From dd2a15158e8f22b8b1ba68160b686ff1047babf4 Mon Sep 17 00:00:00 2001
From: Daniil Baturin <daniil@baturin.org>
Date: Mon, 31 Dec 2018 11:52:29 +0100
Subject: T1108: warn the user and exit if there are no established IPsec SAs.

---
 src/op_mode/show_ipsec_sa.py | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

(limited to 'src/op_mode/show_ipsec_sa.py')

diff --git a/src/op_mode/show_ipsec_sa.py b/src/op_mode/show_ipsec_sa.py
index 9e1d6ce4d..117824632 100755
--- a/src/op_mode/show_ipsec_sa.py
+++ b/src/op_mode/show_ipsec_sa.py
@@ -1,14 +1,21 @@
 #!/usr/bin/env python3
 
 import re
+import sys
 import subprocess
 
 import tabulate
 import hurry.filesize
 
 def parse_conn_spec(s):
-    # Example: ESTABLISHED 14 seconds ago, 10.0.0.2[foo]...10.0.0.1[10.0.0.1]
-    return re.search(r'.*ESTABLISHED\s+(.*)ago,\s(.*)\[(.*)\]\.\.\.(.*)\[(.*)\].*', s).groups()
+    try:
+        # Example: ESTABLISHED 14 seconds ago, 10.0.0.2[foo]...10.0.0.1[10.0.0.1]
+        return re.search(r'.*ESTABLISHED\s+(.*)ago,\s(.*)\[(.*)\]\.\.\.(.*)\[(.*)\].*', s).groups()
+    except AttributeError:
+        # No active SAs found, so we have nothing to display
+        print("No established security associations found.")
+        print("Use \"show vpn ipsec sa\" to view inactive and connecting tunnels.")
+        sys.exit(0)
 
 def parse_ike_line(s):
     try:
-- 
cgit v1.2.3