/usr/local/www/vpn_openvpn_client.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/usr/local/www/vpn_openvpn_client.php @ fc82e8b6

1	d799787e	Matthew Grooms	<?php
2			/*
3			vpn_openvpn_client.php
4
5			Copyright (C) 2008 Shrew Soft Inc.
6			All rights reserved.
7
8			Redistribution and use in source and binary forms, with or without
9			modification, are permitted provided that the following conditions are met:
10
11			1. Redistributions of source code must retain the above copyright notice,
12			this list of conditions and the following disclaimer.
13
14			2. Redistributions in binary form must reproduce the above copyright
15			notice, this list of conditions and the following disclaimer in the
16			documentation and/or other materials provided with the distribution.
17
18			THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
19			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
20			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
21			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
22			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
24			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
25			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
26			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
27			POSSIBILITY OF SUCH DAMAGE.
28			*/
29
30			##\|+PRIV
31			##\|*IDENT=page-openvpn-client
32			##\|*NAME=OpenVPN: Client page
33			##\|*DESCR=Allow access to the 'OpenVPN: Client' page.
34			##\|MATCH=vpn_openvpn_client.php
35			##\|-PRIV
36
37			require("guiconfig.inc");
38	d84bd468	Ermal Lu?i	require_once("openvpn.inc");
39	d799787e	Matthew Grooms
40	2fa7a468	Carlos Eduardo Ramos	$pgtitle = array(gettext("OpenVPN"), gettext("Client"));
41	b32dd0a6	jim-p	$shortcut_section = "openvpn";
42	d799787e	Matthew Grooms
43			if (!is_array($config['openvpn']['openvpn-client']))
44			$config['openvpn']['openvpn-client'] = array();
45
46			$a_client = &$config['openvpn']['openvpn-client'];
47
48	428e66b6	jim-p	if (!is_array($config['ca']))
49			$config['ca'] = array();
50
51			$a_ca =& $config['ca'];
52
53			if (!is_array($config['cert']))
54			$config['cert'] = array();
55
56			$a_cert =& $config['cert'];
57
58			if (!is_array($config['crl']))
59			$config['crl'] = array();
60
61			$a_crl =& $config['crl'];
62
63	e41ec584	Renato Botelho	if (is_numericint($_GET['id']))
64			$id = $_GET['id'];
65			if (isset($_POST['id']) && is_numericint($_POST['id']))
66	d799787e	Matthew Grooms	$id = $_POST['id'];
67
68			$act = $_GET['act'];
69			if (isset($_POST['act']))
70			$act = $_POST['act'];
71
72	6d9b1074	jim-p	if (isset($id) && $a_client[$id])
73			$vpnid = $a_client[$id]['vpnid'];
74			else
75			$vpnid = 0;
76
77	d799787e	Matthew Grooms	if ($_GET['act'] == "del") {
78
79	767cf960	jim-p	if (!isset($a_client[$id])) {
80	d799787e	Matthew Grooms	pfSenseHeader("vpn_openvpn_client.php");
81			exit;
82			}
83	767cf960	jim-p	if (!empty($a_client[$id]))
84			openvpn_delete('client', $a_client[$id]);
85	d799787e	Matthew Grooms	unset($a_client[$id]);
86			write_config();
87	8cd558b6	ayvis	$savemsg = gettext("Client successfully deleted")."<br />";
88	d799787e	Matthew Grooms	}
89
90	f432e364	Matthew Grooms	if($_GET['act']=="new"){
91	3c11bd3c	Matthew Grooms	$pconfig['autokey_enable'] = "yes";
92			$pconfig['tlsauth_enable'] = "yes";
93			$pconfig['autotls_enable'] = "yes";
94	f432e364	Matthew Grooms	$pconfig['interface'] = "wan";
95			$pconfig['server_port'] = 1194;
96	97d5b59b	jim-p	// OpenVPN Defaults to SHA1
97			$pconfig['digest'] = "SHA1";
98	f432e364	Matthew Grooms	}
99
100	5f242576	PiBa-NL	global $simplefields;
101			$simplefields = array('auth_user','auth_pass');
102
103	d799787e	Matthew Grooms	if($_GET['act']=="edit"){
104
105			if (isset($id) && $a_client[$id]) {
106	5f242576	PiBa-NL	foreach($simplefields as $stat)
107			$pconfig[$stat] = $a_client[$id][$stat];
108
109	8319ee63	jim-p	$pconfig['disable'] = isset($a_client[$id]['disable']);
110	3c11bd3c	Matthew Grooms	$pconfig['mode'] = $a_client[$id]['mode'];
111	d799787e	Matthew Grooms	$pconfig['protocol'] = $a_client[$id]['protocol'];
112			$pconfig['interface'] = $a_client[$id]['interface'];
113	67b0902f	pierrepomes	if (!empty($a_client[$id]['ipaddr'])) {
114			$pconfig['interface'] = $pconfig['interface'] . '\|' . $a_client[$id]['ipaddr'];
115			}
116	d799787e	Matthew Grooms	$pconfig['local_port'] = $a_client[$id]['local_port'];
117			$pconfig['server_addr'] = $a_client[$id]['server_addr'];
118			$pconfig['server_port'] = $a_client[$id]['server_port'];
119			$pconfig['resolve_retry'] = $a_client[$id]['resolve_retry'];
120			$pconfig['proxy_addr'] = $a_client[$id]['proxy_addr'];
121			$pconfig['proxy_port'] = $a_client[$id]['proxy_port'];
122	762a24a3	Ermal Lu?i	$pconfig['proxy_user'] = $a_client[$id]['proxy_user'];
123			$pconfig['proxy_passwd'] = $a_client[$id]['proxy_passwd'];
124			$pconfig['proxy_authtype'] = $a_client[$id]['proxy_authtype'];
125	d799787e	Matthew Grooms	$pconfig['description'] = $a_client[$id]['description'];
126	c7323d81	sullrich	$pconfig['custom_options'] = $a_client[$id]['custom_options'];
127	691fbf14	Ermal Lu?i	$pconfig['ns_cert_type'] = $a_client[$id]['ns_cert_type'];
128	4936ff53	jim-p	$pconfig['dev_mode'] = $a_client[$id]['dev_mode'];
129	691fbf14	Ermal Lu?i
130	3c11bd3c	Matthew Grooms	if ($pconfig['mode'] != "p2p_shared_key") {
131	d799787e	Matthew Grooms	$pconfig['caref'] = $a_client[$id]['caref'];
132			$pconfig['certref'] = $a_client[$id]['certref'];
133	3c11bd3c	Matthew Grooms	if ($a_client[$id]['tls']) {
134			$pconfig['tlsauth_enable'] = "yes";
135			$pconfig['tls'] = base64_decode($a_client[$id]['tls']);
136			}
137			} else
138			$pconfig['shared_key'] = base64_decode($a_client[$id]['shared_key']);
139	d799787e	Matthew Grooms	$pconfig['crypto'] = $a_client[$id]['crypto'];
140	97d5b59b	jim-p	// OpenVPN Defaults to SHA1 if unset
141			$pconfig['digest'] = !empty($a_client[$id]['digest']) ? $a_client[$id]['digest'] : "SHA1";
142	f5c704b6	jim-p	$pconfig['engine'] = $a_client[$id]['engine'];
143	d799787e	Matthew Grooms
144			$pconfig['tunnel_network'] = $a_client[$id]['tunnel_network'];
145	4856df9b	jim-p	$pconfig['tunnel_networkv6'] = $a_client[$id]['tunnel_networkv6'];
146	d799787e	Matthew Grooms	$pconfig['remote_network'] = $a_client[$id]['remote_network'];
147	4856df9b	jim-p	$pconfig['remote_networkv6'] = $a_client[$id]['remote_networkv6'];
148	b422360c	jim-p	$pconfig['use_shaper'] = $a_client[$id]['use_shaper'];
149	d799787e	Matthew Grooms	$pconfig['compression'] = $a_client[$id]['compression'];
150	1cb0b40a	Matthew Grooms	$pconfig['passtos'] = $a_client[$id]['passtos'];
151	3c11bd3c	Matthew Grooms
152			// just in case the modes switch
153			$pconfig['autokey_enable'] = "yes";
154			$pconfig['autotls_enable'] = "yes";
