1 files changed, 25 insertions, 1 deletions

diff --git a/programs/starter/confread.c b/programs/starter/confread.c
index af0f00877..edd041ab4 100644
--- a/programs/starter/confread.c
+++ b/programs/starter/confread.c
@@ -11,7 +11,7 @@
  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  * for more details.
  *
- * RCSID $Id: confread.c,v 1.38 2006/06/20 21:52:53 as Exp $
+ * RCSID $Id: confread.c,v 1.39 2006/10/19 14:58:30 as Exp $
  */
 
 #include <stddef.h>
@@ -255,6 +255,11 @@ kw_end(starter_conn_t *conn, starter_end_t *end, kw_token_t token
 	end->has_port_wildcard = has_port_wildcard;
 	break;
     case KW_SOURCEIP:
+	if (end->has_natip)
+	{
+	    plog("# natip and sourceip cannot be defined at the same time");
+	    goto err;
+	}
 	if (streq(value, "%modeconfig") || streq(value, "%modecfg"))
 	{
 	    end->modecfg = TRUE;
@@ -272,6 +277,22 @@ kw_end(starter_conn_t *conn, starter_end_t *end, kw_token_t token
 	}
 	conn->policy |= POLICY_TUNNEL;
 	break;
+    case KW_NATIP:
+	if (end->has_srcip)
+	{
+	    plog("# natip and sourceip cannot be defined at the same time");
+	    goto err;
+	}
+	conn->tunnel_addr_family = ip_version(value);
+	ugh = ttoaddr(value, 0, conn->tunnel_addr_family, &end->srcip);
+	if (ugh != NULL)
+	{
+	    plog("# bad addr: %s=%s [%s]", name, value, ugh);
+	    goto err;
+	}
+	end->has_natip = TRUE;
+	conn->policy |= POLICY_TUNNEL;
+	break;
     default:
 	break;
     }
@@ -430,6 +451,9 @@ load_conn(starter_conn_t *conn, kw_list_t *kw, starter_config_t *cfg)
 	case KW_REKEY:
 	    KW_POLICY_FLAG("no", "yes", POLICY_DONT_REKEY)
 	    break;
+	case KW_MODECONFIG:
+	    KW_POLICY_FLAG("push", "pull", POLICY_MODECFG_PUSH)
+	    break;
 	default:
 	    break;
 	}