/src/usr/local/www/status_ipsec.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/src/usr/local/www/status_ipsec.php @ 10f9a4a9

-            cf7d1057
+<?php
 /*
-            aaec5634
+ * status_ipsec.php
-b2861c
+            Matt Smith
-            aaec5634
+ * part of pfSense (https://www.pfsense.org)
-            e3c0d75e
+ * Copyright (c) 2004-2018 Rubicon Communications, LLC (Netgate)
-            aaec5634
+ * All rights reserved.
-            fd9ebcd5
+            Stephen Beaver
-            aaec5634
+ * originally based on m0n0wall (http://m0n0.ch/wall)
  * Copyright (c) 2003-2004 Manuel Kasper <mk@neon1.net>.
  * All rights reserved.
-            fd9ebcd5
+            Stephen Beaver
-            aaec5634
+ * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions are met:
-            fd9ebcd5
+            Stephen Beaver
-            aaec5634
+ * 1. Redistributions of source code must retain the above copyright notice,
  *    this list of conditions and the following disclaimer.
-            fd9ebcd5
+            Stephen Beaver
-            aaec5634
+ * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in
  *    the documentation and/or other materials provided with the
  *    distribution.
-            fd9ebcd5
+            Stephen Beaver
-            aaec5634
+ * 3. All advertising materials mentioning features or use of this software
  *    must display the following acknowledgment:
  *    "This product includes software developed by the pfSense Project
  *    for use in the pfSense® software distribution. (http://www.pfsense.org/).
-            fd9ebcd5
+            Stephen Beaver
-            aaec5634
+ * 4. The names "pfSense" and "pfSense Project" must not be used to
  *    endorse or promote products derived from this software without
  *    prior written permission. For written permission, please contact
  *    coreteam@pfsense.org.
-            fd9ebcd5
+            Stephen Beaver
-            aaec5634
+ * 5. Products derived from this software may not be called "pfSense"
  *    nor may "pfSense" appear in their names without prior written
  *    permission of the Electric Sheep Fencing, LLC.
-            fd9ebcd5
+            Stephen Beaver
-            aaec5634
+ * 6. Redistributions of any form whatsoever must retain the following
  *    acknowledgment:
-da0d43e
+            Phil Davis
-            aaec5634
+ * "This product includes software developed by the pfSense Project
  * for use in the pfSense software distribution (http://www.pfsense.org/).
-            fd9ebcd5
+            Stephen Beaver
-            aaec5634
+ * THIS SOFTWARE IS PROVIDED BY THE pfSense PROJECT ``AS IS'' AND ANY
  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE pfSense PROJECT OR
  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
  * OF THE POSSIBILITY OF SUCH DAMAGE.
-            fd9ebcd5
+ */
-            cf7d1057
+            Scott Ullrich
-b07c15a
+##|+PRIV
 ##|*IDENT=page-status-ipsec
-f468
+##|*NAME=Status: IPsec
-b07c15a
+##|*DESCR=Allow access to the 'Status: IPsec' page.
