From 2e61af88961d8180f5ae3d7c034aaaa53b91f388 Mon Sep 17 00:00:00 2001
From: aapostoliuk <a.apostoliuk@vyos.io>
Date: Tue, 14 Feb 2023 12:48:56 +0200
Subject: ipsec: T4985: Fixed 'reset vpn ipsec-peer {peer}' command

Fixed 'reset vpn ipsec-peer {peer}' command.
The op-mode script uses value 'None' in the 'tunnel' parameter
to clear all CHILD SAs.
---
 op-mode-definitions/vpn-ipsec.xml.in | 2 +-
 src/op_mode/ipsec.py                 | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/op-mode-definitions/vpn-ipsec.xml.in b/op-mode-definitions/vpn-ipsec.xml.in
index 803ce4cc2..f6b5e6020 100644
--- a/op-mode-definitions/vpn-ipsec.xml.in
+++ b/op-mode-definitions/vpn-ipsec.xml.in
@@ -28,7 +28,7 @@
                 <command>sudo ${vyos_op_scripts_dir}/ipsec.py reset_peer --peer="$4" --tunnel="vti"</command>
               </node>
             </children>
-            <command>sudo ${vyos_op_scripts_dir}/ipsec.py reset_peer --peer="$4" --tunnel="all"</command>
+            <command>sudo ${vyos_op_scripts_dir}/ipsec.py reset_peer --peer="$4"</command>
           </tagNode>
           <tagNode name="ipsec-profile">
             <properties>
diff --git a/src/op_mode/ipsec.py b/src/op_mode/ipsec.py
index f6417764a..63fa05885 100755
--- a/src/op_mode/ipsec.py
+++ b/src/op_mode/ipsec.py
@@ -425,7 +425,7 @@ def get_peer_connections(peer, tunnel):
     return matches
 
 
-def reset_peer(peer: str, tunnel:typing.Optional[str]):
+def reset_peer(peer: str, tunnel:typing.Optional[str] = None):
     conns = get_peer_connections(peer, tunnel)
 
     if not conns:
-- 
cgit v1.2.3