/usr/local/www/vpn_openvpn_server.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/usr/local/www/vpn_openvpn_server.php @ 23d9f686

1	d799787e	Matthew Grooms	<?php
2			/*
3			vpn_openvpn_server.php
4
5			Copyright (C) 2008 Shrew Soft Inc.
6			All rights reserved.
7
8			Redistribution and use in source and binary forms, with or without
9			modification, are permitted provided that the following conditions are met:
10
11			1. Redistributions of source code must retain the above copyright notice,
12			this list of conditions and the following disclaimer.
13
14			2. Redistributions in binary form must reproduce the above copyright
15			notice, this list of conditions and the following disclaimer in the
16			documentation and/or other materials provided with the distribution.
17
18			THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
19			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
20			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
21			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
22			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
24			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
25			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
26			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
27			POSSIBILITY OF SUCH DAMAGE.
28			*/
29
30			##\|+PRIV
31			##\|*IDENT=page-openvpn-server
32			##\|*NAME=OpenVPN: Server page
33			##\|*DESCR=Allow access to the 'OpenVPN: Server' page.
34			##\|MATCH=vpn_openvpn_server.php
35			##\|-PRIV
36
37			require("guiconfig.inc");
38	d84bd468	Ermal Lu?i	require_once("openvpn.inc");
39	d799787e	Matthew Grooms
40			if (!is_array($config['openvpn']['openvpn-server']))
41			$config['openvpn']['openvpn-server'] = array();
42
43			$a_server = &$config['openvpn']['openvpn-server'];
44
45	428e66b6	jim-p	if (!is_array($config['ca']))
46			$config['ca'] = array();
47
48			$a_ca =& $config['ca'];
49
50			if (!is_array($config['cert']))
51			$config['cert'] = array();
52
53			$a_cert =& $config['cert'];
54
55			if (!is_array($config['crl']))
56			$config['crl'] = array();
57
58			$a_crl =& $config['crl'];
59
60	c1f95f5c	jim-p	foreach ($a_crl as $cid => $acrl)
61			if (!isset($acrl['refid']))
62			unset ($a_crl[$cid]);
63
64	d799787e	Matthew Grooms	$id = $_GET['id'];
65			if (isset($_POST['id']))
66			$id = $_POST['id'];
67
68			$act = $_GET['act'];
69			if (isset($_POST['act']))
70			$act = $_POST['act'];
71
72	6d9b1074	jim-p	if (isset($id) && $a_server[$id])
73			$vpnid = $a_server[$id]['vpnid'];
74			else
75			$vpnid = 0;
76
77	d799787e	Matthew Grooms	if ($_GET['act'] == "del") {
78
79	767cf960	jim-p	if (!isset($a_server[$id])) {
80	d799787e	Matthew Grooms	pfSenseHeader("vpn_openvpn_server.php");
81			exit;
82			}
83	767cf960	jim-p	if (!empty($a_server[$id]))
84			openvpn_delete('server', $a_server[$id]);
85	d799787e	Matthew Grooms	unset($a_server[$id]);
86			write_config();
87			$savemsg = gettext("Server successfully deleted")."<br/>";
88			}
89
90	f432e364	Matthew Grooms	if($_GET['act']=="new"){
91	3c11bd3c	Matthew Grooms	$pconfig['autokey_enable'] = "yes";
92			$pconfig['tlsauth_enable'] = "yes";
93			$pconfig['autotls_enable'] = "yes";
94	fe787fc7	Matthew Grooms	$pconfig['dh_length'] = 1024;
95	4936ff53	jim-p	$pconfig['dev_mode'] = "tun";
96	f432e364	Matthew Grooms	$pconfig['interface'] = "wan";
97	8cd0a3fa	jim-p	$pconfig['local_port'] = openvpn_port_next('UDP');
98	f432e364	Matthew Grooms	$pconfig['pool_enable'] = "yes";
99	41936acc	jim-p	$pconfig['cert_depth'] = 1;
100	97d5b59b	jim-p	// OpenVPN Defaults to SHA1
101			$pconfig['digest'] = "SHA1";
102	f432e364	Matthew Grooms	}
103
104	d799787e	Matthew Grooms	if($_GET['act']=="edit"){
105
106			if (isset($id) && $a_server[$id]) {
107	870318b9	Ermal Lu?i	$pconfig['disable'] = isset($a_server[$id]['disable']);
108	3c11bd3c	Matthew Grooms	$pconfig['mode'] = $a_server[$id]['mode'];
109	d799787e	Matthew Grooms	$pconfig['protocol'] = $a_server[$id]['protocol'];
110	e8a58de4	Ermal Lu?i	$pconfig['authmode'] = $a_server[$id]['authmode'];
111	4936ff53	jim-p	$pconfig['dev_mode'] = $a_server[$id]['dev_mode'];
112	d799787e	Matthew Grooms	$pconfig['interface'] = $a_server[$id]['interface'];
113	67b0902f	pierrepomes	if (!empty($a_server[$id]['ipaddr'])) {
114			$pconfig['interface'] = $pconfig['interface'] . '\|' . $a_server[$id]['ipaddr'];
115			}
116	d799787e	Matthew Grooms	$pconfig['local_port'] = $a_server[$id]['local_port'];
117			$pconfig['description'] = $a_server[$id]['description'];
118	a9a613dd	Scott Ullrich	$pconfig['custom_options'] = $a_server[$id]['custom_options'];
119	d799787e	Matthew Grooms
120	3c11bd3c	Matthew Grooms	if ($pconfig['mode'] != "p2p_shared_key") {
121			if ($a_server[$id]['tls']) {
122			$pconfig['tlsauth_enable'] = "yes";
123			$pconfig['tls'] = base64_decode($a_server[$id]['tls']);
124			}
125	fe787fc7	Matthew Grooms	$pconfig['caref'] = $a_server[$id]['caref'];
126	6db02381	jim-p	$pconfig['crlref'] = $a_server[$id]['crlref'];
127	fe787fc7	Matthew Grooms	$pconfig['certref'] = $a_server[$id]['certref'];
128			$pconfig['dh_length'] = $a_server[$id]['dh_length'];
129	41936acc	jim-p	if (isset($a_server[$id]['cert_depth']))
130			$pconfig['cert_depth'] = $a_server[$id]['cert_depth'];
131			else
132			$pconfig['cert_depth'] = 1;
133	94823361	jim-p	if ($pconfig['mode'] == "server_tls_user")
134			$pconfig['strictusercn'] = $a_server[$id]['strictusercn'];
135	3c11bd3c	Matthew Grooms	} else
136			$pconfig['shared_key'] = base64_decode($a_server[$id]['shared_key']);
137	d799787e	Matthew Grooms	$pconfig['crypto'] = $a_server[$id]['crypto'];
138	97d5b59b	jim-p	// OpenVPN Defaults to SHA1 if unset
139			$pconfig['digest'] = !empty($a_server[$id]['digest']) ? $a_server[$id]['digest'] : "SHA1";
140	582c58ae	jim-p	$pconfig['engine'] = $a_server[$id]['engine'];
141	d799787e	Matthew Grooms
142			$pconfig['tunnel_network'] = $a_server[$id]['tunnel_network'];
143	b1ba04cf	Seth Mos	$pconfig['tunnel_networkv6'] = $a_server[$id]['tunnel_networkv6'];
144	1ab6bdb5	jim-p
145	d799787e	Matthew Grooms	$pconfig['remote_network'] = $a_server[$id]['remote_network'];
146	4856df9b	jim-p	$pconfig['remote_networkv6'] = $a_server[$id]['remote_networkv6'];
147	d799787e	Matthew Grooms	$pconfig['gwredir'] = $a_server[$id]['gwredir'];
148			$pconfig['local_network'] = $a_server[$id]['local_network'];
149	b1ba04cf	Seth Mos	$pconfig['local_networkv6'] = $a_server[$id]['local_networkv6'];
150	d799787e	Matthew Grooms	$pconfig['maxclients'] = $a_server[$id]['maxclients'];
151			$pconfig['compression'] = $a_server[$id]['compression'];
152	1cb0b40a	Matthew Grooms	$pconfig['passtos'] = $a_server[$id]['passtos'];
153	d799787e	Matthew Grooms	$pconfig['client2client'] = $a_server[$id]['client2client'];
154
155	65ff8497	jim-p	$pconfig['dynamic_ip'] = $a_server[$id]['dynamic_ip'];
156	d799787e	Matthew Grooms	$pconfig['pool_enable'] = $a_server[$id]['pool_enable'];
157	ee55ce7d	jim-p	$pconfig['topology_subnet'] = $a_server[$id]['topology_subnet'];
158	d799787e	Matthew Grooms
159	1ab6bdb5	jim-p	$pconfig['serverbridge_dhcp'] = $a_server[$id]['serverbridge_dhcp'];
160			$pconfig['serverbridge_interface'] = $a_server[$id]['serverbridge_interface'];
161			$pconfig['serverbridge_dhcp_start'] = $a_server[$id]['serverbridge_dhcp_start'];
162			$pconfig['serverbridge_dhcp_end'] = $a_server[$id]['serverbridge_dhcp_end'];
163
164	d799787e	Matthew Grooms	$pconfig['dns_domain'] = $a_server[$id]['dns_domain'];
165			if ($pconfig['dns_domain'])
166			$pconfig['dns_domain_enable'] = true;
167
168			$pconfig['dns_server1'] = $a_server[$id]['dns_server1'];
169			$pconfig['dns_server2'] = $a_server[$id]['dns_server2'];
170			$pconfig['dns_server3'] = $a_server[$id]['dns_server3'];
171			$pconfig['dns_server4'] = $a_server[$id]['dns_server4'];
172			if ($pconfig['dns_server1'] \|\|
173			$pconfig['dns_server2'] \|\|
174			$pconfig['dns_server3'] \|\|
175			$pconfig['dns_server4'])
176			$pconfig['dns_server_enable'] = true;
177
178			$pconfig['ntp_server1'] = $a_server[$id]['ntp_server1'];
179			$pconfig['ntp_server2'] = $a_server[$id]['ntp_server2'];
180			if ($pconfig['ntp_server1'] \|\|
181			$pconfig['ntp_server2'])
182			$pconfig['ntp_server_enable'] = true;
183
184			$pconfig['netbios_enable'] = $a_server[$id]['netbios_enable'];
185			$pconfig['netbios_ntype'] = $a_server[$id]['netbios_ntype'];
186			$pconfig['netbios_scope'] = $a_server[$id]['netbios_scope'];
187
188			$pconfig['wins_server1'] = $a_server[$id]['wins_server1'];
189			$pconfig['wins_server2'] = $a_server[$id]['wins_server2'];
190			if ($pconfig['wins_server1'] \|\|
191			$pconfig['wins_server2'])
192			$pconfig['wins_server_enable'] = true;
193
194	faf61f12	Phil Davis	$pconfig['client_mgmt_port'] = $a_server[$id]['client_mgmt_port'];
195			if ($pconfig['client_mgmt_port'])
196			$pconfig['client_mgmt_port_enable'] = true;
197
198	d799787e	Matthew Grooms	$pconfig['nbdd_server1'] = $a_server[$id]['nbdd_server1'];
199			if ($pconfig['nbdd_server1'])
200			$pconfig['nbdd_server_enable'] = true;
201	3c11bd3c	Matthew Grooms
202			// just in case the modes switch
203			$pconfig['autokey_enable'] = "yes";
204			$pconfig['autotls_enable'] = "yes";
205	bca35cff	jim-p
206			$pconfig['duplicate_cn'] = isset($a_server[$id]['duplicate_cn']);
207	d799787e	Matthew Grooms	}
208			}
209			if ($_POST) {
210
211			unset($input_errors);
212			$pconfig = $_POST;
213
