From: Michael Tremer <michael.tremer@ipfire.org>
Date: Sun, 23 Sep 2018 23:14:59 +0000 (+0200)
Subject: ipsec: Set traffic selectors to all when using GRE/VTI devices
X-Git-Tag: 010~2
X-Git-Url: http://git.ipfire.org/?p=people%2Fms%2Fnetwork.git;a=commitdiff_plain;h=e0a73cdb407bf8a4a2f87123982c47fda7a2df0a

ipsec: Set traffic selectors to all when using GRE/VTI devices

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---

diff --git a/src/functions/functions.ipsec b/src/functions/functions.ipsec
index 3f215e40..ba941a7c 100644
--- a/src/functions/functions.ipsec
+++ b/src/functions/functions.ipsec
@@ -1489,6 +1489,8 @@ _ipsec_connection_to_strongswan_connection() {
 			# Local Prefixes
 			if isset LOCAL_PREFIX; then
 				print_indent 4 "local_ts = $(list_join LOCAL_PREFIX ,)"
+			elif isset ZONE; then
+				print_indent 4 "local_ts = ::/0, 0.0.0.0/0"
 			else
 				print_indent 4 "local_ts = dynamic"
 			fi
@@ -1496,6 +1498,8 @@ _ipsec_connection_to_strongswan_connection() {
 			# Remote Prefixes
 			if isset REMOTE_PREFIX; then
 				print_indent 4 "remote_ts = $(list_join REMOTE_PREFIX ,)"
+			elif isset ZONE; then
+				print_indent 4 "remote_ts = ::/0, 0.0.0.0/0"
 			else
 				print_indent 4 "remote_ts = dynamic"
 			fi