/usr/local/www/vpn_ipsec_phase1.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/usr/local/www/vpn_ipsec_phase1.php @ baaa8bb1

1	a93e56c5	Matthew Grooms	<?php
2			/*
3			vpn_ipsec_phase1.php
4			part of m0n0wall (http://m0n0.ch/wall)
5
6			Copyright (C) 2008 Shrew Soft Inc
7			Copyright (C) 2003-2005 Manuel Kasper <mk@neon1.net>.
8			All rights reserved.
9
10			Redistribution and use in source and binary forms, with or without
11			modification, are permitted provided that the following conditions are met:
12
13			1. Redistributions of source code must retain the above copyright notice,
14			this list of conditions and the following disclaimer.
15
16			2. Redistributions in binary form must reproduce the above copyright
17			notice, this list of conditions and the following disclaimer in the
18			documentation and/or other materials provided with the distribution.
19
20			THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
21			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
22			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
23			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
24			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
25			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
26			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
27			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29			POSSIBILITY OF SUCH DAMAGE.
30			*/
31
32	6b07c15a	Matthew Grooms	##\|+PRIV
33			##\|*IDENT=page-vpn-ipsec-editphase1
34			##\|*NAME=VPN: IPsec: Edit Phase 1 page
35			##\|*DESCR=Allow access to the 'VPN: IPsec: Edit Phase 1' page.
36			##\|MATCH=vpn_ipsec_phase1.php
37			##\|-PRIV
38
39	0f84b741	Scott Ullrich	require("functions.inc");
40	a93e56c5	Matthew Grooms	require("guiconfig.inc");
41	483e6de8	Scott Ullrich	require_once("ipsec.inc");
42			require_once("vpn.inc");
43	a93e56c5	Matthew Grooms
44			if (!is_array($config['ipsec']['phase1']))
45			$config['ipsec']['phase1'] = array();
46
47	647c7c48	Seth Mos	if (!is_array($config['ipsec']['phase2']))
48			$config['ipsec']['phase2'] = array();
49
50	a93e56c5	Matthew Grooms	$a_phase1 = &$config['ipsec']['phase1'];
51	647c7c48	Seth Mos	$a_phase2 = &$config['ipsec']['phase2'];
52	a93e56c5	Matthew Grooms
53			$p1index = $_GET['p1index'];
54			if (isset($_POST['p1index']))
55			$p1index = $_POST['p1index'];
56
57			if (isset($_GET['dup'])) {
58			$p1index = $_GET['dup'];
59			}
60
61	fad728ab	sullrich	if (isset($p1index) && $a_phase1[$p1index]) {
62	99bbd213	Matthew Grooms	// don't copy the ikeid on dup
63			if (!isset($_GET['dup']))
64			$pconfig['ikeid'] = $a_phase1[$p1index]['ikeid'];
65	7fc26246	Seth Mos
66	647c7c48	Seth Mos	$old_ph1ent = $a_phase1[$p1index];
67	99bbd213	Matthew Grooms
68	a93e56c5	Matthew Grooms	$pconfig['disabled'] = isset($a_phase1[$p1index]['disabled']);
69
70			if ($a_phase1[$p1index]['interface'])
71			$pconfig['interface'] = $a_phase1[$p1index]['interface'];
72			else
73			$pconfig['interface'] = "wan";
74
75			list($pconfig['remotenet'],$pconfig['remotebits']) = explode("/", $a_phase1[$p1index]['remote-subnet']);
76	3462a529	Matthew Grooms
77			if (isset($a_phase1[$p1index]['mobile']))
78			$pconfig['mobile'] = 'true';
79			else
80			$pconfig['remotegw'] = $a_phase1[$p1index]['remote-gateway'];
81
82	a93e56c5	Matthew Grooms	$pconfig['mode'] = $a_phase1[$p1index]['mode'];
83			$pconfig['myid_type'] = $a_phase1[$p1index]['myid_type'];
84			$pconfig['myid_data'] = $a_phase1[$p1index]['myid_data'];
85			$pconfig['peerid_type'] = $a_phase1[$p1index]['peerid_type'];
86			$pconfig['peerid_data'] = $a_phase1[$p1index]['peerid_data'];
87			$pconfig['ealgo'] = $a_phase1[$p1index]['encryption-algorithm'];
88			$pconfig['halgo'] = $a_phase1[$p1index]['hash-algorithm'];
89			$pconfig['dhgroup'] = $a_phase1[$p1index]['dhgroup'];
90			$pconfig['lifetime'] = $a_phase1[$p1index]['lifetime'];
91			$pconfig['authentication_method'] = $a_phase1[$p1index]['authentication_method'];
92	812dd35d	jim-p	$pconfig['proposal_check'] = $a_phase1[$p1index]['proposal_check'];
93	4e2af464	Matthew Grooms
94	fad728ab	sullrich	if (($pconfig['authentication_method'] == "pre_shared_key") \|\|
95	4e2af464	Matthew Grooms	($pconfig['authentication_method'] == "xauth_psk_server")) {
96			$pconfig['pskey'] = $a_phase1[$p1index]['pre-shared-key'];
97			} else {
98	73fbece8	mgrooms	$pconfig['certref'] = $a_phase1[$p1index]['certref'];
99	a22d475f	jim-p	$pconfig['caref'] = $a_phase1[$p1index]['caref'];
100	4e2af464	Matthew Grooms	}
101	a93e56c5	Matthew Grooms
102			$pconfig['descr'] = $a_phase1[$p1index]['descr'];
103			$pconfig['nat_traversal'] = $a_phase1[$p1index]['nat_traversal'];
104	3462a529	Matthew Grooms
105			if ($a_phase1[$p1index]['dpd_delay'] && $a_phase1[$p1index]['dpd_maxfail']) {
106			$pconfig['dpd_enable'] = true;
107			$pconfig['dpd_delay'] = $a_phase1[$p1index]['dpd_delay'];
108			$pconfig['dpd_maxfail'] = $a_phase1[$p1index]['dpd_maxfail'];
109			}
110	fad728ab	sullrich	} else {
111	a93e56c5	Matthew Grooms	/* defaults */
112			$pconfig['interface'] = "wan";
113			if($config['interfaces']['lan'])
114			$pconfig['localnet'] = "lan";
115			$pconfig['mode'] = "aggressive";
116			$pconfig['myid_type'] = "myaddress";
117			$pconfig['peerid_type'] = "peeraddress";
118			$pconfig['authentication_method'] = "pre_shared_key";
119			$pconfig['ealgo'] = array( name => "3des" );
120			$pconfig['halgo'] = "sha1";
121			$pconfig['dhgroup'] = "2";
122			$pconfig['lifetime'] = "28800";
123			$pconfig['nat_traversal'] = "on";
124	3462a529	Matthew Grooms	$pconfig['dpd_enable'] = true;
125
126			/* mobile client */
127			if($_GET['mobile'])
128			$pconfig['mobile']=true;
129	a93e56c5	Matthew Grooms	}
130
131			if (isset($_GET['dup']))
132			unset($p1index);
133
134			if ($_POST) {
135			unset($input_errors);
136			$pconfig = $_POST;
137
138			/* input validation */
139	3462a529	Matthew Grooms
140			$method = $pconfig['authentication_method'];
141	99642234	jim-p
142	1f65618b	jim-p	// Only require PSK here for normal PSK tunnels (not mobile) or xauth.
