/usr/local/www/vpn_ipsec.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/usr/local/www/vpn_ipsec.php @ ea20169a

1	5b237745	Scott Ullrich	<?php
2			/*
3			vpn_ipsec.php
4	e2411886	Scott Ullrich	part of m0n0wall (http://m0n0.ch/wall)
5	574a2b47	Scott Ullrich
6	e2411886	Scott Ullrich	Copyright (C) 2003-2005 Manuel Kasper <mk@neon1.net>.
7	a93e56c5	Matthew Grooms	Copyright (C) 2008 Shrew Soft Inc
8	cfc707f7	Scott Ullrich	All rights reserved.
9	574a2b47	Scott Ullrich
10	5b237745	Scott Ullrich	Redistribution and use in source and binary forms, with or without
11			modification, are permitted provided that the following conditions are met:
12	574a2b47	Scott Ullrich
13	5b237745	Scott Ullrich	1. Redistributions of source code must retain the above copyright notice,
14			this list of conditions and the following disclaimer.
15	574a2b47	Scott Ullrich
16	5b237745	Scott Ullrich	2. Redistributions in binary form must reproduce the above copyright
17			notice, this list of conditions and the following disclaimer in the
18			documentation and/or other materials provided with the distribution.
19	574a2b47	Scott Ullrich
20	5b237745	Scott Ullrich	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
21			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
22			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
23			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
24			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
25			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
26			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
27			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29			POSSIBILITY OF SUCH DAMAGE.
30			*/
31
32	6b07c15a	Matthew Grooms	##\|+PRIV
33			##\|*IDENT=page-vpn-ipsec
34			##\|*NAME=VPN: IPsec page
35			##\|*DESCR=Allow access to the 'VPN: IPsec' page.
36			##\|MATCH=vpn_ipsec.php
37			##\|-PRIV
38
39	5b237745	Scott Ullrich	require("guiconfig.inc");
40	7a927e67	Scott Ullrich	require_once("functions.inc");
41			require_once("filter.inc");
42			require_once("shaper.inc");
43	483e6de8	Scott Ullrich	require_once("ipsec.inc");
44			require_once("vpn.inc");
45	5b237745	Scott Ullrich
46	a93e56c5	Matthew Grooms	if (!is_array($config['ipsec']['phase1']))
47			$config['ipsec']['phase1'] = array();
48
49			if (!is_array($config['ipsec']['phase2']))
50			$config['ipsec']['phase2'] = array();
51
52			$a_phase1 = &$config['ipsec']['phase1'];
53			$a_phase2 = &$config['ipsec']['phase2'];
54
55	5b237745	Scott Ullrich	$pconfig['enable'] = isset($config['ipsec']['enable']);
56
57			if ($_POST) {
58			if ($_POST['apply']) {
59			$retval = 0;
60	3851094f	Scott Ullrich	$retval = vpn_ipsec_configure();
61	04b46591	Ermal Lu?i	/* reload the filter in the background */
62			filter_configure();
63	5b237745	Scott Ullrich	$savemsg = get_std_save_message($retval);
64	d17c7b79	jim-p	if ($retval >= 0) {
65	a368a026	Ermal Lu?i	if (is_subsystem_dirty('ipsec'))
66			clear_subsystem_dirty('ipsec');
67	5b237745	Scott Ullrich	}
68			} else if ($_POST['submit']) {
69			$pconfig = $_POST;
70	574a2b47	Scott Ullrich
71	5b237745	Scott Ullrich	$config['ipsec']['enable'] = $_POST['enable'] ? true : false;
72	c20acc35	Scott Ullrich
73	5b237745	Scott Ullrich	write_config();
74	9fad9848	jim-p
75			$retval = vpn_ipsec_configure();
76	eca6f787	Renato Botelho	} else if (isset($_POST['del_x'])) {
77			/* delete selected p1 entries */
78			if (is_array($_POST['p1entry']) && count($_POST['p1entry'])) {
79			foreach ($_POST['p1entry'] as $p1entrydel) {
80			unset($a_phase1[$p1entrydel]);
81			}
82			if (write_config())
83			mark_subsystem_dirty('ipsec');
84			}
85	761882a1	Renato Botelho	} else if (isset($_POST['delp2_x'])) {
86			/* delete selected p2 entries */
87			if (is_array($_POST['p2entry']) && count($_POST['p2entry'])) {
88			foreach ($_POST['p2entry'] as $p2entrydel) {
