summaryrefslogtreecommitdiffstats
path: root/etc
diff options
context:
space:
mode:
authorjim-p <jimp@pfsense.org>2013-02-25 15:19:06 -0500
committerjim-p <jimp@pfsense.org>2013-02-25 15:19:06 -0500
commit6ca938cf1f4a0d2d65bc42c46da4470bb403b0a4 (patch)
treeef8ea3f518bb416b89255ddcb1f9eb6a84625d45 /etc
parent2b33321086adecaf37013fe8f1f916e19d95fe47 (diff)
downloadpfsense-6ca938cf1f4a0d2d65bc42c46da4470bb403b0a4.zip
pfsense-6ca938cf1f4a0d2d65bc42c46da4470bb403b0a4.tar.gz
Always clear the OpenVPN route when using shared key, no matter what the tunnel network "CIDR" is set to, it still needs it.
Diffstat (limited to 'etc')
-rw-r--r--etc/inc/openvpn.inc19
1 files changed, 13 insertions, 6 deletions
diff --git a/etc/inc/openvpn.inc b/etc/inc/openvpn.inc
index 0e6bc28..d1cecf1 100644
--- a/etc/inc/openvpn.inc
+++ b/etc/inc/openvpn.inc
@@ -1224,17 +1224,24 @@ function openvpn_clear_route($mode, $settings) {
return;
list($ip, $cidr) = explode('/', $settings['tunnel_network']);
$mask = gen_subnet_mask($cidr);
+ $clear_route = false;
+
switch($settings['mode']) {
+ case 'shared_key':
+ $clear_route = true;
+ break;
case 'p2p_tls':
case 'p2p_shared_key':
- case 'shared_key':
- if (!empty($ip) && !empty($mask) && ($cidr == 30)) {
- list($ip1, $ip2) = openvpn_get_interface_ip($ip, $mask);
- $ip_to_clear = ($mode == "server") ? $ip1 : $ip2;
- mwexec("/sbin/route -q delete {$ip_to_clear}");
- }
+ if (!empty($ip) && !empty($mask) && ($cidr == 30))
+ $clear_route = true;
break;
}
+
+ if ($clear_route) {
+ list($ip1, $ip2) = openvpn_get_interface_ip($ip, $mask);
+ $ip_to_clear = ($mode == "server") ? $ip1 : $ip2;
+ mwexec("/sbin/route -q delete {$ip_to_clear}");
+ }
}
function openvpn_gen_routes($value, $ipproto = "ipv4", $push = false) {
OpenPOWER on IntegriCloud