diff options
author | Ermal Luçi <eri@pfsense.org> | 2010-03-16 13:08:01 +0000 |
---|---|---|
committer | Ermal Luçi <eri@pfsense.org> | 2010-03-16 13:08:01 +0000 |
commit | 63017a732e0e4f1c3459106a5ac24abfea074877 (patch) | |
tree | 62d247d9032b8a71c76a8db40433e1b34c016f3f /etc | |
parent | 0b6ab3ec67c60e1c3dc51822bec8d796e21c3abf (diff) | |
download | pfsense-63017a732e0e4f1c3459106a5ac24abfea074877.zip pfsense-63017a732e0e4f1c3459106a5ac24abfea074877.tar.gz |
Ticket #430. Give a none option to allow for roadwarriors configs.
Diffstat (limited to 'etc')
-rw-r--r-- | etc/inc/ipsec.inc | 10 | ||||
-rw-r--r-- | etc/inc/vpn.inc | 12 |
2 files changed, 14 insertions, 8 deletions
diff --git a/etc/inc/ipsec.inc b/etc/inc/ipsec.inc index c55bfea..d80f1c2 100644 --- a/etc/inc/ipsec.inc +++ b/etc/inc/ipsec.inc @@ -163,6 +163,7 @@ function ipsec_idinfo_to_cidr(& $idinfo,$addrbits = false) { return $idinfo['address']; case "network": return $idinfo['address']."/".$idinfo['netbits']; + case "none": case "mobile": return "0.0.0.0/0"; default: @@ -186,11 +187,12 @@ function ipsec_idinfo_to_subnet(& $idinfo,$addrbits = false) { return $idinfo['address']."/255.255.255.255"; else return $idinfo['address']; + case "none": case "network": return $idinfo['address']."/".gen_subnet_mask($idinfo['netbits']); case "mobile": return "0.0.0.0/0"; - default: + default: $address = get_interface_ip($idinfo['type']); $netbits = get_interface_subnet($idinfo['type']); $address = gen_subnet($address,$netbits); @@ -210,8 +212,10 @@ function ipsec_idinfo_to_text(& $idinfo) { return $idinfo['address']; case "network": return $idinfo['address']."/".$idinfo['netbits']; - case "mobile": - return "Mobile Client"; + case "mobile": + return "Mobile Client"; + case "none": + return "None"; default: return strtoupper($idinfo['type']); } diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc index 26631d7..1ebd07a 100644 --- a/etc/inc/vpn.inc +++ b/etc/inc/vpn.inc @@ -610,11 +610,13 @@ EOD; if ($ph2ent['mode'] == 'tunnel') { $localid_type = $ph2ent['localid']['type']; - if ($localid_type != "address") - $localid_type = "subnet"; - $localid_data = ipsec_idinfo_to_cidr($ph2ent['localid']); - $localid_spec = $localid_type." ".$localid_data." any"; + if ($localid_type == "none") + $localid_spec = " "; + else if ($localid_type != "address") { + $localid_type = "subnet"; + $localid_spec = $localid_type." ".$localid_data." any"; + } if (!isset($ph2ent['mobile'])) { $remoteid_type = $ph2ent['remoteid']['type']; @@ -808,7 +810,7 @@ EOD; } /* static route needed? */ - if (preg_match("/^carp/i", $ph1ent['interface'])) + if (preg_match("/^carp|^vip/i", $ph1ent['interface'])) $parentinterface = link_carp_interface_to_parent($ph1ent['interface']); else $parentinterface = $ph1ent['interface']; |