diff options
| author | John Southworth <john.southworth@vyatta.com> | 2011-02-07 15:59:03 -0600 |
|---|---|---|
| committer | John Southworth <john.southworth@vyatta.com> | 2011-02-07 15:59:03 -0600 |
| commit | 792342e864a70bd162af3a00837bab0c0d3b49b0 (patch) | |
| tree | 1500e5f56514231b5b70f52d9592ee22bea4e59d /scripts | |
| parent | 1bd907e77e17891f604de1e455af11474094321d (diff) | |
| download | vyatta-cfg-vpn-792342e864a70bd162af3a00837bab0c0d3b49b0.tar.gz vyatta-cfg-vpn-792342e864a70bd162af3a00837bab0c0d3b49b0.zip | |
Bugfix 5802: add auto-update feature, for Dynamic DNS peers
Diffstat (limited to 'scripts')
| -rwxr-xr-x | scripts/vpn-config.pl | 24 | ||||
| -rwxr-xr-x | scripts/vyatta-vpn-ppp-updown.pl | 14 |
2 files changed, 32 insertions, 6 deletions
diff --git a/scripts/vpn-config.pl b/scripts/vpn-config.pl index 2ffabc8..3aba73f 100755 --- a/scripts/vpn-config.pl +++ b/scripts/vpn-config.pl @@ -1108,11 +1108,29 @@ if ( $vcVPN->isDeleted('.') ); print "Clustering configured - not restarting ipsec\n"; } else { + my $update_interval = $vcVPN->returnValue("ipsec auto-update"); + my $update_interval_orig = $vcVPN->returnOrigValue("ipsec auto-update"); + $update_interval_orig = 0 if !defined($update_interval_orig); if ( is_vpn_running() ) { - vpn_exec( 'ipsec rereadall >&/dev/null', 're-read secrets and certs' ); - vpn_exec( 'ipsec update >&/dev/null', 'update changes to ipsec.conf' ); + if (defined($update_interval) && ($update_interval != $update_interval_orig)){ + print "Re-starting IPsec daemon to activate new auto-update interval...\n"; + vpn_exec( 'ipsec restart --auto-update '.$update_interval.' >&/dev/null', + 're-starting ipsec with updated auto-update interval $update_interval' ); + } elsif (!defined($update_interval) && ($update_interval_orig != 0)){ + print "Re-starting IPsec daemon to deactivate auto-update...\n"; + vpn_exec( 'ipsec restart >&/dev/null', 're-starting ipsec' ); + } + else { + vpn_exec( 'ipsec rereadall >&/dev/null', 're-read secrets and certs' ); + vpn_exec( 'ipsec update >&/dev/null', 'update changes to ipsec.conf' ); + } } else { - vpn_exec( 'ipsec start >&/dev/null', 'start ipsec' ); + if (! defined($update_interval) ) { + vpn_exec( 'ipsec start >&/dev/null', 'start ipsec' ); + } else { + vpn_exec( 'ipsec start --auto-update '.$update_interval.' >&/dev/null', + 'start ipsec with auto-update $update_interval' ); + } } } } diff --git a/scripts/vyatta-vpn-ppp-updown.pl b/scripts/vyatta-vpn-ppp-updown.pl index 00df619..3150061 100755 --- a/scripts/vyatta-vpn-ppp-updown.pl +++ b/scripts/vyatta-vpn-ppp-updown.pl @@ -161,9 +161,17 @@ my ($cmd, $rc); $cmd = "mv $tmp_conf $conf_file"; $rc =system($cmd); logit("$cmd = $rc"); -$cmd = "/usr/sbin/ipsec start 2> /dev/null"; -$rc =system($cmd); -logit("$cmd = $rc"); +my $update_interval = `cli-shell-api returnActiveValue vpn ipsec auto-update`; +if ($update_interval = ''){ + $cmd = "/usr/sbin/ipsec start 2> /dev/null"; + $rc =system($cmd); + logit("$cmd = $rc"); +} else { + $cmd = "/usr/sbin/ipsec start --auto-update ".$update_interval." 2> /dev/null"; + $rc =system($cmd); + logit("$cmd = $rc"); +} + $cmd = "/usr/sbin/ipsec rereadall 2> /dev/null"; $rc = system($cmd); logit("$cmd = $rc"); |