e154e2a09f6e65aa5b1c2723051074c962590b1c
[strongswan.git] / src / ipsec / ipsec.in
1 #! /bin/sh
2 # prefix command to run stuff from our programs directory
3 # Copyright (C) 1998-2002  Henry Spencer.
4 # Copyright (C) 2006 Andreas Steffen
5 # Copyright (C) 2006 Martin Willi 
6
7 # This program is free software; you can redistribute it and/or modify it
8 # under the terms of the GNU General Public License as published by the
9 # Free Software Foundation; either version 2 of the License, or (at your
10 # option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
11
12 # This program is distributed in the hope that it will be useful, but
13 # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
14 # or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
15 # for more details.
16 #
17 # RCSID $Id: ipsec.in,v 1.13 2006/03/09 20:09:33 as Exp $
18
19 # name and version of the ipsec implementation
20 IPSEC_NAME="@IPSEC_NAME@"
21 IPSEC_VERSION="U@IPSEC_VERSION@/K`uname -r`"
22
23 # where the private directory and the config files are
24 IPSEC_DIR="@IPSEC_DIR@"
25 IPSEC_SBINDIR="@IPSEC_SBINDIR@"
26 IPSEC_CONFDIR="@IPSEC_CONFDIR@"
27 IPSEC_PIDDIR="@IPSEC_PIDDIR@"
28
29 IPSEC_STARTER_PID="${IPSEC_PIDDIR}/starter.pid"
30 IPSEC_PLUTO_PID="${IPSEC_PIDDIR}/pluto.pid"
31 IPSEC_CHARON_PID="${IPSEC_PIDDIR}/charon.pid"
32
33 IPSEC_WHACK="${IPSEC_DIR}/whack"
34 IPSEC_STROKE="${IPSEC_DIR}/stroke"
35 IPSEC_STARTER="${IPSEC_DIR}/starter"
36
37 export IPSEC_DIR IPSEC_SBINDIR IPSEC_CONFDIR IPSEC_PIDDIR IPSEC_VERSION IPSEC_NAME IPSEC_STARTER_PID IPSEC_PLUTO_PID IPSEC_CHARON_PID
38
39 IPSEC_DISTRO="Institute for Internet Technologies and Applications\nUniversity of Applied Sciences Rapperswil, Switzerland"
40
41 case "$1" in
42 '')
43         echo "Usage: ipsec command argument ..."
44         echo "Use --help for list of commands, or see ipsec(8) manual page"
45         echo "or the $IPSEC_NAME documentation for names of the common ones."
46         echo "Most have their own manual pages, e.g. ipsec_auto(8)."
47         echo "See <http://www.strongswan.org> for more general info."
48         exit 0
49         ;;
50 --help)
51         echo "Usage: ipsec command argument ..."
52         echo "where command is one of:"
53         echo "  start|restart  arguments..."
54         echo "  update|reload|stop"
55         echo "  up|down|route|unroute <connectionname>"
56         echo "  status|statusall [<connectionname>]"
57         echo "  ready"
58         echo "  listalgs|listpubkeys|listcerts [--utc]"
59         echo "  listcacerts|listaacerts|listocspcerts [--utc]"
60         echo "  listacerts|listgroups|listcainfos [--utc]"
61         echo "  listcrls|listocsp|listcards|listall [--utc]"
62         echo "  rereadsecrets|rereadgroups"
63         echo "  rereadcacerts|rereadaacerts|rereadocspcerts"
64         echo "  rereadacerts|rereadcrls|rereadall"
65         echo "  purgeocsp"
66         echo "  scencrypt|scdecrypt <value> [--inbase <base>] [--outbase <base>] [--keyid <id>]"
67         echo "  openac"
68         echo "  pluto"
69         echo "  scepclient"
70         echo "  secrets"
71         echo "  starter"
72         echo "  version"
73         echo "  whack"
74         echo "  stroke"
75         echo
76         echo "Some of these functions have their own manual pages, e.g. ipsec_scepclient(8)."
