From 534753890c74d7ce1188fe9a7b6f5f1b153f802d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ermal=20LU=C3=87I?= Date: Fri, 3 Apr 2015 19:59:23 +0200 Subject: Fixes #4504 Allow the bypass policy for LAN to be enabled and prevent traffic sent to lan ip to go to the ipsec tunnel --- usr/local/www/vpn_ipsec_settings.php | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) (limited to 'usr/local') diff --git a/usr/local/www/vpn_ipsec_settings.php b/usr/local/www/vpn_ipsec_settings.php index 41d6a3a..203566e 100644 --- a/usr/local/www/vpn_ipsec_settings.php +++ b/usr/local/www/vpn_ipsec_settings.php @@ -46,6 +46,7 @@ foreach ($ipsec_loglevels as $lkey => $ldescr) { $pconfig["ipsec_{$lkey}"] = $config['ipsec']["ipsec_{$lkey}"]; } $pconfig['unityplugin'] = isset($config['ipsec']['unityplugin']); +$pconfig['shuntlaninterfaces'] = isset($config['ipsec']['shuntlaninterfaces']); $pconfig['compression'] = isset($config['ipsec']['compression']); $pconfig['enableinterfacesuse'] = isset($config['ipsec']['enableinterfacesuse']); $pconfig['acceptunencryptedmainmode'] = isset($config['ipsec']['acceptunencryptedmainmode']); @@ -155,6 +156,12 @@ if ($_POST) { unset($config['ipsec']['unityplugin']); } + if($_POST['shuntlaninterfaces'] == "yes") { + $config['ipsec']['unityplugin'] = true; + } elseif (isset($config['ipsec']['shuntlaninterfaces'])) { + unset($config['ipsec']['shuntlaninterfaces']); + } + if($_POST['acceptunencryptedmainmode'] == "yes") { if (!isset($config['ipsec']['acceptunencryptedmainmode'])) $needsrestart = true; @@ -349,6 +356,15 @@ function maxmss_checked(obj) { + + + /> + +
+ + + +   " /> -- cgit v1.1