@ -220,7 +220,6 @@ config_conn() {
local updown local updown
local firewall local firewall
local remote_subnet local remote_subnet
local remote_sourceip
local lifetime local lifetime
local dpdaction local dpdaction
local closeaction local closeaction
@ -234,7 +233,6 @@ config_conn() {
config_get updown "$1" updown "" config_get updown "$1" updown ""
config_get firewall "$1" firewall "" config_get firewall "$1" firewall ""
config_get remote_subnet "$1" remote_subnet "" config_get remote_subnet "$1" remote_subnet ""
config_get remote_sourceip "$1" remote_sourceip ""
config_get lifetime "$1" lifetime "" config_get lifetime "$1" lifetime ""
config_get dpdaction "$1" dpdaction "none" config_get dpdaction "$1" dpdaction "none"
config_get closeaction "$1" closeaction "none" config_get closeaction "$1" closeaction "none"
@ -315,6 +313,7 @@ config_conn() {
swanctl_xappend4 "life_time = $(seconds2time $(((110 * $(time2seconds $rekeytime)) / 100)))" swanctl_xappend4 "life_time = $(seconds2time $(((110 * $(time2seconds $rekeytime)) / 100)))"
fi fi
[ -n "$rekeytime" ] && swanctl_xappend4 "rekey_time = $rekeytime" [ -n "$rekeytime" ] && swanctl_xappend4 "rekey_time = $rekeytime"
[ -n "$inactivity" ] && swanctl_xappend4 "inactivity = $inactivity"
[ -n "$updown" ] && swanctl_xappend4 "updown = $updown" [ -n "$updown" ] && swanctl_xappend4 "updown = $updown"
[ -n "$dpdaction" ] && swanctl_xappend4 "dpd_action = $dpdaction" [ -n "$dpdaction" ] && swanctl_xappend4 "dpd_action = $dpdaction"
@ -345,8 +344,6 @@ config_remote() {
local dpddelay local dpddelay
local inactivity local inactivity
local keyexchange local keyexchange
local reqid
local packet_marker
local fragmentation local fragmentation
local mobike local mobike
local local_cert local local_cert
@ -368,8 +365,6 @@ config_remote() {
config_get dpddelay "$1" dpddelay "30s" config_get dpddelay "$1" dpddelay "30s"
config_get inactivity "$1" inactivity config_get inactivity "$1" inactivity
config_get keyexchange "$1" keyexchange "ikev2" config_get keyexchange "$1" keyexchange "ikev2"
config_get reqid "$1" reqid
config_get packet_marker "$1" packet_marker
config_get fragmentation "$1" fragmentation "yes" config_get fragmentation "$1" fragmentation "yes"
config_get_bool mobike "$1" mobike 1 config_get_bool mobike "$1" mobike 1
config_get local_cert "$1" local_cert "" config_get local_cert "$1" local_cert ""
@ -508,14 +503,15 @@ do_preamble() {
swanctl_xappend0 "# generated by /etc/init.d/swanctl" swanctl_xappend0 "# generated by /etc/init.d/swanctl"
} }
append_interface() {
append interface_list "$1" " "
}
config_ipsec() { config_ipsec() {
local debug
local rtinstall_enabled local rtinstall_enabled
local routing_tables_ignored
local routing_table local routing_table
local routing_table_id local routing_table_id
local interface local interface
local device_list
config_get debug "$1" debug 0 config_get debug "$1" debug 0
config_get_bool rtinstall_enabled "$1" rtinstall_enabled 1 config_get_bool rtinstall_enabled "$1" rtinstall_enabled 1
@ -532,7 +528,9 @@ config_ipsec() {
[ -n "$routing_table_id" ] && append routing_tables_ignored "$routing_table_id" [ -n "$routing_table_id" ] && append routing_tables_ignored "$routing_table_id"
done done
local interface_list=$(config_get "$1" "interface")
local interface_list
config_list_foreach "$1" interface append_interface
if [ -z "$interface_list" ]; then if [ -z "$interface_list" ]; then
WAIT_FOR_INTF=0 WAIT_FOR_INTF=0
else else
@ -569,6 +567,9 @@ prepare_env() {
swanctl_reset swanctl_reset
do_preamble do_preamble
# needed by do_postamble
local debug install_routes routing_tables_ignored device_list
config_load ipsec config_load ipsec
config_foreach config_ipsec ipsec config_foreach config_ipsec ipsec
config_foreach config_remote remote config_foreach config_remote remote
Philip Prindeville
3 years ago