From e0a73cdb407bf8a4a2f87123982c47fda7a2df0a Mon Sep 17 00:00:00 2001
From: Michael Tremer <michael.tremer@ipfire.org>
Date: Mon, 24 Sep 2018 01:14:59 +0200
Subject: [PATCH] ipsec: Set traffic selectors to all when using GRE/VTI
 devices

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---
 src/functions/functions.ipsec | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/functions/functions.ipsec b/src/functions/functions.ipsec
index 3f215e40..ba941a7c 100644
--- a/src/functions/functions.ipsec
+++ b/src/functions/functions.ipsec
@@ -1489,6 +1489,8 @@ _ipsec_connection_to_strongswan_connection() {
 			# Local Prefixes
 			if isset LOCAL_PREFIX; then
 				print_indent 4 "local_ts = $(list_join LOCAL_PREFIX ,)"
+			elif isset ZONE; then
+				print_indent 4 "local_ts = ::/0, 0.0.0.0/0"
 			else
 				print_indent 4 "local_ts = dynamic"
 			fi
@@ -1496,6 +1498,8 @@ _ipsec_connection_to_strongswan_connection() {
 			# Remote Prefixes
 			if isset REMOTE_PREFIX; then
 				print_indent 4 "remote_ts = $(list_join REMOTE_PREFIX ,)"
+			elif isset ZONE; then
+				print_indent 4 "remote_ts = ::/0, 0.0.0.0/0"
 			else
 				print_indent 4 "remote_ts = dynamic"
 			fi
-- 
2.47.3