/usr/local/www/vpn_openvpn_server.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/usr/local/www/vpn_openvpn_server.php @ 1c83021a

1	d799787e	Matthew Grooms	<?php
2			/*
3			vpn_openvpn_server.php
4
5			Copyright (C) 2008 Shrew Soft Inc.
6			All rights reserved.
7
8			Redistribution and use in source and binary forms, with or without
9			modification, are permitted provided that the following conditions are met:
10
11			1. Redistributions of source code must retain the above copyright notice,
12			this list of conditions and the following disclaimer.
13
14			2. Redistributions in binary form must reproduce the above copyright
15			notice, this list of conditions and the following disclaimer in the
16			documentation and/or other materials provided with the distribution.
17
18			THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
19			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
20			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
21			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
22			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
24			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
25			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
26			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
27			POSSIBILITY OF SUCH DAMAGE.
28			*/
29
30			##\|+PRIV
31			##\|*IDENT=page-openvpn-server
32			##\|*NAME=OpenVPN: Server page
33			##\|*DESCR=Allow access to the 'OpenVPN: Server' page.
34			##\|MATCH=vpn_openvpn_server.php
35			##\|-PRIV
36
37			require("guiconfig.inc");
38	d84bd468	Ermal Lu?i	require_once("openvpn.inc");
39	d799787e	Matthew Grooms
40	4d8b3382	Carlos Eduardo Ramos	$pgtitle = array(gettext("OpenVPN"), gettext("Server"));
41	efe2be81	jim-p	$statusurl = "status_openvpn.php";
42			$logurl = "diag_logs_openvpn.php";
43	d799787e	Matthew Grooms
44			if (!is_array($config['openvpn']['openvpn-server']))
45			$config['openvpn']['openvpn-server'] = array();
46
47			$a_server = &$config['openvpn']['openvpn-server'];
48
49			$id = $_GET['id'];
50			if (isset($_POST['id']))
51			$id = $_POST['id'];
52
53			$act = $_GET['act'];
54			if (isset($_POST['act']))
55			$act = $_POST['act'];
56
57			if ($_GET['act'] == "del") {
58
59			if (!$a_server[$id]) {
60			pfSenseHeader("vpn_openvpn_server.php");
61			exit;
62			}
63
64	dc408939	Matthew Grooms	openvpn_delete('server', $a_server[$id]);
65	d799787e	Matthew Grooms	unset($a_server[$id]);
66			write_config();
67			$savemsg = gettext("Server successfully deleted")."<br/>";
68			}
69
70	f432e364	Matthew Grooms	if($_GET['act']=="new"){
71	3c11bd3c	Matthew Grooms	$pconfig['autokey_enable'] = "yes";
72			$pconfig['tlsauth_enable'] = "yes";
73			$pconfig['autotls_enable'] = "yes";
74	fe787fc7	Matthew Grooms	$pconfig['dh_length'] = 1024;
75	f432e364	Matthew Grooms	$pconfig['interface'] = "wan";
76	8cd0a3fa	jim-p	$pconfig['local_port'] = openvpn_port_next('UDP');
77	f432e364	Matthew Grooms	$pconfig['pool_enable'] = "yes";
78			}
79
80	d799787e	Matthew Grooms	if($_GET['act']=="edit"){
81
82			if (isset($id) && $a_server[$id]) {
83
84	870318b9	Ermal Lu?i	$pconfig['disable'] = isset($a_server[$id]['disable']);
85	3c11bd3c	Matthew Grooms	$pconfig['mode'] = $a_server[$id]['mode'];
86	d799787e	Matthew Grooms	$pconfig['protocol'] = $a_server[$id]['protocol'];
87	e8a58de4	Ermal Lu?i	$pconfig['authmode'] = $a_server[$id]['authmode'];
88	d799787e	Matthew Grooms	$pconfig['interface'] = $a_server[$id]['interface'];
89	67b0902f	pierrepomes	if (!empty($a_server[$id]['ipaddr'])) {
90			$pconfig['interface'] = $pconfig['interface'] . '\|' . $a_server[$id]['ipaddr'];
91			}
92	d799787e	Matthew Grooms	$pconfig['local_port'] = $a_server[$id]['local_port'];
93			$pconfig['description'] = $a_server[$id]['description'];
94	a9a613dd	Scott Ullrich	$pconfig['custom_options'] = $a_server[$id]['custom_options'];
95	d799787e	Matthew Grooms
96	3c11bd3c	Matthew Grooms	if ($pconfig['mode'] != "p2p_shared_key") {
97			if ($a_server[$id]['tls']) {
98			$pconfig['tlsauth_enable'] = "yes";
99			$pconfig['tls'] = base64_decode($a_server[$id]['tls']);
100			}
101	fe787fc7	Matthew Grooms	$pconfig['caref'] = $a_server[$id]['caref'];
102			$pconfig['certref'] = $a_server[$id]['certref'];
103			$pconfig['dh_length'] = $a_server[$id]['dh_length'];
104	3c11bd3c	Matthew Grooms	} else
105			$pconfig['shared_key'] = base64_decode($a_server[$id]['shared_key']);
106	d799787e	Matthew Grooms	$pconfig['crypto'] = $a_server[$id]['crypto'];
107
108			$pconfig['tunnel_network'] = $a_server[$id]['tunnel_network'];
109			$pconfig['remote_network'] = $a_server[$id]['remote_network'];
110			$pconfig['gwredir'] = $a_server[$id]['gwredir'];
111			$pconfig['local_network'] = $a_server[$id]['local_network'];
112			$pconfig['maxclients'] = $a_server[$id]['maxclients'];
113			$pconfig['compression'] = $a_server[$id]['compression'];
114	1cb0b40a	Matthew Grooms	$pconfig['passtos'] = $a_server[$id]['passtos'];
115	d799787e	Matthew Grooms	$pconfig['client2client'] = $a_server[$id]['client2client'];
116
117	65ff8497	jim-p	$pconfig['dynamic_ip'] = $a_server[$id]['dynamic_ip'];
118	d799787e	Matthew Grooms	$pconfig['pool_enable'] = $a_server[$id]['pool_enable'];
119
120			$pconfig['dns_domain'] = $a_server[$id]['dns_domain'];
121			if ($pconfig['dns_domain'])
122			$pconfig['dns_domain_enable'] = true;
123
124			$pconfig['dns_server1'] = $a_server[$id]['dns_server1'];
125			$pconfig['dns_server2'] = $a_server[$id]['dns_server2'];
126			$pconfig['dns_server3'] = $a_server[$id]['dns_server3'];
127			$pconfig['dns_server4'] = $a_server[$id]['dns_server4'];
128			if ($pconfig['dns_server1'] \|\|
129			$pconfig['dns_server2'] \|\|
130			$pconfig['dns_server3'] \|\|
131			$pconfig['dns_server4'])
132			$pconfig['dns_server_enable'] = true;
133
134			$pconfig['ntp_server1'] = $a_server[$id]['ntp_server1'];
135			$pconfig['ntp_server2'] = $a_server[$id]['ntp_server2'];
136			if ($pconfig['ntp_server1'] \|\|
137			$pconfig['ntp_server2'])
138			$pconfig['ntp_server_enable'] = true;
139
140			$pconfig['netbios_enable'] = $a_server[$id]['netbios_enable'];
141			$pconfig['netbios_ntype'] = $a_server[$id]['netbios_ntype'];
142			$pconfig['netbios_scope'] = $a_server[$id]['netbios_scope'];
143
144			$pconfig['wins_server1'] = $a_server[$id]['wins_server1'];
145			$pconfig['wins_server2'] = $a_server[$id]['wins_server2'];
146			if ($pconfig['wins_server1'] \|\|
147			$pconfig['wins_server2'])
148			$pconfig['wins_server_enable'] = true;
149
150			$pconfig['nbdd_server1'] = $a_server[$id]['nbdd_server1'];
151			if ($pconfig['nbdd_server1'])
152			$pconfig['nbdd_server_enable'] = true;
153	3c11bd3c	Matthew Grooms
154			// just in case the modes switch
155			$pconfig['autokey_enable'] = "yes";
156			$pconfig['autotls_enable'] = "yes";
157	d799787e	Matthew Grooms	}
158			}
159
160			if ($_POST) {
161
162			unset($input_errors);
163			$pconfig = $_POST;
164
165	f432e364	Matthew Grooms	if (isset($id) && $a_server[$id])
166			$vpnid = $a_server[$id]['vpnid'];
167			else
168			$vpnid = 0;
169
170	98c0c87a	jim-p	if ($pconfig['mode'] != "p2p_shared_key")
171	3c11bd3c	Matthew Grooms	$tls_mode = true;
172			else
