diff options
| author | Tobias Brunner <tobias@strongswan.org> | 2015-08-13 11:08:41 +0200 |
|---|---|---|
| committer | Tobias Brunner <tobias@strongswan.org> | 2015-08-21 18:27:05 +0200 |
| commit | bd24f87d35f505a94814fd93b86816d69761527e (patch) | |
| tree | 06462fb44b7ac00bbcd73ca8ee5152a713b0d8aa /src | |
| parent | 603e3b489bb8a448f0dbcad9406fbfb64523abe1 (diff) | |
| download | strongswan-bd24f87d35f505a94814fd93b86816d69761527e.tar.bz2 strongswan-bd24f87d35f505a94814fd93b86816d69761527e.tar.xz | |
starter: Don't flush policies in the kernel
We can't control which policies we flush, so if policies are installed
and used outside of strongSwan for other protocols we'd flush them too.
And if installpolicies=no is used we probably shouldn't flush policies
either. Luckily already existing policies are not treated as fatal
errors anymore, so not flushing policies should not be that much of an
issue (in case of a crash in dynamic setups, e.g. with virtual IPs,
policies could be left behind even after restarting the connections and
properly terminating the daemon).
Diffstat (limited to 'src')
| -rw-r--r-- | src/starter/netkey.c | 1 |
1 files changed, 0 insertions, 1 deletions
diff --git a/src/starter/netkey.c b/src/starter/netkey.c index 2b500bab4..0b677fb79 100644 --- a/src/starter/netkey.c +++ b/src/starter/netkey.c @@ -65,6 +65,5 @@ void starter_netkey_cleanup(void) return; } hydra->kernel_interface->flush_sas(hydra->kernel_interface); - hydra->kernel_interface->flush_policies(hydra->kernel_interface); lib->plugins->unload(lib->plugins); } |