diff options
author | Bian Naimeng <biannm@cn.fujitsu.com> | 2015-02-16 11:14:34 +0800 |
---|---|---|
committer | Joe MacDonald <joe_macdonald@mentor.com> | 2015-02-23 13:40:10 -0500 |
commit | a900b9b577c625cc899293192f3654b0d2cb0670 (patch) | |
tree | 72d3f96922c2523f1ebc072cdb3178f84533cc27 /meta-networking | |
parent | b740f2712f122712b541d1fc1b2db3c43a18c97c (diff) | |
download | meta-openembedded-contrib-a900b9b577c625cc899293192f3654b0d2cb0670.tar.gz |
ipsec-tools: install a sample config file for racoon
Signed-off-by: Bian Naimeng <biannm@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Diffstat (limited to 'meta-networking')
-rw-r--r-- | meta-networking/recipes-support/ipsec-tools/ipsec-tools/racoon.conf.sample | 40 | ||||
-rw-r--r-- | meta-networking/recipes-support/ipsec-tools/ipsec-tools_0.8.2.bb | 7 |
2 files changed, 47 insertions, 0 deletions
diff --git a/meta-networking/recipes-support/ipsec-tools/ipsec-tools/racoon.conf.sample b/meta-networking/recipes-support/ipsec-tools/ipsec-tools/racoon.conf.sample new file mode 100644 index 0000000000..2948a4a35b --- /dev/null +++ b/meta-networking/recipes-support/ipsec-tools/ipsec-tools/racoon.conf.sample @@ -0,0 +1,40 @@ +# +# NOTE: This file will not be used if you use racoon-tool(8) to manage your +# IPsec connections. racoon-tool will process racoon-tool.conf(5) and +# generate a configuration (/var/lib/racoon/racoon.conf) and use it, instead +# of this file. +# +# Simple racoon.conf +# +# +# Please look in /usr/share/doc/racoon/examples for +# examples that come with the source. +# +# Please read racoon.conf(5) for details, and alsoread setkey(8). +# +# +# Also read the Linux IPSEC Howto up at +# http://www.ipsec-howto.org/t1.html +# +log notify; +path pre_shared_key "/etc/racoon/psk.txt"; +path certificate "/etc/racoon/certs"; + +#remote 172.31.1.1 { +# exchange_mode main,aggressive; +# proposal { +# encryption_algorithm 3des; +# hash_algorithm sha1; +# authentication_method pre_shared_key; +# dh_group modp1024; +# } +# generate_policy off; +#} +# +#sainfo address 192.168.203.10[any] any address 192.168.22.0/24[any] any { +# pfs_group modp768; +# encryption_algorithm 3des; +# authentication_algorithm hmac_md5; +# compression_algorithm deflate; +#} + diff --git a/meta-networking/recipes-support/ipsec-tools/ipsec-tools_0.8.2.bb b/meta-networking/recipes-support/ipsec-tools/ipsec-tools_0.8.2.bb index 8cc55ef8a3..7519d8376b 100644 --- a/meta-networking/recipes-support/ipsec-tools/ipsec-tools_0.8.2.bb +++ b/meta-networking/recipes-support/ipsec-tools/ipsec-tools_0.8.2.bb @@ -15,6 +15,7 @@ SRC_URI = "ftp://ftp.netbsd.org/pub/NetBSD/misc/ipsec-tools/0.8/ipsec-tools-${PV file://racoon-check-invalid-ivm.patch \ file://glibc-2.20.patch \ file://racoon-Resend-UPDATE-message-when-received-EINTR-message.patch \ + file://racoon.conf.sample \ " SRC_URI[md5sum] = "d53ec14a0a3ece64e09e5e34b3350b41" SRC_URI[sha256sum] = "8eb6b38716e2f3a8a72f1f549c9444c2bc28d52c9536792690564c74fe722f2d" @@ -54,6 +55,7 @@ EXTRA_OECONF = "--with-kernel-headers=${STAGING_INCDIR} \ --enable-shared \ --enable-dpd \ --enable-natt=yes \ + --sysconfdir=${sysconfdir}/racoon \ ${@base_contains('DISTRO_FEATURES', 'ipv6', '--enable-ipv6=yes', '', d)}" # See http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=530527 @@ -62,3 +64,8 @@ CFLAGS += "-fno-strict-aliasing" PACKAGECONFIG ??= "" PACKAGECONFIG[pam] = "--with-libpam,--without-libpam,libpam," PACKAGECONFIG[selinux] = "--enable-security-context,--disable-security-context,libselinux," + +do_install_append() { + install -d ${D}${sysconfdir}/racoon + install -m 0644 ${WORKDIR}/racoon.conf.sample ${D}${sysconfdir}/racoon/racoon.conf +} |