diff options
author | Chris Buechler <cmb@pfsense.org> | 2015-04-04 19:50:04 -0500 |
---|---|---|
committer | Chris Buechler <cmb@pfsense.org> | 2015-04-04 19:50:04 -0500 |
commit | 0a9e6c85f05b1027156618a9ccf1e1b12f31683e (patch) | |
tree | 9c644e9e97dd1b9a8425c2ff3b9bab28dc904364 /etc/inc/vpn.inc | |
parent | c01f5dacbacf476460fa250307a4726508a73d07 (diff) | |
download | pfsense-0a9e6c85f05b1027156618a9ccf1e1b12f31683e.zip pfsense-0a9e6c85f05b1027156618a9ccf1e1b12f31683e.tar.gz |
Fix up Ticket #4504 implementation. Match config style with other areas. Use a config setting to disable, rather than enable, this functionality since it's enabled by default so the tag isn't necessary in the default config. Remove now unnecessary config upgrade code.
Diffstat (limited to 'etc/inc/vpn.inc')
-rw-r--r-- | etc/inc/vpn.inc | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc index 83ab427..d5efa8a 100644 --- a/etc/inc/vpn.inc +++ b/etc/inc/vpn.inc @@ -641,7 +641,7 @@ EOD; $ipsecconf .= "config setup\n\tuniqueids = {$uniqueids}\n"; $ipsecconf .= "\tcharondebug=\"" . vpn_ipsec_configure_loglevels(true) . "\"\n"; - if (isset($config['ipsec']['shuntlaninterfaces'])) { + if (!isset($config['ipsec']['noshuntlaninterfaces'])) { if ($config['interfaces']['lan']) { $lanip = get_interface_ip("lan"); if (!empty($lanip) && is_ipaddrv4($lanip)) { @@ -650,11 +650,11 @@ EOD; $ipsecconf .= <<<EOD conn bypasslan - leftsubnet={$lanip}/32 - rightsubnet={$lansa}/{$lansn} - authby=never - type=passthrough - auto=route + leftsubnet = {$lanip}/32 + rightsubnet = {$lansa}/{$lansn} + authby = never + type = passthrough + auto = route EOD; } |