Bug #2201: Picking interface subnet in IPsec for an interface with no IP generates invalid racoon.conf - pfSense - pfSense bugtracker

Bug #2201

Picking interface subnet in IPsec for an interface with no IP generates invalid racoon.conf

Added by Chris Buechler about 9 years ago. Updated over 8 years ago.

Status:

Resolved

Priority:

Low

Assignee:

Category:

IPsec

Target version:

Start date:

02/13/2012

Due date:

% Done:

Estimated time:

Affected Version:

2.0

Affected Architecture:

Release Notes:

Default

Description

If you pick an interface subnet in an IPsec P2 that has no IP, it generates an invalid racoon.conf. Input validation should prohibit picking the subnet on an interface that doesn't have a subnet on vpn_ipsec_phase2.php.

Also may want to skip that entirely in racoon.conf and log an error, in case someone changes an interface later from having an IP to none. Or prohibit changing an interface to type "none" if its subnet is used in any IPsec P2.

Associated revisions

Revision 50e6e274 (diff)
Added by Jim Pingle about 9 years ago

Don't let an empty subnet into racoon.conf, it can cause parse errors. Ticket #2201

Revision d8ee5cfe (diff)
Added by Jim Pingle about 9 years ago

Reject an interface without a subnet as a network source in the IPsec Phase 2 GUI. Fixes ticket #2201

Revision cf0a2714 (diff)
Added by Jim Pingle about 9 years ago

Don't let an empty subnet into racoon.conf, it can cause parse errors. Ticket #2201

Revision a5a483e0 (diff)
Added by Jim Pingle about 9 years ago

Reject an interface without a subnet as a network source in the IPsec Phase 2 GUI. Fixes ticket #2201

History

#1 Updated by Jim Pingle about 9 years ago

Status changed from New to Feedback

#2 Updated by Jim Pingle over 8 years ago

Status changed from Feedback to Resolved

Also available in: Atom PDF

Project

General

Profile

pfSense

Issues

Custom queries