diff mbox series

[1/2] location: Restart IPsec after firewall was restarted

Message ID	20200728171819.13597-1-michael.tremer@ipfire.org
State	Accepted
Commit	2ae1c23f6200b0820a54ce30fe0677820094ff51
Headers	From: Michael Tremer <michael.tremer@ipfire.org> To: development@lists.ipfire.org Subject: [PATCH 1/2] location: Restart IPsec after firewall was restarted Date: Tue, 28 Jul 2020 17:18:18 +0000 Message-Id: <20200728171819.13597-1-michael.tremer@ipfire.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: list Cc: Michael Tremer <michael.tremer@ipfire.org> Errors-To: development-bounces@lists.ipfire.org Sender: "Development" <development-bounces@lists.ipfire.org>
Series	[1/2] location: Restart IPsec after firewall was restarted \| [1/2] location: Restart IPsec after firewall was restarted [2/2] core148: Do not update the location database straight away

Commit Message

Michael Tremer July 28, 2020, 5:18 p.m. UTC

  strongswan creates rules in iptables which are being dropped when
the firewall is being restarted.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---
 src/scripts/convert-to-location | 5 +++++
 1 file changed, 5 insertions(+)

diff mbox series

Patch

diff --git a/src/scripts/convert-to-location b/src/scripts/convert-to-location
index 9149b854d..428a91d34 100755
--- a/src/scripts/convert-to-location
+++ b/src/scripts/convert-to-location
@@ -47,6 +47,11 @@  if [ -f "$FW_CONF_DIR/geoipblock" ]; then
 
 	# Regenerate firewall chains.
 	/etc/init.d/firewall restart
+
+	# Restart IPsec for dropped iptables rules
+	if grep -q "ENABLED=on" /var/ipfire/vpn/settings; then
+		/etc/init.d/ipsec restart
+	fi
 fi
 
 # Finished.