Revision 6eb4eb0a
Added by Scott Ullrich almost 20 years ago
| etc/inc/filter.inc | ||
|---|---|---|
| 2088 | 2088 |
foreach($config['installedpackages']['sasyncd']['config'] as $sasyncd) {
|
| 2089 | 2089 |
if($sasyncd['ip'] <> "") |
| 2090 | 2090 |
$ipsec_ip = $sasyncd['ip']; |
| 2091 |
} |
|
| 2091 |
} |
|
| 2092 |
|
|
| 2092 | 2093 |
if(is_array($config['ipsec']['tunnel'])) {
|
| 2093 | 2094 |
foreach ($config['ipsec']['tunnel'] as $tunnel) {
|
| 2094 | 2095 |
/* is this a dynamic dns hostname? */ |
| 2095 | 2096 |
$remote_gateway = gethostbyname($tunnel['remote-gateway']); |
| 2096 | 2097 |
if($remote_gateway == "") |
| 2097 | 2098 |
$remote_gateway = $tunnel['remote-gateway']; |
| 2099 |
/* do not add items with blank remote_gateway */ |
|
| 2100 |
if(!$remote_gateway) {
|
|
| 2101 |
$ipfrules .= "# ERROR! Remote gateway not found on ... pass quick on " . $wanif . " proto udp from " . $ipsec_ip . " to " . $remote_gateway . " port = 500 keep state label \"IPSEC: ". $tunnel['descr'] ." udp\"\n"; |
|
| 2102 |
continue; |
|
| 2103 |
} |
|
| 2098 | 2104 |
$local_subnet = return_vpn_subnet($tunnel['local-subnet']); |
| 2099 | 2105 |
$ipfrules .= "pass quick on " . $wanif . " proto udp from " . $ipsec_ip . " to " . $remote_gateway . " port = 500 keep state label \"IPSEC: ". $tunnel['descr'] ." udp\"\n"; |
| 2100 | 2106 |
$ipfrules .= "pass quick on " . $wanif . " proto udp from " . $remote_gateway . " to " . $ipsec_ip . " port = 500 keep state label \"". $tunnel['descr'] ." udp\"\n"; |
Also available in: Unified diff
Do not add rules with no remote gateway