From: Michael Tremer Date: Mon, 7 Aug 2017 16:29:24 +0000 (+0000) Subject: ipsec: Remove stuff that does not belong to certain connection types X-Git-Tag: 009~9 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=dd66c1922d73120f22a92068ebdbe768da500069;p=network.git ipsec: Remove stuff that does not belong to certain connection types Signed-off-by: Michael Tremer --- diff --git a/src/functions/functions.ipsec b/src/functions/functions.ipsec index 52138094..72838363 100644 --- a/src/functions/functions.ipsec +++ b/src/functions/functions.ipsec @@ -1326,12 +1326,18 @@ _ipsec_connection_to_strongswan_connection() { print_indent 2 "fragmentation = yes" print - # Pools - if isset POOLS; then - print_indent 2 "# Pools" - print_indent 2 "pools = $(list_join POOLS ", ")" - print - fi + + # Host-to-Net specific settings + case "${TYPE}" in + host-to-net) + # Pools + if isset POOLS; then + print_indent 2 "# Pools" + print_indent 2 "pools = $(list_join POOLS ", ")" + print + fi + ;; + esac # Local print_indent 2 "local {" @@ -1459,23 +1465,28 @@ _ipsec_connection_to_strongswan_connection() { print fi - # Start Action - print_indent 4 "# Start Action" - case "${START_ACTION}" in - on-demand) - print_indent 4 "start_action = trap" - print_indent 4 "close_action = trap" - ;; - wait) - print_indent 4 "start_action = none" - print_indent 4 "close_action = none" - ;; - always-on|*) - print_indent 4 "start_action = start" - print_indent 4 "close_action = start" + # Net-to-Net specific settings + case "${TYPE}" in + net-to-net) + # Start Action + print_indent 4 "# Start Action" + case "${START_ACTION}" in + on-demand) + print_indent 4 "start_action = trap" + print_indent 4 "close_action = trap" + ;; + wait) + print_indent 4 "start_action = none" + print_indent 4 "close_action = none" + ;; + always-on|*) + print_indent 4 "start_action = start" + print_indent 4 "close_action = start" + ;; + esac + print ;; esac - print print_indent 3 "}" print_indent 2 "}"