IPsec: regenerate a swanctl config on connection startup if config is found

Message ID 1520500102-5317-1-git-send-email-jonatan.schlag@ipfire.org
State New
Headers show
Series
  • IPsec: regenerate a swanctl config on connection startup if config is found
Related show

Commit Message

Jonatan Schlag March 8, 2018, 8:08 p.m. UTC
This is an easy way to forcing a regenration if we do not want to change any setting.

Fixes: #11627

Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
---
 src/functions/functions.ipsec | 6 ++++++
 1 file changed, 6 insertions(+)

Patch

diff --git a/src/functions/functions.ipsec b/src/functions/functions.ipsec
index 6f14c8e..d8206e0 100644
--- a/src/functions/functions.ipsec
+++ b/src/functions/functions.ipsec
@@ -526,6 +526,12 @@  ipsec_connection_up() {
 		return ${EXIT_ERROR}
 	fi
 
+	if ! [ -f "${NETWORK_IPSEC_SWANCTL_CONNECTIONS_DIR}/${connection}.conf" ]; then
+		log DEBUG "Could not find a swanctl config, generating swanctl config"
+		ipsec_connection_to_strongswan "${connection}"
+		ipsec_strongswan_load
+	fi
+
 	cmd swanctl --initiate --child "${connection}"
 }