diff options
author | jim-p <jimp@pfsense.org> | 2014-08-08 12:36:19 -0400 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2014-08-08 12:36:19 -0400 |
commit | ffb8e02fc2cae6c603e786d3688e81d3fb05d7c6 (patch) | |
tree | 0e3928c64a44ee619c47f6f61df714688f701797 | |
parent | b21ad5d5fd478b44366074274a56a93d7a2b94b6 (diff) | |
download | pfsense-ffb8e02fc2cae6c603e786d3688e81d3fb05d7c6.zip pfsense-ffb8e02fc2cae6c603e786d3688e81d3fb05d7c6.tar.gz |
Avoid generating an invalid racoon config if the user specified a mobile pool that is too small.
-rw-r--r-- | etc/inc/vpn.inc | 5 | ||||
-rwxr-xr-x | usr/local/www/vpn_ipsec_mobile.php | 2 |
2 files changed, 6 insertions, 1 deletions
diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc index 3a75c96..b047132 100644 --- a/etc/inc/vpn.inc +++ b/etc/inc/vpn.inc @@ -345,6 +345,11 @@ function vpn_ipsec_configure($ipchg = false) $pool_address = long2ip32(ip2long($pool_address)+1); $pool_size = (~ip2long($pool_netmask) & 0xFFFFFFFF) - 2; + if ($pool_size < 0) { + log_error(sprintf(gettext("Invalid mobile IPsec pool size: %s, using 0"), $pool_size)); + $pool_size = 0; + } + $racoonconf .= "\tpool_size {$pool_size};\n"; $racoonconf .= "\tnetwork4 {$pool_address};\n"; $racoonconf .= "\tnetmask4 {$pool_netmask};\n"; diff --git a/usr/local/www/vpn_ipsec_mobile.php b/usr/local/www/vpn_ipsec_mobile.php index 84bf198..5a4c269 100755 --- a/usr/local/www/vpn_ipsec_mobile.php +++ b/usr/local/www/vpn_ipsec_mobile.php @@ -434,7 +434,7 @@ function login_banner_change() { <input name="pool_address" type="text" class="formfld unknown" id="pool_address" size="20" value="<?=htmlspecialchars($pconfig['pool_address']);?>"/> / <select name="pool_netbits" class="formselect" id="pool_netbits"> - <?php for ($i = 32; $i >= 0; $i--): ?> + <?php for ($i = 29; $i >= 0; $i--): ?> <option value="<?=$i;?>" <?php if ($i == $pconfig['pool_netbits']) echo "selected=\"selected\""; ?>> <?=$i;?> </option> |