/etc/hosts*
/etc/httpd/*
/etc/ssh/ssh_host*
+/etc/ssh/sshd_config
/etc/logrotate.d
/var/ipfire/auth/users
/var/ipfire/dhcp/*
'enabled' => 1,
};
$substatus->{'53.networkovpn'} = {
- 'caption' => "$Lang::tr{'openvpn client'}",
+ 'caption' => "$Lang::tr{'vpn statistic rw'}",
'uri' => '/cgi-bin/netovpnrw.cgi',
- 'title' => "$Lang::tr{'openvpn client'}",
+ 'title' => "$Lang::tr{'vpn statistic rw'}",
'enabled' => 1,
};
$substatus->{'54.networkovpnsrv'} = {
- 'caption' => "$Lang::tr{'openvpn server'}",
+ 'caption' => "$Lang::tr{'vpn statistic n2n'}",
'uri' => '/cgi-bin/netovpnsrv.cgi',
- 'title' => "$Lang::tr{'openvpn server'}",
+ 'title' => "$Lang::tr{'vpn statistics n2n'}",
'enabled' => 1,
};
$substatus->{'60.hardwaregraphs'} = {
EOF
# Update /etc/collectd.conf
-echo "include \"/etc/collectd.vpn\"" >> /etc/collectd.conf
+if ! grep -q "collectd.vpn" /etc/collectd.conf; then
+ echo "include \"/etc/collectd.vpn\"" >> /etc/collectd.conf
+fi
# Generate ddns configuration file
sudo -u nobody /srv/web/ipfire/cgi-bin/ddns.cgi
/opt/pakfire/db/*/meta-sqlite \
/opt/pakfire/db/rootfiles/sqlite
+mkdir -p /var/run/openvpn
+touch /var/run/ovpnserver.log
+chown nobody.nobody \
+ /var/run/openvpn \
+ /var/run/ovpnserver.log
+
# Update OpenVPN/collectd configuration
+files=`find /var/ipfire/ovpn/n2nconf/ -type d`
+for i in $files;
+do
+ if ! grep -q "status-version" $i/${i##*/}.conf; then
+ echo "# Logfile" >> $i/${i##*/}.conf
+ echo "status-version 1" >> $i/${i##*/}.conf
+ fi
+ if ! grep -q "status " $i/${i##*/}.conf; then
+ echo "status /var/run/openvpn/${i##*/}-n2n 10" >> $i/${i##*/}.conf
+ fi
+done
+
/usr/sbin/ovpn-collectd-convert
+chown nobody.nobody /var/ipfire/ovpn/collectd.vpn
+
+# Fix permissions
+chown nobody.nobody /var/ipfire/dns
# Fix #10625
mkdir -p /etc/logrotate.d
--- /dev/null
+boot/config.txt
+etc/collectd.custom
+etc/ipsec.conf
+etc/ipsec.secrets
+etc/ipsec.user.conf
+etc/ipsec.user.secrets
+etc/localtime
+etc/rc.d/rcsysinit.d/S19checkfstab
+etc/rc.d/rcsysinit.d/S70console
+etc/shadow
+etc/ssh/ssh_config
+etc/ssh/sshd_config
+etc/ssl/openssl.cnf
+etc/sudoers
+etc/sysconfig/firewall.local
+etc/sysconfig/modules
+etc/sysconfig/rc.local
+etc/udev/rules.d/30-persistent-network.rules
+srv/web/ipfire/html/proxy.pac
+var/ipfire/time
+var/ipfire/ovpn/ccd.conf
+var/ipfire/ovpn/ccdroute
+var/ipfire/ovpn/ccdroute2
+var/log/cache
+var/state/dhcp/dhcpd.leases
+var/updatecache
--- /dev/null
+../../../common/apache2
\ No newline at end of file
--- /dev/null
+../../../../common/armv5tel/linux-kirkwood
\ No newline at end of file
--- /dev/null
+../../../../common/armv5tel/linux-multi
\ No newline at end of file
--- /dev/null
+../../../../common/armv5tel/linux-rpi
\ No newline at end of file
--- /dev/null
+../../../common/curl
\ No newline at end of file
--- /dev/null
+../../../common/cyrus-sasl
\ No newline at end of file
--- /dev/null
+../../../common/dhcp
\ No newline at end of file
--- /dev/null
+../../../common/dhcpcd
\ No newline at end of file
--- /dev/null
+../../../common/dracut
\ No newline at end of file
--- /dev/null
+../../../common/expat
\ No newline at end of file
--- /dev/null
+etc/system-release
+etc/issue
+etc/rc.d/init.d/network-trigger
+etc/rc.d/rcsysinit.d/S90network-trigger
