diff options
author | Scott Ullrich <sullrich@pfsense.org> | 2005-06-22 01:59:09 +0000 |
---|---|---|
committer | Scott Ullrich <sullrich@pfsense.org> | 2005-06-22 01:59:09 +0000 |
commit | d5967a9aefa67f3be707f1c1661e1ccad4d63577 (patch) | |
tree | 9f765d35616f9f9d1bf0193f751de3fcb6cc6dbe /usr/local/www/system_advanced.php | |
parent | 105800d246549ac3bd0a221d352d33a1c54b0293 (diff) | |
download | pfsense-d5967a9aefa67f3be707f1c1661e1ccad4d63577.zip pfsense-d5967a9aefa67f3be707f1c1661e1ccad4d63577.tar.gz |
Sync up with m0n0wall -> Preffered sa selection
Diffstat (limited to 'usr/local/www/system_advanced.php')
-rwxr-xr-x | usr/local/www/system_advanced.php | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/usr/local/www/system_advanced.php b/usr/local/www/system_advanced.php index dc0a76d..72d753d 100755 --- a/usr/local/www/system_advanced.php +++ b/usr/local/www/system_advanced.php @@ -51,6 +51,7 @@ $pconfig['maximumstates'] = $config['system']['maximumstates']; $pconfig['disablerendevouz'] = $config['system']['disablerendevouz']; $pconfig['enableserial'] = $config['system']['enableserial']; $pconfig['disablefirmwarecheck'] = isset($config['system']['disablefirmwarecheck']); +$pconfig['preferoldsa_enable'] = isset($config['ipsec']['preferoldsa']); if ($_POST) { @@ -146,6 +147,8 @@ if ($_POST) { $config['system']['schedulertype'] = $_POST['schedulertype']; $config['system']['maximumstates'] = $_POST['maximumstates']; + $config['ipsec']['preferoldsa'] = $_POST['preferoldsa_enable'] ? true : false; + write_config(); if (($config['system']['webgui']['certificate'] != $oldcert) @@ -371,6 +374,13 @@ function update_description(itemnum) { Hint: the "set LAN IP address" option in the console menu resets this setting as well.</td> </tr> + <tr> + <td width="22%" valign="top" class="vncell">IPsec SA preferral</td> + <td width="78%" class="vtable"> + <input name="preferoldsa_enable" type="checkbox" id="preferoldsa_enable" value="yes" <?php if ($pconfig['preferoldsa_enable']) echo "checked"; ?>> + <strong>Prefer old IPsec SAs</strong><br>By default, if several SAs match, the newest one is preferred if it's at least 30 seconds old.Select this option to always prefer old SAs over new ones. + </td> + </tr> <tr> <td width="22%" valign="top"> </td> <td width="78%"> |