Avoid generating an invalid racoon config if the user specified a mobile pool that is too small.

author: jim-p <jimp@pfsense.org> 2014-08-08 12:36:19 -0400
committer: jim-p <jimp@pfsense.org> 2014-08-08 12:36:19 -0400
commit: ffb8e02fc2cae6c603e786d3688e81d3fb05d7c6 (patch)
tree: 0e3928c64a44ee619c47f6f61df714688f701797 /etc
parent: b21ad5d5fd478b44366074274a56a93d7a2b94b6 (diff)
download: pfsense-ffb8e02fc2cae6c603e786d3688e81d3fb05d7c6.zip
pfsense-ffb8e02fc2cae6c603e786d3688e81d3fb05d7c6.tar.gz
1 files changed, 5 insertions, 0 deletions
diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc
index 3a75c96..b047132 100644
--- a/etc/inc/vpn.inc
+++ b/etc/inc/vpn.inc
@@ -345,6 +345,11 @@ function vpn_ipsec_configure($ipchg = false)
 					$pool_address = long2ip32(ip2long($pool_address)+1);
 					$pool_size = (~ip2long($pool_netmask) & 0xFFFFFFFF) - 2;
 
+					if ($pool_size < 0) {
+						log_error(sprintf(gettext("Invalid mobile IPsec pool size: %s, using 0"), $pool_size));
+						$pool_size = 0;
+					}
+
 					$racoonconf .= "\tpool_size {$pool_size};\n";
 					$racoonconf .= "\tnetwork4 {$pool_address};\n";
 					$racoonconf .= "\tnetmask4 {$pool_netmask};\n";
author	jim-p <jimp@pfsense.org>	2014-08-08 12:36:19 -0400
committer	jim-p <jimp@pfsense.org>	2014-08-08 12:36:19 -0400
commit	ffb8e02fc2cae6c603e786d3688e81d3fb05d7c6 (patch)
tree	0e3928c64a44ee619c47f6f61df714688f701797 /etc
parent	b21ad5d5fd478b44366074274a56a93d7a2b94b6 (diff)
download	pfsense-ffb8e02fc2cae6c603e786d3688e81d3fb05d7c6.zip pfsense-ffb8e02fc2cae6c603e786d3688e81d3fb05d7c6.tar.gz