-af5edbf
+##|*MATCH=status_ipsec.php*
-b07c15a
+##|-PRIV
-            aceaf18c
+require_once("guiconfig.inc");
-afa8
+require_once("ipsec.inc");
-b07c15a
+            Matthew Grooms
-            a93e56c5
+global $g;
-f69e2
+if (!is_array($config['ipsec']['phase1'])) {
 	$config['ipsec']['phase1'] = array();
+}
-afa8
+// If this is just an AJAX call to update the table body, just generate the body and quit
 if ($_REQUEST['ajax']) {
 	print_ipsec_body();
 	exit;
+}
-            a93e56c5
+            Matthew Grooms
-c63
+if ($_GET['act'] == 'connect') {
 	if (ctype_digit($_GET['ikeid'])) {
-c3b5b
+		$ph1ent = ipsec_get_phase1($_GET['ikeid']);
 		if (!empty($ph1ent)) {
-d51fcde
+			if (empty($ph1ent['iketype']) || $ph1ent['iketype'] == 'ikev1' || isset($ph1ent['splitconn'])) {
-c3b5b
+				$ph2entries = ipsec_get_number_of_phase2($_GET['ikeid']);
 				for ($i = 0; $i < $ph2entries; $i++) {
 					$connid = escapeshellarg("con{$_GET['ikeid']}00{$i}");
-            c5d8cbe0
+					mwexec_bg("/usr/local/sbin/ipsec down {$connid}");
-            b866103e
+					mwexec_bg("/usr/local/sbin/ipsec up {$connid}");
-c3b5b
+            Ermal LUÇI
 			} else {
-            c5d8cbe0
+				mwexec_bg("/usr/local/sbin/ipsec down con" . escapeshellarg($_GET['ikeid']));
-            b866103e
+				mwexec_bg("/usr/local/sbin/ipsec up con" . escapeshellarg($_GET['ikeid']));
-c3b5b
+            Ermal LUÇI
+		}
-e8b0ec3
+            jim-p
-c63
+} else if ($_GET['act'] == 'ikedisconnect') {
 	if (ctype_digit($_GET['ikeid'])) {
-f601060
+		if (!empty($_GET['ikesaid']) && ctype_digit($_GET['ikesaid'])) {
-            c5d8cbe0
+			mwexec_bg("/usr/local/sbin/ipsec down con" . escapeshellarg($_GET['ikeid']) . "[" . escapeshellarg($_GET['ikesaid']) . "]");
-f601060
+		} else {
-            c5d8cbe0
+			mwexec_bg("/usr/local/sbin/ipsec down con" . escapeshellarg($_GET['ikeid']));
-f601060
+            Phil Davis
-be051
+            bcyrill
-            e952906e
+} else if ($_GET['act'] == 'childdisconnect') {
 	if (ctype_digit($_GET['ikeid'])) {
-f601060
+		if (!empty($_GET['ikesaid']) && ctype_digit($_GET['ikesaid'])) {
-            c5d8cbe0
+			mwexec_bg("/usr/local/sbin/ipsec down con" . escapeshellarg($_GET['ikeid']) . "{" . escapeshellarg($_GET['ikesaid']) . "}");
-f601060
+            Phil Davis
-e0b68bf
+            jim-p
+}
-afa8
+// Table body is composed here so that it can be more easily updated via AJAX
 function print_ipsec_body() {
 	global $config;
-            a93e56c5
+            Matthew Grooms
-afa8
+	$a_phase1 = &$config['ipsec']['phase1'];
 	$status = ipsec_list_sa();
 	$ipsecconnected = array();
-            a93e56c5
+            Matthew Grooms
-afa8
+	if (is_array($status)) {
 		foreach ($status as $ikeid => $ikesa) {
 			$con_id = substr($ikeid, 3);
-cc0a
+            sbeaver
-afa8
+			if ($ikesa['version'] == 1) {
 				$ph1idx = substr($con_id, 0, strrpos(substr($con_id, 0, -1), '00'));
 				$ipsecconnected[$ph1idx] = $ph1idx;
 			} else {
-b965
+				if (!ipsec_ikeid_used($con_id)) {
 					// probably a v2 with split connection then
 					$ph1idx = substr($con_id, 0, strrpos(substr($con_id, 0, -1), '00'));
 					$ipsecconnected[$ph1idx] = $ph1idx;
 				} else {
