From ddb5e9bae0af0a9bc9333ca8da2a748c6308098f Mon Sep 17 00:00:00 2001
From: Ted Trask <ttrask01@yahoo.com>
Date: Tue, 8 Jan 2013 16:30:01 +0000
Subject: Only call 'ip xfrm state' once, rather than twice per connection

---
 ipsectools-model.lua | 18 ++++++++++++++++--
 1 file changed, 16 insertions(+), 2 deletions(-)

(limited to 'ipsectools-model.lua')

diff --git a/ipsectools-model.lua b/ipsectools-model.lua
index 6f5b359..4c1360f 100644
--- a/ipsectools-model.lua
+++ b/ipsectools-model.lua
@@ -49,7 +49,11 @@ end
 
 local function racoonctl_table()
 	local output = {}
-	local value = modelfunctions.run_executable({"racoonctl", "-lll", "show-sa", "isakmp"})
+	local value = modelfunctions.run_executable({"ip", "xfrm", "state", "list", "src", dst})
+	-- Get rid of all lines that don't start with "src"
+	local phase2details = string.gsub(value, "\n[^s][^\n]*", "")
+	
+	value = modelfunctions.run_executable({"racoonctl", "-lll", "show-sa", "isakmp"})
  	for i,line in pairs(format.string_to_table(value,"\n")) do
 		if not ((string.find(line,"^Source")) or (#line == 0)) then
 			entry={}
@@ -90,7 +94,17 @@ local function racoonctl_table()
 				value=(variable[8] or "") .. " " .. (variable[9] or ""),
 				})
 
-			local phase2s = phase2details(variable[2])
+			local dst = string.match(variable[2],"^(.*)%.")	-- Removes the portnumber
+			local input = {}
+			local output = {}
+			for l in string.gmatch(phase2details, "src [^n]* "..dst.."\n") do
+				input[#input+1] = l
+			end
+			for l in string.gmatch(phase2details, "src "..dst.." [^\n]*\n") do
+				output[#output+1] = l
+			end
+			local phase2s = {{label="Outgoing", value=table.concat(output)}, {label="Incoming", value=table.concat(input)}}
+			--local phase2s = phase2details(variable[2])
 			entry['Phase2']=cfe({
 				label="Phase2",
 				value=variable[10],
-- 
cgit v1.2.3