From 924876a80f9ac94a0e7b59b381312d0ffd186755 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ermal=20Lu=E7i?= <eri@pfsense.org>
Date: Wed, 22 Apr 2009 09:19:00 +0000
Subject: * Fix ipsec over carp handling. * do not useinterface in Upper case
 when working on the backends. * Do not print Configuring IPSec during bootup
 if there is nothing configured.

---
 etc/inc/ipsec.inc |  8 +++++---
 etc/inc/vpn.inc   | 22 ++++++++++------------
 2 files changed, 15 insertions(+), 15 deletions(-)

(limited to 'etc/inc')

diff --git a/etc/inc/ipsec.inc b/etc/inc/ipsec.inc
index 3d0c120..043a886 100644
--- a/etc/inc/ipsec.inc
+++ b/etc/inc/ipsec.inc
@@ -122,10 +122,12 @@ function ipsec_get_phase1_src(& $ph1ent) {
 	if ($ph1ent['interface'])
 		$if = $ph1ent['interface'];
 	else
-		$if = "WAN";
+		$if = "wan";
 
-	$realinterface = convert_friendly_interface_to_real_interface_name($if);
-	$interfaceip = find_interface_ip($realinterface);
+	if (preg_match("/^carp/i", $ph1ent['interface']))
+		find_interface_ip($if);
+	else
+		$interfaceip = get_interface_ip($if);
 
 	return $interfaceip;
 }
diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc
index 6b6ae3c..2b5a071 100644
--- a/etc/inc/vpn.inc
+++ b/etc/inc/vpn.inc
@@ -139,10 +139,10 @@ function vpn_ipsec_configure($ipchg = false)
 		return true;
 	}
 
-	if ($g['booting'])
-		echo "Configuring IPsec VPN... ";
-
 	if (isset ($ipseccfg['enable'])) {
+		if ($g['booting'])
+			echo "Configuring IPsec VPN... ";
+
 		/* fastforwarding is not compatible with ipsec tunnels */
 		mwexec("/sbin/sysctl net.inet.ip.fastforwarding=0");
 
@@ -209,7 +209,7 @@ function vpn_ipsec_configure($ipchg = false)
 						$pfd = fopen("/var/db/ipsecpinghosts", "a");
 						$iflist = get_configured_interface_list();
 						foreach ($iflist as $ifent => $ifname) {
-							$interface_ip = find_interface_ip($config['interfaces'][$ifname]['if']);
+							$interface_ip = get_interface_ip($ifnet);
 							$local_subnet = ipsec_idinfo_to_cidr($ph2ent['localid'], true);
 							if (ip_in_subnet($interface_ip, $local_subnet))
 								$srcip = $interface_ip;
@@ -857,18 +857,16 @@ EOD;
 				escapeshellarg("/etc/rc.newipsecdns") . $hostnames);
 			}
 		}
-	}
 	
-	vpn_ipsec_failover_configure();
+		vpn_ipsec_failover_configure();
 
-	if (!$g['booting']) {
-		/* reload the filter */
-		filter_configure();
+		if (!$g['booting']) {
+			/* reload the filter */
+			filter_configure();
+		} else
+			echo "done\n";
 	}
 
-	if ($g['booting'])
-		echo "done\n";
-
 	return 0;
 }
 
-- 
cgit v1.1