/usr/local/www/vpn_ipsec.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/usr/local/www/vpn_ipsec.php @ d7563eeb

1	5b237745	Scott Ullrich	<?php
2			/*
3			vpn_ipsec.php
4	e2411886	Scott Ullrich	part of m0n0wall (http://m0n0.ch/wall)
5	29aef6c4	Jim Thompson	part of pfSense
6	574a2b47	Scott Ullrich
7	e2411886	Scott Ullrich	Copyright (C) 2003-2005 Manuel Kasper <mk@neon1.net>.
8	a93e56c5	Matthew Grooms	Copyright (C) 2008 Shrew Soft Inc
9	29aef6c4	Jim Thompson	Copyright (C) 2013-2014 Electric Sheep Fencing, LP
10	cfc707f7	Scott Ullrich	All rights reserved.
11	574a2b47	Scott Ullrich
12	5b237745	Scott Ullrich	Redistribution and use in source and binary forms, with or without
13			modification, are permitted provided that the following conditions are met:
14	574a2b47	Scott Ullrich
15	5b237745	Scott Ullrich	1. Redistributions of source code must retain the above copyright notice,
16			this list of conditions and the following disclaimer.
17	574a2b47	Scott Ullrich
18	5b237745	Scott Ullrich	2. Redistributions in binary form must reproduce the above copyright
19			notice, this list of conditions and the following disclaimer in the
20			documentation and/or other materials provided with the distribution.
21	574a2b47	Scott Ullrich
22	5b237745	Scott Ullrich	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
23			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
24			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
25			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
26			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
27			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
28			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
29			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
30			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
31			POSSIBILITY OF SUCH DAMAGE.
32			*/
33
34	6b07c15a	Matthew Grooms	##\|+PRIV
35			##\|*IDENT=page-vpn-ipsec
36			##\|*NAME=VPN: IPsec page
37			##\|*DESCR=Allow access to the 'VPN: IPsec' page.
38			##\|MATCH=vpn_ipsec.php
39			##\|-PRIV
40
41	5b237745	Scott Ullrich	require("guiconfig.inc");
42	7a927e67	Scott Ullrich	require_once("functions.inc");
43			require_once("filter.inc");
44			require_once("shaper.inc");
45	483e6de8	Scott Ullrich	require_once("ipsec.inc");
46			require_once("vpn.inc");
47	5b237745	Scott Ullrich
48	a93e56c5	Matthew Grooms	if (!is_array($config['ipsec']['phase1']))
49			$config['ipsec']['phase1'] = array();
50
51			if (!is_array($config['ipsec']['phase2']))
52			$config['ipsec']['phase2'] = array();
53
54			$a_phase1 = &$config['ipsec']['phase1'];
55			$a_phase2 = &$config['ipsec']['phase2'];
56
57	5b237745	Scott Ullrich	$pconfig['enable'] = isset($config['ipsec']['enable']);
58
59			if ($_POST) {
60			if ($_POST['apply']) {
61			$retval = 0;
62	3851094f	Scott Ullrich	$retval = vpn_ipsec_configure();
63	04b46591	Ermal Lu?i	/* reload the filter in the background */
64			filter_configure();
65	5b237745	Scott Ullrich	$savemsg = get_std_save_message($retval);
66	d17c7b79	jim-p	if ($retval >= 0) {
67	a368a026	Ermal Lu?i	if (is_subsystem_dirty('ipsec'))
68			clear_subsystem_dirty('ipsec');
69	5b237745	Scott Ullrich	}
70			} else if ($_POST['submit']) {
71			$pconfig = $_POST;
72	574a2b47	Scott Ullrich
73	5b237745	Scott Ullrich	$config['ipsec']['enable'] = $_POST['enable'] ? true : false;
74	c20acc35	Scott Ullrich
75	5b237745	Scott Ullrich	write_config();
76	9fad9848	jim-p
77			$retval = vpn_ipsec_configure();
78	eca6f787	Renato Botelho	} else if (isset($_POST['del_x'])) {
79			/* delete selected p1 entries */
80			if (is_array($_POST['p1entry']) && count($_POST['p1entry'])) {
81			foreach ($_POST['p1entry'] as $p1entrydel) {
82			unset($a_phase1[$p1entrydel]);
83			}
84			if (write_config())
85			mark_subsystem_dirty('ipsec');
86			}
87	761882a1	Renato Botelho	} else if (isset($_POST['delp2_x'])) {
88			/* delete selected p2 entries */
