Page MenuHomeVyOS Platform

DHCP-client exit hook for IPsec is incorrect
Open, Requires assessmentPublicBUG


To reproduce configure ipsec site-to-site tunnel with DHCP client

Nov 28 14:07:35 r1 root[9642]: /etc/dhcp/dhclient-exit-hooks.d/ipsec-dhclient-hook returned non-zero exit status 1
Nov 28 14:07:35 r1 dhclient[1465]: bound to 10.x.x.x -- renewal in 132 seconds.

Execute script:

[email protected]# /etc/dhcp/dhclient-exit-hooks.d/ipsec-dhclient-hook
Traceback (most recent call last):
  File "<stdin>", line 39, in <module>
NameError: name 'secrets_lines' is not defined
[email protected]#

So secrets_lines is not defined

It could be affected to secrets if DHCP address was changed


Difficulty level
Normal (likely a few hours)
VyOS 1.4-rolling-202211260318
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)
Issue type
Bug (incorrect behavior)