173			$tls_mode = false;
174
175	54b9de56	Ermal Lu?i	if (!empty($pconfig['authmode'])) {
176			foreach ($pconfig['authmode'] as $pauthmode) {
177	b48a82c9	Ermal Lu?i	if ($pauthmode != "Local Database" && $pconfig['mode'] == "server_tls_user")
178	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("Only 'Local authentication database' is allowed with") . " " . $openvpn_server_modes[$pconfig['mode']];
179	54b9de56	Ermal Lu?i	}
180			}
181
182	d799787e	Matthew Grooms	/* input validation */
183			if ($result = openvpn_validate_port($pconfig['local_port'], 'Local port'))
184			$input_errors[] = $result;
185
186			if ($result = openvpn_validate_cidr($pconfig['tunnel_network'], 'Tunnel network'))
187			$input_errors[] = $result;
188
189			if ($result = openvpn_validate_cidr($pconfig['remote_network'], 'Remote network'))
190			$input_errors[] = $result;
191
192			if ($result = openvpn_validate_cidr($pconfig['local_network'], 'Local network'))
193			$input_errors[] = $result;
194
195	5accf130	jim-p	$portused = openvpn_port_used($pconfig['protocol'], $pconfig['local_port']);
196			if (($portused != $vpnid) && ($portused != 0))
197	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The specified 'Local port' is in use. Please select another value");
198	f432e364	Matthew Grooms
199	89e6e210	jim-p	if ($pconfig['autokey_enable'])
200			$pconfig['shared_key'] = openvpn_create_key();
201
202	3c11bd3c	Matthew Grooms	if (!$tls_mode && !$pconfig['autokey_enable'])
203	d799787e	Matthew Grooms	if (!strstr($pconfig['shared_key'], "-----BEGIN OpenVPN Static key V1-----") \|\|
204			!strstr($pconfig['shared_key'], "-----END OpenVPN Static key V1-----"))
205	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'Shared Key' does not appear to be valid");
206	3c11bd3c	Matthew Grooms
207			if ($tls_mode && $pconfig['tlsauth_enable'] && !$pconfig['autotls_enable'])
208			if (!strstr($pconfig['tls'], "-----BEGIN OpenVPN Static key V1-----") \|\|
209			!strstr($pconfig['tls'], "-----END OpenVPN Static key V1-----"))
210	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'TLS Authentication Key' does not appear to be valid");
211	d799787e	Matthew Grooms
212			if ($pconfig['dns_server_enable']) {
213			if (!empty($pconfig['dns_server1']) && !is_ipaddr(trim($pconfig['dns_server1'])))
214	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'DNS Server #1' must contain a valid IP address");
215	d799787e	Matthew Grooms	if (!empty($pconfig['dns_server2']) && !is_ipaddr(trim($pconfig['dns_server2'])))
216	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'DNS Server #2' must contain a valid IP address");
217	d799787e	Matthew Grooms	if (!empty($pconfig['dns_server3']) && !is_ipaddr(trim($pconfig['dns_server3'])))
218	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'DNS Server #3' must contain a valid IP address");
219	d799787e	Matthew Grooms	if (!empty($pconfig['dns_server4']) && !is_ipaddr(trim($pconfig['dns_server4'])))
220	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'DNS Server #4' must contain a valid IP address");
221	d799787e	Matthew Grooms	}
222
223			if ($pconfig['ntp_server_enable']) {
224			if (!empty($pconfig['ntp_server1']) && !is_ipaddr(trim($pconfig['ntp_server1'])))
225	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'NTP Server #1' must contain a valid IP address");
226	d799787e	Matthew Grooms	if (!empty($pconfig['ntp_server2']) && !is_ipaddr(trim($pconfig['ntp_server2'])))
227	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'NTP Server #2' must contain a valid IP address");
228	d799787e	Matthew Grooms	if (!empty($pconfig['ntp_server3']) && !is_ipaddr(trim($pconfig['ntp_server3'])))
229	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'NTP Server #3' must contain a valid IP address");
230	d799787e	Matthew Grooms	if (!empty($pconfig['ntp_server4']) && !is_ipaddr(trim($pconfig['ntp_server4'])))
231	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'NTP Server #4' must contain a valid IP address");
232	d799787e	Matthew Grooms	}
233
234			if ($pconfig['netbios_enable']) {
235			if ($pconfig['wins_server_enable']) {
236			if (!empty($pconfig['wins_server1']) && !is_ipaddr(trim($pconfig['wins_server1'])))
237	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'WINS Server #1' must contain a valid IP address");
238	d799787e	Matthew Grooms	if (!empty($pconfig['wins_server2']) && !is_ipaddr(trim($pconfig['wins_server2'])))
239	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'WINS Server #2' must contain a valid IP address");
240	d799787e	Matthew Grooms	}
241			if ($pconfig['nbdd_server_enable'])
242			if (!empty($pconfig['nbdd_server1']) && !is_ipaddr(trim($pconfig['nbdd_server1'])))
243	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'NetBIOS Data Distribution Server #1' must contain a valid IP address");
244	d799787e	Matthew Grooms	}
245
246			if ($pconfig['maxclients'] && !is_numeric($pconfig['maxclients']))
247	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'Concurrent connections' must be numeric.");
248	d799787e	Matthew Grooms
249	21c776dd	jim-p	/* If we are not in shared key mode, then we need the CA/Cert. */
250			if ($pconfig['mode'] != "p2p_shared_key") {
251	872d9195	Matthew Grooms	$reqdfields = explode(" ", "caref certref");
252	4d8b3382	Carlos Eduardo Ramos	$reqdfieldsn = array(gettext("Certificate Authority"),gettext("Certificate"));;
253	21c776dd	jim-p	} elseif (!$pconfig['autokey_enable']) {
254			/* We only need the shared key filled in if we are in shared key mode and autokey is not selected. */
255			$reqdfields = array('shared_key');
256	4d8b3382	Carlos Eduardo Ramos	$reqdfieldsn = array(gettext('Shared key'));
257	d799787e	Matthew Grooms	}
258
259	872d9195	Matthew Grooms	$reqdfields[] = 'tunnel_network';
260	4d8b3382	Carlos Eduardo Ramos	$reqdfieldsn[] = gettext('Tunnel network');
261	872d9195	Matthew Grooms
262	d799787e	Matthew Grooms	do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
263
264			if (!$input_errors) {
265
266			$server = array();
267
268	f432e364	Matthew Grooms	if ($vpnid)
269			$server['vpnid'] = $vpnid;
270	e28120e5	Matthew Grooms	else
271	d799787e	Matthew Grooms	$server['vpnid'] = openvpn_vpnid_next();
272
273	870318b9	Ermal Lu?i	if ($_POST['disable'] == "yes")
274			$server['disable'] = true;
275	3c11bd3c	Matthew Grooms	$server['mode'] = $pconfig['mode'];
276	8a47c190	Ermal Lu?i	if (!empty($pconfig['authmode']))
277			$server['authmode'] = implode(",", $pconfig['authmode']);
278	d799787e	Matthew Grooms	$server['protocol'] = $pconfig['protocol'];
279	67b0902f	pierrepomes	list($server['interface'], $server['ipaddr']) = explode ("\|",$pconfig['interface']);
280	d799787e	Matthew Grooms	$server['local_port'] = $pconfig['local_port'];
281			$server['description'] = $pconfig['description'];
282	a9a613dd	Scott Ullrich	$server['custom_options'] = $pconfig['custom_options'];
283	d799787e	Matthew Grooms
284	3c11bd3c	Matthew Grooms	if ($tls_mode) {
285			if ($pconfig['tlsauth_enable']) {
286			if ($pconfig['autotls_enable'])
287			$pconfig['tls'] = openvpn_create_key();
288			$server['tls'] = base64_encode($pconfig['tls']);
289			}
