diff options
| author | hamnur <hamnur@protonmail.com> | 2017-06-29 16:08:54 +0200 |
|---|---|---|
| committer | hamnur <hamnur@protonmail.com> | 2017-06-29 16:18:09 +0200 |
| commit | 9542011684a26e0b1b959d9b56d5fcfc12023893 (patch) | |
| tree | 06cb646a8fed1282689c26a4ef3a5784ceda3330 /src/usr/local | |
| parent | faab657a256f9385d5e0ffb4084666e760b515a5 (diff) | |
| download | pfsense-9542011684a26e0b1b959d9b56d5fcfc12023893.zip pfsense-9542011684a26e0b1b959d9b56d5fcfc12023893.tar.gz | |
Add strongswan rekeymargin attribute to vpn ipsec phase1 view
Diffstat (limited to 'src/usr/local')
| -rw-r--r-- | src/usr/local/www/vpn_ipsec_phase1.php | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/src/usr/local/www/vpn_ipsec_phase1.php b/src/usr/local/www/vpn_ipsec_phase1.php index 44b6a30..e05845e 100644 --- a/src/usr/local/www/vpn_ipsec_phase1.php +++ b/src/usr/local/www/vpn_ipsec_phase1.php @@ -96,6 +96,7 @@ if (isset($p1index) && $a_phase1[$p1index]) { $pconfig['dhgroup'] = $a_phase1[$p1index]['dhgroup']; $pconfig['lifetime'] = $a_phase1[$p1index]['lifetime']; $pconfig['authentication_method'] = $a_phase1[$p1index]['authentication_method']; + $pconfig['rekeymargin'] = $a_phase1[$p1index]['rekeymargin']; if (($pconfig['authentication_method'] == "pre_shared_key") || ($pconfig['authentication_method'] == "xauth_psk_server")) { @@ -155,6 +156,7 @@ if (isset($p1index) && $a_phase1[$p1index]) { $pconfig['mobike'] = 'off'; $pconfig['dpd_enable'] = true; $pconfig['iketype'] = "ikev1"; + $pconfig['rekeymargin'] = "540"; /* mobile client */ if ($_REQUEST['mobile']) { @@ -238,6 +240,10 @@ if ($_POST['save']) { $input_errors[] = gettext("The P1 lifetime must be an integer."); } + if (($pconfig['rekeymargin'] && !is_numericint($pconfig['rekeymargin']))) { + $input_errors[] = gettext("Rekey Margin must be an integer."); + } + if ($pconfig['remotegw']) { if (!is_ipaddr($pconfig['remotegw']) && !is_domain($pconfig['remotegw'])) { $input_errors[] = gettext("A valid remote gateway address or host name must be specified."); @@ -452,6 +458,7 @@ if ($_POST['save']) { $ph1ent['hash-algorithm'] = $pconfig['halgo']; $ph1ent['dhgroup'] = $pconfig['dhgroup']; $ph1ent['lifetime'] = $pconfig['lifetime']; + $ph1ent['rekeymargin'] = $pconfig['rekeymargin']; $ph1ent['pre-shared-key'] = $pconfig['pskey']; $ph1ent['private-key'] = base64_encode($pconfig['privatekey']); $ph1ent['certref'] = $pconfig['certref']; @@ -830,6 +837,13 @@ $section->addInput(new Form_Checkbox( $pconfig['rekey_enable'] )); +$section->addInput(new Form_Input( + 'rekeymargin', + '*Rekey Margin (Seconds)', + 'number', + $pconfig['rekeymargin'] +)); + $section->addInput(new Form_Checkbox( 'reauth_enable', 'Disable Reauth', |
