/usr/local/www/vpn_openvpn_server.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/usr/local/www/vpn_openvpn_server.php @ 7fa03a98

1	d799787e	Matthew Grooms	<?php
2			/*
3			vpn_openvpn_server.php
4
5			Copyright (C) 2008 Shrew Soft Inc.
6			All rights reserved.
7
8			Redistribution and use in source and binary forms, with or without
9			modification, are permitted provided that the following conditions are met:
10
11			1. Redistributions of source code must retain the above copyright notice,
12			this list of conditions and the following disclaimer.
13
14			2. Redistributions in binary form must reproduce the above copyright
15			notice, this list of conditions and the following disclaimer in the
16			documentation and/or other materials provided with the distribution.
17
18			THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
19			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
20			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
21			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
22			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
24			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
25			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
26			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
27			POSSIBILITY OF SUCH DAMAGE.
28			*/
29
30			##\|+PRIV
31			##\|*IDENT=page-openvpn-server
32			##\|*NAME=OpenVPN: Server page
33			##\|*DESCR=Allow access to the 'OpenVPN: Server' page.
34			##\|MATCH=vpn_openvpn_server.php
35			##\|-PRIV
36
37			require("guiconfig.inc");
38	d84bd468	Ermal Lu?i	require_once("openvpn.inc");
39	d799787e	Matthew Grooms
40	4d8b3382	Carlos Eduardo Ramos	$pgtitle = array(gettext("OpenVPN"), gettext("Server"));
41	efe2be81	jim-p	$statusurl = "status_openvpn.php";
42			$logurl = "diag_logs_openvpn.php";
43	d799787e	Matthew Grooms
44			if (!is_array($config['openvpn']['openvpn-server']))
45			$config['openvpn']['openvpn-server'] = array();
46
47			$a_server = &$config['openvpn']['openvpn-server'];
48
49			$id = $_GET['id'];
50			if (isset($_POST['id']))
51			$id = $_POST['id'];
52
53			$act = $_GET['act'];
54			if (isset($_POST['act']))
55			$act = $_POST['act'];
56
57			if ($_GET['act'] == "del") {
58
59			if (!$a_server[$id]) {
60			pfSenseHeader("vpn_openvpn_server.php");
61			exit;
62			}
63
64	dc408939	Matthew Grooms	openvpn_delete('server', $a_server[$id]);
65	d799787e	Matthew Grooms	unset($a_server[$id]);
66			write_config();
67			$savemsg = gettext("Server successfully deleted")."<br/>";
68			}
69
70	f432e364	Matthew Grooms	if($_GET['act']=="new"){
71	3c11bd3c	Matthew Grooms	$pconfig['autokey_enable'] = "yes";
72			$pconfig['tlsauth_enable'] = "yes";
73			$pconfig['autotls_enable'] = "yes";
74	fe787fc7	Matthew Grooms	$pconfig['dh_length'] = 1024;
75	f432e364	Matthew Grooms	$pconfig['interface'] = "wan";
76	8cd0a3fa	jim-p	$pconfig['local_port'] = openvpn_port_next('UDP');
77	f432e364	Matthew Grooms	$pconfig['pool_enable'] = "yes";
78			}
79
80	d799787e	Matthew Grooms	if($_GET['act']=="edit"){
81
82			if (isset($id) && $a_server[$id]) {
83
84	870318b9	Ermal Lu?i	$pconfig['disable'] = isset($a_server[$id]['disable']);
85	3c11bd3c	Matthew Grooms	$pconfig['mode'] = $a_server[$id]['mode'];
86	d799787e	Matthew Grooms	$pconfig['protocol'] = $a_server[$id]['protocol'];
87	e8a58de4	Ermal Lu?i	$pconfig['authmode'] = $a_server[$id]['authmode'];
88	d799787e	Matthew Grooms	$pconfig['interface'] = $a_server[$id]['interface'];
89	67b0902f	pierrepomes	if (!empty($a_server[$id]['ipaddr'])) {
90			$pconfig['interface'] = $pconfig['interface'] . '\|' . $a_server[$id]['ipaddr'];
91			}
92	d799787e	Matthew Grooms	$pconfig['local_port'] = $a_server[$id]['local_port'];
93			$pconfig['description'] = $a_server[$id]['description'];
94	a9a613dd	Scott Ullrich	$pconfig['custom_options'] = $a_server[$id]['custom_options'];
95	d799787e	Matthew Grooms
96	3c11bd3c	Matthew Grooms	if ($pconfig['mode'] != "p2p_shared_key") {
97			if ($a_server[$id]['tls']) {
98			$pconfig['tlsauth_enable'] = "yes";
99			$pconfig['tls'] = base64_decode($a_server[$id]['tls']);
100			}
101	fe787fc7	Matthew Grooms	$pconfig['caref'] = $a_server[$id]['caref'];
102	6db02381	jim-p	$pconfig['crlref'] = $a_server[$id]['crlref'];
103	fe787fc7	Matthew Grooms	$pconfig['certref'] = $a_server[$id]['certref'];
104			$pconfig['dh_length'] = $a_server[$id]['dh_length'];
105	3c11bd3c	Matthew Grooms	} else
106			$pconfig['shared_key'] = base64_decode($a_server[$id]['shared_key']);
107	d799787e	Matthew Grooms	$pconfig['crypto'] = $a_server[$id]['crypto'];
108
109			$pconfig['tunnel_network'] = $a_server[$id]['tunnel_network'];
110			$pconfig['remote_network'] = $a_server[$id]['remote_network'];
111			$pconfig['gwredir'] = $a_server[$id]['gwredir'];
112			$pconfig['local_network'] = $a_server[$id]['local_network'];
113			$pconfig['maxclients'] = $a_server[$id]['maxclients'];
114			$pconfig['compression'] = $a_server[$id]['compression'];
115	1cb0b40a	Matthew Grooms	$pconfig['passtos'] = $a_server[$id]['passtos'];
116	d799787e	Matthew Grooms	$pconfig['client2client'] = $a_server[$id]['client2client'];
117
118	65ff8497	jim-p	$pconfig['dynamic_ip'] = $a_server[$id]['dynamic_ip'];
119	d799787e	Matthew Grooms	$pconfig['pool_enable'] = $a_server[$id]['pool_enable'];
120
121			$pconfig['dns_domain'] = $a_server[$id]['dns_domain'];
122			if ($pconfig['dns_domain'])
123			$pconfig['dns_domain_enable'] = true;
124
125			$pconfig['dns_server1'] = $a_server[$id]['dns_server1'];
126			$pconfig['dns_server2'] = $a_server[$id]['dns_server2'];
127			$pconfig['dns_server3'] = $a_server[$id]['dns_server3'];
128			$pconfig['dns_server4'] = $a_server[$id]['dns_server4'];
129			if ($pconfig['dns_server1'] \|\|
130			$pconfig['dns_server2'] \|\|
131			$pconfig['dns_server3'] \|\|
132			$pconfig['dns_server4'])
133			$pconfig['dns_server_enable'] = true;
134
135			$pconfig['ntp_server1'] = $a_server[$id]['ntp_server1'];
136			$pconfig['ntp_server2'] = $a_server[$id]['ntp_server2'];
137			if ($pconfig['ntp_server1'] \|\|
138			$pconfig['ntp_server2'])
139			$pconfig['ntp_server_enable'] = true;
140
141			$pconfig['netbios_enable'] = $a_server[$id]['netbios_enable'];
142			$pconfig['netbios_ntype'] = $a_server[$id]['netbios_ntype'];
143			$pconfig['netbios_scope'] = $a_server[$id]['netbios_scope'];
144
145			$pconfig['wins_server1'] = $a_server[$id]['wins_server1'];
146			$pconfig['wins_server2'] = $a_server[$id]['wins_server2'];
147			if ($pconfig['wins_server1'] \|\|
148			$pconfig['wins_server2'])
149			$pconfig['wins_server_enable'] = true;
150
151			$pconfig['nbdd_server1'] = $a_server[$id]['nbdd_server1'];
152			if ($pconfig['nbdd_server1'])
153			$pconfig['nbdd_server_enable'] = true;
154	3c11bd3c	Matthew Grooms
155			// just in case the modes switch
156			$pconfig['autokey_enable'] = "yes";
157			$pconfig['autotls_enable'] = "yes";
158	d799787e	Matthew Grooms	}
159			}
160
161			if ($_POST) {
162
163			unset($input_errors);
164			$pconfig = $_POST;
165
166	f432e364	Matthew Grooms	if (isset($id) && $a_server[$id])
167			$vpnid = $a_server[$id]['vpnid'];
168			else
169			$vpnid = 0;
170
171	98c0c87a	jim-p	if ($pconfig['mode'] != "p2p_shared_key")
172	3c11bd3c	Matthew Grooms	$tls_mode = true;
173			else
174			$tls_mode = false;
175
176	54b9de56	Ermal Lu?i	if (!empty($pconfig['authmode'])) {
