/src/usr/local/www/status_ipsec.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/src/usr/local/www/status_ipsec.php @ 3e1b29c7

1	cf7d1057	Scott Ullrich	<?php
2			/*
3	c5d81585	Renato Botelho	* status_ipsec.php
4	86b2861c	Matt Smith	*
5	c5d81585	Renato Botelho	* part of pfSense (https://www.pfsense.org)
6	b8f91b7c	Luiz Souza	* Copyright (c) 2004-2018 Rubicon Communications, LLC (Netgate)
7	c5d81585	Renato Botelho	* All rights reserved.
8	fd9ebcd5	Stephen Beaver	*
9	c5d81585	Renato Botelho	* originally based on m0n0wall (http://m0n0.ch/wall)
10			* Copyright (c) 2003-2004 Manuel Kasper <mk@neon1.net>.
11			* All rights reserved.
12	fd9ebcd5	Stephen Beaver	*
13	b12ea3fb	Renato Botelho	* Licensed under the Apache License, Version 2.0 (the "License");
14			* you may not use this file except in compliance with the License.
15			* You may obtain a copy of the License at
16	fd9ebcd5	Stephen Beaver	*
17	b12ea3fb	Renato Botelho	* http://www.apache.org/licenses/LICENSE-2.0
18	fd9ebcd5	Stephen Beaver	*
19	b12ea3fb	Renato Botelho	* Unless required by applicable law or agreed to in writing, software
20			* distributed under the License is distributed on an "AS IS" BASIS,
21			* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
22			* See the License for the specific language governing permissions and
23			* limitations under the License.
24	fd9ebcd5	Stephen Beaver	*/
25	cf7d1057	Scott Ullrich
26	6b07c15a	Matthew Grooms	##\|+PRIV
27			##\|*IDENT=page-status-ipsec
28	5230f468	jim-p	##\|*NAME=Status: IPsec
29	6b07c15a	Matthew Grooms	##\|*DESCR=Allow access to the 'Status: IPsec' page.
30	1af5edbf	Stephen Beaver	##\|MATCH=status_ipsec.php
31	6b07c15a	Matthew Grooms	##\|-PRIV
32
33	c81ef6e2	Phil Davis	require_once("guiconfig.inc");
34	4260c32a	Stephen Beaver	require_once("ipsec.inc");
35	6b07c15a	Matthew Grooms
36	a93e56c5	Matthew Grooms	global $g;
37
38	4b5f2ab3	Phil Davis	if (!is_array($config['ipsec']['phase1'])) {
39			$config['ipsec']['phase1'] = array();
40			}
41
42	4260c32a	Stephen Beaver	// If this is just an AJAX call to update the table body, just generate the body and quit
43			if ($_REQUEST['ajax']) {
44			print_ipsec_body();
45			exit;
46			}
47	a93e56c5	Matthew Grooms
48	64d53c69	Steve Beaver	if ($_POST['act'] == 'connect') {
49			if (ctype_digit($_POST['ikeid'])) {
50			$ph1ent = ipsec_get_phase1($_POST['ikeid']);
51	483c3b5b	Ermal LUÇI	if (!empty($ph1ent)) {
52	9d51fcde	Chris Buechler	if (empty($ph1ent['iketype']) \|\| $ph1ent['iketype'] == 'ikev1' \|\| isset($ph1ent['splitconn'])) {
53	64d53c69	Steve Beaver	$ph2entries = ipsec_get_number_of_phase2($_POST['ikeid']);
54	483c3b5b	Ermal LUÇI	for ($i = 0; $i < $ph2entries; $i++) {
55	64d53c69	Steve Beaver	$connid = escapeshellarg("con{$_POST['ikeid']}00{$i}");
56	c5d8cbe0	Chris Buechler	mwexec_bg("/usr/local/sbin/ipsec down {$connid}");
57	b866103e	Chris Buechler	mwexec_bg("/usr/local/sbin/ipsec up {$connid}");
58	483c3b5b	Ermal LUÇI	}
59			} else {
60	64d53c69	Steve Beaver	mwexec_bg("/usr/local/sbin/ipsec down con" . escapeshellarg($_POST['ikeid']));
61			mwexec_bg("/usr/local/sbin/ipsec up con" . escapeshellarg($_POST['ikeid']));
62	483c3b5b	Ermal LUÇI	}
63			}
64	6e8b0ec3	jim-p	}
65	64d53c69	Steve Beaver	} else if ($_POST['act'] == 'ikedisconnect') {
66	130f3c92	Stephen Jones
67	64d53c69	Steve Beaver	if (ctype_digit($_POST['ikeid'])) {
