Révision eca6f787
Ajouté par Renato Botelho il y a plus de 9 ans
| usr/local/www/vpn_ipsec.php | ||
|---|---|---|
| 55 | 55 |
$pconfig['enable'] = isset($config['ipsec']['enable']); |
| 56 | 56 |
|
| 57 | 57 |
if ($_POST) {
|
| 58 |
|
|
| 59 | 58 |
if ($_POST['apply']) {
|
| 60 | 59 |
$retval = 0; |
| 61 | 60 |
$retval = vpn_ipsec_configure(); |
| ... | ... | |
| 74 | 73 |
write_config(); |
| 75 | 74 |
|
| 76 | 75 |
$retval = vpn_ipsec_configure(); |
| 76 |
} else if (isset($_POST['del_x'])) {
|
|
| 77 |
/* delete selected p1 entries */ |
|
| 78 |
if (is_array($_POST['p1entry']) && count($_POST['p1entry'])) {
|
|
| 79 |
foreach ($_POST['p1entry'] as $p1entrydel) {
|
|
| 80 |
unset($a_phase1[$p1entrydel]); |
|
| 81 |
} |
|
| 82 |
if (write_config()) |
|
| 83 |
mark_subsystem_dirty('ipsec');
|
|
| 84 |
header("Location: vpn_ipsec.php");
|
|
| 85 |
exit; |
|
| 86 |
} |
|
| 87 |
} else {
|
|
| 88 |
/* yuck - IE won't send value attributes for image buttons, while Mozilla does - so we use .x/.y to find move button clicks instead... */ |
|
| 89 |
unset($movebtn); |
|
| 90 |
foreach ($_POST as $pn => $pd) {
|
|
| 91 |
if (preg_match("/move_(\d+)_x/", $pn, $matches)) {
|
|
| 92 |
$movebtn = $matches[1]; |
|
| 93 |
break; |
|
| 94 |
} |
|
| 95 |
} |
|
| 96 |
/* move selected p1 entries before this */ |
|
| 97 |
if (isset($movebtn) && is_array($_POST['p1entry']) && count($_POST['p1entry'])) {
|
|
| 98 |
$a_phase1_new = array(); |
|
| 99 |
|
|
| 100 |
/* copy all p1 entries < $movebtn and not selected */ |
|
| 101 |
for ($i = 0; $i < $movebtn; $i++) {
|
|
| 102 |
if (!in_array($i, $_POST['p1entry'])) |
|
| 103 |
$a_phase1_new[] = $a_phase1[$i]; |
|
| 104 |
} |
|
| 105 |
|
|
| 106 |
/* copy all selected p1 entries */ |
|
| 107 |
for ($i = 0; $i < count($a_phase1); $i++) {
|
|
| 108 |
if ($i == $movebtn) |
|
| 109 |
continue; |
|
| 110 |
if (in_array($i, $_POST['p1entry'])) |
|
| 111 |
$a_phase1_new[] = $a_phase1[$i]; |
|
| 112 |
} |
|
| 113 |
|
|
| 114 |
/* copy $movebtn p1 entry */ |
|
| 115 |
if ($movebtn < count($a_phase1)) |
|
| 116 |
$a_phase1_new[] = $a_phase1[$movebtn]; |
|
| 117 |
|
|
| 118 |
/* copy all p1 entries > $movebtn and not selected */ |
|
| 119 |
for ($i = $movebtn+1; $i < count($a_phase1); $i++) {
|
|
| 120 |
if (!in_array($i, $_POST['p1entry'])) |
|
| 121 |
$a_phase1_new[] = $a_phase1[$i]; |
|
| 122 |
} |
|
| 123 |
if (count($a_phase1_new) > 0) |
|
| 124 |
$a_phase1 = $a_phase1_new; |
|
| 125 |
|
|
| 126 |
if (write_config()) |
|
| 127 |
mark_subsystem_dirty('ipsec');
|
|
| 128 |
header("Location: vpn_ipsec.php");
|
|
| 129 |
exit; |
|
| 130 |
} |
|
| 77 | 131 |
} |
| 78 | 132 |
} |
