dani
/
pfsense-zabbix
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

fix: ipsec status dectection

This commit is contained in:
Ely Deckers 2022-11-27 14:33:50 +01:00
parent be58c15c5c
commit 5265b64ca3
1 changed files with 16 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
pfsense_zbx.php
View File

@ -1201,14 +1201,12 @@ class Command
{
PfEnv::init_config_arr(array("ipsec", "phase1"));
$result = "";
$process_result = function ($vk, $r) {
if ($vk != "state") {
return $r;
}
$v = self::get_value_mapping("ipsec.state", strtolower($r));
$v = self::get_value_mapping("ipsec.state", strtolower($r[$vk]));
$carp_status = self::get_carp_status();
@ -1221,7 +1219,7 @@ class Command
$ipsec_list_sa = PfEnv::ipsec_list_sa();
if (!is_array($ipsec_list_sa)) {
return $process_result($value_key, $result);
return 0;
}
$config = PfEnv::cfg();
@ -1239,10 +1237,11 @@ class Command
return array_merge(
$p,
[$cname => $ph1ent[$ike_id]],
[$cname => $ike_id],
);
}, []);
// Phase-Status match borrowed from status_ipsec.php
$maybe_ike_sa = Util::array_first(function ($ike_sa) use ($ike_id, $connection_map) {
$con_id = isset($ike_sa["con-id"]) ?
@ -1260,15 +1259,25 @@ class Command
}, $ipsec_list_sa);
if (!$maybe_ike_sa) {
return $process_result($value_key, $result);
return 0;
}
if ($req_id == -1) {
return $process_result($value_key, $maybe_ike_sa);
}
$just_matching_child_sas =
array_filter($maybe_ike_sa["child-sas"], fn($child_sa) => ($child_sa["reqid"] == $req_id));
if (count($just_matching_child_sas) === 0) {
return 0;
}
$result = NULL;
// Asking for Phase2 Status Value
foreach ($just_matching_child_sas as $child_sa) {
$result = $child_sa[$value_key];
$result = $child_sa;
// If state is rekeyed go on
if (strtolower($child_sa["state"]) == "rekeyed") {