Some bug fixes

2018-03-07 14:40:57 +01:00 · 2018-03-07 14:40:57 +01:00 · 197fe3acad
parent c5bf01d089
commit 197fe3acad
4 changed files with 9 additions and 8 deletions
--- a/manifests/racoon.pp
+++ b/manifests/racoon.pp
@ -43,8 +43,8 @@ class ipsec::racoon (
 	concat { "$ipsec_conf": 
-		ensure => present
+		ensure => present,
-
+		require => Package['racoon']
 	}
 	concat::fragment { "ipsec_conf_header":
@ -57,7 +57,8 @@ class ipsec::racoon (
 		owner => "$racoon_usr",
 		group => "$racoon_grp",
 		mode  => '0600',
-		ensure => present
+		ensure => present,
 		require => Package['racoon']
 	}
 	concat::fragment { "pskfile_header":
--- a/templates/racoon/ipsec.conf.transport.erb
+++ b/templates/racoon/ipsec.conf.transport.erb
@ -4,7 +4,7 @@
 #
 spdadd <%= @local_ip %> <%= @remote_ip %> <%= @proto %> -P out ipsec 
-	esp/transport//require;
+	esp/transport//unique;
 spdadd <%= @remote_ip %> <%= @local_ip %> <%= @proto %> -P out ipsec 
-	esp/transport//require;
+	esp/transport//unique;
--- a/templates/racoon/ipsec.conf.tunnel.erb
+++ b/templates/racoon/ipsec.conf.tunnel.erb
@ -6,8 +6,8 @@
 <%- @netproto = net['proto'] ? net['proto'] : 'any' -%>
 spdadd <%= net['local'] %> <%= net['remote'] %> <%= @netproto %> -P out ipsec 
-	esp/tunnel/<%= @local_ip %>-<%= @remote_ip %>/require;
+	esp/tunnel/<%= @local_ip %>-<%= @remote_ip %>/unique;
 spdadd <%= net['remote'] %> <%= net['local'] %> <%= @netproto %> -P in ipsec 
-	esp/tunnel/<%= @remote_ip %>-<%= @local_ip %>/require;
+	esp/tunnel/<%= @remote_ip %>-<%= @local_ip %>/unique;
 <%- end -%>
--- a/templates/strongswan/ipsec.conf.tunnel.erb
+++ b/templates/strongswan/ipsec.conf.tunnel.erb
@ -4,7 +4,7 @@
 <%- @pfs_group = net['pfs_group'] ? net['pfs_group'] : @dh_group -%>
 <%- @p2hash = net['hash'] ? net['hash'] : @hash  -%>
-conn "<%= @title %>"
+conn "<%= @title %> <%= net['local'] %> <%= net['remote']%>"
        left=<%= @local_ip %>
 	leftsubnet=<%= net['local'] %>
 	right=<%= @remote_ip %>