From acdf14e63667034cda82dc75fcdcccd4b4367f6d Mon Sep 17 00:00:00 2001 From: Mark Plomer Date: Mon, 11 Mar 2019 10:09:03 +0100 Subject: [PATCH 1/2] implemented wildcard includes for ipsec/strongswan --- src/etc/inc/plugins.inc.d/ipsec.inc | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/etc/inc/plugins.inc.d/ipsec.inc b/src/etc/inc/plugins.inc.d/ipsec.inc index 191038309..807061bf5 100644 --- a/src/etc/inc/plugins.inc.d/ipsec.inc +++ b/src/etc/inc/plugins.inc.d/ipsec.inc @@ -1003,6 +1003,7 @@ function ipsec_configure_do($verbose = false, $interface = '') } $strongswan = generate_strongswan_conf($strongswanTree); + $strongswan .= "\ninclude /usr/local/etc/strongswan.*.conf\n"; @file_put_contents("/usr/local/etc/strongswan.conf", $strongswan); unset($strongswan); @@ -1096,6 +1097,7 @@ function ipsec_configure_do($verbose = false, $interface = '') unset($key); } + $pskconf .= "\ninclude /usr/local/etc/ipsec.*.secrets\n"; @file_put_contents("/usr/local/etc/ipsec.secrets", $pskconf); chmod("/usr/local/etc/ipsec.secrets", 0600); unset($pskconf); @@ -1550,6 +1552,7 @@ EOD; } } } + $ipsecconf .= "\ninclude /usr/local/etc/ipsec.*.conf\n"; // dump file, replace tabs for 2 spaces @file_put_contents("/usr/local/etc/ipsec.conf", str_replace("\t", ' ', $ipsecconf)); unset($ipsecconf); From a4d157db0bc622c68af6da717c311499d8362691 Mon Sep 17 00:00:00 2001 From: Ad Schellevis Date: Tue, 12 Mar 2019 11:10:13 +0100 Subject: [PATCH 2/2] IPsec, change paths for https://github.com/opnsense/core/pull/3311 to align more with the standard sample configurations we ship --- src/etc/inc/plugins.inc.d/ipsec.inc | 6 +++--- src/etc/ipsec.opnsense.d/README | 1 + src/etc/ipsec.secrets.opnsense.d/README | 1 + src/etc/strongswan.opnsense.d/README | 1 + 4 files changed, 6 insertions(+), 3 deletions(-) create mode 100644 src/etc/ipsec.opnsense.d/README create mode 100644 src/etc/ipsec.secrets.opnsense.d/README create mode 100644 src/etc/strongswan.opnsense.d/README diff --git a/src/etc/inc/plugins.inc.d/ipsec.inc b/src/etc/inc/plugins.inc.d/ipsec.inc index 260024593..111752272 100644 --- a/src/etc/inc/plugins.inc.d/ipsec.inc +++ b/src/etc/inc/plugins.inc.d/ipsec.inc @@ -1003,7 +1003,7 @@ function ipsec_configure_do($verbose = false, $interface = '') } $strongswan = generate_strongswan_conf($strongswanTree); - $strongswan .= "\ninclude /usr/local/etc/strongswan.*.conf\n"; + $strongswan .= "\ninclude ipsec.opnsense.d/*.conf\n"; @file_put_contents("/usr/local/etc/strongswan.conf", $strongswan); unset($strongswan); @@ -1097,7 +1097,7 @@ function ipsec_configure_do($verbose = false, $interface = '') unset($key); } - $pskconf .= "\ninclude /usr/local/etc/ipsec.*.secrets\n"; + $pskconf .= "\ninclude ipsec.secrets.opnsense.d/*.secrets\n"; @file_put_contents("/usr/local/etc/ipsec.secrets", $pskconf); chmod("/usr/local/etc/ipsec.secrets", 0600); unset($pskconf); @@ -1552,7 +1552,7 @@ EOD; } } } - $ipsecconf .= "\ninclude /usr/local/etc/ipsec.*.conf\n"; + $ipsecconf .= "\ninclude strongswan.opnsense.d/*.conf\n"; // dump file, replace tabs for 2 spaces @file_put_contents("/usr/local/etc/ipsec.conf", str_replace("\t", ' ', $ipsecconf)); unset($ipsecconf); diff --git a/src/etc/ipsec.opnsense.d/README b/src/etc/ipsec.opnsense.d/README new file mode 100644 index 000000000..39b174cfc --- /dev/null +++ b/src/etc/ipsec.opnsense.d/README @@ -0,0 +1 @@ +OPNsense: automatically included ipsec.conf configuration files diff --git a/src/etc/ipsec.secrets.opnsense.d/README b/src/etc/ipsec.secrets.opnsense.d/README new file mode 100644 index 000000000..9686417e8 --- /dev/null +++ b/src/etc/ipsec.secrets.opnsense.d/README @@ -0,0 +1 @@ +OPNsense: automatically included ipsec.secrets configuration files diff --git a/src/etc/strongswan.opnsense.d/README b/src/etc/strongswan.opnsense.d/README new file mode 100644 index 000000000..0ba734fe4 --- /dev/null +++ b/src/etc/strongswan.opnsense.d/README @@ -0,0 +1 @@ +OPNsense: automatically included strongswan.conf configuration files