if (&General::RedIsWireless()) {
$menu->{'01.system'}{'subMenu'}->{'21.wlan'}{'enabled'} = 1;
}
+
+ if ($ethsettings{'RED_TYPE'} eq "PPPOE") {
+ $menu->{'02.status'}{'subMenu'}->{'74.modem-status'}{'enabled'} = 1;
+ }
}
sub showhttpheaders
--- /dev/null
+#!/usr/bin/perl
+###############################################################################
+# #
+# IPFire.org - A linux based firewall #
+# Copyright (C) 2014 IPFire Team <info@ipfire.org> #
+# #
+# This program is free software: you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation, either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# This program is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with this program. If not, see <http://www.gnu.org/licenses/>. #
+# #
+###############################################################################
+
+use Device::Modem;
+
+package Modem;
+
+sub new() {
+ my $class = shift;
+
+ my $port = shift;
+ my $baud = shift;
+
+ my $self = {};
+ bless $self, $class;
+
+ # Initialize the connetion to the modem.
+ $self->_initialize($port, $baud);
+
+ if ($self->_is_working()) {
+ return $self;
+ }
+
+ return undef;
+}
+
+sub DESTROY() {
+ my $self = shift;
+
+ # Close connection to modem.
+ if ($self->{modem}) {
+ $self->{modem}->close();
+ }
+}
+
+sub _initialize() {
+ my ($self, $port, $baud) = @_;
+
+ # Establish connection to the modem.
+ $self->{modem} = new Device::Modem(port => $port);
+ $self->{modem}->connect(baudrate => $baud);
+}
+
+sub _is_working() {
+ my $self = shift;
+
+ # Check if the modem responds to AT commands.
+ $self->{modem}->atsend("AT\r\n");
+
+ my $response = $self->{modem}->answer();
+ return ($response eq "OK");
+}
+
+sub _command() {
+ my $self = shift;
+ my $cmd = shift;
+
+ # Terminate the AT command with newline.
+ $cmd .= "\r\n";
+
+ $self->{modem}->atsend($cmd);
+
+ my $response = $self->{modem}->answer();
+ my @response = split(/\n/, $response);
+
+ # Trim leading and trailing spaces.
+ foreach my $line (@response) {
+ $line =~ s/^\s+|\s+$//g;
+ chomp($line);
+ }
+
+ my $last_element = pop(@response);
+ unless ($last_element eq "OK") {
+ push(@response, $last_element);
+ }
+
+ $response = join("\n", @response);
+
+ return $self->_trim($response);
+}
+
+sub _trim() {
+ my $self = shift;
+ my $input = shift;
+
+ my $first_char = substr($input, 0, 1);
+ if ($first_char eq "+") {
+ my @output = split(/:/, $input);
+ if ($#output == 1) {
+ return $output[1];
+ }
+ }
+
+ return $input;
+}
+
+sub get_vendor() {
+ my $self = shift;
+
+ return $self->_command("AT+GMI");
+}
+
+sub get_model() {
+ my $self = shift;
+
+ return $self->_command("AT+GMM");
+}
+
+sub get_software_version() {
+ my $self = shift;
+
+ return $self->_command("AT+GMR");
+}
+
+sub get_imei() {
+ my $self = shift;
+
+ return $self->_command("AT+GSN");
+}
+
+sub get_capabilities() {
+ my $self = shift;
+
+ my $output = $self->_command("AT+GCAP");
+ return split(/,/, $output);
+}
+
+sub is_sim_unlocked() {
+ my $self = shift;
+
+ # TODO
+ return 1;
+}
+
+sub get_sim_imsi() {
+ my $self = shift;
+
+ if ($self->is_sim_unlocked()) {
+ return $self->_command("AT+CIMI");
+ }
+}
+
+sub get_network_registration() {
+ my $self = shift;
+
+ my @elements;
+ foreach my $i ([0, 1]) {
+ my $output = $self->_command("AT+CREG?");
+
+ @elements = split(/,/, $output);
+ if ($#elements != 2) {
+ # Output in wrong format. Resetting.
+ $self->_command("AT+CREG=0");
+ }
+ }
+
+ if ($elements[0] == 0) {
+ if ($elements[1] == 0) {
+ return "NOT REGISTERED, NOT SEARCHING";
+ } elsif ($elements[1] == 1) {
+ return "REGISTERED TO HOME NETWORK";
+ } elsif ($elements[1] == 2) {
+ return "NOT REGISTERED, SEARCHING";
+ } elsif ($elements[1] == 3) {
+ return "REGISTRATION DENIED";
+ } elsif ($elements[1] == 5) {
+ return "REGISTERED, ROAMING";
+ } else {
+ return "UNKNOWN";
+ }
+ }
+}
+
+sub _get_network_operator() {
+ my $self = shift;
+
+ my $output = $self->_command("AT+COPS?");
+ $output =~ s/\"//g;
+
+ my @elements = split(/,/, $output);
+ if ($#elements == 3) {
+ return @elements;
+ }
+}
+
+sub get_network_operator() {
+ my $self = shift;
+
+ my ($mode, $format, $operator, $act) = $self->_get_network_operator();
+
+ return $operator;
+}
+
+sub get_network_mode() {
+ my $self = shift;
+
+ my ($mode, $format, $operator, $act) = $self->_get_network_operator();
+
+ if ($act == 0) {
+ return "GSM";
+ } elsif ($act == 1) {
+ return "Compact GSM";
+ } elsif ($act == 2) {
+ return "UMTS";
+ } elsif ($act == 3) {
+ return "GSM WITH EGPRS";
+ } elsif ($act == 4) {
+ return "UMTS WITH HSDPA";
+ } elsif ($act == 5) {
+ return "UMTS WITH HSUPA";
+ } elsif ($act == 6) {
+ return "UMTS WITH HSDPA+HSUPA";
+ } elsif ($act == 7) {
+ return "LTE";
+ } else {
+ return "UNKNOWN ($act)";
+ }
+}
+
+sub _get_signal_quality() {
+ my $self = shift;
+
+ my $output = $self->_command("AT+CSQ");
+
+ my @elements = split(/,/, $output);
+ if ($#elements == 1) {
+ return @elements;
+ }
+}
+
+sub get_signal_quality() {
+ my $self = shift;
+
+ my ($rssi, $ber) = $self->_get_signal_quality();
+
+ # 99 equals unknown.
+ unless ($rssi == 99) {
+ my $dbm = ($rssi * 2) - 113;
+ return $dbm;
+ }
+
+ return undef;
+}
+
+sub get_bit_error_rate() {
+ my $self = shift;
+
+ my ($rssi, $ber) = $self->_get_signal_quality();
+
+ # 99 indicates unknown.
+ unless ($ber == 99) {
+ return $ber;
+ }
+
+ return undef;
+}
+
+1;
'title' => "$Lang::tr{'qos graphs'}",
'enabled' => 1,
};
+ $substatus->{'74.modem-status'} = {'caption' => $Lang::tr{'modem status'},
+ 'uri' => '/cgi-bin/modem-status.cgi',
+ 'title' => $Lang::tr{'modem status'},
+ 'enabled' => 0,
+ };
$substatus->{'75.atm-status'} = {'caption' => 'Atm-status',
'uri' => '/cgi-bin/atm-status.cgi',
'title' => 'Atm-status',
'title' => "$Lang::tr{'firewall logs port'}",
'enabled' => 1
};
+ $sublogs->{'43.firewallcountry'} = {'caption' => $Lang::tr{'firewall logs country'},
+ 'uri' => '/cgi-bin/logs.cgi/firewalllogcountry.dat',
+ 'title' => "$Lang::tr{'firewall logs country'}",
+ 'enabled' => 1
+ };
$sublogs->{'50.ids'} = {'caption' => $Lang::tr{'ids logs'},
'uri' => '/cgi-bin/logs.cgi/ids.dat',
'title' => "$Lang::tr{'ids logs'}",
-HOME = .
