[RFC,2/2] network: add ipsec
| Message ID | 1501090354-17617-2-git-send-email-jonatan.schlag@ipfire.org |
|---|---|
| State | New |
| Headers |
Return-Path: <network-bounces@lists.ipfire.org> Received: from mail01.ipfire.org (unknown [172.28.1.200]) by web02.ipfire.org (Postfix) with ESMTP id 86F1A61CAF for <patchwork@ipfire.org>; Wed, 26 Jul 2017 19:32:42 +0200 (CEST) Received: from mail01.ipfire.org (localhost [IPv6:::1]) by mail01.ipfire.org (Postfix) with ESMTP id 3A09B27CE; Wed, 26 Jul 2017 19:32:42 +0200 (CEST) Received: from ipfire.localdomain (dslb-088-073-218-016.088.073.pools.vodafone-ip.de [88.73.218.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4064D27D6; Wed, 26 Jul 2017 19:32:40 +0200 (CEST) From: Jonatan Schlag <jonatan.schlag@ipfire.org> To: network@lists.ipfire.org Subject: [RFC PATCH 2/2] network: add ipsec Date: Wed, 26 Jul 2017 19:32:34 +0200 Message-Id: <1501090354-17617-2-git-send-email-jonatan.schlag@ipfire.org> X-Mailer: git-send-email 2.6.3 In-Reply-To: <1501090354-17617-1-git-send-email-jonatan.schlag@ipfire.org> References: <1501090354-17617-1-git-send-email-jonatan.schlag@ipfire.org> X-BeenThere: network@lists.ipfire.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: List for the network package <network.lists.ipfire.org> List-Unsubscribe: <http://lists.ipfire.org/mailman/options/network>, <mailto:network-request@lists.ipfire.org?subject=unsubscribe> List-Archive: <http://lists.ipfire.org/pipermail/network/> List-Post: <mailto:network@lists.ipfire.org> List-Help: <mailto:network-request@lists.ipfire.org?subject=help> List-Subscribe: <http://lists.ipfire.org/mailman/listinfo/network>, <mailto:network-request@lists.ipfire.org?subject=subscribe> Errors-To: network-bounces@lists.ipfire.org Sender: "network" <network-bounces@lists.ipfire.org> |
Message
Jonatan Schlag
July 27, 2017, 3:32 a.m. UTC
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
---
src/network | 60 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 60 insertions(+)
Comments
Hi, On Wed, 2017-07-26 at 19:32 +0200, Jonatan Schlag wrote: > Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org> > --- > src/network | 60 > ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ > 1 file changed, 60 insertions(+) > > diff --git a/src/network b/src/network > index adc9ac3..893c411 100644 > --- a/src/network > +++ b/src/network > @@ -1403,6 +1403,9 @@ cli_vpn() { > security-policies) > cli_vpn_security_policies $@ > ;; > + ipsec) > + cli_vpn_ipsec $@ > + ;; > *) > error "Unrecognized argument: ${action}" > exit ${EXIT_ERROR} > @@ -1410,6 +1413,63 @@ cli_vpn() { > esac > } > > +cli_vpn_ipsec() { > + local action=${1} > + shift 1 > + > + case "${action}" in > + connection) > + cli_vpn_ipsec_connection $@ > + ;; > + *) > + error "Unrecognized argument: ${action}" > + exit ${EXIT_ERROR} > + ;; > + esac > +} > + > +cli_vpn_ipsec_connection() { > + if vpn_ipsec_connection_exists ${1}; then > + local connection=${1} > + local key=${2} > + shift 2 You could just replace any - by _ in ${key} which makes this easier: key=${key//-/_} > + > + case "${key}" in > + authentication|local|mode|peer|remote) > + vpn_ipsec_connection_${key} > ${connection} $@ > + ;; > + inactivity-timeout) > + vpn_ipsec_connection_inactivity_time > out ${connection} $@ > + ;; > + security-policy) > + vpn_ipsec_connection_security_policy > ${connection} $@ > + ;; > + *) > + error "Unrecognized argument: > ${key}" > + exit ${EXIT_ERROR} > + ;; > + esac > + else > + local action=${1} > + shift > + > + case "${action}" in > + new) > + vpn_ipsec_connection_new $@ > + ;; > + destroy) > + vpn_ipsec_connection_destroy $@ > + ;; > + ""|*) > + if [ -n "${action}" ]; then > + error "Unrecognized > argument: '${action}'" > + fi > + exit ${EXIT_ERROR} > + ;; > + esac > + fi > +} > + > cli_vpn_security_policies() { > > local action