89			unset($a_phase2[$p2entrydel]);
90			}
91			if (write_config())
92			mark_subsystem_dirty('ipsec');
93			}
94	eca6f787	Renato Botelho	} else {
95			/* yuck - IE won't send value attributes for image buttons, while Mozilla does - so we use .x/.y to find move button clicks instead... */
96	495c7f0c	Renato Botelho	unset($delbtn, $delbtnp2, $movebtn, $movebtnp2, $togglebtn, $togglebtnp2);
97	eca6f787	Renato Botelho	foreach ($_POST as $pn => $pd) {
98	495c7f0c	Renato Botelho	if (preg_match("/del_(\d+)_x/", $pn, $matches)) {
99			$delbtn = $matches[1];
100			} else if (preg_match("/delp2_(\d+)_x/", $pn, $matches)) {
101			$delbtnp2 = $matches[1];
102			} else if (preg_match("/move_(\d+)_x/", $pn, $matches)) {
103	eca6f787	Renato Botelho	$movebtn = $matches[1];
104	495c7f0c	Renato Botelho	} else if (preg_match("/movep2_(\d+)_x/", $pn, $matches)) {
105			$movebtnp2 = $matches[1];
106			} else if (preg_match("/toggle_(\d+)_x/", $pn, $matches)) {
107			$togglebtn = $matches[1];
108			} else if (preg_match("/togglep2_(\d+)_x/", $pn, $matches)) {
109			$togglebtnp2 = $matches[1];
110	eca6f787	Renato Botelho	}
111			}
112	495c7f0c	Renato Botelho
113			$save = 1;
114
115	eca6f787	Renato Botelho	/* move selected p1 entries before this */
116			if (isset($movebtn) && is_array($_POST['p1entry']) && count($_POST['p1entry'])) {
117			$a_phase1_new = array();
118
119			/* copy all p1 entries < $movebtn and not selected */
120			for ($i = 0; $i < $movebtn; $i++) {
121			if (!in_array($i, $_POST['p1entry']))
122			$a_phase1_new[] = $a_phase1[$i];
123			}
124
125			/* copy all selected p1 entries */
126			for ($i = 0; $i < count($a_phase1); $i++) {
127			if ($i == $movebtn)
128			continue;
129			if (in_array($i, $_POST['p1entry']))
130			$a_phase1_new[] = $a_phase1[$i];
131			}
132
133			/* copy $movebtn p1 entry */
134			if ($movebtn < count($a_phase1))
135			$a_phase1_new[] = $a_phase1[$movebtn];
136
137			/* copy all p1 entries > $movebtn and not selected */
138			for ($i = $movebtn+1; $i < count($a_phase1); $i++) {
139			if (!in_array($i, $_POST['p1entry']))
140			$a_phase1_new[] = $a_phase1[$i];
141			}
142			if (count($a_phase1_new) > 0)
143			$a_phase1 = $a_phase1_new;
144
145	495c7f0c	Renato Botelho	} else if (isset($movebtnp2) && is_array($_POST['p2entry']) && count($_POST['p2entry'])) {
146			/* move selected p2 entries before this */
147	761882a1	Renato Botelho	$a_phase2_new = array();
148
149	495c7f0c	Renato Botelho	/* copy all p2 entries < $movebtnp2 and not selected */
150			for ($i = 0; $i < $movebtnp2; $i++) {
151	761882a1	Renato Botelho	if (!in_array($i, $_POST['p2entry']))
152			$a_phase2_new[] = $a_phase2[$i];
153			}
154
155			/* copy all selected p2 entries */
156			for ($i = 0; $i < count($a_phase2); $i++) {
157	495c7f0c	Renato Botelho	if ($i == $movebtnp2)
158	761882a1	Renato Botelho	continue;
159			if (in_array($i, $_POST['p2entry']))
160			$a_phase2_new[] = $a_phase2[$i];
161			}
162
163	495c7f0c	Renato Botelho	/* copy $movebtnp2 p2 entry */
164			if ($movebtnp2 < count($a_phase2))
165			$a_phase2_new[] = $a_phase2[$movebtnp2];
166	761882a1	Renato Botelho
167	495c7f0c	Renato Botelho	/* copy all p2 entries > $movebtnp2 and not selected */
168			for ($i = $movebtnp2+1; $i < count($a_phase2); $i++) {
169	761882a1	Renato Botelho	if (!in_array($i, $_POST['p2entry']))
170			$a_phase2_new[] = $a_phase2[$i];
171			}
172			if (count($a_phase2_new) > 0)
173			$a_phase2 = $a_phase2_new;
174
175	495c7f0c	Renato Botelho	} else if (isset($togglebtn)) {
176			if (isset($a_phase1[$togglebtn]['disabled']))
177			unset($a_phase1[$togglebtn]['disabled']);
178			else
179			$a_phase1[$togglebtn]['disabled'] = true;
180	5b237745	Scott Ullrich
181	495c7f0c	Renato Botelho	} else if (isset($togglebtnp2)) {
182			if (isset($a_phase2[$togglebtnp2]['disabled']))
183			unset($a_phase2[$togglebtnp2]['disabled']);
