/usr/local/www/vpn_openvpn_server.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/usr/local/www/vpn_openvpn_server.php @ 8cd558b6

1	d799787e	Matthew Grooms	<?php
2			/*
3			vpn_openvpn_server.php
4
5			Copyright (C) 2008 Shrew Soft Inc.
6			All rights reserved.
7
8			Redistribution and use in source and binary forms, with or without
9			modification, are permitted provided that the following conditions are met:
10
11			1. Redistributions of source code must retain the above copyright notice,
12			this list of conditions and the following disclaimer.
13
14			2. Redistributions in binary form must reproduce the above copyright
15			notice, this list of conditions and the following disclaimer in the
16			documentation and/or other materials provided with the distribution.
17
18			THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
19			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
20			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
21			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
22			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
24			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
25			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
26			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
27			POSSIBILITY OF SUCH DAMAGE.
28			*/
29
30			##\|+PRIV
31			##\|*IDENT=page-openvpn-server
32			##\|*NAME=OpenVPN: Server page
33			##\|*DESCR=Allow access to the 'OpenVPN: Server' page.
34			##\|MATCH=vpn_openvpn_server.php
35			##\|-PRIV
36
37			require("guiconfig.inc");
38	d84bd468	Ermal Lu?i	require_once("openvpn.inc");
39	d799787e	Matthew Grooms
40			if (!is_array($config['openvpn']['openvpn-server']))
41			$config['openvpn']['openvpn-server'] = array();
42
43			$a_server = &$config['openvpn']['openvpn-server'];
44
45	428e66b6	jim-p	if (!is_array($config['ca']))
46			$config['ca'] = array();
47
48			$a_ca =& $config['ca'];
49
50			if (!is_array($config['cert']))
51			$config['cert'] = array();
52
53			$a_cert =& $config['cert'];
54
55			if (!is_array($config['crl']))
56			$config['crl'] = array();
57
58			$a_crl =& $config['crl'];
59
60	c1f95f5c	jim-p	foreach ($a_crl as $cid => $acrl)
61			if (!isset($acrl['refid']))
62			unset ($a_crl[$cid]);
63
64	e41ec584	Renato Botelho	if (is_numericint($_GET['id']))
65			$id = $_GET['id'];
66			if (isset($_POST['id']) && is_numericint($_POST['id']))
67	d799787e	Matthew Grooms	$id = $_POST['id'];
68
69			$act = $_GET['act'];
70			if (isset($_POST['act']))
71			$act = $_POST['act'];
72
73	6d9b1074	jim-p	if (isset($id) && $a_server[$id])
74			$vpnid = $a_server[$id]['vpnid'];
75			else
76			$vpnid = 0;
77
78	d799787e	Matthew Grooms	if ($_GET['act'] == "del") {
79
80	767cf960	jim-p	if (!isset($a_server[$id])) {
81	d799787e	Matthew Grooms	pfSenseHeader("vpn_openvpn_server.php");
82			exit;
83			}
84	767cf960	jim-p	if (!empty($a_server[$id]))
85			openvpn_delete('server', $a_server[$id]);
86	d799787e	Matthew Grooms	unset($a_server[$id]);
87			write_config();
88	8cd558b6	ayvis	$savemsg = gettext("Server successfully deleted")."<br />";
89	d799787e	Matthew Grooms	}
90
91	f432e364	Matthew Grooms	if($_GET['act']=="new"){
92	3c11bd3c	Matthew Grooms	$pconfig['autokey_enable'] = "yes";
93			$pconfig['tlsauth_enable'] = "yes";
94			$pconfig['autotls_enable'] = "yes";
95	fe787fc7	Matthew Grooms	$pconfig['dh_length'] = 1024;
96	4936ff53	jim-p	$pconfig['dev_mode'] = "tun";
97	f432e364	Matthew Grooms	$pconfig['interface'] = "wan";
98	8cd0a3fa	jim-p	$pconfig['local_port'] = openvpn_port_next('UDP');
99	f432e364	Matthew Grooms	$pconfig['pool_enable'] = "yes";
100	41936acc	jim-p	$pconfig['cert_depth'] = 1;
101	97d5b59b	jim-p	// OpenVPN Defaults to SHA1
102			$pconfig['digest'] = "SHA1";
103	f432e364	Matthew Grooms	}
104
105	d799787e	Matthew Grooms	if($_GET['act']=="edit"){
106
107			if (isset($id) && $a_server[$id]) {
108	870318b9	Ermal Lu?i	$pconfig['disable'] = isset($a_server[$id]['disable']);
109	3c11bd3c	Matthew Grooms	$pconfig['mode'] = $a_server[$id]['mode'];
110	d799787e	Matthew Grooms	$pconfig['protocol'] = $a_server[$id]['protocol'];
111	e8a58de4	Ermal Lu?i	$pconfig['authmode'] = $a_server[$id]['authmode'];
112	4936ff53	jim-p	$pconfig['dev_mode'] = $a_server[$id]['dev_mode'];
113	d799787e	Matthew Grooms	$pconfig['interface'] = $a_server[$id]['interface'];
114	67b0902f	pierrepomes	if (!empty($a_server[$id]['ipaddr'])) {
115			$pconfig['interface'] = $pconfig['interface'] . '\|' . $a_server[$id]['ipaddr'];
116			}
117	d799787e	Matthew Grooms	$pconfig['local_port'] = $a_server[$id]['local_port'];
118			$pconfig['description'] = $a_server[$id]['description'];
119	a9a613dd	Scott Ullrich	$pconfig['custom_options'] = $a_server[$id]['custom_options'];
120	d799787e	Matthew Grooms
121	3c11bd3c	Matthew Grooms	if ($pconfig['mode'] != "p2p_shared_key") {
122			if ($a_server[$id]['tls']) {
123			$pconfig['tlsauth_enable'] = "yes";
124			$pconfig['tls'] = base64_decode($a_server[$id]['tls']);
125			}
126	fe787fc7	Matthew Grooms	$pconfig['caref'] = $a_server[$id]['caref'];
127	6db02381	jim-p	$pconfig['crlref'] = $a_server[$id]['crlref'];
128	fe787fc7	Matthew Grooms	$pconfig['certref'] = $a_server[$id]['certref'];
129			$pconfig['dh_length'] = $a_server[$id]['dh_length'];
130	41936acc	jim-p	if (isset($a_server[$id]['cert_depth']))
131			$pconfig['cert_depth'] = $a_server[$id]['cert_depth'];
132			else
133			$pconfig['cert_depth'] = 1;
134	94823361	jim-p	if ($pconfig['mode'] == "server_tls_user")
135			$pconfig['strictusercn'] = $a_server[$id]['strictusercn'];
136	3c11bd3c	Matthew Grooms	} else
137			$pconfig['shared_key'] = base64_decode($a_server[$id]['shared_key']);
138	d799787e	Matthew Grooms	$pconfig['crypto'] = $a_server[$id]['crypto'];
139	97d5b59b	jim-p	// OpenVPN Defaults to SHA1 if unset
140			$pconfig['digest'] = !empty($a_server[$id]['digest']) ? $a_server[$id]['digest'] : "SHA1";
141	582c58ae	jim-p	$pconfig['engine'] = $a_server[$id]['engine'];
142	d799787e	Matthew Grooms
143			$pconfig['tunnel_network'] = $a_server[$id]['tunnel_network'];
144	b1ba04cf	Seth Mos	$pconfig['tunnel_networkv6'] = $a_server[$id]['tunnel_networkv6'];
145	1ab6bdb5	jim-p
146	d799787e	Matthew Grooms	$pconfig['remote_network'] = $a_server[$id]['remote_network'];
147	4856df9b	jim-p	$pconfig['remote_networkv6'] = $a_server[$id]['remote_networkv6'];
148	d799787e	Matthew Grooms	$pconfig['gwredir'] = $a_server[$id]['gwredir'];
149			$pconfig['local_network'] = $a_server[$id]['local_network'];
150	b1ba04cf	Seth Mos	$pconfig['local_networkv6'] = $a_server[$id]['local_networkv6'];
151	d799787e	Matthew Grooms	$pconfig['maxclients'] = $a_server[$id]['maxclients'];
152			$pconfig['compression'] = $a_server[$id]['compression'];
153	1cb0b40a	Matthew Grooms	$pconfig['passtos'] = $a_server[$id]['passtos'];
154	d799787e	Matthew Grooms	$pconfig['client2client'] = $a_server[$id]['client2client'];
155
156	65ff8497	jim-p	$pconfig['dynamic_ip'] = $a_server[$id]['dynamic_ip'];
157	d799787e	Matthew Grooms	$pconfig['pool_enable'] = $a_server[$id]['pool_enable'];
158	ee55ce7d	jim-p	$pconfig['topology_subnet'] = $a_server[$id]['topology_subnet'];
159	d799787e	Matthew Grooms
160	1ab6bdb5	jim-p	$pconfig['serverbridge_dhcp'] = $a_server[$id]['serverbridge_dhcp'];
161			$pconfig['serverbridge_interface'] = $a_server[$id]['serverbridge_interface'];
162			$pconfig['serverbridge_dhcp_start'] = $a_server[$id]['serverbridge_dhcp_start'];
163			$pconfig['serverbridge_dhcp_end'] = $a_server[$id]['serverbridge_dhcp_end'];
164
165	d799787e	Matthew Grooms	$pconfig['dns_domain'] = $a_server[$id]['dns_domain'];
166			if ($pconfig['dns_domain'])
167			$pconfig['dns_domain_enable'] = true;
168
169			$pconfig['dns_server1'] = $a_server[$id]['dns_server1'];
170			$pconfig['dns_server2'] = $a_server[$id]['dns_server2'];
171			$pconfig['dns_server3'] = $a_server[$id]['dns_server3'];
172			$pconfig['dns_server4'] = $a_server[$id]['dns_server4'];
173			if ($pconfig['dns_server1'] \|\|
174			$pconfig['dns_server2'] \|\|
175			$pconfig['dns_server3'] \|\|
176			$pconfig['dns_server4'])
177			$pconfig['dns_server_enable'] = true;
178
179			$pconfig['ntp_server1'] = $a_server[$id]['ntp_server1'];
180			$pconfig['ntp_server2'] = $a_server[$id]['ntp_server2'];
181			if ($pconfig['ntp_server1'] \|\|
182			$pconfig['ntp_server2'])
183			$pconfig['ntp_server_enable'] = true;
184
185			$pconfig['netbios_enable'] = $a_server[$id]['netbios_enable'];
186			$pconfig['netbios_ntype'] = $a_server[$id]['netbios_ntype'];
187			$pconfig['netbios_scope'] = $a_server[$id]['netbios_scope'];
188
189			$pconfig['wins_server1'] = $a_server[$id]['wins_server1'];
190			$pconfig['wins_server2'] = $a_server[$id]['wins_server2'];
191			if ($pconfig['wins_server1'] \|\|
192			$pconfig['wins_server2'])
193			$pconfig['wins_server_enable'] = true;
194
195	faf61f12	Phil Davis	$pconfig['client_mgmt_port'] = $a_server[$id]['client_mgmt_port'];
196			if ($pconfig['client_mgmt_port'])
197			$pconfig['client_mgmt_port_enable'] = true;
198
199	d799787e	Matthew Grooms	$pconfig['nbdd_server1'] = $a_server[$id]['nbdd_server1'];
200			if ($pconfig['nbdd_server1'])
201			$pconfig['nbdd_server_enable'] = true;
202	3c11bd3c	Matthew Grooms
203			// just in case the modes switch
204			$pconfig['autokey_enable'] = "yes";
205			$pconfig['autotls_enable'] = "yes";
206	bca35cff	jim-p
207			$pconfig['duplicate_cn'] = isset($a_server[$id]['duplicate_cn']);
208	d799787e	Matthew Grooms	}
209			}
210			if ($_POST) {
211
