/usr/local/www/vpn_ipsec_phase2.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/usr/local/www/vpn_ipsec_phase2.php @ b4323f39

1	a93e56c5	Matthew Grooms	<?php
2			/*
3			vpn_ipsec_phase2.php
4			part of m0n0wall (http://m0n0.ch/wall)
5
6			Copyright (C) 2008 Shrew Soft Inc
7			Copyright (C) 2003-2005 Manuel Kasper <mk@neon1.net>.
8			All rights reserved.
9
10			Redistribution and use in source and binary forms, with or without
11			modification, are permitted provided that the following conditions are met:
12
13			1. Redistributions of source code must retain the above copyright notice,
14			this list of conditions and the following disclaimer.
15
16			2. Redistributions in binary form must reproduce the above copyright
17			notice, this list of conditions and the following disclaimer in the
18			documentation and/or other materials provided with the distribution.
19
20			THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
21			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
22			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
23			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
24			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
25			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
26			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
27			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29			POSSIBILITY OF SUCH DAMAGE.
30			*/
31
32	6b07c15a	Matthew Grooms	##\|+PRIV
33			##\|*IDENT=page-vpn-ipsec-editphase2
34			##\|*NAME=VPN: IPsec: Edit Phase 2 page
35			##\|*DESCR=Allow access to the 'VPN: IPsec: Edit Phase 2' page.
36			##\|MATCH=vpn_ipsec_phase2.php
37			##\|-PRIV
38
39	0f84b741	Scott Ullrich	require("functions.inc");
40	a93e56c5	Matthew Grooms	require("guiconfig.inc");
41	483e6de8	Scott Ullrich	require_once("ipsec.inc");
42			require_once("vpn.inc");
43	a93e56c5	Matthew Grooms
44	3462a529	Matthew Grooms	if (!is_array($config['ipsec']['client']))
45			$config['ipsec']['client'] = array();
46
47			$a_client = &$config['ipsec']['client'];
48
49	a93e56c5	Matthew Grooms	if (!is_array($config['ipsec']['phase2']))
50			$config['ipsec']['phase2'] = array();
51
52			$a_phase2 = &$config['ipsec']['phase2'];
53
54			$p2index = $_GET['p2index'];
55			if (isset($_POST['p2index']))
56			$p2index = $_POST['p2index'];
57
58			if (isset($_GET['dup']))
59			$p2index = $_GET['dup'];
60
61			if (isset($p2index) && $a_phase2[$p2index])
62			{
63			$pconfig['ikeid'] = $a_phase2[$p2index]['ikeid'];
64			$pconfig['disabled'] = isset($a_phase2[$p2index]['disabled']);
65	4b96b367	mgrooms	$pconfig['mode'] = $a_phase2[$p2index]['mode'];
66	a93e56c5	Matthew Grooms	$pconfig['descr'] = $a_phase2[$p2index]['descr'];
67	e92fb875	Seth Mos	$old_ph2ent = $a_phase2[$p2index];
68	a93e56c5	Matthew Grooms
69	3c107b76	Ermal	if (!empty($a_phase2[$p2index]['natlocalid']))
70			idinfo_to_pconfig("natlocal",$a_phase2[$p2index]['natlocalid'],$pconfig);
71	a93e56c5	Matthew Grooms	idinfo_to_pconfig("local",$a_phase2[$p2index]['localid'],$pconfig);
72			idinfo_to_pconfig("remote",$a_phase2[$p2index]['remoteid'],$pconfig);
73
74			$pconfig['proto'] = $a_phase2[$p2index]['protocol'];
75			ealgos_to_pconfig($a_phase2[$p2index]['encryption-algorithm-option'],$pconfig);
76			$pconfig['halgos'] = $a_phase2[$p2index]['hash-algorithm-option'];
77			$pconfig['pfsgroup'] = $a_phase2[$p2index]['pfsgroup'];
78			$pconfig['lifetime'] = $a_phase2[$p2index]['lifetime'];
79	87e07f52	mgrooms	$pconfig['pinghost'] = $a_phase2[$p2index]['pinghost'];
80	3462a529	Matthew Grooms
81			if (isset($a_phase2[$p2index]['mobile']))
82			$pconfig['mobile'] = true;
83	a93e56c5	Matthew Grooms	}
84			else
85			{
86			$pconfig['ikeid'] = $_GET['ikeid'];
87
88			/* defaults */
89			$pconfig['localid_type'] = "lan";
90			$pconfig['remoteid_type'] = "network";
91			$pconfig['proto'] = "esp";
92			$pconfig['ealgos'] = explode(",", "3des,blowfish,cast128,aes");
93			$pconfig['halgos'] = explode(",", "hmac_sha1,hmac_md5");
94			$pconfig['pfsgroup'] = "0";
95			$pconfig['lifetime'] = "3600";
96	3462a529	Matthew Grooms
97			/* mobile client */
98			if($_GET['mobile'])
99			$pconfig['mobile']=true;
100	a93e56c5	Matthew Grooms	}
101
102			if (isset($_GET['dup']))
103			unset($p2index);
104
105			if ($_POST) {
106
107			unset($input_errors);
108			$pconfig = $_POST;
109
110			if (!isset( $_POST['ikeid']))
111	123929e0	Carlos Eduardo Ramos	$input_errors[] = gettext("A valid ikeid must be specified.");
112	a93e56c5	Matthew Grooms
113			/* input validation */
114	3462a529	Matthew Grooms	$reqdfields = explode(" ", "localid_type halgos");
115	123929e0	Carlos Eduardo Ramos	$reqdfieldsn = array(gettext("Local network type"),gettext("P2 Hash Algorithms"));
116	3462a529	Matthew Grooms	if (!isset($pconfig['mobile'])){
117			$reqdfields[] = "remoteid_type";
118	123929e0	Carlos Eduardo Ramos	$reqdfieldsn[] = gettext("Remote network type");
119	3462a529	Matthew Grooms	}
120	a93e56c5	Matthew Grooms
121			do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
122
123	3795d067	Seth Mos	if(($pconfig['mode'] == "tunnel") \|\| ($pconfig['mode'] == "tunnel6"))
124	4b96b367	mgrooms	{
125			switch ($pconfig['localid_type']) {
126			case "network":
127	184d50b5	Ermal Lu?i	if (($pconfig['localid_netbits'] != 0 && !$pconfig['localid_netbits']) \|\| !is_numeric($pconfig['localid_netbits']))
128	123929e0	Carlos Eduardo Ramos	$input_errors[] = gettext("A valid local network bit count must be specified.");
129	4b96b367	mgrooms	case "address":
130			if (!$pconfig['localid_address'] \|\| !is_ipaddr($pconfig['localid_address']))
131	123929e0	Carlos Eduardo Ramos	$input_errors[] = gettext("A valid local network IP address must be specified.");
132	e4ffca08	Renato Botelho	elseif (is_ipaddrv4($pconfig['localid_address']) && ($pconfig['mode'] != "tunnel"))
133			$input_errors[] = gettext("A valid local network IPv4 address must be specified or you need to change Mode to IPv6");
134			elseif (is_ipaddrv6($pconfig['localid_address']) && ($pconfig['mode'] != "tunnel6"))
135			$input_errors[] = gettext("A valid local network IPv6 address must be specified or you need to change Mode to IPv4");
136	4b96b367	mgrooms	break;
137			}
138	a5a483e0	jim-p	/* Check if the localid_type is an interface, to confirm if it has a valid subnet. */
139			if (is_array($config['interfaces'][$pconfig['localid_type']])) {
140			// Don't let an empty subnet into racoon.conf, it can cause parse errors. Ticket #2201.
