X-Git-Url: http://git.ipfire.org/?a=blobdiff_plain;f=html%2Fcgi-bin%2Fvpnmain.cgi;h=3e92d4b8ed7fff96f969b5c94145d9437a41a711;hb=4d74a20df062b9449fc4bda89da7d2e8ace49552;hp=2d9058d0523dad099fbd079565a4d06799f2ff9b;hpb=2e053370ab64a3f516fc7f9e4897c5b48eae580d;p=people%2Fteissler%2Fipfire-2.x.git diff --git a/html/cgi-bin/vpnmain.cgi b/html/cgi-bin/vpnmain.cgi index 2d9058d05..3e92d4b8e 100644 --- a/html/cgi-bin/vpnmain.cgi +++ b/html/cgi-bin/vpnmain.cgi @@ -69,6 +69,8 @@ if (&Header::orange_used() && $netsettings{'ORANGE_DEV'}) { $orange_cidr = &General::ipcidr("$netsettings{'ORANGE_NETADDRESS'}/$netsettings{'ORANGE_NETMASK'}"); } +my $col=""; + $cgiparams{'ENABLED'} = 'off'; $cgiparams{'EDIT_ADVANCED'} = 'off'; $cgiparams{'ACTION'} = ''; @@ -104,7 +106,8 @@ $cgiparams{'ROOTCERT_OU'} = ''; $cgiparams{'ROOTCERT_CITY'} = ''; $cgiparams{'ROOTCERT_STATE'} = ''; $cgiparams{'RW_NET'} = ''; - +$cgiparams{'DPD_DELAY'} = '30'; +$cgiparams{'DPD_TIMEOUT'} = '120'; &Header::getcgihash(\%cgiparams, {'wantfile' => 1, 'filevar' => 'FH'}); ### @@ -384,9 +387,27 @@ sub writeipsecfiles { print CONF "\tcompress=yes\n" if ($lconfighash{$key}[13] eq 'on'); # Dead Peer Detection - print CONF "\tdpddelay=30\n"; - print CONF "\tdpdtimeout=120\n"; - print CONF "\tdpdaction=$lconfighash{$key}[27]\n"; + my $dpdaction = $lconfighash{$key}[27]; + print CONF "\tdpdaction=$dpdaction\n"; + + # If the dead peer detection is disabled and IKEv2 is used, + # dpddelay must be set to zero, too. + if ($dpdaction eq "none") { + if ($lconfighash{$key}[29] eq "ikev2") { + print CONF "\tdpddelay=0\n"; + } + } else { + my $dpddelay = $lconfighash{$key}[30]; + if (!$dpddelay) { + $dpddelay = 30; + } + print CONF "\tdpddelay=$dpddelay\n"; + my $dpdtimeout = $lconfighash{$key}[31]; + if (!$dpdtimeout) { + $dpdtimeout = 120; + } + print CONF "\tdpdtimeout=$dpdtimeout\n"; + } # Build Authentication details: LEFTid RIGHTid : PSK psk my $psk_line; @@ -1078,7 +1099,7 @@ END $Lang::tr{'capswarning'}: $Lang::tr{'generating the root and host certificates may take a long time. it can take up to several minutes on older hardware. please be patient'} -
- | $Lang::tr{'this field may be blank'} | +$Lang::tr{'this field may be blank'} | |
$Lang::tr{'vpn delayed start help'} | -+ |
$Lang::tr{'name'} | -$Lang::tr{'type'} | -$Lang::tr{'common name'} | -$Lang::tr{'remark'} | -$Lang::tr{'status'} | -$Lang::tr{'action'} | +$Lang::tr{'name'} | +$Lang::tr{'type'} | +$Lang::tr{'common name'} | +$Lang::tr{'remark'} | +$Lang::tr{'status'} | +$Lang::tr{'action'} | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
$confighash{$key}[1] | "; - print "" . $Lang::tr{"$confighash{$key}[3]"} . " (" . $Lang::tr{"$confighash{$key}[4]"} . ") $confighash{$key}[29] | "; + print "$confighash{$key}[1] | "; + print "" . $Lang::tr{"$confighash{$key}[3]"} . " (" . $Lang::tr{"$confighash{$key}[4]"} . ") $confighash{$key}[29] | "; if ($confighash{$key}[2] eq '%auth-dn') { - print "$confighash{$key}[9] | "; + print "$confighash{$key}[9] | "; } elsif ($confighash{$key}[4] eq 'cert') { - print "$confighash{$key}[2] | "; + print "$confighash{$key}[2] | "; } else { - print ""; + print " | "; } - print " | $confighash{$key}[25] | "; + print "$confighash{$key}[25] | "; + my $col1="bgcolor='${Header::colourred}'"; # get real state - my $active = "
$Lang::tr{'capsclosed'} |
$Lang::tr{'capsopen'} |
$Lang::tr{'capsclosed'} |