184			else
185			$a_phase2[$togglebtnp2]['disabled'] = true;
186	6fd8526b	Rafael Abdo
187	495c7f0c	Renato Botelho	} else if (isset($delbtn)) {
188			/* remove static route if interface is not WAN */
189			if ($a_phase1[$delbtn]['interface'] <> "wan")
190			mwexec("/sbin/route delete -host {$a_phase1[$delbtn]['remote-gateway']}");
191	eca6f787	Renato Botelho
192	495c7f0c	Renato Botelho	/* remove all phase2 entries that match the ikeid */
193			$ikeid = $a_phase1[$delbtn]['ikeid'];
194			foreach ($a_phase2 as $p2index => $ph2tmp)
195			if ($ph2tmp['ikeid'] == $ikeid) {
196			unset($a_phase2[$p2index]);
197			}
198	eca6f787	Renato Botelho
199	495c7f0c	Renato Botelho	unset($a_phase1[$delbtn]);
200	761882a1	Renato Botelho
201	495c7f0c	Renato Botelho	} else if (isset($delbtnp2)) {
202			unset($a_phase2[$delbtnp2]);
203	761882a1	Renato Botelho
204	495c7f0c	Renato Botelho	} else
205			$save = 0;
206
207			if ($save === 1) {
208			if (write_config())
209			mark_subsystem_dirty('ipsec');
210			}
211			}
212	5b237745	Scott Ullrich	}
213	4df96eff	Scott Ullrich
214	108f16bf	Carlos Eduardo Ramos	$pgtitle = array(gettext("VPN"),gettext("IPsec"));
215	b32dd0a6	jim-p	$shortcut_section = "ipsec";
216	6deedfde	jim-p
217	4df96eff	Scott Ullrich	include("head.inc");
218
219	53d4b84d	Scott Ullrich	?>
220	422f27c0	Scott Ullrich
221			<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
222	5b237745	Scott Ullrich	<?php include("fbegin.inc"); ?>
223			<form action="vpn_ipsec.php" method="post">
224	eca6f787	Renato Botelho	<script type="text/javascript" src="/javascript/row_toggle.js"></script>
225	323d040b	Scott Ullrich	<?php
226	a93e56c5	Matthew Grooms	if ($savemsg)
227			print_info_box($savemsg);
228	a368a026	Ermal Lu?i	if ($pconfig['enable'] && is_subsystem_dirty('ipsec'))
229	8cd558b6	ayvis	print_info_box_np(gettext("The IPsec tunnel configuration has been changed") . ".<br />" . gettext("You must apply the changes in order for them to take effect."));
230	574a2b47	Scott Ullrich	?>
231	391453a1	Colin Fleming	<table width="100%" border="0" cellpadding="0" cellspacing="0" summary="vpn ipsec">
232	a93e56c5	Matthew Grooms	<tr>
233			<td class="tabnavtbl">
234	e0fb12c1	Renato Botelho	<?php
235			$tab_array = array();
236			$tab_array[0] = array(gettext("Tunnels"), true, "vpn_ipsec.php");
237			$tab_array[1] = array(gettext("Mobile clients"), false, "vpn_ipsec_mobile.php");
238			$tab_array[2] = array(gettext("Pre-Shared Keys"), false, "vpn_ipsec_keys.php");
239			$tab_array[3] = array(gettext("Advanced Settings"), false, "vpn_ipsec_settings.php");
240			display_top_tabs($tab_array);
241			?>
242	a93e56c5	Matthew Grooms	</td>
243			</tr>
244			<tr>
245			<td>
246			<div id="mainarea">
247	391453a1	Colin Fleming	<table class="tabcont" width="100%" border="0" cellpadding="6" cellspacing="0" summary="main area">
248	a93e56c5	Matthew Grooms	<tr>
249			<td class="vtable">
250	391453a1	Colin Fleming	<table border="0" cellspacing="2" cellpadding="0" summary="enable">
251	667725ce	Matthew Grooms	<tr>
252			<td>
253	391453a1	Colin Fleming	<input name="enable" type="checkbox" id="enable" value="yes" <?php if ($pconfig['enable']) echo "checked=\"checked\"";?> />
254	667725ce	Matthew Grooms	</td>
255			<td>
256	108f16bf	Carlos Eduardo Ramos	<strong><?=gettext("Enable IPsec"); ?></strong>
257	667725ce	Matthew Grooms	</td>
258			</tr>
259			</table>
260	a93e56c5	Matthew Grooms	</td>
261			</tr>
262			<tr>
263			<td>
264	391453a1	Colin Fleming	<input name="submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>" />
265	a93e56c5	Matthew Grooms	</td>
266			</tr>
267			</table>
268	391453a1	Colin Fleming	<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0" summary="phase-1 entries">
269	eca6f787	Renato Botelho	<tr id="frheader">
270			<td class="list"> </td>
271			<td class="list"> </td>
