/src/usr/local/www/status_openvpn.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/src/usr/local/www/status_openvpn.php @ 77e16886

1	0927fb8c	jim-p	<?php
2	63084885	Matthew Grooms	/*
3	c5d81585	Renato Botelho	* status_openvpn.php
4			*
5			* part of pfSense (https://www.pfsense.org)
6	38809d47	Renato Botelho do Couto	* Copyright (c) 2004-2013 BSD Perimeter
7			* Copyright (c) 2013-2016 Electric Sheep Fencing
8	402c98a2	Reid Linnemann	* Copyright (c) 2014-2023 Rubicon Communications, LLC (Netgate)
9	c5d81585	Renato Botelho	* Copyright (c) 2008 Shrew Soft Inc.
10			* All rights reserved.
11			*
12	b12ea3fb	Renato Botelho	* Licensed under the Apache License, Version 2.0 (the "License");
13			* you may not use this file except in compliance with the License.
14			* You may obtain a copy of the License at
15	c5d81585	Renato Botelho	*
16	b12ea3fb	Renato Botelho	* http://www.apache.org/licenses/LICENSE-2.0
17	c5d81585	Renato Botelho	*
18	b12ea3fb	Renato Botelho	* Unless required by applicable law or agreed to in writing, software
19			* distributed under the License is distributed on an "AS IS" BASIS,
20			* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
21			* See the License for the specific language governing permissions and
22			* limitations under the License.
23	b9043cdc	Stephen Beaver	*/
24	63084885	Matthew Grooms
25			##\|+PRIV
26			##\|*IDENT=page-status-openvpn
27	5230f468	jim-p	##\|*NAME=Status: OpenVPN
28	63084885	Matthew Grooms	##\|*DESCR=Allow access to the 'Status: OpenVPN' page.
29			##\|MATCH=status_openvpn.php
30			##\|-PRIV
31
32	e9d35ff5	Carlos Eduardo Ramos	$pgtitle = array(gettext("Status"), gettext("OpenVPN"));
33	7d7b5a48	jim-p	$shortcut_section = "openvpn";
34
35	c81ef6e2	Phil Davis	require_once("guiconfig.inc");
36	53663f57	jim-p	require_once("openvpn.inc");
37	2eaa97b9	jim-p	require_once("shortcuts.inc");
38	c92ccc70	Renato Botelho	require_once("service-utils.inc");
39	63084885	Matthew Grooms
40	0927fb8c	jim-p	/* Handle AJAX */
41	0de394c9	jim-p	if ($_POST['action']) {
42			if ($_POST['action'] == "kill") {
43			$port = $_POST['port'];
44			$remipp = $_POST['remipp'];
45			$client_id = $_POST['client_id'];
46	0927fb8c	jim-p	if (!empty($port) and !empty($remipp)) {
47	08ef78ac	Viktor G	$retval = openvpn_kill_client($port, $remipp, $client_id);
48	0927fb8c	jim-p	echo htmlentities("\|{$port}\|{$remipp}\|{$retval}\|");
49			} else {
50	e9d35ff5	Carlos Eduardo Ramos	echo gettext("invalid input");
51	0927fb8c	jim-p	}
52			exit;
53			}
54			}
55	61eb637d	Viktor G	if ($_POST['action']) {
56			if (($_POST['action'] == "showrule") && is_numeric($_POST['vpnid']) &&
57			!preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['username']) && is_port($_POST['port'])) {
58			$rulesfile = "{$g['tmp_path']}/ovpn_ovpns{$_POST['vpnid']}_{$_POST['username']}_{$_POST['port']}.rules";
59			if (file_exists($rulesfile)) {
60			$rule_text = base64_encode(file_get_contents($rulesfile));
61			echo $rule_text;
62			}
63			exit;
64			}
65			}
66	0927fb8c	jim-p
67	53663f57	jim-p	$servers = openvpn_get_active_servers();