+usr/lib/firewall/rules.pl
+var/ipfire/backup/include
+var/ipfire/langs
--- /dev/null
+../../../common/groff
\ No newline at end of file
--- /dev/null
+../../../../common/i586/acpid
\ No newline at end of file
--- /dev/null
+../../../../common/i586/linux
\ No newline at end of file
--- /dev/null
+../../../../common/i586/linux-initrd
\ No newline at end of file
--- /dev/null
+../../../common/iputils
\ No newline at end of file
--- /dev/null
+../../../common/libjpeg
\ No newline at end of file
--- /dev/null
+../../../common/logrotate
\ No newline at end of file
--- /dev/null
+../../../common/logwatch
\ No newline at end of file
--- /dev/null
+../../../common/openssl
\ No newline at end of file
--- /dev/null
+../../../common/strongswan
\ No newline at end of file
--- /dev/null
+../../../common/udev
\ No newline at end of file
--- /dev/null
+../../../common/wpa_supplicant
\ No newline at end of file
--- /dev/null
+#!/bin/bash
+############################################################################
+# #
+# This file is part of the IPFire Firewall. #
+# #
+# IPFire is free software; you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation; either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# IPFire is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with IPFire; if not, write to the Free Software #
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
+# #
+# Copyright (C) 2014 IPFire-Team <info@ipfire.org>. #
+# #
+############################################################################
+#
+. /opt/pakfire/lib/functions.sh
+/usr/local/bin/backupctrl exclude >/dev/null 2>&1
+
+
+function find_device() {
+ local mountpoint="${1}"
+
+ local root
+ local dev mp fs flags rest
+ while read -r dev mp fs flags rest; do
+ # Skip unwanted entries
+ [ "${dev}" = "rootfs" ] && continue
+
+ if [ "${mp}" = "${mountpoint}" ] && [ -b "${dev}" ]; then
+ root="$(basename "${dev}")"
+ break
+ fi
+ done < /proc/mounts
+
+ # Get the actual device from the partition that holds /
+ while [ -n "${root}" ]; do
+ if [ -e "/sys/block/${root}" ]; then
+ echo "${root}"
+ return 0
+ fi
+
+ # Remove last character
+ root="${root::-1}"
+ done
+
+ return 1
+}
+
+
+#
+# Remove old core updates from pakfire cache to save space...
+core=90
+for (( i=1; i<=${core}; i++ ))
+do
+ rm -f /var/cache/pakfire/core-upgrade-*-$i.ipfire
+done
+
+#
+# Do some sanity checks.
+case $(uname -r) in
+ *-ipfire-versatile )
+ /usr/bin/logger -p syslog.emerg -t ipfire \
+ "core-update-${core}: ERROR cannot update. versatile support is dropped."
+ # Report no error to pakfire. So it does not try to install it again.
+ exit 0
+ ;;
+ *-ipfire* )
+ # Ok.
+ ;;
+ * )
+ /usr/bin/logger -p syslog.emerg -t ipfire \
+ "core-update-${core}: ERROR cannot update. No IPFire Kernel."
+ exit 1
+ ;;
+esac
+
+
+#
+#
+KVER="xxxKVERxxx"
+
+# Check diskspace on root
+ROOTSPACE=`df / -Pk | sed "s| * | |g" | cut -d" " -f4 | tail -n 1`
+
+if [ $ROOTSPACE -lt 100000 ]; then
+ /usr/bin/logger -p syslog.emerg -t ipfire \
+ "core-update-${core}: ERROR cannot update because not enough free space on root."
+ exit 2
+fi
+
+
+echo
+echo Update Kernel to $KVER ...
+#
+# Remove old kernel, configs, initrd, modules, dtb's ...
