You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by ya...@apache.org on 2012/08/11 01:27:23 UTC

[2/5] git commit: S2S VPN: Don't consider VPN is down if IPsec SA still existed

S2S VPN: Don't consider VPN is down if IPsec SA still existed

Because ISAKMP SA wouldn't be updated after expiration if IPsec SA is still in
affect.


Project: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/commit/e7efd0d9
Tree: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/tree/e7efd0d9
Diff: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/diff/e7efd0d9

Branch: refs/heads/vpc
Commit: e7efd0d95bd568ae2af5b6673bd273967f80f046
Parents: a4431b5
Author: Sheng Yang <sh...@citrix.com>
Authored: Fri Aug 10 10:57:12 2012 -0700
Committer: Sheng Yang <sh...@citrix.com>
Committed: Fri Aug 10 16:20:52 2012 -0700

----------------------------------------------------------------------
 .../debian/config/opt/cloud/bin/checks2svpn.sh     |   17 +++++++--------
 1 files changed, 8 insertions(+), 9 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/e7efd0d9/patches/systemvm/debian/config/opt/cloud/bin/checks2svpn.sh
----------------------------------------------------------------------
diff --git a/patches/systemvm/debian/config/opt/cloud/bin/checks2svpn.sh b/patches/systemvm/debian/config/opt/cloud/bin/checks2svpn.sh
index e6bf9e5..cecc38a 100755
--- a/patches/systemvm/debian/config/opt/cloud/bin/checks2svpn.sh
+++ b/patches/systemvm/debian/config/opt/cloud/bin/checks2svpn.sh
@@ -2,8 +2,8 @@
 
 if [ -z $1 ]
 then
-	echo "Fail to find VPN peer address!"
-	exit 1
+    echo "Fail to find VPN peer address!"
+    exit 1
 fi
 
 ipsec auto --status | grep vpn-$1 > /tmp/vpn-$1.status
@@ -12,19 +12,18 @@ cat /tmp/vpn-$1.status | grep "ISAKMP SA established" > /dev/null
 isakmpok=$?
 if [ $isakmpok -ne 0 ]
 then
-	echo -n "ISAKMP SA not found"
-        echo "Site-to-site VPN have not connected"
-	exit 12
+    echo -n "ISAKMP SA NOT found but checking IPsec;"
+else
+    echo -n "ISAKMP SA found;"
 fi
-echo -n "ISAKMP SA found;"
 
 cat /tmp/vpn-$1.status | grep "IPsec SA established" > /dev/null
 ipsecok=$?
 if [ $ipsecok -ne 0 ]
 then
-	echo -n "IPsec SA not found;"
-        echo "Site-to-site VPN have not connected"
-	exit 11
+    echo -n "IPsec SA not found;"
+    echo "Site-to-site VPN have not connected"
+    exit 11
 fi
 echo -n "IPsec SA found;"
 echo "Site-to-site VPN have connected"