/usr/local/www/vpn_openvpn_client.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/usr/local/www/vpn_openvpn_client.php @ cdb782b7

1	d799787e	Matthew Grooms	<?php
2			/*
3			vpn_openvpn_client.php
4
5			Copyright (C) 2008 Shrew Soft Inc.
6			All rights reserved.
7
8			Redistribution and use in source and binary forms, with or without
9			modification, are permitted provided that the following conditions are met:
10
11			1. Redistributions of source code must retain the above copyright notice,
12			this list of conditions and the following disclaimer.
13
14			2. Redistributions in binary form must reproduce the above copyright
15			notice, this list of conditions and the following disclaimer in the
16			documentation and/or other materials provided with the distribution.
17
18			THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
19			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
20			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
21			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
22			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
24			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
25			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
26			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
27			POSSIBILITY OF SUCH DAMAGE.
28			*/
29
30			##\|+PRIV
31			##\|*IDENT=page-openvpn-client
32			##\|*NAME=OpenVPN: Client page
33			##\|*DESCR=Allow access to the 'OpenVPN: Client' page.
34			##\|MATCH=vpn_openvpn_client.php
35			##\|-PRIV
36
37			require("guiconfig.inc");
38	d84bd468	Ermal Lu?i	require_once("openvpn.inc");
39	d799787e	Matthew Grooms
40	2fa7a468	Carlos Eduardo Ramos	$pgtitle = array(gettext("OpenVPN"), gettext("Client"));
41	b32dd0a6	jim-p	$shortcut_section = "openvpn";
42	d799787e	Matthew Grooms
43			if (!is_array($config['openvpn']['openvpn-client']))
44			$config['openvpn']['openvpn-client'] = array();
45
46			$a_client = &$config['openvpn']['openvpn-client'];
47
48	428e66b6	jim-p	if (!is_array($config['ca']))
49			$config['ca'] = array();
50
51			$a_ca =& $config['ca'];
52
53			if (!is_array($config['cert']))
54			$config['cert'] = array();
55
56			$a_cert =& $config['cert'];
57
58			if (!is_array($config['crl']))
59			$config['crl'] = array();
60
61			$a_crl =& $config['crl'];
62
63	e41ec584	Renato Botelho	if (is_numericint($_GET['id']))
64			$id = $_GET['id'];
65			if (isset($_POST['id']) && is_numericint($_POST['id']))
66	d799787e	Matthew Grooms	$id = $_POST['id'];
67
68			$act = $_GET['act'];
69			if (isset($_POST['act']))
70			$act = $_POST['act'];
71
72	6d9b1074	jim-p	if (isset($id) && $a_client[$id])
73			$vpnid = $a_client[$id]['vpnid'];
74			else
75			$vpnid = 0;
76
77	d799787e	Matthew Grooms	if ($_GET['act'] == "del") {
78
79	767cf960	jim-p	if (!isset($a_client[$id])) {
80	d799787e	Matthew Grooms	pfSenseHeader("vpn_openvpn_client.php");
81			exit;
82			}
83	767cf960	jim-p	if (!empty($a_client[$id]))
84			openvpn_delete('client', $a_client[$id]);
85	d799787e	Matthew Grooms	unset($a_client[$id]);
86			write_config();
87	8cd558b6	ayvis	$savemsg = gettext("Client successfully deleted")."<br />";
88	d799787e	Matthew Grooms	}
89
90	f432e364	Matthew Grooms	if($_GET['act']=="new"){
91	3c11bd3c	Matthew Grooms	$pconfig['autokey_enable'] = "yes";
92			$pconfig['tlsauth_enable'] = "yes";
93			$pconfig['autotls_enable'] = "yes";
94	f432e364	Matthew Grooms	$pconfig['interface'] = "wan";
95			$pconfig['server_port'] = 1194;
96	97d5b59b	jim-p	// OpenVPN Defaults to SHA1
97			$pconfig['digest'] = "SHA1";
98	f432e364	Matthew Grooms	}
99
100	5f242576	PiBa-NL	global $simplefields;
101			$simplefields = array('auth_user','auth_pass');
102
103	d799787e	Matthew Grooms	if($_GET['act']=="edit"){
104
105			if (isset($id) && $a_client[$id]) {
106	5f242576	PiBa-NL	foreach($simplefields as $stat)
107			$pconfig[$stat] = $a_client[$id][$stat];
108
109	8319ee63	jim-p	$pconfig['disable'] = isset($a_client[$id]['disable']);
110	3c11bd3c	Matthew Grooms	$pconfig['mode'] = $a_client[$id]['mode'];
111	d799787e	Matthew Grooms	$pconfig['protocol'] = $a_client[$id]['protocol'];
112			$pconfig['interface'] = $a_client[$id]['interface'];
113	67b0902f	pierrepomes	if (!empty($a_client[$id]['ipaddr'])) {
114			$pconfig['interface'] = $pconfig['interface'] . '\|' . $a_client[$id]['ipaddr'];
115			}
116	d799787e	Matthew Grooms	$pconfig['local_port'] = $a_client[$id]['local_port'];
117			$pconfig['server_addr'] = $a_client[$id]['server_addr'];
118			$pconfig['server_port'] = $a_client[$id]['server_port'];
119			$pconfig['resolve_retry'] = $a_client[$id]['resolve_retry'];
120			$pconfig['proxy_addr'] = $a_client[$id]['proxy_addr'];
121			$pconfig['proxy_port'] = $a_client[$id]['proxy_port'];
122	762a24a3	Ermal Lu?i	$pconfig['proxy_user'] = $a_client[$id]['proxy_user'];
123			$pconfig['proxy_passwd'] = $a_client[$id]['proxy_passwd'];
124			$pconfig['proxy_authtype'] = $a_client[$id]['proxy_authtype'];
125	d799787e	Matthew Grooms	$pconfig['description'] = $a_client[$id]['description'];
126	c7323d81	sullrich	$pconfig['custom_options'] = $a_client[$id]['custom_options'];
127	691fbf14	Ermal Lu?i	$pconfig['ns_cert_type'] = $a_client[$id]['ns_cert_type'];
128	4936ff53	jim-p	$pconfig['dev_mode'] = $a_client[$id]['dev_mode'];
129	691fbf14	Ermal Lu?i
130	3c11bd3c	Matthew Grooms	if ($pconfig['mode'] != "p2p_shared_key") {
131	d799787e	Matthew Grooms	$pconfig['caref'] = $a_client[$id]['caref'];
132			$pconfig['certref'] = $a_client[$id]['certref'];
133	3c11bd3c	Matthew Grooms	if ($a_client[$id]['tls']) {
134			$pconfig['tlsauth_enable'] = "yes";
135			$pconfig['tls'] = base64_decode($a_client[$id]['tls']);
136			}
137			} else
138			$pconfig['shared_key'] = base64_decode($a_client[$id]['shared_key']);
139	d799787e	Matthew Grooms	$pconfig['crypto'] = $a_client[$id]['crypto'];
140	97d5b59b	jim-p	// OpenVPN Defaults to SHA1 if unset
141			$pconfig['digest'] = !empty($a_client[$id]['digest']) ? $a_client[$id]['digest'] : "SHA1";
142	f5c704b6	jim-p	$pconfig['engine'] = $a_client[$id]['engine'];
143	d799787e	Matthew Grooms
