/usr/local/www/vpn_openvpn_server.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/usr/local/www/vpn_openvpn_server.php @ 709e62f0

1	d799787e	Matthew Grooms	<?php
2			/*
3			vpn_openvpn_server.php
4
5			Copyright (C) 2008 Shrew Soft Inc.
6			All rights reserved.
7
8			Redistribution and use in source and binary forms, with or without
9			modification, are permitted provided that the following conditions are met:
10
11			1. Redistributions of source code must retain the above copyright notice,
12			this list of conditions and the following disclaimer.
13
14			2. Redistributions in binary form must reproduce the above copyright
15			notice, this list of conditions and the following disclaimer in the
16			documentation and/or other materials provided with the distribution.
17
18			THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
19			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
20			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
21			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
22			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
24			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
25			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
26			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
27			POSSIBILITY OF SUCH DAMAGE.
28			*/
29
30			##\|+PRIV
31			##\|*IDENT=page-openvpn-server
32			##\|*NAME=OpenVPN: Server page
33			##\|*DESCR=Allow access to the 'OpenVPN: Server' page.
34			##\|MATCH=vpn_openvpn_server.php
35			##\|-PRIV
36
37			require("guiconfig.inc");
38	d84bd468	Ermal Lu?i	require_once("openvpn.inc");
39	d799787e	Matthew Grooms
40			if (!is_array($config['openvpn']['openvpn-server']))
41			$config['openvpn']['openvpn-server'] = array();
42
43			$a_server = &$config['openvpn']['openvpn-server'];
44
45	428e66b6	jim-p	if (!is_array($config['ca']))
46			$config['ca'] = array();
47
48			$a_ca =& $config['ca'];
49
50			if (!is_array($config['cert']))
51			$config['cert'] = array();
52
53			$a_cert =& $config['cert'];
54
55			if (!is_array($config['crl']))
56			$config['crl'] = array();
57
58			$a_crl =& $config['crl'];
59
60	c1f95f5c	jim-p	foreach ($a_crl as $cid => $acrl)
61			if (!isset($acrl['refid']))
62			unset ($a_crl[$cid]);
63
64	d799787e	Matthew Grooms	$id = $_GET['id'];
65			if (isset($_POST['id']))
66			$id = $_POST['id'];
67
68			$act = $_GET['act'];
69			if (isset($_POST['act']))
70			$act = $_POST['act'];
71
72	6d9b1074	jim-p	if (isset($id) && $a_server[$id])
73			$vpnid = $a_server[$id]['vpnid'];
74			else
75			$vpnid = 0;
76
77	d799787e	Matthew Grooms	if ($_GET['act'] == "del") {
78
79	767cf960	jim-p	if (!isset($a_server[$id])) {
80	d799787e	Matthew Grooms	pfSenseHeader("vpn_openvpn_server.php");
81			exit;
82			}
83	767cf960	jim-p	if (!empty($a_server[$id]))
84			openvpn_delete('server', $a_server[$id]);
85	d799787e	Matthew Grooms	unset($a_server[$id]);
86			write_config();
87			$savemsg = gettext("Server successfully deleted")."<br/>";
88			}
89
90	f432e364	Matthew Grooms	if($_GET['act']=="new"){
91	3c11bd3c	Matthew Grooms	$pconfig['autokey_enable'] = "yes";
92			$pconfig['tlsauth_enable'] = "yes";
93			$pconfig['autotls_enable'] = "yes";
94	fe787fc7	Matthew Grooms	$pconfig['dh_length'] = 1024;
95	4936ff53	jim-p	$pconfig['dev_mode'] = "tun";
96	f432e364	Matthew Grooms	$pconfig['interface'] = "wan";
97	8cd0a3fa	jim-p	$pconfig['local_port'] = openvpn_port_next('UDP');
98	f432e364	Matthew Grooms	$pconfig['pool_enable'] = "yes";
99	41936acc	jim-p	$pconfig['cert_depth'] = 1;
100	f432e364	Matthew Grooms	}
101
102	d799787e	Matthew Grooms	if($_GET['act']=="edit"){
103
104			if (isset($id) && $a_server[$id]) {
105	870318b9	Ermal Lu?i	$pconfig['disable'] = isset($a_server[$id]['disable']);
106	3c11bd3c	Matthew Grooms	$pconfig['mode'] = $a_server[$id]['mode'];
107	d799787e	Matthew Grooms	$pconfig['protocol'] = $a_server[$id]['protocol'];
108	e8a58de4	Ermal Lu?i	$pconfig['authmode'] = $a_server[$id]['authmode'];
109	4936ff53	jim-p	$pconfig['dev_mode'] = $a_server[$id]['dev_mode'];
110	d799787e	Matthew Grooms	$pconfig['interface'] = $a_server[$id]['interface'];
111	67b0902f	pierrepomes	if (!empty($a_server[$id]['ipaddr'])) {
112			$pconfig['interface'] = $pconfig['interface'] . '\|' . $a_server[$id]['ipaddr'];
113			}
114	d799787e	Matthew Grooms	$pconfig['local_port'] = $a_server[$id]['local_port'];
115			$pconfig['description'] = $a_server[$id]['description'];
116	a9a613dd	Scott Ullrich	$pconfig['custom_options'] = $a_server[$id]['custom_options'];
117	d799787e	Matthew Grooms
118	3c11bd3c	Matthew Grooms	if ($pconfig['mode'] != "p2p_shared_key") {
119			if ($a_server[$id]['tls']) {
120			$pconfig['tlsauth_enable'] = "yes";
121			$pconfig['tls'] = base64_decode($a_server[$id]['tls']);
122			}
123	fe787fc7	Matthew Grooms	$pconfig['caref'] = $a_server[$id]['caref'];
124	6db02381	jim-p	$pconfig['crlref'] = $a_server[$id]['crlref'];
125	fe787fc7	Matthew Grooms	$pconfig['certref'] = $a_server[$id]['certref'];
126			$pconfig['dh_length'] = $a_server[$id]['dh_length'];
127	41936acc	jim-p	if (isset($a_server[$id]['cert_depth']))
128			$pconfig['cert_depth'] = $a_server[$id]['cert_depth'];
129			else
130			$pconfig['cert_depth'] = 1;
131	94823361	jim-p	if ($pconfig['mode'] == "server_tls_user")
132			$pconfig['strictusercn'] = $a_server[$id]['strictusercn'];
133	3c11bd3c	Matthew Grooms	} else
134			$pconfig['shared_key'] = base64_decode($a_server[$id]['shared_key']);
135	d799787e	Matthew Grooms	$pconfig['crypto'] = $a_server[$id]['crypto'];
136	582c58ae	jim-p	$pconfig['engine'] = $a_server[$id]['engine'];
137	d799787e	Matthew Grooms
138			$pconfig['tunnel_network'] = $a_server[$id]['tunnel_network'];
139	b1ba04cf	Seth Mos	$pconfig['tunnel_networkv6'] = $a_server[$id]['tunnel_networkv6'];
140	1ab6bdb5	jim-p
141	d799787e	Matthew Grooms	$pconfig['remote_network'] = $a_server[$id]['remote_network'];
142	4856df9b	jim-p	$pconfig['remote_networkv6'] = $a_server[$id]['remote_networkv6'];
143	d799787e	Matthew Grooms	$pconfig['gwredir'] = $a_server[$id]['gwredir'];
144			$pconfig['local_network'] = $a_server[$id]['local_network'];
145	b1ba04cf	Seth Mos	$pconfig['local_networkv6'] = $a_server[$id]['local_networkv6'];
146	d799787e	Matthew Grooms	$pconfig['maxclients'] = $a_server[$id]['maxclients'];
147			$pconfig['compression'] = $a_server[$id]['compression'];
148	1cb0b40a	Matthew Grooms	$pconfig['passtos'] = $a_server[$id]['passtos'];
149	d799787e	Matthew Grooms	$pconfig['client2client'] = $a_server[$id]['client2client'];
150
151	65ff8497	jim-p	$pconfig['dynamic_ip'] = $a_server[$id]['dynamic_ip'];
152	d799787e	Matthew Grooms	$pconfig['pool_enable'] = $a_server[$id]['pool_enable'];
153	ee55ce7d	jim-p	$pconfig['topology_subnet'] = $a_server[$id]['topology_subnet'];
154	d799787e	Matthew Grooms
155	1ab6bdb5	jim-p	$pconfig['serverbridge_dhcp'] = $a_server[$id]['serverbridge_dhcp'];
156			$pconfig['serverbridge_interface'] = $a_server[$id]['serverbridge_interface'];
157			$pconfig['serverbridge_dhcp_start'] = $a_server[$id]['serverbridge_dhcp_start'];
158			$pconfig['serverbridge_dhcp_end'] = $a_server[$id]['serverbridge_dhcp_end'];
159
160	d799787e	Matthew Grooms	$pconfig['dns_domain'] = $a_server[$id]['dns_domain'];
161			if ($pconfig['dns_domain'])
162			$pconfig['dns_domain_enable'] = true;
163
164			$pconfig['dns_server1'] = $a_server[$id]['dns_server1'];
165			$pconfig['dns_server2'] = $a_server[$id]['dns_server2'];
166			$pconfig['dns_server3'] = $a_server[$id]['dns_server3'];
167			$pconfig['dns_server4'] = $a_server[$id]['dns_server4'];
168			if ($pconfig['dns_server1'] \|\|
169			$pconfig['dns_server2'] \|\|
170			$pconfig['dns_server3'] \|\|
171			$pconfig['dns_server4'])
172			$pconfig['dns_server_enable'] = true;
173
174			$pconfig['ntp_server1'] = $a_server[$id]['ntp_server1'];
175			$pconfig['ntp_server2'] = $a_server[$id]['ntp_server2'];
176			if ($pconfig['ntp_server1'] \|\|
177			$pconfig['ntp_server2'])
178			$pconfig['ntp_server_enable'] = true;
179
180			$pconfig['netbios_enable'] = $a_server[$id]['netbios_enable'];
181			$pconfig['netbios_ntype'] = $a_server[$id]['netbios_ntype'];
182			$pconfig['netbios_scope'] = $a_server[$id]['netbios_scope'];
183
184			$pconfig['wins_server1'] = $a_server[$id]['wins_server1'];
185			$pconfig['wins_server2'] = $a_server[$id]['wins_server2'];
186			if ($pconfig['wins_server1'] \|\|
187			$pconfig['wins_server2'])
188			$pconfig['wins_server_enable'] = true;
189
190			$pconfig['nbdd_server1'] = $a_server[$id]['nbdd_server1'];
191			if ($pconfig['nbdd_server1'])
192			$pconfig['nbdd_server_enable'] = true;
193	3c11bd3c	Matthew Grooms
194			// just in case the modes switch
195			$pconfig['autokey_enable'] = "yes";
196			$pconfig['autotls_enable'] = "yes";
197	bca35cff	jim-p
198			$pconfig['duplicate_cn'] = isset($a_server[$id]['duplicate_cn']);
199	d799787e	Matthew Grooms	}
200			}
201			if ($_POST) {
202
203			unset($input_errors);
204			$pconfig = $_POST;
205
206	f432e364	Matthew Grooms	if (isset($id) && $a_server[$id])
207			$vpnid = $a_server[$id]['vpnid'];
