nat_traversal "" --keep_alive "" --force_keepalive "" --disable_port_floating "" --virtual_private "" --crlcheckinterval "0" --ocspuri "" --dump "" --opts "" --stderrlog "" --wait "no" --pre "" --post "" --log "daemon.error" --plutorestartoncrash false --pid "/var/run/pluto.pid" || { ifl=` ifconfig | sed -n -e "/^ipsec/s/ .*//p" ` ; test "X$ifl" != "X" && for i in $ifl ; do ifconfig $i down ; ipsec tncfg --detach --virtual $i ; done ; test -r /proc/net/ipsec_klipsdebug && ipsec klipsdebug --none ; ipsec eroute --clear ; ipsec spi --clear ; lsmod 2>&1 | grep "^ipsec" > /dev/null && rmmod ipsec ; rm -f /var/run/ipsec_setup.pid ; exit 1 ; }
ipsec_setup: echo "...Openswan IPsec started" | logger -p daemon.error -t ipsec_setup
|