144			$pconfig['tunnel_network'] = $a_client[$id]['tunnel_network'];
145	4856df9b	jim-p	$pconfig['tunnel_networkv6'] = $a_client[$id]['tunnel_networkv6'];
146	d799787e	Matthew Grooms	$pconfig['remote_network'] = $a_client[$id]['remote_network'];
147	4856df9b	jim-p	$pconfig['remote_networkv6'] = $a_client[$id]['remote_networkv6'];
148	b422360c	jim-p	$pconfig['use_shaper'] = $a_client[$id]['use_shaper'];
149	d799787e	Matthew Grooms	$pconfig['compression'] = $a_client[$id]['compression'];
150	1cb0b40a	Matthew Grooms	$pconfig['passtos'] = $a_client[$id]['passtos'];
151	3c11bd3c	Matthew Grooms
152			// just in case the modes switch
153			$pconfig['autokey_enable'] = "yes";
154			$pconfig['autotls_enable'] = "yes";
155	d799787e	Matthew Grooms	}
156			}
157
158			if ($_POST) {
159
160			unset($input_errors);
161			$pconfig = $_POST;
162
163	dc408939	Matthew Grooms	if (isset($id) && $a_client[$id])
164			$vpnid = $a_client[$id]['vpnid'];
165	f432e364	Matthew Grooms	else
166			$vpnid = 0;
167
168	198bb449	jim-p	list($iv_iface, $iv_ip) = explode ("\|",$pconfig['interface']);
169			if (is_ipaddrv4($iv_ip) && (stristr($pconfig['protocol'], "6") !== false)) {
170			$input_errors[] = gettext("Protocol and IP address families do not match. You cannot select an IPv6 protocol and an IPv4 IP address.");
171			} elseif (is_ipaddrv6($iv_ip) && (stristr($pconfig['protocol'], "6") === false)) {
172			$input_errors[] = gettext("Protocol and IP address families do not match. You cannot select an IPv4 protocol and an IPv6 IP address.");
173	489f484c	jim-p	} elseif ((stristr($pconfig['protocol'], "6") === false) && !get_interface_ip($iv_iface) && ($pconfig['interface'] != "any")) {
174	198bb449	jim-p	$input_errors[] = gettext("An IPv4 protocol was selected, but the selected interface has no IPv4 address.");
175	489f484c	jim-p	} elseif ((stristr($pconfig['protocol'], "6") !== false) && !get_interface_ipv6($iv_iface) && ($pconfig['interface'] != "any")) {
176	198bb449	jim-p	$input_errors[] = gettext("An IPv6 protocol was selected, but the selected interface has no IPv6 address.");
177			}
178
179	98c0c87a	jim-p	if ($pconfig['mode'] != "p2p_shared_key")
180	3c11bd3c	Matthew Grooms	$tls_mode = true;
181			else
182			$tls_mode = false;
183
184	d799787e	Matthew Grooms	/* input validation */
185	f432e364	Matthew Grooms	if ($pconfig['local_port']) {
186
187			if ($result = openvpn_validate_port($pconfig['local_port'], 'Local port'))
188			$input_errors[] = $result;
189
190	49b76122	Renato Botelho	$portused = openvpn_port_used($pconfig['protocol'], $pconfig['interface'], $pconfig['local_port'], $vpnid);
191	5accf130	jim-p	if (($portused != $vpnid) && ($portused != 0))
192	2fa7a468	Carlos Eduardo Ramos	$input_errors[] = gettext("The specified 'Local port' is in use. Please select another value");
193	f432e364	Matthew Grooms	}
194
195	d799787e	Matthew Grooms	if ($result = openvpn_validate_host($pconfig['server_addr'], 'Server host or address'))
196			$input_errors[] = $result;
197
198			if ($result = openvpn_validate_port($pconfig['server_port'], 'Server port'))
199			$input_errors[] = $result;
200
201			if ($pconfig['proxy_addr']) {
202
203			if ($result = openvpn_validate_host($pconfig['proxy_addr'], 'Proxy host or address'))
204			$input_errors[] = $result;
205
206			if ($result = openvpn_validate_port($pconfig['proxy_port'], 'Proxy port'))
207			$input_errors[] = $result;
208	762a24a3	Ermal Lu?i
209			if ($pconfig['proxy_authtype'] != "none") {
210			if (empty($pconfig['proxy_user']) \|\| empty($pconfig['proxy_passwd']))
211	2fa7a468	Carlos Eduardo Ramos	$input_errors[] = gettext("User name and password are required for proxy with authentication.");
212	762a24a3	Ermal Lu?i	}
213	d799787e	Matthew Grooms	}
214
215	c13b87a0	sullrich	if($pconfig['tunnel_network'])
216	a28d40cb	jim-p	if ($result = openvpn_validate_cidr($pconfig['tunnel_network'], 'IPv4 Tunnel Network', false, "ipv4"))
217	c13b87a0	sullrich	$input_errors[] = $result;
218	d799787e	Matthew Grooms
219	a28d40cb	jim-p	if($pconfig['tunnel_networkv6'])
220			if ($result = openvpn_validate_cidr($pconfig['tunnel_networkv6'], 'IPv6 Tunnel Network', false, "ipv6"))
221			$input_errors[] = $result;
222
223			if ($result = openvpn_validate_cidr($pconfig['remote_network'], 'IPv4 Remote Network', true, "ipv4"))
224			$input_errors[] = $result;
225
226			if ($result = openvpn_validate_cidr($pconfig['remote_networkv6'], 'IPv6 Remote Network', true, "ipv6"))
227	d799787e	Matthew Grooms	$input_errors[] = $result;
228
229	b422360c	jim-p	if (!empty($pconfig['use_shaper']) && (!is_numeric($pconfig['use_shaper']) \|\| ($pconfig['use_shaper'] <= 0)))
230			$input_errors[] = gettext("The bandwidth limit must be a positive numeric value.");
231
232	89e6e210	jim-p	if ($pconfig['autokey_enable'])
233			$pconfig['shared_key'] = openvpn_create_key();
234
235	3c11bd3c	Matthew Grooms	if (!$tls_mode && !$pconfig['autokey_enable'])
236	d799787e	Matthew Grooms	if (!strstr($pconfig['shared_key'], "-----BEGIN OpenVPN Static key V1-----") \|\|
237			!strstr($pconfig['shared_key'], "-----END OpenVPN Static key V1-----"))
238	2fa7a468	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'Shared Key' does not appear to be valid");
239	3c11bd3c	Matthew Grooms
240			if ($tls_mode && $pconfig['tlsauth_enable'] && !$pconfig['autotls_enable'])
241			if (!strstr($pconfig['tls'], "-----BEGIN OpenVPN Static key V1-----") \|\|
242			!strstr($pconfig['tls'], "-----END OpenVPN Static key V1-----"))
243	2fa7a468	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'TLS Authentication Key' does not appear to be valid");
244	d799787e	Matthew Grooms
245	6180c3ae	jim-p	/* If we are not in shared key mode, then we need the CA/Cert. */
246			if ($pconfig['mode'] != "p2p_shared_key") {
247	872d9195	Matthew Grooms	$reqdfields = explode(" ", "caref certref");
248	2fa7a468	Carlos Eduardo Ramos	$reqdfieldsn = array(gettext("Certificate Authority"),gettext("Certificate"));
249	6180c3ae	jim-p	} elseif (!$pconfig['autokey_enable']) {
250			/* We only need the shared key filled in if we are in shared key mode and autokey is not selected. */
