summaryrefslogtreecommitdiffstats
path: root/etc/inc/vpn.inc
diff options
context:
space:
mode:
Diffstat (limited to 'etc/inc/vpn.inc')
-rw-r--r--etc/inc/vpn.inc19
1 files changed, 19 insertions, 0 deletions
diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc
index 8df1e6f..3131666 100644
--- a/etc/inc/vpn.inc
+++ b/etc/inc/vpn.inc
@@ -590,6 +590,25 @@ EOD;
$ipsecconf .= "config setup\n\tuniqueids = {$uniqueids}\n";
$ipsecconf .= "\tcharondebug=\"" . vpn_ipsec_configure_loglevels(true) . "\"\n";
+ if (isset($config['ipsec']['shuntlaninterfaces'])) {
+ if ($config['interfaces']['lan']) {
+ $lanip = get_interface_ip("lan");
+ if (!empty($lanip) && is_ipaddrv4($lanip)) {
+ $lansn = get_interface_subnet("lan");
+ $lansa = gen_subnet($lanip, $lansn);
+ $ipsecconf .= <<<EOD
+conn bypasslan
+ leftsubnet={$lanip}/32
+ rightsubnet={$lansa}/{$lansn}
+ authby=never
+ type=pass
+ auto=route
+
+EOD;
+ }
+ }
+ }
+
foreach ($a_phase1 as $ph1ent) {
if (isset($ph1ent['disabled']))
continue;
OpenPOWER on IntegriCloud