-RANDFILE = /var/ipfire/ovpn/ca/.rnd
-oid_section = new_oids
+HOME = .
+RANDFILE = /var/ipfire/ovpn/ca/.rnd
+oid_section = new_oids
[ new_oids ]
[ ca ]
-default_ca = openvpn
+default_ca = openvpn
[ openvpn ]
-dir = /var/ipfire/ovpn
-certs = $dir/certs
-crl_dir = $dir/crl
-database = $dir/certs/index.txt
-new_certs_dir = $dir/certs
-certificate = $dir/ca/cacert.pem
-serial = $dir/certs/serial
-crl = $dir/crl.pem
-private_key = $dir/ca/cakey.pem
-RANDFILE = $dir/ca/.rand
-x509_extensions = usr_cert
-default_days = 999999
-default_crl_days= 30
-default_md = md5
-preserve = no
-policy = policy_match
-email_in_dn = no
+dir = /var/ipfire/ovpn
+certs = $dir/certs
+crl_dir = $dir/crl
+database = $dir/certs/index.txt
+new_certs_dir = $dir/certs
+certificate = $dir/ca/cacert.pem
+serial = $dir/certs/serial
+crl = $dir/crl.pem
+private_key = $dir/ca/cakey.pem
+RANDFILE = $dir/ca/.rand
+x509_extensions = usr_cert
+default_days = 999999
+default_crl_days = 30
+default_md = sha256
+preserve = no
+policy = policy_match
+email_in_dn = no
[ policy_match ]
-countryName = optional
-stateOrProvinceName = optional
-organizationName = optional
-organizationalUnitName = optional
-commonName = supplied
-emailAddress = optional
+countryName = optional
+stateOrProvinceName = optional
+organizationName = optional
+organizationalUnitName = optional
+commonName = supplied
+emailAddress = optional
[ req ]
-default_bits = 1024
-default_keyfile = privkey.pem
-distinguished_name = req_distinguished_name
-attributes = req_attributes
-x509_extensions = v3_ca
-string_mask = nombstr
+default_bits = 2048
+default_keyfile = privkey.pem
+distinguished_name = req_distinguished_name
+attributes = req_attributes
+x509_extensions = v3_ca
+string_mask = nombstr
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
unstructuredName = An optional company name
[ usr_cert ]
-basicConstraints=CA:FALSE
+basicConstraints = CA:FALSE
nsComment = "OpenSSL Generated Certificate"
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer:always
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid,issuer:always
[ server ]
# JY ADDED -- Make a cert with nsCertType set to "server"
-basicConstraints=CA:FALSE
+basicConstraints = CA:FALSE
nsCertType = server
nsComment = "OpenSSL Generated Server Certificate"
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer:always
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid,issuer:always
[ v3_req ]
-basicConstraints = CA:FALSE
-keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+basicConstraints = CA:FALSE
+keyUsage = nonRepudiation, digitalSignature, keyEncipherment
[ v3_ca ]
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid:always,issuer:always
-basicConstraints = CA:true
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid:always,issuer:always
+basicConstraints = CA:true
[ crl_ext ]
-authorityKeyIdentifier=keyid:always,issuer:always
+authorityKeyIdentifier = keyid:always,issuer:always
[ engine ]
-default = openssl
+default = openssl
srv/web/ipfire/cgi-bin/media.cgi
srv/web/ipfire/cgi-bin/memory.cgi
srv/web/ipfire/cgi-bin/modem.cgi
+srv/web/ipfire/cgi-bin/modem-status.cgi
srv/web/ipfire/cgi-bin/netexternal.cgi
srv/web/ipfire/cgi-bin/netinternal.cgi
srv/web/ipfire/cgi-bin/netother.cgi
var/ipfire/modem
#var/ipfire/modem/defaults
#var/ipfire/modem/settings
+var/ipfire/modem-lib.pl
var/ipfire/net-traffic
#var/ipfire/net-traffic/net-traffic-admin.pl
#var/ipfire/net-traffic/net-traffic-lib.pl
--- /dev/null
+#usr/lib/perl5/site_perl/5.12.3/Device
+#usr/lib/perl5/site_perl/5.12.3/Device/Modem
+usr/lib/perl5/site_perl/5.12.3/Device/Modem.pm
+#usr/lib/perl5/site_perl/5.12.3/Device/Modem/FAQ.pod
+#usr/lib/perl5/site_perl/5.12.3/Device/Modem/Log
+usr/lib/perl5/site_perl/5.12.3/Device/Modem/Log/File.pm
+usr/lib/perl5/site_perl/5.12.3/Device/Modem/Log/Syslog.pm
+#usr/lib/perl5/site_perl/5.12.3/Device/Modem/Protocol
+usr/lib/perl5/site_perl/5.12.3/Device/Modem/Protocol/Xmodem.pm
+usr/lib/perl5/site_perl/5.12.3/Device/Modem/UsRobotics.pm
+#usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/auto/Device/Modem
+#usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/auto/Device/Modem/.packlist
+#usr/share/man/man3/Device::Modem.3
+#usr/share/man/man3/Device::Modem::FAQ.3
+#usr/share/man/man3/Device::Modem::Log::File.3
+#usr/share/man/man3/Device::Modem::Log::Syslog.3
+#usr/share/man/man3/Device::Modem::Protocol::Xmodem.3
+#usr/share/man/man3/Device::Modem::UsRobotics.3
--- /dev/null
+#usr/bin/modemtest
+usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/Device
+usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/Device/SerialPort.pm
+#usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/auto/Device
+#usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/auto/Device/SerialPort
+#usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/auto/Device/SerialPort/.packlist
+#usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/auto/Device/SerialPort/SerialPort.bs
+usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/auto/Device/SerialPort/SerialPort.so
+#usr/share/man/man1/modemtest.1
+#usr/share/man/man3/Device::SerialPort.3
#usr/include/pppd/chap_ms.h
#usr/include/pppd/eap.h
#usr/include/pppd/ecp.h
+#usr/include/pppd/eui64.h
#usr/include/pppd/fsm.h
#usr/include/pppd/ipcp.h
+#usr/include/pppd/ipv6cp.h
#usr/include/pppd/ipxcp.h
#usr/include/pppd/lcp.h
#usr/include/pppd/magic.h
#usr/include/pppd/tdb.h
#usr/include/pppd/upap.h
usr/lib/pppd
-usr/lib/pppd/2.4.5
-usr/lib/pppd/2.4.5/minconn.so
-usr/lib/pppd/2.4.5/openl2tp.so
-usr/lib/pppd/2.4.5/passprompt.so
-usr/lib/pppd/2.4.5/passwordfd.so
-usr/lib/pppd/2.4.5/pppoatm.so
-usr/lib/pppd/2.4.5/pppol2tp.so
-usr/lib/pppd/2.4.5/radattr.so
-usr/lib/pppd/2.4.5/radius.so
-usr/lib/pppd/2.4.5/radrealms.so
-usr/lib/pppd/2.4.5/rp-pppoe.so
-usr/lib/pppd/2.4.5/winbind.so
+usr/lib/pppd/2.4.6
+usr/lib/pppd/2.4.6/minconn.so
+usr/lib/pppd/2.4.6/openl2tp.so
+usr/lib/pppd/2.4.6/passprompt.so
+usr/lib/pppd/2.4.6/passwordfd.so
+usr/lib/pppd/2.4.6/pppoatm.so
+usr/lib/pppd/2.4.6/pppol2tp.so
+usr/lib/pppd/2.4.6/radattr.so
+usr/lib/pppd/2.4.6/radius.so
+usr/lib/pppd/2.4.6/radrealms.so
+usr/lib/pppd/2.4.6/rp-pppoe.so
+usr/lib/pppd/2.4.6/winbind.so
usr/sbin/chat
usr/sbin/pppd
usr/sbin/pppdump
usr/lib/squid/basic_smb_auth.sh
#usr/lib/squid/cachemgr.cgi
usr/lib/squid/cert_tool
-usr/lib/squid/digest_edirectory_auth
+usr/lib/squid/cert_valid.pl
usr/lib/squid/digest_file_auth
usr/lib/squid/digest_ldap_auth
usr/lib/squid/diskd
#usr/lib/squid/errors/pt-br/ERR_WRITE_ERROR
#usr/lib/squid/errors/pt-br/ERR_ZERO_SIZE_OBJECT
#usr/lib/squid/errors/pt-br/error-details.txt
+#usr/lib/squid/errors/pt-bz
#usr/lib/squid/errors/pt-pt
#usr/lib/squid/errors/pt/ERR_ACCESS_DENIED
#usr/lib/squid/errors/pt/ERR_ACL_TIME_QUOTA_EXCEEDED
usr/lib/squid/negotiate_wrapper_auth
usr/lib/squid/ntlm_fake_auth
usr/lib/squid/ntlm_smb_lm_auth
+usr/lib/squid/storeid_file_rewrite
usr/lib/squid/unlinkd
usr/lib/squid/url_fake_rewrite
usr/lib/squid/url_fake_rewrite.sh
#usr/share/man/man8/ext_wbinfo_group_acl.8
#usr/share/man/man8/log_db_daemon.8
#usr/share/man/man8/squid.8
+#usr/share/man/man8/storeid_file_rewrite.8
#var/cache/squid
var/ipfire/proxy/errorpage-ipfire.css
var/ipfire/proxy/errorpage-squid.css
var/log/squid/access.log
var/log/updatexlrator
#var/logs
-#var/run/squid
#etc/cron.d/vnstat
etc/vnstat.conf
usr/bin/vnstat
+usr/bin/vnstati
+#usr/sbin/vnstatd
+#usr/share/man/man5/vnstat.conf.5
+#usr/share/man/man1/vnstatd.1
+#usr/share/man/man1/vnstati.1
#usr/share/man/man1/vnstat.1