212			unset($input_errors);
213			$pconfig = $_POST;
214
215	f432e364	Matthew Grooms	if (isset($id) && $a_server[$id])
216			$vpnid = $a_server[$id]['vpnid'];
217			else
218			$vpnid = 0;
219
220	198bb449	jim-p	list($iv_iface, $iv_ip) = explode ("\|",$pconfig['interface']);
221			if (is_ipaddrv4($iv_ip) && (stristr($pconfig['protocol'], "6") !== false)) {
222			$input_errors[] = gettext("Protocol and IP address families do not match. You cannot select an IPv6 protocol and an IPv4 IP address.");
223			} elseif (is_ipaddrv6($iv_ip) && (stristr($pconfig['protocol'], "6") === false)) {
224			$input_errors[] = gettext("Protocol and IP address families do not match. You cannot select an IPv4 protocol and an IPv6 IP address.");
225	489f484c	jim-p	} elseif ((stristr($pconfig['protocol'], "6") === false) && !get_interface_ip($iv_iface) && ($pconfig['interface'] != "any")) {
226	198bb449	jim-p	$input_errors[] = gettext("An IPv4 protocol was selected, but the selected interface has no IPv4 address.");
227	489f484c	jim-p	} elseif ((stristr($pconfig['protocol'], "6") !== false) && !get_interface_ipv6($iv_iface) && ($pconfig['interface'] != "any")) {
228	198bb449	jim-p	$input_errors[] = gettext("An IPv6 protocol was selected, but the selected interface has no IPv6 address.");
229			}
230
231	98c0c87a	jim-p	if ($pconfig['mode'] != "p2p_shared_key")
232	3c11bd3c	Matthew Grooms	$tls_mode = true;
233			else
234			$tls_mode = false;
235
236	b0b6d575	jim-p	if (empty($pconfig['authmode']) && (($pconfig['mode'] == "server_user") \|\| ($pconfig['mode'] == "server_tls_user")))
237			$input_errors[] = gettext("You must select a Backend for Authentication if the server mode requires User Auth.");
238
239	d799787e	Matthew Grooms	/* input validation */
240			if ($result = openvpn_validate_port($pconfig['local_port'], 'Local port'))
241			$input_errors[] = $result;
242
243	a28d40cb	jim-p	if ($result = openvpn_validate_cidr($pconfig['tunnel_network'], 'IPv4 Tunnel Network', false, "ipv4"))
244	d799787e	Matthew Grooms	$input_errors[] = $result;
245
246	a28d40cb	jim-p	if ($result = openvpn_validate_cidr($pconfig['tunnel_networkv6'], 'IPv6 Tunnel Network', false, "ipv6"))
247	d799787e	Matthew Grooms	$input_errors[] = $result;
248
249	a28d40cb	jim-p	if ($result = openvpn_validate_cidr($pconfig['remote_network'], 'IPv4 Remote Network', true, "ipv4"))
250			$input_errors[] = $result;
251
252			if ($result = openvpn_validate_cidr($pconfig['remote_networkv6'], 'IPv6 Remote Network', true, "ipv6"))
253			$input_errors[] = $result;
254
255			if ($result = openvpn_validate_cidr($pconfig['local_network'], 'IPv4 Local Network', true, "ipv4"))
256			$input_errors[] = $result;
257
258			if ($result = openvpn_validate_cidr($pconfig['local_networkv6'], 'IPv6 Local Network', true, "ipv6"))
259	d799787e	Matthew Grooms	$input_errors[] = $result;
260
261	49b76122	Renato Botelho	$portused = openvpn_port_used($pconfig['protocol'], $pconfig['interface'], $pconfig['local_port'], $vpnid);
262	5accf130	jim-p	if (($portused != $vpnid) && ($portused != 0))
263	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The specified 'Local port' is in use. Please select another value");
264	f432e364	Matthew Grooms
265	89e6e210	jim-p	if ($pconfig['autokey_enable'])
266			$pconfig['shared_key'] = openvpn_create_key();
267
268	3c11bd3c	Matthew Grooms	if (!$tls_mode && !$pconfig['autokey_enable'])
269	d799787e	Matthew Grooms	if (!strstr($pconfig['shared_key'], "-----BEGIN OpenVPN Static key V1-----") \|\|
270			!strstr($pconfig['shared_key'], "-----END OpenVPN Static key V1-----"))
271	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'Shared Key' does not appear to be valid");
272	3c11bd3c	Matthew Grooms
273			if ($tls_mode && $pconfig['tlsauth_enable'] && !$pconfig['autotls_enable'])
274			if (!strstr($pconfig['tls'], "-----BEGIN OpenVPN Static key V1-----") \|\|
275			!strstr($pconfig['tls'], "-----END OpenVPN Static key V1-----"))
276	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'TLS Authentication Key' does not appear to be valid");
277	d799787e	Matthew Grooms
278			if ($pconfig['dns_server_enable']) {
279			if (!empty($pconfig['dns_server1']) && !is_ipaddr(trim($pconfig['dns_server1'])))
280	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'DNS Server #1' must contain a valid IP address");
281	d799787e	Matthew Grooms	if (!empty($pconfig['dns_server2']) && !is_ipaddr(trim($pconfig['dns_server2'])))
282	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'DNS Server #2' must contain a valid IP address");
283	d799787e	Matthew Grooms	if (!empty($pconfig['dns_server3']) && !is_ipaddr(trim($pconfig['dns_server3'])))
284	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'DNS Server #3' must contain a valid IP address");
285	d799787e	Matthew Grooms	if (!empty($pconfig['dns_server4']) && !is_ipaddr(trim($pconfig['dns_server4'])))
286	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'DNS Server #4' must contain a valid IP address");
287	d799787e	Matthew Grooms	}
288
289			if ($pconfig['ntp_server_enable']) {
290			if (!empty($pconfig['ntp_server1']) && !is_ipaddr(trim($pconfig['ntp_server1'])))
291	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'NTP Server #1' must contain a valid IP address");
292	d799787e	Matthew Grooms	if (!empty($pconfig['ntp_server2']) && !is_ipaddr(trim($pconfig['ntp_server2'])))
293	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'NTP Server #2' must contain a valid IP address");
294	d799787e	Matthew Grooms	if (!empty($pconfig['ntp_server3']) && !is_ipaddr(trim($pconfig['ntp_server3'])))
295	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'NTP Server #3' must contain a valid IP address");
296	d799787e	Matthew Grooms	if (!empty($pconfig['ntp_server4']) && !is_ipaddr(trim($pconfig['ntp_server4'])))
297	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'NTP Server #4' must contain a valid IP address");
298	d799787e	Matthew Grooms	}
299
300			if ($pconfig['netbios_enable']) {
301			if ($pconfig['wins_server_enable']) {
302			if (!empty($pconfig['wins_server1']) && !is_ipaddr(trim($pconfig['wins_server1'])))
303	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'WINS Server #1' must contain a valid IP address");
304	d799787e	Matthew Grooms	if (!empty($pconfig['wins_server2']) && !is_ipaddr(trim($pconfig['wins_server2'])))
305	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'WINS Server #2' must contain a valid IP address");
306	d799787e	Matthew Grooms	}
307			if ($pconfig['nbdd_server_enable'])
308			if (!empty($pconfig['nbdd_server1']) && !is_ipaddr(trim($pconfig['nbdd_server1'])))
309	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'NetBIOS Data Distribution Server #1' must contain a valid IP address");
310	d799787e	Matthew Grooms	}
311
312	faf61f12	Phil Davis	if ($pconfig['client_mgmt_port_enable']) {
313			if ($result = openvpn_validate_port($pconfig['client_mgmt_port'], 'Client management port'))
314			$input_errors[] = $result;
315			}
316
317	d799787e	Matthew Grooms	if ($pconfig['maxclients'] && !is_numeric($pconfig['maxclients']))
318	4d8b3382	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'Concurrent connections' must be numeric.");
319	d799787e	Matthew Grooms
320	21c776dd	jim-p	/* If we are not in shared key mode, then we need the CA/Cert. */
321			if ($pconfig['mode'] != "p2p_shared_key") {
322	872d9195	Matthew Grooms	$reqdfields = explode(" ", "caref certref");
323	fe6d7a55	jim-p	$reqdfieldsn = array(gettext("Certificate Authority"),gettext("Certificate"));
324	21c776dd	jim-p	} elseif (!$pconfig['autokey_enable']) {
325			/* We only need the shared key filled in if we are in shared key mode and autokey is not selected. */
326			$reqdfields = array('shared_key');
327	4d8b3382	Carlos Eduardo Ramos	$reqdfieldsn = array(gettext('Shared key'));
328	d799787e	Matthew Grooms	}
329
330	1ab6bdb5	jim-p	if ($pconfig['dev_mode'] != "tap") {
331			$reqdfields[] = 'tunnel_network';
332			$reqdfieldsn[] = gettext('Tunnel network');
333			} else {
334	74a556a3	jim-p	if ($pconfig['serverbridge_dhcp'] && $pconfig['tunnel_network'])
335			$input_errors[] = gettext("Using a tunnel network and server bridge settings together is not allowed.");
336	1ab6bdb5	jim-p	if (($pconfig['serverbridge_dhcp_start'] && !$pconfig['serverbridge_dhcp_end'])
337			\|\| (!$pconfig['serverbridge_dhcp_start'] && $pconfig['serverbridge_dhcp_end']))
338			$input_errors[] = gettext("Server Bridge DHCP Start and End must both be empty, or defined.");
339			if (($pconfig['serverbridge_dhcp_start'] && !is_ipaddrv4($pconfig['serverbridge_dhcp_start'])))
340			$input_errors[] = gettext("Server Bridge DHCP Start must be an IPv4 address.");
341			if (($pconfig['serverbridge_dhcp_end'] && !is_ipaddrv4($pconfig['serverbridge_dhcp_end'])))
342			$input_errors[] = gettext("Server Bridge DHCP End must be an IPv4 address.");
343			if (ip2ulong($pconfig['serverbridge_dhcp_start']) > ip2ulong($pconfig['serverbridge_dhcp_end']))
344			$input_errors[] = gettext("The Server Bridge DHCP range is invalid (start higher than end).");
345			}
346	1e9b4611	Renato Botelho	do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
347	d799787e	Matthew Grooms
348			if (!$input_errors) {
349
350			$server = array();
351
352	da601f8e	PiBa-NL	if ($id && $pconfig['dev_mode'] <> $a_server[$id]['dev_mode'])
353			openvpn_delete('server', $a_server[$id]);// delete(rename) old interface so a new TUN or TAP interface can be created.
