From 5ce46c56e0ed95e03c3322f6eba53488a0615207 Mon Sep 17 00:00:00 2001
From: mh <mh@immerda.ch>
Date: Thu, 3 Jan 2013 18:31:05 +0100
Subject: automatically configure a subnet for all listening ips

---
 templates/ipsec.conf.erb  | 3 +++
 templates/remote_host.erb | 2 +-
 2 files changed, 4 insertions(+), 1 deletion(-)

(limited to 'templates')

diff --git a/templates/ipsec.conf.erb b/templates/ipsec.conf.erb
index ddaf842..44225d3 100644
--- a/templates/ipsec.conf.erb
+++ b/templates/ipsec.conf.erb
@@ -15,6 +15,9 @@ conn %default
         left=<%= scope.lookupvar('strongswan::default_left_ip_address') %>
         leftcert=<%= scope.lookupvar('::fqdn') %>.asc
         leftid=@<%= scope.lookupvar('::fqdn') %>
+<% unless (subn=scope.lookupvar('strongswan::default_left_subnet')).empty? -%>
+        leftsubnet=<%= subn.collect{|s| s.include?('/') ? s : (s.include?(':') ? "#{s}/128" : "#{s}/32" ) }.join(',') %>
+<% end -%>
 
 <% unless scope.lookupvar('strongswan::additional_options').empty? -%>
 <%= scope.lookupvar('strongswan::additional_options') %>
diff --git a/templates/remote_host.erb b/templates/remote_host.erb
index 5a22ca9..a05378c 100644
--- a/templates/remote_host.erb
+++ b/templates/remote_host.erb
@@ -4,7 +4,7 @@ conn <%= name %>
         rightid=@<%= right_id %>
         rightcert=<%= right_cert_name %>.asc
 <% unless right_subnet.empty? -%>
-        rightsubnet=<%= right_subnet.join(',') %>
+        rightsubnet=<%= right_subnet.collect{|s| s.include?('/') ? s : (s.include?(':') ? "#{s}/128" : "#{s}/32" ) }.join(',') %>
 <% end -%>
         type=transport
         auto=start
-- 
cgit v1.2.3