#var/lib/vnstat
+++ /dev/null
-usr/bin/vnstati
-#usr/share/man/man1/vnstati.1.gz
WARNING: translation string unused: optionsfw warning
WARNING: translation string unused: or
WARNING: translation string unused: original
-WARNING: translation string unused: other countries
WARNING: translation string unused: our donors
WARNING: translation string unused: out
WARNING: translation string unused: outgoing firewall
WARNING: translation string unused: outgoing firewall view group
WARNING: translation string unused: outgoing firewall warning
WARNING: translation string unused: override mtu
-WARNING: translation string unused: ovpn
WARNING: translation string unused: ovpn config
WARNING: translation string unused: ovpn dl
WARNING: translation string unused: ovpn log
-WARNING: translation string unused: ovpn_fastio
WARNING: translation string unused: ovpn_fragment
WARNING: translation string unused: ovpn_mssfix
WARNING: translation string unused: ovpn_mtudisc
WARNING: translation string unused: use ibod
WARNING: translation string unused: view log
WARNING: translation string unused: vpn aggrmode
+WARNING: translation string unused: vpn configuration main
WARNING: translation string unused: vpn incompatible use of defaultroute
WARNING: translation string unused: vpn mtu invalid
WARNING: translation string unused: vpn on blue
WARNING: translation string unused: xtaccess bad transfert
WARNING: translation string unused: year-graph
WARNING: translation string unused: yearly firewallhits
+WARNING: untranslated string: Number of Countries for the pie chart
WARNING: untranslated string: Scan for Songs
WARNING: untranslated string: addons
WARNING: untranslated string: bytes
WARNING: untranslated string: community rules
WARNING: untranslated string: dead peer detection
WARNING: untranslated string: emerging rules
+WARNING: untranslated string: firewall logs country
WARNING: untranslated string: fwhost err hostip
+WARNING: untranslated string: monitor interface
WARNING: untranslated string: qos add subclass
WARNING: untranslated string: route config changed
WARNING: untranslated string: routing config added
WARNING: untranslated string: routing config changed
WARNING: untranslated string: routing table
+WARNING: untranslated string: source ip country
WARNING: translation string unused: optionsfw warning
WARNING: translation string unused: or
WARNING: translation string unused: original
-WARNING: translation string unused: other countries
WARNING: translation string unused: our donors
WARNING: translation string unused: out
WARNING: translation string unused: outgoing firewall
WARNING: translation string unused: outgoing firewall view group
WARNING: translation string unused: outgoing firewall warning
WARNING: translation string unused: override mtu
-WARNING: translation string unused: ovpn
WARNING: translation string unused: ovpn config
WARNING: translation string unused: ovpn dl
WARNING: translation string unused: ovpn log
WARNING: translation string unused: use ibod
WARNING: translation string unused: view log
WARNING: translation string unused: vpn aggrmode
+WARNING: translation string unused: vpn configuration main
WARNING: translation string unused: vpn incompatible use of defaultroute
WARNING: translation string unused: vpn mtu invalid
WARNING: translation string unused: vpn on blue
WARNING: translation string unused: xtaccess bad transfert
WARNING: translation string unused: year-graph
WARNING: translation string unused: yearly firewallhits
+WARNING: untranslated string: Number of Countries for the pie chart
WARNING: untranslated string: Scan for Songs
WARNING: untranslated string: bytes
WARNING: untranslated string: fwhost err hostip
+WARNING: untranslated string: monitor interface
WARNING: untranslated string: route config changed
WARNING: untranslated string: routing config added
WARNING: untranslated string: routing config changed
WARNING: untranslated string: routing table
+WARNING: untranslated string: source ip country
WARNING: translation string unused: optionsfw warning
WARNING: translation string unused: or
WARNING: translation string unused: original
-WARNING: translation string unused: other countries
WARNING: translation string unused: out
WARNING: translation string unused: outgoing firewall
WARNING: translation string unused: outgoing firewall mode0
WARNING: translation string unused: outgoing firewall reset
WARNING: translation string unused: outgoing firewall warning
WARNING: translation string unused: override mtu
-WARNING: translation string unused: ovpn
WARNING: translation string unused: ovpn config
WARNING: translation string unused: ovpn dl
WARNING: translation string unused: ovpn log
WARNING: translation string unused: use ibod
WARNING: translation string unused: view log
WARNING: translation string unused: vpn aggrmode
+WARNING: translation string unused: vpn configuration main
WARNING: translation string unused: vpn incompatible use of defaultroute
WARNING: translation string unused: vpn mtu invalid
WARNING: translation string unused: vpn on blue
WARNING: untranslated string: ConnSched shutdown
WARNING: untranslated string: MB read
WARNING: untranslated string: MB written
+WARNING: untranslated string: Number of Countries for the pie chart
WARNING: untranslated string: Scan for Songs
WARNING: untranslated string: Set time on boot
WARNING: untranslated string: addons
WARNING: untranslated string: attention
WARNING: untranslated string: bit
WARNING: untranslated string: bytes
+WARNING: untranslated string: capabilities
WARNING: untranslated string: ccd add
WARNING: untranslated string: ccd choose net
WARNING: untranslated string: ccd client options
WARNING: untranslated string: dead peer detection
WARNING: untranslated string: deprecated fs warn
WARNING: untranslated string: details
+WARNING: untranslated string: dh
+WARNING: untranslated string: dh key warn
+WARNING: untranslated string: dh name is invalid
WARNING: untranslated string: dnat address
WARNING: untranslated string: dns servers
WARNING: untranslated string: dnsforward
WARNING: untranslated string: fireinfo why enable
WARNING: untranslated string: fireinfo why read more
WARNING: untranslated string: fireinfo your profile id
+WARNING: untranslated string: firewall logs country
WARNING: untranslated string: firewall rules
WARNING: untranslated string: first
WARNING: untranslated string: flag
WARNING: untranslated string: fwhost type
WARNING: untranslated string: fwhost used
WARNING: untranslated string: fwhost welcome
+WARNING: untranslated string: gen dh
+WARNING: untranslated string: generate dh key
WARNING: untranslated string: grouptype
WARNING: untranslated string: hardware support
+WARNING: untranslated string: imei
+WARNING: untranslated string: imsi
WARNING: untranslated string: incoming firewall access
WARNING: untranslated string: integrity
WARNING: untranslated string: invalid input for dpd delay
WARNING: untranslated string: maximum
WARNING: untranslated string: minimum
WARNING: untranslated string: minute
+WARNING: untranslated string: model
+WARNING: untranslated string: modem hardware details
+WARNING: untranslated string: modem information
+WARNING: untranslated string: modem network bit error rate
+WARNING: untranslated string: modem network information
+WARNING: untranslated string: modem network mode
+WARNING: untranslated string: modem network operator
+WARNING: untranslated string: modem network registration
+WARNING: untranslated string: modem network signal quality
