- added ipsec.conf template and man page back
[strongswan.git] / src / ipsec / ipsec.in
1 #! /bin/sh
2 # prefix command to run stuff from our programs directory
3 # Copyright (C) 1998-2002  Henry Spencer.
4 # Copyright (C) 2006 Andreas Steffen
5 # Copyright (C) 2006 Martin Willi 
6
7 # This program is free software; you can redistribute it and/or modify it
8 # under the terms of the GNU General Public License as published by the
9 # Free Software Foundation; either version 2 of the License, or (at your
10 # option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
11
12 # This program is distributed in the hope that it will be useful, but
13 # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
14 # or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
15 # for more details.
16 #
17 # RCSID $Id: ipsec.in,v 1.13 2006/03/09 20:09:33 as Exp $
18
19 # name and version of the ipsec implementation
20 IPSEC_NAME="@IPSEC_NAME@"
21 IPSEC_VERSION="U@IPSEC_VERSION@/K`uname -r`"
22
23 # where the private directory and the config files are
24 IPSEC_DIR="@IPSEC_DIR@"
25 IPSEC_SBINDIR="@IPSEC_SBINDIR@"
26 IPSEC_CONFDIR="@IPSEC_CONFDIR@"
27 IPSEC_PIDDIR="@IPSEC_PIDDIR@"
28
29 IPSEC_STARTER_PID="${IPSEC_PIDDIR}/starter.pid"
30 IPSEC_PLUTO_PID="${IPSEC_PIDDIR}/pluto.pid"
31 IPSEC_CHARON_PID="${IPSEC_PIDDIR}/charon.pid"
32
33 IPSEC_WHACK="${IPSEC_DIR}/whack"
34 IPSEC_STROKE="${IPSEC_DIR}/stroke"
35 IPSEC_STARTER="${IPSEC_DIR}/starter"
36
37 export IPSEC_DIR IPSEC_SBINDIR IPSEC_CONFDIR IPSEC_PIDDIR IPSEC_VERSION IPSEC_NAME IPSEC_STARTER_PID IPSEC_PLUTO_PID IPSEC_CHARON_PID
38
39 IPSEC_DISTRO="Distributed by the Institute of Internet Technologies and Applications
40               University of Applied Sciences Rapperswil, Switzerland (ITA-HSR)"
41
42 case "$1" in
43 '')
44         echo "Usage: ipsec command argument ..."
45         echo "Use --help for list of commands, or see ipsec(8) manual page"
46         echo "or the $IPSEC_NAME documentation for names of the common ones."
47         echo "Most have their own manual pages, e.g. ipsec_auto(8)."
48         echo "See <http://www.strongswan.org> for more general info."
49         exit 0
50         ;;
51 --help)
52         echo "Usage: ipsec command argument ..."
53         echo "where command is one of:"
54         echo "  start|restart  arguments..."
55         echo "  update|reload|stop"
56         echo "  up|down|route|unroute <connectionname>"
57         echo "  status|statusall [<connectionname>]"
58         echo "  ready"
59         echo "  listalgs|listpubkeys|listcerts [--utc]"
60         echo "  listcacerts|listaacerts|listocspcerts [--utc]"
61         echo "  listacerts|listgroups|listcainfos [--utc]"
62         echo "  listcrls|listocsp|listcards|listall [--utc]"
63         echo "  rereadsecrets|rereadgroups"
64         echo "  rereadcacerts|rereadaacerts|rereadocspcerts"
65         echo "  rereadacerts|rereadcrls|rereadall"
66         echo "  purgeocsp"
67         echo "  scencrypt|scdecrypt <value> [--inbase <base>] [--outbase <base>] [--keyid <id>]"
68         echo "  barf"
69         echo "  openac"
70         echo "  pluto"
71         echo "  scepclient"
72         echo "  secrets"
73         echo "  starter"
74         echo "  version"
75         echo "  whack"
76         echo "  stoke"
77         echo
78         echo "Some of these functions have their own manual pages, e.g. ipsec_scepclient(8)."
