vpn_ipsec.php 21.3 KB
Newer Older
Ad Schellevis's avatar
Ad Schellevis committed
1 2
<?php
/*
3
	Copyright (C) 2014-2015 Deciso B.V.
Ad Schellevis's avatar
Ad Schellevis committed
4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28
	Copyright (C) 2003-2005 Manuel Kasper <mk@neon1.net>.
	Copyright (C) 2008 Shrew Soft Inc
	All rights reserved.

	Redistribution and use in source and binary forms, with or without
	modification, are permitted provided that the following conditions are met:

	1. Redistributions of source code must retain the above copyright notice,
	   this list of conditions and the following disclaimer.

	2. Redistributions in binary form must reproduce the above copyright
	   notice, this list of conditions and the following disclaimer in the
	   documentation and/or other materials provided with the distribution.

	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
	POSSIBILITY OF SUCH DAMAGE.
*/
29
require_once("guiconfig.inc");
Ad Schellevis's avatar
Ad Schellevis committed
30 31
require_once("filter.inc");
require_once("vpn.inc");
32
require_once("services.inc");
33
require_once("pfsense-utils.inc");
34
require_once("interfaces.inc");
Ad Schellevis's avatar
Ad Schellevis committed
35

36
if (!isset($config['ipsec']) || !is_array($config['ipsec'])) {
37
    $config['ipsec'] = array();
38
}
39
if (!isset($config['ipsec']['phase1'])) {
40
    $config['ipsec']['phase1'] = array();
41
}
42
if (!isset($config['ipsec']['phase2'])) {
43
    $config['ipsec']['phase2'] = array();
44
}
Ad Schellevis's avatar
Ad Schellevis committed
45

46
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
47 48 49 50 51 52 53 54 55 56 57
    $a_phase1 = &$config['ipsec']['phase1'];
    $a_phase2 = &$config['ipsec']['phase2'];
    if (isset($_POST['apply'])) {
        $retval = vpn_ipsec_configure();
        /* reload the filter in the background */
        filter_configure();
        $savemsg = get_std_save_message();
        if ($retval >= 0) {
            if (is_subsystem_dirty('ipsec')) {
                clear_subsystem_dirty('ipsec');
            }
58
        }
59 60 61 62 63 64 65 66 67 68 69 70 71 72
    } elseif (isset($_POST['submit'])) {
        $config['ipsec']['enable'] = !empty($_POST['enable']) ? true : false;
        write_config();
        vpn_ipsec_configure();
        header("Location: vpn_ipsec.php");
        exit;
    } elseif (isset($_POST['del_x'])) {
        /* delete selected p1 entries */
        if (isset($_POST['p1entry']) && count($_POST['p1entry'])) {
            foreach ($_POST['p1entry'] as $p1entrydel) {
                unset($config['ipsec']['phase1'][$p1entrydel]);
            }
            if (write_config()) {
                mark_subsystem_dirty('ipsec');
73
            }
74 75
            header("Location: vpn_ipsec.php");
            exit;
76
        }
77 78 79 80 81
    } elseif (isset($_POST['delp2_x'])) {
        /* delete selected p2 entries */
        if (isset($_POST['p2entry']) && count($_POST['p2entry'])) {
            foreach ($_POST['p2entry'] as $p2entrydel) {
                unset($config['ipsec']['phase2'][$p2entrydel]);
82
            }
83 84
            if (write_config()) {
                mark_subsystem_dirty('ipsec');
85
            }
86 87
            header("Location: vpn_ipsec.php");
            exit;
88
        }
89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108
    } else {
      // move, delete, toggle items by id.
      //
      /* yuck - IE won't send value attributes for image buttons,
      while Mozilla does - so we use .x/.y to find move button clicks instead... */
        unset($delbtn, $delbtnp2, $movebtn, $movebtnp2, $togglebtn, $togglebtnp2);
        foreach ($_POST as $pn => $pd) {
            if (preg_match("/del_(\d+)_x/", $pn, $matches)) {
                $delbtn = $matches[1];
            } elseif (preg_match("/delp2_(\d+)_x/", $pn, $matches)) {
                $delbtnp2 = $matches[1];
            } elseif (preg_match("/move_(\d+)_x/", $pn, $matches)) {
                $movebtn = $matches[1];
            } elseif (preg_match("/movep2_(\d+)_x/", $pn, $matches)) {
                $movebtnp2 = $matches[1];
            } elseif (preg_match("/toggle_(\d+)_x/", $pn, $matches)) {
                $togglebtn = $matches[1];
            } elseif (preg_match("/togglep2_(\d+)_x/", $pn, $matches)) {
                $togglebtnp2 = $matches[1];
            }
109
        }
110
        $save = 1;
111

