[strongSwan] ipsec update and SIGHUP
Tom Rymes
trymes at rymes.com
Wed Mar 18 15:56:32 CET 2015
On 03/18/2015 9:37 AM, Tobias Brunner wrote:
>> But still "ipsec update" does reread contents of ipsec.conf, am I right?
>
> Yes, this will cause starter to reread ipsec.conf.
>
>> And does sending HUP to charon forces it to reread ipsec.conf or just
>> the strongswan.conf?
>
> The charon daemon only reads strongswan.conf, and ipsec.conf is only
> read by starter. So if you changed both files you might want to send
> SIGHUP to both charon and starter (the latter can be done via `ipsec
> update`).
I would add that the update command does not force charon to reread PSKs
or certificates, if memory serves, so you may need to use rereadall or
one of the other reread commands if you need that done, too.
Tom
More information about the Users
mailing list