|
@ -220,7 +220,6 @@ config_conn() { |
|
|
local updown |
|
|
local updown |
|
|
local firewall |
|
|
local firewall |
|
|
local remote_subnet |
|
|
local remote_subnet |
|
|
local remote_sourceip |
|
|
|
|
|
local lifetime |
|
|
local lifetime |
|
|
local dpdaction |
|
|
local dpdaction |
|
|
local closeaction |
|
|
local closeaction |
|
@ -234,7 +233,6 @@ config_conn() { |
|
|
config_get updown "$1" updown "" |
|
|
config_get updown "$1" updown "" |
|
|
config_get firewall "$1" firewall "" |
|
|
config_get firewall "$1" firewall "" |
|
|
config_get remote_subnet "$1" remote_subnet "" |
|
|
config_get remote_subnet "$1" remote_subnet "" |
|
|
config_get remote_sourceip "$1" remote_sourceip "" |
|
|
|
|
|
config_get lifetime "$1" lifetime "" |
|
|
config_get lifetime "$1" lifetime "" |
|
|
config_get dpdaction "$1" dpdaction "none" |
|
|
config_get dpdaction "$1" dpdaction "none" |
|
|
config_get closeaction "$1" closeaction "none" |
|
|
config_get closeaction "$1" closeaction "none" |
|
@ -315,6 +313,7 @@ config_conn() { |
|
|
swanctl_xappend4 "life_time = $(seconds2time $(((110 * $(time2seconds $rekeytime)) / 100)))" |
|
|
swanctl_xappend4 "life_time = $(seconds2time $(((110 * $(time2seconds $rekeytime)) / 100)))" |
|
|
fi |
|
|
fi |
|
|
[ -n "$rekeytime" ] && swanctl_xappend4 "rekey_time = $rekeytime" |
|
|
[ -n "$rekeytime" ] && swanctl_xappend4 "rekey_time = $rekeytime" |
|
|
|
|
|
[ -n "$inactivity" ] && swanctl_xappend4 "inactivity = $inactivity" |
|
|
|
|
|
|
|
|
[ -n "$updown" ] && swanctl_xappend4 "updown = $updown" |
|
|
[ -n "$updown" ] && swanctl_xappend4 "updown = $updown" |
|
|
[ -n "$dpdaction" ] && swanctl_xappend4 "dpd_action = $dpdaction" |
|
|
[ -n "$dpdaction" ] && swanctl_xappend4 "dpd_action = $dpdaction" |
|
@ -345,8 +344,6 @@ config_remote() { |
|
|
local dpddelay |
|
|
local dpddelay |
|
|
local inactivity |
|
|
local inactivity |
|
|
local keyexchange |
|
|
local keyexchange |
|
|
local reqid |
|
|
|
|
|
local packet_marker |
|
|
|
|
|
local fragmentation |
|
|
local fragmentation |
|
|
local mobike |
|
|
local mobike |
|
|
local local_cert |
|
|
local local_cert |
|
@ -368,8 +365,6 @@ config_remote() { |
|
|
config_get dpddelay "$1" dpddelay "30s" |
|
|
config_get dpddelay "$1" dpddelay "30s" |
|
|
config_get inactivity "$1" inactivity |
|
|
config_get inactivity "$1" inactivity |
|
|
config_get keyexchange "$1" keyexchange "ikev2" |
|
|
config_get keyexchange "$1" keyexchange "ikev2" |
|
|
config_get reqid "$1" reqid |
|
|
|
|
|
config_get packet_marker "$1" packet_marker |
|
|
|
|
|
config_get fragmentation "$1" fragmentation "yes" |
|
|
config_get fragmentation "$1" fragmentation "yes" |
|
|
config_get_bool mobike "$1" mobike 1 |
|
|
config_get_bool mobike "$1" mobike 1 |
|
|
config_get local_cert "$1" local_cert "" |
|
|
config_get local_cert "$1" local_cert "" |
|
@ -508,14 +503,15 @@ do_preamble() { |
|
|
swanctl_xappend0 "# generated by /etc/init.d/swanctl" |
|
|
swanctl_xappend0 "# generated by /etc/init.d/swanctl" |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
append_interface() { |
|
|
|
|
|
append interface_list "$1" " " |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
config_ipsec() { |
|
|
config_ipsec() { |
|
|
local debug |
|
|
|
|
|
local rtinstall_enabled |
|
|
local rtinstall_enabled |
|
|
local routing_tables_ignored |
|
|
|
|
|
local routing_table |
|
|
local routing_table |
|
|
local routing_table_id |
|
|
local routing_table_id |
|
|
local interface |
|
|
local interface |
|
|
local device_list |
|
|
|
|
|
|
|
|
|
|
|
config_get debug "$1" debug 0 |
|
|
config_get debug "$1" debug 0 |
|
|
config_get_bool rtinstall_enabled "$1" rtinstall_enabled 1 |
|
|
config_get_bool rtinstall_enabled "$1" rtinstall_enabled 1 |
|
@ -532,7 +528,9 @@ config_ipsec() { |
|
|
[ -n "$routing_table_id" ] && append routing_tables_ignored "$routing_table_id" |
|
|
[ -n "$routing_table_id" ] && append routing_tables_ignored "$routing_table_id" |
|
|
done |
|
|
done |
|
|
|
|
|
|
|
|
local interface_list=$(config_get "$1" "interface") |
|
|
|
|
|
|
|
|
local interface_list |
|
|
|
|
|
config_list_foreach "$1" interface append_interface |
|
|
|
|
|
|
|
|
if [ -z "$interface_list" ]; then |
|
|
if [ -z "$interface_list" ]; then |
|
|
WAIT_FOR_INTF=0 |
|
|
WAIT_FOR_INTF=0 |
|
|
else |
|
|
else |
|
@ -569,6 +567,9 @@ prepare_env() { |
|
|
swanctl_reset |
|
|
swanctl_reset |
|
|
do_preamble |
|
|
do_preamble |
|
|
|
|
|
|
|
|
|
|
|
# needed by do_postamble |
|
|
|
|
|
local debug install_routes routing_tables_ignored device_list |
|
|
|
|
|
|
|
|
config_load ipsec |
|
|
config_load ipsec |
|
|
config_foreach config_ipsec ipsec |
|
|
config_foreach config_ipsec ipsec |
|
|
config_foreach config_remote remote |
|
|
config_foreach config_remote remote |
|
|