diff options
author | Renato Botelho <renato@netgate.com> | 2017-07-31 16:38:05 -0300 |
---|---|---|
committer | Renato Botelho <renato@netgate.com> | 2017-07-31 16:38:05 -0300 |
commit | 23273a9b1c7612080420d59188ca591dfa21de9f (patch) | |
tree | dabcf543e87c420bcd07862b3229961478bd697b /src | |
parent | 4b1d0e0536cc44260de3e1cbc6083645fec3944a (diff) | |
parent | 7c6f38e49a2005812e37fe5b365717edc0d5dd44 (diff) | |
download | pfsense-23273a9b1c7612080420d59188ca591dfa21de9f.zip pfsense-23273a9b1c7612080420d59188ca591dfa21de9f.tar.gz |
Merge pull request #3773 from PiBa-NL/20170703-ipsec-sleep-lock
Diffstat (limited to 'src')
-rwxr-xr-x | src/etc/rc.newipsecdns | 34 |
1 files changed, 23 insertions, 11 deletions
diff --git a/src/etc/rc.newipsecdns b/src/etc/rc.newipsecdns index 4670b37..387e731 100755 --- a/src/etc/rc.newipsecdns +++ b/src/etc/rc.newipsecdns @@ -25,8 +25,21 @@ * limitations under the License. */ -/* parse the configuration and include all functions used below */ require_once("util.inc"); +require_once("globals.inc"); + +/* make sure to wait until the boot scripts have finished */ +if (file_exists("{$g['varrun_path']}/booting")) { + return; +} + +$ipseclck_pending = try_lock('ipsecdns_pending', 0); +if (!$ipseclck_pending) { + /* if a vpn_ipsec_configure() is still pending no need to stack up another one */ + return; +} + +/* parse the configuration and include all functions used below */ require_once("config.inc"); require_once("gwlb.inc"); require_once("functions.inc"); @@ -36,21 +49,20 @@ require_once("auth.inc"); require_once("ipsec.inc"); require_once("vpn.inc"); -/* make sure to wait until the boot scripts have finished */ -if (file_exists("{$g['varrun_path']}/booting")) { - return; -} - -if (ipsec_enabled()) { - sleep(15); - log_error("IPSEC: One or more IPsec tunnel endpoints has changed its IP. Refreshing."); -} else { +if (!ipsec_enabled()) { + unlock($ipseclck_pending); return; } $ipseclck = lock('ipsecdns', LOCK_EX); +sleep(12); +unlock($ipseclck_pending); +sleep(3); +log_error("IPSEC: One or more IPsec tunnel endpoints has changed its IP. Refreshing."); + +/* make sure we have the latest configuration changes loaded. */ +$config = parse_config(); vpn_ipsec_configure(); unlock($ipseclck); -?> |