Revision: 6537
http://ipcop.svn.sourceforge.net/ipcop/?rev=6537&view=rev
Author: owes
Date: 2012-04-09 12:58:45 +0000 (Mon, 09 Apr 2012)
Log Message:
-----------
Add more comments in ipsec.conf, drop some code comments that are long obsolete
by now.
Modified Paths:
--------------
ipcop/trunk/src/libs/vpn-functions.pl
Modified: ipcop/trunk/src/libs/vpn-functions.pl
===================================================================
--- ipcop/trunk/src/libs/vpn-functions.pl 2012-04-09 12:58:24 UTC (rev
6536)
+++ ipcop/trunk/src/libs/vpn-functions.pl 2012-04-09 12:58:45 UTC (rev
6537)
@@ -201,10 +201,6 @@
$plutodebug = 'none' if $plutodebug eq ''; # if nothing selected, use
'none'.
print CONF "\tklipsdebug=\"none\"\n";
print CONF "\tplutodebug=\"$plutodebug\"\n";
- # TODO: openswan 2.6 does not seem to like plutoload
- print CONF "\t#plutoload=%search\n";
- # TODO: openswan 2.6 does not seem to like plutostart
- print CONF "\t#plutostart=%search\n";
print CONF "\tuniqueids=yes\n";
print CONF "\tnat_traversal=yes\n";
print CONF "\toverridemtu=$lvpnsettings{'VPN_OVERRIDE_MTU'}\n" if
($lvpnsettings{'VPN_OVERRIDE_MTU'} ne '');
@@ -244,12 +240,13 @@
if ($lconfighash{$key}[26] eq 'BLUE') {
$localside = $netsettings{'BLUE_1_ADDRESS'};
}
- else { # it is RED
+ else {
$localside = $lvpnsettings{'VPN_IP'};
}
- # TODO openswan does not like #comment behind conn thingy
- print CONF "#$lconfighash{$key}[26]\n";
+ my $comment = "net-2-net";
+ $comment = "roadwarrior" if ($lconfighash{$key}[3] eq 'host');
+ print CONF "# $lconfighash{$key}[25]\n# $comment to
$lconfighash{$key}[26]\n";
print CONF "conn $lconfighash{$key}[1]\n";
if (($lconfighash{$key}[3] eq 'host') && ($lconfighash{$key}[4] eq
'psk') && ($lconfighash{$key}[26] eq 'RED')) {
# Force left=%defaultroute for RW using PSK on RED. Openswan
complains about the FQDN in this special case, probably because right=%any
@@ -323,11 +320,6 @@
}
}
- # pfsgroup obsoleted from openswan 2.6.21
- # if ($lconfighash{$key}[23]) {
- # print CONF "\tpfsgroup=$lconfighash{$key}[23]\n";
- # }
-
# Lifetimes
print CONF "\tikelifetime=$lconfighash{$key}[16]h\n" if
($lconfighash{$key}[16]);
print CONF "\tkeylife=$lconfighash{$key}[17]h\n" if
($lconfighash{$key}[17]);
This was sent by the SourceForge.net collaborative development platform, the
world's largest Open Source development site.
------------------------------------------------------------------------------
For Developers, A Lot Can Happen In A Second.
Boundary is the first to Know...and Tell You.
Monitor Your Applications in Ultra-Fine Resolution. Try it FREE!
http://p.sf.net/sfu/Boundary-d2dvs2
_______________________________________________
Ipcop-svn mailing list
Ipcop-svn@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ipcop-svn
