From 1c7fd09e4d402af8086b3bd68dcc1fc42509a106 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ermal=20LU=C3=87I?= <eri@pfsense.org>
Date: Thu, 11 Jun 2015 23:56:55 +0200
Subject: Ticket #4655 Do not behave against the logic of checkbox and
 description.

---
 usr/local/www/vpn_ipsec_settings.php | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'usr/local/www/vpn_ipsec_settings.php')

diff --git a/usr/local/www/vpn_ipsec_settings.php b/usr/local/www/vpn_ipsec_settings.php
index 023d202..0d6eedd 100644
--- a/usr/local/www/vpn_ipsec_settings.php
+++ b/usr/local/www/vpn_ipsec_settings.php
@@ -163,10 +163,11 @@ if ($_POST) {
 			unset($config['ipsec']['makebeforebreak']);
 		}
 
+		/* The wierd logic here is to avoid negative policies when checked #4655 */
 		if($_POST['noshuntlaninterfaces'] == "yes") {
-			$config['ipsec']['noshuntlaninterfaces'] = true;
-		} elseif (isset($config['ipsec']['noshuntlaninterfaces'])) {
 			unset($config['ipsec']['noshuntlaninterfaces']);
+		} else {
+			$config['ipsec']['noshuntlaninterfaces'] = true;
 		}
 
 		if($_POST['acceptunencryptedmainmode'] == "yes") {
-- 
cgit v1.1