Project

General

Profile

ipsec_updown.patch

Laurent HAEFFELE, 07/18/2019 08:50 AM

Download (2.7 KB)

View differences:

modif/ipsec_updown 2019-07-17 15:33:54.701140513 +0200
240 240
        fi
241 241
    %if %%is_defined('sw_force_ip_src') and %%sw_force_ip_src != "non"
242 242
	#PLUTO_MY_SOURCEIP=`grep -A 2 "auto %%sw_force_ip_src" /etc/network/interfaces |grep address|cut -d" " -f2`
243
    PLUTO_MY_SOURCEIP=`ip addr show dev %%getVar('nom_zone_eth' + %%sw_force_ip_src) | grep -m 1 "inet " | sed -e "s/^.*inet \(.*\)\/.*$/\1/"`
243
    PLUTO_MY_SOURCEIP="%%getVar('adresse_ip_eth' + %%sw_force_ip_src)"
244 244
    %else
245 245
	PLUTO_MY_SOURCEIP=""
246 246
    %end if
......
249 249
    SRC_IP_ROUTE=$(ip route list ${PLUTO_PEER_CLIENT}|sed "s/^.*src \(.*\)/\1/")
250 250
	if test "$1" = "replace" -a -n "$PLUTO_MY_SOURCEIP"
251 251
	then
252
	    addsource
253
        # if no src for remote subnet
254
        if [ "${SRC_IP_ROUTE}" == "" ]
255
        then
256
            %if %%is_defined('sw_force_ip_src') and %%sw_force_ip_src != "non"
257
            MY_SOURCEIP_NETMASK_CIDR=$(ip addr show dev %%getVar('nom_zone_eth' + %%sw_force_ip_src)|grep "${PLUTO_MY_SOURCEIP}"|sed "s/^.*inet.*\/\([0-9]*\) .*$/\1/")
258
            %else
259
            MY_SOURCEIP_NETMASK_CIDR=$(ip addr show dev %%getVar('nom_zone_eth1', 'no_eth1')|grep "${PLUTO_MY_SOURCEIP}"|sed "s/^.*inet.*\/\([0-9]*\) .*$/\1/")
260
            %end if
261
            MY_SOURCEIP_NETMASK_DOT=$(cidr2mask ${MY_SOURCEIP_NETMASK_CIDR})
262
            byte1="$[$(echo ${PLUTO_MY_SOURCEIP}|cut -d"." -f1)&$(echo ${MY_SOURCEIP_NETMASK_DOT}|cut -d"." -f1)]"
263
            byte2="$[$(echo ${PLUTO_MY_SOURCEIP}|cut -d"." -f2)&$(echo ${MY_SOURCEIP_NETMASK_DOT}|cut -d"." -f2)]"
264
            byte3="$[$(echo ${PLUTO_MY_SOURCEIP}|cut -d"." -f3)&$(echo ${MY_SOURCEIP_NETMASK_DOT}|cut -d"." -f3)]"
265
            byte4="$[$(echo ${PLUTO_MY_SOURCEIP}|cut -d"." -f4)&$(echo ${MY_SOURCEIP_NETMASK_DOT}|cut -d"." -f4)]"
266
            MYSOURCEIP_NETWORK="${byte1}.${byte2}.${byte3}.${byte4}/${MY_SOURCEIP_NETMASK_CIDR}"
267
            if [ "${MYSOURCEIP_NETWORK}" != "${PLUTO_MY_CLIENT}" ]
268
            then
269
                PLUTO_MY_SOURCEIP=$(ip route list $PLUTO_MY_CLIENT|sed 's/^.*src \(.*\)/\1/')
270
            fi
271
        fi
272 252
	    parms3="$parms3 src ${PLUTO_MY_SOURCEIP%/*}"
273 253
	fi
274 254

  
......
284 264
        then
285 265
            # if already existing route with another src IP
286 266
            # don't suppress it
287
            MY_SRC_IP_ROUTE=$(ip route list $PLUTO_MY_CLIENT|sed 's/^.*src \(.*\)/\1/')
288
            if [ "${SRC_IP_ROUTE}" != "${MY_SRC_IP_ROUTE}" ]
267
            MY_SRC_IP_ROUTE=$(ip route list $PLUTO_PEER_CLIENT|sed 's/^.*src \([0-9\.]*\).*/\1/')
268
            if [ "${MY_SRC_IP_ROUTE}" != "%%getVar('adresse_ip_eth' + %%sw_force_ip_src)" ]
289 269
            then
290 270
                it="echo 2>&1"
291 271
            else