diff options
author | Christian Poessinger <christian@poessinger.com> | 2021-09-25 10:09:30 +0200 |
---|---|---|
committer | Christian Poessinger <christian@poessinger.com> | 2021-09-25 10:10:23 +0200 |
commit | bcf7a9bb38c537bb1bdc5b37c680e3c65a785278 (patch) | |
tree | 6067a17027274998c79552147cc104239c496a51 | |
parent | d3b951f2417589b30469970ef5124b8a99ce968d (diff) | |
download | vyos-1x-bcf7a9bb38c537bb1bdc5b37c680e3c65a785278.tar.gz vyos-1x-bcf7a9bb38c537bb1bdc5b37c680e3c65a785278.zip |
ipsec: T2816: ipsec-dhclient-hook should only run if swanctl.conf exists
-rwxr-xr-x | src/etc/dhcp/dhclient-exit-hooks.d/ipsec-dhclient-hook | 33 |
1 files changed, 17 insertions, 16 deletions
diff --git a/src/etc/dhcp/dhclient-exit-hooks.d/ipsec-dhclient-hook b/src/etc/dhcp/dhclient-exit-hooks.d/ipsec-dhclient-hook index 4da12ee02..61a89e62a 100755 --- a/src/etc/dhcp/dhclient-exit-hooks.d/ipsec-dhclient-hook +++ b/src/etc/dhcp/dhclient-exit-hooks.d/ipsec-dhclient-hook @@ -61,25 +61,26 @@ if __name__ == '__main__': new_ip = os.getenv('new_ip_address') old_ip = os.getenv('old_ip_address') - conf_lines = read_file(SWANCTL_CONF) - found = False - to_match = f'# dhcp:{interface}' + if os.path.exists(SWANCTL_CONF): + conf_lines = read_file(SWANCTL_CONF) + found = False + to_match = f'# dhcp:{interface}' - for i, line in enumerate(conf_lines): - if line.find(to_match) > 0: - conf_lines[i] = line.replace(old_ip, new_ip) - found = True + for i, line in enumerate(conf_lines): + if line.find(to_match) > 0: + conf_lines[i] = line.replace(old_ip, new_ip) + found = True - for i, line in enumerate(secrets_lines): - if line.find(to_match) > 0: - secrets_lines[i] = line.replace(old_ip, new_ip) + for i, line in enumerate(secrets_lines): + if line.find(to_match) > 0: + secrets_lines[i] = line.replace(old_ip, new_ip) - if found: - write_file(SWANCTL_CONF, conf_lines) - ipsec_down(old_ip) - call('sudo ipsec rereadall') - call('sudo ipsec reload') - call('sudo swanctl -q') + if found: + write_file(SWANCTL_CONF, conf_lines) + ipsec_down(old_ip) + call('sudo ipsec rereadall') + call('sudo ipsec reload') + call('sudo swanctl -q') exit(0) PYEND
\ No newline at end of file |