10a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#! /usr/pkg/bin/perl 20a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 30a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangdie "insufficient arguments" if (scalar(@ARGV) < 2); 40a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang$src = $ARGV[0]; 50a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang$dst = $ARGV[1]; 60a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang$mode = 'transport'; 70a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangif (scalar(@ARGV) > 2) { 80a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang $mode = $ARGV[2]; 90a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang} 100a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 110a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangopen(OUT, "|setkey -c"); 120a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangif ($mode eq 'transport') { 130a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang print STDERR "install esp transport mode: $src -> $dst\n"; 140a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang print OUT "spdadd $src $dst any -P out ipsec esp/transport//require;\n"; 150a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang print OUT "spdadd $dst $src any -P in ipsec esp/transport//require;\n"; 160a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang} elsif ($mode eq 'delete') { 170a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang print STDERR "delete policy: $src -> $dst\n"; 180a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang print OUT "spddelete $src $dst any -P out;\n"; 190a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang print OUT "spddelete $dst $src any -P in;\n"; 200a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang} 210a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangclose(OUT); 22