89			if (is_array($_POST['p2entry']) && count($_POST['p2entry'])) {
90			foreach ($_POST['p2entry'] as $p2entrydel) {
91			unset($a_phase2[$p2entrydel]);
92			}
93			if (write_config())
94			mark_subsystem_dirty('ipsec');
95			}
96	eca6f787	Renato Botelho	} else {
97			/* yuck - IE won't send value attributes for image buttons, while Mozilla does - so we use .x/.y to find move button clicks instead... */
98	495c7f0c	Renato Botelho	unset($delbtn, $delbtnp2, $movebtn, $movebtnp2, $togglebtn, $togglebtnp2);
99	eca6f787	Renato Botelho	foreach ($_POST as $pn => $pd) {
100	495c7f0c	Renato Botelho	if (preg_match("/del_(\d+)_x/", $pn, $matches)) {
101			$delbtn = $matches[1];
102			} else if (preg_match("/delp2_(\d+)_x/", $pn, $matches)) {
103			$delbtnp2 = $matches[1];
104			} else if (preg_match("/move_(\d+)_x/", $pn, $matches)) {
105	eca6f787	Renato Botelho	$movebtn = $matches[1];
106	495c7f0c	Renato Botelho	} else if (preg_match("/movep2_(\d+)_x/", $pn, $matches)) {
107			$movebtnp2 = $matches[1];
108			} else if (preg_match("/toggle_(\d+)_x/", $pn, $matches)) {
109			$togglebtn = $matches[1];
110			} else if (preg_match("/togglep2_(\d+)_x/", $pn, $matches)) {
111			$togglebtnp2 = $matches[1];
112	eca6f787	Renato Botelho	}
113			}
114	495c7f0c	Renato Botelho
115			$save = 1;
116
117	eca6f787	Renato Botelho	/* move selected p1 entries before this */
118			if (isset($movebtn) && is_array($_POST['p1entry']) && count($_POST['p1entry'])) {
119			$a_phase1_new = array();
120
121			/* copy all p1 entries < $movebtn and not selected */
122			for ($i = 0; $i < $movebtn; $i++) {
123			if (!in_array($i, $_POST['p1entry']))
124			$a_phase1_new[] = $a_phase1[$i];
125			}
126
127			/* copy all selected p1 entries */
128			for ($i = 0; $i < count($a_phase1); $i++) {
129			if ($i == $movebtn)
130			continue;
131			if (in_array($i, $_POST['p1entry']))
132			$a_phase1_new[] = $a_phase1[$i];
133			}
134
135			/* copy $movebtn p1 entry */
136			if ($movebtn < count($a_phase1))
137			$a_phase1_new[] = $a_phase1[$movebtn];
138
139			/* copy all p1 entries > $movebtn and not selected */
140			for ($i = $movebtn+1; $i < count($a_phase1); $i++) {
141			if (!in_array($i, $_POST['p1entry']))
142			$a_phase1_new[] = $a_phase1[$i];
143			}
144			if (count($a_phase1_new) > 0)
145			$a_phase1 = $a_phase1_new;
146
147	495c7f0c	Renato Botelho	} else if (isset($movebtnp2) && is_array($_POST['p2entry']) && count($_POST['p2entry'])) {
148			/* move selected p2 entries before this */
149	761882a1	Renato Botelho	$a_phase2_new = array();
150
151	495c7f0c	Renato Botelho	/* copy all p2 entries < $movebtnp2 and not selected */
152			for ($i = 0; $i < $movebtnp2; $i++) {
153	761882a1	Renato Botelho	if (!in_array($i, $_POST['p2entry']))
154			$a_phase2_new[] = $a_phase2[$i];
155			}
156
157			/* copy all selected p2 entries */
158			for ($i = 0; $i < count($a_phase2); $i++) {
159	495c7f0c	Renato Botelho	if ($i == $movebtnp2)
160	761882a1	Renato Botelho	continue;
161			if (in_array($i, $_POST['p2entry']))
162			$a_phase2_new[] = $a_phase2[$i];
163			}
164
165	495c7f0c	Renato Botelho	/* copy $movebtnp2 p2 entry */
166			if ($movebtnp2 < count($a_phase2))
167			$a_phase2_new[] = $a_phase2[$movebtnp2];
168	761882a1	Renato Botelho
169	495c7f0c	Renato Botelho	/* copy all p2 entries > $movebtnp2 and not selected */
170			for ($i = $movebtnp2+1; $i < count($a_phase2); $i++) {
171	761882a1	Renato Botelho	if (!in_array($i, $_POST['p2entry']))
172			$a_phase2_new[] = $a_phase2[$i];
173			}
174			if (count($a_phase2_new) > 0)
175			$a_phase2 = $a_phase2_new;
176
177	495c7f0c	Renato Botelho	} else if (isset($togglebtn)) {
178			if (isset($a_phase1[$togglebtn]['disabled']))
179			unset($a_phase1[$togglebtn]['disabled']);
180			else
181			$a_phase1[$togglebtn]['disabled'] = true;
182	5b237745	Scott Ullrich
183	495c7f0c	Renato Botelho	} else if (isset($togglebtnp2)) {
