summaryrefslogtreecommitdiffstats
path: root/src/usr/local
diff options
context:
space:
mode:
Diffstat (limited to 'src/usr/local')
-rw-r--r--src/usr/local/www/vpn_ipsec_phase1.php43
1 files changed, 28 insertions, 15 deletions
diff --git a/src/usr/local/www/vpn_ipsec_phase1.php b/src/usr/local/www/vpn_ipsec_phase1.php
index e05845e..300ebce 100644
--- a/src/usr/local/www/vpn_ipsec_phase1.php
+++ b/src/usr/local/www/vpn_ipsec_phase1.php
@@ -96,7 +96,6 @@ if (isset($p1index) && $a_phase1[$p1index]) {
$pconfig['dhgroup'] = $a_phase1[$p1index]['dhgroup'];
$pconfig['lifetime'] = $a_phase1[$p1index]['lifetime'];
$pconfig['authentication_method'] = $a_phase1[$p1index]['authentication_method'];
- $pconfig['rekeymargin'] = $a_phase1[$p1index]['rekeymargin'];
if (($pconfig['authentication_method'] == "pre_shared_key") ||
($pconfig['authentication_method'] == "xauth_psk_server")) {
@@ -113,8 +112,9 @@ if (isset($p1index) && $a_phase1[$p1index]) {
if (isset($a_phase1[$p1index]['reauth_enable'])) {
$pconfig['reauth_enable'] = true;
}
- if (isset($a_phase1[$p1index]['rekey_enable'])) {
+ if ($a_phase1[$p1index]['margintime']) {
$pconfig['rekey_enable'] = true;
+ $pconfig['margintime'] = $a_phase1[$p1index]['margintime'];
}
if (isset($a_phase1[$p1index]['responderonly'])) {
$pconfig['responderonly'] = true;
@@ -152,11 +152,11 @@ if (isset($p1index) && $a_phase1[$p1index]) {
$pconfig['halgo'] = "sha1";
$pconfig['dhgroup'] = "2";
$pconfig['lifetime'] = "28800";
+ $pconfig['rekey_enable'] = true;
$pconfig['nat_traversal'] = 'on';
$pconfig['mobike'] = 'off';
$pconfig['dpd_enable'] = true;
$pconfig['iketype'] = "ikev1";
- $pconfig['rekeymargin'] = "540";
/* mobile client */
if ($_REQUEST['mobile']) {
@@ -240,8 +240,8 @@ if ($_POST['save']) {
$input_errors[] = gettext("The P1 lifetime must be an integer.");
}
- if (($pconfig['rekeymargin'] && !is_numericint($pconfig['rekeymargin']))) {
- $input_errors[] = gettext("Rekey Margin must be an integer.");
+ if (($pconfig['margintime'] && !is_numericint($pconfig['margintime']))) {
+ $input_errors[] = gettext("The margintime must be an integer.");
}
if ($pconfig['remotegw']) {
@@ -458,7 +458,6 @@ if ($_POST['save']) {
$ph1ent['hash-algorithm'] = $pconfig['halgo'];
$ph1ent['dhgroup'] = $pconfig['dhgroup'];
$ph1ent['lifetime'] = $pconfig['lifetime'];
- $ph1ent['rekeymargin'] = $pconfig['rekeymargin'];
$ph1ent['pre-shared-key'] = $pconfig['pskey'];
$ph1ent['private-key'] = base64_encode($pconfig['privatekey']);
$ph1ent['certref'] = $pconfig['certref'];
@@ -474,9 +473,7 @@ if ($_POST['save']) {
unset($ph1ent['reauth_enable']);
}
if (isset($pconfig['rekey_enable'])) {
- $ph1ent['rekey_enable'] = true;
- } else {
- unset($ph1ent['rekey_enable']);
+ $ph1ent['margintime'] = $pconfig['margintime'];
}
if (isset($pconfig['responderonly'])) {
@@ -832,17 +829,17 @@ $section = new Form_Section('Advanced Options');
$section->addInput(new Form_Checkbox(
'rekey_enable',
- 'Disable rekey',
- 'Disables renegotiation when a connection is about to expire.',
+ 'Enable rekey',
+ 'Enables renegotiation when a connection is about to expire.',
$pconfig['rekey_enable']
));
$section->addInput(new Form_Input(
- 'rekeymargin',
- '*Rekey Margin (Seconds)',
+ 'margintime',
+ 'Margintime (Seconds)',
'number',
- $pconfig['rekeymargin']
-));
+ $pconfig['margintime']
+))->setHelp('How long before connection expiry or keying-channel expiry should attempt to negotiate a replacement begin.');
$section->addInput(new Form_Checkbox(
'reauth_enable',
@@ -1081,6 +1078,16 @@ events.push(function() {
}
}
+ function rekeychkbox_change() {
+ hide = !$('#rekey_enable').prop('checked');
+
+ hideInput('margintime', hide);
+
+ if (!$('#margintime').val()) {
+ $('#margintime').val('540')
+ }
+ }
+
function dpdchkbox_change() {
hide = !$('#dpd_enable').prop('checked');
@@ -1104,6 +1111,11 @@ events.push(function() {
// ---------- Monitor elements for change and call the appropriate display functions ----------
+ // Enable Rekey
+ $('#rekey_enable').click(function () {
+ rekeychkbox_change();
+ });
+
// Enable DPD
$('#dpd_enable').click(function () {
dpdchkbox_change();
@@ -1145,6 +1157,7 @@ events.push(function() {
iketype_change();
methodsel_change();
ealgosel_change(<?=$keyset?>);
+ rekeychkbox_change();
dpdchkbox_change();
// ---------- On initial page load ------------------------------------------------------------
OpenPOWER on IntegriCloud