68			if (!empty($_POST['ikesaid']) && ctype_digit($_POST['ikesaid'])) {
69	130f3c92	Stephen Jones	mwexec_bg("/usr/local/sbin/ipsec down " ."'" . "con" . escapeshellarg($_POST['ikeid']) . "[" . escapeshellarg($_POST['ikesaid']) . "]" . "'");
70	5f601060	Phil Davis	} else {
71	64d53c69	Steve Beaver	mwexec_bg("/usr/local/sbin/ipsec down con" . escapeshellarg($_POST['ikeid']));
72	5f601060	Phil Davis	}
73	614be051	bcyrill	}
74	64d53c69	Steve Beaver	} else if ($_POST['act'] == 'childdisconnect') {
75	130f3c92	Stephen Jones	//pull out number from id
76			$id_val = filter_var($_POST['ikeid'], FILTER_SANITIZE_NUMBER_INT);
77
78			if (ctype_digit($id_val)) {
79	64d53c69	Steve Beaver	if (!empty($_POST['ikesaid']) && ctype_digit($_POST['ikesaid'])) {
80	130f3c92	Stephen Jones	mwexec_bg("/usr/local/sbin/ipsec down con" . escapeshellarg($id_val) . "{" . escapeshellarg($_POST['ikesaid']) . "}");
81	5f601060	Phil Davis	}
82	6e0b68bf	jim-p	}
83			}
84
85	4260c32a	Stephen Beaver	// Table body is composed here so that it can be more easily updated via AJAX
86			function print_ipsec_body() {
87			global $config;
88			$a_phase1 = &$config['ipsec']['phase1'];
89			$status = ipsec_list_sa();
90			$ipsecconnected = array();
91			if (is_array($status)) {
92			foreach ($status as $ikeid => $ikesa) {
93	130f3c92	Stephen Jones	//check which array format
94			if(isset($ikesa['con-id'])){
95			$con_id = substr($ikesa['con-id'],3);
96			}else{
97			$con_id = filter_var($ikeid, FILTER_SANITIZE_NUMBER_INT);
98			}
99	4260c32a	Stephen Beaver	if ($ikesa['version'] == 1) {
100			$ph1idx = substr($con_id, 0, strrpos(substr($con_id, 0, -1), '00'));
101			$ipsecconnected[$ph1idx] = $ph1idx;
102			} else {
103	109a304e	Graham Collinson	if (!ipsec_ikeid_used($con_id)) {
104			// probably a v2 with split connection then
105			$ph1idx = substr($con_id, 0, strrpos(substr($con_id, 0, -1), '00'));
106			$ipsecconnected[$ph1idx] = $ph1idx;
107			} else {
108			$ipsecconnected[$con_id] = $ph1idx = $con_id;
109			}
110	4260c32a	Stephen Beaver	}
111	3795cc0a	sbeaver
112	4260c32a	Stephen Beaver	print("<tr>\n");
113			print("<td>\n");
114	80392e01	Stephen Jones	if (is_array($a_phase1) && htmlspecialchars(ipsec_get_descr($ph1idx)) == "") {
115	29c1ecb8	Stephen Jones	foreach ($a_phase1 as $ph1) {
116	80392e01	Stephen Jones	if($con_id == $ph1['ikeid'] && isset($ph1['mobile']) ){
117			print(htmlspecialchars($ph1['descr']));
118	29c1ecb8	Stephen Jones	break;
119			}
120			}
121			}
122	4260c32a	Stephen Beaver	print(htmlspecialchars(ipsec_get_descr($ph1idx)));
123			print("</td>\n");
124			print("<td>\n");
125	0da0d43e	Phil Davis
126	4260c32a	Stephen Beaver	if (!empty($ikesa['local-id'])) {
127			if ($ikesa['local-id'] == '%any') {
128			print(gettext('Any identifier'));
129			} else {
130			print(htmlspecialchars($ikesa['local-id']));
131			}
132	5f601060	Phil Davis	} else {
133	4260c32a	Stephen Beaver	print(gettext("Unknown"));
134	5f601060	Phil Davis	}
135	86b2861c	Matt Smith
136	4260c32a	Stephen Beaver	print("</td>\n");
137			print("<td>\n");
138
139			if (!empty($ikesa['local-host'])) {
140			print(htmlspecialchars($ikesa['local-host']));
141	86b2861c	Matt Smith	} else {
142	4260c32a	Stephen Beaver	print(gettext("Unknown"));
143	86b2861c	Matt Smith	}
144	4260c32a	Stephen Beaver
145			/*
146			* XXX: local-nat-t was defined by pfSense
147			* When strongswan team accepted the change, they changed it to
148			* nat-local. Keep both for a while and remove local-nat-t in
149			* the future
150			*/
151			if (isset($ikesa['local-nat-t']) \|\| isset($ikesa['nat-local'])) {
152	e96b20f6	Jose Luis Duran	print(" NAT-T");
153	4260c32a	Stephen Beaver	}
154
155			print("</td>\n");
156			print("<td>\n");
157
158			$identity = "";
159			if (!empty($ikesa['remote-id'])) {
160			if ($ikesa['remote-id'] == '%any') {
161			$identity = htmlspecialchars(gettext('Any identifier'));
162			} else {
163			$identity = htmlspecialchars($ikesa['remote-id']);
164			}
165			}
166
167			if (!empty($ikesa['remote-xauth-id'])) {
168			echo htmlspecialchars($ikesa['remote-xauth-id']);
169			echo "<br/>{$identity}";
170			} elseif (!empty($ikesa['remote-eap-id'])) {
171			echo htmlspecialchars($ikesa['remote-eap-id']);
172			echo "<br/>{$identity}";
173			} else {
174			if (empty($identity)) {
175			print(gettext("Unknown"));
176			} else {
177			print($identity);
178			}
179			}
180
181			print("</td>\n");
182			print("<td>\n");
183
184			if (!empty($ikesa['remote-host'])) {
185			print(htmlspecialchars($ikesa['remote-host']));
186			} else {
187	3795cc0a	sbeaver	print(gettext("Unknown"));
188	4260c32a	Stephen Beaver	}
189			/*
190			* XXX: remote-nat-t was defined by pfSense
191			* When strongswan team accepted the change, they changed it to
192			* nat-remote. Keep both for a while and remove remote-nat-t in
193			* the future
194			*/
195			if (isset($ikesa['remote-nat-t']) \|\| isset($ikesa['nat-remote'])) {
196			print(" NAT-T");
197			}
198
199			print("</td>\n");
200			print("<td>\n");
201			print("IKEv" . htmlspecialchars($ikesa['version']));
202			print("<br/>\n");
203
204			if ($ikesa['initiator'] == 'yes') {
205			print("initiator");
206			} else {
207			print("responder");
208			}
209
210			print("</td>\n");
211			print("<td>\n");
212	c57e936a	stilez	print(htmlspecialchars($ikesa['reauth-time']) . gettext(" seconds (") . convert_seconds_to_dhms($ikesa['reauth-time']) . ")");
213	4260c32a	Stephen Beaver	print("</td>\n");
214			print("<td>\n");
215			print(htmlspecialchars($ikesa['encr-alg']));
216			print("<br/>");
217			print(htmlspecialchars($ikesa['integ-alg']));
218			print("<br/>");
219			print(htmlspecialchars($ikesa['prf-alg']));
220			print("<br/>\n");
221			print(htmlspecialchars($ikesa['dh-group']));
222			print("</td>\n");
223			print("<td>\n");
224
225			if ($ikesa['state'] == 'ESTABLISHED') {
226			print('<span class="text-success">');
227			} else {
228			print('<span>');
229			}
230
231			print(ucfirst(htmlspecialchars($ikesa['state'])));
232	9e820b59	Phil Davis
233			if ($ikesa['state'] == 'ESTABLISHED') {
234	7f0d6ccf	Phil Davis	print("<br/>");
235			printf(gettext('%1$s seconds (%2$s) ago'), htmlspecialchars($ikesa['established']), convert_seconds_to_dhms($ikesa['established']));
236	9e820b59	Phil Davis	}
237
238	4260c32a	Stephen Beaver	print("</span>");
239			print("</td>\n");
240			print("<td>\n");
241
242			if ($ikesa['state'] != 'ESTABLISHED') {
243
244	1144e24c	Steve Beaver	print('<a href="status_ipsec.php?act=connect&ikeid=' . $con_id . '&ikesaid=' .$ikesa['uniqueid'] . '" class="btn btn-xs btn-success" data-toggle="tooltip" title="' . gettext("Connect VPN"). '" usepost>');
245	9e820b59	Phil Davis	print('<i class="fa fa-sign-in icon-embed-btn"></i>');
246			print(gettext("Connect VPN"));
247			print("</a>\n");
