6fd57776c1aac3810dcc552f8beeb5fcc878717f
[strongswan.git] / src / ipsec / ipsec.in
1 #! /bin/sh
2 # prefix command to run stuff from our programs directory
3 # Copyright (C) 1998-2002  Henry Spencer.
4 # Copyright (C) 2006 Andreas Steffen
5 # Copyright (C) 2006 Martin Willi 
6
7 # This program is free software; you can redistribute it and/or modify it
8 # under the terms of the GNU General Public License as published by the
9 # Free Software Foundation; either version 2 of the License, or (at your
10 # option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
11
12 # This program is distributed in the hope that it will be useful, but
13 # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
14 # or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
15 # for more details.
16 #
17 # RCSID $Id: ipsec.in,v 1.13 2006/03/09 20:09:33 as Exp $
18
19 # name and version of the ipsec implementation
20 IPSEC_NAME="@IPSEC_NAME@"
21 IPSEC_VERSION="U@IPSEC_VERSION@/K`uname -r`"
22
23 # where the private directory and the config files are
24 IPSEC_DIR="@IPSEC_DIR@"
25 IPSEC_SBINDIR="@IPSEC_SBINDIR@"
26 IPSEC_CONFDIR="@IPSEC_CONFDIR@"
27 IPSEC_PIDDIR="@IPSEC_PIDDIR@"
28
29 IPSEC_STARTER_PID="${IPSEC_PIDDIR}/starter.pid"
30 IPSEC_PLUTO_PID="${IPSEC_PIDDIR}/pluto.pid"
31 IPSEC_CHARON_PID="${IPSEC_PIDDIR}/charon.pid"
32
33 IPSEC_WHACK="${IPSEC_DIR}/whack"
34 IPSEC_STROKE="${IPSEC_DIR}/stroke"
35 IPSEC_STARTER="${IPSEC_DIR}/starter"
36
37 export IPSEC_DIR IPSEC_SBINDIR IPSEC_CONFDIR IPSEC_PIDDIR IPSEC_VERSION IPSEC_NAME IPSEC_STARTER_PID IPSEC_PLUTO_PID IPSEC_CHARON_PID
38
39 IPSEC_DISTRO="Distributed by the Institute of Internet Technologies and Applications
40               University of Applied Sciences Rapperswil, Switzerland (ITA-HSR)"
41
42 case "$1" in
43 '')
44         echo "Usage: ipsec command argument ..."
45         echo "Use --help for list of commands, or see ipsec(8) manual page"
46         echo "or the $IPSEC_NAME documentation for names of the common ones."
47         echo "Most have their own manual pages, e.g. ipsec_auto(8)."
48         echo "See <http://www.strongswan.org> for more general info."
49         exit 0
50         ;;
51 --help)
52         echo "Usage: ipsec command argument ..."
53         echo "where command is one of:"
54         echo "  start|restart  arguments..."
55         echo "  update|reload|stop"
56         echo "  up|down|route|unroute <connectionname>"
57         echo "  status|statusall [<connectionname>]"
58         echo "  ready"
59         echo "  listalgs|listpubkeys|listcerts [--utc]"
60         echo "  listcacerts|listaacerts|listocspcerts [--utc]"
61         echo "  listacerts|listgroups|listcainfos [--utc]"
62         echo "  listcrls|listocsp|listcards|listall [--utc]"
63         echo "  rereadsecrets|rereadgroups"
64         echo "  rereadcacerts|rereadaacerts|rereadocspcerts"
65         echo "  rereadacerts|rereadcrls|rereadall"
66         echo "  purgeocsp"
67         echo "  scencrypt|scdecrypt <value> [--inbase <base>] [--outbase <base>] [--keyid <id>]"
68         echo "  barf"
69         echo "  openac"
70         echo "  pluto"
71         echo "  scepclient"
72         echo "  secrets"
73         echo "  starter"
74         echo "  version"
75         echo "  whack"
76         echo "  stoke"
77         echo
78         echo "Some of these functions have their own manual pages, e.g. ipsec_scepclient(8)."
