Skip to content
Permalink
Browse files

Always do a filter reload in vpn_ipsec_configure to ensure the rulese…

…t is

updated where necessary in every IPsec change scenario.
  • Loading branch information...
Chris Buechler
Chris Buechler committed Apr 16, 2015
1 parent eee053f commit 0545a75e4c5a9802ce488c73d66b1e13de846776
Showing with 3 additions and 2 deletions.
  1. +3 −2 etc/inc/vpn.inc
@@ -107,6 +107,9 @@ function vpn_ipsec_configure($restart = false)
/* get the automatic ping_hosts.sh ready */
unlink_if_exists("{$g['vardb_path']}/ipsecpinghosts");
touch("{$g['vardb_path']}/ipsecpinghosts");
/* service may have been enabled, disabled, or otherwise changed in a way requiring rule updates */
filter_configure();
$syscfg = $config['system'];
$ipseccfg = $config['ipsec'];
@@ -123,8 +126,6 @@ function vpn_ipsec_configure($restart = false)
mwexec("/sbin/ifconfig enc0 down");
set_single_sysctl("net.inet.ip.ipsec_in_use", "0");
filter_configure();
return 0;
}

0 comments on commit 0545a75

Please sign in to comment.
You can’t perform that action at this time.