From 9bff4b7d2222f3bba58603efde427532d3a5f502 Mon Sep 17 00:00:00 2001
From: o <o@immerda.ch>
Date: Sat, 10 Aug 2013 18:51:23 +0200
Subject: add a hack to override the right subnet from the %default connection
 if necessary

---
 templates/remote_host.erb | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/templates/remote_host.erb b/templates/remote_host.erb
index 8d1ab41..dbe3945 100644
--- a/templates/remote_host.erb
+++ b/templates/remote_host.erb
@@ -13,7 +13,12 @@ conn <%= name %>
         right=<%= right_ip_address %>
         rightid=@<%= right_id %>
         rightcert=<%= right_cert_name %>.asc
-<% unless right_subnet.empty? -%>
+<% if right_subnet.empty? -%>
+  <% unless (subn=scope.lookupvar('strongswan::default_left_subnet')).empty? -%>
+        # Override the public subnet definition for the internal links
+        rightsubnet=<%= right_ip_address %>/32
+  <% end %>
+<% else -%>
         rightsubnet=<%= right_subnet.collect{|s| s.include?('/') ? s : (s.include?(':') ? "#{s}/128" : "#{s}/32" ) }.join(',') %>
 <% end -%>
         type=transport
-- 
cgit v1.2.3