272			<td class="listhdrr"><?=gettext("IKE"); ?></td>
273			<td class="listhdrr"><?=gettext("Remote Gateway"); ?></td>
274			<td class="listhdrr"><?=gettext("Mode"); ?></td>
275			<td class="listhdrr"><?=gettext("P1 Protocol"); ?></td>
276			<td class="listhdrr"><?=gettext("P1 Transforms"); ?></td>
277			<td class="listhdrr"><?=gettext("P1 Description"); ?></td>
278			<td class="list">
279			</td>
280			</tr>
281	e0fb12c1	Renato Botelho	<?php
282			$i = 0;
283			foreach ($a_phase1 as $ph1ent):
284	eca6f787	Renato Botelho	$iconfn = "pass";
285			$spans = $spane = "";
286			if (isset($ph1ent['disabled'])) {
287	e0fb12c1	Renato Botelho	$spans = "<span class=\"gray\">";
288			$spane = "</span>";
289	eca6f787	Renato Botelho	$iconfn .= "_d";
290	e0fb12c1	Renato Botelho	}
291			?>
292	eca6f787	Renato Botelho	<tr valign="top" id="fr<?=$i;?>" ondblclick="document.location='vpn_ipsec_phase1.php?p1index=<?=$i;?>'">
293			<td class="listt" align="center" valign="middle">
294			<input type="checkbox" id="frc<?=$i;?>" name="p1entry[]" value="<?=$i;?>" onclick="fr_bgcolor('<?=$i;?>')" style="margin: 0; padding: 0; width: 15px; height: 15px;" />
295			</td>
296			<td class="listt" align="center" valign="middle">
297	495c7f0c	Renato Botelho	<input name="toggle_<?=$i;?>" src="/themes/<?= $g['theme']; ?>/images/icons/icon_<?=$iconfn?>.gif"
298			title="<?=gettext("click to toggle enabled/disabled status");?>"
299			type="image" style="height:11;width:11;border:0" />
300	eca6f787	Renato Botelho	</td>
301			<td class="listlr" onclick="fr_toggle(<?=$i;?>)" id="frd<?=$i;?>">
302	20452c68	Ermal	<?=$spans;?>
303	e0fb12c1	Renato Botelho	<?php
304			if (empty($ph1ent['iketype']) \|\| $ph1ent['iketype'] == "ikev1")
305			echo "V1";
306			else
307			echo "V2";
308			?>
309	20452c68	Ermal	<?=$spane;?>
310			</td>
311	eca6f787	Renato Botelho	<td class="listr" onclick="fr_toggle(<?=$i;?>)" id="frd<?=$i;?>">
312	a93e56c5	Matthew Grooms	<?=$spans;?>
313	e0fb12c1	Renato Botelho	<?php
314			if ($ph1ent['interface']) {
315			$iflabels = get_configured_interface_with_descr();
316
317			$carplist = get_configured_carp_interface_list();
318			foreach ($carplist as $cif => $carpip)
319			$iflabels[$cif] = $carpip." (".get_vip_descr($carpip).")";
320
321			$aliaslist = get_configured_ip_aliases_list();
322			foreach ($aliaslist as $aliasip => $aliasif)
323			$iflabels[$aliasip] = $aliasip." (".get_vip_descr($aliasip).")";
324
325			$grouplist = return_gateway_groups_array();
326			foreach ($grouplist as $name => $group) {
327			if($group[0]['vip'] <> "")
328			$vipif = $group[0]['vip'];
329			else
330			$vipif = $group[0]['int'];
331			$iflabels[$name] = "GW Group {$name}";
332	a93e56c5	Matthew Grooms	}
333	e0fb12c1	Renato Botelho	$if = htmlspecialchars($iflabels[$ph1ent['interface']]);
334			}
335			else
336			$if = "WAN";
337	a93e56c5	Matthew Grooms
338	e0fb12c1	Renato Botelho	if (!isset($ph1ent['mobile']))
339			echo $if."<br />".$ph1ent['remote-gateway'];
340			else
341			echo $if."<br /><strong>" . gettext("Mobile Client") . "</strong>";
342			?>
343	a93e56c5	Matthew Grooms	<?=$spane;?>
344			</td>
345	eca6f787	Renato Botelho	<td class="listr" onclick="fr_toggle(<?=$i;?>)" id="frd<?=$i;?>">
346	a93e56c5	Matthew Grooms	<?=$spans;?>
347			<?=$ph1ent['mode'];?>
348			<?=$spane;?>
349			</td>
350	eca6f787	Renato Botelho	<td class="listr" onclick="fr_toggle(<?=$i;?>)" id="frd<?=$i;?>">
351	a93e56c5	Matthew Grooms	<?=$spans;?>
352			<?=$p1_ealgos[$ph1ent['encryption-algorithm']['name']]['name'];?>
353	e0fb12c1	Renato Botelho	<?php
354			if ($ph1ent['encryption-algorithm']['keylen']) {
355			if ($ph1ent['encryption-algorithm']['keylen']=="auto")
356			echo " (" . gettext("auto") . ")";
357			else
358			echo " ({$ph1ent['encryption-algorithm']['keylen']} " . gettext("bits") . ")";
359			}
360			?>