141			$address = get_interface_ip($pconfig['localid_type']);
142			$netbits = get_interface_subnet($pconfig['localid_type']);
143
144			if (empty($address) \|\| empty($netbits))
145			$input_errors[] = gettext("Invalid Local Network.") . " " . convert_friendly_interface_to_friendly_descr($pconfig['localid_type']) . " " . gettext("has no subnet.");
146			}
147	3c107b76	Ermal
148	72dd4f07	Ermal	if (!empty($pconfig['natlocalid_address'])) {
149	261e72f0	Ermal	switch ($pconfig['natlocalid_type']) {
150			case "network":
151			if (($pconfig['natlocalid_netbits'] != 0 && !$pconfig['natlocalid_netbits']) \|\| !is_numeric($pconfig['natlocalid_netbits']))
152			$input_errors[] = gettext("A valid nat local network bit count must be specified.");
153	8d1a9e58	Ermal	if ($pconfig['localid_type'] == "address")
154			$input_errors[] = gettext("You cannot configure a network type address for NAT while only an address type is selected for local source.");
155	261e72f0	Ermal	case "address":
156			if (!empty($pconfig['natlocalid_address']) && !is_ipaddr($pconfig['natlocalid_address']))
157			$input_errors[] = gettext("A valid nat local network IP address must be specified.");
158	e4ffca08	Renato Botelho	elseif (is_ipaddrv4($pconfig['natlocalid_address']) && ($pconfig['mode'] != "tunnel"))
159			$input_errors[] = gettext("A valid nat local network IPv4 address must be specified or you need to change Mode to IPv6");
160			elseif (is_ipaddrv6($pconfig['natlocalid_address']) && ($pconfig['mode'] != "tunnel6"))
161			$input_errors[] = gettext("A valid nat local network IPv6 address must be specified or you need to change Mode to IPv4");
162	261e72f0	Ermal	break;
163			}
164
165			if (is_array($config['interfaces'][$pconfig['natlocalid_type']])) {
166			// Don't let an empty subnet into racoon.conf, it can cause parse errors. Ticket #2201.
167			$address = get_interface_ip($pconfig['natlocalid_type']);
168			$netbits = get_interface_subnet($pconfig['natlocalid_type']);
169
170			if (empty($address) \|\| empty($netbits))
171			$input_errors[] = gettext("Invalid Local Network.") . " " . convert_friendly_interface_to_friendly_descr($pconfig['natlocalid_type']) . " " . gettext("has no subnet.");
172			}
173	3c107b76	Ermal	}
174	a5a483e0	jim-p
175	4b96b367	mgrooms	switch ($pconfig['remoteid_type']) {
176			case "network":
177	184d50b5	Ermal Lu?i	if (($pconfig['remoteid_netbits'] != 0 && !$pconfig['remoteid_netbits']) \|\| !is_numeric($pconfig['remoteid_netbits']))
178	123929e0	Carlos Eduardo Ramos	$input_errors[] = gettext("A valid remote network bit count must be specified.");
179	4b96b367	mgrooms	case "address":
180			if (!$pconfig['remoteid_address'] \|\| !is_ipaddr($pconfig['remoteid_address']))
181	123929e0	Carlos Eduardo Ramos	$input_errors[] = gettext("A valid remote network IP address must be specified.");
182	e4ffca08	Renato Botelho	elseif (is_ipaddrv4($pconfig['remoteid_address']) && ($pconfig['mode'] != "tunnel"))
183			$input_errors[] = gettext("A valid remote network IPv4 address must be specified or you need to change Mode to IPv6");
184			elseif (is_ipaddrv6($pconfig['remoteid_address']) && ($pconfig['mode'] != "tunnel6"))
185			$input_errors[] = gettext("A valid remote network IPv6 address must be specified or you need to change Mode to IPv4");
186	4b96b367	mgrooms	break;
187			}
188	a93e56c5	Matthew Grooms	}
189	538b6eb3	Evgeny Yurchenko	/* Validate enabled phase2's are not duplicates */
190	061f28bf	Evgeny Yurchenko	if (isset($pconfig['mobile'])){
191	0b73e6f2	jim-p	if (substr($pconfig['mode'], 0, 6) != "tunnel")
192			$input_errors[] = gettext("Mobile IPsec only supports Tunnel mode.");
193	538b6eb3	Evgeny Yurchenko	/* User is adding phase 2 for mobile phase1 */
194	b717f1bc	Evgeny Yurchenko	foreach($a_phase2 as $key => $name){
195	061f28bf	Evgeny Yurchenko	if (isset($name['mobile'])){
196			/* check duplicate localids only for mobile clents */
197	d83045b5	Ermal	$localid_data = ipsec_idinfo_to_cidr($name['localid'], false, $name['mode']);
198	3da5c50d	Evgeny Yurchenko	$entered = array();
199			$entered['type'] = $pconfig['localid_type'];
200			if (isset($pconfig['localid_address'])) $entered['address'] = $pconfig['localid_address'];
201			if (isset($pconfig['localid_netbits'])) $entered['netbits'] = $pconfig['localid_netbits'];
202	d83045b5	Ermal	$entered_localid_data = ipsec_idinfo_to_cidr($entered, false, $pconfig['mode']);
203	b717f1bc	Evgeny Yurchenko	if ($localid_data == $entered_localid_data){
204			if (!isset($pconfig['p2index'])){
205			/* adding new p2 entry */
206			$input_errors[] = gettext("Phase2 with this Local Network is already defined for mobile clients.");
207			break;
208			}else if ($pconfig['p2index'] != $key){
209			/* editing p2 and entered p2 networks match with different p2 for given p1 */
210			$input_errors[] = gettext("Phase2 with this Local Network is already defined for mobile clients.");
211			break;
212	061f28bf	Evgeny Yurchenko	}
213			}
214			}
215			}
216	538b6eb3	Evgeny Yurchenko	}else{
217			/* User is adding phase 2 for site-to-site phase1 */
218			$input_error = 0;
219	b717f1bc	Evgeny Yurchenko	foreach($a_phase2 as $key => $name){
220	538b6eb3	Evgeny Yurchenko	if (!isset($name['mobile']) && $pconfig['ikeid'] == $name['ikeid']){
221			/* check duplicate subnets only for given phase1 */
222	d83045b5	Ermal	$localid_data = ipsec_idinfo_to_cidr($name['localid'], false, $name['mode']);
223			$remoteid_data = ipsec_idinfo_to_cidr($name['remoteid'], false, $name['mode']);
224	3da5c50d	Evgeny Yurchenko	$entered_local = array();
225			$entered_local['type'] = $pconfig['localid_type'];
226			if (isset($pconfig['localid_address'])) $entered_local['address'] = $pconfig['localid_address'];
227			if (isset($pconfig['localid_netbits'])) $entered_local['netbits'] = $pconfig['localid_netbits'];
228	d83045b5	Ermal	$entered_localid_data = ipsec_idinfo_to_cidr($entered_local, false, $pconfig['mode']);
229	3da5c50d	Evgeny Yurchenko	$entered_remote = array();
230			$entered_remote['type'] = $pconfig['remoteid_type'];
231			if (isset($pconfig['remoteid_address'])) $entered_remote['address'] = $pconfig['remoteid_address'];
232			if (isset($pconfig['remoteid_netbits'])) $entered_remote['netbits'] = $pconfig['remoteid_netbits'];
233	d83045b5	Ermal	$entered_remoteid_data = ipsec_idinfo_to_cidr($entered_remote, false, $pconfig['mode']);
234	3da5c50d	Evgeny Yurchenko	if ($localid_data == $entered_localid_data && $remoteid_data == $entered_remoteid_data) {
235	b717f1bc	Evgeny Yurchenko	if (!isset($pconfig['p2index'])){
236			/* adding new p2 entry */
237			$input_errors[] = gettext("Phase2 with this Local/Remote networks combination is already defined for this Phase1.");
238			break;
239			}else if ($pconfig['p2index'] != $key){
240			/* editing p2 and entered p2 networks match with different p2 for given p1 */
241			$input_errors[] = gettext("Phase2 with this Local/Remote networks combination is already defined for this Phase1.");
242			break;
243	538b6eb3	Evgeny Yurchenko	}
244			}
245			}
246			}
247			}
248	3462a529	Matthew Grooms
249	b20a5cdb	Pierre POMES	/* For ESP protocol, handle encryption algorithms */
250			if ( $pconfig['proto'] == "esp") {
251			$ealgos = pconfig_to_ealgos($pconfig);
252
253			if (!count($ealgos)) {
254			$input_errors[] = gettext("At least one encryption algorithm must be selected.");
255			}
256	a93e56c5	Matthew Grooms	}
257			if (($_POST['lifetime'] && !is_numeric($_POST['lifetime']))) {
258	123929e0	Carlos Eduardo Ramos	$input_errors[] = gettext("The P2 lifetime must be an integer.");
259	a93e56c5	Matthew Grooms	}
260
261			if (!$input_errors) {
262	3462a529	Matthew Grooms
263			$ph2ent['ikeid'] = $pconfig['ikeid'];
264	4b96b367	mgrooms	$ph2ent['mode'] = $pconfig['mode'];
265	3462a529	Matthew Grooms	$ph2ent['disabled'] = $pconfig['disabled'] ? true : false;
266
267	3795d067	Seth Mos	if(($ph2ent['mode'] == "tunnel") \|\| ($ph2ent['mode'] == "tunnel6")){
268	72dd4f07	Ermal	if (!empty($pconfig['natlocalid_address']))
269	3c107b76	Ermal	$ph2ent['natlocalid'] = pconfig_to_idinfo("natlocal",$pconfig);
270	4b96b367	mgrooms	$ph2ent['localid'] = pconfig_to_idinfo("local",$pconfig);
271			$ph2ent['remoteid'] = pconfig_to_idinfo("remote",$pconfig);
272			}
273	3462a529	Matthew Grooms
274			$ph2ent['protocol'] = $pconfig['proto'];
275	a93e56c5	Matthew Grooms	$ph2ent['encryption-algorithm-option'] = $ealgos;
276	3462a529	Matthew Grooms	$ph2ent['hash-algorithm-option'] = $pconfig['halgos'];
277			$ph2ent['pfsgroup'] = $pconfig['pfsgroup'];
278			$ph2ent['lifetime'] = $pconfig['lifetime'];
279	87e07f52	mgrooms	$ph2ent['pinghost'] = $pconfig['pinghost'];
280	3462a529	Matthew Grooms	$ph2ent['descr'] = $pconfig['descr'];
281
282			if (isset($pconfig['mobile']))
283			$ph2ent['mobile'] = true;
284	a93e56c5	Matthew Grooms
285	e4ffca08	Renato Botelho	ipsec_lookup_phase1($ph2ent, $ph1ent);
286			if (($ph1ent['protocol'] == "inet") && ($ph2ent['mode'] == "tunnel6"))
287			$input_errors[] = gettext("Phase 1 is using IPv4. You cannot use Tunnel IPv6 on Phase 2.");
288			if (($ph1ent['protocol'] == "inet6") && ($ph2ent['mode'] == "tunnel"))
289			$input_errors[] = gettext("Phase 1 is using IPv6. You cannot use Tunnel IPv4 on Phase 2.");
290			}
291
292			if (!$input_errors) {
293	a93e56c5	Matthew Grooms	if (isset($p2index) && $a_phase2[$p2index])
294			$a_phase2[$p2index] = $ph2ent;
295			else
296			$a_phase2[] = $ph2ent;
297
298	e92fb875	Seth Mos
299			/* now we need to find all phase2 entries for this host */
300			if(is_array($ph2ent)) {
301			ipsec_lookup_phase1($ph2ent, $ph1ent);
302			$old_ph1ent = $ph1ent;
303	563b47bf	smos	$old_ph1ent['remote-gateway'] = resolve_retry($old_ph1ent['remote-gateway']);
304	e92fb875	Seth Mos	reload_tunnel_spd_policy ($ph1ent, $ph2ent, $old_ph1ent, $old_ph2ent);
305			}
306
307	a93e56c5	Matthew Grooms	write_config();
308	a368a026	Ermal Lu?i	mark_subsystem_dirty('ipsec');
309	a93e56c5	Matthew Grooms
310			header("Location: vpn_ipsec.php");
311			exit;
312			}
313			}
314
315	3462a529	Matthew Grooms	if ($pconfig['mobile'])
316	123929e0	Carlos Eduardo Ramos	$pgtitle = array(gettext("VPN"),gettext("IPsec"),gettext("Edit Phase 2"), gettext("Mobile Client"));
317	3462a529	Matthew Grooms	else
318	123929e0	Carlos Eduardo Ramos	$pgtitle = array(gettext("VPN"),gettext("IPsec"),gettext("Edit Phase 2"));
319	b32dd0a6	jim-p	$shortcut_section = "ipsec";
320	6deedfde	jim-p
321	3462a529	Matthew Grooms
322	a93e56c5	Matthew Grooms	include("head.inc");
323
324			?>
325
326			<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
327	6255beda	Darren Embry	<script type="text/javascript" src="/javascript/jquery.ipv4v6ify.js"></script>
328	a93e56c5	Matthew Grooms	<?php include("fbegin.inc"); ?>
329			<script language="JavaScript">
330			<!--
331	4b96b367	mgrooms
332			function change_mode() {
333			index = document.iform.mode.selectedIndex;
334			value = document.iform.mode.options[index].value;
335	3795d067	Seth Mos	if ((value == 'tunnel') \|\| (value == 'tunnel6')) {
336	4b96b367	mgrooms	document.getElementById('opt_localid').style.display = '';
337	71880c96	pierrepomes	<?php if (!isset($pconfig['mobile'])): ?>
338	4b96b367	mgrooms	document.getElementById('opt_remoteid').style.display = '';
339	71880c96	pierrepomes	<?php endif; ?>
340	4b96b367	mgrooms	} else {
341			document.getElementById('opt_localid').style.display = 'none';
342	71880c96	pierrepomes	<?php if (!isset($pconfig['mobile'])): ?>
343	4b96b367	mgrooms	document.getElementById('opt_remoteid').style.display = 'none';
344	71880c96	pierrepomes	<?php endif; ?>
345	4b96b367	mgrooms	}
346			}
347
348	3c107b76	Ermal	function typesel_change_natlocal(bits) {
349			var value = document.iform.mode.options[index].value;
350			if (typeof(bits) === "undefined") {
351			if (value === "tunnel") {
352			bits = 24;
353			}
354			else if (value === "tunnel6") {
355			bits = 64;
356			}
357			}
358			var address_is_blank = !/\S/.test(document.iform.natlocalid_address.value);
359			switch (document.iform.natlocalid_type.selectedIndex) {
360			case 0: /* single */
361			document.iform.natlocalid_address.disabled = 0;
362			if (address_is_blank) {
363			document.iform.natlocalid_netbits.value = 0;
364			}
365			document.iform.natlocalid_netbits.disabled = 1;
366			break;
367			case 1: /* network */
368			document.iform.natlocalid_address.disabled = 0;
369			if (address_is_blank) {
370			document.iform.natlocalid_netbits.value = bits;
371			}
372			document.iform.natlocalid_netbits.disabled = 0;
373			break;
374			case 3: /* none */
375			document.iform.natlocalid_address.disabled = 1;
376			document.iform.natlocalid_netbits.disabled = 1;
377			break;
378			default:
379			document.iform.natlocalid_address.value = "";
380			document.iform.natlocalid_address.disabled = 1;
381			if (address_is_blank) {
382			document.iform.natlocalid_netbits.value = 0;
383			}
384			document.iform.natlocalid_netbits.disabled = 1;
385			break;
386			}
387			}
388
389	a93e56c5	Matthew Grooms	function typesel_change_local(bits) {
390	c2feff64	Darren Embry	var value = document.iform.mode.options[index].value;
391			if (typeof(bits) === "undefined") {
392			if (value === "tunnel") {
393			bits = 24;
394			}
395			else if (value === "tunnel6") {
396			bits = 64;
397			}
398			}
399			var address_is_blank = !/\S/.test(document.iform.localid_address.value);
400	a93e56c5	Matthew Grooms	switch (document.iform.localid_type.selectedIndex) {
401			case 0: /* single */
402			document.iform.localid_address.disabled = 0;
403	c2feff64	Darren Embry	if (address_is_blank) {
404			document.iform.localid_netbits.value = 0;
405			}
406	a93e56c5	Matthew Grooms	document.iform.localid_netbits.disabled = 1;
407			break;
408			case 1: /* network */
409			document.iform.localid_address.disabled = 0;
410	c2feff64	Darren Embry	if (address_is_blank) {
411			document.iform.localid_netbits.value = bits;
412			}
413	a93e56c5	Matthew Grooms	document.iform.localid_netbits.disabled = 0;
414			break;
415	63017a73	Ermal Lu?i	case 3: /* none */
416			document.iform.localid_address.disabled = 1;
417			document.iform.localid_netbits.disabled = 1;
418			break;
419	a93e56c5	Matthew Grooms	default:
420			document.iform.localid_address.value = "";
421			document.iform.localid_address.disabled = 1;
422	c2feff64	Darren Embry	if (address_is_blank) {
423			document.iform.localid_netbits.value = 0;
424			}
425	a93e56c5	Matthew Grooms	document.iform.localid_netbits.disabled = 1;
426			break;
427			}
428			}
429	3462a529	Matthew Grooms
430	71880c96	pierrepomes	<?php if (!isset($pconfig['mobile'])): ?>
431	3462a529	Matthew Grooms
432	a93e56c5	Matthew Grooms	function typesel_change_remote(bits) {
433	c2feff64	Darren Embry	var value = document.iform.mode.options[index].value;
434			if (typeof(bits) === "undefined") {
435			if (value === "tunnel") {
436			bits = 24;
437			}
438			else if (value === "tunnel6") {
439			bits = 64;
440			}
441			}
442			var address_is_blank = !/\S/.test(document.iform.remoteid_address.value);
443	a93e56c5	Matthew Grooms	switch (document.iform.remoteid_type.selectedIndex) {
444			case 0: /* single */
445			document.iform.remoteid_address.disabled = 0;
446	c2feff64	Darren Embry	if (address_is_blank) {
447			document.iform.remoteid_netbits.value = 0;
448			}
449	a93e56c5	Matthew Grooms	document.iform.remoteid_netbits.disabled = 1;
450			break;
451			case 1: /* network */
452			document.iform.remoteid_address.disabled = 0;
453	c2feff64	Darren Embry	if (address_is_blank) {
454			document.iform.remoteid_netbits.value = bits;
455			}
456	a93e56c5	Matthew Grooms	document.iform.remoteid_netbits.disabled = 0;
457			break;
458			default:
459			document.iform.remoteid_address.value = "";
460			document.iform.remoteid_address.disabled = 1;
461	c2feff64	Darren Embry	if (address_is_blank) {
462			document.iform.remoteid_netbits.value = 0;
463			}
464	a93e56c5	Matthew Grooms	document.iform.remoteid_netbits.disabled = 1;
465			break;
466			}
467			}
468	3462a529	Matthew Grooms
469			<?php endif; ?>
470
471	4b96b367	mgrooms	function change_protocol() {
472	87e07f52	mgrooms	index = document.iform.proto.selectedIndex;
473			value = document.iform.proto.options[index].value;
474			if (value == 'esp')
475			document.getElementById('opt_enc').style.display = '';
476			else
477			document.getElementById('opt_enc').style.display = 'none';
478			}
479
480	a93e56c5	Matthew Grooms	//-->
481			</script>
482	5a3b0d3b	mgrooms
483			<form action="vpn_ipsec_phase2.php" method="post" name="iform" id="iform">
484
485			<?php
486			if ($input_errors)
487			print_input_errors($input_errors);
488			?>
489
490			<table width="100%" border="0" cellpadding="0" cellspacing="0">
491			<tr class="tabnavtbl">
492			<td id="tabnav">
493			<?php
494			$tab_array = array();
495	123929e0	Carlos Eduardo Ramos	$tab_array[0] = array(gettext("Tunnels"), true, "vpn_ipsec.php");
496			$tab_array[1] = array(gettext("Mobile clients"), false, "vpn_ipsec_mobile.php");
497	2a2b247b	jim-p	$tab_array[2] = array(gettext("Pre-Shared Keys"), false, "vpn_ipsec_keys.php");
498	5a3b0d3b	mgrooms	display_top_tabs($tab_array);
499			?>
500			</td>
501			</tr>
502			<tr>
503			<td id="mainarea">
504			<div class="tabcont">
505			<table width="100%" border="0" cellpadding="6" cellspacing="0">
506			<tr>
507	123929e0	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Disabled"); ?></td>
508	5a3b0d3b	mgrooms	<td width="78%" class="vtable">
509			<input name="disabled" type="checkbox" id="disabled" value="yes" <?php if ($pconfig['disabled']) echo "checked"; ?>>
510	123929e0	Carlos Eduardo Ramos	<strong><?=gettext("Disable this phase2 entry"); ?></strong>
511	5a3b0d3b	mgrooms	<br>
512	123929e0	Carlos Eduardo Ramos	<span class="vexpl"><?=gettext("Set this option to disable this phase2 entry without " .
513			"removing it from the list"); ?>.