354
355	f432e364	Matthew Grooms	if ($vpnid)
356			$server['vpnid'] = $vpnid;
357	e28120e5	Matthew Grooms	else
358	d799787e	Matthew Grooms	$server['vpnid'] = openvpn_vpnid_next();
359
360	870318b9	Ermal Lu?i	if ($_POST['disable'] == "yes")
361			$server['disable'] = true;
362	3c11bd3c	Matthew Grooms	$server['mode'] = $pconfig['mode'];
363	8a47c190	Ermal Lu?i	if (!empty($pconfig['authmode']))
364			$server['authmode'] = implode(",", $pconfig['authmode']);
365	d799787e	Matthew Grooms	$server['protocol'] = $pconfig['protocol'];
366	4936ff53	jim-p	$server['dev_mode'] = $pconfig['dev_mode'];
367	67b0902f	pierrepomes	list($server['interface'], $server['ipaddr']) = explode ("\|",$pconfig['interface']);
368	d799787e	Matthew Grooms	$server['local_port'] = $pconfig['local_port'];
369			$server['description'] = $pconfig['description'];
370	e3bbd29a	Ermal	$server['custom_options'] = str_replace("\r\n", "\n", $pconfig['custom_options']);
371	d799787e	Matthew Grooms
372	3c11bd3c	Matthew Grooms	if ($tls_mode) {
373			if ($pconfig['tlsauth_enable']) {
374			if ($pconfig['autotls_enable'])
375			$pconfig['tls'] = openvpn_create_key();
376			$server['tls'] = base64_encode($pconfig['tls']);
377			}
378	fe787fc7	Matthew Grooms	$server['caref'] = $pconfig['caref'];
379	6db02381	jim-p	$server['crlref'] = $pconfig['crlref'];
380	fe787fc7	Matthew Grooms	$server['certref'] = $pconfig['certref'];
381			$server['dh_length'] = $pconfig['dh_length'];
382	98963f27	jim-p	$server['cert_depth'] = $pconfig['cert_depth'];
383	94823361	jim-p	if ($pconfig['mode'] == "server_tls_user")
384			$server['strictusercn'] = $pconfig['strictusercn'];
385	3c11bd3c	Matthew Grooms	} else {
386			$server['shared_key'] = base64_encode($pconfig['shared_key']);
387	d799787e	Matthew Grooms	}
388			$server['crypto'] = $pconfig['crypto'];
389	97d5b59b	jim-p	$server['digest'] = $pconfig['digest'];
390	582c58ae	jim-p	$server['engine'] = $pconfig['engine'];
391	d799787e	Matthew Grooms
392			$server['tunnel_network'] = $pconfig['tunnel_network'];
393	b1ba04cf	Seth Mos	$server['tunnel_networkv6'] = $pconfig['tunnel_networkv6'];
394	d799787e	Matthew Grooms	$server['remote_network'] = $pconfig['remote_network'];
395	4856df9b	jim-p	$server['remote_networkv6'] = $pconfig['remote_networkv6'];
396	d799787e	Matthew Grooms	$server['gwredir'] = $pconfig['gwredir'];
397			$server['local_network'] = $pconfig['local_network'];
398	b1ba04cf	Seth Mos	$server['local_networkv6'] = $pconfig['local_networkv6'];
399	d799787e	Matthew Grooms	$server['maxclients'] = $pconfig['maxclients'];
400			$server['compression'] = $pconfig['compression'];
401	1cb0b40a	Matthew Grooms	$server['passtos'] = $pconfig['passtos'];
402	d799787e	Matthew Grooms	$server['client2client'] = $pconfig['client2client'];
403
404	65ff8497	jim-p	$server['dynamic_ip'] = $pconfig['dynamic_ip'];
405	d799787e	Matthew Grooms	$server['pool_enable'] = $pconfig['pool_enable'];
406	ee55ce7d	jim-p	$server['topology_subnet'] = $pconfig['topology_subnet'];
407	d799787e	Matthew Grooms
408	1ab6bdb5	jim-p	$server['serverbridge_dhcp'] = $pconfig['serverbridge_dhcp'];
409			$server['serverbridge_interface'] = $pconfig['serverbridge_interface'];
410			$server['serverbridge_dhcp_start'] = $pconfig['serverbridge_dhcp_start'];
411			$server['serverbridge_dhcp_end'] = $pconfig['serverbridge_dhcp_end'];
412
413	d799787e	Matthew Grooms	if ($pconfig['dns_domain_enable'])
414			$server['dns_domain'] = $pconfig['dns_domain'];
415
416			if ($pconfig['dns_server_enable']) {
417			$server['dns_server1'] = $pconfig['dns_server1'];
418			$server['dns_server2'] = $pconfig['dns_server2'];
419			$server['dns_server3'] = $pconfig['dns_server3'];
420			$server['dns_server4'] = $pconfig['dns_server4'];
421			}
422
423			if ($pconfig['ntp_server_enable']) {
424			$server['ntp_server1'] = $pconfig['ntp_server1'];
425			$server['ntp_server2'] = $pconfig['ntp_server2'];
426			}
427
428			$server['netbios_enable'] = $pconfig['netbios_enable'];
429			$server['netbios_ntype'] = $pconfig['netbios_ntype'];
430			$server['netbios_scope'] = $pconfig['netbios_scope'];
431
432			if ($pconfig['netbios_enable']) {
433
434			if ($pconfig['wins_server_enable']) {
435			$server['wins_server1'] = $pconfig['wins_server1'];
436			$server['wins_server2'] = $pconfig['wins_server2'];
437			}
438
439			if ($pconfig['dns_server_enable'])
440			$server['nbdd_server1'] = $pconfig['nbdd_server1'];
441			}
442	bca35cff	jim-p
443	faf61f12	Phil Davis	if ($pconfig['client_mgmt_port_enable'])
444			$server['client_mgmt_port'] = $pconfig['client_mgmt_port'];
445
446	bca35cff	jim-p	if ($_POST['duplicate_cn'] == "yes")
447			$server['duplicate_cn'] = true;
448
449	d799787e	Matthew Grooms	if (isset($id) && $a_server[$id])
450			$a_server[$id] = $server;
451			else
452			$a_server[] = $server;
453
454	dc408939	Matthew Grooms	openvpn_resync('server', $server);
455	d799787e	Matthew Grooms	write_config();
456
457			header("Location: vpn_openvpn_server.php");
458			exit;
459			}
460	8a47c190	Ermal Lu?i	if (!empty($pconfig['authmode']))
461			$pconfig['authmode'] = implode(",", $pconfig['authmode']);
462	d799787e	Matthew Grooms	}
463	6d9b1074	jim-p	$pgtitle = array(gettext("OpenVPN"), gettext("Server"));
464			$shortcut_section = "openvpn";
465	d799787e	Matthew Grooms
466			include("head.inc");
467
468			?>
469
470			<body link="#000000" vlink="#000000" alink="#000000" onload="<?= $jsevents["body"]["onload"] ?>">
471			<?php include("fbegin.inc"); ?>
472			<script language="JavaScript">
473			<!--
474
475	3c11bd3c	Matthew Grooms	function mode_change() {
476			index = document.iform.mode.selectedIndex;
477			value = document.iform.mode.options[index].value;
478	d799787e	Matthew Grooms	switch(value) {
479	3c11bd3c	Matthew Grooms	case "p2p_tls":
480			case "server_tls":
481			case "server_user":
482	94823361	jim-p	document.getElementById("tls").style.display="";
483			document.getElementById("tls_ca").style.display="";
484			document.getElementById("tls_crl").style.display="";
485			document.getElementById("tls_cert").style.display="";
486			document.getElementById("tls_dh").style.display="";
487	98963f27	jim-p	document.getElementById("cert_depth").style.display="";
488	94823361	jim-p	document.getElementById("strictusercn").style.display="none";
489			document.getElementById("psk").style.display="none";
490			break;
491	3c11bd3c	Matthew Grooms	case "server_tls_user":
492			document.getElementById("tls").style.display="";
493			document.getElementById("tls_ca").style.display="";
494	6db02381	jim-p	document.getElementById("tls_crl").style.display="";
495	3c11bd3c	Matthew Grooms	document.getElementById("tls_cert").style.display="";
496	fe787fc7	Matthew Grooms	document.getElementById("tls_dh").style.display="";
497	98963f27	jim-p	document.getElementById("cert_depth").style.display="";
498	94823361	jim-p	document.getElementById("strictusercn").style.display="";
499	d799787e	Matthew Grooms	document.getElementById("psk").style.display="none";
500			break;
501	3c11bd3c	Matthew Grooms	case "p2p_shared_key":
502			document.getElementById("tls").style.display="none";
503			document.getElementById("tls_ca").style.display="none";
504	6db02381	jim-p	document.getElementById("tls_crl").style.display="none";
505	3c11bd3c	Matthew Grooms	document.getElementById("tls_cert").style.display="none";
506	fe787fc7	Matthew Grooms	document.getElementById("tls_dh").style.display="none";
507	98963f27	jim-p	document.getElementById("cert_depth").style.display="none";
508	94823361	jim-p	document.getElementById("strictusercn").style.display="none";
509	d799787e	Matthew Grooms	document.getElementById("psk").style.display="";
510			break;
511			}
512	3c11bd3c	Matthew Grooms	switch(value) {
513			case "p2p_shared_key":
514			document.getElementById("client_opts").style.display="none";
515	415bddea	jim-p	document.getElementById("remote_optsv4").style.display="";
516			document.getElementById("remote_optsv6").style.display="";
517	a2ff08f8	jim-p	document.getElementById("gwredir_opts").style.display="none";
518	4856df9b	jim-p	document.getElementById("local_optsv4").style.display="none";
519			document.getElementById("local_optsv6").style.display="none";
520	b008c1eb	jim-p	document.getElementById("authmodetr").style.display="none";
521	107794cc	jim-p	document.getElementById("inter_client_communication").style.display="none";
522	b008c1eb	jim-p	break;
523			case "p2p_tls":
524			document.getElementById("client_opts").style.display="none";
525	415bddea	jim-p	document.getElementById("remote_optsv4").style.display="";
526			document.getElementById("remote_optsv6").style.display="";
527	a2ff08f8	jim-p	document.getElementById("gwredir_opts").style.display="";
528	4856df9b	jim-p	document.getElementById("local_optsv4").style.display="";
529			document.getElementById("local_optsv6").style.display="";
530	e8a58de4	Ermal Lu?i	document.getElementById("authmodetr").style.display="none";
531	107794cc	jim-p	document.getElementById("inter_client_communication").style.display="none";
532	3c11bd3c	Matthew Grooms	break;
533	e8a58de4	Ermal Lu?i	case "server_user":
534			case "server_tls_user":
535			document.getElementById("authmodetr").style.display="";
536	54b9de56	Ermal Lu?i	document.getElementById("client_opts").style.display="";
537	415bddea	jim-p	document.getElementById("remote_optsv4").style.display="none";
538			document.getElementById("remote_optsv6").style.display="none";
539	a2ff08f8	jim-p	document.getElementById("gwredir_opts").style.display="";
540	4856df9b	jim-p	document.getElementById("local_optsv4").style.display="";
541			document.getElementById("local_optsv6").style.display="";
542	107794cc	jim-p	document.getElementById("inter_client_communication").style.display="";
543	54b9de56	Ermal Lu?i	break;
544			case "server_tls":
545			document.getElementById("authmodetr").style.display="none";
546	3c11bd3c	Matthew Grooms	default:
547			document.getElementById("client_opts").style.display="";
548	415bddea	jim-p	document.getElementById("remote_optsv4").style.display="none";
549			document.getElementById("remote_optsv6").style.display="none";
550	a2ff08f8	jim-p	document.getElementById("gwredir_opts").style.display="";
551	4856df9b	jim-p	document.getElementById("local_optsv4").style.display="";
552			document.getElementById("local_optsv6").style.display="";
553	107794cc	jim-p	document.getElementById("inter_client_communication").style.display="";
554	3c11bd3c	Matthew Grooms	break;
555			}
556	a2ff08f8	jim-p	gwredir_change();
557	3c11bd3c	Matthew Grooms	}
558
559			function autokey_change() {
560
561	f54712b6	jim-p	if ((document.iform.autokey_enable != null) && (document.iform.autokey_enable.checked))
562	3c11bd3c	Matthew Grooms	document.getElementById("autokey_opts").style.display="none";
563			else
564			document.getElementById("autokey_opts").style.display="";
565			}
566
567			function tlsauth_change() {
568
569			<?php if (!$pconfig['tls']): ?>
570			if (document.iform.tlsauth_enable.checked)
571			document.getElementById("tlsauth_opts").style.display="";
572			else
573			document.getElementById("tlsauth_opts").style.display="none";
574			<?php endif; ?>
575
576			autotls_change();
577			}
578
579			function autotls_change() {
580
581			<?php if (!$pconfig['tls']): ?>
582			autocheck = document.iform.autotls_enable.checked;
583			<?php else: ?>
584			autocheck = false;
585			<?php endif; ?>
586
587			if (document.iform.tlsauth_enable.checked && !autocheck)
588			document.getElementById("autotls_opts").style.display="";
589			else
590			document.getElementById("autotls_opts").style.display="none";
591	d799787e	Matthew Grooms	}
592
593			function gwredir_change() {
594
595	fd96a3fc	bcyrill	if (document.iform.gwredir.checked) {
596			document.getElementById("local_optsv4").style.display="none";
597			document.getElementById("local_optsv6").style.display="none";
598			} else {
599			document.getElementById("local_optsv4").style.display="";
600			document.getElementById("local_optsv6").style.display="";
601			}
602	d799787e	Matthew Grooms	}
603
604			function dns_domain_change() {
605
606			if (document.iform.dns_domain_enable.checked)
607			document.getElementById("dns_domain_data").style.display="";
608			else
