add a hack to override the right subnet from the %default connection if

necessary
author: o <o@immerda.ch> 2013-08-10 18:51:23 +0200
committer: o <o@immerda.ch> 2013-08-10 18:53:35 +0200
commit: 9bff4b7d2222f3bba58603efde427532d3a5f502 (patch)
tree: 2adfcfb7abcd631b7c221220d826897cb1e1e95e
parent: 689961e33cea7c6c2695e460a5f8da10a7b58c76 (diff)
1 files changed, 6 insertions, 1 deletions
diff --git a/templates/remote_host.erb b/templates/remote_host.erb
index 8d1ab41..dbe3945 100644
--- a/templates/remote_host.erb
+++ b/templates/remote_host.erb
@@ -13,7 +13,12 @@ conn <%= name %>
         right=<%= right_ip_address %>
         rightid=@<%= right_id %>
         rightcert=<%= right_cert_name %>.asc
-<% unless right_subnet.empty? -%>
+<% if right_subnet.empty? -%>
+  <% unless (subn=scope.lookupvar('strongswan::default_left_subnet')).empty? -%>
+        # Override the public subnet definition for the internal links
+        rightsubnet=<%= right_ip_address %>/32
+  <% end %>
+<% else -%>
         rightsubnet=<%= right_subnet.collect{|s| s.include?('/') ? s : (s.include?(':') ? "#{s}/128" : "#{s}/32" ) }.join(',') %>
 <% end -%>
         type=transport
author	o <o@immerda.ch>	2013-08-10 18:51:23 +0200
committer	o <o@immerda.ch>	2013-08-10 18:53:35 +0200
commit	9bff4b7d2222f3bba58603efde427532d3a5f502 (patch)
tree	2adfcfb7abcd631b7c221220d826897cb1e1e95e
parent	689961e33cea7c6c2695e460a5f8da10a7b58c76 (diff)