/[smecontribs]/rpms/smeserver-openswan/contribs8/smeserver-openswan-move-logfile.patch
ViewVC logotype

Contents of /rpms/smeserver-openswan/contribs8/smeserver-openswan-move-logfile.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph

Revision 1.1 - (show annotations) (download)
Thu Mar 24 15:58:19 2016 UTC (8 years, 1 month ago) by reetspetit
Branch: MAIN
CVS Tags: smeserver-openswan-0_6-5_el5_sme, smeserver-openswan-0_6-6_el5_sme, smeserver-openswan-0_6-7_el5_sme, HEAD 
* Thu Mar 24 2016 John Crisp <jcrisp@safeandsoundit.co.uk> 0.6-5.sme
- Add debug db key to /etc/ipsec.conf
- Remove setting public/private keys as they won't affect unless templates are re-expanded
- Set xfrm_larval_drop drop correctly
- minor formatting
1 diff -ruN smeserver-openswan-0.6.old/createlinks smeserver-openswan-0.6/createlinks
2 --- smeserver-openswan-0.6.old/createlinks 2015-12-05 13:03:18.000000000 +0100
3 +++ smeserver-openswan-0.6/createlinks 2016-03-22 18:24:42.670000613 +0100
4 @@ -12,6 +12,7 @@
5 /etc/ipsec.secrets
6 /etc/ipsec.d/ipsec.conf
7 /etc/ipsec.d/ipsec.secrets
8 + /etc/rc.d/init.d/masq
9 ))
10 {
11 templates2events("$_", qw(
12 diff -ruN smeserver-openswan-0.6.old/root/etc/e-smith/events/actions/ipsec-update smeserver-openswan-0.6/root/etc/e-smith/events/actions/ipsec-update
13 --- smeserver-openswan-0.6.old/root/etc/e-smith/events/actions/ipsec-update 2015-12-05 13:03:18.000000000 +0100
14 +++ smeserver-openswan-0.6/root/etc/e-smith/events/actions/ipsec-update 2016-03-22 18:24:42.669000612 +0100
15 @@ -43,8 +43,8 @@
16 if ( $configDB->get_prop( $dbKey, 'status' ) eq 'disabled' ) {
17
18 # Do we check if it is already stopped ?
19 - # For now we stop it regradless
20 -
21 + # For now we stop it regardless
22 +
23 print "Ipsec Information - ipsec disabled - Stopping ipsec \n";
24
25 # First set ipsec access to private which disables firewall rule
26 @@ -264,16 +264,11 @@
27 or die("Ipsec Error - A problem occurred with sysctl: $?");
28 system("/sbin/sysctl -w net.ipv4.conf.default.send_redirects=0") == 0
29 or die("Ipsec Error - A problem occurred with sysctl: $?");
30 -
31 - # I don't believe these are required
32 - # system("/sbin/sysctl -w net.ipv4.conf.default.accept_redirects=0") == 0
33 - # or die("Ipsec Error - A problem occurred with sysctl: $?");
34 - # system("/sbin/sysctl -w net.ipv4.conf.all.accept_redirects=0") == 0
35 - # or die("Ipsec Error - A problem occurred with sysctl: $?");
36 - # system("/sbin/sysctl -w net.ipv4.conf.eth0.accept_redirects=0") == 0
37 - # or die("Ipsec Error - A problem occurred with sysctl: $?");
38 - # system("/sbin/sysctl -w net.ipv4.conf.eth1.accept_redirects=0") == 0
39 - # or die("Ipsec Error - A problem occurred with sysctl: $?");
40 +
41 + system("/sbin/sysctl -w net.ipv4.conf.all.accept_redirects=0") == 0
42 + or die("Ipsec Error - A problem occurred with sysctl: $?");
43 + system("/sbin/sysctl -w net.ipv4.conf.default.accept_redirects=0") == 0
44 + or die("Ipsec Error - A problem occurred with sysctl: $?");
45
46 system("/sbin/sysctl -w net.ipv4.conf.default.rp_filter=0") == 0
47 or die("Ipsec Error - A problem occurred with sysctl: $?");
48 @@ -291,7 +286,9 @@
49
50 sub resetRedirects {
51
52 -# system ("expand-template /etc/sysctl.conf") == 0 or die ("A problem occurred with sysctl.conf: $?");
53 -# This should reset back to defaults
54 - system("/sbin/sysctl -p") == 0 or die("A problem occurred with sysctl: $?");
55 + # system ("expand-template /etc/sysctl.conf") == 0 or die ("A problem occurred with sysctl.conf: $?");
56 + # This should reset back to defaults
57 + system("/sbin/sysctl -p") == 0
58 + or die("Ipsec Error - A problem occurred with sysctl: $?");
59 }
60 +
61 diff -ruN smeserver-openswan-0.6.old/root/etc/e-smith/templates/etc/ipsec.conf/10Setup smeserver-openswan-0.6/root/etc/e-smith/templates/etc/ipsec.conf/10Setup
62 --- smeserver-openswan-0.6.old/root/etc/e-smith/templates/etc/ipsec.conf/10Setup 2015-12-05 13:03:18.000000000 +0100
63 +++ smeserver-openswan-0.6/root/etc/e-smith/templates/etc/ipsec.conf/10Setup 2016-03-22 18:24:42.670000613 +0100
64 @@ -30,7 +30,7 @@
65 $OUT .= " protostack=netkey\n";
66 $OUT .= " #plutodebug=none\n";
67 $OUT .= " #klipsdebug=none\n";
68 - $OUT .= " plutostderrlog=/var/log/pluto.log\n";
69 + $OUT .= " plutostderrlog=/var/log/pluto/pluto.log\n";
70 $OUT .= " dumpdir=/var/run/pluto/\n";
71 $OUT .= " nat_traversal=yes\n";
72
73 @@ -66,7 +66,7 @@
74 chop($virtual_private);
75 $OUT .= "$virtual_private\n";
76 $OUT .= "\n";
77 - $OUT .= "include /etc/ipsec.d/*.conf\n";
78 + $OUT .= "include /etc/ipsec.d/ipsec.conf\n";
79
80 # End else
81 }
82 diff -ruN smeserver-openswan-0.6.old/root/etc/e-smith/templates/etc/logrotate.d/pluto/00pluto smeserver-openswan-0.6/root/etc/e-smith/templates/etc/logrotate.d/pluto/00pluto
83 --- smeserver-openswan-0.6.old/root/etc/e-smith/templates/etc/logrotate.d/pluto/00pluto 2015-12-05 13:03:18.000000000 +0100
84 +++ smeserver-openswan-0.6/root/etc/e-smith/templates/etc/logrotate.d/pluto/00pluto 2016-03-22 18:24:42.670000613 +0100
85 @@ -1,4 +1,4 @@
86 -/var/log/pluto.log \{
87 +/var/log/pluto/pluto.log \{
88 missingok
89 notifempty
90 compress
admin@koozali.org
 ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed