ipmasq: Separate IPsec rules, rename them *.def and update them to match syntax of latest ipmasq release.

author: Jonas Smedegaard <dr@jones.dk> 2002-01-08 02:36:05 +0000
committer: Jonas Smedegaard <dr@jones.dk> 2002-01-08 02:36:05 +0000
commit: 89f7f78402a0f4362f59ffd693b8491b34700abe (patch)
tree: 49580ef74066f2c38b0ec0612299f24e09029c32 /ipmasq/rules/A01precompute_ipsec.def
parent: 164c744e8ebfea454fdd5559895a519b0602c567 (diff)
1 files changed, 26 insertions, 0 deletions
diff --git a/ipmasq/rules/A01precompute_ipsec.def b/ipmasq/rules/A01precompute_ipsec.def
new file mode 100644
index 0000000..197c2d4
--- /dev/null
+++ b/ipmasq/rules/A01precompute_ipsec.def
@@ -0,0 +1,26 @@
+# You should not edit this file.  Instead, create a file with the same
+# name as this one, but with a .rul extension instead of .def.  The
+# .rul file will override this one.
+#
+# However, any changes you make to this file will be preserved.
+
+# precompute ips and netmasks
+if [ -n "$IPSEC" ]; then
+    if [ "$SHOWRULES" = "yes" ]; then
+	echo "#: IPSec interfaces found:"
+    fi
+    IPSECGW=""
+    for i in $IPSEC; do
+        ii=$(echo $i | sed -e 's/\:/_/g')
+	igw=$(ipsec look | grep IPIP:.*src=$ip | sed 's/^\([^[:blank:]]*\).*/\1/')
+	cidrcollect=""
+	for ipsecgw in $igw; do
+	    cidr=$(ipsec look | grep "=> $ipsecgw" | sed 's/^\([^[:blank:]]*\).*/\1/')
+	    cidrcollect="$cidrcollect $cidr"
+	done
+	eval "CIDROFIPSEC_${ii}=\"$cidrcollect\""
+        if [ "$SHOWRULES" = "yes" ]; then
+            echo -e "#:   $i\t$ip/$nm\t$cidrcollect"
+        fi
+    done
+fi
author	Jonas Smedegaard <dr@jones.dk>	2002-01-08 02:36:05 +0000
committer	Jonas Smedegaard <dr@jones.dk>	2002-01-08 02:36:05 +0000
commit	89f7f78402a0f4362f59ffd693b8491b34700abe (patch)
tree	49580ef74066f2c38b0ec0612299f24e09029c32 /ipmasq/rules/A01precompute_ipsec.def
parent	164c744e8ebfea454fdd5559895a519b0602c567 (diff)