diff options
author | jim-p <jimp@pfsense.org> | 2016-01-21 12:03:14 -0500 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2016-01-21 12:03:14 -0500 |
commit | ef378560d1982cd5ecb93475ef9da12ce19b6a31 (patch) | |
tree | e27e8f01cc666a814de00604e8446284708cd070 | |
parent | 65db26f286a7e54a15892288bb80aa856bad3e0d (diff) | |
download | pfsense-ef378560d1982cd5ecb93475ef9da12ce19b6a31.zip pfsense-ef378560d1982cd5ecb93475ef9da12ce19b6a31.tar.gz |
The topology line also must be skipped if an SSL/TLS mode is used with a CIDR less than 30.
-rw-r--r-- | src/etc/inc/openvpn.inc | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/src/etc/inc/openvpn.inc b/src/etc/inc/openvpn.inc index 257152c..0a04da4 100644 --- a/src/etc/inc/openvpn.inc +++ b/src/etc/inc/openvpn.inc @@ -1063,7 +1063,8 @@ function openvpn_reconfigure($mode, $settings) { $conf .= "float\n"; } - if (in_array($settings['mode'], $openvpn_tls_server_modes)) { + // If the server is not a TLS server or it has a tunnel network CIDR less than a /30, skip this. + if (in_array($settings['mode'], $openvpn_tls_server_modes) && (!empty($ip) && !empty($mask) && ($cidr < 30))) { if (empty($settings['topology'])) { $settings['topology'] = "subnet"; } |