Project

General

Profile

Actions

Bug #5340

closed

IPsec logging - silent can't be configured, issues with defaults

Added by Chris Buechler about 6 years ago. Updated about 6 years ago.

Status:
Resolved
Priority:
Normal
Category:
IPsec
Target version:
Start date:
10/24/2015
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.2.x
Affected Architecture:

Description

Silent logging can't actually be configured on vpn_ipsec_settings.php, because 0 isn't stored in the config (PHP considers "0" to be empty). That quirk of PHP is also relied upon to set a "default" value.

Need to have a way of actually saving and applying "silent", and show correct defaults where log levels don't exist in the config.

Actions #1

Updated by Jim Thompson about 6 years ago

  • Assignee set to Matthew Smith

let's see if we can't find a work-around, or just push this to 2.3.

PHP is fucking stupid.

Actions #2

Updated by Chris Buechler about 6 years ago

  • Status changed from Confirmed to Feedback

should work in 2.2.5 now. Needs review, and merging to 2.3.

Actions #3

Updated by Chris Buechler about 6 years ago

  • Status changed from Feedback to Confirmed
  • Assignee changed from Matthew Smith to Chris Buechler

better, couple remaining things I'm fixing now

Actions #4

Updated by Matthew Smith about 6 years ago

If you are shifting the scale to the range 1..6, the statement where you set the default value to 2 is incorrect. When I copy it to a test box, it ends up setting the default to Audit, when the strongswan default is equivalent to control. The strongswan default on the range from -1 to 4 is 1 (the third value). Your new default should be 3.

The statements in the input validation section at the top will all need to have their ranges adjusted as well. You could probably replace those 16 if statements that check each individual log setting with a loop to do the same thing:

        foreach ($ipsec_loglevels as $lkey => $ldescr) {

                if (isset($pconfig["ipsec_{$lkey}"]) && !in_array(intval($pconfig["ipsec_{$lkey}"]), range(-1, 4))) {
                        $input_errors[] = "A valid value must be specified for {$ldescr} debug.";
                }
        }
Actions #5

Updated by Chris Buechler about 6 years ago

  • Status changed from Confirmed to Feedback

Thanks Matt, got both those too.

This seems to be ok now.

Actions #6

Updated by Chris Buechler about 6 years ago

  • Status changed from Feedback to Resolved

fixed

Actions

Also available in: Atom PDF