From: Luka Perkov Date: Fri, 26 Apr 2013 23:53:56 +0000 (+0000) Subject: strongswan: introduce /etc/ipsec.user file X-Git-Url: http://git.cdn.openwrt.org/?a=commitdiff_plain;h=635509dbb5f33315136c8390f742e19f995b0c02;p=openwrt%2Fsvn-archive%2Fpackages.git strongswan: introduce /etc/ipsec.user file enable user to add their own ip (or other) rules using /etc/ipsec.user file on events like IPsec tunnel state change Signed-off-by: Luka Perkov SVN-Revision: 36462 --- diff --git a/net/strongswan/Makefile b/net/strongswan/Makefile index 610d77c2f..8d1d3bc4a 100644 --- a/net/strongswan/Makefile +++ b/net/strongswan/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=strongswan PKG_VERSION:=5.0.2 -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 PKG_SOURCE_URL:=http://download.strongswan.org/ @@ -346,6 +346,7 @@ EXTRA_LDFLAGS+= -Wl,-rpath-link,$(STAGING_DIR)/usr/lib define Package/strongswan/conffiles /etc/ipsec.conf /etc/ipsec.secrets +/etc/ipsec.user /etc/strongswan.conf endef @@ -427,6 +428,8 @@ define Plugin/updown/install $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/{_updown,_updown_espmark} $(1)/usr/lib/ipsec/ $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-updown.so $(1)/usr/lib/ipsec/plugins/ + $(INSTALL_DIR) $(1)/etc + $(INSTALL_CONF) ./files/ipsec.user $(1)/etc/ endef define Plugin/whitelist/install diff --git a/net/strongswan/files/ipsec.user b/net/strongswan/files/ipsec.user new file mode 100644 index 000000000..4351ace39 --- /dev/null +++ b/net/strongswan/files/ipsec.user @@ -0,0 +1,6 @@ +# This file is interpreted as shell script. +# Put your custom ip rules here, they will +# be executed with each call to the script +# /usr/lib/ipsec/_updown which by default +# strongswan executes. + diff --git a/net/strongswan/patches/300-include-ipsec-user-script.patch b/net/strongswan/patches/300-include-ipsec-user-script.patch new file mode 100644 index 000000000..d96e84492 --- /dev/null +++ b/net/strongswan/patches/300-include-ipsec-user-script.patch @@ -0,0 +1,17 @@ +--- a/src/_updown/_updown.in ++++ b/src/_updown/_updown.in +@@ -16,11 +16,9 @@ + # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + # for more details. + +-# CAUTION: Installing a new version of strongSwan will install a new +-# copy of this script, wiping out any custom changes you make. If +-# you need changes, make a copy of this under another name, and customize +-# that, and use the (left/right)updown parameters in ipsec.conf to make +-# strongSwan use yours instead of this default one. ++# Add your custom ip rules to the /etc/ipsec.user file if you need that functionality. ++ ++[ -e /etc/ipsec.user ] && . /etc/ipsec.user "$1" + + # things that this script gets (from ipsec_pluto(8) man page) + #