diff options
author | jim-p <jimp@pfsense.org> | 2014-08-08 12:36:19 -0400 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2014-08-08 12:36:19 -0400 |
commit | ffb8e02fc2cae6c603e786d3688e81d3fb05d7c6 (patch) | |
tree | 0e3928c64a44ee619c47f6f61df714688f701797 /etc | |
parent | b21ad5d5fd478b44366074274a56a93d7a2b94b6 (diff) | |
download | pfsense-ffb8e02fc2cae6c603e786d3688e81d3fb05d7c6.zip pfsense-ffb8e02fc2cae6c603e786d3688e81d3fb05d7c6.tar.gz |
Avoid generating an invalid racoon config if the user specified a mobile pool that is too small.
Diffstat (limited to 'etc')
-rw-r--r-- | etc/inc/vpn.inc | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc index 3a75c96..b047132 100644 --- a/etc/inc/vpn.inc +++ b/etc/inc/vpn.inc @@ -345,6 +345,11 @@ function vpn_ipsec_configure($ipchg = false) $pool_address = long2ip32(ip2long($pool_address)+1); $pool_size = (~ip2long($pool_netmask) & 0xFFFFFFFF) - 2; + if ($pool_size < 0) { + log_error(sprintf(gettext("Invalid mobile IPsec pool size: %s, using 0"), $pool_size)); + $pool_size = 0; + } + $racoonconf .= "\tpool_size {$pool_size};\n"; $racoonconf .= "\tnetwork4 {$pool_address};\n"; $racoonconf .= "\tnetmask4 {$pool_netmask};\n"; |