ipsec: Set traffic selectors to all when using GRE/VTI devices

author Michael Tremer <michael.tremer@ipfire.org>

Sun, 23 Sep 2018 23:14:59 +0000 (01:14 +0200)

committer Michael Tremer <michael.tremer@ipfire.org>

Sun, 23 Sep 2018 23:23:15 +0000 (01:23 +0200)
author Michael Tremer <michael.tremer@ipfire.org>
Sun, 23 Sep 2018 23:14:59 +0000 (01:14 +0200)
committer Michael Tremer <michael.tremer@ipfire.org>
Sun, 23 Sep 2018 23:23:15 +0000 (01:23 +0200)
diff --git a/src/functions/functions.ipsec b/src/functions/functions.ipsec

index 3f215e40da91cbf6e2281d498903441899a9492b..ba941a7cd21822e803a804e40a1ff725f81f7037 100644 (file)
--- a/src/functions/functions.ipsec
+++ b/src/functions/functions.ipsec
@@ -1489,6 +1489,8 @@ _ipsec_connection_to_strongswan_connection() {
                         # Local Prefixes
                         if isset LOCAL_PREFIX; then
                                 print_indent 4 "local_ts = $(list_join LOCAL_PREFIX ,)"
+                       elif isset ZONE; then
+                               print_indent 4 "local_ts = ::/0, 0.0.0.0/0"
                         else
                                 print_indent 4 "local_ts = dynamic"
                         fi
@@ -1496,6 +1498,8 @@ _ipsec_connection_to_strongswan_connection() {
                         # Remote Prefixes
                         if isset REMOTE_PREFIX; then
                                 print_indent 4 "remote_ts = $(list_join REMOTE_PREFIX ,)"
+                       elif isset ZONE; then
+                               print_indent 4 "remote_ts = ::/0, 0.0.0.0/0"
                         else
                                 print_indent 4 "remote_ts = dynamic"
                         fi
author	Michael Tremer <michael.tremer@ipfire.org>
	Sun, 23 Sep 2018 23:14:59 +0000 (01:14 +0200)
committer	Michael Tremer <michael.tremer@ipfire.org>
	Sun, 23 Sep 2018 23:23:15 +0000 (01:23 +0200)