/usr/local/www/vpn_ipsec_phase1.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/usr/local/www/vpn_ipsec_phase1.php @ 8ea77433

1	a93e56c5	Matthew Grooms	<?php
2			/*
3			vpn_ipsec_phase1.php
4			part of m0n0wall (http://m0n0.ch/wall)
5
6			Copyright (C) 2008 Shrew Soft Inc
7			Copyright (C) 2003-2005 Manuel Kasper <mk@neon1.net>.
8			All rights reserved.
9
10			Redistribution and use in source and binary forms, with or without
11			modification, are permitted provided that the following conditions are met:
12
13			1. Redistributions of source code must retain the above copyright notice,
14			this list of conditions and the following disclaimer.
15
16			2. Redistributions in binary form must reproduce the above copyright
17			notice, this list of conditions and the following disclaimer in the
18			documentation and/or other materials provided with the distribution.
19
20			THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
21			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
22			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
23			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
24			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
25			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
26			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
27			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29			POSSIBILITY OF SUCH DAMAGE.
30			*/
31
32	6b07c15a	Matthew Grooms	##\|+PRIV
33			##\|*IDENT=page-vpn-ipsec-editphase1
34			##\|*NAME=VPN: IPsec: Edit Phase 1 page
35			##\|*DESCR=Allow access to the 'VPN: IPsec: Edit Phase 1' page.
36			##\|MATCH=vpn_ipsec_phase1.php
37			##\|-PRIV
38
39	0f84b741	Scott Ullrich	require("functions.inc");
40	a93e56c5	Matthew Grooms	require("guiconfig.inc");
41	483e6de8	Scott Ullrich	require_once("ipsec.inc");
42			require_once("vpn.inc");
43	a93e56c5	Matthew Grooms
44			if (!is_array($config['ipsec']['phase1']))
45			$config['ipsec']['phase1'] = array();
46
47	647c7c48	Seth Mos	if (!is_array($config['ipsec']['phase2']))
48			$config['ipsec']['phase2'] = array();
49
50	a93e56c5	Matthew Grooms	$a_phase1 = &$config['ipsec']['phase1'];
51	647c7c48	Seth Mos	$a_phase2 = &$config['ipsec']['phase2'];
52	a93e56c5	Matthew Grooms
53			$p1index = $_GET['p1index'];
54			if (isset($_POST['p1index']))
55			$p1index = $_POST['p1index'];
56
57			if (isset($_GET['dup'])) {
58			$p1index = $_GET['dup'];
59			}
60
61	fad728ab	sullrich	if (isset($p1index) && $a_phase1[$p1index]) {
62	99bbd213	Matthew Grooms	// don't copy the ikeid on dup
63			if (!isset($_GET['dup']))
64			$pconfig['ikeid'] = $a_phase1[$p1index]['ikeid'];
65	7fc26246	Seth Mos
66	647c7c48	Seth Mos	$old_ph1ent = $a_phase1[$p1index];
67	99bbd213	Matthew Grooms
68	a93e56c5	Matthew Grooms	$pconfig['disabled'] = isset($a_phase1[$p1index]['disabled']);
69
70			if ($a_phase1[$p1index]['interface'])
71			$pconfig['interface'] = $a_phase1[$p1index]['interface'];
72			else
73			$pconfig['interface'] = "wan";
74
75			list($pconfig['remotenet'],$pconfig['remotebits']) = explode("/", $a_phase1[$p1index]['remote-subnet']);
76	3462a529	Matthew Grooms
77			if (isset($a_phase1[$p1index]['mobile']))
78			$pconfig['mobile'] = 'true';
79			else
80			$pconfig['remotegw'] = $a_phase1[$p1index]['remote-gateway'];
81
82	a93e56c5	Matthew Grooms	$pconfig['mode'] = $a_phase1[$p1index]['mode'];
83			$pconfig['myid_type'] = $a_phase1[$p1index]['myid_type'];
84			$pconfig['myid_data'] = $a_phase1[$p1index]['myid_data'];
85			$pconfig['peerid_type'] = $a_phase1[$p1index]['peerid_type'];
86			$pconfig['peerid_data'] = $a_phase1[$p1index]['peerid_data'];
87			$pconfig['ealgo'] = $a_phase1[$p1index]['encryption-algorithm'];
88			$pconfig['halgo'] = $a_phase1[$p1index]['hash-algorithm'];
89			$pconfig['dhgroup'] = $a_phase1[$p1index]['dhgroup'];
90			$pconfig['lifetime'] = $a_phase1[$p1index]['lifetime'];
91			$pconfig['authentication_method'] = $a_phase1[$p1index]['authentication_method'];
92	812dd35d	jim-p	$pconfig['proposal_check'] = $a_phase1[$p1index]['proposal_check'];
93	4e2af464	Matthew Grooms
94	fad728ab	sullrich	if (($pconfig['authentication_method'] == "pre_shared_key") \|\|
95	4e2af464	Matthew Grooms	($pconfig['authentication_method'] == "xauth_psk_server")) {
96			$pconfig['pskey'] = $a_phase1[$p1index]['pre-shared-key'];
97			} else {
98	73fbece8	mgrooms	$pconfig['certref'] = $a_phase1[$p1index]['certref'];
99	a22d475f	jim-p	$pconfig['caref'] = $a_phase1[$p1index]['caref'];
100	4e2af464	Matthew Grooms	}
101	a93e56c5	Matthew Grooms
102			$pconfig['descr'] = $a_phase1[$p1index]['descr'];
103			$pconfig['nat_traversal'] = $a_phase1[$p1index]['nat_traversal'];
104	3462a529	Matthew Grooms
105			if ($a_phase1[$p1index]['dpd_delay'] && $a_phase1[$p1index]['dpd_maxfail']) {
106			$pconfig['dpd_enable'] = true;
107			$pconfig['dpd_delay'] = $a_phase1[$p1index]['dpd_delay'];
108			$pconfig['dpd_maxfail'] = $a_phase1[$p1index]['dpd_maxfail'];
109			}
110	fad728ab	sullrich	} else {
111	a93e56c5	Matthew Grooms	/* defaults */
112			$pconfig['interface'] = "wan";
113			if($config['interfaces']['lan'])
114			$pconfig['localnet'] = "lan";
115			$pconfig['mode'] = "aggressive";
116			$pconfig['myid_type'] = "myaddress";
117			$pconfig['peerid_type'] = "peeraddress";
118			$pconfig['authentication_method'] = "pre_shared_key";
119			$pconfig['ealgo'] = array( name => "3des" );
120			$pconfig['halgo'] = "sha1";
121			$pconfig['dhgroup'] = "2";
122			$pconfig['lifetime'] = "28800";
123			$pconfig['nat_traversal'] = "on";
124	3462a529	Matthew Grooms	$pconfig['dpd_enable'] = true;
125
126			/* mobile client */
127			if($_GET['mobile'])
128			$pconfig['mobile']=true;
129	a93e56c5	Matthew Grooms	}
130
131			if (isset($_GET['dup']))
132			unset($p1index);
133
134			if ($_POST) {
135			unset($input_errors);
136			$pconfig = $_POST;
137
138			/* input validation */
139	3462a529	Matthew Grooms
140			$method = $pconfig['authentication_method'];
141	99642234	jim-p
142	1f65618b	jim-p	// Only require PSK here for normal PSK tunnels (not mobile) or xauth.