184			if (isset($a_phase2[$togglebtnp2]['disabled']))
185			unset($a_phase2[$togglebtnp2]['disabled']);
186			else
187			$a_phase2[$togglebtnp2]['disabled'] = true;
188	6fd8526b	Rafael Abdo
189	495c7f0c	Renato Botelho	} else if (isset($delbtn)) {
190			/* remove static route if interface is not WAN */
191			if ($a_phase1[$delbtn]['interface'] <> "wan")
192			mwexec("/sbin/route delete -host {$a_phase1[$delbtn]['remote-gateway']}");
193	eca6f787	Renato Botelho
194	495c7f0c	Renato Botelho	/* remove all phase2 entries that match the ikeid */
195			$ikeid = $a_phase1[$delbtn]['ikeid'];
196			foreach ($a_phase2 as $p2index => $ph2tmp)
197			if ($ph2tmp['ikeid'] == $ikeid) {
198			unset($a_phase2[$p2index]);
199			}
200	eca6f787	Renato Botelho
201	495c7f0c	Renato Botelho	unset($a_phase1[$delbtn]);
202	761882a1	Renato Botelho
203	495c7f0c	Renato Botelho	} else if (isset($delbtnp2)) {
204			unset($a_phase2[$delbtnp2]);
205	761882a1	Renato Botelho
206	495c7f0c	Renato Botelho	} else
207			$save = 0;
208
209			if ($save === 1) {
210			if (write_config())
211			mark_subsystem_dirty('ipsec');
212			}
213			}
214	5b237745	Scott Ullrich	}
215	4df96eff	Scott Ullrich
216	108f16bf	Carlos Eduardo Ramos	$pgtitle = array(gettext("VPN"),gettext("IPsec"));
217	b32dd0a6	jim-p	$shortcut_section = "ipsec";
218	6deedfde	jim-p
219	4df96eff	Scott Ullrich	include("head.inc");
220
221	53d4b84d	Scott Ullrich	?>
222	422f27c0	Scott Ullrich
223			<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
224	5b237745	Scott Ullrich	<?php include("fbegin.inc"); ?>
225			<form action="vpn_ipsec.php" method="post">
226	eca6f787	Renato Botelho	<script type="text/javascript" src="/javascript/row_toggle.js"></script>
227	323d040b	Scott Ullrich	<?php
228	a93e56c5	Matthew Grooms	if ($savemsg)
229			print_info_box($savemsg);
230	a368a026	Ermal Lu?i	if ($pconfig['enable'] && is_subsystem_dirty('ipsec'))
231	8cd558b6	ayvis	print_info_box_np(gettext("The IPsec tunnel configuration has been changed") . ".<br />" . gettext("You must apply the changes in order for them to take effect."));
232	574a2b47	Scott Ullrich	?>
233	391453a1	Colin Fleming	<table width="100%" border="0" cellpadding="0" cellspacing="0" summary="vpn ipsec">
234	a93e56c5	Matthew Grooms	<tr>
235			<td class="tabnavtbl">
236	e0fb12c1	Renato Botelho	<?php
237			$tab_array = array();
238			$tab_array[0] = array(gettext("Tunnels"), true, "vpn_ipsec.php");
239			$tab_array[1] = array(gettext("Mobile clients"), false, "vpn_ipsec_mobile.php");
240			$tab_array[2] = array(gettext("Pre-Shared Keys"), false, "vpn_ipsec_keys.php");
241			$tab_array[3] = array(gettext("Advanced Settings"), false, "vpn_ipsec_settings.php");
242			display_top_tabs($tab_array);
243			?>
244	a93e56c5	Matthew Grooms	</td>
245			</tr>
246			<tr>
247			<td>
248			<div id="mainarea">
249	391453a1	Colin Fleming	<table class="tabcont" width="100%" border="0" cellpadding="6" cellspacing="0" summary="main area">
250	a93e56c5	Matthew Grooms	<tr>
251			<td class="vtable">
252	391453a1	Colin Fleming	<table border="0" cellspacing="2" cellpadding="0" summary="enable">
253	667725ce	Matthew Grooms	<tr>
254			<td>
255	391453a1	Colin Fleming	<input name="enable" type="checkbox" id="enable" value="yes" <?php if ($pconfig['enable']) echo "checked=\"checked\"";?> />
256	667725ce	Matthew Grooms	</td>
257			<td>
258	108f16bf	Carlos Eduardo Ramos	<strong><?=gettext("Enable IPsec"); ?></strong>
259	667725ce	Matthew Grooms	</td>
260			</tr>
261			</table>
262	a93e56c5	Matthew Grooms	</td>
263			</tr>
264			<tr>
265			<td>
266	391453a1	Colin Fleming	<input name="submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>" />
267	a93e56c5	Matthew Grooms	</td>
268			</tr>
269			</table>
270	391453a1	Colin Fleming	<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0" summary="phase-1 entries">
271	eca6f787	Renato Botelho	<tr id="frheader">
