diff options
| author | Taniadz <tdziubenko@ukr.net> | 2017-10-27 11:56:38 +0300 |
|---|---|---|
| committer | Taniadz <tdziubenko@ukr.net> | 2017-10-27 11:56:38 +0300 |
| commit | d0e7c861ed20d871d71efd46caf517bbee8c1a69 (patch) | |
| tree | e10f9b8e1ef0830736d866d81854d7158c7c14f7 | |
| parent | 55d30fb7a0cf3e794cacef8210590297c37373c2 (diff) | |
| download | vyatta-cfg-vpn-d0e7c861ed20d871d71efd46caf517bbee8c1a69.tar.gz vyatta-cfg-vpn-d0e7c861ed20d871d71efd46caf517bbee8c1a69.zip | |
T126: charon listening on ALL interfaces(add ipsec restart)
| -rwxr-xr-x | scripts/vpn-config.pl | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/scripts/vpn-config.pl b/scripts/vpn-config.pl index b6f3b5d..95c783e 100755 --- a/scripts/vpn-config.pl +++ b/scripts/vpn-config.pl @@ -1253,9 +1253,14 @@ if ( $vcVPN->isDeleted('.') vpn_exec("ipsec down peer-$old_peer-tunnel-$tunnel", "Cleaning up site-to-site peer $old_peer at tunnel $tunnel"); } } - - vpn_exec('ipsec rereadall >&/dev/null', 're-read secrets and certs'); - vpn_exec('ipsec reload >&/dev/null', 'reload changes to ipsec.conf'); + my @working_interfaces = $vcVPN->returnValues("ipsec ipsec-interfaces interface"); + my @active_interfaces = $vcVPN->returnOrigValues("ipsec ipsec-interfaces interface"); + if (@working_interfaces != @active_interfaces) { + vpn_exec('ipsec restart >&/dev/null', 're-starting ipsec'); + }else { + vpn_exec('ipsec rereadall >&/dev/null', 're-read secrets and certs'); + vpn_exec('ipsec reload >&/dev/null', 'reload changes to ipsec.conf'); + } } } else { if (!defined($update_interval)) { |