summaryrefslogtreecommitdiff
path: root/keyexchange/isakmpd-20041012/samples/singlehost-setup.sh
diff options
context:
space:
mode:
Diffstat (limited to 'keyexchange/isakmpd-20041012/samples/singlehost-setup.sh')
-rw-r--r--keyexchange/isakmpd-20041012/samples/singlehost-setup.sh84
1 files changed, 0 insertions, 84 deletions
diff --git a/keyexchange/isakmpd-20041012/samples/singlehost-setup.sh b/keyexchange/isakmpd-20041012/samples/singlehost-setup.sh
deleted file mode 100644
index 818ce2d..0000000
--- a/keyexchange/isakmpd-20041012/samples/singlehost-setup.sh
+++ /dev/null
@@ -1,84 +0,0 @@
-#!/bin/sh
-# $OpenBSD: singlehost-setup.sh,v 1.5 2003/08/18 09:41:40 markus Exp $
-# $EOM: singlehost-setup.sh,v 1.3 2000/11/23 12:24:43 niklas Exp $
-
-# A script to test single-host VPNs
-
-# For the 'pf' variable
-. /etc/rc.conf
-
-# Default paths
-PFCTL=/sbin/pfctl
-ISAKMPD=/sbin/isakmpd
-
-do_routes()
-{
- /sbin/route $1 -net 192.168.11.0/24 192.168.11.1 -iface >/dev/null
- /sbin/route $1 -net 192.168.12.0/24 192.168.12.1 -iface >/dev/null
- /sbin/route $1 -net 10.1.0.0/16 10.1.0.11 -iface >/dev/null
-}
-
-# Called on script exit
-cleanup () {
- if [ "x${pf}" = "xYES" -a -f ${pf_rules} ]; then
- ${PFCTL} -R -f ${pf_rules}
- else
- ${PFCTL} -qd
- fi
-
- USER=`id -p | grep ^login | cut -f2`
- chown $USER singlehost-east.conf singlehost-west.conf policy
- chmod 644 singlehost-east.conf singlehost-west.conf policy
-
- [ -p east.fifo ] && echo "Q" >> east.fifo
- [ -p west.fifo ] && echo "Q" >> west.fifo
- rm -f east.fifo west.fifo
-
- do_routes delete
-}
-
-# Start by initializing interfaces
-/sbin/ifconfig lo2 192.168.11.1 netmask 0xffffff00 up
-/sbin/ifconfig lo3 192.168.12.1 netmask 0xffffff00 up
-/sbin/ifconfig lo4 10.1.0.11 netmask 0xffff0000 up
-/sbin/ifconfig lo5 10.1.0.12 netmask 0xffff0000 up
-# ... and by adding the required routes
-do_routes add
-
-# Add rules
-(
- cat <<EOF
-pass out quick on lo2 proto 50 all
-pass out quick on lo2 from 192.168.11.0/24 to any
-pass out quick on lo3 proto 50 all
-pass out quick on lo3 from 192.168.12.0/24 to any
-block out on lo2 all
-block out on lo3 all
-EOF
- if [ "x${pf}" = "xYES" -a -f ${pf_rules} ]; then
- cat ${pf_rules} | egrep -v '^(scrub|rdr|binat|nat)'
- else
- pfctl -qe >/dev/null
- fi
-) | pfctl -R -f -
-
-trap cleanup 1 2 3 15
-
-# The configuration files needs proper owners and modes
-USER=`id -p | grep ^uid | cut -f2`
-chown $USER singlehost-east.conf singlehost-west.conf policy
-chmod 600 singlehost-east.conf singlehost-west.conf policy
-
-# Start the daemons
-rm -f east.fifo west.fifo
-${ISAKMPD} -c singlehost-east.conf -f east.fifo "$@"
-${ISAKMPD} -c singlehost-west.conf -f west.fifo "$@"
-
-# Give them some time to negotiate their stuff...
-SECS=3
-echo "Waiting $SECS seconds..."
-sleep $SECS
-echo "Running 'ping', using the tunnel..."
-ping -I 192.168.11.1 -c 5 192.168.12.1
-
-cleanup