diff options
author | Scott Ullrich <sullrich@pfsense.org> | 2009-10-28 15:46:33 -0400 |
---|---|---|
committer | Scott Ullrich <sullrich@pfsense.org> | 2009-10-28 15:46:33 -0400 |
commit | 84fa0d60e1f96e0d2b9b8f40b02e51815d4a643d (patch) | |
tree | e8c49a8a0bd0f9603ae300bed52fbe7439558910 /etc/inc/vpn.inc | |
parent | ad6722c52e908f473ce9034953d4718e5c94cb22 (diff) | |
download | pfsense-84fa0d60e1f96e0d2b9b8f40b02e51815d4a643d.zip pfsense-84fa0d60e1f96e0d2b9b8f40b02e51815d4a643d.tar.gz |
Turn off IPSEC net.inet.ip.ipsec_in_use when IPSEC is disabled
Diffstat (limited to 'etc/inc/vpn.inc')
-rw-r--r-- | etc/inc/vpn.inc | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc index 95046ca..6073e6f 100644 --- a/etc/inc/vpn.inc +++ b/etc/inc/vpn.inc @@ -144,6 +144,9 @@ function vpn_ipsec_configure($ipchg = false) /* flush SPD and SAD */ mwexec("/usr/local/sbin/setkey -FP"); mwexec("/usr/local/sbin/setkey -F"); + + /* disallow IPSEC, it is off */ + exec("/sbin/sysctl net.inet.ip.ipsec_in_use=0"); return true; } else { @@ -858,7 +861,7 @@ EOD; sleep("0.1"); mwexec("/usr/local/sbin/setkey -F", false); sleep("0.1"); - exec("sysctl net.inet.ip.ipsec_in_use=1"); + exec("/sbin/sysctl net.inet.ip.ipsec_in_use=1"); /* start racoon */ mwexec("/usr/local/sbin/racoon -f {$g['varetc_path']}/racoon.conf", false); sleep("0.1"); @@ -1684,4 +1687,4 @@ function reload_tunnel_spd_policy($phase1, $phase2, $old_phase1, $old_phase2) { return true; } -?> +?>
\ No newline at end of file |