diff options
Diffstat (limited to 'ipmasq/rules/A01precompute_ipsec.def')
| -rw-r--r-- | ipmasq/rules/A01precompute_ipsec.def | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/ipmasq/rules/A01precompute_ipsec.def b/ipmasq/rules/A01precompute_ipsec.def new file mode 100644 index 0000000..197c2d4 --- /dev/null +++ b/ipmasq/rules/A01precompute_ipsec.def @@ -0,0 +1,26 @@ +# You should not edit this file. Instead, create a file with the same +# name as this one, but with a .rul extension instead of .def. The +# .rul file will override this one. +# +# However, any changes you make to this file will be preserved. + +# precompute ips and netmasks +if [ -n "$IPSEC" ]; then + if [ "$SHOWRULES" = "yes" ]; then + echo "#: IPSec interfaces found:" + fi + IPSECGW="" + for i in $IPSEC; do + ii=$(echo $i | sed -e 's/\:/_/g') + igw=$(ipsec look | grep IPIP:.*src=$ip | sed 's/^\([^[:blank:]]*\).*/\1/') + cidrcollect="" + for ipsecgw in $igw; do + cidr=$(ipsec look | grep "=> $ipsecgw" | sed 's/^\([^[:blank:]]*\).*/\1/') + cidrcollect="$cidrcollect $cidr" + done + eval "CIDROFIPSEC_${ii}=\"$cidrcollect\"" + if [ "$SHOWRULES" = "yes" ]; then + echo -e "#: $i\t$ip/$nm\t$cidrcollect" + fi + done +fi |