248	4260c32a	Stephen Beaver
249	86b2861c	Matt Smith	} else {
250	4260c32a	Stephen Beaver
251	1144e24c	Steve Beaver	print('<a href="status_ipsec.php?act=ikedisconnect&ikeid=' . $con_id . '&ikesaid=' .$ikesa['uniqueid'] . '"class="btn btn-xs btn-danger" data-toggle="tooltip" title="' . gettext("Disconnect VPN") . '" usepost>');
252	4260c32a	Stephen Beaver	print('<i class="fa fa-trash icon-embed-btn"></i>');
253			print(gettext("Disconnect"));
254			print("</a><br />\n");
255
256			}
257
258			print("</td>\n");
259			print("</tr>\n");
260			print("<tr>\n");
261			print("<td colspan = 10>\n");
262
263			if (is_array($ikesa['child-sas']) && (count($ikesa['child-sas']) > 0)) {
264	130f3c92	Stephen Jones	$child_key = "";
265			foreach ($ikesa['child-sas'] as $key => $val){
266			$child_key = $key;
267			break;
268			}
269	4260c32a	Stephen Beaver
270	067551a4	Stephen Beaver	print('<div>');
271	130f3c92	Stephen Jones	print('<a type="button" id="btnchildsa-'. $child_key . '" class="btn btn-sm btn-info">');
272	4260c32a	Stephen Beaver	print('<i class="fa fa-plus-circle icon-embed-btn"></i>');
273			print(gettext('Show child SA entries'));
274			print("</a>\n");
275			print(" </div>\n");
276
277	130f3c92	Stephen Jones	print('<table class="table table-hover table-condensed" id="childsa-'.$child_key . '" style="display:none">');
278	4260c32a	Stephen Beaver	print("<thead>\n");
279			print('<tr class="bg-info">');
280			print('<th><?=gettext("Local subnets")?></th>');
281			print('<th><?=gettext("Local SPI(s)")?></th>');
282			print('<th><?=gettext("Remote subnets")?></th>');
283			print('<th><?=gettext("Times")?></th>');
284			print('<th><?=gettext("Algo")?></th>');
285			print('<th><?=gettext("Stats")?></th>');
286			print('<th><!-- Buttons --></th>');
287			print("</tr\n");
288			print("</thead>\n");
289			print("<tbody>\n");
290
291			foreach ($ikesa['child-sas'] as $childid => $childsa) {
292			print("<tr>");
293			print("<td>\n");
294
295			if (is_array($childsa['local-ts'])) {
296			foreach ($childsa['local-ts'] as $lnets) {
297			print(htmlspecialchars(ipsec_fixup_network($lnets)) . "<br />");
298			}
299			} else {
300			print(gettext("Unknown"));
301			}
302
303			print("</td>\n");
304			print("<td>\n");
305
306			if (isset($childsa['spi-in'])) {
307			print(gettext("Local: ") . htmlspecialchars($childsa['spi-in']));
308			}
309
310			if (isset($childsa['spi-out'])) {
311			print('<br/>' . gettext('Remote: ') . htmlspecialchars($childsa['spi-out']));
312			}
313
314			print("</td>\n");
315			print("<td>\n");
316
317			if (is_array($childsa['remote-ts'])) {
318			foreach ($childsa['remote-ts'] as $rnets) {
319			print(htmlspecialchars(ipsec_fixup_network($rnets)) . '<br />');
320			}
321			} else {
322			print(gettext("Unknown"));
323			}
324
325			print("</td>\n");
326			print("<td>\n");
327
328	7f0d6ccf	Phil Davis	printf(gettext('Rekey: %1$s seconds (%2$s)'), htmlspecialchars($childsa['rekey-time']), convert_seconds_to_dhms($childsa['rekey-time']));
329			print('<br/>');
330			printf(gettext('Life: %1$s seconds (%2$s)'), htmlspecialchars($childsa['life-time']), convert_seconds_to_dhms($childsa['life-time']));
331			print('<br/>');
332			printf(gettext('Install: %1$s seconds (%2$s)'), htmlspecialchars($childsa['install-time']), convert_seconds_to_dhms($childsa['install-time']));
333	4260c32a	Stephen Beaver
334
