From d03994109f46f2b664b0dc6d933b7dadf27b9e60 Mon Sep 17 00:00:00 2001
From: smos <seth.mos@dds.nl>
Date: Fri, 11 Feb 2011 08:22:11 +0100
Subject: Do not resolve the dyndns hostnames during boot. With many tunnels
 that have a hostname this can cause huge boot issues if the DNS server is
 slow or not responding at all. By skipping those but adding them to the DNS
 watchlist it should reload these later. This should allow the box to start up
 and forward packets.

---
 etc/inc/vpn.inc | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc
index caf8006..8fb2a99 100644
--- a/etc/inc/vpn.inc
+++ b/etc/inc/vpn.inc
@@ -1677,8 +1677,12 @@ function reload_tunnel_spd_policy($phase1, $phase2, $old_phase1, $old_phase2) {
 	/* see if this tunnel has a hostname for the remote-gateway, and if so,
 	 * try to resolve it now and add it to the list for filterdns */
 	if (!is_ipaddr($phase1['remote-gateway'])) {
-		$rgip = resolve_retry($phase1['remote-gateway']);
-		add_hostname_to_watch($phase1['remote-gateway']);
+		if(! $g['booting']) {
+			$rgip = resolve_retry($phase1['remote-gateway']);
+			add_hostname_to_watch($phase1['remote-gateway']);
+		} else {
+			add_hostname_to_watch($phase1['remote-gateway']);
+		}
 		if (!$rgip) {
 			log_error("Could not determine VPN endpoint for '{$phase1['descr']}'");
 			return false;
-- 
cgit v1.1