+WARNING: untranslated string: modem no connection
+WARNING: untranslated string: modem no connection message
+WARNING: untranslated string: modem sim information
+WARNING: untranslated string: modem status
+WARNING: untranslated string: monitor interface
WARNING: untranslated string: most preferred
WARNING: untranslated string: no hardware random number generator
+WARNING: untranslated string: not a valid dh key
WARNING: untranslated string: notice
WARNING: untranslated string: openvpn default
WARNING: untranslated string: openvpn destination port used
WARNING: untranslated string: outgoing firewall access
WARNING: untranslated string: outgoing firewall p2p allow
WARNING: untranslated string: outgoing firewall p2p deny
+WARNING: untranslated string: ovpn crypt options
+WARNING: untranslated string: ovpn dh
+WARNING: untranslated string: ovpn dh name
WARNING: untranslated string: ovpn errmsg green already pushed
WARNING: untranslated string: ovpn errmsg invalid ip or mask
+WARNING: untranslated string: ovpn generating the root and host certificates
+WARNING: untranslated string: ovpn ha
+WARNING: untranslated string: ovpn hmac
WARNING: untranslated string: ovpn mgmt in root range
WARNING: untranslated string: ovpn mtu-disc
WARNING: untranslated string: ovpn mtu-disc and mtu not 1500
WARNING: untranslated string: routing config changed
WARNING: untranslated string: routing table
WARNING: untranslated string: server restart
+WARNING: untranslated string: show dh
WARNING: untranslated string: snat new source ip address
+WARNING: untranslated string: software version
+WARNING: untranslated string: source ip country
WARNING: untranslated string: ssh
WARNING: untranslated string: static routes
WARNING: untranslated string: support donation
WARNING: untranslated string: tor traffic read written
WARNING: untranslated string: tor use exit nodes
WARNING: untranslated string: uplink
+WARNING: untranslated string: upload dh key
WARNING: untranslated string: uptime load average
WARNING: untranslated string: urlfilter redirect template
+WARNING: untranslated string: vendor
WARNING: untranslated string: visit us at
WARNING: untranslated string: vpn keyexchange
WARNING: untranslated string: wlan client
WARNING: translation string unused: optionsfw warning
WARNING: translation string unused: or
WARNING: translation string unused: original
-WARNING: translation string unused: other countries
WARNING: translation string unused: out
WARNING: translation string unused: outgoing firewall
WARNING: translation string unused: outgoing firewall add ip group
WARNING: translation string unused: outgoing firewall view group
WARNING: translation string unused: outgoing firewall warning
WARNING: translation string unused: override mtu
-WARNING: translation string unused: ovpn
WARNING: translation string unused: ovpn config
WARNING: translation string unused: ovpn dl
WARNING: translation string unused: ovpn log
WARNING: translation string unused: use ibod
WARNING: translation string unused: view log
WARNING: translation string unused: vpn aggrmode
+WARNING: translation string unused: vpn configuration main
WARNING: translation string unused: vpn incompatible use of defaultroute
WARNING: translation string unused: vpn mtu invalid
WARNING: translation string unused: vpn on blue
WARNING: untranslated string: ConnSched shutdown
WARNING: untranslated string: MB read
WARNING: untranslated string: MB written
+WARNING: untranslated string: Number of Countries for the pie chart
WARNING: untranslated string: Scan for Songs
WARNING: untranslated string: addons
WARNING: untranslated string: advproxy cache-digest
WARNING: untranslated string: attention
WARNING: untranslated string: bit
WARNING: untranslated string: bytes
+WARNING: untranslated string: capabilities
WARNING: untranslated string: ccd add
WARNING: untranslated string: ccd choose net
WARNING: untranslated string: ccd client options
WARNING: untranslated string: dead peer detection
WARNING: untranslated string: deprecated fs warn
WARNING: untranslated string: details
+WARNING: untranslated string: dh
+WARNING: untranslated string: dh key warn
+WARNING: untranslated string: dh name is invalid
WARNING: untranslated string: dnat address
WARNING: untranslated string: dns address deleted txt
WARNING: untranslated string: dns servers
WARNING: untranslated string: fireinfo why enable
WARNING: untranslated string: fireinfo why read more
WARNING: untranslated string: fireinfo your profile id
+WARNING: untranslated string: firewall logs country
WARNING: untranslated string: firewall rules
WARNING: untranslated string: first
WARNING: untranslated string: flag
WARNING: untranslated string: fwhost type
WARNING: untranslated string: fwhost used
WARNING: untranslated string: fwhost welcome
+WARNING: untranslated string: gen dh
+WARNING: untranslated string: generate dh key
WARNING: untranslated string: grouptype
WARNING: untranslated string: hardware support
+WARNING: untranslated string: imei
+WARNING: untranslated string: imsi
WARNING: untranslated string: incoming firewall access
WARNING: untranslated string: integrity
WARNING: untranslated string: invalid input for dpd delay
WARNING: untranslated string: maximum
WARNING: untranslated string: minimum
WARNING: untranslated string: minute
+WARNING: untranslated string: model
+WARNING: untranslated string: modem hardware details
+WARNING: untranslated string: modem information
+WARNING: untranslated string: modem network bit error rate
+WARNING: untranslated string: modem network information
+WARNING: untranslated string: modem network mode
+WARNING: untranslated string: modem network operator
+WARNING: untranslated string: modem network registration
+WARNING: untranslated string: modem network signal quality
+WARNING: untranslated string: modem no connection
+WARNING: untranslated string: modem no connection message
+WARNING: untranslated string: modem sim information
+WARNING: untranslated string: modem status
+WARNING: untranslated string: monitor interface
WARNING: untranslated string: most preferred
WARNING: untranslated string: no hardware random number generator
+WARNING: untranslated string: not a valid dh key
WARNING: untranslated string: notice
WARNING: untranslated string: ntp common settings
WARNING: untranslated string: ntp sync
WARNING: untranslated string: openvpn subnet is used
WARNING: untranslated string: other
WARNING: untranslated string: outgoing firewall access
+WARNING: untranslated string: ovpn crypt options
+WARNING: untranslated string: ovpn dh
+WARNING: untranslated string: ovpn dh name
+WARNING: untranslated string: ovpn generating the root and host certificates
+WARNING: untranslated string: ovpn ha
+WARNING: untranslated string: ovpn hmac
WARNING: untranslated string: ovpn mgmt in root range
WARNING: untranslated string: ovpn mtu-disc
WARNING: untranslated string: ovpn mtu-disc and mtu not 1500
WARNING: untranslated string: routing config changed
WARNING: untranslated string: routing table
WARNING: untranslated string: server restart
+WARNING: untranslated string: show dh
WARNING: untranslated string: snat new source ip address
WARNING: untranslated string: snort working
+WARNING: untranslated string: software version
+WARNING: untranslated string: source ip country
WARNING: untranslated string: ssh
WARNING: untranslated string: static routes
WARNING: untranslated string: support donation
WARNING: untranslated string: tor traffic read written
WARNING: untranslated string: tor use exit nodes
