holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity
bb923492a3
shorewall_code/Shorewall-shell/diff-3.4-lib.tunnels
teastep e0b5af80f3 Make :noah the default for ipsec tunnels 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6762 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-07-03 15:20:24 +00:00

35 lines
910 B
Plaintext
Raw Blame History

--- /home/teastep/shorewall/branches/3.4/Shorewall/lib.tunnels 2007-03-22 15:27:26.000000000 -0700
+++ lib.tunnels 2007-07-03 07:57:16.000000000 -0700
@@ -37,19 +37,28 @@
setup_one_ipsec() # $1 = Tunnel Kind $2 = gateway zones
{
- local kind=$1 noah=
+ local kind=$1 noah=noah
case $kind in
*:*)
noah=${kind#*:}
- [ $noah = noah -o $noah = NOAH ] || fatal_error "Invalid IPSEC modifier $noah in tunnel \"$tunnel\""
+ case $noah in
+ ah|AH)
+ noah=
+ ;;
+ noah|NOAH)
+ ;;
+ *)
+ fatal_error "Invalid IPSEC modifier $noah in tunnel \"$tunnel\""
+ ;;
+ esac
kind=${kind%:*}
;;
esac
[ $kind = IPSEC ] && kind=ipsec
- [ $kind = ipsec ] || noah=noah
+ [ $kind = ipsec ] || [ "$noah" = noah ] || fatal_error ":ah not allowed on ipsecnat tunnels"
options="-m state --state NEW -j ACCEPT"
addrule2 $inchain -p 50 $source -j ACCEPT
View Git Blame Copy Permalink