 					$ipsecconnected[$con_id] = $ph1idx = $con_id;
+				}
-afa8
+            Stephen Beaver
-cc0a
+            sbeaver
-afa8
+			print("<tr>\n");
 			print("<td>\n");
 			print(htmlspecialchars(ipsec_get_descr($ph1idx)));
 			print("</td>\n");
 			print("<td>\n");
-da0d43e
+            Phil Davis
-afa8
+			if (!empty($ikesa['local-id'])) {
 				if ($ikesa['local-id'] == '%any') {
 					print(gettext('Any identifier'));
 				} else {
 					print(htmlspecialchars($ikesa['local-id']));
+				}
-f601060
+			} else {
-afa8
+				print(gettext("Unknown"));
-f601060
+            Phil Davis
-b2861c
+            Matt Smith
-afa8
+			print("</td>\n");
 			print("<td>\n");
 			if (!empty($ikesa['local-host'])) {
 				print(htmlspecialchars($ikesa['local-host']));
-b2861c
+			} else {
-afa8
+				print(gettext("Unknown"));
-b2861c
+            Matt Smith
-afa8
+            Stephen Beaver
 			/*
 			 * XXX: local-nat-t was defined by pfSense
 			 * When strongswan team accepted the change, they changed it to
 			 * nat-local. Keep both for a while and remove local-nat-t in
 			 * the future
 			 */
 			if (isset($ikesa['local-nat-t']) || isset($ikesa['nat-local'])) {
-            c7445ef5
+				print(" NAT-T");
-afa8
+            Stephen Beaver
 			print("</td>\n");
 			print("<td>\n");
 			$identity = "";
 			if (!empty($ikesa['remote-id'])) {
 				if ($ikesa['remote-id'] == '%any') {
 					$identity = htmlspecialchars(gettext('Any identifier'));
 				} else {
 					$identity = htmlspecialchars($ikesa['remote-id']);
+				}
+			}
 			if (!empty($ikesa['remote-xauth-id'])) {
 				echo htmlspecialchars($ikesa['remote-xauth-id']);
 				echo "<br/>{$identity}";
 			} elseif (!empty($ikesa['remote-eap-id'])) {
 				echo htmlspecialchars($ikesa['remote-eap-id']);
 				echo "<br/>{$identity}";
 			} else {
 				if (empty($identity)) {
 					print(gettext("Unknown"));
 				} else {
 					print($identity);
+				}
+			}
 			print("</td>\n");
 			print("<td>\n");
 			if (!empty($ikesa['remote-host'])) {
 				print(htmlspecialchars($ikesa['remote-host']));
 			} else {
-cc0a
+				print(gettext("Unknown"));
-afa8
+            Stephen Beaver
 			/*
 			 * XXX: remote-nat-t was defined by pfSense
 			 * When strongswan team accepted the change, they changed it to
 			 * nat-remote. Keep both for a while and remove remote-nat-t in
 			 * the future
 			 */
 			if (isset($ikesa['remote-nat-t']) || isset($ikesa['nat-remote'])) {
 				print(" NAT-T");
+			}
 			print("</td>\n");
 			print("<td>\n");
 			print("IKEv" . htmlspecialchars($ikesa['version']));
 			print("<br/>\n");
 			if ($ikesa['initiator'] == 'yes') {
 				print("initiator");
 			} else {
 				print("responder");
+			}
 			print("</td>\n");
 			print("<td>\n");
-e09114
+			print(htmlspecialchars($ikesa['reauth-time']) . gettext(" seconds (") . convert_seconds_to_dhms($ikesa['reauth-time']) . ")");
-afa8
+			print("</td>\n");
 			print("<td>\n");
 			print(htmlspecialchars($ikesa['encr-alg']));
 			print("<br/>");
 			print(htmlspecialchars($ikesa['integ-alg']));
 			print("<br/>");
 			print(htmlspecialchars($ikesa['prf-alg']));
 			print("<br/>\n");
 			print(htmlspecialchars($ikesa['dh-group']));
 			print("</td>\n");
