summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorhagbard <vyosdev@derith.de>2019-12-05 13:56:26 -0800
committerhagbard <vyosdev@derith.de>2019-12-05 13:56:26 -0800
commitfde531d3791a3d71aa27f99244d7cbb3b3625bf0 (patch)
treebc4a759d58a3a4ebe0fda974897fbff26065eefd
parentc9390e9f1522cf5208dcdce59f2913639ab7fd6d (diff)
downloadvyos-1x-fde531d3791a3d71aa27f99244d7cbb3b3625bf0.tar.gz
vyos-1x-fde531d3791a3d71aa27f99244d7cbb3b3625bf0.zip
wireguard: T1853: disable peer doesn't work
-rwxr-xr-xsrc/conf_mode/interfaces-wireguard.py5
1 files changed, 5 insertions, 0 deletions
diff --git a/src/conf_mode/interfaces-wireguard.py b/src/conf_mode/interfaces-wireguard.py
index 013a07f32..cac911c8c 100755
--- a/src/conf_mode/interfaces-wireguard.py
+++ b/src/conf_mode/interfaces-wireguard.py
@@ -169,6 +169,10 @@ def get_config():
if key_eff != key_cfg and key_eff != None:
wg['peer_remove'].append(key_cfg)
+ # if a peer is disabled, we have to exec a remove for it's pubkey
+ else:
+ peer_key = c.return_value('peer {peer} pubkey'.format(peer=p))
+ wg['peer_remove'].append(peer_key)
return wg
@@ -191,6 +195,7 @@ def verify(c):
if not c['peer'][p]['pubkey']:
raise ConfigError("peer pubkey required for peer " + p)
+
def apply(c):
# no wg configs left, remove all interface from system
# maybe move it into ifconfig.py