diff options
| author | jim-p <jimp@pfsense.org> | 2011-04-11 16:58:13 -0400 |
|---|---|---|
| committer | jim-p <jimp@pfsense.org> | 2011-04-11 16:58:13 -0400 |
| commit | 127eb8e0238061ca8a66e25c2089dddc1826ec4d (patch) | |
| tree | aa320143b64a7de7af742cfbdb3424baca9b3768 | |
| parent | 4eb4b18a0fb3c39c5bbb241ad4f0366b6c5e890c (diff) | |
| download | pfsense-127eb8e0238061ca8a66e25c2089dddc1826ec4d.zip pfsense-127eb8e0238061ca8a66e25c2089dddc1826ec4d.tar.gz | |
Add a toggle under System > Advanced on the misc tab to enable/disable debug mode for racoon.
| -rw-r--r-- | etc/inc/vpn.inc | 3 | ||||
| -rw-r--r-- | usr/local/www/system_advanced_misc.php | 28 | ||||
| -rwxr-xr-x | usr/local/www/vpn_ipsec.php | 4 |
3 files changed, 33 insertions, 2 deletions
diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc index f0641b7..5ae79b4 100644 --- a/etc/inc/vpn.inc +++ b/etc/inc/vpn.inc @@ -896,7 +896,8 @@ EOD; mwexec("/usr/local/sbin/setkey -F", false); sleep("0.1"); /* start racoon */ - mwexec("/usr/local/sbin/racoon -f {$g['varetc_path']}/racoon.conf", false); + $ipsecdebug = isset($config['ipsec']['racoondebug']) ? "-d -v" : ""; + mwexec("/usr/local/sbin/racoon {$ipsecdebug} -f {$g['varetc_path']}/racoon.conf", false); sleep("0.1"); /* load SPD */ mwexec("/usr/local/sbin/setkey -f {$g['varetc_path']}/spd.conf", false); diff --git a/usr/local/www/system_advanced_misc.php b/usr/local/www/system_advanced_misc.php index b93301d..590a955 100644 --- a/usr/local/www/system_advanced_misc.php +++ b/usr/local/www/system_advanced_misc.php @@ -47,11 +47,13 @@ require("guiconfig.inc"); require_once("functions.inc"); require_once("filter.inc"); require_once("shaper.inc"); +require_once("ipsec.inc"); require_once("vpn.inc"); $pconfig['harddiskstandby'] = $config['system']['harddiskstandby']; $pconfig['lb_use_sticky'] = isset($config['system']['lb_use_sticky']); $pconfig['preferoldsa_enable'] = isset($config['ipsec']['preferoldsa']); +$pconfig['racoondebug_enable'] = isset($config['ipsec']['racoondebug']); $pconfig['maxmss_enable'] = isset($config['system']['maxmss_enable']); $pconfig['maxmss'] = $config['system']['maxmss']; $pconfig['powerd_enable'] = isset($config['system']['powerd_enable']); @@ -85,6 +87,19 @@ if ($_POST) { else unset($config['ipsec']['preferoldsa']); + $need_racoon_restart = false; + if($_POST['racoondebug_enable'] == "yes") { + if (!isset($config['ipsec']['racoondebug'])) { + $config['ipsec']['racoondebug'] = true; + $need_racoon_restart = true; + } + } else { + if (isset($config['ipsec']['racoondebug'])) { + unset($config['ipsec']['racoondebug']); + $need_racoon_restart = true; + } + } + if($_POST['maxmss_enable'] == "yes") { $config['system']['maxmss_enable'] = true; $config['system']['maxmss'] = $_POST['maxmss']; @@ -125,6 +140,8 @@ if ($_POST) { activate_powerd(); load_glxsb(); vpn_ipsec_configure_preferoldsa(); + if ($need_racoon_restart) + vpn_ipsec_force_reload(); } } @@ -259,6 +276,17 @@ function maxmss_checked(obj) { </td> </tr> <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("IPsec Debug"); ?></td> + <td width="78%" class="vtable"> + <input name="racoondebug_enable" type="checkbox" id="racoondebug_enable" value="yes" <?php if ($pconfig['racoondebug_enable']) echo "checked"; ?> /> + <strong><?=gettext("Start racoon in debug mode"); ?></strong> + <br /> + <?=gettext("Launches racoon in debug mode so that more verbose logs " . + "will be generated to aid in troubleshooting."); ?><br/> + <?=gettext("NOTE: Changing this setting will restart racoon."); ?> + </td> + </tr> + <tr> <td width="22%" valign="top" class="vncell"><?=gettext("Maximum MSS"); ?></td> <td width="78%" class="vtable"> <input name="maxmss_enable" type="checkbox" id="maxmss_enable" value="yes" <?php if ($pconfig['maxmss_enable'] == true) echo "checked"; ?> onClick="maxmss_checked(this)" /> diff --git a/usr/local/www/vpn_ipsec.php b/usr/local/www/vpn_ipsec.php index 40879f6..465c607 100755 --- a/usr/local/www/vpn_ipsec.php +++ b/usr/local/www/vpn_ipsec.php @@ -418,7 +418,9 @@ include("head.inc"); <span class="red"> <strong><?=gettext("Note"); ?>:<br></strong> </span> - <?=gettext("You can check your IPsec status at"); ?> <a href="diag_ipsec.php"><?=gettext("Status:IPsec"); ?></a>. + <?=gettext("You can check your IPsec status at"); ?> <a href="diag_ipsec.php"><?=gettext("Status:IPsec"); ?></a>.<br/> + <?=gettext("IPsec Debug Mode can be enabled at"); ?> <a href="system_advanced_misc.php"><?=gettext("System:Advanced:Miscellaneous"); ?></a>.<br/> + <?=gettext("IPsec can be set to prefer older SAs at"); ?> <a href="system_advanced_misc.php"><?=gettext("System:Advanced:Miscellaneous"); ?></a>. </span> </p> </td> |
