2 files changed, 38 insertions, 5 deletions

diff --git a/src/etc/inc/interfaces.inc b/src/etc/inc/interfaces.inc
index 87bad0a..472e087 100644
--- a/src/etc/inc/interfaces.inc
+++ b/src/etc/inc/interfaces.inc
@@ -560,6 +560,8 @@ function interface_bridge_configure(&$bridge, $checkmember = 0) {
 
 	interface_bridge_configure_advanced($bridge);
 
+	interface_bridge_configure_ip6linklocal($bridge);
+
 	if ($bridge['bridgeif']) {
 		interfaces_bring_up($bridge['bridgeif']);
 	} else {
@@ -686,6 +688,25 @@ function interface_bridge_configure_advanced($bridge) {
 	}
 }
 
+function interface_bridge_configure_ip6linklocal($bridge) {
+	$bridgeif = $bridge['bridgeif'];
+
+	$members = explode(',', $bridge['members']);
+	if (!count($members)) {
+		return;
+	}
+
+	$auto_linklocal = isset($bridge['ip6linklocal']);
+	$bridgeop = $auto_linklocal ? '' : '-';
+	$memberop = $auto_linklocal ? '-' : '';
+
+	mwexec("/usr/sbin/ndp -i {$bridgeif} -- {$bridgeop}auto_linklocal");
+	foreach ($members as $member) {
+		$realif = get_real_interface($member);
+		mwexec("/usr/sbin/ndp -i {$realif} -- {$memberop}auto_linklocal");
+	}
+}
+
 function interface_bridge_add_member($bridgeif, $interface, $flagsapplied = false) {
 	global $config;
 
@@ -4407,10 +4428,11 @@ function DHCP6_Config_File_Advanced($interface, $wancfg, $wanif) {
 			}
 			$id_assoc_statement_prefix .= ";";
 		}
-
+		
+		$realif = get_real_interface($wancfg['adv_dhcp6_prefix_selected_interface']);
 		if (is_numeric($wancfg['adv_dhcp6_prefix_interface_statement_sla_id'])) {
 			$id_assoc_statement_prefix .= "\n\tprefix-interface";
-			$id_assoc_statement_prefix .= " {$wanif}";
+			$id_assoc_statement_prefix .= " {$realif}";
 			$id_assoc_statement_prefix .= " {\n";
 			$id_assoc_statement_prefix .= "\t\tsla-id {$wancfg['adv_dhcp6_prefix_interface_statement_sla_id']};\n";
 			if (($wancfg['adv_dhcp6_prefix_interface_statement_sla_len'] >= 0) &&
diff --git a/src/etc/inc/vpn.inc b/src/etc/inc/vpn.inc
index 1398135..6390aed 100644
--- a/src/etc/inc/vpn.inc
+++ b/src/etc/inc/vpn.inc
@@ -489,12 +489,19 @@ EOD;
 		}
 	}
 
+	/* Activate RADIUS accounting if it was selected on the auth server view */
+	$radius_accounting = "";
+	if($auth_server && isset($auth_server['radius_acct_port'])){
+		$radius_accounting = 'accounting = yes';
+	}
+
 	/* write an eap-radius config section if appropriate */
 	if (strlen($radius_server_txt) && ($mobile_ipsec_auth === "eap-radius")) {
 		$strongswan .= <<<EOD
 		eap-radius {
 			class_group = yes
 			eap_start = no
+			{$radius_accounting}
 			servers {
 {$radius_server_txt}
 			}
@@ -1101,10 +1108,14 @@ EOD;
 			} else {
 				$reauth = "reauth = yes";
 			}
+
 			if (isset($ph1ent['rekey_enable'])) {
-				$rekey = "rekey = no";
+				$rekeyline = "rekey = no";
 			} else {
-				$rekey = "rekey = yes";
+				$rekeyline = "rekey = yes";
+				if(!empty($ph1ent['margintime'])){
+					$rekeyline .= "\n\tmargintime = {$ph1ent['margintime']}s";
+				}
 			}
 
 			if ($ph1ent['nat_traversal'] == 'off') {
@@ -1303,7 +1314,7 @@ EOD;
 	{$forceencaps}
 	{$mobike}
 	{$tfc}
-	{$rekey}
+	{$rekeyline}
 	installpolicy = yes
 	{$tunneltype}
 	{$dpdline}