#!/bin/sh
#
# chkconfig: 2345 08 92
# description:	Starts and stops racoon and loads IPSec SPD's
#
# config: /etc/sysconfig/ipsec.spd
# config: /etc/racoon/racoon.conf

# Contributed by Kimmo Koivisto <kimmo.koivisto@surfeu.fi>
# Tested with Fedora C1

# Source function library.
. /etc/init.d/functions

RACOON=/usr/sbin/racoon
SETKEY=/sbin/setkey
IPSEC_SPD=/etc/sysconfig/ipsec.spd
VAR_SUBSYS_IPSEC=/var/lock/subsys/ipsec

if [ ! -x /usr/sbin/$RACOON ]; then
    echo -n $"/usr/sbin/$RACOON does not exist."; warning; echo
    exit 0
fi


start() {

	# Check that SPD-file exists and load it.
	if [ -f "$IPSEC_SPD" ]; then 
   		$SETKEY -f $IPSEC_SPD 
	fi
	$RACOON
	touch $VAR_SUBSYS_IPSEC
}


stop() {
	killall $RACOON 2> /dev/null
	$SETKEY -FD 
	$SETKEY -FP 
        rm -f $VAR_SUBSYS_IPSEC
}

status() {
    # Do not print status if lockfile is missing

    if [ ! -f "$VAR_SUBSYS_IPSEC" ]; then
	echo $"IPSec is stopped."
	return 1
    fi

    if [ -f "$VAR_SUBSYS_IPSEC" ]; then
	echo $"IPSec is started."
	return 0
    fi
}

restart() {
    stop
    start
}



case "$1" in
    start)
	start
	;;
    stop)
	stop
	;;
    restart)
	restart
	;;
    condrestart)
	[ -e "$VAR_SUBSYS_IPSEC" ] && restart
	;;
    status)
	status
	;;
    *)
	echo $"Usage: $0 {start|stop|restart|condrestart|status}"
	exit 1
	;;
esac

exit 0