112 113 114 115 116 117 118 119 120
      /* move selected p1 entries before this */
        if (isset($movebtn) && isset($_POST['p1entry']) && count($_POST['p1entry'])) {
            $a_phase1_new = array();

            /* copy all p1 entries < $movebtn and not selected */
            for ($i = 0; $i < $movebtn; $i++) {
                if (!in_array($i, $_POST['p1entry'])) {
                    $a_phase1_new[] = $a_phase1[$i];
                }
121 122
            }

123 124 125 126 127 128 129 130 131
            /* copy all selected p1 entries */
            for ($i = 0; $i < count($a_phase1); $i++) {
                if ($i == $movebtn) {
                    continue;
                }
                if (in_array($i, $_POST['p1entry'])) {
                    $a_phase1_new[] = $a_phase1[$i];
                }
            }
132

133 134 135
            /* copy $movebtn p1 entry */
            if ($movebtn < count($a_phase1)) {
                $a_phase1_new[] = $a_phase1[$movebtn];
136 137
            }

138 139 140 141 142
            /* copy all p1 entries > $movebtn and not selected */
            for ($i = $movebtn+1; $i < count($a_phase1); $i++) {
                if (!in_array($i, $_POST['p1entry'])) {
                    $a_phase1_new[] = $a_phase1[$i];
                }
143
            }
144 145
            if (count($a_phase1_new) > 0) {
                $a_phase1 = $a_phase1_new;
146 147
            }

148 149 150
        } elseif (isset($movebtnp2) && isset($_POST['p2entry']) && count($_POST['p2entry'])) {
            /* move selected p2 entries before this */
            $a_phase2_new = array();
151

152 153 154 155 156
            /* copy all p2 entries < $movebtnp2 and not selected */
            for ($i = 0; $i < $movebtnp2; $i++) {
                if (!in_array($i, $_POST['p2entry'])) {
                    $a_phase2_new[] = $a_phase2[$i];
                }
157 158
            }

159 160 161 162 163 164 165 166 167
            /* copy all selected p2 entries */
            for ($i = 0; $i < count($a_phase2); $i++) {
                if ($i == $movebtnp2) {
                    continue;
                }
                if (in_array($i, $_POST['p2entry'])) {
                    $a_phase2_new[] = $a_phase2[$i];
                }
            }
168

169 170 171 172
            /* copy $movebtnp2 p2 entry */
            if ($movebtnp2 < count($a_phase2)) {
                $a_phase2_new[] = $a_phase2[$movebtnp2];
            }
173

174 175 176 177 178 179 180 181 182
            /* copy all p2 entries > $movebtnp2 and not selected */
            for ($i = $movebtnp2+1; $i < count($a_phase2); $i++) {
                if (!in_array($i, $_POST['p2entry'])) {
                    $a_phase2_new[] = $a_phase2[$i];
                }
            }
            if (count($a_phase2_new) > 0) {
                $a_phase2 = $a_phase2_new;
            }
183

