dpif-linux: Choose port numbers more prudently.

[sliver-openvswitch.git] / debian / ovs-monitor-ipsec

diff --git a/debian/ovs-monitor-ipsec b/debian/ovs-monitor-ipsec
index 07ad398..17f3997 100755 (executable)
--- a/debian/ovs-monitor-ipsec
+++ b/debian/ovs-monitor-ipsec
@@ -116,6 +116,9 @@ path certificate "%s";
         self.psk_hosts = {}
         self.cert_hosts = {}
 
+        if not os.path.isdir(self.cert_dir):
+            os.mkdir(self.cert_dir)
+
         # Clean out stale peer certs from previous runs
         for ovs_cert in glob.glob("%s/ovs-*.pem" % self.cert_dir):
             try:
@@ -317,9 +320,9 @@ class IPsec:
         self.call_setkey("spdflush;")
 
     def spd_add(self, local_ip, remote_ip):
-        cmds = ("spdadd %s %s gre -P out ipsec esp/transport//default;\n" %
+        cmds = ("spdadd %s %s gre -P out ipsec esp/transport//require;\n" %
                     (local_ip, remote_ip))
-        cmds += ("spdadd %s %s gre -P in ipsec esp/transport//default;" %
+        cmds += ("spdadd %s %s gre -P in ipsec esp/transport//require;" %
                     (remote_ip, local_ip))
         self.call_setkey(cmds)