diff options
author | jim-p <jimp@pfsense.org> | 2010-08-13 13:56:36 -0400 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2010-08-13 13:57:45 -0400 |
commit | 812dd35db0e19483c96ffdcd4f16245ed1f96d87 (patch) | |
tree | f07a1cf419ae08b5ca4108f5a8b50631a4b5e215 /usr/local/www/vpn_ipsec_phase1.php | |
parent | 4ccea790e8eecab3eaf30753fc7e8eb41788ed7a (diff) | |
download | pfsense-812dd35db0e19483c96ffdcd4f16245ed1f96d87.zip pfsense-812dd35db0e19483c96ffdcd4f16245ed1f96d87.tar.gz |
Add a GUI selection for the proposal_check config option. Provide all the choices from racoon.conf(5) plus a "default" which will keep the old behavior.
Diffstat (limited to 'usr/local/www/vpn_ipsec_phase1.php')
-rw-r--r-- | usr/local/www/vpn_ipsec_phase1.php | 19 |
1 files changed, 18 insertions, 1 deletions
diff --git a/usr/local/www/vpn_ipsec_phase1.php b/usr/local/www/vpn_ipsec_phase1.php index b549ea0..529cf73 100644 --- a/usr/local/www/vpn_ipsec_phase1.php +++ b/usr/local/www/vpn_ipsec_phase1.php @@ -89,6 +89,7 @@ if (isset($p1index) && $a_phase1[$p1index]) { $pconfig['dhgroup'] = $a_phase1[$p1index]['dhgroup']; $pconfig['lifetime'] = $a_phase1[$p1index]['lifetime']; $pconfig['authentication_method'] = $a_phase1[$p1index]['authentication_method']; + $pconfig['proposal_check'] = $a_phase1[$p1index]['proposal_check']; if (($pconfig['authentication_method'] == "pre_shared_key") || ($pconfig['authentication_method'] == "xauth_psk_server")) { @@ -292,7 +293,7 @@ if ($_POST) { $ph1ent['private-key'] = base64_encode($pconfig['privatekey']); $ph1ent['certref'] = $pconfig['certref']; $ph1ent['authentication_method'] = $pconfig['authentication_method']; - + $ph1ent['proposal_check'] = $pconfig['proposal_check']; $ph1ent['descr'] = $pconfig['descr']; $ph1ent['nat_traversal'] = $pconfig['nat_traversal']; @@ -614,6 +615,22 @@ function dpdchkbox_change() { </span> </td> </tr> + <tr id="proposal_check"> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Proposal Checking"); ?></td> + <td width="78%" class="vtable"> + <select name="proposal_check" class="formselect"> + <option value="" <?php if (empty($pconfig['proposal_check'])) echo "selected"; ?>>Default</option> + <option value="obey" <?php if ($pconfig['proposal_check'] == "obey") echo "selected"; ?>>Obey</option> + <option value="strict" <?php if ($pconfig['proposal_check'] == "strict") echo "selected"; ?>>Strict</option> + <option value="claim" <?php if ($pconfig['proposal_check'] == "claim") echo "selected"; ?>>Claim</option> + <option value="exact" <?php if ($pconfig['proposal_check'] == "exact") echo "selected"; ?>>Exact</option> + </select> + <br> + <span class="vexpl"> + <?=gettext("Specifies the action of lifetime length, key length, and PFS of the phase 2 selection on the responder side, and the action of lifetime check in phase 1."); ?> + </span> + </td> + </tr> <tr> <td width="22%" valign="top" class="vncellreq"><?=gettext("Encryption algorithm"); ?></td> <td width="78%" class="vtable"> |