From: Michael Tremer Date: Fri, 4 Aug 2017 21:39:43 +0000 (+0000) Subject: ipsec: Properly shut down connections when destroyed X-Git-Tag: 009~42 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=fa33d8306ac46cc3e9893b1f1caf08cf46080a6e;p=network.git ipsec: Properly shut down connections when destroyed Signed-off-by: Michael Tremer --- diff --git a/src/functions/functions.ipsec b/src/functions/functions.ipsec index d75d920d..702527dd 100644 --- a/src/functions/functions.ipsec +++ b/src/functions/functions.ipsec @@ -94,7 +94,7 @@ cli_ipsec_connection() { ipsec_connection_new $@ ;; destroy) - ipsec_connection_destroy $@ + cli_ipsec_connection_destroy $@ ;; ""|*) if [ -n "${action}" ]; then @@ -106,6 +106,20 @@ cli_ipsec_connection() { fi } +cli_ipsec_connection_destroy() { + local connection="${1}" + + if ! ipsec_connection_destroy "${connection}"; then + return ${EXIT_ERROR} + fi + + # Inform strongswan about the changes + ipsec_strongswan_load + + # Configure strongswan autostart + ipsec_strongswan_autostart +} + cli_ipsec_connection_show() { local connection="${1}" @@ -1022,14 +1036,16 @@ ipsec_connection_destroy() { fi log DEBUG "Deleting VPN IPsec connection ${connection}" + + # Delete strongswan configuration file + file_delete "${NETWORK_IPSEC_SWANCTL_CONNECTIONS_DIR}/${connection}.conf" + if ! rm -rf "${NETWORK_IPSEC_CONNS_DIR}/${connection}"; then log ERROR "Deleting the VPN IPsec connection ${connection} was not sucessful" return ${EXIT_ERROR} fi - done - # Configure strongswan autostart - ipsec_strongswan_autostart + done } # List all ipsec connections diff --git a/src/functions/functions.util b/src/functions/functions.util index 91601de6..d1e2a92b 100644 --- a/src/functions/functions.util +++ b/src/functions/functions.util @@ -211,6 +211,12 @@ fappend() { print "%s" "$@" >> ${file} 2>/dev/null } +file_delete() { + local file=${1} + + unlink "${file}" 2>/dev/null +} + file_exists() { local file=${1}