network reset: destroy all IPsec pools

Fixes: #11432
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

diff --git a/src/functions/functions.ipsec-pool b/src/functions/functions.ipsec-pool
index 4eb0e4e721d2afc8bd39deafcc04e1abfdd20549..5decaa40714599f486ba71b0a1a645f4e59e6abc 100644 (file)
--- a/src/functions/functions.ipsec-pool
+++ b/src/functions/functions.ipsec-pool
@@ -420,3 +420,12 @@ ipsec_pool_to_strongswan() {
                fi
        ) > ${path}
 }
+
+# List all IPsec pools
+ipsec_list_pools() {
+       local pool
+       for pool in ${NETWORK_IPSEC_POOLS_DIR}/*; do
+               [ -d "${pool}" ] || continue
+               basename "${pool}"
+       done
+}

diff --git a/src/network b/src/network
index bc4210c0506b8afc72d8aa63a61314562e2062f1..71b0cdec734ed2e51d733ec2a851be6ea39486fa 100644 (file)
--- a/src/network
+++ b/src/network
@@ -1154,6 +1154,11 @@ cli_reset() {
                ipsec_connection_destroy "${connection}"
        done
 
+       local pool
+       for pool in $(ipsec_list_pools); do
+               ipsec_pool_destroy "${pool}"
+       done
+
        # Stop strongswan
        ipsec_strongswan_autostart