X-Git-Url: https://pintos-os.org/cgi-bin/gitweb.cgi?a=blobdiff_plain;f=debian%2Fovs-monitor-ipsec;h=17f399767c60a5475245bb47e8c88b73411e48a3;hb=a404826e90632541d50f58d651271e7a8752cc1f;hp=07ad3982377204a31ea279b8d9c27ee64584fe14;hpb=ef7ee76a416cb9fa489651bb365d6f80673a1a82;p=openvswitch

diff --git a/debian/ovs-monitor-ipsec b/debian/ovs-monitor-ipsec
index 07ad3982..17f39976 100755
--- a/debian/ovs-monitor-ipsec
+++ b/debian/ovs-monitor-ipsec
@@ -116,6 +116,9 @@ path certificate "%s";
         self.psk_hosts = {}
         self.cert_hosts = {}
 
+        if not os.path.isdir(self.cert_dir):
+            os.mkdir(self.cert_dir)
+
         # Clean out stale peer certs from previous runs
         for ovs_cert in glob.glob("%s/ovs-*.pem" % self.cert_dir):
             try:
@@ -317,9 +320,9 @@ class IPsec:
         self.call_setkey("spdflush;")
 
     def spd_add(self, local_ip, remote_ip):
-        cmds = ("spdadd %s %s gre -P out ipsec esp/transport//default;\n" %
+        cmds = ("spdadd %s %s gre -P out ipsec esp/transport//require;\n" %
                     (local_ip, remote_ip))
-        cmds += ("spdadd %s %s gre -P in ipsec esp/transport//default;" %
+        cmds += ("spdadd %s %s gre -P in ipsec esp/transport//require;" %
                     (remote_ip, local_ip))
         self.call_setkey(cmds)