ipsecctrl: Reload IPsec block rules after connection is deleted

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

diff --git a/src/misc-progs/ipsecctrl.c b/src/misc-progs/ipsecctrl.c
index 7499e94c9a7f384e6d0fd809203d32163cb84e96..204753640a5bea3f42f783d3bcae3f05cad9b82c 100644 (file)
--- a/src/misc-progs/ipsecctrl.c
+++ b/src/misc-progs/ipsecctrl.c
@@ -173,6 +173,9 @@ void turn_connection_off (char *name) {
 
        // Reload, so the connection is dropped.
        ipsec_reload();
+
+       // Reload the IPsec block chain
+       safe_system("/usr/lib/firewall/ipsec-block >/dev/null");
 }
 
 int main(int argc, char *argv[]) {