361	a93e56c5	Matthew Grooms	<?=$spane;?>
362			</td>
363	eca6f787	Renato Botelho	<td class="listr" onclick="fr_toggle(<?=$i;?>)" id="frd<?=$i;?>">
364	a93e56c5	Matthew Grooms	<?=$spans;?>
365			<?=$p1_halgos[$ph1ent['hash-algorithm']];?>
366			<?=$spane;?>
367			</td>
368	eca6f787	Renato Botelho	<td class="listbg" onclick="fr_toggle(<?=$i;?>)">
369	a93e56c5	Matthew Grooms	<?=$spans;?>
370	b9056c39	Scott Ullrich	<?=htmlspecialchars($ph1ent['descr']);?>
371	a93e56c5	Matthew Grooms	<?=$spane;?>
372			</td>
373	391453a1	Colin Fleming	<td valign="middle" class="list nowrap">
374			<table border="0" cellspacing="0" cellpadding="1" summary="icons">
375	a93e56c5	Matthew Grooms	<tr>
376	eca6f787	Renato Botelho	<td>
377			<input onmouseover="fr_insline(<?=$i;?>, true)" onmouseout="fr_insline(<?=$i;?>, false)"
378			name="move_<?=$i;?>" src="/themes/<?= $g['theme']; ?>/images/icons/icon_left.gif"
379			title="<?=gettext("move selected entries before this");?>"
380			type="image" style="height:17;width:17;border:0" />
381			</td>
382	a93e56c5	Matthew Grooms	<td>
383			<a href="vpn_ipsec_phase1.php?p1index=<?=$i;?>">
384	391453a1	Colin Fleming	<img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" title="<?=gettext("edit phase1 entry"); ?>" width="17" height="17" border="0" alt="edit" />
385	a93e56c5	Matthew Grooms	</a>
386			</td>
387	eca6f787	Renato Botelho	</tr>
388			<tr>
389	a93e56c5	Matthew Grooms	<td>
390	495c7f0c	Renato Botelho	<input name="del_<?=$i;?>" src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif"
391			title="<?=gettext("delete phase1 entry");?>"
392			type="image" style="height:17;width:17;border:0"
393			onclick="return confirm('<?=gettext("Do you really want to delete this phase1 and all associated phase2 entries?"); ?>')" />
394	a93e56c5	Matthew Grooms	</td>
395	eca6f787	Renato Botelho	<td>
396	e0fb12c1	Renato Botelho	<?php
397			if (!isset($ph1ent['mobile'])):
398			?>
399	a93e56c5	Matthew Grooms	<a href="vpn_ipsec_phase1.php?dup=<?=$i;?>">
400	391453a1	Colin Fleming	<img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("copy phase1 entry"); ?>" width="17" height="17" border="0" alt="add" />
401	a93e56c5	Matthew Grooms	</a>
402	e0fb12c1	Renato Botelho	<?php
403			endif;
404			?>
405	eca6f787	Renato Botelho	</td>
406			</tr>
407	a93e56c5	Matthew Grooms	</table>
408			</td>
409			</tr>
410			<tr>
411	eca6f787	Renato Botelho	<td class="listt"> </td>
412			<td class="listt"> </td>
413	cbf1f885	jim-p	<td class="listrborder" colspan="6">
414	91ebc808	Renato Botelho	<?php
415			if (isset($_POST["tdph2-{$i}-visible"]))
416			$tdph2_visible = htmlspecialchars($_POST["tdph2-{$i}-visible"]);
417			else
418			$tdph2_visible = 0;
419			?>
420			<input type="hidden" name="tdph2-<?=$i;?>-visible" id="tdph2-<?=$i;?>-visible" value="<?=$tdph2_visible?>" />
421			<div id="shph2but-<?=$i?>" <?php echo ($tdph2_visible == '1' ? 'style="display:none"' : '');?>>
422	e0fb12c1	Renato Botelho	<?php
423	761882a1	Renato Botelho	$phase2count=0;
424			foreach ($a_phase2 as $ph2ent) {
425			if ($ph2ent['ikeid'] != $ph1ent['ikeid'])
426			continue;
427			$phase2count++;
428			}
429			$fr_prefix = "frp2{$i}";
430			$fr_header = $fr_prefix . "header";
431	e0fb12c1	Renato Botelho	?>
432	391453a1	Colin Fleming	<input type="button" onclick="show_phase2('tdph2-<?=$i?>','shph2but-<?=$i?>')" value="+" /> - <?php printf(gettext("Show %s Phase-2 entries"), $phase2count); ?>
433	0a95b653	Scott Ullrich	</div>
434	91ebc808	Renato Botelho	<div id="tdph2-<?=$i?>" <?php echo ($tdph2_visible != '1' ? 'style="display:none"' : '');?>>
435	eca6f787	Renato Botelho	<table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="0" summary="phase-2 entries">
436	761882a1	Renato Botelho	<tr id="<?=$fr_header;?>">
437			<td> </td>
438			<td> </td>
439	108f16bf	Carlos Eduardo Ramos	<td class="listhdrr"><?=gettext("Mode"); ?></td>
