#!/bin/sh

PATH=/bin:/sbin:/usr/bin:/usr/sbin

mtu=1460
me=192.168.32.1

case "$PLUTO_CONNECTION" in
roadw-eap)
    case "$PLUTO_VERB" in
    up-client)
	if [ -n "$PLUTO_REQID" ]; then
	  ifname=$(ifconfig -g "r${PLUTO_REQID}g")
	  if [ -z "$ifname" ]; then
	    ifname=$(ifconfig ipsec create \
		inet $me "$PLUTO_PEER_SOURCEIP" netmask 255.255.255.255 \
		tunnel "$PLUTO_ME" "$PLUTO_PEER" \
		reqid "$PLUTO_REQID" group "r${PLUTO_REQID}g" mtu $mtu \
		description "ikev2: ${PLUTO_XAUTH_ID} $PLUTO_PEER_SOURCEIP $PLUTO_ME $PLUTO_PEER"
	    )
	  fi
	fi
	;;
    down-client)
	if [ -n "$PLUTO_REQID" ]; then
	  ifname=$(ifconfig -g "r${PLUTO_REQID}g")
	  [ -n "$ifname" ] && ifconfig "$ifname" destroy
	fi
	;;
    esac
    ;;
esac
exit 0