summaryrefslogtreecommitdiff
path: root/src/_updown
diff options
context:
space:
mode:
Diffstat (limited to 'src/_updown')
-rw-r--r--src/_updown/Makefile.am10
-rw-r--r--src/_updown/Makefile.in151
-rw-r--r--src/_updown/_updown.82
-rw-r--r--[-rwxr-xr-x]src/_updown/_updown.in (renamed from src/_updown/_updown)34
4 files changed, 107 insertions, 90 deletions
diff --git a/src/_updown/Makefile.am b/src/_updown/Makefile.am
index 27a467c4f..d0b7a27a4 100644
--- a/src/_updown/Makefile.am
+++ b/src/_updown/Makefile.am
@@ -1,3 +1,11 @@
-dist_ipsec_SCRIPTS = _updown
+ipsec_SCRIPTS = _updown
+CLEANFILES = _updown
dist_man8_MANS = _updown.8
+EXTRA_DIST = _updown.in
+_updown : _updown.in
+ sed \
+ -e "s:\@IPSEC_ROUTING_TABLE\@:$(IPSEC_ROUTING_TABLE):" \
+ -e "s:\@IPSEC_ROUTING_TABLE_PRIO\@:$(IPSEC_ROUTING_TABLE_PRIO):" \
+ $< > $@
+ chmod +x $@
diff --git a/src/_updown/Makefile.in b/src/_updown/Makefile.in
index ff4651d05..21e38da5d 100644
--- a/src/_updown/Makefile.in
+++ b/src/_updown/Makefile.in
@@ -1,8 +1,8 @@
-# Makefile.in generated by automake 1.9.6 from Makefile.am.
+# Makefile.in generated by automake 1.10 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005 Free Software Foundation, Inc.
+# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -14,15 +14,11 @@
@SET_MAKE@
-srcdir = @srcdir@
-top_srcdir = @top_srcdir@
VPATH = @srcdir@
pkgdatadir = $(datadir)/@PACKAGE@
pkglibdir = $(libdir)/@PACKAGE@
pkgincludedir = $(includedir)/@PACKAGE@
-top_builddir = ../..
am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
-INSTALL = @INSTALL@
install_sh_DATA = $(install_sh) -c -m 644
install_sh_PROGRAM = $(install_sh) -c
install_sh_SCRIPT = $(install_sh) -c
@@ -37,8 +33,8 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/_updown
-DIST_COMMON = $(dist_ipsec_SCRIPTS) $(dist_man8_MANS) \
- $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+DIST_COMMON = $(dist_man8_MANS) $(srcdir)/Makefile.am \
+ $(srcdir)/Makefile.in
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/configure.in
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
@@ -46,8 +42,8 @@ am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
mkinstalldirs = $(install_sh) -d
CONFIG_CLEAN_FILES =
am__installdirs = "$(DESTDIR)$(ipsecdir)" "$(DESTDIR)$(man8dir)"
-dist_ipsecSCRIPT_INSTALL = $(INSTALL_SCRIPT)
-SCRIPTS = $(dist_ipsec_SCRIPTS)
+ipsecSCRIPT_INSTALL = $(INSTALL_SCRIPT)
+SCRIPTS = $(ipsec_SCRIPTS)
SOURCES =
DIST_SOURCES =
man8dir = $(mandir)/man8
@@ -55,16 +51,12 @@ NROFF = nroff
MANS = $(dist_man8_MANS)
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
-AMDEP_FALSE = @AMDEP_FALSE@
-AMDEP_TRUE = @AMDEP_TRUE@
AMTAR = @AMTAR@
AR = @AR@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
AWK = @AWK@
-BUILD_EAP_SIM_FALSE = @BUILD_EAP_SIM_FALSE@
-BUILD_EAP_SIM_TRUE = @BUILD_EAP_SIM_TRUE@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
@@ -87,10 +79,13 @@ F77 = @F77@
FFLAGS = @FFLAGS@
GPERF = @GPERF@
GREP = @GREP@
+INSTALL = @INSTALL@
INSTALL_DATA = @INSTALL_DATA@
INSTALL_PROGRAM = @INSTALL_PROGRAM@
INSTALL_SCRIPT = @INSTALL_SCRIPT@
INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@
+IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@
LDFLAGS = @LDFLAGS@
LEX = @LEX@
