From 4d918db9ea7236263fd1d3b272a4923886e1fb84 Mon Sep 17 00:00:00 2001 From: Noah Meyerhans Date: Thu, 11 Dec 2014 22:51:03 -0800 Subject: [PATCH] net/ipsec-tools: Install our own racoon.conf rather than using the one provided upstream. Signed-off-by: Noah Meyerhans --- net/ipsec-tools/Makefile | 5 ++--- net/ipsec-tools/files/racoon.conf | 36 +++++++++++++++++++++++++++++++ 2 files changed, 38 insertions(+), 3 deletions(-) create mode 100644 net/ipsec-tools/files/racoon.conf diff --git a/net/ipsec-tools/Makefile b/net/ipsec-tools/Makefile index a1ba117615..ae9c83c00d 100644 --- a/net/ipsec-tools/Makefile +++ b/net/ipsec-tools/Makefile @@ -11,7 +11,7 @@ include $(INCLUDE_DIR)/kernel.mk PKG_NAME:=ipsec-tools PKG_VERSION:=0.8.2 -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_MAINTAINER := "Noah Meyerhans " PKG_LICENSE := BSD-3-Clause @@ -77,8 +77,7 @@ endef define Package/ipsec-tools/install $(INSTALL_DIR) $(1)/etc - $(INSTALL_CONF) $(PKG_BUILD_DIR)/src/racoon/samples/racoon.conf $(1)/etc/ - $(SED) 's|@sysconfdir_x@|/etc|g' $(1)/etc/racoon.conf + $(INSTALL_CONF) ./files/racoon.conf $(1)/etc/racoon.conf $(INSTALL_DIR) $(1)/etc/racoon $(INSTALL_CONF) $(PKG_BUILD_DIR)/src/racoon/samples/psk.txt $(1)/etc/racoon/ $(INSTALL_DIR) $(1)/etc/init.d diff --git a/net/ipsec-tools/files/racoon.conf b/net/ipsec-tools/files/racoon.conf new file mode 100644 index 0000000000..5c05bcd347 --- /dev/null +++ b/net/ipsec-tools/files/racoon.conf @@ -0,0 +1,36 @@ +# Simple racoon.conf +# +# Refer to http://wiki.openwrt.org/doc/howto/vpn.ipsec.basics.racoon for +# details about configuring racoon in OpenWRT. +# +# Also read the Linux IPSEC Howto up at +# http://www.ipsec-howto.org/t1.html +# +# Manual pages for ipsec-tools are not included with OpenWRT. Refer to +# the following locations to view them online: +# http://linux.die.net/man/8/racoon +# http://linux.die.net/man/5/racoon.conf +# http://linux.die.net/man/8/setkey +# + +log notify; +path pre_shared_key "/etc/racoon/psk.txt"; +path certificate "/etc/racoon/certs"; + +#remote 172.31.1.1 { +# exchange_mode main,aggressive; +# proposal { +# encryption_algorithm 3des; +# hash_algorithm sha1; +# authentication_method pre_shared_key; +# dh_group modp1024; +# } +# generate_policy off; +#} +# +#sainfo address 192.168.203.10[any] any address 192.168.22.0/24[any] any { +# pfs_group modp768; +# encryption_algorithm 3des; +# authentication_algorithm hmac_md5; +# compression_algorithm deflate; +#} -- 2.30.2