diff options
Diffstat (limited to 'templates')
-rw-r--r-- | templates/ipsec.conf.erb | 3 | ||||
-rw-r--r-- | templates/remote_host.erb | 2 |
2 files changed, 4 insertions, 1 deletions
diff --git a/templates/ipsec.conf.erb b/templates/ipsec.conf.erb index ddaf842..44225d3 100644 --- a/templates/ipsec.conf.erb +++ b/templates/ipsec.conf.erb @@ -15,6 +15,9 @@ conn %default left=<%= scope.lookupvar('strongswan::default_left_ip_address') %> leftcert=<%= scope.lookupvar('::fqdn') %>.asc leftid=@<%= scope.lookupvar('::fqdn') %> +<% unless (subn=scope.lookupvar('strongswan::default_left_subnet')).empty? -%> + leftsubnet=<%= subn.collect{|s| s.include?('/') ? s : (s.include?(':') ? "#{s}/128" : "#{s}/32" ) }.join(',') %> +<% end -%> <% unless scope.lookupvar('strongswan::additional_options').empty? -%> <%= scope.lookupvar('strongswan::additional_options') %> diff --git a/templates/remote_host.erb b/templates/remote_host.erb index 5a22ca9..a05378c 100644 --- a/templates/remote_host.erb +++ b/templates/remote_host.erb @@ -4,7 +4,7 @@ conn <%= name %> rightid=@<%= right_id %> rightcert=<%= right_cert_name %>.asc <% unless right_subnet.empty? -%> - rightsubnet=<%= right_subnet.join(',') %> + rightsubnet=<%= right_subnet.collect{|s| s.include?('/') ? s : (s.include?(':') ? "#{s}/128" : "#{s}/32" ) }.join(',') %> <% end -%> type=transport auto=start |