This is useful to assign all traffic to a fw3 zone, e.g.:
/etc/config/ipsec:
config remote 'test'
list tunnel 'dev'
...
config 'tunnel' 'dev'
option reqid '33'
...
/etc/config/firewall:
config zone
option name wan
option extra_src "-m policy --pol none --dir in"
option extra_dest "-m policy --pol none --dir out"
...
config zone
option name vpn
# subnet needed for firewall3 before 22 Nov 2019,
8174814a
list subnet '0.0.0.0/0'
option extra_src "-m policy --pol ipsec --dir in --reqid 33"
option extra_dest "-m policy --pol ipsec --dir out --reqid 33"
...
Signed-off-by: Paul Fertser <fercerpav@gmail.com>
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
local dpddelay
local inactivity
local keyexchange
+ local reqid
config_get mode "$1" mode "route"
config_get local_subnet "$1" local_subnet ""
config_get dpddelay "$1" dpddelay "30s"
config_get inactivity "$1" inactivity
config_get keyexchange "$1" keyexchange "ikev2"
+ config_get reqid "$1" reqid
[ -n "$local_nat" ] && local_subnet=$local_nat
ipsec_xappend " dpddelay=$dpddelay"
[ -n "$inactivity" ] && ipsec_xappend " inactivity=$inactivity"
+ [ -n "$reqid" ] && ipsec_xappend " reqid=$reqid"
if [ "$auth_method" = "psk" ]; then
ipsec_xappend " leftauth=psk"
projects / feed / packages.git / commitdiff