diff options
author | Scott Ullrich <sullrich@pfsense.org> | 2007-11-05 17:29:57 +0000 |
---|---|---|
committer | Scott Ullrich <sullrich@pfsense.org> | 2007-11-05 17:29:57 +0000 |
commit | cbcc5530b657e6a065e7f8a7cc13b39c196d4c66 (patch) | |
tree | a717b08a2c5d52070eaf84896947a428d6ddb89a | |
parent | d7028c740653c69dee05b6a704eef60b96075423 (diff) | |
download | pfsense-cbcc5530b657e6a065e7f8a7cc13b39c196d4c66.zip pfsense-cbcc5530b657e6a065e7f8a7cc13b39c196d4c66.tar.gz |
IPSEC keep alive pinger using the wrong source IP address
Ticket #1482
-rw-r--r-- | etc/inc/vpn.inc | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc index 0af3aa0..a984c5b 100644 --- a/etc/inc/vpn.inc +++ b/etc/inc/vpn.inc @@ -212,14 +212,14 @@ function vpn_ipsec_configure($ipchg = false) { /* add entry to host pinger */ if ($tunnel['pinghost']) { $pfd = fopen("/var/db/ipsecpinghosts", "a"); - $iflist = array("lan" => "lan", "wan" => "wan"); - for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++) - $iflist['opt' . $i] = "opt{$i}"; - - foreach ($iflist as $ifent => $ifname) { - if (ip_in_subnet(find_interface_ip($config['interfaces'][$ifname]['if']), $tunnel['local-subnet'])) - $srcip = find_interface_ip($config['interfaces'][$ifname]['if']); - } + $iflist = array("lan" => "lan", "wan" => "wan"); + for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++) + $iflist['opt' . $i] = "opt{$i}"; + foreach ($iflist as $ifent => $ifname) { + $interface_ip = find_interface_ip($config['interfaces'][$ifname]['if']); + if (ip_in_subnet($interface_ip, $sa . "/" . $sn)) + $srcip = find_interface_ip($config['interfaces'][$ifname]['if']); + } $dstip = $tunnel['pinghost']; fwrite($pfd, "$srcip|$dstip|3\n"); fclose($pfd); |