68	453d9c96	jim-p	$sk_servers = openvpn_get_active_servers("p2p");
69	53663f57	jim-p	$clients = openvpn_get_active_clients();
70	63084885	Matthew Grooms
71	0927fb8c	jim-p	include("head.inc"); ?>
72
73			<form action="status_openvpn.php" method="get" name="iform">
74			<script type="text/javascript">
75	4d33138f	Colin Fleming	//<![CDATA[
76	08ef78ac	Viktor G	function killClient(mport, remipp, client_id) {
77	b9144088	jim-p	var busy = function(index,icon) {
78	3f98044a	Francisco Cavalcante	$(icon).bind("onclick","");
79			$(icon).attr('src',$(icon).attr('src').replace("\.gif", "_d.gif"));
80			$(icon).css("cursor","wait");
81	0927fb8c	jim-p	}
82
83	3f98044a	Francisco Cavalcante	$('img[name="i:' + mport + ":" + remipp + '"]').each(busy);
84	0927fb8c	jim-p
85	3f98044a	Francisco Cavalcante	$.ajax(
86	0de394c9	jim-p	"<?=$_SERVER['SCRIPT_NAME'];?>",
87			{
88			type: "post",
89			data: {
90			action: "kill",
91			port: mport,
92			remipp: remipp,
93			client_id: client_id
94			},
95			complete: killComplete
96			}
97	0927fb8c	jim-p	);
98			}
99
100			function killComplete(req) {
101			var values = req.responseText.split("\|");
102	abe98adb	Phil Davis	if (values[3] != "0") {
103	016260fe	Steve Beaver	// alert('<?=gettext("An error occurred.");?>' + ' (' + values[3] + ')');
104	0927fb8c	jim-p	return;
105			}
106
107	5a5a11cd	bruno	$('tr[id="r:' + values[1] + ":" + values[2] + '"]').each(
108	3f98044a	Francisco Cavalcante	function(index,row) { $(row).fadeOut(1000); }
109	0927fb8c	jim-p	);
110			}
111	61eb637d	Viktor G
112			function showRuleContents(vpnid, username, port) {
113			$('#rulesviewer_text').text("...Loading...");
114			$('#rulesviewer').modal('show');
115
116			$.ajax(
117			"<?=$_SERVER['SCRIPT_NAME'];?>",
118			{
119			type: 'post',
120			data: {
121			vpnid: vpnid,
122			username: username,
123			port: port,
124			action: 'showrule'
125			},
126			complete: ruleComplete
127			}
128			);
129			}
130
131			function ruleComplete(req) {
132			$('#rulesviewer_text').text(atob(req.responseText));
133			$('#rulesviewer_text').attr('readonly', true);
134			}
135
136	4d33138f	Colin Fleming	//]]>
137	0927fb8c	jim-p	</script>
138	c64a0911	Hari
139	42b0c921	Phil Davis	<?php
140			$i = 0;
141			foreach ($servers as $server):
142			?>
143	0927fb8c	jim-p
144	c64a0911	Hari	<div class="panel panel-default">
145	f2c2a2b4	jim-p	<div class="panel-heading"><h2 class="panel-title">ovpns<?= $server['vpnid'] ?>: <?=htmlspecialchars($server['name']);?> / <?=gettext('Client Connections') . ": " . ($server['conns'][0]['common_name'] != '[error]' ? sizeof($server['conns']) : '0');?></h2></div>
146	c64a0911	Hari	<div class="panel-body table-responsive">
147	10fe1eb5	Stephen Beaver	<table class="table table-striped table-hover table-condensed sortable-theme-bootstrap" data-sortable>
148	c64a0911	Hari	<thead>
149			<tr>
150			<th><?=gettext("Common Name")?></th>
151			<th><?=gettext("Real Address")?></th>
152	cbfd0754	jim-p	<th><?=gettext("Virtual Address"); ?></th>
153	f2c2a2b4	jim-p	<th><?=gettext("Last Change"); ?></th>
154	f467ea24	jim-p	<th><?=gettext("Bytes Sent")?></th>
155			<th><?=gettext("Bytes Received")?></th>