77         exit 0
78         ;;
79 --versioncode)
80         echo "$IPSEC_VERSION"
81         exit 0
82         ;;
83 --directory)
84         echo "$IPSEC_DIR"
85         exit 0
86         ;;
87 --confdir)
88         echo "$IPSEC_CONFDIR"
89         exit 0
90         ;;
91 copyright|--copyright)
92         set _copyright
93         # and fall through, invoking "ipsec _copyright"
94         ;;
95 down)
96         shift
97         if [ "$#" -ne 1 ]
98         then
99             echo "Usage: ipsec down <connection name>"
100             exit 1
101         fi
102         if test -e $IPSEC_PLUTO_PID
103         then
104                 $IPSEC_WHACK --name "$1" --terminate
105         fi
106         if test -e $IPSEC_CHARON_PID
107         then
108                 $IPSEC_STROKE down "$1"
109         fi
110         exit 0
111         ;;
112 listalgs|listpubkeys|\listcards|\rereadgroups)
113         op="$1"
114         shift
115         if test -e $IPSEC_PLUTO_PID
116         then
117                 $IPSEC_WHACK "$@" "--$op"
118         fi
119         exit 0
120         ;;
121 listcerts|listcacerts|listaacerts|\
122 listacerts|listgroups|listocspcerts|\
123 listcainfos|listcrls|listocsp|listall|\
124 rereadsecrets|rereadcacerts|rereadaacerts|\
125 rereadacerts|rereadocspcerts|rereadcrls|\
126 rereadall|purgeocsp)
127         op="$1"
128         shift
129         if test -e $IPSEC_PLUTO_PID
130         then
131                 $IPSEC_WHACK "$@" "--$op"
132         fi
133         if test -e $IPSEC_CHARON_PID
134         then
135                 $IPSEC_STROKE "$op" "$@"
136         fi
137         exit 0
138         ;;
139 ready)
140         shift
141         if test -e $IPSEC_PLUTO_PID
142         then
143                 $IPSEC_WHACK --listen
144         fi
145         exit 0
146         ;;
147 reload)
148         if test -e $IPSEC_STARTER_PID 
149         then
150             echo "Reloading strongSwan IPsec configuration..." >&2
151             kill -s USR1 `cat $IPSEC_STARTER_PID`
152         else
153             echo "ipsec starter is not running" >&2
154         fi
155         exit 0
156         ;;
157 restart)
158         $IPSEC_SBINDIR/ipsec stop
159         sleep 2
160         shift
161         $IPSEC_SBINDIR/ipsec start "$@"
162         exit 0
163         ;;
164 route|unroute)
165         op="$1"
166         shift
167         if [ "$#" -ne 1 ]
168         then
169             echo "Usage: ipsec $op <connection name>"
170             exit 1
171         fi
172         if test -e $IPSEC_PLUTO_PID
173         then
174                 $IPSEC_WHACK --name "$1" "--$op"
175         fi
176         if test -e $IPSEC_CHARON_PID
177         then
178                 $IPSEC_STROKE "$op" "$1"
179         fi
180         exit 0
181         ;;
182 scencrypt|scdecrypt)
183         op="$1"
184         shift
185         if test -e $IPSEC_PLUTO_PID
186         then
187                 $IPSEC_WHACK "--$op" "$@"
188         fi
189         exit 0
190         ;;
191 secrets)
192         if test -e $IPSEC_PLUTO_PID
193         then
194                 $IPSEC_WHACK --rereadsecrets
195         fi
196         exit 0
197         ;;
198 start)
199         shift
200         exec $IPSEC_STARTER "$@"
201         ;;
202 status|statusall)
203         op="$1"
204         shift
205         if test $# -eq 0
206         then
207                 if test -e $IPSEC_PLUTO_PID
208                 then
209                         $IPSEC_WHACK "--$op"
210                 fi
211                 if test -e $IPSEC_CHARON_PID
212                 then
213                         $IPSEC_STROKE "$op"
214                 fi
215         else
216                 if test -e $IPSEC_PLUTO_PID
217                 then
218                         $IPSEC_WHACK --name "$1" "--$op"
219                 fi
220                 if test -e $IPSEC_CHARON_PID
221                 then
222                         $IPSEC_STROKE "$op" "$1"
223                 fi
224         fi
225         exit 0
226         ;;
227 stop)
228         if test -e $IPSEC_STARTER_PID 
229         then
230             echo "Stopping strongSwan IPsec..." >&2
231             kill `cat $IPSEC_STARTER_PID`
232         else
233             echo "ipsec starter is not running" >&2
234         fi
235         exit 0
236         ;;
237 up)
238         shift
239         if [ "$#" -ne 1 ]
240         then
241             echo "Usage: ipsec up <connection name>"
242             exit 1
243         fi
244         if test -e $IPSEC_PLUTO_PID
245         then
246                 $IPSEC_WHACK --name "$1" --initiate
247         fi
248         if test -e $IPSEC_CHARON_PID
249         then
250             $IPSEC_STROKE up "$1"
251         fi
252         exit 0
253         ;;
254 update)
255         if test -e $IPSEC_STARTER_PID 
256         then
257                 echo "Updating strongSwan IPsec configuration..." >&2
258                 kill -s HUP `cat $IPSEC_STARTER_PID`
259         else
260                 echo "ipsec starter is not running" >&2
261         fi
262         exit 0
263         ;;
264 version|--version)
265         echo "Linux $IPSEC_NAME $IPSEC_VERSION"
266         echo -e $IPSEC_DISTRO
267         echo "See \`ipsec --copyright' for copyright information."
268         exit 0
269         ;;
270 --*)
271         echo "$0: unknown option \`$1' (perhaps command name was omitted?)" >&2
272         exit 1
273         ;;
274 esac
275
276 cmd="$1"
277 shift
278
279 path="$IPSEC_DIR/$cmd"
280
281 if test ! -x "$path" 
282 then
283     path="$IPSEC_DIR/$cmd"
284     if test ! -x "$path"
285     then
286         echo "$0: unknown IPsec command \`$cmd' (\`ipsec --help' for list)" >&2
287         exit 1
288     fi
289 fi
290
291 exec $path "$@"