From: Arne Fitzenreiter <arne_f@ipfire.org>
Date: Mon, 15 Nov 2010 18:37:59 +0000 (+0100)
Subject: ipsec: write networks in ipsec.conf in cidr notation.
X-Git-Tag: v2.9-beta1~48^2~5^2~2^2~23
X-Git-Url: http://git.ipfire.org/?p=people%2Fpmueller%2Fipfire-2.x.git;a=commitdiff_plain;h=e897bfebe73bb147056f93d120daabe5c09af95d

ipsec: write networks in ipsec.conf in cidr notation.
---

diff --git a/html/cgi-bin/vpnmain.cgi b/html/cgi-bin/vpnmain.cgi
index 5fb60558fb..e60a8bae00 100644
--- a/html/cgi-bin/vpnmain.cgi
+++ b/html/cgi-bin/vpnmain.cgi
@@ -58,6 +58,17 @@ my %mainsettings = ();
 &General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
 
 &General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
+
+my $green_cidr = &General::ipcidr("$netsettings{'GREEN_NETADDRESS'}/$netsettings{'GREEN_NETMASK'}");
+my $blue_cidr = "# Blue not defined";
+if ($netsettings{'BLUE_DEV'}) {
+	$blue_cidr = &General::ipcidr("$netsettings{'BLUE_NETADDRESS'}/$netsettings{'BLUE_NETMASK'}");
+}
+my $orange_cidr = "# Orange not defined";
+if ($netsettings{'ORANGE_DEV'}) {
+	$orange_cidr = &General::ipcidr("$netsettings{'ORANGE_NETADDRESS'}/$netsettings{'ORANGE_NETMASK'}");
+}
+
 $cgiparams{'ENABLED'} = 'off';
 $cgiparams{'EDIT_ADVANCED'} = 'off';
 $cgiparams{'ACTION'} = '';
@@ -270,12 +281,12 @@ sub writeipsecfiles {
     print CONF "\tnat_traversal=yes\n";
     print CONF "\toverridemtu=$lvpnsettings{'VPN_OVERRIDE_MTU'}\n" if ($lvpnsettings{'VPN_OVERRIDE_MTU'} ne '');
     print CONF "\tvirtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16";
-    print CONF ",%v4:!$netsettings{'GREEN_NETADDRESS'}/$netsettings{'GREEN_NETMASK'}";
+    print CONF ",%v4:!$green_cidr";
     if (length($netsettings{'ORANGE_DEV'}) > 2) {
-	print CONF ",%v4:!$netsettings{'ORANGE_NETADDRESS'}/$netsettings{'ORANGE_NETMASK'}";
+	print CONF ",%v4:!$orange_cidr";
     }
     if (length($netsettings{'BLUE_DEV'}) > 2) {
-	print CONF ",%v4:!$netsettings{'BLUE_NETADDRESS'}/$netsettings{'BLUE_NETMASK'}";
+	print CONF ",%v4:!$blue_cidr";
     }
     foreach my $key (keys %lconfighash) {
 	if ($lconfighash{$key}[3] eq 'net') {
@@ -320,13 +331,15 @@ sub writeipsecfiles {
 	print CONF "conn $lconfighash{$key}[1]\n";
 	print CONF "\tleft=$localside\n";
 	print CONF "\tleftnexthop=%defaultroute\n" if ($lconfighash{$key}[26] eq 'RED' && $lvpnsettings{'VPN_IP'} ne '%defaultroute');
-	print CONF "\tleftsubnet=$lconfighash{$key}[8]\n";
+	my $cidr_net=&General::ipcidr($lconfighash{$key}[8]);
+	print CONF "\tleftsubnet=$cidr_net\n";
 	print CONF "\tleftfirewall=yes\n";
 	print CONF "\tlefthostaccess=yes\n";
 
 	print CONF "\tright=$lconfighash{$key}[10]\n";
 	if ($lconfighash{$key}[3] eq 'net') {
-	    print CONF "\trightsubnet=$lconfighash{$key}[11]\n";
+	    my $cidr_net=&General::ipcidr($lconfighash{$key}[11]);
+	    print CONF "\trightsubnet=$cidr_net\n";
 	    print CONF "\trightnexthop=%defaultroute\n";
 	} elsif ($lconfighash{$key}[10] eq '%any' && $lconfighash{$key}[14] eq 'on') { #vhost allowed for roadwarriors?
 	    print CONF "\trightsubnet=vhost:%no,%priv\n";