Fix an invalidation case that tends to occur under load on NFS servers or
[dragonfly.git] / etc / rc.d / ipsec
blobb280f381c9562492d41d4766af3ba05cca1e2dd5
1 #!/bin/sh
3 # $NetBSD: ipsec,v 1.7 2002/03/22 04:33:58 thorpej Exp $
4 # $FreeBSD: src/etc/rc.d/ipsec,v 1.5 2003/02/16 20:46:08 mtm Exp $
5 # $DragonFly: src/etc/rc.d/ipsec,v 1.5 2005/11/19 21:47:32 swildner Exp $
8 # PROVIDE: ipsec
9 # REQUIRE: root mountcritlocal tty
10 # BEFORE: DAEMON
12 . /etc/rc.subr
14 name="ipsec"
15 rcvar=`set_rcvar`
16 start_precmd="ipsec_prestart"
17 start_cmd="ipsec_start"
18 stop_precmd="test -f /etc/ipsec.conf"
19 stop_cmd="ipsec_stop"
20 reload_cmd="ipsec_reload"
21 extra_commands="reload"
22 ipsec_program="/usr/sbin/setkey"
23 # ipsec_file is set by rc.conf
25 ipsec_prestart()
27 if [ ! -f "$ipsec_file" ]; then
28 warn "$ipsec_file not readable; ipsec start aborted."
30 # If booting directly to multiuser, send SIGTERM to
31 # the parent (/etc/rc) to abort the boot
33 if [ "$autoboot" = yes ]; then
34 echo "ERROR: ABORTING BOOT (sending SIGTERM to parent)!"
35 kill -TERM $$
36 exit 1
38 return 1
40 return 0
43 ipsec_start()
45 echo "Installing ipsec manual keys/policies."
46 ${ipsec_program} -f $ipsec_file
49 ipsec_stop()
51 echo "Clearing ipsec manual keys/policies."
53 # still not 100% sure if we would like to do this.
54 # it is very questionable to do this during shutdown session, since
55 # it can hang any of remaining IPv4/v6 session.
57 ${ipsec_program} -F
58 ${ipsec_program} -FP
61 ipsec_reload()
63 echo "Reloading ipsec manual keys/policies."
64 ${ipsec_program} -F
65 ${ipsec_program} -FP
66 ${ipsec_program} -f "$ipsec_file"
69 load_rc_config $name
70 run_rc_command "$1"