Skript je určen k nastavení IPsec politik. Více informací o použití naleznete v dokumentu Definice IPsec politik.
#!/bin/bash # Version: 2006.04.03 # # 2006.04.03 - Pridan prepinac -4 protoze ipsec provozujeme jen po IPv4 . /etc/ipsec-policies.conf setPolicy () { echo "spdadd -4 $1 $2 any -P out ipsec esp/transport//require;" | $SETKEY -c echo "spdadd -4 $2 $1 any -P in ipsec esp/transport//require;" | $SETKEY -c } start () { echo "Setting ipsec policies: " for PEER in $PEERS do echo " $LOCAL <-> $PEER"; setPolicy $LOCAL $PEER done } stop () { echo "Clearing ipsec policies: unsuported." }; force-stop () { $SETKEY -F; $SETKEY -FP } case "$1" in start) force-stop start ;; stop) stop ;; force-stop) force-stop ;; restart) force-stop start ;; *) echo "Usage: " `basename $0` "{start|stop|restart}" esac
— Jan Tomášek 11.09.2006 11:46 dokument převeden z www.eduroam.cz
CESNET, z. s. p. o.
Generála Píky 26
160 00 Praha 6
info@cesnet.cz
Tel: +420 234 680 222
GSM: +420 602 252 531
support@cesnet.cz