Disable by default service strongswan-starter
Closed, ResolvedPublicBUG
Actions

Assigned To

Authored By

	Viacheslav
	Jun 1 2021, 1:09 PM

Description

Needs to disable service strongswan-starter by default. https://github.com/vyos/vyos-build/blob/current/data/live-build-config/hooks/live/18-enable-disable_services.chroot
In another case, it starts to communicate with other interfaces such as PPPoE even if IPsec not configured.

vyos@vyos# sudo systemctl status strongswan-starter.service
● strongswan-starter.service - strongSwan IPsec IKEv1/IKEv2 daemon using ipsec.c
   Loaded: loaded (/lib/systemd/system/strongswan-starter.service; enabled; vend
   Active: active (running) since Tue 2021-06-01 11:42:59 UTC; 1h 14min ago
 Main PID: 582 (starter)
    Tasks: 18 (limit: 543)
   Memory: 14.5M
   CGroup: /system.slice/strongswan-starter.service
           ├─582 /usr/lib/ipsec/starter --daemon charon --nofork
           └─612 /usr/lib/ipsec/charon
Jun 01 12:51:41 vyos charon[612]: 10[KNL] interface ppp0 deactivated
Jun 01 12:51:41 vyos charon[612]: 11[KNL] 10.255.255.255 disappeared from ppp0
Jun 01 12:51:41 vyos charon[612]: 13[KNL] interface ppp0 deleted
Jun 01 12:51:50 vyos charon[612]: 06[KNL] 10.255.255.255 appeared on ppp0
Jun 01 12:51:50 vyos charon[612]: 08[KNL] interface ppp0 activated
Jun 01 12:53:58 vyos charon[612]: 15[KNL] interface ppp0 deactivated
Jun 01 12:53:58 vyos charon[612]: 05[KNL] 10.255.255.255 disappeared from ppp0
Jun 01 12:53:58 vyos charon[612]: 06[KNL] interface ppp0 deleted
Jun 01 12:54:06 vyos charon[612]: 11[KNL] 10.255.255.255 appeared on ppp0
Jun 01 12:54:06 vyos charon[612]: 13[KNL] interface ppp0 activated

Details

Version: -
Is it a breaking change?: Unspecified (possibly destroys the router)

Related Objects
Search...

		Status	Subtype	Assigned	Task
		Resolved		sarthurdev	T2816 Rewrite IPsec scripts with the new XML/Python approach
		Resolved	BUG	sarthurdev	T3594 Disable by default service strongswan-starter