#!/bin/sh /etc/rc.common

START=90
STOP=10

USE_PROCD=1
PROG="/usr/libexec/ipsec/pluto"
IPSEC_SECRETS=/etc/ipsec.secrets
IPSEC_CONF=/etc/ipsec.conf
IPSEC_BIN=/usr/sbin/ipsec

checkconfig() {
    ${IPSEC_BIN} addconn --checkconfig || return 1
    mkdir -p /var/run/pluto
}

start_service() {
	checkconfig || return 1

	ipsec _stackmanager start
	# Enable nflog if configured
	ipsec --checknflog > /dev/null

	procd_open_instance
	procd_set_param command $PROG --config ${IPSEC_CONF} --nofork --secretsfile ${IPSEC_SECRETS}
	procd_set_param respawn
	procd_close_instance
}

stop_service() {
	ipsec whack --shutdown
	ipsec _stackmanager stop
	ipsec --stopnflog > /dev/null

}