diff --git a/plist b/plist index 7496116de..af691b9bc 100644 --- a/plist +++ b/plist @@ -329,15 +329,19 @@ /usr/local/opnsense/mvc/app/controllers/OPNsense/IDS/forms/dialogRuleset.xml /usr/local/opnsense/mvc/app/controllers/OPNsense/IDS/forms/dialogUserDefined.xml /usr/local/opnsense/mvc/app/controllers/OPNsense/IDS/forms/generalSettings.xml +/usr/local/opnsense/mvc/app/controllers/OPNsense/IPsec/Api/ConnectionsController.php /usr/local/opnsense/mvc/app/controllers/OPNsense/IPsec/Api/KeyPairsController.php /usr/local/opnsense/mvc/app/controllers/OPNsense/IPsec/Api/LeasesController.php /usr/local/opnsense/mvc/app/controllers/OPNsense/IPsec/Api/LegacySubsystemController.php +/usr/local/opnsense/mvc/app/controllers/OPNsense/IPsec/Api/PoolsController.php /usr/local/opnsense/mvc/app/controllers/OPNsense/IPsec/Api/PreSharedKeysController.php /usr/local/opnsense/mvc/app/controllers/OPNsense/IPsec/Api/SadController.php /usr/local/opnsense/mvc/app/controllers/OPNsense/IPsec/Api/ServiceController.php /usr/local/opnsense/mvc/app/controllers/OPNsense/IPsec/Api/SessionsController.php /usr/local/opnsense/mvc/app/controllers/OPNsense/IPsec/Api/SpdController.php /usr/local/opnsense/mvc/app/controllers/OPNsense/IPsec/Api/TunnelController.php +/usr/local/opnsense/mvc/app/controllers/OPNsense/IPsec/Api/VtiController.php +/usr/local/opnsense/mvc/app/controllers/OPNsense/IPsec/ConnectionsController.php /usr/local/opnsense/mvc/app/controllers/OPNsense/IPsec/KeyPairsController.php /usr/local/opnsense/mvc/app/controllers/OPNsense/IPsec/LeasesController.php /usr/local/opnsense/mvc/app/controllers/OPNsense/IPsec/PreSharedKeysController.php @@ -345,8 +349,15 @@ /usr/local/opnsense/mvc/app/controllers/OPNsense/IPsec/SessionsController.php /usr/local/opnsense/mvc/app/controllers/OPNsense/IPsec/SpdController.php /usr/local/opnsense/mvc/app/controllers/OPNsense/IPsec/TunnelsController.php +/usr/local/opnsense/mvc/app/controllers/OPNsense/IPsec/VtiController.php +/usr/local/opnsense/mvc/app/controllers/OPNsense/IPsec/forms/dialogChild.xml +/usr/local/opnsense/mvc/app/controllers/OPNsense/IPsec/forms/dialogConnection.xml /usr/local/opnsense/mvc/app/controllers/OPNsense/IPsec/forms/dialogKeyPair.xml +/usr/local/opnsense/mvc/app/controllers/OPNsense/IPsec/forms/dialogLocal.xml /usr/local/opnsense/mvc/app/controllers/OPNsense/IPsec/forms/dialogPSK.xml +/usr/local/opnsense/mvc/app/controllers/OPNsense/IPsec/forms/dialogPool.xml +/usr/local/opnsense/mvc/app/controllers/OPNsense/IPsec/forms/dialogRemote.xml +/usr/local/opnsense/mvc/app/controllers/OPNsense/IPsec/forms/dialogVTI.xml /usr/local/opnsense/mvc/app/controllers/OPNsense/Interfaces/Api/LoopbackSettingsController.php /usr/local/opnsense/mvc/app/controllers/OPNsense/Interfaces/Api/VipSettingsController.php /usr/local/opnsense/mvc/app/controllers/OPNsense/Interfaces/Api/VlanSettingsController.php @@ -583,11 +594,18 @@ /usr/local/opnsense/mvc/app/models/OPNsense/IDS/Migrations/M1_0_6.php /usr/local/opnsense/mvc/app/models/OPNsense/IDS/Migrations/M1_0_7.php /usr/local/opnsense/mvc/app/models/OPNsense/IPsec/ACL/ACL.xml +/usr/local/opnsense/mvc/app/models/OPNsense/IPsec/FieldTypes/ConnnectionField.php +/usr/local/opnsense/mvc/app/models/OPNsense/IPsec/FieldTypes/IKEAdressField.php +/usr/local/opnsense/mvc/app/models/OPNsense/IPsec/FieldTypes/IPsecProposalField.php +/usr/local/opnsense/mvc/app/models/OPNsense/IPsec/FieldTypes/PoolsField.php +/usr/local/opnsense/mvc/app/models/OPNsense/IPsec/FieldTypes/VTIField.php /usr/local/opnsense/mvc/app/models/OPNsense/IPsec/IPsec.php /usr/local/opnsense/mvc/app/models/OPNsense/IPsec/IPsec.xml /usr/local/opnsense/mvc/app/models/OPNsense/IPsec/Menu/Menu.xml /usr/local/opnsense/mvc/app/models/OPNsense/IPsec/Migrations/M1_0_0.php /usr/local/opnsense/mvc/app/models/OPNsense/IPsec/Migrations/M1_0_1.php +/usr/local/opnsense/mvc/app/models/OPNsense/IPsec/Swanctl.php +/usr/local/opnsense/mvc/app/models/OPNsense/IPsec/Swanctl.xml /usr/local/opnsense/mvc/app/models/OPNsense/Interfaces/ACL/ACL.xml /usr/local/opnsense/mvc/app/models/OPNsense/Interfaces/FieldTypes/VipInterfaceField.php /usr/local/opnsense/mvc/app/models/OPNsense/Interfaces/FieldTypes/VipNetworkField.php @@ -670,6 +688,7 @@ /usr/local/opnsense/mvc/app/views/OPNsense/Firewall/category.volt /usr/local/opnsense/mvc/app/views/OPNsense/IDS/index.volt /usr/local/opnsense/mvc/app/views/OPNsense/IDS/policy.volt +/usr/local/opnsense/mvc/app/views/OPNsense/IPsec/connections.volt /usr/local/opnsense/mvc/app/views/OPNsense/IPsec/key_pairs.volt /usr/local/opnsense/mvc/app/views/OPNsense/IPsec/leases.volt /usr/local/opnsense/mvc/app/views/OPNsense/IPsec/pre_shared_keys.volt @@ -677,6 +696,7 @@ /usr/local/opnsense/mvc/app/views/OPNsense/IPsec/sessions.volt /usr/local/opnsense/mvc/app/views/OPNsense/IPsec/spd.volt /usr/local/opnsense/mvc/app/views/OPNsense/IPsec/tunnels.volt +/usr/local/opnsense/mvc/app/views/OPNsense/IPsec/vti.volt /usr/local/opnsense/mvc/app/views/OPNsense/Interface/loopback.volt /usr/local/opnsense/mvc/app/views/OPNsense/Interface/vip.volt /usr/local/opnsense/mvc/app/views/OPNsense/Interface/vlan.volt @@ -860,6 +880,7 @@ /usr/local/opnsense/scripts/interfaces/traffic_top.py /usr/local/opnsense/scripts/ipsec/connect.py /usr/local/opnsense/scripts/ipsec/disconnect.py +/usr/local/opnsense/scripts/ipsec/get_legacy_vti.php /usr/local/opnsense/scripts/ipsec/list_leases.py /usr/local/opnsense/scripts/ipsec/list_sad.py /usr/local/opnsense/scripts/ipsec/list_spd.py diff --git a/src/opnsense/mvc/app/controllers/OPNsense/IPsec/Api/ConnectionsController.php b/src/opnsense/mvc/app/controllers/OPNsense/IPsec/Api/ConnectionsController.php index 6173dbe10..95045af09 100644 --- a/src/opnsense/mvc/app/controllers/OPNsense/IPsec/Api/ConnectionsController.php +++ b/src/opnsense/mvc/app/controllers/OPNsense/IPsec/Api/ConnectionsController.php @@ -94,12 +94,12 @@ class ConnectionsController extends ApiMutableModelControllerBase $result = $this->setBase('connection', 'Connections.Connection', $uuid); // copy children (when none exist) if (!empty($copy_uuid) && $result['result'] != 'failed') { - $changed = False; + $changed = false; foreach (['locals.local', 'remotes.remote', 'children.child'] as $ref) { $container = $this->getModel()->getNodeByReference($ref); if ($container != null) { $orignal_items = []; - $has_children = False; + $has_children = false; foreach ($container->iterateItems() as $node_uuid => $node) { if ($node->connection == $copy_uuid) { $record = []; @@ -108,7 +108,7 @@ class ConnectionsController extends ApiMutableModelControllerBase } $orignal_items[] = $record; } elseif ($node->connection == $uuid) { - $has_children = True; + $has_children = true; } } if (!