/usr/local/www/vpn_openvpn_csc.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/usr/local/www/vpn_openvpn_csc.php @ b5249aa3

1	d799787e	Matthew Grooms	<?php
2			/*
3			vpn_openvpn_csc.php
4
5			Copyright (C) 2008 Shrew Soft Inc.
6	ce77a9c4	Phil Davis	Copyright (C) 2013-2015 Electric Sheep Fencing, LP
7	d799787e	Matthew Grooms	All rights reserved.
8
9			Redistribution and use in source and binary forms, with or without
10			modification, are permitted provided that the following conditions are met:
11
12			1. Redistributions of source code must retain the above copyright notice,
13			this list of conditions and the following disclaimer.
14
15			2. Redistributions in binary form must reproduce the above copyright
16			notice, this list of conditions and the following disclaimer in the
17			documentation and/or other materials provided with the distribution.
18
19			THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
20			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
21			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
22			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
23			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
24			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
26			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
27			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
28			POSSIBILITY OF SUCH DAMAGE.
29			*/
30
31			##\|+PRIV
32			##\|*IDENT=page-openvpn-csc
33			##\|*NAME=OpenVPN: Client Specific Override page
34			##\|*DESCR=Allow access to the 'OpenVPN: Client Specific Override' page.
35			##\|MATCH=vpn_openvpn_csc.php
36			##\|-PRIV
37
38			require("guiconfig.inc");
39	d84bd468	Ermal Lu?i	require_once("openvpn.inc");
40	d799787e	Matthew Grooms
41	deeda874	Carlos Eduardo Ramos	$pgtitle = array(gettext("OpenVPN"), gettext("Client Specific Override"));
42	b32dd0a6	jim-p	$shortcut_section = "openvpn";
43	d799787e	Matthew Grooms
44			if (!is_array($config['openvpn']['openvpn-csc']))
45			$config['openvpn']['openvpn-csc'] = array();
46
47			$a_csc = &$config['openvpn']['openvpn-csc'];
48
49	e41ec584	Renato Botelho	if (is_numericint($_GET['id']))
50			$id = $_GET['id'];
51			if (isset($_POST['id']) && is_numericint($_POST['id']))
52	d799787e	Matthew Grooms	$id = $_POST['id'];
53
54			$act = $_GET['act'];
55			if (isset($_POST['act']))
56			$act = $_POST['act'];
57
58			if ($_GET['act'] == "del") {
59
60			if (!$a_csc[$id]) {
61			pfSenseHeader("vpn_openvpn_csc.php");
62			exit;
63			}
64
65	e6af6518	jim-p	openvpn_delete_csc($a_csc[$id]);
66	d799787e	Matthew Grooms	unset($a_csc[$id]);
67			write_config();
68	8cd558b6	ayvis	$savemsg = gettext("Client Specific Override successfully deleted")."<br />";
69	d799787e	Matthew Grooms	}
70
71			if($_GET['act']=="edit"){
72
73			if (isset($id) && $a_csc[$id]) {
74	72d51890	Scott Ullrich	$pconfig['custom_options'] = $a_csc[$id]['custom_options'];
75	0c88fc1e	jim-p	$pconfig['disable'] = isset($a_csc[$id]['disable']);
76	d799787e	Matthew Grooms	$pconfig['common_name'] = $a_csc[$id]['common_name'];
77			$pconfig['block'] = $a_csc[$id]['block'];
78			$pconfig['description'] = $a_csc[$id]['description'];
79
80			$pconfig['tunnel_network'] = $a_csc[$id]['tunnel_network'];
81	5c427ce7	jim-p	$pconfig['local_network'] = $a_csc[$id]['local_network'];
82			$pconfig['local_networkv6'] = $a_csc[$id]['local_networkv6'];
83			$pconfig['remote_network'] = $a_csc[$id]['remote_network'];
84			$pconfig['remote_networkv6'] = $a_csc[$id]['remote_networkv6'];
85	d799787e	Matthew Grooms	$pconfig['gwredir'] = $a_csc[$id]['gwredir'];
86
87			$pconfig['push_reset'] = $a_csc[$id]['push_reset'];
88
89			$pconfig['dns_domain'] = $a_csc[$id]['dns_domain'];
90			if ($pconfig['dns_domain'])
91			$pconfig['dns_domain_enable'] = true;
92
93			$pconfig['dns_server1'] = $a_csc[$id]['dns_server1'];
94			$pconfig['dns_server2'] = $a_csc[$id]['dns_server2'];
95			$pconfig['dns_server3'] = $a_csc[$id]['dns_server3'];
96			$pconfig['dns_server4'] = $a_csc[$id]['dns_server4'];
97			if ($pconfig['dns_server1'] \|\|
98			$pconfig['dns_server2'] \|\|
99			$pconfig['dns_server3'] \|\|
100			$pconfig['dns_server4'])
101			$pconfig['dns_server_enable'] = true;
102
103			$pconfig['ntp_server1'] = $a_csc[$id]['ntp_server1'];
104			$pconfig['ntp_server2'] = $a_csc[$id]['ntp_server2'];
105			if ($pconfig['ntp_server1'] \|\|
106			$pconfig['ntp_server2'])
107			$pconfig['ntp_server_enable'] = true;
108
109			$pconfig['netbios_enable'] = $a_csc[$id]['netbios_enable'];
110			$pconfig['netbios_ntype'] = $a_csc[$id]['netbios_ntype'];
111			$pconfig['netbios_scope'] = $a_csc[$id]['netbios_scope'];
112
113			$pconfig['wins_server1'] = $a_csc[$id]['wins_server1'];
114			$pconfig['wins_server2'] = $a_csc[$id]['wins_server2'];
115			if ($pconfig['wins_server1'] \|\|
116			$pconfig['wins_server2'])
117			$pconfig['wins_server_enable'] = true;
118
119			$pconfig['nbdd_server1'] = $a_csc[$id]['nbdd_server1'];
120			if ($pconfig['nbdd_server1'])
121			$pconfig['nbdd_server_enable'] = true;
122			}
123			}
124
125			if ($_POST) {
126
127			unset($input_errors);
128			$pconfig = $_POST;