609			document.getElementById("dns_domain_data").style.display="none";
610			}
611
612			function dns_server_change() {
613
614			if (document.iform.dns_server_enable.checked)
615			document.getElementById("dns_server_data").style.display="";
616			else
617			document.getElementById("dns_server_data").style.display="none";
618			}
619
620			function wins_server_change() {
621
622			if (document.iform.wins_server_enable.checked)
623			document.getElementById("wins_server_data").style.display="";
624			else
625			document.getElementById("wins_server_data").style.display="none";
626			}
627
628	faf61f12	Phil Davis	function client_mgmt_port_change() {
629
630			if (document.iform.client_mgmt_port_enable.checked)
631			document.getElementById("client_mgmt_port_data").style.display="";
632			else
633			document.getElementById("client_mgmt_port_data").style.display="none";
634			}
635
636	d799787e	Matthew Grooms	function ntp_server_change() {
637
638			if (document.iform.ntp_server_enable.checked)
639			document.getElementById("ntp_server_data").style.display="";
640			else
641			document.getElementById("ntp_server_data").style.display="none";
642			}
643
644			function netbios_change() {
645
646			if (document.iform.netbios_enable.checked) {
647			document.getElementById("netbios_data").style.display="";
648			document.getElementById("wins_opts").style.display="";
649			} else {
650			document.getElementById("netbios_data").style.display="none";
651			document.getElementById("wins_opts").style.display="none";
652			}
653			}
654
655	1ab6bdb5	jim-p	function tuntap_change() {
656
657			mindex = document.iform.mode.selectedIndex;
658			mvalue = document.iform.mode.options[mindex].value;
659
660			switch(mvalue) {
661			case "p2p_tls":
662			case "p2p_shared_key":
663			p2p = true;
664			break;
665			default:
666			p2p = false;
667			break;
668			}
669
670			index = document.iform.dev_mode.selectedIndex;
671			value = document.iform.dev_mode.options[index].value;
672			switch(value) {
673			case "tun":
674	74a556a3	jim-p	document.getElementById("ipv4_tunnel_network").className="vncellreq";
675	1ab6bdb5	jim-p	document.getElementById("serverbridge_dhcp").style.display="none";
676			document.getElementById("serverbridge_interface").style.display="none";
677			document.getElementById("serverbridge_dhcp_start").style.display="none";
678			document.getElementById("serverbridge_dhcp_end").style.display="none";
679	ee55ce7d	jim-p	document.getElementById("topology_subnet_opt").style.display="";
680	1ab6bdb5	jim-p	break;
681			case "tap":
682	74a556a3	jim-p	document.getElementById("ipv4_tunnel_network").className="vncell";
683	1ab6bdb5	jim-p	if (!p2p) {
684			document.getElementById("serverbridge_dhcp").style.display="";
685			document.getElementById("serverbridge_interface").style.display="";
686			document.getElementById("serverbridge_dhcp_start").style.display="";
687			document.getElementById("serverbridge_dhcp_end").style.display="";
688	ee55ce7d	jim-p	document.getElementById("topology_subnet_opt").style.display="none";
689	f54712b6	jim-p	document.iform.serverbridge_dhcp.disabled = false;
690	1ab6bdb5	jim-p	if (document.iform.serverbridge_dhcp.checked) {
691			document.iform.serverbridge_interface.disabled = false;
692			document.iform.serverbridge_dhcp_start.disabled = false;
693			document.iform.serverbridge_dhcp_end.disabled = false;
694			} else {
695			document.iform.serverbridge_interface.disabled = true;
696			document.iform.serverbridge_dhcp_start.disabled = true;
697			document.iform.serverbridge_dhcp_end.disabled = true;
698			}
699			} else {
700	ee55ce7d	jim-p	document.getElementById("topology_subnet_opt").style.display="none";
701	1ab6bdb5	jim-p	document.iform.serverbridge_dhcp.disabled = true;
702			document.iform.serverbridge_interface.disabled = true;
703			document.iform.serverbridge_dhcp_start.disabled = true;
704			document.iform.serverbridge_dhcp_end.disabled = true;
705			}
706			break;
707			}
708			}
709	d799787e	Matthew Grooms	//-->
710			</script>
711			<?php
712	428e66b6	jim-p	if (!$savemsg)
713			$savemsg = "";
714
715			if ($input_errors)
716			print_input_errors($input_errors);
717			if ($savemsg)
718			print_info_box_np($savemsg);
719	d799787e	Matthew Grooms	?>
720			<table width="100%" border="0" cellpadding="0" cellspacing="0">
721	5a3b0d3b	mgrooms	<tr>
722	d799787e	Matthew Grooms	<td class="tabnavtbl">
723			<ul id="tabnav">
724			<?php
725			$tab_array = array();
726			$tab_array[] = array(gettext("Server"), true, "vpn_openvpn_server.php");
727			$tab_array[] = array(gettext("Client"), false, "vpn_openvpn_client.php");
728			$tab_array[] = array(gettext("Client Specific Overrides"), false, "vpn_openvpn_csc.php");
729	5540aee6	Ermal Lu?i	$tab_array[] = array(gettext("Wizards"), false, "wizard.php?xml=openvpn_wizard.xml");
730	b63f2e8b	Matthew Grooms	add_package_tabs("OpenVPN", $tab_array);
731	d799787e	Matthew Grooms	display_top_tabs($tab_array);
732			?>
733			</ul>
734			</td>
735			</tr>
736			<tr>
737			<td class="tabcont">
738
739			<?php if($act=="new" \|\| $act=="edit"): ?>
740
741			<form action="vpn_openvpn_server.php" method="post" name="iform" id="iform" onsubmit="presubmit()">
742			<table width="100%" border="0" cellpadding="6" cellspacing="0">
743	47c00c09	Scott Ullrich	<tr>
744	4d8b3382	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="listtopic"><?=gettext("General information"); ?></td>
745	b63f2e8b	Matthew Grooms	</tr>
746	d799787e	Matthew Grooms	<tr>
747	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Disabled"); ?></td>
748	d799787e	Matthew Grooms	<td width="78%" class="vtable">
749			<table border="0" cellpadding="0" cellspacing="0">
750			<tr>
751			<td>
752			<?php set_checked($pconfig['disable'],$chk); ?>
753			<input name="disable" type="checkbox" value="yes" <?=$chk;?>/>
754			</td>
755			<td>
756
757			<span class="vexpl">
758	8cd558b6	ayvis	<strong><?=gettext("Disable this server"); ?></strong><br />
759	d799787e	Matthew Grooms	</span>
760			</td>
761			</tr>
762			</table>
763	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Set this option to disable this server without removing it from the list"); ?>.
764	d799787e	Matthew Grooms	</td>
765			</tr>
766	3c11bd3c	Matthew Grooms	<tr>
767			<td width="22%" valign="top" class="vncellreq"><?=gettext("Server Mode");?></td>
768			<td width="78%" class="vtable">
769	1ab6bdb5	jim-p	<select name='mode' id='mode' class="formselect" onchange='mode_change(); tuntap_change()'>
770	3c11bd3c	Matthew Grooms	<?php
771			foreach ($openvpn_server_modes as $name => $desc):
772			$selected = "";
773			if ($pconfig['mode'] == $name)
774			$selected = "selected";
775			?>
776			<option value="<?=$name;?>" <?=$selected;?>><?=$desc;?></option>
777			<?php endforeach; ?>
778			</select>
779			</td>
780			</tr>
781	e8a58de4	Ermal Lu?i	<tr id="authmodetr" style="display:none">
782			<td width="22%" valign="top" class="vncellreq"><?=gettext("Backend for authentication");?></td>
783			<td width="78%" class="vtable">
784	6306b5dd	Ermal Lu?i	<select name='authmode[]' id='authmode' class="formselect" multiple="true" size="<?php echo count($auth_servers); ?>">
785	c61e4626	Ermal Lu?i	<?php $authmodes = explode(",", $pconfig['authmode']); ?>
786	e8a58de4	Ermal Lu?i	<?php
787	6306b5dd	Ermal Lu?i	$auth_servers = auth_get_authserver_list();
788	e8a58de4	Ermal Lu?i	foreach ($auth_servers as $auth_server):
789			$selected = "";
790	c61e4626	Ermal Lu?i	if (in_array($auth_server['name'], $authmodes))
791	e8a58de4	Ermal Lu?i	$selected = "selected";
792			?>
793			<option value="<?=$auth_server['name'];?>" <?=$selected;?>><?=$auth_server['name'];?></option>
794			<?php endforeach; ?>
795			</select>
796			</td>
797			</tr>
798	d799787e	Matthew Grooms	<tr>
799			<td width="22%" valign="top" class="vncellreq"><?=gettext("Protocol");?></td>
800			<td width="78%" class="vtable">
801			<select name='protocol' class="formselect">
802			<?php
803			foreach ($openvpn_prots as $prot):
804			$selected = "";
805			if ($pconfig['protocol'] == $prot)
806			$selected = "selected";
807			?>
808			<option value="<?=$prot;?>" <?=$selected;?>><?=$prot;?></option>
809			<?php endforeach; ?>
810			</select>
811			</td>
812			</tr>
813	bf87b4d7	lgcosta	<tr>
814			<td width="22%" valign="top" class="vncellreq"><?=gettext("Device Mode"); ?></td>
815			<td width="78%" class="vtable">
816	1ab6bdb5	jim-p	<select name="dev_mode" class="formselect" onchange='tuntap_change()'>
817	bf87b4d7	lgcosta	<?php
818			foreach ($openvpn_dev_mode as $device):
819	71edee5e	lgcosta	$selected = "";
820	4936ff53	jim-p	if (! empty($pconfig['dev_mode'])) {
821			if ($pconfig['dev_mode'] == $device)
822	71edee5e	lgcosta	$selected = "selected";
823			} else {
824			if ($device == "tun")
825			$selected = "selected";
826			}
827	bf87b4d7	lgcosta	?>
828			<option value="<?=$device;?>" <?=$selected;?>><?=$device;?></option>
829			<?php endforeach; ?>
830			</select>
831			</td>
832			</tr>
833	d799787e	Matthew Grooms	<tr>
834	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Interface"); ?></td>
835	d799787e	Matthew Grooms	<td width="78%" class="vtable">
836			<select name="interface" class="formselect">
837			<?php
838			$interfaces = get_configured_interface_with_descr();
839	3d06e8f0	pierrepomes	$carplist = get_configured_carp_interface_list();
840			foreach ($carplist as $cif => $carpip)
841	dd62256f	Pierre POMES	$interfaces[$cif.'\|'.$carpip] = $carpip." (".get_vip_descr($carpip).")";
842	67b0902f	pierrepomes	$aliaslist = get_configured_ip_aliases_list();
843			foreach ($aliaslist as $aliasip => $aliasif)
844	dd62256f	Pierre POMES	$interfaces[$aliasif.'\|'.$aliasip] = $aliasip." (".get_vip_descr($aliasip).")";
845	47c48e28	smos	$grouplist = return_gateway_groups_array();
846			foreach ($grouplist as $name => $group) {
847			if($group['ipprotocol'] != inet)
848			continue;
849			if($group[0]['vip'] <> "")
850			$vipif = $group[0]['vip'];
851			else
852			$vipif = $group[0]['int'];
853			$interfaces[$name] = "GW Group {$name}";
854			}
855	5c94aa12	jim-p	$interfaces['lo0'] = "Localhost";
856	67b0902f	pierrepomes	$interfaces['any'] = "any";
857	d799787e	Matthew Grooms	foreach ($interfaces as $iface => $ifacename):
858	1d3bcd2a	Matthew Grooms	$selected = "";
859			if ($iface == $pconfig['interface'])
860			$selected = "selected";
861	d799787e	Matthew Grooms	?>
862	1d3bcd2a	Matthew Grooms	<option value="<?=$iface;?>" <?=$selected;?>>
863			<?=htmlspecialchars($ifacename);?>
864			</option>
865	d799787e	Matthew Grooms	<?php endforeach; ?>
866	8cd558b6	ayvis	</select> <br />
867	d799787e	Matthew Grooms	</td>
868			</tr>
869			<tr>
870			<td width="22%" valign="top" class="vncellreq"><?=gettext("Local port");?></td>
871			<td width="78%" class="vtable">
872			<input name="local_port" type="text" class="formfld unknown" size="5" value="<?=htmlspecialchars($pconfig['local_port']);?>"/>
873			</td>
874			</tr>
875			<tr>
876	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Description"); ?></td>
877	d799787e	Matthew Grooms	<td width="78%" class="vtable">
878			<input name="description" type="text" class="formfld unknown" size="30" value="<?=htmlspecialchars($pconfig['description']);?>">
879	8cd558b6	ayvis	<br />
880	4d8b3382	Carlos Eduardo Ramos	<?=gettext("You may enter a description here for your reference (not parsed)"); ?>.
881	d799787e	Matthew Grooms	</td>
882			</tr>
883			<tr>
884			<td colspan="2" class="list" height="12"></td>
885			</tr>
886			<tr>
887	4d8b3382	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="listtopic"><?=gettext("Cryptographic Settings"); ?></td>
888	d799787e	Matthew Grooms	</tr>
889	3c11bd3c	Matthew Grooms	<tr id="tls">
890	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("TLS Authentication"); ?></td>
891	3c11bd3c	Matthew Grooms	<td width="78%" class="vtable">
892			<table border="0" cellpadding="2" cellspacing="0">
893			<tr>
894			<td>
895			<?php set_checked($pconfig['tlsauth_enable'],$chk); ?>
896			<input name="tlsauth_enable" id="tlsauth_enable" type="checkbox" value="yes" <?=$chk;?> onClick="tlsauth_change()">
897			</td>
898			<td>
899			<span class="vexpl">
900	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Enable authentication of TLS packets"); ?>.