290	fe787fc7	Matthew Grooms	$server['caref'] = $pconfig['caref'];
291			$server['certref'] = $pconfig['certref'];
292			$server['dh_length'] = $pconfig['dh_length'];
293	3c11bd3c	Matthew Grooms	} else {
294			$server['shared_key'] = base64_encode($pconfig['shared_key']);
295	d799787e	Matthew Grooms	}
296			$server['crypto'] = $pconfig['crypto'];
297
298			$server['tunnel_network'] = $pconfig['tunnel_network'];
299			$server['remote_network'] = $pconfig['remote_network'];
300			$server['gwredir'] = $pconfig['gwredir'];
301			$server['local_network'] = $pconfig['local_network'];
302			$server['maxclients'] = $pconfig['maxclients'];
303			$server['compression'] = $pconfig['compression'];
304	1cb0b40a	Matthew Grooms	$server['passtos'] = $pconfig['passtos'];
305	d799787e	Matthew Grooms	$server['client2client'] = $pconfig['client2client'];
306
307	65ff8497	jim-p	$server['dynamic_ip'] = $pconfig['dynamic_ip'];
308	d799787e	Matthew Grooms	$server['pool_enable'] = $pconfig['pool_enable'];
309
310			if ($pconfig['dns_domain_enable'])
311			$server['dns_domain'] = $pconfig['dns_domain'];
312
313			if ($pconfig['dns_server_enable']) {
314			$server['dns_server1'] = $pconfig['dns_server1'];
315			$server['dns_server2'] = $pconfig['dns_server2'];
316			$server['dns_server3'] = $pconfig['dns_server3'];
317			$server['dns_server4'] = $pconfig['dns_server4'];
318			}
319
320			if ($pconfig['ntp_server_enable']) {
321			$server['ntp_server1'] = $pconfig['ntp_server1'];
322			$server['ntp_server2'] = $pconfig['ntp_server2'];
323			}
324
325			$server['netbios_enable'] = $pconfig['netbios_enable'];
326			$server['netbios_ntype'] = $pconfig['netbios_ntype'];
327			$server['netbios_scope'] = $pconfig['netbios_scope'];
328
329			if ($pconfig['netbios_enable']) {
330
331			if ($pconfig['wins_server_enable']) {
332			$server['wins_server1'] = $pconfig['wins_server1'];
333			$server['wins_server2'] = $pconfig['wins_server2'];
334			}
335
336			if ($pconfig['dns_server_enable'])
337			$server['nbdd_server1'] = $pconfig['nbdd_server1'];
338			}
339
340			if (isset($id) && $a_server[$id])
341			$a_server[$id] = $server;
342			else
343			$a_server[] = $server;
344
345	dc408939	Matthew Grooms	openvpn_resync('server', $server);
346	d799787e	Matthew Grooms	write_config();
347
348			header("Location: vpn_openvpn_server.php");
349			exit;
350			}
351	8a47c190	Ermal Lu?i	if (!empty($pconfig['authmode']))
352			$pconfig['authmode'] = implode(",", $pconfig['authmode']);
353	d799787e	Matthew Grooms	}
354
355			include("head.inc");
356
357			?>
358
359			<body link="#000000" vlink="#000000" alink="#000000" onload="<?= $jsevents["body"]["onload"] ?>">
360			<?php include("fbegin.inc"); ?>
361			<script language="JavaScript">
362			<!--
363
364	3c11bd3c	Matthew Grooms	function mode_change() {
365			index = document.iform.mode.selectedIndex;
366			value = document.iform.mode.options[index].value;
367	d799787e	Matthew Grooms	switch(value) {
368	3c11bd3c	Matthew Grooms	case "p2p_tls":
369			case "server_tls":
370			case "server_user":
371			case "server_tls_user":
372			document.getElementById("tls").style.display="";
373			document.getElementById("tls_ca").style.display="";
374			document.getElementById("tls_cert").style.display="";
375	fe787fc7	Matthew Grooms	document.getElementById("tls_dh").style.display="";
376	d799787e	Matthew Grooms	document.getElementById("psk").style.display="none";
377			break;
378	3c11bd3c	Matthew Grooms	case "p2p_shared_key":
379			document.getElementById("tls").style.display="none";
380			document.getElementById("tls_ca").style.display="none";
381			document.getElementById("tls_cert").style.display="none";
382	fe787fc7	Matthew Grooms	document.getElementById("tls_dh").style.display="none";
383	d799787e	Matthew Grooms	document.getElementById("psk").style.display="";
384			break;
385			}
386	3c11bd3c	Matthew Grooms	switch(value) {
387			case "p2p_shared_key":
388			document.getElementById("client_opts").style.display="none";
389			document.getElementById("remote_opts").style.display="";
390	b008c1eb	jim-p	document.getElementById("local_opts").style.display="none";
391			document.getElementById("authmodetr").style.display="none";
392	107794cc	jim-p	document.getElementById("inter_client_communication").style.display="none";
393	b008c1eb	jim-p	break;
394			case "p2p_tls":
395			document.getElementById("client_opts").style.display="none";
396			document.getElementById("remote_opts").style.display="";
397			document.getElementById("local_opts").style.display="";
398	e8a58de4	Ermal Lu?i	document.getElementById("authmodetr").style.display="none";
399	107794cc	jim-p	document.getElementById("inter_client_communication").style.display="none";
400	3c11bd3c	Matthew Grooms	break;
401	e8a58de4	Ermal Lu?i	case "server_user":
402			case "server_tls_user":
403			document.getElementById("authmodetr").style.display="";
404	54b9de56	Ermal Lu?i	document.getElementById("client_opts").style.display="";
405			document.getElementById("remote_opts").style.display="none";
406	b008c1eb	jim-p	document.getElementById("local_opts").style.display="";
407	107794cc	jim-p	document.getElementById("inter_client_communication").style.display="";
408	54b9de56	Ermal Lu?i	break;
409			case "server_tls":
410			document.getElementById("authmodetr").style.display="none";
411	3c11bd3c	Matthew Grooms	default:
412			document.getElementById("client_opts").style.display="";
413			document.getElementById("remote_opts").style.display="none";
414	b008c1eb	jim-p	document.getElementById("local_opts").style.display="";
415	107794cc	jim-p	document.getElementById("inter_client_communication").style.display="";
416	3c11bd3c	Matthew Grooms	break;
417			}
418			}
419
420			function autokey_change() {
421
422			if (document.iform.autokey_enable.checked)
423			document.getElementById("autokey_opts").style.display="none";
424			else
425			document.getElementById("autokey_opts").style.display="";
426			}
427
428			function tlsauth_change() {
429
430			<?php if (!$pconfig['tls']): ?>
431			if (document.iform.tlsauth_enable.checked)
432			document.getElementById("tlsauth_opts").style.display="";
433			else
434			document.getElementById("tlsauth_opts").style.display="none";
435			<?php endif; ?>
436
437			autotls_change();
438			}
439
440			function autotls_change() {
441
442			<?php if (!$pconfig['tls']): ?>
443			autocheck = document.iform.autotls_enable.checked;
444			<?php else: ?>
445			autocheck = false;
446			<?php endif; ?>
447
448			if (document.iform.tlsauth_enable.checked && !autocheck)
449			document.getElementById("autotls_opts").style.display="";
450			else
451			document.getElementById("autotls_opts").style.display="none";
452	d799787e	Matthew Grooms	}
453
454			function gwredir_change() {
455
456			if (document.iform.gwredir.checked)
457			document.getElementById("local_opts").style.display="none";
458			else
459			document.getElementById("local_opts").style.display="";
460			}
461
462			function dns_domain_change() {
463
464			if (document.iform.dns_domain_enable.checked)
465			document.getElementById("dns_domain_data").style.display="";
466			else
467			document.getElementById("dns_domain_data").style.display="none";
