[PATCH 1/2] location: Restart IPsec after firewall was restarted

[PATCH 1/2] location: Restart IPsec after firewall was restarted

[Michael Tremer]

[-- Attachment #1: Type: text/plain, Size: 725 bytes --]

strongswan creates rules in iptables which are being dropped when
the firewall is being restarted.

Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
---
 src/scripts/convert-to-location | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/scripts/convert-to-location b/src/scripts/convert-to-location
index 9149b854d..428a91d34 100755
--- a/src/scripts/convert-to-location
+++ b/src/scripts/convert-to-location
@@ -47,6 +47,11 @@ if [ -f "$FW_CONF_DIR/geoipblock" ]; then
 
 	# Regenerate firewall chains.
 	/etc/init.d/firewall restart
+
+	# Restart IPsec for dropped iptables rules
+	if grep -q "ENABLED=on" /var/ipfire/vpn/settings; then
+		/etc/init.d/ipsec restart
+	fi
 fi
 
 # Finished.
-- 
2.20.1

[PATCH 2/2] core148: Do not update the location database straight away

[Michael Tremer]

[-- Attachment #1: Type: text/plain, Size: 829 bytes --]

This process takes a long time and stalls the update process.

Since the cronjob is being called once an hour, all systems will
very quickly pull a recent database which will then be extracted
in the background not disrupting the Core Update process.

Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
---
 config/rootfiles/core/148/update.sh | 1 -
 1 file changed, 1 deletion(-)

diff --git a/config/rootfiles/core/148/update.sh b/config/rootfiles/core/148/update.sh
index c77e72276..d4bcc45bc 100644
--- a/config/rootfiles/core/148/update.sh
+++ b/config/rootfiles/core/148/update.sh
@@ -52,7 +52,6 @@ ldconfig
 
 # update location database
 /usr/local/bin/convert-to-location
-/usr/local/bin/update-location-database
 
 # Update Language cache
 /usr/local/bin/update-lang-cache
-- 
2.20.1