 			print("<td>\n");
 			if ($ikesa['state'] == 'ESTABLISHED') {
 				print('<span class="text-success">');
 			} else {
 				print('<span>');
+			}
 			print(ucfirst(htmlspecialchars($ikesa['state'])));
-            e2fba23c
+            Stephen Beaver
 			if ($ikesa['state'] == 'ESTABLISHED') {
-e09114
+				print("<br/>" . htmlspecialchars($ikesa['established']) . gettext(" seconds (") . convert_seconds_to_dhms($ikesa['established']) . gettext(") ago"));
-            e2fba23c
+            Stephen Beaver
-afa8
+			print("</span>");
 			print("</td>\n");
 			print("<td>\n");
 			if ($ikesa['state'] != 'ESTABLISHED') {
-            e2fba23c
+				print('<a href="status_ipsec.php?act=connect&amp;ikeid=' . $con_id . '" class="btn btn-xs btn-success" data-toggle="tooltip" title="' . gettext("Connect VPN"). '" >');
 				print('<i class="fa fa-sign-in icon-embed-btn"></i>');
 				print(gettext("Connect VPN"));
 				print("</a>\n");
-afa8
+            Stephen Beaver
-b2861c
+			} else {
-afa8
+            Stephen Beaver
 				print('<a href="status_ipsec.php?act=ikedisconnect&amp;ikeid=' . $con_id . '" class="btn btn-xs btn-danger" data-toggle="tooltip" title="' . gettext("Disconnect VPN") . '">');
 				print('<i class="fa fa-trash icon-embed-btn"></i>');
 				print(gettext("Disconnect"));
 				print("</a><br />\n");
+			}
 			print("</td>\n");
 			print("</tr>\n");
 			print("<tr>\n");
 			print("<td colspan = 10>\n");
 			if (is_array($ikesa['child-sas']) && (count($ikesa['child-sas']) > 0)) {
-            cccb1e1a
+				print('<div>');
 				print('<a type="button" id="btnchildsa-' . $ikeid .  '" class="btn btn-sm btn-info">');
-afa8
+				print('<i class="fa fa-plus-circle icon-embed-btn"></i>');
 				print(gettext('Show child SA entries'));
 				print("</a>\n");
 				print("	</div>\n");
 				print('<table class="table table-hover table-condensed" id="childsa-' . $ikeid . '" style="display:none">');
 				print("<thead>\n");
 				print('<tr class="bg-info">');
 				print('<th><?=gettext("Local subnets")?></th>');
 				print('<th><?=gettext("Local SPI(s)")?></th>');
 				print('<th><?=gettext("Remote subnets")?></th>');
 				print('<th><?=gettext("Times")?></th>');
 				print('<th><?=gettext("Algo")?></th>');
 				print('<th><?=gettext("Stats")?></th>');
 				print('<th><!-- Buttons --></th>');
 				print("</tr\n");
 				print("</thead>\n");
 				print("<tbody>\n");
 				foreach ($ikesa['child-sas'] as $childid => $childsa) {
 					print("<tr>");
 					print("<td>\n");
 					if (is_array($childsa['local-ts'])) {
 						foreach ($childsa['local-ts'] as $lnets) {
 							print(htmlspecialchars(ipsec_fixup_network($lnets)) . "<br />");
+						}
 					} else {
 						print(gettext("Unknown"));
+					}
 					print("</td>\n");
 					print("<td>\n");
 					if (isset($childsa['spi-in'])) {
 						print(gettext("Local: ") . htmlspecialchars($childsa['spi-in']));
+					}
 					if (isset($childsa['spi-out'])) {
 						print('<br/>' . gettext('Remote: ') . htmlspecialchars($childsa['spi-out']));
+					}
 					print("</td>\n");
 					print("<td>\n");
 					if (is_array($childsa['remote-ts'])) {
 						foreach ($childsa['remote-ts'] as $rnets) {
