#!/bin/ksh
#
BSD1_IP="192.168.1.254"
BSD1_PUB_IP="172.16.1.254"
BSD1_NET="192.168.1.0/24"
BSD2_IP="192.168.2.254"
BSD2_PUB_IP="172.17.1.254"
BSD2_NET="192.168.2.0/24"
GIF0="gif0 inet"
GIFCONFIG="/usr/sbin/gifconfig"
IFCONFIG="/sbin/ifconfig"
HOSTNAME=`/bin/hostname`
NETMASK="255.255.255.0"

echo "\nStarting ipsec tunnel... "

case $HOSTNAME in
    bsd1.scanningcomp.com)
            $GIFCONFIG $GIF0 $BSD1_PUB_IP $BSD2_PUB_IP
            $IFCONFIG $GIF0 $BSD1_IP $BSD2_IP $NETMASK
            /usr/sbin/setkey -FP
            /usr/sbin/setkey -F
            /usr/sbin/setkey -c << EOF
            spdadd $BSD1_NET $BSD2_NET any -P out ipsec
            esp/tunnel/${BSD1_IP}-${BSD2_IP}/require;
            spdadd $BSD2_NET $BSD1_NET any -P in ipsec
            esp/tunnel/${BSD2_IP}-${BSD1_IP}/require;
EOF
	    /sbin/route add $BSD2_NET $BSD1_IP
	    ;;
    bsd2.scanningcomp.com)
	    $GIFCONFIG $GIF0 $BSD2_PUB_IP $BSD1_PUB_IP
	    $IFCONFIG $GIF0 $BSD2_IP $BSD1_IP $NETMASK
	    /usr/sbin/setkey -FP
	    /usr/sbin/setkey -F
	    /usr/sbin/setkey -c << EOF
	    spdadd $BSD2_NET $BSD1_NET any -P out ipsec
	    esp/tunnel/${BSD2_IP}-${BSD1_IP}/require;
	    spdadd $BSD1_NET $BSD2_NET any -P in ipsec
	    esp/tunnel/${BSD1_IP}-${BSD2_IP}/require;
EOF
	    /sbin/route add $BSD1_NET $BSD2_IP
	    ;;
esac