177			foreach ($pconfig['authmode'] as $pauthmode) {
178	b48a82c9	Ermal Lu?i	if ($pauthmode != "Local Database" && $pconfig['mode'] == "server_tls_user")
179	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("Only 'Local authentication database' is allowed with") . " " . $openvpn_server_modes[$pconfig['mode']];
180	54b9de56	Ermal Lu?i	}
181			}
182
183	b0b6d575	jim-p	if (empty($pconfig['authmode']) && (($pconfig['mode'] == "server_user") \|\| ($pconfig['mode'] == "server_tls_user")))
184			$input_errors[] = gettext("You must select a Backend for Authentication if the server mode requires User Auth.");
185
186	d799787e	Matthew Grooms	/* input validation */
187			if ($result = openvpn_validate_port($pconfig['local_port'], 'Local port'))
188			$input_errors[] = $result;
189
190			if ($result = openvpn_validate_cidr($pconfig['tunnel_network'], 'Tunnel network'))
191			$input_errors[] = $result;
192
193			if ($result = openvpn_validate_cidr($pconfig['remote_network'], 'Remote network'))
194			$input_errors[] = $result;
195
196			if ($result = openvpn_validate_cidr($pconfig['local_network'], 'Local network'))
197			$input_errors[] = $result;
198
199	5accf130	jim-p	$portused = openvpn_port_used($pconfig['protocol'], $pconfig['local_port']);
200			if (($portused != $vpnid) && ($portused != 0))
201	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The specified 'Local port' is in use. Please select another value");
202	f432e364	Matthew Grooms
203	89e6e210	jim-p	if ($pconfig['autokey_enable'])
204			$pconfig['shared_key'] = openvpn_create_key();
205
206	3c11bd3c	Matthew Grooms	if (!$tls_mode && !$pconfig['autokey_enable'])
207	d799787e	Matthew Grooms	if (!strstr($pconfig['shared_key'], "-----BEGIN OpenVPN Static key V1-----") \|\|
208			!strstr($pconfig['shared_key'], "-----END OpenVPN Static key V1-----"))
209	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'Shared Key' does not appear to be valid");
210	3c11bd3c	Matthew Grooms
211			if ($tls_mode && $pconfig['tlsauth_enable'] && !$pconfig['autotls_enable'])
212			if (!strstr($pconfig['tls'], "-----BEGIN OpenVPN Static key V1-----") \|\|
213			!strstr($pconfig['tls'], "-----END OpenVPN Static key V1-----"))
214	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'TLS Authentication Key' does not appear to be valid");
215	d799787e	Matthew Grooms
216			if ($pconfig['dns_server_enable']) {
217			if (!empty($pconfig['dns_server1']) && !is_ipaddr(trim($pconfig['dns_server1'])))
218	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'DNS Server #1' must contain a valid IP address");
219	d799787e	Matthew Grooms	if (!empty($pconfig['dns_server2']) && !is_ipaddr(trim($pconfig['dns_server2'])))
220	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'DNS Server #2' must contain a valid IP address");
221	d799787e	Matthew Grooms	if (!empty($pconfig['dns_server3']) && !is_ipaddr(trim($pconfig['dns_server3'])))
222	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'DNS Server #3' must contain a valid IP address");
223	d799787e	Matthew Grooms	if (!empty($pconfig['dns_server4']) && !is_ipaddr(trim($pconfig['dns_server4'])))
224	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'DNS Server #4' must contain a valid IP address");
225	d799787e	Matthew Grooms	}
226
227			if ($pconfig['ntp_server_enable']) {
228			if (!empty($pconfig['ntp_server1']) && !is_ipaddr(trim($pconfig['ntp_server1'])))
229	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'NTP Server #1' must contain a valid IP address");
230	d799787e	Matthew Grooms	if (!empty($pconfig['ntp_server2']) && !is_ipaddr(trim($pconfig['ntp_server2'])))
231	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'NTP Server #2' must contain a valid IP address");
232	d799787e	Matthew Grooms	if (!empty($pconfig['ntp_server3']) && !is_ipaddr(trim($pconfig['ntp_server3'])))
233	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'NTP Server #3' must contain a valid IP address");
234	d799787e	Matthew Grooms	if (!empty($pconfig['ntp_server4']) && !is_ipaddr(trim($pconfig['ntp_server4'])))
235	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'NTP Server #4' must contain a valid IP address");
236	d799787e	Matthew Grooms	}
237
238			if ($pconfig['netbios_enable']) {
239			if ($pconfig['wins_server_enable']) {
240			if (!empty($pconfig['wins_server1']) && !is_ipaddr(trim($pconfig['wins_server1'])))
241	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'WINS Server #1' must contain a valid IP address");
242	d799787e	Matthew Grooms	if (!empty($pconfig['wins_server2']) && !is_ipaddr(trim($pconfig['wins_server2'])))
243	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'WINS Server #2' must contain a valid IP address");
244	d799787e	Matthew Grooms	}
245			if ($pconfig['nbdd_server_enable'])
246			if (!empty($pconfig['nbdd_server1']) && !is_ipaddr(trim($pconfig['nbdd_server1'])))
247	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'NetBIOS Data Distribution Server #1' must contain a valid IP address");
248	d799787e	Matthew Grooms	}
249
250			if ($pconfig['maxclients'] && !is_numeric($pconfig['maxclients']))
251	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'Concurrent connections' must be numeric.");
252	d799787e	Matthew Grooms
253	21c776dd	jim-p	/* If we are not in shared key mode, then we need the CA/Cert. */
254			if ($pconfig['mode'] != "p2p_shared_key") {
255	872d9195	Matthew Grooms	$reqdfields = explode(" ", "caref certref");
256	fe6d7a55	jim-p	$reqdfieldsn = array(gettext("Certificate Authority"),gettext("Certificate"));
257	21c776dd	jim-p	} elseif (!$pconfig['autokey_enable']) {
258			/* We only need the shared key filled in if we are in shared key mode and autokey is not selected. */
259			$reqdfields = array('shared_key');
260	4d8b3382	Carlos Eduardo Ramos	$reqdfieldsn = array(gettext('Shared key'));
261	d799787e	Matthew Grooms	}
262
263	872d9195	Matthew Grooms	$reqdfields[] = 'tunnel_network';
264	4d8b3382	Carlos Eduardo Ramos	$reqdfieldsn[] = gettext('Tunnel network');
265	872d9195	Matthew Grooms
266	d799787e	Matthew Grooms	do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
267
268			if (!$input_errors) {
269
270			$server = array();
271
272	f432e364	Matthew Grooms	if ($vpnid)
273			$server['vpnid'] = $vpnid;
274	e28120e5	Matthew Grooms	else
275	d799787e	Matthew Grooms	$server['vpnid'] = openvpn_vpnid_next();
276
277	870318b9	Ermal Lu?i	if ($_POST['disable'] == "yes")
278			$server['disable'] = true;
279	3c11bd3c	Matthew Grooms	$server['mode'] = $pconfig['mode'];
280	8a47c190	Ermal Lu?i	if (!empty($pconfig['authmode']))
281			$server['authmode'] = implode(",", $pconfig['authmode']);
282	d799787e	Matthew Grooms	$server['protocol'] = $pconfig['protocol'];
283	67b0902f	pierrepomes	list($server['interface'], $server['ipaddr']) = explode ("\|",$pconfig['interface']);
284	d799787e	Matthew Grooms	$server['local_port'] = $pconfig['local_port'];
285			$server['description'] = $pconfig['description'];
286	a9a613dd	Scott Ullrich	$server['custom_options'] = $pconfig['custom_options'];
287	d799787e	Matthew Grooms
288	3c11bd3c	Matthew Grooms	if ($tls_mode) {
289			if ($pconfig['tlsauth_enable']) {
290			if ($pconfig['autotls_enable'])
291			$pconfig['tls'] = openvpn_create_key();
292			$server['tls'] = base64_encode($pconfig['tls']);
293			}
294	fe787fc7	Matthew Grooms	$server['caref'] = $pconfig['caref'];
295	6db02381	jim-p	$server['crlref'] = $pconfig['crlref'];
296	fe787fc7	Matthew Grooms	$server['certref'] = $pconfig['certref'];
297			$server['dh_length'] = $pconfig['dh_length'];
298	3c11bd3c	Matthew Grooms	} else {
299			$server['shared_key'] = base64_encode($pconfig['shared_key']);
300	d799787e	Matthew Grooms	}
301			$server['crypto'] = $pconfig['crypto'];
302
303			$server['tunnel_network'] = $pconfig['tunnel_network'];
304			$server['remote_network'] = $pconfig['remote_network'];
305			$server['gwredir'] = $pconfig['gwredir'];
306			$server['local_network'] = $pconfig['local_network'];
307			$server['maxclients'] = $pconfig['maxclients'];
308			$server['compression'] = $pconfig['compression'];
309	1cb0b40a	Matthew Grooms	$server['passtos'] = $pconfig['passtos'];
310	d799787e	Matthew Grooms	$server['client2client'] = $pconfig['client2client'];
311
312	65ff8497	jim-p	$server['dynamic_ip'] = $pconfig['dynamic_ip'];
313	d799787e	Matthew Grooms	$server['pool_enable'] = $pconfig['pool_enable'];
314
315			if ($pconfig['dns_domain_enable'])
316			$server['dns_domain'] = $pconfig['dns_domain'];
317
318			if ($pconfig['dns_server_enable']) {
319			$server['dns_server1'] = $pconfig['dns_server1'];
320			$server['dns_server2'] = $pconfig['dns_server2'];
321			$server['dns_server3'] = $pconfig['dns_server3'];
322			$server['dns_server4'] = $pconfig['dns_server4'];
323			}
324
325			if ($pconfig['ntp_server_enable']) {
326			$server['ntp_server1'] = $pconfig['ntp_server1'];
327			$server['ntp_server2'] = $pconfig['ntp_server2'];
328			}
329
330			$server['netbios_enable'] = $pconfig['netbios_enable'];
331			$server['netbios_ntype'] = $pconfig['netbios_ntype'];
332			$server['netbios_scope'] = $pconfig['netbios_scope'];
333
334			if ($pconfig['netbios_enable']) {
335
336			if ($pconfig['wins_server_enable']) {
337			$server['wins_server1'] = $pconfig['wins_server1'];
338			$server['wins_server2'] = $pconfig['wins_server2'];
339			}
340
341			if ($pconfig['dns_server_enable'])
342			$server['nbdd_server1'] = $pconfig['nbdd_server1'];
343			}
344
345			if (isset($id) && $a_server[$id])
346			$a_server[$id] = $server;
347			else
348			$a_server[] = $server;
349
350	dc408939	Matthew Grooms	openvpn_resync('server', $server);
351	d799787e	Matthew Grooms	write_config();
352
353			header("Location: vpn_openvpn_server.php");
354			exit;
355			}
356	8a47c190	Ermal Lu?i	if (!empty($pconfig['authmode']))
357			$pconfig['authmode'] = implode(",", $pconfig['authmode']);
358	d799787e	Matthew Grooms	}
359
360			include("head.inc");
361
362			?>
363
364			<body link="#000000" vlink="#000000" alink="#000000" onload="<?= $jsevents["body"]["onload"] ?>">
365			<?php include("fbegin.inc"); ?>
366			<script language="JavaScript">
367			<!--
368
369	3c11bd3c	Matthew Grooms	function mode_change() {
370			index = document.iform.mode.selectedIndex;
371			value = document.iform.mode.options[index].value;
372	d799787e	Matthew Grooms	switch(value) {
373	3c11bd3c	Matthew Grooms	case "p2p_tls":
374			case "server_tls":
375			case "server_user":
376			case "server_tls_user":
377			document.getElementById("tls").style.display="";
378			document.getElementById("tls_ca").style.display="";
379	6db02381	jim-p	document.getElementById("tls_crl").style.display="";
380	3c11bd3c	Matthew Grooms	document.getElementById("tls_cert").style.display="";
381	fe787fc7	Matthew Grooms	document.getElementById("tls_dh").style.display="";
382	d799787e	Matthew Grooms	document.getElementById("psk").style.display="none";
383			break;
384	3c11bd3c	Matthew Grooms	case "p2p_shared_key":
385			document.getElementById("tls").style.display="none";
386			document.getElementById("tls_ca").style.display="none";
387	6db02381	jim-p	document.getElementById("tls_crl").style.display="none";
388	3c11bd3c	Matthew Grooms	document.getElementById("tls_cert").style.display="none";
389	fe787fc7	Matthew Grooms	document.getElementById("tls_dh").style.display="none";
390	d799787e	Matthew Grooms	document.getElementById("psk").style.display="";
391			break;
392			}
393	3c11bd3c	Matthew Grooms	switch(value) {
394			case "p2p_shared_key":
395			document.getElementById("client_opts").style.display="none";
396			document.getElementById("remote_opts").style.display="";
397	b008c1eb	jim-p	document.getElementById("local_opts").style.display="none";
398			document.getElementById("authmodetr").style.display="none";
399	107794cc	jim-p	document.getElementById("inter_client_communication").style.display="none";
400	b008c1eb	jim-p	break;
401			case "p2p_tls":
402			document.getElementById("client_opts").style.display="none";
403			document.getElementById("remote_opts").style.display="";
404			document.getElementById("local_opts").style.display="";
405	e8a58de4	Ermal Lu?i	document.getElementById("authmodetr").style.display="none";
406	107794cc	jim-p	document.getElementById("inter_client_communication").style.display="none";
407	3c11bd3c	Matthew Grooms	break;
408	e8a58de4	Ermal Lu?i	case "server_user":
409			case "server_tls_user":
410			document.getElementById("authmodetr").style.display="";
411	54b9de56	Ermal Lu?i	document.getElementById("client_opts").style.display="";
412			document.getElementById("remote_opts").style.display="none";
413	b008c1eb	jim-p	document.getElementById("local_opts").style.display="";
414	107794cc	jim-p	document.getElementById("inter_client_communication").style.display="";
415	54b9de56	Ermal Lu?i	break;
416			case "server_tls":
417			document.getElementById("authmodetr").style.display="none";
418	3c11bd3c	Matthew Grooms	default:
419			document.getElementById("client_opts").style.display="";
420			document.getElementById("remote_opts").style.display="none";
421	b008c1eb	jim-p	document.getElementById("local_opts").style.display="";
422	107794cc	jim-p	document.getElementById("inter_client_communication").style.display="";
423	3c11bd3c	Matthew Grooms	break;
424			}
425			}
426
427			function autokey_change() {
428
429			if (document.iform.autokey_enable.checked)
430			document.getElementById("autokey_opts").style.display="none";
431			else
432			document.getElementById("autokey_opts").style.display="";
433			}
434
435			function tlsauth_change() {
436
437			<?php if (!$pconfig['tls']): ?>
438			if (document.iform.tlsauth_enable.checked)
439			document.getElementById("tlsauth_opts").style.display="";
440			else
441			document.getElementById("tlsauth_opts").style.display="none";
442			<?php endif; ?>
443
444			autotls_change();
445			}
446
447			function autotls_change() {
448
449			<?php if (!$pconfig['tls']): ?>
450			autocheck = document.iform.autotls_enable.checked;
451			<?php else: ?>
452			autocheck = false;
453			<?php endif; ?>
454
455			if (document.iform.tlsauth_enable.checked && !autocheck)
456			document.getElementById("autotls_opts").style.display="";
457			else
458			document.getElementById("autotls_opts").style.display="none";
459	d799787e	Matthew Grooms	}
460
461			function gwredir_change() {
462
463			if (document.iform.gwredir.checked)
464			document.getElementById("local_opts").style.display="none";
465			else
466			document.getElementById("local_opts").style.display="";
467			}
468
469			function dns_domain_change() {
470
471			if (document.iform.dns_domain_enable.checked)
