/src/usr/local/www/status_openvpn.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/src/usr/local/www/status_openvpn.php @ ff6d9cb1

1	0927fb8c	jim-p	<?php
2	63084885	Matthew Grooms	/*
3	c5d81585	Renato Botelho	* status_openvpn.php
4			*
5			* part of pfSense (https://www.pfsense.org)
6	38809d47	Renato Botelho do Couto	* Copyright (c) 2004-2013 BSD Perimeter
7			* Copyright (c) 2013-2016 Electric Sheep Fencing
8	8f585441	Luiz Souza	* Copyright (c) 2014-2021 Rubicon Communications, LLC (Netgate)
9	c5d81585	Renato Botelho	* Copyright (c) 2008 Shrew Soft Inc.
10			* All rights reserved.
11			*
12	b12ea3fb	Renato Botelho	* Licensed under the Apache License, Version 2.0 (the "License");
13			* you may not use this file except in compliance with the License.
14			* You may obtain a copy of the License at
15	c5d81585	Renato Botelho	*
16	b12ea3fb	Renato Botelho	* http://www.apache.org/licenses/LICENSE-2.0
17	c5d81585	Renato Botelho	*
18	b12ea3fb	Renato Botelho	* Unless required by applicable law or agreed to in writing, software
19			* distributed under the License is distributed on an "AS IS" BASIS,
20			* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
21			* See the License for the specific language governing permissions and
22			* limitations under the License.
23	b9043cdc	Stephen Beaver	*/
24	63084885	Matthew Grooms
25			##\|+PRIV
26			##\|*IDENT=page-status-openvpn
27	5230f468	jim-p	##\|*NAME=Status: OpenVPN
28	63084885	Matthew Grooms	##\|*DESCR=Allow access to the 'Status: OpenVPN' page.
29			##\|MATCH=status_openvpn.php
30			##\|-PRIV
31
32	e9d35ff5	Carlos Eduardo Ramos	$pgtitle = array(gettext("Status"), gettext("OpenVPN"));
33	7d7b5a48	jim-p	$shortcut_section = "openvpn";
34
35	c81ef6e2	Phil Davis	require_once("guiconfig.inc");
36	53663f57	jim-p	require_once("openvpn.inc");
37	2eaa97b9	jim-p	require_once("shortcuts.inc");
38	c92ccc70	Renato Botelho	require_once("service-utils.inc");
39	63084885	Matthew Grooms
40	0927fb8c	jim-p	/* Handle AJAX */
41	1a8b6554	Steve Beaver	if ($_REQUEST['action']) {
42			if ($_REQUEST['action'] == "kill") {
43			$port = $_REQUEST['port'];
44			$remipp = $_REQUEST['remipp'];
45	08ef78ac	Viktor G	$client_id = $_REQUEST['client_id'];
46	0927fb8c	jim-p	if (!empty($port) and !empty($remipp)) {
47	08ef78ac	Viktor G	$retval = openvpn_kill_client($port, $remipp, $client_id);
48	0927fb8c	jim-p	echo htmlentities("\|{$port}\|{$remipp}\|{$retval}\|");
49			} else {
50	e9d35ff5	Carlos Eduardo Ramos	echo gettext("invalid input");
51	0927fb8c	jim-p	}
52			exit;
53			}
54			}
55	61eb637d	Viktor G	if ($_POST['action']) {
56			if (($_POST['action'] == "showrule") && is_numeric($_POST['vpnid']) &&
57			!preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['username']) && is_port($_POST['port'])) {
58			$rulesfile = "{$g['tmp_path']}/ovpn_ovpns{$_POST['vpnid']}_{$_POST['username']}_{$_POST['port']}.rules";
59			if (file_exists($rulesfile)) {
60			$rule_text = base64_encode(file_get_contents($rulesfile));
61			echo $rule_text;
62			}
63			exit;
64			}
65			}
66	0927fb8c	jim-p
67	53663f57	jim-p	$servers = openvpn_get_active_servers();
