diff options
Diffstat (limited to 'src/ipsec')
| -rw-r--r-- | src/ipsec/Makefile.in | 8 | ||||
| -rw-r--r-- | src/ipsec/_ipsec.8 | 14 | ||||
| -rw-r--r-- | src/ipsec/_ipsec.8.in | 12 | ||||
| -rw-r--r-- | src/ipsec/_ipsec.in | 51 |
4 files changed, 49 insertions, 36 deletions
diff --git a/src/ipsec/Makefile.in b/src/ipsec/Makefile.in index baa45326d..526c7c46e 100644 --- a/src/ipsec/Makefile.in +++ b/src/ipsec/Makefile.in @@ -182,6 +182,7 @@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ FGREP = @FGREP@ +GEM = @GEM@ GENHTML = @GENHTML@ GPERF = @GPERF@ GPRBUILD = @GPRBUILD@ @@ -242,6 +243,7 @@ PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ +RUBYGEMDIR = @RUBYGEMDIR@ RUBYINCLUDE = @RUBYINCLUDE@ RUBYLIB = @RUBYLIB@ SED = @SED@ @@ -307,6 +309,8 @@ ipsecdir = @ipsecdir@ ipsecgroup = @ipsecgroup@ ipseclibdir = @ipseclibdir@ ipsecuser = @ipsecuser@ +json_CFLAGS = @json_CFLAGS@ +json_LIBS = @json_LIBS@ libdir = @libdir@ libexecdir = @libexecdir@ linux_headers = @linux_headers@ @@ -354,6 +358,10 @@ strongswan_conf = @strongswan_conf@ strongswan_options = @strongswan_options@ swanctldir = @swanctldir@ sysconfdir = @sysconfdir@ +systemd_daemon_CFLAGS = @systemd_daemon_CFLAGS@ +systemd_daemon_LIBS = @systemd_daemon_LIBS@ +systemd_journal_CFLAGS = @systemd_journal_CFLAGS@ +systemd_journal_LIBS = @systemd_journal_LIBS@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ target_alias = @target_alias@ diff --git a/src/ipsec/_ipsec.8 b/src/ipsec/_ipsec.8 index 3dcb03af6..9ba9bd842 100644 --- a/src/ipsec/_ipsec.8 +++ b/src/ipsec/_ipsec.8 @@ -1,4 +1,4 @@ -.TH IPSEC 8 "2013-10-29" "5.2.0" "strongSwan" +.TH IPSEC 8 "2013-10-29" "5.2.1" "strongSwan" . .SH NAME . @@ -96,6 +96,11 @@ terminates IKE SA instance \fIn\fP of connection \fIname\fP. terminates all IKE SA instances of connection \fIname\fP. . .TP +.BI "down-srcip <" start "> [<" end ">]" +terminates all IKE SA instances with clients having virtual IPs in the range +.IR start - end . +. +.TP .BI "route " name tells the IKE daemon to insert an IPsec policy in the kernel for connection \fIname\fP. The first payload packet matching the IPsec policy @@ -118,6 +123,11 @@ returns detailed status information either on connection .SS LIST COMMANDS . .TP +.BI "leases [<" poolname "> [<" address ">]]" +returns the status of all or the selected IP address pool (or even a single +virtual IP address). +. +.TP .B "listalgs" returns a list supported cryptographic algorithms usable for IKE, and their corresponding plugin. @@ -242,7 +252,7 @@ resets global or connection specific counters. purges all cached certificates. . .TP -.B "purgecrl" +.B "purgecrls" purges all cached CRLs. . .TP diff --git a/src/ipsec/_ipsec.8.in b/src/ipsec/_ipsec.8.in index 250cf807a..210d74ef8 100644 --- a/src/ipsec/_ipsec.8.in +++ b/src/ipsec/_ipsec.8.in @@ -96,6 +96,11 @@ terminates IKE SA instance \fIn\fP of connection \fIname\fP. terminates all IKE SA instances of connection \fIname\fP. . .TP +.BI "down-srcip <" start "> [<" end ">]" +terminates all IKE SA instances with clients having virtual IPs in the range +.IR start - end . +. +.TP .BI "route " name tells the IKE daemon to insert an IPsec policy in the kernel for connection \fIname\fP. The first payload packet matching the IPsec policy @@ -118,6 +123,11 @@ returns detailed status information either on connection .SS LIST