155	d799787e	Matthew Grooms	}
156			}
157
158			if ($_POST) {
159
160			unset($input_errors);
161			$pconfig = $_POST;
162
163	dc408939	Matthew Grooms	if (isset($id) && $a_client[$id])
164			$vpnid = $a_client[$id]['vpnid'];
165	f432e364	Matthew Grooms	else
166			$vpnid = 0;
167
168	198bb449	jim-p	list($iv_iface, $iv_ip) = explode ("\|",$pconfig['interface']);
169			if (is_ipaddrv4($iv_ip) && (stristr($pconfig['protocol'], "6") !== false)) {
170			$input_errors[] = gettext("Protocol and IP address families do not match. You cannot select an IPv6 protocol and an IPv4 IP address.");
171			} elseif (is_ipaddrv6($iv_ip) && (stristr($pconfig['protocol'], "6") === false)) {
172			$input_errors[] = gettext("Protocol and IP address families do not match. You cannot select an IPv4 protocol and an IPv6 IP address.");
173	489f484c	jim-p	} elseif ((stristr($pconfig['protocol'], "6") === false) && !get_interface_ip($iv_iface) && ($pconfig['interface'] != "any")) {
174	198bb449	jim-p	$input_errors[] = gettext("An IPv4 protocol was selected, but the selected interface has no IPv4 address.");
175	489f484c	jim-p	} elseif ((stristr($pconfig['protocol'], "6") !== false) && !get_interface_ipv6($iv_iface) && ($pconfig['interface'] != "any")) {
176	198bb449	jim-p	$input_errors[] = gettext("An IPv6 protocol was selected, but the selected interface has no IPv6 address.");
177			}
178
179	98c0c87a	jim-p	if ($pconfig['mode'] != "p2p_shared_key")
180	3c11bd3c	Matthew Grooms	$tls_mode = true;
181			else
182			$tls_mode = false;
183
184	d799787e	Matthew Grooms	/* input validation */
185	f432e364	Matthew Grooms	if ($pconfig['local_port']) {
186
187			if ($result = openvpn_validate_port($pconfig['local_port'], 'Local port'))
188			$input_errors[] = $result;
189
190	49b76122	Renato Botelho	$portused = openvpn_port_used($pconfig['protocol'], $pconfig['interface'], $pconfig['local_port'], $vpnid);
191	5accf130	jim-p	if (($portused != $vpnid) && ($portused != 0))
192	2fa7a468	Carlos Eduardo Ramos	$input_errors[] = gettext("The specified 'Local port' is in use. Please select another value");
193	f432e364	Matthew Grooms	}
194
195	d799787e	Matthew Grooms	if ($result = openvpn_validate_host($pconfig['server_addr'], 'Server host or address'))
196			$input_errors[] = $result;
197
198			if ($result = openvpn_validate_port($pconfig['server_port'], 'Server port'))
199			$input_errors[] = $result;
200
201			if ($pconfig['proxy_addr']) {
202
203			if ($result = openvpn_validate_host($pconfig['proxy_addr'], 'Proxy host or address'))
204			$input_errors[] = $result;
205
206			if ($result = openvpn_validate_port($pconfig['proxy_port'], 'Proxy port'))
207			$input_errors[] = $result;
208	762a24a3	Ermal Lu?i
209			if ($pconfig['proxy_authtype'] != "none") {
210			if (empty($pconfig['proxy_user']) \|\| empty($pconfig['proxy_passwd']))
211	2fa7a468	Carlos Eduardo Ramos	$input_errors[] = gettext("User name and password are required for proxy with authentication.");
212	762a24a3	Ermal Lu?i	}
213	d799787e	Matthew Grooms	}
214
215	c13b87a0	sullrich	if($pconfig['tunnel_network'])
216	a28d40cb	jim-p	if ($result = openvpn_validate_cidr($pconfig['tunnel_network'], 'IPv4 Tunnel Network', false, "ipv4"))
217	c13b87a0	sullrich	$input_errors[] = $result;
218	d799787e	Matthew Grooms
219	a28d40cb	jim-p	if($pconfig['tunnel_networkv6'])
220			if ($result = openvpn_validate_cidr($pconfig['tunnel_networkv6'], 'IPv6 Tunnel Network', false, "ipv6"))
221			$input_errors[] = $result;
222
223			if ($result = openvpn_validate_cidr($pconfig['remote_network'], 'IPv4 Remote Network', true, "ipv4"))
224			$input_errors[] = $result;
225
226			if ($result = openvpn_validate_cidr($pconfig['remote_networkv6'], 'IPv6 Remote Network', true, "ipv6"))
227	d799787e	Matthew Grooms	$input_errors[] = $result;
228
229	b422360c	jim-p	if (!empty($pconfig['use_shaper']) && (!is_numeric($pconfig['use_shaper']) \|\| ($pconfig['use_shaper'] <= 0)))
230			$input_errors[] = gettext("The bandwidth limit must be a positive numeric value.");
231
232	89e6e210	jim-p	if ($pconfig['autokey_enable'])
233			$pconfig['shared_key'] = openvpn_create_key();
234
235	3c11bd3c	Matthew Grooms	if (!$tls_mode && !$pconfig['autokey_enable'])
236	d799787e	Matthew Grooms	if (!strstr($pconfig['shared_key'], "-----BEGIN OpenVPN Static key V1-----") \|\|
237			!strstr($pconfig['shared_key'], "-----END OpenVPN Static key V1-----"))
238	2fa7a468	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'Shared Key' does not appear to be valid");
239	3c11bd3c	Matthew Grooms
240			if ($tls_mode && $pconfig['tlsauth_enable'] && !$pconfig['autotls_enable'])
241			if (!strstr($pconfig['tls'], "-----BEGIN OpenVPN Static key V1-----") \|\|
242			!strstr($pconfig['tls'], "-----END OpenVPN Static key V1-----"))
243	2fa7a468	Carlos Eduardo Ramos	$input_errors[] = gettext("The field 'TLS Authentication Key' does not appear to be valid");
244	d799787e	Matthew Grooms
245	6180c3ae	jim-p	/* If we are not in shared key mode, then we need the CA/Cert. */
246			if ($pconfig['mode'] != "p2p_shared_key") {
247	872d9195	Matthew Grooms	$reqdfields = explode(" ", "caref certref");
248	2fa7a468	Carlos Eduardo Ramos	$reqdfieldsn = array(gettext("Certificate Authority"),gettext("Certificate"));
249	6180c3ae	jim-p	} elseif (!$pconfig['autokey_enable']) {
250			/* We only need the shared key filled in if we are in shared key mode and autokey is not selected. */
251			$reqdfields = array('shared_key');
252	2fa7a468	Carlos Eduardo Ramos	$reqdfieldsn = array(gettext('Shared key'));
253	d799787e	Matthew Grooms	}
254
255	1e9b4611	Renato Botelho	do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
256	d799787e	Matthew Grooms
257			if (!$input_errors) {
258
259			$client = array();
260	5f242576	PiBa-NL
261			foreach($simplefields as $stat)
262			update_if_changed($stat, $client[$stat], $_POST[$stat]);
263
264	f432e364	Matthew Grooms	if ($vpnid)
265			$client['vpnid'] = $vpnid;
266	d799787e	Matthew Grooms	else
267			$client['vpnid'] = openvpn_vpnid_next();
268
269	8319ee63	jim-p	if ($_POST['disable'] == "yes")
270	b65f56f6	jim-p	$client['disable'] = true;
271	d799787e	Matthew Grooms	$client['protocol'] = $pconfig['protocol'];
272	4936ff53	jim-p	$client['dev_mode'] = $pconfig['dev_mode'];
273	67b0902f	pierrepomes	list($client['interface'], $client['ipaddr']) = explode ("\|",$pconfig['interface']);
274	d799787e	Matthew Grooms	$client['local_port'] = $pconfig['local_port'];
275			$client['server_addr'] = $pconfig['server_addr'];
276			$client['server_port'] = $pconfig['server_port'];
277			$client['resolve_retry'] = $pconfig['resolve_retry'];
278			$client['proxy_addr'] = $pconfig['proxy_addr'];
279			$client['proxy_port'] = $pconfig['proxy_port'];
280	762a24a3	Ermal Lu?i	$client['proxy_authtype'] = $pconfig['proxy_authtype'];