208			else
209			$vpnid = 0;
210
211	198bb449	jim-p	list($iv_iface, $iv_ip) = explode ("\|",$pconfig['interface']);
212			if (is_ipaddrv4($iv_ip) && (stristr($pconfig['protocol'], "6") !== false)) {
213			$input_errors[] = gettext("Protocol and IP address families do not match. You cannot select an IPv6 protocol and an IPv4 IP address.");
214			} elseif (is_ipaddrv6($iv_ip) && (stristr($pconfig['protocol'], "6") === false)) {
215			$input_errors[] = gettext("Protocol and IP address families do not match. You cannot select an IPv4 protocol and an IPv6 IP address.");
216	489f484c	jim-p	} elseif ((stristr($pconfig['protocol'], "6") === false) && !get_interface_ip($iv_iface) && ($pconfig['interface'] != "any")) {
217	198bb449	jim-p	$input_errors[] = gettext("An IPv4 protocol was selected, but the selected interface has no IPv4 address.");
218	489f484c	jim-p	} elseif ((stristr($pconfig['protocol'], "6") !== false) && !get_interface_ipv6($iv_iface) && ($pconfig['interface'] != "any")) {
219	198bb449	jim-p	$input_errors[] = gettext("An IPv6 protocol was selected, but the selected interface has no IPv6 address.");
220			}
221
222	98c0c87a	jim-p	if ($pconfig['mode'] != "p2p_shared_key")
223	3c11bd3c	Matthew Grooms	$tls_mode = true;
224			else
225			$tls_mode = false;
226
227	b0b6d575	jim-p	if (empty($pconfig['authmode']) && (($pconfig['mode'] == "server_user") \|\| ($pconfig['mode'] == "server_tls_user")))
228			$input_errors[] = gettext("You must select a Backend for Authentication if the server mode requires User Auth.");
229
230	d799787e	Matthew Grooms	/* input validation */
231			if ($result = openvpn_validate_port($pconfig['local_port'], 'Local port'))
232			$input_errors[] = $result;
233
234	a28d40cb	jim-p	if ($result = openvpn_validate_cidr($pconfig['tunnel_network'], 'IPv4 Tunnel Network', false, "ipv4"))
235	d799787e	Matthew Grooms	$input_errors[] = $result;
236
237	a28d40cb	jim-p	if ($result = openvpn_validate_cidr($pconfig['tunnel_networkv6'], 'IPv6 Tunnel Network', false, "ipv6"))
238	d799787e	Matthew Grooms	$input_errors[] = $result;
239
240	a28d40cb	jim-p	if ($result = openvpn_validate_cidr($pconfig['remote_network'], 'IPv4 Remote Network', true, "ipv4"))
241			$input_errors[] = $result;
242
243			if ($result = openvpn_validate_cidr($pconfig['remote_networkv6'], 'IPv6 Remote Network', true, "ipv6"))
244			$input_errors[] = $result;
245
246			if ($result = openvpn_validate_cidr($pconfig['local_network'], 'IPv4 Local Network', true, "ipv4"))
247			$input_errors[] = $result;
248
249			if ($result = openvpn_validate_cidr($pconfig['local_networkv6'], 'IPv6 Local Network', true, "ipv6"))
250	d799787e	Matthew Grooms	$input_errors[] = $result;
251
252	49b76122	Renato Botelho	$portused = openvpn_port_used($pconfig['protocol'], $pconfig['interface'], $pconfig['local_port'], $vpnid);
253	5accf130	jim-p	if (($portused != $vpnid) && ($portused != 0))
254	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The specified 'Local port' is in use. Please select another value");
255	f432e364	Matthew Grooms
256	89e6e210	jim-p	if ($pconfig['autokey_enable'])
257			$pconfig['shared_key'] = openvpn_create_key();
258
259	3c11bd3c	Matthew Grooms	if (!$tls_mode && !$pconfig['autokey_enable'])
260	d799787e	Matthew Grooms	if (!strstr($pconfig['shared_key'], "-----BEGIN OpenVPN Static key V1-----") \|\|
261			!strstr($pconfig['shared_key'], "-----END OpenVPN Static key V1-----"))
262	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'Shared Key' does not appear to be valid");
263	3c11bd3c	Matthew Grooms
264			if ($tls_mode && $pconfig['tlsauth_enable'] && !$pconfig['autotls_enable'])
265			if (!strstr($pconfig['tls'], "-----BEGIN OpenVPN Static key V1-----") \|\|
266			!strstr($pconfig['tls'], "-----END OpenVPN Static key V1-----"))
267	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'TLS Authentication Key' does not appear to be valid");
268	d799787e	Matthew Grooms
269			if ($pconfig['dns_server_enable']) {
270			if (!empty($pconfig['dns_server1']) && !is_ipaddr(trim($pconfig['dns_server1'])))
271	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'DNS Server #1' must contain a valid IP address");
272	d799787e	Matthew Grooms	if (!empty($pconfig['dns_server2']) && !is_ipaddr(trim($pconfig['dns_server2'])))
273	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'DNS Server #2' must contain a valid IP address");
274	d799787e	Matthew Grooms	if (!empty($pconfig['dns_server3']) && !is_ipaddr(trim($pconfig['dns_server3'])))
275	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'DNS Server #3' must contain a valid IP address");
276	d799787e	Matthew Grooms	if (!empty($pconfig['dns_server4']) && !is_ipaddr(trim($pconfig['dns_server4'])))
277	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'DNS Server #4' must contain a valid IP address");
278	d799787e	Matthew Grooms	}
279
280			if ($pconfig['ntp_server_enable']) {
281			if (!empty($pconfig['ntp_server1']) && !is_ipaddr(trim($pconfig['ntp_server1'])))
282	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'NTP Server #1' must contain a valid IP address");
283	d799787e	Matthew Grooms	if (!empty($pconfig['ntp_server2']) && !is_ipaddr(trim($pconfig['ntp_server2'])))
284	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'NTP Server #2' must contain a valid IP address");
285	d799787e	Matthew Grooms	if (!empty($pconfig['ntp_server3']) && !is_ipaddr(trim($pconfig['ntp_server3'])))
286	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'NTP Server #3' must contain a valid IP address");
287	d799787e	Matthew Grooms	if (!empty($pconfig['ntp_server4']) && !is_ipaddr(trim($pconfig['ntp_server4'])))
288	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'NTP Server #4' must contain a valid IP address");
289	d799787e	Matthew Grooms	}
290
291			if ($pconfig['netbios_enable']) {
292			if ($pconfig['wins_server_enable']) {
293			if (!empty($pconfig['wins_server1']) && !is_ipaddr(trim($pconfig['wins_server1'])))
294	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'WINS Server #1' must contain a valid IP address");
295	d799787e	Matthew Grooms	if (!empty($pconfig['wins_server2']) && !is_ipaddr(trim($pconfig['wins_server2'])))
296	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'WINS Server #2' must contain a valid IP address");
297	d799787e	Matthew Grooms	}
298			if ($pconfig['nbdd_server_enable'])
299			if (!empty($pconfig['nbdd_server1']) && !is_ipaddr(trim($pconfig['nbdd_server1'])))
300	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'NetBIOS Data Distribution Server #1' must contain a valid IP address");
301	d799787e	Matthew Grooms	}
302
303			if ($pconfig['maxclients'] && !is_numeric($pconfig['maxclients']))
304	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'Concurrent connections' must be numeric.");
305	d799787e	Matthew Grooms
306	21c776dd	jim-p	/* If we are not in shared key mode, then we need the CA/Cert. */
307			if ($pconfig['mode'] != "p2p_shared_key") {
308	872d9195	Matthew Grooms	$reqdfields = explode(" ", "caref certref");
309	fe6d7a55	jim-p	$reqdfieldsn = array(gettext("Certificate Authority"),gettext("Certificate"));
310	21c776dd	jim-p	} elseif (!$pconfig['autokey_enable']) {
311			/* We only need the shared key filled in if we are in shared key mode and autokey is not selected. */
312			$reqdfields = array('shared_key');
313	4d8b3382	Carlos Eduardo Ramos	$reqdfieldsn = array(gettext('Shared key'));
314	d799787e	Matthew Grooms	}
315
316	1ab6bdb5	jim-p	if ($pconfig['dev_mode'] != "tap") {
317			$reqdfields[] = 'tunnel_network';
318			$reqdfieldsn[] = gettext('Tunnel network');
319			} else {
320	74a556a3	jim-p	if ($pconfig['serverbridge_dhcp'] && $pconfig['tunnel_network'])
321			$input_errors[] = gettext("Using a tunnel network and server bridge settings together is not allowed.");
322	1ab6bdb5	jim-p	if (($pconfig['serverbridge_dhcp_start'] && !$pconfig['serverbridge_dhcp_end'])
323			\|\| (!$pconfig['serverbridge_dhcp_start'] && $pconfig['serverbridge_dhcp_end']))
324			$input_errors[] = gettext("Server Bridge DHCP Start and End must both be empty, or defined.");
325			if (($pconfig['serverbridge_dhcp_start'] && !is_ipaddrv4($pconfig['serverbridge_dhcp_start'])))
326			$input_errors[] = gettext("Server Bridge DHCP Start must be an IPv4 address.");
327			if (($pconfig['serverbridge_dhcp_end'] && !is_ipaddrv4($pconfig['serverbridge_dhcp_end'])))
328			$input_errors[] = gettext("Server Bridge DHCP End must be an IPv4 address.");
329			if (ip2ulong($pconfig['serverbridge_dhcp_start']) > ip2ulong($pconfig['serverbridge_dhcp_end']))
330			$input_errors[] = gettext("The Server Bridge DHCP range is invalid (start higher than end).");
331			}
332	d799787e	Matthew Grooms	do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
333
334			if (!$input_errors) {
335
336			$server = array();
337
338	da601f8e	PiBa-NL	if ($id && $pconfig['dev_mode'] <> $a_server[$id]['dev_mode'])
339			openvpn_delete('server', $a_server[$id]);// delete(rename) old interface so a new TUN or TAP interface can be created.
340
341	f432e364	Matthew Grooms	if ($vpnid)
342			$server['vpnid'] = $vpnid;
343	e28120e5	Matthew Grooms	else
344	d799787e	Matthew Grooms	$server['vpnid'] = openvpn_vpnid_next();
345
346	870318b9	Ermal Lu?i	if ($_POST['disable'] == "yes")
347			$server['disable'] = true;
348	3c11bd3c	Matthew Grooms	$server['mode'] = $pconfig['mode'];
349	8a47c190	Ermal Lu?i	if (!empty($pconfig['authmode']))
350			$server['authmode'] = implode(",", $pconfig['authmode']);
351	d799787e	Matthew Grooms	$server['protocol'] = $pconfig['protocol'];
352	4936ff53	jim-p	$server['dev_mode'] = $pconfig['dev_mode'];
353	67b0902f	pierrepomes	list($server['interface'], $server['ipaddr']) = explode ("\|",$pconfig['interface']);
354	d799787e	Matthew Grooms	$server['local_port'] = $pconfig['local_port'];
355			$server['description'] = $pconfig['description'];
356	e3bbd29a	Ermal	$server['custom_options'] = str_replace("\r\n", "\n", $pconfig['custom_options']);
357	d799787e	Matthew Grooms
358	3c11bd3c	Matthew Grooms	if ($tls_mode) {
359			if ($pconfig['tlsauth_enable']) {
360			if ($pconfig['autotls_enable'])
361			$pconfig['tls'] = openvpn_create_key();
362			$server['tls'] = base64_encode($pconfig['tls']);
363			}
364	fe787fc7	Matthew Grooms	$server['caref'] = $pconfig['caref'];
365	6db02381	jim-p	$server['crlref'] = $pconfig['crlref'];
366	fe787fc7	Matthew Grooms	$server['certref'] = $pconfig['certref'];
367			$server['dh_length'] = $pconfig['dh_length'];
368	98963f27	jim-p	$server['cert_depth'] = $pconfig['cert_depth'];
369	94823361	jim-p	if ($pconfig['mode'] == "server_tls_user")
370			$server['strictusercn'] = $pconfig['strictusercn'];
371	3c11bd3c	Matthew Grooms	} else {
372			$server['shared_key'] = base64_encode($pconfig['shared_key']);
373	d799787e	Matthew Grooms	}
374			$server['crypto'] = $pconfig['crypto'];
375	582c58ae	jim-p	$server['engine'] = $pconfig['engine'];
376	d799787e	Matthew Grooms
377			$server['tunnel_network'] = $pconfig['tunnel_network'];
378	b1ba04cf	Seth Mos	$server['tunnel_networkv6'] = $pconfig['tunnel_networkv6'];
379	d799787e	Matthew Grooms	$server['remote_network'] = $pconfig['remote_network'];
380	4856df9b	jim-p	$server['remote_networkv6'] = $pconfig['remote_networkv6'];
381	d799787e	Matthew Grooms	$server['gwredir'] = $pconfig['gwredir'];
382			$server['local_network'] = $pconfig['local_network'];
383	b1ba04cf	Seth Mos	$server['local_networkv6'] = $pconfig['local_networkv6'];
384	d799787e	Matthew Grooms	$server['maxclients'] = $pconfig['maxclients'];
385			$server['compression'] = $pconfig['compression'];
386	1cb0b40a	Matthew Grooms	$server['passtos'] = $pconfig['passtos'];
387	d799787e	Matthew Grooms	$server['client2client'] = $pconfig['client2client'];
388
389	65ff8497	jim-p	$server['dynamic_ip'] = $pconfig['dynamic_ip'];
390	d799787e	Matthew Grooms	$server['pool_enable'] = $pconfig['pool_enable'];
391	ee55ce7d	jim-p	$server['topology_subnet'] = $pconfig['topology_subnet'];
392	d799787e	Matthew Grooms
393	1ab6bdb5	jim-p	$server['serverbridge_dhcp'] = $pconfig['serverbridge_dhcp'];
394			$server['serverbridge_interface'] = $pconfig['serverbridge_interface'];
395			$server['serverbridge_dhcp_start'] = $pconfig['serverbridge_dhcp_start'];
396			$server['serverbridge_dhcp_end'] = $pconfig['serverbridge_dhcp_end'];
397
398	d799787e	Matthew Grooms	if ($pconfig['dns_domain_enable'])
399			$server['dns_domain'] = $pconfig['dns_domain'];
400
401			if ($pconfig['dns_server_enable']) {
402			$server['dns_server1'] = $pconfig['dns_server1'];
403			$server['dns_server2'] = $pconfig['dns_server2'];
404			$server['dns_server3'] = $pconfig['dns_server3'];
405			$server['dns_server4'] = $pconfig['dns_server4'];
406			}
407
408			if ($pconfig['ntp_server_enable']) {
409			$server['ntp_server1'] = $pconfig['ntp_server1'];
410			$server['ntp_server2'] = $pconfig['ntp_server2'];
411			}
412
413			$server['netbios_enable'] = $pconfig['netbios_enable'];
414			$server['netbios_ntype'] = $pconfig['netbios_ntype'];
415			$server['netbios_scope'] = $pconfig['netbios_scope'];
416
417			if ($pconfig['netbios_enable']) {
418
419			if ($pconfig['wins_server_enable']) {
420			$server['wins_server1'] = $pconfig['wins_server1'];
421			$server['wins_server2'] = $pconfig['wins_server2'];
422			}
423
424			if ($pconfig['dns_server_enable'])
425			$server['nbdd_server1'] = $pconfig['nbdd_server1'];
426			}
427	bca35cff	jim-p
428			if ($_POST['duplicate_cn'] == "yes")
429			$server['duplicate_cn'] = true;
430
431	d799787e	Matthew Grooms	if (isset($id) && $a_server[$id])
432			$a_server[$id] = $server;
433			else
434			$a_server[] = $server;
435
436	dc408939	Matthew Grooms	openvpn_resync('server', $server);
437	d799787e	Matthew Grooms	write_config();
438
439			header("Location: vpn_openvpn_server.php");
440			exit;
441			}
442	8a47c190	Ermal Lu?i	if (!empty($pconfig['authmode']))
443			$pconfig['authmode'] = implode(",", $pconfig['authmode']);
444	d799787e	Matthew Grooms	}
445	6d9b1074	jim-p	$pgtitle = array(gettext("OpenVPN"), gettext("Server"));
446			$shortcut_section = "openvpn";
447	d799787e	Matthew Grooms
448			include("head.inc");
449
450			?>
451
452			<body link="#000000" vlink="#000000" alink="#000000" onload="<?= $jsevents["body"]["onload"] ?>">
453			<?php include("fbegin.inc"); ?>
454			<script language="JavaScript">
455			<!--
456
457	3c11bd3c	Matthew Grooms	function mode_change() {
458			index = document.iform.mode.selectedIndex;
459			value = document.iform.mode.options[index].value;
460	d799787e	Matthew Grooms	switch(value) {
461	3c11bd3c	Matthew Grooms	case "p2p_tls":
462			case "server_tls":
463			case "server_user":
464	94823361	jim-p	document.getElementById("tls").style.display="";
465			document.getElementById("tls_ca").style.display="";
466			document.getElementById("tls_crl").style.display="";
467			document.getElementById("tls_cert").style.display="";
468			document.getElementById("tls_dh").style.display="";
469	98963f27	jim-p	document.getElementById("cert_depth").style.display="";
470	94823361	jim-p	document.getElementById("strictusercn").style.display="none";
471			document.getElementById("psk").style.display="none";
472			break;
473	3c11bd3c	Matthew Grooms	case "server_tls_user":
474			document.getElementById("tls").style.display="";
475			document.getElementById("tls_ca").style.display="";
476	6db02381	jim-p	document.getElementById("tls_crl").style.display="";
477	3c11bd3c	Matthew Grooms	document.getElementById("tls_cert").style.display="";
478	fe787fc7	Matthew Grooms	document.getElementById("tls_dh").style.display="";
479	98963f27	jim-p	document.getElementById("cert_depth").style.display="";
480	94823361	jim-p	document.getElementById("strictusercn").style.display="";
481	d799787e	Matthew Grooms	document.getElementById("psk").style.display="none";
482			break;
483	3c11bd3c	Matthew Grooms	case "p2p_shared_key":
484			document.getElementById("tls").style.display="none";
485			document.getElementById("tls_ca").style.display="none";
486	6db02381	jim-p	document.getElementById("tls_crl").style.display="none";
487	3c11bd3c	Matthew Grooms	document.getElementById("tls_cert").style.display="none";
488	fe787fc7	Matthew Grooms	document.getElementById("tls_dh").style.display="none";
489	98963f27	jim-p	document.getElementById("cert_depth").style.display="none";
490	94823361	jim-p	document.getElementById("strictusercn").style.display="none";
491	d799787e	Matthew Grooms	document.getElementById("psk").style.display="";
492			break;
493			}
494	3c11bd3c	Matthew Grooms	switch(value) {
495			case "p2p_shared_key":
496			document.getElementById("client_opts").style.display="none";
497	415bddea	jim-p	document.getElementById("remote_optsv4").style.display="";
498			document.getElementById("remote_optsv6").style.display="";
499	a2ff08f8	jim-p	document.getElementById("gwredir_opts").style.display="none";
500	4856df9b	jim-p	document.getElementById("local_optsv4").style.display="none";
501			document.getElementById("local_optsv6").style.display="none";
502	b008c1eb	jim-p	document.getElementById("authmodetr").style.display="none";
503	107794cc	jim-p	document.getElementById("inter_client_communication").style.display="none";
504	b008c1eb	jim-p	break;
505			case "p2p_tls":
506			document.getElementById("client_opts").style.display="none";
507	415bddea	jim-p	document.getElementById("remote_optsv4").style.display="";
508			document.getElementById("remote_optsv6").style.display="";
509	a2ff08f8	jim-p	document.getElementById("gwredir_opts").style.display="";
510	4856df9b	jim-p	document.getElementById("local_optsv4").style.display="";
511			document.getElementById("local_optsv6").style.display="";
512	e8a58de4	Ermal Lu?i	document.getElementById("authmodetr").style.display="none";
513	107794cc	jim-p	document.getElementById("inter_client_communication").style.display="none";
514	3c11bd3c	Matthew Grooms	break;
515	e8a58de4	Ermal Lu?i	case "server_user":
516			case "server_tls_user":
517			document.getElementById("authmodetr").style.display="";
518	54b9de56	Ermal Lu?i	document.getElementById("client_opts").style.display="";
519	415bddea	jim-p	document.getElementById("remote_optsv4").style.display="none";
520			document.getElementById("remote_optsv6").style.display="none";
521	a2ff08f8	jim-p	document.getElementById("gwredir_opts").style.display="";
522	4856df9b	jim-p	document.getElementById("local_optsv4").style.display="";
523			document.getElementById("local_optsv6").style.display="";
524	107794cc	jim-p	document.getElementById("inter_client_communication").style.display="";
525	54b9de56	Ermal Lu?i	break;
526			case "server_tls":
527			document.getElementById("authmodetr").style.display="none";
528	3c11bd3c	Matthew Grooms	default:
529			document.getElementById("client_opts").style.display="";
530	415bddea	jim-p	document.getElementById("remote_optsv4").style.display="none";
531			document.getElementById("remote_optsv6").style.display="none";
532	a2ff08f8	jim-p	document.getElementById("gwredir_opts").style.display="";
533	4856df9b	jim-p	document.getElementById("local_optsv4").style.display="";
534			document.getElementById("local_optsv6").style.display="";
535	107794cc	jim-p	document.getElementById("inter_client_communication").style.display="";
536	3c11bd3c	Matthew Grooms	break;
537			}
538	a2ff08f8	jim-p	gwredir_change();
539	3c11bd3c	Matthew Grooms	}
540
541			function autokey_change() {
542
543	f54712b6	jim-p	if ((document.iform.autokey_enable != null) && (document.iform.autokey_enable.checked))
544	3c11bd3c	Matthew Grooms	document.getElementById("autokey_opts").style.display="none";
545			else
546			document.getElementById("autokey_opts").style.display="";
547			}
548
549			function tlsauth_change() {
550
551			<?php if (!$pconfig['tls']): ?>
552			if (document.iform.tlsauth_enable.checked)
553			document.getElementById("tlsauth_opts").style.display="";
554			else
555			document.getElementById("tlsauth_opts").style.display="none";
556			<?php endif; ?>
557
558			autotls_change();
559			}
560
561			function autotls_change() {
562
563			<?php if (!$pconfig['tls']): ?>
564			autocheck = document.iform.autotls_enable.checked;
565			<?php else: ?>
566			autocheck = false;
567			<?php endif; ?>
568
569			if (document.iform.tlsauth_enable.checked && !autocheck)
570			document.getElementById("autotls_opts").style.display="";
571			else
572			document.getElementById("autotls_opts").style.display="none";
573	d799787e	Matthew Grooms	}
574
575			function gwredir_change() {
576
577	fd96a3fc	bcyrill	if (document.iform.gwredir.checked) {
578			document.getElementById("local_optsv4").style.display="none";
579			document.getElementById("local_optsv6").style.display="none";
580			} else {
581			document.getElementById("local_optsv4").style.display="";
582			document.getElementById("local_optsv6").style.display="";
583			}
584	d799787e	Matthew Grooms	}
585
586			function dns_domain_change() {
587
588			if (document.iform.dns_domain_enable.checked)
589			document.getElementById("dns_domain_data").style.display="";
590			else
591			document.getElementById("dns_domain_data").style.display="none";
592			}
593
594			function dns_server_change() {
595
596			if (document.iform.dns_server_enable.checked)
597			document.getElementById("dns_server_data").style.display="";
598			else
599			document.getElementById("dns_server_data").style.display="none";
600			}
601
602			function wins_server_change() {
603
604			if (document.iform.wins_server_enable.checked)
605			document.getElementById("wins_server_data").style.display="";
606			else
607			document.getElementById("wins_server_data").style.display="none";
608			}
609
610			function ntp_server_change() {
611
612			if (document.iform.ntp_server_enable.checked)
613			document.getElementById("ntp_server_data").style.display="";
614			else
615			document.getElementById("ntp_server_data").style.display="none";
616			}
617
618			function netbios_change() {
619
620			if (document.iform.netbios_enable.checked) {
621			document.getElementById("netbios_data").style.display="";
622			document.getElementById("wins_opts").style.display="";
623			} else {
624			document.getElementById("netbios_data").style.display="none";
625			document.getElementById("wins_opts").style.display="none";
626			}
627			}
628
629	1ab6bdb5	jim-p	function tuntap_change() {
630
631			mindex = document.iform.mode.selectedIndex;
632			mvalue = document.iform.mode.options[mindex].value;
633
634			switch(mvalue) {
635			case "p2p_tls":
636			case "p2p_shared_key":
637			p2p = true;
638			break;
639			default:
640			p2p = false;
641			break;
642			}
643
644			index = document.iform.dev_mode.selectedIndex;
645			value = document.iform.dev_mode.options[index].value;
646			switch(value) {
647			case "tun":
648	74a556a3	jim-p	document.getElementById("ipv4_tunnel_network").className="vncellreq";
649	1ab6bdb5	jim-p	document.getElementById("serverbridge_dhcp").style.display="none";
650			document.getElementById("serverbridge_interface").style.display="none";
651			document.getElementById("serverbridge_dhcp_start").style.display="none";
652			document.getElementById("serverbridge_dhcp_end").style.display="none";
653	ee55ce7d	jim-p	document.getElementById("topology_subnet_opt").style.display="";
654	1ab6bdb5	jim-p	break;
655			case "tap":
656	74a556a3	jim-p	document.getElementById("ipv4_tunnel_network").className="vncell";
657	1ab6bdb5	jim-p	if (!p2p) {
658			document.getElementById("serverbridge_dhcp").style.display="";
659			document.getElementById("serverbridge_interface").style.display="";
660			document.getElementById("serverbridge_dhcp_start").style.display="";
661			document.getElementById("serverbridge_dhcp_end").style.display="";
662	ee55ce7d	jim-p	document.getElementById("topology_subnet_opt").style.display="none";
663	f54712b6	jim-p	document.iform.serverbridge_dhcp.disabled = false;
664	1ab6bdb5	jim-p	if (document.iform.serverbridge_dhcp.checked) {
665			document.iform.serverbridge_interface.disabled = false;
666			document.iform.serverbridge_dhcp_start.disabled = false;
667			document.iform.serverbridge_dhcp_end.disabled = false;
668			} else {
669			document.iform.serverbridge_interface.disabled = true;
670			document.iform.serverbridge_dhcp_start.disabled = true;
671			document.iform.serverbridge_dhcp_end.disabled = true;
672			}
673			} else {
674	ee55ce7d	jim-p	document.getElementById("topology_subnet_opt").style.display="none";
675	1ab6bdb5	jim-p	document.iform.serverbridge_dhcp.disabled = true;
676			document.iform.serverbridge_interface.disabled = true;
677			document.iform.serverbridge_dhcp_start.disabled = true;
678			document.iform.serverbridge_dhcp_end.disabled = true;
679			}
680			break;
681			}
682			}
683	d799787e	Matthew Grooms	//-->
684			</script>
685			<?php
686	428e66b6	jim-p	if (!$savemsg)
687			$savemsg = "";
688
689			if ($input_errors)
690			print_input_errors($input_errors);
691			if ($savemsg)
692			print_info_box_np($savemsg);
693	d799787e	Matthew Grooms	?>
694			<table width="100%" border="0" cellpadding="0" cellspacing="0">
695	5a3b0d3b	mgrooms	<tr>
696	d799787e	Matthew Grooms	<td class="tabnavtbl">
697			<ul id="tabnav">
698			<?php
699			$tab_array = array();
700			$tab_array[] = array(gettext("Server"), true, "vpn_openvpn_server.php");
701			$tab_array[] = array(gettext("Client"), false, "vpn_openvpn_client.php");
702			$tab_array[] = array(gettext("Client Specific Overrides"), false, "vpn_openvpn_csc.php");
703	5540aee6	Ermal Lu?i	$tab_array[] = array(gettext("Wizards"), false, "wizard.php?xml=openvpn_wizard.xml");
704	b63f2e8b	Matthew Grooms	add_package_tabs("OpenVPN", $tab_array);
705	d799787e	Matthew Grooms	display_top_tabs($tab_array);
706			?>
707			</ul>
708			</td>
709			</tr>
710			<tr>
711			<td class="tabcont">
712
713			<?php if($act=="new" \|\| $act=="edit"): ?>
714
715			<form action="vpn_openvpn_server.php" method="post" name="iform" id="iform" onsubmit="presubmit()">
716			<table width="100%" border="0" cellpadding="6" cellspacing="0">
717	47c00c09	Scott Ullrich	<tr>
718	4d8b3382	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="listtopic"><?=gettext("General information"); ?></td>
719	b63f2e8b	Matthew Grooms	</tr>
720	d799787e	Matthew Grooms	<tr>
721	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Disabled"); ?></td>
722	d799787e	Matthew Grooms	<td width="78%" class="vtable">
723			<table border="0" cellpadding="0" cellspacing="0">
724			<tr>
725			<td>
726			<?php set_checked($pconfig['disable'],$chk); ?>
727			<input name="disable" type="checkbox" value="yes" <?=$chk;?>/>
728			</td>
729			<td>
730
731			<span class="vexpl">
732	4d8b3382	Carlos Eduardo Ramos	<strong><?=gettext("Disable this server"); ?></strong><br>
733	d799787e	Matthew Grooms	</span>
734			</td>
735			</tr>
736			</table>
737	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Set this option to disable this server without removing it from the list"); ?>.
738	d799787e	Matthew Grooms	</td>
739			</tr>
740	3c11bd3c	Matthew Grooms	<tr>
741			<td width="22%" valign="top" class="vncellreq"><?=gettext("Server Mode");?></td>
742			<td width="78%" class="vtable">
743	1ab6bdb5	jim-p	<select name='mode' id='mode' class="formselect" onchange='mode_change(); tuntap_change()'>
744	3c11bd3c	Matthew Grooms	<?php
745			foreach ($openvpn_server_modes as $name => $desc):
746			$selected = "";
747			if ($pconfig['mode'] == $name)
748			$selected = "selected";
749			?>
750			<option value="<?=$name;?>" <?=$selected;?>><?=$desc;?></option>
751			<?php endforeach; ?>
752			</select>
753			</td>
754			</tr>
755	e8a58de4	Ermal Lu?i	<tr id="authmodetr" style="display:none">
756			<td width="22%" valign="top" class="vncellreq"><?=gettext("Backend for authentication");?></td>
757			<td width="78%" class="vtable">
758	6306b5dd	Ermal Lu?i	<select name='authmode[]' id='authmode' class="formselect" multiple="true" size="<?php echo count($auth_servers); ?>">
759	c61e4626	Ermal Lu?i	<?php $authmodes = explode(",", $pconfig['authmode']); ?>
760	e8a58de4	Ermal Lu?i	<?php
761	6306b5dd	Ermal Lu?i	$auth_servers = auth_get_authserver_list();
762	e8a58de4	Ermal Lu?i	foreach ($auth_servers as $auth_server):
763			$selected = "";
764	c61e4626	Ermal Lu?i	if (in_array($auth_server['name'], $authmodes))
765	e8a58de4	Ermal Lu?i	$selected = "selected";
766			?>
767			<option value="<?=$auth_server['name'];?>" <?=$selected;?>><?=$auth_server['name'];?></option>
768			<?php endforeach; ?>
769			</select>
770			</td>
771			</tr>
772	d799787e	Matthew Grooms	<tr>
773			<td width="22%" valign="top" class="vncellreq"><?=gettext("Protocol");?></td>
774			<td width="78%" class="vtable">
775			<select name='protocol' class="formselect">
776			<?php
777			foreach ($openvpn_prots as $prot):
778			$selected = "";
779			if ($pconfig['protocol'] == $prot)
780			$selected = "selected";
781			?>
782			<option value="<?=$prot;?>" <?=$selected;?>><?=$prot;?></option>
783			<?php endforeach; ?>
784			</select>
785			</td>
786			</tr>
787	bf87b4d7	lgcosta	<tr>
788			<td width="22%" valign="top" class="vncellreq"><?=gettext("Device Mode"); ?></td>
789			<td width="78%" class="vtable">
790	1ab6bdb5	jim-p	<select name="dev_mode" class="formselect" onchange='tuntap_change()'>
791	bf87b4d7	lgcosta	<?php
792			foreach ($openvpn_dev_mode as $device):
793	71edee5e	lgcosta	$selected = "";
794	4936ff53	jim-p	if (! empty($pconfig['dev_mode'])) {
795			if ($pconfig['dev_mode'] == $device)
796	71edee5e	lgcosta	$selected = "selected";
797			} else {
798			if ($device == "tun")
799			$selected = "selected";
800			}
801	bf87b4d7	lgcosta	?>
802			<option value="<?=$device;?>" <?=$selected;?>><?=$device;?></option>
803			<?php endforeach; ?>
804			</select>
805			</td>
806			</tr>
807	d799787e	Matthew Grooms	<tr>
808	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Interface"); ?></td>
809	d799787e	Matthew Grooms	<td width="78%" class="vtable">
810			<select name="interface" class="formselect">
811			<?php
812			$interfaces = get_configured_interface_with_descr();
813	3d06e8f0	pierrepomes	$carplist = get_configured_carp_interface_list();
814			foreach ($carplist as $cif => $carpip)
815	dd62256f	Pierre POMES	$interfaces[$cif.'\|'.$carpip] = $carpip." (".get_vip_descr($carpip).")";
816	67b0902f	pierrepomes	$aliaslist = get_configured_ip_aliases_list();
817			foreach ($aliaslist as $aliasip => $aliasif)
818	dd62256f	Pierre POMES	$interfaces[$aliasif.'\|'.$aliasip] = $aliasip." (".get_vip_descr($aliasip).")";
819	47c48e28	smos	$grouplist = return_gateway_groups_array();
820			foreach ($grouplist as $name => $group) {
821			if($group['ipprotocol'] != inet)
822			continue;
823			if($group[0]['vip'] <> "")
824			$vipif = $group[0]['vip'];
825			else
826			$vipif = $group[0]['int'];
827			$interfaces[$name] = "GW Group {$name}";
828			}
829	5c94aa12	jim-p	$interfaces['lo0'] = "Localhost";
830	67b0902f	pierrepomes	$interfaces['any'] = "any";
831	d799787e	Matthew Grooms	foreach ($interfaces as $iface => $ifacename):
832	1d3bcd2a	Matthew Grooms	$selected = "";
833			if ($iface == $pconfig['interface'])
834			$selected = "selected";
835	d799787e	Matthew Grooms	?>
836	1d3bcd2a	Matthew Grooms	<option value="<?=$iface;?>" <?=$selected;?>>
837			<?=htmlspecialchars($ifacename);?>
838			</option>
839	d799787e	Matthew Grooms	<?php endforeach; ?>
840			</select> <br>
841			</td>
842			</tr>
843			<tr>
844			<td width="22%" valign="top" class="vncellreq"><?=gettext("Local port");?></td>
845			<td width="78%" class="vtable">
846			<input name="local_port" type="text" class="formfld unknown" size="5" value="<?=htmlspecialchars($pconfig['local_port']);?>"/>
847			</td>
848			</tr>
849			<tr>
850	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Description"); ?></td>
851	d799787e	Matthew Grooms	<td width="78%" class="vtable">
852			<input name="description" type="text" class="formfld unknown" size="30" value="<?=htmlspecialchars($pconfig['description']);?>">
853			<br>
854	4d8b3382	Carlos Eduardo Ramos	<?=gettext("You may enter a description here for your reference (not parsed)"); ?>.
