/src/usr/local/www/status_ipsec.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/src/usr/local/www/status_ipsec.php @ e38ba356

1	cf7d1057	Scott Ullrich	<?php
2			/*
3	c5d81585	Renato Botelho	* status_ipsec.php
4	86b2861c	Matt Smith	*
5	c5d81585	Renato Botelho	* part of pfSense (https://www.pfsense.org)
6	81299b5c	Renato Botelho	* Copyright (c) 2004-2016 Rubicon Communications, LLC (Netgate)
7	c5d81585	Renato Botelho	* All rights reserved.
8	fd9ebcd5	Stephen Beaver	*
9	c5d81585	Renato Botelho	* originally based on m0n0wall (http://m0n0.ch/wall)
10			* Copyright (c) 2003-2004 Manuel Kasper <mk@neon1.net>.
11			* All rights reserved.
12	fd9ebcd5	Stephen Beaver	*
13	b12ea3fb	Renato Botelho	* Licensed under the Apache License, Version 2.0 (the "License");
14			* you may not use this file except in compliance with the License.
15			* You may obtain a copy of the License at
16	fd9ebcd5	Stephen Beaver	*
17	b12ea3fb	Renato Botelho	* http://www.apache.org/licenses/LICENSE-2.0
18	fd9ebcd5	Stephen Beaver	*
19	b12ea3fb	Renato Botelho	* Unless required by applicable law or agreed to in writing, software
20			* distributed under the License is distributed on an "AS IS" BASIS,
21			* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
22			* See the License for the specific language governing permissions and
23			* limitations under the License.
24	fd9ebcd5	Stephen Beaver	*/
25	cf7d1057	Scott Ullrich
26	6b07c15a	Matthew Grooms	##\|+PRIV
27			##\|*IDENT=page-status-ipsec
28	5230f468	jim-p	##\|*NAME=Status: IPsec
29	6b07c15a	Matthew Grooms	##\|*DESCR=Allow access to the 'Status: IPsec' page.
30	1af5edbf	Stephen Beaver	##\|MATCH=status_ipsec.php
31	6b07c15a	Matthew Grooms	##\|-PRIV
32
33	c81ef6e2	Phil Davis	require_once("guiconfig.inc");
34	4260c32a	Stephen Beaver	require_once("ipsec.inc");
35	6b07c15a	Matthew Grooms
36	a93e56c5	Matthew Grooms	global $g;
37
38	4b5f2ab3	Phil Davis	if (!is_array($config['ipsec']['phase1'])) {
39			$config['ipsec']['phase1'] = array();
40			}
41
42	4260c32a	Stephen Beaver	// If this is just an AJAX call to update the table body, just generate the body and quit
43			if ($_REQUEST['ajax']) {
44			print_ipsec_body();
45			exit;
46			}
47	a93e56c5	Matthew Grooms
48	64d53c69	Steve Beaver	if ($_POST['act'] == 'connect') {
49			if (ctype_digit($_POST['ikeid'])) {
50			$ph1ent = ipsec_get_phase1($_POST['ikeid']);
51	483c3b5b	Ermal LUÇI	if (!empty($ph1ent)) {
52	9d51fcde	Chris Buechler	if (empty($ph1ent['iketype']) \|\| $ph1ent['iketype'] == 'ikev1' \|\| isset($ph1ent['splitconn'])) {
53	64d53c69	Steve Beaver	$ph2entries = ipsec_get_number_of_phase2($_POST['ikeid']);
54	483c3b5b	Ermal LUÇI	for ($i = 0; $i < $ph2entries; $i++) {
55	64d53c69	Steve Beaver	$connid = escapeshellarg("con{$_POST['ikeid']}00{$i}");
56	c5d8cbe0	Chris Buechler	mwexec_bg("/usr/local/sbin/ipsec down {$connid}");
57	b866103e	Chris Buechler	mwexec_bg("/usr/local/sbin/ipsec up {$connid}");
58	483c3b5b	Ermal LUÇI	}
59			} else {
60	64d53c69	Steve Beaver	mwexec_bg("/usr/local/sbin/ipsec down con" . escapeshellarg($_POST['ikeid']));
61			mwexec_bg("/usr/local/sbin/ipsec up con" . escapeshellarg($_POST['ikeid']));
62	483c3b5b	Ermal LUÇI	}
63			}
64	6e8b0ec3	jim-p	}
65	64d53c69	Steve Beaver	} else if ($_POST['act'] == 'ikedisconnect') {
66			if (ctype_digit($_POST['ikeid'])) {
67			if (!empty($_POST['ikesaid']) && ctype_digit($_POST['ikesaid'])) {
68			mwexec_bg("/usr/local/sbin/ipsec down con" . escapeshellarg($_POST['ikeid']) . "[" . escapeshellarg($_POST['ikesaid']) . "]");
69	5f601060	Phil Davis	} else {
70	64d53c69	Steve Beaver	mwexec_bg("/usr/local/sbin/ipsec down con" . escapeshellarg($_POST['ikeid']));
71	5f601060	Phil Davis	}
72	614be051	bcyrill	}
73	64d53c69	Steve Beaver	} else if ($_POST['act'] == 'childdisconnect') {
74			if (ctype_digit($_POST['ikeid'])) {
75			if (!empty($_POST['ikesaid']) && ctype_digit($_POST['ikesaid'])) {
76			mwexec_bg("/usr/local/sbin/ipsec down con" . escapeshellarg($_POST['ikeid']) . "{" . escapeshellarg($_POST['ikesaid']) . "}");
77	5f601060	Phil Davis	}
78	6e0b68bf	jim-p	}
79			}
80
81	4260c32a	Stephen Beaver	// Table body is composed here so that it can be more easily updated via AJAX
82			function print_ipsec_body() {
83			global $config;
84	a93e56c5	Matthew Grooms
85	4260c32a	Stephen Beaver	$a_phase1 = &$config['ipsec']['phase1'];
86			$status = ipsec_list_sa();
87			$ipsecconnected = array();
88	a93e56c5	Matthew Grooms
89	4260c32a	Stephen Beaver	if (is_array($status)) {
90			foreach ($status as $ikeid => $ikesa) {
91			$con_id = substr($ikeid, 3);
92	3795cc0a	sbeaver
93	4260c32a	Stephen Beaver	if ($ikesa['version'] == 1) {
94			$ph1idx = substr($con_id, 0, strrpos(substr($con_id, 0, -1), '00'));
95			$ipsecconnected[$ph1idx] = $ph1idx;
96			} else {
97	109a304e	Graham Collinson	if (!ipsec_ikeid_used($con_id)) {
98			// probably a v2 with split connection then
99			$ph1idx = substr($con_id, 0, strrpos(substr($con_id, 0, -1), '00'));
100			$ipsecconnected[$ph1idx] = $ph1idx;
101			} else {
102			$ipsecconnected[$con_id] = $ph1idx = $con_id;
103			}
104	4260c32a	Stephen Beaver	}
105	3795cc0a	sbeaver
106	4260c32a	Stephen Beaver	print("<tr>\n");
107			print("<td>\n");
108			print(htmlspecialchars(ipsec_get_descr($ph1idx)));
109			print("</td>\n");
110			print("<td>\n");
111	0da0d43e	Phil Davis
112	4260c32a	Stephen Beaver	if (!empty($ikesa['local-id'])) {
113			if ($ikesa['local-id'] == '%any') {
114			print(gettext('Any identifier'));
115			} else {
116			print(htmlspecialchars($ikesa['local-id']));
117			}
118	5f601060	Phil Davis	} else {
119	4260c32a	Stephen Beaver	print(gettext("Unknown"));
120	5f601060	Phil Davis	}
121	86b2861c	Matt Smith
122	4260c32a	Stephen Beaver	print("</td>\n");
123			print("<td>\n");
124
125			if (!empty($ikesa['local-host'])) {
126			print(htmlspecialchars($ikesa['local-host']));
127	86b2861c	Matt Smith	} else {
128	4260c32a	Stephen Beaver	print(gettext("Unknown"));
129	86b2861c	Matt Smith	}
130	4260c32a	Stephen Beaver
131			/*
132			* XXX: local-nat-t was defined by pfSense
133			* When strongswan team accepted the change, they changed it to
134			* nat-local. Keep both for a while and remove local-nat-t in
135			* the future
136			*/
137			if (isset($ikesa['local-nat-t']) \|\| isset($ikesa['nat-local'])) {
138	e96b20f6	Jose Luis Duran	print(" NAT-T");
139	4260c32a	Stephen Beaver	}
140
141			print("</td>\n");
142			print("<td>\n");
143
144			$identity = "";
145			if (!empty($ikesa['remote-id'])) {
146			if ($ikesa['remote-id'] == '%any') {
147			$identity = htmlspecialchars(gettext('Any identifier'));
148			} else {
149			$identity = htmlspecialchars($ikesa['remote-id']);
150			}
151			}
152
153			if (!empty($ikesa['remote-xauth-id'])) {
154			echo htmlspecialchars($ikesa['remote-xauth-id']);
155			echo "<br/>{$identity}";
156			} elseif (!empty($ikesa['remote-eap-id'])) {
157			echo htmlspecialchars($ikesa['remote-eap-id']);
158			echo "<br/>{$identity}";
159			} else {
160			if (empty($identity)) {
161			print(gettext("Unknown"));
162			} else {
163			print($identity);
164			}
165			}
166
167			print("</td>\n");
168			print("<td>\n");
169
170			if (!empty($ikesa['remote-host'])) {
171			print(htmlspecialchars($ikesa['remote-host']));
172			} else {
173	3795cc0a	sbeaver	print(gettext("Unknown"));
174	4260c32a	Stephen Beaver	}
175			/*
176			* XXX: remote-nat-t was defined by pfSense
177			* When strongswan team accepted the change, they changed it to
178			* nat-remote. Keep both for a while and remove remote-nat-t in
179			* the future
180			*/
181			if (isset($ikesa['remote-nat-t']) \|\| isset($ikesa['nat-remote'])) {
182			print(" NAT-T");
183			}
184
185			print("</td>\n");
186			print("<td>\n");
187			print("IKEv" . htmlspecialchars($ikesa['version']));
188			print("<br/>\n");
189
190			if ($ikesa['initiator'] == 'yes') {
191			print("initiator");
192			} else {
193			print("responder");
194			}
195
196			print("</td>\n");
197			print("<td>\n");
198	c57e936a	stilez	print(htmlspecialchars($ikesa['reauth-time']) . gettext(" seconds (") . convert_seconds_to_dhms($ikesa['reauth-time']) . ")");
199	4260c32a	Stephen Beaver	print("</td>\n");
200			print("<td>\n");
201			print(htmlspecialchars($ikesa['encr-alg']));
202			print("<br/>");
203			print(htmlspecialchars($ikesa['integ-alg']));
204			print("<br/>");
205			print(htmlspecialchars($ikesa['prf-alg']));
206			print("<br/>\n");
207			print(htmlspecialchars($ikesa['dh-group']));
208			print("</td>\n");
209			print("<td>\n");
210
211			if ($ikesa['state'] == 'ESTABLISHED') {
212			print('<span class="text-success">');
213			} else {
214			print('<span>');
215			}
216
217			print(ucfirst(htmlspecialchars($ikesa['state'])));
218	9e820b59	Phil Davis
219			if ($ikesa['state'] == 'ESTABLISHED') {
220	7f0d6ccf	Phil Davis	print("<br/>");
221			printf(gettext('%1$s seconds (%2$s) ago'), htmlspecialchars($ikesa['established']), convert_seconds_to_dhms($ikesa['established']));
222	9e820b59	Phil Davis	}
223
224	4260c32a	Stephen Beaver	print("</span>");
225			print("</td>\n");
226			print("<td>\n");
227
228			if ($ikesa['state'] != 'ESTABLISHED') {
229
230	64d53c69	Steve Beaver	print('<a href="status_ipsec.php?act=connect&ikeid=' . $con_id . '" class="btn btn-xs btn-success" data-toggle="tooltip" title="' . gettext("Connect VPN"). '" usepost>');
231	9e820b59	Phil Davis	print('<i class="fa fa-sign-in icon-embed-btn"></i>');
232			print(gettext("Connect VPN"));
233			print("</a>\n");
234	4260c32a	Stephen Beaver
235	86b2861c	Matt Smith	} else {
236	4260c32a	Stephen Beaver
