summaryrefslogtreecommitdiff
path: root/src/conf_mode/ipsec-settings.py
diff options
context:
space:
mode:
authorDaniil Baturin <daniil@vyos.io>2021-07-22 10:43:51 -0500
committerDaniil Baturin <daniil@vyos.io>2021-07-22 10:43:51 -0500
commited63951fc63fe58cd1ec1f4b26f3fe955315e0cb (patch)
treeed1b6945496dab738a397b31c993ba07f5310705 /src/conf_mode/ipsec-settings.py
parent5149b540cba2800610b0bf5af7efedb010a6497d (diff)
downloadvyos-1x-ed63951fc63fe58cd1ec1f4b26f3fe955315e0cb.tar.gz
vyos-1x-ed63951fc63fe58cd1ec1f4b26f3fe955315e0cb.zip
T3697: check if strongswan should be running before attempting to restart it.
Diffstat (limited to 'src/conf_mode/ipsec-settings.py')
-rwxr-xr-xsrc/conf_mode/ipsec-settings.py16
1 files changed, 11 insertions, 5 deletions
diff --git a/src/conf_mode/ipsec-settings.py b/src/conf_mode/ipsec-settings.py
index b59063fcd..b02f3bcb0 100755
--- a/src/conf_mode/ipsec-settings.py
+++ b/src/conf_mode/ipsec-settings.py
@@ -214,16 +214,22 @@ def restart_ipsec():
except OSError:
raise ConfigError('VPN configuration error: IPSec process did not start.')
-def apply(data):
- # Restart IPSec daemon
- restart_ipsec()
+def apply(data, config):
+ if config.exists("vpn ipsec site-to-site peer") or \
+ config.exists("vpn ipsec profile") or \
+ config.exists("vpn l2tp remote-access ipsec-settings"):
+ # Restart IPSec daemon
+ restart_ipsec()
+ else:
+ print()
if __name__ == '__main__':
try:
- c = get_config()
+ vyos_config = Config()
+ c = get_config(vyos_config)
verify(c)
generate(c)
- apply(c)
+ apply(c, vyos_config)
except ConfigError as e:
print(e)
exit(1)