143	0a7c9c8e	jim-p	// For RSA methods, require the CA/Cert.
144	99642234	jim-p	switch ($method) {
145			case "pre_shared_key":
146	0a7c9c8e	jim-p	// If this is a mobile PSK tunnel the user PSKs go on
147			// the PSK tab, not here, so skip the check.
148	99642234	jim-p	if ($pconfig['mobile'])
149			break;
150			case "xauth_psk_server":
151			$reqdfields = explode(" ", "pskey");
152			$reqdfieldsn = array(gettext("Pre-Shared Key"));
153			break;
154			case "hybrid_rsa_server":
155			case "xauth_rsa_server":
156			case "rsasig":
157			$reqdfields = explode(" ", "caref certref");
158			$reqdfieldsn = array(gettext("Certificate Authority"),gettext("Certificate"));
159			break;
160	a93e56c5	Matthew Grooms	}
161	3462a529	Matthew Grooms	if (!$pconfig['mobile']) {
162			$reqdfields[] = "remotegw";
163	2fbb33f1	Carlos Eduardo Ramos	$reqdfieldsn[] = gettext("Remote gateway");
164	3462a529	Matthew Grooms	}
165	a93e56c5	Matthew Grooms
166	3462a529	Matthew Grooms	do_input_validation($pconfig, $reqdfields, $reqdfieldsn, &$input_errors);
167	a93e56c5	Matthew Grooms
168	3462a529	Matthew Grooms	if (($pconfig['lifetime'] && !is_numeric($pconfig['lifetime'])))
169	2fbb33f1	Carlos Eduardo Ramos	$input_errors[] = gettext("The P1 lifetime must be an integer.");
170	a93e56c5	Matthew Grooms
171	3462a529	Matthew Grooms	if (($pconfig['remotegw'] && !is_ipaddr($pconfig['remotegw']) && !is_domain($pconfig['remotegw'])))
172	2fbb33f1	Carlos Eduardo Ramos	$input_errors[] = gettext("A valid remote gateway address or host name must be specified.");
173	a93e56c5	Matthew Grooms
174	3462a529	Matthew Grooms	if (($pconfig['remotegw'] && is_ipaddr($pconfig['remotegw']) && !isset($pconfig['disabled']) )) {
175	a93e56c5	Matthew Grooms	$t = 0;
176			foreach ($a_phase1 as $ph1tmp) {
177			if ($p1index <> $t) {
178			$tremotegw = $pconfig['remotegw'];
179			if (($ph1tmp['remote-gateway'] == $tremotegw) && !isset($ph1tmp['disabled'])) {
180	ddc55e12	Erik Fonnesbeck	$input_errors[] = sprintf(gettext('The remote gateway "%1$s" is already used by phase1 "%2$s".'), $tremotegw, $ph1tmp['descr']);
181	a93e56c5	Matthew Grooms	}
182			}
183			$t++;
184			}
185			}
186
187			/* My identity */
188
189	3462a529	Matthew Grooms	if ($pconfig['myid_type'] == "myaddress")
190			$pconfig['myid_data'] = "";
191	a93e56c5	Matthew Grooms
192	3462a529	Matthew Grooms	if ($pconfig['myid_type'] == "address" and $pconfig['myid_data'] == "")
193	a93e56c5	Matthew Grooms	$input_errors[] = gettext("Please enter an address for 'My Identifier'");
194
195	3462a529	Matthew Grooms	if ($pconfig['myid_type'] == "keyid tag" and $pconfig['myid_data'] == "")
196	a93e56c5	Matthew Grooms	$input_errors[] = gettext("Please enter a keyid tag for 'My Identifier'");
197
198	3462a529	Matthew Grooms	if ($pconfig['myid_type'] == "fqdn" and $pconfig['myid_data'] == "")
199	a93e56c5	Matthew Grooms	$input_errors[] = gettext("Please enter a fully qualified domain name for 'My Identifier'");
200
201	3462a529	Matthew Grooms	if ($pconfig['myid_type'] == "user_fqdn" and $pconfig['myid_data'] == "")
202	a93e56c5	Matthew Grooms	$input_errors[] = gettext("Please enter a user and fully qualified domain name for 'My Identifier'");
203
204	3462a529	Matthew Grooms	if ($pconfig['myid_type'] == "dyn_dns" and $pconfig['myid_data'] == "")
205	a93e56c5	Matthew Grooms	$input_errors[] = gettext("Please enter a dynamic domain name for 'My Identifier'");
206
207	3462a529	Matthew Grooms	if ((($pconfig['myid_type'] == "address") && !is_ipaddr($pconfig['myid_data'])))
208	2fbb33f1	Carlos Eduardo Ramos	$input_errors[] = gettext("A valid IP address for 'My identifier' must be specified.");
209	a93e56c5	Matthew Grooms
210	3462a529	Matthew Grooms	if ((($pconfig['myid_type'] == "fqdn") && !is_domain($pconfig['myid_data'])))
211	2fbb33f1	Carlos Eduardo Ramos	$input_errors[] = gettext("A valid domain name for 'My identifier' must be specified.");
212	a93e56c5	Matthew Grooms
213	3462a529	Matthew Grooms	if ($pconfig['myid_type'] == "fqdn")
214			if (is_domain($pconfig['myid_data']) == false)
215	2fbb33f1	Carlos Eduardo Ramos	$input_errors[] = gettext("A valid FQDN for 'My identifier' must be specified.");
216	a93e56c5	Matthew Grooms
217	3462a529	Matthew Grooms	if ($pconfig['myid_type'] == "user_fqdn") {
218			$user_fqdn = explode("@",$pconfig['myid_data']);
219	a93e56c5	Matthew Grooms	if (is_domain($user_fqdn[1]) == false)
220	2fbb33f1	Carlos Eduardo Ramos	$input_errors[] = gettext("A valid User FQDN in the form of user@my.domain.com for 'My identifier' must be specified.");
