diff options
| author | Christian Poessinger <christian@poessinger.com> | 2022-08-24 19:30:53 +0200 |
|---|---|---|
| committer | Christian Poessinger <christian@poessinger.com> | 2022-08-24 19:41:00 +0200 |
| commit | f5360b98703e0a954066c099b48119daecd1c12b (patch) | |
| tree | acc1035627739ba50244c097e1cfa3bc5c0d2420 | |
| parent | 4d34c858d05afd720ed8f5cae0718b8e2c056f30 (diff) | |
| download | vyos-1x-f5360b98703e0a954066c099b48119daecd1c12b.tar.gz vyos-1x-f5360b98703e0a954066c099b48119daecd1c12b.zip | |
ipsec: T2185: use systemd to start/stop service
| -rw-r--r-- | op-mode-definitions/monitor-log.xml.in | 13 | ||||
| -rw-r--r-- | op-mode-definitions/show-log.xml.in | 2 | ||||
| -rwxr-xr-x | src/conf_mode/vpn_ipsec.py | 8 |
3 files changed, 17 insertions, 6 deletions
diff --git a/op-mode-definitions/monitor-log.xml.in b/op-mode-definitions/monitor-log.xml.in index 8a02e1f08..774acaa5c 100644 --- a/op-mode-definitions/monitor-log.xml.in +++ b/op-mode-definitions/monitor-log.xml.in @@ -224,6 +224,19 @@ </properties> <command>journalctl --no-hostname --boot --follow --unit ssh.service</command> </leafNode> + <node name="vpn"> + <properties> + <help>Show log for Virtual Private Network (VPN)</help> + </properties> + <children> + <leafNode name="ipsec"> + <properties> + <help>Monitor last lines of IPSec</help> + </properties> + <command>journalctl --no-hostname --boot --follow --unit strongswan-starter.service</command> + </leafNode> + </children> + </node> </children> </node> </children> diff --git a/op-mode-definitions/show-log.xml.in b/op-mode-definitions/show-log.xml.in index 24a1b5f3e..455bd7c64 100644 --- a/op-mode-definitions/show-log.xml.in +++ b/op-mode-definitions/show-log.xml.in @@ -386,7 +386,7 @@ <properties> <help>Show log for IPSec</help> </properties> - <command>cat $(printf "%s\n" /var/log/messages* | sort -nr) | grep -e charon</command> + <command>journalctl --no-hostname --boot --unit strongswan-starter.service</command> </leafNode> <leafNode name="l2tp"> <properties> diff --git a/src/conf_mode/vpn_ipsec.py b/src/conf_mode/vpn_ipsec.py index bad9cfbd8..5ca32d23e 100755 --- a/src/conf_mode/vpn_ipsec.py +++ b/src/conf_mode/vpn_ipsec.py @@ -595,13 +595,11 @@ def wait_for_vici_socket(timeout=5, sleep_interval=0.1): sleep(sleep_interval) def apply(ipsec): + systemd_service = 'strongswan-starter.service' if not ipsec: - call('sudo ipsec stop') + call(f'systemctl stop {systemd_service}') else: - call('sudo ipsec restart') - call('sudo ipsec rereadall') - call('sudo ipsec reload') - + call(f'systemctl reload-or-restart {systemd_service}') if wait_for_vici_socket(): call('sudo swanctl -q') |