855	d799787e	Matthew Grooms	</td>
856			</tr>
857			<tr>
858			<td colspan="2" class="list" height="12"></td>
859			</tr>
860			<tr>
861	4d8b3382	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="listtopic"><?=gettext("Cryptographic Settings"); ?></td>
862	d799787e	Matthew Grooms	</tr>
863	3c11bd3c	Matthew Grooms	<tr id="tls">
864	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("TLS Authentication"); ?></td>
865	3c11bd3c	Matthew Grooms	<td width="78%" class="vtable">
866			<table border="0" cellpadding="2" cellspacing="0">
867			<tr>
868			<td>
869			<?php set_checked($pconfig['tlsauth_enable'],$chk); ?>
870			<input name="tlsauth_enable" id="tlsauth_enable" type="checkbox" value="yes" <?=$chk;?> onClick="tlsauth_change()">
871			</td>
872			<td>
873			<span class="vexpl">
874	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Enable authentication of TLS packets"); ?>.
875	3c11bd3c	Matthew Grooms	</span>
876			</td>
877			</tr>
878			</table>
879			<?php if (!$pconfig['tls']): ?>
880			<table border="0" cellpadding="2" cellspacing="0" id='tlsauth_opts'>
881			<tr>
882			<td>
883			<?php set_checked($pconfig['autotls_enable'],$chk); ?>
884			<input name="autotls_enable" id="autotls_enable" type="checkbox" value="yes" <?=$chk;?> onClick="autotls_change()">
885			</td>
886			<td>
887			<span class="vexpl">
888	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Automatically generate a shared TLS authentication key"); ?>.
889	3c11bd3c	Matthew Grooms	</span>
890			</td>
891			</tr>
892			</table>
893			<?php endif; ?>
894			<table border="0" cellpadding="2" cellspacing="0" id='autotls_opts'>
895			<tr>
896			<td>
897			<textarea name="tls" cols="65" rows="7" class="formpre"><?=htmlspecialchars($pconfig['tls']);?></textarea>
898			<br/>
899	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Paste your shared key here"); ?>.
900	3c11bd3c	Matthew Grooms	</td>
901			</tr>
902			</table>
903			</td>
904	d799787e	Matthew Grooms	</tr>
905	3c11bd3c	Matthew Grooms	<tr id="tls_ca">
906	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Peer Certificate Authority"); ?></td>
907	d799787e	Matthew Grooms	<td width="78%" class="vtable">
908	19cdeb3e	jim-p	<?php if (count($a_ca)): ?>
909	d799787e	Matthew Grooms	<select name='caref' class="formselect">
910			<?php
911	428e66b6	jim-p	foreach ($a_ca as $ca):
912	d799787e	Matthew Grooms	$selected = "";
913			if ($pconfig['caref'] == $ca['refid'])
914			$selected = "selected";
915			?>
916	f2a86ca9	jim-p	<option value="<?=$ca['refid'];?>" <?=$selected;?>><?=$ca['descr'];?></option>
917	d799787e	Matthew Grooms	<?php endforeach; ?>
918			</select>
919	19cdeb3e	jim-p	<?php else: ?>
920			<b>No Certificate Authorities defined.</b> <br/>Create one under <a href="system_camanager.php">System > Cert Manager</a>.
921			<?php endif; ?>
922	d799787e	Matthew Grooms	</td>
923			</tr>
924	6db02381	jim-p	<tr id="tls_crl">
925			<td width="22%" valign="top" class="vncellreq"><?=gettext("Peer Certificate Revocation List"); ?></td>
926			<td width="78%" class="vtable">
927	19cdeb3e	jim-p	<?php if (count($a_crl)): ?>
928	6db02381	jim-p	<select name='crlref' class="formselect">
929			<option value="">None</option>
930			<?php
931	428e66b6	jim-p	foreach ($a_crl as $crl):
932	6db02381	jim-p	$selected = "";
933	f02c3e1d	jim-p	$caname = "";
934			$ca = lookup_ca($crl['caref']);
935			if ($ca) {
936			$caname = " (CA: {$ca['descr']})";
937			if ($pconfig['crlref'] == $crl['refid'])
938			$selected = "selected";
939			}
940	6db02381	jim-p	?>
941	f02c3e1d	jim-p	<option value="<?=$crl['refid'];?>" <?=$selected;?>><?=$crl['descr'] . $caname;?></option>
942	6db02381	jim-p	<?php endforeach; ?>
943			</select>
944	19cdeb3e	jim-p	<?php else: ?>
945			<b>No Certificate Revocation Lists (CRLs) defined.</b> <br/>Create one under <a href="system_crlmanager.php">System > Cert Manager</a>.
946			<?php endif; ?>
947	6db02381	jim-p	</td>
948			</tr>
949	3c11bd3c	Matthew Grooms	<tr id="tls_cert">
950	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Server Certificate"); ?></td>
951	d799787e	Matthew Grooms	<td width="78%" class="vtable">
952	19cdeb3e	jim-p	<?php if (count($a_cert)): ?>
953	d799787e	Matthew Grooms	<select name='certref' class="formselect">
954			<?php
955	428e66b6	jim-p	foreach ($a_cert as $cert):
956	9e303f2f	jim-p	$selected = "";
957			$caname = "";
958			$inuse = "";
959			$revoked = "";
960			$ca = lookup_ca($cert['caref']);
961			if ($ca)
962			$caname = " (CA: {$ca['descr']})";
963			if ($pconfig['certref'] == $cert['refid'])
964			$selected = "selected";
965			if (cert_in_use($cert['refid']))
966			$inuse = " *In Use";
967			if (is_cert_revoked($cert))
968			$revoked = " *Revoked";
969	d799787e	Matthew Grooms	?>
970	6a0b3ea4	jim-p	<option value="<?=$cert['refid'];?>" <?=$selected;?>><?=$cert['descr'] . $caname . $inuse . $revoked;?></option>
971	d799787e	Matthew Grooms	<?php endforeach; ?>
972			</select>
973	19cdeb3e	jim-p	<?php else: ?>
974			<b>No Certificates defined.</b> <br/>Create one under <a href="system_certmanager.php">System > Cert Manager</a>.
975			<?php endif; ?>
976	d799787e	Matthew Grooms	</td>
977			</tr>
978	fe787fc7	Matthew Grooms	<tr id="tls_dh">
979	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("DH Parameters Length"); ?></td>
980	fe787fc7	Matthew Grooms	<td width="78%" class="vtable">
981			<select name="dh_length" class="formselect">
982			<?php
983			foreach ($openvpn_dh_lengths as $length):
984			$selected = '';
985			if ($length == $pconfig['dh_length'])
986			$selected = ' selected';
987			?>
988			<option<?=$selected?>><?=$length;?></option>
989			<?php endforeach; ?>
990			</select>
991			<span class="vexpl">
992	1c83021a	Carlos Eduardo Ramos	<?=gettext("bits"); ?>
993	fe787fc7	Matthew Grooms	</span>
994			</td>
995			</tr>
996	d799787e	Matthew Grooms	<tr id="psk">
997	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Shared Key"); ?></td>
998	3c11bd3c	Matthew Grooms	<td width="78%" class="vtable">
999			<?php if (!$pconfig['shared_key']): ?>
1000			<table border="0" cellpadding="2" cellspacing="0">
1001			<tr>
1002			<td>
1003			<?php set_checked($pconfig['autokey_enable'],$chk); ?>
1004			<input name="autokey_enable" type="checkbox" value="yes" <?=$chk;?> onClick="autokey_change()">
1005			</td>
1006			<td>
1007			<span class="vexpl">
1008	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Automatically generate a shared key"); ?>.
1009	3c11bd3c	Matthew Grooms	</span>
1010			</td>
1011			</tr>
1012			</table>
1013			<?php endif; ?>
1014			<table border="0" cellpadding="2" cellspacing="0" id='autokey_opts'>
1015			<tr>
1016			<td>
1017			<textarea name="shared_key" cols="65" rows="7" class="formpre"><?=htmlspecialchars($pconfig['shared_key']);?></textarea>
1018			<br/>
1019	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Paste your shared key here"); ?>.
1020	3c11bd3c	Matthew Grooms	</td>
1021			</tr>
1022			</table>
1023	d799787e	Matthew Grooms	</td>
1024			</tr>
1025			<tr>
1026	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Encryption algorithm"); ?></td>
1027	d799787e	Matthew Grooms	<td width="78%" class="vtable">
1028			<select name="crypto" class="formselect">
1029			<?php
1030			$cipherlist = openvpn_get_cipherlist();
1031			foreach ($cipherlist as $name => $desc):
1032			$selected = '';
1033			if ($name == $pconfig['crypto'])
1034			$selected = ' selected';
1035			?>
1036			<option value="<?=$name;?>"<?=$selected?>>
1037			<?=htmlspecialchars($desc);?>
1038			</option>
1039			<?php endforeach; ?>
1040	582c58ae	jim-p	</select>
1041			</td>
1042			</tr>
1043			<tr id="engine">
1044			<td width="22%" valign="top" class="vncellreq"><?=gettext("Hardware Crypto"); ?></td>
1045			<td width="78%" class="vtable">
1046			<select name="engine" class="formselect">
1047			<?php
1048			$engines = openvpn_get_engines();
1049			foreach ($engines as $name => $desc):
1050			$selected = '';
1051			if ($name == $pconfig['engine'])
1052			$selected = ' selected';
1053			?>
1054			<option value="<?=$name;?>"<?=$selected?>>
1055			<?=htmlspecialchars($desc);?>
1056			</option>
1057			<?php endforeach; ?>
1058	d799787e	Matthew Grooms	</select>
1059			</td>
1060			</tr>
1061	98963f27	jim-p	<tr id="cert_depth">
1062			<td width="22%" valign="top" class="vncell"><?=gettext("Certificate Depth"); ?></td>
1063			<td width="78%" class="vtable">
1064			<table border="0" cellpadding="2" cellspacing="0">
1065			<tr><td>
1066			<select name="cert_depth" class="formselect">
1067			<option value="">Do Not Check</option>
1068			<?php
1069			foreach ($openvpn_cert_depths as $depth => $depthdesc):
1070			$selected = '';
1071			if ($depth == $pconfig['cert_depth'])
1072			$selected = ' selected';
1073			?>
1074			<option value="<?= $depth ?>" <?= $selected ?>><?= $depthdesc ?></option>
1075			<?php endforeach; ?>
1076			</select>
1077			</td></tr>
1078			<tr><td>
1079			<span class="vexpl">
1080			<?=gettext("When a certificate-based client logs in, do not accept certificates below this depth. Useful for denying certificates made with intermediate CAs generated from the same CA as the server."); ?>
1081			</span>
1082			</td></tr>
1083			</table>
1084			</td>
1085			</tr>
1086	94823361	jim-p	<tr id="strictusercn">
1087			<td width="22%" valign="top" class="vncell"><?=gettext("Strict User/CN Matching"); ?></td>
1088			<td width="78%" class="vtable">
1089			<table border="0" cellpadding="2" cellspacing="0">
1090			<tr>
1091			<td>
1092			<?php set_checked($pconfig['strictusercn'],$chk); ?>
1093			<input name="strictusercn" type="checkbox" value="yes" <?=$chk;?>/>
1094			</td>
1095			<td>
1096			<span class="vexpl">
1097			<?=gettext("When authenticating users, enforce a match between the common name of the client certificate and the username given at login."); ?>
1098			</span>
1099			</td>
1100			</tr>
1101			</table>
1102			</td>
1103			</tr>
1104	d799787e	Matthew Grooms	<tr>
1105			<td colspan="2" class="list" height="12"></td>
1106			</tr>
1107			<tr>
1108	4d8b3382	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="listtopic"><?=gettext("Tunnel Settings"); ?></td>
1109	d799787e	Matthew Grooms	</tr>
1110	74a556a3	jim-p	<tr>
1111			<td width="22%" valign="top" class="vncellreq" id="ipv4_tunnel_network"><?=gettext("IPv4 Tunnel Network"); ?></td>
1112	d799787e	Matthew Grooms	<td width="78%" class="vtable">
1113			<input name="tunnel_network" type="text" class="formfld unknown" size="20" value="<?=htmlspecialchars($pconfig['tunnel_network']);?>">
1114			<br>
1115	b1ba04cf	Seth Mos	<?=gettext("This is the IPv4 virtual network used for private " .