129
130			/* input validation */
131			if ($result = openvpn_validate_cidr($pconfig['tunnel_network'], 'Tunnel network'))
132			$input_errors[] = $result;
133
134	5c427ce7	jim-p	if ($result = openvpn_validate_cidr($pconfig['local_network'], 'IPv4 Local Network', true, "ipv4"))
135			$input_errors[] = $result;
136
137			if ($result = openvpn_validate_cidr($pconfig['local_networkv6'], 'IPv6 Local Network', true, "ipv6"))
138			$input_errors[] = $result;
139
140			if ($result = openvpn_validate_cidr($pconfig['remote_network'], 'IPv4 Remote Network', true, "ipv4"))
141			$input_errors[] = $result;
142
143			if ($result = openvpn_validate_cidr($pconfig['remote_networkv6'], 'IPv6 Remote Network', true, "ipv6"))
144			$input_errors[] = $result;
145
146	d799787e	Matthew Grooms	if ($pconfig['dns_server_enable']) {
147			if (!empty($pconfig['dns_server1']) && !is_ipaddr(trim($pconfig['dns_server1'])))
148	deeda874	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'DNS Server #1' must contain a valid IP address");
149	d799787e	Matthew Grooms	if (!empty($pconfig['dns_server2']) && !is_ipaddr(trim($pconfig['dns_server2'])))
150	deeda874	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'DNS Server #2' must contain a valid IP address");
151	d799787e	Matthew Grooms	if (!empty($pconfig['dns_server3']) && !is_ipaddr(trim($pconfig['dns_server3'])))
152	deeda874	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'DNS Server #3' must contain a valid IP address");
153	d799787e	Matthew Grooms	if (!empty($pconfig['dns_server4']) && !is_ipaddr(trim($pconfig['dns_server4'])))
154	deeda874	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'DNS Server #4' must contain a valid IP address");
155	d799787e	Matthew Grooms	}
156
157			if ($pconfig['ntp_server_enable']) {
158			if (!empty($pconfig['ntp_server1']) && !is_ipaddr(trim($pconfig['ntp_server1'])))
159	deeda874	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'NTP Server #1' must contain a valid IP address");
160	d799787e	Matthew Grooms	if (!empty($pconfig['ntp_server2']) && !is_ipaddr(trim($pconfig['ntp_server2'])))
161	deeda874	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'NTP Server #2' must contain a valid IP address");
162	d799787e	Matthew Grooms	if (!empty($pconfig['ntp_server3']) && !is_ipaddr(trim($pconfig['ntp_server3'])))
163	deeda874	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'NTP Server #3' must contain a valid IP address");
164	d799787e	Matthew Grooms	if (!empty($pconfig['ntp_server4']) && !is_ipaddr(trim($pconfig['ntp_server4'])))
165	deeda874	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'NTP Server #4' must contain a valid IP address");
166	d799787e	Matthew Grooms	}
167
168			if ($pconfig['netbios_enable']) {
169			if ($pconfig['wins_server_enable']) {
170			if (!empty($pconfig['wins_server1']) && !is_ipaddr(trim($pconfig['wins_server1'])))
171	deeda874	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'WINS Server #1' must contain a valid IP address");
172	d799787e	Matthew Grooms	if (!empty($pconfig['wins_server2']) && !is_ipaddr(trim($pconfig['wins_server2'])))
173	deeda874	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'WINS Server #2' must contain a valid IP address");
174	d799787e	Matthew Grooms	}
175			if ($pconfig['nbdd_server_enable'])
176			if (!empty($pconfig['nbdd_server1']) && !is_ipaddr(trim($pconfig['nbdd_server1'])))
177	deeda874	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'NetBIOS Data Distribution Server #1' must contain a valid IP address");
178	d799787e	Matthew Grooms	}
179
180	872d9195	Matthew Grooms	$reqdfields[] = 'common_name';
181			$reqdfieldsn[] = 'Common name';
182	d799787e	Matthew Grooms
183	1e9b4611	Renato Botelho	do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
184	d799787e	Matthew Grooms
185			if (!$input_errors) {
186
187			$csc = array();
188
189	72d51890	Scott Ullrich	$csc['custom_options'] = $pconfig['custom_options'];
190	0c88fc1e	jim-p	if ($_POST['disable'] == "yes")
191			$csc['disable'] = true;
192	d799787e	Matthew Grooms	$csc['common_name'] = $pconfig['common_name'];
193			$csc['block'] = $pconfig['block'];
194			$csc['description'] = $pconfig['description'];
195
196			$csc['tunnel_network'] = $pconfig['tunnel_network'];
197	5c427ce7	jim-p	$csc['local_network'] = $pconfig['local_network'];
198			$csc['local_networkv6'] = $pconfig['local_networkv6'];
199			$csc['remote_network'] = $pconfig['remote_network'];
200			$csc['remote_networkv6'] = $pconfig['remote_networkv6'];
201	d799787e	Matthew Grooms	$csc['gwredir'] = $pconfig['gwredir'];
202
203			$csc['push_reset'] = $pconfig['push_reset'];
204
205			if ($pconfig['dns_domain_enable'])
206			$csc['dns_domain'] = $pconfig['dns_domain'];
207
208			if ($pconfig['dns_server_enable']) {
209			$csc['dns_server1'] = $pconfig['dns_server1'];
210			$csc['dns_server2'] = $pconfig['dns_server2'];
211			$csc['dns_server3'] = $pconfig['dns_server3'];
212			$csc['dns_server4'] = $pconfig['dns_server4'];
213			}
214
215			if ($pconfig['ntp_server_enable']) {
216			$csc['ntp_server1'] = $pconfig['ntp_server1'];