237	64d53c69	Steve Beaver	print('<a href="status_ipsec.php?act=ikedisconnect&ikeid=' . $con_id . '" class="btn btn-xs btn-danger" data-toggle="tooltip" title="' . gettext("Disconnect VPN") . '" usepost>');
238	4260c32a	Stephen Beaver	print('<i class="fa fa-trash icon-embed-btn"></i>');
239			print(gettext("Disconnect"));
240			print("</a><br />\n");
241
242			}
243
244			print("</td>\n");
245			print("</tr>\n");
246			print("<tr>\n");
247			print("<td colspan = 10>\n");
248
249			if (is_array($ikesa['child-sas']) && (count($ikesa['child-sas']) > 0)) {
250
251	067551a4	Stephen Beaver	print('<div>');
252			print('<a type="button" id="btnchildsa-' . $ikeid . '" class="btn btn-sm btn-info">');
253	4260c32a	Stephen Beaver	print('<i class="fa fa-plus-circle icon-embed-btn"></i>');
254			print(gettext('Show child SA entries'));
255			print("</a>\n");
256			print(" </div>\n");
257
258			print('<table class="table table-hover table-condensed" id="childsa-' . $ikeid . '" style="display:none">');
259			print("<thead>\n");
260			print('<tr class="bg-info">');
261			print('<th><?=gettext("Local subnets")?></th>');
262			print('<th><?=gettext("Local SPI(s)")?></th>');
263			print('<th><?=gettext("Remote subnets")?></th>');
264			print('<th><?=gettext("Times")?></th>');
265			print('<th><?=gettext("Algo")?></th>');
266			print('<th><?=gettext("Stats")?></th>');
267			print('<th><!-- Buttons --></th>');
268			print("</tr\n");
269			print("</thead>\n");
270			print("<tbody>\n");
271
272			foreach ($ikesa['child-sas'] as $childid => $childsa) {
273			print("<tr>");
274			print("<td>\n");
275
276			if (is_array($childsa['local-ts'])) {
277			foreach ($childsa['local-ts'] as $lnets) {
278			print(htmlspecialchars(ipsec_fixup_network($lnets)) . "<br />");
279			}
280			} else {
281			print(gettext("Unknown"));
282			}
283
284			print("</td>\n");
285			print("<td>\n");
286
287			if (isset($childsa['spi-in'])) {
288			print(gettext("Local: ") . htmlspecialchars($childsa['spi-in']));
289			}
290
291			if (isset($childsa['spi-out'])) {
292			print('<br/>' . gettext('Remote: ') . htmlspecialchars($childsa['spi-out']));
293			}
294
295			print("</td>\n");
296			print("<td>\n");
297
298			if (is_array($childsa['remote-ts'])) {
299			foreach ($childsa['remote-ts'] as $rnets) {
300			print(htmlspecialchars(ipsec_fixup_network($rnets)) . '<br />');
301			}
302			} else {
303			print(gettext("Unknown"));
304			}
305
306			print("</td>\n");
307			print("<td>\n");
308
309	7f0d6ccf	Phil Davis	printf(gettext('Rekey: %1$s seconds (%2$s)'), htmlspecialchars($childsa['rekey-time']), convert_seconds_to_dhms($childsa['rekey-time']));
310			print('<br/>');
311			printf(gettext('Life: %1$s seconds (%2$s)'), htmlspecialchars($childsa['life-time']), convert_seconds_to_dhms($childsa['life-time']));
312			print('<br/>');
313			printf(gettext('Install: %1$s seconds (%2$s)'), htmlspecialchars($childsa['install-time']), convert_seconds_to_dhms($childsa['install-time']));
314	4260c32a	Stephen Beaver
315
316			print("</td>\n");
317			print("<td>\n");
318
319			print(htmlspecialchars($childsa['encr-alg']) . '<br/>');
320			print(htmlspecialchars($childsa['integ-alg']) . '<br/>');
321
