]>
Commit | Line | Data |
---|---|---|
1 | #! @LOCALPREFIX@/bin/perl | |
2 | ||
3 | if ($< != 0) { | |
4 | print STDERR "must be root to invoke this\n"; | |
5 | exit 1; | |
6 | } | |
7 | ||
8 | $mode = 'add'; | |
9 | while ($i = shift @ARGV) { | |
10 | if ($i eq '-d') { | |
11 | $mode = 'delete'; | |
12 | } else { | |
13 | print STDERR "usage: scriptdump [-d]\n"; | |
14 | exit 1; | |
15 | } | |
16 | } | |
17 | ||
18 | open(IN, "setkey -D |") || die; | |
19 | foreach $_ (<IN>) { | |
20 | if (/^[^\t]/) { | |
21 | ($src, $dst) = split(/\s+/, $_); | |
22 | } elsif (/^\t(esp|ah) mode=(\S+) spi=(\d+).*reqid=(\d+)/) { | |
23 | ($proto, $ipsecmode, $spi, $reqid) = ($1, $2, $3, $4); | |
24 | } elsif (/^\tE: (\S+) (.*)/) { | |
25 | $ealgo = $1; | |
26 | $ekey = $2; | |
27 | $ekey =~ s/\s//g; | |
28 | $ekey =~ s/^/0x/g; | |
29 | } elsif (/^\tA: (\S+) (.*)/) { | |
30 | $aalgo = $1; | |
31 | $akey = $2; | |
32 | $akey =~ s/\s//g; | |
33 | $akey =~ s/^/0x/g; | |
34 | } elsif (/^\tseq=(0x\d+) replay=(\d+) flags=(0x\d+) state=/) { | |
35 | print "$mode $src $dst $proto $spi"; | |
36 | $replay = $2; | |
37 | print " -u $reqid" if $reqid; | |
38 | if ($mode eq 'add') { | |
39 | print " -m $ipsecmode -r $replay" if $replay; | |
40 | if ($proto eq 'esp') { | |
41 | print " -E $ealgo $ekey" if $ealgo; | |
42 | print " -A $aalgo $akey" if $aalgo; | |
43 | } elsif ($proto eq 'ah') { | |
44 | print " -A $aalgo $akey" if $aalgo; | |
45 | } | |
46 | } | |
47 | print ";\n"; | |
48 | ||
49 | $src = $dst = $upper = $proxy = ''; | |
50 | $ealgo = $ekey = $aalgo = $akey = ''; | |
51 | } | |
52 | } | |
53 | close(IN); | |
54 | ||
55 | exit 0; |