Add ipsec_enable and ipsec_file options to run IPSEC's setkey program

    with the specified configuration file at the appropriate time.

8 files changed, 79 insertions, 0 deletions

diff --git a/etc/defaults/rc.conf b/etc/defaults/rc.conf
index f452696..b11d657 100644
--- a/etc/defaults/rc.conf
+++ b/etc/defaults/rc.conf
@@ -156,6 +156,8 @@ nis_yppasswdd_flags=""		# Flags to rpc.yppasswdd (if enabled).
 defaultrouter="NO"		# Set to default gateway (or NO).
 static_routes=""		# Set to static route list (or leave empty).
 gateway_enable="NO"		# Set to YES if this host will be a gateway.
+ipsec_enable="NO"		# Set to YES to run setkey on ipsec_file
+ipsec_file="/etc/ipsec.conf"	# Name of config file for setkey
 router_enable="NO"		# Set to YES to enable a routing daemon.
 router="routed"			# Name of routing daemon to use if enabled.
 router_flags="-q"		# Flags for routing daemon.
diff --git a/etc/network.subr b/etc/network.subr
index e37d25f..fc7cdd0 100644
--- a/etc/network.subr
+++ b/etc/network.subr
@@ -352,6 +352,17 @@ network_pass1() {
 	esac
 	echo '.'
 
+	case ${ipsec_enable} in
+	[Yy][Ee][Ss])
+		if [ -f ${ipsec_file} ]; then
+		    echo ' ipsec: enabled'
+		    setkey -f ${ipsec_file}
+		else
+		    echo ' ipsec: file not found'
+		fi
+		;;
+	esac
+
 	echo -n 'routing daemons:'
 	case ${router_enable} in
 	[Yy][Ee][Ss])
diff --git a/etc/rc.d/netoptions b/etc/rc.d/netoptions
index e37d25f..fc7cdd0 100644
--- a/etc/rc.d/netoptions
+++ b/etc/rc.d/netoptions
@@ -352,6 +352,17 @@ network_pass1() {
 	esac
 	echo '.'
 
+	case ${ipsec_enable} in
+	[Yy][Ee][Ss])
+		if [ -f ${ipsec_file} ]; then
+		    echo ' ipsec: enabled'
+		    setkey -f ${ipsec_file}
+		else
+		    echo ' ipsec: file not found'
+		fi
+		;;
+	esac
+
 	echo -n 'routing daemons:'
 	case ${router_enable} in
 	[Yy][Ee][Ss])
diff --git a/etc/rc.d/network1 b/etc/rc.d/network1
index e37d25f..fc7cdd0 100644
--- a/etc/rc.d/network1
+++ b/etc/rc.d/network1
@@ -352,6 +352,17 @@ network_pass1() {
 	esac
 	echo '.'
 
+	case ${ipsec_enable} in
+	[Yy][Ee][Ss])
+		if [ -f ${ipsec_file} ]; then
+		    echo ' ipsec: enabled'
+		    setkey -f ${ipsec_file}
+		else
+		    echo ' ipsec: file not found'
+		fi
+		;;
+	esac
+
 	echo -n 'routing daemons:'
 	case ${router_enable} in
 	[Yy][Ee][Ss])
diff --git a/etc/rc.d/network2 b/etc/rc.d/network2
index e37d25f..fc7cdd0 100644
--- a/etc/rc.d/network2
+++ b/etc/rc.d/network2
@@ -352,6 +352,17 @@ network_pass1() {
 	esac
 	echo '.'
 
+	case ${ipsec_enable} in
+	[Yy][Ee][Ss])
+		if [ -f ${ipsec_file} ]; then
+		    echo ' ipsec: enabled'
+		    setkey -f ${ipsec_file}
+		else
+		    echo ' ipsec: file not found'
+		fi
+		;;
+	esac
+
 	echo -n 'routing daemons:'
 	case ${router_enable} in
 	[Yy][Ee][Ss])
diff --git a/etc/rc.d/network3 b/etc/rc.d/network3
index e37d25f..fc7cdd0 100644
--- a/etc/rc.d/network3
+++ b/etc/rc.d/network3
@@ -352,6 +352,17 @@ network_pass1() {
 	esac
 	echo '.'
 
+	case ${ipsec_enable} in
+	[Yy][Ee][Ss])
+		if [ -f ${ipsec_file} ]; then
+		    echo ' ipsec: enabled'
+		    setkey -f ${ipsec_file}
+		else
+		    echo ' ipsec: file not found'
+		fi
+		;;
+	esac
+
 	echo -n 'routing daemons:'
 	case ${router_enable} in
 	[Yy][Ee][Ss])
diff --git a/etc/rc.d/routing b/etc/rc.d/routing
index e37d25f..fc7cdd0 100644
--- a/etc/rc.d/routing
+++ b/etc/rc.d/routing
@@ -352,6 +352,17 @@ network_pass1() {
 	esac
 	echo '.'
 
+	case ${ipsec_enable} in
+	[Yy][Ee][Ss])
+		if [ -f ${ipsec_file} ]; then
+		    echo ' ipsec: enabled'
+		    setkey -f ${ipsec_file}
+		else
+		    echo ' ipsec: file not found'
+		fi
+		;;
+	esac
+
 	echo -n 'routing daemons:'
 	case ${router_enable} in
 	[Yy][Ee][Ss])
diff --git a/etc/rc.network b/etc/rc.network
index e37d25f..fc7cdd0 100644
--- a/etc/rc.network
+++ b/etc/rc.network
@@ -352,6 +352,17 @@ network_pass1() {
 	esac
 	echo '.'
 
+	case ${ipsec_enable} in
+	[Yy][Ee][Ss])
+		if [ -f ${ipsec_file} ]; then
+		    echo ' ipsec: enabled'
+		    setkey -f ${ipsec_file}
+		else
+		    echo ' ipsec: file not found'
+		fi
+		;;
+	esac
+
 	echo -n 'routing daemons:'
 	case ${router_enable} in
 	[Yy][Ee][Ss])