322			if (!empty($childsa['prf-alg'])) {
323			print(htmlspecialchars($childsa['prf-alg']) . '<br/>');
324			}
325
326			if (!empty($childsa['dh-group'])) {
327			print(htmlspecialchars($childsa['dh-group']) . '<br/>');
328			}
329
330			if (!empty($childsa['esn'])) {
331			print(htmlspecialchars($childsa['esn']) . '<br/>');
332			}
333
334			print(gettext("IPComp: "));
335			if (!empty($childsa['cpi-in']) \|\| !empty($childsa['cpi-out'])) {
336			print(htmlspecialchars($childsa['cpi-in']) . " " . htmlspecialchars($childsa['cpi-out']));
337			} else {
338			print(gettext('none'));
339			}
340
341			print("</td>\n");
342			print("<td>\n");
343
344			print(gettext("Bytes-In: ") . htmlspecialchars(number_format($childsa['bytes-in'])) . ' (' . htmlspecialchars(format_bytes($childsa['bytes-in'])) . ')<br/>');
345			print(gettext("Packets-In: ") . htmlspecialchars(number_format($childsa['packets-in'])) . '<br/>');
346			print(gettext("Bytes-Out: ") . htmlspecialchars(number_format($childsa['bytes-out'])) . ' (' . htmlspecialchars(format_bytes($childsa['bytes-out'])) . ')<br/>');
347			print(gettext("Packets-Out: ") . htmlspecialchars(number_format($childsa['packets-out'])) . '<br/>');
348
349			print("</td>\n");
350			print("<td>\n");
351	64d53c69	Steve Beaver	print('<a href="status_ipsec.php?act=childdisconnect&ikeid=' . $con_id . '&ikesaid=' . $childsa['uniqueid'] . '" class="btn btn-xs btn-warning" data-toggle="tooltip" title="' . gettext('Disconnect Child SA') . '" usepost>');
352	4260c32a	Stephen Beaver	print('<i class="fa fa-trash icon-embed-btn"></i>');
353			print(gettext("Disconnect"));
354			print("</a>\n");
355			print("</td>\n");
356			print("</tr>\n");
357
358			}
359
360			print("</tbody>\n");
361			print(" </table>\n");
362			print("</td>\n");
363	9723b525	Stephen Beaver	print("</tr>\n");
364	4260c32a	Stephen Beaver
365	3795cc0a	sbeaver	}
366	4260c32a	Stephen Beaver
367			unset($con_id);
368	86b2861c	Matt Smith	}
369	4260c32a	Stephen Beaver
370			}
371
372			$rgmap = array();
373	4b5f2ab3	Phil Davis	if (is_array($a_phase1)) {
374			foreach ($a_phase1 as $ph1ent) {
375			if (isset($ph1ent['disabled'])) {
376			continue;
377			}
378	4260c32a	Stephen Beaver
379	4b5f2ab3	Phil Davis	$rgmap[$ph1ent['remote-gateway']] = $ph1ent['remote-gateway'];
380	4260c32a	Stephen Beaver
381	4b5f2ab3	Phil Davis	if ($ipsecconnected[$ph1ent['ikeid']]) {
382			continue;
383			}
384	4260c32a	Stephen Beaver
385	4b5f2ab3	Phil Davis	print("<tr>\n");
386			print("<td>\n");
387	4260c32a	Stephen Beaver
388	4b5f2ab3	Phil Davis	print(htmlspecialchars($ph1ent['descr']));
389			print("</td>\n");
390			print("<td>\n");
391			list ($myid_type, $myid_data) = ipsec_find_id($ph1ent, "local");
392	4260c32a	Stephen Beaver
393	4b5f2ab3	Phil Davis	if (empty($myid_data)) {
394			print(gettext("Unknown"));
395			} else {
396			print(htmlspecialchars($myid_data));
397			}
398	4260c32a	Stephen Beaver
399	4b5f2ab3	Phil Davis	print("</td>\n");
400			print("<td>\n");
401			$ph1src = ipsec_get_phase1_src($ph1ent);
402	4260c32a	Stephen Beaver
403	4b5f2ab3	Phil Davis	if (empty($ph1src)) {
404			print(gettext("Unknown"));
405			} else {
406			print(htmlspecialchars($ph1src));
