This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree".
The branch, master has been updated via 64bd20c56c090bec348661686422842826360d1c (commit) from 2c69c31fd5e36da933fca89dd5ed15cd51f3eda5 (commit)
Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below.
- Log ----------------------------------------------------------------- commit 64bd20c56c090bec348661686422842826360d1c Author: Arne Fitzenreiter arne_f@ipfire.org Date: Thu Jun 24 18:53:13 2010 +0200
vpn-watch: restart ipsec only if ip's has changed.
-----------------------------------------------------------------------
Summary of changes: src/scripts/vpn-watch | 14 +++++++------- 1 files changed, 7 insertions(+), 7 deletions(-)
Difference in files: diff --git a/src/scripts/vpn-watch b/src/scripts/vpn-watch index 287bf8f..3f7757a 100755 --- a/src/scripts/vpn-watch +++ b/src/scripts/vpn-watch @@ -1,6 +1,6 @@ #!/usr/bin/perl ################################################## -##### VPN-Watch.pl Version 0.4b ##### +##### VPN-Watch.pl Version 0.4c ##### ################################################## # # # VPN-Watch is part of the IPFire Firewall # @@ -26,8 +26,8 @@ if ( -e $file ){ system("echo $$ > $file");
while ( $i == 0){ - if ($debug){logger("We will wait 300 seconds before next action.");} - sleep(300); + if ($debug){logger("We will wait 60 seconds before next action.");} + sleep(60);
if (open(FILE, "<${General::swroot}/vpn/config")) { @vpnsettings = <FILE>; @@ -35,6 +35,7 @@ while ( $i == 0){ unless(@vpnsettings) {exit 1;} }
+my $status = `ipsec whack --status`; foreach (@vpnsettings){ my @settings = split(/,/,$_);
@@ -49,11 +50,10 @@ foreach (@vpnsettings){
my $remoteip = `/usr/bin/ping -c 1 $remotehostname 2>/dev/null | head -n1 | awk '{print $3}' | tr -d '()' | tr -d ':'`;chomp($remoteip); if ($remoteip eq ""){next;if ($debug){logger("Unable to resolve $remotehostname.");}} - my $connected= `ipsec whack --status | grep $remoteip`; - my $established= `ipsec whack --status | grep '$settings[2]' | grep 'IPsec SA established'`; + my $ipmatch= `echo "$status" | grep $remoteip | grep $settings[2]`;
- if ( $established eq '' || $connected eq '' ){ - logger("Remote IP for host $remotehostname has changed or no connection is established, restarting connection to $remoteip."); + if ( $ipmatch eq '' ){ + logger("Remote IP for host $remotehostname-$remoteip has changed, restarting ipsec."); system("/usr/local/bin/ipsecctrl S"); last; #all connections will reloaded }
hooks/post-receive -- IPFire 2.x development tree