221	a93e56c5	Matthew Grooms	}
222
223	3462a529	Matthew Grooms	if ($pconfig['myid_type'] == "dyn_dns")
224			if (is_domain($pconfig['myid_data']) == false)
225	2fbb33f1	Carlos Eduardo Ramos	$input_errors[] = gettext("A valid Dynamic DNS address for 'My identifier' must be specified.");
226	a93e56c5	Matthew Grooms
227			/* Peer identity */
228
229	3462a529	Matthew Grooms	if ($pconfig['myid_type'] == "peeraddress")
230			$pconfig['peerid_data'] = "";
231
232	1f65618b	jim-p	// Only enforce peer ID if we are not dealing with a pure-psk mobile config.
233			if (!(($pconfig['authentication_method'] == "pre_shared_key") && ($pconfig['mobile']))) {
234			if ($pconfig['peerid_type'] == "address" and $pconfig['peerid_data'] == "")
235			$input_errors[] = gettext("Please enter an address for 'Peer Identifier'");
236	a93e56c5	Matthew Grooms
237	1f65618b	jim-p	if ($pconfig['peerid_type'] == "keyid tag" and $pconfig['peerid_data'] == "")
238			$input_errors[] = gettext("Please enter a keyid tag for 'Peer Identifier'");
239	a93e56c5	Matthew Grooms
240	1f65618b	jim-p	if ($pconfig['peerid_type'] == "fqdn" and $pconfig['peerid_data'] == "")
241			$input_errors[] = gettext("Please enter a fully qualified domain name for 'Peer Identifier'");
242	a93e56c5	Matthew Grooms
243	1f65618b	jim-p	if ($pconfig['peerid_type'] == "user_fqdn" and $pconfig['peerid_data'] == "")
244			$input_errors[] = gettext("Please enter a user and fully qualified domain name for 'Peer Identifier'");
245	a93e56c5	Matthew Grooms
246	1f65618b	jim-p	if ((($pconfig['peerid_type'] == "address") && !is_ipaddr($pconfig['peerid_data'])))
247	2fbb33f1	Carlos Eduardo Ramos	$input_errors[] = gettext("A valid IP address for 'Peer identifier' must be specified.");
248	a93e56c5	Matthew Grooms
249	1f65618b	jim-p	if ((($pconfig['peerid_type'] == "fqdn") && !is_domain($pconfig['peerid_data'])))
250	2fbb33f1	Carlos Eduardo Ramos	$input_errors[] = gettext("A valid domain name for 'Peer identifier' must be specified.");
251	a93e56c5	Matthew Grooms
252	1f65618b	jim-p	if ($pconfig['peerid_type'] == "fqdn")
253			if (is_domain($pconfig['peerid_data']) == false)
254	2fbb33f1	Carlos Eduardo Ramos	$input_errors[] = gettext("A valid FQDN for 'Peer identifier' must be specified.");
255	a93e56c5	Matthew Grooms
256	1f65618b	jim-p	if ($pconfig['peerid_type'] == "user_fqdn") {
257			$user_fqdn = explode("@",$pconfig['peerid_data']);
258			if (is_domain($user_fqdn[1]) == false)
259	2fbb33f1	Carlos Eduardo Ramos	$input_errors[] = gettext("A valid User FQDN in the form of user@my.domain.com for 'Peer identifier' must be specified.");
260	1f65618b	jim-p	}
261	a93e56c5	Matthew Grooms	}
262
263	3462a529	Matthew Grooms	if ($pconfig['dpd_enable']) {
264			if (!is_numeric($pconfig['dpd_delay']))
265	2fbb33f1	Carlos Eduardo Ramos	$input_errors[] = gettext("A numeric value must be specified for DPD delay.");
266	a93e56c5	Matthew Grooms
267	3462a529	Matthew Grooms	if (!is_numeric($pconfig['dpd_maxfail']))
268	2fbb33f1	Carlos Eduardo Ramos	$input_errors[] = gettext("A numeric value must be specified for DPD retries.");
269	a93e56c5	Matthew Grooms	}
270
271			/* build our encryption algorithms array */
272			$pconfig['ealgo'] = array();
273			$pconfig['ealgo']['name'] = $_POST['ealgo'];
274	3462a529	Matthew Grooms	if($pconfig['ealgo_keylen'])
275	a93e56c5	Matthew Grooms	$pconfig['ealgo']['keylen'] = $_POST['ealgo_keylen'];
276
277			if (!$input_errors) {
278	3462a529	Matthew Grooms	$ph1ent['ikeid'] = $pconfig['ikeid'];
279			$ph1ent['disabled'] = $pconfig['disabled'] ? true : false;
280	a93e56c5	Matthew Grooms	$ph1ent['interface'] = $pconfig['interface'];
281			/* if the remote gateway changed and the interface is not WAN then remove route */
282			/* the vpn_ipsec_configure() handles adding the route */
283	3462a529	Matthew Grooms	if ($pconfig['interface'] <> "wan") {
284	7fc26246	Seth Mos	if($old_ph1ent['remote-gateway'] <> $pconfig['remotegw']) {
285			mwexec("/sbin/route delete -host {$oldph1ent['remote-gateway']}");
286	a93e56c5	Matthew Grooms	}
287			}
288
289	3462a529	Matthew Grooms	if ($pconfig['mobile'])
290			$ph1ent['mobile'] = true;
291			else
292			$ph1ent['remote-gateway'] = $pconfig['remotegw'];
293
294			$ph1ent['mode'] = $pconfig['mode'];
295
296			$ph1ent['myid_type'] = $pconfig['myid_type'];
297			$ph1ent['myid_data'] = $pconfig['myid_data'];
298			$ph1ent['peerid_type'] = $pconfig['peerid_type'];
