]> git.ipfire.org Git - people/pmueller/ipfire-2.x.git/blobdiff - src/scripts/ipsec-interfaces
projects / people / pmueller / ipfire-2.x.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
ipsec: TTL only applies for GRE interfaces and not VTI
[people/pmueller/ipfire-2.x.git] / src / scripts / ipsec-interfaces
diff --git a/src/scripts/ipsec-interfaces b/src/scripts/ipsec-interfaces
index 521bf54eb1cbf476011b0f884ba2ea0601a54726..79f5e7d72cb6144d4487cf6a6923572372be8f2c 100644 (file)
--- a/src/scripts/ipsec-interfaces
+++ b/src/scripts/ipsec-interfaces
@@ -83,13 +83,19 @@ main() {
                        local args=(
                                "local" "${vpn_ip}"
                                "remote" "${righthost}"
-                               "ttl" "255"
                        )
 
-                       # Add key for VTI
-                       if [ "${interface_mode}" = "vti" ]; then
-                               args+=( key "${id}" )
-                       fi
+                       case "${interface_mode}" in
+                               gre)
+                                       # Add TTL
+                                       args+=( "ttl" "255" )
+                                       ;;
+
+                               vti)
+                                       # Add key for VTI
+                                       args+=( "key" "${id}" )
+                                       ;;
+                       esac
 
                        # Update the settings when the interface already exists
                        if [ -d "/sys/class/net/${intf}" ]; then
Peter's tree of IPFire 2.x