= 0) { if (is_subsystem_dirty('ipsec')) { clear_subsystem_dirty('ipsec'); } } } else if (isset($_POST['del'])) { /* delete selected p1 entries */ if (is_array($_POST['p1entry']) && count($_POST['p1entry'])) { foreach ($_POST['p1entry'] as $p1entrydel) { unset($a_phase1[$p1entrydel]); } if (write_config()) { mark_subsystem_dirty('ipsec'); } } } else if (isset($_POST['delp2'])) { /* delete selected p2 entries */ if (is_array($_POST['p2entry']) && count($_POST['p2entry'])) { foreach ($_POST['p2entry'] as $p2entrydel) { unset($a_phase2[$p2entrydel]); } if (write_config()) { mark_subsystem_dirty('ipsec'); } } } else { /* yuck - IE won't send value attributes for image buttons, while Mozilla does - so we use .x/.y to find move button clicks instead... */ // TODO: this. is. nasty. unset($delbtn, $delbtnp2, $movebtn, $movebtnp2, $togglebtn, $togglebtnp2); foreach ($_POST as $pn => $pd) { if (preg_match("/del_(\d+)/", $pn, $matches)) { $delbtn = $matches[1]; } else if (preg_match("/delp2_(\d+)/", $pn, $matches)) { $delbtnp2 = $matches[1]; } else if (preg_match("/move_(\d+)/", $pn, $matches)) { $movebtn = $matches[1]; } else if (preg_match("/movep2_(\d+)/", $pn, $matches)) { $movebtnp2 = $matches[1]; } else if (preg_match("/toggle_(\d+)/", $pn, $matches)) { $togglebtn = $matches[1]; } else if (preg_match("/togglep2_(\d+)/", $pn, $matches)) { $togglebtnp2 = $matches[1]; } } $save = 1; /* move selected p1 entries before this */ if (isset($movebtn) && is_array($_POST['p1entry']) && count($_POST['p1entry'])) { $a_phase1_new = array(); /* copy all p1 entries < $movebtn and not selected */ for ($i = 0; $i < $movebtn; $i++) { if (!in_array($i, $_POST['p1entry'])) { $a_phase1_new[] = $a_phase1[$i]; } } /* copy all selected p1 entries */ for ($i = 0; $i < count($a_phase1); $i++) { if ($i == $movebtn) { continue; } if (in_array($i, $_POST['p1entry'])) { $a_phase1_new[] = $a_phase1[$i]; } } /* copy $movebtn p1 entry */ if ($movebtn < count($a_phase1)) { $a_phase1_new[] = $a_phase1[$movebtn]; } /* copy all p1 entries > $movebtn and not selected */ for ($i = $movebtn+1; $i < count($a_phase1); $i++) { if (!in_array($i, $_POST['p1entry'])) { $a_phase1_new[] = $a_phase1[$i]; } } if (count($a_phase1_new) > 0) { $a_phase1 = $a_phase1_new; } } else if (isset($movebtnp2) && is_array($_POST['p2entry']) && count($_POST['p2entry'])) { /* move selected p2 entries before this */ $a_phase2_new = array(); /* copy all p2 entries < $movebtnp2 and not selected */ for ($i = 0; $i < $movebtnp2; $i++) { if (!in_array($i, $_POST['p2entry'])) { $a_phase2_new[] = $a_phase2[$i]; } } /* copy all selected p2 entries */ for ($i = 0; $i < count($a_phase2); $i++) { if ($i == $movebtnp2) { continue; } if (in_array($i, $_POST['p2entry'])) { $a_phase2_new[] = $a_phase2[$i]; } } /* copy $movebtnp2 p2 entry */ if ($movebtnp2 < count($a_phase2)) { $a_phase2_new[] = $a_phase2[$movebtnp2]; } /* copy all p2 entries > $movebtnp2 and not selected */ for ($i = $movebtnp2+1; $i < count($a_phase2); $i++) { if (!in_array($i, $_POST['p2entry'])) { $a_phase2_new[] = $a_phase2[$i]; } } if (count($a_phase2_new) > 0) { $a_phase2 = $a_phase2_new; } } else if (isset($togglebtn)) { if (isset($a_phase1[$togglebtn]['disabled'])) { unset($a_phase1[$togglebtn]['disabled']); } else { $a_phase1[$togglebtn]['disabled'] = true; } } else if (isset($togglebtnp2)) { if (isset($a_phase2[$togglebtnp2]['disabled'])) { unset($a_phase2[$togglebtnp2]['disabled']); } else { $a_phase2[$togglebtnp2]['disabled'] = true; } } else if (isset($delbtn)) { /* remove static route if interface is not WAN */ if ($a_phase1[$delbtn]['interface'] <> "wan") { mwexec("/sbin/route delete -host {$a_phase1[$delbtn]['remote-gateway']}"); } /* remove all phase2 entries that match the ikeid */ $ikeid = $a_phase1[$delbtn]['ikeid']; foreach ($a_phase2 as $p2index => $ph2tmp) { if ($ph2tmp['ikeid'] == $ikeid) { unset($a_phase2[$p2index]); } } unset($a_phase1[$delbtn]); } else if (isset($delbtnp2)) { unset($a_phase2[$delbtnp2]); } else { $save = 0; } if ($save === 1) { if (write_config()) { mark_subsystem_dirty('ipsec'); } } } } $pgtitle = array(gettext("VPN"), gettext("IPsec"), gettext("Tunnels")); $shortcut_section = "ipsec"; include("head.inc"); $tab_array = array(); $tab_array[] = array(gettext("Tunnels"), true, "vpn_ipsec.php"); $tab_array[] = array(gettext("Mobile Clients"), false, "vpn_ipsec_mobile.php"); $tab_array[] = array(gettext("Pre-Shared Keys"), false, "vpn_ipsec_keys.php"); $tab_array[] = array(gettext("Advanced Settings"), false, "vpn_ipsec_settings.php"); display_top_tabs($tab_array); if ($savemsg) { print_info_box($savemsg, 'success'); } if (is_subsystem_dirty('ipsec')) { print_apply_box(gettext("The IPsec tunnel configuration has been changed.") . "
" . gettext("You must apply the changes in order for them to take effect.")); } ?>

   
"> $address) { $iflabels[$vip] = $address; if (get_vip_descr($address)) { $iflabels[$vip] .= " (". get_vip_descr($address) .")"; } } $grouplist = return_gateway_groups_array(); foreach ($grouplist as $name => $group) { if ($group[0]['vip'] != "") { $vipif = $group[0]['vip']; } else { $vipif = $group[0]['int']; } $iflabels[$name] = "GW Group {$name}"; } $if = htmlspecialchars($iflabels[$ph1ent['interface']]); } else { $if = "WAN"; } if (!isset($ph1ent['mobile'])) { echo $if."
".$ph1ent['remote-gateway']; } else { echo $if."
" . gettext("Mobile Client") . ""; } ?>
"> ">
> -
> $ph2ent): ?>
   
$ph2ea) { if ($k) { echo ", "; } echo $p2_ealgos[$ph2ea['name']]['name']; if ($ph2ea['keylen']) { if ($ph2ea['keylen'] == "auto") { echo " (" . gettext("auto") . ")"; } else { echo " ({$ph2ea['keylen']} " . gettext("bits") . ")"; } } } ?> $ph2ha) { if ($k) { echo ", "; } echo $p2_halgos[$ph2ha]; } } ?> "> ">
">
', gettext("Status:IPsec"), '') . '
' . sprintf(gettext("IPsec debug mode can be enabled at %s%s%s."), '', gettext("VPN:IPsec:Advanced Settings"), '') . '
' . sprintf(gettext("IPsec can be set to prefer older SAs at %s%s%s."), '', gettext("VPN:IPsec:Advanced Settings"), ''), 'info', false); ?>