X-Git-Url: http://git.ipfire.org/?p=people%2Fpmueller%2Fipfire-2.x.git;a=blobdiff_plain;f=src%2Fmisc-progs%2Fipsecctrl.c;h=d974d6c6a5df66d2f48c581294ab94922b3858c4;hp=7205afb37c447d64f1e82dbc4b93301f1789ff8e;hb=90070fc927c8d8a3a37d0eb818a2c611c4e62fc7;hpb=ea61e29cdbb4b50d43403c8ebb4af4c3d61ea391

diff --git a/src/misc-progs/ipsecctrl.c b/src/misc-progs/ipsecctrl.c
index 7205afb37c..d974d6c6a5 100644
--- a/src/misc-progs/ipsecctrl.c
+++ b/src/misc-progs/ipsecctrl.c
@@ -138,12 +138,10 @@ int decode_line (char *s,
 void turn_connection_on (char *name, char *type) {
         char command[STRING_SIZE];
 
-        safe_system("/usr/sbin/ipsec whack --rereadall >/dev/null");
-        memset(command, 0, STRING_SIZE);
-        snprintf(command, STRING_SIZE - 1, 
-                "/usr/sbin/ipsec down %s >/dev/null", name);
-        safe_system(command);
+        safe_system("/usr/sbin/ipsec reload >/dev/null");
         memset(command, 0, STRING_SIZE);
+        /* give ipsec time to be ready */
+        safe_system("/bin/sleep 2");
         snprintf(command, STRING_SIZE - 1, 
                 "/usr/sbin/ipsec up %s >/dev/null", name);
         safe_system(command);
@@ -155,8 +153,9 @@ void turn_connection_off (char *name) {
         char command[STRING_SIZE];
         memset(command, 0, STRING_SIZE);
         snprintf(command, STRING_SIZE - 1, 
-                "/usr/sbin/ipsec down %s >/dev/null", name);
+                "/usr/sbin/ipsec whack --delete --name %s >/dev/null", name);
         safe_system(command);
+        safe_system("/usr/sbin/ipsec whack --rereadall >/dev/null");
 }
 
 
@@ -175,6 +174,17 @@ int main(int argc, char *argv[]) {
                 
  FILE *file = NULL;
                 
+
+        if (strcmp(argv[1], "I") == 0) {
+                safe_system("/usr/sbin/ipsec whack --status");
+                exit(0);
+        }
+
+        if (strcmp(argv[1], "R") == 0) {
+                safe_system("/usr/sbin/ipsec whack --rereadall >/dev/null");
+                exit(0);
+        }
+
  /* Get vpnwatch pid */
 
  if ( (argc == 2) && (file = fopen("/var/run/vpn-watch.pid", "r"))) {
@@ -200,16 +210,6 @@ int main(int argc, char *argv[]) {
                         exit(0);
                 }
 
-                if (strcmp(argv[1], "R") == 0) {
-                        safe_system("/usr/sbin/ipsec whack --rereadall");
-                        exit(0);
-                }
-
-                if (strcmp(argv[1], "I") == 0) {
-                        safe_system("/usr/sbin/ipsec whack --status");
-                        exit(0);
-                }
-
         }
 
         /* clear iptables vpn rules */