-+ insmod -v ipsec
- fi
- if test ! -f $ipsecversion
- then
-diff -Nur openswan-2.4.5rc5/programs/_startklips/_startklips.in.orig openswan-2.4.5rc5.patched/programs/_startklips/_startklips.in.orig
---- openswan-2.4.5rc5/programs/_startklips/_startklips.in.orig 1970-01-01 01:00:00.000000000 +0100
-+++ openswan-2.4.5rc5.patched/programs/_startklips/_startklips.in.orig 2005-11-25 00:08:05.000000000 +0100
-@@ -0,0 +1,407 @@
-+#!/bin/sh
-+# KLIPS startup script
-+# Copyright (C) 1998, 1999, 2001, 2002 Henry Spencer.
-+#
-+# This program is free software; you can redistribute it and/or modify it
-+# under the terms of the GNU General Public License as published by the
-+# Free Software Foundation; either version 2 of the License, or (at your
-+# option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+#
-+# This program is distributed in the hope that it will be useful, but
-+# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+# for more details.
-+#
-+# RCSID $Id$
-+
-+me='ipsec _startklips' # for messages
-+
-+# KLIPS-related paths
-+sysflags=/proc/sys/net/ipsec
-+modules=/proc/modules
-+# full rp_filter path is $rpfilter1/interface/$rpfilter2
-+rpfilter1=/proc/sys/net/ipv4/conf
-+rpfilter2=rp_filter
-+# %unchanged or setting (0, 1, or 2)
-+rpfiltercontrol=0
-+ipsecversion=/proc/net/ipsec_version
-+moduleplace=/lib/modules/`uname -r`/kernel/net/ipsec
-+bareversion=`uname -r | sed -e 's/\.nptl//' | sed -e 's/^\(2\.[0-9]\.[1-9][0-9]*-[1-9][0-9]*\(\.[0-9][0-9]*\)*\(\.x\)*\).*$/\1/'`
-+moduleinstplace=/lib/modules/$bareversion/kernel/net/ipsec
-+case $bareversion in
-+ 2.6*)
-+ modulename=ipsec.ko
-+ ;;
-+ *)
-+ modulename=ipsec.o
-+ ;;
-+esac
-+
-+klips=true
-+netkey=/proc/net/pfkey
-+
-+info=/dev/null
-+log=daemon.error
-+for dummy
-+do
-+ case "$1" in
-+ --log) log="$2" ; shift ;;
-+ --info) info="$2" ; shift ;;
-+ --debug) debug="$2" ; shift ;;
-+ --omtu) omtu="$2" ; shift ;;
-+ --fragicmp) fragicmp="$2" ; shift ;;
-+ --hidetos) hidetos="$2" ; shift ;;
-+ --rpfilter) rpfiltercontrol="$2" ; shift ;;
-+ --) shift ; break ;;
-+ -*) echo "$me: unknown option \`$1'" >&2 ; exit 2 ;;
-+ *) break ;;
-+ esac
-+ shift
-+done
-+
-+
-+
-+# some shell functions, to clarify the actual code
-+
-+# set up a system flag based on a variable
-+# sysflag value shortname default flagname
-+sysflag() {
-+ case "$1" in
-+ '') v="$3" ;;
-+ *) v="$1" ;;
-+ esac
-+ if test ! -f $sysflags/$4
-+ then
-+ if test " $v" != " $3"
-+ then
-+ echo "cannot do $2=$v, $sysflags/$4 does not exist"
-+ exit 1
-+ else
-+ return # can't set, but it's the default anyway
-+ fi
-+ fi
-+ case "$v" in
-+ yes|no) ;;
-+ *) echo "unknown (not yes/no) $2 value \`$1'"
-+ exit 1
-+ ;;
-+ esac
-+ case "$v" in
-+ yes) echo 1 >$sysflags/$4 ;;
-+ no) echo 0 >$sysflags/$4 ;;
-+ esac
-+}
-+
-+# set up a Klips interface
-+klipsinterface() {
-+ # pull apart the interface spec
-+ virt=`expr $1 : '\([^=]*\)=.*'`
-+ phys=`expr $1 : '[^=]*=\(.*\)'`
-+ case "$virt" in
-+ ipsec[0-9]) ;;
-+ *) echo "invalid interface \`$virt' in \`$1'" ; exit 1 ;;
-+ esac
-+
-+ # figure out ifconfig for interface
-+ addr=
-+ eval `ifconfig $phys |
-+ awk '$1 == "inet" && $2 ~ /^addr:/ && $NF ~ /^Mask:/ {
-+ gsub(/:/, " ", $0)
-+ print "addr=" $3
-+ other = $5
-+ if ($4 == "Bcast")
-+ print "type=broadcast"
-+ else if ($4 == "P-t-P")
-+ print "type=pointopoint"
-+ else if (NF == 5) {
-+ print "type="
-+ other = ""
-+ } else
-+ print "type=unknown"
-+ print "otheraddr=" other
-+ print "mask=" $NF
-+ }'`
-+ if test " $addr" = " "
-+ then
-+ echo "unable to determine address of \`$phys'"
-+ exit 1
-+ fi
-+ if test " $type" = " unknown"
-+ then
-+ echo "\`$phys' is of an unknown type"
-+ exit 1
-+ fi
-+ if test " $omtu" != " "
-+ then
-+ mtu="mtu $omtu"
-+ else
-+ mtu=
-+ fi
-+ echo "KLIPS $virt on $phys $addr/$mask $type $otheraddr $mtu" | logonly
-+
-+ if $klips
-+ then
-+ # attach the interface and bring it up
-+ ipsec tncfg --attach --virtual $virt --physical $phys
-+ ifconfig $virt inet $addr $type $otheraddr netmask $mask $mtu
-+ fi
-+
-+ # if %defaultroute, note the facts
-+ if test " $2" != " "
-+ then
-+ (
-+ echo "defaultroutephys=$phys"
-+ echo "defaultroutevirt=$virt"
-+ echo "defaultrouteaddr=$addr"
-+ if test " $2" != " 0.0.0.0"
-+ then
-+ echo "defaultroutenexthop=$2"
-+ fi
-+ ) >>$info
-+ else
-+ echo '#dr: no default route' >>$info
-+ fi
-+
-+ # check for rp_filter trouble
-+ checkif $phys # thought to be a problem only on phys
-+}
-+
-+# check an interface for problems
-+checkif() {
-+ $klips || return 0
-+ rpf=$rpfilter1/$1/$rpfilter2
-+ if test -f $rpf
-+ then
-+ r="`cat $rpf`"
-+ if test " $r" != " 0"