summaryrefslogtreecommitdiffstats
path: root/etc
diff options
context:
space:
mode:
authorErmal <eri@pfsense.org>2010-06-15 19:26:46 +0000
committerErmal <eri@pfsense.org>2010-06-15 19:27:04 +0000
commit3bb6bfd2f22d31b986c663bfd376168c4d144256 (patch)
tree1c443ea3c68261f0e9c9d4660a04d300563916be /etc
parent87be42c1d2be2854228ff566aee10be3fa3c28c5 (diff)
downloadpfsense-3bb6bfd2f22d31b986c663bfd376168c4d144256.zip
pfsense-3bb6bfd2f22d31b986c663bfd376168c4d144256.tar.gz
Remove gif creation/deletion in ipsec code it seems unlikely and unused for a long time. This also removes the risk of doing damages on gifs configured through the GUI.
Diffstat (limited to 'etc')
-rw-r--r--etc/inc/vpn.inc40
1 files changed, 2 insertions, 38 deletions
diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc
index a98969d..8a2bb85 100644
--- a/etc/inc/vpn.inc
+++ b/etc/inc/vpn.inc
@@ -78,29 +78,10 @@ function vpn_ipsec_failover_configure() {
}
}
-function find_last_gif_device() {
- $last_gif_found = -1;
- $regs = "";
- if (!($fp = popen("/sbin/ifconfig -l", "r")))
- return -1;
- $ifconfig_data = fread($fp, 4096);
- pclose($fp);
- $ifconfig_array = split(" ", $ifconfig_data);
- foreach ($ifconfig_array as $ifconfig) {
- ereg("gif(.)", $ifconfig, $regs);
- if ($regs[0] && $regs[0] > $last_gif_found) {
- $last_gif_found = $regs[1];
- }
- }
- return $last_gif_found;
-}
-
function vpn_ipsec_configure($ipchg = false)
{
global $config, $g, $sa, $sn, $p1_ealgos, $p2_ealgos;
- mwexec("/sbin/ifconfig enc0 up");
-
/* get the automatic ping_hosts.sh ready */
unlink_if_exists("{$g['vardb_path']}/ipsecpinghosts");
touch("{$g['vardb_path']}/ipsecpinghosts");
@@ -110,10 +91,6 @@ function vpn_ipsec_configure($ipchg = false)
else
mwexec("/sbin/sysctl net.key.preferred_oldsa=0");
- $number_of_gifs = find_last_gif_device();
- for ($x = 0; $x < $number_of_gifs; $x++)
- mwexec("/sbin/ifconfig gif" . $x . " delete");
-
$syscfg = $config['system'];
$ipseccfg = $config['ipsec'];
$a_phase1 = $config['ipsec']['phase1'];
@@ -146,6 +123,8 @@ function vpn_ipsec_configure($ipchg = false)
return true;
} else {
+ mwexec("/sbin/ifconfig enc0 up");
+
if ($g['booting'])
echo "Configuring IPsec VPN... ";
@@ -803,21 +782,6 @@ EOD;
$localid = ipsec_idinfo_to_cidr($ph2ent['localid'],true);
$remoteid = ipsec_idinfo_to_cidr($ph2ent['remoteid'],true);
- if (isset ($ph2ent['creategif'])) {
- $number_of_gifs = find_last_gif_device();
- $number_of_gifs++;
- $curwanip = get_interface_ip();
- if ($config['installedpackages']['sasyncd']['config'] <> "") {
- foreach ($config['installedpackages']['sasyncd']['config'] as $sasyncd) {
- if ($sasyncd['ip'] <> "")
- $curwanip = $sasyncd['ip'];
- }
- }
- mwexec("/sbin/ifconfig gif" . $number_of_gifs . " tunnel" . $curwanip . " " . $rgip);
- if ($config['interfaces']['lan'])
- mwexec("/sbin/ifconfig gif" . $number_of_gifs . " {$lansa}/{$lansn} {$lanip}/32");
- }
-
if($ph2ent['mode'] == "tunnel") {
$spdconf .= "spdadd {$localid} {$remoteid} any -P out ipsec " .
OpenPOWER on IntegriCloud