From: Michael Tremer <michael.tremer@ipfire.org>
Date: Wed, 5 Apr 2017 09:33:49 +0000 (+0100)
Subject: ipsecctrl: Reload IPsec block rules after connection is deleted
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=4f6790a7e48c1c5bf52ad53c060ef6f3274bd5a1;p=people%2Fms%2Fipfire-2.x.git

ipsecctrl: Reload IPsec block rules after connection is deleted

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---

diff --git a/src/misc-progs/ipsecctrl.c b/src/misc-progs/ipsecctrl.c
index 7499e94c9a..204753640a 100644
--- a/src/misc-progs/ipsecctrl.c
+++ b/src/misc-progs/ipsecctrl.c
@@ -173,6 +173,9 @@ void turn_connection_off (char *name) {
 
 	// Reload, so the connection is dropped.
 	ipsec_reload();
+
+	// Reload the IPsec block chain
+	safe_system("/usr/lib/firewall/ipsec-block >/dev/null");
 }
 
 int main(int argc, char *argv[]) {