Fix connection.cgi display for strongswan.

[people/pmueller/ipfire-2.x.git] / html / cgi-bin / connections.cgi

diff --git a/html/cgi-bin/connections.cgi b/html/cgi-bin/connections.cgi
index 0cf82d84facc71d116ab684f345de68cc094901a..b370d12881ef8bec2bf208c0d64efc013d66e8bb 100644 (file)
--- a/html/cgi-bin/connections.cgi
+++ b/html/cgi-bin/connections.cgi
@@ -1,15 +1,23 @@
 #!/usr/bin/perl
-#
-# (c) 2001 Jack Beglinger <jackb_guppy@yahoo.com>
-#
-# (c) 2003 Dave Roberts <countzerouk@hotmail.com> - colour coded netfilter/iptables rewrite for 1.3
-#
-# (c) 2006 Franck - add sorting+filtering capability
-#
-# (c) 2006 Peter Schälchli -inetwork (bug)
-#
-
-# Setup GREEN, ORANGE, IPFIRE, VPN CIDR networks, masklengths and colours only once
+###############################################################################
+#                                                                             #
+# IPFire.org - A linux based firewall                                         #
+# Copyright (C) 2007  Michael Tremer & Christian Schmidt                      #
+#                                                                             #
+# This program is free software: you can redistribute it and/or modify        #
+# it under the terms of the GNU General Public License as published by        #
+# the Free Software Foundation, either version 3 of the License, or           #
+# (at your option) any later version.                                         #
+#                                                                             #
+# This program is distributed in the hope that it will be useful,             #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
+# GNU General Public License for more details.                                #
+#                                                                             #
+# You should have received a copy of the GNU General Public License           #
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
+#                                                                             #
+###############################################################################
 
 my @network=();
 my @masklen=();
@@ -36,14 +44,24 @@ undef (@dummy);
 my %netsettings=();
 &General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
 
-open (ACTIVE, 'iptstate -1rbt |') or die 'Unable to open ip_conntrack';
+open (ACTIVE, '/usr/local/bin/getiptstate |') or die 'Unable to open ip_conntrack';
 my @active = <ACTIVE>;
 close (ACTIVE);
 
-my @vpn = ` route -n | grep ipsec | awk '{ print \$1" "\$3}'`;
+if (open(IP, "${General::swroot}/red/local-ipaddress")) {
+        my $redip = <IP>;
+        close(IP);
+        chomp $redip;
+        push(@network, $redip);
+        push(@masklen, '255.255.255.255' );
+        push(@colour, ${Header::colourfw} );
+}
+
+my @vpn = `grep "rightsubnet=" /etc/ipsec.conf | cut -f2 -d"=" | sed "s|/| |g"`;
   foreach my $route (@vpn) {
                 chomp($route);
                 my @temp = split(/[\t ]+/, $route);
+                if ( $temp[0] eq '$redip' ){next;}
                 push(@network, $temp[0]);
                 push(@masklen, $temp[1]);
                 push(@colour, ${Header::colourvpn} );
@@ -170,15 +188,6 @@ if ( $vpn[0] ne 'none' ) {
                 push(@colour, ${Header::colourvpn} );
         }
 }
-if (open(IP, "${General::swroot}/red/local-ipaddress")) {
-        my $redip = <IP>;
-        close(IP);
-        chomp $redip;
-        push(@network, $redip);
-        push(@masklen, '255.255.255.255' );
-        push(@colour, ${Header::colourfw} );
-}
-
 
 #Establish simple filtering&sorting boxes on top of table