+#
+rm -rf /boot/System.map-*
+rm -rf /boot/config-*
+rm -rf /boot/ipfirerd-*
+rm -rf /boot/initramfs-*
+rm -rf /boot/vmlinuz-*
+rm -rf /boot/uImage-ipfire-*
+rm -rf /boot/uInit-ipfire-*
+rm -rf /boot/dtb-*-ipfire-*
+rm -rf /lib/modules
+
+case "$(uname -m)" in
+ armv*)
+ # Backup uEnv.txt if exist
+ if [ -e /boot/uEnv.txt ]; then
+ cp -vf /boot/uEnv.txt /boot/uEnv.txt.org
+ fi
+
+ # work around the u-boot folder detection bug
+ mkdir -pv /boot/dtb-$KVER-ipfire-kirkwood
+ mkdir -pv /boot/dtb-$KVER-ipfire-multi
+ ;;
+esac
+
+#
+#Stop services
+/etc/init.d/snort stop
+/etc/init.d/squid stop
+/etc/init.d/ipsec stop
+/etc/init.d/apache stop
+
+#
+#Extract files
+tar xavf /opt/pakfire/tmp/files* --no-overwrite-dir -p --numeric-owner -C /
+
+# Check diskspace on boot
+BOOTSPACE=`df /boot -Pk | sed "s| * | |g" | cut -d" " -f4 | tail -n 1`
+
+if [ $BOOTSPACE -lt 1000 ]; then
+ case $(uname -r) in
+ *-ipfire-kirkwood )
+ # Special handling for old kirkwood images.
+ # (install only kirkwood kernel)
+ rm -rf /boot/*
+ # work around the u-boot folder detection bug
+ mkdir -pv /boot/dtb-$KVER-ipfire-kirkwood
+ tar xavf /opt/pakfire/tmp/files* --no-overwrite-dir -p \
+ --numeric-owner -C / --wildcards 'boot/*-kirkwood*'
+ ;;
+ * )
+ /usr/bin/logger -p syslog.emerg -t ipfire \
+ "core-update-${core}: FATAL-ERROR space run out on boot. System is not bootable..."
+ /etc/init.d/apache start
+ exit 4
+ ;;
+ esac
+fi
+
+# Update Language cache
+perl -e "require '/var/ipfire/lang.pl'; &Lang::BuildCacheLang"
+
+#
+# Start services
+#
+/etc/init.d/apache start
+/etc/init.d/squid start
+/etc/init.d/snort start
+if [ `grep "ENABLED=on" /var/ipfire/vpn/settings` ]; then
+ /etc/init.d/ipsec start
+fi
+
+case "$(uname -m)" in
+ i?86)
+ case "$(find_device "/")" in
+ xvd* )
+ echo Skip remove grub2 files, because pygrub fail.
+ rm -f /boot/grub/*
+ echo config will recreated by linux-pae install.
+ ;;
+ * )
+ #
+ # Update to GRUB2 config
+ #
+ grub-mkconfig > /boot/grub/grub.cfg
+ ;;
+ esac
+esac
+
+# Force (re)install pae kernel if pae is supported
+rm -rf /opt/pakfire/db/*/meta-linux-pae
+if [ ! "$(grep "^flags.* pae " /proc/cpuinfo)" == "" ]; then
+ ROOTSPACE=`df / -Pk | sed "s| * | |g" | cut -d" " -f4 | tail -n 1`
+ BOOTSPACE=`df /boot -Pk | sed "s| * | |g" | cut -d" " -f4 | tail -n 1`
+ if [ $BOOTSPACE -lt 12000 -o $ROOTSPACE -lt 90000 ]; then
+ /usr/bin/logger -p syslog.emerg -t ipfire \
+ "core-update-${core}: WARNING not enough space for pae kernel."
+ else
+ echo "Name: linux-pae" > /opt/pakfire/db/installed/meta-linux-pae
+ echo "ProgVersion: 0" >> /opt/pakfire/db/installed/meta-linux-pae
+ echo "Release: 0" >> /opt/pakfire/db/installed/meta-linux-pae
+ echo "Name: linux-pae" > /opt/pakfire/db/meta/meta-linux-pae
+ echo "ProgVersion: 0" >> /opt/pakfire/db/meta/meta-linux-pae
+ echo "Release: 0" >> /opt/pakfire/db/meta/meta-linux-pae
+ fi
+fi
+
+#
+# After pakfire has ended run it again and update the lists and do upgrade
+#
+echo '#!/bin/bash' > /tmp/pak_update
+echo 'while [ "$(ps -A | grep " update.sh")" != "" ]; do' >> /tmp/pak_update
+echo ' sleep 1' >> /tmp/pak_update
+echo 'done' >> /tmp/pak_update
+echo 'while [ "$(ps -A | grep " pakfire")" != "" ]; do' >> /tmp/pak_update
+echo ' sleep 1' >> /tmp/pak_update
+echo 'done' >> /tmp/pak_update
+echo '/opt/pakfire/pakfire update -y --force' >> /tmp/pak_update
+echo '/opt/pakfire/pakfire upgrade -y' >> /tmp/pak_update
+echo '/opt/pakfire/pakfire upgrade -y' >> /tmp/pak_update
+echo '/opt/pakfire/pakfire upgrade -y' >> /tmp/pak_update
+echo '/usr/bin/logger -p syslog.emerg -t ipfire "Core-upgrade finished. If you use a customized grub/uboot config"' >> /tmp/pak_update
+echo '/usr/bin/logger -p syslog.emerg -t ipfire "Check it before reboot !!!"' >> /tmp/pak_update
+echo '/usr/bin/logger -p syslog.emerg -t ipfire " *** Please reboot... *** "' >> /tmp/pak_update
+echo 'touch /var/run/need_reboot ' >> /tmp/pak_update
+#
+killall -KILL pak_update
+chmod +x /tmp/pak_update
+/tmp/pak_update &
+
+sync
+
+#
+#Finish
+(
+ /etc/init.d/fireinfo start
+ sendprofile
+) >/dev/null 2>&1 &
+
+echo
+echo Please wait until pakfire has ended...