217			$csc['ntp_server2'] = $pconfig['ntp_server2'];
218			}
219
220			$csc['netbios_enable'] = $pconfig['netbios_enable'];
221			$csc['netbios_ntype'] = $pconfig['netbios_ntype'];
222			$csc['netbios_scope'] = $pconfig['netbios_scope'];
223
224			if ($pconfig['netbios_enable']) {
225
226			if ($pconfig['wins_server_enable']) {
227			$csc['wins_server1'] = $pconfig['wins_server1'];
228			$csc['wins_server2'] = $pconfig['wins_server2'];
229			}
230
231			if ($pconfig['dns_server_enable'])
232			$csc['nbdd_server1'] = $pconfig['nbdd_server1'];
233			}
234
235	de85521a	jim-p	if (isset($id) && $a_csc[$id]) {
236			$old_csc_cn = $a_csc[$id]['common_name'];
237	d799787e	Matthew Grooms	$a_csc[$id] = $csc;
238	de85521a	jim-p	} else
239	d799787e	Matthew Grooms	$a_csc[] = $csc;
240
241	de85521a	jim-p	if (!empty($old_csc_cn))
242			openvpn_cleanup_csc($old_csc_cn);
243	dc408939	Matthew Grooms	openvpn_resync_csc($csc);
244	d799787e	Matthew Grooms	write_config();
245
246			header("Location: vpn_openvpn_csc.php");
247			exit;
248			}
249			}
250
251			include("head.inc");
252
253			?>
254
255	f6510207	xbipin	<body link="#0000CC" vlink="#0000CC" alink="#0000CC" onload="<?= $jsevents["body"]["onload"] ?>">
256	d799787e	Matthew Grooms	<?php include("fbegin.inc"); ?>
257	91f026b0	ayvis	<script type="text/javascript">
258	1b244d38	Colin Fleming	//<![CDATA[
259	d799787e	Matthew Grooms
260			function dns_domain_change() {
261
262			if (document.iform.dns_domain_enable.checked)
263			document.getElementById("dns_domain_data").style.display="";
264			else
265			document.getElementById("dns_domain_data").style.display="none";
266			}
267
268			function dns_server_change() {
269
270			if (document.iform.dns_server_enable.checked)
271			document.getElementById("dns_server_data").style.display="";
272			else
273			document.getElementById("dns_server_data").style.display="none";
274			}
275
276			function wins_server_change() {
277
278			if (document.iform.wins_server_enable.checked)
279			document.getElementById("wins_server_data").style.display="";
280			else
281			document.getElementById("wins_server_data").style.display="none";
282			}
283
284			function ntp_server_change() {
285
286			if (document.iform.ntp_server_enable.checked)
287			document.getElementById("ntp_server_data").style.display="";
288			else
289			document.getElementById("ntp_server_data").style.display="none";
290			}
291
292			function netbios_change() {
293
294			if (document.iform.netbios_enable.checked) {
295			document.getElementById("netbios_data").style.display="";
296			document.getElementById("wins_opts").style.display="";
297			} else {
298			document.getElementById("netbios_data").style.display="none";
299			document.getElementById("wins_opts").style.display="none";
300			}
301			}
302
303	1b244d38	Colin Fleming	//]]>
304	d799787e	Matthew Grooms	</script>
305			<?php
306			if ($input_errors)
307			print_input_errors($input_errors);
308			if ($savemsg)
309			print_info_box($savemsg);
310			?>
311	e4761933	Colin Fleming	<table width="100%" border="0" cellpadding="0" cellspacing="0" summary="vpn openvpn csc">
312	d799787e	Matthew Grooms	<tr>
313			<td class="tabnavtbl">
314			<?php
315			$tab_array = array();
316			$tab_array[] = array(gettext("Server"), false, "vpn_openvpn_server.php");
317			$tab_array[] = array(gettext("Client"), false, "vpn_openvpn_client.php");
318			$tab_array[] = array(gettext("Client Specific Overrides"), true, "vpn_openvpn_csc.php");
319	5540aee6	Ermal Lu?i	$tab_array[] = array(gettext("Wizards"), false, "wizard.php?xml=openvpn_wizard.xml");
320	b63f2e8b	Matthew Grooms	add_package_tabs("OpenVPN", $tab_array);
321	d799787e	Matthew Grooms	display_top_tabs($tab_array);
322			?>
323			</td>
324			</tr>
325			<tr>
326			<td class="tabcont">
327
328			<?php if($act=="new" \|\| $act=="edit"): ?>
329
330			<form action="vpn_openvpn_csc.php" method="post" name="iform" id="iform" onsubmit="presubmit()">
331	e4761933	Colin Fleming	<table width="100%" border="0" cellpadding="6" cellspacing="0" summary="general information">
332	47c00c09	Scott Ullrich	<tr>
333	deeda874	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="listtopic"><?=gettext("General information"); ?></td>
334	47c00c09	Scott Ullrich	</tr>
335	d799787e	Matthew Grooms	<tr>
336	deeda874	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Disabled"); ?></td>
337	d799787e	Matthew Grooms	<td width="78%" class="vtable">
338	e4761933	Colin Fleming	<table border="0" cellpadding="0" cellspacing="0" summary="enable disable">
339	d799787e	Matthew Grooms	<tr>
340			<td>
341	f3dc4bf1	jim-p	<?php set_checked($pconfig['disable'],$chk); ?>
342	e4761933	Colin Fleming	<input name="disable" type="checkbox" value="yes" <?=$chk;?> />
343	d799787e	Matthew Grooms	</td>
344			<td>
345
346			<span class="vexpl">
347	8cd558b6	ayvis	<strong><?=gettext("Disable this override"); ?></strong><br />
348	d799787e	Matthew Grooms	</span>
349			</td>
350			</tr>
351			</table>
352	deeda874	Carlos Eduardo Ramos	<?=gettext("Set this option to disable this client-specific override without removing it from the list"); ?>.
353	d799787e	Matthew Grooms	</td>
354			</tr>
355			<tr>
356	deeda874	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Common name"); ?></td>
357	d799787e	Matthew Grooms	<td width="78%" class="vtable">
358	e4761933	Colin Fleming	<input name="common_name" type="text" class="formfld unknown" size="30" value="<?=htmlspecialchars($pconfig['common_name']);?>" />
359	8cd558b6	ayvis	<br />
360	deeda874	Carlos Eduardo Ramos	<?=gettext("Enter the client's X.509 common name here"); ?>.
361	d799787e	Matthew Grooms	</td>
362			</tr>
363			<tr>
364	deeda874	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Description"); ?></td>
365	d799787e	Matthew Grooms	<td width="78%" class="vtable">
366	e4761933	Colin Fleming	<input name="description" type="text" class="formfld unknown" size="30" value="<?=htmlspecialchars($pconfig['description']);?>" />
367	8cd558b6	ayvis	<br />
368	deeda874	Carlos Eduardo Ramos	<?=gettext("You may enter a description here for your reference (not parsed)"); ?>.
369	d799787e	Matthew Grooms	</td>
370			</tr>
371			<tr>
372	deeda874	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Connection blocking"); ?></td>
373	d799787e	Matthew Grooms	<td width="78%" class="vtable">
374	e4761933	Colin Fleming	<table border="0" cellpadding="2" cellspacing="0" summary="connection blocking">
375	d799787e	Matthew Grooms	<tr>
376			<td>
377			<?php set_checked($pconfig['block'],$chk); ?>
378	e4761933	Colin Fleming	<input name="block" type="checkbox" value="yes" <?=$chk;?> />
379	d799787e	Matthew Grooms	</td>
380			<td>
381			<span class="vexpl">
382	deeda874	Carlos Eduardo Ramos	<?=gettext("Block this client connection based on its common name"); ?>.
383	d799787e	Matthew Grooms	</span>
384			</td>
385			</tr>
386			</table>
387	deeda874	Carlos Eduardo Ramos	<?=gettext("Don't use this option to permanently disable a " .
388			"client due to a compromised key or password. " .
389			"Use a CRL (certificate revocation list) instead"); ?>.
390	d799787e	Matthew Grooms	</td>
391			</tr>
392			<tr>
393			<td colspan="2" class="list" height="12"></td>
394			</tr>
395			<tr>
396	deeda874	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="listtopic"><?=gettext("Tunnel Settings"); ?></td>
397	d799787e	Matthew Grooms	</tr>
398			<tr>
399	deeda874	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Tunnel Network"); ?></td>
400	d799787e	Matthew Grooms	<td width="78%" class="vtable">
401	e4761933	Colin Fleming	<input name="tunnel_network" type="text" class="formfld unknown" size="20" value="<?=htmlspecialchars($pconfig['tunnel_network']);?>" />
402	8cd558b6	ayvis	<br />
403	deeda874	Carlos Eduardo Ramos	<?=gettext("This is the virtual network used for private " .
404			"communications between this client and the " .
405			"server expressed using CIDR (eg. 10.0.8.0/24). " .
406			"The first network address is assumed to be the " .
407			"server address and the second network address " .
408			"will be assigned to the client virtual " .
409			"interface"); ?>.
410	d799787e	Matthew Grooms	</td>
411			</tr>
412	5c427ce7	jim-p	<tr id="local_optsv4">
413			<td width="22%" valign="top" class="vncell"><?=gettext("IPv4 Local Network/s"); ?></td>
414			<td width="78%" class="vtable">
415	e4761933	Colin Fleming	<input name="local_network" type="text" class="formfld unknown" size="40" value="<?=htmlspecialchars($pconfig['local_network']);?>" />
416	8cd558b6	ayvis	<br />
417	5c427ce7	jim-p	<?=gettext("These are the IPv4 networks that will be accessible " .
418			"from this particular client. Expressed as a comma-separated list of one or more CIDR ranges."); ?>
419	8cd558b6	ayvis	<br /><?=gettext("NOTE: You do not need to specify networks here if they have " .
420	2aff8089	jim-p	"already been defined on the main server configuration.");?>
421	5c427ce7	jim-p	</td>
422			</tr>
423			<tr id="local_optsv6">
424			<td width="22%" valign="top" class="vncell"><?=gettext("IPv6 Local Network/s"); ?></td>
425			<td width="78%" class="vtable">
426	e4761933	Colin Fleming	<input name="local_networkv6" type="text" class="formfld unknown" size="40" value="<?=htmlspecialchars($pconfig['local_networkv6']);?>" />
427	8cd558b6	ayvis	<br />
428	5c427ce7	jim-p	<?=gettext("These are the IPv6 networks that will be accessible " .
429			"from this particular client. Expressed as a comma-separated list of one or more IP/PREFIX networks."); ?>
430	8cd558b6	ayvis	<br /><?=gettext("NOTE: You do not need to specify networks here if they have " .
431	2aff8089	jim-p	"already been defined on the main server configuration.");?>
432	5c427ce7	jim-p	</td>
433			</tr>
434			<tr id="remote_optsv4">
435			<td width="22%" valign="top" class="vncell"><?=gettext("IPv4 Remote Network/s"); ?></td>
436			<td width="78%" class="vtable">
437	e4761933	Colin Fleming	<input name="remote_network" type="text" class="formfld unknown" size="40" value="<?=htmlspecialchars($pconfig['remote_network']);?>" />
438	8cd558b6	ayvis	<br />
439	5c427ce7	jim-p	<?=gettext("These are the IPv4 networks that will be routed " .
440			"to this client specifically using iroute, so that a site-to-site " .
441			"VPN can be established. " .
442			"Expressed as a comma-separated list of one or more CIDR ranges. " .
443	2aff8089	jim-p	"You may leave this blank if there are no client-side networks to " .
444	5c427ce7	jim-p	"be routed"); ?>.
445	8cd558b6	ayvis	<br /><?=gettext("NOTE: Remember to add these subnets to the " .
446	ffe6f371	Chris Buechler	"IPv4 Remote Networks list on the corresponding OpenVPN server settings.");?>
447	5c427ce7	jim-p	</td>
448			</tr>
449			<tr id="remote_optsv6">
450			<td width="22%" valign="top" class="vncell"><?=gettext("IPv6 Remote Network/s"); ?></td>
451			<td width="78%" class="vtable">
452	e4761933	Colin Fleming	<input name="remote_networkv6" type="text" class="formfld unknown" size="40" value="<?=htmlspecialchars($pconfig['remote_networkv6']);?>" />
453	8cd558b6	ayvis	<br />
454	5c427ce7	jim-p	<?=gettext("These are the IPv6 networks that will be routed " .
455			"to this client specifically using iroute, so that a site-to-site " .
456			"VPN can be established. " .
457			"Expressed as a comma-separated list of one or more IP/PREFIX networks. " .
458	2aff8089	jim-p	"You may leave this blank if there are no client-side networks to " .
459	5c427ce7	jim-p	"be routed"); ?>.
460	8cd558b6	ayvis	<br /><?=gettext("NOTE: Remember to add these subnets to the " .
461	ffe6f371	Chris Buechler	"IPv6 Remote Networks list on the corresponding OpenVPN server settings.");?>
462	5c427ce7	jim-p	</td>
463			</tr>
464	d799787e	Matthew Grooms	<tr>
465	deeda874	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Redirect Gateway"); ?></td>
466	d799787e	Matthew Grooms	<td width="78%" class="vtable">
467	e4761933	Colin Fleming	<table border="0" cellpadding="2" cellspacing="0" summary="redirect gateway">
468	d799787e	Matthew Grooms	<tr>
469			<td>
470			<?php set_checked($pconfig['gwredir'],$chk); ?>
471	e4761933	Colin Fleming	<input name="gwredir" type="checkbox" value="yes" <?=$chk;?> />
472	d799787e	Matthew Grooms	</td>
473			<td>
474			<span class="vexpl">
475	deeda874	Carlos Eduardo Ramos	<?=gettext("Force all client generated traffic through the tunnel"); ?>.
476	d799787e	Matthew Grooms	</span>
477			</td>
478			</tr>
479			</table>
480			</td>
481			</tr>
482			<tr>
483			<td colspan="2" class="list" height="12"></td>
484			</tr>
485			<tr>
486	deeda874	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="listtopic"><?=gettext("Client Settings"); ?></td>
487	d799787e	Matthew Grooms	</tr>
488			<tr>
489	deeda874	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Server Definitions"); ?></td>
490	d799787e	Matthew Grooms	<td width="78%" class="vtable">
491	e4761933	Colin Fleming	<table border="0" cellpadding="2" cellspacing="0" summary="server definitions">
492	d799787e	Matthew Grooms	<tr>
493			<td>
494			<?php set_checked($pconfig['push_reset'],$chk); ?>
495	e4761933	Colin Fleming	<input name="push_reset" type="checkbox" value="yes" <?=$chk;?> />
496	d799787e	Matthew Grooms	</td>
497			<td>
498			<span class="vexpl">
499	deeda874	Carlos Eduardo Ramos	<?=gettext("Prevent this client from receiving any server-defined client settings"); ?>.
