Minor changes in updown script

Change-Id: Ifd6f91087d6bf16de106faa90fe5a57137c798dd
Signed-off-by: Ruoyu Ying <ruoyu.ying@intel.com>

diff --git a/platform/cnf-openwrt/src/updown b/platform/cnf-openwrt/src/updown
index 3c99f73..76cfecc 100755 (executable)
--- a/platform/cnf-openwrt/src/updown
+++ b/platform/cnf-openwrt/src/updown
@@ -1,6 +1,5 @@
 #!/bin/bash
-# SPDX-License-Identifier: Apache-2.0
-# Copyright (c) 2021 Intel Corporation
+# Licensed to the public under the GNU General Public License v2.
 
 # set charon.install_virtual_ip = no to prevent the daemon from also installing the VIP
 
@@ -8,7 +7,7 @@ set -o nounset
 set -o errexit
 
 if [ ! -z "${PLUTO_PEER_SOURCEIP:-}" ]
-then 
+then
   VTI_IF="vti_${PLUTO_PEER_SOURCEIP}"
 else
   VTI_IF="vti_${PLUTO_PEER}"

diff --git a/platform/cnf-openwrt/src/updown_oip b/platform/cnf-openwrt/src/updown_oip
index f13dd31..cf5195d 100755 (executable)
--- a/platform/cnf-openwrt/src/updown_oip
+++ b/platform/cnf-openwrt/src/updown_oip
@@ -1,6 +1,5 @@
 #!/bin/sh
-# SPDX-License-Identifier: Apache-2.0
-# Copyright (c) 2021 Intel Corporation
+# Licensed to the public under the GNU General Public License v2.
 
 DEFAULT_PREFIX="localto"
 DEFAULT_K8S_SVC="10.96.0.1:443"
@@ -379,7 +378,8 @@ down-client:iptables)
         #
         # IPIP exception teardown
         if [ -n "$PLUTO_IPCOMP" ]
-        then                                                                                                                                iptables -D INPUT -i $PLUTO_INTERFACE -p 4 \
+        then
+         iptables -D INPUT -i $PLUTO_INTERFACE -p 4 \
               -s $PLUTO_PEER -d $PLUTO_ME $IPSEC_POLICY_IN -j ACCEPT
         fi
         #
@@ -395,5 +395,7 @@ down-client:iptables)
               "- $PLUTO_PEER_ID $PLUTO_PEER_CLIENT == $PLUTO_PEER -- $PLUTO_ME == $PLUTO_MY_CLIENT"
           fi
         fi
+       ip r del $PLUTO_MY_SOURCEIP dev $PLUTO_INTERFACE
+       ip r del $PLUTO_PEER dev $PLUTO_INTERFACE table 40
         ;;