143	0a7c9c8e	jim-p	// For RSA methods, require the CA/Cert.
144	99642234	jim-p	switch ($method) {
145			case "pre_shared_key":
146	0a7c9c8e	jim-p	// If this is a mobile PSK tunnel the user PSKs go on
147			// the PSK tab, not here, so skip the check.
148	99642234	jim-p	if ($pconfig['mobile'])
149			break;
150			case "xauth_psk_server":
151			$reqdfields = explode(" ", "pskey");
152			$reqdfieldsn = array(gettext("Pre-Shared Key"));
153			break;
154			case "hybrid_rsa_server":
155			case "xauth_rsa_server":
156			case "rsasig":
157			$reqdfields = explode(" ", "caref certref");
158			$reqdfieldsn = array(gettext("Certificate Authority"),gettext("Certificate"));
159			break;
160	a93e56c5	Matthew Grooms	}
161	3462a529	Matthew Grooms	if (!$pconfig['mobile']) {
162			$reqdfields[] = "remotegw";
163	2fbb33f1	Carlos Eduardo Ramos	$reqdfieldsn[] = gettext("Remote gateway");
164	3462a529	Matthew Grooms	}
165	a93e56c5	Matthew Grooms
166	3462a529	Matthew Grooms	do_input_validation($pconfig, $reqdfields, $reqdfieldsn, &$input_errors);
167	a93e56c5	Matthew Grooms
168	3462a529	Matthew Grooms	if (($pconfig['lifetime'] && !is_numeric($pconfig['lifetime'])))
169	2fbb33f1	Carlos Eduardo Ramos	$input_errors[] = gettext("The P1 lifetime must be an integer.");
170	a93e56c5	Matthew Grooms
171	3462a529	Matthew Grooms	if (($pconfig['remotegw'] && !is_ipaddr($pconfig['remotegw']) && !is_domain($pconfig['remotegw'])))
172	2fbb33f1	Carlos Eduardo Ramos	$input_errors[] = gettext("A valid remote gateway address or host name must be specified.");
173	a93e56c5	Matthew Grooms
174	3462a529	Matthew Grooms	if (($pconfig['remotegw'] && is_ipaddr($pconfig['remotegw']) && !isset($pconfig['disabled']) )) {
175	a93e56c5	Matthew Grooms	$t = 0;
176			foreach ($a_phase1 as $ph1tmp) {
177			if ($p1index <> $t) {
178			$tremotegw = $pconfig['remotegw'];
179			if (($ph1tmp['remote-gateway'] == $tremotegw) && !isset($ph1tmp['disabled'])) {
180	ddc55e12	Erik Fonnesbeck	$input_errors[] = sprintf(gettext('The remote gateway "%1$s" is already used by phase1 "%2$s".'), $tremotegw, $ph1tmp['descr']);
181	a93e56c5	Matthew Grooms	}
182			}
183			$t++;
184			}
185			}
186
187			/* My identity */
188
189	3462a529	Matthew Grooms	if ($pconfig['myid_type'] == "myaddress")
190			$pconfig['myid_data'] = "";
191	a93e56c5	Matthew Grooms
192	3462a529	Matthew Grooms	if ($pconfig['myid_type'] == "address" and $pconfig['myid_data'] == "")
193	a93e56c5	Matthew Grooms	$input_errors[] = gettext("Please enter an address for 'My Identifier'");
194
195	3462a529	Matthew Grooms	if ($pconfig['myid_type'] == "keyid tag" and $pconfig['myid_data'] == "")
196	a93e56c5	Matthew Grooms	$input_errors[] = gettext("Please enter a keyid tag for 'My Identifier'");
197
198	3462a529	Matthew Grooms	if ($pconfig['myid_type'] == "fqdn" and $pconfig['myid_data'] == "")
199	a93e56c5	Matthew Grooms	$input_errors[] = gettext("Please enter a fully qualified domain name for 'My Identifier'");
200
201	3462a529	Matthew Grooms	if ($pconfig['myid_type'] == "user_fqdn" and $pconfig['myid_data'] == "")
202	a93e56c5	Matthew Grooms	$input_errors[] = gettext("Please enter a user and fully qualified domain name for 'My Identifier'");
203
204	3462a529	Matthew Grooms	if ($pconfig['myid_type'] == "dyn_dns" and $pconfig['myid_data'] == "")
205	a93e56c5	Matthew Grooms	$input_errors[] = gettext("Please enter a dynamic domain name for 'My Identifier'");
206
207	3462a529	Matthew Grooms	if ((($pconfig['myid_type'] == "address") && !is_ipaddr($pconfig['myid_data'])))
208	2fbb33f1	Carlos Eduardo Ramos	$input_errors[] = gettext("A valid IP address for 'My identifier' must be specified.");
209	a93e56c5	Matthew Grooms
210	3462a529	Matthew Grooms	if ((($pconfig['myid_type'] == "fqdn") && !is_domain($pconfig['myid_data'])))
211	2fbb33f1	Carlos Eduardo Ramos	$input_errors[] = gettext("A valid domain name for 'My identifier' must be specified.");
212	a93e56c5	Matthew Grooms
213	3462a529	Matthew Grooms	if ($pconfig['myid_type'] == "fqdn")
214			if (is_domain($pconfig['myid_data']) == false)
215	2fbb33f1	Carlos Eduardo Ramos	$input_errors[] = gettext("A valid FQDN for 'My identifier' must be specified.");
216	a93e56c5	Matthew Grooms
217	3462a529	Matthew Grooms	if ($pconfig['myid_type'] == "user_fqdn") {
218			$user_fqdn = explode("@",$pconfig['myid_data']);
219	a93e56c5	Matthew Grooms	if (is_domain($user_fqdn[1]) == false)
220	2fbb33f1	Carlos Eduardo Ramos	$input_errors[] = gettext("A valid User FQDN in the form of user@my.domain.com for 'My identifier' must be specified.");
221	a93e56c5	Matthew Grooms	}
222
223	3462a529	Matthew Grooms	if ($pconfig['myid_type'] == "dyn_dns")
224			if (is_domain($pconfig['myid_data']) == false)
225	2fbb33f1	Carlos Eduardo Ramos	$input_errors[] = gettext("A valid Dynamic DNS address for 'My identifier' must be specified.");
226	a93e56c5	Matthew Grooms
227			/* Peer identity */
228
229	3462a529	Matthew Grooms	if ($pconfig['myid_type'] == "peeraddress")
230			$pconfig['peerid_data'] = "";
231
232	1f65618b	jim-p	// Only enforce peer ID if we are not dealing with a pure-psk mobile config.
