diff options
author | jim-p <jimp@pfsense.org> | 2013-02-25 15:19:06 -0500 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2013-02-25 15:19:06 -0500 |
commit | 6ca938cf1f4a0d2d65bc42c46da4470bb403b0a4 (patch) | |
tree | ef8ea3f518bb416b89255ddcb1f9eb6a84625d45 /etc | |
parent | 2b33321086adecaf37013fe8f1f916e19d95fe47 (diff) | |
download | pfsense-6ca938cf1f4a0d2d65bc42c46da4470bb403b0a4.zip pfsense-6ca938cf1f4a0d2d65bc42c46da4470bb403b0a4.tar.gz |
Always clear the OpenVPN route when using shared key, no matter what the tunnel network "CIDR" is set to, it still needs it.
Diffstat (limited to 'etc')
-rw-r--r-- | etc/inc/openvpn.inc | 19 |
1 files changed, 13 insertions, 6 deletions
diff --git a/etc/inc/openvpn.inc b/etc/inc/openvpn.inc index 0e6bc28..d1cecf1 100644 --- a/etc/inc/openvpn.inc +++ b/etc/inc/openvpn.inc @@ -1224,17 +1224,24 @@ function openvpn_clear_route($mode, $settings) { return; list($ip, $cidr) = explode('/', $settings['tunnel_network']); $mask = gen_subnet_mask($cidr); + $clear_route = false; + switch($settings['mode']) { + case 'shared_key': + $clear_route = true; + break; case 'p2p_tls': case 'p2p_shared_key': - case 'shared_key': - if (!empty($ip) && !empty($mask) && ($cidr == 30)) { - list($ip1, $ip2) = openvpn_get_interface_ip($ip, $mask); - $ip_to_clear = ($mode == "server") ? $ip1 : $ip2; - mwexec("/sbin/route -q delete {$ip_to_clear}"); - } + if (!empty($ip) && !empty($mask) && ($cidr == 30)) + $clear_route = true; break; } + + if ($clear_route) { + list($ip1, $ip2) = openvpn_get_interface_ip($ip, $mask); + $ip_to_clear = ($mode == "server") ? $ip1 : $ip2; + mwexec("/sbin/route -q delete {$ip_to_clear}"); + } } function openvpn_gen_routes($value, $ipproto = "ipv4", $push = false) { |