Add the ipcp scripts for pppd and racoon configuration for ipsec-tools.

copy_from := \

copy_from := \

	etc/dbus.conf \

	etc/dbus.conf \

	etc/init.goldfish.sh \

	etc/init.goldfish.sh \

	etc/ppp/ip-up \

	etc/ppp/ip-down \

	etc/ppp/peers/common \

	etc/racoon/racoon.conf \

	etc/hosts

	etc/hosts

dont_copy := \

dont_copy := \

	etc/init.gprs-pppd \

	etc/init.gprs-pppd \

	etc/ppp/chap-secrets \

	etc/ppp/chap-secrets

	etc/ppp/ip-down \

	etc/ppp/ip-up

copy_to := $(addprefix $(TARGET_OUT)/,$(copy_from))

copy_to := $(addprefix $(TARGET_OUT)/,$(copy_from))

copy_from := $(addprefix $(LOCAL_PATH)/,$(copy_from))

copy_from := $(addprefix $(LOCAL_PATH)/,$(copy_from))

#!/system/bin/sh

#!/system/bin/sh

case $1 in

    ppp1)

	echo 0 > /proc/sys/net/ipv4/ip_forward;

	;;

esac

# Use interface name if linkname is not available

NAME=${LINKNAME:-"$1"}

/system/bin/setprop "net.$NAME.dns1" "$DNS1"

/system/bin/setprop "net.$NAME.dns2" "$DNS2" 

/system/bin/setprop "net.$NAME.local-ip" "$IPLOCAL" 

/system/bin/setprop "net.$NAME.remote-ip" "$IPREMOTE" 

#!/system/bin/sh

#!/system/bin/sh

case $1 in

    ppp1)

	/android/bin/iptables --flush;

	/android/bin/iptables --table nat --flush;

	/android/bin/iptables --delete-chain;

	/android/bin/iptables --table nat --append POSTROUTING --out-interface ppp0 -j MASQUERADE;

	/android/bin/iptables --append FORWARD --in-interface ppp1 -j ACCEPT;

	echo 0 > /proc/sys/net/ipv4/ip_forward;

	echo 1 > /proc/sys/net/ipv4/ip_forward;

	;;

    ppp0)

        /system/bin/setprop "net.interfaces.defaultroute" "gprs"

        ;;

esac

# Use interface name if linkname is not available

# Use interface name if linkname is not available

NAME=${LINKNAME:-"$1"}

/system/bin/setprop "net.$NAME.dns1" "$DNS1"

/system/bin/setprop "net.dns1" "$DNS1"

/system/bin/setprop "net.$NAME.dns2" "$DNS2" 

/system/bin/setprop "net.dns2" "$DNS2"

/system/bin/setprop "net.$NAME.local-ip" "$IPLOCAL" 

/system/bin/setprop "net.$NAME.remote-ip" "$IPREMOTE" 

# Retrieve the default gateway from /proc/net/route

RTAB=`cat /proc/net/route`

flag=-1; i=0;

for l in $RTAB; do

    if (exp flag==1) then DGW=$l; flag=0; fi;

    if (exp i%11 == 1) then

        if (exp $l=="00000000") then flag=1; fi;

    fi;

    i=`exp i+1`;

done

FH=${DGW%????}

LH=${DGW#????}

A=`exp 0x${LH#??}`

B=`exp 0x${LH%??}`

C=`exp 0x${FH#??}`

D=`exp 0x${FH%??}`

GATEWAY="$A.$B.$C.$D"

VPNSERVER=`getprop "net.vpn.server_ip"`

# Protect the route to vpn server

/system/bin/route add -net $VPNSERVER netmask 255.255.255.255 gw $GATEWAY

# Route all traffic to vpn connection

/system/bin/route add -net 0.0.0.0 netmask 128.0.0.0 gw $IPREMOTE

/system/bin/route add -net 128.0.0.0 netmask 128.0.0.0 gw $IPREMOTE

ipcp-accept-local

ipcp-accept-remote

refuse-eap

noccp

noauth

idle 1800

mtu 1400

mru 1400

nodefaultroute

usepeerdns

#path certificate "";

path certificate "/";

sainfo anonymous {

   encryption_algorithm aes, 3des;

   authentication_algorithm hmac_sha1, hmac_md5;

   compression_algorithm deflate;

   lifetime time 3600 sec;

}

remote anonymous {

   exchange_mode main;

   doi ipsec_doi;

   situation identity_only;

   ike_frag on;

   generate_policy on;

   my_identifier asn1dn;

   nat_traversal on; # always use NAT-T

   ca_type x509 "ca.crt";

   certificate_type x509 "user.crt" "user.key";

   verify_identifier off;

   verify_cert on;

   nonce_size 16;

   initial_contact on;

   proposal_check obey;

   proposal {

      authentication_method rsasig;

      hash_algorithm sha1;

      encryption_algorithm 3des;

      lifetime time 3600 sec;

      dh_group 2;

   }

}