#!/bin/bash 
#
# !!!!YOU MUST RUN THIS SCRIPT AS ROOT!!!!
#
# This is test input for the ipsadm program. This was originally
# written by Gordon Oliver, and is hereby placed in the public domain.
# There is of course NO WARRANTY for any of this, and since it is
# in the public domain, you may do as you wish...
#
# This script should tear down what testinit sets up...
#
# The configurable part is in hostsetup.
#

if [ $# != 1 ]; then
  echo "$0: usage $0 [ A | B ]";
  exit 1;
fi

SOURCE=$1
. hostsetup

#
# first lets clean up ipsec (yeah, I know it should do this automatically)
# the ordering here doesn't matter. The ref-counting should protect everything
# (and seems to actually do so)
#
sync; sync;
ipsadm << EOF
flush all;			# flush ESP and AH spi's
bundle flush;			# flush the bundles
policy flush;			# flush the policies.
EOF

#
# pull down the interfaces, this kills the hand done routes.
#
ifconfig ipsec0 down
ifconfig ipsec1 down
ifconfig ipsec2 down
ifconfig ipsec3 down
route

#
# get rid of the modules
#
sync; sync; 
rmmod ipsec
rmmod pfkey

#
# get rid of the aliased devices
#
ifconfig ${ETH}:1 down
ifconfig ${ETH}:2 down
ifconfig ${ETH}:3 down
ifconfig ${ETH}:4 down