251			$reqdfields = array('shared_key');
252	2fa7a468	Carlos Eduardo Ramos	$reqdfieldsn = array(gettext('Shared key'));
253	d799787e	Matthew Grooms	}
254
255	1e9b4611	Renato Botelho	do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
256	d799787e	Matthew Grooms
257			if (!$input_errors) {
258
259			$client = array();
260	5f242576	PiBa-NL
261			foreach($simplefields as $stat)
262			update_if_changed($stat, $client[$stat], $_POST[$stat]);
263
264	f432e364	Matthew Grooms	if ($vpnid)
265			$client['vpnid'] = $vpnid;
266	d799787e	Matthew Grooms	else
267			$client['vpnid'] = openvpn_vpnid_next();
268
269	8319ee63	jim-p	if ($_POST['disable'] == "yes")
270	b65f56f6	jim-p	$client['disable'] = true;
271	d799787e	Matthew Grooms	$client['protocol'] = $pconfig['protocol'];
272	4936ff53	jim-p	$client['dev_mode'] = $pconfig['dev_mode'];
273	67b0902f	pierrepomes	list($client['interface'], $client['ipaddr']) = explode ("\|",$pconfig['interface']);
274	d799787e	Matthew Grooms	$client['local_port'] = $pconfig['local_port'];
275			$client['server_addr'] = $pconfig['server_addr'];
276			$client['server_port'] = $pconfig['server_port'];
277			$client['resolve_retry'] = $pconfig['resolve_retry'];
278			$client['proxy_addr'] = $pconfig['proxy_addr'];
279			$client['proxy_port'] = $pconfig['proxy_port'];
280	762a24a3	Ermal Lu?i	$client['proxy_authtype'] = $pconfig['proxy_authtype'];
281			$client['proxy_user'] = $pconfig['proxy_user'];
282			$client['proxy_passwd'] = $pconfig['proxy_passwd'];
283	d799787e	Matthew Grooms	$client['description'] = $pconfig['description'];
284	50a9d5b9	jim-p	$client['mode'] = $pconfig['mode'];
285	e3bbd29a	Ermal	$client['custom_options'] = str_replace("\r\n", "\n", $pconfig['custom_options']);
286	d799787e	Matthew Grooms
287	3c11bd3c	Matthew Grooms	if ($tls_mode) {
288			$client['caref'] = $pconfig['caref'];
289			$client['certref'] = $pconfig['certref'];
290			if ($pconfig['tlsauth_enable']) {
291			if ($pconfig['autotls_enable'])
292			$pconfig['tls'] = openvpn_create_key();
293			$client['tls'] = base64_encode($pconfig['tls']);
294			}
295			} else {
296			$client['shared_key'] = base64_encode($pconfig['shared_key']);
297			}
298	d799787e	Matthew Grooms	$client['crypto'] = $pconfig['crypto'];
299	97d5b59b	jim-p	$client['digest'] = $pconfig['digest'];
300	582c58ae	jim-p	$client['engine'] = $pconfig['engine'];
301	d799787e	Matthew Grooms
302			$client['tunnel_network'] = $pconfig['tunnel_network'];
303	4856df9b	jim-p	$client['tunnel_networkv6'] = $pconfig['tunnel_networkv6'];
304	d799787e	Matthew Grooms	$client['remote_network'] = $pconfig['remote_network'];
305	4856df9b	jim-p	$client['remote_networkv6'] = $pconfig['remote_networkv6'];
306	b422360c	jim-p	$client['use_shaper'] = $pconfig['use_shaper'];
307	d799787e	Matthew Grooms	$client['compression'] = $pconfig['compression'];
308	e067306d	pierrepomes	$client['passtos'] = $pconfig['passtos'];
309	d799787e	Matthew Grooms
310			if (isset($id) && $a_client[$id])
311			$a_client[$id] = $client;
312			else
313			$a_client[] = $client;
314
315	dc408939	Matthew Grooms	openvpn_resync('client', $client);
316	d799787e	Matthew Grooms	write_config();
317
318			header("Location: vpn_openvpn_client.php");
319			exit;
320			}
321			}
322
323			include("head.inc");
324
325			?>
326
327			<body link="#000000" vlink="#000000" alink="#000000" onload="<?= $jsevents["body"]["onload"] ?>">
328			<?php include("fbegin.inc"); ?>
329	91f026b0	ayvis	<script type="text/javascript">
330	d799787e	Matthew Grooms	<!--
331
332	3c11bd3c	Matthew Grooms	function mode_change() {
333			index = document.iform.mode.selectedIndex;
334			value = document.iform.mode.options[index].value;
335	d799787e	Matthew Grooms	switch(value) {
336	3c11bd3c	Matthew Grooms	case "p2p_tls":
337			document.getElementById("tls").style.display="";
338			document.getElementById("tls_ca").style.display="";
339			document.getElementById("tls_cert").style.display="";
340	d799787e	Matthew Grooms	document.getElementById("psk").style.display="none";
341			break;
342	3c11bd3c	Matthew Grooms	case "p2p_shared_key":
343			document.getElementById("tls").style.display="none";
344			document.getElementById("tls_ca").style.display="none";
345			document.getElementById("tls_cert").style.display="none";
346	d799787e	Matthew Grooms	document.getElementById("psk").style.display="";
347			break;
348			}
349			}
350
351	3c11bd3c	Matthew Grooms	function autokey_change() {
352			if (document.iform.autokey_enable.checked)
353			document.getElementById("autokey_opts").style.display="none";
354			else
355			document.getElementById("autokey_opts").style.display="";
356			}
357
358	762a24a3	Ermal Lu?i	function useproxy_changed() {
359
360	ea1cea05	Vinicius Coque	if (jQuery('#proxy_authtype').val() != 'none') {
361			jQuery('#proxy_authtype_opts').show();
362	762a24a3	Ermal Lu?i	} else {
363	ea1cea05	Vinicius Coque	jQuery('#proxy_authtype_opts').hide();
364	762a24a3	Ermal Lu?i	}
365			}
366
367	3c11bd3c	Matthew Grooms	function tlsauth_change() {
368
369			<?php if (!$pconfig['tls']): ?>
370			if (document.iform.tlsauth_enable.checked)
371			document.getElementById("tlsauth_opts").style.display="";
372			else
373			document.getElementById("tlsauth_opts").style.display="none";
374			<?php endif; ?>
375
376			autotls_change();
377			}
378
379			function autotls_change() {
380
381			<?php if (!$pconfig['tls']): ?>
382			autocheck = document.iform.autotls_enable.checked;
383			<?php else: ?>
384			autocheck = false;
385			<?php endif; ?>
386
387			if (document.iform.tlsauth_enable.checked && !autocheck)
388			document.getElementById("autotls_opts").style.display="";
389			else
390			document.getElementById("autotls_opts").style.display="none";
391			}
392
393	d799787e	Matthew Grooms	//-->
394			</script>
395			<?php
396	428e66b6	jim-p	if (!$savemsg)
397			$savemsg = "";
398
399			if ($input_errors)
400			print_input_errors($input_errors);
401			if ($savemsg)
402			print_info_box($savemsg);
403	d799787e	Matthew Grooms	?>
404			<table width="100%" border="0" cellpadding="0" cellspacing="0">
