SourceForge.net Logo

B.25. /etc/init.d/racoon

#!/bin/ash
# 
# GPL $Id: racoon,v 1.3 2005/03/31 04:40:53 cvonk Exp $
# system init for IPsec server (racoon)

IPTABLES="/sbin/iptables"
MANGLE_RULE1="-i eth1 -p esp -j MARK --set-mark 0x0f"
MANGLE_RULE2="-i eth1 -p udp --dport 4500 -j MARK --set-mark 0x0f" # NAT-T

case "$1" in
    start)
	. /etc/init.d/functions
	getaddr eth1 IP_ETH1
	sed "/ *isakmp/s,0.0.0.0,$IP_ETH1,g;" \
	    < /etc/sysconfig/racoon.conf > /tmp/racoon.conf

	$IPTABLES -t mangle -I PREROUTING $MANGLE_RULE1
	$IPTABLES -t mangle -I PREROUTING $MANGLE_RULE2
        racoon -v -f /tmp/racoon.conf # -d
        ;;
    stop)
        killall racoon 2>/dev/null
	$IPTABLES -t mangle -D PREROUTING $MANGLE_RULE1
	$IPTABLES -t mangle -D PREROUTING $MANGLE_RULE2
        ;;
    restart)
	$0 stop
	$0 start
	;;
    status)
        if pidof racoon | sed "s/$$\$//" | grep -q [0-9] ; then
	    echo "running"
        else
	    echo "stopped"
        fi
        ;;
esac
# 

Example B.25. /etc/init.d/racoon