79         exit 0
80         ;;
81 --versioncode)
82         echo "$IPSEC_VERSION"
83         exit 0
84         ;;
85 --copyright)
86         set _copyright
87         # and fall through, invoking "ipsec _copyright"
88         ;;
89 --directory)
90         echo "$IPSEC_DIR"
91         exit 0
92         ;;
93 --confdir)
94         echo "$IPSEC_CONFDIR"
95         exit 0
96         ;;
97 down)
98         shift
99         if test -e $IPSEC_PLUTO_PID
100         then
101                 $IPSEC_WHACK --name "$1" --terminate
102         fi
103         if test -e $IPSEC_CHARON_PID
104         then
105                 $IPSEC_STROKE down "$1"
106         fi
107         exit 0
108         ;;
109 listalgs|listpubkeys|listcerts|listcacerts|\
110 listaacerts|listocspcerts|listacerts|listgroups|\
111 listcainfos|listcrls|listocsp|listcards|\
112 listall|purgeocsp|rereadsecrets|rereadgroups|\
113 rereadcacerts|rereadaacerts|rereadocspcerts|\
114 rereadacerts|rereadcrls|rereadall)
115         op="$1"
116         shift
117         if test -e $IPSEC_PLUTO_PID
118         then
119                 $IPSEC_WHACK "$@" "--$op"
120         fi
121         #if test -e $IPSEC_CHARON_PID
122         #then
123         #       $IPSEC_STROKE "$op"
124         #fi
125         exit 0
126         ;;
127 ready)
128         shift
129         if test -e $IPSEC_PLUTO_PID
130         then
131                 $IPSEC_WHACK --listen
132         fi
133         exit 0
134         ;;
135 reload)
136         if test -e $IPSEC_STARTER_PID 
137         then
138             echo "Reloading strongSwan IPsec configuration..." >&2
139             kill -s USR1 `cat $IPSEC_STARTER_PID`
140         else
141             echo "ipsec starter is not running" >&2
142         fi
143         exit 0
144         ;;
145 restart)
146         $IPSEC_SBINDIR/ipsec stop
147         sleep 2
148         shift
149         $IPSEC_SBINDIR/ipsec start "$@"
150         exit 0
151         ;;
152 route|unroute)
153         op="$1"
154         shift
155         if test -e $IPSEC_PLUTO_PID
156         then
157                 $IPSEC_WHACK --name "$1" "--$op"
158         fi
159         exit 0
160         ;;
161 scencrypt|scdecrypt)
162         op="$1"
163         shift
164         if test -e $IPSEC_PLUTO_PID
165         then
166                 $IPSEC_WHACK "--$op" "$@"
167         fi
168         exit 0
169         ;;
170 secrets)
171         if test -e $IPSEC_PLUTO_PID
172         then
173                 $IPSEC_WHACK --rereadsecrets
174         fi
175         exit 0
176         ;;
177 start)
178         shift
179         exec $IPSEC_STARTER "$@"
180         ;;
181 status|statusall)
182         op="$1"
183         shift
184         if test $# -eq 0
185         then
186                 if test -e $IPSEC_PLUTO_PID
187                 then
188                         $IPSEC_WHACK "--$op"
189                 fi
190                 if test -e $IPSEC_CHARON_PID
191                 then
192                         $IPSEC_STROKE "$op"
193                 fi
194         else
195                 if test -e $IPSEC_PLUTO_PID
196                 then
197                         $IPSEC_WHACK --name "$1" "--$op"
198                 fi
199                 if test -e $IPSEC_CHARON_PID
200                 then
201                         $IPSEC_STROKE "$op" "$1"
202                 fi
203         fi
204         exit 0
205         ;;
206 stop)
207         if test -e $IPSEC_STARTER_PID 
208         then
209             echo "Stopping strongSwan IPsec..." >&2
210             kill `cat $IPSEC_STARTER_PID`
211         else
212             echo "ipsec starter is not running" >&2
213         fi
214         exit 0
215         ;;
216 up)
217         shift
218         if test -e $IPSEC_PLUTO_PID
219         then
220                 $IPSEC_WHACK --name "$1" --initiate
221         fi
222         if test -e $IPSEC_CHARON_PID
223         then
224             $IPSEC_STROKE up "$1"
225         fi
226         exit 0
227         ;;
228 update)
229         if test -e $IPSEC_STARTER_PID 
230         then
231                 echo "Updating strongSwan IPsec configuration..." >&2
232                 kill -s HUP `cat $IPSEC_STARTER_PID`
233         else
234                 echo "ipsec starter is not running" >&2
235         fi
236         exit 0
237         ;;
238 version|--version)
239         echo "Linux $IPSEC_NAME $IPSEC_VERSION"
240         echo "See \`ipsec --copyright' for copyright information."
241         echo $IPSEC_DISTRO
242         exit 0
243         ;;
244 --*)
245         echo "$0: unknown option \`$1' (perhaps command name was omitted?)" >&2
246         exit 1
247         ;;
248 esac
249
250 cmd="$1"
251 shift
252
253 path="$IPSEC_DIR/$cmd"
254
255 if test ! -x "$path" 
256 then
257     path="$IPSEC_DIR/$cmd"
258     if test ! -x "$path"
259     then
260         echo "$0: unknown IPsec command \`$cmd' (\`ipsec --help' for list)" >&2
261         exit 1
262     fi
263 fi
264
265 exec $path "$@"