156	f5736d98	Viktor G	<th><?=gettext("Cipher")?></th>
157	08ef78ac	Viktor G	<th><?=gettext("Actions")?></th>
158	c64a0911	Hari	</tr>
159			</thead>
160			<tbody>
161	919d91f9	Phil Davis
162	9f605c1c	Hari	<?php
163			foreach ($server['conns'] as $conn):
164	61eb637d	Viktor G	$remote_port = substr($conn['remote_host'], strpos($conn['remote_host'], ':') + 1);
165			$rulesfile = "{$g['tmp_path']}/ovpn_ovpns{$server['vpnid']}_{$conn['user_name']}_{$remote_port}.rules";
166	9f605c1c	Hari	?>
167	c64a0911	Hari	<tr id="<?php echo "r:{$server['mgmt']}:{$conn['remote_host']}"; ?>">
168	cbfd0754	jim-p	<td>
169			<?=$conn['common_name'];?>
170			<?php if (!empty($conn['common_name']) && !empty($conn['user_name']) && ($conn['user_name'] != "UNDEF")): ?>
171			<br />
172			<?php endif; ?>
173			<?php if (!empty($conn['user_name']) && ($conn['user_name'] != "UNDEF")): ?>
174			<?=$conn['user_name'];?>
175			<?php endif; ?>
176			</td>
177	c64a0911	Hari	<td><?=$conn['remote_host'];?></td>
178	cbfd0754	jim-p	<td>
179			<?=$conn['virtual_addr'];?>
180			<?php if (!empty($conn['virtual_addr']) && !empty($conn['virtual_addr6'])): ?>
181			<br />
182			<?php endif; ?>
183			<?=$conn['virtual_addr6'];?>
184			</td>
185	c64a0911	Hari	<td><?=$conn['connect_time'];?></td>
186	f467ea24	jim-p	<td data-value="<?=trim($conn['bytes_sent'])?>"><?=format_bytes($conn['bytes_sent']);?></td>
187			<td data-value="<?=trim($conn['bytes_recv'])?>"><?=format_bytes($conn['bytes_recv']);?></td>
188	f5736d98	Viktor G	<td data-value="<?=trim($conn['cipher'])?>"><?=$conn['cipher'];?></td>
189	c64a0911	Hari	<td>
190	61eb637d	Viktor G
191			<?php if (file_exists($rulesfile)): ?>
192			<a
193			onclick="showRuleContents('<?=$server['vpnid'];?>', '<?=$conn['user_name'];?>', '<?=$remote_port;?>');" style="cursor:pointer;"
194			title="<?php echo gettext("Show RADIUS ACL generated ruleset"); ?>">
195			<i class="fa fa-info"></i>
196			</a>
197			<?php endif; ?>
198	9f605c1c	Hari	<a
199	08ef78ac	Viktor G	onclick="killClient('<?=$server['mgmt'];?>', '<?=$conn['remote_host'];?>', '');" style="cursor:pointer;"
200	c64a0911	Hari	id="<?php echo "i:{$server['mgmt']}:{$conn['remote_host']}"; ?>"
201	98128ad6	Phil Davis	title="<?php echo sprintf(gettext("Kill client connection from %s"), $conn['remote_host']); ?>">
202	1b7379f9	Jared Dillard	<i class="fa fa-times"></i>
203	08ef78ac	Viktor G	</a>
204			<a
205			onclick="killClient('<?=$server['mgmt'];?>', '<?=$conn['remote_host'];?>', '<?=$conn['client_id'];?>');" style="cursor:pointer;"
206			id="<?php echo "i:{$server['mgmt']}:{$conn['remote_host']}"; ?>"
207			title="<?php echo sprintf(gettext("Halt client connection from %s"), $conn['remote_host']); ?>">
208			<i class="fa fa-times-circle text-danger"></i>
209	9f605c1c	Hari	</a>
210	c64a0911	Hari	</td>
211			</tr>
212	9f605c1c	Hari	<?php
213			endforeach;
214			?>
215	c64a0911	Hari	</tbody>
216			<tfoot>
217			<tr>
218	f2c2a2b4	jim-p	<td colspan="7">
219	c64a0911	Hari	</td>
220	f2c2a2b4	jim-p	<td colspan="1">
221			<?php $ssvc = find_service_by_openvpn_vpnid($server['vpnid']); ?>