472			document.getElementById("dns_domain_data").style.display="";
473			else
474			document.getElementById("dns_domain_data").style.display="none";
475			}
476
477			function dns_server_change() {
478
479			if (document.iform.dns_server_enable.checked)
480			document.getElementById("dns_server_data").style.display="";
481			else
482			document.getElementById("dns_server_data").style.display="none";
483			}
484
485			function wins_server_change() {
486
487			if (document.iform.wins_server_enable.checked)
488			document.getElementById("wins_server_data").style.display="";
489			else
490			document.getElementById("wins_server_data").style.display="none";
491			}
492
493			function ntp_server_change() {
494
495			if (document.iform.ntp_server_enable.checked)
496			document.getElementById("ntp_server_data").style.display="";
497			else
498			document.getElementById("ntp_server_data").style.display="none";
499			}
500
501			function netbios_change() {
502
503			if (document.iform.netbios_enable.checked) {
504			document.getElementById("netbios_data").style.display="";
505			document.getElementById("wins_opts").style.display="";
506			} else {
507			document.getElementById("netbios_data").style.display="none";
508			document.getElementById("wins_opts").style.display="none";
509			}
510			}
511
512			//-->
513			</script>
514			<?php
515			if ($input_errors)
516			print_input_errors($input_errors);
517			if ($savemsg)
518			print_info_box($savemsg);
519			?>
520			<table width="100%" border="0" cellpadding="0" cellspacing="0">
521	5a3b0d3b	mgrooms	<tr>
522	d799787e	Matthew Grooms	<td class="tabnavtbl">
523			<ul id="tabnav">
524			<?php
525			$tab_array = array();
526			$tab_array[] = array(gettext("Server"), true, "vpn_openvpn_server.php");
527			$tab_array[] = array(gettext("Client"), false, "vpn_openvpn_client.php");
528			$tab_array[] = array(gettext("Client Specific Overrides"), false, "vpn_openvpn_csc.php");
529	5540aee6	Ermal Lu?i	$tab_array[] = array(gettext("Wizards"), false, "wizard.php?xml=openvpn_wizard.xml");
530	b63f2e8b	Matthew Grooms	add_package_tabs("OpenVPN", $tab_array);
531	d799787e	Matthew Grooms	display_top_tabs($tab_array);
532			?>
533			</ul>
534			</td>
535			</tr>
536			<tr>
537			<td class="tabcont">
538
539			<?php if($act=="new" \|\| $act=="edit"): ?>
540
541			<form action="vpn_openvpn_server.php" method="post" name="iform" id="iform" onsubmit="presubmit()">
542			<table width="100%" border="0" cellpadding="6" cellspacing="0">
543	47c00c09	Scott Ullrich	<tr>
544	4d8b3382	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="listtopic"><?=gettext("General information"); ?></td>
545	b63f2e8b	Matthew Grooms	</tr>
546	d799787e	Matthew Grooms	<tr>
547	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Disabled"); ?></td>
548	d799787e	Matthew Grooms	<td width="78%" class="vtable">
549			<table border="0" cellpadding="0" cellspacing="0">
550			<tr>
551			<td>
552			<?php set_checked($pconfig['disable'],$chk); ?>
553			<input name="disable" type="checkbox" value="yes" <?=$chk;?>/>
554			</td>
555			<td>
556
557			<span class="vexpl">
558	4d8b3382	Carlos Eduardo Ramos	<strong><?=gettext("Disable this server"); ?></strong><br>
559	d799787e	Matthew Grooms	</span>
560			</td>
561			</tr>
562			</table>
563	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Set this option to disable this server without removing it from the list"); ?>.
564	d799787e	Matthew Grooms	</td>
565			</tr>
566	3c11bd3c	Matthew Grooms	<tr>
567			<td width="22%" valign="top" class="vncellreq"><?=gettext("Server Mode");?></td>
568			<td width="78%" class="vtable">
569			<select name='mode' id='mode' class="formselect" onchange='mode_change()'>
570			<?php
571			foreach ($openvpn_server_modes as $name => $desc):
572			$selected = "";
573			if ($pconfig['mode'] == $name)
574			$selected = "selected";
575			?>
576			<option value="<?=$name;?>" <?=$selected;?>><?=$desc;?></option>
577			<?php endforeach; ?>
578			</select>
579			</td>
580			</tr>
581	e8a58de4	Ermal Lu?i	<tr id="authmodetr" style="display:none">
582			<td width="22%" valign="top" class="vncellreq"><?=gettext("Backend for authentication");?></td>
583			<td width="78%" class="vtable">
584	6306b5dd	Ermal Lu?i	<select name='authmode[]' id='authmode' class="formselect" multiple="true" size="<?php echo count($auth_servers); ?>">
585	c61e4626	Ermal Lu?i	<?php $authmodes = explode(",", $pconfig['authmode']); ?>
586	e8a58de4	Ermal Lu?i	<?php
587	6306b5dd	Ermal Lu?i	$auth_servers = auth_get_authserver_list();
588	e8a58de4	Ermal Lu?i	foreach ($auth_servers as $auth_server):
589			$selected = "";
590	c61e4626	Ermal Lu?i	if (in_array($auth_server['name'], $authmodes))
591	e8a58de4	Ermal Lu?i	$selected = "selected";
592			?>
593			<option value="<?=$auth_server['name'];?>" <?=$selected;?>><?=$auth_server['name'];?></option>
594			<?php endforeach; ?>
595			</select>
596			</td>
597			</tr>
598	d799787e	Matthew Grooms	<tr>
599			<td width="22%" valign="top" class="vncellreq"><?=gettext("Protocol");?></td>
600			<td width="78%" class="vtable">
601			<select name='protocol' class="formselect">
602			<?php
603			foreach ($openvpn_prots as $prot):
604			$selected = "";
605			if ($pconfig['protocol'] == $prot)
606			$selected = "selected";
607			?>
608			<option value="<?=$prot;?>" <?=$selected;?>><?=$prot;?></option>
609			<?php endforeach; ?>
610			</select>
611			</td>
612			</tr>
613			<tr>
614	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Interface"); ?></td>
615	d799787e	Matthew Grooms	<td width="78%" class="vtable">
616			<select name="interface" class="formselect">
617			<?php
618			$interfaces = get_configured_interface_with_descr();
619	3d06e8f0	pierrepomes	$carplist = get_configured_carp_interface_list();
620			foreach ($carplist as $cif => $carpip)
621	67b0902f	pierrepomes	$interfaces[$cif.'\|'.$carpip] = strtoupper($cif) . " ({$carpip})";
622			$aliaslist = get_configured_ip_aliases_list();
623			foreach ($aliaslist as $aliasip => $aliasif)
624			$interfaces[$aliasif.'\|'.$aliasip] = strtoupper($aliasif) . " ({$aliasip})";
625			$interfaces['any'] = "any";
626	d799787e	Matthew Grooms	foreach ($interfaces as $iface => $ifacename):
627	1d3bcd2a	Matthew Grooms	$selected = "";
628			if ($iface == $pconfig['interface'])
629			$selected = "selected";
630	d799787e	Matthew Grooms	?>
631	1d3bcd2a	Matthew Grooms	<option value="<?=$iface;?>" <?=$selected;?>>
632			<?=htmlspecialchars($ifacename);?>
633			</option>
634	d799787e	Matthew Grooms	<?php endforeach; ?>
635			</select> <br>
636			</td>
637			</tr>
638			<tr>
639			<td width="22%" valign="top" class="vncellreq"><?=gettext("Local port");?></td>
640			<td width="78%" class="vtable">
641			<input name="local_port" type="text" class="formfld unknown" size="5" value="<?=htmlspecialchars($pconfig['local_port']);?>"/>
642			</td>
643			</tr>
644			<tr>
645	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Description"); ?></td>
646	d799787e	Matthew Grooms	<td width="78%" class="vtable">
647			<input name="description" type="text" class="formfld unknown" size="30" value="<?=htmlspecialchars($pconfig['description']);?>">
648			<br>
649	4d8b3382	Carlos Eduardo Ramos	<?=gettext("You may enter a description here for your reference (not parsed)"); ?>.
