From 946f94ab801d84a4a19a11c5af35e534d11ae252 Mon Sep 17 00:00:00 2001
From: Peter Palfrader <peter@palfrader.org>
Date: Thu, 29 Aug 2013 15:49:49 +0000
Subject: introduce bind_address

git-svn-id: svn+ssh://asteria.noreply.org/svn/weaselutils/trunk@644 bc3d92e2-beff-0310-a7cd-cc87d7ac0ede
---
 Generate | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/Generate b/Generate
index 0d940c2..e8f14b4 100755
--- a/Generate
+++ b/Generate
@@ -648,7 +648,11 @@ hostlist.each{ |host|
 		conffile.puts "rport #{host['inet_port'][ peer['name'] ]['remote']}"
 		conffile.puts "lport #{host['inet_port'][ peer['name'] ]['local']}"
 		conffile.puts "remote %s"%[peer['host_address']] if peer['host_address']
-		conffile.puts "local %s"%[host['host_address']] if host['host_address']
+		if host['bind_address']
+			conffile.puts "local %s"%[host['bind_address']]
+		elsif host['host_address']
+			conffile.puts "local %s"%[host['host_address']]
+		end
 		if host_is_server
 			conffile.puts "tls-server"
 			conffile.puts "dh #{$NAMESPACE}.dh2048.pem"
@@ -689,7 +693,7 @@ hostlist.each{ |host|
 		# do not filter on remote port as NAT gateways may change ports
 		iptables.puts "#"
 		iptables.puts "# to/from #{peer['name']}"
-		iptables.puts "iptables --append vpn-#{$NAMESPACE} --source #{ peer['host_address'] || '0.0.0.0/0' } --destination #{ host['host_address'] || '0.0.0.0/0' } \\"
+		iptables.puts "iptables --append vpn-#{$NAMESPACE} --source #{ peer['host_address'] || '0.0.0.0/0' } --destination #{ host['bind_address'] || host['host_address'] || '0.0.0.0/0' } \\"
 		iptables.puts "         --protocol udp                                      --destination-port #{ host['inet_port'][ peer['name'] ]['local'] } \\"
 		iptables.puts "         --jump ACCEPT"
 		
-- 
cgit v1.2.3