468			}
469
470			function dns_server_change() {
471
472			if (document.iform.dns_server_enable.checked)
473			document.getElementById("dns_server_data").style.display="";
474			else
475			document.getElementById("dns_server_data").style.display="none";
476			}
477
478			function wins_server_change() {
479
480			if (document.iform.wins_server_enable.checked)
481			document.getElementById("wins_server_data").style.display="";
482			else
483			document.getElementById("wins_server_data").style.display="none";
484			}
485
486			function ntp_server_change() {
487
488			if (document.iform.ntp_server_enable.checked)
489			document.getElementById("ntp_server_data").style.display="";
490			else
491			document.getElementById("ntp_server_data").style.display="none";
492			}
493
494			function netbios_change() {
495
496			if (document.iform.netbios_enable.checked) {
497			document.getElementById("netbios_data").style.display="";
498			document.getElementById("wins_opts").style.display="";
499			} else {
500			document.getElementById("netbios_data").style.display="none";
501			document.getElementById("wins_opts").style.display="none";
502			}
503			}
504
505			//-->
506			</script>
507			<?php
508			if ($input_errors)
509			print_input_errors($input_errors);
510			if ($savemsg)
511			print_info_box($savemsg);
512			?>
513			<table width="100%" border="0" cellpadding="0" cellspacing="0">
514	5a3b0d3b	mgrooms	<tr>
515	d799787e	Matthew Grooms	<td class="tabnavtbl">
516			<ul id="tabnav">
517			<?php
518			$tab_array = array();
519			$tab_array[] = array(gettext("Server"), true, "vpn_openvpn_server.php");
520			$tab_array[] = array(gettext("Client"), false, "vpn_openvpn_client.php");
521			$tab_array[] = array(gettext("Client Specific Overrides"), false, "vpn_openvpn_csc.php");
522	5540aee6	Ermal Lu?i	$tab_array[] = array(gettext("Wizards"), false, "wizard.php?xml=openvpn_wizard.xml");
523	b63f2e8b	Matthew Grooms	add_package_tabs("OpenVPN", $tab_array);
524	d799787e	Matthew Grooms	display_top_tabs($tab_array);
525			?>
526			</ul>
527			</td>
528			</tr>
529			<tr>
530			<td class="tabcont">
531
532			<?php if($act=="new" \|\| $act=="edit"): ?>
533
534			<form action="vpn_openvpn_server.php" method="post" name="iform" id="iform" onsubmit="presubmit()">
535			<table width="100%" border="0" cellpadding="6" cellspacing="0">
536	47c00c09	Scott Ullrich	<tr>
537	4d8b3382	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="listtopic"><?=gettext("General information"); ?></td>
538	b63f2e8b	Matthew Grooms	</tr>
539	d799787e	Matthew Grooms	<tr>
540	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Disabled"); ?></td>
541	d799787e	Matthew Grooms	<td width="78%" class="vtable">
542			<table border="0" cellpadding="0" cellspacing="0">
543			<tr>
544			<td>
545			<?php set_checked($pconfig['disable'],$chk); ?>
546			<input name="disable" type="checkbox" value="yes" <?=$chk;?>/>
547			</td>
548			<td>
549
550			<span class="vexpl">
551	4d8b3382	Carlos Eduardo Ramos	<strong><?=gettext("Disable this server"); ?></strong><br>
552	d799787e	Matthew Grooms	</span>
553			</td>
554			</tr>
555			</table>
556	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Set this option to disable this server without removing it from the list"); ?>.
557	d799787e	Matthew Grooms	</td>
558			</tr>
559	3c11bd3c	Matthew Grooms	<tr>
560			<td width="22%" valign="top" class="vncellreq"><?=gettext("Server Mode");?></td>
561			<td width="78%" class="vtable">
562			<select name='mode' id='mode' class="formselect" onchange='mode_change()'>
563			<?php
564			foreach ($openvpn_server_modes as $name => $desc):
565			$selected = "";
566			if ($pconfig['mode'] == $name)
567			$selected = "selected";
568			?>
569			<option value="<?=$name;?>" <?=$selected;?>><?=$desc;?></option>
570			<?php endforeach; ?>
571			</select>
572			</td>
573			</tr>
574	e8a58de4	Ermal Lu?i	<tr id="authmodetr" style="display:none">
575			<td width="22%" valign="top" class="vncellreq"><?=gettext("Backend for authentication");?></td>
576			<td width="78%" class="vtable">
577	6306b5dd	Ermal Lu?i	<select name='authmode[]' id='authmode' class="formselect" multiple="true" size="<?php echo count($auth_servers); ?>">
578	c61e4626	Ermal Lu?i	<?php $authmodes = explode(",", $pconfig['authmode']); ?>
579	e8a58de4	Ermal Lu?i	<?php
580	6306b5dd	Ermal Lu?i	$auth_servers = auth_get_authserver_list();
581	e8a58de4	Ermal Lu?i	foreach ($auth_servers as $auth_server):
582			$selected = "";
583	c61e4626	Ermal Lu?i	if (in_array($auth_server['name'], $authmodes))
584	e8a58de4	Ermal Lu?i	$selected = "selected";
585			?>
586			<option value="<?=$auth_server['name'];?>" <?=$selected;?>><?=$auth_server['name'];?></option>
587			<?php endforeach; ?>
588			</select>
589			</td>
590			</tr>
591	d799787e	Matthew Grooms	<tr>
592			<td width="22%" valign="top" class="vncellreq"><?=gettext("Protocol");?></td>
593			<td width="78%" class="vtable">
594			<select name='protocol' class="formselect">
595			<?php
596			foreach ($openvpn_prots as $prot):
597			$selected = "";
598			if ($pconfig['protocol'] == $prot)
599			$selected = "selected";
600			?>
601			<option value="<?=$prot;?>" <?=$selected;?>><?=$prot;?></option>
602			<?php endforeach; ?>
603			</select>
604			</td>
605			</tr>
606			<tr>
607	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Interface"); ?></td>
608	d799787e	Matthew Grooms	<td width="78%" class="vtable">
609			<select name="interface" class="formselect">
610			<?php
611			$interfaces = get_configured_interface_with_descr();
612	3d06e8f0	pierrepomes	$carplist = get_configured_carp_interface_list();
613			foreach ($carplist as $cif => $carpip)
614	67b0902f	pierrepomes	$interfaces[$cif.'\|'.$carpip] = strtoupper($cif) . " ({$carpip})";
615			$aliaslist = get_configured_ip_aliases_list();
616			foreach ($aliaslist as $aliasip => $aliasif)
617			$interfaces[$aliasif.'\|'.$aliasip] = strtoupper($aliasif) . " ({$aliasip})";
618			$interfaces['any'] = "any";
619	d799787e	Matthew Grooms	foreach ($interfaces as $iface => $ifacename):
620	1d3bcd2a	Matthew Grooms	$selected = "";
621			if ($iface == $pconfig['interface'])
622			$selected = "selected";
623	d799787e	Matthew Grooms	?>
624	1d3bcd2a	Matthew Grooms	<option value="<?=$iface;?>" <?=$selected;?>>
625			<?=htmlspecialchars($ifacename);?>
626			</option>
627	d799787e	Matthew Grooms	<?php endforeach; ?>
628			</select> <br>
629			</td>
630			</tr>
631			<tr>
632			<td width="22%" valign="top" class="vncellreq"><?=gettext("Local port");?></td>
633			<td width="78%" class="vtable">
634			<input name="local_port" type="text" class="formfld unknown" size="5" value="<?=htmlspecialchars($pconfig['local_port']);?>"/>
635			</td>
636			</tr>
637			<tr>
638	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Description"); ?></td>
639	d799787e	Matthew Grooms	<td width="78%" class="vtable">
640			<input name="description" type="text" class="formfld unknown" size="30" value="<?=htmlspecialchars($pconfig['description']);?>">
641			<br>
642	4d8b3382	Carlos Eduardo Ramos	<?=gettext("You may enter a description here for your reference (not parsed)"); ?>.