650	d799787e	Matthew Grooms	</td>
651			</tr>
652			<tr>
653			<td colspan="2" class="list" height="12"></td>
654			</tr>
655			<tr>
656	4d8b3382	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="listtopic"><?=gettext("Cryptographic Settings"); ?></td>
657	d799787e	Matthew Grooms	</tr>
658	3c11bd3c	Matthew Grooms	<tr id="tls">
659	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("TLS Authentication"); ?></td>
660	3c11bd3c	Matthew Grooms	<td width="78%" class="vtable">
661			<table border="0" cellpadding="2" cellspacing="0">
662			<tr>
663			<td>
664			<?php set_checked($pconfig['tlsauth_enable'],$chk); ?>
665			<input name="tlsauth_enable" id="tlsauth_enable" type="checkbox" value="yes" <?=$chk;?> onClick="tlsauth_change()">
666			</td>
667			<td>
668			<span class="vexpl">
669	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Enable authentication of TLS packets"); ?>.
670	3c11bd3c	Matthew Grooms	</span>
671			</td>
672			</tr>
673			</table>
674			<?php if (!$pconfig['tls']): ?>
675			<table border="0" cellpadding="2" cellspacing="0" id='tlsauth_opts'>
676			<tr>
677			<td>
678			<?php set_checked($pconfig['autotls_enable'],$chk); ?>
679			<input name="autotls_enable" id="autotls_enable" type="checkbox" value="yes" <?=$chk;?> onClick="autotls_change()">
680			</td>
681			<td>
682			<span class="vexpl">
683	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Automatically generate a shared TLS authentication key"); ?>.
684	3c11bd3c	Matthew Grooms	</span>
685			</td>
686			</tr>
687			</table>
688			<?php endif; ?>
689			<table border="0" cellpadding="2" cellspacing="0" id='autotls_opts'>
690			<tr>
691			<td>
692			<textarea name="tls" cols="65" rows="7" class="formpre"><?=htmlspecialchars($pconfig['tls']);?></textarea>
693			<br/>
694	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Paste your shared key here"); ?>.
695	3c11bd3c	Matthew Grooms	</td>
696			</tr>
697			</table>
698			</td>
699	d799787e	Matthew Grooms	</tr>
700	3c11bd3c	Matthew Grooms	<tr id="tls_ca">
701	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Peer Certificate Authority"); ?></td>
702	d799787e	Matthew Grooms	<td width="78%" class="vtable">
703			<select name='caref' class="formselect">
704			<?php
705	b4e6524c	jim-p	foreach ($config['ca'] as $ca):
706	d799787e	Matthew Grooms	$selected = "";
707			if ($pconfig['caref'] == $ca['refid'])
708			$selected = "selected";
709			?>
710			<option value="<?=$ca['refid'];?>" <?=$selected;?>><?=$ca['name'];?></option>
711			<?php endforeach; ?>
712			</select>
713			</td>
714			</tr>
715	6db02381	jim-p	<tr id="tls_crl">
716			<td width="22%" valign="top" class="vncellreq"><?=gettext("Peer Certificate Revocation List"); ?></td>
717			<td width="78%" class="vtable">
718			<select name='crlref' class="formselect">
719			<option value="">None</option>
720			<?php
721			foreach ($config['crl'] as $crl):
722			if (is_crl_internal($crl) && (count($crl['cert']) <= 0))
723			continue;
724			$selected = "";
725			if ($pconfig['crlref'] == $crl['refid'])
726			$selected = "selected";
727			?>
728			<option value="<?=$crl['refid'];?>" <?=$selected;?>><?=$crl['name'];?></option>
729			<?php endforeach; ?>
730			</select>
731			</td>
732			</tr>
733	3c11bd3c	Matthew Grooms	<tr id="tls_cert">
734	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Server Certificate"); ?></td>
735	d799787e	Matthew Grooms	<td width="78%" class="vtable">
736			<select name='certref' class="formselect">
737			<?php
738	b4e6524c	jim-p	foreach ($config['cert'] as $cert):
739	d799787e	Matthew Grooms	$selected = "";
740	05657769	Ermal Lu?i	if (strstr($cert['name'], "webConfigurator"))
741			continue;
742	d799787e	Matthew Grooms	if ($pconfig['certref'] == $cert['refid'])
743			$selected = "selected";
744			?>
745			<option value="<?=$cert['refid'];?>" <?=$selected;?>><?=$cert['name'];?></option>
746			<?php endforeach; ?>
747			</select>
748			</td>
749			</tr>
750	fe787fc7	Matthew Grooms	<tr id="tls_dh">
751	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("DH Parameters Length"); ?></td>
752	fe787fc7	Matthew Grooms	<td width="78%" class="vtable">
753			<select name="dh_length" class="formselect">
754			<?php
755			foreach ($openvpn_dh_lengths as $length):
756			$selected = '';
757			if ($length == $pconfig['dh_length'])
758			$selected = ' selected';
759			?>
760			<option<?=$selected?>><?=$length;?></option>
761			<?php endforeach; ?>
762			</select>
763			<span class="vexpl">
764	1c83021a	Carlos Eduardo Ramos	<?=gettext("bits"); ?>
765	fe787fc7	Matthew Grooms	</span>
766			</td>
767			</tr>
768	d799787e	Matthew Grooms	<tr id="psk">
769	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Shared Key"); ?></td>
770	3c11bd3c	Matthew Grooms	<td width="78%" class="vtable">
771			<?php if (!$pconfig['shared_key']): ?>
772			<table border="0" cellpadding="2" cellspacing="0">
773			<tr>
774			<td>
775			<?php set_checked($pconfig['autokey_enable'],$chk); ?>
776			<input name="autokey_enable" type="checkbox" value="yes" <?=$chk;?> onClick="autokey_change()">
777			</td>
778			<td>
779			<span class="vexpl">
780	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Automatically generate a shared key"); ?>.
781	3c11bd3c	Matthew Grooms	</span>
782			</td>
783			</tr>
784			</table>
785			<?php endif; ?>
786			<table border="0" cellpadding="2" cellspacing="0" id='autokey_opts'>
787			<tr>
788			<td>
789			<textarea name="shared_key" cols="65" rows="7" class="formpre"><?=htmlspecialchars($pconfig['shared_key']);?></textarea>
790			<br/>
791	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Paste your shared key here"); ?>.
792	3c11bd3c	Matthew Grooms	</td>
793			</tr>
794			</table>
795	d799787e	Matthew Grooms	</td>
796			</tr>
797			<tr>
798	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Encryption algorithm"); ?></td>
799	d799787e	Matthew Grooms	<td width="78%" class="vtable">
800			<select name="crypto" class="formselect">
801			<?php
802			$cipherlist = openvpn_get_cipherlist();
803			foreach ($cipherlist as $name => $desc):
804			$selected = '';
805			if ($name == $pconfig['crypto'])
806			$selected = ' selected';
807			?>
808			<option value="<?=$name;?>"<?=$selected?>>
809			<?=htmlspecialchars($desc);?>
810			</option>
811			<?php endforeach; ?>
812			</select>
813			</td>
814			</tr>
815			<tr>
816			<td colspan="2" class="list" height="12"></td>
817			</tr>
818			<tr>
819	4d8b3382	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="listtopic"><?=gettext("Tunnel Settings"); ?></td>
820	d799787e	Matthew Grooms	</tr>
821			<tr>
822	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Tunnel Network"); ?></td>
823	d799787e	Matthew Grooms	<td width="78%" class="vtable">
824			<input name="tunnel_network" type="text" class="formfld unknown" size="20" value="<?=htmlspecialchars($pconfig['tunnel_network']);?>">
825			<br>
826	4d8b3382	Carlos Eduardo Ramos	<?=gettext("This is the virtual network used for private " .
