]>
git.proxmox.com Git - mirror_ovs.git/blob - debian/openvswitch-ipsec.init
3 # Copyright (c) 2007, 2009 Javier Fernandez-Sanguino <jfs@debian.org>
5 # This is free software; you may redistribute it and/or modify
6 # it under the terms of the GNU General Public License as
7 # published by the Free Software Foundation; either version 2,
8 # or (at your option) any later version.
10 # This is distributed in the hope that it will be useful, but
11 # WITHOUT ANY WARRANTY; without even the implied warranty of
12 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 # GNU General Public License for more details.
15 # You should have received a copy of the GNU General Public License with
16 # the Debian operating system, in /usr/share/common-licenses/GPL; if
17 # not, write to the Free Software Foundation, Inc., 59 Temple Place,
18 # Suite 330, Boston, MA 02111-1307 USA
21 # Provides: openvswitch-ipsec
22 # Required-Start: $network $local_fs $remote_fs openvswitch-switch
23 # Required-Stop: $remote_fs
24 # Default-Start: 2 3 4 5
26 # Short-Description: Open vSwitch GRE-over-IPsec daemon
27 # Description: The ovs-monitor-ipsec script provides support for encrypting GRE
31 PATH
=/usr
/local
/sbin
:/usr
/local
/bin
:/sbin
:/bin
:/usr
/sbin
:/usr
/bin
33 DAEMON
=/usr
/share
/openvswitch
/scripts
/ovs-monitor-ipsec
# Daemon's location
34 NAME
=ovs-monitor-ipsec
# Introduce the short server's name here
35 LOGDIR
=/var
/log
/openvswitch
# Log directory to use
37 PIDFILE
=/var
/run
/openvswitch
/$NAME.pid
39 test -x $DAEMON ||
exit 0
41 .
/lib
/lsb
/init-functions
43 DODTIME
=10 # Time to wait for the server to die, in seconds
44 # If this value is set too low you might not
45 # let some servers to die gracefully and
46 # 'restart' will not work
51 # Check if a given process pid's cmdline matches a given name
54 [ -z "$pid" ] && return 1
55 [ ! -d /proc
/$pid ] && return 1
56 cmd
=`cat /proc/$pid/cmdline | tr "\000" " "|cut -d " " -f 2`
57 # Is this the expected server
58 [ "$cmd" != "$name" ] && return 1
63 # Check if the process is running looking at /proc
64 # (works for all users)
66 # No pidfile, probably no daemon present
67 [ ! -f "$PIDFILE" ] && return 1
69 running_pid
$pid $DAEMON ||
return 1
73 uninstall_mark_rule
() {
74 iptables
-D INPUT
-t mangle
$1 -j MARK
--set-mark 1/1 ||
return 0
78 if ( ! iptables
-C INPUT
-t mangle
$1 -j MARK
--set-mark 1/1 2> /dev
/null
); then
79 iptables
-A INPUT
-t mangle
$1 -j MARK
--set-mark 1/1
84 if [ ! -d /var
/run
/openvswitch
]; then
85 install -d -m 755 -o root
-g root
/var
/run
/openvswitch
88 install_mark_rule
"-p esp"
89 install_mark_rule
"-p udp --dport 4500"
90 /usr
/share
/openvswitch
/scripts
/ovs-monitor-ipsec \
91 --pidfile=$PIDFILE --log-file --detach --monitor \
92 unix
:/var
/run
/openvswitch
/db.sock
98 if [ -e $PIDFILE ]; then
101 uninstall_mark_rule
"-p esp"
102 uninstall_mark_rule
"-p udp --dport 4500"
108 # Force the process to die killing it manually
109 [ ! -e "$PIDFILE" ] && return
118 echo "Cannot kill $NAME (pid=$pid)!"
129 log_daemon_msg
"Starting $NAME"
130 # Check if it's running first
132 log_progress_msg
"apparently already running"
136 if start_server
&& running
; then
137 # It's ok, the server started and is running
140 # Either we could not start it or it is not running
142 # NOTE: Some servers might die some time after they start,
143 # this code does not try to detect this and might give
144 # a false positive (use 'status' for that)
149 log_daemon_msg
"Stopping $NAME"
151 # Only stop the server if we see it running
155 # If it's not running don't do anything
156 log_progress_msg
"apparently not running"
162 # First try to stop gracefully the program
165 # If it's still running try to kill it more forcefully
166 log_daemon_msg
"Stopping (force) $NAME"
171 restart|force-reload
)
172 log_daemon_msg
"Restarting $NAME"
174 # Wait some sensible amount, some server need this
175 [ -n "$DODTIME" ] && sleep $DODTIME
181 log_daemon_msg
"Checking status of $NAME"
183 log_progress_msg
"running"
186 log_progress_msg
"apparently not running"
191 # Use this if the daemon cannot reload
193 log_warning_msg
"Reloading $NAME daemon: not implemented, as the daemon"
194 log_warning_msg
"cannot re-read the config file (use restart)."
197 N
=/etc
/init.d
/openvswitch-ipsec
198 echo "Usage: $N {start|stop|force-stop|restart|force-reload|status}" >&2