pfSense

#!/usr/local/bin/php-cgi -f

<?php

/*

 * rc.newipsecdns

 *

 * part of pfSense (https://www.pfsense.org)

 * Copyright (c) 2009 Seth Mos <seth.mos@dds.nl>.

 * Copyright (c) 2004-2018 Rubicon Communications, LLC (Netgate)

 * All rights reserved.

 *

 * Originally part of m0n0wall (http://m0n0.ch/wall)

 * Copyright (c) 2007 Manuel Kasper <mk@neon1.net>.

 * All rights reserved.

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 * http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

require_once("util.inc");

require_once("globals.inc");

/* make sure to wait until the boot scripts have finished */

if (file_exists("{$g['varrun_path']}/booting")) {

	return;

}

$ipseclck_pending = try_lock('ipsecdns_pending', 0);

if (!$ipseclck_pending) {

	/* if a vpn_ipsec_configure() is still pending no need to stack up another one */

	return;

}

/* parse the configuration and include all functions used below */

require_once("config.inc");

require_once("gwlb.inc");

require_once("functions.inc");

require_once("filter.inc");

require_once("shaper.inc");

require_once("auth.inc");

require_once("ipsec.inc");

require_once("vpn.inc");

if (!ipsec_enabled()) {

	unlock($ipseclck_pending);

	return;

}

$ipseclck = lock('ipsecdns', LOCK_EX);

sleep(12);

unlock($ipseclck_pending);

sleep(3);

log_error("IPSEC: One or more IPsec tunnel endpoints has changed its IP. Refreshing.");

/* make sure we have the latest configuration changes loaded. */

$config = parse_config();

vpn_ipsec_configure();

unlock($ipseclck);