 							print(htmlspecialchars(ipsec_fixup_network($rnets)) . '<br />');
+						}
 					} else {
 						print(gettext("Unknown"));
+					}
 					print("</td>\n");
 					print("<td>\n");
-e09114
+					print(gettext("Rekey: ") . htmlspecialchars($childsa['rekey-time']) . gettext(" seconds (") . convert_seconds_to_dhms($childsa['rekey-time']) . ")");
 					print('<br/>' . gettext('Life: ') . htmlspecialchars($childsa['life-time']) . gettext(" seconds (") . convert_seconds_to_dhms($childsa['life-time']) . ")");
 					print('<br/>' . gettext('Install: ') .htmlspecialchars($childsa['install-time']) . gettext(" seconds (") . convert_seconds_to_dhms($childsa['install-time']) . ")");
-afa8
+            Stephen Beaver
 					print("</td>\n");
 					print("<td>\n");
 					print(htmlspecialchars($childsa['encr-alg']) . '<br/>');
 					print(htmlspecialchars($childsa['integ-alg']) . '<br/>');
 					if (!empty($childsa['prf-alg'])) {
 						print(htmlspecialchars($childsa['prf-alg']) . '<br/>');
+					}
 					if (!empty($childsa['dh-group'])) {
 						print(htmlspecialchars($childsa['dh-group']) . '<br/>');
+					}
 					if (!empty($childsa['esn'])) {
 						print(htmlspecialchars($childsa['esn']) . '<br/>');
+					}
 					print(gettext("IPComp: "));
 					if (!empty($childsa['cpi-in']) || !empty($childsa['cpi-out'])) {
 						print(htmlspecialchars($childsa['cpi-in']) . " " . htmlspecialchars($childsa['cpi-out']));
 					} else {
 						print(gettext('none'));
+					}
 					print("</td>\n");
 					print("<td>\n");
 					print(gettext("Bytes-In: ") . htmlspecialchars(number_format($childsa['bytes-in'])) . ' (' . htmlspecialchars(format_bytes($childsa['bytes-in'])) . ')<br/>');
 					print(gettext("Packets-In: ") . htmlspecialchars(number_format($childsa['packets-in'])) . '<br/>');
 					print(gettext("Bytes-Out: ") . htmlspecialchars(number_format($childsa['bytes-out'])) . ' (' . htmlspecialchars(format_bytes($childsa['bytes-out'])) . ')<br/>');
 					print(gettext("Packets-Out: ") . htmlspecialchars(number_format($childsa['packets-out'])) . '<br/>');
 					print("</td>\n");
 					print("<td>\n");
 					print('<a href="status_ipsec.php?act=childdisconnect&amp;ikeid=' . $con_id . '&amp;ikesaid=' . $childsa['uniqueid'] . '" class="btn btn-xs btn-warning" data-toggle="tooltip" title="' . gettext('Disconnect Child SA') . '">');
 					print('<i class="fa fa-trash icon-embed-btn"></i>');
 					print(gettext("Disconnect"));
 					print("</a>\n");
 					print("</td>\n");
 					print("</tr>\n");
+				}
 				print("</tbody>\n");
 				print("	</table>\n");
 				print("</td>\n");
-ca0c0
+				print("</tr>\n");
-afa8
+            Stephen Beaver
-cc0a
+            sbeaver
-afa8
+            Stephen Beaver
 			unset($con_id);
-b2861c
+            Matt Smith
-afa8
+            Stephen Beaver
+	}
 	$rgmap = array();
-f69e2
+	if (is_array($a_phase1)) {
 		foreach ($a_phase1 as $ph1ent) {
 			if (isset($ph1ent['disabled'])) {
 				continue;
+			}
-afa8
+            Stephen Beaver
-f69e2
+			$rgmap[$ph1ent['remote-gateway']] = $ph1ent['remote-gateway'];
-afa8
+            Stephen Beaver
-f69e2
+			if ($ipsecconnected[$ph1ent['ikeid']]) {
 				continue;
+			}
-afa8
+            Stephen Beaver
-f69e2
