summaryrefslogtreecommitdiff
path: root/src/etc
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2021-08-09 20:25:24 +0200
committerChristian Poessinger <christian@poessinger.com>2021-08-09 20:25:24 +0200
commit96049e6fdad05bd73423ea64780e90b385807cb9 (patch)
tree74d9e2d31367cb4d134f3008584505e99b3411f1 /src/etc
parentb40e57cc9b516f4ce206681a17f8624a2ab04139 (diff)
downloadvyos-1x-96049e6fdad05bd73423ea64780e90b385807cb9.tar.gz
vyos-1x-96049e6fdad05bd73423ea64780e90b385807cb9.zip
ipsec: T3720: assigning vti secondary address caused interface in A/D state
Diffstat (limited to 'src/etc')
-rwxr-xr-xsrc/etc/ipsec.d/vti-up-down26
1 files changed, 20 insertions, 6 deletions
diff --git a/src/etc/ipsec.d/vti-up-down b/src/etc/ipsec.d/vti-up-down
index 2b66dd9e6..281c9bf2b 100755
--- a/src/etc/ipsec.d/vti-up-down
+++ b/src/etc/ipsec.d/vti-up-down
@@ -19,7 +19,15 @@
import os
import sys
-from vyos.util import call, get_interface_config, get_interface_address
+from syslog import syslog
+from syslog import openlog
+from syslog import LOG_PID
+from syslog import LOG_INFO
+
+from vyos.configquery import ConfigTreeQuery
+from vyos.util import call
+from vyos.util import get_interface_config
+from vyos.util import get_interface_address
def get_dhcp_address(interface):
addr = get_interface_address(interface)
@@ -35,7 +43,8 @@ if __name__ == '__main__':
interface = sys.argv[1]
dhcp_interface = sys.argv[2]
- print(f'vti-up-down: start: {verb} {connection} {interface}')
+ openlog(ident=f'vti-up-down', logoption=LOG_PID, facility=LOG_INFO)
+ syslog(f'Interface {interface} {verb} {connection}')
if verb in ['up-client', 'up-host']:
call('sudo ip route delete default table 220')
@@ -43,19 +52,24 @@ if __name__ == '__main__':
vti_link = get_interface_config(interface)
if not vti_link:
- print('vti-up-down: interface not found')
+ syslog(f'Interface {interface} not found')
sys.exit(0)
vti_link_up = (vti_link['operstate'] == 'UP' if 'operstate' in vti_link else False)
+ config = ConfigTreeQuery()
+ vti_dict = config.get_config_dict(['interfaces', 'vti', interface],
+ get_first_key=True)
+
if verb in ['up-client', 'up-host']:
if not vti_link_up:
if dhcp_interface != 'no':
local_ip = get_dhcp_address(dhcp_interface)
call(f'sudo ip tunnel change {interface} local {local_ip}')
- call(f'sudo ip link set {interface} up')
+ if 'disable' not in vti_dict:
+ call(f'sudo ip link set {interface} up')
+ else:
+ syslog(f'Interface {interface} is admin down ...')
elif verb in ['down-client', 'down-host']:
if vti_link_up:
call(f'sudo ip link set {interface} down')
-
- print('vti-up-down: finish') \ No newline at end of file