a962e13b2bb7887121bd797c49efbe115a074d77
[strongswan.git] / src / ipsec / ipsec.in
1 #! /bin/sh
2 # prefix command to run stuff from our programs directory
3 # Copyright (C) 1998-2002  Henry Spencer.
4 # Copyright (C) 2006 Andreas Steffen
5 # Copyright (C) 2006 Martin Willi 
6
7 # This program is free software; you can redistribute it and/or modify it
8 # under the terms of the GNU General Public License as published by the
9 # Free Software Foundation; either version 2 of the License, or (at your
10 # option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
11
12 # This program is distributed in the hope that it will be useful, but
13 # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
14 # or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
15 # for more details.
16 #
17 # RCSID $Id: ipsec.in,v 1.13 2006/03/09 20:09:33 as Exp $
18
19 # name and version of the ipsec implementation
20 IPSEC_NAME="@IPSEC_NAME@"
21 IPSEC_VERSION="U@IPSEC_VERSION@/K`uname -r`"
22
23 # where the private directory and the config files are
24 IPSEC_DIR="@IPSEC_DIR@"
25 IPSEC_SBINDIR="@IPSEC_SBINDIR@"
26 IPSEC_CONFDIR="@IPSEC_CONFDIR@"
27 IPSEC_PIDDIR="@IPSEC_PIDDIR@"
28
29 IPSEC_STARTER_PID="${IPSEC_PIDDIR}/starter.pid"
30 IPSEC_PLUTO_PID="${IPSEC_PIDDIR}/pluto.pid"
31 IPSEC_CHARON_PID="${IPSEC_PIDDIR}/charon.pid"
32
33 IPSEC_WHACK="${IPSEC_DIR}/whack"
34 IPSEC_STROKE="${IPSEC_DIR}/stroke"
35 IPSEC_STARTER="${IPSEC_DIR}/starter"
36
37 export IPSEC_DIR IPSEC_SBINDIR IPSEC_CONFDIR IPSEC_PIDDIR IPSEC_VERSION IPSEC_NAME IPSEC_STARTER_PID IPSEC_PLUTO_PID IPSEC_CHARON_PID
38
39 IPSEC_DISTRO="Distributed by the Institute of Internet Technologies and Applications
40               University of Applied Sciences Rapperswil, Switzerland (ITA-HSR)"
41
42 case "$1" in
43 '')
44         echo "Usage: ipsec command argument ..."
45         echo "Use --help for list of commands, or see ipsec(8) manual page"
46         echo "or the $IPSEC_NAME documentation for names of the common ones."
47         echo "Most have their own manual pages, e.g. ipsec_auto(8)."
48         echo "See <http://www.strongswan.org> for more general info."
49         exit 0
50         ;;
51 --help)
52         echo "Usage: ipsec command argument ..."
53         echo "where command is one of:"
54         echo "  start|restart  arguments..."
55         echo "  update|reload|stop"
56         echo "  up|down|route|unroute <connectionname>"
57         echo "  status|statusall [<connectionname>]"
58         echo "  ready"
59         echo "  listalgs|listpubkeys|listcerts [--utc]"
60         echo "  listcacerts|listaacerts|listocspcerts [--utc]"
61         echo "  listacerts|listgroups|listcainfos [--utc]"
62         echo "  listcrls|listocsp|listcards|listall [--utc]"
63         echo "  rereadsecrets|rereadgroups"
64         echo "  rereadcacerts|rereadaacerts|rereadocspcerts"
65         echo "  rereadacerts|rereadcrls|rereadall"
66         echo "  purgeocsp"
67         echo "  scencrypt|scdecrypt <value> [--inbase <base>] [--outbase <base>] [--keyid <id>]"
68         echo "  barf"
69         echo "  openac"
70         echo "  pluto"
71         echo "  scepclient"
72         echo "  secrets"
73         echo "  starter"
74         echo "  version"
75         echo "  whack"
76         echo "  stoke"
77         echo
78         echo "Some of these functions have their own manual pages, e.g. ipsec_scepclient(8)."