514	5a3b0d3b	mgrooms	</span>
515			</td>
516			</tr>
517			<tr>
518	123929e0	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Mode"); ?></td>
519	4b96b367	mgrooms	<td width="78%" class="vtable">
520			<select name="mode" class="formselect" onChange="change_mode()">
521			<?php
522			foreach($p2_modes as $name => $value):
523			$selected = "";
524			if ($name == $pconfig['mode'])
525			$selected = "selected";
526			?>
527			<option value="<?=$name;?>" <?=$selected;?>><?=$value;?></option>
528			<?php endforeach; ?>
529			</select>
530			</td>
531			</tr>
532			<tr id="opt_localid">
533	123929e0	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Local Network"); ?></td>
534	5a3b0d3b	mgrooms	<td width="78%" class="vtable">
535			<table border="0" cellspacing="0" cellpadding="0">
536			<tr>
537	123929e0	Carlos Eduardo Ramos	<td><?=gettext("Type"); ?>:  </td>
538	5a3b0d3b	mgrooms	<td></td>
539			<td>
540			<select name="localid_type" class="formselect" onChange="typesel_change_local()">
541	123929e0	Carlos Eduardo Ramos	<option value="address" <?php if ($pconfig['localid_type'] == "address") echo "selected";?>><?=gettext("Address"); ?></option>
542			<option value="network" <?php if ($pconfig['localid_type'] == "network") echo "selected";?>><?=gettext("Network"); ?></option>
543	d48dbceb	Erik Fonnesbeck	<?php
544			$iflist = get_configured_interface_with_descr();
545			foreach ($iflist as $ifname => $ifdescr):
546			?>
547			<option value="<?=$ifname; ?>" <?php if ($pconfig['localid_type'] == $ifname ) echo "selected";?>><?=sprintf(gettext("%s subnet"), $ifdescr); ?></option>
548			<?php endforeach; ?>
549	5a3b0d3b	mgrooms	</select>
550			</td>
551			</tr>
552			<tr>
553	11c160b0	Rafael Lucas	<td><?=gettext("Address:");?>  </td>
554	5a3b0d3b	mgrooms	<td><?=$mandfldhtmlspc;?></td>
555			<td>
556	6255beda	Darren Embry	<input name="localid_address" type="text" class="formfld unknown ipv4v6" id="localid_address" size="28" value="<?=htmlspecialchars($pconfig['localid_address']);?>">
557	5a3b0d3b	mgrooms	/
558	6255beda	Darren Embry	<select name="localid_netbits" class="formselect ipv4v6" id="localid_netbits">
559	3795d067	Seth Mos	<?php for ($i = 128; $i >= 0; $i--): ?>
560	6255beda	Darren Embry	<option value="<?=$i;?>" <?php if (isset($pconfig['localid_netbits']) && $i == $pconfig['localid_netbits']) echo "selected"; ?>>
561	5a3b0d3b	mgrooms	<?=$i;?>
562			</option>
563			<?php endfor; ?>
564			</select>
565			</td>
566			</tr>
567	3c107b76	Ermal	<tr> <td colspan="3">
568			<br/>
569			<?php echo gettext("In case you need NAT/BINAT on this network specify the address to be translated"); ?>
570			</td></tr>
571			<tr>
572			<td><?=gettext("Type"); ?>:  </td>
573			<td></td>
574			<td>
575			<select name="natlocalid_type" class="formselect" onChange="typesel_change_natlocal()">
576	9a5a078a	Ermal	<option value="address" <?php if ($pconfig['natlocalid_type'] == "address") echo "selected";?>><?=gettext("Address"); ?></option>
577			<option value="network" <?php if ($pconfig['natlocalid_type'] == "network") echo "selected";?>><?=gettext("Network"); ?></option>
578	3c107b76	Ermal	<?php
579			$iflist = get_configured_interface_with_descr();
580			foreach ($iflist as $ifname => $ifdescr):
581			?>
582			<option value="<?=$ifname; ?>" <?php if ($pconfig['natlocalid_type'] == $ifname ) echo "selected";?>><?=sprintf(gettext("%s subnet"), $ifdescr); ?></option>
583			<?php endforeach; ?>
584	c9891afe	Ermal	<option value="none" <?php if (empty($pconfig['natlocalid_type']) \|\| $pconfig['natlocalid_type'] == "none" ) echo "selected";?>><?=gettext("None"); ?></option>
585	3c107b76	Ermal	</select>
586			</td>
587			</tr>
588			<tr>
589			<td><?=gettext("Address:");?>  </td>
590			<td><?=$mandfldhtmlspc;?></td>
591			<td>
592			<input name="natlocalid_address" type="text" class="formfld unknown ipv4v6" id="natlocalid_address" size="28" value="<?=htmlspecialchars($pconfig['natlocalid_address']);?>">
593			/
594			<select name="natlocalid_netbits" class="formselect ipv4v6" id="natlocalid_netbits">
595			<?php for ($i = 128; $i >= 0; $i--): ?>
596			<option value="<?=$i;?>" <?php if (isset($pconfig['natlocalid_netbits']) && $i == $pconfig['natlocalid_netbits']) echo "selected"; ?>>
597			<?=$i;?>
598			</option>
599			<?php endfor; ?>
600			</select>
601			</td>
602			</tr>
603	5a3b0d3b	mgrooms	</table>
604			</td>
605			</tr>
606
607			<?php if (!isset($pconfig['mobile'])): ?>
608
609	4b96b367	mgrooms	<tr id="opt_remoteid">
610	123929e0	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Remote Network"); ?></td>
611	5a3b0d3b	mgrooms	<td width="78%" class="vtable">
612			<table border="0" cellspacing="0" cellpadding="0">
613			<tr>
614	123929e0	Carlos Eduardo Ramos	<td><?=gettext("Type"); ?>:  </td>
615	5a3b0d3b	mgrooms	<td></td>
616			<td>
617			<select name="remoteid_type" class="formselect" onChange="typesel_change_remote()">
618	123929e0	Carlos Eduardo Ramos	<option value="address" <?php if ($pconfig['remoteid_type'] == "address") echo "selected"; ?>><?=gettext("Address"); ?></option>
619			<option value="network" <?php if ($pconfig['remoteid_type'] == "network") echo "selected"; ?>><?=gettext("Network"); ?></option>
620	5a3b0d3b	mgrooms	</select>
621			</td>
622			</tr>
623			<tr>
624	123929e0	Carlos Eduardo Ramos	<td><?=gettext("Address"); ?>:  </td>
625	5a3b0d3b	mgrooms	<td><?=$mandfldhtmlspc;?></td>
626			<td>
627	6255beda	Darren Embry	<input name="remoteid_address" type="text" class="formfld unknown ipv4v6" id="remoteid_address" size="28" value="<?=htmlspecialchars($pconfig['remoteid_address']);?>">
628	5a3b0d3b	mgrooms	/
629	6255beda	Darren Embry	<select name="remoteid_netbits" class="formselect ipv4v6" id="remoteid_netbits">
630	3795d067	Seth Mos	<?php for ($i = 128; $i >= 0; $i--) {
631	184d50b5	Ermal Lu?i
632			echo "<option value=\"{$i}\"";
633	6255beda	Darren Embry	if (isset($pconfig['remoteid_netbits']) && $i == $pconfig['remoteid_netbits']) echo " selected";
634	184d50b5	Ermal Lu?i	echo ">{$i}</option>\n";
635			} ?>
636	5a3b0d3b	mgrooms	</select>
637			</td>
638			</tr>
639			</table>
640	a93e56c5	Matthew Grooms	</td>
641	5a3b0d3b	mgrooms	</tr>
642
643	3462a529	Matthew Grooms	<?php endif; ?>
644	5a3b0d3b	mgrooms
645			<tr>
646	123929e0	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Description"); ?></td>
647	5a3b0d3b	mgrooms	<td width="78%" class="vtable">
648			<input name="descr" type="text" class="formfld unknown" id="descr" size="40" value="<?=htmlspecialchars($pconfig['descr']);?>">
649			<br>
650			<span class="vexpl">
651	123929e0	Carlos Eduardo Ramos	<?=gettext("You may enter a description here " .