281			$client['proxy_user'] = $pconfig['proxy_user'];
282			$client['proxy_passwd'] = $pconfig['proxy_passwd'];
283	d799787e	Matthew Grooms	$client['description'] = $pconfig['description'];
284	50a9d5b9	jim-p	$client['mode'] = $pconfig['mode'];
285	e3bbd29a	Ermal	$client['custom_options'] = str_replace("\r\n", "\n", $pconfig['custom_options']);
286	d799787e	Matthew Grooms
287	3c11bd3c	Matthew Grooms	if ($tls_mode) {
288			$client['caref'] = $pconfig['caref'];
289			$client['certref'] = $pconfig['certref'];
290			if ($pconfig['tlsauth_enable']) {
291			if ($pconfig['autotls_enable'])
292			$pconfig['tls'] = openvpn_create_key();
293			$client['tls'] = base64_encode($pconfig['tls']);
294			}
295			} else {
296			$client['shared_key'] = base64_encode($pconfig['shared_key']);
297			}
298	d799787e	Matthew Grooms	$client['crypto'] = $pconfig['crypto'];
299	97d5b59b	jim-p	$client['digest'] = $pconfig['digest'];
300	582c58ae	jim-p	$client['engine'] = $pconfig['engine'];
301	d799787e	Matthew Grooms
302			$client['tunnel_network'] = $pconfig['tunnel_network'];
303	4856df9b	jim-p	$client['tunnel_networkv6'] = $pconfig['tunnel_networkv6'];
304	d799787e	Matthew Grooms	$client['remote_network'] = $pconfig['remote_network'];
305	4856df9b	jim-p	$client['remote_networkv6'] = $pconfig['remote_networkv6'];
306	b422360c	jim-p	$client['use_shaper'] = $pconfig['use_shaper'];
307	d799787e	Matthew Grooms	$client['compression'] = $pconfig['compression'];
308	e067306d	pierrepomes	$client['passtos'] = $pconfig['passtos'];
309	d799787e	Matthew Grooms
310			if (isset($id) && $a_client[$id])
311			$a_client[$id] = $client;
312			else
313			$a_client[] = $client;
314
315	dc408939	Matthew Grooms	openvpn_resync('client', $client);
316	d799787e	Matthew Grooms	write_config();
317
318			header("Location: vpn_openvpn_client.php");
319			exit;
320			}
321			}
322
323			include("head.inc");
324
325			?>
326
327			<body link="#000000" vlink="#000000" alink="#000000" onload="<?= $jsevents["body"]["onload"] ?>">
328			<?php include("fbegin.inc"); ?>
329	91f026b0	ayvis	<script type="text/javascript">
330	770f29c4	Colin Fleming	//<![CDATA[
331	d799787e	Matthew Grooms
332	3c11bd3c	Matthew Grooms	function mode_change() {
333			index = document.iform.mode.selectedIndex;
334			value = document.iform.mode.options[index].value;
335	d799787e	Matthew Grooms	switch(value) {
336	3c11bd3c	Matthew Grooms	case "p2p_tls":
337			document.getElementById("tls").style.display="";
338			document.getElementById("tls_ca").style.display="";
339			document.getElementById("tls_cert").style.display="";
340	d799787e	Matthew Grooms	document.getElementById("psk").style.display="none";
341			break;
342	3c11bd3c	Matthew Grooms	case "p2p_shared_key":
343			document.getElementById("tls").style.display="none";
344			document.getElementById("tls_ca").style.display="none";
345			document.getElementById("tls_cert").style.display="none";
346	d799787e	Matthew Grooms	document.getElementById("psk").style.display="";
347			break;
348			}
349			}
350
351	3c11bd3c	Matthew Grooms	function autokey_change() {
352			if (document.iform.autokey_enable.checked)
353			document.getElementById("autokey_opts").style.display="none";
354			else
355			document.getElementById("autokey_opts").style.display="";
356			}
357
358	762a24a3	Ermal Lu?i	function useproxy_changed() {
359
360	ea1cea05	Vinicius Coque	if (jQuery('#proxy_authtype').val() != 'none') {
361			jQuery('#proxy_authtype_opts').show();
362	762a24a3	Ermal Lu?i	} else {
363	ea1cea05	Vinicius Coque	jQuery('#proxy_authtype_opts').hide();
364	762a24a3	Ermal Lu?i	}
365			}
366
367	3c11bd3c	Matthew Grooms	function tlsauth_change() {
368
369			<?php if (!$pconfig['tls']): ?>
370			if (document.iform.tlsauth_enable.checked)
371			document.getElementById("tlsauth_opts").style.display="";
372			else
373			document.getElementById("tlsauth_opts").style.display="none";
374			<?php endif; ?>
375
376			autotls_change();
377			}
378
379			function autotls_change() {
380
381			<?php if (!$pconfig['tls']): ?>
382			autocheck = document.iform.autotls_enable.checked;
383			<?php else: ?>
384			autocheck = false;
385			<?php endif; ?>
386
387			if (document.iform.tlsauth_enable.checked && !autocheck)
388			document.getElementById("autotls_opts").style.display="";
389			else
390			document.getElementById("autotls_opts").style.display="none";
391			}
392
393	770f29c4	Colin Fleming	//]]>
394	d799787e	Matthew Grooms	</script>
395			<?php
396	428e66b6	jim-p	if (!$savemsg)
397			$savemsg = "";
398
399			if ($input_errors)
400			print_input_errors($input_errors);
401			if ($savemsg)
402			print_info_box($savemsg);
403	d799787e	Matthew Grooms	?>
404	770f29c4	Colin Fleming	<table width="100%" border="0" cellpadding="0" cellspacing="0" summary="vpn openvpn client">
405	d799787e	Matthew Grooms	<tr>
406			<td class="tabnavtbl">
407			<?php
408			$tab_array = array();
409			$tab_array[] = array(gettext("Server"), false, "vpn_openvpn_server.php");
410			$tab_array[] = array(gettext("Client"), true, "vpn_openvpn_client.php");
411			$tab_array[] = array(gettext("Client Specific Overrides"), false, "vpn_openvpn_csc.php");
412	5540aee6	Ermal Lu?i	$tab_array[] = array(gettext("Wizards"), false, "wizard.php?xml=openvpn_wizard.xml");
413	b63f2e8b	Matthew Grooms	add_package_tabs("OpenVPN", $tab_array);
414	d799787e	Matthew Grooms	display_top_tabs($tab_array);
415			?>
416			</td>
417			</tr>
418			<tr>
419			<td class="tabcont">
420
421			<?php if($act=="new" \|\| $act=="edit"): ?>
422
423			<form action="vpn_openvpn_client.php" method="post" name="iform" id="iform" onsubmit="presubmit()">
424	770f29c4	Colin Fleming	<table width="100%" border="0" cellpadding="6" cellspacing="0" summary="general information">
425	47c00c09	Scott Ullrich	<tr>
426	2fa7a468	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="listtopic"><?=gettext("General information"); ?></td>
427	47c00c09	Scott Ullrich	</tr>
428	d799787e	Matthew Grooms	<tr>
429	2fa7a468	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Disabled"); ?></td>
430	d799787e	Matthew Grooms	<td width="78%" class="vtable">
431	770f29c4	Colin Fleming	<table border="0" cellpadding="0" cellspacing="0" summary="enable disable client">
432	d799787e	Matthew Grooms	<tr>
433			<td>
434			<?php set_checked($pconfig['disable'],$chk); ?>
435	770f29c4	Colin Fleming	<input name="disable" type="checkbox" value="yes" <?=$chk;?> />
436	d799787e	Matthew Grooms	</td>
437			<td>
438
439			<span class="vexpl">
440	8cd558b6	ayvis	<strong><?=gettext("Disable this client"); ?></strong><br />
441	d799787e	Matthew Grooms	</span>
442			</td>
443			</tr>
444			</table>
445	2fa7a468	Carlos Eduardo Ramos	<?=gettext("Set this option to disable this client without removing it from the list"); ?>.
