/[smecontribs]/rpms/smeserver-libreswan/contribs9/smeserver-libreswan-variable-network-interfaces.patch
ViewVC logotype

Annotation of /rpms/smeserver-libreswan/contribs9/smeserver-libreswan-variable-network-interfaces.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.1 - (hide annotations) (download)
Wed Sep 20 09:01:53 2017 UTC (7 years, 1 month ago) by reetspetit
Branch: MAIN
CVS Tags: smeserver-libreswan-0_5-31_el6_sme, smeserver-libreswan-0_5-33_el6_sme, smeserver-libreswan-0_5-30_el6_sme, smeserver-libreswan-0_5-32_el6_sme, smeserver-libreswan-0_5-28_el6_sme, smeserver-libreswan-0_5-27_el6_sme, smeserver-libreswan-0_5-29_el6_sme, smeserver-libreswan-0_5-34_el6_sme, HEAD
* Tue Sep 19 2017 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-27.sme
- Allow variable network interface names - Stefano Zamboni

1 reetspetit 1.1 diff -ruN smeserver-libreswan-0.5.old/root/etc/e-smith/events/actions/ipsec-update smeserver-libreswan-0.5/root/etc/e-smith/events/actions/ipsec-update
2     --- smeserver-libreswan-0.5.old/root/etc/e-smith/events/actions/ipsec-update 2017-09-19 21:24:19.183000457 +0200
3     +++ smeserver-libreswan-0.5/root/etc/e-smith/events/actions/ipsec-update 2017-09-19 21:27:34.621000543 +0200
4     @@ -272,6 +272,9 @@
5    
6     sub setRedirects {
7    
8     + my $internalIf = $configDB->get_prop( 'InternalInterface', 'Name' );
9     + my $externalIf = $configDB->get_prop( 'ExternalInterface', 'Name' );
10     +
11     # Big warning - this is a potential security issue
12     # Make sure you read and understand what happens !
13     # If I knew which specific interfaces to change we could reduce the lines here
14     @@ -289,13 +292,11 @@
15     or die("Ipsec Error - A problem occurred with sysctl: $?");
16     system("/sbin/sysctl -w net.ipv4.conf.all.rp_filter=0") == 0
17     or die("Ipsec Error - A problem occurred with sysctl: $?");
18     - system("/sbin/sysctl -w net.ipv4.conf.eth0.rp_filter=0") == 0
19     + system("/sbin/sysctl -w net.ipv4.conf.$externalIf.rp_filter=0") == 0
20     or die("Ipsec Error - A problem occurred with sysctl: $?");
21     - system("/sbin/sysctl -w net.ipv4.conf.eth1.rp_filter=0") == 0
22     + system("/sbin/sysctl -w net.ipv4.conf.$internalIf.rp_filter=0") == 0
23     or die("Ipsec Error - A problem occurred with sysctl: $?");
24    
25     - # On v8 this is set to 0 so we would need
26     - # system ("/sbin/sysctl -w net.core.xfrm_larval_drop=1") == 0 or die ("A problem occurred with sysctl: $?");
27    
28     }
29    

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed