Révision eca6f787
Ajouté par Renato Botelho il y a plus de 9 ans
usr/local/www/vpn_ipsec.php | ||
---|---|---|
55 | 55 |
$pconfig['enable'] = isset($config['ipsec']['enable']); |
56 | 56 |
|
57 | 57 |
if ($_POST) { |
58 |
|
|
59 | 58 |
if ($_POST['apply']) { |
60 | 59 |
$retval = 0; |
61 | 60 |
$retval = vpn_ipsec_configure(); |
... | ... | |
74 | 73 |
write_config(); |
75 | 74 |
|
76 | 75 |
$retval = vpn_ipsec_configure(); |
76 |
} else if (isset($_POST['del_x'])) { |
|
77 |
/* delete selected p1 entries */ |
|
78 |
if (is_array($_POST['p1entry']) && count($_POST['p1entry'])) { |
|
79 |
foreach ($_POST['p1entry'] as $p1entrydel) { |
|
80 |
unset($a_phase1[$p1entrydel]); |
|
81 |
} |
|
82 |
if (write_config()) |
|
83 |
mark_subsystem_dirty('ipsec'); |
|
84 |
header("Location: vpn_ipsec.php"); |
|
85 |
exit; |
|
86 |
} |
|
87 |
} else { |
|
88 |
/* yuck - IE won't send value attributes for image buttons, while Mozilla does - so we use .x/.y to find move button clicks instead... */ |
|
89 |
unset($movebtn); |
|
90 |
foreach ($_POST as $pn => $pd) { |
|
91 |
if (preg_match("/move_(\d+)_x/", $pn, $matches)) { |
|
92 |
$movebtn = $matches[1]; |
|
93 |
break; |
|
94 |
} |
|
95 |
} |
|
96 |
/* move selected p1 entries before this */ |
|
97 |
if (isset($movebtn) && is_array($_POST['p1entry']) && count($_POST['p1entry'])) { |
|
98 |
$a_phase1_new = array(); |
|
99 |
|
|
100 |
/* copy all p1 entries < $movebtn and not selected */ |
|
101 |
for ($i = 0; $i < $movebtn; $i++) { |
|
102 |
if (!in_array($i, $_POST['p1entry'])) |
|
103 |
$a_phase1_new[] = $a_phase1[$i]; |
|
104 |
} |
|
105 |
|
|
106 |
/* copy all selected p1 entries */ |
|
107 |
for ($i = 0; $i < count($a_phase1); $i++) { |
|
108 |
if ($i == $movebtn) |
|
109 |
continue; |
|
110 |
if (in_array($i, $_POST['p1entry'])) |
|
111 |
$a_phase1_new[] = $a_phase1[$i]; |
|
112 |
} |
|
113 |
|
|
114 |
/* copy $movebtn p1 entry */ |
|
115 |
if ($movebtn < count($a_phase1)) |
|
116 |
$a_phase1_new[] = $a_phase1[$movebtn]; |
|
117 |
|
|
118 |
/* copy all p1 entries > $movebtn and not selected */ |
|
119 |
for ($i = $movebtn+1; $i < count($a_phase1); $i++) { |
|
120 |
if (!in_array($i, $_POST['p1entry'])) |
|
121 |
$a_phase1_new[] = $a_phase1[$i]; |
|
122 |
} |
|
123 |
if (count($a_phase1_new) > 0) |
|
124 |
$a_phase1 = $a_phase1_new; |
|
125 |
|
|
126 |
if (write_config()) |
|
127 |
mark_subsystem_dirty('ipsec'); |
|
128 |
header("Location: vpn_ipsec.php"); |
|
129 |
exit; |
|
130 |
} |
|
77 | 131 |
} |
78 | 132 |
} |
79 | 133 |
|
80 |
if ($_GET['act'] == "delph1") |
|
81 |
{ |
|
82 |
if ($a_phase1[$_GET['p1index']]) { |
|
134 |
if (isset($_GET['p1index']) && is_numericint($_GET['p1index']) && isset($a_phase1[$_GET['p1index']])) { |
|
135 |
if ($_GET['act'] == "delph1") { |
|
83 | 136 |
/* remove static route if interface is not WAN */ |
84 | 137 |
if ($a_phase1[$_GET['p1index']]['interface'] <> "wan") |
85 | 138 |
mwexec("/sbin/route delete -host {$a_phase1[$_GET['p1index']]['remote-gateway']}"); |
... | ... | |
95 | 148 |
