| 1426 |
1426 |
//if (!empty($reqids[$idx])) {
|
| 1427 |
1427 |
// $ipsecfin .= "\treqid = " . $reqids[$idx] . "\n";
|
| 1428 |
1428 |
//}
|
|
1429 |
$rightadd = "";
|
|
1430 |
$leftadd = "";
|
| 1429 |
1431 |
if (!empty($vtireq[$idx])) {
|
| 1430 |
1432 |
$ipsecfin .= "\treqid = {$ph1ent['ikeid']}00{$idx}\n";
|
| 1431 |
1433 |
/* This interface will be a valid IPsec interface, so remove it from the cleanup list. */
|
| 1432 |
1434 |
$ipsec_vti_cleanup_ifs = array_diff($ipsec_vti_cleanup_ifs, array("ipsec{$ph1ent['ikeid']}00{$idx}"));
|
|
1435 |
$rightadd = ",0.0.0.0/0";
|
|
1436 |
$leftadd = ",0.0.0.0/0";
|
| 1433 |
1437 |
}
|
| 1434 |
1438 |
$ipsecfin .= $ipsecconnect;
|
| 1435 |
|
$ipsecfin .= "\trightsubnet = {$rsubnet}\n";
|
| 1436 |
|
$ipsecfin .= "\tleftsubnet = " . $leftsubnet_spec[$idx] . "\n";
|
|
1439 |
$ipsecfin .= "\trightsubnet = {$rsubnet}{$rightadd}\n";
|
|
1440 |
$ipsecfin .= "\tleftsubnet = " . $leftsubnet_spec[$idx] . "{$leftadd}\n";
|
| 1437 |
1441 |
}
|
| 1438 |
1442 |
} else {
|
| 1439 |
1443 |
log_error(sprintf(gettext("No phase2 specifications for tunnel with REQID = %s"), $ikeid));
|
| ... | ... | |
| 1448 |
1452 |
//if (!empty($reqids[$idx])) {
|
| 1449 |
1453 |
// $ipsecfin .= "\treqid = " . $reqids[0] . "\n";
|
| 1450 |
1454 |
//}
|
|
1455 |
$rightadd = "";
|
|
1456 |
$leftadd = "";
|
| 1451 |
1457 |
if (!empty($vtireq[0])) {
|
| 1452 |
1458 |
$ipsecfin .= "\treqid = {$ph1ent['ikeid']}000\n";
|
| 1453 |
1459 |
/* This interface will be a valid IPsec interface, so remove it from the cleanup list. */
|
| 1454 |
1460 |
$ipsec_vti_cleanup_ifs = array_diff($ipsec_vti_cleanup_ifs, array("ipsec{$ph1ent['ikeid']}000"));
|
|
1461 |
$rightadd = ",0.0.0.0/0";
|
|
1462 |
$leftadd = ",0.0.0.0/0";
|
| 1455 |
1463 |
}
|
| 1456 |
1464 |
$ipsecfin .= $ipsecconnect;
|
| 1457 |
1465 |
if (!isset($ph1ent['mobile']) && !empty($rightsubnet_spec)) {
|
| ... | ... | |
| 1459 |
1467 |
foreach ($rightsubnet_spec as $rightsubnet) {
|
| 1460 |
1468 |
$tempsubnets[$rightsubnet] = $rightsubnet;
|
| 1461 |
1469 |
}
|
| 1462 |
|
$ipsecfin .= "\trightsubnet = " . join(",", $tempsubnets) . "\n";
|
|
1470 |
$ipsecfin .= "\trightsubnet = " . join(",", $tempsubnets) . "{$rightadd}\n";
|
| 1463 |
1471 |
unset($tempsubnets, $rightsubnet);
|
| 1464 |
1472 |
}
|
| 1465 |
1473 |
if (!empty($leftsubnet_spec)) {
|
| ... | ... | |
| 1467 |
1475 |
foreach ($leftsubnet_spec as $leftsubnet) {
|
| 1468 |
1476 |
$tempsubnets[$leftsubnet] = $leftsubnet;
|
| 1469 |
1477 |
}
|
| 1470 |
|
$ipsecfin .= "\tleftsubnet = " . join(",", $tempsubnets) . "\n";
|
|
1478 |
$ipsecfin .= "\tleftsubnet = " . join(",", $tempsubnets) . "{$leftadd}\n";
|
| 1471 |
1479 |
unset($tempsubnets, $leftsubnet);
|
| 1472 |
1480 |
}
|
| 1473 |
1481 |
}
|