643	d799787e	Matthew Grooms	</td>
644			</tr>
645			<tr>
646			<td colspan="2" class="list" height="12"></td>
647			</tr>
648			<tr>
649	4d8b3382	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="listtopic"><?=gettext("Cryptographic Settings"); ?></td>
650	d799787e	Matthew Grooms	</tr>
651	3c11bd3c	Matthew Grooms	<tr id="tls">
652	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("TLS Authentication"); ?></td>
653	3c11bd3c	Matthew Grooms	<td width="78%" class="vtable">
654			<table border="0" cellpadding="2" cellspacing="0">
655			<tr>
656			<td>
657			<?php set_checked($pconfig['tlsauth_enable'],$chk); ?>
658			<input name="tlsauth_enable" id="tlsauth_enable" type="checkbox" value="yes" <?=$chk;?> onClick="tlsauth_change()">
659			</td>
660			<td>
661			<span class="vexpl">
662	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Enable authentication of TLS packets"); ?>.
663	3c11bd3c	Matthew Grooms	</span>
664			</td>
665			</tr>
666			</table>
667			<?php if (!$pconfig['tls']): ?>
668			<table border="0" cellpadding="2" cellspacing="0" id='tlsauth_opts'>
669			<tr>
670			<td>
671			<?php set_checked($pconfig['autotls_enable'],$chk); ?>
672			<input name="autotls_enable" id="autotls_enable" type="checkbox" value="yes" <?=$chk;?> onClick="autotls_change()">
673			</td>
674			<td>
675			<span class="vexpl">
676	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Automatically generate a shared TLS authentication key"); ?>.
677	3c11bd3c	Matthew Grooms	</span>
678			</td>
679			</tr>
680			</table>
681			<?php endif; ?>
682			<table border="0" cellpadding="2" cellspacing="0" id='autotls_opts'>
683			<tr>
684			<td>
685			<textarea name="tls" cols="65" rows="7" class="formpre"><?=htmlspecialchars($pconfig['tls']);?></textarea>
686			<br/>
687	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Paste your shared key here"); ?>.
688	3c11bd3c	Matthew Grooms	</td>
689			</tr>
690			</table>
691			</td>
692	d799787e	Matthew Grooms	</tr>
693	3c11bd3c	Matthew Grooms	<tr id="tls_ca">
694	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Peer Certificate Authority"); ?></td>
695	d799787e	Matthew Grooms	<td width="78%" class="vtable">
696			<select name='caref' class="formselect">
697			<?php
698			foreach ($config['system']['ca'] as $ca):
699			$selected = "";
700			if ($pconfig['caref'] == $ca['refid'])
701			$selected = "selected";
702			?>
703			<option value="<?=$ca['refid'];?>" <?=$selected;?>><?=$ca['name'];?></option>
704			<?php endforeach; ?>
705			</select>
706			</td>
707			</tr>
708	3c11bd3c	Matthew Grooms	<tr id="tls_cert">
709	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Server Certificate"); ?></td>
710	d799787e	Matthew Grooms	<td width="78%" class="vtable">
711			<select name='certref' class="formselect">
712			<?php
713			foreach ($config['system']['cert'] as $cert):
714			$selected = "";
715	05657769	Ermal Lu?i	if (strstr($cert['name'], "webConfigurator"))
716			continue;
717	d799787e	Matthew Grooms	if ($pconfig['certref'] == $cert['refid'])
718			$selected = "selected";
719			?>
720			<option value="<?=$cert['refid'];?>" <?=$selected;?>><?=$cert['name'];?></option>
721			<?php endforeach; ?>
722			</select>
723			</td>
724			</tr>
725	fe787fc7	Matthew Grooms	<tr id="tls_dh">
726	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("DH Parameters Length"); ?></td>
727	fe787fc7	Matthew Grooms	<td width="78%" class="vtable">
728			<select name="dh_length" class="formselect">
729			<?php
730			foreach ($openvpn_dh_lengths as $length):
731			$selected = '';
732			if ($length == $pconfig['dh_length'])
733			$selected = ' selected';
734			?>
735			<option<?=$selected?>><?=$length;?></option>
736			<?php endforeach; ?>
737			</select>
738			<span class="vexpl">
739	1c83021a	Carlos Eduardo Ramos	<?=gettext("bits"); ?>
740	fe787fc7	Matthew Grooms	</span>
741			</td>
742			</tr>
743	d799787e	Matthew Grooms	<tr id="psk">
744	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Shared Key"); ?></td>
745	3c11bd3c	Matthew Grooms	<td width="78%" class="vtable">
746			<?php if (!$pconfig['shared_key']): ?>
747			<table border="0" cellpadding="2" cellspacing="0">
748			<tr>
749			<td>
750			<?php set_checked($pconfig['autokey_enable'],$chk); ?>
751			<input name="autokey_enable" type="checkbox" value="yes" <?=$chk;?> onClick="autokey_change()">
752			</td>
753			<td>
754			<span class="vexpl">
755	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Automatically generate a shared key"); ?>.
756	3c11bd3c	Matthew Grooms	</span>
757			</td>
758			</tr>
759			</table>
760			<?php endif; ?>
761			<table border="0" cellpadding="2" cellspacing="0" id='autokey_opts'>
762			<tr>
763			<td>
764			<textarea name="shared_key" cols="65" rows="7" class="formpre"><?=htmlspecialchars($pconfig['shared_key']);?></textarea>
765			<br/>
766	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Paste your shared key here"); ?>.
767	3c11bd3c	Matthew Grooms	</td>
768			</tr>
769			</table>
770	d799787e	Matthew Grooms	</td>
771			</tr>
772			<tr>
773	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Encryption algorithm"); ?></td>
774	d799787e	Matthew Grooms	<td width="78%" class="vtable">
775			<select name="crypto" class="formselect">
776			<?php
777			$cipherlist = openvpn_get_cipherlist();
778			foreach ($cipherlist as $name => $desc):
779			$selected = '';
780			if ($name == $pconfig['crypto'])
781			$selected = ' selected';
782			?>
783			<option value="<?=$name;?>"<?=$selected?>>
784			<?=htmlspecialchars($desc);?>
785			</option>
786			<?php endforeach; ?>
787			</select>
788			</td>
789			</tr>
790			<tr>
791			<td colspan="2" class="list" height="12"></td>
792			</tr>
793			<tr>
794	4d8b3382	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="listtopic"><?=gettext("Tunnel Settings"); ?></td>
795	d799787e	Matthew Grooms	</tr>
796			<tr>
797	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Tunnel Network"); ?></td>
798	d799787e	Matthew Grooms	<td width="78%" class="vtable">
799			<input name="tunnel_network" type="text" class="formfld unknown" size="20" value="<?=htmlspecialchars($pconfig['tunnel_network']);?>">
800			<br>
801	4d8b3382	Carlos Eduardo Ramos	<?=gettext("This is the virtual network used for private " .