184 185 186 187 188
        } elseif (isset($togglebtn)) {
            if (isset($a_phase1[$togglebtn]['disabled'])) {
                unset($a_phase1[$togglebtn]['disabled']);
            } else {
                $a_phase1[$togglebtn]['disabled'] = true;
189 190
            }

191 192 193 194 195 196
        } elseif (isset($togglebtnp2)) {
            if (isset($a_phase2[$togglebtnp2]['disabled'])) {
                unset($a_phase2[$togglebtnp2]['disabled']);
            } else {
                $a_phase2[$togglebtnp2]['disabled'] = true;
            }
197

198 199 200 201 202
        } elseif (isset($delbtn)) {
            /* remove static route if interface is not WAN */
            if ($a_phase1[$delbtn]['interface'] <> "wan") {
                mwexec("/sbin/route delete -host {$a_phase1[$delbtn]['remote-gateway']}");
            }
203

204 205 206 207 208 209 210
            /* remove all phase2 entries that match the ikeid */
            $ikeid = $a_phase1[$delbtn]['ikeid'];
            foreach ($a_phase2 as $p2index => $ph2tmp) {
                if ($ph2tmp['ikeid'] == $ikeid) {
                    unset($a_phase2[$p2index]);
                }
            }
211

212 213 214 215 216 217 218 219 220 221 222 223 224
            unset($a_phase1[$delbtn]);

        } elseif (isset($delbtnp2)) {
            unset($a_phase2[$delbtnp2]);

        } else {
            $save = 0;
        }

        if ($save === 1) {
            if (write_config()) {
                mark_subsystem_dirty('ipsec');
            }
225
        }
226 227
        header("Location: vpn_ipsec.php");
        exit;
228
    }
229

Ad Schellevis's avatar
Ad Schellevis committed
230 231
}

232 233 234 235 236
// form data
$pconfig = $config['ipsec'];
$pconfig['enable'] = isset($config['ipsec']['enable']);
legacy_html_escape_form_data($pconfig);

Ad Schellevis's avatar
Ad Schellevis committed
237 238 239 240 241 242 243
$pgtitle = array(gettext("VPN"),gettext("IPsec"));
$shortcut_section = "ipsec";

include("head.inc");

?>

244 245 246
<body>

<?php include("fbegin.inc"); ?>
247 248 249 250 251 252 253 254 255 256 257 258

<script type="text/javascript">
//<![CDATA[
function show_phase2(id, buttonid) {
	document.getElementById(buttonid).innerHTML='';
	document.getElementById(id).style.display = "block";
	var visible = id + '-visible';
	document.getElementById(visible).value = "1";
}
//]]>
</script>

Ad Schellevis's avatar
Ad Schellevis committed
259
<form action="vpn_ipsec.php" method="post">
260
	<section class="page-content-main">
261
		<div class="container-fluid">
262 263
			<div class="row">
				<?php
264
                if (isset($savemsg)) {
265 266 267 268 269 270
                    print_info_box($savemsg);
                }
                if ($pconfig['enable'] && is_subsystem_dirty('ipsec')) {
                    print_info_box_np(gettext("The IPsec tunnel configuration has been changed") . ".<br />" . gettext("You must apply the changes in order for them to take effect."));
                }
                ?>
271
			    <section class="col-xs-12">
272 273
<?        $active_tab = "/vpn_ipsec.php";
          include('vpn_ipsec_tabs.inc');
Ad Schellevis's avatar
Ad Schellevis committed
274
?>
275

