#!/bin/sh
# copyright 2005 Alexey Toptygin <alexeytATfreeshell.org>
#
# you need to customize /etc/ipsec.policy

if [ ! -x /usr/sbin/setkey ]; then {
	echo "ipspd: could not find /usr/sbin/setkey, aborting.";
	exit 1;
} fi

if [ `id -u` -ne 0 ]; then {
	echo "ipspd: must be superuser"
	exit 1
} fi

if [ ! -r /etc/ipsec.policy ]; then {
	echo "ipspd: could not find ipsec policy file /etc/ipsec.policy";
	exit 1;
} fi

start() {
	echo -n "Clearing IPSEC policies "
		/usr/sbin/setkey -PF && \
		/usr/sbin/setkey -F && \
	echo "done."
	echo -n "Setting IPSEC policies "
		/usr/sbin/setkey -f /etc/ipsec.policy && \
	echo "done."
}

stop() {
	echo -n "Clearing IPSEC policies "
		/usr/sbin/setkey -PF && \
		/usr/sbin/setkey -F && \
	echo "done."
}

status() {
	/usr/sbin/setkey -PD
	/usr/sbin/setkey -aD
}

case "$1" in
	start) start;;
	stop) stop;;
	restart) start;;
	status) status;;
	*) echo "Usage: $0 {start|stop|restart|status}";;
esac

exit 0