272			<td class="list"> </td>
273			<td class="list"> </td>
274			<td class="listhdrr"><?=gettext("IKE"); ?></td>
275			<td class="listhdrr"><?=gettext("Remote Gateway"); ?></td>
276			<td class="listhdrr"><?=gettext("Mode"); ?></td>
277			<td class="listhdrr"><?=gettext("P1 Protocol"); ?></td>
278			<td class="listhdrr"><?=gettext("P1 Transforms"); ?></td>
279			<td class="listhdrr"><?=gettext("P1 Description"); ?></td>
280			<td class="list">
281			</td>
282			</tr>
283	e0fb12c1	Renato Botelho	<?php
284			$i = 0;
285			foreach ($a_phase1 as $ph1ent):
286	eca6f787	Renato Botelho	$iconfn = "pass";
287			$spans = $spane = "";
288			if (isset($ph1ent['disabled'])) {
289	e0fb12c1	Renato Botelho	$spans = "<span class=\"gray\">";
290			$spane = "</span>";
291	eca6f787	Renato Botelho	$iconfn .= "_d";
292	e0fb12c1	Renato Botelho	}
293			?>
294	eca6f787	Renato Botelho	<tr valign="top" id="fr<?=$i;?>" ondblclick="document.location='vpn_ipsec_phase1.php?p1index=<?=$i;?>'">
295			<td class="listt" align="center" valign="middle">
296			<input type="checkbox" id="frc<?=$i;?>" name="p1entry[]" value="<?=$i;?>" onclick="fr_bgcolor('<?=$i;?>')" style="margin: 0; padding: 0; width: 15px; height: 15px;" />
297			</td>
298			<td class="listt" align="center" valign="middle">
299	495c7f0c	Renato Botelho	<input name="toggle_<?=$i;?>" src="/themes/<?= $g['theme']; ?>/images/icons/icon_<?=$iconfn?>.gif"
300			title="<?=gettext("click to toggle enabled/disabled status");?>"
301			type="image" style="height:11;width:11;border:0" />
302	eca6f787	Renato Botelho	</td>
303			<td class="listlr" onclick="fr_toggle(<?=$i;?>)" id="frd<?=$i;?>">
304	20452c68	Ermal	<?=$spans;?>
305	e0fb12c1	Renato Botelho	<?php
306			if (empty($ph1ent['iketype']) \|\| $ph1ent['iketype'] == "ikev1")
307			echo "V1";
308			else
309			echo "V2";
310			?>
311	20452c68	Ermal	<?=$spane;?>
312			</td>
313	eca6f787	Renato Botelho	<td class="listr" onclick="fr_toggle(<?=$i;?>)" id="frd<?=$i;?>">
314	a93e56c5	Matthew Grooms	<?=$spans;?>
315	e0fb12c1	Renato Botelho	<?php
316			if ($ph1ent['interface']) {
317			$iflabels = get_configured_interface_with_descr();
318
319			$carplist = get_configured_carp_interface_list();
320			foreach ($carplist as $cif => $carpip)
321			$iflabels[$cif] = $carpip." (".get_vip_descr($carpip).")";
322
323			$aliaslist = get_configured_ip_aliases_list();
324			foreach ($aliaslist as $aliasip => $aliasif)
325			$iflabels[$aliasip] = $aliasip." (".get_vip_descr($aliasip).")";
326
327			$grouplist = return_gateway_groups_array();
328			foreach ($grouplist as $name => $group) {
329			if($group[0]['vip'] <> "")
330			$vipif = $group[0]['vip'];
331			else
332			$vipif = $group[0]['int'];
333			$iflabels[$name] = "GW Group {$name}";
334	a93e56c5	Matthew Grooms	}
335	e0fb12c1	Renato Botelho	$if = htmlspecialchars($iflabels[$ph1ent['interface']]);
336			}
337			else
338			$if = "WAN";
339	a93e56c5	Matthew Grooms
340	e0fb12c1	Renato Botelho	if (!isset($ph1ent['mobile']))
341			echo $if."<br />".$ph1ent['remote-gateway'];
342			else
343			echo $if."<br /><strong>" . gettext("Mobile Client") . "</strong>";
344			?>
345	a93e56c5	Matthew Grooms	<?=$spane;?>
346			</td>
347	eca6f787	Renato Botelho	<td class="listr" onclick="fr_toggle(<?=$i;?>)" id="frd<?=$i;?>">
348	a93e56c5	Matthew Grooms	<?=$spans;?>
349	563ea7ea	Chris Buechler	<?php
350			if (empty($ph1ent['iketype']) \|\| $ph1ent['iketype'] == "ikev1")
351			echo "{$ph1ent['mode']}";
352			?>
353	a93e56c5	Matthew Grooms	<?=$spane;?>
354			</td>
355	eca6f787	Renato Botelho	<td class="listr" onclick="fr_toggle(<?=$i;?>)" id="frd<?=$i;?>">
356	a93e56c5	Matthew Grooms	<?=$spans;?>
357			<?=$p1_ealgos[$ph1ent['encryption-algorithm']['name']]['name'];?>
358	e0fb12c1	Renato Botelho	<?php
359			if ($ph1ent['encryption-algorithm']['keylen']) {
360			if ($ph1ent['encryption-algorithm']['keylen']=="auto")
