From 517683eeb17637acfda9895fd64d9347cde7e08e Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Mon, 21 Jan 2019 17:08:57 +0000 Subject: [PATCH] ipsec: Drop VPN_IP setting This is now a per-connection setting Signed-off-by: Michael Tremer --- html/cgi-bin/index.cgi | 3 +-- html/cgi-bin/vpnmain.cgi | 32 +------------------------------- src/scripts/ipsec-interfaces | 6 +++++- 3 files changed, 7 insertions(+), 34 deletions(-) diff --git a/html/cgi-bin/index.cgi b/html/cgi-bin/index.cgi index 03dc3574d0..c7bf9f3232 100644 --- a/html/cgi-bin/index.cgi +++ b/html/cgi-bin/index.cgi @@ -367,13 +367,12 @@ END } #check if IPSEC is running if ( $vpnsettings{'ENABLED'} eq 'on' || $vpnsettings{'ENABLED_BLUE'} eq 'on' ) { - my $ipsecip = $vpnsettings{'VPN_IP'}; print< $Lang::tr{'ipsec'} - $ipsecip + Online END diff --git a/html/cgi-bin/vpnmain.cgi b/html/cgi-bin/vpnmain.cgi index 73159661e4..7c151e78de 100644 --- a/html/cgi-bin/vpnmain.cgi +++ b/html/cgi-bin/vpnmain.cgi @@ -291,14 +291,12 @@ sub writeipsecfiles { # Field 6 might be "off" on old installations if ($lconfighash{$key}[6] eq "off") { - $lconfighash{$key}[6] = ""; + $lconfighash{$key}[6] = $lvpnsettings{"VPN_IP"}; } my $localside; if ($lconfighash{$key}[6]) { $localside = $lconfighash{$key}[6]; - } elsif ($lvpnsettings{'VPN_IP'}) { - $localside = $lvpnsettings{'VPN_IP'}; } else { $localside = "%defaultroute"; } @@ -507,12 +505,6 @@ if ($ENV{"REMOTE_ADDR"} eq "") { if ($cgiparams{'ACTION'} eq $Lang::tr{'save'} && $cgiparams{'TYPE'} eq '' && $cgiparams{'KEY'} eq '') { &General::readhash("${General::swroot}/vpn/settings", \%vpnsettings); - unless (&General::validfqdn($cgiparams{'VPN_IP'}) || &General::validip($cgiparams{'VPN_IP'}) - || $cgiparams{'VPN_IP'} eq '%defaultroute' ) { - $errormessage = $Lang::tr{'invalid input for hostname'}; - goto SAVE_ERROR; - } - unless ($cgiparams{'VPN_DELAYED_START'} =~ /^[0-9]{1,3}$/ ) { #allow 0-999 seconds ! $errormessage = $Lang::tr{'invalid time period'}; goto SAVE_ERROR; @@ -524,7 +516,6 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'save'} && $cgiparams{'TYPE'} eq '' && $cg } $vpnsettings{'ENABLED'} = $cgiparams{'ENABLED'}; - $vpnsettings{'VPN_IP'} = $cgiparams{'VPN_IP'}; $vpnsettings{'VPN_DELAYED_START'} = $cgiparams{'VPN_DELAYED_START'}; $vpnsettings{'RW_NET'} = $cgiparams{'RW_NET'}; &General::writehash("${General::swroot}/vpn/settings", \%vpnsettings); @@ -2922,21 +2913,6 @@ EOF my @status = `/usr/local/bin/ipsecctrl I 2>/dev/null`; - # suggest a default name for this side - if ($cgiparams{'VPN_IP'} eq '' && -e "${General::swroot}/red/active") { - if (open(IPADDR, "${General::swroot}/red/local-ipaddress")) { - my $ipaddr = ; - close IPADDR; - chomp ($ipaddr); - $cgiparams{'VPN_IP'} = (gethostbyaddr(pack("C4", split(/\./, $ipaddr)), 2))[0]; - if ($cgiparams{'VPN_IP'} eq '') { - $cgiparams{'VPN_IP'} = $ipaddr; - } - } - } - # no IP found, use %defaultroute - $cgiparams{'VPN_IP'} ='%defaultroute' if ($cgiparams{'VPN_IP'} eq ''); - $cgiparams{'VPN_DELAYED_START'} = 0 if (! defined ($cgiparams{'VPN_DELAYED_START'})); $checked{'ENABLED'} = $cgiparams{'ENABLED'} eq 'on' ? "checked='checked'" : ''; @@ -2966,8 +2942,6 @@ EOF
- - END @@ -2985,10 +2959,6 @@ print <
$Lang::tr{'vpn red name'}: * $Lang::tr{'enabled'}
- - - - diff --git a/src/scripts/ipsec-interfaces b/src/scripts/ipsec-interfaces index 0f33eb1519..d73eef9b08 100644 --- a/src/scripts/ipsec-interfaces +++ b/src/scripts/ipsec-interfaces @@ -46,7 +46,11 @@ main() { # Compat for older connections if [ "${local}" = "off" ]; then - local="" + if [ "${VPN_IP}" = "%defaultroute" ]; then + local="" + else + local="${VPN_IP}" + fi fi # Handle %defaultroute -- 2.39.2
*$Lang::tr{'required field'}
**  $Lang::tr{'vpn delayed start help'}