| 79 | 133 |
|
| 80 |
if ($_GET['act'] == "delph1") |
|
| 81 |
{
|
|
| 82 |
if ($a_phase1[$_GET['p1index']]) {
|
|
| 134 |
if (isset($_GET['p1index']) && is_numericint($_GET['p1index']) && isset($a_phase1[$_GET['p1index']])) {
|
|
| 135 |
if ($_GET['act'] == "delph1") {
|
|
| 83 | 136 |
/* remove static route if interface is not WAN */ |
| 84 | 137 |
if ($a_phase1[$_GET['p1index']]['interface'] <> "wan") |
| 85 | 138 |
mwexec("/sbin/route delete -host {$a_phase1[$_GET['p1index']]['remote-gateway']}");
|
| ... | ... | |
| 95 | 148 |
unset($a_phase1[$_GET['p1index']]); |
| 96 | 149 |
write_config(); |
| 97 | 150 |
mark_subsystem_dirty('ipsec');
|
| 98 |
header("Location: vpn_ipsec.php");
|
|
| 99 |
exit; |
|
| 100 |
} |
|
| 101 |
} |
|
| 102 |
|
|
| 103 |
if ($_GET['act'] == "delph2") |
|
| 104 |
{
|
|
| 105 |
if ($a_phase1[$_GET['p1index']]) {
|
|
| 151 |
} else if ($_GET['act'] == "delph2") {
|
|
| 106 | 152 |
/* remove the phase2 entry */ |
| 107 | 153 |
foreach ($a_phase2 as $ph2idx => $ph2) {
|
| 108 | 154 |
if ($ph2['uniqid'] == $_GET['p2index']) {
|
| ... | ... | |
| 112 | 158 |
break; |
| 113 | 159 |
} |
| 114 | 160 |
} |
| 115 |
header("Location: vpn_ipsec.php");
|
|
| 116 |
exit; |
|
| 161 |
} else if ($_GET['act'] == "toggle") {
|
|
| 162 |
if (isset($a_phase1[$_GET['p1index']]['disabled'])) |
|
| 163 |
unset($a_phase1[$_GET['p1index']]['disabled']); |
|
| 164 |
else |
|
| 165 |
$a_phase1[$_GET['p1index']]['disabled'] = true; |
|
| 166 |
|
|
| 167 |
write_config(); |
|
| 168 |
mark_subsystem_dirty('ipsec');
|
|
| 117 | 169 |
} |
| 170 |
|
|
| 171 |
header("Location: vpn_ipsec.php");
|
|
| 172 |
exit; |
|
| 118 | 173 |
} |
| 119 | 174 |
|
| 120 | 175 |
$pgtitle = array(gettext("VPN"),gettext("IPsec"));
|
| ... | ... | |
| 127 | 182 |
<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> |
| 128 | 183 |
<?php include("fbegin.inc"); ?>
|
| 129 | 184 |
<form action="vpn_ipsec.php" method="post"> |
| 185 |
<script type="text/javascript" src="/javascript/row_toggle.js"></script> |
|
| 130 | 186 |
<?php |
| 131 | 187 |
if ($savemsg) |
| 132 | 188 |
print_info_box($savemsg); |
| ... | ... | |
| 171 | 227 |
</tr> |
| 172 | 228 |
</table> |
| 173 | 229 |
<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0" summary="phase-1 entries"> |
| 230 |
<tr id="frheader"> |
|
| 231 |
<td class="list"> </td> |
|
| 232 |
<td class="list"> </td> |
|
| 233 |
<td class="listhdrr"><?=gettext("IKE"); ?></td>
|
|
| 234 |
<td class="listhdrr"><?=gettext("Remote Gateway"); ?></td>
|
|
| 235 |
<td class="listhdrr"><?=gettext("Mode"); ?></td>
|
|
| 236 |
<td class="listhdrr"><?=gettext("P1 Protocol"); ?></td>
|
|
