diff options
author | Ermal <eri@pfsense.org> | 2013-02-11 09:42:38 +0000 |
---|---|---|
committer | Ermal <eri@pfsense.org> | 2013-02-11 09:42:38 +0000 |
commit | ec8b4d8d14d58272bb1f426c0e983ae947791f00 (patch) | |
tree | ad9da2ddaa1a7f7486c1c6dbde452c8469ced677 /usr/local/www | |
parent | d83045b5fab90d0e0ceccadae18d0a5058d0bb85 (diff) | |
download | pfsense-ec8b4d8d14d58272bb1f426c0e983ae947791f00.zip pfsense-ec8b4d8d14d58272bb1f426c0e983ae947791f00.tar.gz |
Try to use standard interface to find the source for connecting a tunnel. Also if a ping host is defined for the configuration used that for remoteid since its known to be reachble
Diffstat (limited to 'usr/local/www')
-rw-r--r-- | usr/local/www/diag_ipsec.php | 26 |
1 files changed, 11 insertions, 15 deletions
diff --git a/usr/local/www/diag_ipsec.php b/usr/local/www/diag_ipsec.php index 01c7c7e..68f7dc8 100644 --- a/usr/local/www/diag_ipsec.php +++ b/usr/local/www/diag_ipsec.php @@ -152,31 +152,27 @@ $mobile = ipsec_dump_mobile(); $source = ""; $ip_interface = null; $ip_alias = null; - if ($ph2ent['localid']['type'] == 'lan') { - $source = get_interface_ip('lan'); - } else if ($ph2ent['localid']['type'] == 'network') { - $ip_interface = find_ip_interface($ph2ent['localid']['address'], $ph2ent['localid']['netbits']); - if (!$ip_interface) { - $ip_alias = find_virtual_ip_alias($ph2ent['localid']['address'], $ph2ent['localid']['netbits']); - } - } else { - $ip_interface = find_ip_interface($ph2ent['localid']['address']); - if (!$ip_interface) { - $ip_alias = find_virtual_ip_alias($ph2ent['localid']['address']); - } - } + $localinfo = ipsec_idinfo_to_cidr($ph2ent['localid'], false, $ph2ent['mode']); + list($localip, $localsub) = explode("/", $localinfo); + $ip_interface = find_ip_interface($localip, $localsub); + if (!$ip_interface) + $ip_alias = find_virtual_ip_alias($localip, $localsub); if ($ip_interface) { - if (is_ipaddrv6($ph2ent['localid']['address'])) + if (is_ipaddrv6($localip)) $source = get_interface_ipv6($ip_interface); else $source = get_interface_ip($ip_interface); } else if ($ip_alias) { $source = $ip_alias['subnet']; } + if (!empty($ph2ent['pinghost'])) + $remoteid = $ph2ent['pinghost']; + else + $remoteid = $ph2ent['remoteid']['address']; ?> <?php if (($ph2ent['remoteid']['type'] != "mobile") && ($icon != "pass") && ($source != "")): ?> <center> - <a href="diag_ipsec.php?act=connect&remoteid=<?php echo $ph2ent['remoteid']['address']; ?>&source=<?php echo $source; ?>"> + <a href="diag_ipsec.php?act=connect&remoteid=<?php echo $remoteid; ?>&source=<?php echo $source; ?>"> <img src ="/themes/<?php echo $g['theme']; ?>/images/icons/icon_service_start.gif" alt="Connect VPN" title="Connect VPN" border="0"> </a> </center> |