500	d799787e	Matthew Grooms	</span>
501			</td>
502			</tr>
503			</table>
504			</td>
505			</tr>
506			<tr>
507	deeda874	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("DNS Default Domain"); ?></td>
508	d799787e	Matthew Grooms	<td width="78%" class="vtable">
509	e4761933	Colin Fleming	<table border="0" cellpadding="2" cellspacing="0" summary="dns default domain">
510	d799787e	Matthew Grooms	<tr>
511			<td>
512			<?php set_checked($pconfig['dns_domain_enable'],$chk); ?>
513	e4761933	Colin Fleming	<input name="dns_domain_enable" type="checkbox" id="dns_domain_enable" value="yes" <?=$chk;?> onclick="dns_domain_change()" />
514	d799787e	Matthew Grooms	</td>
515			<td>
516			<span class="vexpl">
517	8cd558b6	ayvis	<?=gettext("Provide a default domain name to clients"); ?><br />
518	d799787e	Matthew Grooms	</span>
519			</td>
520			</tr>
521			</table>
522	e4761933	Colin Fleming	<table border="0" cellpadding="2" cellspacing="0" id="dns_domain_data" summary="dns domain data">
523	d799787e	Matthew Grooms	<tr>
524			<td>
525	e4761933	Colin Fleming	<input name="dns_domain" type="text" class="formfld unknown" id="dns_domain" size="30" value="<?=htmlspecialchars($pconfig['dns_domain']);?>" />
526	d799787e	Matthew Grooms	</td>
527			</tr>
528			</table>
529			</td>
530			</tr>
531			<tr>
532	deeda874	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("DNS Servers"); ?></td>
533	d799787e	Matthew Grooms	<td width="78%" class="vtable">
534	e4761933	Colin Fleming	<table border="0" cellpadding="2" cellspacing="0" summary="dns servers">
535	d799787e	Matthew Grooms	<tr>
536			<td>
537			<?php set_checked($pconfig['dns_server_enable'],$chk); ?>
538	e4761933	Colin Fleming	<input name="dns_server_enable" type="checkbox" id="dns_server_enable" value="yes" <?=$chk;?> onclick="dns_server_change()" />
539	d799787e	Matthew Grooms	</td>
540			<td>
541			<span class="vexpl">
542	8cd558b6	ayvis	<?=gettext("Provide a DNS server list to clients"); ?><br />
543	d799787e	Matthew Grooms	</span>
544			</td>
545			</tr>
546			</table>
547	e4761933	Colin Fleming	<table border="0" cellpadding="2" cellspacing="0" id="dns_server_data" summary="dns server list">
548	d799787e	Matthew Grooms	<tr>
549			<td>
550			<span class="vexpl">
551	deeda874	Carlos Eduardo Ramos	<?=gettext("Server"); ?> #1:
552	d799787e	Matthew Grooms	</span>
553	e4761933	Colin Fleming	<input name="dns_server1" type="text" class="formfld unknown" id="dns_server1" size="20" value="<?=htmlspecialchars($pconfig['dns_server1']);?>" />
554	d799787e	Matthew Grooms	</td>
555			</tr>
556			<tr>
557			<td>
558			<span class="vexpl">
559	deeda874	Carlos Eduardo Ramos	<?=gettext("Server"); ?> #2:
560	d799787e	Matthew Grooms	</span>
561	e4761933	Colin Fleming	<input name="dns_server2" type="text" class="formfld unknown" id="dns_server2" size="20" value="<?=htmlspecialchars($pconfig['dns_server2']);?>" />
562	d799787e	Matthew Grooms	</td>
563			</tr>
564			<tr>
565			<td>
566			<span class="vexpl">
567	deeda874	Carlos Eduardo Ramos	<?=gettext("Server"); ?> #3:
568	d799787e	Matthew Grooms	</span>
569	e4761933	Colin Fleming	<input name="dns_server3" type="text" class="formfld unknown" id="dns_server3" size="20" value="<?=htmlspecialchars($pconfig['dns_server3']);?>" />
570	d799787e	Matthew Grooms	</td>
571			</tr>
572			<tr>
573			<td>
574			<span class="vexpl">
575	deeda874	Carlos Eduardo Ramos	<?=gettext("Server"); ?> #4:
576	d799787e	Matthew Grooms	</span>
577	e4761933	Colin Fleming	<input name="dns_server4" type="text" class="formfld unknown" id="dns_server4" size="20" value="<?=htmlspecialchars($pconfig['dns_server4']);?>" />
578	d799787e	Matthew Grooms	</td>
579			</tr>
580			</table>
581			</td>
582			</tr>
583			<tr>
584	deeda874	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("NTP Servers"); ?></td>
585	d799787e	Matthew Grooms	<td width="78%" class="vtable">
586	e4761933	Colin Fleming	<table border="0" cellpadding="2" cellspacing="0" summary="ntp servers">
587	d799787e	Matthew Grooms	<tr>
588			<td>
589			<?php set_checked($pconfig['ntp_server_enable'],$chk); ?>
590	e4761933	Colin Fleming	<input name="ntp_server_enable" type="checkbox" id="ntp_server_enable" value="yes" <?=$chk;?> onclick="ntp_server_change()" />
591	d799787e	Matthew Grooms	</td>
592			<td>
593			<span class="vexpl">
594	8cd558b6	ayvis	<?=gettext("Provide a NTP server list to clients"); ?><br />
595	d799787e	Matthew Grooms	</span>
596			</td>
597			</tr>
598			</table>
599	e4761933	Colin Fleming	<table border="0" cellpadding="2" cellspacing="0" id="ntp_server_data" summary="ntp server list">
600	d799787e	Matthew Grooms	<tr>
601			<td>
602			<span class="vexpl">
603	deeda874	Carlos Eduardo Ramos	<?=gettext("Server"); ?> #1:
604	d799787e	Matthew Grooms	</span>
605	e4761933	Colin Fleming	<input name="ntp_server1" type="text" class="formfld unknown" id="ntp_server1" size="20" value="<?=$pconfig['ntp_server1'];?>" />
606	d799787e	Matthew Grooms	</td>
607			</tr>
608			<tr>
609			<td>
610			<span class="vexpl">
611	deeda874	Carlos Eduardo Ramos	<?=gettext("Server"); ?> #2:
612	d799787e	Matthew Grooms	</span>
613	e4761933	Colin Fleming	<input name="ntp_server2" type="text" class="formfld unknown" id="ntp_server2" size="20" value="<?=$pconfig['ntp_server2'];?>" />
614	d799787e	Matthew Grooms	</td>
615			</tr>
616			</table>
617			</td>
618			</tr>
619			<tr>
620	deeda874	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("NetBIOS Options"); ?></td>
621	d799787e	Matthew Grooms	<td width="78%" class="vtable">
622	e4761933	Colin Fleming	<table border="0" cellpadding="2" cellspacing="0" summary="netbios options">
623	d799787e	Matthew Grooms	<tr>
624			<td>
625			<?php set_checked($pconfig['netbios_enable'],$chk); ?>
626	e4761933	Colin Fleming	<input name="netbios_enable" type="checkbox" id="netbios_enable" value="yes" <?=$chk;?> onclick="netbios_change()" />
627	d799787e	Matthew Grooms	</td>
628			<td>
629			<span class="vexpl">
630	8cd558b6	ayvis	<?=gettext("Enable NetBIOS over TCP/IP"); ?><br />
631	d799787e	Matthew Grooms	</span>
632			</td>
633			</tr>
634			</table>
635	399e4b3f	Warren Baker	<?=gettext("If this option is not set, all NetBIOS-over-TCP/IP options (including WINS) will be disabled"); ?>.