| 237 |
<td class="listhdrr"><?=gettext("P1 Transforms"); ?></td>
|
|
| 238 |
<td class="listhdrr"><?=gettext("P1 Description"); ?></td>
|
|
| 239 |
<td class="list"> |
|
| 240 |
</td> |
|
| 241 |
</tr> |
|
| 174 | 242 |
<?php |
| 175 | 243 |
$i = 0; |
| 176 | 244 |
foreach ($a_phase1 as $ph1ent): |
| 177 |
if (isset( $ph1ent['disabled'])) {
|
|
| 245 |
$iconfn = "pass"; |
|
| 246 |
$spans = $spane = ""; |
|
| 247 |
if (isset($ph1ent['disabled'])) {
|
|
| 178 | 248 |
$spans = "<span class=\"gray\">"; |
| 179 | 249 |
$spane = "</span>"; |
| 250 |
$iconfn .= "_d"; |
|
| 180 | 251 |
} |
| 181 |
else |
|
| 182 |
$spans = $spane = ""; |
|
| 183 |
|
|
| 184 |
show_ipsec_header($ph1ent); |
|
| 185 | 252 |
?> |
| 186 |
<tr valign="top" ondblclick="document.location='vpn_ipsec_phase1.php?p1index=<?=$i;?>'"> |
|
| 187 |
<td class="listlr"> |
|
| 253 |
<tr valign="top" id="fr<?=$i;?>" ondblclick="document.location='vpn_ipsec_phase1.php?p1index=<?=$i;?>'"> |
|
| 254 |
<td class="listt" align="center" valign="middle"> |
|
| 255 |
<input type="checkbox" id="frc<?=$i;?>" name="p1entry[]" value="<?=$i;?>" onclick="fr_bgcolor('<?=$i;?>')" style="margin: 0; padding: 0; width: 15px; height: 15px;" />
|
|
| 256 |
</td> |
|
| 257 |
<td class="listt" align="center" valign="middle"> |
|
| 258 |
<a href="?p1index=<?=$i;?>&act=toggle"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_<?=$iconfn;?>.gif" width="11" height="11" border="0" title="<?=gettext("click to toggle enabled/disabled status");?>" alt="icon" /></a>
|
|
| 259 |
<?php |
|
| 260 |
if (isset($filterent['log'])): |
|
| 261 |
$iconfnlog = "log_s"; |
|
| 262 |
if (isset($filterent['disabled'])) |
|
| 263 |
$iconfnlog .= "_d"; |
|
| 264 |
?> |
|
| 265 |
<br /><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_<?=$iconfnlog;?>.gif" width="11" height="15" border="0" alt="icon" /> |
|
| 266 |
<?php endif; ?> |
|
| 267 |
</td> |
|
| 268 |
<td class="listlr" onclick="fr_toggle(<?=$i;?>)" id="frd<?=$i;?>"> |
|
| 188 | 269 |
<?=$spans;?> |
| 189 | 270 |
<?php |
| 190 | 271 |
if (empty($ph1ent['iketype']) || $ph1ent['iketype'] == "ikev1") |
| ... | ... | |
| 194 | 275 |
?> |
| 195 | 276 |
<?=$spane;?> |
| 196 | 277 |
</td> |
| 197 |
<td class="listr"> |
|
| 278 |
<td class="listr" onclick="fr_toggle(<?=$i;?>)" id="frd<?=$i;?>">
|
|
| 198 | 279 |
<?=$spans;?> |
| 199 | 280 |
<?php |
| 200 | 281 |
if ($ph1ent['interface']) {
|
| ... | ... | |
| 228 | 309 |
?> |
| 229 | 310 |
<?=$spane;?> |
| 230 | 311 |
</td> |
| 231 |
<td class="listr"> |
|
| 312 |
<td class="listr" onclick="fr_toggle(<?=$i;?>)" id="frd<?=$i;?>">
|
|
| 232 | 313 |
<?=$spans;?> |
| 233 | 314 |
