#!/bin/bash
#
# Copyright (C) 2021 VyOS maintainers and contributors
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 or later as
# published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see .
if [ "$reason" == "REBOOT" ] || [ "$reason" == "EXPIRE" ]; then
return 0
fi
DHCP_HOOK_IFLIST="/tmp/ipsec_dhcp_waiting"
if [ -f $DHCP_HOOK_IFLIST ] && [ "$reason" == "BOUND" ]; then
if grep -qw $interface $DHCP_HOOK_IFLIST; then
sudo rm $DHCP_HOOK_IFLIST
sudo /usr/libexec/vyos/conf_mode/vpn_ipsec.py
return 0
fi
fi
if [ "$old_ip_address" == "$new_ip_address" ] && [ "$reason" == "BOUND" ]; then
return 0
fi
python3 - < 0:
conf_lines[i] = line.replace(old_ip, new_ip)
found = True
regex_match = re.search(r'#.* reset:([-_a-zA-Z0-9|@]+)', line)
if regex_match:
connection_name = regex_match[1]
reset_conns.add(connection_name)
if found:
write_file(SWANCTL_CONF, "\n".join(conf_lines))
for connection_name in reset_conns:
call(f'sudo swanctl -t -i {connection_name}')
call('sudo swanctl -q')
exit(0)
PYEND