firewall: Support multiple subnets per IPsec tunnel

author Michael Tremer <michael.tremer@ipfire.org>

Mon, 21 Sep 2015 23:26:14 +0000 (00:26 +0100)

committer Michael Tremer <michael.tremer@ipfire.org>

Mon, 21 Sep 2015 23:26:37 +0000 (00:26 +0100)
author Michael Tremer <michael.tremer@ipfire.org>
Mon, 21 Sep 2015 23:26:14 +0000 (00:26 +0100)
committer Michael Tremer <michael.tremer@ipfire.org>
Mon, 21 Sep 2015 23:26:37 +0000 (00:26 +0100)
diff --git a/config/firewall/firewall-lib.pl b/config/firewall/firewall-lib.pl

index b389fac3c351230ec354d27579c692b387249b01..eabd9a42f22d7bab5fd93cf17855120fa6ce1f46 100644 (file)
--- a/config/firewall/firewall-lib.pl
+++ b/config/firewall/firewall-lib.pl
@@ -391,8 +391,9 @@ sub get_address
         # IPsec networks.
         } elsif ($key ~~ ["ipsec_net_src", "ipsec_net_tgt", "IpSec Network"]) {
                 my $network_address = &get_ipsec_net_ip($value, 11);
-               if ($network_address) {
-                       push(@ret, [$network_address, ""]);
+               my @nets = split(/\|/, $network_address);
+               foreach my $net (@nets) {
+                       push(@ret, [$net, ""]);
                 }
  
         # The firewall's own IP addresses.
author	Michael Tremer <michael.tremer@ipfire.org>
	Mon, 21 Sep 2015 23:26:14 +0000 (00:26 +0100)
committer	Michael Tremer <michael.tremer@ipfire.org>
	Mon, 21 Sep 2015 23:26:37 +0000 (00:26 +0100)