diff options
-rw-r--r-- | etc/inc/filter.inc | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index 04b574b..ba638c8 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -2420,6 +2420,12 @@ EOD; $interface_ip = find_interface_ip(get_real_wan_interface()); else $interface_ip = find_interface_ip(convert_friendly_interface_to_real_interface_name($iface)); + /* if failover ip is set, use it */ + if(isset($config['installedpackages']['sasyncd'])) + if ($config['installedpackages']['sasyncd']['config'] <> "") + foreach ($config['installedpackages']['sasyncd']['config'] as $sasyncd) + if ($sasyncd['ip'] <> "") + $interface_ip = $sasyncd['ip']; $ipfrules .= "pass out quick on \${$iface} proto udp from {$interface_ip} to {$remote_gateway} port = 500 keep state label \"IPSEC: {$tunnel['descr']} - outbound isakmp\"\n"; $ipfrules .= "pass in quick on \${$iface} proto udp from {$remote_gateway} to $interface_ip port = 500 keep state label \"IPSEC: {$tunnel['descr']} - inbound isakmp\"\n"; if ($tunnel['p2']['protocol'] == 'esp') { @@ -2833,4 +2839,4 @@ function return_vpn_subnet($adr) { } -?> +?>
\ No newline at end of file |