$has_children) { @@ -116,7 +116,7 @@ class ConnectionsController extends ApiMutableModelControllerBase $node = $container->Add(); $record['connection'] = $uuid; $node->setNodes($record); - $changed = True; + $changed = true; } } } @@ -274,5 +274,4 @@ class ConnectionsController extends ApiMutableModelControllerBase { return $this->delBase('children.child', $uuid); } - } diff --git a/src/opnsense/mvc/app/controllers/OPNsense/IPsec/Api/VtiController.php b/src/opnsense/mvc/app/controllers/OPNsense/IPsec/Api/VtiController.php index 2c1bad453..5bc1af18a 100644 --- a/src/opnsense/mvc/app/controllers/OPNsense/IPsec/Api/VtiController.php +++ b/src/opnsense/mvc/app/controllers/OPNsense/IPsec/Api/VtiController.php @@ -42,8 +42,8 @@ class VtiController extends ApiMutableModelControllerBase public function searchAction() { return $this->searchBase( - 'VTIs.VTI', - ['enabled', 'description', 'origin', 'reqid', 'local', 'remote', 'tunnel_local', 'tunnel_remote'] + 'VTIs.VTI', + ['enabled', 'description', 'origin', 'reqid', 'local', 'remote', 'tunnel_local', 'tunnel_remote'] ); } diff --git a/src/opnsense/mvc/app/controllers/OPNsense/Unbound/Api/OverviewController.php b/src/opnsense/mvc/app/controllers/OPNsense/Unbound/Api/OverviewController.php index 704b55001..dc4cdac46 100644 --- a/src/opnsense/mvc/app/controllers/OPNsense/Unbound/Api/OverviewController.php +++ b/src/opnsense/mvc/app/controllers/OPNsense/Unbound/Api/OverviewController.php @@ -43,7 +43,7 @@ class OverviewController extends ApiControllerBase ]; } - public function RollingAction($timeperiod, $clients=False) + public function RollingAction($timeperiod, $clients = false) { $this->sessionClose(); // Sanitize input diff --git a/src/opnsense/mvc/app/models/OPNsense/IPsec/FieldTypes/ConnnectionField.php b/src/opnsense/mvc/app/models/OPNsense/IPsec/FieldTypes/ConnnectionField.php index 8c35d50f2..30cd015e9 100644 --- a/src/opnsense/mvc/app/models/OPNsense/IPsec/FieldTypes/ConnnectionField.php +++ b/src/opnsense/mvc/app/models/OPNsense/IPsec/FieldTypes/ConnnectionField.php @@ -77,5 +77,4 @@ class ConnnectionField extends ArrayField } return parent::actionPostLoadingEvent(); } - } diff --git a/src/opnsense/mvc/app/models/OPNsense/IPsec/FieldTypes/IKEAdressField.php b/src/opnsense/mvc/app/models/OPNsense/IPsec/FieldTypes/IKEAdressField.php index ee90d7929..189298877 100644 --- a/src/opnsense/mvc/app/models/OPNsense/IPsec/FieldTypes/IKEAdressField.php +++ b/src/opnsense/mvc/app/models/OPNsense/IPsec/FieldTypes/IKEAdressField.php @@ -63,7 +63,7 @@ class IKEAdressField extends BaseField $validators[] = new CallbackValidator(["callback" => function ($data) { $messages = []; foreach (explode(",", $data) as $entry) { - if (Util::isIpAddress($entry) || Util::isSubnet($entry) || Util::isDomain($entry)) { + if (Util::isIpAddress($entry) || Util::isSubnet($entry) || Util::isDomain($entry)) { continue; } $messages[] = sprintf( diff --git a/src/opnsense/mvc/app/models/OPNsense/IPsec/FieldTypes/IPsecProposalField.php