446	d799787e	Matthew Grooms	</td>
447			</tr>
448	3c11bd3c	Matthew Grooms	<tr>
449			<td width="22%" valign="top" class="vncellreq"><?=gettext("Server Mode");?></td>
450			<td width="78%" class="vtable">
451	770f29c4	Colin Fleming	<select name="mode" id="mode" class="formselect" onchange="mode_change()">
452	3c11bd3c	Matthew Grooms	<?php
453			foreach ($openvpn_client_modes as $name => $desc):
454			$selected = "";
455			if ($pconfig['mode'] == $name)
456	770f29c4	Colin Fleming	$selected = "selected=\"selected\"";
457	3c11bd3c	Matthew Grooms	?>
458			<option value="<?=$name;?>" <?=$selected;?>><?=$desc;?></option>
459			<?php endforeach; ?>
460			</select>
461			</td>
462			</tr>
463	d799787e	Matthew Grooms	<tr>
464			<td width="22%" valign="top" class="vncellreq"><?=gettext("Protocol");?></td>
465			<td width="78%" class="vtable">
466			<select name='protocol' class="formselect">
467			<?php
468			foreach ($openvpn_prots as $prot):
469			$selected = "";
470			if ($pconfig['protocol'] == $prot)
471	770f29c4	Colin Fleming	$selected = "selected=\"selected\"";
472	d799787e	Matthew Grooms	?>
473			<option value="<?=$prot;?>" <?=$selected;?>><?=$prot;?></option>
474			<?php endforeach; ?>
475			</select>
476			</td>
477			</tr>
478	691fbf14	Ermal Lu?i	<tr>
479			<td width="22%" valign="top" class="vncellreq"><?=gettext("Device mode");?></td>
480			<td width="78%" class="vtable">
481	4936ff53	jim-p	<select name='dev_mode' class="formselect">
482	691fbf14	Ermal Lu?i	<?php
483			foreach ($openvpn_dev_mode as $mode):
484			$selected = "";
485	4936ff53	jim-p	if ($pconfig['dev_mode'] == $mode)
486	770f29c4	Colin Fleming	$selected = "selected=\"selected\"";
487	691fbf14	Ermal Lu?i	?>
488			<option value="<?=$mode;?>" <?=$selected;?>><?=$mode;?></option>
489			<?php endforeach; ?>
490			</select>
491			</td>
492			</tr>
493	d799787e	Matthew Grooms	<tr>
494	2fa7a468	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Interface"); ?></td>
495	d799787e	Matthew Grooms	<td width="78%" class="vtable">
496			<select name="interface" class="formselect">
497			<?php
498			$interfaces = get_configured_interface_with_descr();
499	3d06e8f0	pierrepomes	$carplist = get_configured_carp_interface_list();
500			foreach ($carplist as $cif => $carpip)
501	dd62256f	Pierre POMES	$interfaces[$cif.'\|'.$carpip] = $carpip." (".get_vip_descr($carpip).")";
502	67b0902f	pierrepomes	$aliaslist = get_configured_ip_aliases_list();
503			foreach ($aliaslist as $aliasip => $aliasif)
504	dd62256f	Pierre POMES	$interfaces[$aliasif.'\|'.$aliasip] = $aliasip." (".get_vip_descr($aliasip).")";
505	174ba22b	smos	$grouplist = return_gateway_groups_array();
506			foreach ($grouplist as $name => $group) {
507			if($group['ipprotocol'] != inet)
508			continue;
509			if($group[0]['vip'] <> "")
510			$vipif = $group[0]['vip'];
511			else
512			$vipif = $group[0]['int'];
513			$interfaces[$name] = "GW Group {$name}";
514			}
515	5c94aa12	jim-p	$interfaces['lo0'] = "Localhost";
516	67b0902f	pierrepomes	$interfaces['any'] = "any";
517	3d06e8f0	pierrepomes	foreach ($interfaces as $iface => $ifacename):
518	1d3bcd2a	Matthew Grooms	$selected = "";
519			if ($iface == $pconfig['interface'])
520	770f29c4	Colin Fleming	$selected = "selected=\"selected\"";
521	d799787e	Matthew Grooms	?>
522	1d3bcd2a	Matthew Grooms	<option value="<?=$iface;?>" <?=$selected;?>>
523			<?=htmlspecialchars($ifacename);?>
524			</option>
525	d799787e	Matthew Grooms	<?php endforeach; ?>
526	8cd558b6	ayvis	</select> <br />
527	d799787e	Matthew Grooms	</td>
528			</tr>
529	1d3bcd2a	Matthew Grooms	<tr>
530			<td width="22%" valign="top" class="vncell"><?=gettext("Local port");?></td>
531			<td width="78%" class="vtable">
532	770f29c4	Colin Fleming	<input name="local_port" type="text" class="formfld unknown" size="5" value="<?=htmlspecialchars($pconfig['local_port']);?>" />
533	8cd558b6	ayvis	<br />
534	5708241f	jim-p	<?=gettext("Set this option if you would like to bind to a specific port. Leave this blank or enter 0 for a random dynamic port."); ?>
535	1d3bcd2a	Matthew Grooms	</td>
536			</tr>
537	d799787e	Matthew Grooms	<tr>
538			<td width="22%" valign="top" class="vncellreq"><?=gettext("Server host or address");?></td>
539			<td width="78%" class="vtable">
540	770f29c4	Colin Fleming	<input name="server_addr" type="text" class="formfld unknown" size="30" value="<?=htmlspecialchars($pconfig['server_addr']);?>" />
541	d799787e	Matthew Grooms	</td>
542			</tr>
543			<tr>
544			<td width="22%" valign="top" class="vncellreq"><?=gettext("Server port");?></td>
545			<td width="78%" class="vtable">
546	770f29c4	Colin Fleming	<input name="server_port" type="text" class="formfld unknown" size="5" value="<?=htmlspecialchars($pconfig['server_port']);?>" />
547	d799787e	Matthew Grooms	</td>
548			</tr>
549			<tr>
550			<td width="22%" valign="top" class="vncell"><?=gettext("Proxy host or address");?></td>
551			<td width="78%" class="vtable">
552	770f29c4	Colin Fleming	<input name="proxy_addr" type="text" class="formfld unknown" size="30" value="<?=htmlspecialchars($pconfig['proxy_addr']);?>" />
553	d799787e	Matthew Grooms	</td>
554			</tr>
555			<tr>
556			<td width="22%" valign="top" class="vncell"><?=gettext("Proxy port");?></td>
557			<td width="78%" class="vtable">
558	770f29c4	Colin Fleming	<input name="proxy_port" type="text" class="formfld unknown" size="5" value="<?=htmlspecialchars($pconfig['proxy_port']);?>" />
559	d799787e	Matthew Grooms	</td>
560			</tr>
561	762a24a3	Ermal Lu?i	<tr>
562			<td width="22%" valign="top" class="vncell"><?=gettext("Proxy authentication extra options");?></td>