335			print("</td>\n");
336			print("<td>\n");
337
338			print(htmlspecialchars($childsa['encr-alg']) . '<br/>');
339			print(htmlspecialchars($childsa['integ-alg']) . '<br/>');
340
341			if (!empty($childsa['prf-alg'])) {
342			print(htmlspecialchars($childsa['prf-alg']) . '<br/>');
343			}
344
345			if (!empty($childsa['dh-group'])) {
346			print(htmlspecialchars($childsa['dh-group']) . '<br/>');
347			}
348
349			if (!empty($childsa['esn'])) {
350			print(htmlspecialchars($childsa['esn']) . '<br/>');
351			}
352
353			print(gettext("IPComp: "));
354			if (!empty($childsa['cpi-in']) \|\| !empty($childsa['cpi-out'])) {
355			print(htmlspecialchars($childsa['cpi-in']) . " " . htmlspecialchars($childsa['cpi-out']));
356			} else {
357			print(gettext('none'));
358			}
359
360			print("</td>\n");
361			print("<td>\n");
362
363			print(gettext("Bytes-In: ") . htmlspecialchars(number_format($childsa['bytes-in'])) . ' (' . htmlspecialchars(format_bytes($childsa['bytes-in'])) . ')<br/>');
364			print(gettext("Packets-In: ") . htmlspecialchars(number_format($childsa['packets-in'])) . '<br/>');
365			print(gettext("Bytes-Out: ") . htmlspecialchars(number_format($childsa['bytes-out'])) . ' (' . htmlspecialchars(format_bytes($childsa['bytes-out'])) . ')<br/>');
366			print(gettext("Packets-Out: ") . htmlspecialchars(number_format($childsa['packets-out'])) . '<br/>');
367
368			print("</td>\n");
369			print("<td>\n");
370	130f3c92	Stephen Jones	print('<a href="status_ipsec.php?act=childdisconnect&ikeid=' . $childsa['name'] . '&ikesaid=' . $childsa['uniqueid'] . '" class="btn btn-xs btn-warning" data-toggle="tooltip" title="' . gettext('Disconnect Child SA') . '" usepost>');
371	4260c32a	Stephen Beaver	print('<i class="fa fa-trash icon-embed-btn"></i>');
372			print(gettext("Disconnect"));
373			print("</a>\n");
374			print("</td>\n");
375			print("</tr>\n");
376
377			}
378
379			print("</tbody>\n");
380			print(" </table>\n");
381			print("</td>\n");
382	9723b525	Stephen Beaver	print("</tr>\n");
383	4260c32a	Stephen Beaver
384	3795cc0a	sbeaver	}
385	4260c32a	Stephen Beaver
386			unset($con_id);
387	86b2861c	Matt Smith	}
388	4260c32a	Stephen Beaver
389			}
390
391			$rgmap = array();
392	4b5f2ab3	Phil Davis	if (is_array($a_phase1)) {
393			foreach ($a_phase1 as $ph1ent) {
394			if (isset($ph1ent['disabled'])) {
395			continue;
396			}
397	4260c32a	Stephen Beaver
398	4b5f2ab3	Phil Davis	$rgmap[$ph1ent['remote-gateway']] = $ph1ent['remote-gateway'];
399	4260c32a	Stephen Beaver
400	4b5f2ab3	Phil Davis	if ($ipsecconnected[$ph1ent['ikeid']]) {
401			continue;
402			}
403	4260c32a	Stephen Beaver
404	4b5f2ab3	Phil Davis	print("<tr>\n");
405			print("<td>\n");
406	4260c32a	Stephen Beaver
407	4b5f2ab3	Phil Davis	print(htmlspecialchars($ph1ent['descr']));
408			print("</td>\n");
409			print("<td>\n");
410			list ($myid_type, $myid_data) = ipsec_find_id($ph1ent, "local");
411	4260c32a	Stephen Beaver
412	4b5f2ab3	Phil Davis	if (empty($myid_data)) {
413			print(gettext("Unknown"));
414			} else {
415			print(htmlspecialchars($myid_data));
416			}
417	4260c32a	Stephen Beaver
418	4b5f2ab3	Phil Davis	print("</td>\n");
419			print("<td>\n");
420			$ph1src = ipsec_get_phase1_src($ph1ent);
421	4260c32a	Stephen Beaver
422	4b5f2ab3	Phil Davis	if (empty($ph1src)) {
423			print(gettext("Unknown"));
424			} else {
425			print(htmlspecialchars($ph1src));
426			}