901	3c11bd3c	Matthew Grooms	</span>
902			</td>
903			</tr>
904			</table>
905			<?php if (!$pconfig['tls']): ?>
906			<table border="0" cellpadding="2" cellspacing="0" id='tlsauth_opts'>
907			<tr>
908			<td>
909			<?php set_checked($pconfig['autotls_enable'],$chk); ?>
910			<input name="autotls_enable" id="autotls_enable" type="checkbox" value="yes" <?=$chk;?> onClick="autotls_change()">
911			</td>
912			<td>
913			<span class="vexpl">
914	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Automatically generate a shared TLS authentication key"); ?>.
915	3c11bd3c	Matthew Grooms	</span>
916			</td>
917			</tr>
918			</table>
919			<?php endif; ?>
920			<table border="0" cellpadding="2" cellspacing="0" id='autotls_opts'>
921			<tr>
922			<td>
923			<textarea name="tls" cols="65" rows="7" class="formpre"><?=htmlspecialchars($pconfig['tls']);?></textarea>
924	8cd558b6	ayvis	<br />
925	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Paste your shared key here"); ?>.
926	3c11bd3c	Matthew Grooms	</td>
927			</tr>
928			</table>
929			</td>
930	d799787e	Matthew Grooms	</tr>
931	3c11bd3c	Matthew Grooms	<tr id="tls_ca">
932	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Peer Certificate Authority"); ?></td>
933	d799787e	Matthew Grooms	<td width="78%" class="vtable">
934	19cdeb3e	jim-p	<?php if (count($a_ca)): ?>
935	d799787e	Matthew Grooms	<select name='caref' class="formselect">
936			<?php
937	428e66b6	jim-p	foreach ($a_ca as $ca):
938	d799787e	Matthew Grooms	$selected = "";
939			if ($pconfig['caref'] == $ca['refid'])
940			$selected = "selected";
941			?>
942	f2a86ca9	jim-p	<option value="<?=$ca['refid'];?>" <?=$selected;?>><?=$ca['descr'];?></option>
943	d799787e	Matthew Grooms	<?php endforeach; ?>
944			</select>
945	19cdeb3e	jim-p	<?php else: ?>
946	8cd558b6	ayvis	<b>No Certificate Authorities defined.</b> <br />Create one under <a href="system_camanager.php">System > Cert Manager</a>.
947	19cdeb3e	jim-p	<?php endif; ?>
948	d799787e	Matthew Grooms	</td>
949			</tr>
950	6db02381	jim-p	<tr id="tls_crl">
951			<td width="22%" valign="top" class="vncellreq"><?=gettext("Peer Certificate Revocation List"); ?></td>
952			<td width="78%" class="vtable">
953	19cdeb3e	jim-p	<?php if (count($a_crl)): ?>
954	6db02381	jim-p	<select name='crlref' class="formselect">
955			<option value="">None</option>
956			<?php
957	428e66b6	jim-p	foreach ($a_crl as $crl):
958	6db02381	jim-p	$selected = "";
959	f02c3e1d	jim-p	$caname = "";
960			$ca = lookup_ca($crl['caref']);
961			if ($ca) {
962			$caname = " (CA: {$ca['descr']})";
963			if ($pconfig['crlref'] == $crl['refid'])
964			$selected = "selected";
965			}
966	6db02381	jim-p	?>
967	f02c3e1d	jim-p	<option value="<?=$crl['refid'];?>" <?=$selected;?>><?=$crl['descr'] . $caname;?></option>
968	6db02381	jim-p	<?php endforeach; ?>
969			</select>
970	19cdeb3e	jim-p	<?php else: ?>
971	8cd558b6	ayvis	<b>No Certificate Revocation Lists (CRLs) defined.</b> <br />Create one under <a href="system_crlmanager.php">System > Cert Manager</a>.
972	19cdeb3e	jim-p	<?php endif; ?>
973	6db02381	jim-p	</td>
974			</tr>
975	3c11bd3c	Matthew Grooms	<tr id="tls_cert">
976	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Server Certificate"); ?></td>
977	d799787e	Matthew Grooms	<td width="78%" class="vtable">
978	19cdeb3e	jim-p	<?php if (count($a_cert)): ?>
979	d799787e	Matthew Grooms	<select name='certref' class="formselect">
980			<?php
981	428e66b6	jim-p	foreach ($a_cert as $cert):
982	9e303f2f	jim-p	$selected = "";
983			$caname = "";
984			$inuse = "";
985			$revoked = "";
986			$ca = lookup_ca($cert['caref']);
987			if ($ca)
988			$caname = " (CA: {$ca['descr']})";
989			if ($pconfig['certref'] == $cert['refid'])
990			$selected = "selected";
991			if (cert_in_use($cert['refid']))
992			$inuse = " *In Use";
993			if (is_cert_revoked($cert))
994			$revoked = " *Revoked";
995	d799787e	Matthew Grooms	?>
996	6a0b3ea4	jim-p	<option value="<?=$cert['refid'];?>" <?=$selected;?>><?=$cert['descr'] . $caname . $inuse . $revoked;?></option>
997	d799787e	Matthew Grooms	<?php endforeach; ?>
998			</select>
999	19cdeb3e	jim-p	<?php else: ?>
1000	8cd558b6	ayvis	<b>No Certificates defined.</b> <br />Create one under <a href="system_certmanager.php">System > Cert Manager</a>.
1001	19cdeb3e	jim-p	<?php endif; ?>
1002	d799787e	Matthew Grooms	</td>
1003			</tr>
1004	fe787fc7	Matthew Grooms	<tr id="tls_dh">
1005	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("DH Parameters Length"); ?></td>
1006	fe787fc7	Matthew Grooms	<td width="78%" class="vtable">
1007			<select name="dh_length" class="formselect">
1008			<?php
1009			foreach ($openvpn_dh_lengths as $length):
1010			$selected = '';
1011			if ($length == $pconfig['dh_length'])
1012			$selected = ' selected';
1013			?>
1014			<option<?=$selected?>><?=$length;?></option>
1015			<?php endforeach; ?>
1016			</select>
1017			<span class="vexpl">
1018	1c83021a	Carlos Eduardo Ramos	<?=gettext("bits"); ?>
1019	fe787fc7	Matthew Grooms	</span>
1020			</td>
1021			</tr>
1022	d799787e	Matthew Grooms	<tr id="psk">
1023	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Shared Key"); ?></td>
1024	3c11bd3c	Matthew Grooms	<td width="78%" class="vtable">
1025			<?php if (!$pconfig['shared_key']): ?>
1026			<table border="0" cellpadding="2" cellspacing="0">
1027			<tr>
1028			<td>
1029			<?php set_checked($pconfig['autokey_enable'],$chk); ?>
1030			<input name="autokey_enable" type="checkbox" value="yes" <?=$chk;?> onClick="autokey_change()">
1031			</td>
1032			<td>
1033			<span class="vexpl">
1034	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Automatically generate a shared key"); ?>.
1035	3c11bd3c	Matthew Grooms	</span>
1036			</td>
1037			</tr>
1038			</table>
1039			<?php endif; ?>
1040			<table border="0" cellpadding="2" cellspacing="0" id='autokey_opts'>
1041			<tr>
1042			<td>
1043			<textarea name="shared_key" cols="65" rows="7" class="formpre"><?=htmlspecialchars($pconfig['shared_key']);?></textarea>
1044	8cd558b6	ayvis	<br />
1045	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Paste your shared key here"); ?>.
1046	3c11bd3c	Matthew Grooms	</td>
1047			</tr>
1048			</table>
1049	d799787e	Matthew Grooms	</td>
1050			</tr>
1051			<tr>
1052	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Encryption algorithm"); ?></td>
1053	d799787e	Matthew Grooms	<td width="78%" class="vtable">
1054			<select name="crypto" class="formselect">
1055			<?php
1056			$cipherlist = openvpn_get_cipherlist();
1057			foreach ($cipherlist as $name => $desc):
1058			$selected = '';
1059			if ($name == $pconfig['crypto'])
1060			$selected = ' selected';
1061			?>
1062			<option value="<?=$name;?>"<?=$selected?>>
1063			<?=htmlspecialchars($desc);?>
1064			</option>
1065			<?php endforeach; ?>
1066	582c58ae	jim-p	</select>
1067			</td>
1068			</tr>
1069	97d5b59b	jim-p	<tr>
1070			<td width="22%" valign="top" class="vncellreq"><?=gettext("Auth Digest Algorithm"); ?></td>
1071			<td width="78%" class="vtable">
1072			<select name="digest" class="formselect">
1073			<?php
1074			$digestlist = openvpn_get_digestlist();
1075			foreach ($digestlist as $name => $desc):
1076			$selected = '';
1077			if ($name == $pconfig['digest'])
1078			$selected = ' selected';
1079			?>
1080			<option value="<?=$name;?>"<?=$selected?>>
1081			<?=htmlspecialchars($desc);?>
1082			</option>
1083			<?php endforeach; ?>
1084			</select>
1085			</td>
1086			</tr>
1087	582c58ae	jim-p	<tr id="engine">
1088			<td width="22%" valign="top" class="vncellreq"><?=gettext("Hardware Crypto"); ?></td>
1089			<td width="78%" class="vtable">
1090			<select name="engine" class="formselect">
1091			<?php
1092			$engines = openvpn_get_engines();
1093			foreach ($engines as $name => $desc):
1094			$selected = '';
1095			if ($name == $pconfig['engine'])
1096			$selected = ' selected';
1097			?>
1098			<option value="<?=$name;?>"<?=$selected?>>
1099			<?=htmlspecialchars($desc);?>
1100			</option>
1101			<?php endforeach; ?>
1102	d799787e	Matthew Grooms	</select>
1103			</td>
1104			</tr>
1105	98963f27	jim-p	<tr id="cert_depth">
1106			<td width="22%" valign="top" class="vncell"><?=gettext("Certificate Depth"); ?></td>
1107			<td width="78%" class="vtable">
1108			<table border="0" cellpadding="2" cellspacing="0">
1109			<tr><td>
1110			<select name="cert_depth" class="formselect">
1111			<option value="">Do Not Check</option>
1112			<?php
1113			foreach ($openvpn_cert_depths as $depth => $depthdesc):
1114			$selected = '';
1115			if ($depth == $pconfig['cert_depth'])
1116			$selected = ' selected';
1117			?>
1118			<option value="<?= $depth ?>" <?= $selected ?>><?= $depthdesc ?></option>
1119			<?php endforeach; ?>
1120			</select>
1121			</td></tr>
1122			<tr><td>
1123			<span class="vexpl">
1124			<?=gettext("When a certificate-based client logs in, do not accept certificates below this depth. Useful for denying certificates made with intermediate CAs generated from the same CA as the server."); ?>
1125			</span>
1126			</td></tr>
1127			</table>
1128			</td>
1129			</tr>
1130	94823361	jim-p	<tr id="strictusercn">
1131			<td width="22%" valign="top" class="vncell"><?=gettext("Strict User/CN Matching"); ?></td>
1132			<td width="78%" class="vtable">
1133			<table border="0" cellpadding="2" cellspacing="0">
1134			<tr>
1135			<td>
1136			<?php set_checked($pconfig['strictusercn'],$chk); ?>
1137			<input name="strictusercn" type="checkbox" value="yes" <?=$chk;?>/>
1138			</td>
1139			<td>
1140			<span class="vexpl">
1141			<?=gettext("When authenticating users, enforce a match between the common name of the client certificate and the username given at login."); ?>
1142			</span>
1143			</td>
1144			</tr>
1145			</table>
1146			</td>
1147			</tr>
1148	d799787e	Matthew Grooms	<tr>
1149			<td colspan="2" class="list" height="12"></td>
1150			</tr>
1151			<tr>
1152	4d8b3382	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="listtopic"><?=gettext("Tunnel Settings"); ?></td>
1153	d799787e	Matthew Grooms	</tr>
1154	74a556a3	jim-p	<tr>
1155			<td width="22%" valign="top" class="vncellreq" id="ipv4_tunnel_network"><?=gettext("IPv4 Tunnel Network"); ?></td>
1156	d799787e	Matthew Grooms	<td width="78%" class="vtable">
1157			<input name="tunnel_network" type="text" class="formfld unknown" size="20" value="<?=htmlspecialchars($pconfig['tunnel_network']);?>">
1158	8cd558b6	ayvis	<br />
1159	b1ba04cf	Seth Mos	<?=gettext("This is the IPv4 virtual network used for private " .