361			echo " (" . gettext("auto") . ")";
362			else
363			echo " ({$ph1ent['encryption-algorithm']['keylen']} " . gettext("bits") . ")";
364			}
365			?>
366	a93e56c5	Matthew Grooms	<?=$spane;?>
367			</td>
368	eca6f787	Renato Botelho	<td class="listr" onclick="fr_toggle(<?=$i;?>)" id="frd<?=$i;?>">
369	a93e56c5	Matthew Grooms	<?=$spans;?>
370			<?=$p1_halgos[$ph1ent['hash-algorithm']];?>
371			<?=$spane;?>
372			</td>
373	eca6f787	Renato Botelho	<td class="listbg" onclick="fr_toggle(<?=$i;?>)">
374	a93e56c5	Matthew Grooms	<?=$spans;?>
375	b9056c39	Scott Ullrich	<?=htmlspecialchars($ph1ent['descr']);?>
376	a93e56c5	Matthew Grooms	<?=$spane;?>
377			</td>
378	391453a1	Colin Fleming	<td valign="middle" class="list nowrap">
379			<table border="0" cellspacing="0" cellpadding="1" summary="icons">
380	a93e56c5	Matthew Grooms	<tr>
381	eca6f787	Renato Botelho	<td>
382			<input onmouseover="fr_insline(<?=$i;?>, true)" onmouseout="fr_insline(<?=$i;?>, false)"
383			name="move_<?=$i;?>" src="/themes/<?= $g['theme']; ?>/images/icons/icon_left.gif"
384			title="<?=gettext("move selected entries before this");?>"
385			type="image" style="height:17;width:17;border:0" />
386			</td>
387	a93e56c5	Matthew Grooms	<td>
388			<a href="vpn_ipsec_phase1.php?p1index=<?=$i;?>">
389	391453a1	Colin Fleming	<img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" title="<?=gettext("edit phase1 entry"); ?>" width="17" height="17" border="0" alt="edit" />
390	a93e56c5	Matthew Grooms	</a>
391			</td>
392	eca6f787	Renato Botelho	</tr>
393			<tr>
394	a93e56c5	Matthew Grooms	<td>
395	495c7f0c	Renato Botelho	<input name="del_<?=$i;?>" src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif"
396			title="<?=gettext("delete phase1 entry");?>"
397			type="image" style="height:17;width:17;border:0"
398			onclick="return confirm('<?=gettext("Do you really want to delete this phase1 and all associated phase2 entries?"); ?>')" />
399	a93e56c5	Matthew Grooms	</td>
400	eca6f787	Renato Botelho	<td>
401	e0fb12c1	Renato Botelho	<?php
402			if (!isset($ph1ent['mobile'])):
403			?>
404	a93e56c5	Matthew Grooms	<a href="vpn_ipsec_phase1.php?dup=<?=$i;?>">
405	391453a1	Colin Fleming	<img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("copy phase1 entry"); ?>" width="17" height="17" border="0" alt="add" />
406	a93e56c5	Matthew Grooms	</a>
407	e0fb12c1	Renato Botelho	<?php
408			endif;
409			?>
410	eca6f787	Renato Botelho	</td>
411			</tr>
412	a93e56c5	Matthew Grooms	</table>
413			</td>
414			</tr>
415			<tr>
416	eca6f787	Renato Botelho	<td class="listt"> </td>
417			<td class="listt"> </td>
418	cbf1f885	jim-p	<td class="listrborder" colspan="6">
419	91ebc808	Renato Botelho	<?php
420			if (isset($_POST["tdph2-{$i}-visible"]))
421			$tdph2_visible = htmlspecialchars($_POST["tdph2-{$i}-visible"]);
422			else
423			$tdph2_visible = 0;
424			?>
425			<input type="hidden" name="tdph2-<?=$i;?>-visible" id="tdph2-<?=$i;?>-visible" value="<?=$tdph2_visible?>" />
426			<div id="shph2but-<?=$i?>" <?php echo ($tdph2_visible == '1' ? 'style="display:none"' : '');?>>
427	e0fb12c1	Renato Botelho	<?php
428	761882a1	Renato Botelho	$phase2count=0;
429			foreach ($a_phase2 as $ph2ent) {
430			if ($ph2ent['ikeid'] != $ph1ent['ikeid'])
431			continue;
432			$phase2count++;
433			}
434			$fr_prefix = "frp2{$i}";
435			$fr_header = $fr_prefix . "header";
436	e0fb12c1	Renato Botelho	?>
437	391453a1	Colin Fleming	<input type="button" onclick="show_phase2('tdph2-<?=$i?>','shph2but-<?=$i?>')" value="+" /> - <?php printf(gettext("Show %s Phase-2 entries"), $phase2count); ?>
438	0a95b653	Scott Ullrich	</div>
439	91ebc808	Renato Botelho	<div id="tdph2-<?=$i?>" <?php echo ($tdph2_visible != '1' ? 'style="display:none"' : '');?>>
440	eca6f787	Renato Botelho	<table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="0" summary="phase-2 entries">
441	761882a1	Renato Botelho	<tr id="<?=$fr_header;?>">
