##|-PRIV
global $g;
require "guiconfig.inc";
require "ipsec.inc";
if (!is_array($config['ipsec']['phase2'])) {
$config['ipsec']['phase2'] = array();
}
$ipsec_status = array();
$a_phase2 =& $config['ipsec']['phase2'];
$status = ipsec_smp_dump_status();
if (is_array($status['query']) && $status['query']['ikesalist'] && $status['query']['ikesalist']['ikesa']) {
foreach ($a_phase2 as $ph2ent) {
ipsec_lookup_phase1($ph2ent, $ph1ent);
$tunnel = array();
if (!isset($ph2ent['disabled']) && !isset($ph1ent['disabled'])) {
if (ipsec_phase1_status($status['query']['ikesalist']['ikesa'], $ph1ent['ikeid'])) {
$tunnel['state'] = "up";
} elseif (!isset($config['ipsec']['enable'])) {
$tunnel['state'] = "disabled";
} else {
$tunnel['state'] = "down";
}
$tunnel['src'] = ipsec_get_phase1_src($ph1ent);
$tunnel['endpoint'] = $ph1ent['remote-gateway'];
$tunnel['local'] = ipsec_idinfo_to_text($ph2ent['localid']);
$tunnel['remote'] = ipsec_idinfo_to_text($ph2ent['remoteid']);
$tunnel['name'] = "{$ph2ent['descr']}";
$ipsec_status['tunnel'][] = $tunnel;
}
}
}
</th>
<th class="listhdrr nowrap"><?php
echo gettext("Status");
?>
</th>
<td class="list nowrap"></td>
</tr>
</thead>
<tbody>
<?php
$ipsecconnected = array();
if (is_array($status['query']) && is_array($status['query']['ikesalist']) && is_array($status['query']['ikesalist']['ikesa'])) {
foreach ($status['query']['ikesalist']['ikesa'] as $ikeid => $ikesa) {
$con_id = substr($ikesa['peerconfig'], 3);
$ipsecconnected[$con_id] = $con_id;
if (ipsec_phase1_status($status['query']['ikesalist']['ikesa'], $ikesa['id'])) {
$icon = "pass";
} elseif (!isset($config['ipsec']['enable'])) {
$icon = "block";
} else {
$icon = "reject";
}
?>
<tr>
<td class="listlr">
<?php
echo htmlspecialchars(ipsec_get_descr($con_id));
?>
</td>
<td class="listr">
<?php
$inactivecounter = 0;
$ipsec_detail_array = array();
foreach ($config['ipsec']['phase2'] as $ph2ent) {
if ($ph2ent['remoteid']['type'] == "mobile") {
continue;
}
ipsec_lookup_phase1($ph2ent, $ph1ent);
$ipsecstatus = false;
$tun_disabled = "false";
$foundsrc = false;
$founddst = false;
if (isset($ph1ent['disabled']) || isset($ph2ent['disabled'])) {
$tun_disabled = "true";
continue;
}
if (isset($ipsec_status['query']['ikesalist']['ikesa']) && isset($ph1ent['ikeid']) && ipsec_phase1_status($ipsec_status['query']['ikesalist']['ikesa'], $ph1ent['ikeid'])) {
/* tunnel is up */
$iconfn = "true";
$activecounter++;
} else {
/* tunnel is down */
$iconfn = "false";
$inactivecounter++;
}
$ipsec_detail_array[] = array('src' => convert_friendly_interface_to_friendly_descr($ph1ent['interface']), 'dest' => $ph1ent['remote-gateway'], 'remote-subnet' => ipsec_idinfo_to_text($ph2ent['remoteid']), 'descr' => $ph2ent['descr'], 'status' => $iconfn, 'disabled' => $tun_disabled);
}
}
if (isset($config['ipsec']['phase2'])) {
?>
<div id="ipsec-Overview" style="display:block;background-color:#EEEEEE;">
if ($ph1ent['iketype'] == 'ikev1') {
if (!isset($ikev1num[$ph1ent['ikeid']])) {
$ikev1num[$ph1ent['ikeid']] = 0;
} else {
$ikev1num[$ph1ent['ikeid']]++;
}
$ikeid = "con{$ph1ent['ikeid']}00" . $ikev1num[$ph1ent['ikeid']];
} else {
$ikeid = "con{$ph1ent['ikeid']}";
}
$found = false;
foreach ($ipsec_status['query']['ikesalist']['ikesa'] as $ikesa) {
if ($ikeid == $ikesa['peerconfig']) {
$found = true;
$ph2ikeid = $ikesa['id'];
if (ipsec_phase1_status($ipsec_status['query']['ikesalist']['ikesa'], $ph2ikeid)) {
/* tunnel is up */
$iconfn = "true";
$activecounter++;
} else {
/* tunnel is down */
$iconfn = "false";
$inactivecounter++;
}
}
}
if ($found === false) {
/* tunnel is down */
$iconfn = "false";
$inactivecounter++;
}