827			"communications between this server and client " .
828			"hosts expressed using CIDR (eg. 10.0.8.0/24). " .
829			"The first network address will be assigned to " .
830			"the server virtual interface. The remaining " .
831			"network addresses can optionally be assigned " .
832			"to connecting clients. (see Address Pool)"); ?>
833	d799787e	Matthew Grooms	</td>
834			</tr>
835			<tr>
836	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Redirect Gateway"); ?></td>
837	d799787e	Matthew Grooms	<td width="78%" class="vtable">
838			<table border="0" cellpadding="2" cellspacing="0">
839			<tr>
840			<td>
841			<?php set_checked($pconfig['gwredir'],$chk); ?>
842			<input name="gwredir" type="checkbox" value="yes" <?=$chk;?> onClick="gwredir_change()"/>
843			</td>
844			<td>
845			<span class="vexpl">
846	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Force all client generated traffic through the tunnel"); ?>.
847	d799787e	Matthew Grooms	</span>
848			</td>
849			</tr>
850			</table>
851			</td>
852			</tr>
853			<tr id="local_opts">
854	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Local Network"); ?></td>
855	d799787e	Matthew Grooms	<td width="78%" class="vtable">
856			<input name="local_network" type="text" class="formfld unknown" size="20" value="<?=htmlspecialchars($pconfig['local_network']);?>">
857			<br>
858	4d8b3382	Carlos Eduardo Ramos	<?=gettext("This is the network that will be accessible " .
859			"from the remote endpoint. Expressed as a CIDR " .
860			"range. You may leave this blank if you don't " .
861			"want to add a route to the local network " .
862			"through this tunnel on the remote machine. " .
863			"This is generally set to your LAN network"); ?>.
864	d799787e	Matthew Grooms	</td>
865			</tr>
866	3c11bd3c	Matthew Grooms	<tr id="remote_opts">
867	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Remote Network"); ?></td>
868	3c11bd3c	Matthew Grooms	<td width="78%" class="vtable">
869			<input name="remote_network" type="text" class="formfld unknown" size="20" value="<?=htmlspecialchars($pconfig['remote_network']);?>">
870			<br>
871	4d8b3382	Carlos Eduardo Ramos	<?=gettext("This is a network that will be routed through " .
872			"the tunnel, so that a site-to-site VPN can be " .
873			"established without manually changing the " .
874			"routing tables. Expressed as a CIDR range. If " .
875			"this is a site-to-site VPN, enter here the " .
876			"remote LAN here. You may leave this blank if " .
877			"you don't want a site-to-site VPN"); ?>.
878	3c11bd3c	Matthew Grooms	</td>
879			</tr>
880	d799787e	Matthew Grooms	<tr>
881			<td width="22%" valign="top" class="vncell"><?=gettext("Concurrent connections");?></td>
882			<td width="78%" class="vtable">
883			<input name="maxclients" type="text" class="formfld unknown" size="5" value="<?=htmlspecialchars($pconfig['maxclients']);?>"/>
884			<br/>
885	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Specify the maximum number of clients allowed to concurrently connect to this server"); ?>.
886	d799787e	Matthew Grooms	</td>
887			</tr>
888			<tr>
889	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Compression"); ?></td>
890	d799787e	Matthew Grooms	<td width="78%" class="vtable">
891			<table border="0" cellpadding="2" cellspacing="0">
892			<tr>
893			<td>
894			<?php set_checked($pconfig['compression'],$chk); ?>
895			<input name="compression" type="checkbox" value="yes" <?=$chk;?>>
896			</td>
897			<td>
898			<span class="vexpl">
899	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Compress tunnel packets using the LZO algorithm"); ?>.
900	d799787e	Matthew Grooms	</span>
901			</td>
902			</tr>
903			</table>
904			</td>
905			</tr>
906			<tr>
907	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Type-of-Service"); ?></td>
908	d799787e	Matthew Grooms	<td width="78%" class="vtable">
909			<table border="0" cellpadding="2" cellspacing="0">
910			<tr>
911			<td>
912	1cb0b40a	Matthew Grooms	<?php set_checked($pconfig['passtos'],$chk); ?>
913			<input name="passtos" type="checkbox" value="yes" <?=$chk;?>>
914	d799787e	Matthew Grooms	</td>
915			<td>
916			<span class="vexpl">
917	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Set the TOS IP header value of tunnel packets to match the encapsulated packet value"); ?>.
918	d799787e	Matthew Grooms	</span>
919			</td>
920			</tr>
921			</table>
922			</td>
923			</tr>
924	107794cc	jim-p	<tr id="inter_client_communication">
925	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Inter-client communication"); ?></td>
926	d799787e	Matthew Grooms	<td width="78%" class="vtable">
927			<table border="0" cellpadding="2" cellspacing="0">
928			<tr>
929			<td>
930			<?php set_checked($pconfig['client2client'],$chk); ?>
931			<input name="client2client" type="checkbox" value="yes" <?=$chk;?>/>
932			</td>
933			<td>
934			<span class="vexpl">
935	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Allow communication between clients connected to this server"); ?>
936	d799787e	Matthew Grooms	</span>
937			</td>
938			</tr>
939			</table>
940			</td>
941			</tr>
942	3c11bd3c	Matthew Grooms	</table>
943
944			<table width="100%" border="0" cellpadding="6" cellspacing="0" id="client_opts">
945	d799787e	Matthew Grooms	<tr>
946			<td colspan="2" class="list" height="12"></td>
947			</tr>
948			<tr>
949	4d8b3382	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="listtopic"><?=gettext("Client Settings"); ?></td>
950	d799787e	Matthew Grooms	</tr>
951	65ff8497	jim-p	<tr>
952	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Dynamic IP"); ?></td>
953	65ff8497	jim-p	<td width="78%" class="vtable">
954			<table border="0" cellpadding="2" cellspacing="0">
955			<tr>
956			<td>
957			<?php set_checked($pconfig['dynamic_ip'],$chk); ?>
958	b3cf36d7	Erik Fonnesbeck	<input name="dynamic_ip" type="checkbox" id="dynamic_ip" value="yes" <?=$chk;?>/>
959	65ff8497	jim-p	</td>
960			<td>
961			<span class="vexpl">
962	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Allow connected clients to retain their connections if their IP address changes"); ?>.<br>
963	65ff8497	jim-p	</span>
964			</td>
965			</tr>
966			</table>
967			</td>
968			</tr>
969	d799787e	Matthew Grooms	<tr>
970	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Address Pool"); ?></td>
971	d799787e	Matthew Grooms	<td width="78%" class="vtable">
972			<table border="0" cellpadding="2" cellspacing="0">
973			<tr>
974			<td>
975			<?php set_checked($pconfig['pool_enable'],$chk); ?>
976	b3cf36d7	Erik Fonnesbeck	<input name="pool_enable" type="checkbox" id="pool_enable" value="yes" <?=$chk;?>/>
977	d799787e	Matthew Grooms	</td>
978			<td>
979			<span class="vexpl">
980	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Provide a virtual adapter IP address to clients (see Tunnel Network)"); ?><br>
981	d799787e	Matthew Grooms	</span>
982			</td>
983			</tr>
984			</table>
985			</td>
986			</tr>
987			<tr>