79         exit 0
80         ;;
81 --versioncode)
82         echo "$IPSEC_VERSION"
83         exit 0
84         ;;
85 --copyright)
86         set _copyright
87         # and fall through, invoking "ipsec _copyright"
88         ;;
89 --directory)
90         echo "$IPSEC_DIR"
91         exit 0
92         ;;
93 --confdir)
94         echo "$IPSEC_CONFDIR"
95         exit 0
96         ;;
97 down)
98         shift
99         if test -e $IPSEC_PLUTO_PID
100         then
101                 $IPSEC_WHACK --name "$1" --terminate
102         fi
103         if test -e $IPSEC_CHARON_PID
104         then
105                 $IPSEC_STROKE down "$1"
106         fi
107         exit 0
108         ;;
109 listalgs|listpubkeys|listcacerts|listaacerts|\
110 listocspcerts|listacerts|listgroups|\
111 listcainfos|listcrls|listocsp|listcards|\
112 purgeocsp|rereadsecrets|rereadgroups|\
113 rereadcacerts|rereadaacerts|rereadocspcerts|\
114 rereadacerts|rereadcrls|rereadall)
115         op="$1"
116         shift
117         if test -e $IPSEC_PLUTO_PID
118         then
119                 $IPSEC_WHACK "$@" "--$op"
120         fi
121         ;;
122 listcerts|listall)
123         op="$1"
124         shift
125         if test -e $IPSEC_PLUTO_PID
126         then
127                 $IPSEC_WHACK "$@" "--$op"
128         fi
129         if test -e $IPSEC_CHARON_PID
130         then
131                 $IPSEC_STROKE "$op"
132         fi
133         exit 0
134         ;;
135 ready)
136         shift
137         if test -e $IPSEC_PLUTO_PID
138         then
139                 $IPSEC_WHACK --listen
140         fi
141         exit 0
142         ;;
143 reload)
144         if test -e $IPSEC_STARTER_PID 
145         then
146             echo "Reloading strongSwan IPsec configuration..." >&2
147             kill -s USR1 `cat $IPSEC_STARTER_PID`
148         else
149             echo "ipsec starter is not running" >&2
150         fi
151         exit 0
152         ;;
153 restart)
154         $IPSEC_SBINDIR/ipsec stop
155         sleep 2
156         shift
157         $IPSEC_SBINDIR/ipsec start "$@"
158         exit 0
159         ;;
160 route|unroute)
161         op="$1"
162         shift
163         if test -e $IPSEC_PLUTO_PID
164         then
165                 $IPSEC_WHACK --name "$1" "--$op"
166         fi
167         exit 0
168         ;;
169 scencrypt|scdecrypt)
170         op="$1"
171         shift
172         if test -e $IPSEC_PLUTO_PID
173         then
174                 $IPSEC_WHACK "--$op" "$@"
175         fi
176         exit 0
177         ;;
178 secrets)
179         if test -e $IPSEC_PLUTO_PID
180         then
181                 $IPSEC_WHACK --rereadsecrets
182         fi
183         exit 0
184         ;;
185 start)
186         shift
187         exec $IPSEC_STARTER "$@"
188         ;;
189 status|statusall)
190         op="$1"
191         shift
192         if test $# -eq 0
193         then
194                 if test -e $IPSEC_PLUTO_PID
195                 then
196                         $IPSEC_WHACK "--$op"
197                 fi
198                 if test -e $IPSEC_CHARON_PID
199                 then
200                         $IPSEC_STROKE "$op"
201                 fi
202         else
203                 if test -e $IPSEC_PLUTO_PID
204                 then
205                         $IPSEC_WHACK --name "$1" "--$op"
206                 fi
207                 if test -e $IPSEC_CHARON_PID
208                 then
209                         $IPSEC_STROKE "$op" "$1"
210                 fi
211         fi
212         exit 0
213         ;;
214 stop)
215         if test -e $IPSEC_STARTER_PID 
216         then
217             echo "Stopping strongSwan IPsec..." >&2
218             kill `cat $IPSEC_STARTER_PID`
219         else
220             echo "ipsec starter is not running" >&2
221         fi
222         exit 0
223         ;;
224 up)
225         shift
226         if test -e $IPSEC_PLUTO_PID
227         then
228                 $IPSEC_WHACK --name "$1" --initiate
229         fi
230         if test -e $IPSEC_CHARON_PID
231         then
232             $IPSEC_STROKE up "$1"
233         fi
234         exit 0
235         ;;
236 update)
237         if test -e $IPSEC_STARTER_PID 
238         then
239                 echo "Updating strongSwan IPsec configuration..." >&2
240                 kill -s HUP `cat $IPSEC_STARTER_PID`
241         else
242                 echo "ipsec starter is not running" >&2
243         fi
244         exit 0
245         ;;
246 version|--version)
247         echo "Linux $IPSEC_NAME $IPSEC_VERSION"
248         echo "See \`ipsec --copyright' for copyright information."
249         echo $IPSEC_DISTRO
250         exit 0
251         ;;
252 --*)
253         echo "$0: unknown option \`$1' (perhaps command name was omitted?)" >&2
254         exit 1
255         ;;
256 esac
257
258 cmd="$1"
259 shift
260
261 path="$IPSEC_DIR/$cmd"
262
263 if test ! -x "$path" 
264 then
265     path="$IPSEC_DIR/$cmd"
266     if test ! -x "$path"
267     then
268         echo "$0: unknown IPsec command \`$cmd' (\`ipsec --help' for list)" >&2
269         exit 1
270     fi
271 fi
272
273 exec $path "$@"