diff options
| -rwxr-xr-x | etc/opennhrp-script | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/etc/opennhrp-script b/etc/opennhrp-script index 92c0043..463e911 100755 --- a/etc/opennhrp-script +++ b/etc/opennhrp-script @@ -28,9 +28,12 @@ peer-up) logger -t ${_script_name} -p local7.notice "Create link from $NHRP_SRCADDR ($NHRP_SRCNBMA) to $NHRP_DESTADDR ($NHRP_DESTNBMA)" if [[ ( ${_type} == "spoke" ) && ( -e ${_strongswan_pid} ) ]]; then if grep "${NHRP_SRCADDR}" "${_nhrp_ipsec}"; then - swanctl -t -S $NHRP_SRCNBMA -R $NHRP_DESTNBMA > /dev/null 2>&1 - logger -t ${_script_name} -p local7.notice "IPSec: connect to $NHRP_SRCADDR ($NHRP_SRCNBMA)" - swanctl -i -c dmvpn -S $NHRP_SRCNBMA -R $NHRP_DESTNBMA || exit 1 + if swanctl -l -r | grep -q "^list-sa event {dmvpn-DMVPN-.* state=ESTABLISHED local-host=$NHRP_SRCNBMA.*remote-host=$NHRP_DESTNBMA"; then + logger -t ${_script_name} -p local7.notice "IPSec: connection to $NHRP_DESTADDR ($NHRP_DESTNBMA) already exists" + else + logger -t ${_script_name} -p local7.notice "IPSec: connect to $NHRP_DESTADDR ($NHRP_DESTNBMA)" + swanctl -i -c dmvpn -S $NHRP_SRCNBMA -R $NHRP_DESTNBMA || exit 1 + fi fi fi ;; |