WARNING: untranslated string: uplink
+WARNING: untranslated string: upload dh key
WARNING: untranslated string: upload new ruleset
WARNING: untranslated string: uptime load average
WARNING: untranslated string: urlfilter file ext block
WARNING: untranslated string: urlfilter mode block
WARNING: untranslated string: urlfilter redirect template
+WARNING: untranslated string: vendor
WARNING: untranslated string: visit us at
WARNING: untranslated string: vpn keyexchange
WARNING: untranslated string: wlan client
WARNING: translation string unused: optionsfw warning
WARNING: translation string unused: or
WARNING: translation string unused: original
-WARNING: translation string unused: other countries
WARNING: translation string unused: our donors
WARNING: translation string unused: out
WARNING: translation string unused: outgoing firewall
WARNING: translation string unused: outgoing firewall view group
WARNING: translation string unused: outgoing firewall warning
WARNING: translation string unused: override mtu
-WARNING: translation string unused: ovpn
WARNING: translation string unused: ovpn config
WARNING: translation string unused: ovpn dl
WARNING: translation string unused: ovpn log
WARNING: translation string unused: use ibod
WARNING: translation string unused: view log
WARNING: translation string unused: vpn aggrmode
+WARNING: translation string unused: vpn configuration main
WARNING: translation string unused: vpn incompatible use of defaultroute
WARNING: translation string unused: vpn mtu invalid
WARNING: translation string unused: vpn on blue
WARNING: translation string unused: xtaccess bad transfert
WARNING: translation string unused: year-graph
WARNING: translation string unused: yearly firewallhits
+WARNING: untranslated string: Number of Countries for the pie chart
WARNING: untranslated string: Scan for Songs
WARNING: untranslated string: atm device
WARNING: untranslated string: bytes
+WARNING: untranslated string: capabilities
+WARNING: untranslated string: dh
+WARNING: untranslated string: dh key warn
+WARNING: untranslated string: dh name is invalid
WARNING: untranslated string: dns servers
WARNING: untranslated string: drop outgoing
+WARNING: untranslated string: firewall logs country
WARNING: untranslated string: fwhost err hostip
+WARNING: untranslated string: gen dh
+WARNING: untranslated string: generate dh key
+WARNING: untranslated string: imei
+WARNING: untranslated string: imsi
+WARNING: untranslated string: model
+WARNING: untranslated string: modem hardware details
+WARNING: untranslated string: modem information
+WARNING: untranslated string: modem network bit error rate
+WARNING: untranslated string: modem network information
+WARNING: untranslated string: modem network mode
+WARNING: untranslated string: modem network operator
+WARNING: untranslated string: modem network registration
+WARNING: untranslated string: modem network signal quality
+WARNING: untranslated string: modem no connection
+WARNING: untranslated string: modem no connection message
+WARNING: untranslated string: modem sim information
+WARNING: untranslated string: modem status
+WARNING: untranslated string: monitor interface
+WARNING: untranslated string: not a valid dh key
+WARNING: untranslated string: ovpn crypt options
+WARNING: untranslated string: ovpn dh
+WARNING: untranslated string: ovpn dh name
+WARNING: untranslated string: ovpn generating the root and host certificates
+WARNING: untranslated string: ovpn ha
+WARNING: untranslated string: ovpn hmac
WARNING: untranslated string: random number generator daemon
WARNING: untranslated string: route config changed
WARNING: untranslated string: routing config added
WARNING: untranslated string: routing config changed
WARNING: untranslated string: routing table
+WARNING: untranslated string: show dh
+WARNING: untranslated string: software version
+WARNING: untranslated string: source ip country
+WARNING: untranslated string: upload dh key
+WARNING: untranslated string: vendor
WARNING: translation string unused: optionsfw warning
WARNING: translation string unused: or
WARNING: translation string unused: original
-WARNING: translation string unused: other countries
WARNING: translation string unused: out
WARNING: translation string unused: outgoing firewall
WARNING: translation string unused: outgoing firewall mode0
WARNING: translation string unused: outgoing firewall reset
WARNING: translation string unused: outgoing firewall warning
WARNING: translation string unused: override mtu
-WARNING: translation string unused: ovpn
WARNING: translation string unused: ovpn config
WARNING: translation string unused: ovpn dl
WARNING: translation string unused: ovpn log
WARNING: translation string unused: use ibod
WARNING: translation string unused: view log
WARNING: translation string unused: vpn aggrmode
+WARNING: translation string unused: vpn configuration main
WARNING: translation string unused: vpn incompatible use of defaultroute
WARNING: translation string unused: vpn mtu invalid
WARNING: translation string unused: vpn on blue
WARNING: untranslated string: ConnSched shutdown
WARNING: untranslated string: MB read
WARNING: untranslated string: MB written
+WARNING: untranslated string: Number of Countries for the pie chart
WARNING: untranslated string: Scan for Songs
WARNING: untranslated string: Set time on boot
WARNING: untranslated string: addons
WARNING: untranslated string: attention
WARNING: untranslated string: bit
WARNING: untranslated string: bytes
+WARNING: untranslated string: capabilities
WARNING: untranslated string: ccd add
WARNING: untranslated string: ccd choose net
WARNING: untranslated string: ccd client options
WARNING: untranslated string: dead peer detection
WARNING: untranslated string: deprecated fs warn
WARNING: untranslated string: details
+WARNING: untranslated string: dh
+WARNING: untranslated string: dh key warn
+WARNING: untranslated string: dh name is invalid
WARNING: untranslated string: dnat address
WARNING: untranslated string: dns servers
WARNING: untranslated string: dnsforward
WARNING: untranslated string: fireinfo why enable
WARNING: untranslated string: fireinfo why read more
WARNING: untranslated string: fireinfo your profile id
+WARNING: untranslated string: firewall logs country
WARNING: untranslated string: firewall rules
WARNING: untranslated string: first
WARNING: untranslated string: flag
WARNING: untranslated string: fwhost type
WARNING: untranslated string: fwhost used
WARNING: untranslated string: fwhost welcome
+WARNING: untranslated string: gen dh
+WARNING: untranslated string: generate dh key
WARNING: untranslated string: grouptype
WARNING: untranslated string: hardware support
+WARNING: untranslated string: imei
+WARNING: untranslated string: imsi
WARNING: untranslated string: incoming firewall access
WARNING: untranslated string: integrity
WARNING: untranslated string: invalid input for dpd delay
WARNING: untranslated string: maximum
WARNING: untranslated string: minimum
WARNING: untranslated string: minute
+WARNING: untranslated string: model
+WARNING: untranslated string: modem hardware details
+WARNING: untranslated string: modem information
+WARNING: untranslated string: modem network bit error rate
+WARNING: untranslated string: modem network information
+WARNING: untranslated string: modem network mode
+WARNING: untranslated string: modem network operator
+WARNING: untranslated string: modem network registration
+WARNING: untranslated string: modem network signal quality
