diff options
-rwxr-xr-x | sysconfig/network-scripts/ifdown-ipsec | 8 | ||||
-rwxr-xr-x | sysconfig/network-scripts/ifup-ipsec | 9 |
2 files changed, 8 insertions, 9 deletions
diff --git a/sysconfig/network-scripts/ifdown-ipsec b/sysconfig/network-scripts/ifdown-ipsec index 3b03e277..a960144f 100755 --- a/sysconfig/network-scripts/ifdown-ipsec +++ b/sysconfig/network-scripts/ifdown-ipsec @@ -35,6 +35,10 @@ fi [ -n "$IKE_METHOD" ] && KEYING=automatic [ -z "$KEYING" ] && KEYING=manual +if [ -z "$SRC" ]; then + SRC=`ip -o route get to $DST | sed "s|.*src \([^ ]*\).*|\1|"` +fi + if [ -n "$SRCNET" -o -n "$DSTNET" ]; then MODE=tunnel [ -z "$SRCNET" ] && SRCNET="$SRC/32" @@ -49,10 +53,6 @@ else MODE=host fi -if [ -z "$SRC" ]; then - SRC=`ip -o route get to $DST | sed "s|.*src \([^ ]*\).*|\1|"` -fi - if [ "$KEYING" = "manual" ]; then setkey -c << EOF ${SPI_AH_OUT:+delete $SRC $DST ah $SPI_AH_OUT;} diff --git a/sysconfig/network-scripts/ifup-ipsec b/sysconfig/network-scripts/ifup-ipsec index 017414d9..ab055fe9 100755 --- a/sysconfig/network-scripts/ifup-ipsec +++ b/sysconfig/network-scripts/ifup-ipsec @@ -99,6 +99,10 @@ if [ -n "$IKE_DNSSEC" ]; then IKE_METHOD=X509 fi +if [ -z "$SRC" ]; then + SRC=`ip -o route get to $DST | sed "s|.*src \([^ ]*\).*|\1|"` +fi + if [ -n "$SRCNET" -o -n "$DSTNET" ]; then MODE=tunnel [ -z "$SRCNET" ] && SRCNET="$SRC/32" @@ -116,11 +120,6 @@ fi [ -n "$IKE_METHOD" ] && KEYING=automatic [ -z "$KEYING" ] && KEYING=manual -# Get source address -if [ -z "$SRC" ]; then - SRC=`ip -o route get to $DST | sed "s|.*src \([^ ]*\).*|\1|"` -fi - if [ "$KEYING" = "manual" ]; then |