lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-15 00:54:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

IPSec: prevent ipsec vti interface to hit 32768 limit (create numbered, rename and attach afterwards)

Browse Source 
@fichtner as promised,  the almost one liner :)
This commit is contained in:
Ad Schellevis 2020-08-07 17:30:38 +02:00
parent 5bd793a8a0
commit 9167000171
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/etc/inc/plugins.inc.d/ipsec.inc
View File

@ -1898,7 +1898,11 @@ function ipsec_configure_vti($verbose = false)
// create required interfaces
$inet = is_ipaddrv6($intf_details['local']) ? 'inet6' : 'inet';
if (empty($current_interfaces[$intf])) {
if (mwexecf('/sbin/ifconfig %s create reqid %s', array($intf, $intf_details['reqid'])) == 0) {
// prevent ipsec vti interface to hit 32768 limit (create numbered, rename and attach afterwards)
exec('/sbin/ifconfig ipsec create 2>&1', $cmdout, $cmdret);
if ($cmdret == 0) {
legacy_interface_rename($cmdout[0], $intf);
mwexecf('/sbin/ifconfig %s reqid %s', array($intf, $intf_details['reqid']));
mwexecf(
'/sbin/ifconfig %s %s tunnel %s %s up',
array($intf, $inet, $intf_details['local'], $intf_details['remote'])