+echo
+
+# Don't report the exitcode last command
+exit 0
+
WARNING: untranslated string: routing config changed
WARNING: untranslated string: routing table
WARNING: untranslated string: show tls-auth key
+WARNING: untranslated string: vpn statistics n2n
WARNING: untranslated string: routing config added
WARNING: untranslated string: routing config changed
WARNING: untranslated string: routing table
+WARNING: untranslated string: vpn statistics n2n
WARNING: untranslated string: vendor
WARNING: untranslated string: visit us at
WARNING: untranslated string: vpn keyexchange
+WARNING: untranslated string: vpn statistic n2n
+WARNING: untranslated string: vpn statistic rw
+WARNING: untranslated string: vpn statistics n2n
WARNING: untranslated string: wlan client
WARNING: untranslated string: wlan client advanced settings
WARNING: untranslated string: wlan client and
WARNING: untranslated string: vendor
WARNING: untranslated string: visit us at
WARNING: untranslated string: vpn keyexchange
+WARNING: untranslated string: vpn statistic n2n
+WARNING: untranslated string: vpn statistic rw
+WARNING: untranslated string: vpn statistics n2n
WARNING: untranslated string: wlan client
WARNING: untranslated string: wlan client advanced settings
WARNING: untranslated string: wlan client and
WARNING: untranslated string: ta key
WARNING: untranslated string: upload dh key
WARNING: untranslated string: vendor
+WARNING: untranslated string: vpn statistic n2n
+WARNING: untranslated string: vpn statistic rw
+WARNING: untranslated string: vpn statistics n2n
WARNING: untranslated string: vendor
WARNING: untranslated string: visit us at
WARNING: untranslated string: vpn keyexchange
+WARNING: untranslated string: vpn statistic n2n
+WARNING: untranslated string: vpn statistic rw
+WARNING: untranslated string: vpn statistics n2n
WARNING: untranslated string: wlan client
WARNING: untranslated string: wlan client advanced settings
WARNING: untranslated string: wlan client and
WARNING: untranslated string: vendor
WARNING: untranslated string: visit us at
WARNING: untranslated string: vpn keyexchange
+WARNING: untranslated string: vpn statistic n2n
+WARNING: untranslated string: vpn statistic rw
+WARNING: untranslated string: vpn statistics n2n
WARNING: untranslated string: wlan client
WARNING: untranslated string: wlan client advanced settings
WARNING: untranslated string: wlan client and
WARNING: untranslated string: routing config added
WARNING: untranslated string: routing config changed
WARNING: untranslated string: routing table
+WARNING: untranslated string: vpn statistic n2n
+WARNING: untranslated string: vpn statistic rw
+WARNING: untranslated string: vpn statistics n2n
< vendor
< visit us at
< vpn keyexchange
+< vpn statistic n2n
+< vpn statistic rw
< wlanap access point
< wlanap channel
< wlanap country
< vendor
< visit us at
< vpn keyexchange
+< vpn statistic n2n
+< vpn statistic rw
< wlanap country
< wlan client
< wlan client advanced settings
< vendor
< visit us at
< vpn keyexchange
+< vpn statistic n2n
+< vpn statistic rw
< wlanap country
< wlan client
< wlan client advanced settings
< vendor
< visit us at
< vpn keyexchange
+< vpn statistic n2n
+< vpn statistic rw
< week-graph
< wlanap country
< wlan client
###############################################################################
use strict;
-
+use URI::Escape;
# enable only the following on debugging purpose
#use warnings;
#use CGI::Carp 'fatalsToBrowser';
my @vpns=();
-my @querry = split(/\?/,$ENV{'QUERY_STRING'});
+my @querry = split(/\?/,uri_unescape($ENV{'QUERY_STRING'}));
$querry[0] = '' unless defined $querry[0];
$querry[1] = 'week' unless defined $querry[1];
if(@vpns){
foreach (@vpns) {
&Header::openbox('100%', 'center', "$_ $Lang::tr{'graph'}");
- &Graphs::makegraphbox("netovpnrw.cgi",$_,"week");
+ &Graphs::makegraphbox("netovpnrw.cgi",$_, "day");
&Header::closebox();
}
}else{
if (@vpns){
foreach (@vpns) {
&Header::openbox('100%', 'center', "$_ $Lang::tr{'graph'}");
- &Graphs::makegraphbox("netovpnsrv.cgi",$_,"week");
+ &Graphs::makegraphbox("netovpnsrv.cgi",$_, "day");
&Header::closebox();
}
}else{
print CONF "writepid /var/run/openvpn.pid\n";
print CONF "#DAN prepare OpenVPN for listening on blue and orange\n";
print CONF ";local $sovpnsettings{'VPN_IP'}\n";
- print CONF "dev $sovpnsettings{'DDEVICE'}\n";
+ print CONF "dev tun\n";
print CONF "proto $sovpnsettings{'DPROTOCOL'}\n";
print CONF "port $sovpnsettings{'DDEST_PORT'}\n";
print CONF "script-security 3 system\n";
