summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorViacheslav Hletenko <v.gletenko@vyos.io>2022-10-14 08:04:55 +0000
committerViacheslav Hletenko <v.gletenko@vyos.io>2022-10-14 08:04:55 +0000
commitf089aa624e0713f117c949b74ec2ad389de2064e (patch)
tree5fb28f647c19338f2e5da37f7218d123cebc3fdb
parent02f2535dda08c6e19ba2e1fdb750f1e298b45add (diff)
downloadvyos-1x-f089aa624e0713f117c949b74ec2ad389de2064e.tar.gz
vyos-1x-f089aa624e0713f117c949b74ec2ad389de2064e.zip
T4725: Fix Regex for correctly reset IPsec peers
As IPsec site-so-site was rewritten we do not need replace ':' => '-' as ':' can not be in the connection name So connection name can not use IP(v6) address as peer name And current peers/connections not required prefix 'peer_' Fix template that search correctly connection name of the peers that allow to reset them again (reset ipsec peer was broken)
-rwxr-xr-xsrc/op_mode/ipsec.py5
1 files changed, 2 insertions, 3 deletions
diff --git a/src/op_mode/ipsec.py b/src/op_mode/ipsec.py
index a4d1b4cb1..7ec35d7bd 100755
--- a/src/op_mode/ipsec.py
+++ b/src/op_mode/ipsec.py
@@ -133,14 +133,13 @@ def _get_formatted_output_sas(sas):
def get_peer_connections(peer, tunnel, return_all = False):
- peer = peer.replace(':', '-')
- search = rf'^[\s]*(peer_{peer}_(tunnel_[\d]+|vti)).*'
+ search = rf'^[\s]*({peer}-(tunnel-[\d]+|vti)).*'
matches = []
with open(SWANCTL_CONF, 'r') as f:
for line in f.readlines():
result = re.match(search, line)
if result:
- suffix = f'tunnel_{tunnel}' if tunnel.isnumeric() else tunnel
+ suffix = f'tunnel-{tunnel}' if tunnel.isnumeric() else tunnel
if return_all or (result[2] == suffix):
matches.append(result[1])
return matches