e0449f0b2599f0c1a40c10f6428b8b6353507c87
1 /* strongSwan netkey starter
2 * Copyright (C) 2001-2002 Mathieu Lafon - Arkoon Network Security
4 * This program is free software; you can redistribute it and/or modify it
5 * under the terms of the GNU General Public License as published by the
6 * Free Software Foundation; either version 2 of the License, or (at your
7 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 * This program is distributed in the hope that it will be useful, but
10 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
11 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
15 #include <sys/types.h>
21 #include "../pluto/constants.h"
22 #include "../pluto/defs.h"
23 #include "../pluto/log.h"
28 starter_netkey_init(void)
32 if (stat(PROC_NETKEY
, &stb
) != 0)
34 /* af_key module makes the netkey proc interface visible */
35 if (stat(PROC_MODULES
, &stb
) == 0)
37 ignore_result(system("modprobe -qv af_key"));
41 if (stat(PROC_NETKEY
, &stb
) != 0)
44 DBG_log("kernel appears to lack the native netkey IPsec stack")
50 /* make sure that all required IPsec modules are loaded */
51 if (stat(PROC_MODULES
, &stb
) == 0)
53 ignore_result(system("modprobe -qv ah4"));
54 ignore_result(system("modprobe -qv esp4"));
55 ignore_result(system("modprobe -qv ipcomp"));
56 ignore_result(system("modprobe -qv xfrm4_tunnel"));
57 ignore_result(system("modprobe -qv xfrm_user"));
61 DBG_log("Found netkey IPsec stack")
67 starter_netkey_cleanup(void)
69 if (system("ip xfrm state > /dev/null 2>&1") == 0)
71 ignore_result(system("ip xfrm state flush"));
72 ignore_result(system("ip xfrm policy flush"));
74 else if (system("type setkey > /dev/null 2>&1") == 0)
76 ignore_result(system("setkey -F"));
77 ignore_result(system("setkey -FP"));
81 plog("WARNING: cannot flush IPsec state/policy database");
projects / strongswan.git / blob