diff options
Diffstat (limited to 'etc/inc/vpn.inc')
-rw-r--r-- | etc/inc/vpn.inc | 36 |
1 files changed, 19 insertions, 17 deletions
diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc index 71df2d5..edb250b 100644 --- a/etc/inc/vpn.inc +++ b/etc/inc/vpn.inc @@ -38,27 +38,27 @@ function vpn_ipsec_failover_configure() { global $config, $g; /* is failover vpn enabled? */ - if(!isset($config['installedpackages']['sasyncd']['enable'])) + if(!isset($config['installedpackages']['sasyncd']['config']['enable'])) return; $sasyncd = ""; - if($config['installedpackages']['sasyncd']['peer']) + if($config['installedpackages']['sasyncd']['config']['peer']) $sasyncd .= "peer {$config['ipsec']['failover']['peer']}\n"; - if($config['installedpackages']['sasyncd']['interface']) + if($config['installedpackages']['sasyncd']['config']['interface']) $sasyncd .= "carp interface {$config['ipsec']['failover']['interface']}\n"; - if($config['installedpackages']['sasyncd']['sharedkey']) + if($config['installedpackages']['sasyncd']['config']['sharedkey']) $sasyncd .= "sharedkey {$config['ipsec']['failover']['sharedkey']}\n"; - if($config['installedpackages']['sasyncd']['mode']) + if($config['installedpackages']['sasyncd']['config']['mode']) $sasyncd .= "mode {$config['ipsec']['failover']['mode']}\n"; - if($config['installedpackages']['sasyncd']['listenon']) + if($config['installedpackages']['sasyncd']['config']['listenon']) $sasyncd .= "listen on {$config['ipsec']['failover']['listenon']}\n"; - if($config['installedpackages']['sasyncd']['flushmodesync']) + if($config['installedpackages']['sasyncd']['config']['flushmodesync']) $sasyncd .= "flushmode sync {$config['ipsec']['failover']['flushmodesync']}\n"; $fd = fopen("{$g['varetc_path']}/sasyncd.conf", "w"); @@ -75,9 +75,11 @@ function vpn_ipsec_configure($ipchg = false) { $curwanip = get_current_wan_address(); - /* setup for failover ipsec */ - if($config['installedpackages']['sasyncd']['ip'] <> "") - $curwanip = $config['installedpackages']['sasyncd']['ip']; + /* set failover ip if defined */ + foreach($config['installedpackages']['sasyncd']['config'] as $sasyncd) { + if($sasyncd['ip'] <> "") + $curwanip = $sasyncd['ip']; + } vpn_ipsec_failover_configure(); @@ -97,9 +99,6 @@ function vpn_ipsec_configure($ipchg = false) { /* kill racoon */ killbypid("{$g['varrun_path']}/racoon.pid"); - /* wait for process to die */ - sleep(2); - /* send a SIGKILL to be sure */ sigkillbypid("{$g['varrun_path']}/racoon.pid", "KILL"); } @@ -155,8 +154,11 @@ function vpn_ipsec_configure($ipchg = false) { $number_of_gifs = find_last_gif_device(); $number_of_gifs++; $curwanip = get_current_wan_address(); - if($config['installedpackages']['sasyncd']['ip'] <> "") - $curwanip = $config['installedpackages']['sasyncd']['ip']; + /* set failover ip if defined */ + foreach($config['installedpackages']['sasyncd']['config'] as $sasyncd) { + if($sasyncd['ip'] <> "") + $curwanip = $sasyncd['ip']; + } mwexec("/sbin/ifconfig gif" . $number_of_gifs . " tunnel" . $curwanip . " " . $tunnel['remote-gateway']); mwexec("/sbin/ifconfig gif" . $number_of_gifs . " {$lansa}/{$lansn} {$lanip}/32"); } @@ -186,9 +188,9 @@ function vpn_ipsec_configure($ipchg = false) { return 1; } - if($config['installedpackages']['sasyncd']['ip'] <> "") { + if($config['installedpackages']['sasyncd']['config']['ip'] <> "") { - $interface_ip = $config['installedpackages']['sasyncd']['ip']; + $interface_ip = $config['installedpackages']['sasyncd']['config']['ip']; $racoonconf .= <<<EOD listen { isakmp {$interface_ip} [500]; |