563			<td width="78%" class="vtable">
564	770f29c4	Colin Fleming	<table border="0" cellpadding="2" cellspacing="0" summary="proxy authentication">
565	762a24a3	Ermal Lu?i	<tr>
566			<td align="right" width="25%">
567			<span class="vexpl">
568	2fa7a468	Carlos Eduardo Ramos	<?=gettext("Authentication method"); ?> :
569	762a24a3	Ermal Lu?i	</span>
570			</td>
571			<td>
572	770f29c4	Colin Fleming	<select name="proxy_authtype" id="proxy_authtype" class="formfld select" onchange="useproxy_changed()">
573			<option value="none" <?php if ($pconfig['proxy_authtype'] == "none") echo "selected=\"selected\""; ?>><?=gettext("none"); ?></option>
574			<option value="basic" <?php if ($pconfig['proxy_authtype'] == "basic") echo "selected=\"selected\""; ?>><?=gettext("basic"); ?></option>
575			<option value="ntlm" <?php if ($pconfig['proxy_authtype'] == "ntlm") echo "selected=\"selected\""; ?>><?=gettext("ntlm"); ?></option>
576	762a24a3	Ermal Lu?i	</select>
577			</td>
578			</tr>
579			</table>
580			<br />
581	770f29c4	Colin Fleming	<table border="0" cellpadding="2" cellspacing="0" id="proxy_authtype_opts" style="display:none" summary="proxy authentication options">
582	762a24a3	Ermal Lu?i	<tr>
583			<td align="right" width="25%">
584			<span class="vexpl">
585	2fa7a468	Carlos Eduardo Ramos	<?=gettext("Username"); ?> :
586	762a24a3	Ermal Lu?i	</span>
587			</td>
588			<td>
589			<input name="proxy_user" id="proxy_user" class="formfld unknown" size="20" value="<?=htmlspecialchars($pconfig['proxy_user']);?>" />
590			</td>
591			</tr>
592			<tr>
593			<td align="right" width="25%">
594			<span class="vexpl">
595	2fa7a468	Carlos Eduardo Ramos	<?=gettext("Password"); ?> :
596	762a24a3	Ermal Lu?i	</span>
597			</td>
598			<td>
599			<input name="proxy_passwd" id="proxy_passwd" type="password" class="formfld pwd" size="20" value="<?=htmlspecialchars($pconfig['proxy_passwd']);?>" />
600			</td>
601			</tr>
602			</table>
603			</td>
604			</tr>
605	d799787e	Matthew Grooms	<tr>
606	2fa7a468	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Server host name resolution"); ?></td>
607	d799787e	Matthew Grooms	<td width="78%" class="vtable">
608	770f29c4	Colin Fleming	<table border="0" cellpadding="2" cellspacing="0" summary="server host name resolution">
609	d799787e	Matthew Grooms	<tr>
610			<td>
611			<?php set_checked($pconfig['resolve_retry'],$chk); ?>
612	770f29c4	Colin Fleming	<input name="resolve_retry" type="checkbox" value="yes" <?=$chk;?> />
613	d799787e	Matthew Grooms	</td>
614			<td>
615			<span class="vexpl">
616	2fa7a468	Carlos Eduardo Ramos	<?=gettext("Infinitely resolve server"); ?>
617	d799787e	Matthew Grooms	</span>
618			</td>
619			</tr>
620			</table>
621	2fa7a468	Carlos Eduardo Ramos	<?=gettext("Continuously attempt to resolve the server host " .
622			"name. Useful when communicating with a server " .
623			"that is not permanently connected to the Internet"); ?>.
624	d799787e	Matthew Grooms	</td>
625			</tr>
626			<tr>
627	2fa7a468	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Description"); ?></td>
628	d799787e	Matthew Grooms	<td width="78%" class="vtable">
629	770f29c4	Colin Fleming	<input name="description" type="text" class="formfld unknown" size="30" value="<?=htmlspecialchars($pconfig['description']);?>" />
630	8cd558b6	ayvis	<br />
631	2fa7a468	Carlos Eduardo Ramos	<?=gettext("You may enter a description here for your reference (not parsed)"); ?>.
632	d799787e	Matthew Grooms	</td>
633			</tr>
634			<tr>
635			<td colspan="2" class="list" height="12"></td>
636			</tr>
637	5f242576	PiBa-NL	<tr>
638			<td colspan="2" valign="top" class="listtopic"><?=gettext("User Authentication Settings"); ?></td>
639			</tr>
640			<tr>
641			<td width="22%" valign="top" class="vncell"><?=gettext("User name/pass"); ?></td>
642			<td width="78%" class="vtable">
643			<?=gettext("Leave empty when no user name and password are needed."); ?>
644	770f29c4	Colin Fleming	<br/>
645			<table border="0" cellpadding="2" cellspacing="0" summary="user name password">
646	5f242576	PiBa-NL	<tr>
647			<td align="right" width="25%">
648			<span class="vexpl">
649			<?=gettext("Username"); ?> :
650			</span>
651			</td>
652			<td>
653			<input name="auth_user" id="auth_user" class="formfld unknown" size="20" value="<?=htmlspecialchars($pconfig['auth_user']);?>" />
654			</td>
655			</tr>
656			<tr>
657			<td align="right" width="25%">
658			<span class="vexpl">
659			<?=gettext("Password"); ?> :
660			</span>
661			</td>
662			<td>
663			<input name="auth_pass" id="auth_pass" type="password" class="formfld pwd" size="20" value="<?=htmlspecialchars($pconfig['auth_pass']);?>" />
664			</td>
665			</tr>
666			</table>
667			</td>
668			</tr>
669	d799787e	Matthew Grooms	<tr>
670	2fa7a468	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="listtopic"><?=gettext("Cryptographic Settings"); ?></td>
671	d799787e	Matthew Grooms	</tr>
672	3c11bd3c	Matthew Grooms	<tr id="tls">
673	2fa7a468	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("TLS Authentication"); ?></td>
674	3c11bd3c	Matthew Grooms	<td width="78%" class="vtable">
675	770f29c4	Colin Fleming	<table border="0" cellpadding="2" cellspacing="0" summary="tls authentication">
676	3c11bd3c	Matthew Grooms	<tr>
677			<td>
678			<?php set_checked($pconfig['tlsauth_enable'],$chk); ?>
679	770f29c4	Colin Fleming	<input name="tlsauth_enable" id="tlsauth_enable" type="checkbox" value="yes" <?=$chk;?> onclick="tlsauth_change()" />
680	3c11bd3c	Matthew Grooms	</td>
681			<td>
682			<span class="vexpl">
683	2fa7a468	Carlos Eduardo Ramos	<?=gettext("Enable authentication of TLS packets"); ?>.
