/[smecontribs]/rpms/smeserver-libreswan/contribs9/smeserver-libreswan-include-l2tpd-rightsubnet.patch
ViewVC logotype

Contents of /rpms/smeserver-libreswan/contribs9/smeserver-libreswan-include-l2tpd-rightsubnet.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.1 - (show annotations) (download)
Thu Oct 17 15:10:44 2019 UTC (5 years, 1 month ago) by jcrisp
Branch: MAIN
CVS Tags: smeserver-libreswan-0_5-33_el6_sme, smeserver-libreswan-0_5-32_el6_sme, smeserver-libreswan-0_5-31_el6_sme, smeserver-libreswan-0_5-34_el6_sme, HEAD
* Thu Oct 17 2019 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-31.sme
- Allow rightsubnet for xl2tpd in virtual_private
- Add check for empty virtual_private hosts

1 diff -ruN smeserver-libreswan-0.5.old/root/etc/e-smith/templates/etc/ipsec.conf/10Setup smeserver-libreswan-0.5/root/etc/e-smith/templates/etc/ipsec.conf/10Setup
2 --- smeserver-libreswan-0.5.old/root/etc/e-smith/templates/etc/ipsec.conf/10Setup 2019-10-17 16:54:38.473115031 +0200
3 +++ smeserver-libreswan-0.5/root/etc/e-smith/templates/etc/ipsec.conf/10Setup 2019-10-17 16:55:08.799612936 +0200
4 @@ -18,7 +18,7 @@
5
6 else {
7 my $ipsecDB = esmith::ConfigDB->open_ro('ipsec_connections')
8 - or die("cant connect to ipsec database");
9 + or die("cant connect to ipsec database");
10
11 my $dbKey = 'ipsec';
12
13 @@ -43,11 +43,9 @@
14
15 my @connections = $ipsecDB->keys;
16
17 - $OUT .= " virtual_private=";
18 -
19 my $virtual_private = '';
20 - my @subnetArr = ();
21 -
22 + my @subnetArr = ();
23 +
24 foreach my $ipsecprop (@connections) {
25
26 # Note that L2TPD needs the localsubnet in here
27 @@ -57,37 +55,38 @@
28 my $ipsecstatus = $ipsecDB->get_prop( "$ipsecprop", 'status' ) || "disabled";
29
30 my $ipsecrecord = $ipsecDB->get($ipsecprop);
31 - my $type = $ipsecrecord->prop('type');
32 + my $type = $ipsecrecord->prop('type');
33
34 - if ( $ipsecstatus eq 'enabled' && $type eq 'ipsec' ) {
35 + if ( $ipsecstatus eq 'enabled' && ( $type eq 'ipsec' || $type eq 'xl2tpd' ) ) {
36
37 my $rightsubnet = $ipsecDB->get_prop( "$ipsecprop", 'rightsubnet' );
38
39 - unless ( $rightsubnet ) {
40 - warn ("Warning $ipsecprop has no right subnet");
41 + unless ($rightsubnet) {
42 + warn("Warning $ipsecprop has no right subnet");
43 }
44
45 # Check if the network is a unique value
46 if ( $rightsubnet && !( $rightsubnet ~~ @subnetArr ) ) {
47 push( @subnetArr, $rightsubnet );
48 }
49 -
50 }
51 -
52 } # End foreach
53
54 - foreach my $subnet (@subnetArr) {
55 - $virtual_private .= "%v4:$subnet,";
56 - }
57 + unless ( @subnetArr == 0 ) {
58 + $OUT .= " virtual_private=";
59 +
60 + foreach my $subnet (@subnetArr) {
61 + $virtual_private .= "%v4:$subnet,";
62 + }
63
64 - # Remove last character ','
65 - chop($virtual_private);
66 - $OUT .= "$virtual_private\n";
67 - $OUT .= "\n";
68 - $OUT .= "include /etc/ipsec.d/ipsec.conf\n";
69 + # Remove last character ','
70 + chop($virtual_private);
71 + $OUT .= "$virtual_private\n";
72 + $OUT .= "\n";
73 + $OUT .= "include /etc/ipsec.d/ipsec.conf\n";
74
75 - # End else
76 - }
77 + } #end unless
78 + } # End else
79
80 # End
81 }

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed