diff options
author | jim-p <jimp@pfsense.org> | 2013-02-25 15:19:06 -0500 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2013-02-25 15:21:08 -0500 |
commit | 9bfa57b39b9c800d9d9955df9f11bc1966da735c (patch) | |
tree | e076acf93193c701f1b7092155d444df349d70d7 /etc/inc/openvpn.inc | |
parent | 343266ccf71605dbde9aff845f3075f3c090a829 (diff) | |
download | pfsense-9bfa57b39b9c800d9d9955df9f11bc1966da735c.zip pfsense-9bfa57b39b9c800d9d9955df9f11bc1966da735c.tar.gz |
Always clear the OpenVPN route when using shared key, no matter what the tunnel network "CIDR" is set to, it still needs it.
Diffstat (limited to 'etc/inc/openvpn.inc')
-rw-r--r-- | etc/inc/openvpn.inc | 19 |
1 files changed, 13 insertions, 6 deletions
diff --git a/etc/inc/openvpn.inc b/etc/inc/openvpn.inc index ac960ba..1894d64 100644 --- a/etc/inc/openvpn.inc +++ b/etc/inc/openvpn.inc @@ -1034,17 +1034,24 @@ function openvpn_clear_route($mode, $settings) { return; list($ip, $cidr) = explode('/', $settings['tunnel_network']); $mask = gen_subnet_mask($cidr); + $clear_route = false; + switch($settings['mode']) { + case 'shared_key': + $clear_route = true; + break; case 'p2p_tls': case 'p2p_shared_key': - case 'shared_key': - if (!empty($ip) && !empty($mask) && ($cidr == 30)) { - list($ip1, $ip2) = openvpn_get_interface_ip($ip, $mask); - $ip_to_clear = ($mode == "server") ? $ip1 : $ip2; - mwexec("/sbin/route -q delete {$ip_to_clear}"); - } + if (!empty($ip) && !empty($mask) && ($cidr == 30)) + $clear_route = true; break; } + + if ($clear_route) { + list($ip1, $ip2) = openvpn_get_interface_ip($ip, $mask); + $ip_to_clear = ($mode == "server") ? $ip1 : $ip2; + mwexec("/sbin/route -q delete {$ip_to_clear}"); + } } function openvpn_get_settings($mode, $vpnid) { |