Révision 7f1b720f
Ajouté par Chris Buechler il y a plus de 9 ans
etc/inc/vpn.inc | ||
---|---|---|
610 | 610 |
$left_spec = $ep; |
611 | 611 |
|
612 | 612 |
$ipseclifetime = 0; |
613 |
$rightsourceip = NULL; |
|
613 | 614 |
$rightsubnet_spec = array(); |
614 | 615 |
$leftsubnet_spec = array(); |
615 | 616 |
$ealgoAHsp2arr = array(); |
... | ... | |
661 | 662 |
|
662 | 663 |
if (!isset($ph2ent['mobile'])) { |
663 | 664 |
$rightsubnet_spec[] = ipsec_idinfo_to_cidr($ph2ent['remoteid'], false, $ph2ent['mode']); |
664 |
} else if (!empty($a_client['pool_address'])) |
|
665 |
} else if (!empty($a_client['pool_address'])) {
|
|
665 | 666 |
$rightsubnet_spec[] = "{$a_client['pool_address']}/{$a_client['pool_netbits']}"; |
667 |
$rightsourceip = "\trightsourceip={$a_client['pool_address']}/{$a_client['pool_netbits']}\n"; |
|
668 |
} |
|
666 | 669 |
} else { |
667 | 670 |
$tunneltype = "type = transport"; |
668 | 671 |
|
... | ... | |
762 | 765 |
$ipsecconf .= "\t{$ikelifeline}\n"; |
763 | 766 |
if ($ipseclifetime > 0) |
764 | 767 |
$ipsecconf .= "\tlifetime = {$ipseclifetime}s\n"; |
768 |
if (!empty($rightsourceip)) |
|
769 |
$ipsecconf .= "{$rightsourceip}"; |
|
765 | 770 |
if (!empty($rightsubnet_spec)) |
766 | 771 |
$ipsecconf .= "\trightsubnet = " . join(",", $rightsubnet_spec) . "\n"; |
767 | 772 |
if (!empty($leftsubnet_spec)) |
Formats disponibles : Unified diff
This is required for PSK+Xauth. I'll commit that clarification in a bit.
Revert "Revert "Fix assignment of tunnel IPs to mobile clients.""
This reverts commit 23ba08fc940b711f3b44551199890dc8e28a63b6.