COMMANDS . .TP +.BI "leases [<" poolname "> [<" address ">]]" +returns the status of all or the selected IP address pool (or even a single +virtual IP address). +. +.TP .B "listalgs" returns a list supported cryptographic algorithms usable for IKE, and their corresponding plugin. @@ -242,7 +252,7 @@ resets global or connection specific counters. purges all cached certificates. . .TP -.B "purgecrl" +.B "purgecrls" purges all cached CRLs. . .TP diff --git a/src/ipsec/_ipsec.in b/src/ipsec/_ipsec.in index e6725d0ca..0798830cf 100644 --- a/src/ipsec/_ipsec.in +++ b/src/ipsec/_ipsec.in @@ -15,7 +15,7 @@ # for more details. # define a minimum PATH environment in case it is not set -PATH="/sbin:/bin:/usr/sbin:/usr/bin:@IPSEC_SBINDIR@:@IPSEC_BINDIR@" +PATH=${PATH:-"/sbin:/bin:/usr/sbin:/usr/bin"} export PATH # set daemon name @@ -46,37 +46,36 @@ IPSEC_DISTRO="Institute for Internet Technologies and Applications\nUniversity o case "$1" in '') - echo "Usage: $IPSEC_SCRIPT command argument ..." - echo "Use --help for list of commands, or see $IPSEC_SCRIPT(8) manual " - echo "page or the $IPSEC_NAME documentation for names of the common " - echo "ones." - echo "See <http://www.strongswan.org> for more general info." + echo "$IPSEC_SCRIPT command [arguments]" + echo + echo "Use --help for a list of commands, or refer to the $IPSEC_SCRIPT(8) man page." + echo "See <http://www.strongswan.org> for more general information." exit 0 ;; --help) - echo "Usage: $IPSEC_SCRIPT command argument ..." - echo "where command is one of:" - echo " start|restart arguments..." + echo "$IPSEC_SCRIPT command [arguments]" + echo + echo "Commands:" + echo " start|restart [arguments]" echo " update|reload|stop" echo " up|down|route|unroute <connectionname>" + echo " down-srcip <start> [<end>]" echo " status|statusall [<connectionname>]" echo " listalgs|listpubkeys|listcerts [--utc]" echo " listcacerts|listaacerts|listocspcerts [--utc]" echo " listacerts|listgroups|listcainfos [--utc]" - echo " listcrls|listocsp|listcards|listplugins|listall [--utc]" + echo " listcrls|listocsp|listplugins|listall [--utc]" echo " listcounters|resetcounters [name]" echo " leases [<poolname> [<address>]]" - echo " rereadsecrets|rereadgroups" - echo " rereadcacerts|rereadaacerts|rereadocspcerts" - echo " rereadacerts|rereadcrls|rereadall" - echo " purgeocsp|purgecrls|purgecerts|purgeike" - echo " scepclient" - echo " secrets" - echo " starter" + echo " rereadsecrets|rereadcacerts|rereadaacerts" + echo " rereadocspcerts|rereadacerts|rereadcrls|rereadall" + echo " purgecerts|purgecrls|purgeike|purgeocsp" + echo " scepclient|pki" + echo " starter|stroke" echo " version" - echo " stroke" echo - echo "Some of these functions have their own manual pages, e.g. scepclient(8)." + echo "Refer to the $IPSEC_SCRIPT(8) man page for details." + echo "Some commands have their own man pages, e.g. pki(1) or scepclient(8)." exit 0 ;; --versioncode) @@ -129,16 +128,6 @@ down-srcip) fi exit "$rc" ;; -listcards|rereadgroups) - op="$1" - shift - if [ -e $IPSEC_CHARON_PID ] - then - exit 3 - else - exit 7 - fi - ;; leases) op="$1" rc=7 @@ -340,12 +329,8 @@ path="$IPSEC_DIR/$cmd" if [ ! -x "$path" ] then - path="$IPSEC_DIR/$cmd" - if [ ! -x "$path" ] - then echo "$0: unknown IPsec command \`$cmd' (\`$IPSEC_SCRIPT --help' for list)" >&2 exit 2 - fi fi exec $path "$@" |