diff options
author | Ermal LUÇI <eri@pfsense.org> | 2015-01-31 11:06:44 +0100 |
---|---|---|
committer | Ermal LUÇI <eri@pfsense.org> | 2015-01-31 11:06:55 +0100 |
commit | 41da54ce14d2d43a5ce9738bd80b73355fa26180 (patch) | |
tree | e1b43369e9ab358d95dfcf49688fe8b207cdf002 /usr/local | |
parent | ee65c642df6466ed59c332d448a4804690ce55c1 (diff) | |
download | pfsense-41da54ce14d2d43a5ce9738bd80b73355fa26180.zip pfsense-41da54ce14d2d43a5ce9738bd80b73355fa26180.tar.gz |
Fixes #4353 Identify when strongswan.conf needs a reload and restart ipsec service.
Diffstat (limited to 'usr/local')
-rw-r--r-- | usr/local/www/vpn_ipsec_mobile.php | 5 | ||||
-rw-r--r-- | usr/local/www/vpn_ipsec_settings.php | 28 |
2 files changed, 23 insertions, 10 deletions
diff --git a/usr/local/www/vpn_ipsec_mobile.php b/usr/local/www/vpn_ipsec_mobile.php index ac32a87..98072d8 100644 --- a/usr/local/www/vpn_ipsec_mobile.php +++ b/usr/local/www/vpn_ipsec_mobile.php @@ -112,7 +112,8 @@ if ($_POST['create']) { if ($_POST['apply']) { $retval = 0; - $retval = vpn_ipsec_configure(); + /* NOTE: #4353 Always restart ipsec when mobile clients settings change */ + $retval = vpn_ipsec_configure(true); $savemsg = get_std_save_message($retval); if ($retval >= 0) if (is_subsystem_dirty('ipsec')) @@ -227,8 +228,6 @@ if ($_POST['submit']) { if ($pconfig['login_banner_enable']) $client['login_banner'] = $pconfig['login_banner']; -// $echo "login banner = {$pconfig['login_banner']}"; - $a_client = $client; write_config(); diff --git a/usr/local/www/vpn_ipsec_settings.php b/usr/local/www/vpn_ipsec_settings.php index 9de5a26..fa9ae0b 100644 --- a/usr/local/www/vpn_ipsec_settings.php +++ b/usr/local/www/vpn_ipsec_settings.php @@ -130,20 +130,34 @@ if ($_POST) { } } - if($_POST['compression'] == "yes") + $needsrestart = false; + + if($_POST['compression'] == "yes") { + if (!isset($config['ipsec']['compression'])) + $needsrestart = true; $config['ipsec']['compression'] = true; - elseif (isset($config['ipsec']['compression'])) + } elseif (isset($config['ipsec']['compression'])) { + $needsrestart = true; unset($config['ipsec']['compression']); + } - if($_POST['unityplugin'] == "yes") + if($_POST['unityplugin'] == "yes") { + if (!isset($config['ipsec']['unityplugin'])) + $needsrestart = true; $config['ipsec']['unityplugin'] = true; - elseif (isset($config['ipsec']['unityplugin'])) + } elseif (isset($config['ipsec']['unityplugin'])) { + $needsrestart = true; unset($config['ipsec']['unityplugin']); + } - if($_POST['acceptunencryptedmainmode'] == "yes") + if($_POST['acceptunencryptedmainmode'] == "yes") { + if (!isset($config['ipsec']['acceptunencryptedmainmode'])) + $needsrestart = true; $config['ipsec']['acceptunencryptedmainmode'] = true; - elseif (isset($config['ipsec']['acceptunencryptedmainmode'])) + } elseif (isset($config['ipsec']['acceptunencryptedmainmode'])) { + $needsrestart = true; unset($config['ipsec']['acceptunencryptedmainmode']); + } if($_POST['maxmss_enable'] == "yes") { $config['system']['maxmss_enable'] = true; @@ -163,7 +177,7 @@ if ($_POST) { $savemsg = gettext($retval); vpn_ipsec_configure_preferoldsa(); - vpn_ipsec_configure(); + vpn_ipsec_configure($needsrestart); vpn_ipsec_configure_loglevels(); // header("Location: vpn_ipsec_settings.php"); |