Do not monitor a gateway that has not got DHCP yet
When an interface is waiting to get DHCP, but the cable is physically-electrically connected to the upstream device, the interface has an IPv4 address 0.0.0.0 - that was getting past here and, if the interface gateway had a monitor IP specified, that monitor IP was being put into apinger.conf and being monitored. Because the interface has not got a gateway yet, no static route is added to force the traffic for the monitor IP out the particular interface. So the traffic to the monitor IP can follow the default route and perhaps succeed in getting out another WAN to the monitor IP....
Add config upgrade code to make sure iketype is set, bump config version to 11.4. It fixes #4163
libreadline.so.6 is not supposed to be obsoleted, fixes #4159
Allow IPv6 on loopback even where IPv6 is otherwise disabled. The intent of that feature is to prevent IPv6 from communicating on the network. Blocking it on localhost can result in issues and is unnecessary. Ticket #4074
Reload Unbound after IP changes, to fix issues noted in Ticket #4095. Do so before Dynamic DNS updates occur to ensure the host has functioning DNS.
Only set route-to and reply-to on ESP and ISAKMP rules if the remote endpoint is not within the parent interface's subnet. Ticket #4157
Oops this should be 0s rather than 00. Linked with Ticket #4158
Merge pull request #1411 from phil-davis/patch-1
Unbreak IPsec rules generation for IPsec over CARP. Should help even Ticket #4157
Check for fqdn peerid/myids and prepend @ so strongswan does not try to be smart. Also use %any for myid instead of risking of putting the wrong value in the secrets file for traffic selector
View revisions
Also available in: Atom