988	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("DNS Default Domain"); ?></td>
989	d799787e	Matthew Grooms	<td width="78%" class="vtable">
990			<table border="0" cellpadding="2" cellspacing="0">
991			<tr>
992			<td>
993			<?php set_checked($pconfig['dns_domain_enable'],$chk); ?>
994			<input name="dns_domain_enable" type="checkbox" id="dns_domain_enable" value="yes" <?=$chk;?> onClick="dns_domain_change()">
995			</td>
996			<td>
997			<span class="vexpl">
998	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Provide a default domain name to clients"); ?><br>
999	d799787e	Matthew Grooms	</span>
1000			</td>
1001			</tr>
1002			</table>
1003			<table border="0" cellpadding="2" cellspacing="0" id="dns_domain_data">
1004			<tr>
1005			<td>
1006			<input name="dns_domain" type="text" class="formfld unknown" id="dns_domain" size="30" value="<?=htmlspecialchars($pconfig['dns_domain']);?>">
1007			</td>
1008			</tr>
1009			</table>
1010			</td>
1011			</tr>
1012			<tr>
1013	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("DNS Servers"); ?></td>
1014	d799787e	Matthew Grooms	<td width="78%" class="vtable">
1015			<table border="0" cellpadding="2" cellspacing="0">
1016			<tr>
1017			<td>
1018			<?php set_checked($pconfig['dns_server_enable'],$chk); ?>
1019			<input name="dns_server_enable" type="checkbox" id="dns_server_enable" value="yes" <?=$chk;?> onClick="dns_server_change()">
1020			</td>
1021			<td>
1022			<span class="vexpl">
1023	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Provide a DNS server list to clients"); ?><br>
1024	d799787e	Matthew Grooms	</span>
1025			</td>
1026			</tr>
1027			</table>
1028			<table border="0" cellpadding="2" cellspacing="0" id="dns_server_data">
1029			<tr>
1030			<td>
1031			<span class="vexpl">
1032	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Server"); ?> #1:
1033	d799787e	Matthew Grooms	</span>
1034			<input name="dns_server1" type="text" class="formfld unknown" id="dns_server1" size="20" value="<?=$pconfig['dns_server1'];?>">
1035			</td>
1036			</tr>
1037			<tr>
1038			<td>
1039			<span class="vexpl">
1040	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Server"); ?> #2:
1041	d799787e	Matthew Grooms	</span>
1042			<input name="dns_server2" type="text" class="formfld unknown" id="dns_server2" size="20" value="<?=$pconfig['dns_server2'];?>">
1043			</td>
1044			</tr>
1045			<tr>
1046			<td>
1047			<span class="vexpl">
1048	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Server"); ?> #3:
1049	d799787e	Matthew Grooms	</span>
1050			<input name="dns_server3" type="text" class="formfld unknown" id="dns_server3" size="20" value="<?=$pconfig['dns_server3'];?>">
1051			</td>
1052			</tr>
1053			<tr>
1054			<td>
1055			<span class="vexpl">
1056	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Server"); ?> #4:
1057	d799787e	Matthew Grooms	</span>
1058			<input name="dns_server4" type="text" class="formfld unknown" id="dns_server4" size="20" value="<?=$pconfig['dns_server4'];?>">
1059			</td>
1060			</tr>
1061			</table>
1062			</td>
1063			</tr>
1064			<tr>
1065	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("NTP Servers"); ?></td>
1066	d799787e	Matthew Grooms	<td width="78%" class="vtable">
1067			<table border="0" cellpadding="2" cellspacing="0">
1068			<tr>
1069			<td>
1070			<?php set_checked($pconfig['ntp_server_enable'],$chk); ?>
1071			<input name="ntp_server_enable" type="checkbox" id="ntp_server_enable" value="yes" <?=$chk;?> onClick="ntp_server_change()">
1072			</td>
1073			<td>
1074			<span class="vexpl">
1075	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Provide a NTP server list to clients"); ?><br>
1076	d799787e	Matthew Grooms	</span>
1077			</td>
1078			</tr>
1079			</table>
1080			<table border="0" cellpadding="2" cellspacing="0" id="ntp_server_data">
1081			<tr>
1082			<td>
1083			<span class="vexpl">
1084	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Server"); ?> #1:
1085	d799787e	Matthew Grooms	</span>
1086			<input name="ntp_server1" type="text" class="formfld unknown" id="ntp_server1" size="20" value="<?=$pconfig['ntp_server1'];?>">
1087			</td>
1088			</tr>
1089			<tr>
1090			<td>
1091			<span class="vexpl">
1092	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Server"); ?> #2:
1093	d799787e	Matthew Grooms	</span>
1094			<input name="ntp_server2" type="text" class="formfld unknown" id="ntp_server2" size="20" value="<?=$pconfig['ntp_server2'];?>">
1095			</td>
1096			</tr>
1097			</table>
1098			</td>
1099			</tr>
1100			<tr>
1101	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("NetBIOS Options"); ?></td>
1102	d799787e	Matthew Grooms	<td width="78%" class="vtable">
1103			<table border="0" cellpadding="2" cellspacing="0">
1104			<tr>
1105			<td>
1106			<?php set_checked($pconfig['netbios_enable'],$chk); ?>
1107			<input name="netbios_enable" type="checkbox" id="netbios_enable" value="yes" <?=$chk;?> onClick="netbios_change()">
1108			</td>
1109			<td>
1110			<span class="vexpl">
1111	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Enable NetBIOS over TCP/IP"); ?><br>
1112	d799787e	Matthew Grooms	</span>
1113			</td>
1114			</tr>
1115			</table>
1116	4d8b3382	Carlos Eduardo Ramos	<?=gettext("If this option is not set, all NetBIOS-over-TCP/IP options (including WINS) will be disabled"); ?>.
1117	d799787e	Matthew Grooms	<br/>
1118			<table border="0" cellpadding="2" cellspacing="0" id="netbios_data">
1119			<tr>
1120			<td>
1121			<br/>
1122			<span class="vexpl">
1123	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Node Type"); ?>:
1124	d799787e	Matthew Grooms	</span>
1125			<select name='netbios_ntype' class="formselect">
1126			<?php
1127			foreach ($netbios_nodetypes as $type => $name):
1128			$selected = "";
1129			if ($pconfig['netbios_ntype'] == $type)
1130			$selected = "selected";
1131			?>
1132			<option value="<?=$type;?>" <?=$selected;?>><?=$name;?></option>
1133			<?php endforeach; ?>
1134			</select>
1135			<br/>
1136	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Possible options: b-node (broadcasts), p-node " .
1137			"(point-to-point name queries to a WINS server), " .
1138			"m-node (broadcast then query name server), and " .
1139			"h-node (query name server, then broadcast)"); ?>.
1140	d799787e	Matthew Grooms	</td>
1141			</tr>
1142			<tr>
1143			<td>
1144			<br/>
1145			<span class="vexpl">
1146	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Scope ID"); ?>:
1147	d799787e	Matthew Grooms	</span>
1148			<input name="netbios_scope" type="text" class="formfld unknown" id="netbios_scope" size="30" value="<?=htmlspecialchars($pconfig['netbios_scope']);?>">
1149			<br/>
1150	4d8b3382	Carlos Eduardo Ramos	<?=gettext("A NetBIOS Scope ID provides an extended naming " .
1151			"service for NetBIOS over TCP/IP. The NetBIOS " .
1152			"scope ID isolates NetBIOS traffic on a single " .
1153			"network to only those nodes with the same " .
1154			"NetBIOS scope ID"); ?>.
