summaryrefslogtreecommitdiffstats
path: root/usr/local/www/system_advanced_misc.php
diff options
context:
space:
mode:
authorErmal <eri@pfsense.org>2013-12-19 14:52:59 +0000
committerErmal <eri@pfsense.org>2013-12-19 14:52:59 +0000
commitcc2630208cc31ac3a19c185036a4b589d125e99a (patch)
treef5a18230045e119a35c767371c455dae7d8893b9 /usr/local/www/system_advanced_misc.php
parent85d0e9591d0fd4d09f739491b76bb5aa4acd7b08 (diff)
downloadpfsense-cc2630208cc31ac3a19c185036a4b589d125e99a.zip
pfsense-cc2630208cc31ac3a19c185036a4b589d125e99a.tar.gz
Provide a setting to disable the auto added LAN SPDs in the DB
Diffstat (limited to 'usr/local/www/system_advanced_misc.php')
-rw-r--r--usr/local/www/system_advanced_misc.php20
1 files changed, 20 insertions, 0 deletions
diff --git a/usr/local/www/system_advanced_misc.php b/usr/local/www/system_advanced_misc.php
index 114f029..b5f6498 100644
--- a/usr/local/www/system_advanced_misc.php
+++ b/usr/local/www/system_advanced_misc.php
@@ -73,6 +73,7 @@ $pconfig['skip_rules_gw_down'] = isset($config['system']['skip_rules_gw_down']);
$pconfig['use_mfs_tmpvar'] = isset($config['system']['use_mfs_tmpvar']);
$pconfig['use_mfs_tmp_size'] = $config['system']['use_mfs_tmp_size'];
$pconfig['use_mfs_var_size'] = $config['system']['use_mfs_var_size'];
+$pconfig['noinstalllanspd'] = $config['system']['noinstalllanspd'];
$pconfig['powerd_ac_mode'] = "hadp";
if (!empty($config['system']['powerd_ac_mode']))
@@ -177,6 +178,15 @@ if ($_POST) {
$need_racoon_restart = true;
}
}
+ if($_POST['noinstalllanspd'] == "yes") {
+ if (!isset($pconfig['noinstalllanspd']))
+ $need_racoon_restart = true;
+ $config['system']['noinstalllanspd'] = true;
+ } else {
+ if (isset($config['system']['noinstalllanspd']))
+ $need_racoon_restart = true;
+ unset($config['system']['noinstalllanspd']);
+ }
if($_POST['maxmss_enable'] == "yes") {
$config['system']['maxmss_enable'] = true;
@@ -497,6 +507,16 @@ function tmpvar_checked(obj) {
<td colspan="2" valign="top" class="listtopic"><?=gettext("IP Security"); ?></td>
</tr>
<tr>
+ <td width="22%" valign="top" class="vncell"><?=gettext("LAN security associsations"); ?></td>
+ <td width="78%" class="vtable">
+ <input name="noinstalllanspd" type="checkbox" id="noinstalllanspd" value="yes" <?php if ($pconfig['noinstalllanspd']) echo "checked=\"checked\""; ?> />
+ <strong><?=gettext("Do not install LAN SPD"); ?></strong>
+ <br />
+ <?=gettext("By default, if IPSec is enabled negating SPD are inserted to provide protection. " .
+ "This behaviour can be changed by enabling this setting which will prevent installing these SPDs."); ?>
+ </td>
+ </tr>
+ <tr>
<td width="22%" valign="top" class="vncell"><?=gettext("Security Associations"); ?></td>
<td width="78%" class="vtable">
<input name="preferoldsa_enable" type="checkbox" id="preferoldsa_enable" value="yes" <?php if ($pconfig['preferoldsa_enable']) echo "checked=\"checked\""; ?> />
OpenPOWER on IntegriCloud