[v3,5/5] Add vpn security policies to cli
Message ID | 1500318318-18852-5-git-send-email-jonatan.schlag@ipfire.org |
---|---|
State | Superseded |
Headers |
Return-Path: <network-bounces@lists.ipfire.org> Received: from mail01.ipfire.org (unknown [172.28.1.200]) by web02.ipfire.org (Postfix) with ESMTP id 5E65B6159A for <patchwork@ipfire.org>; Mon, 17 Jul 2017 21:05:30 +0200 (CEST) Received: from mail01.ipfire.org (localhost [IPv6:::1]) by mail01.ipfire.org (Postfix) with ESMTP id 2C70027D9; Mon, 17 Jul 2017 21:05:30 +0200 (CEST) Received: from ipfire.localdomain (dslb-088-073-208-102.088.073.pools.vodafone-ip.de [88.73.208.102]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id B21BF27DF; Mon, 17 Jul 2017 21:05:27 +0200 (CEST) From: Jonatan Schlag <jonatan.schlag@ipfire.org> To: network@lists.ipfire.org Subject: [PATCH v3 5/5] Add vpn security policies to cli Date: Mon, 17 Jul 2017 21:05:18 +0200 Message-Id: <1500318318-18852-5-git-send-email-jonatan.schlag@ipfire.org> X-Mailer: git-send-email 2.6.3 In-Reply-To: <1500318318-18852-1-git-send-email-jonatan.schlag@ipfire.org> References: <1500318318-18852-1-git-send-email-jonatan.schlag@ipfire.org> X-BeenThere: network@lists.ipfire.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: List for the network package <network.lists.ipfire.org> List-Unsubscribe: <http://lists.ipfire.org/mailman/options/network>, <mailto:network-request@lists.ipfire.org?subject=unsubscribe> List-Archive: <http://lists.ipfire.org/pipermail/network/> List-Post: <mailto:network@lists.ipfire.org> List-Help: <mailto:network-request@lists.ipfire.org?subject=help> List-Subscribe: <http://lists.ipfire.org/mailman/listinfo/network>, <mailto:network-request@lists.ipfire.org?subject=subscribe> Errors-To: network-bounces@lists.ipfire.org Sender: "network" <network-bounces@lists.ipfire.org> |
Message
Jonatan Schlag
July 18, 2017, 5:05 a.m. UTC
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
---
src/network | 65 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++--
1 file changed, 63 insertions(+), 2 deletions(-)
Comments
On Mon, 2017-07-17 at 21:05 +0200, Jonatan Schlag wrote: > Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org> > --- > src/network | 65 > +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-- > 1 file changed, 63 insertions(+), 2 deletions(-) > > diff --git a/src/network b/src/network > index 154d253..65143e6 100644 > --- a/src/network > +++ b/src/network > @@ -1194,7 +1194,6 @@ cli_reset() { > fi > > warning_log "Will reset the whole network configuration!!!" > - > # Force mode is disabled by default > local force=0 > This is still in here although it doesn't do anything good. > @@ -1384,13 +1383,75 @@ cli_raw() { > exit ${EXIT_OK} > } > > +cli_vpn() { > + local action=${1} > + shift 1 > + > + case "${action}" in > + security-policies) > + cli_vpn_security_policies $@ > + ;; > + *) > + error "Unrecognized argument: ${action}" > + exit ${EXIT_ERROR} > + ;; > + esac > +} > + > +cli_vpn_security_policies() { > + > + local action > + local security_policy > + > + if vpn_security_policy_exists ${1}; then > + > + security_policy=${1} > + key=${2} > + shift 2 > + > + case "${key}" in > + cipher|compression|integrity|lifetime|pfs|sh > ow) > + vpn_security_policies_${key} > ${security_policy} $@ > + ;; > + group-type) > + vpn_security_policies_group_type > ${security_policy} $@ > + ;; > + key-exchange) > + vpn_security_policies_key_exchange > ${security_policy} $@ > + ;; > + *) > + error "Unrecognized argument: > ${key}" > + exit ${EXIT_ERROR} > + ;; > + esac > + else > + action=${1} > + shift > + > + case "${action}" in > + new) > + vpn_security_policies_new $@ > + ;; > + destroy) > + vpn_security_policies_destroy $@ > + ;; > + ""|*) > + if [ -n "${action}" ]; then > + error "Unrecognized > argument: '${action}'" > + fi > + exit ${EXIT_ERROR} > + ;; > + esac > + fi > +} > + > # Process the given action > case "${action}" in > init) > init_run > ;; > > - settings|hostname|port|device|zone|start|stop|restart|status > |reset|route) > + settings|hostname|port|device|zone|start|stop|restart|status > |reset|route|vpn) > cli_${action} $@ > ;; >