1 files changed, 8 insertions, 8 deletions

diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc
index 8a2bb85..1933e9f 100644
--- a/etc/inc/vpn.inc
+++ b/etc/inc/vpn.inc
@@ -86,7 +86,7 @@ function vpn_ipsec_configure($ipchg = false)
 	unlink_if_exists("{$g['vardb_path']}/ipsecpinghosts");
 	touch("{$g['vardb_path']}/ipsecpinghosts");
 
-	if(isset($config['ipsec']['preferredoldsa']))
+	if(isset($config['ipsec']['preferoldsa']))
 		mwexec("/sbin/sysctl -w net.key.preferred_oldsa=-30");
 	else
 		mwexec("/sbin/sysctl net.key.preferred_oldsa=0");
@@ -103,21 +103,21 @@ function vpn_ipsec_configure($ipchg = false)
 	if (!isset($ipseccfg['enable'])) {
 		mwexec("/sbin/ifconfig enc0 down");
 
+		/* send a SIGKILL to be sure */
+		sigkillbypid("{$g['varrun_path']}/racoon.pid", "KILL");
+
 		/* kill racoon */
 		if(is_process_running("racoon"))
 			mwexec("/usr/bin/killall racoon", true);
 		killbypid("{$g['varrun_path']}/dnswatch-ipsec.pid");
-		
+
 		/* wait for racoon process to die */
 		sleep(2);
 
-		/* send a SIGKILL to be sure */
-		sigkillbypid("{$g['varrun_path']}/racoon.pid", "KILL");
-
 		/* flush SPD and SAD */
-		mwexec("/usr/local/sbin/setkey -FP");
 		mwexec("/usr/local/sbin/setkey -F");
-		
+		mwexec("/usr/local/sbin/setkey -FP");
+
 		/* disallow IPSEC, it is off */
 //		exec("/sbin/sysctl net.inet.ip.ipsec_in_use=0");
 
@@ -162,7 +162,7 @@ function vpn_ipsec_configure($ipchg = false)
 				$rg = $ph1ent['remote-gateway'];
 
 				if (!is_ipaddr($rg)) {
-					$dnswatch_list[] = $rg;
+					$dnswatch_list[] = "{$rg} = value";
 					add_hostname_to_watch($rg);
 					$rg = resolve_retry($rg);
 					if (!$rg)