#!/sbin/openrc-run # Copyright 1999-2016 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 extra_commands="checkconfig" extra_started_commands="reload" : ${FWKNOPD_BINARY:=/usr/sbin/fwknopd} : ${FWKNOPD_CONFDIR:=/etc/fwknop} : ${FWKNOPD_CONFIG:=${FWKNOPD_CONFDIR}/fwknopd.conf} : ${FWKNOPD_PIDFILE:=/run/fwknop/${SVCNAME}.pid} depend() { after iptables ip6tables ebtables firewall use logger if [ "${rc_need+set}" = "set" ]; then : # Do nothing, the user has explicitly set rc_need elif [ -f "${FWKNOPD_CONFIG}" ]; then local x warn_intf for x in $(awk '/^[[:blank:]]*PCAP_INTF/{ sub(";$", ""); print $2 }' "${FWKNOPD_CONFIG}" 2>/dev/null); do warn_intf="${warn_intf} ${x}" done if [ -n "${warn_intf}" ]; then need net ewarn "You are binding an interface in PCAP_INTF statement in your fwknopd.conf!" ewarn "You must add rc_need=\"net.FOO\" to your /etc/conf.d/${SVCNAME}," ewarn "where FOO is the following interface(s):" ewarn "${warn_intf}" else # If PCAP_INTF and PCAP_FILE are not set, then fwknopd uses eth0 if ! grep -q '^[[:blank:]]*PCAP_FILE' "${FWKNOPD_CONFIG}"; then need net ewarn "You are not binding any interface in PCAP_INTF statement in your fwknopd.conf," ewarn "neither you are providing PCAP_FILE option. Thus fwknopd will listen on eth0." ewarn "You must add rc_need=\"net.eth0\" to your /etc/conf.d/${SVCNAME}." fi fi fi } checkconfig() { if [ ! -e "${FWKNOPD_CONFDIR}"/fwknopd.conf ]; then eerror "You need ${FWKNOPD_CONFDIR}/fwknopd.conf file to run fwknopd" eerror "Example is located at /etc/fwknop/fwknopd.conf.example" return 1 fi if [ ! -e "${FWKNOPD_CONFDIR}"/access.conf ]; then eerror "You need ${FWKNOPD_CONFDIR}/access.conf file to run fwknopd" eerror "Example is located at /etc/fwknop/access.conf.example" return 1 fi [ "${FWKNOPD_PIDFILE}" != "/run/fwknop/${SVCNAME}.pid" ] \ && FWKNOPD_OPTS="${FWKNOPD_OPTS} --pid-file=${FWKNOPD_PIDFILE}" [ "${FWKNOPD_CONFDIR}" != "/etc/fwknop" ] \ && FWKNOPD_OPTS="${FWKNOPD_OPTS} \ --config=${FWKNOPD_CONFDIR}/fwknopd.conf \ --access-file=${FWKNOPD_CONFDIR}/access.conf" return 0 } start() { checkconfig || return 1 ebegin "Starting ${SVCNAME}" start-stop-daemon --start \ --exec ${FWKNOPD_BINARY} --pidfile ${FWKNOPD_PIDFILE} \ -- ${FWKNOPD_OPTS} eend $? } stop() { if [ "${RC_CMD}" = "restart" ]; then checkconfig || return 1 fi ebegin "Stopping ${SVCNAME}" start-stop-daemon --stop --pidfile ${FWKNOPD_PIDFILE} eend $? } reload() { checkconfig || return 1 ebegin "Reloading ${SVCNAME} configuration" start-stop-daemon --signal HUP --pidfile ${FWKNOPD_PIDFILE} eend $? }