+WARNING: untranslated string: modem no connection
+WARNING: untranslated string: modem no connection message
+WARNING: untranslated string: modem sim information
+WARNING: untranslated string: modem status
+WARNING: untranslated string: monitor interface
WARNING: untranslated string: most preferred
WARNING: untranslated string: no hardware random number generator
+WARNING: untranslated string: not a valid dh key
WARNING: untranslated string: notice
WARNING: untranslated string: openvpn default
WARNING: untranslated string: openvpn destination port used
WARNING: untranslated string: outgoing firewall access
WARNING: untranslated string: outgoing firewall p2p allow
WARNING: untranslated string: outgoing firewall p2p deny
+WARNING: untranslated string: ovpn crypt options
+WARNING: untranslated string: ovpn dh
+WARNING: untranslated string: ovpn dh name
WARNING: untranslated string: ovpn errmsg green already pushed
WARNING: untranslated string: ovpn errmsg invalid ip or mask
+WARNING: untranslated string: ovpn generating the root and host certificates
+WARNING: untranslated string: ovpn ha
+WARNING: untranslated string: ovpn hmac
WARNING: untranslated string: ovpn mgmt in root range
WARNING: untranslated string: ovpn mtu-disc
WARNING: untranslated string: ovpn mtu-disc and mtu not 1500
WARNING: untranslated string: routing config changed
WARNING: untranslated string: routing table
WARNING: untranslated string: server restart
+WARNING: untranslated string: show dh
WARNING: untranslated string: snat new source ip address
+WARNING: untranslated string: software version
+WARNING: untranslated string: source ip country
WARNING: untranslated string: ssh
WARNING: untranslated string: static routes
WARNING: untranslated string: support donation
WARNING: untranslated string: tor traffic read written
WARNING: untranslated string: tor use exit nodes
WARNING: untranslated string: uplink
+WARNING: untranslated string: upload dh key
WARNING: untranslated string: uptime load average
WARNING: untranslated string: urlfilter redirect template
+WARNING: untranslated string: vendor
WARNING: untranslated string: visit us at
WARNING: untranslated string: vpn keyexchange
WARNING: untranslated string: wlan client
WARNING: translation string unused: optionsfw warning
WARNING: translation string unused: or
WARNING: translation string unused: original
-WARNING: translation string unused: other countries
WARNING: translation string unused: out
WARNING: translation string unused: outgoing firewall
WARNING: translation string unused: outgoing firewall add ip group
WARNING: translation string unused: outgoing firewall view group
WARNING: translation string unused: outgoing firewall warning
WARNING: translation string unused: override mtu
-WARNING: translation string unused: ovpn
WARNING: translation string unused: ovpn config
WARNING: translation string unused: ovpn dl
WARNING: translation string unused: ovpn log
WARNING: translation string unused: use ibod
WARNING: translation string unused: view log
WARNING: translation string unused: vpn aggrmode
+WARNING: translation string unused: vpn configuration main
WARNING: translation string unused: vpn incompatible use of defaultroute
WARNING: translation string unused: vpn mtu invalid
WARNING: translation string unused: vpn on blue
WARNING: untranslated string: Edit an existing route
WARNING: untranslated string: MB read
WARNING: untranslated string: MB written
+WARNING: untranslated string: Number of Countries for the pie chart
WARNING: untranslated string: Scan for Songs
WARNING: untranslated string: addons
WARNING: untranslated string: advproxy cache-digest
WARNING: untranslated string: attention
WARNING: untranslated string: bit
WARNING: untranslated string: bytes
+WARNING: untranslated string: capabilities
WARNING: untranslated string: ccd add
WARNING: untranslated string: ccd choose net
WARNING: untranslated string: ccd client options
WARNING: untranslated string: dead peer detection
WARNING: untranslated string: deprecated fs warn
WARNING: untranslated string: details
+WARNING: untranslated string: dh
+WARNING: untranslated string: dh key warn
+WARNING: untranslated string: dh name is invalid
WARNING: untranslated string: disk access per
WARNING: untranslated string: dnat address
WARNING: untranslated string: dns servers
WARNING: untranslated string: extrahd to
WARNING: untranslated string: extrahd to root
WARNING: untranslated string: extrahd you cant mount
+WARNING: untranslated string: firewall logs country
WARNING: untranslated string: firewall rules
WARNING: untranslated string: first
WARNING: untranslated string: flag
WARNING: untranslated string: fwhost type
WARNING: untranslated string: fwhost used
WARNING: untranslated string: fwhost welcome
+WARNING: untranslated string: gen dh
+WARNING: untranslated string: generate dh key
WARNING: untranslated string: grouptype
WARNING: untranslated string: hardware support
+WARNING: untranslated string: imei
+WARNING: untranslated string: imsi
WARNING: untranslated string: incoming firewall access
WARNING: untranslated string: incoming traffic in bytes per second
WARNING: untranslated string: integrity
WARNING: untranslated string: maximum
WARNING: untranslated string: minimum
WARNING: untranslated string: minute
+WARNING: untranslated string: model
+WARNING: untranslated string: modem hardware details
+WARNING: untranslated string: modem information
+WARNING: untranslated string: modem network bit error rate
+WARNING: untranslated string: modem network information
+WARNING: untranslated string: modem network mode
+WARNING: untranslated string: modem network operator
+WARNING: untranslated string: modem network registration
+WARNING: untranslated string: modem network signal quality
+WARNING: untranslated string: modem no connection
+WARNING: untranslated string: modem no connection message
+WARNING: untranslated string: modem sim information
+WARNING: untranslated string: modem status
+WARNING: untranslated string: monitor interface
WARNING: untranslated string: most preferred
WARNING: untranslated string: no hardware random number generator
+WARNING: untranslated string: not a valid dh key
WARNING: untranslated string: notice
WARNING: untranslated string: openvpn default
WARNING: untranslated string: openvpn destination port used
WARNING: untranslated string: other
WARNING: untranslated string: outgoing firewall access
WARNING: untranslated string: outgoing traffic in bytes per second
+WARNING: untranslated string: ovpn crypt options
+WARNING: untranslated string: ovpn dh
+WARNING: untranslated string: ovpn dh name
+WARNING: untranslated string: ovpn generating the root and host certificates
+WARNING: untranslated string: ovpn ha
+WARNING: untranslated string: ovpn hmac
WARNING: untranslated string: ovpn mgmt in root range
WARNING: untranslated string: ovpn mtu-disc
WARNING: untranslated string: ovpn mtu-disc and mtu not 1500
WARNING: untranslated string: routing config changed
WARNING: untranslated string: routing table
WARNING: untranslated string: server restart
+WARNING: untranslated string: show dh
WARNING: untranslated string: snat new source ip address
+WARNING: untranslated string: software version
+WARNING: untranslated string: source ip country
WARNING: untranslated string: ssh
WARNING: untranslated string: static routes
WARNING: untranslated string: support donation
WARNING: untranslated string: tor traffic read written
WARNING: untranslated string: tor use exit nodes
WARNING: untranslated string: uplink
