Bug #2394: IPsec keepalive doesn't work with 0.0.0.0/0 local subnet - pfSense - pfSense bugtracker

Bug #2394

IPsec keepalive doesn't work with 0.0.0.0/0 local subnet

Added by Chris Buechler about 1 year ago. Updated about 1 month ago.

Status:

Resolved

Start date:

04/23/2012

Priority:

Normal

Due date:

Assignee:

% Done:

100%

Category:

IPsec

Target version:

2.1

Affected version:

All

Affected Architecture:

Description

When you have a keepalive IP defined in a phase 2 that uses 0.0.0.0/0 (everything) as the local network, the logic that populates /var/db/ipsecpinghosts fails and it doesn't add anything to that file, so it doesn't send those pings. Probably should just pick the LAN IP in that case, or really it can pick any IP, since anything matches in that instance.

Associated revisions

Revision b0bf6bd0
Added by Ermal Luçi 7 months ago

Fixes #2394. If an entry of 0.0.0.0/0 is configured than use the first interface ip matching. Also do a microptimization to not retrieve the interface list every ping host entry

History

#1 Updated by Ermal Luçi 7 months ago

Status changed from New to Feedback
% Done changed from 0 to 100

Applied in changeset b0bf6bd017e27f6d8161fe8fff0ba8e6a71f96a3.

#2 Updated by Chris Buechler about 1 month ago

Status changed from Feedback to Resolved

Also available in: Atom PDF

pfSense

Issues