299			$ph1ent['peerid_data'] = $pconfig['peerid_data'];
300	a93e56c5	Matthew Grooms
301			$ph1ent['encryption-algorithm'] = $pconfig['ealgo'];
302	3462a529	Matthew Grooms	$ph1ent['hash-algorithm'] = $pconfig['halgo'];
303			$ph1ent['dhgroup'] = $pconfig['dhgroup'];
304			$ph1ent['lifetime'] = $pconfig['lifetime'];
305			$ph1ent['pre-shared-key'] = $pconfig['pskey'];
306			$ph1ent['private-key'] = base64_encode($pconfig['privatekey']);
307	73fbece8	mgrooms	$ph1ent['certref'] = $pconfig['certref'];
308	a22d475f	jim-p	$ph1ent['caref'] = $pconfig['caref'];
309	3462a529	Matthew Grooms	$ph1ent['authentication_method'] = $pconfig['authentication_method'];
310	812dd35d	jim-p	$ph1ent['proposal_check'] = $pconfig['proposal_check'];
311	3462a529	Matthew Grooms	$ph1ent['descr'] = $pconfig['descr'];
312			$ph1ent['nat_traversal'] = $pconfig['nat_traversal'];
313
314			if (isset($pconfig['dpd_enable'])) {
315			$ph1ent['dpd_delay'] = $pconfig['dpd_delay'];
316			$ph1ent['dpd_maxfail'] = $pconfig['dpd_maxfail'];
317			}
318
319	a93e56c5	Matthew Grooms	/* generate unique phase1 ikeid */
320	d799787e	Matthew Grooms	if ($ph1ent['ikeid'] == 0)
321			$ph1ent['ikeid'] = ipsec_ikeid_next();
322	a93e56c5	Matthew Grooms
323			if (isset($p1index) && $a_phase1[$p1index])
324			$a_phase1[$p1index] = $ph1ent;
325			else
326			$a_phase1[] = $ph1ent;
327
328	647c7c48	Seth Mos	/* now we need to find all phase2 entries for this host */
329			if (is_array($a_phase2) && (count($a_phase2))) {
330			foreach ($a_phase2 as $phase2) {
331			if($phase2['ikeid'] == $ph1ent['ikeid']) {
332	7fc26246	Seth Mos	log_error("Reload {$ph1ent['descr']} tunnel(s)");
333	647c7c48	Seth Mos	$old_ph1ent['remote-gateway'] = resolve_retry($old_ph1ent['remote-gateway']);
334			$old_phase2 = $phase2;
335			reload_tunnel_spd_policy ($ph1ent, $phase2, $old_ph1ent, $old_phase2);
336			}
337			}
338			}
339	a93e56c5	Matthew Grooms	write_config();
340	a368a026	Ermal Lu?i	mark_subsystem_dirty('ipsec');
341	a93e56c5	Matthew Grooms
342			header("Location: vpn_ipsec.php");
343			exit;
344			}
345			}
346
347	3462a529	Matthew Grooms	if ($pconfig['mobile'])
348	2fbb33f1	Carlos Eduardo Ramos	$pgtitle = array(gettext("VPN"),gettext("IPsec"),gettext("Edit Phase 1"), gettext("Mobile Client"));
349	3462a529	Matthew Grooms	else
350	2fbb33f1	Carlos Eduardo Ramos	$pgtitle = array(gettext("VPN"),gettext("IPsec"),gettext("Edit Phase 1"));
351	6deedfde	jim-p	$statusurl = "diag_ipsec.php";
352			$logurl = "diag_logs_ipsec.php";
353
354	3462a529	Matthew Grooms
355	a93e56c5	Matthew Grooms	include("head.inc");
356
357			?>
358
359			<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
360			<?php include("fbegin.inc"); ?>
361			<script language="JavaScript">
362			<!--
363	3462a529	Matthew Grooms
364			function myidsel_change() {
365			index = document.iform.myid_type.selectedIndex;
366			value = document.iform.myid_type.options[index].value;
367			if (value == 'myaddress')
368	5a3b0d3b	mgrooms	document.getElementById('myid_data').style.visibility = 'hidden';
369	3462a529	Matthew Grooms	else
370	5a3b0d3b	mgrooms	document.getElementById('myid_data').style.visibility = 'visible';
371	3462a529	Matthew Grooms	}
372
373			function peeridsel_change() {
374			index = document.iform.peerid_type.selectedIndex;
375			value = document.iform.peerid_type.options[index].value;
376			if (value == 'peeraddress')
377	5a3b0d3b	mgrooms	document.getElementById('peerid_data').style.visibility = 'hidden';
378	3462a529	Matthew Grooms	else
379	5a3b0d3b	mgrooms	document.getElementById('peerid_data').style.visibility = 'visible';
380	3462a529	Matthew Grooms	}
381
382	a93e56c5	Matthew Grooms	function methodsel_change() {
383	3462a529	Matthew Grooms	index = document.iform.authentication_method.selectedIndex;
384			value = document.iform.authentication_method.options[index].value;
385
386			switch (value) {
387			case 'hybrid_rsa_server':
388	5a3b0d3b	mgrooms	document.getElementById('opt_psk').style.display = 'none';
389	1f65618b	jim-p	document.getElementById('opt_peerid').style.display = '';
390	73fbece8	mgrooms	document.getElementById('opt_cert').style.display = '';
391	a22d475f	jim-p	document.getElementById('opt_ca').style.display = '';
392	3462a529	Matthew Grooms	break;
393			case 'xauth_rsa_server':
394			case 'rsasig':
395	5a3b0d3b	mgrooms	document.getElementById('opt_psk').style.display = 'none';
396	1f65618b	jim-p	document.getElementById('opt_peerid').style.display = '';