222			<?= get_service_status_icon($ssvc, false, true, false, "service_state"); ?>
223			<?= get_service_control_links($ssvc); ?>
224	e9701cfe	Stephen Beaver	</td>
225	c64a0911	Hari	</tr>
226			</tfoot>
227			</table>
228			</div>
229			</div>
230	42b0c921	Phil Davis	<?php
231			if (is_array($server['routes']) && count($server['routes'])):
232			?>
233	ec970b50	jim-p	<div id="shroutebut-<?= $i ?>">
234	37676f4e	jim-p	<button type="button" class="btn btn-info" onClick="show_routes('tabroute-<?= $i ?>','shroutebut-<?= $i ?>')" value="<?php echo gettext("Show Routing Table"); ?>">
235			<i class="fa fa-plus-circle icon-embed-btn"></i>
236			<?php echo gettext("Show Routing Table"); ?>
237			</button>
238			- <?= gettext("Display OpenVPN's internal routing table for this server.") ?>
239			<br /><br />
240	ec970b50	jim-p	</div>
241	56fafd85	Stephen Beaver	<div class="panel panel-default" id="tabroute-<?=$i?>" style="display: none;">
242	c64a0911	Hari	<div class="panel-heading"><h2 class="panel-title"><?=htmlspecialchars($server['name']);?> <?=gettext("Routing Table"); ?></h2></div>
243			<div class="panel-body table-responsive">
244	10fe1eb5	Stephen Beaver	<table class="table table-striped table-hover table-condensed sortable-theme-bootstrap" data-sortable>
245	c64a0911	Hari	<thead>
246			<tr>
247			<th><?=gettext("Common Name"); ?></th>
248			<th><?=gettext("Real Address"); ?></th>
249			<th><?=gettext("Target Network"); ?></th>
250			<th><?=gettext("Last Used"); ?></th>
251			</tr>
252	919d91f9	Phil Davis	</thead>
253	c64a0911	Hari	<tbody>
254	ec970b50	jim-p
255	42b0c921	Phil Davis	<?php
256			foreach ($server['routes'] as $conn):
257			?>
258	c64a0911	Hari	<tr id="<?php echo "r:{$server['mgmt']}:{$conn['remote_host']}"; ?>">
259			<td><?=$conn['common_name'];?></td>
260			<td><?=$conn['remote_host'];?></td>
261			<td><?=$conn['virtual_addr'];?></td>
262			<td><?=$conn['last_time'];?></td>
263			</tr>
264	42b0c921	Phil Davis	<?php
265			endforeach;
266			?>
267	c64a0911	Hari	</tbody>
268			<tfoot>
269			<tr>
270	e9701cfe	Stephen Beaver	<td colspan="4"><?= gettext("An IP address followed by C indicates a host currently connected through the VPN.") ?></td>
271	c64a0911	Hari	</tr>
272			</tfoot>
273			</table>
274			</div>
275			</div>
276	42b0c921	Phil Davis	<?php
277			endif;
278			?>
279	8cd558b6	ayvis	<br />
280	42b0c921	Phil Davis	<?php
281			$i++;
282			endforeach;
283			?>
284	8cd558b6	ayvis	<br />
285	d0f6649c	pierrepomes
286	42b0c921	Phil Davis	<?php
287			if (!empty($sk_servers)) {
288			?>
289	c64a0911	Hari	<div class="panel panel-default">
290			<div class="panel-heading"><h2 class="panel-title"><?=gettext("Peer to Peer Server Instance Statistics"); ?></h2></div>
291			<div class="panel-body table-responsive">
292	10fe1eb5	Stephen Beaver	<table class="table table-striped table-hover table-condensed sortable-theme-bootstrap" data-sortable>
293	c64a0911	Hari	<thead>
294	919d91f9	Phil Davis	<tr>
295	c64a0911	Hari	<th><?=gettext("Name"); ?></th>
296	e9701cfe	Stephen Beaver	<th><?=gettext("Status"); ?></th>
297	f2c2a2b4	jim-p	<th><?=gettext("Last Change"); ?></th>
