lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-20 03:16:12 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix #2645: IPsec debug not working (#2941)

Browse Source
This commit is contained in:
Michael Steenbeek 2018-11-20 13:26:39 +01:00 committed by Ad Schellevis
parent 2ac140318f
commit 0b1f1ec735
1 changed files with 13 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
src/etc/inc/plugins.inc.d/ipsec.inc
View File

@ -888,6 +888,7 @@ function ipsec_configure_do($verbose = false, $interface = '')
'init_limit_half_open' => 1000,
'ignore_acquire_ts' => 'yes',
'syslog' => [
'identifier' => 'charon',
'daemon' => [
'ike_name' => 'yes'
]
@ -905,6 +906,18 @@ function ipsec_configure_do($verbose = false, $interface = '')
$strongswanTree['charon']['cisco_unity'] = 'yes';
}
// Debugging configuration
if (isset($ipsec_loglevels)) {
// lkey is the log key, which is a three-letter abbreviation of the subsystem to log, e.g. `ike`.
// The value will be a number between -1 (silent) and 4 (highest verbosity).
foreach ($ipsec_loglevels as $lkey => $ldescr) {
if (isset($config['ipsec']["ipsec_{$lkey}"]) && is_numeric($config['ipsec']["ipsec_{$lkey}"]) &&
intval($config['ipsec']["ipsec_{$lkey}"]) >= -1 && intval($config['ipsec']["ipsec_{$lkey}"]) <= 4) {
$strongswanTree['charon']['syslog']['daemon'][$lkey] = $config['ipsec']["ipsec_{$lkey}"];
}
}
}
$strongswanTree['charon']['plugins'] = [];
if (isset($a_client['enable'])) {
@ -1116,17 +1129,6 @@ function ipsec_configure_do($verbose = false, $interface = '')
if (count($a_phase1)) {
$ipsecconf .= "# This file is automatically generated. Do not edit\n";
$ipsecconf .= "config setup\n\tuniqueids = yes\n";
// parse debug tags
$cfg_loglevels = array();
if (isset($ipsec_loglevels)) {
foreach ($ipsec_loglevels as $lkey => $ldescr) {
if (isset($config['ipsec']["ipsec_{$lkey}"]) && is_numeric($config['ipsec']["ipsec_{$lkey}"]) &&
intval($config['ipsec']["ipsec_{$lkey}"]) >= -1 && intval($config['ipsec']["ipsec_{$lkey}"]) <= 4) {
$cfg_loglevels[] = $lkey . " " . $config['ipsec']["ipsec_{$lkey}"];
}
}
}
$ipsecconf .= "\tcharondebug=\"" .implode(',', $cfg_loglevels) . "\"\n";
if (!empty($config['ipsec']['passthrough_networks'])) {
$ipsecconf .= "\nconn pass\n";