1160	4d8b3382	Carlos Eduardo Ramos	"communications between this server and client " .
1161			"hosts expressed using CIDR (eg. 10.0.8.0/24). " .
1162			"The first network address will be assigned to " .
1163			"the server virtual interface. The remaining " .
1164			"network addresses can optionally be assigned " .
1165			"to connecting clients. (see Address Pool)"); ?>
1166	d799787e	Matthew Grooms	</td>
1167			</tr>
1168	74a556a3	jim-p	<tr>
1169			<td width="22%" valign="top" class="vncell"><?=gettext("IPv6 Tunnel Network"); ?></td>
1170	b1ba04cf	Seth Mos	<td width="78%" class="vtable">
1171			<input name="tunnel_networkv6" type="text" class="formfld unknown" size="20" value="<?=htmlspecialchars($pconfig['tunnel_networkv6']);?>">
1172	8cd558b6	ayvis	<br />
1173	b1ba04cf	Seth Mos	<?=gettext("This is the IPv6 virtual network used for private " .
1174			"communications between this server and client " .
1175			"hosts expressed using CIDR (eg. fe80::/64). " .
1176			"The first network address will be assigned to " .
1177	4856df9b	jim-p	"the server virtual interface. The remaining " .
1178	b1ba04cf	Seth Mos	"network addresses can optionally be assigned " .
1179			"to connecting clients. (see Address Pool)"); ?>
1180			</td>
1181			</tr>
1182	1ab6bdb5	jim-p	<tr id="serverbridge_dhcp">
1183			<td width="22%" valign="top" class="vncell"><?=gettext("Bridge DHCP"); ?></td>
1184			<td width="78%" class="vtable">
1185			<table border="0" cellpadding="2" cellspacing="0">
1186			<tr>
1187			<td>
1188			<?php set_checked($pconfig['serverbridge_dhcp'],$chk); ?>
1189			<input name="serverbridge_dhcp" type="checkbox" value="yes" <?=$chk;?> onchange='tuntap_change()' />
1190			</td>
1191			<td>
1192			<span class="vexpl">
1193	8cd558b6	ayvis	<?=gettext("Allow clients on the bridge to obtain DHCP."); ?><br />
1194	1ab6bdb5	jim-p	</span>
1195			</td>
1196			</tr>
1197			</table>
1198			</td>
1199			</tr>
1200			<tr id="serverbridge_interface">
1201			<td width="22%" valign="top" class="vncell"><?=gettext("Bridge Interface"); ?></td>
1202			<td width="78%" class="vtable">
1203			<select name="serverbridge_interface" class="formselect">
1204			<?php
1205			$serverbridge_interface['none'] = "none";
1206			$serverbridge_interface = array_merge($serverbridge_interface, get_configured_interface_with_descr());
1207			$carplist = get_configured_carp_interface_list();
1208			foreach ($carplist as $cif => $carpip)
1209			$serverbridge_interface[$cif.'\|'.$carpip] = $carpip." (".get_vip_descr($carpip).")";
1210			$aliaslist = get_configured_ip_aliases_list();
1211			foreach ($aliaslist as $aliasip => $aliasif)
1212			$serverbridge_interface[$aliasif.'\|'.$aliasip] = $aliasip." (".get_vip_descr($aliasip).")";
1213			foreach ($serverbridge_interface as $iface => $ifacename):
1214			$selected = "";
1215			if ($iface == $pconfig['serverbridge_interface'])
1216			$selected = "selected";
1217			?>
1218			<option value="<?=$iface;?>" <?=$selected;?>>
1219			<?=htmlspecialchars($ifacename);?>
1220			</option>
1221			<?php endforeach; ?>
1222	8cd558b6	ayvis	</select> <br />
1223	8e932fb5	Phil Davis	<?=gettext("The interface to which this tap instance will be " .
1224	1ab6bdb5	jim-p	"bridged. This is not done automatically. You must assign this " .
1225			"interface and create the bridge separately. " .
1226			"This setting controls which existing IP address and subnet " .
1227			"mask are used by OpenVPN for the bridge. Setting this to " .
1228			"'none' will cause the Server Bridge DHCP settings below to be ignored."); ?>
1229			</td>
1230			</tr>
1231			<tr id="serverbridge_dhcp_start">
1232			<td width="22%" valign="top" class="vncell"><?=gettext("Server Bridge DHCP Start"); ?></td>
1233			<td width="78%" class="vtable">
1234			<input name="serverbridge_dhcp_start" type="text" class="formfld unknown" size="20" value="<?=htmlspecialchars($pconfig['serverbridge_dhcp_start']);?>">
1235	8cd558b6	ayvis	<br />
1236	8e932fb5	Phil Davis	<?=gettext("When using tap mode as a multi-point server, " .
1237	1ab6bdb5	jim-p	"you may optionally supply a DHCP range to use on the " .
1238			"interface to which this tap instance is bridged. " .
1239			"If these settings are left blank, DHCP will be passed " .
1240			"through to the LAN, and the interface setting above " .
1241			"will be ignored."); ?>
1242			</td>
1243			</tr>
1244			<tr id="serverbridge_dhcp_end">
1245	850ae59e	Irving Popovetsky	<td width="22%" valign="top" class="vncell"><?=gettext("Server Bridge DHCP End"); ?></td>
1246	1ab6bdb5	jim-p	<td width="78%" class="vtable">
1247			<input name="serverbridge_dhcp_end" type="text" class="formfld unknown" size="20" value="<?=htmlspecialchars($pconfig['serverbridge_dhcp_end']);?>">
1248	8cd558b6	ayvis	<br />
1249	1ab6bdb5	jim-p	</td>
1250			</tr>
1251	a2ff08f8	jim-p	<tr id="gwredir_opts">
1252	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Redirect Gateway"); ?></td>
1253	d799787e	Matthew Grooms	<td width="78%" class="vtable">
1254			<table border="0" cellpadding="2" cellspacing="0">
1255			<tr>
1256			<td>
1257			<?php set_checked($pconfig['gwredir'],$chk); ?>
1258			<input name="gwredir" type="checkbox" value="yes" <?=$chk;?> onClick="gwredir_change()"/>
1259			</td>
1260			<td>
1261			<span class="vexpl">
1262	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Force all client generated traffic through the tunnel"); ?>.
1263	d799787e	Matthew Grooms	</span>
1264			</td>
1265			</tr>
1266			</table>
1267			</td>
1268			</tr>
1269	4856df9b	jim-p	<tr id="local_optsv4">
1270	332f5781	Phil Davis	<td width="22%" valign="top" class="vncell"><?=gettext("IPv4 Local Network/s"); ?></td>
1271	d799787e	Matthew Grooms	<td width="78%" class="vtable">
1272	332f5781	Phil Davis	<input name="local_network" type="text" class="formfld unknown" size="40" value="<?=htmlspecialchars($pconfig['local_network']);?>">
1273	8cd558b6	ayvis	<br />
1274	332f5781	Phil Davis	<?=gettext("These are the IPv4 networks that will be accessible " .
1275			"from the remote endpoint. Expressed as a comma-separated list of one or more CIDR ranges. " .
1276			"You may leave this blank if you don't " .
1277	4d8b3382	Carlos Eduardo Ramos	"want to add a route to the local network " .
1278			"through this tunnel on the remote machine. " .
1279			"This is generally set to your LAN network"); ?>.
1280	d799787e	Matthew Grooms	</td>
1281			</tr>
1282	4856df9b	jim-p	<tr id="local_optsv6">
1283	332f5781	Phil Davis	<td width="22%" valign="top" class="vncell"><?=gettext("IPv6 Local Network/s"); ?></td>
1284	b1ba04cf	Seth Mos	<td width="78%" class="vtable">
1285	332f5781	Phil Davis	<input name="local_networkv6" type="text" class="formfld unknown" size="40" value="<?=htmlspecialchars($pconfig['local_networkv6']);?>">
1286	8cd558b6	ayvis	<br />
1287	332f5781	Phil Davis	<?=gettext("These are the IPv6 networks that will be accessible " .
1288			"from the remote endpoint. Expressed as a comma-separated list of one or more IP/PREFIX. " .
1289			"You may leave this blank if you don't " .
1290	b1ba04cf	Seth Mos	"want to add a route to the local network " .
1291			"through this tunnel on the remote machine. " .
1292			"This is generally set to your LAN network"); ?>.
1293			</td>
1294			</tr>
1295	415bddea	jim-p	<tr id="remote_optsv4">
1296	332f5781	Phil Davis	<td width="22%" valign="top" class="vncell"><?=gettext("IPv4 Remote Network/s"); ?></td>
1297	3c11bd3c	Matthew Grooms	<td width="78%" class="vtable">
1298	332f5781	Phil Davis	<input name="remote_network" type="text" class="formfld unknown" size="40" value="<?=htmlspecialchars($pconfig['remote_network']);?>">
1299	8cd558b6	ayvis	<br />
1300	332f5781	Phil Davis	<?=gettext("These are the IPv4 networks that will be routed through " .
1301	4d8b3382	Carlos Eduardo Ramos	"the tunnel, so that a site-to-site VPN can be " .
1302	332f5781	Phil Davis	"established without manually changing the routing tables. " .
1303			"Expressed as a comma-separated list of one or more CIDR ranges. " .
1304			"If this is a site-to-site VPN, enter the " .
1305			"remote LAN/s here. You may leave this blank if " .
1306	4d8b3382	Carlos Eduardo Ramos	"you don't want a site-to-site VPN"); ?>.
1307	3c11bd3c	Matthew Grooms	</td>
1308			</tr>
1309	415bddea	jim-p	<tr id="remote_optsv6">
1310	332f5781	Phil Davis	<td width="22%" valign="top" class="vncell"><?=gettext("IPv6 Remote Network/s"); ?></td>
1311	4856df9b	jim-p	<td width="78%" class="vtable">
1312	332f5781	Phil Davis	<input name="remote_networkv6" type="text" class="formfld unknown" size="40" value="<?=htmlspecialchars($pconfig['remote_networkv6']);?>">
1313	8cd558b6	ayvis	<br />
1314	332f5781	Phil Davis	<?=gettext("These are the IPv6 networks that will be routed through " .
1315	4856df9b	jim-p	"the tunnel, so that a site-to-site VPN can be " .
1316	332f5781	Phil Davis	"established without manually changing the routing tables. " .
1317			"Expressed as a comma-separated list of one or more IP/PREFIX. " .
1318			"If this is a site-to-site VPN, enter the " .
1319			"remote LAN/s here. You may leave this blank if " .
1320	4856df9b	jim-p	"you don't want a site-to-site VPN"); ?>.
1321			</td>
1322			</tr>
1323	d799787e	Matthew Grooms	<tr>
1324			<td width="22%" valign="top" class="vncell"><?=gettext("Concurrent connections");?></td>
1325			<td width="78%" class="vtable">
1326			<input name="maxclients" type="text" class="formfld unknown" size="5" value="<?=htmlspecialchars($pconfig['maxclients']);?>"/>
1327	8cd558b6	ayvis	<br />
1328	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Specify the maximum number of clients allowed to concurrently connect to this server"); ?>.
1329	d799787e	Matthew Grooms	</td>
1330			</tr>
1331			<tr>
1332	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Compression"); ?></td>
1333	d799787e	Matthew Grooms	<td width="78%" class="vtable">
1334	edba1982	jim-p	<select name="compression" class="formselect">
1335			<?php
1336			foreach ($openvpn_compression_modes as $cmode => $cmodedesc):
1337			$selected = '';
1338			if ($cmode == $pconfig['compression'])
1339			$selected = ' selected';
1340			?>
1341			<option value="<?= $cmode ?>" <?= $selected ?>><?= $cmodedesc ?></option>
1342			<?php endforeach; ?>
1343			</select>
1344	8cd558b6	ayvis	<br />
1345	edba1982	jim-p	<?=gettext("Compress tunnel packets using the LZO algorithm. Adaptive compression will dynamically disable compression for a period of time if OpenVPN detects that the data in the packets is not being compressed efficiently."); ?>.
1346	d799787e	Matthew Grooms	</td>
1347			</tr>
1348			<tr>
1349	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Type-of-Service"); ?></td>
1350	d799787e	Matthew Grooms	<td width="78%" class="vtable">
1351			<table border="0" cellpadding="2" cellspacing="0">
1352			<tr>
1353			<td>
1354	1cb0b40a	Matthew Grooms	<?php set_checked($pconfig['passtos'],$chk); ?>
1355			<input name="passtos" type="checkbox" value="yes" <?=$chk;?>>
1356	d799787e	Matthew Grooms	</td>
1357			<td>
1358			<span class="vexpl">
1359	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Set the TOS IP header value of tunnel packets to match the encapsulated packet value"); ?>.