636	8cd558b6	ayvis	<br />
637	e4761933	Colin Fleming	<table border="0" cellpadding="2" cellspacing="0" id="netbios_data" summary="netbios options">
638	d799787e	Matthew Grooms	<tr>
639			<td>
640	8cd558b6	ayvis	<br />
641	d799787e	Matthew Grooms	<span class="vexpl">
642	deeda874	Carlos Eduardo Ramos	<?=gettext("Node Type"); ?>:
643	d799787e	Matthew Grooms	</span>
644			<select name='netbios_ntype' class="formselect">
645			<?php
646			foreach ($netbios_nodetypes as $type => $name):
647			$selected = "";
648			if ($pconfig['netbios_ntype'] == $type)
649	e4761933	Colin Fleming	$selected = "selected=\"selected\"";
650	d799787e	Matthew Grooms	?>
651			<option value="<?=$type;?>" <?=$selected;?>><?=$name;?></option>
652			<?php endforeach; ?>
653			</select>
654	8cd558b6	ayvis	<br />
655	deeda874	Carlos Eduardo Ramos	<?=gettext("Possible options: b-node (broadcasts), p-node " .
656			"(point-to-point name queries to a WINS server), " .
657			"m-node (broadcast then query name server), and " .
658			"h-node (query name server, then broadcast)"); ?>.
659	d799787e	Matthew Grooms	</td>
660			</tr>
661			<tr>
662			<td>
663	8cd558b6	ayvis	<br />
664	d799787e	Matthew Grooms	<span class="vexpl">
665			Scope ID:
666			</span>
667	e4761933	Colin Fleming	<input name="netbios_scope" type="text" class="formfld unknown" id="netbios_scope" size="30" value="<?=htmlspecialchars($pconfig['netbios_scope']);?>" />
668	8cd558b6	ayvis	<br />
669	deeda874	Carlos Eduardo Ramos	<?=gettext("A NetBIOS Scope ID provides an extended naming " .
670			"service for NetBIOS over TCP/IP. The NetBIOS " .
671			"scope ID isolates NetBIOS traffic on a single " .
672			"network to only those nodes with the same " .
673			"NetBIOS scope ID"); ?>.
674	d799787e	Matthew Grooms	</td>
675			</tr>
676			</table>
677			</td>
678			</tr>
679			<tr id="wins_opts">
680	deeda874	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("WINS Servers"); ?></td>
681	d799787e	Matthew Grooms	<td width="78%" class="vtable">
682	e4761933	Colin Fleming	<table border="0" cellpadding="2" cellspacing="0" summary="wins servers">
683	d799787e	Matthew Grooms	<tr>
684			<td>
685			<?php set_checked($pconfig['wins_server_enable'],$chk); ?>
686	e4761933	Colin Fleming	<input name="wins_server_enable" type="checkbox" id="wins_server_enable" value="yes" <?=$chk;?> onclick="wins_server_change()" />
687	d799787e	Matthew Grooms	</td>
688			<td>
689			<span class="vexpl">
690	8cd558b6	ayvis	<?=gettext("Provide a WINS server list to clients"); ?><br />
691	d799787e	Matthew Grooms	</span>
692			</td>
693			</tr>
694			</table>
695	e4761933	Colin Fleming	<table border="0" cellpadding="2" cellspacing="0" id="wins_server_data" summary="wins server list">
696	d799787e	Matthew Grooms	<tr>
697			<td>
698			<span class="vexpl">
699	deeda874	Carlos Eduardo Ramos	<?=gettext("Server"); ?> #1:
700	d799787e	Matthew Grooms	</span>
701	e4761933	Colin Fleming	<input name="wins_server1" type="text" class="formfld unknown" id="wins_server1" size="20" value="<?=$pconfig['wins_server1'];?>" />
702	d799787e	Matthew Grooms	</td>
703			</tr>
704			<tr>
705			<td>
706			<span class="vexpl">
707	deeda874	Carlos Eduardo Ramos	<?=gettext("Server"); ?> #2:
708	d799787e	Matthew Grooms	</span>
709	e4761933	Colin Fleming	<input name="wins_server2" type="text" class="formfld unknown" id="wins_server2" size="20" value="<?=$pconfig['wins_server2'];?>" />
710	d799787e	Matthew Grooms	</td>
711			</tr>
712			</table>
713			</td>
714			</tr>
715	72d51890	Scott Ullrich	<tr>
716	deeda874	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Advanced"); ?></td>
717	72d51890	Scott Ullrich	<td width="78%" class="vtable">
718	e4761933	Colin Fleming	<table border="0" cellpadding="2" cellspacing="0" summary="advanced">
719	72d51890	Scott Ullrich	<tr>
720			<td>
721	8cd558b6	ayvis	<textarea rows="6" cols="70" name="custom_options" id="custom_options"><?=$pconfig['custom_options'];?></textarea><br />