233			if (!(($pconfig['authentication_method'] == "pre_shared_key") && ($pconfig['mobile']))) {
234			if ($pconfig['peerid_type'] == "address" and $pconfig['peerid_data'] == "")
235			$input_errors[] = gettext("Please enter an address for 'Peer Identifier'");
236	a93e56c5	Matthew Grooms
237	1f65618b	jim-p	if ($pconfig['peerid_type'] == "keyid tag" and $pconfig['peerid_data'] == "")
238			$input_errors[] = gettext("Please enter a keyid tag for 'Peer Identifier'");
239	a93e56c5	Matthew Grooms
240	1f65618b	jim-p	if ($pconfig['peerid_type'] == "fqdn" and $pconfig['peerid_data'] == "")
241			$input_errors[] = gettext("Please enter a fully qualified domain name for 'Peer Identifier'");
242	a93e56c5	Matthew Grooms
243	1f65618b	jim-p	if ($pconfig['peerid_type'] == "user_fqdn" and $pconfig['peerid_data'] == "")
244			$input_errors[] = gettext("Please enter a user and fully qualified domain name for 'Peer Identifier'");
245	a93e56c5	Matthew Grooms
246	1f65618b	jim-p	if ((($pconfig['peerid_type'] == "address") && !is_ipaddr($pconfig['peerid_data'])))
247	2fbb33f1	Carlos Eduardo Ramos	$input_errors[] = gettext("A valid IP address for 'Peer identifier' must be specified.");
248	a93e56c5	Matthew Grooms
249	1f65618b	jim-p	if ((($pconfig['peerid_type'] == "fqdn") && !is_domain($pconfig['peerid_data'])))
250	2fbb33f1	Carlos Eduardo Ramos	$input_errors[] = gettext("A valid domain name for 'Peer identifier' must be specified.");
251	a93e56c5	Matthew Grooms
252	1f65618b	jim-p	if ($pconfig['peerid_type'] == "fqdn")
253			if (is_domain($pconfig['peerid_data']) == false)
254	2fbb33f1	Carlos Eduardo Ramos	$input_errors[] = gettext("A valid FQDN for 'Peer identifier' must be specified.");
255	a93e56c5	Matthew Grooms
256	1f65618b	jim-p	if ($pconfig['peerid_type'] == "user_fqdn") {
257			$user_fqdn = explode("@",$pconfig['peerid_data']);
258			if (is_domain($user_fqdn[1]) == false)
259	2fbb33f1	Carlos Eduardo Ramos	$input_errors[] = gettext("A valid User FQDN in the form of user@my.domain.com for 'Peer identifier' must be specified.");
260	1f65618b	jim-p	}
261	a93e56c5	Matthew Grooms	}
262
263	3462a529	Matthew Grooms	if ($pconfig['dpd_enable']) {
264			if (!is_numeric($pconfig['dpd_delay']))
265	2fbb33f1	Carlos Eduardo Ramos	$input_errors[] = gettext("A numeric value must be specified for DPD delay.");
266	a93e56c5	Matthew Grooms
267	3462a529	Matthew Grooms	if (!is_numeric($pconfig['dpd_maxfail']))
268	2fbb33f1	Carlos Eduardo Ramos	$input_errors[] = gettext("A numeric value must be specified for DPD retries.");
269	a93e56c5	Matthew Grooms	}
270
271			/* build our encryption algorithms array */
272			$pconfig['ealgo'] = array();
273			$pconfig['ealgo']['name'] = $_POST['ealgo'];
274	3462a529	Matthew Grooms	if($pconfig['ealgo_keylen'])
275	a93e56c5	Matthew Grooms	$pconfig['ealgo']['keylen'] = $_POST['ealgo_keylen'];
276
277			if (!$input_errors) {
278	3462a529	Matthew Grooms	$ph1ent['ikeid'] = $pconfig['ikeid'];
279			$ph1ent['disabled'] = $pconfig['disabled'] ? true : false;
280	a93e56c5	Matthew Grooms	$ph1ent['interface'] = $pconfig['interface'];
281			/* if the remote gateway changed and the interface is not WAN then remove route */
282			/* the vpn_ipsec_configure() handles adding the route */
283	3462a529	Matthew Grooms	if ($pconfig['interface'] <> "wan") {
284	7fc26246	Seth Mos	if($old_ph1ent['remote-gateway'] <> $pconfig['remotegw']) {
285	3acab378	smos	mwexec("/sbin/route delete -host {$old_ph1ent['remote-gateway']}");
286	a93e56c5	Matthew Grooms	}
287			}
288
289	3462a529	Matthew Grooms	if ($pconfig['mobile'])
290			$ph1ent['mobile'] = true;
291			else
292			$ph1ent['remote-gateway'] = $pconfig['remotegw'];
293
294			$ph1ent['mode'] = $pconfig['mode'];
295
296			$ph1ent['myid_type'] = $pconfig['myid_type'];
297			$ph1ent['myid_data'] = $pconfig['myid_data'];
298			$ph1ent['peerid_type'] = $pconfig['peerid_type'];
299			$ph1ent['peerid_data'] = $pconfig['peerid_data'];
300	a93e56c5	Matthew Grooms
301			$ph1ent['encryption-algorithm'] = $pconfig['ealgo'];
302	3462a529	Matthew Grooms	$ph1ent['hash-algorithm'] = $pconfig['halgo'];
303			$ph1ent['dhgroup'] = $pconfig['dhgroup'];
304			$ph1ent['lifetime'] = $pconfig['lifetime'];
305			$ph1ent['pre-shared-key'] = $pconfig['pskey'];
306			$ph1ent['private-key'] = base64_encode($pconfig['privatekey']);
307	73fbece8	mgrooms	$ph1ent['certref'] = $pconfig['certref'];
308	a22d475f	jim-p	$ph1ent['caref'] = $pconfig['caref'];
309	3462a529	Matthew Grooms	$ph1ent['authentication_method'] = $pconfig['authentication_method'];
310	812dd35d	jim-p	$ph1ent['proposal_check'] = $pconfig['proposal_check'];
311	3462a529	Matthew Grooms	$ph1ent['descr'] = $pconfig['descr'];
312			$ph1ent['nat_traversal'] = $pconfig['nat_traversal'];
313
314			if (isset($pconfig['dpd_enable'])) {
315			$ph1ent['dpd_delay'] = $pconfig['dpd_delay'];
316			$ph1ent['dpd_maxfail'] = $pconfig['dpd_maxfail'];
317			}
318
319	a93e56c5	Matthew Grooms	/* generate unique phase1 ikeid */
320	d799787e	Matthew Grooms	if ($ph1ent['ikeid'] == 0)
321			$ph1ent['ikeid'] = ipsec_ikeid_next();
322	a93e56c5	Matthew Grooms
323			if (isset($p1index) && $a_phase1[$p1index])
324			$a_phase1[$p1index] = $ph1ent;
325			else
326			$a_phase1[] = $ph1ent;
327
328	647c7c48	Seth Mos	/* now we need to find all phase2 entries for this host */
329			if (is_array($a_phase2) && (count($a_phase2))) {
330			foreach ($a_phase2 as $phase2) {
331			if($phase2['ikeid'] == $ph1ent['ikeid']) {
332	7fc26246	Seth Mos	log_error("Reload {$ph1ent['descr']} tunnel(s)");
333	647c7c48	Seth Mos	$old_ph1ent['remote-gateway'] = resolve_retry($old_ph1ent['remote-gateway']);
334			$old_phase2 = $phase2;
335			reload_tunnel_spd_policy ($ph1ent, $phase2, $old_ph1ent, $old_phase2);
336			}
337			}
338			}
339	a93e56c5	Matthew Grooms	write_config();
340	a368a026	Ermal Lu?i	mark_subsystem_dirty('ipsec');
341	a93e56c5	Matthew Grooms
342			header("Location: vpn_ipsec.php");
343			exit;
344			}
345			}
346
347	3462a529	Matthew Grooms	if ($pconfig['mobile'])
348	2fbb33f1	Carlos Eduardo Ramos	$pgtitle = array(gettext("VPN"),gettext("IPsec"),gettext("Edit Phase 1"), gettext("Mobile Client"));
349	3462a529	Matthew Grooms	else
350	2fbb33f1	Carlos Eduardo Ramos	$pgtitle = array(gettext("VPN"),gettext("IPsec"),gettext("Edit Phase 1"));
351	6deedfde	jim-p	$statusurl = "diag_ipsec.php";
352			$logurl = "diag_logs_ipsec.php";
353
354	3462a529	Matthew Grooms
355	a93e56c5	Matthew Grooms	include("head.inc");
356
357			?>
358
359			<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
360			<?php include("fbegin.inc"); ?>
361			<script language="JavaScript">
362			<!--
363	3462a529	Matthew Grooms
364			function myidsel_change() {
365			index = document.iform.myid_type.selectedIndex;
366			value = document.iform.myid_type.options[index].value;
367			if (value == 'myaddress')
368	5a3b0d3b	mgrooms	document.getElementById('myid_data').style.visibility = 'hidden';
369	3462a529	Matthew Grooms	else
370	5a3b0d3b	mgrooms	document.getElementById('myid_data').style.visibility = 'visible';
371	3462a529	Matthew Grooms	}
372
373			function peeridsel_change() {
374			index = document.iform.peerid_type.selectedIndex;
375			value = document.iform.peerid_type.options[index].value;
376			if (value == 'peeraddress')
377	5a3b0d3b	mgrooms	document.getElementById('peerid_data').style.visibility = 'hidden';
378	3462a529	Matthew Grooms	else
379	5a3b0d3b	mgrooms	document.getElementById('peerid_data').style.visibility = 'visible';
380	3462a529	Matthew Grooms	}
381
382	a93e56c5	Matthew Grooms	function methodsel_change() {
383	3462a529	Matthew Grooms	index = document.iform.authentication_method.selectedIndex;
384			value = document.iform.authentication_method.options[index].value;
385
386			switch (value) {
387			case 'hybrid_rsa_server':
388	5a3b0d3b	mgrooms	document.getElementById('opt_psk').style.display = 'none';
389	1f65618b	jim-p	document.getElementById('opt_peerid').style.display = '';
390	73fbece8	mgrooms	document.getElementById('opt_cert').style.display = '';
391	a22d475f	jim-p	document.getElementById('opt_ca').style.display = '';
392	a2eec62a	jim-p	document.getElementById('opt_cert').disabled = false;
393			document.getElementById('opt_ca').disabled = false;
394	3462a529	Matthew Grooms	break;
395			case 'xauth_rsa_server':
396			case 'rsasig':
397	5a3b0d3b	mgrooms	document.getElementById('opt_psk').style.display = 'none';
398	1f65618b	jim-p	document.getElementById('opt_peerid').style.display = '';
399	73fbece8	mgrooms	document.getElementById('opt_cert').style.display = '';
400	a22d475f	jim-p	document.getElementById('opt_ca').style.display = '';
401	a2eec62a	jim-p	document.getElementById('opt_cert').disabled = false;
402			document.getElementById('opt_ca').disabled = false;
403	a93e56c5	Matthew Grooms	break;
404	1f65618b	jim-p	<?php if ($pconfig['mobile']) { ?>
405			case 'pre_shared_key':
406			document.getElementById('opt_psk').style.display = 'none';
407			document.getElementById('opt_peerid').style.display = 'none';
408			document.getElementById('opt_cert').style.display = 'none';
409	a22d475f	jim-p	document.getElementById('opt_ca').style.display = 'none';
410	a2eec62a	jim-p	document.getElementById('opt_cert').disabled = true;
411			document.getElementById('opt_ca').disabled = true;
412	1f65618b	jim-p	break;
413			<?php } ?>
414	3462a529	Matthew Grooms	default: /* psk modes*/
415	5a3b0d3b	mgrooms	document.getElementById('opt_psk').style.display = '';
416	1f65618b	jim-p	document.getElementById('opt_peerid').style.display = '';
417	73fbece8	mgrooms	document.getElementById('opt_cert').style.display = 'none';
418	a22d475f	jim-p	document.getElementById('opt_ca').style.display = 'none';
419	a2eec62a	jim-p	document.getElementById('opt_cert').disabled = true;
420			document.getElementById('opt_ca').disabled = true;
421	a93e56c5	Matthew Grooms	break;
422			}
423			}
424
425			/* PHP generated java script for variable length keys */
426			function ealgosel_change(bits) {
427			switch (document.iform.ealgo.selectedIndex) {
428			<?php
429			$i = 0;
430			foreach ($p1_ealgos as $algo => $algodata) {
431			if (is_array($algodata['keysel'])) {
432			echo " case {$i}:\n";
433			echo " document.iform.ealgo_keylen.style.visibility = 'visible';\n";
434			echo " document.iform.ealgo_keylen.options.length = 0;\n";
435			// echo " document.iform.ealgo_keylen.options[document.iform.ealgo_keylen.options.length] = new Option( 'auto', 'auto' );\n";
436
437			$key_hi = $algodata['keysel']['hi'];
438			$key_lo = $algodata['keysel']['lo'];
439			$key_step = $algodata['keysel']['step'];
440
441			for ($keylen = $key_hi; $keylen >= $key_lo; $keylen -= $key_step)
442			echo " document.iform.ealgo_keylen.options[document.iform.ealgo_keylen.options.length] = new Option( '{$keylen} bits', '{$keylen}' );\n";
443			echo " break;\n";
444			} else {
445			echo " case {$i}:\n";
446			echo " document.iform.ealgo_keylen.style.visibility = 'hidden';\n";
447			echo " document.iform.ealgo_keylen.options.length = 0;\n";
448			echo " break;\n";
449			}
450			$i++;
451			}
452			?>
453			}
454
455			if( bits )
456			document.iform.ealgo_keylen.value = bits;
457			}
458	3462a529	Matthew Grooms
459	a93e56c5	Matthew Grooms	function dpdchkbox_change() {
460	5a3b0d3b	mgrooms	if( document.iform.dpd_enable.checked )
461			document.getElementById('opt_dpd').style.display = '';
462			else
463			document.getElementById('opt_dpd').style.display = 'none';
464	3462a529	Matthew Grooms
465			if (!document.iform.dpd_delay.value)
466			document.iform.dpd_delay.value = "10";
467
468			if (!document.iform.dpd_maxfail.value)
469			document.iform.dpd_maxfail.value = "5";
470	a93e56c5	Matthew Grooms	}
471	3462a529	Matthew Grooms
472	a93e56c5	Matthew Grooms	//-->
473			</script>
474	5a3b0d3b	mgrooms
475			<form action="vpn_ipsec_phase1.php" method="post" name="iform" id="iform">
476
477			<?php
478			if ($input_errors)
479			print_input_errors($input_errors);
480			?>
481
482			<table width="100%" border="0" cellpadding="0" cellspacing="0">
483			<tr class="tabnavtbl">
484			<td id="tabnav">
485			<?php
486			$tab_array = array();
487	2fbb33f1	Carlos Eduardo Ramos	$tab_array[0] = array(gettext("Tunnels"), true, "vpn_ipsec.php");
488			$tab_array[1] = array(gettext("Mobile clients"), false, "vpn_ipsec_mobile.php");
489			$tab_array[2] = array(gettext("Pre-shared keys"), false, "vpn_ipsec_keys.php");
490	5a3b0d3b	mgrooms	display_top_tabs($tab_array);
491			?>
492			</td>
493			</tr>
494			<tr>
495			<td id="mainarea">
496			<div class="tabcont">
497			<table width="100%" border="0" cellpadding="6" cellspacing="0">
498			<tr>
499	2fbb33f1	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="listtopic"><?=gettext("General information"); ?></td>
500	5a3b0d3b	mgrooms	</tr>
501			<tr>
502	2fbb33f1	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Disabled"); ?></td>
503	5a3b0d3b	mgrooms	<td width="78%" class="vtable">
504			<input name="disabled" type="checkbox" id="disabled" value="yes" <?php if ($pconfig['disabled']) echo "checked"; ?>>
505	2fbb33f1	Carlos Eduardo Ramos	<strong><?=gettext("Disable this phase1 entry"); ?></strong><br>
506	5a3b0d3b	mgrooms	<span class="vexpl">
507	2fbb33f1	Carlos Eduardo Ramos	<?=gettext("Set this option to disable this phase1 without " .
508			"removing it from the list"); ?>.
