summaryrefslogtreecommitdiffstats
path: root/etc/inc
diff options
context:
space:
mode:
Diffstat (limited to 'etc/inc')
-rw-r--r--etc/inc/filter.inc3
1 files changed, 2 insertions, 1 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc
index daef238..703d274 100644
--- a/etc/inc/filter.inc
+++ b/etc/inc/filter.inc
@@ -2649,12 +2649,13 @@ EOD;
}
$local_subnet = return_vpn_subnet($tunnel['local-subnet']);
foreach($ifdescrs as $iface) {
- echo "processing $iface\n";
foreach($ipsec_ips as $interface_ip) {
if($iface == "wan")
$interface_ip = find_interface_ip(get_real_wan_interface());
else
$interface_ip = find_interface_ip(convert_friendly_interface_to_real_interface_name($iface));
+ if($tunnel['interface'] <> $iface and strstr($tunnel['interface'], "carp") == false)
+ continue;
$ipfrules .= "pass out quick on \${$iface} proto udp from {$interface_ip} to {$remote_gateway} port = 500 keep state label \"IPSEC: {$tunnel['descr']} - outbound isakmp\"\n";
$ipfrules .= "pass in quick on \${$iface} proto udp from {$remote_gateway} to $interface_ip port = 500 keep state label \"IPSEC: {$tunnel['descr']} - inbound isakmp\"\n";
if ($tunnel['p2']['protocol'] == 'esp') {
OpenPOWER on IntegriCloud