214	f432e364	Matthew Grooms	if (isset($id) && $a_server[$id])
215			$vpnid = $a_server[$id]['vpnid'];
216			else
217			$vpnid = 0;
218
219	198bb449	jim-p	list($iv_iface, $iv_ip) = explode ("\|",$pconfig['interface']);
220			if (is_ipaddrv4($iv_ip) && (stristr($pconfig['protocol'], "6") !== false)) {
221			$input_errors[] = gettext("Protocol and IP address families do not match. You cannot select an IPv6 protocol and an IPv4 IP address.");
222			} elseif (is_ipaddrv6($iv_ip) && (stristr($pconfig['protocol'], "6") === false)) {
223			$input_errors[] = gettext("Protocol and IP address families do not match. You cannot select an IPv4 protocol and an IPv6 IP address.");
224	489f484c	jim-p	} elseif ((stristr($pconfig['protocol'], "6") === false) && !get_interface_ip($iv_iface) && ($pconfig['interface'] != "any")) {
225	198bb449	jim-p	$input_errors[] = gettext("An IPv4 protocol was selected, but the selected interface has no IPv4 address.");
226	489f484c	jim-p	} elseif ((stristr($pconfig['protocol'], "6") !== false) && !get_interface_ipv6($iv_iface) && ($pconfig['interface'] != "any")) {
227	198bb449	jim-p	$input_errors[] = gettext("An IPv6 protocol was selected, but the selected interface has no IPv6 address.");
228			}
229
230	98c0c87a	jim-p	if ($pconfig['mode'] != "p2p_shared_key")
231	3c11bd3c	Matthew Grooms	$tls_mode = true;
232			else
233			$tls_mode = false;
234
235	b0b6d575	jim-p	if (empty($pconfig['authmode']) && (($pconfig['mode'] == "server_user") \|\| ($pconfig['mode'] == "server_tls_user")))
236			$input_errors[] = gettext("You must select a Backend for Authentication if the server mode requires User Auth.");
237
238	d799787e	Matthew Grooms	/* input validation */
239			if ($result = openvpn_validate_port($pconfig['local_port'], 'Local port'))
240			$input_errors[] = $result;
241
242	a28d40cb	jim-p	if ($result = openvpn_validate_cidr($pconfig['tunnel_network'], 'IPv4 Tunnel Network', false, "ipv4"))
243	d799787e	Matthew Grooms	$input_errors[] = $result;
244
245	a28d40cb	jim-p	if ($result = openvpn_validate_cidr($pconfig['tunnel_networkv6'], 'IPv6 Tunnel Network', false, "ipv6"))
246	d799787e	Matthew Grooms	$input_errors[] = $result;
247
248	a28d40cb	jim-p	if ($result = openvpn_validate_cidr($pconfig['remote_network'], 'IPv4 Remote Network', true, "ipv4"))
249			$input_errors[] = $result;
250
251			if ($result = openvpn_validate_cidr($pconfig['remote_networkv6'], 'IPv6 Remote Network', true, "ipv6"))
252			$input_errors[] = $result;
253
254			if ($result = openvpn_validate_cidr($pconfig['local_network'], 'IPv4 Local Network', true, "ipv4"))
255			$input_errors[] = $result;
256
257			if ($result = openvpn_validate_cidr($pconfig['local_networkv6'], 'IPv6 Local Network', true, "ipv6"))
258	d799787e	Matthew Grooms	$input_errors[] = $result;
259
260	49b76122	Renato Botelho	$portused = openvpn_port_used($pconfig['protocol'], $pconfig['interface'], $pconfig['local_port'], $vpnid);
261	5accf130	jim-p	if (($portused != $vpnid) && ($portused != 0))
262	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The specified 'Local port' is in use. Please select another value");
263	f432e364	Matthew Grooms
264	89e6e210	jim-p	if ($pconfig['autokey_enable'])
265			$pconfig['shared_key'] = openvpn_create_key();
266
267	3c11bd3c	Matthew Grooms	if (!$tls_mode && !$pconfig['autokey_enable'])
268	d799787e	Matthew Grooms	if (!strstr($pconfig['shared_key'], "-----BEGIN OpenVPN Static key V1-----") \|\|
269			!strstr($pconfig['shared_key'], "-----END OpenVPN Static key V1-----"))
270	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'Shared Key' does not appear to be valid");
271	3c11bd3c	Matthew Grooms
272			if ($tls_mode && $pconfig['tlsauth_enable'] && !$pconfig['autotls_enable'])
273			if (!strstr($pconfig['tls'], "-----BEGIN OpenVPN Static key V1-----") \|\|
274			!strstr($pconfig['tls'], "-----END OpenVPN Static key V1-----"))
275	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'TLS Authentication Key' does not appear to be valid");
276	d799787e	Matthew Grooms
277			if ($pconfig['dns_server_enable']) {
278			if (!empty($pconfig['dns_server1']) && !is_ipaddr(trim($pconfig['dns_server1'])))
279	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'DNS Server #1' must contain a valid IP address");
280	d799787e	Matthew Grooms	if (!empty($pconfig['dns_server2']) && !is_ipaddr(trim($pconfig['dns_server2'])))
281	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'DNS Server #2' must contain a valid IP address");
282	d799787e	Matthew Grooms	if (!empty($pconfig['dns_server3']) && !is_ipaddr(trim($pconfig['dns_server3'])))
283	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'DNS Server #3' must contain a valid IP address");
284	d799787e	Matthew Grooms	if (!empty($pconfig['dns_server4']) && !is_ipaddr(trim($pconfig['dns_server4'])))
285	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'DNS Server #4' must contain a valid IP address");
286	d799787e	Matthew Grooms	}
287
288			if ($pconfig['ntp_server_enable']) {
289			if (!empty($pconfig['ntp_server1']) && !is_ipaddr(trim($pconfig['ntp_server1'])))
290	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'NTP Server #1' must contain a valid IP address");
291	d799787e	Matthew Grooms	if (!empty($pconfig['ntp_server2']) && !is_ipaddr(trim($pconfig['ntp_server2'])))
292	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'NTP Server #2' must contain a valid IP address");
293	d799787e	Matthew Grooms	if (!empty($pconfig['ntp_server3']) && !is_ipaddr(trim($pconfig['ntp_server3'])))
294	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'NTP Server #3' must contain a valid IP address");
295	d799787e	Matthew Grooms	if (!empty($pconfig['ntp_server4']) && !is_ipaddr(trim($pconfig['ntp_server4'])))
296	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'NTP Server #4' must contain a valid IP address");
297	d799787e	Matthew Grooms	}
298
299			if ($pconfig['netbios_enable']) {
300			if ($pconfig['wins_server_enable']) {
301			if (!empty($pconfig['wins_server1']) && !is_ipaddr(trim($pconfig['wins_server1'])))
302	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'WINS Server #1' must contain a valid IP address");
303	d799787e	Matthew Grooms	if (!empty($pconfig['wins_server2']) && !is_ipaddr(trim($pconfig['wins_server2'])))
304	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'WINS Server #2' must contain a valid IP address");
305	d799787e	Matthew Grooms	}
306			if ($pconfig['nbdd_server_enable'])
307			if (!empty($pconfig['nbdd_server1']) && !is_ipaddr(trim($pconfig['nbdd_server1'])))
308	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'NetBIOS Data Distribution Server #1' must contain a valid IP address");
309	d799787e	Matthew Grooms	}
310
311	faf61f12	Phil Davis	if ($pconfig['client_mgmt_port_enable']) {
312			if ($result = openvpn_validate_port($pconfig['client_mgmt_port'], 'Client management port'))
313			$input_errors[] = $result;
314			}
315
316	d799787e	Matthew Grooms	if ($pconfig['maxclients'] && !is_numeric($pconfig['maxclients']))
317	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'Concurrent connections' must be numeric.");
318	d799787e	Matthew Grooms
319	21c776dd	jim-p	/* If we are not in shared key mode, then we need the CA/Cert. */
320			if ($pconfig['mode'] != "p2p_shared_key") {
321	872d9195	Matthew Grooms	$reqdfields = explode(" ", "caref certref");
322	fe6d7a55	jim-p	$reqdfieldsn = array(gettext("Certificate Authority"),gettext("Certificate"));
323	21c776dd	jim-p	} elseif (!$pconfig['autokey_enable']) {
324			/* We only need the shared key filled in if we are in shared key mode and autokey is not selected. */
325			$reqdfields = array('shared_key');
326	4d8b3382	Carlos Eduardo Ramos	$reqdfieldsn = array(gettext('Shared key'));
327	d799787e	Matthew Grooms	}
328
329	1ab6bdb5	jim-p	if ($pconfig['dev_mode'] != "tap") {
330			$reqdfields[] = 'tunnel_network';
331			$reqdfieldsn[] = gettext('Tunnel network');
332			} else {
333	74a556a3	jim-p	if ($pconfig['serverbridge_dhcp'] && $pconfig['tunnel_network'])
334			$input_errors[] = gettext("Using a tunnel network and server bridge settings together is not allowed.");
335	1ab6bdb5	jim-p	if (($pconfig['serverbridge_dhcp_start'] && !$pconfig['serverbridge_dhcp_end'])
336			\|\| (!$pconfig['serverbridge_dhcp_start'] && $pconfig['serverbridge_dhcp_end']))
337			$input_errors[] = gettext("Server Bridge DHCP Start and End must both be empty, or defined.");
338			if (($pconfig['serverbridge_dhcp_start'] && !is_ipaddrv4($pconfig['serverbridge_dhcp_start'])))
339			$input_errors[] = gettext("Server Bridge DHCP Start must be an IPv4 address.");
340			if (($pconfig['serverbridge_dhcp_end'] && !is_ipaddrv4($pconfig['serverbridge_dhcp_end'])))
341			$input_errors[] = gettext("Server Bridge DHCP End must be an IPv4 address.");
342			if (ip2ulong($pconfig['serverbridge_dhcp_start']) > ip2ulong($pconfig['serverbridge_dhcp_end']))
343			$input_errors[] = gettext("The Server Bridge DHCP range is invalid (start higher than end).");
344			}
345	1e9b4611	Renato Botelho	do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
346	d799787e	Matthew Grooms
347			if (!$input_errors) {
348
349			$server = array();
350
351	da601f8e	PiBa-NL	if ($id && $pconfig['dev_mode'] <> $a_server[$id]['dev_mode'])
352			openvpn_delete('server', $a_server[$id]);// delete(rename) old interface so a new TUN or TAP interface can be created.