# Check if we are using mssfix, fragment or mtu-disc and set the corretct mtu of 1500.
# If we doesn't use one of them, we can use the configured mtu value.
if ($sovpnsettings{'MSSFIX'} eq 'on')
- { print CONF "$sovpnsettings{'DDEVICE'}-mtu 1500\n"; }
+ { print CONF "tun-mtu 1500\n"; }
elsif ($sovpnsettings{'FRAGMENT'} ne '' && $sovpnsettings{'DPROTOCOL'} ne 'tcp')
- { print CONF "$sovpnsettings{'DDEVICE'}-mtu 1500\n"; }
+ { print CONF "tun-mtu 1500\n"; }
elsif (($sovpnsettings{'PMTU_DISCOVERY'} eq 'yes') ||
($sovpnsettings{'PMTU_DISCOVERY'} eq 'maybe') ||
($sovpnsettings{'PMTU_DISCOVERY'} eq 'no' ))
- { print CONF "$sovpnsettings{'DDEVICE'}-mtu 1500\n"; }
+ { print CONF "tun-mtu 1500\n"; }
else
- { print CONF "$sovpnsettings{'DDEVICE'}-mtu $sovpnsettings{'DMTU'}\n"; }
+ { print CONF "tun-mtu $sovpnsettings{'DMTU'}\n"; }
if ($vpnsettings{'ROUTES_PUSH'} ne '') {
@temp = split(/\n/,$vpnsettings{'ROUTES_PUSH'});
$vpnsettings{'VPN_IP'} = $cgiparams{'VPN_IP'};
#new settings for daemon
$vpnsettings{'DOVPN_SUBNET'} = $cgiparams{'DOVPN_SUBNET'};
- $vpnsettings{'DDEVICE'} = $cgiparams{'DDEVICE'};
$vpnsettings{'DPROTOCOL'} = $cgiparams{'DPROTOCOL'};
$vpnsettings{'DDEST_PORT'} = $cgiparams{'DDEST_PORT'};
$vpnsettings{'DMTU'} = $cgiparams{'DMTU'};
print CLIENTCONF "# Server Gateway Network\n";
print CLIENTCONF "route $remsubnet[0] $remsubnet[1]\n";
print CLIENTCONF "# tun Device\n";
- print CLIENTCONF "dev $vpnsettings{'DDEVICE'}\n";
+ print CLIENTCONF "dev tun\n";
print CLIENTCONF "# Port and Protokoll\n";
print CLIENTCONF "port $confighash{$cgiparams{'KEY'}}[29]\n";
print CLIENTCONF "tls-client\r\n";
print CLIENTCONF "client\r\n";
print CLIENTCONF "nobind\r\n";
- print CLIENTCONF "dev $vpnsettings{'DDEVICE'}\r\n";
+ print CLIENTCONF "dev tun\r\n";
print CLIENTCONF "proto $vpnsettings{'DPROTOCOL'}\r\n";
