summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorHans-Joerg Hoexer <hshoexer@cvs.openbsd.org>2006-03-22 15:57:57 +0000
committerHans-Joerg Hoexer <hshoexer@cvs.openbsd.org>2006-03-22 15:57:57 +0000
commit733bd6779f3ce03d715d9dec879e662e883e072f (patch)
tree5133f8d3378133eab81ad40ac29b9fdc580d9b69
parent93e62b255f32a33e21eed1171de38a9b05bb377c (diff)
As the isakmpd fifo race is fixed, hook ipsecctl to rc.
ok naddy@ todd@
-rw-r--r--etc/rc11
-rw-r--r--etc/rc.conf4
2 files changed, 13 insertions, 2 deletions
diff --git a/etc/rc b/etc/rc
index aeea4fa91d1..3191c156813 100644
--- a/etc/rc
+++ b/etc/rc
@@ -1,4 +1,4 @@
-# $OpenBSD: rc,v 1.279 2006/03/14 22:48:46 deraadt Exp $
+# $OpenBSD: rc,v 1.280 2006/03/22 15:57:55 hshoexer Exp $
# System startup script run by init on autoboot
# or after single-user.
@@ -328,6 +328,15 @@ if [ X"${isakmpd_flags}" != X"NO" ]; then
echo 'starting isakmpd'; isakmpd ${isakmpd_flags}
fi
+# $ipsec is imported from /etc/rc.conf;
+# if $ipsec == NO or /etc/ipsec.conf doesn't exist, then
+# ipsecctl isn't run.
+if [ X"${ipsec}" != X"NO" ]; then
+ if [ -f ${ipsec_rules} ]; then
+ ipsecctl -f ${ipsec_rules}
+ fi
+fi
+
echo -n 'starting initial daemons:'
# $portmap is imported from /etc/rc.conf;
diff --git a/etc/rc.conf b/etc/rc.conf
index 2f893628ab4..e9ac68a159e 100644
--- a/etc/rc.conf
+++ b/etc/rc.conf
@@ -1,6 +1,6 @@
#!/bin/sh -
#
-# $OpenBSD: rc.conf,v 1.109 2005/11/16 09:19:36 camield Exp $
+# $OpenBSD: rc.conf,v 1.110 2006/03/22 15:57:56 hshoexer Exp $
# set these to "NO" to turn them off. otherwise, they're used as flags
routed_flags=NO # for normal use: "-q"
@@ -61,6 +61,7 @@ nfs_server=NO # see sysctl.conf for nfs client configuration
lockd=NO
amd=NO
pf=NO # Packet filter / NAT
+ipsec=NO # IPsec
portmap=NO # Note: inetd(8) rpc services need portmap too
inetd=YES # almost always needed
check_quotas=YES # NO may be desirable in some YP environments
@@ -84,6 +85,7 @@ amd_dir=/tmp_mnt # AMD's mount directory
amd_master=/etc/amd/master # AMD 'master' map
syslogd_flags= # add more flags, ie. "-u -a /chroot/dev/log"
pf_rules=/etc/pf.conf # Packet filter rules file
+ipsec_rules=/etc/ipsec.conf # IPsec rules file
pflogd_flags= # add more flags, ie. "-s 256"
afsd_flags= # Flags passed to afsd
shlib_dirs= # extra directories for ldconfig, separated