ipsec: T4111: Fix for swanctl configuration IPV6 peers

Peer name must not contain dots and colons, otherwise swanct can't generate correct configuration for swanctl.conf This is used in connection names and child SA names Add filter 'dot_colon_to_dash' which replace dots and colons
author: Viacheslav <v.gletenko@vyos.io> 2021-12-28 11:45:37 +0000
committer: Viacheslav <v.gletenko@vyos.io> 2021-12-28 11:45:37 +0000
commit: 5e05bfe790035f7d53dede8d76bccb089a186864 (patch)
tree: 8643a31cc75b4c0174f06b202205bada3e4b0a90 /data/templates/ipsec/swanctl.conf.tmpl
parent: 5c5e283f8a964f5bbb3d838d1c0aabdee4e2032b (diff)
download: vyos-1x-5e05bfe790035f7d53dede8d76bccb089a186864.tar.gz
vyos-1x-5e05bfe790035f7d53dede8d76bccb089a186864.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/data/templates/ipsec/swanctl.conf.tmpl b/data/templates/ipsec/swanctl.conf.tmpl
index 161f19f95..68b108365 100644
--- a/data/templates/ipsec/swanctl.conf.tmpl
+++ b/data/templates/ipsec/swanctl.conf.tmpl
@@ -57,7 +57,7 @@ secrets {
 {%  endif %}
 {%  if site_to_site is defined and site_to_site.peer is defined %}
 {%    for peer, peer_conf in site_to_site.peer.items() if peer not in dhcp_no_address and peer_conf.disable is not defined %}
-{%      set peer_name = peer.replace(".", "-").replace("@", "") %}
+{%      set peer_name = peer.replace("@", "") | dot_colon_to_dash %}
 {%      if peer_conf.authentication.mode == 'pre-shared-secret' %}
     ike_{{ peer_name }} {
 {%        if peer_conf.local_address is defined %}
author	Viacheslav <v.gletenko@vyos.io>	2021-12-28 11:45:37 +0000
committer	Viacheslav <v.gletenko@vyos.io>	2021-12-28 11:45:37 +0000
commit	5e05bfe790035f7d53dede8d76bccb089a186864 (patch)
tree	8643a31cc75b4c0174f06b202205bada3e4b0a90 /data/templates/ipsec/swanctl.conf.tmpl
parent	5c5e283f8a964f5bbb3d838d1c0aabdee4e2032b (diff)
download	vyos-1x-5e05bfe790035f7d53dede8d76bccb089a186864.tar.gz vyos-1x-5e05bfe790035f7d53dede8d76bccb089a186864.zip