From: Michael Tremer <michael.tremer@ipfire.org>
Date: Fri, 4 Aug 2017 13:30:31 +0000 (+0000)
Subject: ipsec: Only allow strict use of security policies
X-Git-Tag: 009~63
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=a48e4dd265d6256fdc3c5b2fc8e6b85ca4d40361;p=network.git

ipsec: Only allow strict use of security policies

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---

diff --git a/src/functions/functions.ipsec b/src/functions/functions.ipsec
index 03aefcdd..5e496ff5 100644
--- a/src/functions/functions.ipsec
+++ b/src/functions/functions.ipsec
@@ -1011,7 +1011,7 @@ _ipsec_connection_to_strongswan_connection() {
 
 	# IKE Proposals
 	print_indent 2 "# IKE Proposals"
-	print_indent 2 "proposals = $(vpn_security_policies_make_ah_proposal ${SECURITY_POLICY})"
+	print_indent 2 "proposals = $(vpn_security_policies_make_ah_proposal ${SECURITY_POLICY})!"
 	print
 
 	# DPD Settings
@@ -1073,7 +1073,7 @@ _ipsec_connection_to_strongswan_connection() {
 	print_indent 3 "${connection} {"
 
 	print_indent 4 "# ESP Proposals"
-	print_indent 4 "esp_proposals = $(vpn_security_policies_make_esp_proposal ${SECURITY_POLICY})"
+	print_indent 4 "esp_proposals = $(vpn_security_policies_make_esp_proposal ${SECURITY_POLICY})!"
 	print
 
 	# Traffic Selectors