427	4260c32a	Stephen Beaver
428	4b5f2ab3	Phil Davis	print("</td>\n");
429			print("<td>\n");
430	0da0d43e	Phil Davis
431	4b5f2ab3	Phil Davis	list ($peerid_type, $peerid_data) = ipsec_find_id($ph1ent, "peer", $rgmap);
432	3795cc0a	sbeaver
433	4b5f2ab3	Phil Davis	if (empty($peerid_data)) {
434			print(gettext("Unknown"));
435			} else {
436			print(htmlspecialchars($peerid_data));
437			}
438			print(" </td>\n");
439			print(" <td>\n");
440			$ph1src = ipsec_get_phase1_dst($ph1ent);
441	0da0d43e	Phil Davis
442	4b5f2ab3	Phil Davis	if (empty($ph1src)) {
443			print(gettext("Unknown"));
444			} else {
445			print(htmlspecialchars($ph1src));
446			}
447	0da0d43e	Phil Davis
448	4260c32a	Stephen Beaver	print("</td>\n");
449			print("<td>\n");
450			print("</td>\n");
451			print("<td>\n");
452			print("</td>\n");
453			print("<td>\n");
454			print("</td>\n");
455	3795cc0a	sbeaver
456	4b5f2ab3	Phil Davis	if (isset($ph1ent['mobile'])) {
457
458			print("<td>\n");
459			print(gettext("Awaiting connections"));
460			print("</td>\n");
461			print("<td>\n");
462			print("</td>\n");
463			print("</td>\n");
464			} else {
465
466			print("<td>\n");
467			print(gettext("Disconnected"));
468			print("</td>\n");
469			print("<td>\n");
470	64d53c69	Steve Beaver	print('<a href="status_ipsec.php?act=connect&ikeid=' . $ph1ent['ikeid'] . '" class="btn btn-xs btn-success" usepost>');
471	4b5f2ab3	Phil Davis	print('<i class="fa fa-sign-in icon-embed-btn"></i>');
472			print(gettext("Connect VPN"));
473			print("</a>\n");
474			print("</td>\n");
475
476			}
477			print("</tr>\n");
478	4260c32a	Stephen Beaver	}
479	97242546	Matt Smith	}
480
481	4260c32a	Stephen Beaver	unset($ipsecconnected, $phase1, $rgmap);
482	86b2861c	Matt Smith	}
483	3795cc0a	sbeaver
484	4260c32a	Stephen Beaver	$pgtitle = array(gettext("Status"), gettext("IPsec"), gettext("Overview"));
485	edcd7535	Phil Davis	$pglinks = array("", "@self", "@self");
486	4260c32a	Stephen Beaver	$shortcut_section = "ipsec";
487	0da0d43e	Phil Davis
488	4260c32a	Stephen Beaver	include("head.inc");
489	0da0d43e	Phil Davis
490	4260c32a	Stephen Beaver	$tab_array = array();
491			$tab_array[] = array(gettext("Overview"), true, "status_ipsec.php");
492			$tab_array[] = array(gettext("Leases"), false, "status_ipsec_leases.php");
493			$tab_array[] = array(gettext("SADs"), false, "status_ipsec_sad.php");
494			$tab_array[] = array(gettext("SPDs"), false, "status_ipsec_spd.php");
495			display_top_tabs($tab_array);
496	3795cc0a	sbeaver	?>
497	0da0d43e	Phil Davis
498	4260c32a	Stephen Beaver	<div class="panel panel-default">
499			<div class="panel-heading"><h2 class="panel-title"><?=gettext("IPsec Status");?></h2></div>
500			<div class="panel-body table-responsive">
501			<table class="table table-striped table-condensed table-hover sortable-theme-bootstrap" data-sortable>
502			<thead>
503			<tr>
504			<th><?=gettext("Description")?></th>
505			<th><?=gettext("Local ID")?></th>
506			<th><?=gettext("Local IP")?></th>
507			<th><?=gettext("Remote ID")?></th>
508			<th><?=gettext("Remote IP")?></th>
509			<th><?=gettext("Role")?></th>
510			<th><?=gettext("Reauth")?></th>
511			<th><?=gettext("Algo")?></th>
512			<th><?=gettext("Status")?></th>
513			<th></th>
514			</tr>
515			</thead>
516			<tbody id="ipsec-body">
517			<tr>
518	fc48da17	NOYB	<td colspan="10">
