diff options
author | Daniil Baturin <daniil@vyos.io> | 2021-07-22 10:43:51 -0500 |
---|---|---|
committer | Daniil Baturin <daniil@vyos.io> | 2021-07-22 10:43:51 -0500 |
commit | ed63951fc63fe58cd1ec1f4b26f3fe955315e0cb (patch) | |
tree | ed1b6945496dab738a397b31c993ba07f5310705 /src/conf_mode | |
parent | 5149b540cba2800610b0bf5af7efedb010a6497d (diff) | |
download | vyos-1x-ed63951fc63fe58cd1ec1f4b26f3fe955315e0cb.tar.gz vyos-1x-ed63951fc63fe58cd1ec1f4b26f3fe955315e0cb.zip |
T3697: check if strongswan should be running before attempting to restart it.
Diffstat (limited to 'src/conf_mode')
-rwxr-xr-x | src/conf_mode/ipsec-settings.py | 16 |
1 files changed, 11 insertions, 5 deletions
diff --git a/src/conf_mode/ipsec-settings.py b/src/conf_mode/ipsec-settings.py index b59063fcd..b02f3bcb0 100755 --- a/src/conf_mode/ipsec-settings.py +++ b/src/conf_mode/ipsec-settings.py @@ -214,16 +214,22 @@ def restart_ipsec(): except OSError: raise ConfigError('VPN configuration error: IPSec process did not start.') -def apply(data): - # Restart IPSec daemon - restart_ipsec() +def apply(data, config): + if config.exists("vpn ipsec site-to-site peer") or \ + config.exists("vpn ipsec profile") or \ + config.exists("vpn l2tp remote-access ipsec-settings"): + # Restart IPSec daemon + restart_ipsec() + else: + print() if __name__ == '__main__': try: - c = get_config() + vyos_config = Config() + c = get_config(vyos_config) verify(c) generate(c) - apply(c) + apply(c, vyos_config) except ConfigError as e: print(e) exit(1) |