diff options
author | Ermal <eri@pfsense.org> | 2014-02-28 14:13:54 +0000 |
---|---|---|
committer | Ermal <eri@pfsense.org> | 2014-02-28 14:13:54 +0000 |
commit | 9cca1a4fdbb6d6e8abe84262b3769b75d312d058 (patch) | |
tree | 5c4b3a069775319084da399517dd5e1e62e045a3 /etc/inc | |
parent | ddb30ebfc686165e00f0155e00df16edc17c31c5 (diff) | |
download | pfsense-9cca1a4fdbb6d6e8abe84262b3769b75d312d058.zip pfsense-9cca1a4fdbb6d6e8abe84262b3769b75d312d058.tar.gz |
Ticket #3484 Correct the case for GRE tunnels as well since they behave the same. GRE seems to need the prefixlen 128 specified all the time so do it explicitly to be on safe side
Diffstat (limited to 'etc/inc')
-rw-r--r-- | etc/inc/gwlb.inc | 3 | ||||
-rw-r--r-- | etc/inc/interfaces.inc | 9 |
2 files changed, 8 insertions, 4 deletions
diff --git a/etc/inc/gwlb.inc b/etc/inc/gwlb.inc index 7cb83ae..0a81a23 100644 --- a/etc/inc/gwlb.inc +++ b/etc/inc/gwlb.inc @@ -553,9 +553,10 @@ function return_gateways_array($disabled = false, $localhost = false) { $ctype = strtoupper($ifcfg['ipaddrv6']); break; default: + $tunnelif = substr($ifname['if'], 0, 3); if (substr($ifcfg['if'], 0, 4) == "ovpn") $ctype = "VPNv6"; - else if (substr($ifcfg['if'], 0, 3) == "gif") + else if ($tunnelif == "gif" || $tunnelif == "gre") $ctype = "TUNNELv6"; break; } diff --git a/etc/inc/interfaces.inc b/etc/inc/interfaces.inc index 9e67450..d97a4c4 100644 --- a/etc/inc/interfaces.inc +++ b/etc/inc/interfaces.inc @@ -859,7 +859,9 @@ function interface_gre_configure(&$gre, $grekey = "") { /* Do not change the order here for more see gre(4) NOTES section. */ mwexec("/sbin/ifconfig {$greif} tunnel {$realifip} " . escapeshellarg($gre['remote-addr'])); if((is_ipaddrv6($gre['tunnel-local-addr'])) || (is_ipaddrv6($gre['tunnel-remote-addr']))) { - mwexec("/sbin/ifconfig {$greif} inet6 " . escapeshellarg($gre['tunnel-local-addr']) . " " . escapeshellarg($gre['tunnel-remote-addr']) . " prefixlen /" . escapeshellarg($gre['tunnel-remote-net'])); + /* XXX: The prefixlen argument for tunnels of ipv6 is useless since it needs to be 128 as enforced by kernel */ + //mwexec("/sbin/ifconfig {$greif} inet6 " . escapeshellarg($gre['tunnel-local-addr']) . " " . escapeshellarg($gre['tunnel-remote-addr']) . " prefixlen /" . escapeshellarg($gre['tunnel-remote-net'])); + mwexec("/sbin/ifconfig {$greif} inet6 " . escapeshellarg($gre['tunnel-local-addr']) . " " . escapeshellarg($gre['tunnel-remote-addr']) . " prefixlen 128"); } else { mwexec("/sbin/ifconfig {$greif} " . escapeshellarg($gre['tunnel-local-addr']) . " " . escapeshellarg($gre['tunnel-remote-addr']) . " netmask " . gen_subnet_mask($gre['tunnel-remote-net'])); } @@ -953,7 +955,7 @@ function interface_gif_configure(&$gif, $gifkey = "") { if((is_ipaddrv6($gif['tunnel-local-addr'])) || (is_ipaddrv6($gif['tunnel-remote-addr']))) { /* XXX: The prefixlen argument for tunnels of ipv6 is useless since it needs to be 128 as enforced by kernel */ //mwexec("/sbin/ifconfig {$gifif} inet6 " . escapeshellarg($gif['tunnel-local-addr']) . " " . escapeshellarg($gif['tunnel-remote-addr']) . " prefixlen /" . escapeshellarg($gif['tunnel-remote-net'])); - mwexec("/sbin/ifconfig {$gifif} inet6 " . escapeshellarg($gif['tunnel-local-addr']) . " " . escapeshellarg($gif['tunnel-remote-addr'])); + mwexec("/sbin/ifconfig {$gifif} inet6 " . escapeshellarg($gif['tunnel-local-addr']) . " " . escapeshellarg($gif['tunnel-remote-addr']) . " prefixlen 128"); } else { mwexec("/sbin/ifconfig {$gifif} " . escapeshellarg($gif['tunnel-local-addr']) . " " . escapeshellarg($gif['tunnel-remote-addr']) . " netmask " . gen_subnet_mask($gif['tunnel-remote-net'])); } @@ -4641,7 +4643,8 @@ function interface_has_gatewayv6($friendly) { default: if (substr($ifname['if'], 0, 4) == "ovpn") return true; - if (substr($ifname['if'], 0, 3) == "gif") + $tunnelif = substr($ifname['if'], 0, 3); + if ($tunnelif == "gif" || $tunnelif == "gre") return true; if (!empty($ifname['gatewayv6'])) return true; |