1155	d799787e	Matthew Grooms	</td>
1156			</tr>
1157			</table>
1158			</td>
1159			</tr>
1160			<tr id="wins_opts">
1161	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("WINS Servers"); ?></td>
1162	d799787e	Matthew Grooms	<td width="78%" class="vtable">
1163			<table border="0" cellpadding="2" cellspacing="0">
1164			<tr>
1165			<td>
1166			<?php set_checked($pconfig['wins_server_enable'],$chk); ?>
1167			<input name="wins_server_enable" type="checkbox" id="wins_server_enable" value="yes" <?=$chk;?> onClick="wins_server_change()">
1168			</td>
1169			<td>
1170			<span class="vexpl">
1171	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Provide a WINS server list to clients"); ?><br>
1172	d799787e	Matthew Grooms	</span>
1173			</td>
1174			</tr>
1175			</table>
1176			<table border="0" cellpadding="2" cellspacing="0" id="wins_server_data">
1177			<tr>
1178			<td>
1179			<span class="vexpl">
1180	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Server"); ?> #1:
1181	d799787e	Matthew Grooms	</span>
1182			<input name="wins_server1" type="text" class="formfld unknown" id="wins_server1" size="20" value="<?=$pconfig['wins_server1'];?>">
1183			</td>
1184			</tr>
1185			<tr>
1186			<td>
1187			<span class="vexpl">
1188	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Server"); ?> #2:
1189	d799787e	Matthew Grooms	</span>
1190			<input name="wins_server2" type="text" class="formfld unknown" id="wins_server2" size="20" value="<?=$pconfig['wins_server2'];?>">
1191			</td>
1192			</tr>
1193			</table>
1194			</td>
1195			</tr>
1196	3c11bd3c	Matthew Grooms	</table>
1197
1198	2f4f30ee	Scott Ullrich	<table width="100%" border="0" cellpadding="6" cellspacing="0" id="client_opts">
1199			<tr>
1200			<td colspan="2" class="list" height="12"></td>
1201			</tr>
1202			<tr>
1203	4d8b3382	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="listtopic"><?=gettext("Advanced configuration"); ?></td>
1204	2f4f30ee	Scott Ullrich	</tr>
1205			<tr>
1206	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Advanced"); ?></td>
1207	2f4f30ee	Scott Ullrich	<td width="78%" class="vtable">
1208			<table border="0" cellpadding="2" cellspacing="0">
1209			<tr>
1210			<td>
1211	a9a613dd	Scott Ullrich	<textarea rows="6" cols="78" name="custom_options" id="custom_options"><?=$pconfig['custom_options'];?></textarea><br/>
1212	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Enter any additional options you would like to add to the OpenVPN server configuration here, separated by a semicolon"); ?><br/>
1213			<?=gettext("EXAMPLE: push \"route 10.0.0.0 255.255.255.0\""); ?>;
1214	2f4f30ee	Scott Ullrich	</td>
1215			</tr>
1216			</table>
1217			</td>
1218			</tr>
1219			</table>
1220
1221	f68fc963	Scott Ullrich	<br/>
1222
1223	3c11bd3c	Matthew Grooms	<table width="100%" border="0" cellpadding="6" cellspacing="0" id="client_opts">
1224	d799787e	Matthew Grooms	<tr>
1225			<td width="22%" valign="top"> </td>
1226			<td width="78%">
1227	4d8b3382	Carlos Eduardo Ramos	<input name="save" type="submit" class="formbtn" value="<?=gettext("Save"); ?>">
1228	d799787e	Matthew Grooms	<input name="act" type="hidden" value="<?=$act;?>">
1229			<?php if (isset($id) && $a_server[$id]): ?>
1230			<input name="id" type="hidden" value="<?=$id;?>">
1231			<?php endif; ?>
1232			</td>
1233			</tr>
1234			</table>
1235			</form>
1236
1237			<?php else: ?>
1238
1239	7128ed17	Scott Ullrich	<table class="sortable" width="100%" border="0" cellpadding="0" cellspacing="0">
1240	80fa045a	jim-p	<thead>
1241	d799787e	Matthew Grooms	<tr>
1242	4d8b3382	Carlos Eduardo Ramos	<td width="10%" class="listhdrr"><?=gettext("Disabled"); ?></td>
1243			<td width="10%" class="listhdrr"><?=gettext("Protocol / Port"); ?></td>
1244			<td width="30%" class="listhdrr"><?=gettext("Tunnel Network"); ?></td>
1245			<td width="40%" class="listhdrr"><?=gettext("Description"); ?></td>
1246	d799787e	Matthew Grooms	<td width="10%" class="list"></td>
1247			</tr>
1248	80fa045a	jim-p	</thead>
1249			<tbody>
1250	d799787e	Matthew Grooms	<?php
1251			$i = 0;
1252			foreach($a_server as $server):
1253			$disabled = "NO";
1254	870318b9	Ermal Lu?i	if (isset($server['disable']))
1255	d799787e	Matthew Grooms	$disabled = "YES";
1256			?>
1257			<tr>
1258	d3d9b0ee	Scott Ullrich	<td class="listlr" ondblclick="document.location='vpn_openvpn_server.php?act=edit&id=<?=$i;?>'">
1259	d799787e	Matthew Grooms	<?=$disabled;?>
1260			</td>
1261	d3d9b0ee	Scott Ullrich	<td class="listr" ondblclick="document.location='vpn_openvpn_server.php?act=edit&id=<?=$i;?>'">
1262	43cea754	Chris Buechler	<?=htmlspecialchars($server['protocol']);?> / <?=htmlspecialchars($server['local_port']);?>
1263	d799787e	Matthew Grooms	</td>
1264	d3d9b0ee	Scott Ullrich	<td class="listr" ondblclick="document.location='vpn_openvpn_server.php?act=edit&id=<?=$i;?>'">
1265	d799787e	Matthew Grooms	<?=htmlspecialchars($server['tunnel_network']);?>
1266			</td>
1267	d3d9b0ee	Scott Ullrich	<td class="listbg" ondblclick="document.location='vpn_openvpn_server.php?act=edit&id=<?=$i;?>'">
1268	d799787e	Matthew Grooms	<?=htmlspecialchars($server['description']);?>
1269			</td>
1270			<td valign="middle" nowrap class="list">
1271			<a href="vpn_openvpn_server.php?act=edit&id=<?=$i;?>">
1272	4d8b3382	Carlos Eduardo Ramos	<img src="./themes/<?=$g['theme'];?>/images/icons/icon_e.gif" title="<?=gettext("edit server"); ?>" width="17" height="17" border="0">
1273	d799787e	Matthew Grooms	</a>
1274
1275	4d8b3382	Carlos Eduardo Ramos	<a href="vpn_openvpn_server.php?act=del&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this server?"); ?>')">
1276			<img src="/themes/<?=$g['theme'];?>/images/icons/icon_x.gif" title="<?=gettext("delete server"); ?>" width="17" height="17" border="0">
1277	d799787e	Matthew Grooms	</a>
1278			</td>
1279			</tr>
1280			<?php
1281			$i++;
1282			endforeach;
1283			?>
1284	80fa045a	jim-p	</tbody>
1285			<tfoot>
1286	d799787e	Matthew Grooms	<tr>
1287			<td class="list" colspan="4"></td>
1288			<td class="list">
1289	4d8b3382	Carlos Eduardo Ramos	<a href="vpn_openvpn_server.php?act=new"><img src="./themes/<?=$g['theme'];?>/images/icons/icon_plus.gif" title="<?=gettext("add server"); ?>" width="17" height="17" border="0">
1290	d799787e	Matthew Grooms	</a>
1291			</td>
1292			</tr>
1293	80fa045a	jim-p	</tfoot>
1294	d799787e	Matthew Grooms	</table>
1295
1296	7128ed17	Scott Ullrich	<?=gettext("Additional OpenVPN servers can be added here.");?>
1297
1298	ee9933b6	Renato Botelho	<?php endif; ?>
1299	d799787e	Matthew Grooms
1300			</td>
1301			</tr>
1302			</table>
1303			<script language="JavaScript">
1304			<!--
1305	3c11bd3c	Matthew Grooms	mode_change();
1306			autokey_change();
1307			tlsauth_change();
1308	d799787e	Matthew Grooms	gwredir_change();
1309			dns_domain_change();
1310			dns_server_change();
1311			wins_server_change();
1312			ntp_server_change();
1313			netbios_change();
1314			//-->
1315			</script>
1316			</body>
1317			<?php include("fend.inc"); ?>
1318
1319			<?php
1320
1321			/* local utility functions */
1322
1323			function set_checked($var,& $chk) {
1324			if($var)
1325			$chk = 'checked';
1326			else
1327			$chk = '';
1328			}
1329
1330	4d8b3382	Carlos Eduardo Ramos	?>

Project

General

Profile

pfSense