ipsec-interfaces: Uses local IP address from connection first, then default

[ipfire-2.x.git] / src / scripts / ipsec-interfaces
diff --git a/src/scripts/ipsec-interfaces b/src/scripts/ipsec-interfaces

index 1da7aaf107ec69c45c793126fbc19dd21ee94821..3edc7516e172797fcf0eec56646fd63013f6de75 100644 (file)
--- a/src/scripts/ipsec-interfaces
+++ b/src/scripts/ipsec-interfaces
@@ -27,10 +27,10 @@ eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)
  eval $(/usr/local/bin/readhash /var/ipfire/vpn/settings)
  
  VARS=(
-       id status name lefthost type ctype x1 x2 x3 leftsubnets
-       remote righthost rightsubnets x5 x6 x7 x8 x9 x10 x11 x12
-       x13 x14 x15 x16 x17 x18 x19 x20 x21 proto x22 x23 x24
-       route x26 mode interface_mode interface_address interface_mtu rest
+       id status name lefthost type ctype psk local x1 leftsubnets
+       x2 remote rightsubnets x3 x4 x5 x6 x7 x8 x9 x10 x11 x12
+       x13 x14 x15 x16 x17 x18 x19 proto x20 x21 x22
+       route x23 mode interface_mode interface_address interface_mtu rest
  )
  
  log() {
@@ -43,19 +43,20 @@ main() {
         local action
  
         local interfaces=()
-       local vpn_ip
+
+       # Compat for older connections
+       if [ "${local}" = "off" ]; then
+               local=""
+       fi
  
         # Handle %defaultroute
-       if [ "${VPN_IP}" = "%defaultroute" ]; then
+       if [ -z "${local}" ]; then
                 if [ -r "/var/ipfire/red/local-ipaddress" ]; then
-                       vpn_ip="$(</var/ipfire/red/local-ipaddress)"
+                       local="$(</var/ipfire/red/local-ipaddress)"
  
                 elif [ "${RED_TYPE}" = "STATIC" -a -n "${RED_ADDRESS}" ]; then
-                       vpn_ip="${RED_ADDRESS}"
-
+                       local="${RED_ADDRESS}"
                 fi
-       else
-               vpn_ip="${VPN_IP}"
         fi
  
         # We are done when IPsec is not enabled
@@ -81,8 +82,8 @@ main() {
                         interfaces+=( "${intf}" )
  
                         local args=(
-                               "local" "${vpn_ip}"
-                               "remote" "${righthost}"
+                               "local" "${local}"
+                               "remote" "${remote}"
                         )
  
                         case "${interface_mode}" in