405			<tr>
406			<td class="tabnavtbl">
407			<ul id="tabnav">
408			<?php
409			$tab_array = array();
410			$tab_array[] = array(gettext("Server"), false, "vpn_openvpn_server.php");
411			$tab_array[] = array(gettext("Client"), true, "vpn_openvpn_client.php");
412			$tab_array[] = array(gettext("Client Specific Overrides"), false, "vpn_openvpn_csc.php");
413	5540aee6	Ermal Lu?i	$tab_array[] = array(gettext("Wizards"), false, "wizard.php?xml=openvpn_wizard.xml");
414	b63f2e8b	Matthew Grooms	add_package_tabs("OpenVPN", $tab_array);
415	d799787e	Matthew Grooms	display_top_tabs($tab_array);
416			?>
417			</ul>
418			</td>
419			</tr>
420			<tr>
421			<td class="tabcont">
422
423			<?php if($act=="new" \|\| $act=="edit"): ?>
424
425			<form action="vpn_openvpn_client.php" method="post" name="iform" id="iform" onsubmit="presubmit()">
426			<table width="100%" border="0" cellpadding="6" cellspacing="0">
427	47c00c09	Scott Ullrich	<tr>
428	2fa7a468	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="listtopic"><?=gettext("General information"); ?></td>
429	47c00c09	Scott Ullrich	</tr>
430	d799787e	Matthew Grooms	<tr>
431	2fa7a468	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Disabled"); ?></td>
432	d799787e	Matthew Grooms	<td width="78%" class="vtable">
433			<table border="0" cellpadding="0" cellspacing="0">
434			<tr>
435			<td>
436			<?php set_checked($pconfig['disable'],$chk); ?>
437			<input name="disable" type="checkbox" value="yes" <?=$chk;?>/>
438			</td>
439			<td>
440
441			<span class="vexpl">
442	8cd558b6	ayvis	<strong><?=gettext("Disable this client"); ?></strong><br />
443	d799787e	Matthew Grooms	</span>
444			</td>
445			</tr>
446			</table>
447	2fa7a468	Carlos Eduardo Ramos	<?=gettext("Set this option to disable this client without removing it from the list"); ?>.
448	d799787e	Matthew Grooms	</td>
449			</tr>
450	3c11bd3c	Matthew Grooms	<tr>
451			<td width="22%" valign="top" class="vncellreq"><?=gettext("Server Mode");?></td>
452			<td width="78%" class="vtable">
453			<select name='mode' id='mode' class="formselect" onchange='mode_change()'>
454			<?php
455			foreach ($openvpn_client_modes as $name => $desc):
456			$selected = "";
457			if ($pconfig['mode'] == $name)
458			$selected = "selected";
459			?>
460			<option value="<?=$name;?>" <?=$selected;?>><?=$desc;?></option>
461			<?php endforeach; ?>
462			</select>
463			</td>
464			</tr>
465	d799787e	Matthew Grooms	<tr>
466			<td width="22%" valign="top" class="vncellreq"><?=gettext("Protocol");?></td>
467			<td width="78%" class="vtable">
468			<select name='protocol' class="formselect">
469			<?php
470			foreach ($openvpn_prots as $prot):
471			$selected = "";
472			if ($pconfig['protocol'] == $prot)
473			$selected = "selected";
474			?>
475			<option value="<?=$prot;?>" <?=$selected;?>><?=$prot;?></option>
476			<?php endforeach; ?>
477			</select>
478			</td>
479			</tr>
480	691fbf14	Ermal Lu?i	<tr>
481			<td width="22%" valign="top" class="vncellreq"><?=gettext("Device mode");?></td>
482			<td width="78%" class="vtable">
483	4936ff53	jim-p	<select name='dev_mode' class="formselect">
484	691fbf14	Ermal Lu?i	<?php
485			foreach ($openvpn_dev_mode as $mode):
486			$selected = "";
487	4936ff53	jim-p	if ($pconfig['dev_mode'] == $mode)
488	691fbf14	Ermal Lu?i	$selected = "selected";
489			?>
490			<option value="<?=$mode;?>" <?=$selected;?>><?=$mode;?></option>
491			<?php endforeach; ?>
492			</select>
493			</td>
494			</tr>
495	d799787e	Matthew Grooms	<tr>
496	2fa7a468	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Interface"); ?></td>
497	d799787e	Matthew Grooms	<td width="78%" class="vtable">
498			<select name="interface" class="formselect">
499			<?php
500			$interfaces = get_configured_interface_with_descr();
501	3d06e8f0	pierrepomes	$carplist = get_configured_carp_interface_list();
502			foreach ($carplist as $cif => $carpip)
503	dd62256f	Pierre POMES	$interfaces[$cif.'\|'.$carpip] = $carpip." (".get_vip_descr($carpip).")";
504	67b0902f	pierrepomes	$aliaslist = get_configured_ip_aliases_list();
505			foreach ($aliaslist as $aliasip => $aliasif)
506	dd62256f	Pierre POMES	$interfaces[$aliasif.'\|'.$aliasip] = $aliasip." (".get_vip_descr($aliasip).")";
507	174ba22b	smos	$grouplist = return_gateway_groups_array();
508			foreach ($grouplist as $name => $group) {
509			if($group['ipprotocol'] != inet)
510			continue;
511			if($group[0]['vip'] <> "")
512			$vipif = $group[0]['vip'];
513			else
514			$vipif = $group[0]['int'];
515			$interfaces[$name] = "GW Group {$name}";
516			}
517	5c94aa12	jim-p	$interfaces['lo0'] = "Localhost";
518	67b0902f	pierrepomes	$interfaces['any'] = "any";
519	3d06e8f0	pierrepomes	foreach ($interfaces as $iface => $ifacename):
520	1d3bcd2a	Matthew Grooms	$selected = "";
521			if ($iface == $pconfig['interface'])
522			$selected = "selected";
523	d799787e	Matthew Grooms	?>
524	1d3bcd2a	Matthew Grooms	<option value="<?=$iface;?>" <?=$selected;?>>
525			<?=htmlspecialchars($ifacename);?>
526			</option>
527	d799787e	Matthew Grooms	<?php endforeach; ?>
528	8cd558b6	ayvis	</select> <br />
529	d799787e	Matthew Grooms	</td>
530			</tr>
531	1d3bcd2a	Matthew Grooms	<tr>
532			<td width="22%" valign="top" class="vncell"><?=gettext("Local port");?></td>
533			<td width="78%" class="vtable">
534			<input name="local_port" type="text" class="formfld unknown" size="5" value="<?=htmlspecialchars($pconfig['local_port']);?>"/>
535	8cd558b6	ayvis	<br />
536	5708241f	jim-p	<?=gettext("Set this option if you would like to bind to a specific port. Leave this blank or enter 0 for a random dynamic port."); ?>
537	1d3bcd2a	Matthew Grooms	</td>
538			</tr>
539	d799787e	Matthew Grooms	<tr>
540			<td width="22%" valign="top" class="vncellreq"><?=gettext("Server host or address");?></td>
541			<td width="78%" class="vtable">
542			<input name="server_addr" type="text" class="formfld unknown" size="30" value="<?=htmlspecialchars($pconfig['server_addr']);?>"/>
543			</td>
544			</tr>
545			<tr>
546			<td width="22%" valign="top" class="vncellreq"><?=gettext("Server port");?></td>