407			}
408	4260c32a	Stephen Beaver
409	4b5f2ab3	Phil Davis	print("</td>\n");
410			print("<td>\n");
411	0da0d43e	Phil Davis
412	4b5f2ab3	Phil Davis	list ($peerid_type, $peerid_data) = ipsec_find_id($ph1ent, "peer", $rgmap);
413	3795cc0a	sbeaver
414	4b5f2ab3	Phil Davis	if (empty($peerid_data)) {
415			print(gettext("Unknown"));
416			} else {
417			print(htmlspecialchars($peerid_data));
418			}
419			print(" </td>\n");
420			print(" <td>\n");
421			$ph1src = ipsec_get_phase1_dst($ph1ent);
422	0da0d43e	Phil Davis
423	4b5f2ab3	Phil Davis	if (empty($ph1src)) {
424			print(gettext("Unknown"));
425			} else {
426			print(htmlspecialchars($ph1src));
427			}
428	0da0d43e	Phil Davis
429	4260c32a	Stephen Beaver	print("</td>\n");
430			print("<td>\n");
431			print("</td>\n");
432			print("<td>\n");
433			print("</td>\n");
434			print("<td>\n");
435			print("</td>\n");
436	3795cc0a	sbeaver
437	4b5f2ab3	Phil Davis	if (isset($ph1ent['mobile'])) {
438
439			print("<td>\n");
440			print(gettext("Awaiting connections"));
441			print("</td>\n");
442			print("<td>\n");
443			print("</td>\n");
444			print("</td>\n");
445			} else {
446
447			print("<td>\n");
448			print(gettext("Disconnected"));
449			print("</td>\n");
450			print("<td>\n");
451	64d53c69	Steve Beaver	print('<a href="status_ipsec.php?act=connect&ikeid=' . $ph1ent['ikeid'] . '" class="btn btn-xs btn-success" usepost>');
452	4b5f2ab3	Phil Davis	print('<i class="fa fa-sign-in icon-embed-btn"></i>');
453			print(gettext("Connect VPN"));
454			print("</a>\n");
455			print("</td>\n");
456
457			}
458			print("</tr>\n");
459	4260c32a	Stephen Beaver	}
460	97242546	Matt Smith	}
461
462	4260c32a	Stephen Beaver	unset($ipsecconnected, $phase1, $rgmap);
463	86b2861c	Matt Smith	}
464	3795cc0a	sbeaver
465	4260c32a	Stephen Beaver	$pgtitle = array(gettext("Status"), gettext("IPsec"), gettext("Overview"));
466	edcd7535	Phil Davis	$pglinks = array("", "@self", "@self");
467	4260c32a	Stephen Beaver	$shortcut_section = "ipsec";
468	0da0d43e	Phil Davis
469	4260c32a	Stephen Beaver	include("head.inc");
470	0da0d43e	Phil Davis
471	4260c32a	Stephen Beaver	$tab_array = array();
472			$tab_array[] = array(gettext("Overview"), true, "status_ipsec.php");
473			$tab_array[] = array(gettext("Leases"), false, "status_ipsec_leases.php");
474			$tab_array[] = array(gettext("SADs"), false, "status_ipsec_sad.php");
475			$tab_array[] = array(gettext("SPDs"), false, "status_ipsec_spd.php");
476			display_top_tabs($tab_array);
477	3795cc0a	sbeaver	?>
478	0da0d43e	Phil Davis
479	4260c32a	Stephen Beaver	<div class="panel panel-default">
480			<div class="panel-heading"><h2 class="panel-title"><?=gettext("IPsec Status");?></h2></div>
481			<div class="panel-body table-responsive">
482			<table class="table table-striped table-condensed table-hover sortable-theme-bootstrap" data-sortable>
483			<thead>
484			<tr>
485			<th><?=gettext("Description")?></th>
486			<th><?=gettext("Local ID")?></th>
487			<th><?=gettext("Local IP")?></th>
488			<th><?=gettext("Remote ID")?></th>
489			<th><?=gettext("Remote IP")?></th>
490			<th><?=gettext("Role")?></th>
491			<th><?=gettext("Reauth")?></th>
492			<th><?=gettext("Algo")?></th>