397	73fbece8	mgrooms	document.getElementById('opt_cert').style.display = '';
398	a22d475f	jim-p	document.getElementById('opt_ca').style.display = '';
399	a93e56c5	Matthew Grooms	break;
400	1f65618b	jim-p	<?php if ($pconfig['mobile']) { ?>
401			case 'pre_shared_key':
402			document.getElementById('opt_psk').style.display = 'none';
403			document.getElementById('opt_peerid').style.display = 'none';
404			document.getElementById('opt_cert').style.display = 'none';
405	a22d475f	jim-p	document.getElementById('opt_ca').style.display = 'none';
406	1f65618b	jim-p	break;
407			<?php } ?>
408	3462a529	Matthew Grooms	default: /* psk modes*/
409	5a3b0d3b	mgrooms	document.getElementById('opt_psk').style.display = '';
410	1f65618b	jim-p	document.getElementById('opt_peerid').style.display = '';
411	73fbece8	mgrooms	document.getElementById('opt_cert').style.display = 'none';
412	a22d475f	jim-p	document.getElementById('opt_ca').style.display = 'none';
413	a93e56c5	Matthew Grooms	break;
414			}
415			}
416
417			/* PHP generated java script for variable length keys */
418			function ealgosel_change(bits) {
419			switch (document.iform.ealgo.selectedIndex) {
420			<?php
421			$i = 0;
422			foreach ($p1_ealgos as $algo => $algodata) {
423			if (is_array($algodata['keysel'])) {
424			echo " case {$i}:\n";
425			echo " document.iform.ealgo_keylen.style.visibility = 'visible';\n";
426			echo " document.iform.ealgo_keylen.options.length = 0;\n";
427			// echo " document.iform.ealgo_keylen.options[document.iform.ealgo_keylen.options.length] = new Option( 'auto', 'auto' );\n";
428
429			$key_hi = $algodata['keysel']['hi'];
430			$key_lo = $algodata['keysel']['lo'];
431			$key_step = $algodata['keysel']['step'];
432
433			for ($keylen = $key_hi; $keylen >= $key_lo; $keylen -= $key_step)
434			echo " document.iform.ealgo_keylen.options[document.iform.ealgo_keylen.options.length] = new Option( '{$keylen} bits', '{$keylen}' );\n";
435			echo " break;\n";
436			} else {
437			echo " case {$i}:\n";
438			echo " document.iform.ealgo_keylen.style.visibility = 'hidden';\n";
439			echo " document.iform.ealgo_keylen.options.length = 0;\n";
440			echo " break;\n";
441			}
442			$i++;
443			}
444			?>
445			}
446
447			if( bits )
448			document.iform.ealgo_keylen.value = bits;
449			}
450	3462a529	Matthew Grooms
451	a93e56c5	Matthew Grooms	function dpdchkbox_change() {
452	5a3b0d3b	mgrooms	if( document.iform.dpd_enable.checked )
453			document.getElementById('opt_dpd').style.display = '';
454			else
455			document.getElementById('opt_dpd').style.display = 'none';
456	3462a529	Matthew Grooms
457			if (!document.iform.dpd_delay.value)
458			document.iform.dpd_delay.value = "10";
459
460			if (!document.iform.dpd_maxfail.value)
461			document.iform.dpd_maxfail.value = "5";
462	a93e56c5	Matthew Grooms	}
463	3462a529	Matthew Grooms
464	a93e56c5	Matthew Grooms	//-->
465			</script>
466	5a3b0d3b	mgrooms
467			<form action="vpn_ipsec_phase1.php" method="post" name="iform" id="iform">
468
469			<?php
470			if ($input_errors)
471			print_input_errors($input_errors);
472			?>
473
474			<table width="100%" border="0" cellpadding="0" cellspacing="0">
475			<tr class="tabnavtbl">
476			<td id="tabnav">
477			<?php
478			$tab_array = array();
479	2fbb33f1	Carlos Eduardo Ramos	$tab_array[0] = array(gettext("Tunnels"), true, "vpn_ipsec.php");
480			$tab_array[1] = array(gettext("Mobile clients"), false, "vpn_ipsec_mobile.php");
481			$tab_array[2] = array(gettext("Pre-shared keys"), false, "vpn_ipsec_keys.php");
482	5a3b0d3b	mgrooms	display_top_tabs($tab_array);
483			?>
484			</td>
485			</tr>
486			<tr>
487			<td id="mainarea">
488			<div class="tabcont">
489			<table width="100%" border="0" cellpadding="6" cellspacing="0">
490			<tr>
491	2fbb33f1	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="listtopic"><?=gettext("General information"); ?></td>
492	5a3b0d3b	mgrooms	</tr>
493			<tr>
494	2fbb33f1	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Disabled"); ?></td>
495	5a3b0d3b	mgrooms	<td width="78%" class="vtable">
496			<input name="disabled" type="checkbox" id="disabled" value="yes" <?php if ($pconfig['disabled']) echo "checked"; ?>>
497	2fbb33f1	Carlos Eduardo Ramos	<strong><?=gettext("Disable this phase1 entry"); ?></strong><br>
498	5a3b0d3b	mgrooms	<span class="vexpl">
499	2fbb33f1	Carlos Eduardo Ramos	<?=gettext("Set this option to disable this phase1 without " .
500			"removing it from the list"); ?>.
