1 files changed, 19 insertions, 3 deletions

diff --git a/usr/local/www/diag_ipsec.php b/usr/local/www/diag_ipsec.php
index 391e29b..e6347c5 100644
--- a/usr/local/www/diag_ipsec.php
+++ b/usr/local/www/diag_ipsec.php
@@ -55,8 +55,20 @@ require("ipsec.inc");
 
 if ($_GET['act'] == 'connect') {
 	if (ctype_digit($_GET['ikeid'])) {
-		mwexec("/usr/local/sbin/ipsec down con" . escapeshellarg($_GET['ikeid']));
-		mwexec("/usr/local/sbin/ipsec up con" . escapeshellarg($_GET['ikeid']));
+		$ph1ent = ipsec_get_phase1($_GET['ikeid']);
+		if (!empty($ph1ent)) {
+			if ($ph1ent['iketype'] == 'ikev1') {
+				$ph2entries = ipsec_get_number_of_phase2($_GET['ikeid']);
+				for ($i = 0; $i < $ph2entries; $i++) {
+					$connid = escapeshellarg("con{$_GET['ikeid']}00{$i}");
+					mwexec("/usr/local/sbin/ipsec down {$connid}");
+					mwexec("/usr/local/sbin/ipsec up {$connid}");
+				}
+			} else {
+				mwexec("/usr/local/sbin/ipsec down con" . escapeshellarg($_GET['ikeid']));
+				mwexec("/usr/local/sbin/ipsec up con" . escapeshellarg($_GET['ikeid']));
+			}
+		}
 	}
 } else if ($_GET['act'] == 'ikedisconnect') {
 	if (ctype_digit($_GET['ikeid'])) {
@@ -122,7 +134,11 @@ $status = ipsec_smp_dump_status();
 	if (is_array($status['query']) && is_array($status['query']['ikesalist']) && is_array($status['query']['ikesalist']['ikesa'])):
 		foreach ($status['query']['ikesalist']['ikesa'] as $ikeid => $ikesa):
 			$con_id = substr($ikesa['peerconfig'], 3);
-			$ipsecconnected[$con_id] = $con_id;
+			if ($ikesa['version'] == 1) {
+				$ph1idx = substr($con_id, 0, strrpos(substr($con_id, 0, -1), '00'));
+				$ipsecconnected[$ph1idx] = $ph1idx;
+			} else
+				$ipsecconnected[$con_id] = $con_id;
 
 			if (ipsec_phase1_status($status['query']['ikesalist']['ikesa'], $ikesa['id']))
 				$icon = "pass";