diff options
author | Renato Botelho <renato@netgate.com> | 2015-11-03 11:25:49 -0200 |
---|---|---|
committer | Renato Botelho <renato@netgate.com> | 2015-11-03 11:25:49 -0200 |
commit | e1c34c699b5ef5c41435b031817cd5ee2d13cf6c (patch) | |
tree | 776b5fe89ccd5a379c2b6f868a67deaefc993cf9 /src/etc/inc/ipsec.inc | |
parent | 7fcd5ea8bb2e7c9c94e1f38008fc3da440eb14e8 (diff) | |
download | pfsense-e1c34c699b5ef5c41435b031817cd5ee2d13cf6c.zip pfsense-e1c34c699b5ef5c41435b031817cd5ee2d13cf6c.tar.gz |
Restore ipsec_dump_spd() accidentally removed on 7fcd5ea8bb2e7c9c94e1f38008fc3da440eb14e8. Pointy hat to: garga
Diffstat (limited to 'src/etc/inc/ipsec.inc')
-rw-r--r-- | src/etc/inc/ipsec.inc | 54 |
1 files changed, 54 insertions, 0 deletions
diff --git a/src/etc/inc/ipsec.inc b/src/etc/inc/ipsec.inc index 911f0f4..ec2b592 100644 --- a/src/etc/inc/ipsec.inc +++ b/src/etc/inc/ipsec.inc @@ -427,6 +427,60 @@ function ipsec_phase2_status(&$ipsec_status, &$phase2) { } /* + * Return dump of SPD table + */ +function ipsec_dump_spd() { + $fd = @popen("/sbin/setkey -DP", "r"); + $spd = array(); + if ($fd) { + while (!feof($fd)) { + $line = chop(fgets($fd)); + if (!$line) { + continue; + } + if ($line == "No SPD entries.") { + break; + } + if ($line[0] != "\t") { + if (is_array($cursp)) { + $spd[] = $cursp; + } + $cursp = array(); + $linea = explode(" ", $line); + $cursp['srcid'] = substr($linea[0], 0, strpos($linea[0], "[")); + $cursp['dstid'] = substr($linea[1], 0, strpos($linea[1], "[")); + $i = 0; + } else if (is_array($cursp)) { + $line = trim($line, "\t\r\n "); + $linea = explode(" ", $line); + switch ($i) { + case 1: + if ($linea[1] == "none") /* don't show default anti-lockout rule */ { + unset($cursp); + } else { + $cursp['dir'] = $linea[0]; + } + break; + case 2: + $upperspec = explode("/", $linea[0]); + $cursp['proto'] = $upperspec[0]; + list($cursp['src'], $cursp['dst']) = explode("-", $upperspec[2]); + $cursp['reqid'] = substr($upperspec[3], strpos($upperspec[3], "#")+1); + break; + } + } + $i++; + } + if (is_array($cursp) && count($cursp)) { + $spd[] = $cursp; + } + pclose($fd); + } + + return $spd; +} + +/* * Return dump of SAD table */ function ipsec_dump_sad() { |