652			"for your reference (not parsed)"); ?>.
653	5a3b0d3b	mgrooms	</span>
654			</td>
655			</tr>
656			<tr>
657			<td colspan="2" class="list" height="12"></td>
658			</tr>
659			<tr>
660			<td colspan="2" valign="top" class="listtopic">
661	123929e0	Carlos Eduardo Ramos	<?=gettext("Phase 2 proposal (SA/Key Exchange)"); ?>
662	5a3b0d3b	mgrooms	</td>
663			</tr>
664			<tr>
665	123929e0	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Protocol"); ?></td>
666	5a3b0d3b	mgrooms	<td width="78%" class="vtable">
667	4b96b367	mgrooms	<select name="proto" class="formselect" onChange="change_protocol()">
668	5a3b0d3b	mgrooms	<?php foreach ($p2_protos as $proto => $protoname): ?>
669			<option value="<?=$proto;?>" <?php if ($proto == $pconfig['proto']) echo "selected"; ?>>
670			<?=htmlspecialchars($protoname);?>
671			</option>
672			<?php endforeach; ?>
673			</select>
674			<br>
675			<span class="vexpl">
676	123929e0	Carlos Eduardo Ramos	<?=gettext("ESP is encryption, AH is authentication only"); ?>
677	5a3b0d3b	mgrooms	</span>
678			</td>
679			</tr>
680	87e07f52	mgrooms	<tr id="opt_enc">
681	123929e0	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Encryption algorithms"); ?></td>
682	5a3b0d3b	mgrooms	<td width="78%" class="vtable">
683			<table border="0" cellspacing="0" cellpadding="0">
684			<?php
685			foreach ($p2_ealgos as $algo => $algodata):
686			$checked = '';
687	b20a5cdb	Pierre POMES	if (is_array($pconfig['ealgos']) && in_array($algo,$pconfig['ealgos']))
688	5a3b0d3b	mgrooms	$checked = " checked";
689			?>
690			<tr>
691			<td>
692			<input type="checkbox" name="ealgos[]" value="<?=$algo;?>"<?=$checked?>>
693			</td>
694			<td>
695			<?=htmlspecialchars($algodata['name']);?>
696			</td>
697			<td>
698			<?php if(is_array($algodata['keysel'])): ?>
699
700			<select name="keylen_<?=$algo;?>" class="formselect">
701	123929e0	Carlos Eduardo Ramos	<option value="auto"><?=gettext("auto"); ?></option>
702	5a3b0d3b	mgrooms	<?php
703			$key_hi = $algodata['keysel']['hi'];
704			$key_lo = $algodata['keysel']['lo'];
705			$key_step = $algodata['keysel']['step'];
706			for ($keylen = $key_hi; $keylen >= $key_lo; $keylen -= $key_step):
707			$selected = '';
708			// if ($checked && in_array("keylen_".$algo,$pconfig))
709			if ($keylen == $pconfig["keylen_".$algo])
710			$selected = " selected";
711			?>
712	123929e0	Carlos Eduardo Ramos	<option value="<?=$keylen;?>"<?=$selected;?>><?=$keylen;?> <?=gettext("bits"); ?></option>
713	5a3b0d3b	mgrooms	<?php endfor; ?>
714			</select>
715			<?php endif; ?>
716			</td>
717			</tr>
718
719			<?php endforeach; ?>
720
721			</table>
722			<br>
723	123929e0	Carlos Eduardo Ramos	<?=gettext("Hint: use 3DES for best compatibility or if you have a hardware " .
724			"crypto accelerator card. Blowfish is usually the fastest in " .
725			"software encryption"); ?>.