802			"communications between this server and client " .
803			"hosts expressed using CIDR (eg. 10.0.8.0/24). " .
804			"The first network address will be assigned to " .
805			"the server virtual interface. The remaining " .
806			"network addresses can optionally be assigned " .
807			"to connecting clients. (see Address Pool)"); ?>
808	d799787e	Matthew Grooms	</td>
809			</tr>
810			<tr>
811	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Redirect Gateway"); ?></td>
812	d799787e	Matthew Grooms	<td width="78%" class="vtable">
813			<table border="0" cellpadding="2" cellspacing="0">
814			<tr>
815			<td>
816			<?php set_checked($pconfig['gwredir'],$chk); ?>
817			<input name="gwredir" type="checkbox" value="yes" <?=$chk;?> onClick="gwredir_change()"/>
818			</td>
819			<td>
820			<span class="vexpl">
821	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Force all client generated traffic through the tunnel"); ?>.
822	d799787e	Matthew Grooms	</span>
823			</td>
824			</tr>
825			</table>
826			</td>
827			</tr>
828			<tr id="local_opts">
829	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Local Network"); ?></td>
830	d799787e	Matthew Grooms	<td width="78%" class="vtable">
831			<input name="local_network" type="text" class="formfld unknown" size="20" value="<?=htmlspecialchars($pconfig['local_network']);?>">
832			<br>
833	4d8b3382	Carlos Eduardo Ramos	<?=gettext("This is the network that will be accessible " .
834			"from the remote endpoint. Expressed as a CIDR " .
835			"range. You may leave this blank if you don't " .
836			"want to add a route to the local network " .
837			"through this tunnel on the remote machine. " .
838			"This is generally set to your LAN network"); ?>.
839	d799787e	Matthew Grooms	</td>
840			</tr>
841	3c11bd3c	Matthew Grooms	<tr id="remote_opts">
842	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Remote Network"); ?></td>
843	3c11bd3c	Matthew Grooms	<td width="78%" class="vtable">
844			<input name="remote_network" type="text" class="formfld unknown" size="20" value="<?=htmlspecialchars($pconfig['remote_network']);?>">
845			<br>
846	4d8b3382	Carlos Eduardo Ramos	<?=gettext("This is a network that will be routed through " .
847			"the tunnel, so that a site-to-site VPN can be " .
848			"established without manually changing the " .
849			"routing tables. Expressed as a CIDR range. If " .
850			"this is a site-to-site VPN, enter here the " .
851			"remote LAN here. You may leave this blank if " .
852			"you don't want a site-to-site VPN"); ?>.
853	3c11bd3c	Matthew Grooms	</td>
854			</tr>
855	d799787e	Matthew Grooms	<tr>
856			<td width="22%" valign="top" class="vncell"><?=gettext("Concurrent connections");?></td>
857			<td width="78%" class="vtable">
858			<input name="maxclients" type="text" class="formfld unknown" size="5" value="<?=htmlspecialchars($pconfig['maxclients']);?>"/>
859			<br/>
860	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Specify the maximum number of clients allowed to concurrently connect to this server"); ?>.
861	d799787e	Matthew Grooms	</td>
862			</tr>
863			<tr>
864	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Compression"); ?></td>
865	d799787e	Matthew Grooms	<td width="78%" class="vtable">
866			<table border="0" cellpadding="2" cellspacing="0">
867			<tr>
868			<td>
869			<?php set_checked($pconfig['compression'],$chk); ?>
870			<input name="compression" type="checkbox" value="yes" <?=$chk;?>>
871			</td>
872			<td>
873			<span class="vexpl">
874	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Compress tunnel packets using the LZO algorithm"); ?>.
875	d799787e	Matthew Grooms	</span>
876			</td>
877			</tr>
878			</table>
879			</td>
880			</tr>
881			<tr>
882	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Type-of-Service"); ?></td>
883	d799787e	Matthew Grooms	<td width="78%" class="vtable">
884			<table border="0" cellpadding="2" cellspacing="0">
885			<tr>
886			<td>
887	1cb0b40a	Matthew Grooms	<?php set_checked($pconfig['passtos'],$chk); ?>
888			<input name="passtos" type="checkbox" value="yes" <?=$chk;?>>
889	d799787e	Matthew Grooms	</td>
890			<td>
891			<span class="vexpl">
892	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Set the TOS IP header value of tunnel packets to match the encapsulated packet value"); ?>.
893	d799787e	Matthew Grooms	</span>
894			</td>
895			</tr>
896			</table>
897			</td>
898			</tr>
899	107794cc	jim-p	<tr id="inter_client_communication">
900	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Inter-client communication"); ?></td>
901	d799787e	Matthew Grooms	<td width="78%" class="vtable">
902			<table border="0" cellpadding="2" cellspacing="0">
903			<tr>
904			<td>
905			<?php set_checked($pconfig['client2client'],$chk); ?>
906			<input name="client2client" type="checkbox" value="yes" <?=$chk;?>/>
907			</td>
908			<td>
909			<span class="vexpl">
910	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Allow communication between clients connected to this server"); ?>
911	d799787e	Matthew Grooms	</span>
912			</td>
913			</tr>
914			</table>
915			</td>
916			</tr>
917	3c11bd3c	Matthew Grooms	</table>
918
919			<table width="100%" border="0" cellpadding="6" cellspacing="0" id="client_opts">
920	d799787e	Matthew Grooms	<tr>
921			<td colspan="2" class="list" height="12"></td>
922			</tr>
923			<tr>
924	4d8b3382	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="listtopic"><?=gettext("Client Settings"); ?></td>
925	d799787e	Matthew Grooms	</tr>
926	65ff8497	jim-p	<tr>
927	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Dynamic IP"); ?></td>
928	65ff8497	jim-p	<td width="78%" class="vtable">
929			<table border="0" cellpadding="2" cellspacing="0">
930			<tr>
931			<td>
932			<?php set_checked($pconfig['dynamic_ip'],$chk); ?>
933	b3cf36d7	Erik Fonnesbeck	<input name="dynamic_ip" type="checkbox" id="dynamic_ip" value="yes" <?=$chk;?>/>
934	65ff8497	jim-p	</td>
935			<td>
936			<span class="vexpl">
937	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Allow connected clients to retain their connections if their IP address changes"); ?>.<br>
938	65ff8497	jim-p	</span>
939			</td>
940			</tr>
941			</table>
942			</td>
943			</tr>
944	d799787e	Matthew Grooms	<tr>
945	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Address Pool"); ?></td>
946	d799787e	Matthew Grooms	<td width="78%" class="vtable">
947			<table border="0" cellpadding="2" cellspacing="0">
948			<tr>
949			<td>
950			<?php set_checked($pconfig['pool_enable'],$chk); ?>
951	b3cf36d7	Erik Fonnesbeck	<input name="pool_enable" type="checkbox" id="pool_enable" value="yes" <?=$chk;?>/>
952	d799787e	Matthew Grooms	</td>
953			<td>
954			<span class="vexpl">
955	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Provide a virtual adapter IP address to clients (see Tunnel Network)"); ?><br>
956	d799787e	Matthew Grooms	</span>
957			</td>
958			</tr>
959			</table>
960			</td>
961			</tr>