1116	4d8b3382	Carlos Eduardo Ramos	"communications between this server and client " .
1117			"hosts expressed using CIDR (eg. 10.0.8.0/24). " .
1118			"The first network address will be assigned to " .
1119			"the server virtual interface. The remaining " .
1120			"network addresses can optionally be assigned " .
1121			"to connecting clients. (see Address Pool)"); ?>
1122	d799787e	Matthew Grooms	</td>
1123			</tr>
1124	74a556a3	jim-p	<tr>
1125			<td width="22%" valign="top" class="vncell"><?=gettext("IPv6 Tunnel Network"); ?></td>
1126	b1ba04cf	Seth Mos	<td width="78%" class="vtable">
1127			<input name="tunnel_networkv6" type="text" class="formfld unknown" size="20" value="<?=htmlspecialchars($pconfig['tunnel_networkv6']);?>">
1128			<br>
1129			<?=gettext("This is the IPv6 virtual network used for private " .
1130			"communications between this server and client " .
1131			"hosts expressed using CIDR (eg. fe80::/64). " .
1132			"The first network address will be assigned to " .
1133	4856df9b	jim-p	"the server virtual interface. The remaining " .
1134	b1ba04cf	Seth Mos	"network addresses can optionally be assigned " .
1135			"to connecting clients. (see Address Pool)"); ?>
1136			</td>
1137			</tr>
1138	1ab6bdb5	jim-p	<tr id="serverbridge_dhcp">
1139			<td width="22%" valign="top" class="vncell"><?=gettext("Bridge DHCP"); ?></td>
1140			<td width="78%" class="vtable">
1141			<table border="0" cellpadding="2" cellspacing="0">
1142			<tr>
1143			<td>
1144			<?php set_checked($pconfig['serverbridge_dhcp'],$chk); ?>
1145			<input name="serverbridge_dhcp" type="checkbox" value="yes" <?=$chk;?> onchange='tuntap_change()' />
1146			</td>
1147			<td>
1148			<span class="vexpl">
1149			<?=gettext("Allow clients on the bridge to obtain DHCP."); ?><br>
1150			</span>
1151			</td>
1152			</tr>
1153			</table>
1154			</td>
1155			</tr>
1156			<tr id="serverbridge_interface">
1157			<td width="22%" valign="top" class="vncell"><?=gettext("Bridge Interface"); ?></td>
1158			<td width="78%" class="vtable">
1159			<select name="serverbridge_interface" class="formselect">
1160			<?php
1161			$serverbridge_interface['none'] = "none";
1162			$serverbridge_interface = array_merge($serverbridge_interface, get_configured_interface_with_descr());
1163			$carplist = get_configured_carp_interface_list();
1164			foreach ($carplist as $cif => $carpip)
1165			$serverbridge_interface[$cif.'\|'.$carpip] = $carpip." (".get_vip_descr($carpip).")";
1166			$aliaslist = get_configured_ip_aliases_list();
1167			foreach ($aliaslist as $aliasip => $aliasif)
1168			$serverbridge_interface[$aliasif.'\|'.$aliasip] = $aliasip." (".get_vip_descr($aliasip).")";
1169			foreach ($serverbridge_interface as $iface => $ifacename):
1170			$selected = "";
1171			if ($iface == $pconfig['serverbridge_interface'])
1172			$selected = "selected";
1173			?>
1174			<option value="<?=$iface;?>" <?=$selected;?>>
1175			<?=htmlspecialchars($ifacename);?>
1176			</option>
1177			<?php endforeach; ?>
1178			</select> <br>
1179	8e932fb5	Phil Davis	<?=gettext("The interface to which this tap instance will be " .
1180	1ab6bdb5	jim-p	"bridged. This is not done automatically. You must assign this " .
1181			"interface and create the bridge separately. " .
1182			"This setting controls which existing IP address and subnet " .
1183			"mask are used by OpenVPN for the bridge. Setting this to " .
1184			"'none' will cause the Server Bridge DHCP settings below to be ignored."); ?>
1185			</td>
1186			</tr>
1187			<tr id="serverbridge_dhcp_start">
1188			<td width="22%" valign="top" class="vncell"><?=gettext("Server Bridge DHCP Start"); ?></td>
1189			<td width="78%" class="vtable">
1190			<input name="serverbridge_dhcp_start" type="text" class="formfld unknown" size="20" value="<?=htmlspecialchars($pconfig['serverbridge_dhcp_start']);?>">
1191			<br>
1192	8e932fb5	Phil Davis	<?=gettext("When using tap mode as a multi-point server, " .
1193	1ab6bdb5	jim-p	"you may optionally supply a DHCP range to use on the " .
1194			"interface to which this tap instance is bridged. " .
1195			"If these settings are left blank, DHCP will be passed " .
1196			"through to the LAN, and the interface setting above " .
1197			"will be ignored."); ?>
1198			</td>
1199			</tr>
1200			<tr id="serverbridge_dhcp_end">
1201	850ae59e	Irving Popovetsky	<td width="22%" valign="top" class="vncell"><?=gettext("Server Bridge DHCP End"); ?></td>
1202	1ab6bdb5	jim-p	<td width="78%" class="vtable">
1203			<input name="serverbridge_dhcp_end" type="text" class="formfld unknown" size="20" value="<?=htmlspecialchars($pconfig['serverbridge_dhcp_end']);?>">
1204			<br>
1205			</td>
1206			</tr>
1207	a2ff08f8	jim-p	<tr id="gwredir_opts">
1208	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Redirect Gateway"); ?></td>
1209	d799787e	Matthew Grooms	<td width="78%" class="vtable">
1210			<table border="0" cellpadding="2" cellspacing="0">
1211			<tr>
1212			<td>
1213			<?php set_checked($pconfig['gwredir'],$chk); ?>
1214			<input name="gwredir" type="checkbox" value="yes" <?=$chk;?> onClick="gwredir_change()"/>
1215			</td>
1216			<td>
1217			<span class="vexpl">
1218	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Force all client generated traffic through the tunnel"); ?>.
1219	d799787e	Matthew Grooms	</span>
1220			</td>
1221			</tr>
1222			</table>
1223			</td>
1224			</tr>
1225	4856df9b	jim-p	<tr id="local_optsv4">
1226	332f5781	Phil Davis	<td width="22%" valign="top" class="vncell"><?=gettext("IPv4 Local Network/s"); ?></td>
1227	d799787e	Matthew Grooms	<td width="78%" class="vtable">
1228	332f5781	Phil Davis	<input name="local_network" type="text" class="formfld unknown" size="40" value="<?=htmlspecialchars($pconfig['local_network']);?>">
1229	d799787e	Matthew Grooms	<br>
1230	332f5781	Phil Davis	<?=gettext("These are the IPv4 networks that will be accessible " .
1231			"from the remote endpoint. Expressed as a comma-separated list of one or more CIDR ranges. " .
1232			"You may leave this blank if you don't " .
1233	4d8b3382	Carlos Eduardo Ramos	"want to add a route to the local network " .
1234			"through this tunnel on the remote machine. " .
1235			"This is generally set to your LAN network"); ?>.
1236	d799787e	Matthew Grooms	</td>
1237			</tr>
1238	4856df9b	jim-p	<tr id="local_optsv6">
1239	332f5781	Phil Davis	<td width="22%" valign="top" class="vncell"><?=gettext("IPv6 Local Network/s"); ?></td>
1240	b1ba04cf	Seth Mos	<td width="78%" class="vtable">
1241	332f5781	Phil Davis	<input name="local_networkv6" type="text" class="formfld unknown" size="40" value="<?=htmlspecialchars($pconfig['local_networkv6']);?>">
1242	b1ba04cf	Seth Mos	<br>
1243	332f5781	Phil Davis	<?=gettext("These are the IPv6 networks that will be accessible " .
1244			"from the remote endpoint. Expressed as a comma-separated list of one or more IP/PREFIX. " .
1245			"You may leave this blank if you don't " .
1246	b1ba04cf	Seth Mos	"want to add a route to the local network " .
1247			"through this tunnel on the remote machine. " .
1248			"This is generally set to your LAN network"); ?>.
1249			</td>
1250			</tr>
1251	415bddea	jim-p	<tr id="remote_optsv4">
1252	332f5781	Phil Davis	<td width="22%" valign="top" class="vncell"><?=gettext("IPv4 Remote Network/s"); ?></td>
1253	3c11bd3c	Matthew Grooms	<td width="78%" class="vtable">
1254	332f5781	Phil Davis	<input name="remote_network" type="text" class="formfld unknown" size="40" value="<?=htmlspecialchars($pconfig['remote_network']);?>">
1255	3c11bd3c	Matthew Grooms	<br>
1256	332f5781	Phil Davis	<?=gettext("These are the IPv4 networks that will be routed through " .
1257	4d8b3382	Carlos Eduardo Ramos	"the tunnel, so that a site-to-site VPN can be " .
1258	332f5781	Phil Davis	"established without manually changing the routing tables. " .
1259			"Expressed as a comma-separated list of one or more CIDR ranges. " .
1260			"If this is a site-to-site VPN, enter the " .
1261			"remote LAN/s here. You may leave this blank if " .
1262	4d8b3382	Carlos Eduardo Ramos	"you don't want a site-to-site VPN"); ?>.
1263	3c11bd3c	Matthew Grooms	</td>
1264			</tr>
1265	415bddea	jim-p	<tr id="remote_optsv6">
1266	332f5781	Phil Davis	<td width="22%" valign="top" class="vncell"><?=gettext("IPv6 Remote Network/s"); ?></td>
1267	4856df9b	jim-p	<td width="78%" class="vtable">
1268	332f5781	Phil Davis	<input name="remote_networkv6" type="text" class="formfld unknown" size="40" value="<?=htmlspecialchars($pconfig['remote_networkv6']);?>">
1269	4856df9b	jim-p	<br>
1270	332f5781	Phil Davis	<?=gettext("These are the IPv6 networks that will be routed through " .
1271	4856df9b	jim-p	"the tunnel, so that a site-to-site VPN can be " .
1272	332f5781	Phil Davis	"established without manually changing the routing tables. " .
1273			"Expressed as a comma-separated list of one or more IP/PREFIX. " .
1274			"If this is a site-to-site VPN, enter the " .
1275			"remote LAN/s here. You may leave this blank if " .
1276	4856df9b	jim-p	"you don't want a site-to-site VPN"); ?>.
1277			</td>
1278			</tr>
1279	d799787e	Matthew Grooms	<tr>
1280			<td width="22%" valign="top" class="vncell"><?=gettext("Concurrent connections");?></td>
1281			<td width="78%" class="vtable">
1282			<input name="maxclients" type="text" class="formfld unknown" size="5" value="<?=htmlspecialchars($pconfig['maxclients']);?>"/>
1283			<br/>
1284	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Specify the maximum number of clients allowed to concurrently connect to this server"); ?>.
