summaryrefslogtreecommitdiffstats
path: root/src/etc/inc/ipsec.inc
diff options
context:
space:
mode:
authorRenato Botelho <renato@netgate.com>2015-11-03 11:25:49 -0200
committerRenato Botelho <renato@netgate.com>2015-11-03 11:25:49 -0200
commite1c34c699b5ef5c41435b031817cd5ee2d13cf6c (patch)
tree776b5fe89ccd5a379c2b6f868a67deaefc993cf9 /src/etc/inc/ipsec.inc
parent7fcd5ea8bb2e7c9c94e1f38008fc3da440eb14e8 (diff)
downloadpfsense-e1c34c699b5ef5c41435b031817cd5ee2d13cf6c.zip
pfsense-e1c34c699b5ef5c41435b031817cd5ee2d13cf6c.tar.gz
Restore ipsec_dump_spd() accidentally removed on 7fcd5ea8bb2e7c9c94e1f38008fc3da440eb14e8. Pointy hat to: garga
Diffstat (limited to 'src/etc/inc/ipsec.inc')
-rw-r--r--src/etc/inc/ipsec.inc54
1 files changed, 54 insertions, 0 deletions
diff --git a/src/etc/inc/ipsec.inc b/src/etc/inc/ipsec.inc
index 911f0f4..ec2b592 100644
--- a/src/etc/inc/ipsec.inc
+++ b/src/etc/inc/ipsec.inc
@@ -427,6 +427,60 @@ function ipsec_phase2_status(&$ipsec_status, &$phase2) {
}
/*
+ * Return dump of SPD table
+ */
+function ipsec_dump_spd() {
+ $fd = @popen("/sbin/setkey -DP", "r");
+ $spd = array();
+ if ($fd) {
+ while (!feof($fd)) {
+ $line = chop(fgets($fd));
+ if (!$line) {
+ continue;
+ }
+ if ($line == "No SPD entries.") {
+ break;
+ }
+ if ($line[0] != "\t") {
+ if (is_array($cursp)) {
+ $spd[] = $cursp;
+ }
+ $cursp = array();
+ $linea = explode(" ", $line);
+ $cursp['srcid'] = substr($linea[0], 0, strpos($linea[0], "["));
+ $cursp['dstid'] = substr($linea[1], 0, strpos($linea[1], "["));
+ $i = 0;
+ } else if (is_array($cursp)) {
+ $line = trim($line, "\t\r\n ");
+ $linea = explode(" ", $line);
+ switch ($i) {
+ case 1:
+ if ($linea[1] == "none") /* don't show default anti-lockout rule */ {
+ unset($cursp);
+ } else {
+ $cursp['dir'] = $linea[0];
+ }
+ break;
+ case 2:
+ $upperspec = explode("/", $linea[0]);
+ $cursp['proto'] = $upperspec[0];
+ list($cursp['src'], $cursp['dst']) = explode("-", $upperspec[2]);
+ $cursp['reqid'] = substr($upperspec[3], strpos($upperspec[3], "#")+1);
+ break;
+ }
+ }
+ $i++;
+ }
+ if (is_array($cursp) && count($cursp)) {
+ $spd[] = $cursp;
+ }
+ pclose($fd);
+ }
+
+ return $spd;
+}
+
+/*
* Return dump of SAD table
*/
function ipsec_dump_sad() {
OpenPOWER on IntegriCloud