353
354	f432e364	Matthew Grooms	if ($vpnid)
355			$server['vpnid'] = $vpnid;
356	e28120e5	Matthew Grooms	else
357	d799787e	Matthew Grooms	$server['vpnid'] = openvpn_vpnid_next();
358
359	870318b9	Ermal Lu?i	if ($_POST['disable'] == "yes")
360			$server['disable'] = true;
361	3c11bd3c	Matthew Grooms	$server['mode'] = $pconfig['mode'];
362	8a47c190	Ermal Lu?i	if (!empty($pconfig['authmode']))
363			$server['authmode'] = implode(",", $pconfig['authmode']);
364	d799787e	Matthew Grooms	$server['protocol'] = $pconfig['protocol'];
365	4936ff53	jim-p	$server['dev_mode'] = $pconfig['dev_mode'];
366	67b0902f	pierrepomes	list($server['interface'], $server['ipaddr']) = explode ("\|",$pconfig['interface']);
367	d799787e	Matthew Grooms	$server['local_port'] = $pconfig['local_port'];
368			$server['description'] = $pconfig['description'];
369	e3bbd29a	Ermal	$server['custom_options'] = str_replace("\r\n", "\n", $pconfig['custom_options']);
370	d799787e	Matthew Grooms
371	3c11bd3c	Matthew Grooms	if ($tls_mode) {
372			if ($pconfig['tlsauth_enable']) {
373			if ($pconfig['autotls_enable'])
374			$pconfig['tls'] = openvpn_create_key();
375			$server['tls'] = base64_encode($pconfig['tls']);
376			}
377	fe787fc7	Matthew Grooms	$server['caref'] = $pconfig['caref'];
378	6db02381	jim-p	$server['crlref'] = $pconfig['crlref'];
379	fe787fc7	Matthew Grooms	$server['certref'] = $pconfig['certref'];
380			$server['dh_length'] = $pconfig['dh_length'];
381	98963f27	jim-p	$server['cert_depth'] = $pconfig['cert_depth'];
382	94823361	jim-p	if ($pconfig['mode'] == "server_tls_user")
383			$server['strictusercn'] = $pconfig['strictusercn'];
384	3c11bd3c	Matthew Grooms	} else {
385			$server['shared_key'] = base64_encode($pconfig['shared_key']);
386	d799787e	Matthew Grooms	}
387			$server['crypto'] = $pconfig['crypto'];
388	97d5b59b	jim-p	$server['digest'] = $pconfig['digest'];
389	582c58ae	jim-p	$server['engine'] = $pconfig['engine'];
390	d799787e	Matthew Grooms
391			$server['tunnel_network'] = $pconfig['tunnel_network'];
392	b1ba04cf	Seth Mos	$server['tunnel_networkv6'] = $pconfig['tunnel_networkv6'];
393	d799787e	Matthew Grooms	$server['remote_network'] = $pconfig['remote_network'];
394	4856df9b	jim-p	$server['remote_networkv6'] = $pconfig['remote_networkv6'];
395	d799787e	Matthew Grooms	$server['gwredir'] = $pconfig['gwredir'];
396			$server['local_network'] = $pconfig['local_network'];
397	b1ba04cf	Seth Mos	$server['local_networkv6'] = $pconfig['local_networkv6'];
398	d799787e	Matthew Grooms	$server['maxclients'] = $pconfig['maxclients'];
399			$server['compression'] = $pconfig['compression'];
400	1cb0b40a	Matthew Grooms	$server['passtos'] = $pconfig['passtos'];
401	d799787e	Matthew Grooms	$server['client2client'] = $pconfig['client2client'];
402
403	65ff8497	jim-p	$server['dynamic_ip'] = $pconfig['dynamic_ip'];
404	d799787e	Matthew Grooms	$server['pool_enable'] = $pconfig['pool_enable'];
405	ee55ce7d	jim-p	$server['topology_subnet'] = $pconfig['topology_subnet'];
406	d799787e	Matthew Grooms
407	1ab6bdb5	jim-p	$server['serverbridge_dhcp'] = $pconfig['serverbridge_dhcp'];
408			$server['serverbridge_interface'] = $pconfig['serverbridge_interface'];
409			$server['serverbridge_dhcp_start'] = $pconfig['serverbridge_dhcp_start'];
410			$server['serverbridge_dhcp_end'] = $pconfig['serverbridge_dhcp_end'];
411
412	d799787e	Matthew Grooms	if ($pconfig['dns_domain_enable'])
413			$server['dns_domain'] = $pconfig['dns_domain'];
414
415			if ($pconfig['dns_server_enable']) {
416			$server['dns_server1'] = $pconfig['dns_server1'];
417			$server['dns_server2'] = $pconfig['dns_server2'];
418			$server['dns_server3'] = $pconfig['dns_server3'];
419			$server['dns_server4'] = $pconfig['dns_server4'];
420			}
421
422			if ($pconfig['ntp_server_enable']) {
423			$server['ntp_server1'] = $pconfig['ntp_server1'];
424			$server['ntp_server2'] = $pconfig['ntp_server2'];
425			}
426
427			$server['netbios_enable'] = $pconfig['netbios_enable'];
428			$server['netbios_ntype'] = $pconfig['netbios_ntype'];
429			$server['netbios_scope'] = $pconfig['netbios_scope'];
430
431			if ($pconfig['netbios_enable']) {
432
433			if ($pconfig['wins_server_enable']) {
434			$server['wins_server1'] = $pconfig['wins_server1'];
435			$server['wins_server2'] = $pconfig['wins_server2'];
436			}
437
438			if ($pconfig['dns_server_enable'])
439			$server['nbdd_server1'] = $pconfig['nbdd_server1'];
440			}
441	bca35cff	jim-p
442	faf61f12	Phil Davis	if ($pconfig['client_mgmt_port_enable'])
443			$server['client_mgmt_port'] = $pconfig['client_mgmt_port'];
444
445	bca35cff	jim-p	if ($_POST['duplicate_cn'] == "yes")
446			$server['duplicate_cn'] = true;
447
448	d799787e	Matthew Grooms	if (isset($id) && $a_server[$id])
449			$a_server[$id] = $server;
450			else
451			$a_server[] = $server;
452
453	dc408939	Matthew Grooms	openvpn_resync('server', $server);
454	d799787e	Matthew Grooms	write_config();
455
456			header("Location: vpn_openvpn_server.php");
457			exit;
458			}
459	8a47c190	Ermal Lu?i	if (!empty($pconfig['authmode']))
460			$pconfig['authmode'] = implode(",", $pconfig['authmode']);
461	d799787e	Matthew Grooms	}
462	6d9b1074	jim-p	$pgtitle = array(gettext("OpenVPN"), gettext("Server"));
463			$shortcut_section = "openvpn";
464	d799787e	Matthew Grooms
465			include("head.inc");
466
467			?>
468
469			<body link="#000000" vlink="#000000" alink="#000000" onload="<?= $jsevents["body"]["onload"] ?>">
470			<?php include("fbegin.inc"); ?>
471			<script language="JavaScript">
472			<!--
473
474	3c11bd3c	Matthew Grooms	function mode_change() {
475			index = document.iform.mode.selectedIndex;
476			value = document.iform.mode.options[index].value;
477	d799787e	Matthew Grooms	switch(value) {
478	3c11bd3c	Matthew Grooms	case "p2p_tls":
479			case "server_tls":
480			case "server_user":
481	94823361	jim-p	document.getElementById("tls").style.display="";
482			document.getElementById("tls_ca").style.display="";
483			document.getElementById("tls_crl").style.display="";
484			document.getElementById("tls_cert").style.display="";
485			document.getElementById("tls_dh").style.display="";
486	98963f27	jim-p	document.getElementById("cert_depth").style.display="";
487	94823361	jim-p	document.getElementById("strictusercn").style.display="none";
488			document.getElementById("psk").style.display="none";
489			break;
490	3c11bd3c	Matthew Grooms	case "server_tls_user":
491			document.getElementById("tls").style.display="";
492			document.getElementById("tls_ca").style.display="";
493	6db02381	jim-p	document.getElementById("tls_crl").style.display="";
494	3c11bd3c	Matthew Grooms	document.getElementById("tls_cert").style.display="";
495	fe787fc7	Matthew Grooms	document.getElementById("tls_dh").style.display="";
496	98963f27	jim-p	document.getElementById("cert_depth").style.display="";
497	94823361	jim-p	document.getElementById("strictusercn").style.display="";
498	d799787e	Matthew Grooms	document.getElementById("psk").style.display="none";
499			break;
500	3c11bd3c	Matthew Grooms	case "p2p_shared_key":
501			document.getElementById("tls").style.display="none";
502			document.getElementById("tls_ca").style.display="none";
503	6db02381	jim-p	document.getElementById("tls_crl").style.display="none";
504	3c11bd3c	Matthew Grooms	document.getElementById("tls_cert").style.display="none";
505	fe787fc7	Matthew Grooms	document.getElementById("tls_dh").style.display="none";
506	98963f27	jim-p	document.getElementById("cert_depth").style.display="none";
507	94823361	jim-p	document.getElementById("strictusercn").style.display="none";
508	d799787e	Matthew Grooms	document.getElementById("psk").style.display="";
509			break;
510			}
511	3c11bd3c	Matthew Grooms	switch(value) {
512			case "p2p_shared_key":
513			document.getElementById("client_opts").style.display="none";
514	415bddea	jim-p	document.getElementById("remote_optsv4").style.display="";
515			document.getElementById("remote_optsv6").style.display="";
516	a2ff08f8	jim-p	document.getElementById("gwredir_opts").style.display="none";
517	4856df9b	jim-p	document.getElementById("local_optsv4").style.display="none";
518			document.getElementById("local_optsv6").style.display="none";
519	b008c1eb	jim-p	document.getElementById("authmodetr").style.display="none";
520	107794cc	jim-p	document.getElementById("inter_client_communication").style.display="none";
521	b008c1eb	jim-p	break;
522			case "p2p_tls":
523			document.getElementById("client_opts").style.display="none";
524	415bddea	jim-p	document.getElementById("remote_optsv4").style.display="";
525			document.getElementById("remote_optsv6").style.display="";
526	a2ff08f8	jim-p	document.getElementById("gwredir_opts").style.display="";
527	4856df9b	jim-p	document.getElementById("local_optsv4").style.display="";
528			document.getElementById("local_optsv6").style.display="";
529	e8a58de4	Ermal Lu?i	document.getElementById("authmodetr").style.display="none";
530	107794cc	jim-p	document.getElementById("inter_client_communication").style.display="none";
531	3c11bd3c	Matthew Grooms	break;
532	e8a58de4	Ermal Lu?i	case "server_user":
533			case "server_tls_user":
534			document.getElementById("authmodetr").style.display="";
535	54b9de56	Ermal Lu?i	document.getElementById("client_opts").style.display="";
536	415bddea	jim-p	document.getElementById("remote_optsv4").style.display="none";
537			document.getElementById("remote_optsv6").style.display="none";
538	a2ff08f8	jim-p	document.getElementById("gwredir_opts").style.display="";
539	4856df9b	jim-p	document.getElementById("local_optsv4").style.display="";
540			document.getElementById("local_optsv6").style.display="";
541	107794cc	jim-p	document.getElementById("inter_client_communication").style.display="";
542	54b9de56	Ermal Lu?i	break;
543			case "server_tls":
544			document.getElementById("authmodetr").style.display="none";
545	3c11bd3c	Matthew Grooms	default:
546			document.getElementById("client_opts").style.display="";
547	415bddea	jim-p	document.getElementById("remote_optsv4").style.display="none";
548			document.getElementById("remote_optsv6").style.display="none";
549	a2ff08f8	jim-p	document.getElementById("gwredir_opts").style.display="";
550	4856df9b	jim-p	document.getElementById("local_optsv4").style.display="";
551			document.getElementById("local_optsv6").style.display="";
552	107794cc	jim-p	document.getElementById("inter_client_communication").style.display="";
553	3c11bd3c	Matthew Grooms	break;
554			}
555	a2ff08f8	jim-p	gwredir_change();
556	3c11bd3c	Matthew Grooms	}
557
558			function autokey_change() {
559
560	f54712b6	jim-p	if ((document.iform.autokey_enable != null) && (document.iform.autokey_enable.checked))
561	3c11bd3c	Matthew Grooms	document.getElementById("autokey_opts").style.display="none";
562			else
563			document.getElementById("autokey_opts").style.display="";
564			}
565
566			function tlsauth_change() {
567
568			<?php if (!$pconfig['tls']): ?>
569			if (document.iform.tlsauth_enable.checked)
570			document.getElementById("tlsauth_opts").style.display="";
571			else
572			document.getElementById("tlsauth_opts").style.display="none";
573			<?php endif; ?>
574
575			autotls_change();
576			}
577
578			function autotls_change() {
579
580			<?php if (!$pconfig['tls']): ?>
581			autocheck = document.iform.autotls_enable.checked;
582			<?php else: ?>
583			autocheck = false;
584			<?php endif; ?>
585
586			if (document.iform.tlsauth_enable.checked && !autocheck)
587			document.getElementById("autotls_opts").style.display="";
588			else
589			document.getElementById("autotls_opts").style.display="none";
590	d799787e	Matthew Grooms	}
591
592			function gwredir_change() {
593
594	fd96a3fc	bcyrill	if (document.iform.gwredir.checked) {
595			document.getElementById("local_optsv4").style.display="none";
