diff -ruN smeserver-openswan-0.6.old/createlinks smeserver-openswan-0.6/createlinks --- smeserver-openswan-0.6.old/createlinks 2015-12-05 13:03:18.000000000 +0100 +++ smeserver-openswan-0.6/createlinks 2016-03-22 18:24:42.670000613 +0100 @@ -12,6 +12,7 @@ /etc/ipsec.secrets /etc/ipsec.d/ipsec.conf /etc/ipsec.d/ipsec.secrets + /etc/rc.d/init.d/masq )) { templates2events("$_", qw( diff -ruN smeserver-openswan-0.6.old/root/etc/e-smith/events/actions/ipsec-update smeserver-openswan-0.6/root/etc/e-smith/events/actions/ipsec-update --- smeserver-openswan-0.6.old/root/etc/e-smith/events/actions/ipsec-update 2015-12-05 13:03:18.000000000 +0100 +++ smeserver-openswan-0.6/root/etc/e-smith/events/actions/ipsec-update 2016-03-22 18:24:42.669000612 +0100 @@ -43,8 +43,8 @@ if ( $configDB->get_prop( $dbKey, 'status' ) eq 'disabled' ) { # Do we check if it is already stopped ? - # For now we stop it regradless - + # For now we stop it regardless + print "Ipsec Information - ipsec disabled - Stopping ipsec \n"; # First set ipsec access to private which disables firewall rule @@ -264,16 +264,11 @@ or die("Ipsec Error - A problem occurred with sysctl: $?"); system("/sbin/sysctl -w net.ipv4.conf.default.send_redirects=0") == 0 or die("Ipsec Error - A problem occurred with sysctl: $?"); - - # I don't believe these are required - # system("/sbin/sysctl -w net.ipv4.conf.default.accept_redirects=0") == 0 - # or die("Ipsec Error - A problem occurred with sysctl: $?"); - # system("/sbin/sysctl -w net.ipv4.conf.all.accept_redirects=0") == 0 - # or die("Ipsec Error - A problem occurred with sysctl: $?"); - # system("/sbin/sysctl -w net.ipv4.conf.eth0.accept_redirects=0") == 0 - # or die("Ipsec Error - A problem occurred with sysctl: $?"); - # system("/sbin/sysctl -w net.ipv4.conf.eth1.accept_redirects=0") == 0 - # or die("Ipsec Error - A problem occurred with sysctl: $?"); + + system("/sbin/sysctl -w net.ipv4.conf.all.accept_redirects=0") == 0 + or die("Ipsec Error - A problem occurred with sysctl: $?"); + system("/sbin/sysctl -w net.ipv4.conf.default.accept_redirects=0") == 0 + or die("Ipsec Error - A problem occurred with sysctl: $?"); system("/sbin/sysctl -w net.ipv4.conf.default.rp_filter=0") == 0 or die("Ipsec Error - A problem occurred with sysctl: $?"); @@ -291,7 +286,9 @@ sub resetRedirects { -# system ("expand-template /etc/sysctl.conf") == 0 or die ("A problem occurred with sysctl.conf: $?"); -# This should reset back to defaults - system("/sbin/sysctl -p") == 0 or die("A problem occurred with sysctl: $?"); + # system ("expand-template /etc/sysctl.conf") == 0 or die ("A problem occurred with sysctl.conf: $?"); + # This should reset back to defaults + system("/sbin/sysctl -p") == 0 + or die("Ipsec Error - A problem occurred with sysctl: $?"); } + diff -ruN smeserver-openswan-0.6.old/root/etc/e-smith/templates/etc/ipsec.conf/10Setup smeserver-openswan-0.6/root/etc/e-smith/templates/etc/ipsec.conf/10Setup --- smeserver-openswan-0.6.old/root/etc/e-smith/templates/etc/ipsec.conf/10Setup 2015-12-05 13:03:18.000000000 +0100 +++ smeserver-openswan-0.6/root/etc/e-smith/templates/etc/ipsec.conf/10Setup 2016-03-22 18:24:42.670000613 +0100 @@ -30,7 +30,7 @@ $OUT .= " protostack=netkey\n"; $OUT .= " #plutodebug=none\n"; $OUT .= " #klipsdebug=none\n"; - $OUT .= " plutostderrlog=/var/log/pluto.log\n"; + $OUT .= " plutostderrlog=/var/log/pluto/pluto.log\n"; $OUT .= " dumpdir=/var/run/pluto/\n"; $OUT .= " nat_traversal=yes\n"; @@ -66,7 +66,7 @@ chop($virtual_private); $OUT .= "$virtual_private\n"; $OUT .= "\n"; - $OUT .= "include /etc/ipsec.d/*.conf\n"; + $OUT .= "include /etc/ipsec.d/ipsec.conf\n"; # End else } diff -ruN smeserver-openswan-0.6.old/root/etc/e-smith/templates/etc/logrotate.d/pluto/00pluto smeserver-openswan-0.6/root/etc/e-smith/templates/etc/logrotate.d/pluto/00pluto --- smeserver-openswan-0.6.old/root/etc/e-smith/templates/etc/logrotate.d/pluto/00pluto 2015-12-05 13:03:18.000000000 +0100 +++ smeserver-openswan-0.6/root/etc/e-smith/templates/etc/logrotate.d/pluto/00pluto 2016-03-22 18:24:42.670000613 +0100 @@ -1,4 +1,4 @@ -/var/log/pluto.log \{ +/var/log/pluto/pluto.log \{ missingok notifempty compress