You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by ya...@apache.org on 2012/08/11 01:27:23 UTC
[2/5] git commit: S2S VPN: Don't consider VPN is down if IPsec SA
still existed
S2S VPN: Don't consider VPN is down if IPsec SA still existed
Because ISAKMP SA wouldn't be updated after expiration if IPsec SA is still in
affect.
Project: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/commit/e7efd0d9
Tree: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/tree/e7efd0d9
Diff: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/diff/e7efd0d9
Branch: refs/heads/vpc
Commit: e7efd0d95bd568ae2af5b6673bd273967f80f046
Parents: a4431b5
Author: Sheng Yang <sh...@citrix.com>
Authored: Fri Aug 10 10:57:12 2012 -0700
Committer: Sheng Yang <sh...@citrix.com>
Committed: Fri Aug 10 16:20:52 2012 -0700
----------------------------------------------------------------------
.../debian/config/opt/cloud/bin/checks2svpn.sh | 17 +++++++--------
1 files changed, 8 insertions(+), 9 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/e7efd0d9/patches/systemvm/debian/config/opt/cloud/bin/checks2svpn.sh
----------------------------------------------------------------------
diff --git a/patches/systemvm/debian/config/opt/cloud/bin/checks2svpn.sh b/patches/systemvm/debian/config/opt/cloud/bin/checks2svpn.sh
index e6bf9e5..cecc38a 100755
--- a/patches/systemvm/debian/config/opt/cloud/bin/checks2svpn.sh
+++ b/patches/systemvm/debian/config/opt/cloud/bin/checks2svpn.sh
@@ -2,8 +2,8 @@
if [ -z $1 ]
then
- echo "Fail to find VPN peer address!"
- exit 1
+ echo "Fail to find VPN peer address!"
+ exit 1
fi
ipsec auto --status | grep vpn-$1 > /tmp/vpn-$1.status
@@ -12,19 +12,18 @@ cat /tmp/vpn-$1.status | grep "ISAKMP SA established" > /dev/null
isakmpok=$?
if [ $isakmpok -ne 0 ]
then
- echo -n "ISAKMP SA not found"
- echo "Site-to-site VPN have not connected"
- exit 12
+ echo -n "ISAKMP SA NOT found but checking IPsec;"
+else
+ echo -n "ISAKMP SA found;"
fi
-echo -n "ISAKMP SA found;"
cat /tmp/vpn-$1.status | grep "IPsec SA established" > /dev/null
ipsecok=$?
if [ $ipsecok -ne 0 ]
then
- echo -n "IPsec SA not found;"
- echo "Site-to-site VPN have not connected"
- exit 11
+ echo -n "IPsec SA not found;"
+ echo "Site-to-site VPN have not connected"
+ exit 11
fi
echo -n "IPsec SA found;"
echo "Site-to-site VPN have connected"