Revision 0af7398a
Added by Matthew Grooms almost 17 years ago
| etc/inc/vpn.inc | ||
|---|---|---|
| 176 | 176 |
if (isset($ph1ent['disabled'])) |
| 177 | 177 |
continue; |
| 178 | 178 |
|
| 179 |
$ep = vpn_endpoint_determine($ph1ent, $curwanip);
|
|
| 179 |
$ep = ipsec_get_phase1_src($ph1ent);
|
|
| 180 | 180 |
if (!$ep) |
| 181 | 181 |
continue; |
| 182 | 182 |
|
| ... | ... | |
| 194 | 194 |
if (!is_ipaddr($rg)) {
|
| 195 | 195 |
$dnswatch_list[] = $rg; |
| 196 | 196 |
$rg = resolve_retry($rg); |
| 197 |
|
|
| 198 |
if (!$rgip) |
|
| 197 |
if (!$rg) |
|
| 199 | 198 |
continue; |
| 200 | 199 |
} |
| 201 | 200 |
|
| ... | ... | |
| 408 | 407 |
|
| 409 | 408 |
$ikeid = $ph1ent['ikeid']; |
| 410 | 409 |
|
| 411 |
$ep = vpn_endpoint_determine($ph1ent, $curwanip);
|
|
| 410 |
$ep = ipsec_get_phase1_src($ph1ent);
|
|
| 412 | 411 |
if (!$ep) |
| 413 | 412 |
continue; |
| 414 | 413 |
|
| ... | ... | |
| 723 | 722 |
if (isset($ph2ent['disabled'])) |
| 724 | 723 |
continue; |
| 725 | 724 |
|
| 726 |
$ep = vpn_endpoint_determine($ph1ent, $curwanip);
|
|
| 725 |
$ep = ipsec_get_phase1_src($ph1ent);
|
|
| 727 | 726 |
if (!$ep) |
| 728 | 727 |
continue; |
| 729 | 728 |
|
| ... | ... | |
| 863 | 862 |
} |
| 864 | 863 |
} |
| 865 | 864 |
|
| 866 |
/* XXX: is there a need for this get_current_wan_address() does already this?! */ |
|
| 867 |
function vpn_endpoint_determine($ph1ent, $curwanip) {
|
|
| 868 |
|
|
| 869 |
global $g, $config; |
|
| 870 |
|
|
| 871 |
if ((!$ph1ent['interface']) || ($ph1ent['interface'] == "wan")) {
|
|
| 872 |
if ($curwanip) |
|
| 873 |
return $curwanip; |
|
| 874 |
else |
|
| 875 |
return null; |
|
| 876 |
} elseif ($ph1ent['interface'] == "lan") {
|
|
| 877 |
return $config['interfaces']['lan']['ipaddr']; |
|
| 878 |
} else {
|
|
| 879 |
$iface = $config['interfaces'][$ph1ent['interface']]['if']; |
|
| 880 |
$oc = $config['interfaces'][$ph1ent['interface']]; |
|
| 881 |
/* carp ips, etc */ |
|
| 882 |
$ip = find_interface_ip($iface); |
|
| 883 |
if($ip) |
|
| 884 |
return $ip; |
|
| 885 |
|
|
| 886 |
if (isset ($oc['enable']) && $oc['if']) {
|
|
| 887 |
return $oc['ipaddr']; |
|
| 888 |
} |
|
| 889 |
} |
|
| 890 |
|
|
| 891 |
return null; |
|
| 892 |
} |
|
| 893 |
|
|
| 894 | 865 |
/* Forcefully restart IPsec |
| 895 | 866 |
* This is required for when dynamic interfaces reload |
| 896 | 867 |
* For all other occasions the normal vpn_ipsec_configure() |
Also available in: Unified diff
Remove the vpn_endpoint_determine function. It did not work properly when
CARP devices were in use. Use the newer ipsec_get_phase1_src instead.