<?=$ph1ent['mode'];?> |
| 234 | 315 |
<?=$spane;?> |
| 235 | 316 |
</td> |
| 236 |
<td class="listr"> |
|
| 317 |
<td class="listr" onclick="fr_toggle(<?=$i;?>)" id="frd<?=$i;?>">
|
|
| 237 | 318 |
<?=$spans;?> |
| 238 | 319 |
<?=$p1_ealgos[$ph1ent['encryption-algorithm']['name']]['name'];?> |
| 239 | 320 |
<?php |
| ... | ... | |
| 246 | 327 |
?> |
| 247 | 328 |
<?=$spane;?> |
| 248 | 329 |
</td> |
| 249 |
<td class="listr"> |
|
| 330 |
<td class="listr" onclick="fr_toggle(<?=$i;?>)" id="frd<?=$i;?>">
|
|
| 250 | 331 |
<?=$spans;?> |
| 251 | 332 |
<?=$p1_halgos[$ph1ent['hash-algorithm']];?> |
| 252 | 333 |
<?=$spane;?> |
| 253 | 334 |
</td> |
| 254 |
<td class="listbg"> |
|
| 335 |
<td class="listbg" onclick="fr_toggle(<?=$i;?>)">
|
|
| 255 | 336 |
<?=$spans;?> |
| 256 | 337 |
<?=htmlspecialchars($ph1ent['descr']);?> |
| 257 | 338 |
<?=$spane;?> |
| ... | ... | |
| 259 | 340 |
<td valign="middle" class="list nowrap"> |
| 260 | 341 |
<table border="0" cellspacing="0" cellpadding="1" summary="icons"> |
| 261 | 342 |
<tr> |
| 343 |
<td> |
|
| 344 |
<input onmouseover="fr_insline(<?=$i;?>, true)" onmouseout="fr_insline(<?=$i;?>, false)" |
|
| 345 |
name="move_<?=$i;?>" src="/themes/<?= $g['theme']; ?>/images/icons/icon_left.gif" |
|
| 346 |
title="<?=gettext("move selected entries before this");?>"
|
|
| 347 |
type="image" style="height:17;width:17;border:0" /> |
|
| 348 |
</td> |
|
| 262 | 349 |
<td> |
| 263 | 350 |
<a href="vpn_ipsec_phase1.php?p1index=<?=$i;?>"> |
| 264 | 351 |
<img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" title="<?=gettext("edit phase1 entry"); ?>" width="17" height="17" border="0" alt="edit" />
|
| 265 | 352 |
</a> |
| 266 | 353 |
</td> |
| 354 |
</tr> |
|
| 355 |
<tr> |
|
| 267 | 356 |
<td> |
| 268 | 357 |
<a href="vpn_ipsec.php?act=delph1&p1index=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this phase1 and all associated phase2 entries?"); ?>')">
|
| 269 | 358 |
<img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" title="<?=gettext("delete phase1 entry"); ?>" width="17" height="17" border="0" alt="delete" />
|
| 270 | 359 |
</a> |
| 271 | 360 |
</td> |
| 272 |
</tr>
|
|
| 361 |
<td>
|
|
| 273 | 362 |
<?php |
| 274 | 363 |
if (!isset($ph1ent['mobile'])): |
| 275 | 364 |
?> |
| 276 |
<tr> |
|
| 277 |
<td> |
|
| 278 |
</td> |
|
| 279 |
<td> |
|
| 280 | 365 |
<a href="vpn_ipsec_phase1.php?dup=<?=$i;?>"> |
| 281 | 366 |
<img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("copy phase1 entry"); ?>" width="17" height="17" border="0" alt="add" />
|
| 282 | 367 |
</a> |
| 283 |
</td> |
|
| 284 |
</tr> |
|
| 285 | 368 |
<?php |
| 286 | 369 |
endif; |