unset($a_phase1[$_GET['p1index']]); |
96 | 149 |
write_config(); |
97 | 150 |
mark_subsystem_dirty('ipsec'); |
98 |
header("Location: vpn_ipsec.php"); |
|
99 |
exit; |
|
100 |
} |
|
101 |
} |
|
102 |
|
|
103 |
if ($_GET['act'] == "delph2") |
|
104 |
{ |
|
105 |
if ($a_phase1[$_GET['p1index']]) { |
|
151 |
} else if ($_GET['act'] == "delph2") { |
|
106 | 152 |
/* remove the phase2 entry */ |
107 | 153 |
foreach ($a_phase2 as $ph2idx => $ph2) { |
108 | 154 |
if ($ph2['uniqid'] == $_GET['p2index']) { |
... | ... | |
112 | 158 |
break; |
113 | 159 |
} |
114 | 160 |
} |
115 |
header("Location: vpn_ipsec.php"); |
|
116 |
exit; |
|
161 |
} else if ($_GET['act'] == "toggle") { |
|
162 |
if (isset($a_phase1[$_GET['p1index']]['disabled'])) |
|
163 |
unset($a_phase1[$_GET['p1index']]['disabled']); |
|
164 |
else |
|
165 |
$a_phase1[$_GET['p1index']]['disabled'] = true; |
|
166 |
|
|
167 |
write_config(); |
|
168 |
mark_subsystem_dirty('ipsec'); |
|
117 | 169 |
} |
170 |
|
|
171 |
header("Location: vpn_ipsec.php"); |
|
172 |
exit; |
|
118 | 173 |
} |
119 | 174 |
|
120 | 175 |
$pgtitle = array(gettext("VPN"),gettext("IPsec")); |
... | ... | |
127 | 182 |
<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> |
128 | 183 |
<?php include("fbegin.inc"); ?> |
129 | 184 |
<form action="vpn_ipsec.php" method="post"> |
185 |
<script type="text/javascript" src="/javascript/row_toggle.js"></script> |
|
130 | 186 |
<?php |
131 | 187 |
if ($savemsg) |
132 | 188 |
print_info_box($savemsg); |
... | ... | |
171 | 227 |
</tr> |
172 | 228 |
</table> |
173 | 229 |
<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0" summary="phase-1 entries"> |
230 |
<tr id="frheader"> |
|
231 |
<td class="list"> </td> |
|
232 |
<td class="list"> </td> |
|
233 |
<td class="listhdrr"><?=gettext("IKE"); ?></td> |
|
234 |
<td class="listhdrr"><?=gettext("Remote Gateway"); ?></td> |
|
235 |
<td class="listhdrr"><?=gettext("Mode"); ?></td> |
|
236 |
<td class="listhdrr"><?=gettext("P1 Protocol"); ?></td> |
|
237 |
<td class="listhdrr"><?=gettext("P1 Transforms"); ?></td> |
|
238 |
<td class="listhdrr"><?=gettext("P1 Description"); ?></td> |
|
239 |
<td class="list"> |
|
240 |
</td> |
|
241 |
</tr> |
|
174 | 242 |
<?php |
175 | 243 |
$i = 0; |
176 | 244 |
foreach ($a_phase1 as $ph1ent): |
177 |
if (isset( $ph1ent['disabled'])) { |
|
245 |
$iconfn = "pass"; |
|
246 |
$spans = $spane = ""; |
|
247 |
if (isset($ph1ent['disabled'])) { |
|
178 | 248 |
$spans = "<span class=\"gray\">"; |
179 | 249 |
$spane = "</span>"; |
250 |
$iconfn .= "_d"; |
|
180 | 251 |
} |
181 |
else |
|
182 |
$spans = $spane = ""; |
|
183 |
|
|
184 |
show_ipsec_header($ph1ent); |
|
185 | 252 |
?> |
186 |
<tr valign="top" ondblclick="document.location='vpn_ipsec_phase1.php?p1index=<?=$i;?>'"> |
|
187 |
<td class="listlr"> |
|
253 |
<tr valign="top" id="fr<?=$i;?>" ondblclick="document.location='vpn_ipsec_phase1.php?p1index=<?=$i;?>'"> |
|
254 |
<td class="listt" align="center" valign="middle"> |
|
255 |
