From 234e7e27ea7da8693510fca3be96cb1f2b956834 Mon Sep 17 00:00:00 2001
From: vnxme <46669194+vnxme@users.noreply.github.com>
Date: Fri, 21 Feb 2020 15:06:14 +0300
Subject: [PATCH] IPsec: add virtual IPv6 pool for mobile clients

This commit deals with ipsec.conf file drafting. In terms of mobile clients option 'rightsourceip' now may be:
1) empty if no pools are configured;
2) %pool_address%/%pool_netbits% for an IPv4 only option;
3) %pool_address_v6%/%pool_netbits_v6% for an IPv6 only option;
4) %pool_address%/%pool_netbits%,%pool_address_v6%/%pool_netbits_v6% for a dual stack option.
---
 src/etc/inc/plugins.inc.d/ipsec.inc | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/src/etc/inc/plugins.inc.d/ipsec.inc b/src/etc/inc/plugins.inc.d/ipsec.inc
index cf139cb1b..3f6e6ed56 100644
--- a/src/etc/inc/plugins.inc.d/ipsec.inc
+++ b/src/etc/inc/plugins.inc.d/ipsec.inc
@@ -1349,8 +1349,15 @@ function ipsec_configure_do($verbose = false, $interface = '')
                 }
 
                 $rightsourceip = null;
-                if (!empty($a_client['pool_address']) && isset($ph1ent['mobile'])) {
-                    $rightsourceip = "\trightsourceip = {$a_client['pool_address']}/{$a_client['pool_netbits']}\n";
+                if (isset($ph1ent['mobile']) && (!empty($a_client['pool_address']) || !empty($a_client['pool_address_v6']))) {
+                    $rightsourceip = "\trightsourceip = ";
+                    if (!empty($a_client['pool_address'])) {
+                        $rightsourceip .= "{$a_client['pool_address']}/{$a_client['pool_netbits']}";
+                    }
+                    if (!empty($a_client['pool_address_v6'])) {
+                        $rightsourceip .= (!empty($a_client['pool_address']) ? "," : "")."{$a_client['pool_address_v6']}/{$a_client['pool_netbits_v6']}";
+                    }
+                    $rightsourceip .= "\n";
                 }
 
                 $authentication = "";