501	5a3b0d3b	mgrooms	</span>
502			</td>
503			</tr>
504			<tr>
505	2fbb33f1	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Interface"); ?></td>
506	5a3b0d3b	mgrooms	<td width="78%" class="vtable">
507			<select name="interface" class="formselect">
508			<?php
509			$interfaces = get_configured_interface_with_descr();
510	abcb2bed	Ermal Lu?i	$carplist = get_configured_carp_interface_list();
511			foreach ($carplist as $cif => $carpip)
512			$interfaces[$cif] = strtoupper($cif) . " ({$carpip})";
513	5a3b0d3b	mgrooms	foreach ($interfaces as $iface => $ifacename):
514			?>
515			<option value="<?=$iface;?>" <?php if ($iface == $pconfig['interface']) echo "selected"; ?>>
516			<?=htmlspecialchars($ifacename);?>
517			</option>
518			<?php endforeach; ?>
519			</select>
520			<br>
521	2fbb33f1	Carlos Eduardo Ramos	<span class="vexpl"><?=gettext("Select the interface for the local endpoint of this phase1 entry"); ?>.</span>
522	5a3b0d3b	mgrooms	</td>
523			</tr>
524
525			<?php if (!$pconfig['mobile']): ?>
526
527			<tr>
528	2fbb33f1	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Remote gateway"); ?></td>
529	5a3b0d3b	mgrooms	<td width="78%" class="vtable">
530			<?=$mandfldhtml;?><input name="remotegw" type="text" class="formfld unknown" id="remotegw" size="20" value="<?=$pconfig['remotegw'];?>">
531			<br>
532	2fbb33f1	Carlos Eduardo Ramos	<?=gettext("Enter the public IP address or host name of the remote gateway"); ?>
533	5a3b0d3b	mgrooms	</td>
534			</tr>
535
536			<?php endif; ?>
537
538			<tr>
539	2fbb33f1	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Description"); ?></td>
540	5a3b0d3b	mgrooms	<td width="78%" class="vtable">
541			<input name="descr" type="text" class="formfld unknown" id="descr" size="40" value="<?=htmlspecialchars($pconfig['descr']);?>">
542			<br>
543			<span class="vexpl">
544	2fbb33f1	Carlos Eduardo Ramos	<?=gettext("You may enter a description here " .
545			"for your reference (not parsed)"); ?>.
546	5a3b0d3b	mgrooms	</span>
547			</td>
548			</tr>
549			<tr>
550			<td colspan="2" class="list" height="12"></td>
551			</tr>
552			<tr>
553			<td colspan="2" valign="top" class="listtopic">
554	2fbb33f1	Carlos Eduardo Ramos	<?=gettext("Phase 1 proposal (Authentication)"); ?>
555	5a3b0d3b	mgrooms	</td>
556			</tr>
557	71d61aa5	jim-p	<tr>
558	2fbb33f1	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Authentication method"); ?></td>
559	71d61aa5	jim-p	<td width="78%" class="vtable">
560			<select name="authentication_method" class="formselect" onChange="methodsel_change()">
561			<?php
562			foreach ($p1_authentication_methods as $method_type => $method_params):
563			if (!$pconfig['mobile'] && $method_params['mobile'])
564			continue;
565			?>
566			<option value="<?=$method_type;?>" <?php if ($method_type == $pconfig['authentication_method']) echo "selected"; ?>>
567			<?=htmlspecialchars($method_params['name']);?>
568			</option>
569			<?php endforeach; ?>
570			</select>
571			<br>
572			<span class="vexpl">
573	2fbb33f1	Carlos Eduardo Ramos	<?=gettext("Must match the setting chosen on the remote side"); ?>.
574	71d61aa5	jim-p	</span>
575			</td>
576			</tr>
577	5a3b0d3b	mgrooms	<tr>
578	2fbb33f1	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Negotiation mode"); ?></td>
579	5a3b0d3b	mgrooms	<td width="78%" class="vtable">
580			<select name="mode" class="formselect">
581			<?php
582	cd82ab61	Carlos Eduardo Ramos	$modes = array(gettext("main"),gettext("aggressive"));
583	5a3b0d3b	mgrooms	foreach ($modes as $mode):
584			?>
585			<option value="<?=$mode;?>" <?php if ($mode == $pconfig['mode']) echo "selected"; ?>>
586			<?=htmlspecialchars($mode);?>
587			</option>
588			<?php endforeach; ?>
589	2fbb33f1	Carlos Eduardo Ramos	</select> <br> <span class="vexpl"><?=gettext("Aggressive is more flexible, but less secure"); ?>.</span>
590	5a3b0d3b	mgrooms	</td>
591			</tr>
592			<tr>
593	2fbb33f1	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("My identifier"); ?></td>
594	5a3b0d3b	mgrooms	<td width="78%" class="vtable">
595			<select name="myid_type" class="formselect" onChange="myidsel_change()">
596			<?php foreach ($my_identifier_list as $id_type => $id_params): ?>
597			<option value="<?=$id_type;?>" <?php if ($id_type == $pconfig['myid_type']) echo "selected"; ?>>
598			<?=htmlspecialchars($id_params['desc']);?>
599			</option>
600			<?php endforeach; ?>
601			</select>
602			<input name="myid_data" type="text" class="formfld unknown" id="myid_data" size="30" value="<?=$pconfig['myid_data'];?>">
603			</td>
604			</tr>
605	1f65618b	jim-p	<tr id="opt_peerid">
606	2fbb33f1	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Peer identifier"); ?></td>
607	5a3b0d3b	mgrooms	<td width="78%" class="vtable">
608			<select name="peerid_type" class="formselect" onChange="peeridsel_change()">
609			<?php
610			foreach ($peer_identifier_list as $id_type => $id_params):
611			if ($pconfig['mobile'] && !$id_params['mobile'])
612			continue;
613			?>
614			<option value="<?=$id_type;?>" <?php if ($id_type == $pconfig['peerid_type']) echo "selected"; ?>>
615			<?=htmlspecialchars($id_params['desc']);?>
616			</option>
617			<?php endforeach; ?>
618			</select>
619			<input name="peerid_data" type="text" class="formfld unknown" id="peerid_data" size="30" value="<?=$pconfig['peerid_data'];?>">
620	1f65618b	jim-p	<?php if ($pconfig['mobile']) { ?>
621	2fbb33f1	Carlos Eduardo Ramos	<br/><br/><?=gettext("NOTE: This is known as the \"group\" setting on some VPN client implementations"); ?>.
