[Openswan dev] Starter 0.3 config reloads

Mathieu Lafon mlafon at arkoon.net
Mon Jun 21 18:42:54 CEST 2004


Joshua Jackson wrote on 21/06/2004 07:13:36 :

> Just curious if there is any reason on a SIGHUP to not have
> starter issue a whack message to have Pluto re-read ipsec.secrets.
> I've run into a couple of situations where a PSK needed to be
> changed and I didn't want to bring all of the tunnels offline to
> get pluto to re-read the keys.
> 
> Would it be better to just have starter do this on SIGHUP or use
> another signal for this function?

You're right. Starter should issue a REREADSECRETS whack message
if ipsec.secrets file has changed.

-- 
Mathieu Lafon - Arkoon Network Security


More information about the Dev mailing list