This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree". The branch, next has been updated via dcb406cc675c42f9add4a41c8a1e07eea7c3ab08 (commit) from ef784313d101fee621e3273cf14eb59cf43bbb10 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit dcb406cc675c42f9add4a41c8a1e07eea7c3ab08 Author: Michael Tremer Date: Wed Feb 15 10:11:58 2017 +0000 IPsec: Allow to create on-demand connections This will create IPsec VPN connections with auto=route set instead of auto=start which will cause the connection being created, but not brought up yet. As soon as the first packet is received, the connection will be established and data will be passed through it. This allows IPFire to handle more VPN connections on weaker systems and avoids negotiating many connections which are rarely used. Suggested-by: Tom Rymes Signed-off-by: Michael Tremer Fixes: #10733 ----------------------------------------------------------------------- Summary of changes: doc/language_issues.es | 3 +++ doc/language_issues.fr | 3 +++ doc/language_issues.it | 3 +++ doc/language_issues.nl | 3 +++ doc/language_issues.pl | 3 +++ doc/language_issues.ru | 3 +++ doc/language_issues.tr | 3 +++ doc/language_missings | 12 ++++++++++++ html/cgi-bin/vpnmain.cgi | 43 +++++++++++++++++++++++++++++++------------ langs/de/cgi-bin/de.pl | 3 +++ langs/en/cgi-bin/en.pl | 3 +++ 11 files changed, 70 insertions(+), 12 deletions(-) Difference in files: diff --git a/doc/language_issues.es b/doc/language_issues.es index 60ba499..36d4a82 100644 --- a/doc/language_issues.es +++ b/doc/language_issues.es @@ -1144,6 +1144,9 @@ WARNING: untranslated string: vendor WARNING: untranslated string: visit us at WARNING: untranslated string: vpn force mobike WARNING: untranslated string: vpn keyexchange +WARNING: untranslated string: vpn start action +WARNING: untranslated string: vpn start action route +WARNING: untranslated string: vpn start action start WARNING: untranslated string: vpn statistic n2n WARNING: untranslated string: vpn statistic rw WARNING: untranslated string: vpn statistics n2n diff --git a/doc/language_issues.fr b/doc/language_issues.fr index 863b529..b21c338 100644 --- a/doc/language_issues.fr +++ b/doc/language_issues.fr @@ -1161,6 +1161,9 @@ WARNING: untranslated string: vendor WARNING: untranslated string: visit us at WARNING: untranslated string: vpn force mobike WARNING: untranslated string: vpn keyexchange +WARNING: untranslated string: vpn start action +WARNING: untranslated string: vpn start action route +WARNING: untranslated string: vpn start action start WARNING: untranslated string: vpn statistic n2n WARNING: untranslated string: vpn statistic rw WARNING: untranslated string: vpn statistics n2n diff --git a/doc/language_issues.it b/doc/language_issues.it index 6efef40..e723028 100644 --- a/doc/language_issues.it +++ b/doc/language_issues.it @@ -819,6 +819,9 @@ WARNING: untranslated string: unblock WARNING: untranslated string: unblock all WARNING: untranslated string: uncheck all WARNING: untranslated string: vpn force mobike +WARNING: untranslated string: vpn start action +WARNING: untranslated string: vpn start action route +WARNING: untranslated string: vpn start action start WARNING: untranslated string: vpn statistic n2n WARNING: untranslated string: vpn statistic rw WARNING: untranslated string: vpn statistics n2n diff --git a/doc/language_issues.nl b/doc/language_issues.nl index c9b10dc..22a8934 100644 --- a/doc/language_issues.nl +++ b/doc/language_issues.nl @@ -867,6 +867,9 @@ WARNING: untranslated string: uncheck all WARNING: untranslated string: upload dh key WARNING: untranslated string: vendor WARNING: untranslated string: vpn force mobike +WARNING: untranslated string: vpn start action +WARNING: untranslated string: vpn start action route +WARNING: untranslated string: vpn start action start WARNING: untranslated string: vpn statistic n2n WARNING: untranslated string: vpn statistic rw WARNING: untranslated string: vpn statistics n2n diff --git a/doc/language_issues.pl b/doc/language_issues.pl index 60ba499..36d4a82 100644 --- a/doc/language_issues.pl +++ b/doc/language_issues.pl @@ -1144,6 +1144,9 @@ WARNING: untranslated string: vendor WARNING: untranslated string: visit us at WARNING: untranslated string: vpn force mobike WARNING: untranslated string: vpn keyexchange +WARNING: untranslated string: vpn start action +WARNING: untranslated string: vpn start action route +WARNING: untranslated string: vpn start action start WARNING: untranslated string: vpn statistic n2n WARNING: untranslated string: vpn statistic rw WARNING: untranslated string: vpn statistics n2n diff --git a/doc/language_issues.ru b/doc/language_issues.ru index 255df2f..fc727d6 100644 --- a/doc/language_issues.ru +++ b/doc/language_issues.ru @@ -1139,6 +1139,9 @@ WARNING: untranslated string: vendor WARNING: untranslated string: visit us at WARNING: untranslated string: vpn force mobike