| 287 | 370 |
?> |
| 371 |
</td> |
|
| 372 |
</tr> |
|
| 288 | 373 |
</table> |
| 289 | 374 |
</td> |
| 290 | 375 |
</tr> |
| 291 | 376 |
<tr> |
| 377 |
<td class="listt"> </td> |
|
| 378 |
<td class="listt"> </td> |
|
| 292 | 379 |
<td class="listrborder" colspan="6"> |
| 293 | 380 |
<div id="shph2but-<?=$i?>"> |
| 294 | 381 |
<?php |
| ... | ... | |
| 301 | 388 |
?> |
| 302 | 389 |
<input type="button" onclick="show_phase2('tdph2-<?=$i?>','shph2but-<?=$i?>')" value="+" /> - <?php printf(gettext("Show %s Phase-2 entries"), $phase2count); ?>
|
| 303 | 390 |
</div> |
| 304 |
<table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="0" id="tdph2-<?=$i?>" style="display:none" summary="phase-2 entries"> |
|
| 391 |
<div id="tdph2-<?=$i?>" style="display:none"> |
|
| 392 |
<table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="0" summary="phase-2 entries"> |
|
| 305 | 393 |
<tr> |
| 306 | 394 |
<td class="listhdrr"><?=gettext("Mode"); ?></td>
|
| 307 | 395 |
<?php |
| ... | ... | |
| 411 | 499 |
endforeach; |
| 412 | 500 |
?> |
| 413 | 501 |
</table> |
| 414 |
</td> |
|
| 415 |
</tr> |
|
| 416 |
<tr> |
|
| 417 |
<td> |
|
| 418 |
|
|
| 502 |
</div> |
|
| 419 | 503 |
</td> |
| 420 | 504 |
</tr> |
| 421 | 505 |
<?php |
| 422 | 506 |
$i++; |
| 423 | 507 |
endforeach; // $a_phase1 as $ph1ent |
| 424 |
if($i === 0) |
|
| 425 |
show_ipsec_header($ph1ent); |
|
| 426 | 508 |
?> |
| 427 | 509 |
<tr> |
| 428 |
<td class="list" colspan="6"></td>
|
|
| 429 |
<td class="list"> |
|
| 430 |
<table border="0" cellspacing="0" cellpadding="1" summary="add">
|
|
| 510 |
<td class="list" colspan="8"></td>
|
|
| 511 |
<td class="list nowrap" valign="middle">
|
|
| 512 |
<table border="0" cellspacing="0" cellpadding="1" summary="edit">
|
|
| 431 | 513 |
<tr> |
| 432 |
<td width="17"></td> |
|
| 514 |
<td> |
|
| 515 |
<?php |
|
| 516 |
if ($i == 0): |
|
| 517 |
?> |
|
| 518 |
<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_left_d.gif" width="17" height="17" title="<?=gettext("move selected phase1 entries to end");?>" border="0" alt="move" />
|
|
| 519 |
<?php |
|
| 520 |
else: |
|
| 521 |
?> |
|
| 522 |
<input name="move_<?=$i;?>" type="image" src="/themes/<?= $g['theme']; ?>/images/icons/icon_left.gif" style="width:17;height:17;border:0" title="<?=gettext("move selected phase1 entries to end");?>" />
|
|
| 523 |
<?php |
|
| 524 |
endif; |
|
| 525 |
?> |
|
| 526 |
</td> |
|
| 433 | 527 |
<td> |
| 434 | 528 |
<a href="vpn_ipsec_phase1.php"> |
| 435 |
<img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add phase1 entry"); ?>" width="17" height="17" border="0" alt="add" />
|
|
| 529 |
