diff options
author | Ermal <eri@pfsense.org> | 2010-06-15 19:26:46 +0000 |
---|---|---|
committer | Ermal <eri@pfsense.org> | 2010-06-15 19:27:04 +0000 |
commit | 3bb6bfd2f22d31b986c663bfd376168c4d144256 (patch) | |
tree | 1c443ea3c68261f0e9c9d4660a04d300563916be /etc | |
parent | 87be42c1d2be2854228ff566aee10be3fa3c28c5 (diff) | |
download | pfsense-3bb6bfd2f22d31b986c663bfd376168c4d144256.zip pfsense-3bb6bfd2f22d31b986c663bfd376168c4d144256.tar.gz |
Remove gif creation/deletion in ipsec code it seems unlikely and unused for a long time. This also removes the risk of doing damages on gifs configured through the GUI.
Diffstat (limited to 'etc')
-rw-r--r-- | etc/inc/vpn.inc | 40 |
1 files changed, 2 insertions, 38 deletions
diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc index a98969d..8a2bb85 100644 --- a/etc/inc/vpn.inc +++ b/etc/inc/vpn.inc @@ -78,29 +78,10 @@ function vpn_ipsec_failover_configure() { } } -function find_last_gif_device() { - $last_gif_found = -1; - $regs = ""; - if (!($fp = popen("/sbin/ifconfig -l", "r"))) - return -1; - $ifconfig_data = fread($fp, 4096); - pclose($fp); - $ifconfig_array = split(" ", $ifconfig_data); - foreach ($ifconfig_array as $ifconfig) { - ereg("gif(.)", $ifconfig, $regs); - if ($regs[0] && $regs[0] > $last_gif_found) { - $last_gif_found = $regs[1]; - } - } - return $last_gif_found; -} - function vpn_ipsec_configure($ipchg = false) { global $config, $g, $sa, $sn, $p1_ealgos, $p2_ealgos; - mwexec("/sbin/ifconfig enc0 up"); - /* get the automatic ping_hosts.sh ready */ unlink_if_exists("{$g['vardb_path']}/ipsecpinghosts"); touch("{$g['vardb_path']}/ipsecpinghosts"); @@ -110,10 +91,6 @@ function vpn_ipsec_configure($ipchg = false) else mwexec("/sbin/sysctl net.key.preferred_oldsa=0"); - $number_of_gifs = find_last_gif_device(); - for ($x = 0; $x < $number_of_gifs; $x++) - mwexec("/sbin/ifconfig gif" . $x . " delete"); - $syscfg = $config['system']; $ipseccfg = $config['ipsec']; $a_phase1 = $config['ipsec']['phase1']; @@ -146,6 +123,8 @@ function vpn_ipsec_configure($ipchg = false) return true; } else { + mwexec("/sbin/ifconfig enc0 up"); + if ($g['booting']) echo "Configuring IPsec VPN... "; @@ -803,21 +782,6 @@ EOD; $localid = ipsec_idinfo_to_cidr($ph2ent['localid'],true); $remoteid = ipsec_idinfo_to_cidr($ph2ent['remoteid'],true); - if (isset ($ph2ent['creategif'])) { - $number_of_gifs = find_last_gif_device(); - $number_of_gifs++; - $curwanip = get_interface_ip(); - if ($config['installedpackages']['sasyncd']['config'] <> "") { - foreach ($config['installedpackages']['sasyncd']['config'] as $sasyncd) { - if ($sasyncd['ip'] <> "") - $curwanip = $sasyncd['ip']; - } - } - mwexec("/sbin/ifconfig gif" . $number_of_gifs . " tunnel" . $curwanip . " " . $rgip); - if ($config['interfaces']['lan']) - mwexec("/sbin/ifconfig gif" . $number_of_gifs . " {$lansa}/{$lansn} {$lanip}/32"); - } - if($ph2ent['mode'] == "tunnel") { $spdconf .= "spdadd {$localid} {$remoteid} any -P out ipsec " . |