When a tunnel that is in always-on configuration closes
unexpectedly, we can instruct strongSwan to restart it
immediately which is precisely what we do now.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
srv/web/ipfire/cgi-bin/index.cgi
srv/web/ipfire/cgi-bin/ovpnmain.cgi
srv/web/ipfire/cgi-bin/proxy.cgi
+srv/web/ipfire/cgi-bin/vpnmain.cgi
var/ipfire/langs
# Start services
-# This update need a reboot...
-#touch /var/run/need_reboot
+# Regenerate IPsec configuration
+sudo -u nobody /srv/web/ipfire/cgi-bin/vpnmain.cgi
+if grep -q "ENABLED=on" /var/ipfire/vpn/settings; then
+ /etc/init.d/ipsec restart
+fi
+
+# This update needs a reboot...
+touch /var/run/need_reboot
# Finish
/etc/init.d/fireinfo start
if ($start_action eq 'route' && $inactivity_timeout > 0) {
print CONF "\tinactivity=$inactivity_timeout\n";
}
+
+ # Restart the connection immediately when it has gone down
+ # unexpectedly
+ if ($start_action eq 'start') {
+ print CONF "\tcloseaction=restart\n";
+ }
}
# Fragmentation