684	3c11bd3c	Matthew Grooms	</span>
685			</td>
686			</tr>
687			</table>
688			<?php if (!$pconfig['tls']): ?>
689	770f29c4	Colin Fleming	<table border="0" cellpadding="2" cellspacing="0" id="tlsauth_opts" summary="tls authentication options">
690	3c11bd3c	Matthew Grooms	<tr>
691			<td>
692			<?php set_checked($pconfig['autotls_enable'],$chk); ?>
693	770f29c4	Colin Fleming	<input name="autotls_enable" id="autotls_enable" type="checkbox" value="yes" <?=$chk;?> onclick="autotls_change()" />
694	3c11bd3c	Matthew Grooms	</td>
695			<td>
696			<span class="vexpl">
697	2fa7a468	Carlos Eduardo Ramos	<?=gettext("Automatically generate a shared TLS authentication key"); ?>.
698	3c11bd3c	Matthew Grooms	</span>
699			</td>
700			</tr>
701			</table>
702			<?php endif; ?>
703	770f29c4	Colin Fleming	<table border="0" cellpadding="2" cellspacing="0" id="autotls_opts" summary="tls authentication options">
704	3c11bd3c	Matthew Grooms	<tr>
705			<td>
706			<textarea name="tls" cols="65" rows="7" class="formpre"><?=htmlspecialchars($pconfig['tls']);?></textarea>
707	8cd558b6	ayvis	<br />
708	2fa7a468	Carlos Eduardo Ramos	<?=gettext("Paste your shared key here"); ?>.
709	3c11bd3c	Matthew Grooms	</td>
710			</tr>
711			</table>
712			</td>
713	d799787e	Matthew Grooms	</tr>
714	3c11bd3c	Matthew Grooms	<tr id="tls_ca">
715	2fa7a468	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Peer Certificate Authority"); ?></td>
716	d799787e	Matthew Grooms	<td width="78%" class="vtable">
717	19cdeb3e	jim-p	<?php if (count($a_ca)): ?>
718	d799787e	Matthew Grooms	<select name='caref' class="formselect">
719			<?php
720	428e66b6	jim-p	foreach ($a_ca as $ca):
721	d799787e	Matthew Grooms	$selected = "";
722			if ($pconfig['caref'] == $ca['refid'])
723	770f29c4	Colin Fleming	$selected = "selected=\"selected\"";
724	d799787e	Matthew Grooms	?>
725	f2a86ca9	jim-p	<option value="<?=$ca['refid'];?>" <?=$selected;?>><?=$ca['descr'];?></option>
726	d799787e	Matthew Grooms	<?php endforeach; ?>
727			</select>
728	19cdeb3e	jim-p	<?php else: ?>
729	8cd558b6	ayvis	<b>No Certificate Authorities defined.</b> <br />Create one under <a href="system_camanager.php">System > Cert Manager</a>.
730	19cdeb3e	jim-p	<?php endif; ?>
731	d799787e	Matthew Grooms	</td>
732			</tr>
733	3c11bd3c	Matthew Grooms	<tr id="tls_cert">
734	2fa7a468	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Client Certificate"); ?></td>
735	d799787e	Matthew Grooms	<td width="78%" class="vtable">
736	19cdeb3e	jim-p	<?php if (count($a_cert)): ?>
737	d799787e	Matthew Grooms	<select name='certref' class="formselect">
738			<?php
739	428e66b6	jim-p	foreach ($a_cert as $cert):
740	9e303f2f	jim-p	$selected = "";
741			$caname = "";
742			$inuse = "";
743			$revoked = "";
744			$ca = lookup_ca($cert['caref']);
745			if ($ca)
746			$caname = " (CA: {$ca['descr']})";
747			if ($pconfig['certref'] == $cert['refid'])
748	770f29c4	Colin Fleming	$selected = "selected=\"selected\"";
749	9e303f2f	jim-p	if (cert_in_use($cert['refid']))
750			$inuse = " *In Use";
751			if (is_cert_revoked($cert))
752			$revoked = " *Revoked";
753	d799787e	Matthew Grooms	?>
754	6a0b3ea4	jim-p	<option value="<?=$cert['refid'];?>" <?=$selected;?>><?=$cert['descr'] . $caname . $inuse . $revoked;?></option>
755	d799787e	Matthew Grooms	<?php endforeach; ?>
756			</select>
757	19cdeb3e	jim-p	<?php else: ?>
758	8cd558b6	ayvis	<b>No Certificates defined.</b> <br />Create one under <a href="system_certmanager.php">System > Cert Manager</a>.
759	19cdeb3e	jim-p	<?php endif; ?>
760	d799787e	Matthew Grooms	</td>
761			</tr>
762			<tr id="psk">
763	2fa7a468	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Shared Key"); ?></td>
764	3c11bd3c	Matthew Grooms	<td width="78%" class="vtable">
765			<?php if (!$pconfig['shared_key']): ?>
766	770f29c4	Colin Fleming	<table border="0" cellpadding="2" cellspacing="0" summary="shared key">
767	3c11bd3c	Matthew Grooms	<tr>
768			<td>
769			<?php set_checked($pconfig['autokey_enable'],$chk); ?>
770	770f29c4	Colin Fleming	<input name="autokey_enable" type="checkbox" value="yes" <?=$chk;?> onclick="autokey_change()" />
771	3c11bd3c	Matthew Grooms	</td>
772			<td>
773			<span class="vexpl">
774	2fa7a468	Carlos Eduardo Ramos	<?=gettext("Automatically generate a shared key"); ?>.
775	3c11bd3c	Matthew Grooms	</span>
776			</td>
777			</tr>
778			</table>
779			<?php endif; ?>
780	770f29c4	Colin Fleming	<table border="0" cellpadding="2" cellspacing="0" id="autokey_opts" summary="shared key options">
781	3c11bd3c	Matthew Grooms	<tr>
782			<td>
783			<textarea name="shared_key" cols="65" rows="7" class="formpre"><?=htmlspecialchars($pconfig['shared_key']);?></textarea>
784	8cd558b6	ayvis	<br />
785	2fa7a468	Carlos Eduardo Ramos	<?=gettext("Paste your shared key here"); ?>.