+WARNING: untranslated string: upload dh key
WARNING: untranslated string: uptime load average
WARNING: untranslated string: urlfilter redirect template
+WARNING: untranslated string: vendor
WARNING: untranslated string: visit us at
WARNING: untranslated string: vpn keyexchange
WARNING: untranslated string: wlan client
WARNING: translation string unused: optionsfw warning
WARNING: translation string unused: or
WARNING: translation string unused: original
-WARNING: translation string unused: other countries
WARNING: translation string unused: our donors
WARNING: translation string unused: out
WARNING: translation string unused: outgoing firewall
WARNING: translation string unused: outgoing firewall view group
WARNING: translation string unused: outgoing firewall warning
WARNING: translation string unused: override mtu
-WARNING: translation string unused: ovpn
WARNING: translation string unused: ovpn config
WARNING: translation string unused: ovpn dl
WARNING: translation string unused: ovpn log
WARNING: translation string unused: use ibod
WARNING: translation string unused: view log
WARNING: translation string unused: vpn aggrmode
+WARNING: translation string unused: vpn configuration main
WARNING: translation string unused: vpn incompatible use of defaultroute
WARNING: translation string unused: vpn mtu invalid
WARNING: translation string unused: vpn on blue
WARNING: translation string unused: xtaccess bad transfert
WARNING: translation string unused: year-graph
WARNING: translation string unused: yearly firewallhits
+WARNING: untranslated string: Number of Countries for the pie chart
WARNING: untranslated string: Scan for Songs
WARNING: untranslated string: bytes
+WARNING: untranslated string: capabilities
+WARNING: untranslated string: dh
+WARNING: untranslated string: dh key warn
+WARNING: untranslated string: dh name is invalid
+WARNING: untranslated string: firewall logs country
WARNING: untranslated string: fwhost err hostip
+WARNING: untranslated string: gen dh
+WARNING: untranslated string: generate dh key
+WARNING: untranslated string: imei
+WARNING: untranslated string: imsi
+WARNING: untranslated string: model
+WARNING: untranslated string: modem hardware details
+WARNING: untranslated string: modem information
+WARNING: untranslated string: modem network bit error rate
+WARNING: untranslated string: modem network information
+WARNING: untranslated string: modem network mode
+WARNING: untranslated string: modem network operator
+WARNING: untranslated string: modem network registration
+WARNING: untranslated string: modem network signal quality
+WARNING: untranslated string: modem no connection
+WARNING: untranslated string: modem no connection message
+WARNING: untranslated string: modem sim information
+WARNING: untranslated string: modem status
+WARNING: untranslated string: monitor interface
+WARNING: untranslated string: not a valid dh key
+WARNING: untranslated string: ovpn crypt options
+WARNING: untranslated string: ovpn dh
+WARNING: untranslated string: ovpn dh name
+WARNING: untranslated string: ovpn generating the root and host certificates
+WARNING: untranslated string: ovpn ha
+WARNING: untranslated string: ovpn hmac
WARNING: untranslated string: route config changed
WARNING: untranslated string: routing config added
WARNING: untranslated string: routing config changed
WARNING: untranslated string: routing table
+WARNING: untranslated string: show dh
+WARNING: untranslated string: software version
+WARNING: untranslated string: source ip country
+WARNING: untranslated string: upload dh key
+WARNING: untranslated string: vendor
< atm device
< attention
< bit
+< capabilities
< ccd add
< ccd choose net
< ccd clientip
< default ip
< deprecated fs warn
< details
+< dh
+< dh key warn
+< dh name is invalid
< dnat address
< dns address deleted txt
< dnsforward
< fw settings dropdown
< fw settings remark
< fw settings ruletable
+< gen dh
+< generate dh key
< grouptype
< hardware support
+< imei
+< imsi
< incoming firewall access
< integrity
< invalid input for dpd delay
< MB written
< minimum
< minute
+< model
+< modem hardware details
+< modem information
+< modem network bit error rate
+< modem network information
+< modem network mode
+< modem network operator
+< modem network registration
+< modem network signal quality
+< modem no connection
+< modem no connection message
+< modem sim information
+< modem status
< most preferred
< no hardware random number generator
+< not a valid dh key
< notice
< ntp common settings
< ntp sync
< other
< our donors
< outgoing firewall access
+< ovpn crypt options
+< ovpn dh
+< ovpn dh name
+< ovpn generating the root and host certificates
+< ovpn ha
+< ovpn hmac
< ovpn mgmt in root range
< ovpn mtu-disc
< ovpn mtu-disc and mtu not 1500
< random number generator daemon
< red1
< server restart
+< show dh
< snat new source ip address
< snort working
+< software version
< ssh
< static routes
< support donation
< updxlrtr sources
< updxlrtr standard view
< uplink
+< upload dh key
< upload new ruleset
< uptime
< uptime load average
< urlfilter file ext block
< urlfilter mode block
< urlfilter redirect template
+< vendor
< visit us at
< vpn keyexchange
< wlanap access point
< atm device
< attention
< bit
+< capabilities
< ccd add
< ccd choose net
< ccd clientip
< default ip
< deprecated fs warn
< details
+< dh
+< dh key warn
+< dh name is invalid
< dnat address
< dnsforward
< dnsforward add a new entry
< fw settings dropdown
< fw settings remark
< fw settings ruletable
+< gen dh
+< generate dh key
< grouptype
< hardware support
+< imei
+< imsi
< incoming firewall access
< integrity
< invalid input for dpd delay
< MB written
< minimum
< minute
+< model
+< modem hardware details
+< modem information
+< modem network bit error rate
+< modem network information
+< modem network mode
+< modem network operator
+< modem network registration
+< modem network signal quality
+< modem no connection
+< modem no connection message
+< modem sim information
+< modem status
< most preferred
< no hardware random number generator
+< not a valid dh key
< notice
< openvpn default
< openvpn destination port used
< outgoing firewall p2p description 2
< outgoing firewall p2p description 3
< outgoing firewall view group
+< ovpn crypt options
+< ovpn dh
+< ovpn dh name
< ovpn errmsg green already pushed
< ovpn errmsg invalid ip or mask
+< ovpn generating the root and host certificates
+< ovpn ha
+< ovpn hmac
< ovpn mgmt in root range
< ovpn mtu-disc
< ovpn mtu-disc and mtu not 1500
< red1
< server restart
< Set time on boot
+< show dh
< snat new source ip address
+< software version
< ssh
< static routes
< support donation
< updxlrtr sources
< updxlrtr standard view
< uplink
+< upload dh key
< uptime
< uptime load average
< urlfilter redirect template
+< vendor
< visit us at
< vpn keyexchange
< wlanap country
< atm device
< attention
< bit
+< capabilities
< ccd add
< ccd choose net
< ccd clientip
< default ip
< deprecated fs warn
< details
+< dh
+< dh key warn
+< dh name is invalid
< dnat address
< dnsforward
< dnsforward add a new entry
< fw settings dropdown
< fw settings remark
< fw settings ruletable
+< gen dh
+< generate dh key
< grouptype
< hardware support
+< imei
+< imsi
< incoming firewall access
< integrity
< invalid input for dpd delay
< MB written
< minimum
< minute
+< model
+< modem hardware details
+< modem information
+< modem network bit error rate
+< modem network information
+< modem network mode
+< modem network operator