68	453d9c96	jim-p	$sk_servers = openvpn_get_active_servers("p2p");
69	53663f57	jim-p	$clients = openvpn_get_active_clients();
70	63084885	Matthew Grooms
71	0927fb8c	jim-p	include("head.inc"); ?>
72
73			<form action="status_openvpn.php" method="get" name="iform">
74			<script type="text/javascript">
75	4d33138f	Colin Fleming	//<![CDATA[
76	08ef78ac	Viktor G	function killClient(mport, remipp, client_id) {
77	b9144088	jim-p	var busy = function(index,icon) {
78	3f98044a	Francisco Cavalcante	$(icon).bind("onclick","");
79			$(icon).attr('src',$(icon).attr('src').replace("\.gif", "_d.gif"));
80			$(icon).css("cursor","wait");
81	0927fb8c	jim-p	}
82
83	3f98044a	Francisco Cavalcante	$('img[name="i:' + mport + ":" + remipp + '"]').each(busy);
84	0927fb8c	jim-p
85	3f98044a	Francisco Cavalcante	$.ajax(
86	0927fb8c	jim-p	"<?=$_SERVER['SCRIPT_NAME'];?>" +
87	08ef78ac	Viktor G	"?action=kill&port=" + mport + "&remipp=" + remipp + "&client_id=" + client_id,
88	e03ef9a0	Vinicius Coque	{ type: "get", complete: killComplete }
89	0927fb8c	jim-p	);
90			}
91
92			function killComplete(req) {
93			var values = req.responseText.split("\|");
94	abe98adb	Phil Davis	if (values[3] != "0") {
95	016260fe	Steve Beaver	// alert('<?=gettext("An error occurred.");?>' + ' (' + values[3] + ')');
96	0927fb8c	jim-p	return;
97			}
98
99	5a5a11cd	bruno	$('tr[id="r:' + values[1] + ":" + values[2] + '"]').each(
100	3f98044a	Francisco Cavalcante	function(index,row) { $(row).fadeOut(1000); }
101	0927fb8c	jim-p	);
102			}
103	61eb637d	Viktor G
104			function showRuleContents(vpnid, username, port) {
105			$('#rulesviewer_text').text("...Loading...");
106			$('#rulesviewer').modal('show');
107
108			$.ajax(
109			"<?=$_SERVER['SCRIPT_NAME'];?>",
110			{
111			type: 'post',
112			data: {
113			vpnid: vpnid,
114			username: username,
115			port: port,
116			action: 'showrule'
117			},
118			complete: ruleComplete
119			}
120			);
121			}
122
123			function ruleComplete(req) {
124			$('#rulesviewer_text').text(atob(req.responseText));
125			$('#rulesviewer_text').attr('readonly', true);
126			}
127
128	4d33138f	Colin Fleming	//]]>
129	0927fb8c	jim-p	</script>
130	c64a0911	Hari
131	42b0c921	Phil Davis	<?php
132			$i = 0;
133			foreach ($servers as $server):
134			?>
135	0927fb8c	jim-p
136	c64a0911	Hari	<div class="panel panel-default">
137	8ad987ee	gitdevmod	<div class="panel-heading"><h2 class="panel-title"><?=htmlspecialchars($server['name']);?> <?=gettext('Client Connections') . ": " . ($server['conns'][0]['common_name'] != '[error]' ? sizeof($server['conns']) : '0');?></h2></div>
138	c64a0911	Hari	<div class="panel-body table-responsive">
139	10fe1eb5	Stephen Beaver	<table class="table table-striped table-hover table-condensed sortable-theme-bootstrap" data-sortable>
140	c64a0911	Hari	<thead>
141			<tr>
142			<th><?=gettext("Common Name")?></th>
143			<th><?=gettext("Real Address")?></th>
144	cbfd0754	jim-p	<th><?=gettext("Virtual Address"); ?></th>
145	c64a0911	Hari	<th><?=gettext("Connected Since"); ?></th>
146	f467ea24	jim-p	<th><?=gettext("Bytes Sent")?></th>
147			<th><?=gettext("Bytes Received")?></th>
148	f5736d98	Viktor G	<th><?=gettext("Cipher")?></th>
