summaryrefslogtreecommitdiff
path: root/python/vyos/iflag.py
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2022-09-17 20:36:22 +0200
committerChristian Poessinger <christian@poessinger.com>2022-09-17 21:10:04 +0200
commit99b63a1eb5a4441aba4bd0c8908007450ceb7d1c (patch)
treecfc0fcd81bb5d589b2ed105646f4fc81a2509d96 /python/vyos/iflag.py
parent435016fdb353b79577c40baa23af8e01fcadd098 (diff)
downloadvyos-1x-99b63a1eb5a4441aba4bd0c8908007450ceb7d1c.tar.gz
vyos-1x-99b63a1eb5a4441aba4bd0c8908007450ceb7d1c.zip
wireguard: T4702: actively revoke peer if it gets disabled
When any configured peer is set to `disable` while the Wireguard tunnel is up and running it does not get actively revoked and removed. This poses a security risk as connections keep beeing alive. Whenever any parameter of a peer changes we actively remove the peer and fully recreate it on the fly. (cherry picked from commit a4feb96af9ac45aff41ded1744cf302b5c5a9e7e)
Diffstat (limited to 'python/vyos/iflag.py')
0 files changed, 0 insertions, 0 deletions