]> git.proxmox.com Git - mirror_ovs.git/blob - debian/openvswitch-ipsec.init
projects / mirror_ovs.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Prepare for 2.6.0.
[mirror_ovs.git] / debian / openvswitch-ipsec.init
1 #!/bin/sh
2 #
3 # Copyright (c) 2007, 2009 Javier Fernandez-Sanguino <jfs@debian.org>
4 #
5 # This is free software; you may redistribute it and/or modify
6 # it under the terms of the GNU General Public License as
7 # published by the Free Software Foundation; either version 2,
8 # or (at your option) any later version.
9 #
10 # This is distributed in the hope that it will be useful, but
11 # WITHOUT ANY WARRANTY; without even the implied warranty of
12 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 # GNU General Public License for more details.
14 #
15 # You should have received a copy of the GNU General Public License with
16 # the Debian operating system, in /usr/share/common-licenses/GPL; if
17 # not, write to the Free Software Foundation, Inc., 59 Temple Place,
18 # Suite 330, Boston, MA 02111-1307 USA
19 #
20 ### BEGIN INIT INFO
21 # Provides: openvswitch-ipsec
22 # Required-Start: $network $local_fs $remote_fs openvswitch-switch
23 # Required-Stop: $remote_fs
24 # Default-Start: 2 3 4 5
25 # Default-Stop: 0 1 6
26 # Short-Description: Open vSwitch GRE-over-IPsec daemon
27 # Description: The ovs-monitor-ipsec script provides support for encrypting GRE
28 # tunnels with IPsec.
29 ### END INIT INFO
30
31 PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
32
33 DAEMON=/usr/share/openvswitch/scripts/ovs-monitor-ipsec # Daemon's location
34 NAME=ovs-monitor-ipsec # Introduce the short server's name here
35 LOGDIR=/var/log/openvswitch # Log directory to use
36
37 PIDFILE=/var/run/openvswitch/$NAME.pid
38
39 test -x $DAEMON || exit 0
40
41 . /lib/lsb/init-functions
42
43 DODTIME=10 # Time to wait for the server to die, in seconds
44 # If this value is set too low you might not
45 # let some servers to die gracefully and
46 # 'restart' will not work
47
48 set -e
49
50 running_pid() {
51 # Check if a given process pid's cmdline matches a given name
52 pid=$1
53 name=$2
54 [ -z "$pid" ] && return 1
55 [ ! -d /proc/$pid ] && return 1
56 cmd=`cat /proc/$pid/cmdline | tr "\000" " "|cut -d " " -f 2`
57 # Is this the expected server
58 [ "$cmd" != "$name" ] && return 1
59 return 0
60 }
61
62 running() {
63 # Check if the process is running looking at /proc
64 # (works for all users)
65
66 # No pidfile, probably no daemon present
67 [ ! -f "$PIDFILE" ] && return 1
68 pid=`cat $PIDFILE`
69 running_pid $pid $DAEMON || return 1
70 return 0
71 }
72
73 uninstall_mark_rule() {
74 iptables -D INPUT -t mangle $1 -j MARK --set-mark 1/1 || return 0
75 }
76
77 install_mark_rule() {
78 if ( ! iptables -C INPUT -t mangle $1 -j MARK --set-mark 1/1 2> /dev/null); then
79 iptables -A INPUT -t mangle $1 -j MARK --set-mark 1/1
80 fi
81 }
82
83 start_server() {
84 if [ ! -d /var/run/openvswitch ]; then
85 install -d -m 755 -o root -g root /var/run/openvswitch
86 fi
87
88 install_mark_rule "-p esp"
89 install_mark_rule "-p udp --dport 4500"
90 /usr/share/openvswitch/scripts/ovs-monitor-ipsec \
91 --pidfile=$PIDFILE --log-file --detach --monitor \
92 unix:/var/run/openvswitch/db.sock
93
94 return 0
95 }
96
97 stop_server() {
98 if [ -e $PIDFILE ]; then
99 kill `cat $PIDFILE`
100 fi
101 uninstall_mark_rule "-p esp"
102 uninstall_mark_rule "-p udp --dport 4500"
103
104 return 0
105 }
106
107 force_stop() {
108 # Force the process to die killing it manually
109 [ ! -e "$PIDFILE" ] && return
110 if running ; then
111 kill -15 $pid
112 # Is it really dead?
113 sleep "$DODTIME"
114 if running ; then
115 kill -9 $pid
116 sleep "$DODTIME"
117 if running ; then
118 echo "Cannot kill $NAME (pid=$pid)!"
119 exit 1
120 fi
121 fi
122 fi
123 rm -f $PIDFILE
124 }
125
126
127 case "$1" in
128 start)
129 log_daemon_msg "Starting $NAME"
130 # Check if it's running first
131 if running ; then
132 log_progress_msg "apparently already running"
133 log_end_msg 0
134 exit 0
135 fi
136 if start_server && running ; then
137 # It's ok, the server started and is running
138 log_end_msg 0
139 else
140 # Either we could not start it or it is not running
141 # after we did
142 # NOTE: Some servers might die some time after they start,
143 # this code does not try to detect this and might give
144 # a false positive (use 'status' for that)
145 log_end_msg 1
146 fi
147 ;;
148 stop)
149 log_daemon_msg "Stopping $NAME"
150 if running ; then
151 # Only stop the server if we see it running
152 stop_server
153 log_end_msg $?
154 else
155 # If it's not running don't do anything
156 log_progress_msg "apparently not running"
157 log_end_msg 0
158 exit 0
159 fi
160 ;;
161 force-stop)
162 # First try to stop gracefully the program
163 $0 stop
164 if running; then
165 # If it's still running try to kill it more forcefully
166 log_daemon_msg "Stopping (force) $NAME"
167 force_stop
168 log_end_msg $?
169 fi
170 ;;
171 restart|force-reload)
172 log_daemon_msg "Restarting $NAME"
173 stop_server
174 # Wait some sensible amount, some server need this
175 [ -n "$DODTIME" ] && sleep $DODTIME
176 start_server
177 running
178 log_end_msg $?
179 ;;
180 status)
181 log_daemon_msg "Checking status of $NAME"
182 if running ; then
183 log_progress_msg "running"
184 log_end_msg 0
185 else
186 log_progress_msg "apparently not running"
187 log_end_msg 1
188 exit 1
189 fi
190 ;;
191 # Use this if the daemon cannot reload
192 reload)
193 log_warning_msg "Reloading $NAME daemon: not implemented, as the daemon"
194 log_warning_msg "cannot re-read the config file (use restart)."
195 ;;
196 *)
197 N=/etc/init.d/openvswitch-ipsec
198 echo "Usage: $N {start|stop|force-stop|restart|force-reload|status}" >&2
199 exit 1
200 ;;
201 esac
202
203 exit 0
openvswitch mirror