442			<td> </td>
443			<td> </td>
444	108f16bf	Carlos Eduardo Ramos	<td class="listhdrr"><?=gettext("Mode"); ?></td>
445			<td class="listhdrr"><?=gettext("Local Subnet"); ?></td>
446			<td class="listhdrr"><?=gettext("Remote Subnet"); ?></td>
447			<td class="listhdrr"><?=gettext("P2 Protocol"); ?></td>
448			<td class="listhdrr"><?=gettext("P2 Transforms"); ?></td>
449			<td class="listhdrr"><?=gettext("P2 Auth Methods"); ?></td>
450	761882a1	Renato Botelho	<td class ="list"> </td>
451	a93e56c5	Matthew Grooms	</tr>
452	e0fb12c1	Renato Botelho	<?php
453	761882a1	Renato Botelho	$j = 0;
454	a6057836	Renato Botelho	foreach ($a_phase2 as $ph2index => $ph2ent):
455	e0fb12c1	Renato Botelho	if ($ph2ent['ikeid'] != $ph1ent['ikeid'])
456			continue;
457
458	761882a1	Renato Botelho	$fr_c = $fr_prefix . "c" . $j;
459			$fr_d = $fr_prefix . "d" . $j;
460
461			$iconfn = "pass";
462			$spans = $spane = "";
463			if (isset($ph2ent['disabled'])) {
464	e0fb12c1	Renato Botelho	$spans = "<span class=\"gray\">";
465			$spane = "</span>";
466	761882a1	Renato Botelho	$iconfn .= "_d";
467			}
468	e0fb12c1	Renato Botelho	?>
469	761882a1	Renato Botelho	<tr valign="top" id="<?=$fr_prefix . $j;?>" ondblclick="document.location='vpn_ipsec_phase2.php?p2index=<?=$ph2ent['uniqid'];?>'">
470			<td class="listt" align="center" valign="middle">
471			<input type="checkbox" id="<?=$fr_c;?>" name="p2entry[]" value="<?=$ph2index;?>" onclick="fr_bgcolor('<?=$j;?>', '<?=$fr_prefix;?>')" style="margin: 0; padding: 0; width: 15px; height: 15px;" />
472			</td>
473			<td class="listt" align="center" valign="middle">
474	495c7f0c	Renato Botelho	<input name="togglep2_<?=$ph2index;?>" src="/themes/<?= $g['theme']; ?>/images/icons/icon_<?=$iconfn?>.gif"
475			title="<?=gettext("click to toggle enabled/disabled status");?>"
476			type="image" style="height:11;width:11;border:0" />
477	761882a1	Renato Botelho	</td>
478			<td class="listlr nowrap" id="<?=$fr_d;?>" onclick="fr_toggle('<?=$j;?>', '<?=$fr_prefix;?>')">
479	4b96b367	mgrooms	<?=$spans;?>
480	e0fb12c1	Renato Botelho	<?=$ph2ent['mode'];?>
481	4b96b367	mgrooms	<?=$spane;?>
482			</td>
483	e0fb12c1	Renato Botelho	<?php
484			if(($ph2ent['mode'] == "tunnel") or ($ph2ent['mode'] == "tunnel6")):
485			?>
486	761882a1	Renato Botelho	<td class="listr nowrap" id="<?=$fr_d;?>" onclick="fr_toggle('<?=$j;?>', '<?=$fr_prefix;?>')">
487	e0fb12c1	Renato Botelho	<?=$spans;?>
488			<?=ipsec_idinfo_to_text($ph2ent['localid']); ?>
489			<?=$spane;?>
490			</td>
491	761882a1	Renato Botelho	<td class="listr nowrap" id="<?=$fr_d;?>" onclick="fr_toggle('<?=$j;?>', '<?=$fr_prefix;?>')">
492	e0fb12c1	Renato Botelho	<?=$spans;?>
493			<?=ipsec_idinfo_to_text($ph2ent['remoteid']); ?>
494			<?=$spane;?>
495			</td>
496			<?php
497	761882a1	Renato Botelho	else:
498			echo "<td class=\"listr nowrap\"> </td><td class=\"listr nowrap\"> </td>";
499	e0fb12c1	Renato Botelho	endif;
500			?>
501	761882a1	Renato Botelho	<td class="listr nowrap" id="<?=$fr_d;?>" onclick="fr_toggle('<?=$j;?>', '<?=$fr_prefix;?>')">
502	a93e56c5	Matthew Grooms	<?=$spans;?>
503	e0fb12c1	Renato Botelho	<?php echo $p2_protos[$ph2ent['protocol']]; ?>
504	a93e56c5	Matthew Grooms	<?=$spane;?>
505			</td>
506	761882a1	Renato Botelho	<td class="listr" id="<?=$fr_d;?>" onclick="fr_toggle('<?=$j;?>', '<?=$fr_prefix;?>')">
507	a93e56c5	Matthew Grooms	<?=$spans;?>
508	e0fb12c1	Renato Botelho	<?php
509			foreach ($ph2ent['encryption-algorithm-option'] as $k => $ph2ea) {
510			if ($k)
511			echo ", ";
512			echo $p2_ealgos[$ph2ea['name']]['name'];
513			if ($ph2ea['keylen']) {
514			if ($ph2ea['keylen']=="auto")
515			echo " (" . gettext("auto") . ")";
516			else
517			echo " ({$ph2ea['keylen']} " . gettext("bits") . ")";
518	a93e56c5	Matthew Grooms	}
519	e0fb12c1	Renato Botelho	}
520			?>
521	a93e56c5	Matthew Grooms	<?=$spane;?>
522			</td>