596			document.getElementById("local_optsv6").style.display="none";
597			} else {
598			document.getElementById("local_optsv4").style.display="";
599			document.getElementById("local_optsv6").style.display="";
600			}
601	d799787e	Matthew Grooms	}
602
603			function dns_domain_change() {
604
605			if (document.iform.dns_domain_enable.checked)
606			document.getElementById("dns_domain_data").style.display="";
607			else
608			document.getElementById("dns_domain_data").style.display="none";
609			}
610
611			function dns_server_change() {
612
613			if (document.iform.dns_server_enable.checked)
614			document.getElementById("dns_server_data").style.display="";
615			else
616			document.getElementById("dns_server_data").style.display="none";
617			}
618
619			function wins_server_change() {
620
621			if (document.iform.wins_server_enable.checked)
622			document.getElementById("wins_server_data").style.display="";
623			else
624			document.getElementById("wins_server_data").style.display="none";
625			}
626
627	faf61f12	Phil Davis	function client_mgmt_port_change() {
628
629			if (document.iform.client_mgmt_port_enable.checked)
630			document.getElementById("client_mgmt_port_data").style.display="";
631			else
632			document.getElementById("client_mgmt_port_data").style.display="none";
633			}
634
635	d799787e	Matthew Grooms	function ntp_server_change() {
636
637			if (document.iform.ntp_server_enable.checked)
638			document.getElementById("ntp_server_data").style.display="";
639			else
640			document.getElementById("ntp_server_data").style.display="none";
641			}
642
643			function netbios_change() {
644
645			if (document.iform.netbios_enable.checked) {
646			document.getElementById("netbios_data").style.display="";
647			document.getElementById("wins_opts").style.display="";
648			} else {
649			document.getElementById("netbios_data").style.display="none";
650			document.getElementById("wins_opts").style.display="none";
651			}
652			}
653
654	1ab6bdb5	jim-p	function tuntap_change() {
655
656			mindex = document.iform.mode.selectedIndex;
657			mvalue = document.iform.mode.options[mindex].value;
658
659			switch(mvalue) {
660			case "p2p_tls":
661			case "p2p_shared_key":
662			p2p = true;
663			break;
664			default:
665			p2p = false;
666			break;
667			}
668
669			index = document.iform.dev_mode.selectedIndex;
670			value = document.iform.dev_mode.options[index].value;
671			switch(value) {
672			case "tun":
673	74a556a3	jim-p	document.getElementById("ipv4_tunnel_network").className="vncellreq";
674	1ab6bdb5	jim-p	document.getElementById("serverbridge_dhcp").style.display="none";
675			document.getElementById("serverbridge_interface").style.display="none";
676			document.getElementById("serverbridge_dhcp_start").style.display="none";
677			document.getElementById("serverbridge_dhcp_end").style.display="none";
678	ee55ce7d	jim-p	document.getElementById("topology_subnet_opt").style.display="";
679	1ab6bdb5	jim-p	break;
680			case "tap":
681	74a556a3	jim-p	document.getElementById("ipv4_tunnel_network").className="vncell";
682	1ab6bdb5	jim-p	if (!p2p) {
683			document.getElementById("serverbridge_dhcp").style.display="";
684			document.getElementById("serverbridge_interface").style.display="";
685			document.getElementById("serverbridge_dhcp_start").style.display="";
686			document.getElementById("serverbridge_dhcp_end").style.display="";
687	ee55ce7d	jim-p	document.getElementById("topology_subnet_opt").style.display="none";
688	f54712b6	jim-p	document.iform.serverbridge_dhcp.disabled = false;
689	1ab6bdb5	jim-p	if (document.iform.serverbridge_dhcp.checked) {
690			document.iform.serverbridge_interface.disabled = false;
691			document.iform.serverbridge_dhcp_start.disabled = false;
692			document.iform.serverbridge_dhcp_end.disabled = false;
693			} else {
694			document.iform.serverbridge_interface.disabled = true;
695			document.iform.serverbridge_dhcp_start.disabled = true;
696			document.iform.serverbridge_dhcp_end.disabled = true;
697			}
698			} else {
699	ee55ce7d	jim-p	document.getElementById("topology_subnet_opt").style.display="none";
700	1ab6bdb5	jim-p	document.iform.serverbridge_dhcp.disabled = true;
701			document.iform.serverbridge_interface.disabled = true;
702			document.iform.serverbridge_dhcp_start.disabled = true;
703			document.iform.serverbridge_dhcp_end.disabled = true;
704			}
705			break;
706			}
707			}
708	d799787e	Matthew Grooms	//-->
709			</script>
710			<?php
711	428e66b6	jim-p	if (!$savemsg)
712			$savemsg = "";
713
714			if ($input_errors)
715			print_input_errors($input_errors);
716			if ($savemsg)
717			print_info_box_np($savemsg);
718	d799787e	Matthew Grooms	?>
719			<table width="100%" border="0" cellpadding="0" cellspacing="0">
720	5a3b0d3b	mgrooms	<tr>
721	d799787e	Matthew Grooms	<td class="tabnavtbl">
722			<ul id="tabnav">
723			<?php
724			$tab_array = array();
725			$tab_array[] = array(gettext("Server"), true, "vpn_openvpn_server.php");
726			$tab_array[] = array(gettext("Client"), false, "vpn_openvpn_client.php");
727			$tab_array[] = array(gettext("Client Specific Overrides"), false, "vpn_openvpn_csc.php");
728	5540aee6	Ermal Lu?i	$tab_array[] = array(gettext("Wizards"), false, "wizard.php?xml=openvpn_wizard.xml");
729	b63f2e8b	Matthew Grooms	add_package_tabs("OpenVPN", $tab_array);
730	d799787e	Matthew Grooms	display_top_tabs($tab_array);
731			?>
732			</ul>
733			</td>
734			</tr>
735			<tr>
736			<td class="tabcont">
737
738			<?php if($act=="new" \|\| $act=="edit"): ?>
739
740			<form action="vpn_openvpn_server.php" method="post" name="iform" id="iform" onsubmit="presubmit()">
741			<table width="100%" border="0" cellpadding="6" cellspacing="0">
742	47c00c09	Scott Ullrich	<tr>
743	4d8b3382	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="listtopic"><?=gettext("General information"); ?></td>
744	b63f2e8b	Matthew Grooms	</tr>
745	d799787e	Matthew Grooms	<tr>
746	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Disabled"); ?></td>
747	d799787e	Matthew Grooms	<td width="78%" class="vtable">
748			<table border="0" cellpadding="0" cellspacing="0">
749			<tr>
750			<td>
751			<?php set_checked($pconfig['disable'],$chk); ?>
752			<input name="disable" type="checkbox" value="yes" <?=$chk;?>/>
753			</td>
754			<td>
755
756			<span class="vexpl">
757	4d8b3382	Carlos Eduardo Ramos	<strong><?=gettext("Disable this server"); ?></strong><br>
758	d799787e	Matthew Grooms	</span>
759			</td>
760			</tr>
761			</table>
762	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Set this option to disable this server without removing it from the list"); ?>.
763	d799787e	Matthew Grooms	</td>
764			</tr>
765	3c11bd3c	Matthew Grooms	<tr>
766			<td width="22%" valign="top" class="vncellreq"><?=gettext("Server Mode");?></td>
767			<td width="78%" class="vtable">
768	1ab6bdb5	jim-p	<select name='mode' id='mode' class="formselect" onchange='mode_change(); tuntap_change()'>
769	3c11bd3c	Matthew Grooms	<?php
770			foreach ($openvpn_server_modes as $name => $desc):
771			$selected = "";
772			if ($pconfig['mode'] == $name)
773			$selected = "selected";
774			?>
775			<option value="<?=$name;?>" <?=$selected;?>><?=$desc;?></option>
776			<?php endforeach; ?>
777			</select>
778			</td>
779			</tr>
780	e8a58de4	Ermal Lu?i	<tr id="authmodetr" style="display:none">
781			<td width="22%" valign="top" class="vncellreq"><?=gettext("Backend for authentication");?></td>
782			<td width="78%" class="vtable">
783	6306b5dd	Ermal Lu?i	<select name='authmode[]' id='authmode' class="formselect" multiple="true" size="<?php echo count($auth_servers); ?>">
784	c61e4626	Ermal Lu?i	<?php $authmodes = explode(",", $pconfig['authmode']); ?>
785	e8a58de4	Ermal Lu?i	<?php
786	6306b5dd	Ermal Lu?i	$auth_servers = auth_get_authserver_list();
787	e8a58de4	Ermal Lu?i	foreach ($auth_servers as $auth_server):
788			$selected = "";
789	c61e4626	Ermal Lu?i	if (in_array($auth_server['name'], $authmodes))
790	e8a58de4	Ermal Lu?i	$selected = "selected";
791			?>
792			<option value="<?=$auth_server['name'];?>" <?=$selected;?>><?=$auth_server['name'];?></option>
793			<?php endforeach; ?>
794			</select>
795			</td>
796			</tr>
797	d799787e	Matthew Grooms	<tr>
798			<td width="22%" valign="top" class="vncellreq"><?=gettext("Protocol");?></td>
799			<td width="78%" class="vtable">
800			<select name='protocol' class="formselect">
801			<?php
802			foreach ($openvpn_prots as $prot):
803			$selected = "";
804			if ($pconfig['protocol'] == $prot)
805			$selected = "selected";
806			?>
807			<option value="<?=$prot;?>" <?=$selected;?>><?=$prot;?></option>
808			<?php endforeach; ?>
809			</select>
810			</td>
811			</tr>
812	bf87b4d7	lgcosta	<tr>
813			<td width="22%" valign="top" class="vncellreq"><?=gettext("Device Mode"); ?></td>
814			<td width="78%" class="vtable">
815	1ab6bdb5	jim-p	<select name="dev_mode" class="formselect" onchange='tuntap_change()'>
816	bf87b4d7	lgcosta	<?php
817			foreach ($openvpn_dev_mode as $device):
818	71edee5e	lgcosta	$selected = "";
819	4936ff53	jim-p	if (! empty($pconfig['dev_mode'])) {
820			if ($pconfig['dev_mode'] == $device)
821	71edee5e	lgcosta	$selected = "selected";
822			} else {
823			if ($device == "tun")
824			$selected = "selected";
825			}
826	bf87b4d7	lgcosta	?>
827			<option value="<?=$device;?>" <?=$selected;?>><?=$device;?></option>
828			<?php endforeach; ?>
829			</select>
830			</td>
831			</tr>
832	d799787e	Matthew Grooms	<tr>
833	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Interface"); ?></td>
834	d799787e	Matthew Grooms	<td width="78%" class="vtable">
835			<select name="interface" class="formselect">
836			<?php
837			$interfaces = get_configured_interface_with_descr();
838	3d06e8f0	pierrepomes	$carplist = get_configured_carp_interface_list();
839			foreach ($carplist as $cif => $carpip)
840	dd62256f	Pierre POMES	$interfaces[$cif.'\|'.$carpip] = $carpip." (".get_vip_descr($carpip).")";
841	67b0902f	pierrepomes	$aliaslist = get_configured_ip_aliases_list();
842			foreach ($aliaslist as $aliasip => $aliasif)
843	dd62256f	Pierre POMES	$interfaces[$aliasif.'\|'.$aliasip] = $aliasip." (".get_vip_descr($aliasip).")";
844	47c48e28	smos	$grouplist = return_gateway_groups_array();
845			foreach ($grouplist as $name => $group) {
846			if($group['ipprotocol'] != inet)
847			continue;
848			if($group[0]['vip'] <> "")
849			$vipif = $group[0]['vip'];
850			else
851			$vipif = $group[0]['int'];
852			$interfaces[$name] = "GW Group {$name}";
853			}
854	5c94aa12	jim-p	$interfaces['lo0'] = "Localhost";
855	67b0902f	pierrepomes	$interfaces['any'] = "any";
856	d799787e	Matthew Grooms	foreach ($interfaces as $iface => $ifacename):
857	1d3bcd2a	Matthew Grooms	$selected = "";
858			if ($iface == $pconfig['interface'])
859			$selected = "selected";
860	d799787e	Matthew Grooms	?>
861	1d3bcd2a	Matthew Grooms	<option value="<?=$iface;?>" <?=$selected;?>>
862			<?=htmlspecialchars($ifacename);?>
863			</option>
864	d799787e	Matthew Grooms	<?php endforeach; ?>
865			</select> <br>
866			</td>
867			</tr>
868			<tr>
869			<td width="22%" valign="top" class="vncellreq"><?=gettext("Local port");?></td>
870			<td width="78%" class="vtable">
871			<input name="local_port" type="text" class="formfld unknown" size="5" value="<?=htmlspecialchars($pconfig['local_port']);?>"/>
872			</td>
873			</tr>
874			<tr>
875	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Description"); ?></td>
876	d799787e	Matthew Grooms	<td width="78%" class="vtable">
877			<input name="description" type="text" class="formfld unknown" size="30" value="<?=htmlspecialchars($pconfig['description']);?>">
878			<br>
879	4d8b3382	Carlos Eduardo Ramos	<?=gettext("You may enter a description here for your reference (not parsed)"); ?>.