493			<th><?=gettext("Status")?></th>
494			<th></th>
495			</tr>
496			</thead>
497			<tbody id="ipsec-body">
498			<tr>
499	fc48da17	NOYB	<td colspan="10">
500	499adf73	Phil Davis	<?=print_info_box(gettext("Collecting IPsec status information."), "warning", "")?>
501	3795cc0a	sbeaver	</td>
502			</tr>
503			</tbody>
504	c7fbdd6c	Ermal	</table>
505			</div>
506	3795cc0a	sbeaver	</div>
507
508			<?php
509			unset($status);
510	4260c32a	Stephen Beaver
511	d2c1089f	Phil Davis	if (ipsec_enabled()) {
512	4260c32a	Stephen Beaver	print('<div class="infoblock">');
513	d2c1089f	Phil Davis	} else {
514	4260c32a	Stephen Beaver	print('<div class="infoblock blockopen">');
515	d2c1089f	Phil Davis	}
516	4260c32a	Stephen Beaver
517	530c7ccf	NOYB	print_info_box(sprintf(gettext('IPsec can be configured %1$shere%2$s.'), '<a href="vpn_ipsec.php">', '</a>'), 'info', false);
518	d2c1089f	Phil Davis	?>
519			</div>
520	4260c32a	Stephen Beaver
521			<script type="text/javascript">
522			//<![CDATA[
523
524			events.push(function() {
525	067551a4	Stephen Beaver	ajax_lock = false; // Mutex so we don't make a call until the previous call is finished
526			sa_open = new Array(); // Array in which to keep the child SA show/hide state
527	4260c32a	Stephen Beaver
528			// Fetch the tbody contents from the server
529			function update_table() {
530			if (ajax_lock) {
531			return;
532			}
533
534			ajax_lock = true;
535
536			ajaxRequest = $.ajax(
537			{
538			url: "/status_ipsec.php",
539			type: "post",
540			data: {
541			ajax: "ajax"
542			}
543			}
544			);
545
546			// Deal with the results of the above ajax call
547			ajaxRequest.done(function (response, textStatus, jqXHR) {
548	fc48da17	NOYB
549			if (!response) {
550	499adf73	Phil Davis	response = '<tr><td colspan="10"><?=print_info_box(gettext("No IPsec status information available."), "warning", "")?></td></tr>';
551	fc48da17	NOYB	}
552
553	4260c32a	Stephen Beaver	$('#ipsec-body').html(response);
554			ajax_lock = false;
555
556	067551a4	Stephen Beaver	// Update "Show child SA" handlers
557			$('[id^=btnchildsa-]').click(function () {
558			show_childsa($(this).prop("id").replace( /^\D+/g, ''));
559			});
560
561			// Check the sa_open array for child SAs that have been opened
562	4260c32a	Stephen Beaver	$('[id^=childsa-con]').each(function(idx) {
563	067551a4	Stephen Beaver	sa_idx = $(this).prop("id").replace( /^\D+/g, '');
564	4260c32a	Stephen Beaver
565			if (sa_open[sa_idx]) {
566	067551a4	Stephen Beaver	show_childsa(sa_idx);
567	4260c32a	Stephen Beaver	}
568			});
569
570	64d53c69	Steve Beaver	// re-attached the GET to POST handler
571			interceptGET();
572
573	4260c32a	Stephen Beaver	// and do it again
574			setTimeout(update_table, 5000);
575			});
576			}
577
578	067551a4	Stephen Beaver	function show_childsa(said) {
579			sa_open[said] = true;
580			$('#childsa-con' + said).show();
581			$('#btnchildsa-con' + said).hide();
582			}
583
584	4260c32a	Stephen Beaver	// Populate the tbody on page load
585			update_table();
586			});
587			//]]>
588			</script>
589
590	d2c1089f	Phil Davis	<?php
591	3795cc0a	sbeaver	include("foot.inc"); ?>

Project

General

Profile

pfSense