diff options
author | Scott Ullrich <sullrich@pfsense.org> | 2005-03-03 02:15:15 +0000 |
---|---|---|
committer | Scott Ullrich <sullrich@pfsense.org> | 2005-03-03 02:15:15 +0000 |
commit | b73cc0567830e98d120bcf1b827ff400b4afb107 (patch) | |
tree | f732d801f353ed726fa6532a695ac15e730ba922 /etc | |
parent | 7e98bb788fa94451b7fe0391f3bbf793c25c1590 (diff) | |
download | pfsense-b73cc0567830e98d120bcf1b827ff400b4afb107.zip pfsense-b73cc0567830e98d120bcf1b827ff400b4afb107.tar.gz |
Allow setting of racoon listening interface on the ipsec vpn screen. This allows failover vpn!
Diffstat (limited to 'etc')
-rw-r--r-- | etc/inc/pfsense-utils.inc | 15 | ||||
-rw-r--r-- | etc/inc/vpn.inc | 17 |
2 files changed, 31 insertions, 1 deletions
diff --git a/etc/inc/pfsense-utils.inc b/etc/inc/pfsense-utils.inc index 48eb939..063f5ef 100644 --- a/etc/inc/pfsense-utils.inc +++ b/etc/inc/pfsense-utils.inc @@ -234,6 +234,21 @@ function filter_get_opt_interface_descr($opt) { return $config['interfaces'][$opt]['descr']; } +function get_friendly_interface_list_as_array() { + global $config; + $ints = array(); + $i = 0; + $ifdescrs = array('wan', 'lan'); + for ($j = 1; isset($config['interfaces']['opt' . $j]); $j++) { + $ifdescrs['opt' . $j] = "opt" . $j; + } + $ifdescrs = get_interface_list(); + foreach ($ifdescrs as $ifdescr => $ifname) { + array_push($ints,$ifdescr); + } + return $ints; +} + /* * find_ip_interface($ip): return the interface where an ip is defined */ diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc index 0593747..d0928c3 100644 --- a/etc/inc/vpn.inc +++ b/etc/inc/vpn.inc @@ -165,7 +165,22 @@ function vpn_ipsec_configure($ipchg = false) { return 1; } - $racoonconf = "path pre_shared_key \"{$g['varetc_path']}/psk.txt\";\n\n"; + $racoonconf = ""; + + if($config['ipsec']['interface'] <> "") { + if(does_interface_exist($config['ipsec']['interface']) == true) { + $interface_ip = find_interface_ip($config['ipsec']['interface']); + $racoonconf .= <<<EOD +listen { + isakmp {$interface_ip} [500]; +} + +EOD; + } + + } + + $racoonconf .= "path pre_shared_key \"{$g['varetc_path']}/psk.txt\";\n\n"; if (is_array($ipseccfg['tunnel']) && count($ipseccfg['tunnel'])) foreach ($ipseccfg['tunnel'] as $tunnel) { |