298	a66ce627	NewEraCracker	<th><?=gettext("Virtual Address"); ?></th>
299	c64a0911	Hari	<th><?=gettext("Remote Host"); ?></th>
300	f467ea24	jim-p	<th><?=gettext("Bytes Sent"); ?></th>
301			<th><?=gettext("Bytes Received"); ?></th>
302	c64a0911	Hari	<th><?=gettext("Service"); ?></th>
303			</tr>
304			</thead>
305			<tbody>
306	d0f6649c	pierrepomes
307	42b0c921	Phil Davis	<?php
308			foreach ($sk_servers as $sk_server):
309			?>
310	c64a0911	Hari	<tr id="<?php echo "r:{$sk_server['port']}:{$sk_server['vpnid']}"; ?>">
311	f2c2a2b4	jim-p	<td>
312			ovpns<?=$sk_server['vpnid'];?><br/>
313			<?=htmlspecialchars($sk_server['name']);?>
314			</td>
315	c64a0911	Hari	<td><?=$sk_server['status'];?></td>
316			<td><?=$sk_server['connect_time'];?></td>
317	bffa3185	jim-p	<td>
318			<?=$sk_server['virtual_addr'];?>
319			<?php if (!empty($sk_server['virtual_addr']) && !empty($sk_server['virtual_addr6'])): ?>
320			<br />
321			<?php endif; ?>
322			<?=$sk_server['virtual_addr6'];?>
323			</td>
324	c64a0911	Hari	<td><?=$sk_server['remote_host'];?></td>
325	f467ea24	jim-p	<td data-value="<?=trim($sk_server['bytes_sent'])?>"><?=format_bytes($sk_server['bytes_sent']);?></td>
326			<td data-value="<?=trim($sk_server['bytes_recv'])?>"><?=format_bytes($sk_server['bytes_recv']);?></td>
327	c64a0911	Hari	<td>
328	f2c2a2b4	jim-p	<?php $ssvc = find_service_by_openvpn_vpnid($sk_server['vpnid']); ?>
329			<?= get_service_status_icon($ssvc, false, true); ?>
330			<?= get_service_control_links($ssvc, true); ?>
331	c64a0911	Hari	</td>
332			</tr>
333	42b0c921	Phil Davis	<?php
334			endforeach;
335			?>
336	c64a0911	Hari	</tbody>
337	a5eb046f	Renato Botelho	</table>
338	c64a0911	Hari	</div>
339			</div>
340	95305736	jim-p
341			<?php
342	42b0c921	Phil Davis	}
343			?>
344	8cd558b6	ayvis	<br />
345	42b0c921	Phil Davis	<?php
346			if (!empty($clients)) {
347			?>
348	c64a0911	Hari	<div class="panel panel-default">
349			<div class="panel-heading"><h2 class="panel-title"><?=gettext("Client Instance Statistics"); ?></h2></div>
350			<div class="panel-body table-responsive">
351	10fe1eb5	Stephen Beaver	<table class="table table-striped table-hover table-condensed sortable-theme-bootstrap" data-sortable>
352	c64a0911	Hari	<thead>
353	919d91f9	Phil Davis	<tr>
354	c64a0911	Hari	<th><?=gettext("Name"); ?></th>
355			<th><?=gettext("Status"); ?></th>
356	f2c2a2b4	jim-p	<th><?=gettext("Last Change"); ?></th>
357	cbfd0754	jim-p	<th><?=gettext("Local Address"); ?></th>
358	a66ce627	NewEraCracker	<th><?=gettext("Virtual Address"); ?></th>
359	c64a0911	Hari	<th><?=gettext("Remote Host"); ?></th>
360	f467ea24	jim-p	<th><?=gettext("Bytes Sent"); ?></th>
361			<th><?=gettext("Bytes Received"); ?></th>
362	c64a0911	Hari	<th><?=gettext("Service"); ?></th>
363			</tr>
364			</thead>
365			<tbody>
366	d0f6649c	pierrepomes
367	42b0c921	Phil Davis	<?php
368			foreach ($clients as $client):
369			?>
370	c64a0911	Hari	<tr id="<?php echo "r:{$client['port']}:{$client['vpnid']}"; ?>">
371	f2c2a2b4	jim-p	<td>
372			ovpnc<?= $client['vpnid'] ?><br/>
373			<?=htmlspecialchars($client['name']);?>
374			</td>
