diff options
author | o <o@immerda.ch> | 2013-08-10 18:51:23 +0200 |
---|---|---|
committer | Micah Anderson <micah@riseup.net> | 2013-08-10 19:54:43 +0200 |
commit | 09e665c2bebe8d61aea40ec77975bccb7d1e08ac (patch) | |
tree | 9253b8f92aca1b80905230fcc8ba3f3fa5cc4c92 | |
parent | 5386846687d06cb4f676ebed8e1a8303148959b8 (diff) |
add a hack to override the right subnet from the %default connection if
necessary
-rw-r--r-- | templates/remote_host.erb | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/templates/remote_host.erb b/templates/remote_host.erb index 8d1ab41..dbe3945 100644 --- a/templates/remote_host.erb +++ b/templates/remote_host.erb @@ -13,7 +13,12 @@ conn <%= name %> right=<%= right_ip_address %> rightid=@<%= right_id %> rightcert=<%= right_cert_name %>.asc -<% unless right_subnet.empty? -%> +<% if right_subnet.empty? -%> + <% unless (subn=scope.lookupvar('strongswan::default_left_subnet')).empty? -%> + # Override the public subnet definition for the internal links + rightsubnet=<%= right_ip_address %>/32 + <% end %> +<% else -%> rightsubnet=<%= right_subnet.collect{|s| s.include?('/') ? s : (s.include?(':') ? "#{s}/128" : "#{s}/32" ) }.join(',') %> <% end -%> type=transport |