149	08ef78ac	Viktor G	<th><?=gettext("Actions")?></th>
150	c64a0911	Hari	</tr>
151			</thead>
152			<tbody>
153	919d91f9	Phil Davis
154	9f605c1c	Hari	<?php
155			foreach ($server['conns'] as $conn):
156	61eb637d	Viktor G	$remote_port = substr($conn['remote_host'], strpos($conn['remote_host'], ':') + 1);
157			$rulesfile = "{$g['tmp_path']}/ovpn_ovpns{$server['vpnid']}_{$conn['user_name']}_{$remote_port}.rules";
158	9f605c1c	Hari	?>
159	c64a0911	Hari	<tr id="<?php echo "r:{$server['mgmt']}:{$conn['remote_host']}"; ?>">
160	cbfd0754	jim-p	<td>
161			<?=$conn['common_name'];?>
162			<?php if (!empty($conn['common_name']) && !empty($conn['user_name']) && ($conn['user_name'] != "UNDEF")): ?>
163			<br />
164			<?php endif; ?>
165			<?php if (!empty($conn['user_name']) && ($conn['user_name'] != "UNDEF")): ?>
166			<?=$conn['user_name'];?>
167			<?php endif; ?>
168			</td>
169	c64a0911	Hari	<td><?=$conn['remote_host'];?></td>
170	cbfd0754	jim-p	<td>
171			<?=$conn['virtual_addr'];?>
172			<?php if (!empty($conn['virtual_addr']) && !empty($conn['virtual_addr6'])): ?>
173			<br />
174			<?php endif; ?>
175			<?=$conn['virtual_addr6'];?>
176			</td>
177	c64a0911	Hari	<td><?=$conn['connect_time'];?></td>
178	f467ea24	jim-p	<td data-value="<?=trim($conn['bytes_sent'])?>"><?=format_bytes($conn['bytes_sent']);?></td>
179			<td data-value="<?=trim($conn['bytes_recv'])?>"><?=format_bytes($conn['bytes_recv']);?></td>
180	f5736d98	Viktor G	<td data-value="<?=trim($conn['cipher'])?>"><?=$conn['cipher'];?></td>
181	c64a0911	Hari	<td>
182	61eb637d	Viktor G
183			<?php if (file_exists($rulesfile)): ?>
184			<a
185			onclick="showRuleContents('<?=$server['vpnid'];?>', '<?=$conn['user_name'];?>', '<?=$remote_port;?>');" style="cursor:pointer;"
186			title="<?php echo gettext("Show RADIUS ACL generated ruleset"); ?>">
187			<i class="fa fa-info"></i>
188			</a>
189			<?php endif; ?>
190	9f605c1c	Hari	<a
191	08ef78ac	Viktor G	onclick="killClient('<?=$server['mgmt'];?>', '<?=$conn['remote_host'];?>', '');" style="cursor:pointer;"
192	c64a0911	Hari	id="<?php echo "i:{$server['mgmt']}:{$conn['remote_host']}"; ?>"
193	98128ad6	Phil Davis	title="<?php echo sprintf(gettext("Kill client connection from %s"), $conn['remote_host']); ?>">
194	1b7379f9	Jared Dillard	<i class="fa fa-times"></i>
195	08ef78ac	Viktor G	</a>
196			<a
197			onclick="killClient('<?=$server['mgmt'];?>', '<?=$conn['remote_host'];?>', '<?=$conn['client_id'];?>');" style="cursor:pointer;"
198			id="<?php echo "i:{$server['mgmt']}:{$conn['remote_host']}"; ?>"
199			title="<?php echo sprintf(gettext("Halt client connection from %s"), $conn['remote_host']); ?>">
200			<i class="fa fa-times-circle text-danger"></i>
201	9f605c1c	Hari	</a>
202	c64a0911	Hari	</td>
203			</tr>
204	9f605c1c	Hari	<?php
205			endforeach;
206			?>
207	c64a0911	Hari	</tbody>
208			<tfoot>
209			<tr>
210	e9701cfe	Stephen Beaver	<td colspan="2">
211	c64a0911	Hari	<table>
212			<tr>
213			<?php $ssvc = find_service_by_openvpn_vpnid($server['vpnid']); ?>
214	7b05178d	NOYB	<td>
215			<?= gettext("Status") . ": " . get_service_status_icon($ssvc, false, true, false, "service_state"); ?>