547			<td width="78%" class="vtable">
548			<input name="server_port" type="text" class="formfld unknown" size="5" value="<?=htmlspecialchars($pconfig['server_port']);?>"/>
549			</td>
550			</tr>
551			<tr>
552			<td width="22%" valign="top" class="vncell"><?=gettext("Proxy host or address");?></td>
553			<td width="78%" class="vtable">
554			<input name="proxy_addr" type="text" class="formfld unknown" size="30" value="<?=htmlspecialchars($pconfig['proxy_addr']);?>"/>
555			</td>
556			</tr>
557			<tr>
558			<td width="22%" valign="top" class="vncell"><?=gettext("Proxy port");?></td>
559			<td width="78%" class="vtable">
560			<input name="proxy_port" type="text" class="formfld unknown" size="5" value="<?=htmlspecialchars($pconfig['proxy_port']);?>"/>
561			</td>
562			</tr>
563	762a24a3	Ermal Lu?i	<tr>
564			<td width="22%" valign="top" class="vncell"><?=gettext("Proxy authentication extra options");?></td>
565			<td width="78%" class="vtable">
566			<table border="0" cellpadding="2" cellspacing="0">
567			<tr>
568			<td align="right" width="25%">
569			<span class="vexpl">
570	2fa7a468	Carlos Eduardo Ramos	<?=gettext("Authentication method"); ?> :
571	762a24a3	Ermal Lu?i	</span>
572			</td>
573			<td>
574			<select name="proxy_authtype" id="proxy_authtype" class="formfld select" onChange="useproxy_changed()">
575	2fa7a468	Carlos Eduardo Ramos	<option value="none" <?php if ($pconfig['proxy_authtype'] == "none") echo "selected"; ?>><?=gettext("none"); ?></option>
576			<option value="basic" <?php if ($pconfig['proxy_authtype'] == "basic") echo "selected"; ?>><?=gettext("basic"); ?></option>
577			<option value="ntlm" <?php if ($pconfig['proxy_authtype'] == "ntlm") echo "selected"; ?>><?=gettext("ntlm"); ?></option>
578	762a24a3	Ermal Lu?i	</select>
579			</td>
580			</tr>
581			</table>
582			<br />
583			<table border="0" cellpadding="2" cellspacing="0" id="proxy_authtype_opts" style="display:none">
584			<tr>
585			<td align="right" width="25%">
586			<span class="vexpl">
587	2fa7a468	Carlos Eduardo Ramos	<?=gettext("Username"); ?> :
588	762a24a3	Ermal Lu?i	</span>
589			</td>
590			<td>
591			<input name="proxy_user" id="proxy_user" class="formfld unknown" size="20" value="<?=htmlspecialchars($pconfig['proxy_user']);?>" />
592			</td>
593			</tr>
594			<tr>
595			<td align="right" width="25%">
596			<span class="vexpl">
597	2fa7a468	Carlos Eduardo Ramos	<?=gettext("Password"); ?> :
598	762a24a3	Ermal Lu?i	</span>
599			</td>
600			<td>
601			<input name="proxy_passwd" id="proxy_passwd" type="password" class="formfld pwd" size="20" value="<?=htmlspecialchars($pconfig['proxy_passwd']);?>" />
602			</td>
603			</tr>
604			</table>
605			</td>
606			</tr>
607	d799787e	Matthew Grooms	<tr>
608	2fa7a468	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Server host name resolution"); ?></td>
609	d799787e	Matthew Grooms	<td width="78%" class="vtable">
610			<table border="0" cellpadding="2" cellspacing="0">
611			<tr>
612			<td>
613			<?php set_checked($pconfig['resolve_retry'],$chk); ?>
614	db2872a2	Ermal Lu?i	<input name="resolve_retry" type="checkbox" value="yes" <?=$chk;?>>
615	d799787e	Matthew Grooms	</td>
616			<td>
617			<span class="vexpl">
618	2fa7a468	Carlos Eduardo Ramos	<?=gettext("Infinitely resolve server"); ?>
619	d799787e	Matthew Grooms	</span>
620			</td>
621			</tr>
622			</table>
623	2fa7a468	Carlos Eduardo Ramos	<?=gettext("Continuously attempt to resolve the server host " .
624			"name. Useful when communicating with a server " .
625			"that is not permanently connected to the Internet"); ?>.
626	d799787e	Matthew Grooms	</td>
627			</tr>
628			<tr>
629	2fa7a468	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Description"); ?></td>
630	d799787e	Matthew Grooms	<td width="78%" class="vtable">
631			<input name="description" type="text" class="formfld unknown" size="30" value="<?=htmlspecialchars($pconfig['description']);?>">
632	8cd558b6	ayvis	<br />
633	2fa7a468	Carlos Eduardo Ramos	<?=gettext("You may enter a description here for your reference (not parsed)"); ?>.
634	d799787e	Matthew Grooms	</td>
635			</tr>
636			<tr>
637			<td colspan="2" class="list" height="12"></td>
638			</tr>
639	5f242576	PiBa-NL	<tr>
640			<td colspan="2" valign="top" class="listtopic"><?=gettext("User Authentication Settings"); ?></td>
641			</tr>
642			<tr>
643			<td width="22%" valign="top" class="vncell"><?=gettext("User name/pass"); ?></td>
644			<td width="78%" class="vtable">
645			<?=gettext("Leave empty when no user name and password are needed."); ?>
646			<br>
647			<table border="0" cellpadding="2" cellspacing="0">
648			<tr>
649			<td align="right" width="25%">
650			<span class="vexpl">
651			<?=gettext("Username"); ?> :
652			</span>
653			</td>
654			<td>
655			<input name="auth_user" id="auth_user" class="formfld unknown" size="20" value="<?=htmlspecialchars($pconfig['auth_user']);?>" />
656			</td>
657			</tr>
658			<tr>
659			<td align="right" width="25%">
660			<span class="vexpl">
661			<?=gettext("Password"); ?> :
662			</span>
663			</td>
664			<td>
665			<input name="auth_pass" id="auth_pass" type="password" class="formfld pwd" size="20" value="<?=htmlspecialchars($pconfig['auth_pass']);?>" />
666			</td>
667			</tr>
668			</table>
669			</td>
670			</tr>
671	d799787e	Matthew Grooms	<tr>
672	2fa7a468	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="listtopic"><?=gettext("Cryptographic Settings"); ?></td>
673	d799787e	Matthew Grooms	</tr>
674	3c11bd3c	Matthew Grooms	<tr id="tls">
675	2fa7a468	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("TLS Authentication"); ?></td>
676	3c11bd3c	Matthew Grooms	<td width="78%" class="vtable">
677			<table border="0" cellpadding="2" cellspacing="0">
678			<tr>
679			<td>
680			<?php set_checked($pconfig['tlsauth_enable'],$chk); ?>
681			<input name="tlsauth_enable" id="tlsauth_enable" type="checkbox" value="yes" <?=$chk;?> onClick="tlsauth_change()">
682			</td>
683			<td>
684			<span class="vexpl">
685	2fa7a468	Carlos Eduardo Ramos	<?=gettext("Enable authentication of TLS packets"); ?>.
