From: Heino Gutschmidt heino.gutschmidt@managedhosting.de
When having more than one subnet in an ipsec connection it is not possible to create a new openvpn static subnet.
Signed-off-by: Alexander Marx alexander.marx@ipfire.org Signed-off-by: Heino Gutschmidt heino.gutschmidt@managedhosting.de --- config/cfgroot/general-functions.pl | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-)
diff --git a/config/cfgroot/general-functions.pl b/config/cfgroot/general-functions.pl index d3d7251..298e68c 100644 --- a/config/cfgroot/general-functions.pl +++ b/config/cfgroot/general-functions.pl @@ -516,12 +516,14 @@ sub checksubnets &General::readhasharray("${General::swroot}/vpn/config", %ipsecconf); foreach my $key (keys %ipsecconf){ if ($ipsecconf{$key}[11] ne ''){ - my ($ipsecip,$ipsecsub) = split (///, $ipsecconf{$key}[11]); - $ipsecsub=&iporsubtodec($ipsecsub); - if($ipsecconf{$key}[1] ne $ccdname){ - if ( &IpInSubnet ($ip,$ipsecip,$ipsecsub) ){ - $errormessage=$Lang::tr{'ccd err isipsecnet'}." Name: $ipsecconf{$key}[1]"; - return $errormessage; + foreach my $ipsecsubitem (split(/|/, $ipsecconf{$key}[11])) { + my ($ipsecip,$ipsecsub) = split (///, $ipsecconf{$key}[11]); + $ipsecsub=&iporsubtodec($ipsecsub); + if($ipsecconf{$key}[1] ne $ccdname){ + if ( &IpInSubnet ($ip,$ipsecip,$ipsecsub) ){ + $errormessage=$Lang::tr{'ccd err isipsecnet'}." Name: $ipsecconf{$key}[1]"; + return $errormessage; + } } } }