[BACK]Return to rc.vpn CVS log [TXT][DIR] Up to [local] / src / share / ipsec

Diff for /src/share/ipsec/Attic/rc.vpn between version 1.1 and 1.2

version 1.1, 1998/07/30 08:14:38 version 1.2, 1999/02/24 23:33:11
Line 102 
Line 102 
 #  #
   
 # Create the SAs  # Create the SAs
 eval_and_echo "$ipsecadm new esp -src $VPN_MY_EXT_IP -dst $VPN_PEER_EXT_IP -tunnel $VPN_MY_EXT_IP $VPN_PEER_EXT_IP -spi $VPN_SPI_OUT -enc $VPN_ENC -auth $VPN_AUTH -iv $VPN_IV -key $VPN_KEY -authkey $VPN_AUTHKEY"  eval_and_echo "$ipsecadm new esp -src $VPN_MY_EXT_IP -dst $VPN_PEER_EXT_IP -forcetunnel -spi $VPN_SPI_OUT -enc $VPN_ENC -auth $VPN_AUTH -key $VPN_KEY -authkey $VPN_AUTHKEY"
   
 eval_and_echo "$ipsecadm new esp -src $VPN_PEER_EXT_IP -dst $VPN_MY_EXT_IP -tunnel $VPN_PEER_EXT_IP $VPN_MY_EXT_IP -spi $VPN_SPI_IN -enc $VPN_ENC -auth $VPN_AUTH -iv $VPN_IV -key $VPN_KEY -authkey $VPN_AUTHKEY"  eval_and_echo "$ipsecadm new esp -src $VPN_PEER_EXT_IP -dst $VPN_MY_EXT_IP -forcetunnel -spi $VPN_SPI_IN -enc $VPN_ENC -auth $VPN_AUTH -key $VPN_KEY -authkey $VPN_AUTHKEY"
   
   
 #  #
Line 112 
Line 112 
 #  #
   
 # Route between the two external IPs  # Route between the two external IPs
 eval_and_echo "ipsecadm flow -dst $VPN_PEER_EXT_IP -spi $VPN_SPI_OUT -addr $VPN_MY_EXT_IP 255.255.255.255 $VPN_PEER_EXT_IP 255.255.255.255 -local"  eval_and_echo "ipsecadm flow -proto esp -dst $VPN_PEER_EXT_IP -spi $VPN_SPI_OUT -addr $VPN_MY_EXT_IP 255.255.255.255 $VPN_PEER_EXT_IP 255.255.255.255 -local"
   
 # Routes from each internal subnet, to each internal subnet on the far side  # Routes from each internal subnet, to each internal subnet on the far side
 mycount=0  mycount=0
Line 129 
Line 129 
             eval next_peer_mask=\$VPN_PEER_INT_MASK_${peercount}              eval next_peer_mask=\$VPN_PEER_INT_MASK_${peercount}
             if [ -n "${next_peer_ip}" ]; then              if [ -n "${next_peer_ip}" ]; then
                 # set an IPSec route for this pair of networks                  # set an IPSec route for this pair of networks
                 eval_and_echo "$ipsecadm flow -dst $VPN_PEER_EXT_IP -spi $VPN_SPI_OUT -addr $next_my_ip $next_my_mask $next_peer_ip $next_peer_mask"                  eval_and_echo "$ipsecadm flow -proto esp -dst $VPN_PEER_EXT_IP -spi $VPN_SPI_OUT -addr $next_my_ip $next_my_mask $next_peer_ip $next_peer_mask"
                 peercount=`expr ${peercount} + 1`                  peercount=`expr ${peercount} + 1`
             else              else
                     break;                      break;
Line 151 
Line 151 
     if [ -n "${next_peer_ip}" ]; then      if [ -n "${next_peer_ip}" ]; then
   
         # Route from my ext IP to each remote internal subnet          # Route from my ext IP to each remote internal subnet
         eval_and_echo "$ipsecadm flow -dst $VPN_PEER_EXT_IP -spi $VPN_SPI_OUT -addr $VPN_MY_EXT_IP 255.255.255.255 $next_peer_ip $next_peer_mask -local"          eval_and_echo "$ipsecadm flow -proto esp -dst $VPN_PEER_EXT_IP -spi $VPN_SPI_OUT -addr $VPN_MY_EXT_IP 255.255.255.255 $next_peer_ip $next_peer_mask -local"
         peercount=`expr ${peercount} + 1`          peercount=`expr ${peercount} + 1`
     else      else
         break;          break;
Line 166 
Line 166 
     eval next_my_ip=\$VPN_MY_INT_IP_${mycount}      eval next_my_ip=\$VPN_MY_INT_IP_${mycount}
     eval next_my_mask=\$VPN_MY_INT_MASK_${mycount}      eval next_my_mask=\$VPN_MY_INT_MASK_${mycount}
     if [ -n "${next_my_ip}" ]; then      if [ -n "${next_my_ip}" ]; then
         eval_and_echo $ipsecadm flow -dst $VPN_PEER_EXT_IP -spi $VPN_SPI_OUT -addr $next_my_ip $next_my_mask $VPN_PEER_EXT_IP 255.255.255.255          eval_and_echo $ipsecadm flow -proto esp -dst $VPN_PEER_EXT_IP -spi $VPN_SPI_OUT -addr $next_my_ip $next_my_mask $VPN_PEER_EXT_IP 255.255.255.255
         mycount=`expr ${mycount} + 1`          mycount=`expr ${mycount} + 1`
     else      else
         break;          break;
     fi      fi
 done  done
   
   
   
Legend:
Removed from v.1.1  
changed lines
  Added in v.1.2