From cbc4fa2e9c88bada9faaf1574930b3875f6a5ca3 Mon Sep 17 00:00:00 2001 From: Remi Bergsma Date: Mon, 8 Dec 2014 18:59:16 +0100 Subject: [PATCH] add a flag -c whether or not to check the VPN on create Changed default to no, as the other side may not be up yet. If this check fails, the VPN enters Error state and will not work. It's safe to just let it connect on its own so it will connect when it can. (cherry picked from commit f8d718e3e31ad517969663d24647fcbd9b50cc3d) --- .../patches/debian/config/opt/cloud/bin/ipsectunnel.sh | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/systemvm/patches/debian/config/opt/cloud/bin/ipsectunnel.sh b/systemvm/patches/debian/config/opt/cloud/bin/ipsectunnel.sh index d30a9cadbae..809cb4dd5af 100755 --- a/systemvm/patches/debian/config/opt/cloud/bin/ipsectunnel.sh +++ b/systemvm/patches/debian/config/opt/cloud/bin/ipsectunnel.sh @@ -23,7 +23,7 @@ vpnoutmark="0x525" vpninmark="0x524" usage() { - printf "Usage: %s: (-A|-D) -l -n -g -r -N -e -i -t -T -s -d [ -p ]\n" $(basename $0) >&2 + printf "Usage: %s: (-A|-D) -l -n -g -r -N -e -i -t -T -s -d [ -p -c &2 } #set -x @@ -174,6 +174,9 @@ ipsec_tunnel_add() { if [ $passive -eq 0 ] then sudo ipsec auto --up vpn-$rightpeer + fi + if [ $checkup -eq 1 ] + then #5 seconds for checking if it's ready for i in {1..5} @@ -209,8 +212,9 @@ Iflag= sflag= passive=0 op="" +checkup=0 -while getopts 'ADpl:n:g:r:N:e:i:t:T:s:d:' OPTION +while getopts 'ADpcl:n:g:r:N:e:i:t:T:s:d:' OPTION do case $OPTION in A) opflag=1 @@ -254,6 +258,8 @@ do ;; p) passive=1 ;; + c) checkup=1 + ;; ?) usage exit 2 ;;