880	d799787e	Matthew Grooms	</td>
881			</tr>
882			<tr>
883			<td colspan="2" class="list" height="12"></td>
884			</tr>
885			<tr>
886	4d8b3382	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="listtopic"><?=gettext("Cryptographic Settings"); ?></td>
887	d799787e	Matthew Grooms	</tr>
888	3c11bd3c	Matthew Grooms	<tr id="tls">
889	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("TLS Authentication"); ?></td>
890	3c11bd3c	Matthew Grooms	<td width="78%" class="vtable">
891			<table border="0" cellpadding="2" cellspacing="0">
892			<tr>
893			<td>
894			<?php set_checked($pconfig['tlsauth_enable'],$chk); ?>
895			<input name="tlsauth_enable" id="tlsauth_enable" type="checkbox" value="yes" <?=$chk;?> onClick="tlsauth_change()">
896			</td>
897			<td>
898			<span class="vexpl">
899	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Enable authentication of TLS packets"); ?>.
900	3c11bd3c	Matthew Grooms	</span>
901			</td>
902			</tr>
903			</table>
904			<?php if (!$pconfig['tls']): ?>
905			<table border="0" cellpadding="2" cellspacing="0" id='tlsauth_opts'>
906			<tr>
907			<td>
908			<?php set_checked($pconfig['autotls_enable'],$chk); ?>
909			<input name="autotls_enable" id="autotls_enable" type="checkbox" value="yes" <?=$chk;?> onClick="autotls_change()">
910			</td>
911			<td>
912			<span class="vexpl">
913	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Automatically generate a shared TLS authentication key"); ?>.
914	3c11bd3c	Matthew Grooms	</span>
915			</td>
916			</tr>
917			</table>
918			<?php endif; ?>
919			<table border="0" cellpadding="2" cellspacing="0" id='autotls_opts'>
920			<tr>
921			<td>
922			<textarea name="tls" cols="65" rows="7" class="formpre"><?=htmlspecialchars($pconfig['tls']);?></textarea>
923			<br/>
924	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Paste your shared key here"); ?>.
925	3c11bd3c	Matthew Grooms	</td>
926			</tr>
927			</table>
928			</td>
929	d799787e	Matthew Grooms	</tr>
930	3c11bd3c	Matthew Grooms	<tr id="tls_ca">
931	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Peer Certificate Authority"); ?></td>
932	d799787e	Matthew Grooms	<td width="78%" class="vtable">
933	19cdeb3e	jim-p	<?php if (count($a_ca)): ?>
934	d799787e	Matthew Grooms	<select name='caref' class="formselect">
935			<?php
936	428e66b6	jim-p	foreach ($a_ca as $ca):
937	d799787e	Matthew Grooms	$selected = "";
938			if ($pconfig['caref'] == $ca['refid'])
939			$selected = "selected";
940			?>
941	f2a86ca9	jim-p	<option value="<?=$ca['refid'];?>" <?=$selected;?>><?=$ca['descr'];?></option>
942	d799787e	Matthew Grooms	<?php endforeach; ?>
943			</select>
944	19cdeb3e	jim-p	<?php else: ?>
945			<b>No Certificate Authorities defined.</b> <br/>Create one under <a href="system_camanager.php">System > Cert Manager</a>.
946			<?php endif; ?>
947	d799787e	Matthew Grooms	</td>
948			</tr>
949	6db02381	jim-p	<tr id="tls_crl">
950			<td width="22%" valign="top" class="vncellreq"><?=gettext("Peer Certificate Revocation List"); ?></td>
951			<td width="78%" class="vtable">
952	19cdeb3e	jim-p	<?php if (count($a_crl)): ?>
953	6db02381	jim-p	<select name='crlref' class="formselect">
954			<option value="">None</option>
955			<?php
956	428e66b6	jim-p	foreach ($a_crl as $crl):
957	6db02381	jim-p	$selected = "";
958	f02c3e1d	jim-p	$caname = "";
959			$ca = lookup_ca($crl['caref']);
960			if ($ca) {
961			$caname = " (CA: {$ca['descr']})";
962			if ($pconfig['crlref'] == $crl['refid'])
963			$selected = "selected";
964			}
965	6db02381	jim-p	?>
966	f02c3e1d	jim-p	<option value="<?=$crl['refid'];?>" <?=$selected;?>><?=$crl['descr'] . $caname;?></option>
967	6db02381	jim-p	<?php endforeach; ?>
968			</select>
969	19cdeb3e	jim-p	<?php else: ?>
970			<b>No Certificate Revocation Lists (CRLs) defined.</b> <br/>Create one under <a href="system_crlmanager.php">System > Cert Manager</a>.
971			<?php endif; ?>
972	6db02381	jim-p	</td>
973			</tr>
974	3c11bd3c	Matthew Grooms	<tr id="tls_cert">
975	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Server Certificate"); ?></td>
976	d799787e	Matthew Grooms	<td width="78%" class="vtable">
977	19cdeb3e	jim-p	<?php if (count($a_cert)): ?>
978	d799787e	Matthew Grooms	<select name='certref' class="formselect">
979			<?php
980	428e66b6	jim-p	foreach ($a_cert as $cert):
981	9e303f2f	jim-p	$selected = "";
982			$caname = "";
983			$inuse = "";
984			$revoked = "";
985			$ca = lookup_ca($cert['caref']);
986			if ($ca)
987			$caname = " (CA: {$ca['descr']})";
988			if ($pconfig['certref'] == $cert['refid'])
989			$selected = "selected";
990			if (cert_in_use($cert['refid']))
991			$inuse = " *In Use";
992			if (is_cert_revoked($cert))
993			$revoked = " *Revoked";
994	d799787e	Matthew Grooms	?>
995	6a0b3ea4	jim-p	<option value="<?=$cert['refid'];?>" <?=$selected;?>><?=$cert['descr'] . $caname . $inuse . $revoked;?></option>
996	d799787e	Matthew Grooms	<?php endforeach; ?>
997			</select>
998	19cdeb3e	jim-p	<?php else: ?>
999			<b>No Certificates defined.</b> <br/>Create one under <a href="system_certmanager.php">System > Cert Manager</a>.
1000			<?php endif; ?>
1001	d799787e	Matthew Grooms	</td>
1002			</tr>
1003	fe787fc7	Matthew Grooms	<tr id="tls_dh">
1004	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("DH Parameters Length"); ?></td>
1005	fe787fc7	Matthew Grooms	<td width="78%" class="vtable">
1006			<select name="dh_length" class="formselect">
1007			<?php
1008			foreach ($openvpn_dh_lengths as $length):
1009			$selected = '';
1010			if ($length == $pconfig['dh_length'])
1011			$selected = ' selected';
1012			?>
1013			<option<?=$selected?>><?=$length;?></option>
1014			<?php endforeach; ?>
1015			</select>
1016			<span class="vexpl">
1017	1c83021a	Carlos Eduardo Ramos	<?=gettext("bits"); ?>
1018	fe787fc7	Matthew Grooms	</span>
1019			</td>
1020			</tr>
1021	d799787e	Matthew Grooms	<tr id="psk">
1022	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Shared Key"); ?></td>
1023	3c11bd3c	Matthew Grooms	<td width="78%" class="vtable">
1024			<?php if (!$pconfig['shared_key']): ?>
1025			<table border="0" cellpadding="2" cellspacing="0">
1026			<tr>
1027			<td>
1028			<?php set_checked($pconfig['autokey_enable'],$chk); ?>
1029			<input name="autokey_enable" type="checkbox" value="yes" <?=$chk;?> onClick="autokey_change()">
1030			</td>
1031			<td>
1032			<span class="vexpl">
1033	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Automatically generate a shared key"); ?>.
1034	3c11bd3c	Matthew Grooms	</span>
1035			</td>
1036			</tr>
1037			</table>
1038			<?php endif; ?>
1039			<table border="0" cellpadding="2" cellspacing="0" id='autokey_opts'>
1040			<tr>
1041			<td>
1042			<textarea name="shared_key" cols="65" rows="7" class="formpre"><?=htmlspecialchars($pconfig['shared_key']);?></textarea>
1043			<br/>
1044	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Paste your shared key here"); ?>.
1045	3c11bd3c	Matthew Grooms	</td>
1046			</tr>
1047			</table>
1048	d799787e	Matthew Grooms	</td>
1049			</tr>
1050			<tr>
1051	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Encryption algorithm"); ?></td>
1052	d799787e	Matthew Grooms	<td width="78%" class="vtable">
1053			<select name="crypto" class="formselect">
1054			<?php
1055			$cipherlist = openvpn_get_cipherlist();
1056			foreach ($cipherlist as $name => $desc):
1057			$selected = '';
1058			if ($name == $pconfig['crypto'])
1059			$selected = ' selected';
1060			?>
1061			<option value="<?=$name;?>"<?=$selected?>>
1062			<?=htmlspecialchars($desc);?>
1063			</option>
1064			<?php endforeach; ?>
1065	582c58ae	jim-p	</select>
1066			</td>
1067			</tr>
1068	97d5b59b	jim-p	<tr>
1069			<td width="22%" valign="top" class="vncellreq"><?=gettext("Auth Digest Algorithm"); ?></td>
1070			<td width="78%" class="vtable">
1071			<select name="digest" class="formselect">
1072			<?php
1073			$digestlist = openvpn_get_digestlist();
1074			foreach ($digestlist as $name => $desc):
1075			$selected = '';
1076			if ($name == $pconfig['digest'])
1077			$selected = ' selected';
1078			?>
1079			<option value="<?=$name;?>"<?=$selected?>>
1080			<?=htmlspecialchars($desc);?>
1081			</option>
1082			<?php endforeach; ?>
1083			</select>
1084			</td>
1085			</tr>
1086	582c58ae	jim-p	<tr id="engine">
1087			<td width="22%" valign="top" class="vncellreq"><?=gettext("Hardware Crypto"); ?></td>
1088			<td width="78%" class="vtable">
1089			<select name="engine" class="formselect">
1090			<?php
1091			$engines = openvpn_get_engines();
1092			foreach ($engines as $name => $desc):
1093			$selected = '';
1094			if ($name == $pconfig['engine'])
1095			$selected = ' selected';
1096			?>
1097			<option value="<?=$name;?>"<?=$selected?>>
1098			<?=htmlspecialchars($desc);?>
1099			</option>
1100			<?php endforeach; ?>
1101	d799787e	Matthew Grooms	</select>
1102			</td>
1103			</tr>
1104	98963f27	jim-p	<tr id="cert_depth">
1105			<td width="22%" valign="top" class="vncell"><?=gettext("Certificate Depth"); ?></td>
1106			<td width="78%" class="vtable">
1107			<table border="0" cellpadding="2" cellspacing="0">
1108			<tr><td>
1109			<select name="cert_depth" class="formselect">
1110			<option value="">Do Not Check</option>
1111			<?php
1112			foreach ($openvpn_cert_depths as $depth => $depthdesc):
1113			$selected = '';
1114			if ($depth == $pconfig['cert_depth'])
1115			$selected = ' selected';
1116			?>
1117			<option value="<?= $depth ?>" <?= $selected ?>><?= $depthdesc ?></option>
1118			<?php endforeach; ?>
1119			</select>
1120			</td></tr>
1121			<tr><td>
1122			<span class="vexpl">
1123			<?=gettext("When a certificate-based client logs in, do not accept certificates below this depth. Useful for denying certificates made with intermediate CAs generated from the same CA as the server."); ?>
1124			</span>
1125			</td></tr>
1126			</table>
1127			</td>
1128			</tr>
1129	94823361	jim-p	<tr id="strictusercn">
1130			<td width="22%" valign="top" class="vncell"><?=gettext("Strict User/CN Matching"); ?></td>
1131			<td width="78%" class="vtable">
1132			<table border="0" cellpadding="2" cellspacing="0">
1133			<tr>
1134			<td>
1135			<?php set_checked($pconfig['strictusercn'],$chk); ?>
1136			<input name="strictusercn" type="checkbox" value="yes" <?=$chk;?>/>
1137			</td>
1138			<td>
1139			<span class="vexpl">
1140			<?=gettext("When authenticating users, enforce a match between the common name of the client certificate and the username given at login."); ?>
1141			</span>
1142			</td>
1143			</tr>
1144			</table>
1145			</td>
1146			</tr>
1147	d799787e	Matthew Grooms	<tr>
1148			<td colspan="2" class="list" height="12"></td>
1149			</tr>
1150			<tr>
1151	4d8b3382	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="listtopic"><?=gettext("Tunnel Settings"); ?></td>
1152	d799787e	Matthew Grooms	</tr>
1153	74a556a3	jim-p	<tr>
1154			<td width="22%" valign="top" class="vncellreq" id="ipv4_tunnel_network"><?=gettext("IPv4 Tunnel Network"); ?></td>
1155	d799787e	Matthew Grooms	<td width="78%" class="vtable">
1156			<input name="tunnel_network" type="text" class="formfld unknown" size="20" value="<?=htmlspecialchars($pconfig['tunnel_network']);?>">
1157			<br>
1158	b1ba04cf	Seth Mos	<?=gettext("This is the IPv4 virtual network used for private " .
