reset: Destroy all user-defined security policies

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

diff --git a/src/functions/functions.vpn-security-policies b/src/functions/functions.vpn-security-policies
index 294f0dae00e51015784f5671c70c37ebfba004c7..a74d3886b88ef76e11d4587ec506d7de00c95811 100644 (file)
--- a/src/functions/functions.vpn-security-policies
+++ b/src/functions/functions.vpn-security-policies
@@ -1093,8 +1093,15 @@ vpn_security_policies_list_all() {
                basename ${security_policy}
        done
 
+       # Add all user-defined policies
+       vpn_security_policies_list_user
+}
+
+vpn_security_policies_list_user() {
+       local security_policy
        for security_policy in ${NETWORK_CONFIG_DIR}/vpn/security-policies/*; do
                [ -f ${security_policy} ] || continue
+
                basename ${security_policy}
        done
 }

diff --git a/src/network b/src/network
index 03c338680f319c35fe413db0267aeda38cd3a246..e0214181fef163eed48e984cb7188ebef83724ef 100644 (file)
--- a/src/network
+++ b/src/network
@@ -1162,6 +1162,12 @@ cli_reset() {
        # Stop strongswan
        ipsec_strongswan_autostart
 
+       # Destroy all user-defined security policies
+       local secpol
+       for secpol in $(vpn_security_policies_list_user); do
+               vpn_security_policy_destroy "${secpol}"
+       done
+
        local zone
        for zone in $(zones_get --all); do
                zone_destroy_now "${zone}"