216			</td>
217			<td>
218			<?= gettext("Actions") . ": " . get_service_control_links($ssvc); ?>
219	c64a0911	Hari	</td>
220			</tr>
221			</table>
222			</td>
223	e9701cfe	Stephen Beaver	<td colspan="5">
224			</td>
225	c64a0911	Hari	</tr>
226			</tfoot>
227			</table>
228			</div>
229			</div>
230	42b0c921	Phil Davis	<?php
231			if (is_array($server['routes']) && count($server['routes'])):
232			?>
233	ec970b50	jim-p	<div id="shroutebut-<?= $i ?>">
234	37676f4e	jim-p	<button type="button" class="btn btn-info" onClick="show_routes('tabroute-<?= $i ?>','shroutebut-<?= $i ?>')" value="<?php echo gettext("Show Routing Table"); ?>">
235			<i class="fa fa-plus-circle icon-embed-btn"></i>
236			<?php echo gettext("Show Routing Table"); ?>
237			</button>
238			- <?= gettext("Display OpenVPN's internal routing table for this server.") ?>
239			<br /><br />
240	ec970b50	jim-p	</div>
241	56fafd85	Stephen Beaver	<div class="panel panel-default" id="tabroute-<?=$i?>" style="display: none;">
242	c64a0911	Hari	<div class="panel-heading"><h2 class="panel-title"><?=htmlspecialchars($server['name']);?> <?=gettext("Routing Table"); ?></h2></div>
243			<div class="panel-body table-responsive">
244	10fe1eb5	Stephen Beaver	<table class="table table-striped table-hover table-condensed sortable-theme-bootstrap" data-sortable>
245	c64a0911	Hari	<thead>
246			<tr>
247			<th><?=gettext("Common Name"); ?></th>
248			<th><?=gettext("Real Address"); ?></th>
249			<th><?=gettext("Target Network"); ?></th>
250			<th><?=gettext("Last Used"); ?></th>
251			</tr>
252	919d91f9	Phil Davis	</thead>
253	c64a0911	Hari	<tbody>
254	ec970b50	jim-p
255	42b0c921	Phil Davis	<?php
256			foreach ($server['routes'] as $conn):
257			?>
258	c64a0911	Hari	<tr id="<?php echo "r:{$server['mgmt']}:{$conn['remote_host']}"; ?>">
259			<td><?=$conn['common_name'];?></td>
260			<td><?=$conn['remote_host'];?></td>
261			<td><?=$conn['virtual_addr'];?></td>
262			<td><?=$conn['last_time'];?></td>
263			</tr>
264	42b0c921	Phil Davis	<?php
265			endforeach;
266			?>
267	c64a0911	Hari	</tbody>
268			<tfoot>
269			<tr>
270	e9701cfe	Stephen Beaver	<td colspan="4"><?= gettext("An IP address followed by C indicates a host currently connected through the VPN.") ?></td>
271	c64a0911	Hari	</tr>
272			</tfoot>
273			</table>
274			</div>
275			</div>
276	42b0c921	Phil Davis	<?php
277			endif;
278			?>
279	8cd558b6	ayvis	<br />
280	42b0c921	Phil Davis	<?php
281			$i++;
282			endforeach;
283			?>
284	8cd558b6	ayvis	<br />
285	d0f6649c	pierrepomes
286	42b0c921	Phil Davis	<?php
287			if (!empty($sk_servers)) {
288			?>
289	c64a0911	Hari	<div class="panel panel-default">
290			<div class="panel-heading"><h2 class="panel-title"><?=gettext("Peer to Peer Server Instance Statistics"); ?></h2></div>
291			<div class="panel-body table-responsive">
292	10fe1eb5	Stephen Beaver	<table class="table table-striped table-hover table-condensed sortable-theme-bootstrap" data-sortable>
293	c64a0911	Hari	<thead>
294	919d91f9	Phil Davis	<tr>
295	c64a0911	Hari	<th><?=gettext("Name"); ?></th>
296	e9701cfe	Stephen Beaver	<th><?=gettext("Status"); ?></th>