1159	4d8b3382	Carlos Eduardo Ramos	"communications between this server and client " .
1160			"hosts expressed using CIDR (eg. 10.0.8.0/24). " .
1161			"The first network address will be assigned to " .
1162			"the server virtual interface. The remaining " .
1163			"network addresses can optionally be assigned " .
1164			"to connecting clients. (see Address Pool)"); ?>
1165	d799787e	Matthew Grooms	</td>
1166			</tr>
1167	74a556a3	jim-p	<tr>
1168			<td width="22%" valign="top" class="vncell"><?=gettext("IPv6 Tunnel Network"); ?></td>
1169	b1ba04cf	Seth Mos	<td width="78%" class="vtable">
1170			<input name="tunnel_networkv6" type="text" class="formfld unknown" size="20" value="<?=htmlspecialchars($pconfig['tunnel_networkv6']);?>">
1171			<br>
1172			<?=gettext("This is the IPv6 virtual network used for private " .
1173			"communications between this server and client " .
1174			"hosts expressed using CIDR (eg. fe80::/64). " .
1175			"The first network address will be assigned to " .
1176	4856df9b	jim-p	"the server virtual interface. The remaining " .
1177	b1ba04cf	Seth Mos	"network addresses can optionally be assigned " .
1178			"to connecting clients. (see Address Pool)"); ?>
1179			</td>
1180			</tr>
1181	1ab6bdb5	jim-p	<tr id="serverbridge_dhcp">
1182			<td width="22%" valign="top" class="vncell"><?=gettext("Bridge DHCP"); ?></td>
1183			<td width="78%" class="vtable">
1184			<table border="0" cellpadding="2" cellspacing="0">
1185			<tr>
1186			<td>
1187			<?php set_checked($pconfig['serverbridge_dhcp'],$chk); ?>
1188			<input name="serverbridge_dhcp" type="checkbox" value="yes" <?=$chk;?> onchange='tuntap_change()' />
1189			</td>
1190			<td>
1191			<span class="vexpl">
1192			<?=gettext("Allow clients on the bridge to obtain DHCP."); ?><br>
1193			</span>
1194			</td>
1195			</tr>
1196			</table>
1197			</td>
1198			</tr>
1199			<tr id="serverbridge_interface">
1200			<td width="22%" valign="top" class="vncell"><?=gettext("Bridge Interface"); ?></td>
1201			<td width="78%" class="vtable">
1202			<select name="serverbridge_interface" class="formselect">
1203			<?php
1204			$serverbridge_interface['none'] = "none";
1205			$serverbridge_interface = array_merge($serverbridge_interface, get_configured_interface_with_descr());
1206			$carplist = get_configured_carp_interface_list();
1207			foreach ($carplist as $cif => $carpip)
1208			$serverbridge_interface[$cif.'\|'.$carpip] = $carpip." (".get_vip_descr($carpip).")";
1209			$aliaslist = get_configured_ip_aliases_list();
1210			foreach ($aliaslist as $aliasip => $aliasif)
1211			$serverbridge_interface[$aliasif.'\|'.$aliasip] = $aliasip." (".get_vip_descr($aliasip).")";
1212			foreach ($serverbridge_interface as $iface => $ifacename):
1213			$selected = "";
1214			if ($iface == $pconfig['serverbridge_interface'])
1215			$selected = "selected";
1216			?>
1217			<option value="<?=$iface;?>" <?=$selected;?>>
1218			<?=htmlspecialchars($ifacename);?>
1219			</option>
1220			<?php endforeach; ?>
1221			</select> <br>
1222	8e932fb5	Phil Davis	<?=gettext("The interface to which this tap instance will be " .
1223	1ab6bdb5	jim-p	"bridged. This is not done automatically. You must assign this " .
1224			"interface and create the bridge separately. " .
1225			"This setting controls which existing IP address and subnet " .
1226			"mask are used by OpenVPN for the bridge. Setting this to " .
1227			"'none' will cause the Server Bridge DHCP settings below to be ignored."); ?>
1228			</td>
1229			</tr>
1230			<tr id="serverbridge_dhcp_start">
1231			<td width="22%" valign="top" class="vncell"><?=gettext("Server Bridge DHCP Start"); ?></td>
1232			<td width="78%" class="vtable">
1233			<input name="serverbridge_dhcp_start" type="text" class="formfld unknown" size="20" value="<?=htmlspecialchars($pconfig['serverbridge_dhcp_start']);?>">
1234			<br>
1235	8e932fb5	Phil Davis	<?=gettext("When using tap mode as a multi-point server, " .
1236	1ab6bdb5	jim-p	"you may optionally supply a DHCP range to use on the " .
1237			"interface to which this tap instance is bridged. " .
1238			"If these settings are left blank, DHCP will be passed " .
1239			"through to the LAN, and the interface setting above " .
1240			"will be ignored."); ?>
1241			</td>
1242			</tr>
1243			<tr id="serverbridge_dhcp_end">
1244	850ae59e	Irving Popovetsky	<td width="22%" valign="top" class="vncell"><?=gettext("Server Bridge DHCP End"); ?></td>
1245	1ab6bdb5	jim-p	<td width="78%" class="vtable">
1246			<input name="serverbridge_dhcp_end" type="text" class="formfld unknown" size="20" value="<?=htmlspecialchars($pconfig['serverbridge_dhcp_end']);?>">
1247			<br>
1248			</td>
1249			</tr>
1250	a2ff08f8	jim-p	<tr id="gwredir_opts">
1251	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Redirect Gateway"); ?></td>
1252	d799787e	Matthew Grooms	<td width="78%" class="vtable">
1253			<table border="0" cellpadding="2" cellspacing="0">
1254			<tr>
1255			<td>
1256			<?php set_checked($pconfig['gwredir'],$chk); ?>
1257			<input name="gwredir" type="checkbox" value="yes" <?=$chk;?> onClick="gwredir_change()"/>
1258			</td>
1259			<td>
1260			<span class="vexpl">
1261	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Force all client generated traffic through the tunnel"); ?>.
1262	d799787e	Matthew Grooms	</span>
1263			</td>
1264			</tr>
1265			</table>
1266			</td>
1267			</tr>
1268	4856df9b	jim-p	<tr id="local_optsv4">
1269	332f5781	Phil Davis	<td width="22%" valign="top" class="vncell"><?=gettext("IPv4 Local Network/s"); ?></td>
1270	d799787e	Matthew Grooms	<td width="78%" class="vtable">
1271	332f5781	Phil Davis	<input name="local_network" type="text" class="formfld unknown" size="40" value="<?=htmlspecialchars($pconfig['local_network']);?>">
1272	d799787e	Matthew Grooms	<br>
1273	332f5781	Phil Davis	<?=gettext("These are the IPv4 networks that will be accessible " .
1274			"from the remote endpoint. Expressed as a comma-separated list of one or more CIDR ranges. " .
1275			"You may leave this blank if you don't " .
1276	4d8b3382	Carlos Eduardo Ramos	"want to add a route to the local network " .
1277			"through this tunnel on the remote machine. " .
1278			"This is generally set to your LAN network"); ?>.
1279	d799787e	Matthew Grooms	</td>
1280			</tr>
1281	4856df9b	jim-p	<tr id="local_optsv6">
1282	332f5781	Phil Davis	<td width="22%" valign="top" class="vncell"><?=gettext("IPv6 Local Network/s"); ?></td>
1283	b1ba04cf	Seth Mos	<td width="78%" class="vtable">
1284	332f5781	Phil Davis	<input name="local_networkv6" type="text" class="formfld unknown" size="40" value="<?=htmlspecialchars($pconfig['local_networkv6']);?>">
1285	b1ba04cf	Seth Mos	<br>
1286	332f5781	Phil Davis	<?=gettext("These are the IPv6 networks that will be accessible " .
1287			"from the remote endpoint. Expressed as a comma-separated list of one or more IP/PREFIX. " .
1288			"You may leave this blank if you don't " .
1289	b1ba04cf	Seth Mos	"want to add a route to the local network " .
1290			"through this tunnel on the remote machine. " .
1291			"This is generally set to your LAN network"); ?>.
1292			</td>
1293			</tr>
1294	415bddea	jim-p	<tr id="remote_optsv4">
1295	332f5781	Phil Davis	<td width="22%" valign="top" class="vncell"><?=gettext("IPv4 Remote Network/s"); ?></td>
1296	3c11bd3c	Matthew Grooms	<td width="78%" class="vtable">
1297	332f5781	Phil Davis	<input name="remote_network" type="text" class="formfld unknown" size="40" value="<?=htmlspecialchars($pconfig['remote_network']);?>">
1298	3c11bd3c	Matthew Grooms	<br>
1299	332f5781	Phil Davis	<?=gettext("These are the IPv4 networks that will be routed through " .
1300	4d8b3382	Carlos Eduardo Ramos	"the tunnel, so that a site-to-site VPN can be " .
1301	332f5781	Phil Davis	"established without manually changing the routing tables. " .
1302			"Expressed as a comma-separated list of one or more CIDR ranges. " .
1303			"If this is a site-to-site VPN, enter the " .
1304			"remote LAN/s here. You may leave this blank if " .
1305	4d8b3382	Carlos Eduardo Ramos	"you don't want a site-to-site VPN"); ?>.
1306	3c11bd3c	Matthew Grooms	</td>
1307			</tr>
1308	415bddea	jim-p	<tr id="remote_optsv6">
1309	332f5781	Phil Davis	<td width="22%" valign="top" class="vncell"><?=gettext("IPv6 Remote Network/s"); ?></td>
1310	4856df9b	jim-p	<td width="78%" class="vtable">
1311	332f5781	Phil Davis	<input name="remote_networkv6" type="text" class="formfld unknown" size="40" value="<?=htmlspecialchars($pconfig['remote_networkv6']);?>">
1312	4856df9b	jim-p	<br>
1313	332f5781	Phil Davis	<?=gettext("These are the IPv6 networks that will be routed through " .
1314	4856df9b	jim-p	"the tunnel, so that a site-to-site VPN can be " .
1315	332f5781	Phil Davis	"established without manually changing the routing tables. " .
1316			"Expressed as a comma-separated list of one or more IP/PREFIX. " .
1317			"If this is a site-to-site VPN, enter the " .
1318			"remote LAN/s here. You may leave this blank if " .
1319	4856df9b	jim-p	"you don't want a site-to-site VPN"); ?>.
1320			</td>
1321			</tr>
1322	d799787e	Matthew Grooms	<tr>
1323			<td width="22%" valign="top" class="vncell"><?=gettext("Concurrent connections");?></td>
1324			<td width="78%" class="vtable">
1325			<input name="maxclients" type="text" class="formfld unknown" size="5" value="<?=htmlspecialchars($pconfig['maxclients']);?>"/>
1326			<br/>
1327	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Specify the maximum number of clients allowed to concurrently connect to this server"); ?>.
1328	d799787e	Matthew Grooms	</td>
1329			</tr>
1330			<tr>
1331	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Compression"); ?></td>
1332	d799787e	Matthew Grooms	<td width="78%" class="vtable">
1333	edba1982	jim-p	<select name="compression" class="formselect">
1334			<?php
1335			foreach ($openvpn_compression_modes as $cmode => $cmodedesc):
1336			$selected = '';
1337			if ($cmode == $pconfig['compression'])
1338			$selected = ' selected';
1339			?>
1340			<option value="<?= $cmode ?>" <?= $selected ?>><?= $cmodedesc ?></option>
1341			<?php endforeach; ?>
1342			</select>
1343			<br/>
1344			<?=gettext("Compress tunnel packets using the LZO algorithm. Adaptive compression will dynamically disable compression for a period of time if OpenVPN detects that the data in the packets is not being compressed efficiently."); ?>.