509	5a3b0d3b	mgrooms	</span>
510			</td>
511			</tr>
512			<tr>
513	2fbb33f1	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Interface"); ?></td>
514	5a3b0d3b	mgrooms	<td width="78%" class="vtable">
515			<select name="interface" class="formselect">
516			<?php
517			$interfaces = get_configured_interface_with_descr();
518	abcb2bed	Ermal Lu?i	$carplist = get_configured_carp_interface_list();
519			foreach ($carplist as $cif => $carpip)
520	dd62256f	Pierre POMES	$interfaces[$cif] = $carpip." (".get_vip_descr($carpip).")";
521	25f6730a	Pierre POMES	$aliaslist = get_configured_ip_aliases_list();
522			foreach ($aliaslist as $aliasip => $aliasif)
523	96b4c29a	Pierre POMES	$interfaces[$aliasip] = $aliasip." (".get_vip_descr($aliasip).")";
524	5a3b0d3b	mgrooms	foreach ($interfaces as $iface => $ifacename):
525			?>
526			<option value="<?=$iface;?>" <?php if ($iface == $pconfig['interface']) echo "selected"; ?>>
527			<?=htmlspecialchars($ifacename);?>
528			</option>
529			<?php endforeach; ?>
530			</select>
531			<br>
532	2fbb33f1	Carlos Eduardo Ramos	<span class="vexpl"><?=gettext("Select the interface for the local endpoint of this phase1 entry"); ?>.</span>
533	5a3b0d3b	mgrooms	</td>
534			</tr>
535
536			<?php if (!$pconfig['mobile']): ?>
537
538			<tr>
539	2fbb33f1	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Remote gateway"); ?></td>
540	5a3b0d3b	mgrooms	<td width="78%" class="vtable">
541	dd5bf424	Scott Ullrich	<?=$mandfldhtml;?><input name="remotegw" type="text" class="formfld unknown" id="remotegw" size="20" value="<?=htmlspecialchars($pconfig['remotegw']);?>">
542	5a3b0d3b	mgrooms	<br>
543	2fbb33f1	Carlos Eduardo Ramos	<?=gettext("Enter the public IP address or host name of the remote gateway"); ?>
544	5a3b0d3b	mgrooms	</td>
545			</tr>
546
547			<?php endif; ?>
548
549			<tr>
550	2fbb33f1	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Description"); ?></td>
551	5a3b0d3b	mgrooms	<td width="78%" class="vtable">
552			<input name="descr" type="text" class="formfld unknown" id="descr" size="40" value="<?=htmlspecialchars($pconfig['descr']);?>">
553			<br>
554			<span class="vexpl">
555	2fbb33f1	Carlos Eduardo Ramos	<?=gettext("You may enter a description here " .
556			"for your reference (not parsed)"); ?>.
557	5a3b0d3b	mgrooms	</span>
558			</td>
559			</tr>
560			<tr>
561			<td colspan="2" class="list" height="12"></td>
562			</tr>
563			<tr>
564			<td colspan="2" valign="top" class="listtopic">
565	2fbb33f1	Carlos Eduardo Ramos	<?=gettext("Phase 1 proposal (Authentication)"); ?>
566	5a3b0d3b	mgrooms	</td>
567			</tr>
568	71d61aa5	jim-p	<tr>
569	2fbb33f1	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Authentication method"); ?></td>
570	71d61aa5	jim-p	<td width="78%" class="vtable">
571			<select name="authentication_method" class="formselect" onChange="methodsel_change()">
572			<?php
573			foreach ($p1_authentication_methods as $method_type => $method_params):
574			if (!$pconfig['mobile'] && $method_params['mobile'])
575			continue;
576			?>
577			<option value="<?=$method_type;?>" <?php if ($method_type == $pconfig['authentication_method']) echo "selected"; ?>>
578			<?=htmlspecialchars($method_params['name']);?>
579			</option>
580			<?php endforeach; ?>
581			</select>
582			<br>
583			<span class="vexpl">
584	2fbb33f1	Carlos Eduardo Ramos	<?=gettext("Must match the setting chosen on the remote side"); ?>.
585	71d61aa5	jim-p	</span>
586			</td>
587			</tr>
588	5a3b0d3b	mgrooms	<tr>
589	2fbb33f1	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Negotiation mode"); ?></td>
590	5a3b0d3b	mgrooms	<td width="78%" class="vtable">
591			<select name="mode" class="formselect">
592			<?php
593	cd82ab61	Carlos Eduardo Ramos	$modes = array(gettext("main"),gettext("aggressive"));
594	5a3b0d3b	mgrooms	foreach ($modes as $mode):
595			?>
596			<option value="<?=$mode;?>" <?php if ($mode == $pconfig['mode']) echo "selected"; ?>>
597			<?=htmlspecialchars($mode);?>
598			</option>
599			<?php endforeach; ?>
600	2fbb33f1	Carlos Eduardo Ramos	</select> <br> <span class="vexpl"><?=gettext("Aggressive is more flexible, but less secure"); ?>.</span>
601	5a3b0d3b	mgrooms	</td>
602			</tr>
603			<tr>
604	2fbb33f1	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("My identifier"); ?></td>
605	5a3b0d3b	mgrooms	<td width="78%" class="vtable">
606			<select name="myid_type" class="formselect" onChange="myidsel_change()">
607			<?php foreach ($my_identifier_list as $id_type => $id_params): ?>
608			<option value="<?=$id_type;?>" <?php if ($id_type == $pconfig['myid_type']) echo "selected"; ?>>
609			<?=htmlspecialchars($id_params['desc']);?>
610			</option>
611			<?php endforeach; ?>
612			</select>
613	dd5bf424	Scott Ullrich	<input name="myid_data" type="text" class="formfld unknown" id="myid_data" size="30" value="<?=htmlspecialchars($pconfig['myid_data']);?>">
614	5a3b0d3b	mgrooms	</td>
615			</tr>
616	1f65618b	jim-p	<tr id="opt_peerid">
617	2fbb33f1	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Peer identifier"); ?></td>
618	5a3b0d3b	mgrooms	<td width="78%" class="vtable">
619			<select name="peerid_type" class="formselect" onChange="peeridsel_change()">
620			<?php
621			foreach ($peer_identifier_list as $id_type => $id_params):
622			if ($pconfig['mobile'] && !$id_params['mobile'])
623			continue;
624			?>
625			<option value="<?=$id_type;?>" <?php if ($id_type == $pconfig['peerid_type']) echo "selected"; ?>>
626			<?=htmlspecialchars($id_params['desc']);?>
627			</option>
628			<?php endforeach; ?>
629			</select>
630	dd5bf424	Scott Ullrich	<input name="peerid_data" type="text" class="formfld unknown" id="peerid_data" size="30" value="<?=htmlspecialchars($pconfig['peerid_data']);?>">
631	1f65618b	jim-p	<?php if ($pconfig['mobile']) { ?>
632	2fbb33f1	Carlos Eduardo Ramos	<br/><br/><?=gettext("NOTE: This is known as the \"group\" setting on some VPN client implementations"); ?>.