297	c64a0911	Hari	<th><?=gettext("Connected Since"); ?></th>
298	a66ce627	NewEraCracker	<th><?=gettext("Virtual Address"); ?></th>
299	c64a0911	Hari	<th><?=gettext("Remote Host"); ?></th>
300	f467ea24	jim-p	<th><?=gettext("Bytes Sent"); ?></th>
301			<th><?=gettext("Bytes Received"); ?></th>
302	c64a0911	Hari	<th><?=gettext("Service"); ?></th>
303			</tr>
304			</thead>
305			<tbody>
306	d0f6649c	pierrepomes
307	42b0c921	Phil Davis	<?php
308			foreach ($sk_servers as $sk_server):
309			?>
310	c64a0911	Hari	<tr id="<?php echo "r:{$sk_server['port']}:{$sk_server['vpnid']}"; ?>">
311			<td><?=htmlspecialchars($sk_server['name']);?></td>
312			<td><?=$sk_server['status'];?></td>
313			<td><?=$sk_server['connect_time'];?></td>
314	bffa3185	jim-p	<td>
315			<?=$sk_server['virtual_addr'];?>
316			<?php if (!empty($sk_server['virtual_addr']) && !empty($sk_server['virtual_addr6'])): ?>
317			<br />
318			<?php endif; ?>
319			<?=$sk_server['virtual_addr6'];?>
320			</td>
321	c64a0911	Hari	<td><?=$sk_server['remote_host'];?></td>
322	f467ea24	jim-p	<td data-value="<?=trim($sk_server['bytes_sent'])?>"><?=format_bytes($sk_server['bytes_sent']);?></td>
323			<td data-value="<?=trim($sk_server['bytes_recv'])?>"><?=format_bytes($sk_server['bytes_recv']);?></td>
324	c64a0911	Hari	<td>
325			<table>
326			<tr>
327			<td>
328			<?php $ssvc = find_service_by_openvpn_vpnid($sk_server['vpnid']); ?>
329			<?= get_service_status_icon($ssvc, false, true); ?>
330	29fda3d3	Stephen Beaver	<?= get_service_control_links($ssvc, true); ?>
331	c64a0911	Hari	</td>
332			</tr>
333			</table>
334			</td>
335			</tr>
336	42b0c921	Phil Davis	<?php
337			endforeach;
338			?>
339	c64a0911	Hari	</tbody>
340	a5eb046f	Renato Botelho	</table>
341	c64a0911	Hari	</div>
342			</div>
343	95305736	jim-p
344			<?php
345	42b0c921	Phil Davis	}
346			?>
347	8cd558b6	ayvis	<br />
348	42b0c921	Phil Davis	<?php
349			if (!empty($clients)) {
350			?>
351	c64a0911	Hari	<div class="panel panel-default">
352			<div class="panel-heading"><h2 class="panel-title"><?=gettext("Client Instance Statistics"); ?></h2></div>
353			<div class="panel-body table-responsive">
354	10fe1eb5	Stephen Beaver	<table class="table table-striped table-hover table-condensed sortable-theme-bootstrap" data-sortable>
355	c64a0911	Hari	<thead>
356	919d91f9	Phil Davis	<tr>
357	c64a0911	Hari	<th><?=gettext("Name"); ?></th>
358			<th><?=gettext("Status"); ?></th>
359			<th><?=gettext("Connected Since"); ?></th>
360	cbfd0754	jim-p	<th><?=gettext("Local Address"); ?></th>
361	a66ce627	NewEraCracker	<th><?=gettext("Virtual Address"); ?></th>
362	c64a0911	Hari	<th><?=gettext("Remote Host"); ?></th>
363	f467ea24	jim-p	<th><?=gettext("Bytes Sent"); ?></th>
364			<th><?=gettext("Bytes Received"); ?></th>
365	c64a0911	Hari	<th><?=gettext("Service"); ?></th>
366			</tr>
367			</thead>
368			<tbody>
369	d0f6649c	pierrepomes
370	42b0c921	Phil Davis	<?php
371			foreach ($clients as $client):
372			?>
373	c64a0911	Hari	<tr id="<?php echo "r:{$client['port']}:{$client['vpnid']}"; ?>">
374			<td><?=htmlspecialchars($client['name']);?></td>
375			<td><?=$client['status'];?></td>