1345	d799787e	Matthew Grooms	</td>
1346			</tr>
1347			<tr>
1348	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Type-of-Service"); ?></td>
1349	d799787e	Matthew Grooms	<td width="78%" class="vtable">
1350			<table border="0" cellpadding="2" cellspacing="0">
1351			<tr>
1352			<td>
1353	1cb0b40a	Matthew Grooms	<?php set_checked($pconfig['passtos'],$chk); ?>
1354			<input name="passtos" type="checkbox" value="yes" <?=$chk;?>>
1355	d799787e	Matthew Grooms	</td>
1356			<td>
1357			<span class="vexpl">
1358	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Set the TOS IP header value of tunnel packets to match the encapsulated packet value"); ?>.
1359	d799787e	Matthew Grooms	</span>
1360			</td>
1361			</tr>
1362			</table>
1363			</td>
1364			</tr>
1365	107794cc	jim-p	<tr id="inter_client_communication">
1366	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Inter-client communication"); ?></td>
1367	d799787e	Matthew Grooms	<td width="78%" class="vtable">
1368			<table border="0" cellpadding="2" cellspacing="0">
1369			<tr>
1370			<td>
1371			<?php set_checked($pconfig['client2client'],$chk); ?>
1372			<input name="client2client" type="checkbox" value="yes" <?=$chk;?>/>
1373			</td>
1374			<td>
1375			<span class="vexpl">
1376	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Allow communication between clients connected to this server"); ?>
1377	d799787e	Matthew Grooms	</span>
1378			</td>
1379			</tr>
1380			</table>
1381			</td>
1382			</tr>
1383	bca35cff	jim-p	<tr id="duplicate_cn">
1384			<td width="22%" valign="top" class="vncell"><?=gettext("Duplicate Connections"); ?></td>
1385			<td width="78%" class="vtable">
1386			<table border="0" cellpadding="2" cellspacing="0">
1387			<tr>
1388			<td>
1389			<?php set_checked($pconfig['duplicate_cn'],$chk); ?>
1390			<input name="duplicate_cn" type="checkbox" value="yes" <?=$chk;?>/>
1391			</td>
1392			<td>
1393			<span class="vexpl">
1394			<?=gettext("Allow multiple concurrent connections from clients using the same Common Name.<br/>NOTE: This is not generally recommended, but may be needed for some scenarios."); ?>
1395			</span>
1396			</td>
1397			</tr>
1398			</table>
1399			</td>
1400			</tr>
1401	3c11bd3c	Matthew Grooms	</table>
1402
1403			<table width="100%" border="0" cellpadding="6" cellspacing="0" id="client_opts">
1404	d799787e	Matthew Grooms	<tr>
1405			<td colspan="2" class="list" height="12"></td>
1406			</tr>
1407			<tr>
1408	4d8b3382	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="listtopic"><?=gettext("Client Settings"); ?></td>
1409	d799787e	Matthew Grooms	</tr>
1410	65ff8497	jim-p	<tr>
1411	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Dynamic IP"); ?></td>
1412	65ff8497	jim-p	<td width="78%" class="vtable">
1413			<table border="0" cellpadding="2" cellspacing="0">
1414			<tr>
1415			<td>
1416			<?php set_checked($pconfig['dynamic_ip'],$chk); ?>
1417	b3cf36d7	Erik Fonnesbeck	<input name="dynamic_ip" type="checkbox" id="dynamic_ip" value="yes" <?=$chk;?>/>
1418	65ff8497	jim-p	</td>
1419			<td>
1420			<span class="vexpl">
1421	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Allow connected clients to retain their connections if their IP address changes"); ?>.<br>
1422	65ff8497	jim-p	</span>
1423			</td>
1424			</tr>
1425			</table>
1426			</td>
1427			</tr>
1428	d799787e	Matthew Grooms	<tr>
1429	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Address Pool"); ?></td>
1430	d799787e	Matthew Grooms	<td width="78%" class="vtable">
1431			<table border="0" cellpadding="2" cellspacing="0">
1432			<tr>
1433			<td>
1434			<?php set_checked($pconfig['pool_enable'],$chk); ?>
1435	b3cf36d7	Erik Fonnesbeck	<input name="pool_enable" type="checkbox" id="pool_enable" value="yes" <?=$chk;?>/>
1436	d799787e	Matthew Grooms	</td>
1437			<td>
1438			<span class="vexpl">
1439	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Provide a virtual adapter IP address to clients (see Tunnel Network)"); ?><br>
1440	d799787e	Matthew Grooms	</span>
1441			</td>
1442			</tr>
1443			</table>
1444			</td>
1445			</tr>
1446	ee55ce7d	jim-p	<tr id="topology_subnet_opt">
1447			<td width="22%" valign="top" class="vncell"><?=gettext("Topology"); ?></td>
1448			<td width="78%" class="vtable">
1449			<table border="0" cellpadding="2" cellspacing="0">
1450			<tr>
1451			<td>
1452			<?php set_checked($pconfig['topology_subnet'],$chk); ?>
1453			<input name="topology_subnet" type="checkbox" id="topology_subnet" value="yes" <?=$chk;?>/>
1454			</td>
1455			<td>
1456			<span class="vexpl">
1457			<?=gettext("Allocate only one IP per client (topology subnet), rather than an isolated subnet per client (topology net30)."); ?><br/>
1458			</span>
1459			</td>
1460			</tr>
1461			<tr>
1462			<td> </td>
1463			<td>
1464			<?=gettext("Relevant when supplying a virtual adapter IP address to clients when using tun mode on IPv4."); ?><br/>
1465	f2bd8842	jim-p	<?=gettext("Some clients may require this even for IPv6, such as OpenVPN Connect (iOS/Android). Others may break if it is present, such as older versions of OpenVPN or clients such as Yealink phones."); ?><br>
1466	ee55ce7d	jim-p	</td>
1467			</tr>
1468			</table>
1469			</td>
1470			</tr>
1471	d799787e	Matthew Grooms	<tr>
1472	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("DNS Default Domain"); ?></td>
1473	d799787e	Matthew Grooms	<td width="78%" class="vtable">
1474			<table border="0" cellpadding="2" cellspacing="0">
1475			<tr>
1476			<td>
1477			<?php set_checked($pconfig['dns_domain_enable'],$chk); ?>
1478			<input name="dns_domain_enable" type="checkbox" id="dns_domain_enable" value="yes" <?=$chk;?> onClick="dns_domain_change()">
1479			</td>
1480			<td>
1481			<span class="vexpl">
1482	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Provide a default domain name to clients"); ?><br>
1483	d799787e	Matthew Grooms	</span>
1484			</td>
1485			</tr>
1486			</table>
1487			<table border="0" cellpadding="2" cellspacing="0" id="dns_domain_data">
1488			<tr>
1489			<td>
1490			<input name="dns_domain" type="text" class="formfld unknown" id="dns_domain" size="30" value="<?=htmlspecialchars($pconfig['dns_domain']);?>">
1491			</td>
1492			</tr>
1493			</table>
1494			</td>
1495			</tr>
1496			<tr>
1497	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("DNS Servers"); ?></td>
1498	d799787e	Matthew Grooms	<td width="78%" class="vtable">
1499			<table border="0" cellpadding="2" cellspacing="0">
1500			<tr>
1501			<td>
1502			<?php set_checked($pconfig['dns_server_enable'],$chk); ?>
1503			<input name="dns_server_enable" type="checkbox" id="dns_server_enable" value="yes" <?=$chk;?> onClick="dns_server_change()">
1504			</td>
1505			<td>
1506			<span class="vexpl">
1507	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Provide a DNS server list to clients"); ?><br>
1508	d799787e	Matthew Grooms	</span>
1509			</td>
1510			</tr>
1511			</table>
1512			<table border="0" cellpadding="2" cellspacing="0" id="dns_server_data">
1513			<tr>
1514			<td>
1515			<span class="vexpl">
1516	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Server"); ?> #1:
1517	d799787e	Matthew Grooms	</span>
1518	dd5bf424	Scott Ullrich	<input name="dns_server1" type="text" class="formfld unknown" id="dns_server1" size="20" value="<?=htmlspecialchars($pconfig['dns_server1']);?>">
1519	d799787e	Matthew Grooms	</td>
1520			</tr>
1521			<tr>
1522			<td>
1523			<span class="vexpl">
1524	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Server"); ?> #2:
1525	d799787e	Matthew Grooms	</span>
1526	dd5bf424	Scott Ullrich	<input name="dns_server2" type="text" class="formfld unknown" id="dns_server2" size="20" value="<?=htmlspecialchars($pconfig['dns_server2']);?>">
1527	d799787e	Matthew Grooms	</td>
1528			</tr>
1529			<tr>
1530			<td>
1531			<span class="vexpl">
1532	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Server"); ?> #3:
1533	d799787e	Matthew Grooms	</span>
1534	dd5bf424	Scott Ullrich	<input name="dns_server3" type="text" class="formfld unknown" id="dns_server3" size="20" value="<?=htmlspecialchars($pconfig['dns_server3']);?>">
1535	d799787e	Matthew Grooms	</td>
1536			</tr>
1537			<tr>
1538			<td>
1539			<span class="vexpl">
1540	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Server"); ?> #4:
1541	d799787e	Matthew Grooms	</span>
1542	dd5bf424	Scott Ullrich	<input name="dns_server4" type="text" class="formfld unknown" id="dns_server4" size="20" value="<?=htmlspecialchars($pconfig['dns_server4']);?>">
1543	d799787e	Matthew Grooms	</td>
1544			</tr>
1545			</table>
1546			</td>
1547			</tr>
1548			<tr>
1549	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("NTP Servers"); ?></td>
1550	d799787e	Matthew Grooms	<td width="78%" class="vtable">
1551			<table border="0" cellpadding="2" cellspacing="0">
1552			<tr>
1553			<td>
1554			<?php set_checked($pconfig['ntp_server_enable'],$chk); ?>
1555			<input name="ntp_server_enable" type="checkbox" id="ntp_server_enable" value="yes" <?=$chk;?> onClick="ntp_server_change()">
1556			</td>
1557			<td>
1558			<span class="vexpl">
1559	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Provide a NTP server list to clients"); ?><br>
1560	d799787e	Matthew Grooms	</span>
1561			</td>
1562			</tr>
1563			</table>
1564			<table border="0" cellpadding="2" cellspacing="0" id="ntp_server_data">
1565			<tr>
1566			<td>
1567			<span class="vexpl">
1568	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Server"); ?> #1:
1569	d799787e	Matthew Grooms	</span>
1570	dd5bf424	Scott Ullrich	<input name="ntp_server1" type="text" class="formfld unknown" id="ntp_server1" size="20" value="<?=htmlspecialchars($pconfig['ntp_server1']);?>">
1571	d799787e	Matthew Grooms	</td>
1572			</tr>
1573			<tr>
1574			<td>
1575			<span class="vexpl">
1576	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Server"); ?> #2:
1577	d799787e	Matthew Grooms	</span>
1578	dd5bf424	Scott Ullrich	<input name="ntp_server2" type="text" class="formfld unknown" id="ntp_server2" size="20" value="<?=htmlspecialchars($pconfig['ntp_server2']);?>">
1579	d799787e	Matthew Grooms	</td>
1580			</tr>
1581			</table>
1582			</td>
1583			</tr>
1584			<tr>
1585	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("NetBIOS Options"); ?></td>
1586	d799787e	Matthew Grooms	<td width="78%" class="vtable">
1587			<table border="0" cellpadding="2" cellspacing="0">
1588			<tr>
1589			<td>
1590			<?php set_checked($pconfig['netbios_enable'],$chk); ?>
1591			<input name="netbios_enable" type="checkbox" id="netbios_enable" value="yes" <?=$chk;?> onClick="netbios_change()">
1592			</td>
1593			<td>
1594			<span class="vexpl">
1595	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Enable NetBIOS over TCP/IP"); ?><br>
1596	d799787e	Matthew Grooms	</span>
1597			</td>
1598			</tr>
1599			</table>
1600	4d8b3382	Carlos Eduardo Ramos	<?=gettext("If this option is not set, all NetBIOS-over-TCP/IP options (including WINS) will be disabled"); ?>.
