Include IPSEC reload patch from Seth Mos which was tested on his work

IPSEC cluster.

1 files changed, 10 insertions, 5 deletions

diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc
index ac5a6d3..b2ddefc 100644
--- a/etc/inc/vpn.inc
+++ b/etc/inc/vpn.inc
@@ -601,24 +601,29 @@ EOD;
 			chmod("{$g['varetc_path']}/psk.txt", 0600);
 
 			if(is_process_running("racoon")) {
-				/* We are already online, reload */
-				mwexec("/usr/bin/killall -HUP racoon", true);
 				/* flush SPD entries */
 				mwexec("/usr/local/sbin/setkey -FP");
+				sleep("0.1");
 				mwexec("/usr/local/sbin/setkey -F");
 				/* load SPD */
+				sleep("0.1");
 				mwexec("/usr/local/sbin/setkey -f {$g['varetc_path']}/spd.conf");
 				/* We are already online, reload */
+				sleep("0.1");
 				mwexec("/usr/bin/killall -HUP racoon", true);
 			} else {
-				/* start racoon */
-				mwexec("/usr/local/sbin/racoon -f {$g['varetc_path']}/racoon.conf");
 				/* flush SA + SPD entries */
 				mwexec("/usr/local/sbin/setkey -FP");
+				sleep("0.1");
 				mwexec("/usr/local/sbin/setkey -F");
+				sleep("0.1");
+				/* start racoon */
+				mwexec("/usr/local/sbin/racoon -f {$g['varetc_path']}/racoon.conf");
+				sleep("0.1");
 				/* load SPD */
 				mwexec("/usr/local/sbin/setkey -f {$g['varetc_path']}/spd.conf");
 				/* We are already online, reload */
+				sleep("0.1");
 				mwexec("/usr/bin/killall -HUP racoon", true);
 			}
 		}
@@ -1104,4 +1109,4 @@ function vpn_ipsec_force_reload() {
 
 }
 
-?>
\ No newline at end of file
+?>