Patch file for network rc script
Matt Blecha
mblecha at coloradosmart.com
Mon Jul 5 21:50:41 UTC 2004
I have included a patch for /etc/rc.d/init.d/network to include the
ability to start and stop the setkey ipsec system...
1. Add "NETWORKING_IPSEC=yes" to /etc/sysconfig/network and patch
-p0 /etc/rc.d/init.d/network with the patch file.
2. Create /etc/ipsec.conf with keys & SAs according to ipsec.conf
man page or http://www.ipsec-howto.org/ (I also recommended using
libc6's contrib 'xxd' package for key generations, unless you plan on
using certs.)
3. Configure persistent static routes for hosts/networks.
4. Set: "net.ipv4.ip_forward=1" in /etc/sysctl.conf if you're using
tunnel mode.
5. Restart Networking.
If anyone has any suggestions for the diff file, please let me know...
--
-Matt Blecha-
CEO
ColoradoSmart
(303) 766-8519
mblecha at coloradosmart.com
http://www.coloradosmart.com/
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: network.patch
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20040705/79735114/attachment-0001.ksh>
More information about the fedora-list
mailing list