<input type="checkbox" id="frc<?=$i;?>" name="p1entry[]" value="<?=$i;?>" onclick="fr_bgcolor('<?=$i;?>')" style="margin: 0; padding: 0; width: 15px; height: 15px;" /> |
|
256 |
</td> |
|
257 |
<td class="listt" align="center" valign="middle"> |
|
258 |
<a href="?p1index=<?=$i;?>&act=toggle"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_<?=$iconfn;?>.gif" width="11" height="11" border="0" title="<?=gettext("click to toggle enabled/disabled status");?>" alt="icon" /></a> |
|
259 |
<?php |
|
260 |
if (isset($filterent['log'])): |
|
261 |
$iconfnlog = "log_s"; |
|
262 |
if (isset($filterent['disabled'])) |
|
263 |
$iconfnlog .= "_d"; |
|
264 |
?> |
|
265 |
<br /><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_<?=$iconfnlog;?>.gif" width="11" height="15" border="0" alt="icon" /> |
|
266 |
<?php endif; ?> |
|
267 |
</td> |
|
268 |
<td class="listlr" onclick="fr_toggle(<?=$i;?>)" id="frd<?=$i;?>"> |
|
188 | 269 |
<?=$spans;?> |
189 | 270 |
<?php |
190 | 271 |
if (empty($ph1ent['iketype']) || $ph1ent['iketype'] == "ikev1") |
... | ... | |
194 | 275 |
?> |
195 | 276 |
<?=$spane;?> |
196 | 277 |
</td> |
197 |
<td class="listr"> |
|
278 |
<td class="listr" onclick="fr_toggle(<?=$i;?>)" id="frd<?=$i;?>">
|
|
198 | 279 |
<?=$spans;?> |
199 | 280 |
<?php |
200 | 281 |
if ($ph1ent['interface']) { |
... | ... | |
228 | 309 |
?> |
229 | 310 |
<?=$spane;?> |
230 | 311 |
</td> |
231 |
<td class="listr"> |
|
312 |
<td class="listr" onclick="fr_toggle(<?=$i;?>)" id="frd<?=$i;?>">
|
|
232 | 313 |
<?=$spans;?> |
233 | 314 |
<?=$ph1ent['mode'];?> |
234 | 315 |
<?=$spane;?> |
235 | 316 |
</td> |
236 |
<td class="listr"> |
|
317 |
<td class="listr" onclick="fr_toggle(<?=$i;?>)" id="frd<?=$i;?>">
|
|
237 | 318 |
<?=$spans;?> |
238 | 319 |
<?=$p1_ealgos[$ph1ent['encryption-algorithm']['name']]['name'];?> |
239 | 320 |
<?php |
... | ... | |
246 | 327 |
?> |
247 | 328 |
<?=$spane;?> |
248 | 329 |
</td> |
249 |
<td class="listr"> |
|
330 |
<td class="listr" onclick="fr_toggle(<?=$i;?>)" id="frd<?=$i;?>">
|
|
250 | 331 |
<?=$spans;?> |
251 | 332 |
<?=$p1_halgos[$ph1ent['hash-algorithm']];?> |
252 | 333 |
<?=$spane;?> |
253 | 334 |
</td> |
254 |
<td class="listbg"> |
|
335 |
<td class="listbg" onclick="fr_toggle(<?=$i;?>)">
|
|
255 | 336 |
<?=$spans;?> |
256 | 337 |
<?=htmlspecialchars($ph1ent['descr']);?> |
257 | 338 |
<?=$spane;?> |
... | ... | |
259 | 340 |
<td valign="middle" class="list nowrap"> |
260 | 341 |
<table border="0" cellspacing="0" cellpadding="1" summary="icons"> |
261 | 342 |
<tr> |
343 |
<td> |
|
344 |
<input onmouseover="fr_insline(<?=$i;?>, true)" onmouseout="fr_insline(<?=$i;?>, false)" |
|
345 |
name="move_<?=$i;?>" src="/themes/<?= $g['theme']; ?>/images/icons/icon_left.gif" |
|
346 |
title="<?=gettext("move selected entries before this");?>" |
|
347 |
type="image" style="height:17;width:17;border:0" /> |
|
348 |
</td> |
|
262 | 349 |
<td> |
263 | 350 |
<a href="vpn_ipsec_phase1.php?p1index=<?=$i;?>"> |
264 | 351 |
<img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" title="<?=gettext("edit phase1 entry"); ?>" width="17" height="17" border="0" alt="edit" /> |
