gcc484ntopperl-5.22
|
Last change
on this file since c5c522c was
c5c522c,
checked in by Edwin Eefting <edwin@datux.nl>, 8 years ago
|
|
initial commit, transferred from cleaned syn3 svn tree
|
-
Property mode set to
100755
|
|
File size:
976 bytes
|
| Line | |
|---|
| 1 | #!/bin/bash |
|---|
| 2 | ln -s /home/system/ipsec.d /etc 2>/dev/null |
|---|
| 3 | |
|---|
| 4 | #for some ipsec tools |
|---|
| 5 | ln -s /usr/bin/mktemp /bin 2>/dev/null |
|---|
| 6 | |
|---|
| 7 | #neccesary the first time, see https://libreswan.org/wiki/3.14_X509 |
|---|
| 8 | ipsec checknss |
|---|
| 9 | |
|---|
| 10 | |
|---|
| 11 | KEY=/etc/ipsec.d/ipsec.pub |
|---|
| 12 | if ! egrep '(ckaid|CKA_ID)' $KEY >/dev/null; then |
|---|
| 13 | rm $KEY 2>/dev/null |
|---|
| 14 | echo Generating ipsec key |
|---|
| 15 | ipsec newhostkey --bits 2192 --output $KEY || exit 1 |
|---|
| 16 | #previous command can fail without proper exit code, so check it: |
|---|
| 17 | egrep '(ckaid|CKA_ID)' $KEY >/dev/null || exit 1 |
|---|
| 18 | fi |
|---|
| 19 | depmod -a |
|---|
| 20 | |
|---|
| 21 | #deze werd niet geroteerd en dus veel te groot. |
|---|
| 22 | #logging gaat nu via syslog naar /var/log/secure. |
|---|
| 23 | rm /var/log/ipsec.log |
|---|
| 24 | |
|---|
| 25 | #VPN monitoring check script wordt vanuit hier in de crontab gezet |
|---|
| 26 | if ! crontab -l | grep syn3-ipseccheck; then |
|---|
| 27 | crontab -l > /tmp/$$.cron || exit 1 |
|---|
| 28 | echo '* * * * * /sbin/syn3-ipseccheck > /dev/null' >> /tmp/$$.cron || exit 1 |
|---|
| 29 | cat /tmp/$$.cron | crontab - || exit 1 |
|---|
| 30 | rm /tmp/$$.cron |
|---|
| 31 | fi |
|---|
| 32 | |
|---|
| 33 | |
|---|
| 34 | |
|---|
| 35 | exit 0 |
|---|
Note: See
TracBrowser
for help on using the repository browser.
