usr/local/pkg/sasyncd.xml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70

<?xml version="1.0" encoding="utf-8" ?>
<packagegui>
	<name>sasyncd</name>
	<version>0.1.0</version>
	<title>Services: VPN Failover</title>
	<!-- configpath gets expanded out automatically and config items will be
         stored in that location -->
	<configpath>['ipsec']['failover']</configpath>
	<aftersaveredirect>pkg_edit.php?xml=sasyncd.xml&amp;id=0</aftersaveredirect>
	<!-- Menu is where this packages menu will appear -->
	<menu>
	    <name>VPN failover</name>
	    <tooltiptext>The sasyncd daemon synchronizes IPSec SA and SPD information between a number of failover IPsec gateways.  The most typical scenario is to run sasyncd on hosts also running isakmpd and sharing a common IP-address using carp.</tooltiptext>
	    <section>Services</section>
	    <configfile>sasyncd.xml</configfile>
	</menu>
	<adddeleteeditpagefields>
	    <columnitem>
		    <fielddescr>Interface</fielddescr>
		    <fieldname>interface</fieldname>
	    </columnitem>
	    <columnitem>
		    <fielddescr>Peer IP</fielddescr>
		    <fieldname>peerip</fieldname>
	    </columnitem>
	</adddeleteeditpagefields>
	<tabs>
	    <tab>
		<text>Tunnels</text>
		<url>vpn_ipsec.php</url>
	    </tab>
	    <tab>
		<text>Mobile clients</text>
		<url>vpn_ipsec_mobile.php</url>
	    </tab>
	    <tab>
		<text>Pre-shared keys</text>
		<url>vpn_ipsec_keys.php</url>
	    </tab>
	    <tab>
		<text>CAs</text>
		<url>vpn_ipsec_ca.php</url>
	    </tab>
	    <tab>
		<text>Failover IPsec</text>
		<url>/pkg_edit.php?xml=sasyncd.xml&amp;id=0</url>
		<active/>
	    </tab>
	</tabs>	
	<!-- fields gets invoked when the user adds or edits a item.   the following items
         will be parsed and rendered for the user as a gui with input, and selectboxes. -->
	<fields>
		<field>
			<fielddescr>Failover IP</fielddescr>
			<fieldname>ip</fieldname>
			<description>Enter the IP address you would like to use for failover.  HINT:  You normally want to use a public CARP ip.</description>
			<type>input</type>
		</field>
	</fields>
	<custom_add_php_command>
		/* automatically turn on prefer old sa's until sasyncd is finished being ported */
		if($_POST['ip'] != "") 
			$config['ipsec']['preferoldsa'] = true;
	</custom_add_php_command>
	<custom_add_php_command_late>
	    /* resync vpn settings */
	    mwexec("/usr/bin/killall racoon");
	    vpn_ipsec_configure();
	</custom_add_php_command_late>
</packagegui>