1285	d799787e	Matthew Grooms	</td>
1286			</tr>
1287			<tr>
1288	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Compression"); ?></td>
1289	d799787e	Matthew Grooms	<td width="78%" class="vtable">
1290			<table border="0" cellpadding="2" cellspacing="0">
1291			<tr>
1292			<td>
1293			<?php set_checked($pconfig['compression'],$chk); ?>
1294			<input name="compression" type="checkbox" value="yes" <?=$chk;?>>
1295			</td>
1296			<td>
1297			<span class="vexpl">
1298	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Compress tunnel packets using the LZO algorithm"); ?>.
1299	d799787e	Matthew Grooms	</span>
1300			</td>
1301			</tr>
1302			</table>
1303			</td>
1304			</tr>
1305			<tr>
1306	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Type-of-Service"); ?></td>
1307	d799787e	Matthew Grooms	<td width="78%" class="vtable">
1308			<table border="0" cellpadding="2" cellspacing="0">
1309			<tr>
1310			<td>
1311	1cb0b40a	Matthew Grooms	<?php set_checked($pconfig['passtos'],$chk); ?>
1312			<input name="passtos" type="checkbox" value="yes" <?=$chk;?>>
1313	d799787e	Matthew Grooms	</td>
1314			<td>
1315			<span class="vexpl">
1316	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Set the TOS IP header value of tunnel packets to match the encapsulated packet value"); ?>.
1317	d799787e	Matthew Grooms	</span>
1318			</td>
1319			</tr>
1320			</table>
1321			</td>
1322			</tr>
1323	107794cc	jim-p	<tr id="inter_client_communication">
1324	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Inter-client communication"); ?></td>
1325	d799787e	Matthew Grooms	<td width="78%" class="vtable">
1326			<table border="0" cellpadding="2" cellspacing="0">
1327			<tr>
1328			<td>
1329			<?php set_checked($pconfig['client2client'],$chk); ?>
1330			<input name="client2client" type="checkbox" value="yes" <?=$chk;?>/>
1331			</td>
1332			<td>
1333			<span class="vexpl">
1334	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Allow communication between clients connected to this server"); ?>
1335	d799787e	Matthew Grooms	</span>
1336			</td>
1337			</tr>
1338			</table>
1339			</td>
1340			</tr>
1341	bca35cff	jim-p	<tr id="duplicate_cn">
1342			<td width="22%" valign="top" class="vncell"><?=gettext("Duplicate Connections"); ?></td>
1343			<td width="78%" class="vtable">
1344			<table border="0" cellpadding="2" cellspacing="0">
1345			<tr>
1346			<td>
1347			<?php set_checked($pconfig['duplicate_cn'],$chk); ?>
1348			<input name="duplicate_cn" type="checkbox" value="yes" <?=$chk;?>/>
1349			</td>
1350			<td>
1351			<span class="vexpl">
1352			<?=gettext("Allow multiple concurrent connections from clients using the same Common Name.<br/>NOTE: This is not generally recommended, but may be needed for some scenarios."); ?>
1353			</span>
1354			</td>
1355			</tr>
1356			</table>
1357			</td>
1358			</tr>
1359	3c11bd3c	Matthew Grooms	</table>
1360
1361			<table width="100%" border="0" cellpadding="6" cellspacing="0" id="client_opts">
1362	d799787e	Matthew Grooms	<tr>
1363			<td colspan="2" class="list" height="12"></td>
1364			</tr>
1365			<tr>
1366	4d8b3382	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="listtopic"><?=gettext("Client Settings"); ?></td>
1367	d799787e	Matthew Grooms	</tr>
1368	65ff8497	jim-p	<tr>
1369	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Dynamic IP"); ?></td>
1370	65ff8497	jim-p	<td width="78%" class="vtable">
1371			<table border="0" cellpadding="2" cellspacing="0">
1372			<tr>
1373			<td>
1374			<?php set_checked($pconfig['dynamic_ip'],$chk); ?>
1375	b3cf36d7	Erik Fonnesbeck	<input name="dynamic_ip" type="checkbox" id="dynamic_ip" value="yes" <?=$chk;?>/>
1376	65ff8497	jim-p	</td>
1377			<td>
1378			<span class="vexpl">
1379	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Allow connected clients to retain their connections if their IP address changes"); ?>.<br>
1380	65ff8497	jim-p	</span>
1381			</td>
1382			</tr>
1383			</table>
1384			</td>
1385			</tr>
1386	d799787e	Matthew Grooms	<tr>
1387	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Address Pool"); ?></td>
1388	d799787e	Matthew Grooms	<td width="78%" class="vtable">
1389			<table border="0" cellpadding="2" cellspacing="0">
1390			<tr>
1391			<td>
1392			<?php set_checked($pconfig['pool_enable'],$chk); ?>
1393	b3cf36d7	Erik Fonnesbeck	<input name="pool_enable" type="checkbox" id="pool_enable" value="yes" <?=$chk;?>/>
1394	d799787e	Matthew Grooms	</td>
1395			<td>
1396			<span class="vexpl">
1397	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Provide a virtual adapter IP address to clients (see Tunnel Network)"); ?><br>
1398	d799787e	Matthew Grooms	</span>
1399			</td>
1400			</tr>
1401			</table>
1402			</td>
1403			</tr>
1404	ee55ce7d	jim-p	<tr id="topology_subnet_opt">
1405			<td width="22%" valign="top" class="vncell"><?=gettext("Topology"); ?></td>
1406			<td width="78%" class="vtable">
1407			<table border="0" cellpadding="2" cellspacing="0">
1408			<tr>
1409			<td>
1410			<?php set_checked($pconfig['topology_subnet'],$chk); ?>
1411			<input name="topology_subnet" type="checkbox" id="topology_subnet" value="yes" <?=$chk;?>/>
1412			</td>
1413			<td>
1414			<span class="vexpl">
1415			<?=gettext("Allocate only one IP per client (topology subnet), rather than an isolated subnet per client (topology net30)."); ?><br/>
1416			</span>
1417			</td>
1418			</tr>
1419			<tr>
1420			<td> </td>
1421			<td>
1422			<?=gettext("Relevant when supplying a virtual adapter IP address to clients when using tun mode on IPv4."); ?><br/>
1423	f2bd8842	jim-p	<?=gettext("Some clients may require this even for IPv6, such as OpenVPN Connect (iOS/Android). Others may break if it is present, such as older versions of OpenVPN or clients such as Yealink phones."); ?><br>
1424	ee55ce7d	jim-p	</td>
1425			</tr>
1426			</table>
1427			</td>
1428			</tr>
1429	d799787e	Matthew Grooms	<tr>
1430	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("DNS Default Domain"); ?></td>
1431	d799787e	Matthew Grooms	<td width="78%" class="vtable">
1432			<table border="0" cellpadding="2" cellspacing="0">
1433			<tr>
1434			<td>
1435			<?php set_checked($pconfig['dns_domain_enable'],$chk); ?>
1436			<input name="dns_domain_enable" type="checkbox" id="dns_domain_enable" value="yes" <?=$chk;?> onClick="dns_domain_change()">
1437			</td>
1438			<td>
1439			<span class="vexpl">
1440	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Provide a default domain name to clients"); ?><br>
1441	d799787e	Matthew Grooms	</span>
1442			</td>
1443			</tr>
1444			</table>
1445			<table border="0" cellpadding="2" cellspacing="0" id="dns_domain_data">
1446			<tr>
1447			<td>
1448			<input name="dns_domain" type="text" class="formfld unknown" id="dns_domain" size="30" value="<?=htmlspecialchars($pconfig['dns_domain']);?>">
1449			</td>
1450			</tr>
1451			</table>
1452			</td>
1453			</tr>
1454			<tr>
1455	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("DNS Servers"); ?></td>
1456	d799787e	Matthew Grooms	<td width="78%" class="vtable">
1457			<table border="0" cellpadding="2" cellspacing="0">
1458			<tr>
1459			<td>
1460			<?php set_checked($pconfig['dns_server_enable'],$chk); ?>
1461			<input name="dns_server_enable" type="checkbox" id="dns_server_enable" value="yes" <?=$chk;?> onClick="dns_server_change()">
1462			</td>
1463			<td>
1464			<span class="vexpl">
1465	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Provide a DNS server list to clients"); ?><br>
1466	d799787e	Matthew Grooms	</span>
1467			</td>
1468			</tr>
1469			</table>
1470			<table border="0" cellpadding="2" cellspacing="0" id="dns_server_data">
1471			<tr>
1472			<td>
1473			<span class="vexpl">
1474	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Server"); ?> #1:
1475	d799787e	Matthew Grooms	</span>
1476	dd5bf424	Scott Ullrich	<input name="dns_server1" type="text" class="formfld unknown" id="dns_server1" size="20" value="<?=htmlspecialchars($pconfig['dns_server1']);?>">
1477	d799787e	Matthew Grooms	</td>
1478			</tr>
1479			<tr>
1480			<td>
1481			<span class="vexpl">
1482	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Server"); ?> #2:
1483	d799787e	Matthew Grooms	</span>
1484	dd5bf424	Scott Ullrich	<input name="dns_server2" type="text" class="formfld unknown" id="dns_server2" size="20" value="<?=htmlspecialchars($pconfig['dns_server2']);?>">
1485	d799787e	Matthew Grooms	</td>
1486			</tr>
1487			<tr>
1488			<td>
1489			<span class="vexpl">
1490	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Server"); ?> #3:
1491	d799787e	Matthew Grooms	</span>
1492	dd5bf424	Scott Ullrich	<input name="dns_server3" type="text" class="formfld unknown" id="dns_server3" size="20" value="<?=htmlspecialchars($pconfig['dns_server3']);?>">
1493	d799787e	Matthew Grooms	</td>
1494			</tr>
1495			<tr>
1496			<td>
1497			<span class="vexpl">
1498	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Server"); ?> #4:
1499	d799787e	Matthew Grooms	</span>
1500	dd5bf424	Scott Ullrich	<input name="dns_server4" type="text" class="formfld unknown" id="dns_server4" size="20" value="<?=htmlspecialchars($pconfig['dns_server4']);?>">
1501	d799787e	Matthew Grooms	</td>
1502			</tr>
1503			</table>
1504			</td>
1505			</tr>
1506			<tr>
1507	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("NTP Servers"); ?></td>
1508	d799787e	Matthew Grooms	<td width="78%" class="vtable">
1509			<table border="0" cellpadding="2" cellspacing="0">
1510			<tr>
1511			<td>
1512			<?php set_checked($pconfig['ntp_server_enable'],$chk); ?>
1513			<input name="ntp_server_enable" type="checkbox" id="ntp_server_enable" value="yes" <?=$chk;?> onClick="ntp_server_change()">
1514			</td>
1515			<td>
1516			<span class="vexpl">
1517	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Provide a NTP server list to clients"); ?><br>
1518	d799787e	Matthew Grooms	</span>
1519			</td>
1520			</tr>
1521			</table>
1522			<table border="0" cellpadding="2" cellspacing="0" id="ntp_server_data">
1523			<tr>
1524			<td>
1525			<span class="vexpl">
1526	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Server"); ?> #1:
1527	d799787e	Matthew Grooms	</span>
1528	dd5bf424	Scott Ullrich	<input name="ntp_server1" type="text" class="formfld unknown" id="ntp_server1" size="20" value="<?=htmlspecialchars($pconfig['ntp_server1']);?>">
1529	d799787e	Matthew Grooms	</td>
1530			</tr>
1531			<tr>
1532			<td>
1533			<span class="vexpl">
1534	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Server"); ?> #2:
1535	d799787e	Matthew Grooms	</span>
1536	dd5bf424	Scott Ullrich	<input name="ntp_server2" type="text" class="formfld unknown" id="ntp_server2" size="20" value="<?=htmlspecialchars($pconfig['ntp_server2']);?>">
1537	d799787e	Matthew Grooms	</td>
1538			</tr>
1539			</table>
1540			</td>
1541			</tr>
1542			<tr>
1543	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("NetBIOS Options"); ?></td>
1544	d799787e	Matthew Grooms	<td width="78%" class="vtable">
1545			<table border="0" cellpadding="2" cellspacing="0">
1546			<tr>
1547			<td>
1548			<?php set_checked($pconfig['netbios_enable'],$chk); ?>
1549			<input name="netbios_enable" type="checkbox" id="netbios_enable" value="yes" <?=$chk;?> onClick="netbios_change()">
1550			</td>
1551			<td>
1552			<span class="vexpl">
1553	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Enable NetBIOS over TCP/IP"); ?><br>
1554	d799787e	Matthew Grooms	</span>
1555			</td>
1556			</tr>
1557			</table>
1558	4d8b3382	Carlos Eduardo Ramos	<?=gettext("If this option is not set, all NetBIOS-over-TCP/IP options (including WINS) will be disabled"); ?>.