79         exit 0
80         ;;
81 --versioncode)
82         echo "$IPSEC_VERSION"
83         exit 0
84         ;;
85 --copyright)
86         set _copyright
87         # and fall through, invoking "ipsec _copyright"
88         ;;
89 --directory)
90         echo "$IPSEC_DIR"
91         exit 0
92         ;;
93 --confdir)
94         echo "$IPSEC_CONFDIR"
95         exit 0
96         ;;
97 down)
98         shift
99         if [ "$#" -ne 1 ]
100         then
101             echo "Usage: ipsec down <connection name>"
102             exit 1
103         fi
104         if test -e $IPSEC_PLUTO_PID
105         then
106                 $IPSEC_WHACK --name "$1" --terminate
107         fi
108         if test -e $IPSEC_CHARON_PID
109         then
110                 $IPSEC_STROKE down "$1"
111         fi
112         exit 0
113         ;;
114 listalgs|listpubkeys|listaacerts|\
115 listocspcerts|listacerts|listgroups|\
116 listcainfos|listocsp|listcards|\
117 purgeocsp|rereadsecrets|rereadgroups|\
118 rereadaacerts|rereadocspcerts|rereadacerts)
119         op="$1"
120         shift
121         if test -e $IPSEC_PLUTO_PID
122         then
123                 $IPSEC_WHACK "$@" "--$op"
124         fi
125         exit 0
126         ;;
127 listcerts|listcacerts|listcrls|listall|\
128 rereadcacerts|rereadcrls|rereadall)
129         op="$1"
130         shift
131         if test -e $IPSEC_PLUTO_PID
132         then
133                 $IPSEC_WHACK "$@" "--$op"
134         fi
135         if test -e $IPSEC_CHARON_PID
136         then
137                 $IPSEC_STROKE "$op" "$@"
138         fi
139         exit 0
140         ;;
141 ready)
142         shift
143         if test -e $IPSEC_PLUTO_PID
144         then
145                 $IPSEC_WHACK --listen
146         fi
147         exit 0
148         ;;
149 reload)
150         if test -e $IPSEC_STARTER_PID 
151         then
152             echo "Reloading strongSwan IPsec configuration..." >&2
153             kill -s USR1 `cat $IPSEC_STARTER_PID`
154         else
155             echo "ipsec starter is not running" >&2
156         fi
157         exit 0
158         ;;
159 restart)
160         $IPSEC_SBINDIR/ipsec stop
161         sleep 2
162         shift
163         $IPSEC_SBINDIR/ipsec start "$@"
164         exit 0
165         ;;
166 route|unroute)
167         op="$1"
168         shift
169         if [ "$#" -ne 1 ]
170         then
171             echo "Usage: ipsec $op <connection name>"
172             exit 1
173         fi
174         if test -e $IPSEC_PLUTO_PID
175         then
176                 $IPSEC_WHACK --name "$1" "--$op"
177         fi
178         if test -e $IPSEC_CHARON_PID
179         then
180                 $IPSEC_STROKE "$op" "$1"
181         fi
182         exit 0
183         ;;
184 scencrypt|scdecrypt)
185         op="$1"
186         shift
187         if test -e $IPSEC_PLUTO_PID
188         then
189                 $IPSEC_WHACK "--$op" "$@"
190         fi
191         exit 0
192         ;;
193 secrets)
194         if test -e $IPSEC_PLUTO_PID
195         then
196                 $IPSEC_WHACK --rereadsecrets
197         fi
198         exit 0
199         ;;
200 start)
201         shift
202         exec $IPSEC_STARTER "$@"
203         ;;
204 status|statusall)
205         op="$1"
206         shift
207         if test $# -eq 0
208         then
209                 if test -e $IPSEC_PLUTO_PID
210                 then
211                         $IPSEC_WHACK "--$op"
212                 fi
213                 if test -e $IPSEC_CHARON_PID
214                 then
215                         $IPSEC_STROKE "$op"
216                 fi
217         else
218                 if test -e $IPSEC_PLUTO_PID
219                 then
220                         $IPSEC_WHACK --name "$1" "--$op"
221                 fi
222                 if test -e $IPSEC_CHARON_PID
223                 then
224                         $IPSEC_STROKE "$op" "$1"
225                 fi
226         fi
227         exit 0
228         ;;
229 stop)
230         if test -e $IPSEC_STARTER_PID 
231         then
232             echo "Stopping strongSwan IPsec..." >&2
233             kill `cat $IPSEC_STARTER_PID`
234         else
235             echo "ipsec starter is not running" >&2
236         fi
237         exit 0
238         ;;
239 up)
240         shift
241         if [ "$#" -ne 1 ]
242         then
243             echo "Usage: ipsec up <connection name>"
244             exit 1
245         fi
246         if test -e $IPSEC_PLUTO_PID
247         then
248                 $IPSEC_WHACK --name "$1" --initiate
249         fi
250         if test -e $IPSEC_CHARON_PID
251         then
252             $IPSEC_STROKE up "$1"
253         fi
254         exit 0
255         ;;
256 update)
257         if test -e $IPSEC_STARTER_PID 
258         then
259                 echo "Updating strongSwan IPsec configuration..." >&2
260                 kill -s HUP `cat $IPSEC_STARTER_PID`
261         else
262                 echo "ipsec starter is not running" >&2
263         fi
264         exit 0
265         ;;
266 version|--version)
267         echo "Linux $IPSEC_NAME $IPSEC_VERSION"
268         echo "See \`ipsec --copyright' for copyright information."
269         echo $IPSEC_DISTRO
270         exit 0
271         ;;
272 --*)
273         echo "$0: unknown option \`$1' (perhaps command name was omitted?)" >&2
274         exit 1
275         ;;
276 esac
277
278 cmd="$1"
279 shift
280
281 path="$IPSEC_DIR/$cmd"
282
283 if test ! -x "$path" 
284 then
285     path="$IPSEC_DIR/$cmd"
286     if test ! -x "$path"
287     then
288         echo "$0: unknown IPsec command \`$cmd' (\`ipsec --help' for list)" >&2
289         exit 1
290     fi
291 fi
292
293 exec $path "$@"