Merge pull request #4073 from vyos/mergify/bp/sagitta/pr-4057

op-mode: T6682: Fix for show vpn ike sa peer that always shows all SAs (backport #4057)
author: Christian Breunig <christian@breunig.cc> 2024-09-16 11:26:32 +0200
committer: GitHub <noreply@github.com> 2024-09-16 11:26:32 +0200
commit: 1844176cd1fa1e12f4a8e443d2d36ade433393ae (patch)
tree: 844702f9b57f5b2b79400bc07d750c9d2447ebd3
parent: a6290e4a43627de5b1935fc2796ec2d381d83c49 (diff)
parent: b60e27af1bbe757dd2b975d1f53409bd6ee615a1 (diff)
download: vyos-1x-1844176cd1fa1e12f4a8e443d2d36ade433393ae.tar.gz
vyos-1x-1844176cd1fa1e12f4a8e443d2d36ade433393ae.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/src/op_mode/vpn_ike_sa.py b/src/op_mode/vpn_ike_sa.py
index 5e2aaae6b..9385bcd0c 100755
--- a/src/op_mode/vpn_ike_sa.py
+++ b/src/op_mode/vpn_ike_sa.py
@@ -38,6 +38,8 @@ def ike_sa(peer, nat):
     peers = []
     for conn in sas:
         for name, sa in conn.items():
+            if peer and s(sa['remote-host']) != peer:
+                continue
             if name.startswith('peer_') and name in peers:
                 continue
             if nat and 'nat-local' not in sa:
author	Christian Breunig <christian@breunig.cc>	2024-09-16 11:26:32 +0200
committer	GitHub <noreply@github.com>	2024-09-16 11:26:32 +0200
commit	1844176cd1fa1e12f4a8e443d2d36ade433393ae (patch)
tree	844702f9b57f5b2b79400bc07d750c9d2447ebd3
parent	a6290e4a43627de5b1935fc2796ec2d381d83c49 (diff)
parent	b60e27af1bbe757dd2b975d1f53409bd6ee615a1 (diff)
download	vyos-1x-1844176cd1fa1e12f4a8e443d2d36ade433393ae.tar.gz vyos-1x-1844176cd1fa1e12f4a8e443d2d36ade433393ae.zip