From: Alexander Marx Date: Mon, 6 Jan 2014 23:38:36 +0000 (+0100) Subject: IPsec: Add DPD configuration options to advanced settings. X-Git-Url: http://git.ipfire.org/?p=people%2Fteissler%2Fipfire-2.x.git;a=commitdiff_plain;h=4e156911cc45c2788bfa7e04561e2a7e550c68b8 IPsec: Add DPD configuration options to advanced settings. --- diff --git a/html/cgi-bin/vpnmain.cgi b/html/cgi-bin/vpnmain.cgi index 64bf17e93..b9a73e5f2 100644 --- a/html/cgi-bin/vpnmain.cgi +++ b/html/cgi-bin/vpnmain.cgi @@ -104,7 +104,8 @@ $cgiparams{'ROOTCERT_OU'} = ''; $cgiparams{'ROOTCERT_CITY'} = ''; $cgiparams{'ROOTCERT_STATE'} = ''; $cgiparams{'RW_NET'} = ''; - +$cgiparams{'DPD_DELAY'} = '30'; +$cgiparams{'DPD_TIMEOUT'} = '120'; &Header::getcgihash(\%cgiparams, {'wantfile' => 1, 'filevar' => 'FH'}); ### @@ -384,8 +385,8 @@ sub writeipsecfiles { print CONF "\tcompress=yes\n" if ($lconfighash{$key}[13] eq 'on'); # Dead Peer Detection - print CONF "\tdpddelay=30\n"; - print CONF "\tdpdtimeout=120\n"; + print CONF "\tdpddelay=$lconfighash{$key}[30]\n"; + print CONF "\tdpdtimeout=$lconfighash{$key}[31]\n"; print CONF "\tdpdaction=$lconfighash{$key}[27]\n"; # Build Authentication details: LEFTid RIGHTid : PSK psk @@ -1274,6 +1275,8 @@ END $cgiparams{'ONLY_PROPOSED'} = $confighash{$cgiparams{'KEY'}}[24]; $cgiparams{'PFS'} = $confighash{$cgiparams{'KEY'}}[28]; $cgiparams{'VHOST'} = $confighash{$cgiparams{'KEY'}}[14]; + $cgiparams{'DPD_TIMEOUT'} = $confighash{$cgiparams{'KEY'}}[30]; + $cgiparams{'DPD_DELAY'} = $confighash{$cgiparams{'KEY'}}[31]; } elsif ($cgiparams{'ACTION'} eq $Lang::tr{'save'}) { $cgiparams{'REMARK'} = &Header::cleanhtml($cgiparams{'REMARK'}); @@ -1748,7 +1751,7 @@ END my $key = $cgiparams{'KEY'}; if (! $key) { $key = &General::findhasharraykey (\%confighash); - foreach my $i (0 .. 28) { $confighash{$key}[$i] = "";} + foreach my $i (0 .. 31) { $confighash{$key}[$i] = "";} } $confighash{$key}[0] = $cgiparams{'ENABLED'}; $confighash{$key}[1] = $cgiparams{'NAME'}; @@ -1788,6 +1791,8 @@ END $confighash{$key}[24] = $cgiparams{'ONLY_PROPOSED'}; $confighash{$key}[28] = $cgiparams{'PFS'}; $confighash{$key}[14] = $cgiparams{'VHOST'}; + $confighash{$key}[30] = $cgiparams{'DPD_TIMEOUT'}; + $confighash{$key}[31] = $cgiparams{'DPD_DELAY'}; #free unused fields! $confighash{$key}[6] = 'off'; @@ -2197,6 +2202,8 @@ if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) || $confighash{$cgiparams{'KEY'}}[24] = $cgiparams{'ONLY_PROPOSED'}; $confighash{$cgiparams{'KEY'}}[28] = $cgiparams{'PFS'}; $confighash{$cgiparams{'KEY'}}[14] = $cgiparams{'VHOST'}; + $confighash{$cgiparams{'KEY'}}[30] = $cgiparams{'DPD_TIMEOUT'}; + $confighash{$cgiparams{'KEY'}}[31] = $cgiparams{'DPD_DELAY'}; &General::writehasharray("${General::swroot}/vpn/config", \%confighash); &writeipsecfiles(); if (&vpnenabled) { @@ -2217,6 +2224,8 @@ if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) || $cgiparams{'ONLY_PROPOSED'} = $confighash{$cgiparams{'KEY'}}[24]; $cgiparams{'PFS'} = $confighash{$cgiparams{'KEY'}}[28]; $cgiparams{'VHOST'} = $confighash{$cgiparams{'KEY'}}[14]; + $cgiparams{'DPD_TIMEOUT'} = $confighash{$cgiparams{'KEY'}}[30]; + $cgiparams{'DPD_DELAY'} = $confighash{$cgiparams{'KEY'}}[31]; if ($confighash{$cgiparams{'KEY'}}[3] eq 'net' || $confighash{$cgiparams{'KEY'}}[10]) { $cgiparams{'VHOST'} = 'off'; @@ -2404,7 +2413,7 @@ if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) || - @@ -2412,7 +2421,7 @@ if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) || - - + + + + + + + + EOF ; if ($confighash{$cgiparams{'KEY'}}[3] eq 'net') { @@ -2441,7 +2470,7 @@ EOF print < - diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl index 01cd3f683..90128884b 100644 --- a/langs/de/cgi-bin/de.pl +++ b/langs/de/cgi-bin/de.pl @@ -749,6 +749,8 @@ 'download pkcs12 file' => 'PKCS12-Datei herunterladen', 'download root certificate' => 'Root-Zertifikat herunterladen', 'dpd action' => 'Aktion für Dead Peer Detection', +'dpd timeout' => 'DPD Zeitüberschreitung', +'dpd delay' => 'DPD Verzögerung', 'driver' => 'Treiber', 'drop action' => 'Standardverhalten der (Forward) Firewall in Modus "Blocked"', 'drop action1' => 'Standardverhalten der (Outgoing) Firewall in Modus "Blocked"', diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl index dc38129f3..ec03edc67 100644 --- a/langs/en/cgi-bin/en.pl +++ b/langs/en/cgi-bin/en.pl @@ -773,6 +773,8 @@ 'download pkcs12 file' => 'Download PKCS12 file', 'download root certificate' => 'Download root certificate', 'dpd action' => 'Dead Peer Detection action', +'dpd timeout' => 'DPD timeout', +'dpd delay' => 'DPD delay', 'driver' => 'Driver', 'drop action' => 'Default behaviour of (forward) firewall in mode "Blocked"', 'drop action1' => 'Default behaviour of (outgoing) firewall in mode "Blocked"',
+
+
+
+ + + +
+ + + +
+