440			<td class="listhdrr"><?=gettext("Local Subnet"); ?></td>
441			<td class="listhdrr"><?=gettext("Remote Subnet"); ?></td>
442			<td class="listhdrr"><?=gettext("P2 Protocol"); ?></td>
443			<td class="listhdrr"><?=gettext("P2 Transforms"); ?></td>
444			<td class="listhdrr"><?=gettext("P2 Auth Methods"); ?></td>
445	761882a1	Renato Botelho	<td class ="list"> </td>
446	a93e56c5	Matthew Grooms	</tr>
447	e0fb12c1	Renato Botelho	<?php
448	761882a1	Renato Botelho	$j = 0;
449	a6057836	Renato Botelho	foreach ($a_phase2 as $ph2index => $ph2ent):
450	e0fb12c1	Renato Botelho	if ($ph2ent['ikeid'] != $ph1ent['ikeid'])
451			continue;
452
453	761882a1	Renato Botelho	$fr_c = $fr_prefix . "c" . $j;
454			$fr_d = $fr_prefix . "d" . $j;
455
456			$iconfn = "pass";
457			$spans = $spane = "";
458			if (isset($ph2ent['disabled'])) {
459	e0fb12c1	Renato Botelho	$spans = "<span class=\"gray\">";
460			$spane = "</span>";
461	761882a1	Renato Botelho	$iconfn .= "_d";
462			}
463	e0fb12c1	Renato Botelho	?>
464	761882a1	Renato Botelho	<tr valign="top" id="<?=$fr_prefix . $j;?>" ondblclick="document.location='vpn_ipsec_phase2.php?p2index=<?=$ph2ent['uniqid'];?>'">
465			<td class="listt" align="center" valign="middle">
466			<input type="checkbox" id="<?=$fr_c;?>" name="p2entry[]" value="<?=$ph2index;?>" onclick="fr_bgcolor('<?=$j;?>', '<?=$fr_prefix;?>')" style="margin: 0; padding: 0; width: 15px; height: 15px;" />
467			</td>
468			<td class="listt" align="center" valign="middle">
469	495c7f0c	Renato Botelho	<input name="togglep2_<?=$ph2index;?>" src="/themes/<?= $g['theme']; ?>/images/icons/icon_<?=$iconfn?>.gif"
470			title="<?=gettext("click to toggle enabled/disabled status");?>"
471			type="image" style="height:11;width:11;border:0" />
472	761882a1	Renato Botelho	</td>
473			<td class="listlr nowrap" id="<?=$fr_d;?>" onclick="fr_toggle('<?=$j;?>', '<?=$fr_prefix;?>')">
474	4b96b367	mgrooms	<?=$spans;?>
475	e0fb12c1	Renato Botelho	<?=$ph2ent['mode'];?>
476	4b96b367	mgrooms	<?=$spane;?>
477			</td>
478	e0fb12c1	Renato Botelho	<?php
479			if(($ph2ent['mode'] == "tunnel") or ($ph2ent['mode'] == "tunnel6")):
480			?>
481	761882a1	Renato Botelho	<td class="listr nowrap" id="<?=$fr_d;?>" onclick="fr_toggle('<?=$j;?>', '<?=$fr_prefix;?>')">
482	e0fb12c1	Renato Botelho	<?=$spans;?>
483			<?=ipsec_idinfo_to_text($ph2ent['localid']); ?>
484			<?=$spane;?>
485			</td>
486	761882a1	Renato Botelho	<td class="listr nowrap" id="<?=$fr_d;?>" onclick="fr_toggle('<?=$j;?>', '<?=$fr_prefix;?>')">
487	e0fb12c1	Renato Botelho	<?=$spans;?>
488			<?=ipsec_idinfo_to_text($ph2ent['remoteid']); ?>
489			<?=$spane;?>
490			</td>
491			<?php
492	761882a1	Renato Botelho	else:
493			echo "<td class=\"listr nowrap\"> </td><td class=\"listr nowrap\"> </td>";
494	e0fb12c1	Renato Botelho	endif;
495			?>
496	761882a1	Renato Botelho	<td class="listr nowrap" id="<?=$fr_d;?>" onclick="fr_toggle('<?=$j;?>', '<?=$fr_prefix;?>')">
497	a93e56c5	Matthew Grooms	<?=$spans;?>
498	e0fb12c1	Renato Botelho	<?php echo $p2_protos[$ph2ent['protocol']]; ?>
499	a93e56c5	Matthew Grooms	<?=$spane;?>
500			</td>
501	761882a1	Renato Botelho	<td class="listr" id="<?=$fr_d;?>" onclick="fr_toggle('<?=$j;?>', '<?=$fr_prefix;?>')">
502	a93e56c5	Matthew Grooms	<?=$spans;?>
503	e0fb12c1	Renato Botelho	<?php
504			foreach ($ph2ent['encryption-algorithm-option'] as $k => $ph2ea) {
505			if ($k)
506			echo ", ";
507			echo $p2_ealgos[$ph2ea['name']]['name'];
508			if ($ph2ea['keylen']) {
509			if ($ph2ea['keylen']=="auto")
510			echo " (" . gettext("auto") . ")";
511			else
512			echo " ({$ph2ea['keylen']} " . gettext("bits") . ")";
513	a93e56c5	Matthew Grooms	}
514	e0fb12c1	Renato Botelho	}
515			?>
516	a93e56c5	Matthew Grooms	<?=$spane;?>
517			</td>
518	761882a1	Renato Botelho	<td class="listr nowrap" id="<?=$fr_d;?>" onclick="fr_toggle('<?=$j;?>', '<?=$fr_prefix;?>')">
