From cf7d105744dea484fee42e42b01a881ffd8bc87f Mon Sep 17 00:00:00 2001 From: Scott Ullrich Date: Tue, 29 May 2007 20:46:26 +0000 Subject: Add diag IPSEC screen. --- usr/local/www/diag_ipsec.php | 191 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 191 insertions(+) create mode 100644 usr/local/www/diag_ipsec.php (limited to 'usr/local/www/diag_ipsec.php') diff --git a/usr/local/www/diag_ipsec.php b/usr/local/www/diag_ipsec.php new file mode 100644 index 0000000..80e80a5 --- /dev/null +++ b/usr/local/www/diag_ipsec.php @@ -0,0 +1,191 @@ + + +"> + +

+ + + + + + + +

+ +

+ + + + + + + + + + + + + + + + + + + + + + +

Source	Destination	Status

+ + No IPsec security associations. + +
+ + + + + Note: + + + You can configure your IPSEC + here. + + +

+ +

+ + + + + + 'LAN', 'wan' => 'WAN'); + $carpips = find_number_of_needed_carp_interfaces(); + for($j=0; $j<$carpips; $j++) { + $interfaceip = find_interface_ip("carp" . $j); + $iflabels['carp' . $j] = $interfaceip; + } + for ($j = 1; isset($config['interfaces']['opt' . $j]); $j++) { + $realinterface = convert_friendly_interface_to_real_interface_name('opt' . $j); + $iflabels['opt' . $j] = find_interface_ip($realinterface); + } + $interfaceip = $iflabels[$tunnel['interface']]; + } else { + $realinterface = convert_friendly_interface_to_real_interface_name($if); + $interfaceip = find_interface_ip($realinterface); + } + return $interfaceip; +} + +function output_ipsec_tunnel_status($tunnel) { + global $g, $config, $sad; + $if = "WAN"; + $interfaceip = get_ipsec_tunnel_src($tunnel); + echo $interfaceip; + $foundsrc = false; + $founddst = false; + foreach($sad as $sa) { + if($sa['src'] == $interfaceip) + $foundsrc = true; + if($sa['dst'] == $tunnel['remote-gateway']) + $founddst = true; + } + if($foundsrc && $founddst) { + /* tunnel is up */ + $iconfn = "pass"; + } else { + /* tunnel is down */ + $iconfn = "reject"; + } + echo "

"; +} + +?> \ No newline at end of file -- cgit v1.1