extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-01-12 08:38:14 +01:00
Code Issues Packages Projects Releases Wiki Activity

More IPSEC tweaks

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1555 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2004-08-19 15:21:32 +00:00
parent 16487eb51a
commit f5d4acc57b
2 changed files with 9 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
Shorewall2/firewall
View File

@ -1680,7 +1680,11 @@ setup_ipsec() {
;; ;;
esac esac
done done
eval ${zone}_ipsec_options=\"${newoptions# }\"
if [ -n "$newoptions" ]; then
eval ${zone}_is_complex=Yes
eval ${zone}_ipsec_options=\"${newoptions# }\"
fi
} }
strip_file ipsec $1 strip_file ipsec $1
@ -1688,6 +1692,8 @@ setup_ipsec() {
while read zone ipsec options; do while read zone ipsec options; do
expandv zone ipsec options expandv zone ipsec options
[ -n "$POLICY_MATCH" ] || fatal_error "Your kernel and/or iptables does not support policy match"
validate_zone1 $zone || fatal_error "Unknown zone: $zone" validate_zone1 $zone || fatal_error "Unknown zone: $zone"
case $ipsec in case $ipsec in
@ -1695,6 +1701,7 @@ setup_ipsec() {
;; ;;
Yes|yes) Yes|yes)
eval ${zone}_is_ipsec=Yes eval ${zone}_is_ipsec=Yes
eval ${zone}_is_complex=Yes
;; ;;
*) *)
fatal_error "Invalid IPSEC column value: $ipsec" fatal_error "Invalid IPSEC column value: $ipsec"

2
Shorewall2/ipsec
View File

@ -21,7 +21,7 @@
# option for the SPD level. # option for the SPD level.
# #
# spi=<number> where <number> is the SPI of # spi=<number> where <number> is the SPI of
# the SA. # the SA used to encrypt/decrypt packets.
# #
# proto=ah|esp|ipcomp # proto=ah|esp|ipcomp
# #