diff options
author | jim-p <jimp@pfsense.org> | 2013-06-18 14:00:41 -0400 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2013-06-18 14:03:16 -0400 |
commit | 8744a1130e3a6ddd1c252b35479495c0bdb71271 (patch) | |
tree | 2b4028a1d6e0eb697916de66d19c9198a5b227be /etc/rc.newipsecdns | |
parent | a27403c4e662eb0ce0b580af09dbf60066005051 (diff) | |
download | pfsense-8744a1130e3a6ddd1c252b35479495c0bdb71271.zip pfsense-8744a1130e3a6ddd1c252b35479495c0bdb71271.tar.gz |
Add an option to force IPsec to reload on failover, which is needed in some cases for IPsec to fail from one interface to another. Ticket #2896
Diffstat (limited to 'etc/rc.newipsecdns')
-rwxr-xr-x | etc/rc.newipsecdns | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/etc/rc.newipsecdns b/etc/rc.newipsecdns index 554fc80..de3d7ac 100755 --- a/etc/rc.newipsecdns +++ b/etc/rc.newipsecdns @@ -44,9 +44,10 @@ require_once("vpn.inc"); if (file_exists("{$g['varrun_path']}/booting")) return; -if (isset($config['ipsec']['enable'])) +if (isset($config['ipsec']['enable'])) { + sleep(15); log_error("IPSEC: One or more IPsec tunnel endpoints has changed its IP. Refreshing."); -else +} else return; $ipseclck = lock('ipsecdns', LOCK_EX); @@ -60,5 +61,8 @@ vpn_ipsec_refresh_policies(); vpn_ipsec_configure(); +if (isset($config['ipsec']['failoverforcereload'])) + vpn_ipsec_force_reload(); + unlock($ipseclck); ?> |