From: Heino Gutschmidt <heino.gutschmidt(a)managedhosting.de>

When having more than one subnet in an ipsec connection it is not
possible to create a new openvpn static subnet.

Signed-off-by: Alexander Marx <alexander.marx(a)ipfire.org>
Signed-off-by: Heino Gutschmidt <heino.gutschmidt(a)managedhosting.de>
---
 config/cfgroot/general-functions.pl | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/config/cfgroot/general-functions.pl b/config/cfgroot/general-functions.pl
index d3d7251..298e68c 100644
--- a/config/cfgroot/general-functions.pl
+++ b/config/cfgroot/general-functions.pl
@@ -516,12 +516,14 @@ sub checksubnets
 		&General::readhasharray("${General::swroot}/vpn/config", \%ipsecconf);
 		foreach my $key (keys %ipsecconf){
 			if ($ipsecconf{$key}[11] ne ''){
-				my ($ipsecip,$ipsecsub) = split (/\//, $ipsecconf{$key}[11]);
-				$ipsecsub=&iporsubtodec($ipsecsub);
-				if($ipsecconf{$key}[1] ne $ccdname){
-					if ( &IpInSubnet ($ip,$ipsecip,$ipsecsub) ){
-						$errormessage=$Lang::tr{'ccd err isipsecnet'}." Name:  $ipsecconf{$key}[1]";
-						return $errormessage;
+				foreach my $ipsecsubitem (split(/\|/, $ipsecconf{$key}[11])) {
+					my ($ipsecip,$ipsecsub) = split (/\//, $ipsecconf{$key}[11]);
+					$ipsecsub=&iporsubtodec($ipsecsub);
+					if($ipsecconf{$key}[1] ne $ccdname){
+						if ( &IpInSubnet ($ip,$ipsecip,$ipsecsub) ){
+							$errormessage=$Lang::tr{'ccd err isipsecnet'}." Name:  $ipsecconf{$key}[1]";
+							return $errormessage;
+						}
 					}
 				}
 			}
-- 
2.7.4