1360	d799787e	Matthew Grooms	</span>
1361			</td>
1362			</tr>
1363			</table>
1364			</td>
1365			</tr>
1366	107794cc	jim-p	<tr id="inter_client_communication">
1367	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Inter-client communication"); ?></td>
1368	d799787e	Matthew Grooms	<td width="78%" class="vtable">
1369			<table border="0" cellpadding="2" cellspacing="0">
1370			<tr>
1371			<td>
1372			<?php set_checked($pconfig['client2client'],$chk); ?>
1373			<input name="client2client" type="checkbox" value="yes" <?=$chk;?>/>
1374			</td>
1375			<td>
1376			<span class="vexpl">
1377	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Allow communication between clients connected to this server"); ?>
1378	d799787e	Matthew Grooms	</span>
1379			</td>
1380			</tr>
1381			</table>
1382			</td>
1383			</tr>
1384	bca35cff	jim-p	<tr id="duplicate_cn">
1385			<td width="22%" valign="top" class="vncell"><?=gettext("Duplicate Connections"); ?></td>
1386			<td width="78%" class="vtable">
1387			<table border="0" cellpadding="2" cellspacing="0">
1388			<tr>
1389			<td>
1390			<?php set_checked($pconfig['duplicate_cn'],$chk); ?>
1391			<input name="duplicate_cn" type="checkbox" value="yes" <?=$chk;?>/>
1392			</td>
1393			<td>
1394			<span class="vexpl">
1395	8cd558b6	ayvis	<?=gettext("Allow multiple concurrent connections from clients using the same Common Name.<br />NOTE: This is not generally recommended, but may be needed for some scenarios."); ?>
1396	bca35cff	jim-p	</span>
1397			</td>
1398			</tr>
1399			</table>
1400			</td>
1401			</tr>
1402	3c11bd3c	Matthew Grooms	</table>
1403
1404			<table width="100%" border="0" cellpadding="6" cellspacing="0" id="client_opts">
1405	d799787e	Matthew Grooms	<tr>
1406			<td colspan="2" class="list" height="12"></td>
1407			</tr>
1408			<tr>
1409	4d8b3382	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="listtopic"><?=gettext("Client Settings"); ?></td>
1410	d799787e	Matthew Grooms	</tr>
1411	65ff8497	jim-p	<tr>
1412	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Dynamic IP"); ?></td>
1413	65ff8497	jim-p	<td width="78%" class="vtable">
1414			<table border="0" cellpadding="2" cellspacing="0">
1415			<tr>
1416			<td>
1417			<?php set_checked($pconfig['dynamic_ip'],$chk); ?>
1418	b3cf36d7	Erik Fonnesbeck	<input name="dynamic_ip" type="checkbox" id="dynamic_ip" value="yes" <?=$chk;?>/>
1419	65ff8497	jim-p	</td>
1420			<td>
1421			<span class="vexpl">
1422	8cd558b6	ayvis	<?=gettext("Allow connected clients to retain their connections if their IP address changes"); ?>.<br />
1423	65ff8497	jim-p	</span>
1424			</td>
1425			</tr>
1426			</table>
1427			</td>
1428			</tr>
1429	d799787e	Matthew Grooms	<tr>
1430	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Address Pool"); ?></td>
1431	d799787e	Matthew Grooms	<td width="78%" class="vtable">
1432			<table border="0" cellpadding="2" cellspacing="0">
1433			<tr>
1434			<td>
1435			<?php set_checked($pconfig['pool_enable'],$chk); ?>
1436	b3cf36d7	Erik Fonnesbeck	<input name="pool_enable" type="checkbox" id="pool_enable" value="yes" <?=$chk;?>/>
1437	d799787e	Matthew Grooms	</td>
1438			<td>
1439			<span class="vexpl">
1440	8cd558b6	ayvis	<?=gettext("Provide a virtual adapter IP address to clients (see Tunnel Network)"); ?><br />
1441	d799787e	Matthew Grooms	</span>
1442			</td>
1443			</tr>
1444			</table>
1445			</td>
1446			</tr>
1447	ee55ce7d	jim-p	<tr id="topology_subnet_opt">
1448			<td width="22%" valign="top" class="vncell"><?=gettext("Topology"); ?></td>
1449			<td width="78%" class="vtable">
1450			<table border="0" cellpadding="2" cellspacing="0">
1451			<tr>
1452			<td>
1453			<?php set_checked($pconfig['topology_subnet'],$chk); ?>
1454			<input name="topology_subnet" type="checkbox" id="topology_subnet" value="yes" <?=$chk;?>/>
1455			</td>
1456			<td>
1457			<span class="vexpl">
1458	8cd558b6	ayvis	<?=gettext("Allocate only one IP per client (topology subnet), rather than an isolated subnet per client (topology net30)."); ?><br />
1459	ee55ce7d	jim-p	</span>
1460			</td>
1461			</tr>
1462			<tr>
1463			<td> </td>
1464			<td>
1465	8cd558b6	ayvis	<?=gettext("Relevant when supplying a virtual adapter IP address to clients when using tun mode on IPv4."); ?><br />
1466			<?=gettext("Some clients may require this even for IPv6, such as OpenVPN Connect (iOS/Android). Others may break if it is present, such as older versions of OpenVPN or clients such as Yealink phones."); ?><br />
1467	ee55ce7d	jim-p	</td>
1468			</tr>
1469			</table>
1470			</td>
1471			</tr>
1472	d799787e	Matthew Grooms	<tr>
1473	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("DNS Default Domain"); ?></td>
1474	d799787e	Matthew Grooms	<td width="78%" class="vtable">
1475			<table border="0" cellpadding="2" cellspacing="0">
1476			<tr>
1477			<td>
1478			<?php set_checked($pconfig['dns_domain_enable'],$chk); ?>
1479			<input name="dns_domain_enable" type="checkbox" id="dns_domain_enable" value="yes" <?=$chk;?> onClick="dns_domain_change()">
1480			</td>
1481			<td>
1482			<span class="vexpl">
1483	8cd558b6	ayvis	<?=gettext("Provide a default domain name to clients"); ?><br />
1484	d799787e	Matthew Grooms	</span>
1485			</td>
1486			</tr>
1487			</table>
1488			<table border="0" cellpadding="2" cellspacing="0" id="dns_domain_data">
1489			<tr>
1490			<td>
1491			<input name="dns_domain" type="text" class="formfld unknown" id="dns_domain" size="30" value="<?=htmlspecialchars($pconfig['dns_domain']);?>">
1492			</td>
1493			</tr>
1494			</table>
1495			</td>
1496			</tr>
1497			<tr>
1498	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("DNS Servers"); ?></td>
1499	d799787e	Matthew Grooms	<td width="78%" class="vtable">
1500			<table border="0" cellpadding="2" cellspacing="0">
1501			<tr>
1502			<td>
1503			<?php set_checked($pconfig['dns_server_enable'],$chk); ?>
1504			<input name="dns_server_enable" type="checkbox" id="dns_server_enable" value="yes" <?=$chk;?> onClick="dns_server_change()">
1505			</td>
1506			<td>
1507			<span class="vexpl">
1508	8cd558b6	ayvis	<?=gettext("Provide a DNS server list to clients"); ?><br />
1509	d799787e	Matthew Grooms	</span>
1510			</td>
1511			</tr>
1512			</table>
1513			<table border="0" cellpadding="2" cellspacing="0" id="dns_server_data">
1514			<tr>
1515			<td>
1516			<span class="vexpl">
1517	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Server"); ?> #1:
1518	d799787e	Matthew Grooms	</span>
1519	dd5bf424	Scott Ullrich	<input name="dns_server1" type="text" class="formfld unknown" id="dns_server1" size="20" value="<?=htmlspecialchars($pconfig['dns_server1']);?>">
1520	d799787e	Matthew Grooms	</td>
1521			</tr>
1522			<tr>
1523			<td>
1524			<span class="vexpl">
1525	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Server"); ?> #2:
1526	d799787e	Matthew Grooms	</span>
1527	dd5bf424	Scott Ullrich	<input name="dns_server2" type="text" class="formfld unknown" id="dns_server2" size="20" value="<?=htmlspecialchars($pconfig['dns_server2']);?>">
1528	d799787e	Matthew Grooms	</td>
1529			</tr>
1530			<tr>
1531			<td>
1532			<span class="vexpl">
1533	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Server"); ?> #3:
1534	d799787e	Matthew Grooms	</span>
1535	dd5bf424	Scott Ullrich	<input name="dns_server3" type="text" class="formfld unknown" id="dns_server3" size="20" value="<?=htmlspecialchars($pconfig['dns_server3']);?>">
1536	d799787e	Matthew Grooms	</td>
1537			</tr>
1538			<tr>
1539			<td>
1540			<span class="vexpl">
1541	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Server"); ?> #4:
1542	d799787e	Matthew Grooms	</span>
1543	dd5bf424	Scott Ullrich	<input name="dns_server4" type="text" class="formfld unknown" id="dns_server4" size="20" value="<?=htmlspecialchars($pconfig['dns_server4']);?>">
1544	d799787e	Matthew Grooms	</td>
1545			</tr>
1546			</table>
1547			</td>
1548			</tr>
1549			<tr>
1550	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("NTP Servers"); ?></td>
1551	d799787e	Matthew Grooms	<td width="78%" class="vtable">
1552			<table border="0" cellpadding="2" cellspacing="0">
1553			<tr>
1554			<td>
1555			<?php set_checked($pconfig['ntp_server_enable'],$chk); ?>
1556			<input name="ntp_server_enable" type="checkbox" id="ntp_server_enable" value="yes" <?=$chk;?> onClick="ntp_server_change()">
1557			</td>
1558			<td>
1559			<span class="vexpl">
1560	8cd558b6	ayvis	<?=gettext("Provide a NTP server list to clients"); ?><br />
1561	d799787e	Matthew Grooms	</span>
1562			</td>
1563			</tr>
1564			</table>
1565			<table border="0" cellpadding="2" cellspacing="0" id="ntp_server_data">
1566			<tr>
1567			<td>
1568			<span class="vexpl">
1569	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Server"); ?> #1:
1570	d799787e	Matthew Grooms	</span>
1571	dd5bf424	Scott Ullrich	<input name="ntp_server1" type="text" class="formfld unknown" id="ntp_server1" size="20" value="<?=htmlspecialchars($pconfig['ntp_server1']);?>">
1572	d799787e	Matthew Grooms	</td>
1573			</tr>
1574			<tr>
1575			<td>
1576			<span class="vexpl">
1577	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Server"); ?> #2:
1578	d799787e	Matthew Grooms	</span>
1579	dd5bf424	Scott Ullrich	<input name="ntp_server2" type="text" class="formfld unknown" id="ntp_server2" size="20" value="<?=htmlspecialchars($pconfig['ntp_server2']);?>">
1580	d799787e	Matthew Grooms	</td>
1581			</tr>
1582			</table>
1583			</td>
1584			</tr>
1585			<tr>
1586	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("NetBIOS Options"); ?></td>
1587	d799787e	Matthew Grooms	<td width="78%" class="vtable">
1588			<table border="0" cellpadding="2" cellspacing="0">
1589			<tr>
1590			<td>
1591			<?php set_checked($pconfig['netbios_enable'],$chk); ?>
1592			<input name="netbios_enable" type="checkbox" id="netbios_enable" value="yes" <?=$chk;?> onClick="netbios_change()">
1593			</td>
1594			<td>
1595			<span class="vexpl">
1596	8cd558b6	ayvis	<?=gettext("Enable NetBIOS over TCP/IP"); ?><br />
1597	d799787e	Matthew Grooms	</span>
1598			</td>
1599			</tr>
1600			</table>
1601	4d8b3382	Carlos Eduardo Ramos	<?=gettext("If this option is not set, all NetBIOS-over-TCP/IP options (including WINS) will be disabled"); ?>.