962			<tr>
963	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("DNS Default Domain"); ?></td>
964	d799787e	Matthew Grooms	<td width="78%" class="vtable">
965			<table border="0" cellpadding="2" cellspacing="0">
966			<tr>
967			<td>
968			<?php set_checked($pconfig['dns_domain_enable'],$chk); ?>
969			<input name="dns_domain_enable" type="checkbox" id="dns_domain_enable" value="yes" <?=$chk;?> onClick="dns_domain_change()">
970			</td>
971			<td>
972			<span class="vexpl">
973	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Provide a default domain name to clients"); ?><br>
974	d799787e	Matthew Grooms	</span>
975			</td>
976			</tr>
977			</table>
978			<table border="0" cellpadding="2" cellspacing="0" id="dns_domain_data">
979			<tr>
980			<td>
981			<input name="dns_domain" type="text" class="formfld unknown" id="dns_domain" size="30" value="<?=htmlspecialchars($pconfig['dns_domain']);?>">
982			</td>
983			</tr>
984			</table>
985			</td>
986			</tr>
987			<tr>
988	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("DNS Servers"); ?></td>
989	d799787e	Matthew Grooms	<td width="78%" class="vtable">
990			<table border="0" cellpadding="2" cellspacing="0">
991			<tr>
992			<td>
993			<?php set_checked($pconfig['dns_server_enable'],$chk); ?>
994			<input name="dns_server_enable" type="checkbox" id="dns_server_enable" value="yes" <?=$chk;?> onClick="dns_server_change()">
995			</td>
996			<td>
997			<span class="vexpl">
998	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Provide a DNS server list to clients"); ?><br>
999	d799787e	Matthew Grooms	</span>
1000			</td>
1001			</tr>
1002			</table>
1003			<table border="0" cellpadding="2" cellspacing="0" id="dns_server_data">
1004			<tr>
1005			<td>
1006			<span class="vexpl">
1007	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Server"); ?> #1:
1008	d799787e	Matthew Grooms	</span>
1009			<input name="dns_server1" type="text" class="formfld unknown" id="dns_server1" size="20" value="<?=$pconfig['dns_server1'];?>">
1010			</td>
1011			</tr>
1012			<tr>
1013			<td>
1014			<span class="vexpl">
1015	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Server"); ?> #2:
1016	d799787e	Matthew Grooms	</span>
1017			<input name="dns_server2" type="text" class="formfld unknown" id="dns_server2" size="20" value="<?=$pconfig['dns_server2'];?>">
1018			</td>
1019			</tr>
1020			<tr>
1021			<td>
1022			<span class="vexpl">
1023	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Server"); ?> #3:
1024	d799787e	Matthew Grooms	</span>
1025			<input name="dns_server3" type="text" class="formfld unknown" id="dns_server3" size="20" value="<?=$pconfig['dns_server3'];?>">
1026			</td>
1027			</tr>
1028			<tr>
1029			<td>
1030			<span class="vexpl">
1031	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Server"); ?> #4:
1032	d799787e	Matthew Grooms	</span>
1033			<input name="dns_server4" type="text" class="formfld unknown" id="dns_server4" size="20" value="<?=$pconfig['dns_server4'];?>">
1034			</td>
1035			</tr>
1036			</table>
1037			</td>
1038			</tr>
1039			<tr>
1040	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("NTP Servers"); ?></td>
1041	d799787e	Matthew Grooms	<td width="78%" class="vtable">
1042			<table border="0" cellpadding="2" cellspacing="0">
1043			<tr>
1044			<td>
1045			<?php set_checked($pconfig['ntp_server_enable'],$chk); ?>
1046			<input name="ntp_server_enable" type="checkbox" id="ntp_server_enable" value="yes" <?=$chk;?> onClick="ntp_server_change()">
1047			</td>
1048			<td>
1049			<span class="vexpl">
1050	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Provide a NTP server list to clients"); ?><br>
1051	d799787e	Matthew Grooms	</span>
1052			</td>
1053			</tr>
1054			</table>
1055			<table border="0" cellpadding="2" cellspacing="0" id="ntp_server_data">
1056			<tr>
1057			<td>
1058			<span class="vexpl">
1059	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Server"); ?> #1:
1060	d799787e	Matthew Grooms	</span>
1061			<input name="ntp_server1" type="text" class="formfld unknown" id="ntp_server1" size="20" value="<?=$pconfig['ntp_server1'];?>">
1062			</td>
1063			</tr>
1064			<tr>
1065			<td>
1066			<span class="vexpl">
1067	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Server"); ?> #2:
1068	d799787e	Matthew Grooms	</span>
1069			<input name="ntp_server2" type="text" class="formfld unknown" id="ntp_server2" size="20" value="<?=$pconfig['ntp_server2'];?>">
1070			</td>
1071			</tr>
1072			</table>
1073			</td>
1074			</tr>
1075			<tr>
1076	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("NetBIOS Options"); ?></td>
1077	d799787e	Matthew Grooms	<td width="78%" class="vtable">
1078			<table border="0" cellpadding="2" cellspacing="0">
1079			<tr>
1080			<td>
1081			<?php set_checked($pconfig['netbios_enable'],$chk); ?>
1082			<input name="netbios_enable" type="checkbox" id="netbios_enable" value="yes" <?=$chk;?> onClick="netbios_change()">
1083			</td>
1084			<td>
1085			<span class="vexpl">
1086	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Enable NetBIOS over TCP/IP"); ?><br>
1087	d799787e	Matthew Grooms	</span>
1088			</td>
1089			</tr>
1090			</table>
1091	4d8b3382	Carlos Eduardo Ramos	<?=gettext("If this option is not set, all NetBIOS-over-TCP/IP options (including WINS) will be disabled"); ?>.
1092	d799787e	Matthew Grooms	<br/>
1093			<table border="0" cellpadding="2" cellspacing="0" id="netbios_data">
1094			<tr>
1095			<td>
1096			<br/>
1097			<span class="vexpl">
1098	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Node Type"); ?>:
1099	d799787e	Matthew Grooms	</span>
1100			<select name='netbios_ntype' class="formselect">
1101			<?php
1102			foreach ($netbios_nodetypes as $type => $name):
1103			$selected = "";
1104			if ($pconfig['netbios_ntype'] == $type)
1105			$selected = "selected";
1106			?>
1107			<option value="<?=$type;?>" <?=$selected;?>><?=$name;?></option>
1108			<?php endforeach; ?>
1109			</select>
1110			<br/>
1111	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Possible options: b-node (broadcasts), p-node " .
1112			"(point-to-point name queries to a WINS server), " .
1113			"m-node (broadcast then query name server), and " .
1114			"h-node (query name server, then broadcast)"); ?>.
1115	d799787e	Matthew Grooms	</td>
1116			</tr>
1117			<tr>
1118			<td>
1119			<br/>
1120			<span class="vexpl">
1121	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Scope ID"); ?>:
1122	d799787e	Matthew Grooms	</span>
1123			<input name="netbios_scope" type="text" class="formfld unknown" id="netbios_scope" size="30" value="<?=htmlspecialchars($pconfig['netbios_scope']);?>">
1124			<br/>
1125	4d8b3382	Carlos Eduardo Ramos	<?=gettext("A NetBIOS Scope ID provides an extended naming " .
1126			"service for NetBIOS over TCP/IP. The NetBIOS " .
1127			"scope ID isolates NetBIOS traffic on a single " .
1128			"network to only those nodes with the same " .
1129			"NetBIOS scope ID"); ?>.