1559	d799787e	Matthew Grooms	<br/>
1560			<table border="0" cellpadding="2" cellspacing="0" id="netbios_data">
1561			<tr>
1562			<td>
1563			<br/>
1564			<span class="vexpl">
1565	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Node Type"); ?>:
1566	d799787e	Matthew Grooms	</span>
1567			<select name='netbios_ntype' class="formselect">
1568			<?php
1569			foreach ($netbios_nodetypes as $type => $name):
1570			$selected = "";
1571			if ($pconfig['netbios_ntype'] == $type)
1572			$selected = "selected";
1573			?>
1574			<option value="<?=$type;?>" <?=$selected;?>><?=$name;?></option>
1575			<?php endforeach; ?>
1576			</select>
1577			<br/>
1578	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Possible options: b-node (broadcasts), p-node " .
1579			"(point-to-point name queries to a WINS server), " .
1580			"m-node (broadcast then query name server), and " .
1581			"h-node (query name server, then broadcast)"); ?>.
1582	d799787e	Matthew Grooms	</td>
1583			</tr>
1584			<tr>
1585			<td>
1586			<br/>
1587			<span class="vexpl">
1588	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Scope ID"); ?>:
1589	d799787e	Matthew Grooms	</span>
1590			<input name="netbios_scope" type="text" class="formfld unknown" id="netbios_scope" size="30" value="<?=htmlspecialchars($pconfig['netbios_scope']);?>">
1591			<br/>
1592	4d8b3382	Carlos Eduardo Ramos	<?=gettext("A NetBIOS Scope ID provides an extended naming " .
1593			"service for NetBIOS over TCP/IP. The NetBIOS " .
1594			"scope ID isolates NetBIOS traffic on a single " .
1595			"network to only those nodes with the same " .
1596			"NetBIOS scope ID"); ?>.
1597	d799787e	Matthew Grooms	</td>
1598			</tr>
1599			</table>
1600			</td>
1601			</tr>
1602			<tr id="wins_opts">
1603	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("WINS Servers"); ?></td>
1604	d799787e	Matthew Grooms	<td width="78%" class="vtable">
1605			<table border="0" cellpadding="2" cellspacing="0">
1606			<tr>
1607			<td>
1608			<?php set_checked($pconfig['wins_server_enable'],$chk); ?>
1609			<input name="wins_server_enable" type="checkbox" id="wins_server_enable" value="yes" <?=$chk;?> onClick="wins_server_change()">
1610			</td>
1611			<td>
1612			<span class="vexpl">
1613	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Provide a WINS server list to clients"); ?><br>
1614	d799787e	Matthew Grooms	</span>
1615			</td>
1616			</tr>
1617			</table>
1618			<table border="0" cellpadding="2" cellspacing="0" id="wins_server_data">
1619			<tr>
1620			<td>
1621			<span class="vexpl">
1622	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Server"); ?> #1:
1623	d799787e	Matthew Grooms	</span>
1624	dd5bf424	Scott Ullrich	<input name="wins_server1" type="text" class="formfld unknown" id="wins_server1" size="20" value="<?=htmlspecialchars($pconfig['wins_server1']);?>">
1625	d799787e	Matthew Grooms	</td>
1626			</tr>
1627			<tr>
1628			<td>
1629			<span class="vexpl">
1630	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Server"); ?> #2:
1631	d799787e	Matthew Grooms	</span>
1632	dd5bf424	Scott Ullrich	<input name="wins_server2" type="text" class="formfld unknown" id="wins_server2" size="20" value="<?=htmlspecialchars($pconfig['wins_server2']);?>">
1633	d799787e	Matthew Grooms	</td>
1634			</tr>
1635			</table>
1636			</td>
1637			</tr>
1638	3c11bd3c	Matthew Grooms	</table>
1639
1640	2f4f30ee	Scott Ullrich	<table width="100%" border="0" cellpadding="6" cellspacing="0" id="client_opts">
1641			<tr>
1642			<td colspan="2" class="list" height="12"></td>
1643			</tr>
1644			<tr>
1645	4d8b3382	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="listtopic"><?=gettext("Advanced configuration"); ?></td>
1646	2f4f30ee	Scott Ullrich	</tr>
1647			<tr>
1648	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Advanced"); ?></td>
1649	2f4f30ee	Scott Ullrich	<td width="78%" class="vtable">
1650			<table border="0" cellpadding="2" cellspacing="0">
1651			<tr>
1652			<td>
1653	dd5bf424	Scott Ullrich	<textarea rows="6" cols="78" name="custom_options" id="custom_options"><?=htmlspecialchars($pconfig['custom_options']);?></textarea><br/>
1654	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Enter any additional options you would like to add to the OpenVPN server configuration here, separated by a semicolon"); ?><br/>
1655			<?=gettext("EXAMPLE: push \"route 10.0.0.0 255.255.255.0\""); ?>;
1656	2f4f30ee	Scott Ullrich	</td>
1657			</tr>
1658			</table>
1659			</td>
1660			</tr>
1661			</table>
1662
1663	f68fc963	Scott Ullrich	<br/>
1664	4856df9b	jim-p	<table width="100%" border="0" cellpadding="6" cellspacing="0">
1665	d799787e	Matthew Grooms	<tr>
1666			<td width="22%" valign="top"> </td>
1667			<td width="78%">
1668	4d8b3382	Carlos Eduardo Ramos	<input name="save" type="submit" class="formbtn" value="<?=gettext("Save"); ?>">
1669	d799787e	Matthew Grooms	<input name="act" type="hidden" value="<?=$act;?>">
1670			<?php if (isset($id) && $a_server[$id]): ?>
1671			<input name="id" type="hidden" value="<?=$id;?>">
1672			<?php endif; ?>
1673			</td>
1674			</tr>
1675			</table>
1676			</form>
1677
1678			<?php else: ?>
1679
1680	7128ed17	Scott Ullrich	<table class="sortable" width="100%" border="0" cellpadding="0" cellspacing="0">
1681	80fa045a	jim-p	<thead>
1682	d799787e	Matthew Grooms	<tr>
1683	4d8b3382	Carlos Eduardo Ramos	<td width="10%" class="listhdrr"><?=gettext("Disabled"); ?></td>
1684			<td width="10%" class="listhdrr"><?=gettext("Protocol / Port"); ?></td>
1685			<td width="30%" class="listhdrr"><?=gettext("Tunnel Network"); ?></td>
1686			<td width="40%" class="listhdrr"><?=gettext("Description"); ?></td>
1687	d799787e	Matthew Grooms	<td width="10%" class="list"></td>
1688			</tr>
1689	80fa045a	jim-p	</thead>
1690			<tbody>
1691	d799787e	Matthew Grooms	<?php
1692			$i = 0;
1693			foreach($a_server as $server):
1694			$disabled = "NO";
1695	870318b9	Ermal Lu?i	if (isset($server['disable']))
1696	d799787e	Matthew Grooms	$disabled = "YES";
1697			?>
1698			<tr>
1699	d3d9b0ee	Scott Ullrich	<td class="listlr" ondblclick="document.location='vpn_openvpn_server.php?act=edit&id=<?=$i;?>'">
1700	d799787e	Matthew Grooms	<?=$disabled;?>
1701			</td>
1702	d3d9b0ee	Scott Ullrich	<td class="listr" ondblclick="document.location='vpn_openvpn_server.php?act=edit&id=<?=$i;?>'">
1703	43cea754	Chris Buechler	<?=htmlspecialchars($server['protocol']);?> / <?=htmlspecialchars($server['local_port']);?>
1704	d799787e	Matthew Grooms	</td>
1705	d3d9b0ee	Scott Ullrich	<td class="listr" ondblclick="document.location='vpn_openvpn_server.php?act=edit&id=<?=$i;?>'">
1706	b1ba04cf	Seth Mos	<?=htmlspecialchars($server['tunnel_network']);?><br/>
1707			<?=htmlspecialchars($server['tunnel_networkv6']);?><br/>
1708	d799787e	Matthew Grooms	</td>
1709	d3d9b0ee	Scott Ullrich	<td class="listbg" ondblclick="document.location='vpn_openvpn_server.php?act=edit&id=<?=$i;?>'">
1710	d799787e	Matthew Grooms	<?=htmlspecialchars($server['description']);?>
1711			</td>
1712			<td valign="middle" nowrap class="list">
1713			<a href="vpn_openvpn_server.php?act=edit&id=<?=$i;?>">
1714	4d8b3382	Carlos Eduardo Ramos	<img src="./themes/<?=$g['theme'];?>/images/icons/icon_e.gif" title="<?=gettext("edit server"); ?>" width="17" height="17" border="0">
1715	d799787e	Matthew Grooms	</a>
1716
1717	4d8b3382	Carlos Eduardo Ramos	<a href="vpn_openvpn_server.php?act=del&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this server?"); ?>')">
1718			<img src="/themes/<?=$g['theme'];?>/images/icons/icon_x.gif" title="<?=gettext("delete server"); ?>" width="17" height="17" border="0">
1719	d799787e	Matthew Grooms	</a>
1720			</td>
1721			</tr>
1722			<?php
1723			$i++;
1724			endforeach;
1725			?>
1726	80fa045a	jim-p	</tbody>
1727			<tfoot>
1728	d799787e	Matthew Grooms	<tr>
1729			<td class="list" colspan="4"></td>
1730			<td class="list">
1731	4d8b3382	Carlos Eduardo Ramos	<a href="vpn_openvpn_server.php?act=new"><img src="./themes/<?=$g['theme'];?>/images/icons/icon_plus.gif" title="<?=gettext("add server"); ?>" width="17" height="17" border="0">
1732	d799787e	Matthew Grooms	</a>
1733			</td>
1734			</tr>
1735	80fa045a	jim-p	</tfoot>
1736	d799787e	Matthew Grooms	</table>
1737
1738	7128ed17	Scott Ullrich	<?=gettext("Additional OpenVPN servers can be added here.");?>
1739
1740	ee9933b6	Renato Botelho	<?php endif; ?>
1741	d799787e	Matthew Grooms
1742			</td>
1743			</tr>
1744			</table>
1745			<script language="JavaScript">
1746			<!--
1747	3c11bd3c	Matthew Grooms	mode_change();
1748			autokey_change();
1749			tlsauth_change();
1750	d799787e	Matthew Grooms	gwredir_change();
1751			dns_domain_change();
1752			dns_server_change();
1753			wins_server_change();
1754			ntp_server_change();
1755			netbios_change();
1756	1ab6bdb5	jim-p	tuntap_change();
1757	d799787e	Matthew Grooms	//-->
1758			</script>
1759			</body>
1760			<?php include("fend.inc"); ?>
1761
1762			<?php
1763
1764			/* local utility functions */
1765
1766			function set_checked($var,& $chk) {
1767			if($var)
1768			$chk = 'checked';
1769			else
1770			$chk = '';
1771			}
1772
1773	52971880	Vinicius Coque	?>

Project

General

Profile

pfSense