1602	8cd558b6	ayvis	<br />
1603	d799787e	Matthew Grooms	<table border="0" cellpadding="2" cellspacing="0" id="netbios_data">
1604			<tr>
1605			<td>
1606	8cd558b6	ayvis	<br />
1607	d799787e	Matthew Grooms	<span class="vexpl">
1608	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Node Type"); ?>:
1609	d799787e	Matthew Grooms	</span>
1610			<select name='netbios_ntype' class="formselect">
1611			<?php
1612			foreach ($netbios_nodetypes as $type => $name):
1613			$selected = "";
1614			if ($pconfig['netbios_ntype'] == $type)
1615			$selected = "selected";
1616			?>
1617			<option value="<?=$type;?>" <?=$selected;?>><?=$name;?></option>
1618			<?php endforeach; ?>
1619			</select>
1620	8cd558b6	ayvis	<br />
1621	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Possible options: b-node (broadcasts), p-node " .
1622			"(point-to-point name queries to a WINS server), " .
1623			"m-node (broadcast then query name server), and " .
1624			"h-node (query name server, then broadcast)"); ?>.
1625	d799787e	Matthew Grooms	</td>
1626			</tr>
1627			<tr>
1628			<td>
1629	8cd558b6	ayvis	<br />
1630	d799787e	Matthew Grooms	<span class="vexpl">
1631	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Scope ID"); ?>:
1632	d799787e	Matthew Grooms	</span>
1633			<input name="netbios_scope" type="text" class="formfld unknown" id="netbios_scope" size="30" value="<?=htmlspecialchars($pconfig['netbios_scope']);?>">
1634	8cd558b6	ayvis	<br />
1635	4d8b3382	Carlos Eduardo Ramos	<?=gettext("A NetBIOS Scope ID provides an extended naming " .
1636			"service for NetBIOS over TCP/IP. The NetBIOS " .
1637			"scope ID isolates NetBIOS traffic on a single " .
1638			"network to only those nodes with the same " .
1639			"NetBIOS scope ID"); ?>.
1640	d799787e	Matthew Grooms	</td>
1641			</tr>
1642			</table>
1643			</td>
1644			</tr>
1645			<tr id="wins_opts">
1646	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("WINS Servers"); ?></td>
1647	d799787e	Matthew Grooms	<td width="78%" class="vtable">
1648			<table border="0" cellpadding="2" cellspacing="0">
1649			<tr>
1650			<td>
1651			<?php set_checked($pconfig['wins_server_enable'],$chk); ?>
1652			<input name="wins_server_enable" type="checkbox" id="wins_server_enable" value="yes" <?=$chk;?> onClick="wins_server_change()">
1653			</td>
1654			<td>
1655			<span class="vexpl">
1656	8cd558b6	ayvis	<?=gettext("Provide a WINS server list to clients"); ?><br />
1657	d799787e	Matthew Grooms	</span>
1658			</td>
1659			</tr>
1660			</table>
1661			<table border="0" cellpadding="2" cellspacing="0" id="wins_server_data">
1662			<tr>
1663			<td>
1664			<span class="vexpl">
1665	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Server"); ?> #1:
1666	d799787e	Matthew Grooms	</span>
1667	dd5bf424	Scott Ullrich	<input name="wins_server1" type="text" class="formfld unknown" id="wins_server1" size="20" value="<?=htmlspecialchars($pconfig['wins_server1']);?>">
1668	d799787e	Matthew Grooms	</td>
1669			</tr>
1670			<tr>
1671			<td>
1672			<span class="vexpl">
1673	4d8b3382	Carlos Eduardo Ramos	<?=gettext("Server"); ?> #2:
1674	d799787e	Matthew Grooms	</span>
1675	dd5bf424	Scott Ullrich	<input name="wins_server2" type="text" class="formfld unknown" id="wins_server2" size="20" value="<?=htmlspecialchars($pconfig['wins_server2']);?>">
1676	d799787e	Matthew Grooms	</td>
1677			</tr>
1678			</table>
1679			</td>
1680			</tr>
1681	faf61f12	Phil Davis	<tr>
1682			<td width="22%" valign="top" class="vncell"><?=gettext("Client Management Port"); ?></td>
1683			<td width="78%" class="vtable">
1684			<table border="0" cellpadding="2" cellspacing="0">
1685			<tr>
1686			<td>
1687			<?php set_checked($pconfig['client_mgmt_port_enable'],$chk); ?>
1688			<input name="client_mgmt_port_enable" type="checkbox" id="client_mgmt_port_enable" value="yes" <?=$chk;?> onClick="client_mgmt_port_change()">
1689			</td>
1690			<td>
1691			<span class="vexpl">
1692	8cd558b6	ayvis	<?=gettext("Use a different management port on clients. The default port is 166. Specify a different port if the client machines need to select from multiple OpenVPN links."); ?><br />
1693	faf61f12	Phil Davis	</span>
1694			</td>
1695			</tr>
1696			</table>
1697			<table border="0" cellpadding="2" cellspacing="0" id="client_mgmt_port_data">
1698			<tr>
1699			<td>
1700			<input name="client_mgmt_port" type="text" class="formfld unknown" id="client_mgmt_port" size="30" value="<?=htmlspecialchars($pconfig['client_mgmt_port']);?>">
1701			</td>
1702			</tr>
1703			</table>
1704			</td>
1705			</tr>
1706	3c11bd3c	Matthew Grooms	</table>
1707
1708	2f4f30ee	Scott Ullrich	<table width="100%" border="0" cellpadding="6" cellspacing="0" id="client_opts">
1709			<tr>
1710			<td colspan="2" class="list" height="12"></td>
1711			</tr>
1712			<tr>
1713	4d8b3382	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="listtopic"><?=gettext("Advanced configuration"); ?></td>
1714	2f4f30ee	Scott Ullrich	</tr>
1715			<tr>
1716	4d8b3382	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Advanced"); ?></td>
1717	2f4f30ee	Scott Ullrich	<td width="78%" class="vtable">
1718			<table border="0" cellpadding="2" cellspacing="0">
1719			<tr>
1720			<td>
1721	8cd558b6	ayvis	<textarea rows="6" cols="78" name="custom_options" id="custom_options"><?=htmlspecialchars($pconfig['custom_options']);?></textarea><br />
1722			<?=gettext("Enter any additional options you would like to add to the OpenVPN server configuration here, separated by a semicolon"); ?><br />
1723	4d8b3382	Carlos Eduardo Ramos	<?=gettext("EXAMPLE: push \"route 10.0.0.0 255.255.255.0\""); ?>;
1724	2f4f30ee	Scott Ullrich	</td>
1725			</tr>
1726			</table>
1727			</td>
1728			</tr>
1729			</table>
1730
1731	8cd558b6	ayvis	<br />
1732	4856df9b	jim-p	<table width="100%" border="0" cellpadding="6" cellspacing="0">
1733	d799787e	Matthew Grooms	<tr>
1734			<td width="22%" valign="top"> </td>
1735			<td width="78%">
1736	4d8b3382	Carlos Eduardo Ramos	<input name="save" type="submit" class="formbtn" value="<?=gettext("Save"); ?>">
1737	d799787e	Matthew Grooms	<input name="act" type="hidden" value="<?=$act;?>">
1738			<?php if (isset($id) && $a_server[$id]): ?>
1739	e41ec584	Renato Botelho	<input name="id" type="hidden" value="<?=htmlspecialchars($id);?>">
1740	d799787e	Matthew Grooms	<?php endif; ?>
1741			</td>
1742			</tr>
1743			</table>
1744			</form>
1745
1746			<?php else: ?>
1747
1748	7128ed17	Scott Ullrich	<table class="sortable" width="100%" border="0" cellpadding="0" cellspacing="0">
1749	80fa045a	jim-p	<thead>
1750	d799787e	Matthew Grooms	<tr>
1751	4d8b3382	Carlos Eduardo Ramos	<td width="10%" class="listhdrr"><?=gettext("Disabled"); ?></td>
1752			<td width="10%" class="listhdrr"><?=gettext("Protocol / Port"); ?></td>
1753			<td width="30%" class="listhdrr"><?=gettext("Tunnel Network"); ?></td>
1754			<td width="40%" class="listhdrr"><?=gettext("Description"); ?></td>
1755	d799787e	Matthew Grooms	<td width="10%" class="list"></td>
1756			</tr>
1757	80fa045a	jim-p	</thead>
1758			<tbody>
1759	d799787e	Matthew Grooms	<?php
1760			$i = 0;
1761			foreach($a_server as $server):
1762			$disabled = "NO";
1763	870318b9	Ermal Lu?i	if (isset($server['disable']))
1764	d799787e	Matthew Grooms	$disabled = "YES";
1765			?>
1766			<tr>
1767	d3d9b0ee	Scott Ullrich	<td class="listlr" ondblclick="document.location='vpn_openvpn_server.php?act=edit&id=<?=$i;?>'">
1768	d799787e	Matthew Grooms	<?=$disabled;?>
1769			</td>
1770	d3d9b0ee	Scott Ullrich	<td class="listr" ondblclick="document.location='vpn_openvpn_server.php?act=edit&id=<?=$i;?>'">
1771	43cea754	Chris Buechler	<?=htmlspecialchars($server['protocol']);?> / <?=htmlspecialchars($server['local_port']);?>
1772	d799787e	Matthew Grooms	</td>
1773	d3d9b0ee	Scott Ullrich	<td class="listr" ondblclick="document.location='vpn_openvpn_server.php?act=edit&id=<?=$i;?>'">
1774	8cd558b6	ayvis	<?=htmlspecialchars($server['tunnel_network']);?><br />
1775			<?=htmlspecialchars($server['tunnel_networkv6']);?><br />
1776	d799787e	Matthew Grooms	</td>
1777	d3d9b0ee	Scott Ullrich	<td class="listbg" ondblclick="document.location='vpn_openvpn_server.php?act=edit&id=<?=$i;?>'">
1778	d799787e	Matthew Grooms	<?=htmlspecialchars($server['description']);?>
1779			</td>
1780			<td valign="middle" nowrap class="list">
1781			<a href="vpn_openvpn_server.php?act=edit&id=<?=$i;?>">
1782	4d8b3382	Carlos Eduardo Ramos	<img src="./themes/<?=$g['theme'];?>/images/icons/icon_e.gif" title="<?=gettext("edit server"); ?>" width="17" height="17" border="0">
1783	d799787e	Matthew Grooms	</a>
1784
1785	4d8b3382	Carlos Eduardo Ramos	<a href="vpn_openvpn_server.php?act=del&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this server?"); ?>')">
1786			<img src="/themes/<?=$g['theme'];?>/images/icons/icon_x.gif" title="<?=gettext("delete server"); ?>" width="17" height="17" border="0">
1787	d799787e	Matthew Grooms	</a>
1788			</td>
1789			</tr>
1790			<?php
1791			$i++;
1792			endforeach;
1793			?>
1794	80fa045a	jim-p	</tbody>
1795			<tfoot>
1796	d799787e	Matthew Grooms	<tr>
1797			<td class="list" colspan="4"></td>
1798			<td class="list">
1799	4d8b3382	Carlos Eduardo Ramos	<a href="vpn_openvpn_server.php?act=new"><img src="./themes/<?=$g['theme'];?>/images/icons/icon_plus.gif" title="<?=gettext("add server"); ?>" width="17" height="17" border="0">
1800	d799787e	Matthew Grooms	</a>
1801			</td>
1802			</tr>
1803	80fa045a	jim-p	</tfoot>
1804	d799787e	Matthew Grooms	</table>
1805
1806	7128ed17	Scott Ullrich	<?=gettext("Additional OpenVPN servers can be added here.");?>
1807
1808	ee9933b6	Renato Botelho	<?php endif; ?>
1809	d799787e	Matthew Grooms
1810			</td>
1811			</tr>
1812			</table>
1813			<script language="JavaScript">
1814			<!--
1815	3c11bd3c	Matthew Grooms	mode_change();
1816			autokey_change();
1817			tlsauth_change();
1818	d799787e	Matthew Grooms	gwredir_change();
1819			dns_domain_change();
1820			dns_server_change();
1821			wins_server_change();
1822	faf61f12	Phil Davis	client_mgmt_port_change();
1823	d799787e	Matthew Grooms	ntp_server_change();
1824			netbios_change();
1825	1ab6bdb5	jim-p	tuntap_change();
1826	d799787e	Matthew Grooms	//-->
1827			</script>
1828			</body>
1829			<?php include("fend.inc"); ?>
1830
1831			<?php
1832
1833			/* local utility functions */
1834
1835			function set_checked($var,& $chk) {
1836			if($var)
1837			$chk = 'checked';
1838			else
1839			$chk = '';
1840			}
1841
1842	52971880	Vinicius Coque	?>

Project

General

Profile

pfSense