#!/sbin/runscript

# IPsec startup and shutdown script
# Copyright (C) 1998, 1999, 2001  Henry Spencer.
# Gentoo mods (C) 2003 Anthony de Boer
# 
# This program is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by the
# Free Software Foundation; either version 2 of the License, or (at your
# option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
# 
# This program is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
# or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
# for more details.

depend() {
	need net logger
	after dns
}

ipsecdoit() {
# Pick up IPsec configuration (until we have done this, successfully, we
# do not know where errors should go, hence the explicit "daemon.error"s.)
# Note the "--export", which exports the variables created.
	eval `ipsec _confread --varprefix IPSEC --export --type config setup`
	if test " $IPSEC_confreadstatus" != " "
	then
		echo "$IPSEC_confreadstatus -- \`$1' aborted" |
			logger -s -p daemon.error -t ipsec_setup
		return 1
	fi
	IPSECsyslog=${IPSECsyslog-daemon.error}
	export IPSECsyslog
	umask 022
	tmp=/var/run/ipsec_setup.st
	(
		ipsec _realsetup $1
		echo "$?" >$tmp
	) 2>&1 | logger -s -p $IPSECsyslog -t ipsec_setup 2>&1
	st=`cat $tmp`
	rm -f $tmp
	return $st
}

start() {
	ebegin "Starting IPSEC ..."
	ipsecdoit start
	eend $?
}

stop() {
	ebegin "Stopping IPSEC ..."
	ipsecdoit stop
	eend $?
}