# Check if we are using fragment, mssfix or mtu-disc and set MTU to 1500
# or use configured value.
if ($vpnsettings{FRAGMENT} ne '' && $vpnsettings{DPROTOCOL} ne 'tcp' )
- { print CLIENTCONF "$vpnsettings{'DDEVICE'}-mtu 1500\r\n"; }
+ { print CLIENTCONF "tun-mtu 1500\r\n"; }
elsif ($vpnsettings{MSSFIX} eq 'on')
- { print CLIENTCONF "$vpnsettings{'DDEVICE'}-mtu 1500\r\n"; }
+ { print CLIENTCONF "tun-mtu 1500\r\n"; }
elsif (($vpnsettings{'PMTU_DISCOVERY'} eq 'yes') ||
($vpnsettings{'PMTU_DISCOVERY'} eq 'maybe') ||
($vpnsettings{'PMTU_DISCOVERY'} eq 'no' ))
- { print CLIENTCONF "$vpnsettings{'DDEVICE'}-mtu 1500\r\n"; }
+ { print CLIENTCONF "tun-mtu 1500\r\n"; }
else
- { print CLIENTCONF "$vpnsettings{'DDEVICE'}-mtu $vpnsettings{'DMTU'}\r\n"; }
+ { print CLIENTCONF "tun-mtu $vpnsettings{'DMTU'}\r\n"; }
if ( $vpnsettings{'ENABLED'} eq 'on'){
print CLIENTCONF "remote $vpnsettings{'VPN_IP'} $vpnsettings{'DDEST_PORT'}\r\n";
@firen2nconf = <FILE>;
close (FILE);
chomp(@firen2nconf);
-
} else {
$errormessage = "Filecount does not match only 2 files are allowed\n";
unless(-d "${General::swroot}/ovpn/n2nconf/"){mkdir "${General::swroot}/ovpn/n2nconf", 0755 or die "Unable to create dir $!";}
unless(-d "${General::swroot}/ovpn/n2nconf/$n2nname[0]"){mkdir "${General::swroot}/ovpn/n2nconf/$n2nname[0]", 0770 or die "Unable to create dir $!";}
+ #Add collectd settings to configfile
+ open(FILE, ">> $tempdir/$uplconffilename") or die 'Unable to open config file.';
+ print FILE "# Logfile\n";
+ print FILE "status-version 1\n";
+ print FILE "status /var/run/openvpn/$n2nname[0]-n2n 10\n";
+ close FILE;
+
move("$tempdir/$uplconffilename", "${General::swroot}/ovpn/n2nconf/$n2nname[0]/$uplconffilename2");
if ($? ne 0) {
$checked{'ENABLED_ORANGE'}{'off'} = '';
$checked{'ENABLED_ORANGE'}{'on'} = '';
$checked{'ENABLED_ORANGE'}{$cgiparams{'ENABLED_ORANGE'}} = 'CHECKED';
- $selected{'DDEVICE'}{'tun'} = '';
- $selected{'DDEVICE'}{'tap'} = '';
- $selected{'DDEVICE'}{$cgiparams{'DDEVICE'}} = 'SELECTED';
$selected{'DPROTOCOL'}{'udp'} = '';
$selected{'DPROTOCOL'}{'tcp'} = '';
print <<END;
<tr><td class='base' nowrap='nowrap' colspan='2'>$Lang::tr{'local vpn hostname/ip'}:<br /><input type='text' name='VPN_IP' value='$cgiparams{'VPN_IP'}' size='30' /></td>
<td class='boldbase' nowrap='nowrap' colspan='2'>$Lang::tr{'ovpn subnet'}<br /><input type='TEXT' name='DOVPN_SUBNET' value='$cgiparams{'DOVPN_SUBNET'}' size='30' /></td></tr>
- <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'ovpn device'}</td>
- <td><select name='DDEVICE' ><option value='tun' $selected{'DDEVICE'}{'tun'}>TUN</option>
- <!-- this is still not working
- <option value='tap' $selected{'DDEVICE'}{'tap'}>TAP</option></select>--> </td>
<tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'protocol'}</td>
<td><select name='DPROTOCOL'><option value='udp' $selected{'DPROTOCOL'}{'udp'}>UDP</option>
<option value='tcp' $selected{'DPROTOCOL'}{'tcp'}>TCP</option></select></td>
}
print <<END
- <hr size='1'>
+
+ <br><hr><br>
+
<form method='post' enctype='multipart/form-data'>
- <table width='100%' border='0'cellspacing='1' cellpadding='0'>
- <tr>
- <td class'base'><b>$Lang::tr{'upload ca certificate'}</b></td>
- </tr>
- <tr>
- <td class='base' nowrap='nowrap'>$Lang::tr{'ca name'}:</td>
- <td nowrap='nowrap'><input type='text' name='CA_NAME' value='$cgiparams{'CA_NAME'}' size='15' align='left'/></td>
- <td nowrap='nowrap'><input type='file' name='FH' size='25' />
