From 4137cc5bf1430055f65a867b7b3b2245fec19f52 Mon Sep 17 00:00:00 2001 From: Miloslav Trmac Date: Wed, 15 Nov 2006 01:37:02 +0000 Subject: Add a way to manually manage racoon.conf, e.g. to handle separate tunnels with a shared peer endpoint (#159343) --- sysconfig/network-scripts/ifup-ipsec | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) (limited to 'sysconfig/network-scripts/ifup-ipsec') diff --git a/sysconfig/network-scripts/ifup-ipsec b/sysconfig/network-scripts/ifup-ipsec index ebad848c..882722fd 100755 --- a/sysconfig/network-scripts/ifup-ipsec +++ b/sysconfig/network-scripts/ifup-ipsec @@ -158,7 +158,7 @@ spdadd $SPD_DST $SPD_SRC any -P in ipsec ; EOF -if [ "$KEYING" = "automatic" ]; then +if [ "$KEYING" = "automatic" -a -n "$IKE_METHOD" ]; then if [ "$IKE_METHOD" = "PSK" ]; then tmpfile=`mktemp /etc/racoon/psk.XXXXXX` grep -v "^$DST" /etc/racoon/psk.txt > $tmpfile @@ -223,9 +223,11 @@ EOF grep -v "^include \"/etc/racoon/$DST.conf\";" /etc/racoon/racoon.conf >> $racoontmp echo "include \"/etc/racoon/$DST.conf\";" >> $racoontmp mv -f $racoontmp /etc/racoon/racoon.conf - if pidof -x /usr/sbin/racoon > /dev/null 2>&1 ; then - killall -HUP /usr/sbin/racoon - else +fi +if [ "$KEYING" = "automatic" ]; then + if ! pidof -x /usr/sbin/racoon > /dev/null 2>&1 ; then /usr/sbin/racoon + elif [ -n "$IKE_METHOD" ]; then + killall -HUP /usr/sbin/racoon fi fi -- cgit