Projet

Général

Profil

ipsec_updown.patch

Laurent HAEFFELE, 18/07/2019 08:50

Télécharger (2,7 ko)

Voir les différences:

modif/ipsec_updown 2019-07-17 15:33:54.701140513 +0200
240 240 
        fi
241 241 
    %if %%is_defined('sw_force_ip_src') and %%sw_force_ip_src != "non"
242 242 
	#PLUTO_MY_SOURCEIP=`grep -A 2 "auto %%sw_force_ip_src" /etc/network/interfaces |grep address|cut -d" " -f2`
243 
    PLUTO_MY_SOURCEIP=`ip addr show dev %%getVar('nom_zone_eth' + %%sw_force_ip_src) | grep -m 1 "inet " | sed -e "s/^.*inet \(.*\)\/.*$/\1/"`
243 
    PLUTO_MY_SOURCEIP="%%getVar('adresse_ip_eth' + %%sw_force_ip_src)"
244 244 
    %else
245 245 
	PLUTO_MY_SOURCEIP=""
246 246 
    %end if
......
249 249 
    SRC_IP_ROUTE=$(ip route list ${PLUTO_PEER_CLIENT}|sed "s/^.*src \(.*\)/\1/")
250 250 
	if test "$1" = "replace" -a -n "$PLUTO_MY_SOURCEIP"
251 251 
	then
252 
	    addsource
253 
        # if no src for remote subnet
254 
        if [ "${SRC_IP_ROUTE}" == "" ]
255 
        then
256 
            %if %%is_defined('sw_force_ip_src') and %%sw_force_ip_src != "non"
257 
            MY_SOURCEIP_NETMASK_CIDR=$(ip addr show dev %%getVar('nom_zone_eth' + %%sw_force_ip_src)|grep "${PLUTO_MY_SOURCEIP}"|sed "s/^.*inet.*\/\([0-9]*\) .*$/\1/")
258 
            %else
259 
            MY_SOURCEIP_NETMASK_CIDR=$(ip addr show dev %%getVar('nom_zone_eth1', 'no_eth1')|grep "${PLUTO_MY_SOURCEIP}"|sed "s/^.*inet.*\/\([0-9]*\) .*$/\1/")
260 
            %end if
261 
            MY_SOURCEIP_NETMASK_DOT=$(cidr2mask ${MY_SOURCEIP_NETMASK_CIDR})
262 
            byte1="$[$(echo ${PLUTO_MY_SOURCEIP}|cut -d"." -f1)&$(echo ${MY_SOURCEIP_NETMASK_DOT}|cut -d"." -f1)]"
263 
            byte2="$[$(echo ${PLUTO_MY_SOURCEIP}|cut -d"." -f2)&$(echo ${MY_SOURCEIP_NETMASK_DOT}|cut -d"." -f2)]"
264 
            byte3="$[$(echo ${PLUTO_MY_SOURCEIP}|cut -d"." -f3)&$(echo ${MY_SOURCEIP_NETMASK_DOT}|cut -d"." -f3)]"
265 
            byte4="$[$(echo ${PLUTO_MY_SOURCEIP}|cut -d"." -f4)&$(echo ${MY_SOURCEIP_NETMASK_DOT}|cut -d"." -f4)]"
266 
            MYSOURCEIP_NETWORK="${byte1}.${byte2}.${byte3}.${byte4}/${MY_SOURCEIP_NETMASK_CIDR}"
267 
            if [ "${MYSOURCEIP_NETWORK}" != "${PLUTO_MY_CLIENT}" ]
268 
            then
269 
                PLUTO_MY_SOURCEIP=$(ip route list $PLUTO_MY_CLIENT|sed 's/^.*src \(.*\)/\1/')
270 
            fi
271 
        fi
272 252 
	    parms3="$parms3 src ${PLUTO_MY_SOURCEIP%/*}"
273 253 
	fi
274 254 

  		




  ......




  284
  264
  
    
        then

  		




  285
  265
  
    
            # if already existing route with another src IP

  		




  286
  266
  
    
            # don't suppress it

  		




  287
  
  
    
            MY_SRC_IP_ROUTE=$(ip route list $PLUTO_MY_CLIENT|sed 's/^.*src \(.*\)/\1/')

  		




  288
  
  
    
            if [ "${SRC_IP_ROUTE}" != "${MY_SRC_IP_ROUTE}" ]

  		




  
  267
  
    
            MY_SRC_IP_ROUTE=$(ip route list $PLUTO_PEER_CLIENT|sed 's/^.*src \([0-9\.]*\).*/\1/')

  		




  
  268
  
    
            if [ "${MY_SRC_IP_ROUTE}" != "%%getVar('adresse_ip_eth' + %%sw_force_ip_src)" ]

  		




  289
  269
  
    
            then

  		




  290
  270
  
    
                it="echo 2>&1"

  		




  291
  271
  
    
            else