786	3c11bd3c	Matthew Grooms	</td>
787			</tr>
788			</table>
789	d799787e	Matthew Grooms	</td>
790			</tr>
791			<tr>
792	2fa7a468	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Encryption algorithm"); ?></td>
793	d799787e	Matthew Grooms	<td width="78%" class="vtable">
794			<select name="crypto" class="formselect">
795			<?php
796			$cipherlist = openvpn_get_cipherlist();
797			foreach ($cipherlist as $name => $desc):
798	770f29c4	Colin Fleming	$selected = "";
799	d799787e	Matthew Grooms	if ($name == $pconfig['crypto'])
800	770f29c4	Colin Fleming	$selected = " selected=\"selected\"";
801	d799787e	Matthew Grooms	?>
802			<option value="<?=$name;?>"<?=$selected?>>
803			<?=htmlspecialchars($desc);?>
804			</option>
805			<?php endforeach; ?>
806			</select>
807			</td>
808			</tr>
809	97d5b59b	jim-p	<tr>
810			<td width="22%" valign="top" class="vncellreq"><?=gettext("Auth Digest Algorithm"); ?></td>
811			<td width="78%" class="vtable">
812			<select name="digest" class="formselect">
813			<?php
814			$digestlist = openvpn_get_digestlist();
815			foreach ($digestlist as $name => $desc):
816	770f29c4	Colin Fleming	$selected = "";
817	97d5b59b	jim-p	if ($name == $pconfig['digest'])
818	770f29c4	Colin Fleming	$selected = " selected=\"selected\"";
819	97d5b59b	jim-p	?>
820			<option value="<?=$name;?>"<?=$selected?>>
821			<?=htmlspecialchars($desc);?>
822			</option>
823			<?php endforeach; ?>
824			</select>
825			</td>
826			</tr>
827	582c58ae	jim-p	<tr id="engine">
828			<td width="22%" valign="top" class="vncellreq"><?=gettext("Hardware Crypto"); ?></td>
829			<td width="78%" class="vtable">
830			<select name="engine" class="formselect">
831			<?php
832			$engines = openvpn_get_engines();
833			foreach ($engines as $name => $desc):
834	770f29c4	Colin Fleming	$selected = "";
835	582c58ae	jim-p	if ($name == $pconfig['engine'])
836	770f29c4	Colin Fleming	$selected = " selected=\"selected\"";
837	582c58ae	jim-p	?>
838			<option value="<?=$name;?>"<?=$selected?>>
839			<?=htmlspecialchars($desc);?>
840			</option>
841			<?php endforeach; ?>
842			</select>
843			</td>
844			</tr>
845	d799787e	Matthew Grooms	<tr>
846			<td colspan="2" class="list" height="12"></td>
847			</tr>
848			<tr>
849	2fa7a468	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="listtopic"><?=gettext("Tunnel Settings"); ?></td>
850	d799787e	Matthew Grooms	</tr>
851			<tr>
852	4856df9b	jim-p	<td width="22%" valign="top" class="vncell"><?=gettext("IPv4 Tunnel Network"); ?></td>
853	d799787e	Matthew Grooms	<td width="78%" class="vtable">
854	770f29c4	Colin Fleming	<input name="tunnel_network" type="text" class="formfld unknown" size="20" value="<?=htmlspecialchars($pconfig['tunnel_network']);?>" />
855	8cd558b6	ayvis	<br />
856	2fa7a468	Carlos Eduardo Ramos	<?=gettext("This is the virtual network used for private " .
857			"communications between this client and the " .
858			"server expressed using CIDR (eg. 10.0.8.0/24). " .
859			"The first network address is assumed to be the " .
860			"server address and the second network address " .
861			"will be assigned to the client virtual " .
862			"interface"); ?>.
863	d799787e	Matthew Grooms	</td>
864			</tr>
865			<tr>
866	4856df9b	jim-p	<td width="22%" valign="top" class="vncell"><?=gettext("IPv6 Tunnel Network"); ?></td>
867			<td width="78%" class="vtable">
868	770f29c4	Colin Fleming	<input name="tunnel_networkv6" type="text" class="formfld unknown" size="20" value="<?=htmlspecialchars($pconfig['tunnel_networkv6']);?>" />
869	8cd558b6	ayvis	<br />
870	4856df9b	jim-p	<?=gettext("This is the IPv6 virtual network used for private " .
871			"communications between this client and the " .
872			"server expressed using CIDR (eg. fe80::/64). " .
873			"The first network address is assumed to be the " .
874			"server address and the second network address " .
875			"will be assigned to the client virtual " .
876			"interface"); ?>.
877			</td>
878			</tr>
879			<tr>
880	3835613a	Phil Davis	<td width="22%" valign="top" class="vncell"><?=gettext("IPv4 Remote Network/s"); ?></td>
881	d799787e	Matthew Grooms	<td width="78%" class="vtable">
882	770f29c4	Colin Fleming	<input name="remote_network" type="text" class="formfld unknown" size="40" value="<?=htmlspecialchars($pconfig['remote_network']);?>" />
883	8cd558b6	ayvis	<br />
884	3835613a	Phil Davis	<?=gettext("These are the IPv4 networks that will be routed through " .
885	2fa7a468	Carlos Eduardo Ramos	"the tunnel, so that a site-to-site VPN can be " .
886	3835613a	Phil Davis	"established without manually changing the routing tables. " .
887			"Expressed as a comma-separated list of one or more CIDR ranges. " .
888			"If this is a site-to-site VPN, enter the " .
889			"remote LAN/s here. You may leave this blank to " .
890	2fa7a468	Carlos Eduardo Ramos	"only communicate with other clients"); ?>.
891	d799787e	Matthew Grooms	</td>
892			</tr>
893	4856df9b	jim-p	<tr>
894	3835613a	Phil Davis	<td width="22%" valign="top" class="vncell"><?=gettext("IPv6 Remote Network/s"); ?></td>
895	4856df9b	jim-p	<td width="78%" class="vtable">
896	770f29c4	Colin Fleming	<input name="remote_networkv6" type="text" class="formfld unknown" size="40" value="<?=htmlspecialchars($pconfig['remote_networkv6']);?>" />
897	8cd558b6	ayvis	<br />
898	3835613a	Phil Davis	<?=gettext("These are the IPv6 networks that will be routed through " .
899	4856df9b	jim-p	"the tunnel, so that a site-to-site VPN can be " .
900	3835613a	Phil Davis	"established without manually changing the routing tables. " .
901			"Expressed as a comma-separated list of one or more IP/PREFIX. " .
902			"If this is a site-to-site VPN, enter the " .
903			"remote LAN/s here. You may leave this blank to " .
904	4856df9b	jim-p	"only communicate with other clients"); ?>.
905			</td>
906			</tr>
907	d799787e	Matthew Grooms	<tr>
908			<td width="22%" valign="top" class="vncell"><?=gettext("Limit outgoing bandwidth");?></td>
909			<td width="78%" class="vtable">
910	770f29c4	Colin Fleming	<input name="use_shaper" type="text" class="formfld unknown" size="5" value="<?=htmlspecialchars($pconfig['use_shaper']);?>" />
911	8cd558b6	ayvis	<br />
912	2fa7a468	Carlos Eduardo Ramos	<?=gettext("Maximum outgoing bandwidth for this tunnel. " .
913			"Leave empty for no limit. The input value has " .
914			"to be something between 100 bytes/sec and 100 " .
915			"Mbytes/sec (entered as bytes per second)"); ?>.
916	d799787e	Matthew Grooms	</td>
917			</tr>
918			<tr>
919	2fa7a468	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Compression"); ?></td>
920	d799787e	Matthew Grooms	<td width="78%" class="vtable">
921	edba1982	jim-p	<select name="compression" class="formselect">
922			<?php
923			foreach ($openvpn_compression_modes as $cmode => $cmodedesc):
924	770f29c4	Colin Fleming	$selected = "";
925	edba1982	jim-p	if ($cmode == $pconfig['compression'])
926	770f29c4	Colin Fleming	$selected = " selected=\"selected\"";
927	edba1982	jim-p	?>
928			<option value="<?= $cmode ?>" <?= $selected ?>><?= $cmodedesc ?></option>
929			<?php endforeach; ?>
930			</select>
931	8cd558b6	ayvis	<br />
932	edba1982	jim-p	<?=gettext("Compress tunnel packets using the LZO algorithm. Adaptive compression will dynamically disable compression for a period of time if OpenVPN detects that the data in the packets is not being compressed efficiently."); ?>.
933	d799787e	Matthew Grooms	</td>
934			</tr>
935			<tr>
936	2fa7a468	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Type-of-Service"); ?></td>
937	d799787e	Matthew Grooms	<td width="78%" class="vtable">
938	770f29c4	Colin Fleming	<table border="0" cellpadding="2" cellspacing="0" summary="type-of-service">
939	d799787e	Matthew Grooms	<tr>
940			<td>
941	1cb0b40a	Matthew Grooms	<?php set_checked($pconfig['passtos'],$chk); ?>
942	770f29c4	Colin Fleming	<input name="passtos" type="checkbox" value="yes" <?=$chk;?> />
943	d799787e	Matthew Grooms	</td>
944			<td>
945			<span class="vexpl">
946	2fa7a468	Carlos Eduardo Ramos	<?=gettext("Set the TOS IP header value of tunnel packets to match the encapsulated packet value"); ?>.
