.
*
* Parts of this code originally based on vpn_ipsec_sad.php from m0n0wall,
* Copyright (C) 2003-2004 Manuel Kasper (BSD 2 clause)
*
* Redistribution and use in source and binary forms, with or without modification,
* are permitted provided that the following conditions are met:
*
* 1. Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgment:
* "This product includes software developed by the pfSense Project
* for use in the pfSense® software distribution. (http://www.pfsense.org/).
*
* 4. The names "pfSense" and "pfSense Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* coreteam@pfsense.org.
*
* 5. Products derived from this software may not be called "pfSense"
* nor may "pfSense" appear in their names without prior written
* permission of the Electric Sheep Fencing, LLC.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
*
* "This product includes software developed by the pfSense Project
* for use in the pfSense software distribution (http://www.pfsense.org/).
*
* THIS SOFTWARE IS PROVIDED BY THE pfSense PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE pfSense PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
* ====================================================================
*
*/
/*
pfSense_MODULE: ipsec
*/
##|+PRIV
##|*IDENT=page-status-ipsec
##|*NAME=Status: IPsec page
##|*DESCR=Allow access to the 'Status: IPsec' page.
##|*MATCH=diag_ipsec.php*
##|-PRIV
global $g;
$pgtitle = array(gettext("Status"),gettext("IPsec"));
$shortcut_section = "ipsec";
require("guiconfig.inc");
include("head.inc");
require("ipsec.inc");
if ($_GET['act'] == 'connect') {
if (ctype_digit($_GET['ikeid'])) {
$ph1ent = ipsec_get_phase1($_GET['ikeid']);
if (!empty($ph1ent)) {
if (empty($ph1ent['iketype']) || $ph1ent['iketype'] == 'ikev1') {
$ph2entries = ipsec_get_number_of_phase2($_GET['ikeid']);
for ($i = 0; $i < $ph2entries; $i++) {
$connid = escapeshellarg("con{$_GET['ikeid']}00{$i}");
mwexec("/usr/local/sbin/ipsec down {$connid}");
mwexec("/usr/local/sbin/ipsec up {$connid}");
}
} else {
mwexec("/usr/local/sbin/ipsec down con" . escapeshellarg($_GET['ikeid']));
mwexec("/usr/local/sbin/ipsec up con" . escapeshellarg($_GET['ikeid']));
}
}
}
} else if ($_GET['act'] == 'ikedisconnect') {
if (ctype_digit($_GET['ikeid'])) {
if (!empty($_GET['ikesaid']) && ctype_digit($_GET['ikesaid']))
mwexec("/usr/local/sbin/ipsec down con" . escapeshellarg($_GET['ikeid']) . "[" . escapeshellarg($_GET['ikesaid']) . "]");
else
mwexec("/usr/local/sbin/ipsec down con" . escapeshellarg($_GET['ikeid']));
}
} else if ($_GET['act'] == 'childdisconnect') {
if (ctype_digit($_GET['ikeid'])) {
if (!empty($_GET['ikesaid']) && ctype_digit($_GET['ikesaid']))
mwexec("/usr/local/sbin/ipsec down con" . escapeshellarg($_GET['ikeid']) . "{" . escapeshellarg($_GET['ikesaid']) . "}");
}
}
if (!is_array($config['ipsec']['phase1']))
$config['ipsec']['phase1'] = array();
$a_phase1 = &$config['ipsec']['phase1'];
$status = ipsec_list_sa();
?>
">
here.