b/src/opnsense/mvc/app/models/OPNsense/IPsec/FieldTypes/IPsecProposalField.php index 3971c8ea2..a5bc68235 100644 --- a/src/opnsense/mvc/app/models/OPNsense/IPsec/FieldTypes/IPsecProposalField.php +++ b/src/opnsense/mvc/app/models/OPNsense/IPsec/FieldTypes/IPsecProposalField.php @@ -41,11 +41,13 @@ class IPsecProposalField extends BaseListField { if (empty(self::$internalCacheOptionList)) { self::$internalCacheOptionList['default'] = 'default'; - foreach (['aes128', 'aes192', 'aes256', 'aes128gcm16', 'aes192gcm16', 'aes256gcm16', + foreach ( + ['aes128', 'aes192', 'aes256', 'aes128gcm16', 'aes192gcm16', 'aes256gcm16', 'chacha20poly1305'] as $encalg ) { foreach (['sha256', 'sha384', 'sha512', 'aesxcbc'] as $intalg) { - foreach ([ + foreach ( + [ 'modp2048', 'modp3072', 'modp4096', 'modp6144', 'modp8192', 'ecp224', 'ecp256', 'ecp384', 'ecp521', 'ecp224bp', 'ecp256bp', 'ecp384bp', 'ecp512bp', 'x25519', 'x448'] as $dhgroup diff --git a/src/opnsense/mvc/app/models/OPNsense/IPsec/FieldTypes/VTIField.php b/src/opnsense/mvc/app/models/OPNsense/IPsec/FieldTypes/VTIField.php index c3bf0ad44..a503f8a43 100644 --- a/src/opnsense/mvc/app/models/OPNsense/IPsec/FieldTypes/VTIField.php +++ b/src/opnsense/mvc/app/models/OPNsense/IPsec/FieldTypes/VTIField.php @@ -46,7 +46,7 @@ class VTIField extends ArrayField if (!empty($legacy_vtis)) { foreach ($legacy_vtis as $vti) { $vti['enabled'] = '1'; - self::$legacyItems['ipsec'.$vti['reqid']] = $vti; + self::$legacyItems['ipsec' . $vti['reqid']] = $vti; } } } @@ -83,15 +83,15 @@ class VTIField extends ArrayField protected function actionPostLoadingEvent() { - foreach ($this->internalChildnodes as $node) { - if (!$node->getInternalIsVirtual()) { - $type_node = new TextField(); - $type_node->setInternalIsVirtual(); - $type_node->setValue('vti'); - $node->addChildNode('origin', $type_node); - } - } - return parent::actionPostLoadingEvent(); + foreach ($this->internalChildnodes as $node) { + if (!$node->getInternalIsVirtual()) { + $type_node = new TextField(); + $type_node->setInternalIsVirtual(); + $type_node->setValue('vti'); + $node->addChildNode('origin', $type_node); + } + } + return parent::actionPostLoadingEvent(); } diff --git a/src/opnsense/mvc/app/models/OPNsense/IPsec/Swanctl.php b/src/opnsense/mvc/app/models/OPNsense/IPsec/Swanctl.php index f8487d8f3..e3d3f18c5 100644 --- a/src/opnsense/mvc/app/models/OPNsense/IPsec/Swanctl.php +++ b/src/opnsense/mvc/app/models/OPNsense/IPsec/Swanctl.php @@ -105,7 +105,8 @@ class Swanctl extends BaseModel $pools = []; foreach (explode(',', (string)$attr) as $pool_id) { $is_uuid = preg_match( - '/^[0-9a-f]{8}-[0-9a-f]{4}-4[0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$/', $pool_id + '/^[0-9a-f]{8}-[0-9a-f]{4}-4[0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$/', + $pool_id ) == 1; if (isset($data['pools'][$pool_id])) { $pools[] = $data['pools'][$pool_id]['name']; diff --git a/src/opnsense/mvc/app/views/OPNsense/Unbound/overview.volt b/src/opnsense/mvc/app/views/OPNsense/Unbound/overview.volt index 4580e76cb..8f61f2e16 100644 --- a/src/opnsense/mvc/app/views/OPNsense/Unbound/overview.volt +++ b/src/opnsense/mvc/app/views/OPNsense/Unbound/overview.volt @@ -594,4 +594,3 @@ -