633	1f65618b	jim-p	<?php } ?>
634	5a3b0d3b	mgrooms	</td>
635			</tr>
636	71d61aa5	jim-p	<tr id="opt_psk">
637	2fbb33f1	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Pre-Shared Key"); ?></td>
638	71d61aa5	jim-p	<td width="78%" class="vtable">
639			<?=$mandfldhtml;?>
640			<input name="pskey" type="text" class="formfld unknown" id="pskey" size="40" value="<?=htmlspecialchars($pconfig['pskey']);?>">
641			<span class="vexpl">
642			<br>
643	2fbb33f1	Carlos Eduardo Ramos	<?=gettext("Input your pre-shared key string"); ?>.
644	71d61aa5	jim-p	</span>
645			</td>
646			</tr>
647	812dd35d	jim-p	<tr id="proposal_check">
648			<td width="22%" valign="top" class="vncellreq"><?=gettext("Proposal Checking"); ?></td>
649			<td width="78%" class="vtable">
650			<select name="proposal_check" class="formselect">
651			<option value="" <?php if (empty($pconfig['proposal_check'])) echo "selected"; ?>>Default</option>
652			<option value="obey" <?php if ($pconfig['proposal_check'] == "obey") echo "selected"; ?>>Obey</option>
653			<option value="strict" <?php if ($pconfig['proposal_check'] == "strict") echo "selected"; ?>>Strict</option>
654			<option value="claim" <?php if ($pconfig['proposal_check'] == "claim") echo "selected"; ?>>Claim</option>
655			<option value="exact" <?php if ($pconfig['proposal_check'] == "exact") echo "selected"; ?>>Exact</option>
656			</select>
657			<br>
658			<span class="vexpl">
659			<?=gettext("Specifies the action of lifetime length, key length, and PFS of the phase 2 selection on the responder side, and the action of lifetime check in phase 1."); ?>
660			</span>
661			</td>
662			</tr>
663	5a3b0d3b	mgrooms	<tr>
664	2fbb33f1	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Encryption algorithm"); ?></td>
665	5a3b0d3b	mgrooms	<td width="78%" class="vtable">
666			<select name="ealgo" class="formselect" onChange="ealgosel_change()">
667			<?php
668			foreach ($p1_ealgos as $algo => $algodata):
669			$selected = '';
670			if ($algo == $pconfig['ealgo']['name'])
671			$selected = ' selected';
672			?>
673			<option value="<?=$algo;?>"<?=$selected?>>
674			<?=htmlspecialchars($algodata['name']);?>
675			</option>
676			<?php endforeach; ?>
677			</select>
678			<select name="ealgo_keylen" width="30" class="formselect">
679			</select>
680			</td>
681			</tr>
682			<tr>
683	2fbb33f1	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Hash algorithm"); ?></td>
684	5a3b0d3b	mgrooms	<td width="78%" class="vtable">
685			<select name="halgo" class="formselect">
686			<?php foreach ($p1_halgos as $algo => $algoname): ?>
687			<option value="<?=$algo;?>" <?php if ($algo == $pconfig['halgo']) echo "selected"; ?>>
688			<?=htmlspecialchars($algoname);?>
689			</option>
690			<?php endforeach; ?>
691			</select>
692			<br>
693			<span class="vexpl">
694	2fbb33f1	Carlos Eduardo Ramos	<?=gettext("Must match the setting chosen on the remote side"); ?>.
695	5a3b0d3b	mgrooms	</span>
696			</td>
697			</tr>
698			<tr>
699	2fbb33f1	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("DH key group"); ?></td>
700	5a3b0d3b	mgrooms	<td width="78%" class="vtable">
701			<select name="dhgroup" class="formselect">
702			<?php $keygroups = explode(" ", "1 2 5"); foreach ($keygroups as $keygroup): ?>
703			<option value="<?=$keygroup;?>" <?php if ($keygroup == $pconfig['dhgroup']) echo "selected"; ?>>
704			<?=htmlspecialchars($keygroup);?>
705			</option>
706			<?php endforeach; ?>
707			</select>
708			<br>
709			<span class="vexpl">
710	2fbb33f1	Carlos Eduardo Ramos	<em><?=gettext("1 = 768 bit, 2 = 1024 bit, 5 = 1536 bit"); ?></em>
711	5a3b0d3b	mgrooms	<br>
712	2fbb33f1	Carlos Eduardo Ramos	<?=gettext("Must match the setting chosen on the remote side"); ?>.
713	5a3b0d3b	mgrooms	</span>
714			</td>
715			</tr>
716			<tr>
717	2fbb33f1	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Lifetime"); ?></td>
718	5a3b0d3b	mgrooms	<td width="78%" class="vtable">
719	dd5bf424	Scott Ullrich	<input name="lifetime" type="text" class="formfld unknown" id="lifetime" size="20" value="<?=htmlspecialchars($pconfig['lifetime']);?>">
720	2fbb33f1	Carlos Eduardo Ramos	<?=gettext("seconds"); ?>
721	5a3b0d3b	mgrooms	</td>
722			</tr>
723	73fbece8	mgrooms	<tr id="opt_cert">
724	2fbb33f1	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("My Certificate"); ?></td>
725	5a3b0d3b	mgrooms	<td width="78%" class="vtable">
726	73fbece8	mgrooms	<select name='certref' class="formselect">
727			<?php
728	b4e6524c	jim-p	foreach ($config['cert'] as $cert):
729	73fbece8	mgrooms	$selected = "";
730			if ($pconfig['certref'] == $cert['refid'])
731			$selected = "selected";
732			?>
733	f2a86ca9	jim-p	<option value="<?=$cert['refid'];?>" <?=$selected;?>><?=$cert['descr'];?></option>
734	73fbece8	mgrooms	<?php endforeach; ?>
735			</select>
736	5a3b0d3b	mgrooms	<br>
737	73fbece8	mgrooms	<span class="vexpl">
738	2fbb33f1	Carlos Eduardo Ramos	<?=gettext("Select a certificate previously configured in the Certificate Manager"); ?>.