622	1f65618b	jim-p	<?php } ?>
623	5a3b0d3b	mgrooms	</td>
624			</tr>
625	71d61aa5	jim-p	<tr id="opt_psk">
626	2fbb33f1	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Pre-Shared Key"); ?></td>
627	71d61aa5	jim-p	<td width="78%" class="vtable">
628			<?=$mandfldhtml;?>
629			<input name="pskey" type="text" class="formfld unknown" id="pskey" size="40" value="<?=htmlspecialchars($pconfig['pskey']);?>">
630			<span class="vexpl">
631			<br>
632	2fbb33f1	Carlos Eduardo Ramos	<?=gettext("Input your pre-shared key string"); ?>.
633	71d61aa5	jim-p	</span>
634			</td>
635			</tr>
636	812dd35d	jim-p	<tr id="proposal_check">
637			<td width="22%" valign="top" class="vncellreq"><?=gettext("Proposal Checking"); ?></td>
638			<td width="78%" class="vtable">
639			<select name="proposal_check" class="formselect">
640			<option value="" <?php if (empty($pconfig['proposal_check'])) echo "selected"; ?>>Default</option>
641			<option value="obey" <?php if ($pconfig['proposal_check'] == "obey") echo "selected"; ?>>Obey</option>
642			<option value="strict" <?php if ($pconfig['proposal_check'] == "strict") echo "selected"; ?>>Strict</option>
643			<option value="claim" <?php if ($pconfig['proposal_check'] == "claim") echo "selected"; ?>>Claim</option>
644			<option value="exact" <?php if ($pconfig['proposal_check'] == "exact") echo "selected"; ?>>Exact</option>
645			</select>
646			<br>
647			<span class="vexpl">
648			<?=gettext("Specifies the action of lifetime length, key length, and PFS of the phase 2 selection on the responder side, and the action of lifetime check in phase 1."); ?>
649			</span>
650			</td>
651			</tr>
652	5a3b0d3b	mgrooms	<tr>
653	2fbb33f1	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Encryption algorithm"); ?></td>
654	5a3b0d3b	mgrooms	<td width="78%" class="vtable">
655			<select name="ealgo" class="formselect" onChange="ealgosel_change()">
656			<?php
657			foreach ($p1_ealgos as $algo => $algodata):
658			$selected = '';
659			if ($algo == $pconfig['ealgo']['name'])
660			$selected = ' selected';
661			?>
662			<option value="<?=$algo;?>"<?=$selected?>>
663			<?=htmlspecialchars($algodata['name']);?>
664			</option>
665			<?php endforeach; ?>
666			</select>
667			<select name="ealgo_keylen" width="30" class="formselect">
668			</select>
669			</td>
670			</tr>
671			<tr>
672	2fbb33f1	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Hash algorithm"); ?></td>
673	5a3b0d3b	mgrooms	<td width="78%" class="vtable">
674			<select name="halgo" class="formselect">
675			<?php foreach ($p1_halgos as $algo => $algoname): ?>
676			<option value="<?=$algo;?>" <?php if ($algo == $pconfig['halgo']) echo "selected"; ?>>
677			<?=htmlspecialchars($algoname);?>
678			</option>
679			<?php endforeach; ?>
680			</select>
681			<br>
682			<span class="vexpl">
683	2fbb33f1	Carlos Eduardo Ramos	<?=gettext("Must match the setting chosen on the remote side"); ?>.
684	5a3b0d3b	mgrooms	</span>
685			</td>
686			</tr>
687			<tr>
688	2fbb33f1	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("DH key group"); ?></td>
689	5a3b0d3b	mgrooms	<td width="78%" class="vtable">
690			<select name="dhgroup" class="formselect">
691			<?php $keygroups = explode(" ", "1 2 5"); foreach ($keygroups as $keygroup): ?>
692			<option value="<?=$keygroup;?>" <?php if ($keygroup == $pconfig['dhgroup']) echo "selected"; ?>>
693			<?=htmlspecialchars($keygroup);?>
694			</option>
695			<?php endforeach; ?>
696			</select>
697			<br>
698			<span class="vexpl">
699	2fbb33f1	Carlos Eduardo Ramos	<em><?=gettext("1 = 768 bit, 2 = 1024 bit, 5 = 1536 bit"); ?></em>
700	5a3b0d3b	mgrooms	<br>
701	2fbb33f1	Carlos Eduardo Ramos	<?=gettext("Must match the setting chosen on the remote side"); ?>.
702	5a3b0d3b	mgrooms	</span>
703			</td>
704			</tr>
705			<tr>
706	2fbb33f1	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Lifetime"); ?></td>
707	5a3b0d3b	mgrooms	<td width="78%" class="vtable">
708			<input name="lifetime" type="text" class="formfld unknown" id="lifetime" size="20" value="<?=$pconfig['lifetime'];?>">
709	2fbb33f1	Carlos Eduardo Ramos	<?=gettext("seconds"); ?>
710	5a3b0d3b	mgrooms	</td>
711			</tr>
712	73fbece8	mgrooms	<tr id="opt_cert">
713	2fbb33f1	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("My Certificate"); ?></td>
714	5a3b0d3b	mgrooms	<td width="78%" class="vtable">
715	73fbece8	mgrooms	<select name='certref' class="formselect">
716			<?php
717	b4e6524c	jim-p	foreach ($config['cert'] as $cert):
718	73fbece8	mgrooms	$selected = "";
719			if ($pconfig['certref'] == $cert['refid'])
720			$selected = "selected";
721			?>
722	f2a86ca9	jim-p	<option value="<?=$cert['refid'];?>" <?=$selected;?>><?=$cert['descr'];?></option>
723	73fbece8	mgrooms	<?php endforeach; ?>
724			</select>
725	5a3b0d3b	mgrooms	<br>
726	73fbece8	mgrooms	<span class="vexpl">
727	2fbb33f1	Carlos Eduardo Ramos	<?=gettext("Select a certificate previously configured in the Certificate Manager"); ?>.
