FreeBSD Bugzilla – Attachment 202474 Details for
Bug 234648
security/strongswan: start/stop/reload modern vici-based configurations
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Updated startup script
strongswan_bug_234648.patch (text/plain), 2.84 KB, created by
Francois ten Krooden
on 2019-03-01 11:29:01 UTC
(
hide
)
Description:
Updated startup script
Filename:
MIME Type:
Creator:
Francois ten Krooden
Created:
2019-03-01 11:29:01 UTC
Size:
2.84 KB
patch
obsolete
>Index: security/strongswan/Makefile >=================================================================== >--- security/strongswan/Makefile (revision 494023) >+++ security/strongswan/Makefile (working copy) >@@ -3,6 +3,7 @@ > > PORTNAME= strongswan > PORTVERSION= 5.7.2 >+PORTREVISION= 1 > CATEGORIES= security > MASTER_SITES= http://download.strongswan.org/ \ > http://download2.strongswan.org/ >Index: security/strongswan/files/strongswan.in >=================================================================== >--- security/strongswan/files/strongswan.in (revision 494023) >+++ security/strongswan/files/strongswan.in (working copy) >@@ -7,31 +7,84 @@ > # BEFORE: LOGIN > # KEYWORD: shutdown > >+# strongswan_enable (bool): Set it to "YES" to enable strongswan >+# Default is "NO" >+# strongswan_interface (string): Set the control interface to use. >+# Valid options are: >+# "stroke" for the old ipsec/starter interface >+# "vici" for the newer swanctl interface >+# Default is "stroke" >+ > . /etc/rc.subr > > name=strongswan >+desc="Strongswan IPsec startup script" > rcvar=strongswan_enable > >+load_rc_config $name >+ >+: ${strongswan_enable:=NO} >+: ${strongswan_interface:="stroke"} >+ > extra_commands="reload statusall" > >-load_rc_config $name >+charon_command=%%PREFIX%%/libexec/ipsec/charon >+charon_pidfile=/var/run/charon.pid >+swanctl_command=%%PREFIX%%/sbin/swanctl > >-command="%%PREFIX%%/sbin/ipsec" >+case $strongswan_interface in >+# "stroke" >+[Ss][Tt][Rr][Oo][Kk][Ee]) >+ command="%%PREFIX%%/sbin/ipsec" > >-start_precmd="strongswan_precmd" >-stop_cmd="strongswan_cmd" >-status_cmd="strongswan_cmd" >-reload_cmd="strongswan_cmd" >-statusall_cmd="strongswan_cmd" >+ start_precmd=command_args=start >+ stop_cmd="${command} stop" >+ status_cmd="${command} status" >+ reload_cmd="${command} reload" >+ statusall_cmd="${command} statusall" >+ ;; > >-strongswan_precmd() >+# "vici" >+[Vv][Ii][Cc][Ii]) >+ command=/usr/sbin/daemon >+ pidfile=/var/run/daemon-charon.pid >+ command_args="-S -P ${pidfile} ${charon_command} --use-syslog" >+ >+ required_files=${charon_command} >+ extra_commands="reload statusall" >+ >+ start_postcmd=${name}_swanctl_poststart >+ status_cmd="${swanctl_command} --stats" >+ reload_cmd=${name}_swanctl_reload >+ statusall_cmd=${name}_swanctl_statusall >+ >+ ;; >+esac >+ >+strongswan_swanctl_poststart() > { >- command_args=${rc_arg} >+ local _waitmax=5 >+ >+ # Need to wait for charon to finish startup, else vici socket is unreadable >+ while [ ! -f ${charon_pidfile} ] && [ ${_waitmax} -gt 0 ]; do >+ sleep 1 >+ _waitmax=$((_waitmax - 1)) >+ done >+ >+ ${swanctl_command} --load-all --noprompt > } > >-strongswan_cmd() >+strongswan_swanctl_reload() > { >- ${command} ${rc_arg} >+ ${swanctl_command} --reload-settings >+ ${swanctl_command} --load-all --noprompt > } > >+strongswan_swanctl_statusall() >+{ >+ ${swanctl_command} --stats >+ ${swanctl_command} --list-conns >+ ${swanctl_command} --list-sas >+} >+ > run_rc_command "$1"
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=202474">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Flags:
strongswan
:
maintainer-approval-
Actions:
View
|
Diff
Attachments on
bug 234648
:
200820
|
200947
|
200948
|
201047
|
201171
|
201208
|
201209
|
202474
|
202573