Fixes: #11448

Signed-off-by: Jonatan Schlag jonatan.schlag@ipfire.org --- src/functions/functions.ipsec-pool | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+)

diff --git a/src/functions/functions.ipsec-pool b/src/functions/functions.ipsec-pool index e5da518..f7d73f6 100644 --- a/src/functions/functions.ipsec-pool +++ b/src/functions/functions.ipsec-pool @@ -219,6 +219,27 @@ ipsec_pool_new() { fi }

+ipsec_pool_is_in_use() { + [ $# -eq 1 ] + local pool="${1}" + + for connection in $(ipsec_list_connections); do + local POOLS + + if ! ipsec_connection_read_config "${connection}" "POOLS"; then + log WARNING "Could not read configuration" + continue + fi + + if list_match "${pool}" ${POOLS}; then + return ${EXIT_TRUE} + break + fi + done + + return ${EXIT_FALSE} +} + # Function that deletes based on the passed parameters # one ore more vpn ipsec pools ipsec_pool_destroy() { @@ -229,6 +250,11 @@ ipsec_pool_destroy() { continue fi

+ if ipsec_pool_is_in_use "${pool}"; then + log ERROR "The VPN IPsec pool is in use an can thats why not deleted" + return ${EXIT_ERROR} + fi + if [ -f "${NETWORK_IPSEC_SWANCTL_POOLS_DIR}/${pool}.conf" ]; then if ! file_delete "${NETWORK_IPSEC_SWANCTL_POOLS_DIR}/${pool}.conf"; then # We going on here to delete at least the configuration directory