523	761882a1	Renato Botelho	<td class="listr nowrap" id="<?=$fr_d;?>" onclick="fr_toggle('<?=$j;?>', '<?=$fr_prefix;?>')">
524	a93e56c5	Matthew Grooms	<?=$spans;?>
525	e0fb12c1	Renato Botelho	<?php
526			if (!empty($ph2ent['hash-algorithm-option']) && is_array($ph2ent['hash-algorithm-option'])) {
527			foreach ($ph2ent['hash-algorithm-option'] as $k => $ph2ha) {
528			if ($k)
529			echo ", ";
530			echo $p2_halgos[$ph2ha];
531	a93e56c5	Matthew Grooms	}
532	e0fb12c1	Renato Botelho	}
533			?>
534	a93e56c5	Matthew Grooms	<?=$spane;?>
535			</td>
536	761882a1	Renato Botelho	<td class="list nowrap" valign="middle">
537			<input onmouseover="fr_insline(<?=$j;?>, true, '<?=$fr_prefix;?>')" onmouseout="fr_insline(<?=$j;?>, false, '<?=$fr_prefix;?>')"
538			name="movep2_<?=$j;?>" src="/themes/<?= $g['theme']; ?>/images/icons/icon_left.gif"
539			title="<?=gettext("move selected entries before this");?>"
540			type="image" style="height:17;width:17;border:0" />
541	9b915686	Ermal	<a href="vpn_ipsec_phase2.php?p2index=<?=$ph2ent['uniqid'];?>">
542	391453a1	Colin Fleming	<img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" title="<?=gettext("edit phase2 entry"); ?>" width="17" height="17" border="0" alt="edit" />
543	a93e56c5	Matthew Grooms	</a>
544	495c7f0c	Renato Botelho	<input name="delp2_<?=$ph2index;?>" src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif"
545			title="<?=gettext("delete phase2 entry");?>"
546			type="image" style="height:17;width:17;border:0"
547			onclick="return confirm('<?=gettext("Do you really want to delete this phase2 entry?"); ?>')" />
548	9b915686	Ermal	<a href="vpn_ipsec_phase2.php?dup=<?=$ph2ent['uniqid'];?>">
549	391453a1	Colin Fleming	<img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add a new Phase 2 based on this one"); ?>" width="17" height="17" border="0" alt="add" />
550	c8ff68a4	jim-p	</a>
551	a93e56c5	Matthew Grooms	</td>
552			</tr>
553	e0fb12c1	Renato Botelho	<?php
554	761882a1	Renato Botelho	$j++;
555	e0fb12c1	Renato Botelho	endforeach;
556			?>
557	761882a1	Renato Botelho	<tr valign="top" id="<?=$fr_prefix . $j;?>">
558			<td class="list" colspan="8"></td>
559			<td class="list nowrap" valign="middle">
560			<?php
561			if ($j == 0):
562			?>
563			<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_left_d.gif" width="17" height="17" title="<?=gettext("move selected phase2 entries to end");?>" border="0" alt="move" />
564			<?php
565			else:
566			?>
567			<input onmouseover="fr_insline(<?=$j;?>, true, '<?=$fr_prefix;?>')" onmouseout="fr_insline(<?=$j;?>, false, '<?=$fr_prefix;?>')" name="movep2_<?=$j;?>" type="image" src="/themes/<?= $g['theme']; ?>/images/icons/icon_left.gif" style="width:17;height:17;border:0" title="<?=gettext("move selected phase2 entries to end");?>" />
568			<?php
569			endif;
570			?>
571			<a href="vpn_ipsec_phase2.php?ikeid=<?=$ph1ent['ikeid'];?><?php if (isset($ph1ent['mobile'])) echo "&mobile=true";?>">
572			<img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add phase2 entry"); ?>" width="17" height="17" border="0" alt="add" />
573			</a>
574			<?php
575			if ($j == 0):
576			?>
577			<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x_d.gif" width="17" height="17" title="<?=gettext("delete selected phase2 entries");?>" border="0" alt="delete" />
578			<?php
579			else:
580			?>
581			<input name="delp2" type="image" src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" style="width:17;height:17" title="<?=gettext("delete selected phase2 entries");?>" onclick="return confirm('<?=gettext("Do you really want to delete the selected phase2 entries?");?>')" />
582			<?php
583			endif;
584			?>
585			</td>
586			</tr>
587	a93e56c5	Matthew Grooms	</table>
588	eca6f787	Renato Botelho	</div>
589	0a95b653	Scott Ullrich	</td>
590			</tr>
591	e0fb12c1	Renato Botelho	<?php
592			$i++;
593			endforeach; // $a_phase1 as $ph1ent
594			?>
