mbox

network reset: destroy all IPsec pools

Message ID 1502896726-13445-1-git-send-email-jonatan.schlag@ipfire.org
State New
Headers

Message

Jonatan Schlag Aug. 17, 2017, 1:18 a.m. UTC 
  Fixes: #11432

Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
---
 src/functions/functions.ipsec-pool | 9 +++++++++
 src/network                        | 5 +++++
 2 files changed, 14 insertions(+)

Comments

Michael Tremer Aug. 17, 2017, 8:59 p.m. UTC | #1 
Hi,

On Wed, 2017-08-16 at 17:18 +0200, Jonatan Schlag wrote:
> Fixes: #11432
> 
> Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
> ---
>  src/functions/functions.ipsec-pool | 9 +++++++++
>  src/network                        | 5 +++++
>  2 files changed, 14 insertions(+)
> 
> diff --git a/src/functions/functions.ipsec-pool b/src/functions/functions.ipsec-pool
> index 4eb0e4e..fb7e7da 100644
> --- a/src/functions/functions.ipsec-pool
> +++ b/src/functions/functions.ipsec-pool
> @@ -420,3 +420,12 @@ ipsec_pool_to_strongswan() {
>  		fi
>  	) > ${path}
>  }
> +
> +# List all IPsec pools
> +ipsec_list_pools() {
> +	local pool
> +	for pool in ${NETWORK_IPSEC_POOLS_DIR}/*; do
> +		[ -d ${pool} ] || continue
> +		basename ${pool}
> +	done
> +}

This needs quotes in the []. I will add this when I merge the patch.

> diff --git a/src/network b/src/network
> index bc4210c..71b0cde 100644
> --- a/src/network
> +++ b/src/network
> @@ -1154,6 +1154,11 @@ cli_reset() {
>  		ipsec_connection_destroy "${connection}"
>  	done
>  
> +	local pool
> +	for pool in $(ipsec_list_pools); do
> +		ipsec_pool_destroy "${pool}"
> +	done
> +
>  	# Stop strongswan
>  	ipsec_strongswan_autostart
>