1130	d799787e	Matthew Grooms	</td>
1131			</tr>
1132			</table>
1133			</td>
1134			</tr>
1135			<tr id="wins_opts">
1136	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("WINS Servers"); ?></td>
1137	d799787e	Matthew Grooms	<td width="78%" class="vtable">
1138			<table border="0" cellpadding="2" cellspacing="0">
1139			<tr>
1140			<td>
1141			<?php set_checked($pconfig['wins_server_enable'],$chk); ?>
1142			<input name="wins_server_enable" type="checkbox" id="wins_server_enable" value="yes" <?=$chk;?> onClick="wins_server_change()">
1143			</td>
1144			<td>
1145			<span class="vexpl">
1146	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Provide a WINS server list to clients"); ?><br>
1147	d799787e	Matthew Grooms	</span>
1148			</td>
1149			</tr>
1150			</table>
1151			<table border="0" cellpadding="2" cellspacing="0" id="wins_server_data">
1152			<tr>
1153			<td>
1154			<span class="vexpl">
1155	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Server"); ?> #1:
1156	d799787e	Matthew Grooms	</span>
1157			<input name="wins_server1" type="text" class="formfld unknown" id="wins_server1" size="20" value="<?=$pconfig['wins_server1'];?>">
1158			</td>
1159			</tr>
1160			<tr>
1161			<td>
1162			<span class="vexpl">
1163	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Server"); ?> #2:
1164	d799787e	Matthew Grooms	</span>
1165			<input name="wins_server2" type="text" class="formfld unknown" id="wins_server2" size="20" value="<?=$pconfig['wins_server2'];?>">
1166			</td>
1167			</tr>
1168			</table>
1169			</td>
1170			</tr>
1171	3c11bd3c	Matthew Grooms	</table>
1172
1173	2f4f30ee	Scott Ullrich	<table width="100%" border="0" cellpadding="6" cellspacing="0" id="client_opts">
1174			<tr>
1175			<td colspan="2" class="list" height="12"></td>
1176			</tr>
1177			<tr>
1178	4d8b3382	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="listtopic"><?=gettext("Advanced configuration"); ?></td>
1179	2f4f30ee	Scott Ullrich	</tr>
1180			<tr>
1181	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Advanced"); ?></td>
1182	2f4f30ee	Scott Ullrich	<td width="78%" class="vtable">
1183			<table border="0" cellpadding="2" cellspacing="0">
1184			<tr>
1185			<td>
1186	a9a613dd	Scott Ullrich	<textarea rows="6" cols="78" name="custom_options" id="custom_options"><?=$pconfig['custom_options'];?></textarea><br/>
1187	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Enter any additional options you would like to add to the OpenVPN server configuration here, separated by a semicolon"); ?><br/>
1188			<?=gettext("EXAMPLE: push \"route 10.0.0.0 255.255.255.0\""); ?>;
1189	2f4f30ee	Scott Ullrich	</td>
1190			</tr>
1191			</table>
1192			</td>
1193			</tr>
1194			</table>
1195
1196	f68fc963	Scott Ullrich	<br/>
1197
1198	3c11bd3c	Matthew Grooms	<table width="100%" border="0" cellpadding="6" cellspacing="0" id="client_opts">
1199	d799787e	Matthew Grooms	<tr>
1200			<td width="22%" valign="top"> </td>
1201			<td width="78%">
1202	4d8b3382	Carlos Eduardo Ramos	<input name="save" type="submit" class="formbtn" value="<?=gettext("Save"); ?>">
1203	d799787e	Matthew Grooms	<input name="act" type="hidden" value="<?=$act;?>">
1204			<?php if (isset($id) && $a_server[$id]): ?>
1205			<input name="id" type="hidden" value="<?=$id;?>">
1206			<?php endif; ?>
1207			</td>
1208			</tr>
1209			</table>
1210			</form>
1211
1212			<?php else: ?>
1213
1214	7128ed17	Scott Ullrich	<table class="sortable" width="100%" border="0" cellpadding="0" cellspacing="0">
1215	d799787e	Matthew Grooms	<tr>
1216	4d8b3382	Carlos Eduardo Ramos	<td width="10%" class="listhdrr"><?=gettext("Disabled"); ?></td>
1217			<td width="10%" class="listhdrr"><?=gettext("Protocol / Port"); ?></td>
1218			<td width="30%" class="listhdrr"><?=gettext("Tunnel Network"); ?></td>
1219			<td width="40%" class="listhdrr"><?=gettext("Description"); ?></td>
1220	d799787e	Matthew Grooms	<td width="10%" class="list"></td>
1221			</tr>
1222			<?php
1223			$i = 0;
1224			foreach($a_server as $server):
1225			$disabled = "NO";
1226	870318b9	Ermal Lu?i	if (isset($server['disable']))
1227	d799787e	Matthew Grooms	$disabled = "YES";
1228			?>
1229			<tr>
1230	d3d9b0ee	Scott Ullrich	<td class="listlr" ondblclick="document.location='vpn_openvpn_server.php?act=edit&id=<?=$i;?>'">
1231	d799787e	Matthew Grooms	<?=$disabled;?>
1232			</td>
1233	d3d9b0ee	Scott Ullrich	<td class="listr" ondblclick="document.location='vpn_openvpn_server.php?act=edit&id=<?=$i;?>'">
1234	43cea754	Chris Buechler	<?=htmlspecialchars($server['protocol']);?> / <?=htmlspecialchars($server['local_port']);?>
1235	d799787e	Matthew Grooms	</td>
1236	d3d9b0ee	Scott Ullrich	<td class="listr" ondblclick="document.location='vpn_openvpn_server.php?act=edit&id=<?=$i;?>'">
1237	d799787e	Matthew Grooms	<?=htmlspecialchars($server['tunnel_network']);?>
1238			</td>
1239	d3d9b0ee	Scott Ullrich	<td class="listbg" ondblclick="document.location='vpn_openvpn_server.php?act=edit&id=<?=$i;?>'">
1240	d799787e	Matthew Grooms	<?=htmlspecialchars($server['description']);?>
1241			</td>
1242			<td valign="middle" nowrap class="list">
1243			<a href="vpn_openvpn_server.php?act=edit&id=<?=$i;?>">
1244	4d8b3382	Carlos Eduardo Ramos	<img src="./themes/<?=$g['theme'];?>/images/icons/icon_e.gif" title="<?=gettext("edit server"); ?>" width="17" height="17" border="0">
1245	d799787e	Matthew Grooms	</a>
1246
1247	4d8b3382	Carlos Eduardo Ramos	<a href="vpn_openvpn_server.php?act=del&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this server?"); ?>')">
1248			<img src="/themes/<?=$g['theme'];?>/images/icons/icon_x.gif" title="<?=gettext("delete server"); ?>" width="17" height="17" border="0">
1249	d799787e	Matthew Grooms	</a>
1250			</td>
1251			</tr>
1252			<?php
1253			$i++;
1254			endforeach;
1255			?>
1256			<tr>
1257			<td class="list" colspan="4"></td>
1258			<td class="list">
1259	4d8b3382	Carlos Eduardo Ramos	<a href="vpn_openvpn_server.php?act=new"><img src="./themes/<?=$g['theme'];?>/images/icons/icon_plus.gif" title="<?=gettext("add server"); ?>" width="17" height="17" border="0">
1260	d799787e	Matthew Grooms	</a>
1261			</td>
1262			</tr>
1263			</table>
1264
1265	7128ed17	Scott Ullrich	<?=gettext("Additional OpenVPN servers can be added here.");?>
1266
1267	d799787e	Matthew Grooms	<? endif; ?>
1268
1269			</td>
1270			</tr>
1271			</table>
1272			<script language="JavaScript">
1273			<!--
1274	3c11bd3c	Matthew Grooms	mode_change();
1275			autokey_change();
1276			tlsauth_change();
1277	d799787e	Matthew Grooms	gwredir_change();
1278			dns_domain_change();
1279			dns_server_change();
1280			wins_server_change();
1281			ntp_server_change();
1282			netbios_change();
1283			//-->
1284			</script>
1285			</body>
1286			<?php include("fend.inc"); ?>
1287
1288			<?php
1289
1290			/* local utility functions */
1291
1292			function set_checked($var,& $chk) {
1293			if($var)
1294			$chk = 'checked';
1295			else
1296			$chk = '';
1297			}
1298
1299	4d8b3382	Carlos Eduardo Ramos	?>

Project

General

Profile

pfSense