726	5a3b0d3b	mgrooms	</td>
727			</tr>
728			<tr>
729	123929e0	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Hash algorithms"); ?></td>
730	5a3b0d3b	mgrooms	<td width="78%" class="vtable">
731			<?php foreach ($p2_halgos as $algo => $algoname): ?>
732			<input type="checkbox" name="halgos[]" value="<?=$algo;?>" <?php if (in_array($algo, $pconfig['halgos'])) echo "checked"; ?>>
733			<?=htmlspecialchars($algoname);?>
734			<br>
735			<?php endforeach; ?>
736			</td>
737			</tr>
738			<tr>
739	123929e0	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("PFS key group"); ?></td>
740	5a3b0d3b	mgrooms	<td width="78%" class="vtable">
741			<?php if (!isset($pconfig['mobile']) \|\| !isset($a_client['pfs_group'])): ?>
742			<select name="pfsgroup" class="formselect">
743			<?php foreach ($p2_pfskeygroups as $keygroup => $keygroupname): ?>
744			<option value="<?=$keygroup;?>" <?php if ($keygroup == $pconfig['pfsgroup']) echo "selected"; ?>>
745			<?=htmlspecialchars($keygroupname);?>
746			</option>
747			<?php endforeach; ?>
748			</select>
749			<br>
750			<?php else: ?>
751
752			<select class="formselect" disabled>
753			<option selected><?=$p2_pfskeygroups[$a_client['pfs_group']];?></option>
754			</select>
755	dd5bf424	Scott Ullrich	<input name="pfsgroup" type="hidden" value="<?=htmlspecialchars($pconfig['pfsgroup']);?>">
756	5a3b0d3b	mgrooms	<br>
757	123929e0	Carlos Eduardo Ramos	<span class="vexpl"><em><?=gettext("Set globally in mobile client options"); ?></em></span>
758	5a3b0d3b	mgrooms	<?php endif; ?>
759			</td>
760			</tr>
761			<tr>
762	123929e0	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Lifetime"); ?></td>
763	5a3b0d3b	mgrooms	<td width="78%" class="vtable">
764	dd5bf424	Scott Ullrich	<input name="lifetime" type="text" class="formfld unknown" id="lifetime" size="20" value="<?=htmlspecialchars($pconfig['lifetime']);?>">
765	123929e0	Carlos Eduardo Ramos	<?=gettext("seconds"); ?>
766	5a3b0d3b	mgrooms	</td>
767			</tr>
768	87e07f52	mgrooms	<tr>
769			<td colspan="2" class="list" height="12"></td>
770			</tr>
771			<tr>
772	123929e0	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="listtopic"><?=gettext("Advanced Options"); ?></td>
773	87e07f52	mgrooms	</tr>
774			<tr>
775	123929e0	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Automatically ping host"); ?></td>
776	87e07f52	mgrooms	<td width="78%" class="vtable">
777	c271c485	Seth Mos	<input name="pinghost" type="text" class="formfld unknown" id="pinghost" size="28" value="<?=htmlspecialchars($pconfig['pinghost']);?>">
778	123929e0	Carlos Eduardo Ramos	<?=gettext("IP address"); ?>
779	87e07f52	mgrooms	</td>
780			</tr>
781	5a3b0d3b	mgrooms	<tr>
782			<td width="22%" valign="top"> </td>
783			<td width="78%">
784			<?php if (isset($p2index) && $a_phase2[$p2index]): ?>
785			<input name="p2index" type="hidden" value="<?=$p2index;?>">
786			<?php endif; ?>
787			<?php if ($pconfig['mobile']): ?>
788			<input name="mobile" type="hidden" value="true">
789			<input name="remoteid_type" type="hidden" value="mobile">
790			<?php endif; ?>
791	123929e0	Carlos Eduardo Ramos	<input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>">
792	dd5bf424	Scott Ullrich	<input name="ikeid" type="hidden" value="<?=htmlspecialchars($pconfig['ikeid']);?>">
793	5a3b0d3b	mgrooms	</td>
794			</tr>
795			</table>
796			</div>
797			</td>
798			</tr>
799			</table>
800	a93e56c5	Matthew Grooms	</form>
801			<script lannguage="JavaScript">
802			<!--
803	dd5bf424	Scott Ullrich	change_mode('<?=htmlspecialchars($pconfig['mode'])?>');
804			change_protocol('<?=htmlspecialchars($pconfig['proto'])?>');
805			typesel_change_local(<?=htmlspecialchars($pconfig['localid_netbits'])?>);
806	3c107b76	Ermal	typesel_change_natlocal(<?=htmlspecialchars($pconfig['natlocalid_netbits'])?>);
807	71880c96	pierrepomes	<?php if (!isset($pconfig['mobile'])): ?>
808	dd5bf424	Scott Ullrich	typesel_change_remote(<?=htmlspecialchars($pconfig['remoteid_netbits'])?>);
809	71880c96	pierrepomes	<?php endif; ?>
810	a93e56c5	Matthew Grooms	//-->
811			</script>
812			<?php include("fend.inc"); ?>
813	3462a529	Matthew Grooms	</body>
814			</html>
815	a93e56c5	Matthew Grooms
816			<?php
817
818	3462a529	Matthew Grooms	/* local utility functions */
819
820	a93e56c5	Matthew Grooms	function pconfig_to_ealgos(& $pconfig) {
821
822			global $p2_ealgos;
823
824			$ealgos = array();
825	b20a5cdb	Pierre POMES	if (is_array($pconfig['ealgos'])) {
826			foreach ($p2_ealgos as $algo_name => $algo_data) {
827			if (in_array($algo_name,$pconfig['ealgos'])) {
828			$ealg = array();
829			$ealg['name'] = $algo_name;
830			if (is_array($algo_data['keysel']))
831			$ealg['keylen'] = $_POST["keylen_".$algo_name];
832			$ealgos[] = $ealg;
833			}
834	a93e56c5	Matthew Grooms	}
835			}
836
837			return $ealgos;
838			}
839
840			function ealgos_to_pconfig(& $ealgos,& $pconfig) {
841
842			$pconfig['ealgos'] = array();
843			foreach ($ealgos as $algo_data) {
844			$pconfig['ealgos'][] = $algo_data['name'];
845			if (isset($algo_data['keylen']))
846			$pconfig["keylen_".$algo_data['name']] = $algo_data['keylen'];
847			}
848
849			return $ealgos;
850			}
851
852			function pconfig_to_idinfo($prefix,& $pconfig) {
853
854			$type = $pconfig[$prefix."id_type"];
855			$address = $pconfig[$prefix."id_address"];
856			$netbits = $pconfig[$prefix."id_netbits"];
857
858			switch( $type )
859			{
860			case "address":
861			return array('type' => $type, 'address' => $address);
862			case "network":
863			return array('type' => $type, 'address' => $address, 'netbits' => $netbits);
864			default:
865			return array('type' => $type );
866			}
867			}
868
869			function idinfo_to_pconfig($prefix,& $idinfo,& $pconfig) {
870
871			switch( $idinfo['type'] )
872			{
873			case "address":
874			$pconfig[$prefix."id_type"] = $idinfo['type'];
875			$pconfig[$prefix."id_address"] = $idinfo['address'];
876			break;
877			case "network":
878			$pconfig[$prefix."id_type"] = $idinfo['type'];
879			$pconfig[$prefix."id_address"] = $idinfo['address'];
880			$pconfig[$prefix."id_netbits"] = $idinfo['netbits'];
881			break;
882			default:
883			$pconfig[$prefix."id_type"] = $idinfo['type'];
884			break;
885			}
886			}
887
888			?>

Project

General

Profile

pfSense