WARNING: untranslated string: vpn keyexchange +WARNING: untranslated string: vpn start action +WARNING: untranslated string: vpn start action route +WARNING: untranslated string: vpn start action start WARNING: untranslated string: vpn statistic n2n WARNING: untranslated string: vpn statistic rw WARNING: untranslated string: vpn statistics n2n diff --git a/doc/language_issues.tr b/doc/language_issues.tr index 8cf2dfe..59c9046 100644 --- a/doc/language_issues.tr +++ b/doc/language_issues.tr @@ -752,4 +752,7 @@ WARNING: untranslated string: route config changed WARNING: untranslated string: routing config added WARNING: untranslated string: routing config changed WARNING: untranslated string: routing table +WARNING: untranslated string: vpn start action +WARNING: untranslated string: vpn start action route +WARNING: untranslated string: vpn start action start WARNING: untranslated string: vpn statistics n2n diff --git a/doc/language_missings b/doc/language_missings index 32e1e48..49def61 100644 --- a/doc/language_missings +++ b/doc/language_missings @@ -561,6 +561,9 @@ < vendor < visit us at < vpn keyexchange +< vpn start action +< vpn start action route +< vpn start action start < vpn statistic n2n < vpn statistic rw < wlanap access point @@ -1175,6 +1178,9 @@ < vendor < visit us at < vpn keyexchange +< vpn start action +< vpn start action route +< vpn start action start < vpn statistic n2n < vpn statistic rw < wlanap country @@ -1754,6 +1760,9 @@ < vendor < visit us at < vpn keyexchange +< vpn start action +< vpn start action route +< vpn start action start < vpn statistic n2n < vpn statistic rw < wlanap country @@ -2338,6 +2347,9 @@ < vendor < visit us at < vpn keyexchange +< vpn start action +< vpn start action route +< vpn start action start < vpn statistic n2n < vpn statistic rw < week-graph diff --git a/html/cgi-bin/vpnmain.cgi b/html/cgi-bin/vpnmain.cgi index f1cffb8..b6469c0 100644 --- a/html/cgi-bin/vpnmain.cgi +++ b/html/cgi-bin/vpnmain.cgi @@ -108,6 +108,7 @@ $cgiparams{'RW_NET'} = ''; $cgiparams{'DPD_DELAY'} = '30'; $cgiparams{'DPD_TIMEOUT'} = '120'; $cgiparams{'FORCE_MOBIKE'} = 'off'; +$cgiparams{'START_ACTION'} = 'start'; &Header::getcgihash(\%cgiparams, {'wantfile' => 1, 'filevar' => 'FH'}); ### @@ -401,12 +402,17 @@ sub writeipsecfiles { print CONF "\trightrsasigkey=%cert\n"; } + my $start_action = $lconfighash{$key}[33]; + if (!$start_action) { + $start_action = "start"; + } + # Automatically start only if a net-to-net connection if ($lconfighash{$key}[3] eq 'host') { print CONF "\tauto=add\n"; print CONF "\trightsourceip=$lvpnsettings{'RW_NET'}\n"; } else { - print CONF "\tauto=start\n"; + print CONF "\tauto=$start_action\n"; } # Fragmentation @@ -1778,7 +1784,7 @@ END my $key = $cgiparams{'KEY'}; if (! $key) { $key = &General::findhasharraykey (\%confighash); - foreach my $i (0 .. 32) { $confighash{$key}[$i] = "";} + foreach my $i (0 .. 33) { $confighash{$key}[$i] = "";} } $confighash{$key}[0] = $cgiparams{'ENABLED'}; $confighash{$key}[1] = $cgiparams{'NAME'}; @@ -2256,6 +2262,7 @@ if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) || $confighash{$cgiparams{'KEY'}}[30] = $cgiparams{'DPD_TIMEOUT'}; $confighash{$cgiparams{'KEY'}}[31] = $cgiparams{'DPD_DELAY'}; $confighash{$cgiparams{'KEY'}}[32] = $cgiparams{'FORCE_MOBIKE'}; + $confighash{$cgiparams{'KEY'}}[33] = $cgiparams{'START_ACTION'}; &General::writehasharray("${General::swroot}/vpn/config", \%confighash); &writeipsecfiles(); if (&vpnenabled) { @@ -2283,6 +2290,7 @@ if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) || $cgiparams{'DPD_TIMEOUT'} = $confighash{$cgiparams{'KEY'}}[30]; $cgiparams{'DPD_DELAY'} = $confighash{$cgiparams{'KEY'}}[31]; $cgiparams{'FORCE_MOBIKE'} = $confighash{$cgiparams{'KEY'}}[32]; + $cgiparams{'START_ACTION'} = $confighash{$cgiparams{'KEY'}}[33]; if (!$cgiparams{'DPD_DELAY'}) { $cgiparams{'DPD_DELAY'} = 30; @@ -2291,6 +2299,10 @@ if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) || if (!$cgiparams{'DPD_TIMEOUT'}) { $cgiparams{'DPD_TIMEOUT'} = 120; } + + if (!$cgiparams{'START_ACTION'}) { + $cgiparams{'START_ACTION'} = "start"; + } } ADVANCED_ERROR: @@ -2387,6 +2399,10 @@ if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) || $selected{'DPD_ACTION'}{'none'} = ''; $selected{'DPD_ACTION'}{$cgiparams{'DPD_ACTION'}} = "selected='selected'"; + $selected{'START_ACTION'}{'route'} = ''; + $selected{'START_ACTION'}{'start'} = ''; + $selected{'START_ACTION'}{$cgiparams{'START_ACTION'}} = "selected='selected'"; + &Header::showhttpheaders(); &Header::openpage($Lang::tr{'ipsec'}, 1, ''); &Header::openbigbox('100%', 'left', '', $errormessage); @@ -2406,7 +2422,7 @@ if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) || } &Header::openbox('100%', 'left', "$Lang::tr{'advanced'}:"); - print < @@ -2599,9 +2615,16 @@ if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) || IKE+ESP: $Lang::tr{'use only proposed settings'} + + + + - +