376			<td><?=$client['connect_time'];?></td>
377	2906d139	jim-p	<td>
378			<?php if (empty($client['local_host']) && empty($client['local_port'])): ?>
379			(pending)
380			<?php else: ?>
381			<?=$client['local_host'];?>:<?=$client['local_port'];?>
382			<?php endif; ?>
383			</td>
384	cbfd0754	jim-p	<td>
385			<?=$client['virtual_addr'];?>
386			<?php if (!empty($client['virtual_addr']) && !empty($client['virtual_addr6'])): ?>
387			<br />
388			<?php endif; ?>
389			<?=$client['virtual_addr6'];?>
390			</td>
391	2906d139	jim-p	<td>
392			<?php if (empty($client['remote_host']) && empty($client['remote_port'])): ?>
393			(pending)
394			<?php else: ?>
395			<?=$client['remote_host'];?>:<?=$client['remote_port'];?>
396			<?php endif; ?>
397			</td>
398	f467ea24	jim-p	<td data-value="<?=trim($client['bytes_sent'])?>"><?=format_bytes($client['bytes_sent']);?></td>
399			<td data-value="<?=trim($client['bytes_recv'])?>"><?=format_bytes($client['bytes_recv']);?></td>
400	c64a0911	Hari	<td>
401			<table>
402			<tr>
403			<td>
404			<?php $ssvc = find_service_by_openvpn_vpnid($client['vpnid']); ?>
405			<?= get_service_status_icon($ssvc, false, true); ?>
406	29fda3d3	Stephen Beaver	<?= get_service_control_links($ssvc, true); ?>
407	c64a0911	Hari	</td>
408			</tr>
409			</table>
410			</td>
411			</tr>
412	42b0c921	Phil Davis	<?php
413			endforeach;
414			?>
415	c64a0911	Hari	</tbody>
416	a5eb046f	Renato Botelho	</table>
417	c64a0911	Hari	</div>
418	56fafd85	Stephen Beaver	</div>
419	d0f6649c	pierrepomes
420	919d91f9	Phil Davis	<?php
421	cf1ced6d	pierrepomes	}
422
423			if ($DisplayNote) {
424	530c7ccf	NOYB	print_info_box(gettext("If there are custom options that override the management features of OpenVPN on a client or server, they will cause that OpenVPN instance to not work correctly with this status page."));
425	d0f6649c	pierrepomes	}
426
427	48b490ca	Phil Davis	if ((empty($clients)) && (empty($servers)) && (empty($sk_servers))) {
428	8545adde	k-paulius	print_info_box(gettext("No OpenVPN instances defined."));
429	d0f6649c	pierrepomes	}
430	61eb637d	Viktor G
431			// Create a Modal object to display RADIUS ACL generated ruleset
432			$form = new Form(FALSE);
433			$modal = new Modal('RADIUS ACL Generated Ruleset', 'rulesviewer', 'large', 'Close');
434			$modal->addInput(new Form_Textarea (
435			'rulesviewer_text',
436			null,
437			'...Loading...'
438			))->removeClass('form-control')->addClass('row-fluid col-sm-11')->setAttribute('rows', '10')->setAttribute('wrap', 'soft');
439			$form->add($modal);
440			print($form);
441	d0f6649c	pierrepomes	?>
442	2a351d32	Colin Fleming	</form>
443	56fafd85	Stephen Beaver
444	ec970b50	jim-p	<script type="text/javascript">
445	4d33138f	Colin Fleming	//<![CDATA[
446	56fafd85	Stephen Beaver
447	ec970b50	jim-p	function show_routes(id, buttonid) {
448			document.getElementById(buttonid).innerHTML='';
449			aodiv = document.getElementById(id);
450			aodiv.style.display = "block";
451			}
452	56fafd85	Stephen Beaver
453	4d33138f	Colin Fleming	//]]>
454	ec970b50	jim-p	</script>
455	c2081df1	NOYB
456			<?php include("foot.inc"); ?>

Project

General

Profile

pfSense