519	499adf73	Phil Davis	<?=print_info_box(gettext("Collecting IPsec status information."), "warning", "")?>
520	3795cc0a	sbeaver	</td>
521			</tr>
522			</tbody>
523	c7fbdd6c	Ermal	</table>
524			</div>
525	3795cc0a	sbeaver	</div>
526
527			<?php
528			unset($status);
529	4260c32a	Stephen Beaver
530	d2c1089f	Phil Davis	if (ipsec_enabled()) {
531	4260c32a	Stephen Beaver	print('<div class="infoblock">');
532	d2c1089f	Phil Davis	} else {
533	4260c32a	Stephen Beaver	print('<div class="infoblock blockopen">');
534	d2c1089f	Phil Davis	}
535	4260c32a	Stephen Beaver
536	530c7ccf	NOYB	print_info_box(sprintf(gettext('IPsec can be configured %1$shere%2$s.'), '<a href="vpn_ipsec.php">', '</a>'), 'info', false);
537	d2c1089f	Phil Davis	?>
538			</div>
539	4260c32a	Stephen Beaver
540			<script type="text/javascript">
541			//<![CDATA[
542
543			events.push(function() {
544	067551a4	Stephen Beaver	ajax_lock = false; // Mutex so we don't make a call until the previous call is finished
545			sa_open = new Array(); // Array in which to keep the child SA show/hide state
546	29c1ecb8	Stephen Jones	tryCount = 3;
547	4260c32a	Stephen Beaver	// Fetch the tbody contents from the server
548			function update_table() {
549			if (ajax_lock) {
550			return;
551			}
552
553			ajax_lock = true;
554
555			ajaxRequest = $.ajax(
556			{
557			url: "/status_ipsec.php",
558			type: "post",
559			data: {
560			ajax: "ajax"
561	1144e24c	Steve Beaver	},
562			error: function(xhr, textStatus, errorThrown){
563			//alert("error.... retrying");
564	29c1ecb8	Stephen Jones	if (tryCount > 0){
565			tryCount --;
566	1144e24c	Steve Beaver	ajax_lock = false;
567			update_table();
568			}
569			return;
570	4260c32a	Stephen Beaver	}
571			}
572			);
573
574			// Deal with the results of the above ajax call
575			ajaxRequest.done(function (response, textStatus, jqXHR) {
576	29c1ecb8	Stephen Jones	if(textStatus === "success"){
577			tryCount =3;
578			}
579	fc48da17	NOYB	if (!response) {
580	2807660f	Stephen Jones	response = '<tr><td colspan="10"><?=print_info_box(addslashes(gettext("No IPsec status information available.")), "warning", "")?></td></tr>';
581	fc48da17	NOYB	}
582
583	4260c32a	Stephen Beaver	$('#ipsec-body').html(response);
584			ajax_lock = false;
585
586	067551a4	Stephen Beaver	// Update "Show child SA" handlers
587			$('[id^=btnchildsa-]').click(function () {
588			show_childsa($(this).prop("id").replace( /^\D+/g, ''));
589			});
590
591			// Check the sa_open array for child SAs that have been opened
592	4260c32a	Stephen Beaver	$('[id^=childsa-con]').each(function(idx) {
593	067551a4	Stephen Beaver	sa_idx = $(this).prop("id").replace( /^\D+/g, '');
594	4260c32a	Stephen Beaver
595			if (sa_open[sa_idx]) {
596	067551a4	Stephen Beaver	show_childsa(sa_idx);
597	4260c32a	Stephen Beaver	}
598			});
599
600	64d53c69	Steve Beaver	// re-attached the GET to POST handler
601			interceptGET();
602
603	4260c32a	Stephen Beaver	// and do it again
604			setTimeout(update_table, 5000);
605			});
606			}
607
608	067551a4	Stephen Beaver	function show_childsa(said) {
609			sa_open[said] = true;
610			$('#childsa-con' + said).show();
611			$('#btnchildsa-con' + said).hide();
612			}
613
614	4260c32a	Stephen Beaver	// Populate the tbody on page load
615			update_table();
616			});
617			//]]>
618			</script>
619
620	d2c1089f	Phil Davis	<?php
621	3795cc0a	sbeaver	include("foot.inc"); ?>

Project

General

Profile

pfSense