739	73fbece8	mgrooms	</span>
740	5a3b0d3b	mgrooms	</td>
741			</tr>
742	a22d475f	jim-p	<tr id="opt_ca">
743			<td width="22%" valign="top" class="vncellreq"><?=gettext("My Certificate Authority"); ?></td>
744			<td width="78%" class="vtable">
745			<select name='caref' class="formselect">
746			<?php
747	b4e6524c	jim-p	foreach ($config['ca'] as $ca):
748	a22d475f	jim-p	$selected = "";
749			if ($pconfig['caref'] == $ca['refid'])
750			$selected = "selected";
751			?>
752	f2a86ca9	jim-p	<option value="<?=$ca['refid'];?>" <?=$selected;?>><?=$ca['descr'];?></option>
753	a22d475f	jim-p	<?php endforeach; ?>
754			</select>
755			<br>
756			<span class="vexpl">
757			<?=gettext("Select a certificate authority previously configured in the Certificate Manager"); ?>.
758			</span>
759			</td>
760			</tr>
761	5a3b0d3b	mgrooms	<tr>
762			<td colspan="2" class="list" height="12"></td>
763			</tr>
764			<tr>
765	2fbb33f1	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="listtopic"><?=gettext("Advanced Options"); ?></td>
766	5a3b0d3b	mgrooms	</tr>
767			<tr>
768	2fbb33f1	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("NAT Traversal"); ?></td>
769	5a3b0d3b	mgrooms	<td width="78%" class="vtable">
770			<select name="nat_traversal" class="formselect">
771	2fbb33f1	Carlos Eduardo Ramos	<option value="off" <?php if ($pconfig['nat_traversal'] == "off") echo "selected"; ?>><?=gettext("Disable"); ?></option>
772			<option value="on" <?php if ($pconfig['nat_traversal'] == "on") echo "selected"; ?>><?=gettext("Enable"); ?></option>
773			<option value="force" <?php if ($pconfig['nat_traversal'] == "force") echo "selected"; ?>><?=gettext("Force"); ?></option>
774	5a3b0d3b	mgrooms	</select>
775			<br/>
776			<span class="vexpl">
777	2fbb33f1	Carlos Eduardo Ramos	<?=gettext("Set this option to enable the use of NAT-T (i.e. the encapsulation of ESP in UDP packets) if needed, " .
778			"which can help with clients that are behind restrictive firewalls"); ?>.
779	5a3b0d3b	mgrooms	</span>
780			</td>
781			</tr>
782			<tr>
783	2fbb33f1	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Dead Peer Detection"); ?></td>
784	5a3b0d3b	mgrooms	<td width="78%" class="vtable">
785			<input name="dpd_enable" type="checkbox" id="dpd_enable" value="yes" <?php if (isset($pconfig['dpd_enable'])) echo "checked"; ?> onClick="dpdchkbox_change()">
786	2fbb33f1	Carlos Eduardo Ramos	<?=gettext("Enable DPD"); ?><br>
787	5a3b0d3b	mgrooms	<div id="opt_dpd">
788			<br>
789	dd5bf424	Scott Ullrich	<input name="dpd_delay" type="text" class="formfld unknown" id="dpd_delay" size="5" value="<?=htmlspecialchars($pconfig['dpd_delay']);?>">
790	2fbb33f1	Carlos Eduardo Ramos	<?=gettext("seconds"); ?><br>
791	5a3b0d3b	mgrooms	<span class="vexpl">
792	2fbb33f1	Carlos Eduardo Ramos	<?=gettext("Delay between requesting peer acknowledgement"); ?>.
793	5a3b0d3b	mgrooms	</span><br>
794			<br>
795	dd5bf424	Scott Ullrich	<input name="dpd_maxfail" type="text" class="formfld unknown" id="dpd_maxfail" size="5" value="<?=htmlspecialchars($pconfig['dpd_maxfail']);?>">
796	2fbb33f1	Carlos Eduardo Ramos	<?=gettext("retries"); ?><br>
797	5a3b0d3b	mgrooms	<span class="vexpl">
798	2fbb33f1	Carlos Eduardo Ramos	<?=gettext("Number of consecutive failures allowed before disconnect"); ?>.
799	5a3b0d3b	mgrooms	</span>
800			<br>
801			</div>
802			</td>
803			</tr>
804			<tr>
805			<td width="22%" valign="top"> </td>
806			<td width="78%">
807			<?php if (isset($p1index) && $a_phase1[$p1index]): ?>
808			<input name="p1index" type="hidden" value="<?=$p1index;?>">
809			<?php endif; ?>
810			<?php if ($pconfig['mobile']): ?>
811			<input name="mobile" type="hidden" value="true">
812			<?php endif; ?>
813	dd5bf424	Scott Ullrich	<input name="ikeid" type="hidden" value="<?=htmlspecialchars($pconfig['ikeid']);?>">
814	2fbb33f1	Carlos Eduardo Ramos	<input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>">
815	5a3b0d3b	mgrooms	</td>
816			</tr>
817			</table>
818			</div>
819			</td>
820			</tr>
821			</table>
822	a93e56c5	Matthew Grooms	</form>
823	5a3b0d3b	mgrooms
824	a93e56c5	Matthew Grooms	<script lannguage="JavaScript">
825			<!--
826			<?php
827			/* determine if we should init the key length */
828			$keyset = '';
829			if (isset($pconfig['ealgo']['keylen']))
830			if (is_numeric($pconfig['ealgo']['keylen']))
831			$keyset = $pconfig['ealgo']['keylen'];
832			?>
833	3462a529	Matthew Grooms	myidsel_change();
834			peeridsel_change();
835	a93e56c5	Matthew Grooms	methodsel_change();
836			ealgosel_change(<?=$keyset;?>);
837			dpdchkbox_change();
838			//-->
839			</script>
840			<?php include("fend.inc"); ?>
841	3462a529	Matthew Grooms	</body>
842			</html>

Project

General

Profile

pfSense