Bug #12315

Updated by Jim Pingle almost 2 years ago

When @ipsec_force_reload($interface)@ `ipsec_force_reload($interface)` is called, for example by @/etc/rc.newwanip@, it only looks for tunnels which specifically match the given interface name. 

 If a tunnel has a gateway group assigned as its interface, the tunnel does not get reloaded when it should as it does not match the interface name directly. 

 The function should also check if the Phase 1 source for a tunnel (either an interface, a VIP, or a gateway group) matches an address on the interface name passed to the function.