| Message ID | 20241029101608.2991596-5-i.maximets@ovn.org |
|---|---|
| State | Changes Requested |
| Headers | show |
| Series | ipsec: Resiliency to Libreswan failures. | expand |
| Context | Check | Description |
|---|---|---|
| ovsrobot/apply-robot | success | apply and check: success |
| ovsrobot/github-robot-_Build_and_Test | success | github build: passed |
| ovsrobot/github-robot-_Build_and_Test | success | github build: passed |
diff --git a/ipsec/ovs-monitor-ipsec.in b/ipsec/ovs-monitor-ipsec.in index d667c08bc..3b2057389 100755 --- a/ipsec/ovs-monitor-ipsec.in +++ b/ipsec/ovs-monitor-ipsec.in @@ -765,7 +765,7 @@ conn prevent_unencrypted_vxlan return conns def get_active_conns(self): - return self.get_conns_from_status(r"#\d+: \"(.*)\".*") + return self.get_conns_from_status(r"#\d+: .*\"(.*)\".*") def get_loaded_conns(self): return self.get_conns_from_status(r"\"(.*)\":.*(===|---).*")
These should be considered active, because pluto is waiting for the other side to react. We should not remove them or try to repair. Such connections have an extra text between the SA number and the name of the connection. Ideally, we would like not to parse the output of ipsec status, since it's very error prone, but there is, unfortunately, no other interface. Signed-off-by: Ilya Maximets <i.maximets@ovn.org> --- ipsec/ovs-monitor-ipsec.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)