686	3c11bd3c	Matthew Grooms	</span>
687			</td>
688			</tr>
689			</table>
690			<?php if (!$pconfig['tls']): ?>
691			<table border="0" cellpadding="2" cellspacing="0" id='tlsauth_opts'>
692			<tr>
693			<td>
694			<?php set_checked($pconfig['autotls_enable'],$chk); ?>
695			<input name="autotls_enable" id="autotls_enable" type="checkbox" value="yes" <?=$chk;?> onClick="autotls_change()">
696			</td>
697			<td>
698			<span class="vexpl">
699	2fa7a468	Carlos Eduardo Ramos	<?=gettext("Automatically generate a shared TLS authentication key"); ?>.
700	3c11bd3c	Matthew Grooms	</span>
701			</td>
702			</tr>
703			</table>
704			<?php endif; ?>
705			<table border="0" cellpadding="2" cellspacing="0" id='autotls_opts'>
706			<tr>
707			<td>
708			<textarea name="tls" cols="65" rows="7" class="formpre"><?=htmlspecialchars($pconfig['tls']);?></textarea>
709	8cd558b6	ayvis	<br />
710	2fa7a468	Carlos Eduardo Ramos	<?=gettext("Paste your shared key here"); ?>.
711	3c11bd3c	Matthew Grooms	</td>
712			</tr>
713			</table>
714			</td>
715	d799787e	Matthew Grooms	</tr>
716	3c11bd3c	Matthew Grooms	<tr id="tls_ca">
717	2fa7a468	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Peer Certificate Authority"); ?></td>
718	d799787e	Matthew Grooms	<td width="78%" class="vtable">
719	19cdeb3e	jim-p	<?php if (count($a_ca)): ?>
720	d799787e	Matthew Grooms	<select name='caref' class="formselect">
721			<?php
722	428e66b6	jim-p	foreach ($a_ca as $ca):
723	d799787e	Matthew Grooms	$selected = "";
724			if ($pconfig['caref'] == $ca['refid'])
725			$selected = "selected";
726			?>
727	f2a86ca9	jim-p	<option value="<?=$ca['refid'];?>" <?=$selected;?>><?=$ca['descr'];?></option>
728	d799787e	Matthew Grooms	<?php endforeach; ?>
729			</select>
730	19cdeb3e	jim-p	<?php else: ?>
731	8cd558b6	ayvis	<b>No Certificate Authorities defined.</b> <br />Create one under <a href="system_camanager.php">System > Cert Manager</a>.
732	19cdeb3e	jim-p	<?php endif; ?>
733	d799787e	Matthew Grooms	</td>
734			</tr>
735	3c11bd3c	Matthew Grooms	<tr id="tls_cert">
736	2fa7a468	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Client Certificate"); ?></td>
737	d799787e	Matthew Grooms	<td width="78%" class="vtable">
738	19cdeb3e	jim-p	<?php if (count($a_cert)): ?>
739	d799787e	Matthew Grooms	<select name='certref' class="formselect">
740			<?php
741	428e66b6	jim-p	foreach ($a_cert as $cert):
742	9e303f2f	jim-p	$selected = "";
743			$caname = "";
744			$inuse = "";
745			$revoked = "";
746			$ca = lookup_ca($cert['caref']);
747			if ($ca)
748			$caname = " (CA: {$ca['descr']})";
749			if ($pconfig['certref'] == $cert['refid'])
750			$selected = "selected";
751			if (cert_in_use($cert['refid']))
752			$inuse = " *In Use";
753			if (is_cert_revoked($cert))
754			$revoked = " *Revoked";
755	d799787e	Matthew Grooms	?>
756	6a0b3ea4	jim-p	<option value="<?=$cert['refid'];?>" <?=$selected;?>><?=$cert['descr'] . $caname . $inuse . $revoked;?></option>
757	d799787e	Matthew Grooms	<?php endforeach; ?>
758			</select>
759	19cdeb3e	jim-p	<?php else: ?>
760	8cd558b6	ayvis	<b>No Certificates defined.</b> <br />Create one under <a href="system_certmanager.php">System > Cert Manager</a>.
761	19cdeb3e	jim-p	<?php endif; ?>
762	d799787e	Matthew Grooms	</td>
763			</tr>
764			<tr id="psk">
765	2fa7a468	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Shared Key"); ?></td>
766	3c11bd3c	Matthew Grooms	<td width="78%" class="vtable">
767			<?php if (!$pconfig['shared_key']): ?>
768			<table border="0" cellpadding="2" cellspacing="0">
769			<tr>
770			<td>
771			<?php set_checked($pconfig['autokey_enable'],$chk); ?>
772			<input name="autokey_enable" type="checkbox" value="yes" <?=$chk;?> onClick="autokey_change()">
773			</td>
774			<td>
775			<span class="vexpl">
776	2fa7a468	Carlos Eduardo Ramos	<?=gettext("Automatically generate a shared key"); ?>.
777	3c11bd3c	Matthew Grooms	</span>
778			</td>
779			</tr>
780			</table>
781			<?php endif; ?>
782			<table border="0" cellpadding="2" cellspacing="0" id='autokey_opts'>
783			<tr>
784			<td>
785			<textarea name="shared_key" cols="65" rows="7" class="formpre"><?=htmlspecialchars($pconfig['shared_key']);?></textarea>
786	8cd558b6	ayvis	<br />
787	2fa7a468	Carlos Eduardo Ramos	<?=gettext("Paste your shared key here"); ?>.