519	a93e56c5	Matthew Grooms	<?=$spans;?>
520	e0fb12c1	Renato Botelho	<?php
521			if (!empty($ph2ent['hash-algorithm-option']) && is_array($ph2ent['hash-algorithm-option'])) {
522			foreach ($ph2ent['hash-algorithm-option'] as $k => $ph2ha) {
523			if ($k)
524			echo ", ";
525			echo $p2_halgos[$ph2ha];
526	a93e56c5	Matthew Grooms	}
527	e0fb12c1	Renato Botelho	}
528			?>
529	a93e56c5	Matthew Grooms	<?=$spane;?>
530			</td>
531	761882a1	Renato Botelho	<td class="list nowrap" valign="middle">
532			<input onmouseover="fr_insline(<?=$j;?>, true, '<?=$fr_prefix;?>')" onmouseout="fr_insline(<?=$j;?>, false, '<?=$fr_prefix;?>')"
533			name="movep2_<?=$j;?>" src="/themes/<?= $g['theme']; ?>/images/icons/icon_left.gif"
534			title="<?=gettext("move selected entries before this");?>"
535			type="image" style="height:17;width:17;border:0" />
536	9b915686	Ermal	<a href="vpn_ipsec_phase2.php?p2index=<?=$ph2ent['uniqid'];?>">
537	391453a1	Colin Fleming	<img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" title="<?=gettext("edit phase2 entry"); ?>" width="17" height="17" border="0" alt="edit" />
538	a93e56c5	Matthew Grooms	</a>
539	495c7f0c	Renato Botelho	<input name="delp2_<?=$ph2index;?>" src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif"
540			title="<?=gettext("delete phase2 entry");?>"
541			type="image" style="height:17;width:17;border:0"
542			onclick="return confirm('<?=gettext("Do you really want to delete this phase2 entry?"); ?>')" />
543	9b915686	Ermal	<a href="vpn_ipsec_phase2.php?dup=<?=$ph2ent['uniqid'];?>">
544	391453a1	Colin Fleming	<img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add a new Phase 2 based on this one"); ?>" width="17" height="17" border="0" alt="add" />
545	c8ff68a4	jim-p	</a>
546	a93e56c5	Matthew Grooms	</td>
547			</tr>
548	e0fb12c1	Renato Botelho	<?php
549	761882a1	Renato Botelho	$j++;
550	e0fb12c1	Renato Botelho	endforeach;
551			?>
552	761882a1	Renato Botelho	<tr valign="top" id="<?=$fr_prefix . $j;?>">
553			<td class="list" colspan="8"></td>
554			<td class="list nowrap" valign="middle">
555			<?php
556			if ($j == 0):
557			?>
558			<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_left_d.gif" width="17" height="17" title="<?=gettext("move selected phase2 entries to end");?>" border="0" alt="move" />
559			<?php
560			else:
561			?>
562			<input onmouseover="fr_insline(<?=$j;?>, true, '<?=$fr_prefix;?>')" onmouseout="fr_insline(<?=$j;?>, false, '<?=$fr_prefix;?>')" name="movep2_<?=$j;?>" type="image" src="/themes/<?= $g['theme']; ?>/images/icons/icon_left.gif" style="width:17;height:17;border:0" title="<?=gettext("move selected phase2 entries to end");?>" />
563			<?php
564			endif;
565			?>
566			<a href="vpn_ipsec_phase2.php?ikeid=<?=$ph1ent['ikeid'];?><?php if (isset($ph1ent['mobile'])) echo "&mobile=true";?>">
567			<img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add phase2 entry"); ?>" width="17" height="17" border="0" alt="add" />
568			</a>
569			<?php
570			if ($j == 0):
571			?>
572			<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x_d.gif" width="17" height="17" title="<?=gettext("delete selected phase2 entries");?>" border="0" alt="delete" />
573			<?php
574			else:
575			?>
576			<input name="delp2" type="image" src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" style="width:17;height:17" title="<?=gettext("delete selected phase2 entries");?>" onclick="return confirm('<?=gettext("Do you really want to delete the selected phase2 entries?");?>')" />
577			<?php
578			endif;
579			?>
580			</td>
581			</tr>
582	a93e56c5	Matthew Grooms	</table>
583	eca6f787	Renato Botelho	</div>
584	0a95b653	Scott Ullrich	</td>
585			</tr>
586	e0fb12c1	Renato Botelho	<?php
587			$i++;
588			endforeach; // $a_phase1 as $ph1ent
589			?>
590	761882a1	Renato Botelho	<tr valign="top" id="fr<?=$i;?>">