+			print("<tr>\n");
 			print("<td>\n");
-afa8
+            Stephen Beaver
-f69e2
+			print(htmlspecialchars($ph1ent['descr']));
 			print("</td>\n");
 			print("<td>\n");
 			list ($myid_type, $myid_data) = ipsec_find_id($ph1ent, "local");
-afa8
+            Stephen Beaver
-f69e2
+			if (empty($myid_data)) {
 				print(gettext("Unknown"));
 			} else {
 				print(htmlspecialchars($myid_data));
+			}
-afa8
+            Stephen Beaver
-f69e2
+			print("</td>\n");
 			print("<td>\n");
 			$ph1src = ipsec_get_phase1_src($ph1ent);
-afa8
+            Stephen Beaver
-f69e2
+			if (empty($ph1src)) {
 				print(gettext("Unknown"));
 			} else {
 				print(htmlspecialchars($ph1src));
+			}
-afa8
+            Stephen Beaver
-f69e2
+			print("</td>\n");
 			print("<td>\n");
-da0d43e
+            Phil Davis
-f69e2
+			list ($peerid_type, $peerid_data) = ipsec_find_id($ph1ent, "peer", $rgmap);
-cc0a
+            sbeaver
-f69e2
+			if (empty($peerid_data)) {
 				print(gettext("Unknown"));
 			} else {
 				print(htmlspecialchars($peerid_data));
+			}
 			print("			</td>\n");
 			print("			<td>\n");
 			$ph1src = ipsec_get_phase1_dst($ph1ent);
-da0d43e
+            Phil Davis
-f69e2
+			if (empty($ph1src)) {
 				print(gettext("Unknown"));
 			} else {
 				print(htmlspecialchars($ph1src));
+			}
-da0d43e
+            Phil Davis
-afa8
+			print("</td>\n");
 			print("<td>\n");
 			print("</td>\n");
 			print("<td>\n");
 			print("</td>\n");
 			print("<td>\n");
 			print("</td>\n");
-cc0a
+            sbeaver
-f69e2
+			if (isset($ph1ent['mobile'])) {
 				print("<td>\n");
 				print(gettext("Awaiting connections"));
 				print("</td>\n");
 				print("<td>\n");
 				print("</td>\n");
 				print("</td>\n");
 			} else {
 				print("<td>\n");
 				print(gettext("Disconnected"));
 				print("</td>\n");
 				print("<td>\n");
 				print('<a href="status_ipsec.php?act=connect&amp;ikeid=' . $ph1ent['ikeid'] . '" class="btn btn-xs btn-success">');
 				print('<i class="fa fa-sign-in icon-embed-btn"></i>');
 				print(gettext("Connect VPN"));
 				print("</a>\n");
 				print("</td>\n");
+			}
 			print("</tr>\n");
-afa8
+            Stephen Beaver
-            97242546
+            Matt Smith
-afa8
+	unset($ipsecconnected, $phase1, $rgmap);
-b2861c
+            Matt Smith
-cc0a
+            sbeaver
-afa8
+$pgtitle = array(gettext("Status"), gettext("IPsec"), gettext("Overview"));
-            de02dc29
+$pglinks = array("", "@self", "@self");
-afa8
+$shortcut_section = "ipsec";
-da0d43e
+            Phil Davis
-afa8
+include("head.inc");
-da0d43e
+            Phil Davis
-afa8
+$tab_array = array();
 $tab_array[] = array(gettext("Overview"), true, "status_ipsec.php");
 $tab_array[] = array(gettext("Leases"), false, "status_ipsec_leases.php");
 $tab_array[] = array(gettext("SADs"), false, "status_ipsec_sad.php");
 $tab_array[] = array(gettext("SPDs"), false, "status_ipsec_spd.php");
 display_top_tabs($tab_array);
-cc0a
+?>
-da0d43e
+            Phil Davis
-afa8
+<div class="panel panel-default">
 	<div class="panel-heading"><h2 class="panel-title"><?=gettext("IPsec Status");?></h2></div>
 	<div class="panel-body table-responsive">