- <td nowrap='nowrap' align='right'><input type='submit' name='ACTION' value='$Lang::tr{'upload ca certificate'}' /></td>
- </tr>
+ <table border='0' width='100%'>
+ <tr>
+ <td colspan='4'><b>$Lang::tr{'upload ca certificate'}</b></td>
+ </tr>
- <tr align='right'>
- <td colspan='4' align='right' width='80%'><input type='submit' name='ACTION' value='$Lang::tr{'show crl'}' /></td>
- </tr>
+ <tr>
+ <td width='10%'>$Lang::tr{'ca name'}:</td>
+ <td width='30%'><input type='text' name='CA_NAME' value='$cgiparams{'CA_NAME'}' size='15' align='left'></td>
+ <td width='30%'><input type='file' name='FH' size='25'>
+ <td width='30%'align='right'><input type='submit' name='ACTION' value='$Lang::tr{'upload ca certificate'}'></td>
+ </tr>
- <tr><td colspan=4><hr /></td></tr><tr>
- <tr>
- <td class'base'><b>$Lang::tr{'ovpn dh parameters'}</b></td>
- </tr>
+ <tr>
+ <td colspan='3'> </td>
+ <td align='right'><input type='submit' name='ACTION' value='$Lang::tr{'show crl'}' /></td>
+ </tr>
+ </table>
- <tr>
- <td class='base' nowrap='nowrap'>$Lang::tr{'ovpn dh upload'}:</td>
- <td nowrap='nowrap'><size='15' align='left'/></td>
- <td nowrap='nowrap'><input type='file' name='FH' size='25' />
- <td colspan='4' align='right'><input type='submit' name='ACTION' value='$Lang::tr{'upload dh key'}' /></td>
- </tr>
- <tr>
- <td class='base' nowrap='nowrap'>$Lang::tr{'ovpn dh new key'}:</td>
- <td nowrap='nowrap'><size='15' align='left'/></td>
- <td nowrap='nowrap'><input type='submit' name='ACTION' value='$Lang::tr{'generate dh key'}' /></td>
- </tr>
- </table>
+ <br>
+
+ <table border='0' width='100%'>
+ <tr>
+ <td colspan='4'><b>$Lang::tr{'ovpn dh parameters'}</b></td>
+ </tr>
+
+ <tr>
+ <td width='40%'>$Lang::tr{'ovpn dh upload'}:</td>
+ <td width='30%'><input type='file' name='FH' size='25'>
+ <td width='30%' align='right'><input type='submit' name='ACTION' value='$Lang::tr{'upload dh key'}'></td>
+ </tr>
+
+ <tr>
+ <td width='40%'>$Lang::tr{'ovpn dh new key'}:</td>
+ <td colspan='2' width='60%' align='right'><input type='submit' name='ACTION' value='$Lang::tr{'generate dh key'}' /></td>
+ </tr>
+ </table>
+ </form>
- <tr><td colspan=4><hr /></td></tr><tr>
+ <br><hr>
END
;
<form method='post' action='$ENV{'SCRIPT_NAME'}'>
<input type='image' alt='$Lang::tr{'reload'}' title='$Lang::tr{'reload'}' src='/images/view-refresh.png' />
</form>
- <tr><td colspan='2' align='left'><pre>
+ <tr><td colspan='2' align='left'><code>
END
my @output = `grep pakfire /var/log/messages | tail -20`;
foreach (@output) {
- print "$_";
+ print "$_<br>";
}
print <<END;
- </pre>
+ </code>
</table>
END
&Header::closebox();
# mdadm should not stopped with webif because this could crash the system
#
chomp($_);
+ if ( $_ eq 'squid' ) {
+ next;
+ }
if ( ($_ ne "alsa") && ($_ ne "mdadm") ) {
$lines++;
if ($lines % 2){
'vpn payload compression' => 'Datennutzlast-Kompression aushandeln',
'vpn red name' => 'Öffentliche IP oder FQDN für das rote Interface oder <%defaultroute>',
'vpn remote id' => 'Remote ID',
-'vpn subjectaltname' => 'Subjekt Alternativer Name',
-'vpn statistic rw' => 'OpenVPN-Roadwarrior-Statistik',
'vpn statistic n2n' => 'OpenVPN-Netz-zu-Netz-Statistik',
+'vpn statistic rw' => 'OpenVPN-Roadwarrior-Statistik',
+'vpn subjectaltname' => 'Subjekt Alternativer Name',
'vpn vhost' => 'Roadwarrior virtuelle IP (manchmal auch Inner-IP genannt)',
'vpn watch' => 'Netz-zu-Netz VPN neu starten, wenn sich Remote-IP ändert (DynDNS).',
'waiting to synchronize clock' => 'Bitte warten, die Uhr wird synchronisiert',