947	d799787e	Matthew Grooms	</span>
948			</td>
949			</tr>
950			</table>
951			</td>
952			</tr>
953	4856df9b	jim-p	</table>
954
955	770f29c4	Colin Fleming	<table width="100%" border="0" cellpadding="6" cellspacing="0" id="client_opts" summary="advance configuration">
956	c7323d81	sullrich	<tr>
957			<td colspan="2" class="list" height="12"></td>
958			</tr>
959			<tr>
960	2fa7a468	Carlos Eduardo Ramos	<td colspan="2" valign="top" class="listtopic"><?=gettext("Advanced configuration"); ?></td>
961	c7323d81	sullrich	</tr>
962			<tr>
963	2fa7a468	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Advanced"); ?></td>
964	c7323d81	sullrich	<td width="78%" class="vtable">
965	770f29c4	Colin Fleming	<table border="0" cellpadding="2" cellspacing="0" summary="advance configuration">
966	c7323d81	sullrich	<tr>
967			<td>
968	8cd558b6	ayvis	<textarea rows="6" cols="78" name="custom_options" id="custom_options"><?=htmlspecialchars($pconfig['custom_options']);?></textarea><br />
969			<?=gettext("Enter any additional options you would like to add to the OpenVPN client configuration here, separated by a semicolon"); ?><br />
970	3835613a	Phil Davis	<?=gettext("EXAMPLE:"); ?> <strong>remote server.mysite.com 1194;</strong> or <strong>remote 1.2.3.4 1194;</strong>
971	c7323d81	sullrich	</td>
972			</tr>
973			</table>
974			</td>
975	4856df9b	jim-p	</tr>
976			</table>
977
978	8cd558b6	ayvis	<br />
979	770f29c4	Colin Fleming	<table width="100%" border="0" cellpadding="6" cellspacing="0" summary="icons">
980	d799787e	Matthew Grooms	<tr>
981			<td width="22%" valign="top"> </td>
982			<td width="78%">
983	770f29c4	Colin Fleming	<input name="save" type="submit" class="formbtn" value="<?=gettext("Save"); ?>" />
984			<input name="act" type="hidden" value="<?=$act;?>" />
985	d799787e	Matthew Grooms	<?php if (isset($id) && $a_client[$id]): ?>
986	770f29c4	Colin Fleming	<input name="id" type="hidden" value="<?=htmlspecialchars($id);?>" />
987	d799787e	Matthew Grooms	<?php endif; ?>
988			</td>
989			</tr>
990			</table>
991			</form>
992
993			<?php else: ?>
994
995	770f29c4	Colin Fleming	<table class="sortable" width="100%" border="0" cellpadding="0" cellspacing="0" summary="list of openvpn clients">
996	7773b868	jim-p	<thead>
997	d799787e	Matthew Grooms	<tr>
998	2fa7a468	Carlos Eduardo Ramos	<td width="10%" class="listhdrr"><?=gettext("Disabled"); ?></td>
999			<td width="10%" class="listhdrr"><?=gettext("Protocol"); ?></td>
1000			<td width="30%" class="listhdrr"><?=gettext("Server"); ?></td>
1001			<td width="40%" class="listhdrr"><?=gettext("Description"); ?></td>
1002	d799787e	Matthew Grooms	<td width="10%" class="list"></td>
1003			</tr>
1004	7773b868	jim-p	</thead>
1005	770f29c4	Colin Fleming	<tfoot>
1006			<tr>
1007			<td class="list" colspan="4"></td>
1008			<td class="list">
1009			<a href="vpn_openvpn_client.php?act=new"><img src="./themes/<?=$g['theme'];?>/images/icons/icon_plus.gif" title="<?=gettext("add client"); ?>" width="17" height="17" border="0" alt="add" />
1010			</a>
1011			</td>
1012			</tr>
1013			<tr>
1014			<td colspan="4">
1015			<p>
1016			<?=gettext("Additional OpenVPN clients can be added here.");?>
1017			</p>
1018			</td>
1019			</tr>
1020			</tfoot>
1021	7773b868	jim-p	<tbody>
1022	d799787e	Matthew Grooms	<?php
1023			$i = 0;
1024			foreach($a_client as $client):
1025			$disabled = "NO";
1026	8319ee63	jim-p	if (isset($client['disable']))
1027	d799787e	Matthew Grooms	$disabled = "YES";
1028			$server = "{$client['server_addr']}:{$client['server_port']}";
1029			?>
1030	770f29c4	Colin Fleming	<tr ondblclick="document.location='vpn_openvpn_client.php?act=edit&id=<?=$i;?>'">
1031	d799787e	Matthew Grooms	<td class="listlr">
1032			<?=$disabled;?>
1033			</td>
1034			<td class="listr">
1035			<?=htmlspecialchars($client['protocol']);?>
1036			</td>
1037			<td class="listr">
1038			<?=htmlspecialchars($server);?>
1039			</td>
1040	296a3cb6	Scott Ullrich	<td class="listbg">
1041	d799787e	Matthew Grooms	<?=htmlspecialchars($client['description']);?>
1042			</td>
1043	770f29c4	Colin Fleming	<td valign="middle" class="list nowrap">
1044			<a href="vpn_openvpn_client.php?act=edit&id=<?=$i;?>">
1045			<img src="./themes/<?=$g['theme'];?>/images/icons/icon_e.gif" title="<?=gettext("edit client"); ?>" width="17" height="17" border="0" alt="edit" />
1046	d799787e	Matthew Grooms	</a>
1047
1048	770f29c4	Colin Fleming	<a href="vpn_openvpn_client.php?act=del&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this client?"); ?>')">
1049			<img src="/themes/<?=$g['theme'];?>/images/icons/icon_x.gif" title="<?=gettext("delete client"); ?>" width="17" height="17" border="0" alt="delete" />
1050	d799787e	Matthew Grooms	</a>
1051			</td>
1052			</tr>
1053			<?php
1054			$i++;
1055			endforeach;
1056			?>
1057	770f29c4	Colin Fleming	<tr style="dispaly:none;"><td></td></tr>
1058	7773b868	jim-p	</tbody>
1059	d799787e	Matthew Grooms	</table>
1060
1061	ee9933b6	Renato Botelho	<?php endif; ?>
1062	d799787e	Matthew Grooms
1063			</td>
1064			</tr>
1065			</table>
1066	91f026b0	ayvis	<script type="text/javascript">
1067	770f29c4	Colin Fleming	//<![CDATA[
1068	3c11bd3c	Matthew Grooms	mode_change();
1069			autokey_change();
1070			tlsauth_change();
1071	762a24a3	Ermal Lu?i	useproxy_changed();
1072	770f29c4	Colin Fleming	//]]>
1073	d799787e	Matthew Grooms	</script>
1074			<?php include("fend.inc"); ?>
1075	770f29c4	Colin Fleming	</body>
1076			</html>
1077	d799787e	Matthew Grooms
1078			<?php
1079
1080			/* local utility functions */
1081
1082			function set_checked($var,& $chk) {
1083			if($var)
1084	770f29c4	Colin Fleming	$chk = "checked=\"checked\"";
1085	d799787e	Matthew Grooms	else
1086	770f29c4	Colin Fleming	$chk = "";
1087	d799787e	Matthew Grooms	}
1088
1089	174ba22b	smos	?>

Project

General

Profile

pfSense