265 | 352 |
</a> |
266 | 353 |
</td> |
354 |
</tr> |
|
355 |
<tr> |
|
267 | 356 |
<td> |
268 | 357 |
<a href="vpn_ipsec.php?act=delph1&p1index=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this phase1 and all associated phase2 entries?"); ?>')"> |
269 | 358 |
<img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" title="<?=gettext("delete phase1 entry"); ?>" width="17" height="17" border="0" alt="delete" /> |
270 | 359 |
</a> |
271 | 360 |
</td> |
272 |
</tr>
|
|
361 |
<td>
|
|
273 | 362 |
<?php |
274 | 363 |
if (!isset($ph1ent['mobile'])): |
275 | 364 |
?> |
276 |
<tr> |
|
277 |
<td> |
|
278 |
</td> |
|
279 |
<td> |
|
280 | 365 |
<a href="vpn_ipsec_phase1.php?dup=<?=$i;?>"> |
281 | 366 |
<img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("copy phase1 entry"); ?>" width="17" height="17" border="0" alt="add" /> |
282 | 367 |
</a> |
283 |
</td> |
|
284 |
</tr> |
|
285 | 368 |
<?php |
286 | 369 |
endif; |
287 | 370 |
?> |
371 |
</td> |
|
372 |
</tr> |
|
288 | 373 |
</table> |
289 | 374 |
</td> |
290 | 375 |
</tr> |
291 | 376 |
<tr> |
377 |
<td class="listt"> </td> |
|
378 |
<td class="listt"> </td> |
|
292 | 379 |
<td class="listrborder" colspan="6"> |
293 | 380 |
<div id="shph2but-<?=$i?>"> |
294 | 381 |
<?php |
... | ... | |
301 | 388 |
?> |
302 | 389 |
<input type="button" onclick="show_phase2('tdph2-<?=$i?>','shph2but-<?=$i?>')" value="+" /> - <?php printf(gettext("Show %s Phase-2 entries"), $phase2count); ?> |
303 | 390 |
</div> |
304 |
<table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="0" id="tdph2-<?=$i?>" style="display:none" summary="phase-2 entries"> |
|
391 |
<div id="tdph2-<?=$i?>" style="display:none"> |
|
392 |
<table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="0" summary="phase-2 entries"> |
|
305 | 393 |
<tr> |
306 | 394 |
<td class="listhdrr"><?=gettext("Mode"); ?></td> |
307 | 395 |
<?php |
... | ... | |
411 | 499 |
endforeach; |
412 | 500 |
?> |
413 | 501 |
</table> |
414 |
</td> |
|
415 |
</tr> |
|
416 |
<tr> |
|
417 |
<td> |
|
418 |
|
|
502 |
</div> |
|
419 | 503 |
</td> |
420 | 504 |
</tr> |
421 | 505 |
<?php |
422 | 506 |
$i++; |
423 | 507 |
endforeach; // $a_phase1 as $ph1ent |
424 |
if($i === 0) |
|
425 |
show_ipsec_header($ph1ent); |
|
426 | 508 |
?> |
427 | 509 |
<tr> |
428 |
<td class="list" colspan="6"></td>
|
|
429 |
<td class="list"> |
|
430 |
<table border="0" cellspacing="0" cellpadding="1" summary="add">
|
|
510 |
<td class="list" colspan="8"></td>
|
|
511 |
<td class="list nowrap" valign="middle">
|
|
512 |
<table border="0" cellspacing="0" cellpadding="1" summary="edit">
|
|
431 | 513 |
<tr> |
432 |
<td width="17"></td> |
|
514 |
<td> |
|
515 |
<?php |
|
516 |
if ($i == 0): |
|
517 |
?> |
|
518 |
<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_left_d.gif" width="17" height="17" title="<?=gettext("move selected phase1 entries to end");?>" border="0" alt="move" /> |
|
519 |
<?php |
|
520 |
else: |
|
521 |
?> |
|
522 |