375	c64a0911	Hari	<td><?=$client['status'];?></td>
376			<td><?=$client['connect_time'];?></td>
377	2906d139	jim-p	<td>
378			<?php if (empty($client['local_host']) && empty($client['local_port'])): ?>
379			(pending)
380			<?php else: ?>
381			<?=$client['local_host'];?>:<?=$client['local_port'];?>
382			<?php endif; ?>
383			</td>
384	cbfd0754	jim-p	<td>
385			<?=$client['virtual_addr'];?>
386			<?php if (!empty($client['virtual_addr']) && !empty($client['virtual_addr6'])): ?>
387			<br />
388			<?php endif; ?>
389			<?=$client['virtual_addr6'];?>
390			</td>
391	2906d139	jim-p	<td>
392			<?php if (empty($client['remote_host']) && empty($client['remote_port'])): ?>
393			(pending)
394			<?php else: ?>
395			<?=$client['remote_host'];?>:<?=$client['remote_port'];?>
396			<?php endif; ?>
397			</td>
398	f467ea24	jim-p	<td data-value="<?=trim($client['bytes_sent'])?>"><?=format_bytes($client['bytes_sent']);?></td>
399			<td data-value="<?=trim($client['bytes_recv'])?>"><?=format_bytes($client['bytes_recv']);?></td>
400	c64a0911	Hari	<td>
401	f2c2a2b4	jim-p	<?php $ssvc = find_service_by_openvpn_vpnid($client['vpnid']); ?>
402			<?= get_service_status_icon($ssvc, false, true); ?>
403			<?= get_service_control_links($ssvc, true); ?>
404	c64a0911	Hari	</td>
405			</tr>
406	42b0c921	Phil Davis	<?php
407			endforeach;
408			?>
409	c64a0911	Hari	</tbody>
410	a5eb046f	Renato Botelho	</table>
411	c64a0911	Hari	</div>
412	56fafd85	Stephen Beaver	</div>
413	d0f6649c	pierrepomes
414	919d91f9	Phil Davis	<?php
415	cf1ced6d	pierrepomes	}
416
417			if ($DisplayNote) {
418	530c7ccf	NOYB	print_info_box(gettext("If there are custom options that override the management features of OpenVPN on a client or server, they will cause that OpenVPN instance to not work correctly with this status page."));
419	d0f6649c	pierrepomes	}
420
421	48b490ca	Phil Davis	if ((empty($clients)) && (empty($servers)) && (empty($sk_servers))) {
422	8545adde	k-paulius	print_info_box(gettext("No OpenVPN instances defined."));
423	d0f6649c	pierrepomes	}
424	61eb637d	Viktor G
425			// Create a Modal object to display RADIUS ACL generated ruleset
426			$form = new Form(FALSE);
427			$modal = new Modal('RADIUS ACL Generated Ruleset', 'rulesviewer', 'large', 'Close');
428			$modal->addInput(new Form_Textarea (
429			'rulesviewer_text',
430			null,
431			'...Loading...'
432			))->removeClass('form-control')->addClass('row-fluid col-sm-11')->setAttribute('rows', '10')->setAttribute('wrap', 'soft');
433			$form->add($modal);
434			print($form);
435	d0f6649c	pierrepomes	?>
436	2a351d32	Colin Fleming	</form>
437	56fafd85	Stephen Beaver
438	ec970b50	jim-p	<script type="text/javascript">
439	4d33138f	Colin Fleming	//<![CDATA[
440	56fafd85	Stephen Beaver
441	ec970b50	jim-p	function show_routes(id, buttonid) {
442			document.getElementById(buttonid).innerHTML='';
443			aodiv = document.getElementById(id);
444			aodiv.style.display = "block";
445			}
446	56fafd85	Stephen Beaver
447	4d33138f	Colin Fleming	//]]>
448	ec970b50	jim-p	</script>
449	c2081df1	NOYB
450			<?php include("foot.inc"); ?>

Project

General

Profile

pfSense