You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
41 lines
1.0 KiB
41 lines
1.0 KiB
#!/bin/sh
|
|
#
|
|
|
|
log="logger -t p1client-down[$$]"
|
|
|
|
. /lib/functions.sh
|
|
. /etc/racoon/functions.sh
|
|
|
|
if [ -z "$SPLIT_INCLUDE_CIDR" ]; then
|
|
$log "Connection without server-pushed routing is not supported"
|
|
exit 1
|
|
fi
|
|
|
|
$log "Shutting down tunnel to server $REMOTE_ADDR"
|
|
$log "Closing tunnel(-s) to $SPLIT_INCLUDE_CIDR through $INTERNAL_ADDR4"
|
|
|
|
config_load racoon
|
|
config_get confIntZone racoon int_zone lan
|
|
config_get confExtZone racoon ext_zone wan
|
|
|
|
manage_fw del $confIntZone $confExtZone "$INTERNAL_ADDR4 $SPLIT_INCLUDE_CIDR"
|
|
|
|
data=$(get_zoneiflist $confIntZone)
|
|
if [ -n "$data" ]; then
|
|
for item in $data ; do
|
|
network_get_subnet locnet $item
|
|
if [ -n "$locnet" ]; then
|
|
manage_sa del "$locnet" "$SPLIT_INCLUDE_CIDR" $REMOTE_ADDR $INTERNAL_ADDR4
|
|
else
|
|
$log "Can not find subnet on interface $item"
|
|
fi
|
|
done
|
|
else
|
|
$log "Can not find subnets in zone $confIntZone"
|
|
fi
|
|
|
|
get_fieldval data dev "$(/usr/sbin/ip route get $REMOTE_ADDR)"
|
|
ip address del $INTERNAL_ADDR4/32 dev $data
|
|
|
|
|
|
# EOF /etc/racoon/p1client-down
|