788	3c11bd3c	Matthew Grooms	</td>
789			</tr>
790			</table>
791	d799787e	Matthew Grooms	</td>
792			</tr>
793			<tr>
794	2fa7a468	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Encryption algorithm"); ?></td>
795	d799787e	Matthew Grooms	<td width="78%" class="vtable">
796			<select name="crypto" class="formselect">
797			<?php
798			$cipherlist = openvpn_get_cipherlist();
799			foreach ($cipherlist as $name => $desc):
800			$selected = '';
801			if ($name == $pconfig['crypto'])
802			$selected = ' selected';
803			?>
804			<option value="<?=$name;?>"<?=$selected?>>
805			<?=htmlspecialchars($desc);?>
806			</option>
807			<?php endforeach; ?>
808			</select>
809			</td>
810			</tr>
811	97d5b59b	jim-p	<tr>
812			<td width="22%" valign="top" class="vncellreq"><?=gettext("Auth Digest Algorithm"); ?></td>
813			<td width="78%" class="vtable">
814			<select name="digest" class="formselect">
815			<?php
816			$digestlist = openvpn_get_digestlist();
817			foreach ($digestlist as $name => $desc):
818			$selected = '';
819			if ($name == $pconfig['digest'])
820			$selected = ' selected';
821			?>
822			<option value="<?=$name;?>"<?=$selected?>>
823			<?=htmlspecialchars($desc);?>
824			</option>
825			<?php endforeach; ?>
826			</select>
827			</td>
828			</tr>
829	582c58ae	jim-p	<tr id="engine">
830			<td width="22%" valign="top" class="vncellreq"><?=gettext("Hardware Crypto"); ?></td>
831			<td width="78%" class="vtable">
832			<select name="engine" class="formselect">
833			<?php
834			$engines = openvpn_get_engines();
835			foreach ($engines as $name => $desc):
836			$selected = '';
837			if ($name == $pconfig['engine'])
838			$selected = ' selected';
839			?>
840			<option value="<?=$name;?>"<?=$selected?>>
841			<?=htmlspecialchars($desc);?>
842			</option>
843			<?php endforeach; ?>
844			</select>
845			</td>
846			</tr>
847	d799787e	Matthew Grooms	<tr>
848			<td colspan="2" class="list" height="12"></td>
849			</tr>
850			<tr>
851	2fa7a468	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="listtopic"><?=gettext("Tunnel Settings"); ?></td>
852	d799787e	Matthew Grooms	</tr>
853			<tr>
854	4856df9b	jim-p	<td width="22%" valign="top" class="vncell"><?=gettext("IPv4 Tunnel Network"); ?></td>
855	d799787e	Matthew Grooms	<td width="78%" class="vtable">
856			<input name="tunnel_network" type="text" class="formfld unknown" size="20" value="<?=htmlspecialchars($pconfig['tunnel_network']);?>">
857	8cd558b6	ayvis	<br />
858	2fa7a468	Carlos Eduardo Ramos	<?=gettext("This is the virtual network used for private " .
859			"communications between this client and the " .
860			"server expressed using CIDR (eg. 10.0.8.0/24). " .
861			"The first network address is assumed to be the " .
862			"server address and the second network address " .
863			"will be assigned to the client virtual " .
864			"interface"); ?>.
865	d799787e	Matthew Grooms	</td>
866			</tr>
867			<tr>
868	4856df9b	jim-p	<td width="22%" valign="top" class="vncell"><?=gettext("IPv6 Tunnel Network"); ?></td>
869			<td width="78%" class="vtable">
870			<input name="tunnel_networkv6" type="text" class="formfld unknown" size="20" value="<?=htmlspecialchars($pconfig['tunnel_networkv6']);?>">
871	8cd558b6	ayvis	<br />
872	4856df9b	jim-p	<?=gettext("This is the IPv6 virtual network used for private " .
873			"communications between this client and the " .
874			"server expressed using CIDR (eg. fe80::/64). " .
875			"The first network address is assumed to be the " .
876			"server address and the second network address " .
877			"will be assigned to the client virtual " .
878			"interface"); ?>.
879			</td>
880			</tr>
881			<tr>
882	3835613a	Phil Davis	<td width="22%" valign="top" class="vncell"><?=gettext("IPv4 Remote Network/s"); ?></td>
883	d799787e	Matthew Grooms	<td width="78%" class="vtable">
884	3835613a	Phil Davis	<input name="remote_network" type="text" class="formfld unknown" size="40" value="<?=htmlspecialchars($pconfig['remote_network']);?>">
885	8cd558b6	ayvis	<br />
886	3835613a	Phil Davis	<?=gettext("These are the IPv4 networks that will be routed through " .
887	2fa7a468	Carlos Eduardo Ramos	"the tunnel, so that a site-to-site VPN can be " .
888	3835613a	Phil Davis	"established without manually changing the routing tables. " .
889			"Expressed as a comma-separated list of one or more CIDR ranges. " .
890			"If this is a site-to-site VPN, enter the " .
891			"remote LAN/s here. You may leave this blank to " .
892	2fa7a468	Carlos Eduardo Ramos	"only communicate with other clients"); ?>.
893	d799787e	Matthew Grooms	</td>
894			</tr>
895	4856df9b	jim-p	<tr>
896	3835613a	Phil Davis	<td width="22%" valign="top" class="vncell"><?=gettext("IPv6 Remote Network/s"); ?></td>
897	4856df9b	jim-p	<td width="78%" class="vtable">
898	3835613a	Phil Davis	<input name="remote_networkv6" type="text" class="formfld unknown" size="40" value="<?=htmlspecialchars($pconfig['remote_networkv6']);?>">
899	8cd558b6	ayvis	<br />
900	3835613a	Phil Davis	<?=gettext("These are the IPv6 networks that will be routed through " .
901	4856df9b	jim-p	"the tunnel, so that a site-to-site VPN can be " .
902	3835613a	Phil Davis	"established without manually changing the routing tables. " .
903			"Expressed as a comma-separated list of one or more IP/PREFIX. " .
904			"If this is a site-to-site VPN, enter the " .
905			"remote LAN/s here. You may leave this blank to " .
906	4856df9b	jim-p	"only communicate with other clients"); ?>.
907			</td>
908			</tr>
909	d799787e	Matthew Grooms	<tr>
910			<td width="22%" valign="top" class="vncell"><?=gettext("Limit outgoing bandwidth");?></td>
911			<td width="78%" class="vtable">
912			<input name="use_shaper" type="text" class="formfld unknown" size="5" value="<?=htmlspecialchars($pconfig['use_shaper']);?>"/>
913	8cd558b6	ayvis	<br />
914	2fa7a468	Carlos Eduardo Ramos	<?=gettext("Maximum outgoing bandwidth for this tunnel. " .
915			"Leave empty for no limit. The input value has " .
916			"to be something between 100 bytes/sec and 100 " .
917			"Mbytes/sec (entered as bytes per second)"); ?>.
918	d799787e	Matthew Grooms	</td>
919			</tr>
920			<tr>
921	2fa7a468	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Compression"); ?></td>
922	d799787e	Matthew Grooms	<td width="78%" class="vtable">
923	edba1982	jim-p	<select name="compression" class="formselect">
924			<?php
925			foreach ($openvpn_compression_modes as $cmode => $cmodedesc):
926			$selected = '';
927			if ($cmode == $pconfig['compression'])
928			$selected = ' selected';
929			?>
930			<option value="<?= $cmode ?>" <?= $selected ?>><?= $cmodedesc ?></option>
931			<?php endforeach; ?>
932			</select>
933	8cd558b6	ayvis	<br />
934	edba1982	jim-p	<?=gettext("Compress tunnel packets using the LZO algorithm. Adaptive compression will dynamically disable compression for a period of time if OpenVPN detects that the data in the packets is not being compressed efficiently."); ?>.
935	d799787e	Matthew Grooms	</td>
936			</tr>
937			<tr>
938	2fa7a468	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Type-of-Service"); ?></td>
939	d799787e	Matthew Grooms	<td width="78%" class="vtable">
940			<table border="0" cellpadding="2" cellspacing="0">
941			<tr>
942			<td>
943	1cb0b40a	Matthew Grooms	<?php set_checked($pconfig['passtos'],$chk); ?>
944			<input name="passtos" type="checkbox" value="yes" <?=$chk;?>>
945	d799787e	Matthew Grooms	</td>
946			<td>
947			<span class="vexpl">
948	2fa7a468	Carlos Eduardo Ramos	<?=gettext("Set the TOS IP header value of tunnel packets to match the encapsulated packet value"); ?>.
