[Openswan Users] reload configuration file w/ restarting pluto
Linus van Geuns
vangeuns at atis.uka.de
Thu Apr 6 16:12:26 CEST 2006
Andy wrote:
> On Thu, 2006-04-06 at 07:47 +0200, Linus van Geuns wrote:
>> Is there a way to reload the pluto configuration or the connection database (at least) from the configuration file without restarting pluto?
>
> "ipsec auto --replace <conn>" will reload one connection definition.
>
> I don't know if there's a command to reload them all, but a script to do
> that shouldn't be too hard to write.
The idea is to reload the connection database without the need to disconnect any active connection.
ipsec auto --replace <conn_name> deletes any active connection if found, deletes the old connection with that name from the conn db and adds the new one from the configuration file - even if there is no difference between the connection database and configuration file.
So I think, I'll have to file a bug report (feature request) to ask for a implementation of modifying only the connections that have changed.
>
>> I didn't find anything in the ipsec and ipsec_pluto man pages (openswan-2.4.4 on Gentoo).
>
> Check out the ipsec_auto manpage.
[x] checked out. ;-)
Greetz,
Linus.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 254 bytes
Desc: OpenPGP digital signature
Url : http://lists.openswan.org/pipermail/users/attachments/20060406/f62b3788/signature.bin
More information about the Users
mailing list