<input name="move_<?=$i;?>" type="image" src="/themes/<?= $g['theme']; ?>/images/icons/icon_left.gif" style="width:17;height:17;border:0" title="<?=gettext("move selected phase1 entries to end");?>" /> |
|
523 |
<?php |
|
524 |
endif; |
|
525 |
?> |
|
526 |
</td> |
|
433 | 527 |
<td> |
434 | 528 |
<a href="vpn_ipsec_phase1.php"> |
435 |
<img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add phase1 entry"); ?>" width="17" height="17" border="0" alt="add" />
|
|
529 |
<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" title="<?=gettext("add new phase1");?>" alt="add" />
|
|
436 | 530 |
</a> |
437 | 531 |
</td> |
438 | 532 |
</tr> |
533 |
<tr> |
|
534 |
<td> |
|
535 |
<?php |
|
536 |
if ($i == 0): |
|
537 |
?> |
|
538 |
<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x_d.gif" width="17" height="17" title="<?=gettext("delete selected phase1 entries");?>" border="0" alt="delete" /> |
|
539 |
<?php |
|
540 |
else: |
|
541 |
?> |
|
542 |
<input name="del" type="image" src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" style="width:17;height:17" title="<?=gettext("delete selected phase1 entries");?>" onclick="return confirm('<?=gettext("Do you really want to delete the selected phase1 entries?");?>')" /> |
|
543 |
<?php |
|
544 |
endif; |
|
545 |
?> |
|
546 |
</td> |
|
547 |
</tr> |
|
439 | 548 |
</table> |
440 | 549 |
</td> |
441 | 550 |
</tr> |
442 | 551 |
<tr> |
443 |
<td colspan="7">
|
|
552 |
<td colspan="8">
|
|
444 | 553 |
<p> |
445 | 554 |
<span class="vexpl"> |
446 | 555 |
<span class="red"> |
447 | 556 |
<strong><?=gettext("Note"); ?>:<br /></strong> |
448 | 557 |
</span> |
449 |
<?=gettext("You can check your IPsec status at"); ?> <a href="diag_ipsec.php"><?=gettext("Status:IPsec"); ?></a>.<br /> |
|
558 |
<?=gettext("You can check your IPsec status at"); ?> <a href="diag_ipsec.php"><?=gettext("Status:IPsec"); ?></a>.<br />
|
|
450 | 559 |
<?=gettext("IPsec Debug Mode can be enabled at"); ?> <a href="vpn_ipsec_settings.php"><?=gettext("VPN:IPsec:Advanced Settings"); ?></a>.<br /> |
451 | 560 |
<?=gettext("IPsec can be set to prefer older SAs at"); ?> <a href="vpn_ipsec_settings.php"><?=gettext("VPN:IPsec:Advanced Settings"); ?></a>. |
452 | 561 |
</span> |
... | ... | |
471 | 580 |
</script> |
472 | 581 |
</body> |
473 | 582 |
</html> |
474 |
|
|
475 |
<?php |
|
476 |
|
|
477 |
function show_ipsec_header($ph1ent) { |
|
478 |
|
|
479 |
?> |
|
480 |
<tr> |
|
481 |
<td class="listhdrr"><?=gettext("IKE"); ?></td> |
|
482 |
<td class="listhdrr"><?=gettext("Remote Gateway"); ?></td> |
|
483 |
<td class="listhdrr"><?=gettext("Mode"); ?></td> |
|
484 |
<td class="listhdrr"><?=gettext("P1 Protocol"); ?></td> |
|
485 |
<td class="listhdrr"><?=gettext("P1 Transforms"); ?></td> |
|
486 |
<td class="listhdrr"><?=gettext("P1 Description"); ?></td> |
|
487 |
<td class="list"> |
|
488 |
</td> |
|
489 |
</tr> |
|
490 |
|
|
491 |
<?php |
|
492 |
|
|
493 |
} |
|
494 |
|
|
495 |
?> |
Formats disponibles : Unified diff
Improvements on IPsec GUI (Ticket #3328):