276 277 278 279
					 <div class="tab-content content-box col-xs-12">
							<div class="table-responsive">
							  <table class="table table-striped">
                  <thead>
280 281 282 283 284 285 286 287 288 289 290 291
									<tr>
										<td>&nbsp;</td>
										<td>&nbsp;</td>
										<td><?=gettext("IKE"); ?></td>
										<td><?=gettext("Remote Gateway"); ?></td>
										<td><?=gettext("Mode"); ?></td>
										<td><?=gettext("P1 Protocol"); ?></td>
										<td><?=gettext("P1 Transforms"); ?></td>
										<td><?=gettext("P1 Description"); ?></td>
										<td>
										</td>
									</tr>
292 293
                  </thead>
                  <tbody>
Ad Schellevis's avatar
Ad Schellevis committed
294
<?php
295
                $i = 0;
296
foreach ($pconfig['phase1'] as $ph1ent) :
Ad Schellevis's avatar
Ad Schellevis committed
297
?>
298 299 300 301 302 303 304 305 306 307 308 309 310 311 312
  <tr id="fr<?=$i;
?>" ondblclick="document.location='vpn_ipsec_phase1.php?p1index=<?=$i;?>'">
    <td>
      <input type="checkbox" name="p1entry[]" value="<?=$i;?>"/>
    </td>
    <td>
      <button name="toggle_<?=$i;
?>_x" title="<?=gettext("click to toggle enabled/disabled status");?>" type="submit" class="btn btn-<?= isset($ph1ent['disabled'])? "default":"success"?> btn-xs">
        <span class="glyphicon glyphicon-play"></span>
      </button>
    </td>
    <td>
        <?=empty($ph1ent['iketype']) || $ph1ent['iketype'] == "ikev1"?"V1":"V2";?>
    </td>
    <td>
Ad Schellevis's avatar
Ad Schellevis committed
313
<?php
314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339
if (!empty($ph1ent['interface'])) {
    $iflabels = get_configured_interface_with_descr();

    $carplist = get_configured_carp_interface_list();
    foreach ($carplist as $cif => $carpip) {
        $iflabels[$cif] = $carpip." (".get_vip_descr($carpip).")";
    }

    $aliaslist = get_configured_ip_aliases_list();
    foreach ($aliaslist as $aliasip => $aliasif) {
        $iflabels[$aliasip] = $aliasip." (".get_vip_descr($aliasip).")";
    }

