diff options
author | jim-p <jimp@pfsense.org> | 2012-08-27 14:34:38 -0400 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2012-08-27 14:41:48 -0400 |
commit | e3df974bd815ddd9b112db00cafea4a45ad58a6d (patch) | |
tree | c581deaab3206bc9f567a47ee93d14702e22f0bd /etc/inc/vpn.inc | |
parent | ca929de862129a751df1d1887ad178e27b0850c8 (diff) | |
download | pfsense-e3df974bd815ddd9b112db00cafea4a45ad58a6d.zip pfsense-e3df974bd815ddd9b112db00cafea4a45ad58a6d.tar.gz |
Restructure these IP/subnet tests so they don't break transport mode.
Diffstat (limited to 'etc/inc/vpn.inc')
-rw-r--r-- | etc/inc/vpn.inc | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc index 0325c0d..b087a87 100644 --- a/etc/inc/vpn.inc +++ b/etc/inc/vpn.inc @@ -693,7 +693,7 @@ EOD; $localid_type = "subnet"; } // Don't let an empty subnet into racoon.conf, it can cause parse errors. Ticket #2201. - if (!is_subnet($localid_data)) { + if (!is_ipaddr($localid_data) && !is_subnet($localid_data)) { log_error("Invalid IPsec Phase 2 \"{$ph2ent['descr']}\" - {$ph2ent['localid']['type']} has no subnet."); continue; } @@ -876,11 +876,11 @@ EOD; $localid = ipsec_idinfo_to_cidr($ph2ent['localid'],true); $remoteid = ipsec_idinfo_to_cidr($ph2ent['remoteid'],true); - // Error will be logged above, no need to log this twice. #2201 - if (!is_subnet($localid)) - continue; - if(($ph2ent['mode'] == "tunnel") or ($ph2ent['mode'] == 'tunnel6')) { + // Error will be logged above, no need to log this twice. #2201 + if (!is_subnet($localid)) + continue; + if($ph2ent['mode'] == "tunnel6") $family = "-6"; else |