diff --git a/pkg/proxy/http.go b/pkg/proxy/http.go
index 3868794..33ce9f2 100755
--- a/pkg/proxy/http.go
+++ b/pkg/proxy/http.go
@@ -387,7 +387,8 @@ func (t *HttpProxy) Start() {
 	})
 }
 
-var httpStatsTmpl = `
+var httpTmpl = map[string]string{
+	"stats": `
 <table>
   <tr>
     <td style="border: 1px solid black;">Configuration:</td>
@@ -416,7 +417,19 @@ var httpStatsTmpl = `
     <td style="border: 1px solid black;">{{ $v.LastAt }}</td>
   </tr>
   {{- end }}
-</table>`
+</table>`,
+
+	"pac": `
+function FindProxyForURL(url, host) {
+	if (isPlainHostName(host))
+		return "DIRECT";
+{{- range .Rules }}
+	if (shExpMatch(host, "(^|*\.){{ . }}"))
+		return "PROXY {{ $.Local }}";
+{{- end }}
+	return "DIRECT";
+}`,
+}
 
 func (t *HttpProxy) GetStats(w http.ResponseWriter, r *http.Request) {
 	data := &struct {
@@ -428,7 +441,7 @@ func (t *HttpProxy) GetStats(w http.ResponseWriter, r *http.Request) {
 		Requests: t.requests,
 		StartAt:  t.startat,
 	}
-	if tmpl, err := template.New("main").Parse(httpStatsTmpl); err != nil {
+	if tmpl, err := template.New("main").Parse(httpTmpl["stats"]); err != nil {
 		http.Error(w, err.Error(), http.StatusInternalServerError)
 	} else {
 		if err := tmpl.Execute(w, data); err != nil {
@@ -441,17 +454,6 @@ func (t *HttpProxy) GetConfig(w http.ResponseWriter, r *http.Request) {
 	encodeJson(w, t.cfg)
 }
 
-var httpPacTmpl = `
-function FindProxyForURL(url, host) {
-	if (isPlainHostName(host))
-		return "DIRECT";
-{{- range .Rules }}
-	if (shExpMatch(host, "(^|*\.){{ . }}"))
-		return "PROXY {{ $.Local }}";
-{{- end }}
-	return "DIRECT";
-}`
-
 func (t *HttpProxy) GetPac(w http.ResponseWriter, r *http.Request) {
 	data := &struct {
 		Local string
@@ -466,7 +468,7 @@ func (t *HttpProxy) GetPac(w http.ResponseWriter, r *http.Request) {
 		}
 	}
 
-	if tmpl, err := template.New("main").Parse(httpPacTmpl); err != nil {
+	if tmpl, err := template.New("main").Parse(httpTmpl["pac"]); err != nil {
 		http.Error(w, err.Error(), http.StatusInternalServerError)
 	} else {
 		expired := time.Now().Add(1 * time.Minute)
diff --git a/pkg/switch/ipsec.go b/pkg/switch/ipsec.go
index 303ee90..a2f4ffa 100644
--- a/pkg/switch/ipsec.go
+++ b/pkg/switch/ipsec.go
@@ -31,8 +31,8 @@ func NewIPSecWorker(c *co.Network) *IPSecWorker {
 	return w
 }
 
-const (
-	vxlanTmpl = `
+var ipsecTmpl = map[string]string{
+	"vxlan": `
 conn {{ .Name }}
     keyexchange=ike
     ikev2=no
@@ -70,8 +70,8 @@ conn {{ .Name }}-c2
 {{- end }}
     leftprotoport=udp
     rightprotoport=udp/8472
-`
-	greTmpl = `
+`,
+	"gre": `
 conn {{ .Name }}-c1
     auto=add
     ikev2=no
@@ -93,11 +93,11 @@ conn {{ .Name }}-c1
     authby=secret
     leftprotoport=gre
     rightprotoport=gre
-`
-	secretTmpl = `
+`,
+	"secret": `
 %any @{{ .RightId }}.{{ .Transport }} : PSK "{{ .Secret }}"
-`
-)
+`,
+}
 
 func (w *IPSecWorker) Initialize() {
 	w.out.Info("IPSecWorker.Initialize")
@@ -159,11 +159,11 @@ func (w *IPSecWorker) addTunnel(tun *co.IPSecTunnel) error {
 
 	name := tun.Name
 	if tun.Transport == "vxlan" {
-		connTmpl = vxlanTmpl
-		secTmpl = secretTmpl
+		connTmpl = ipsecTmpl["vxlan"]
+		secTmpl = ipsecTmpl["secret"]
 	} else if tun.Transport == "gre" {
-		connTmpl = greTmpl
-		secTmpl = secretTmpl
+		connTmpl = ipsecTmpl["gre"]
+		secTmpl = ipsecTmpl["secret"]
 	}
 
 	if secTmpl != "" {