LEXLIB = @LEXLIB@
@@ -102,6 +97,7 @@ LINUX_HEADERS = @LINUX_HEADERS@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
OBJEXT = @OBJEXT@
PACKAGE = @PACKAGE@
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
@@ -117,34 +113,16 @@ SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
STRIP = @STRIP@
-USE_CISCO_QUIRKS_FALSE = @USE_CISCO_QUIRKS_FALSE@
-USE_CISCO_QUIRKS_TRUE = @USE_CISCO_QUIRKS_TRUE@
-USE_LEAK_DETECTIVE_FALSE = @USE_LEAK_DETECTIVE_FALSE@
-USE_LEAK_DETECTIVE_TRUE = @USE_LEAK_DETECTIVE_TRUE@
-USE_LIBCURL_FALSE = @USE_LIBCURL_FALSE@
-USE_LIBCURL_TRUE = @USE_LIBCURL_TRUE@
-USE_LIBDBUS_FALSE = @USE_LIBDBUS_FALSE@
-USE_LIBDBUS_TRUE = @USE_LIBDBUS_TRUE@
-USE_LIBLDAP_FALSE = @USE_LIBLDAP_FALSE@
-USE_LIBLDAP_TRUE = @USE_LIBLDAP_TRUE@
-USE_LIBXML_FALSE = @USE_LIBXML_FALSE@
-USE_LIBXML_TRUE = @USE_LIBXML_TRUE@
-USE_NAT_TRANSPORT_FALSE = @USE_NAT_TRANSPORT_FALSE@
-USE_NAT_TRANSPORT_TRUE = @USE_NAT_TRANSPORT_TRUE@
-USE_SMARTCARD_FALSE = @USE_SMARTCARD_FALSE@
-USE_SMARTCARD_TRUE = @USE_SMARTCARD_TRUE@
-USE_VENDORID_FALSE = @USE_VENDORID_FALSE@
-USE_VENDORID_TRUE = @USE_VENDORID_TRUE@
VERSION = @VERSION@
YACC = @YACC@
YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
ac_ct_CC = @ac_ct_CC@
ac_ct_CXX = @ac_ct_CXX@
ac_ct_F77 = @ac_ct_F77@
-am__fastdepCC_FALSE = @am__fastdepCC_FALSE@
-am__fastdepCC_TRUE = @am__fastdepCC_TRUE@
-am__fastdepCXX_FALSE = @am__fastdepCXX_FALSE@
-am__fastdepCXX_TRUE = @am__fastdepCXX_TRUE@
am__include = @am__include@
am__leading_dot = @am__leading_dot@
am__quote = @am__quote@
@@ -157,6 +135,7 @@ build_alias = @build_alias@
build_cpu = @build_cpu@
build_os = @build_os@
build_vendor = @build_vendor@
+builddir = @builddir@
confdir = @confdir@
datadir = @datadir@
datarootdir = @datarootdir@
@@ -194,12 +173,17 @@ program_transform_name = @program_transform_name@
psdir = @psdir@
sbindir = @sbindir@
sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
sysconfdir = @sysconfdir@
target_alias = @target_alias@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
xml_CFLAGS = @xml_CFLAGS@
xml_LIBS = @xml_LIBS@
-dist_ipsec_SCRIPTS = _updown
+ipsec_SCRIPTS = _updown
+CLEANFILES = _updown
dist_man8_MANS = _updown.8
+EXTRA_DIST = _updown.in
all: all-am
.SUFFIXES:
@@ -232,21 +216,21 @@ $(top_srcdir)/configure: $(am__configure_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(ACLOCAL_M4): $(am__aclocal_m4_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
-install-dist_ipsecSCRIPTS: $(dist_ipsec_SCRIPTS)
+install-ipsecSCRIPTS: $(ipsec_SCRIPTS)
@$(NORMAL_INSTALL)
- test -z "$(ipsecdir)" || $(mkdir_p) "$(DESTDIR)$(ipsecdir)"
- @list='$(dist_ipsec_SCRIPTS)'; for p in $$list; do \
+ test -z "$(ipsecdir)" || $(MKDIR_P) "$(DESTDIR)$(ipsecdir)"
+ @list='$(ipsec_SCRIPTS)'; for p in $$list; do \
if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
if test -f $$d$$p; then \
f=`echo "$$p" | sed 's|^.*/||;$(transform)'`; \
- echo " $(dist_ipsecSCRIPT_INSTALL) '$$d$$p' '$(DESTDIR)$(ipsecdir)/$$f'"; \
- $(dist_ipsecSCRIPT_INSTALL) "$$d$$p" "$(DESTDIR)$(ipsecdir)/$$f"; \
+ echo " $(ipsecSCRIPT_INSTALL) '$$d$$p' '$(DESTDIR)$(ipsecdir)/$$f'"; \
+ $(ipsecSCRIPT_INSTALL) "$$d$$p" "$(DESTDIR)$(ipsecdir)/$$f"; \
else :; fi; \
done
-uninstall-dist_ipsecSCRIPTS:
