IPsec: regenerate a swanctl config on connection startup if config is found
Commit Message
This is an easy way to forcing a regenration if we do not want to change any setting.
Fixes: #11627
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
---
src/functions/functions.ipsec | 6 ++++++
1 file changed, 6 insertions(+)
@@ -526,6 +526,12 @@ ipsec_connection_up() {
return ${EXIT_ERROR}
fi
+ if ! [ -f "${NETWORK_IPSEC_SWANCTL_CONNECTIONS_DIR}/${connection}.conf" ]; then
+ log DEBUG "Could not find a swanctl config, generating swanctl config"
+ ipsec_connection_to_strongswan "${connection}"
+ ipsec_strongswan_load
+ fi
+
cmd swanctl --initiate --child "${connection}"
}