Révision 7f1b720f
Ajouté par Chris Buechler il y a plus de 9 ans
| etc/inc/vpn.inc | ||
|---|---|---|
| 610 | 610 |
$left_spec = $ep; |
| 611 | 611 |
|
| 612 | 612 |
$ipseclifetime = 0; |
| 613 |
$rightsourceip = NULL; |
|
| 613 | 614 |
$rightsubnet_spec = array(); |
| 614 | 615 |
$leftsubnet_spec = array(); |
| 615 | 616 |
$ealgoAHsp2arr = array(); |
| ... | ... | |
| 661 | 662 |
|
| 662 | 663 |
if (!isset($ph2ent['mobile'])) {
|
| 663 | 664 |
$rightsubnet_spec[] = ipsec_idinfo_to_cidr($ph2ent['remoteid'], false, $ph2ent['mode']); |
| 664 |
} else if (!empty($a_client['pool_address'])) |
|
| 665 |
} else if (!empty($a_client['pool_address'])) {
|
|
| 665 | 666 |
$rightsubnet_spec[] = "{$a_client['pool_address']}/{$a_client['pool_netbits']}";
|
| 667 |
$rightsourceip = "\trightsourceip={$a_client['pool_address']}/{$a_client['pool_netbits']}\n";
|
|
| 668 |
} |
|
| 666 | 669 |
} else {
|
| 667 | 670 |
$tunneltype = "type = transport"; |
| 668 | 671 |
|
| ... | ... | |
| 762 | 765 |
$ipsecconf .= "\t{$ikelifeline}\n";
|
| 763 | 766 |
if ($ipseclifetime > 0) |
| 764 | 767 |
$ipsecconf .= "\tlifetime = {$ipseclifetime}s\n";
|
| 768 |
if (!empty($rightsourceip)) |
|
| 769 |
$ipsecconf .= "{$rightsourceip}";
|
|
| 765 | 770 |
if (!empty($rightsubnet_spec)) |
| 766 | 771 |
$ipsecconf .= "\trightsubnet = " . join(",", $rightsubnet_spec) . "\n";
|
| 767 | 772 |
if (!empty($leftsubnet_spec)) |
Formats disponibles : Unified diff
This is required for PSK+Xauth. I'll commit that clarification in a bit.
Revert "Revert "Fix assignment of tunnel IPs to mobile clients.""
This reverts commit 23ba08fc940b711f3b44551199890dc8e28a63b6.