    $grouplist = return_gateway_groups_array();
    foreach ($grouplist as $name => $group) {
        if ($group[0]['vip'] <> "") {
            $vipif = $group[0]['vip'];
        } else {
            $vipif = $group[0]['int'];
        }
        $iflabels[$name] = "GW Group {$name}";
    }
    $if = $iflabels[$ph1ent['interface']];
} else {
    $if = "WAN";
}
Ad Schellevis's avatar
Ad Schellevis committed
340
?>
341 342 343 344 345 346 347 348
        <?=htmlspecialchars($if);?>
        <?=!isset($ph1ent['mobile'])?
        $ph1ent['remote-gateway']
        :
        "<strong>" . gettext("Mobile Client") . "</strong>";
        ?>
    </td>
    <td><?=$ph1ent['mode'];?></td>
349
                    <td>
350
                        <?=$p1_ealgos[$ph1ent['encryption-algorithm']['name']]['name'];?>
Ad Schellevis's avatar
Ad Schellevis committed
351
<?php
352 353 354 355 356 357 358
if (!empty($ph1ent['encryption-algorithm']['keylen'])) {
    if ($ph1ent['encryption-algorithm']['keylen']=="auto") {
        echo " (" . gettext("auto") . ")";
    } else {
        echo " ({$ph1ent['encryption-algorithm']['keylen']} " . gettext("bits") . ")";
    }
}
Ad Schellevis's avatar
Ad Schellevis committed
359
?>
360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382
    </td>
    <td>
        <?=$p1_halgos[$ph1ent['hash-algorithm']];?>
    </td>
    <td>
        <?=$ph1ent['descr'];?>&nbsp;
    </td>
    <td>
      <button name="move_<?=$i;
?>_x" title="<?=gettext("move selected entries before this");?>" type="submit" class="btn btn-default btn-xs">
          <span class="glyphicon glyphicon-arrow-left"></span>
      </button>
      <a href="vpn_ipsec_phase1.php?p1index=<?=$i;
?>" title="<?=gettext("edit phase1 entry"); ?>" class="btn btn-default btn-xs" alt="edit">
          <span class="glyphicon glyphicon-pencil"></span>
      </a><br/>
      <button name="del_<?=$i;?>_x"
          title="<?=gettext("delete phase1 entry");?>"
          type="submit"
          onclick="return confirm('<?=gettext("Do you really want to delete this phase1 and all associated phase2 entries?"); ?>')"
          class="btn btn-default btn-xs">
          <span class="glyphicon glyphicon-remove"></span>
      </button>
383
<?php                 if (!isset($ph1ent['mobile'])) :
Ad Schellevis's avatar
Ad Schellevis committed
384
?>
385 386
                      <a href="vpn_ipsec_phase1.php?dup=<?=$i;
?>" title="<?=gettext("copy phase1 entry"); ?>" class="btn btn-default btn-xs" alt="add">
387 388 389 390
                                      <span class="glyphicon glyphicon-plus"></span>
                      </a>
<?php                 endif;
?>
391 392 393 394
    </td>
  </tr>
  <tr>
    <td colspan="9">
Ad Schellevis's avatar
Ad Schellevis committed
395
<?php
396 397 398 399 400 401 402 403
    $phase2count=0;
foreach ($pconfig['phase2'] as $ph2ent) {
    if ($ph2ent['ikeid'] != $ph1ent['ikeid']) {
        continue;
    }
    $phase2count++;
}
    $fr_prefix = "frp2{$i}";
Ad Schellevis's avatar
Ad Schellevis committed
404
?>
405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425
      <div id="shph2but-<?=$i?>">
        <button class="btn btn-xs" type="button" onclick="show_phase2('tdph2-<?=$i?>','shph2but-<?=$i?>')">
          <i class="fa fa-plus"></i> <?php printf(gettext("Show %s Phase-2 entries"), $phase2count); ?>
        </button>
      </div>
      <div id="tdph2-<?=$i?>" style="display:none">
        <table class="table table-striped table-condensed">
          <thead>
            <tr>
              <td>&nbsp;</td>
              <td>&nbsp;</td>
              <td><?=gettext("Mode"); ?></td>
              <td><?=gettext("Local Subnet"); ?></td>
              <td><?=gettext("Remote Subnet"); ?></td>
              <td><?=gettext("P2 Protocol"); ?></td>
              <td><?=gettext("P2 Transforms"); ?></td>
              <td><?=gettext("P2 Auth Methods"); ?></td>
              <td class ="list">&nbsp;</td>
            </tr>
          </thead>
          <tbody>
Ad Schellevis's avatar
Ad Schellevis committed
426
<?php
427 428 429 430 431
          $j = 0;
foreach ($pconfig['phase2'] as $ph2index => $ph2ent) :
    if ($ph2ent['ikeid'] != $ph1ent['ikeid']) {
        continue;
    }
432

