Improving dead IKE + ESP detection for IKEv1

author: Jason Hendry <jhendry@mintel.com> 2015-01-09 12:59:56 +0000
committer: Jason Hendry <jhendry@mintel.com> 2015-01-09 12:59:56 +0000
commit: 9bb087e651f70723b3e15806ee0a81d224537760 (patch)
tree: ca6782478f872f8ff242001ff32dd069dfa84fce /lib
parent: 022775f1548ccfc83af53198a9b4b09fb9010f0a (diff)
download: vyatta-op-vpn-9bb087e651f70723b3e15806ee0a81d224537760.tar.gz
vyatta-op-vpn-9bb087e651f70723b3e15806ee0a81d224537760.zip
1 files changed, 12 insertions, 8 deletions
diff --git a/lib/OPMode.pm b/lib/OPMode.pm
index 8493806..aa843f3 100644
--- a/lib/OPMode.pm
+++ b/lib/OPMode.pm
@@ -449,8 +449,9 @@ sub process_tunnels{
         if ($line =~ /$ike:.*ISAKMP.SA.established.*EVENT_SA_REPLACE.in.(.*?)s;/)
         {
           $tunnel_hash{$connectid}->{_ikeexpire} = $1;
-          my $atime = $tunnel_hash{$connectid}->{_ikelife} - 
-                      $tunnel_hash{$connectid}->{_ikeexpire};
+          my ($atime, $ike_lifetime, $ike_expire) = (-1, $tunnel_hash{$connectid}->{_ikelife}, $tunnel_hash{$connectid}->{_ikeexpire});
+          $atime = $ike_lifetime - $ike_expire if (($ike_lifetime ne 'n/a') && ($ike_expire ne 'n/a'));
+
           if ($atime >= 0){
             $tunnel_hash{$connectid}->{_ikestate} = "up";
           }
@@ -458,8 +459,9 @@ sub process_tunnels{
         if ($line =~ /$ike:.*ISAKMP.SA.established.*EVENT_SA_EXPIRE.in.(.*?)s;/)
         {
           $tunnel_hash{$connectid}->{_ikeexpire} = $1;
-          my $atime = $tunnel_hash{$connectid}->{_ikelife} - 
-                      $tunnel_hash{$connectid}->{_ikeexpire};
+          my ($atime, $ike_lifetime, $ike_expire) = (-1, $tunnel_hash{$connectid}->{_ikelife}, $tunnel_hash{$connectid}->{_ikeexpire});
+          $atime = $ike_lifetime - $ike_expire if (($ike_lifetime ne 'n/a') && ($ike_expire ne 'n/a'));
+
           if ($atime >= 0){
             $tunnel_hash{$connectid}->{_ikestate} = "up";
           }
@@ -486,16 +488,18 @@ sub process_tunnels{
         }
         if ($line =~ /$spi:.*?EVENT_SA_REPLACE.*? in (.*?)s;/){
           $tunnel_hash{$connectid}->{_expire} = $1;
-          my $atime = $tunnel_hash{$connectid}->{_lifetime} - 
-                      $tunnel_hash{$connectid}->{_expire};
+          my ($atime, $esp_lifetime, $esp_expire) = (-1, $tunnel_hash{$connectid}->{_lifetime}, $tunnel_hash{$connectid}->{_expire});
+          $atime = $esp_lifetime - $esp_expire if (($esp_lifetime ne 'n/a') && ($esp_expire ne 'n/a'));
+
           if ($atime >= 0){
             $tunnel_hash{$connectid}->{_state} = "up";
           } 
         }
         if ($line =~ /$spi:.*?EVENT_SA_EXPIRE in (.*?)s;/){
           $tunnel_hash{$connectid}->{_expire} = $1;
-          my $atime = $tunnel_hash{$connectid}->{_lifetime} - 
-                      $tunnel_hash{$connectid}->{_expire};
+          my ($atime, $esp_lifetime, $esp_expire) = (-1, $tunnel_hash{$connectid}->{_lifetime}, $tunnel_hash{$connectid}->{_expire});
+          $atime = $esp_lifetime - $esp_expire if (($esp_lifetime ne 'n/a') && ($esp_expire ne 'n/a'));
+
           if ($atime >= 0){
             $tunnel_hash{$connectid}->{_state} = "up";
           }
author	Jason Hendry <jhendry@mintel.com>	2015-01-09 12:59:56 +0000
committer	Jason Hendry <jhendry@mintel.com>	2015-01-09 12:59:56 +0000
commit	9bb087e651f70723b3e15806ee0a81d224537760 (patch)
tree	ca6782478f872f8ff242001ff32dd069dfa84fce /lib
parent	022775f1548ccfc83af53198a9b4b09fb9010f0a (diff)
download	vyatta-op-vpn-9bb087e651f70723b3e15806ee0a81d224537760.tar.gz vyatta-op-vpn-9bb087e651f70723b3e15806ee0a81d224537760.zip