diff options
author | Hans-Joerg Hoexer <hshoexer@cvs.openbsd.org> | 2006-03-22 15:57:57 +0000 |
---|---|---|
committer | Hans-Joerg Hoexer <hshoexer@cvs.openbsd.org> | 2006-03-22 15:57:57 +0000 |
commit | 733bd6779f3ce03d715d9dec879e662e883e072f (patch) | |
tree | 5133f8d3378133eab81ad40ac29b9fdc580d9b69 | |
parent | 93e62b255f32a33e21eed1171de38a9b05bb377c (diff) |
As the isakmpd fifo race is fixed, hook ipsecctl to rc.
ok naddy@ todd@
-rw-r--r-- | etc/rc | 11 | ||||
-rw-r--r-- | etc/rc.conf | 4 |
2 files changed, 13 insertions, 2 deletions
@@ -1,4 +1,4 @@ -# $OpenBSD: rc,v 1.279 2006/03/14 22:48:46 deraadt Exp $ +# $OpenBSD: rc,v 1.280 2006/03/22 15:57:55 hshoexer Exp $ # System startup script run by init on autoboot # or after single-user. @@ -328,6 +328,15 @@ if [ X"${isakmpd_flags}" != X"NO" ]; then echo 'starting isakmpd'; isakmpd ${isakmpd_flags} fi +# $ipsec is imported from /etc/rc.conf; +# if $ipsec == NO or /etc/ipsec.conf doesn't exist, then +# ipsecctl isn't run. +if [ X"${ipsec}" != X"NO" ]; then + if [ -f ${ipsec_rules} ]; then + ipsecctl -f ${ipsec_rules} + fi +fi + echo -n 'starting initial daemons:' # $portmap is imported from /etc/rc.conf; diff --git a/etc/rc.conf b/etc/rc.conf index 2f893628ab4..e9ac68a159e 100644 --- a/etc/rc.conf +++ b/etc/rc.conf @@ -1,6 +1,6 @@ #!/bin/sh - # -# $OpenBSD: rc.conf,v 1.109 2005/11/16 09:19:36 camield Exp $ +# $OpenBSD: rc.conf,v 1.110 2006/03/22 15:57:56 hshoexer Exp $ # set these to "NO" to turn them off. otherwise, they're used as flags routed_flags=NO # for normal use: "-q" @@ -61,6 +61,7 @@ nfs_server=NO # see sysctl.conf for nfs client configuration lockd=NO amd=NO pf=NO # Packet filter / NAT +ipsec=NO # IPsec portmap=NO # Note: inetd(8) rpc services need portmap too inetd=YES # almost always needed check_quotas=YES # NO may be desirable in some YP environments @@ -84,6 +85,7 @@ amd_dir=/tmp_mnt # AMD's mount directory amd_master=/etc/amd/master # AMD 'master' map syslogd_flags= # add more flags, ie. "-u -a /chroot/dev/log" pf_rules=/etc/pf.conf # Packet filter rules file +ipsec_rules=/etc/ipsec.conf # IPsec rules file pflogd_flags= # add more flags, ie. "-s 256" afsd_flags= # Flags passed to afsd shlib_dirs= # extra directories for ldconfig, separated |