Ad Schellevis's avatar
Ad Schellevis committed
433
?>
434 435 436 437 438 439 440 441 442 443 444 445 446
  <tr id="<?=$fr_prefix . $j;
?>" ondblclick="document.location='vpn_ipsec_phase2.php?p2index=<?=$ph2ent['uniqid'];?>'">
    <td>
      <input type="checkbox" name="p2entry[]" value="<?=$ph2index;?>"/>
    </td>
    <td>
      <button name="togglep2_<?=$ph2index;
?>_x" title="<?=gettext("click to toggle enabled/disabled status");
?>" type="submit" class="btn btn-<?= isset($ph2ent['disabled'])?"default":"success";?> btn-xs">
        <span class="glyphicon glyphicon-play"></span>
      </button>
    </td>
    <td> <?=$ph2ent['mode'];?> </td>
Ad Schellevis's avatar
Ad Schellevis committed
447
<?php
448
if (($ph2ent['mode'] == "tunnel") || ($ph2ent['mode'] == "tunnel6")) :
Ad Schellevis's avatar
Ad Schellevis committed
449
?>
450 451 452 453 454 455 456
<td>
    <?=ipsec_idinfo_to_text($ph2ent['localid']); ?>
</td>
<td>
    <?=ipsec_idinfo_to_text($ph2ent['remoteid']); ?>
</td>
<?php                                                                         else :
457 458
?>                            <td>&nbsp;</td>
                              <td>&nbsp;</td>
Ad Schellevis's avatar
Ad Schellevis committed
459
<?php
460
endif;
Ad Schellevis's avatar
Ad Schellevis committed
461
?>
462 463
    <td><?=$p2_protos[$ph2ent['protocol']];?> </td>
    <td>
Ad Schellevis's avatar
Ad Schellevis committed
464
<?php
465 466 467 468 469 470 471 472 473 474 475 476 477
foreach ($ph2ent['encryption-algorithm-option'] as $k => $ph2ea) {
    if ($k > 0) {
        echo ", ";
    }
    echo $p2_ealgos[$ph2ea['name']]['name'];
    if (!empty($ph2ea['keylen'])) {
        if ($ph2ea['keylen']=="auto") {
            echo " (" . gettext("auto") . ")";
        } else {
            echo " ({$ph2ea['keylen']} " . gettext("bits") . ")";
        }
    }
}
Ad Schellevis's avatar
Ad Schellevis committed
478
?>
479 480
    </td>
    <td>
Ad Schellevis's avatar
Ad Schellevis committed
481
<?php
482 483 484 485 486 487 488 489
if (!empty($ph2ent['hash-algorithm-option']) && is_array($ph2ent['hash-algorithm-option'])) {
    foreach ($ph2ent['hash-algorithm-option'] as $k => $ph2ha) {
        if ($k) {
            echo ", ";
        }
        echo $p2_halgos[$ph2ha];
    }
}
Ad Schellevis's avatar
Ad Schellevis committed
490
?>
491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515
    </td>
    <td>
        <button name="movep2_<?=$j;?>_x"
            title="<?=gettext("move selected entries before this");?>"
            type="submit"
            class="btn btn-default btn-xs">
            <span class="glyphicon glyphicon-arrow-left"></span>
        </button>
        <a href="vpn_ipsec_phase2.php?p2index=<?=$ph2ent['uniqid'];
?>" title="<?=gettext("edit phase2 entry"); ?>" alt="edit" class="btn btn-default btn-xs">
          <span class="glyphicon glyphicon-pencil"></span>
        </a>
        <button name="delp2_<?=$ph2index;
?>_x" title="<?=gettext("delete phase2 entry");?>"
          type="submit"
          onclick="return confirm('<?=gettext("Do you really want to delete this phase2 entry?"); ?>')"
          class="btn btn-default btn-xs">
          <span class="glyphicon glyphicon-remove"><span>
        </button>
        <a href="vpn_ipsec_phase2.php?dup=<?=$ph2ent['uniqid'];
?>" title="<?=gettext("add a new Phase 2 based on this one"); ?>" alt="add" class="btn btn-default btn-xs">
          <span class="glyphicon glyphicon-plus"></span>
        </a>
    </td>
  </tr>
Ad Schellevis's avatar
Ad Schellevis committed
516
<?php
517 518
    $j++;
endforeach;
Ad Schellevis's avatar
Ad Schellevis committed
519
?>
520 521 522
            <tr>
              <td colspan="8"></td>
              <td>
523
<?php                           if ($j > 0) :
Ad Schellevis's avatar
Ad Schellevis committed
524
?>
525 526 527 528 529 530 531

