[BACK]Return to rc.vpn CVS log [TXT][DIR] Up to [local] / src / share / ipsec

Diff for /src/share/ipsec/Attic/rc.vpn between version 1.8 and 1.9

version 1.8, 2000/01/10 08:32:03 version 1.9, 2000/01/13 05:19:10
Line 84 
Line 84 
 # Create the flows  # Create the flows
 #  #
   
 # Gateway to gateway  # Gateway to gateway (both egress and ingress flows)
 $DEBUG $ipsecadm flow -proto esp -dst $GW_PEER -spi $SPI_OUT \  $DEBUG $ipsecadm flow -proto esp -dst $GW_PEER -spi $SPI_OUT \
     -addr $GW_LOCAL 255.255.255.255 $GW_PEER 255.255.255.255      -addr $GW_LOCAL 255.255.255.255 $GW_PEER 255.255.255.255
   $DEBUG $ipsecadm flow -proto esp -dst $GW_LOCAL -spi $SPI_IN \
       -addr $GW_PEER 255.255.255.255 $GW_LOCAL 255.255.255.255 -ingress
   
 # Flows from each local, to each remote, subnet  # Flows from each local to each remote subnet, and vice versa for
   # ACL entries
 mycount=0  mycount=0
 while :  while :
 do  do
Line 108 
Line 111 
                 $DEBUG $ipsecadm flow \                  $DEBUG $ipsecadm flow \
                     -proto esp -dst $GW_PEER -spi $SPI_OUT \                      -proto esp -dst $GW_PEER -spi $SPI_OUT \
                     -addr $local_net $local_mask $remote_net $remote_mask                      -addr $local_net $local_mask $remote_net $remote_mask
   
                   $DEBUG $ipsecadm flow \
                       -proto esp -dst $GW_LOCAL -spi $SPI_IN -ingress \
                       -addr $remote_net $remote_mask $local_net $local_mask
                 peercount=$(($peercount + 1))                  peercount=$(($peercount + 1))
             else              else
                 break;                  break;
Line 121 
Line 128 
   
 # XXX Stuff below is mainly for testing, may be removed later.  # XXX Stuff below is mainly for testing, may be removed later.
   
 # Flows from local gw to each remote subnet  # Flows from local gw to each remote subnet, and vice versa
 peercount=0  peercount=0
 while :  while :
 do  do
Line 133 
Line 140 
         $DEBUG $ipsecadm flow \          $DEBUG $ipsecadm flow \
             -proto esp -dst $GW_PEER -spi $SPI_OUT \              -proto esp -dst $GW_PEER -spi $SPI_OUT \
             -addr $GW_LOCAL 255.255.255.255 $remote_net $remote_mask              -addr $GW_LOCAL 255.255.255.255 $remote_net $remote_mask
   
           $DEBUG $ipsecadm flow \
               -proto esp -dst $GW_LOCAL -spi $SPI_IN -ingress\
               -addr $remote_net $remote_mask $GW_LOCAL 255.255.255.255
         peercount=$(($peercount + 1))          peercount=$(($peercount + 1))
     else      else
         break;          break;
     fi      fi
 done  done
   
 # Flows from local subnets to the remote gw  # Flows from local subnets to the remote gw and vice versa
 mycount=0  mycount=0
 while :  while :
 do  do
Line 151 
Line 162 
         $DEBUG $ipsecadm flow \          $DEBUG $ipsecadm flow \
             -proto esp -dst $GW_PEER -spi $SPI_OUT \              -proto esp -dst $GW_PEER -spi $SPI_OUT \
             -addr $local_net $local_mask $GW_PEER 255.255.255.255              -addr $local_net $local_mask $GW_PEER 255.255.255.255
   
           $DEBUG $ipsecadm flow \
               -proto esp -dst $GW_LOCAL -spi $SPI_IN -ingress\
               -addr $GW_PEER 255.255.255.255 $local_net $local_mask
         mycount=$(($mycount + 1))          mycount=$(($mycount + 1))
     else      else
         break;          break;
Legend:
Removed from v.1.8  
changed lines
  Added in v.1.9