1 |
brianr |
1.1 |
diff -ruN smeserver-libreswan-xl2tpd-0.5.old/root/etc/e-smith/templates/etc/ipsec.d/ipsec.conf/20defaultL2tpd smeserver-libreswan-xl2tpd-0.5/root/etc/e-smith/templates/etc/ipsec.d/ipsec.conf/20defaultL2tpd |
2 |
|
|
--- smeserver-libreswan-xl2tpd-0.5.old/root/etc/e-smith/templates/etc/ipsec.d/ipsec.conf/20defaultL2tpd 2018-06-21 14:58:05.684361226 +0200 |
3 |
|
|
+++ smeserver-libreswan-xl2tpd-0.5/root/etc/e-smith/templates/etc/ipsec.d/ipsec.conf/20defaultL2tpd 2018-06-21 15:00:19.874978246 +0200 |
4 |
|
|
@@ -37,7 +37,7 @@ |
5 |
|
|
$OUT .= " keyingtries=3\n"; |
6 |
|
|
$OUT .= " rekey=no\n"; |
7 |
|
|
$OUT .= " type=transport\n"; |
8 |
|
|
- $OUT .= " forceencaps=yes\n"; |
9 |
|
|
+ $OUT .= " encapsulation=yes\n"; |
10 |
|
|
$OUT .= " right=%any\n"; |
11 |
|
|
$OUT .= " rightprotoport=17/%any\n"; |
12 |
|
|
$OUT .= " # Using the magic port of \"0\" means \"any one single port\". This is\n"; |
13 |
|
|
@@ -57,25 +57,26 @@ |
14 |
|
|
my $dpdaction = $ipsecDB->get_prop( $ipsecprop, 'dpdaction' ) || "clear\n"; |
15 |
|
|
$OUT .= " dpdaction=$dpdaction\n"; |
16 |
|
|
|
17 |
|
|
- # Some additional config entries if required |
18 |
|
|
- # For nat connections you can use "vhost:%no,%priv" |
19 |
|
|
- # Disabled for now - needs some thought |
20 |
|
|
- |
21 |
|
|
- my $rightsubnet = $ipsecDB->get_prop( $ipsecprop, 'rightsubnet' ) || ''; |
22 |
|
|
- if ($rightsubnet ne '') { |
23 |
|
|
- $OUT .= " rightsubnet=$rightsubnet\n"; |
24 |
|
|
- } |
25 |
|
|
- |
26 |
|
|
- my $leftsourceip = $ipsecDB->get_prop( $ipsecprop, 'leftsourceip' ) || ''; |
27 |
|
|
- if ($leftsourceip ne '') { |
28 |
|
|
- $OUT .= " leftsourceip=$leftsourceip\n"; |
29 |
|
|
- } |
30 |
|
|
- |
31 |
|
|
- my $leftsubnet = $ipsecDB->get_prop( $ipsecprop, 'leftsubnet' ) || ''; |
32 |
|
|
- if ($leftsubnet ne '') { |
33 |
|
|
- $OUT .= " leftsubnet=$leftsubnet\n"; |
34 |
|
|
- } |
35 |
|
|
+ # Some additional config entries if required |
36 |
|
|
+ # For nat connections you can use "vhost:%no,%priv" |
37 |
|
|
+ # Disabled for now - needs some thought |
38 |
|
|
+ # Probably only needed if you are doing subnet <-> subnet |
39 |
|
|
+ # Most likely not required for dialin |
40 |
|
|
+ |
41 |
|
|
+ my $rightsubnet = $ipsecDB->get_prop( $ipsecprop, 'rightsubnet' ) || ''; |
42 |
|
|
+ if ( $rightsubnet ne '' ) { |
43 |
|
|
+ $OUT .= " rightsubnet=$rightsubnet\n"; |
44 |
|
|
+ } |
45 |
|
|
+ |
46 |
|
|
+ my $leftsourceip = $ipsecDB->get_prop( $ipsecprop, 'leftsourceip' ) || ''; |
47 |
|
|
+ if ( $leftsourceip ne '' ) { |
48 |
|
|
+ $OUT .= " leftsourceip=$leftsourceip\n"; |
49 |
|
|
+ } |
50 |
|
|
+ |
51 |
|
|
+ my $leftsubnet = $ipsecDB->get_prop( $ipsecprop, 'leftsubnet' ) || ''; |
52 |
|
|
+ if ( $leftsubnet ne '' ) { |
53 |
|
|
+ $OUT .= " leftsubnet=$leftsubnet\n"; |
54 |
|
|
+ } |
55 |
|
|
|
56 |
|
|
- |
57 |
|
|
} |
58 |
|
|
} |