ipsec-pools: reload pools after destroying pools

Fixes: #11433
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

diff --git a/src/functions/functions.ipsec-pool b/src/functions/functions.ipsec-pool
index 54bf29e19199128ac8646f646198bee5a806289e..95f45ec74c94a695b6068827b8d6997c90d7316b 100644 (file)
--- a/src/functions/functions.ipsec-pool
+++ b/src/functions/functions.ipsec-pool
@@ -243,6 +243,8 @@ ipsec_pool_destroy() {
                        return ${EXIT_ERROR}
                fi
        done
+
+       ipsec_strongswan_load_pools
 }
 
 ipsec_pool_set_type() {
@@ -436,3 +438,16 @@ ipsec_list_pools() {
                basename "${pool}"
        done
 }
+
+# Reload all strongswan pools
+ipsec_strongswan_load_pools() {
+       # Do nothing if strongswan is not running
+       if ! service_is_active "strongswan"; then
+               return ${EXIT_OK}
+       fi
+
+       if ! cmd swanctl --load-pools; then
+               log ERROR "Could not reload strongswan pools"
+               return ${EXIT_ERROR}
+       fi
+}