595	761882a1	Renato Botelho	<tr valign="top" id="fr<?=$i;?>">
596	eca6f787	Renato Botelho	<td class="list" colspan="8"></td>
597			<td class="list nowrap" valign="middle">
598			<table border="0" cellspacing="0" cellpadding="1" summary="edit">
599	a93e56c5	Matthew Grooms	<tr>
600	eca6f787	Renato Botelho	<td>
601	761882a1	Renato Botelho	<?php
602	eca6f787	Renato Botelho	if ($i == 0):
603	761882a1	Renato Botelho	?>
604	eca6f787	Renato Botelho	<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_left_d.gif" width="17" height="17" title="<?=gettext("move selected phase1 entries to end");?>" border="0" alt="move" />
605	761882a1	Renato Botelho	<?php
606	eca6f787	Renato Botelho	else:
607	761882a1	Renato Botelho	?>
608			<input onmouseover="fr_insline(<?=$i;?>, true)" onmouseout="fr_insline(<?=$i;?>, false)" name="move_<?=$i;?>" type="image" src="/themes/<?= $g['theme']; ?>/images/icons/icon_left.gif" style="width:17;height:17;border:0" title="<?=gettext("move selected phase1 entries to end");?>" />
609			<?php
610	eca6f787	Renato Botelho	endif;
611	761882a1	Renato Botelho	?>
612	eca6f787	Renato Botelho	</td>
613	a93e56c5	Matthew Grooms	<td>
614			<a href="vpn_ipsec_phase1.php">
615	eca6f787	Renato Botelho	<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" title="<?=gettext("add new phase1");?>" alt="add" />
616	a93e56c5	Matthew Grooms	</a>
617			</td>
618			</tr>
619	eca6f787	Renato Botelho	<tr>
620			<td>
621	761882a1	Renato Botelho	<?php
622	eca6f787	Renato Botelho	if ($i == 0):
623	761882a1	Renato Botelho	?>
624	eca6f787	Renato Botelho	<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x_d.gif" width="17" height="17" title="<?=gettext("delete selected phase1 entries");?>" border="0" alt="delete" />
625	761882a1	Renato Botelho	<?php
626	eca6f787	Renato Botelho	else:
627	761882a1	Renato Botelho	?>
628	eca6f787	Renato Botelho	<input name="del" type="image" src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" style="width:17;height:17" title="<?=gettext("delete selected phase1 entries");?>" onclick="return confirm('<?=gettext("Do you really want to delete the selected phase1 entries?");?>')" />
629	761882a1	Renato Botelho	<?php
630	eca6f787	Renato Botelho	endif;
631	761882a1	Renato Botelho	?>
632	eca6f787	Renato Botelho	</td>
633			</tr>
634	a93e56c5	Matthew Grooms	</table>
635	391453a1	Colin Fleming	</td>
636	a93e56c5	Matthew Grooms	</tr>
637			<tr>
638	eca6f787	Renato Botelho	<td colspan="8">
639	a93e56c5	Matthew Grooms	<p>
640			<span class="vexpl">
641			<span class="red">
642	8cd558b6	ayvis	<strong><?=gettext("Note"); ?>:<br /></strong>
643	a93e56c5	Matthew Grooms	</span>
644	eca6f787	Renato Botelho	<?=gettext("You can check your IPsec status at"); ?> <a href="diag_ipsec.php"><?=gettext("Status:IPsec"); ?></a>.<br />
645	d2ec82af	Colin Fleming	<?=gettext("IPsec Debug Mode can be enabled at"); ?> <a href="vpn_ipsec_settings.php"><?=gettext("VPN:IPsec:Advanced Settings"); ?></a>.<br />
646			<?=gettext("IPsec can be set to prefer older SAs at"); ?> <a href="vpn_ipsec_settings.php"><?=gettext("VPN:IPsec:Advanced Settings"); ?></a>.
647	a93e56c5	Matthew Grooms	</span>
648			</p>
649			</td>
650			</tr>
651			</table>
652			</div>
653			</td>
654	5b237745	Scott Ullrich	</tr>
655			</table>
656			</form>
657			<?php include("fend.inc"); ?>
658	0a95b653	Scott Ullrich	<script type="text/javascript">
659	391453a1	Colin Fleming	//<![CDATA[
660	0a95b653	Scott Ullrich	function show_phase2(id, buttonid) {
661			document.getElementById(buttonid).innerHTML='';
662	91ebc808	Renato Botelho	document.getElementById(id).style.display = "block";
663			var visible = id + '-visible';
664			document.getElementById(visible).value = "1";
665	0a95b653	Scott Ullrich	}
666	391453a1	Colin Fleming	//]]>
667	0a95b653	Scott Ullrich	</script>
668	323d040b	Scott Ullrich	</body>
669			</html>

Project

General

Profile

pfSense