591	eca6f787	Renato Botelho	<td class="list" colspan="8"></td>
592			<td class="list nowrap" valign="middle">
593			<table border="0" cellspacing="0" cellpadding="1" summary="edit">
594	a93e56c5	Matthew Grooms	<tr>
595	eca6f787	Renato Botelho	<td>
596	761882a1	Renato Botelho	<?php
597	eca6f787	Renato Botelho	if ($i == 0):
598	761882a1	Renato Botelho	?>
599	eca6f787	Renato Botelho	<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_left_d.gif" width="17" height="17" title="<?=gettext("move selected phase1 entries to end");?>" border="0" alt="move" />
600	761882a1	Renato Botelho	<?php
601	eca6f787	Renato Botelho	else:
602	761882a1	Renato Botelho	?>
603			<input onmouseover="fr_insline(<?=$i;?>, true)" onmouseout="fr_insline(<?=$i;?>, false)" name="move_<?=$i;?>" type="image" src="/themes/<?= $g['theme']; ?>/images/icons/icon_left.gif" style="width:17;height:17;border:0" title="<?=gettext("move selected phase1 entries to end");?>" />
604			<?php
605	eca6f787	Renato Botelho	endif;
606	761882a1	Renato Botelho	?>
607	eca6f787	Renato Botelho	</td>
608	a93e56c5	Matthew Grooms	<td>
609			<a href="vpn_ipsec_phase1.php">
610	eca6f787	Renato Botelho	<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" title="<?=gettext("add new phase1");?>" alt="add" />
611	a93e56c5	Matthew Grooms	</a>
612			</td>
613			</tr>
614	eca6f787	Renato Botelho	<tr>
615			<td>
616	761882a1	Renato Botelho	<?php
617	eca6f787	Renato Botelho	if ($i == 0):
618	761882a1	Renato Botelho	?>
619	eca6f787	Renato Botelho	<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x_d.gif" width="17" height="17" title="<?=gettext("delete selected phase1 entries");?>" border="0" alt="delete" />
620	761882a1	Renato Botelho	<?php
621	eca6f787	Renato Botelho	else:
622	761882a1	Renato Botelho	?>
623	eca6f787	Renato Botelho	<input name="del" type="image" src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" style="width:17;height:17" title="<?=gettext("delete selected phase1 entries");?>" onclick="return confirm('<?=gettext("Do you really want to delete the selected phase1 entries?");?>')" />
624	761882a1	Renato Botelho	<?php
625	eca6f787	Renato Botelho	endif;
626	761882a1	Renato Botelho	?>
627	eca6f787	Renato Botelho	</td>
628			</tr>
629	a93e56c5	Matthew Grooms	</table>
630	391453a1	Colin Fleming	</td>
631	a93e56c5	Matthew Grooms	</tr>
632			<tr>
633	eca6f787	Renato Botelho	<td colspan="8">
634	a93e56c5	Matthew Grooms	<p>
635			<span class="vexpl">
636			<span class="red">
637	8cd558b6	ayvis	<strong><?=gettext("Note"); ?>:<br /></strong>
638	a93e56c5	Matthew Grooms	</span>
639	eca6f787	Renato Botelho	<?=gettext("You can check your IPsec status at"); ?> <a href="diag_ipsec.php"><?=gettext("Status:IPsec"); ?></a>.<br />
640	d2ec82af	Colin Fleming	<?=gettext("IPsec Debug Mode can be enabled at"); ?> <a href="vpn_ipsec_settings.php"><?=gettext("VPN:IPsec:Advanced Settings"); ?></a>.<br />
641			<?=gettext("IPsec can be set to prefer older SAs at"); ?> <a href="vpn_ipsec_settings.php"><?=gettext("VPN:IPsec:Advanced Settings"); ?></a>.
642	a93e56c5	Matthew Grooms	</span>
643			</p>
644			</td>
645			</tr>
646			</table>
647			</div>
648			</td>
649	5b237745	Scott Ullrich	</tr>
650			</table>
651			</form>
652			<?php include("fend.inc"); ?>
653	0a95b653	Scott Ullrich	<script type="text/javascript">
654	391453a1	Colin Fleming	//<![CDATA[
655	0a95b653	Scott Ullrich	function show_phase2(id, buttonid) {
656			document.getElementById(buttonid).innerHTML='';
657	91ebc808	Renato Botelho	document.getElementById(id).style.display = "block";
658			var visible = id + '-visible';
659			document.getElementById(visible).value = "1";
660	0a95b653	Scott Ullrich	}
661	391453a1	Colin Fleming	//]]>
662	0a95b653	Scott Ullrich	</script>
663	323d040b	Scott Ullrich	</body>
664			</html>

Project

General

Profile

pfSense