'vpn payload compression' => 'Negotiate payload compression',
'vpn red name' => 'Public IP or FQDN for RED interface or <%defaultroute>',
'vpn remote id' => 'Remote ID',
-'vpn statistic rw' => 'OpenVPN Roadwarrior Statistics',
'vpn statistic n2n' => 'OpenVPN Net-to-Net Statistics',
+'vpn statistic rw' => 'OpenVPN Roadwarrior Statistics',
'vpn subjectaltname' => 'Subject Alt Name',
'vpn vhost' => 'Roadwarrior virtual IP (sometimes called Inner-IP)',
'vpn watch' => 'Restart net-to-net vpn when remote peer IP changes (dyndns).',
cd $(DIR_APP) && patch -p1 -i $(DIR_SRC)/src/patches/collectd/0020-openvpn-Make-read-functions-robust-like-in-8516f9abb.patch
cd $(DIR_APP) && patch -p1 -i $(DIR_SRC)/src/patches/collectd/0021-openvpn-Fix-copy-and-paste-error.patch
cd $(DIR_APP) && patch -p1 -i $(DIR_SRC)/src/patches/collectd/0022-openvpn-Change-data-type-from-COUNTER-to-DERIVE.patch
+ cd $(DIR_APP) && patch -p1 -i $(DIR_SRC)/src/patches/collectd/silence-openvpn-errors.patch
cd $(DIR_APP) && ./configure --prefix=/usr --localstatedir=/var \
--disable-{apple_sensors,csv,ipvs,mbmon,memcached,mysql} \
--disable-{netlink,nginx,nut,perl,serial,snmp,tape,vserver,xmms} \
# along with IPFire; if not, write to the Free Software #
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
# #
-# Copyright (C) 2007-2014 IPFire Team <info@ipfire.org>. #
+# Copyright (C) 2007-2015 IPFire Team <info@ipfire.org>. #
# #
############################################################################
#
NAME="IPFire" # Software name
SNAME="ipfire" # Short name
VERSION="2.17" # Version number
-CORE="89" # Core Level (Filename)
+CORE="90" # Core Level (Filename)
PAKFIRE_CORE="89" # Core Level (PAKFIRE)
GIT_BRANCH=`git rev-parse --abbrev-ref HEAD` # Git Branch
SLOGAN="www.ipfire.org" # Software slogan
--- /dev/null
+diff --git a/src/openvpn.c b/src/openvpn.c
+index d446e9957b68..ef5bf1078285 100644
+--- a/src/openvpn.c
++++ b/src/openvpn.c
+@@ -70,6 +70,7 @@ static const char *config_keys[] =
+ };
+ static int config_keys_num = STATIC_ARRAY_SIZE (config_keys);
+
++static int version_detect (const char *filename);
+
+ /* Helper function
+ * copy-n-pasted from common.c - changed delim to "," */
+@@ -540,6 +541,11 @@ static int openvpn_read (void)
+ continue;
+ }
+
++ // If the version was not detected yet, we try to guess again
++ if (vpn_list[i]->version == 0) {
++ vpn_list[i]->version = version_detect(vpn_list[i]->file);
++ }
++
+ switch (vpn_list[i]->version)
+ {
+ case SINGLE:
+@@ -567,7 +573,7 @@ static int openvpn_read (void)
+ read += vpn_read;
+ }
+
+- return (read ? 0 : -1);
++ return 0;
+ } /* int openvpn_read */
+
+ static int version_detect (const char *filename)
+@@ -630,16 +636,6 @@ static int version_detect (const char *filename)
+ }
+ }
+
+- if (version == 0)
+- {
+- /* This is only reached during configuration, so complaining to
+- * the user is in order. */
+- NOTICE ("openvpn plugin: %s: Unknown file format, please "
+- "report this as bug. Make sure to include "
+- "your status file, so the plugin can "
+- "be adapted.", filename);
+- }
+-
+ fclose (fh);
+
+ return version;
+@@ -656,13 +652,6 @@ static int openvpn_config (const char *key, const char *value)
+ /* try to detect the status file format */
+ status_version = version_detect (value);
+
+- if (status_version == 0)
+- {
+- WARNING ("openvpn plugin: unable to detect status version, \
+- discarding status file \"%s\".", value);
+- return (1);
+- }
+-
+ status_file = sstrdup (value);
+ if (status_file == NULL)
+ {