lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-19 02:54:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

IPSec - VTI, ignore tunnel devices if local or remote endpoint can't be found.

Browse Source
This commit is contained in:
Ad Schellevis 2021-10-14 10:56:42 +02:00
parent bb9b8820c6
commit 38efe9d9d6
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/etc/inc/plugins.inc.d/ipsec.inc
View File

@ -1939,6 +1939,13 @@ function ipsec_configure_vti($verbose = false)
foreach ($configured_intf as $intf => $intf_details) {
// create required interfaces
$inet = is_ipaddrv6($intf_details['local']) ? 'inet6' : 'inet';
if (empty($intf_details['local'])) {
log_error(sprintf("Unable to construct VTI interface, local tunnel endpoint for %s not found", $intf));
continue;
} elseif (empty($intf_details['remote'])) {
log_error(sprintf("Unable to construct VTI interface, remote tunnel endpoint for %s not found", $intf));
continue;
}
if (empty($current_interfaces[$intf])) {
// prevent ipsec vti interface to hit 32768 limit (create numbered, rename and attach afterwards)
if (legacy_interface_create("ipsec", $intf) != null) {