 		<table class="table table-striped table-condensed table-hover sortable-theme-bootstrap" data-sortable>
 			<thead>
 				<tr>
 					<th><?=gettext("Description")?></th>
 					<th><?=gettext("Local ID")?></th>
 					<th><?=gettext("Local IP")?></th>
 					<th><?=gettext("Remote ID")?></th>
 					<th><?=gettext("Remote IP")?></th>
 					<th><?=gettext("Role")?></th>
 					<th><?=gettext("Reauth")?></th>
 					<th><?=gettext("Algo")?></th>
 					<th><?=gettext("Status")?></th>
 					<th></th>
 				</tr>
 			</thead>
 			<tbody id="ipsec-body">
 				<tr>
-            d8257e0e
+					<td colspan="10">
-ca5d09f
+						<?=print_info_box(gettext("Collecting IPsec status information."), "warning", "")?>
-cc0a
+					</td>
 				</tr>
 			</tbody>
-            c7fbdd6c
+		</table>
 	</div>
-cc0a
+</div>
 <?php
 unset($status);
-afa8
+            Stephen Beaver
-            d2c1089f
+if (ipsec_enabled()) {
-afa8
+	print('<div class="infoblock">');
-            d2c1089f
+} else {
-afa8
+	print('<div class="infoblock blockopen">');
-            d2c1089f
+            Phil Davis
-afa8
+            Stephen Beaver
-a22d33f
+print_info_box(sprintf(gettext('IPsec can be configured %1$shere%2$s.'), '<a href="vpn_ipsec.php">', '</a>'), 'info', false);
-            d2c1089f
+?>
 </div>
-afa8
+            Stephen Beaver
 <script type="text/javascript">
 //<![CDATA[
 events.push(function() {
-            cccb1e1a
+	ajax_lock = false;		// Mutex so we don't make a call until the previous call is finished
 	sa_open = new Array();	// Array in which to keep the child SA show/hide state
-afa8
+            Stephen Beaver
 	// Fetch the tbody contents from the server
 	function update_table() {
 		if (ajax_lock) {
 			return;
+		}
 		ajax_lock = true;
 		ajaxRequest = $.ajax(
+			{
 				url: "/status_ipsec.php",
 				type: "post",
 				data: {
 					ajax: 	"ajax"
+				}
+			}
 		);
 		// Deal with the results of the above ajax call
 		ajaxRequest.done(function (response, textStatus, jqXHR) {
-            d8257e0e
+            NOYB
 			if (!response) {
-ca5d09f
+				response = '<tr><td colspan="10"><?=print_info_box(gettext("No IPsec status information available."), "warning", "")?></td></tr>';
-            d8257e0e
+            NOYB
-afa8
+			$('#ipsec-body').html(response);
 			ajax_lock = false;
-            cccb1e1a
+			// Update "Show child SA" handlers
 			$('[id^=btnchildsa-]').click(function () {
 				show_childsa($(this).prop("id").replace( /^\D+/g, ''));
 			});
 			// Check the sa_open array for child SAs that have been opened
-afa8
+			$('[id^=childsa-con]').each(function(idx) {
-            cccb1e1a
+				sa_idx = $(this).prop("id").replace( /^\D+/g, '');
-afa8
+            Stephen Beaver
 				if (sa_open[sa_idx]) {
-            cccb1e1a
+					show_childsa(sa_idx);
-afa8
+            Stephen Beaver
 			});
 			// and do it again
 			setTimeout(update_table, 5000);
 		});
+	}
-            cccb1e1a
+	function show_childsa(said) {
 		sa_open[said] = true;
 		$('#childsa-con' + said).show();
 		$('#btnchildsa-con' + said).hide();
+	}
-afa8
+	// Populate the tbody on page load
 	update_table();
 });
 //]]>
 </script>
-            d2c1089f
+<?php
-cc0a
+include("foot.inc"); ?>

Project

General

Profile

pfSense