722			<?=gettext("Enter any additional options you would like to add for this client specific override, separated by a semicolon"); ?><br />
723	deeda874	Carlos Eduardo Ramos	<?=gettext("EXAMPLE: push \"route 10.0.0.0 255.255.255.0\""); ?>;
724	72d51890	Scott Ullrich	</td>
725			</tr>
726			</table>
727			</td>
728			</tr>
729	d799787e	Matthew Grooms	<tr>
730			<td width="22%" valign="top"> </td>
731			<td width="78%">
732	e4761933	Colin Fleming	<input name="save" type="submit" class="formbtn" value="<?=gettext("Save"); ?>" />
733			<input name="act" type="hidden" value="<?=$act;?>" />
734	d799787e	Matthew Grooms	<?php if (isset($id) && $a_csc[$id]): ?>
735	e4761933	Colin Fleming	<input name="id" type="hidden" value="<?=htmlspecialchars($id);?>" />
736	d799787e	Matthew Grooms	<?php endif; ?>
737			</td>
738			</tr>
739			</table>
740			</form>
741
742			<?php else: ?>
743
744	e4761933	Colin Fleming	<table width="100%" border="0" cellpadding="0" cellspacing="0" summary="list">
745	d799787e	Matthew Grooms	<tr>
746	deeda874	Carlos Eduardo Ramos	<td width="10%" class="listhdrr"><?=gettext("Disabled"); ?></td>
747			<td width="40%" class="listhdrr"><?=gettext("Common Name"); ?></td>
748			<td width="40%" class="listhdrr"><?=gettext("Description"); ?></td>
749	d799787e	Matthew Grooms	<td width="10%" class="list"></td>
750			</tr>
751			<?php
752			$i = 0;
753			foreach($a_csc as $csc):
754			$disabled = "NO";
755	0c88fc1e	jim-p	if (isset($csc['disable']))
756	d799787e	Matthew Grooms	$disabled = "YES";
757			?>
758	e4761933	Colin Fleming	<tr ondblclick="document.location='vpn_openvpn_csc.php?act=edit&id=<?=$i;?>'">
759	d799787e	Matthew Grooms	<td class="listlr">
760			<?=$disabled;?>
761			</td>
762			<td class="listr">
763			<?=htmlspecialchars($csc['common_name']);?>
764			</td>
765	296a3cb6	Scott Ullrich	<td class="listbg">
766	d799787e	Matthew Grooms	<?=htmlspecialchars($csc['description']);?>
767			</td>
768	e4761933	Colin Fleming	<td valign="middle" class="list nowrap">
769			<a href="vpn_openvpn_csc.php?act=edit&id=<?=$i;?>">
770			<img src="./themes/<?=$g['theme'];?>/images/icons/icon_e.gif" title="<?=gettext("edit csc"); ?>" width="17" height="17" border="0" alt="edit" />
771	d799787e	Matthew Grooms	</a>
772
773	e4761933	Colin Fleming	<a href="vpn_openvpn_csc.php?act=del&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this csc?"); ?>')">
774			<img src="/themes/<?=$g['theme'];?>/images/icons/icon_x.gif" title="<?=gettext("delete csc"); ?>" width="17" height="17" border="0" alt="delete" />
775	d799787e	Matthew Grooms	</a>
776			</td>
777			</tr>
778			<?php
779			$i++;
780			endforeach;
781			?>
782			<tr>
783			<td class="list" colspan="3"></td>
784			<td class="list">
785	e4761933	Colin Fleming	<a href="vpn_openvpn_csc.php?act=new"><img src="./themes/<?=$g['theme'];?>/images/icons/icon_plus.gif" title="<?=gettext("add csc"); ?>" width="17" height="17" border="0" alt="add" />
786	d799787e	Matthew Grooms	</a>
787			</td>
788			</tr>
789			<tr>
790			<td colspan="3">
791			<p>
792			<?=gettext("Additional OpenVPN client specific overrides can be added here.");?>
793			</p>
794			</td>
795			</tr>
796			</table>
797
798	ee9933b6	Renato Botelho	<?php endif; ?>
799	d799787e	Matthew Grooms
800			</td>
801			</tr>
802			</table>
803	91f026b0	ayvis	<script type="text/javascript">
804	e4761933	Colin Fleming	//<![CDATA[
805	d799787e	Matthew Grooms	dns_domain_change();
806			dns_server_change();
807			wins_server_change();
808			ntp_server_change();
809			netbios_change();
810	e4761933	Colin Fleming	//]]>
811	d799787e	Matthew Grooms	</script>
812			<?php include("fend.inc"); ?>
813	e4761933	Colin Fleming	</body>
814			</html>
815	d799787e	Matthew Grooms
816			<?php
817
818			/* local utility functions */
819
820			function set_checked($var,& $chk) {
821			if($var)
822	e4761933	Colin Fleming	$chk = "checked=\"checked\"";
823	d799787e	Matthew Grooms	else
824	e4761933	Colin Fleming	$chk = "";
825	d799787e	Matthew Grooms	}
826
827			?>

Project

General

Profile

pfSense