diff options
author | Chris Buechler <cmb@pfsense.org> | 2015-12-04 21:09:42 -0600 |
---|---|---|
committer | Chris Buechler <cmb@pfsense.org> | 2015-12-04 21:09:42 -0600 |
commit | d315b34169bc6aec22d8d55aa38223b9cd71c57b (patch) | |
tree | ab36dea1d8335becb0ae1e49849d00ca43c8dc88 /src | |
parent | b4c47936bde24ebd3a3f8347ec993e507eb26778 (diff) | |
download | pfsense-d315b34169bc6aec22d8d55aa38223b9cd71c57b.zip pfsense-d315b34169bc6aec22d8d55aa38223b9cd71c57b.tar.gz |
Run ping_hosts.sh once after IPsec start if it's enabled, to avoid a wait of up to 4 minutes for minicron to run it.
Diffstat (limited to 'src')
-rw-r--r-- | src/etc/inc/vpn.inc | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/src/etc/inc/vpn.inc b/src/etc/inc/vpn.inc index 09f514b..0e3d1a2 100644 --- a/src/etc/inc/vpn.inc +++ b/src/etc/inc/vpn.inc @@ -138,6 +138,7 @@ function vpn_ipsec_configure($restart = false) { /* get the automatic ping_hosts.sh ready */ unlink_if_exists("{$g['vardb_path']}/ipsecpinghosts"); touch("{$g['vardb_path']}/ipsecpinghosts"); + $ipsecpinghostsactive = false; /* service may have been enabled, disabled, or otherwise changed in a way requiring rule updates */ filter_configure(); @@ -386,6 +387,7 @@ function vpn_ipsec_configure($restart = false) { } if (is_ipaddr($srcip)) { $ipsecpinghosts[] = "{$srcip}|{$dstip}|3|||||{$family}|\n"; + $ipsecpinghostsactive = true; } } } @@ -1437,6 +1439,11 @@ EOD; } } + // run ping_hosts.sh once if it's enabled to avoid wait for minicron + if ($ipsecpinghostsactive == true) { + mwexec_bg("/usr/local/bin/ping_hosts.sh"); + } + if ($natfilterrules == true) { filter_configure(); } |