summaryrefslogtreecommitdiffstats
path: root/usr
diff options
context:
space:
mode:
authorSeth Mos <seth.mos@xs4all.nl>2007-07-09 12:44:29 +0000
committerSeth Mos <seth.mos@xs4all.nl>2007-07-09 12:44:29 +0000
commit7b869816068b18f2623a15befbe3d7a51a7a5be4 (patch)
treec1ccf4a9f5efe1c8e82905ddd303630152299fee /usr
parentd852c5260a0e8800762d8a489d6ecaabca40506a (diff)
downloadpfsense-7b869816068b18f2623a15befbe3d7a51a7a5be4.zip
pfsense-7b869816068b18f2623a15befbe3d7a51a7a5be4.tar.gz
Do not allow duplicate remote subnets or duplicate remote gateways in
the tunnel configuration, this results in 2 non working tunnels.
Diffstat (limited to 'usr')
-rwxr-xr-xusr/local/www/vpn_ipsec_edit.php26
1 files changed, 25 insertions, 1 deletions
diff --git a/usr/local/www/vpn_ipsec_edit.php b/usr/local/www/vpn_ipsec_edit.php
index 9261734..bee6c6a 100755
--- a/usr/local/www/vpn_ipsec_edit.php
+++ b/usr/local/www/vpn_ipsec_edit.php
@@ -169,12 +169,36 @@ if ($_POST) {
if (($_POST['remotenet'] && !is_ipaddr($_POST['remotenet'])) or $_POST['remotenet'] == "0.0.0.0") {
/* allow 0.0.0.0 remote net usage */
if($_POST['remotenet'] <> "0.0.0.0")
- $input_errors[] = "A valid remote network address must be specified.";
+ $input_errors[] = "A valid remote network address must be specified.";
+ }
+ if (($_POST['remotenet'] && is_ipaddr($_POST['remotenet']) && !isset($_POST['disabled']) )) {
+ $t = 0;
+ foreach($a_ipsec as $tunnel) {
+ if($id <> $t) {
+ $tremotecidr = $pconfig['remotenet'] ."/". $pconfig['remotebits'];
+ if(($tunnel['remote-subnet'] == $tremotecidr) && !isset($tunnel['disabled'])) {
+ $input_errors[] = "The remote network \"$tremotecidr\" is already used by tunnel \"${tunnel['descr']}\".";
+ }
+ }
+ $t++;
+ }
}
if (($_POST['remotegw'] && !is_ipaddr($_POST['remotegw']))) {
if(is_domain($_POST['remotegw']) == false)
$input_errors[] = "A valid remote gateway address must be specified.";
}
+ if (($_POST['remotegw'] && is_ipaddr($_POST['remotegw']) && !isset($_POST['disabled']) )) {
+ $t = 0;
+ foreach($a_ipsec as $tunnel) {
+ if($id <> $t) {
+ $tremotegw = $pconfig['remotegw'];
+ if(($tunnel['remote-gateway'] == $tremotegw) && !isset($tunnel['disabled'])) {
+ $input_errors[] = "The remote gateway \"$tremotegw\" is already used by tunnel \"${tunnel['descr']}\".";
+ }
+ }
+ $t++;
+ }
+ }
if ((($_POST['p1myidentt'] == "address") && !is_ipaddr($_POST['p1myident']))) {
$input_errors[] = "A valid IP address for 'My identifier' must be specified.";
}
OpenPOWER on IntegriCloud