From f089aa624e0713f117c949b74ec2ad389de2064e Mon Sep 17 00:00:00 2001 From: Viacheslav Hletenko Date: Fri, 14 Oct 2022 08:04:55 +0000 Subject: T4725: Fix Regex for correctly reset IPsec peers As IPsec site-so-site was rewritten we do not need replace ':' => '-' as ':' can not be in the connection name So connection name can not use IP(v6) address as peer name And current peers/connections not required prefix 'peer_' Fix template that search correctly connection name of the peers that allow to reset them again (reset ipsec peer was broken) --- src/op_mode/ipsec.py | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'src') diff --git a/src/op_mode/ipsec.py b/src/op_mode/ipsec.py index a4d1b4cb1..7ec35d7bd 100755 --- a/src/op_mode/ipsec.py +++ b/src/op_mode/ipsec.py @@ -133,14 +133,13 @@ def _get_formatted_output_sas(sas): def get_peer_connections(peer, tunnel, return_all = False): - peer = peer.replace(':', '-') - search = rf'^[\s]*(peer_{peer}_(tunnel_[\d]+|vti)).*' + search = rf'^[\s]*({peer}-(tunnel-[\d]+|vti)).*' matches = [] with open(SWANCTL_CONF, 'r') as f: for line in f.readlines(): result = re.match(search, line) if result: - suffix = f'tunnel_{tunnel}' if tunnel.isnumeric() else tunnel + suffix = f'tunnel-{tunnel}' if tunnel.isnumeric() else tunnel if return_all or (result[2] == suffix): matches.append(result[1]) return matches -- cgit v1.2.3