Bug #2201

Picking interface subnet in IPsec for an interface with no IP generates invalid racoon.conf

Added by Chris Buechler about 2 years ago. Updated almost 2 years ago.

Status:Resolved Start date:02/13/2012
Priority:Low Due date:
Assignee:- % Done:

0%

Category:IPsec
Target version:-
Affected version:2.0 Affected Architecture:

Description

If you pick an interface subnet in an IPsec P2 that has no IP, it generates an invalid racoon.conf. Input validation should prohibit picking the subnet on an interface that doesn't have a subnet on vpn_ipsec_phase2.php.

Also may want to skip that entirely in racoon.conf and log an error, in case someone changes an interface later from having an IP to none. Or prohibit changing an interface to type "none" if its subnet is used in any IPsec P2.

Associated revisions

Revision 50e6e274
Added by Jim P about 2 years ago

Don't let an empty subnet into racoon.conf, it can cause parse errors. Ticket #2201

Revision d8ee5cfe
Added by Jim P about 2 years ago

Reject an interface without a subnet as a network source in the IPsec Phase 2 GUI. Fixes ticket #2201

Revision cf0a2714
Added by Jim P about 2 years ago

Don't let an empty subnet into racoon.conf, it can cause parse errors. Ticket #2201

Revision a5a483e0
Added by Jim P about 2 years ago

Reject an interface without a subnet as a network source in the IPsec Phase 2 GUI. Fixes ticket #2201

History

#1 Updated by Jim P about 2 years ago

  • Status changed from New to Feedback

#2 Updated by Jim P almost 2 years ago

  • Status changed from Feedback to Resolved

Also available in: Atom PDF