<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" title="<?=gettext("add new phase1");?>" alt="add" />
|
|
| 436 | 530 |
</a> |
| 437 | 531 |
</td> |
| 438 | 532 |
</tr> |
| 533 |
<tr> |
|
| 534 |
<td> |
|
| 535 |
<?php |
|
| 536 |
if ($i == 0): |
|
| 537 |
?> |
|
| 538 |
<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x_d.gif" width="17" height="17" title="<?=gettext("delete selected phase1 entries");?>" border="0" alt="delete" />
|
|
| 539 |
<?php |
|
| 540 |
else: |
|
| 541 |
?> |
|
| 542 |
<input name="del" type="image" src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" style="width:17;height:17" title="<?=gettext("delete selected phase1 entries");?>" onclick="return confirm('<?=gettext("Do you really want to delete the selected phase1 entries?");?>')" />
|
|
| 543 |
<?php |
|
| 544 |
endif; |
|
| 545 |
?> |
|
| 546 |
</td> |
|
| 547 |
</tr> |
|
| 439 | 548 |
</table> |
| 440 | 549 |
</td> |
| 441 | 550 |
</tr> |
| 442 | 551 |
<tr> |
| 443 |
<td colspan="7">
|
|
| 552 |
<td colspan="8">
|
|
| 444 | 553 |
<p> |
| 445 | 554 |
<span class="vexpl"> |
| 446 | 555 |
<span class="red"> |
| 447 | 556 |
<strong><?=gettext("Note"); ?>:<br /></strong>
|
| 448 | 557 |
</span> |
| 449 |
<?=gettext("You can check your IPsec status at"); ?> <a href="diag_ipsec.php"><?=gettext("Status:IPsec"); ?></a>.<br />
|
|
| 558 |
<?=gettext("You can check your IPsec status at"); ?> <a href="diag_ipsec.php"><?=gettext("Status:IPsec"); ?></a>.<br />
|
|
| 450 | 559 |
<?=gettext("IPsec Debug Mode can be enabled at"); ?> <a href="vpn_ipsec_settings.php"><?=gettext("VPN:IPsec:Advanced Settings"); ?></a>.<br />
|
| 451 | 560 |
<?=gettext("IPsec can be set to prefer older SAs at"); ?> <a href="vpn_ipsec_settings.php"><?=gettext("VPN:IPsec:Advanced Settings"); ?></a>.
|
| 452 | 561 |
</span> |
| ... | ... | |
| 471 | 580 |
</script> |
| 472 | 581 |
</body> |
| 473 | 582 |
</html> |
| 474 |
|
|
| 475 |
<?php |
|
| 476 |
|
|
| 477 |
function show_ipsec_header($ph1ent) {
|
|
| 478 |
|
|
| 479 |
?> |
|
| 480 |
<tr> |
|
| 481 |
<td class="listhdrr"><?=gettext("IKE"); ?></td>
|
|
| 482 |
<td class="listhdrr"><?=gettext("Remote Gateway"); ?></td>
|
|
| 483 |
<td class="listhdrr"><?=gettext("Mode"); ?></td>
|
|
| 484 |
<td class="listhdrr"><?=gettext("P1 Protocol"); ?></td>
|
|
| 485 |
<td class="listhdrr"><?=gettext("P1 Transforms"); ?></td>
|
|
| 486 |
<td class="listhdrr"><?=gettext("P1 Description"); ?></td>
|
|
| 487 |
<td class="list"> |
|
| 488 |
</td> |
|
| 489 |
</tr> |
|
| 490 |
|
|
| 491 |
<?php |
|
| 492 |
|
|
| 493 |
} |
|
| 494 |
|
|
| 495 |
?> |
|
Formats disponibles : Unified diff
Improvements on IPsec GUI (Ticket #3328):