949	d799787e	Matthew Grooms	</span>
950			</td>
951			</tr>
952			</table>
953			</td>
954			</tr>
955	4856df9b	jim-p	</table>
956
957			<table width="100%" border="0" cellpadding="6" cellspacing="0" id="client_opts">
958	c7323d81	sullrich	<tr>
959			<td colspan="2" class="list" height="12"></td>
960			</tr>
961			<tr>
962	2fa7a468	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="listtopic"><?=gettext("Advanced configuration"); ?></td>
963	c7323d81	sullrich	</tr>
964			<tr>
965	2fa7a468	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Advanced"); ?></td>
966	c7323d81	sullrich	<td width="78%" class="vtable">
967			<table border="0" cellpadding="2" cellspacing="0">
968			<tr>
969			<td>
970	8cd558b6	ayvis	<textarea rows="6" cols="78" name="custom_options" id="custom_options"><?=htmlspecialchars($pconfig['custom_options']);?></textarea><br />
971			<?=gettext("Enter any additional options you would like to add to the OpenVPN client configuration here, separated by a semicolon"); ?><br />
972	3835613a	Phil Davis	<?=gettext("EXAMPLE:"); ?> <strong>remote server.mysite.com 1194;</strong> or <strong>remote 1.2.3.4 1194;</strong>
973	c7323d81	sullrich	</td>
974			</tr>
975			</table>
976			</td>
977	4856df9b	jim-p	</tr>
978			</table>
979
980	8cd558b6	ayvis	<br />
981	4856df9b	jim-p	<table width="100%" border="0" cellpadding="6" cellspacing="0">
982	d799787e	Matthew Grooms	<tr>
983			<td width="22%" valign="top"> </td>
984			<td width="78%">
985	2fa7a468	Carlos Eduardo Ramos	<input name="save" type="submit" class="formbtn" value="<?=gettext("Save"); ?>">
986	d799787e	Matthew Grooms	<input name="act" type="hidden" value="<?=$act;?>">
987			<?php if (isset($id) && $a_client[$id]): ?>
988	e41ec584	Renato Botelho	<input name="id" type="hidden" value="<?=htmlspecialchars($id);?>">
989	d799787e	Matthew Grooms	<?php endif; ?>
990			</td>
991			</tr>
992			</table>
993			</form>
994
995			<?php else: ?>
996
997	79633b6c	Evgeny Yurchenko	<table class="sortable" width="100%" border="0" cellpadding="0" cellspacing="0">
998	7773b868	jim-p	<thead>
999	d799787e	Matthew Grooms	<tr>
1000	2fa7a468	Carlos Eduardo Ramos	<td width="10%" class="listhdrr"><?=gettext("Disabled"); ?></td>
1001			<td width="10%" class="listhdrr"><?=gettext("Protocol"); ?></td>
1002			<td width="30%" class="listhdrr"><?=gettext("Server"); ?></td>
1003			<td width="40%" class="listhdrr"><?=gettext("Description"); ?></td>
1004	d799787e	Matthew Grooms	<td width="10%" class="list"></td>
1005			</tr>
1006	7773b868	jim-p	</thead>
1007			<tbody>
1008	d799787e	Matthew Grooms	<?php
1009			$i = 0;
1010			foreach($a_client as $client):
1011			$disabled = "NO";
1012	8319ee63	jim-p	if (isset($client['disable']))
1013	d799787e	Matthew Grooms	$disabled = "YES";
1014			$server = "{$client['server_addr']}:{$client['server_port']}";
1015			?>
1016	c67bbe04	Chris Buechler	<tr ondblclick="document.location='vpn_openvpn_client.php?act=edit&id=<?=$i;?>'">
1017	d799787e	Matthew Grooms	<td class="listlr">
1018			<?=$disabled;?>
1019			</td>
1020			<td class="listr">
1021			<?=htmlspecialchars($client['protocol']);?>
1022			</td>
1023			<td class="listr">
1024			<?=htmlspecialchars($server);?>
1025			</td>
1026	296a3cb6	Scott Ullrich	<td class="listbg">
1027	d799787e	Matthew Grooms	<?=htmlspecialchars($client['description']);?>
1028			</td>
1029			<td valign="middle" nowrap class="list">
1030			<a href="vpn_openvpn_client.php?act=edit&id=<?=$i;?>">
1031	2fa7a468	Carlos Eduardo Ramos	<img src="./themes/<?=$g['theme'];?>/images/icons/icon_e.gif" title="<?=gettext("edit client"); ?>" width="17" height="17" border="0">
1032	d799787e	Matthew Grooms	</a>
1033
1034	2fa7a468	Carlos Eduardo Ramos	<a href="vpn_openvpn_client.php?act=del&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this client?"); ?>')">
1035			<img src="/themes/<?=$g['theme'];?>/images/icons/icon_x.gif" title="<?=gettext("delete client"); ?>" width="17" height="17" border="0">
1036	d799787e	Matthew Grooms	</a>
1037			</td>
1038			</tr>
1039			<?php
1040			$i++;
1041			endforeach;
1042			?>
1043	7773b868	jim-p	</tbody>
1044			<tfoot>
1045	d799787e	Matthew Grooms	<tr>
1046			<td class="list" colspan="4"></td>
1047			<td class="list">
1048	2fa7a468	Carlos Eduardo Ramos	<a href="vpn_openvpn_client.php?act=new"><img src="./themes/<?=$g['theme'];?>/images/icons/icon_plus.gif" title="<?=gettext("add client"); ?>" width="17" height="17" border="0">
1049	d799787e	Matthew Grooms	</a>
1050			</td>
1051			</tr>
1052			<tr>
1053			<td colspan="4">
1054			<p>
1055			<?=gettext("Additional OpenVPN clients can be added here.");?>
1056			</p>
1057			</td>
1058			</tr>
1059	7773b868	jim-p	</tfoot>
1060	d799787e	Matthew Grooms	</table>
1061
1062	ee9933b6	Renato Botelho	<?php endif; ?>
1063	d799787e	Matthew Grooms
1064			</td>
1065			</tr>
1066			</table>
1067	91f026b0	ayvis	<script type="text/javascript">
1068	d799787e	Matthew Grooms	<!--
1069	3c11bd3c	Matthew Grooms	mode_change();
1070			autokey_change();
1071			tlsauth_change();
1072	762a24a3	Ermal Lu?i	useproxy_changed();
1073	d799787e	Matthew Grooms	//-->
1074			</script>
1075			</body>
1076			<?php include("fend.inc"); ?>
1077
1078			<?php
1079
1080			/* local utility functions */
1081
1082			function set_checked($var,& $chk) {
1083			if($var)
1084			$chk = 'checked';
1085			else
1086			$chk = '';
1087			}
1088
1089	174ba22b	smos	?>

Project

General

Profile

pfSense