                                <button name="movep2_<?=$j;?>_x" type="submit"
                                  title="<?=gettext("move selected phase2 entries to end");?>"
                                  class="btn btn-default btn-xs">
                                  <span class="glyphicon glyphicon-arrow-down"></span>
                                </button>
<?php                                 endif;
Ad Schellevis's avatar
Ad Schellevis committed
532
?>
533 534 535 536
                <a href="vpn_ipsec_phase2.php?ikeid=<?=$ph1ent['ikeid'];
?><?= isset($ph1ent['mobile'])?"&amp;mobile=true":"";?>" class="btn btn-default btn-xs">
                  <span title="<?=gettext("add phase2 entry"); ?>" alt="add" class="glyphicon glyphicon-plus"></span>
                </a>
537
<?php                                 if ($j > 0) :
Ad Schellevis's avatar
Ad Schellevis committed
538
?>
539 540 541 542 543 544
                                <button name="delp2_x" type="submit" title="<?=gettext("delete selected phase2 entries");?>"
                                  onclick="return confirm('<?=gettext("Do you really want to delete the selected phase2 entries?");?>')"
                                  class="btn btn-default btn-xs">
                                  <span class="glyphicon glyphicon-remove"></span>
                                </button>
<?php                                 endif;
545
?>
546 547 548 549 550 551 552
              </td>
            </tr>
          </tbody>
        </table>
      </div>
    </td>
  </tr>
Ad Schellevis's avatar
Ad Schellevis committed
553
<?php
554 555
  $i++;
endforeach;  // $a_phase1 as $ph1ent
Ad Schellevis's avatar
Ad Schellevis committed
556
?>
557 558 559 560
					        <tr>
						        <td colspan="8"> </td>
                    <td>
                      <button name="move_<?=$i;?>_x"
561 562 563 564 565
											type="submit"
											title="<?=gettext("move selected phase1 entries to end");?>"
											class="btn btn-default btn-xs">
											<span class="glyphicon glyphicon-arrow-down"></span>
										</button>
566
                      <a href="vpn_ipsec_phase1.php" title="<?=gettext("add new phase1");?>" alt="add" class="btn btn-default btn-xs">
567 568
											<span class="glyphicon glyphicon-plus"></span>
										</a>
569
                      <button
570 571 572 573 574 575 576
											name="del_x"
											type="submit"
											title="<?=gettext("delete selected phase1 entries");?>"
											onclick="return confirm('<?=gettext("Do you really want to delete the selected phase1 entries?");?>')"
											class="btn btn-default btn-xs">
											<span class="glyphicon glyphicon-remove"></span>
										</button>
577
                    </td>
578 579 580 581
                  </tr>
					        <tr>
                    <td colspan="9">
                      <strong><?=gettext("Note"); ?>:<br /></strong>
582 583 584 585 586 587
                        <?=gettext("You can check your IPsec status at");
?> <a href="diag_ipsec.php"><?=gettext("Status:IPsec"); ?></a>.<br />
                        <?=gettext("IPsec Debug Mode can be enabled at");
?> <a href="vpn_ipsec_settings.php"><?=gettext("VPN:IPsec:Advanced Settings"); ?></a>.<br />
                        <?=gettext("IPsec can be set to prefer older SAs at");
?> <a href="vpn_ipsec_settings.php"><?=gettext("VPN:IPsec:Advanced Settings"); ?></a>.
588 589 590 591 592 593 594 595 596 597 598 599 600 601 602
                    </td>
                  </tr>
                  <tr>
                    <td colspan=9>
                      <input name="enable" type="checkbox" id="enable" value="yes" <?=!empty($pconfig['enable']) ? "checked=\"checked\"":"";?>/>
                      <strong><?=gettext("Enable IPsec"); ?></strong>
                    </td>
                  </tr>
                  <tr>
                    <td colspan=9>
                      <input name="submit" type="submit" class="btn btn-primary" value="<?=gettext("Save"); ?>" />
                    </td>
                  </tr>
                </tbody>
              </table>
603
            </div>
604 605 606 607 608
          </div>
        </section>
      </div>
    </div>
  </section>
Ad Schellevis's avatar
Ad Schellevis committed
609
</form>
610
<?php include("foot.inc");