+uninstall-ipsecSCRIPTS:
@$(NORMAL_UNINSTALL)
- @list='$(dist_ipsec_SCRIPTS)'; for p in $$list; do \
+ @list='$(ipsec_SCRIPTS)'; for p in $$list; do \
f=`echo "$$p" | sed 's|^.*/||;$(transform)'`; \
echo " rm -f '$(DESTDIR)$(ipsecdir)/$$f'"; \
rm -f "$(DESTDIR)$(ipsecdir)/$$f"; \
@@ -257,13 +241,9 @@ mostlyclean-libtool:
clean-libtool:
-rm -rf .libs _libs
-
-distclean-libtool:
- -rm -f libtool
-uninstall-info-am:
install-man8: $(man8_MANS) $(man_MANS)
@$(NORMAL_INSTALL)
- test -z "$(man8dir)" || $(mkdir_p) "$(DESTDIR)$(man8dir)"
+ test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)"
@list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
for i in $$l2; do \
@@ -314,22 +294,21 @@ CTAGS:
distdir: $(DISTFILES)
- @srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \
- topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \
- list='$(DISTFILES)'; for file in $$list; do \
- case $$file in \
- $(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \
- $(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \
- esac; \
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
- dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \
- if test "$$dir" != "$$file" && test "$$dir" != "."; then \
- dir="/$$dir"; \
- $(mkdir_p) "$(distdir)$$dir"; \
- else \
- dir=''; \
- fi; \
if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
fi; \
@@ -345,7 +324,7 @@ check: check-am
all-am: Makefile $(SCRIPTS) $(MANS)
installdirs:
for dir in "$(DESTDIR)$(ipsecdir)" "$(DESTDIR)$(man8dir)"; do \
- test -z "$$dir" || $(mkdir_p) "$$dir"; \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
done
install: install-am
install-exec: install-exec-am
@@ -364,6 +343,7 @@ install-strip:
mostlyclean-generic:
clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
distclean-generic:
-test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
@@ -377,7 +357,7 @@ clean-am: clean-generic clean-libtool mostlyclean-am
distclean: distclean-am
-rm -f Makefile
-distclean-am: clean-am distclean-generic distclean-libtool
+distclean-am: clean-am distclean-generic
dvi: dvi-am
@@ -389,14 +369,22 @@ info: info-am
info-am:
-install-data-am: install-dist_ipsecSCRIPTS install-man
+install-data-am: install-ipsecSCRIPTS install-man
+
+install-dvi: install-dvi-am
install-exec-am:
+install-html: install-html-am
+
install-info: install-info-am
install-man: install-man8
+install-pdf: install-pdf-am
+
+install-ps: install-ps-am
+
installcheck-am:
maintainer-clean: maintainer-clean-am
@@ -415,23 +403,32 @@ ps: ps-am
ps-am:
-uninstall-am: uninstall-dist_ipsecSCRIPTS uninstall-info-am \
- uninstall-man
+uninstall-am: uninstall-ipsecSCRIPTS uninstall-man
uninstall-man: uninstall-man8
+.MAKE: install-am install-strip
+
.PHONY: all all-am check check-am clean clean-generic clean-libtool \
distclean distclean-generic distclean-libtool distdir dvi \
dvi-am html html-am info info-am install install-am \
- install-data install-data-am install-dist_ipsecSCRIPTS \
- install-exec install-exec-am install-info install-info-am \
- install-man install-man8 install-strip installcheck \
- installcheck-am installdirs maintainer-clean \
- maintainer-clean-generic mostlyclean mostlyclean-generic \