1601	d799787e	Matthew Grooms	<br/>
1602			<table border="0" cellpadding="2" cellspacing="0" id="netbios_data">
1603			<tr>
1604			<td>
1605			<br/>
1606			<span class="vexpl">
1607	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Node Type"); ?>:
1608	d799787e	Matthew Grooms	</span>
1609			<select name='netbios_ntype' class="formselect">
1610			<?php
1611			foreach ($netbios_nodetypes as $type => $name):
1612			$selected = "";
1613			if ($pconfig['netbios_ntype'] == $type)
1614			$selected = "selected";
1615			?>
1616			<option value="<?=$type;?>" <?=$selected;?>><?=$name;?></option>
1617			<?php endforeach; ?>
1618			</select>
1619			<br/>
1620	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Possible options: b-node (broadcasts), p-node " .
1621			"(point-to-point name queries to a WINS server), " .
1622			"m-node (broadcast then query name server), and " .
1623			"h-node (query name server, then broadcast)"); ?>.
1624	d799787e	Matthew Grooms	</td>
1625			</tr>
1626			<tr>
1627			<td>
1628			<br/>
1629			<span class="vexpl">
1630	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Scope ID"); ?>:
1631	d799787e	Matthew Grooms	</span>
1632			<input name="netbios_scope" type="text" class="formfld unknown" id="netbios_scope" size="30" value="<?=htmlspecialchars($pconfig['netbios_scope']);?>">
1633			<br/>
1634	4d8b3382	Carlos Eduardo Ramos	<?=gettext("A NetBIOS Scope ID provides an extended naming " .
1635			"service for NetBIOS over TCP/IP. The NetBIOS " .
1636			"scope ID isolates NetBIOS traffic on a single " .
1637			"network to only those nodes with the same " .
1638			"NetBIOS scope ID"); ?>.
1639	d799787e	Matthew Grooms	</td>
1640			</tr>
1641			</table>
1642			</td>
1643			</tr>
1644			<tr id="wins_opts">
1645	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("WINS Servers"); ?></td>
1646	d799787e	Matthew Grooms	<td width="78%" class="vtable">
1647			<table border="0" cellpadding="2" cellspacing="0">
1648			<tr>
1649			<td>
1650			<?php set_checked($pconfig['wins_server_enable'],$chk); ?>
1651			<input name="wins_server_enable" type="checkbox" id="wins_server_enable" value="yes" <?=$chk;?> onClick="wins_server_change()">
1652			</td>
1653			<td>
1654			<span class="vexpl">
1655	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Provide a WINS server list to clients"); ?><br>
1656	d799787e	Matthew Grooms	</span>
1657			</td>
1658			</tr>
1659			</table>
1660			<table border="0" cellpadding="2" cellspacing="0" id="wins_server_data">
1661			<tr>
1662			<td>
1663			<span class="vexpl">
1664	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Server"); ?> #1:
1665	d799787e	Matthew Grooms	</span>
1666	dd5bf424	Scott Ullrich	<input name="wins_server1" type="text" class="formfld unknown" id="wins_server1" size="20" value="<?=htmlspecialchars($pconfig['wins_server1']);?>">
1667	d799787e	Matthew Grooms	</td>
1668			</tr>
1669			<tr>
1670			<td>
1671			<span class="vexpl">
1672	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Server"); ?> #2:
1673	d799787e	Matthew Grooms	</span>
1674	dd5bf424	Scott Ullrich	<input name="wins_server2" type="text" class="formfld unknown" id="wins_server2" size="20" value="<?=htmlspecialchars($pconfig['wins_server2']);?>">
1675	d799787e	Matthew Grooms	</td>
1676			</tr>
1677			</table>
1678			</td>
1679			</tr>
1680	faf61f12	Phil Davis	<tr>
1681			<td width="22%" valign="top" class="vncell"><?=gettext("Client Management Port"); ?></td>
1682			<td width="78%" class="vtable">
1683			<table border="0" cellpadding="2" cellspacing="0">
1684			<tr>
1685			<td>
1686			<?php set_checked($pconfig['client_mgmt_port_enable'],$chk); ?>
1687			<input name="client_mgmt_port_enable" type="checkbox" id="client_mgmt_port_enable" value="yes" <?=$chk;?> onClick="client_mgmt_port_change()">
1688			</td>
1689			<td>
1690			<span class="vexpl">
1691			<?=gettext("Use a different management port on clients. The default port is 166. Specify a different port if the client machines need to select from multiple OpenVPN links."); ?><br>
1692			</span>
1693			</td>
1694			</tr>
1695			</table>
1696			<table border="0" cellpadding="2" cellspacing="0" id="client_mgmt_port_data">
1697			<tr>
1698			<td>
1699			<input name="client_mgmt_port" type="text" class="formfld unknown" id="client_mgmt_port" size="30" value="<?=htmlspecialchars($pconfig['client_mgmt_port']);?>">
1700			</td>
1701			</tr>
1702			</table>
1703			</td>
1704			</tr>
1705	3c11bd3c	Matthew Grooms	</table>
1706
1707	2f4f30ee	Scott Ullrich	<table width="100%" border="0" cellpadding="6" cellspacing="0" id="client_opts">
1708			<tr>
1709			<td colspan="2" class="list" height="12"></td>
1710			</tr>
1711			<tr>
1712	4d8b3382	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="listtopic"><?=gettext("Advanced configuration"); ?></td>
1713	2f4f30ee	Scott Ullrich	</tr>
1714			<tr>
1715	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Advanced"); ?></td>
1716	2f4f30ee	Scott Ullrich	<td width="78%" class="vtable">
1717			<table border="0" cellpadding="2" cellspacing="0">
1718			<tr>
1719			<td>
1720	dd5bf424	Scott Ullrich	<textarea rows="6" cols="78" name="custom_options" id="custom_options"><?=htmlspecialchars($pconfig['custom_options']);?></textarea><br/>
1721	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Enter any additional options you would like to add to the OpenVPN server configuration here, separated by a semicolon"); ?><br/>
1722			<?=gettext("EXAMPLE: push \"route 10.0.0.0 255.255.255.0\""); ?>;
1723	2f4f30ee	Scott Ullrich	</td>
1724			</tr>
1725			</table>
1726			</td>
1727			</tr>
1728			</table>
1729
1730	f68fc963	Scott Ullrich	<br/>
1731	4856df9b	jim-p	<table width="100%" border="0" cellpadding="6" cellspacing="0">
1732	d799787e	Matthew Grooms	<tr>
1733			<td width="22%" valign="top"> </td>
1734			<td width="78%">
1735	4d8b3382	Carlos Eduardo Ramos	<input name="save" type="submit" class="formbtn" value="<?=gettext("Save"); ?>">
1736	d799787e	Matthew Grooms	<input name="act" type="hidden" value="<?=$act;?>">
1737			<?php if (isset($id) && $a_server[$id]): ?>
1738			<input name="id" type="hidden" value="<?=$id;?>">
1739			<?php endif; ?>
1740			</td>
1741			</tr>
1742			</table>
1743			</form>
1744
1745			<?php else: ?>
1746
1747	7128ed17	Scott Ullrich	<table class="sortable" width="100%" border="0" cellpadding="0" cellspacing="0">
1748	80fa045a	jim-p	<thead>
1749	d799787e	Matthew Grooms	<tr>
1750	4d8b3382	Carlos Eduardo Ramos	<td width="10%" class="listhdrr"><?=gettext("Disabled"); ?></td>
1751			<td width="10%" class="listhdrr"><?=gettext("Protocol / Port"); ?></td>
1752			<td width="30%" class="listhdrr"><?=gettext("Tunnel Network"); ?></td>
1753			<td width="40%" class="listhdrr"><?=gettext("Description"); ?></td>
1754	d799787e	Matthew Grooms	<td width="10%" class="list"></td>
1755			</tr>
1756	80fa045a	jim-p	</thead>
1757			<tbody>
1758	d799787e	Matthew Grooms	<?php
1759			$i = 0;
1760			foreach($a_server as $server):
1761			$disabled = "NO";
1762	870318b9	Ermal Lu?i	if (isset($server['disable']))
1763	d799787e	Matthew Grooms	$disabled = "YES";
1764			?>
1765			<tr>
1766	d3d9b0ee	Scott Ullrich	<td class="listlr" ondblclick="document.location='vpn_openvpn_server.php?act=edit&id=<?=$i;?>'">
1767	d799787e	Matthew Grooms	<?=$disabled;?>
1768			</td>
1769	d3d9b0ee	Scott Ullrich	<td class="listr" ondblclick="document.location='vpn_openvpn_server.php?act=edit&id=<?=$i;?>'">
1770	43cea754	Chris Buechler	<?=htmlspecialchars($server['protocol']);?> / <?=htmlspecialchars($server['local_port']);?>
1771	d799787e	Matthew Grooms	</td>
1772	d3d9b0ee	Scott Ullrich	<td class="listr" ondblclick="document.location='vpn_openvpn_server.php?act=edit&id=<?=$i;?>'">
1773	b1ba04cf	Seth Mos	<?=htmlspecialchars($server['tunnel_network']);?><br/>
1774			<?=htmlspecialchars($server['tunnel_networkv6']);?><br/>
1775	d799787e	Matthew Grooms	</td>
1776	d3d9b0ee	Scott Ullrich	<td class="listbg" ondblclick="document.location='vpn_openvpn_server.php?act=edit&id=<?=$i;?>'">
1777	d799787e	Matthew Grooms	<?=htmlspecialchars($server['description']);?>
1778			</td>
1779			<td valign="middle" nowrap class="list">
1780			<a href="vpn_openvpn_server.php?act=edit&id=<?=$i;?>">
1781	4d8b3382	Carlos Eduardo Ramos	<img src="./themes/<?=$g['theme'];?>/images/icons/icon_e.gif" title="<?=gettext("edit server"); ?>" width="17" height="17" border="0">
1782	d799787e	Matthew Grooms	</a>
1783
1784	4d8b3382	Carlos Eduardo Ramos	<a href="vpn_openvpn_server.php?act=del&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this server?"); ?>')">
1785			<img src="/themes/<?=$g['theme'];?>/images/icons/icon_x.gif" title="<?=gettext("delete server"); ?>" width="17" height="17" border="0">
1786	d799787e	Matthew Grooms	</a>
1787			</td>
1788			</tr>
1789			<?php
1790			$i++;
1791			endforeach;
1792			?>
1793	80fa045a	jim-p	</tbody>
1794			<tfoot>
1795	d799787e	Matthew Grooms	<tr>
1796			<td class="list" colspan="4"></td>
1797			<td class="list">
1798	4d8b3382	Carlos Eduardo Ramos	<a href="vpn_openvpn_server.php?act=new"><img src="./themes/<?=$g['theme'];?>/images/icons/icon_plus.gif" title="<?=gettext("add server"); ?>" width="17" height="17" border="0">
1799	d799787e	Matthew Grooms	</a>
1800			</td>
1801			</tr>
1802	80fa045a	jim-p	</tfoot>
1803	d799787e	Matthew Grooms	</table>
1804
1805	7128ed17	Scott Ullrich	<?=gettext("Additional OpenVPN servers can be added here.");?>
1806
1807	ee9933b6	Renato Botelho	<?php endif; ?>
1808	d799787e	Matthew Grooms
1809			</td>
1810			</tr>
1811			</table>
1812			<script language="JavaScript">
1813			<!--
1814	3c11bd3c	Matthew Grooms	mode_change();
1815			autokey_change();
1816			tlsauth_change();
1817	d799787e	Matthew Grooms	gwredir_change();
1818			dns_domain_change();
1819			dns_server_change();
1820			wins_server_change();
1821	faf61f12	Phil Davis	client_mgmt_port_change();
1822	d799787e	Matthew Grooms	ntp_server_change();
1823			netbios_change();
1824	1ab6bdb5	jim-p	tuntap_change();
1825	d799787e	Matthew Grooms	//-->
1826			</script>
1827			</body>
1828			<?php include("fend.inc"); ?>
1829
1830			<?php
1831
1832			/* local utility functions */
1833
1834			function set_checked($var,& $chk) {
1835			if($var)
1836			$chk = 'checked';
1837			else
1838			$chk = '';
1839			}
1840
1841	52971880	Vinicius Coque	?>

Project

General

Profile

pfSense