728	73fbece8	mgrooms	</span>
729	5a3b0d3b	mgrooms	</td>
730			</tr>
731	a22d475f	jim-p	<tr id="opt_ca">
732			<td width="22%" valign="top" class="vncellreq"><?=gettext("My Certificate Authority"); ?></td>
733			<td width="78%" class="vtable">
734			<select name='caref' class="formselect">
735			<?php
736	b4e6524c	jim-p	foreach ($config['ca'] as $ca):
737	a22d475f	jim-p	$selected = "";
738			if ($pconfig['caref'] == $ca['refid'])
739			$selected = "selected";
740			?>
741	f2a86ca9	jim-p	<option value="<?=$ca['refid'];?>" <?=$selected;?>><?=$ca['descr'];?></option>
742	a22d475f	jim-p	<?php endforeach; ?>
743			</select>
744			<br>
745			<span class="vexpl">
746			<?=gettext("Select a certificate authority previously configured in the Certificate Manager"); ?>.
747			</span>
748			</td>
749			</tr>
750	5a3b0d3b	mgrooms	<tr>
751			<td colspan="2" class="list" height="12"></td>
752			</tr>
753			<tr>
754	2fbb33f1	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="listtopic"><?=gettext("Advanced Options"); ?></td>
755	5a3b0d3b	mgrooms	</tr>
756			<tr>
757	2fbb33f1	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("NAT Traversal"); ?></td>
758	5a3b0d3b	mgrooms	<td width="78%" class="vtable">
759			<select name="nat_traversal" class="formselect">
760	2fbb33f1	Carlos Eduardo Ramos	<option value="off" <?php if ($pconfig['nat_traversal'] == "off") echo "selected"; ?>><?=gettext("Disable"); ?></option>
761			<option value="on" <?php if ($pconfig['nat_traversal'] == "on") echo "selected"; ?>><?=gettext("Enable"); ?></option>
762			<option value="force" <?php if ($pconfig['nat_traversal'] == "force") echo "selected"; ?>><?=gettext("Force"); ?></option>
763	5a3b0d3b	mgrooms	</select>
764			<br/>
765			<span class="vexpl">
766	2fbb33f1	Carlos Eduardo Ramos	<?=gettext("Set this option to enable the use of NAT-T (i.e. the encapsulation of ESP in UDP packets) if needed, " .
767			"which can help with clients that are behind restrictive firewalls"); ?>.
768	5a3b0d3b	mgrooms	</span>
769			</td>
770			</tr>
771			<tr>
772	2fbb33f1	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Dead Peer Detection"); ?></td>
773	5a3b0d3b	mgrooms	<td width="78%" class="vtable">
774			<input name="dpd_enable" type="checkbox" id="dpd_enable" value="yes" <?php if (isset($pconfig['dpd_enable'])) echo "checked"; ?> onClick="dpdchkbox_change()">
775	2fbb33f1	Carlos Eduardo Ramos	<?=gettext("Enable DPD"); ?><br>
776	5a3b0d3b	mgrooms	<div id="opt_dpd">
777			<br>
778			<input name="dpd_delay" type="text" class="formfld unknown" id="dpd_delay" size="5" value="<?=$pconfig['dpd_delay'];?>">
779	2fbb33f1	Carlos Eduardo Ramos	<?=gettext("seconds"); ?><br>
780	5a3b0d3b	mgrooms	<span class="vexpl">
781	2fbb33f1	Carlos Eduardo Ramos	<?=gettext("Delay between requesting peer acknowledgement"); ?>.
782	5a3b0d3b	mgrooms	</span><br>
783			<br>
784			<input name="dpd_maxfail" type="text" class="formfld unknown" id="dpd_maxfail" size="5" value="<?=$pconfig['dpd_maxfail'];?>">
785	2fbb33f1	Carlos Eduardo Ramos	<?=gettext("retries"); ?><br>
786	5a3b0d3b	mgrooms	<span class="vexpl">
787	2fbb33f1	Carlos Eduardo Ramos	<?=gettext("Number of consecutive failures allowed before disconnect"); ?>.
788	5a3b0d3b	mgrooms	</span>
789			<br>
790			</div>
791			</td>
792			</tr>
793			<tr>
794			<td width="22%" valign="top"> </td>
795			<td width="78%">
796			<?php if (isset($p1index) && $a_phase1[$p1index]): ?>
797			<input name="p1index" type="hidden" value="<?=$p1index;?>">
798			<?php endif; ?>
799			<?php if ($pconfig['mobile']): ?>
800			<input name="mobile" type="hidden" value="true">
801			<?php endif; ?>
802			<input name="ikeid" type="hidden" value="<?=$pconfig['ikeid'];?>">
803	2fbb33f1	Carlos Eduardo Ramos	<input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>">
804	5a3b0d3b	mgrooms	</td>
805			</tr>
806			</table>
807			</div>
808			</td>
809			</tr>
810			</table>
811	a93e56c5	Matthew Grooms	</form>
812	5a3b0d3b	mgrooms
813	a93e56c5	Matthew Grooms	<script lannguage="JavaScript">
814			<!--
815			<?php
816			/* determine if we should init the key length */
817			$keyset = '';
818			if (isset($pconfig['ealgo']['keylen']))
819			if (is_numeric($pconfig['ealgo']['keylen']))
820			$keyset = $pconfig['ealgo']['keylen'];
821			?>
822	3462a529	Matthew Grooms	myidsel_change();
823			peeridsel_change();
824	a93e56c5	Matthew Grooms	methodsel_change();
825			ealgosel_change(<?=$keyset;?>);
826			dpdchkbox_change();
827			//-->
828			</script>
829			<?php include("fend.inc"); ?>
830	3462a529	Matthew Grooms	</body>
831			</html>

Project

General

Profile

pfSense