- mostlyclean-libtool pdf pdf-am ps ps-am uninstall uninstall-am \
- uninstall-dist_ipsecSCRIPTS uninstall-info-am uninstall-man \
- uninstall-man8
-
+ install-data install-data-am install-dvi install-dvi-am \
+ install-exec install-exec-am install-html install-html-am \
+ install-info install-info-am install-ipsecSCRIPTS install-man \
+ install-man8 install-pdf install-pdf-am install-ps \
+ install-ps-am install-strip installcheck installcheck-am \
+ installdirs maintainer-clean maintainer-clean-generic \
+ mostlyclean mostlyclean-generic mostlyclean-libtool pdf pdf-am \
+ ps ps-am uninstall uninstall-am uninstall-ipsecSCRIPTS \
+ uninstall-man uninstall-man8
+
+
+_updown : _updown.in
+ sed \
+ -e "s:\@IPSEC_ROUTING_TABLE\@:$(IPSEC_ROUTING_TABLE):" \
+ -e "s:\@IPSEC_ROUTING_TABLE_PRIO\@:$(IPSEC_ROUTING_TABLE_PRIO):" \
+ $< > $@
+ chmod +x $@
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
.NOEXPORT:
diff --git a/src/_updown/_updown.8 b/src/_updown/_updown.8
index 5107d3694..0f7b17ba5 100644
--- a/src/_updown/_updown.8
+++ b/src/_updown/_updown.8
@@ -1,6 +1,6 @@
.TH _UPDOWN 8 "27 Apr 2006"
.\"
-.\" RCSID $Id: _updown.8,v 1.2 2006/04/17 06:48:49 as Exp $
+.\" RCSID $Id: _updown.8 3268 2007-10-08 19:59:18Z andreas $
.\"
.SH NAME
ipsec _updown \- route and firewall manipulation script
diff --git a/src/_updown/_updown b/src/_updown/_updown.in
index 795b6f388..4002449dd 100755..100644
--- a/src/_updown/_updown
+++ b/src/_updown/_updown.in
@@ -16,7 +16,7 @@
# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
# for more details.
#
-# RCSID $Id: _updown.in,v 1.2 2006/04/17 15:06:29 as Exp $
+# RCSID $Id: _updown.in 3268 2007-10-08 19:59:18Z andreas $
# CAUTION: Installing a new version of strongSwan will install a new
# copy of this script, wiping out any custom changes you make. If
@@ -131,7 +131,16 @@ FAC_PRIO=local0.notice
# the syslog configuration file /etc/syslog.conf:
#
# local0.notice -/var/log/vpn
+
+# in order to use source IP routing the Linux kernel options
+# CONFIG_IP_ADVANCED_ROUTER and CONFIG_IP_MULTIPLE_TABLES
+# must be enabled
+#
+# special routing table for sourceip routes
+SOURCEIP_ROUTING_TABLE=@IPSEC_ROUTING_TABLE@
#
+# priority of the sourceip routing table
+SOURCEIP_ROUTING_TABLE_PRIO=@IPSEC_ROUTING_TABLE_PRIO@
# check interface version
case "$PLUTO_VERSION" in
@@ -218,23 +227,26 @@ doroute() {
parms1="$PLUTO_PEER_CLIENT"
- parms2=
- if [ -n "$KLIPS" ]
+ if [ -n "$PLUTO_NEXT_HOP" ]
then
- if [ -n "$PLUTO_NEXT_HOP" ]
- then
- parms2="via $PLUTO_NEXT_HOP"
- fi
+ parms2="via $PLUTO_NEXT_HOP"
else
- parms2="via $PLUTO_ME"
+ parms2="via $PLUTO_PEER"
fi
parms2="$parms2 dev $PLUTO_INTERFACE"
parms3=
- if test "$1" = "add" -a -n "$PLUTO_MY_SOURCEIP"
+ if [ -n "$PLUTO_MY_SOURCEIP" ]
then
- addsource
- parms3="$parms3 src ${PLUTO_MY_SOURCEIP%/*}"
+ if test "$1" = "add"
+ then
+ addsource
+ if ! ip rule list | grep -q "lookup $SOURCEIP_ROUTING_TABLE"
+ then
+ ip rule add pref $SOURCEIP_ROUTING_TABLE_PRIO table $SOURCEIP_ROUTING_TABLE
+ fi
+ fi
+ parms3="$parms3 src ${PLUTO_MY_SOURCEIP%/*} table $SOURCEIP_ROUTING_TABLE"
fi
case "$PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK" in
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-10 13:20:37 +0000