Ansis Atteka aatteka@nicira.com
Anupam Chanda achanda@nicira.com
Arun Sharma arun.sharma@calsoftinc.com
+Aryan TaheriMonfared aryan.taherimonfared@uis.no
Ben Pfaff blp@nicira.com
Brian Kruger bkruger+ovsdev@gmail.com
Bruce Davie bsd@nicira.com
Damien Millescamps damien.millescamps@6wind.com
Dan Carpenter dan.carpenter@oracle.com
Dan Wendlandt dan@nicira.com
+Daniel Hiltgen daniel@netkine.com
Daniel Roman droman@nicira.com
Danny Kukawka danny.kukawka@bisect.de
David Erickson derickso@stanford.edu
return 0
}
+uninstall_mark_rule() {
+ iptables -D INPUT -t mangle $1 -j MARK --set-mark 1/1 || return 0
+}
+
+install_mark_rule() {
+ if ( ! iptables -C INPUT -t mangle $1 -j MARK --set-mark 1/1 2> /dev/null); then
+ iptables -A INPUT -t mangle $1 -j MARK --set-mark 1/1
+ fi
+}
+
start_server() {
if [ ! -d /var/run/openvswitch ]; then
install -d -m 755 -o root -g root /var/run/openvswitch
fi
+ install_mark_rule "-p esp"
+ install_mark_rule "-p udp --dport 4500"
/usr/share/openvswitch/scripts/ovs-monitor-ipsec \
--pidfile=$PIDFILE --log-file --detach --monitor \
unix:/var/run/openvswitch/db.sock
if [ -e $PIDFILE ]; then
kill `cat $PIDFILE`
fi
+ uninstall_mark_rule "-p esp"
+ uninstall_mark_rule "-p udp --dport 4500"
return 0
}