+< modem network registration
+< modem network signal quality
+< modem no connection
+< modem no connection message
+< modem sim information
+< modem status
< most preferred
< no hardware random number generator
+< not a valid dh key
< notice
< openvpn default
< openvpn destination port used
< other
< our donors
< outgoing firewall access
+< ovpn crypt options
+< ovpn dh
+< ovpn dh name
< ovpn errmsg green already pushed
< ovpn errmsg invalid ip or mask
+< ovpn generating the root and host certificates
+< ovpn ha
+< ovpn hmac
< ovpn mgmt in root range
< ovpn mtu-disc
< ovpn mtu-disc and mtu not 1500
< random number generator daemon
< red1
< server restart
+< show dh
< snat new source ip address
+< software version
< ssh
< static routes
< support donation
< updxlrtr sources
< updxlrtr standard view
< uplink
+< upload dh key
< uptime
< uptime load average
< urlfilter redirect template
+< vendor
< visit us at
< vpn keyexchange
< wlanap country
< atm device
< attention
< bit
+< capabilities
< ccd add
< ccd choose net
< ccd clientip
< default ip
< deprecated fs warn
< details
+< dh
+< dh key warn
+< dh name is invalid
< disk access per
< dnat address
< dnsforward
< fw settings dropdown
< fw settings remark
< fw settings ruletable
+< gen dh
+< generate dh key
< grouptype
< hardware support
< hour-graph
+< imei
+< imsi
< incoming firewall access
< incoming traffic in bytes per second
< integrity
< MB written
< minimum
< minute
+< model
+< modem hardware details
+< modem information
+< modem network bit error rate
+< modem network information
+< modem network mode
+< modem network operator
+< modem network registration
+< modem network signal quality
+< modem no connection
+< modem no connection message
+< modem sim information
+< modem status
< month-graph
< most preferred
< no hardware random number generator
+< not a valid dh key
< notice
< openvpn default
< openvpn destination port used
< our donors
< outgoing firewall access
< outgoing traffic in bytes per second
+< ovpn crypt options
+< ovpn dh
+< ovpn dh name
+< ovpn generating the root and host certificates
+< ovpn ha
+< ovpn hmac
< ovpn mgmt in root range
< ovpn mtu-disc
< ovpn mtu-disc and mtu not 1500
< random number generator daemon
< red1
< server restart
+< show dh
< snat new source ip address
+< software version
< ssh
< static routes
< support donation
< updxlrtr sources
< updxlrtr standard view
< uplink
+< upload dh key
< uptime
< uptime load average
< urlfilter redirect template
+< vendor
< visit us at
< vpn keyexchange
< week-graph
--- /dev/null
+#!/usr/bin/perl
+#
+# SmoothWall CGIs
+#
+# This code is distributed under the terms of the GPL
+#
+# JC HERITIER
+# page inspired from the initial firewalllog.dat
+#
+# Modified for IPFire by Christian Schmidt
+# and Michael Tremer (www.ipfire.org)
+
+use strict;
+use Geo::IP::PurePerl;
+use Getopt::Std;
+
+# enable only the following on debugging purpose
+#use warnings;
+#use CGI::Carp 'fatalsToBrowser';
+
+require '/var/ipfire/general-functions.pl';
+require "${General::swroot}/lang.pl";
+require "${General::swroot}/header.pl";
+
+use POSIX();
+
+my %cgiparams=();
+my %settings=();
+my $pienumber;
+my $otherspie;
+my $showpie;
+my $sortcolumn;
+my $errormessage = '';
+
+$cgiparams{'pienumber'} = 10;
+$cgiparams{'otherspie'} = 1;
+$cgiparams{'showpie'} = 1;
+$cgiparams{'sortcolumn'} = 1;
+
+my @shortmonths = ( 'Jan', 'Feb', 'Mar', 'Apr', 'May', 'Jun', 'Jul', 'Aug',
+ 'Sep', 'Oct', 'Nov', 'Dec' );
+my @longmonths = ( $Lang::tr{'january'}, $Lang::tr{'february'}, $Lang::tr{'march'},
+ $Lang::tr{'april'}, $Lang::tr{'may'}, $Lang::tr{'june'}, $Lang::tr{'july'}, $Lang::tr{'august'},
+ $Lang::tr{'september'}, $Lang::tr{'october'}, $Lang::tr{'november'},
+ $Lang::tr{'december'} );
+
+my @now = localtime();
+my $dow = $now[6];
+my $doy = $now[7];
+my $tdoy = $now[7];
+my $year = $now[5]+1900;
+
+$cgiparams{'DAY'} = $now[3];
+$cgiparams{'MONTH'} = $now[4];
+$cgiparams{'ACTION'} = '';
+
+&General::readhash("${General::swroot}/fwlogs/ipsettings", \%settings);
+if ($settings{'pienumber'} != 0) { $cgiparams{'pienumber'} = $settings{'pienumber'} };
+if ($settings{'otherspie'} != 0) { $cgiparams{'otherspie'} = $settings{'otherspie'} };
+if ($settings{'showpie'} != 0) { $cgiparams{'showpie'} = $settings{'showpie'} };
+if ($settings{'sortcolumn'} != 0) { $cgiparams{'sortcolumn'} = $settings{'sortcolumn'} };
+
+&Header::getcgihash(\%cgiparams);
+if ($cgiparams{'pienumber'} != 0) { $settings{'pienumber'} = $cgiparams{'pienumber'} };
+if ($cgiparams{'otherspie'} != 0) { $settings{'otherspie'} = $cgiparams{'otherspie'} };
+if ($cgiparams{'showpie'} != 0) { $settings{'showpie'} = $cgiparams{'showpie'} };
+if ($cgiparams{'sortcolumn'} != 0) { $settings{'sortcolumn'} = $cgiparams{'sortcolumn'} };
+
+if ($cgiparams{'ACTION'} eq $Lang::tr{'save'})
+{
+ &General::writehash("${General::swroot}/fwlogs/ipsettings", \%settings);
+}
+
+my $start = -1;
+if ($ENV{'QUERY_STRING'} && $cgiparams{'ACTION'} ne $Lang::tr{'update'})
+{
+ my @temp = split(',',$ENV{'QUERY_STRING'});
+ $start = $temp[0];
+ $cgiparams{'MONTH'} = $temp[1];
+ $cgiparams{'DAY'} = $temp[2];
+}
+
+if (!($cgiparams{'MONTH'} =~ /^(0|1|2|3|4|5|6|7|8|9|10|11)$/) ||
+ !($cgiparams{'DAY'} =~ /^(1|2|3|4|5|6|7|8|9|10|11|12|13|14|15|16|17|18|19|20|21|22|23|24|25|26|27|28|29|30|31)$/))
+{
+ $cgiparams{'DAY'} = $now[3];
+ $cgiparams{'MONTH'} = $now[4];
+}
+elsif($cgiparams{'ACTION'} eq '>>')
+{
+ my @temp_then=();
+ my @temp_now = localtime(time);
+ $temp_now[4] = $cgiparams{'MONTH'};
+ $temp_now[3] = $cgiparams{'DAY'};
+ @temp_then = localtime(POSIX::mktime(@temp_now) + 86400);
+ ## Retrieve the same time on the next day -
+ ## 86400 seconds in a day
+ $cgiparams{'MONTH'} = $temp_then[4];
+ $cgiparams{'DAY'} = $temp_then[3];
+}
+elsif($cgiparams{'ACTION'} eq '<<')
+{
+ my @temp_then=();
+ my @temp_now = localtime(time);
+ $temp_now[4] = $cgiparams{'MONTH'};
+ $temp_now[3] = $cgiparams{'DAY'};
+ @temp_then = localtime(POSIX::mktime(@temp_now) - 86400);
+ ## Retrieve the same time on the previous day -
+ ## 86400 seconds in a day
+ $cgiparams{'MONTH'} = $temp_then[4];
+ $cgiparams{'DAY'} = $temp_then[3];
+}
+
+if (($cgiparams{'DAY'} ne $now[3]) || ($cgiparams{'MONTH'} ne $now[4]))
+{
+ my @then = ();
+ if ( ( $cgiparams{'MONTH'} eq $now[4]) && ($cgiparams{'DAY'} > $now[3]) ||
+ ( $cgiparams{'MONTH'} > $now[4] ) ) {
+ @then = localtime(POSIX::mktime( 0, 0, 0, $cgiparams{'DAY'}, $cgiparams{'MONTH'}, $year - 1901 ));
+ } else {
+ @then = localtime(POSIX::mktime( 0, 0, 0, $cgiparams{'DAY'}, $cgiparams{'MONTH'}, $year - 1900 ));
+ }
+ $tdoy = $then[7];
+ my $lastleap=($year-1)%4;
+ if ($tdoy>$doy) {
+ if ($lastleap == 0 && $tdoy < 60) {
+ $doy=$tdoy+366;
+ } else {
+ $doy=$doy+365;
+ }
+ }
+}
+
+my $datediff=0;
+my $dowd=0;
+my $multifile=0;
+if ($tdoy ne $doy) {
+ $datediff=int(($doy-$tdoy)/7);
+ $dowd=($doy-$tdoy)%7;
+ if (($dow-$dowd)<1) {
+ $datediff=$datediff+1;
+ }
+ if (($dow-$dowd)==0) {
+ $multifile=1;
+ }
+}
+
+my $monthstr = $shortmonths[$cgiparams{'MONTH'}];
+my $longmonthstr = $longmonths[$cgiparams{'MONTH'}];
+my $day = $cgiparams{'DAY'};
+my $daystr='';
+if ($day <= 9) {
+ $daystr = " $day"; }
+else {
+ $daystr = $day;
+}
+
+my $skip=0;
+my $filestr='';
+if ($datediff==0) {
+ $filestr="/var/log/messages";
+} else {
+ $filestr="/var/log/messages.$datediff";
+ $filestr = "$filestr.gz" if -f "$filestr.gz";
+}
+
+if (!(open (FILE,($filestr =~ /.gz$/ ? "gzip -dc $filestr |" : $filestr)))) {
+ $errormessage = "$Lang::tr{'date not in logs'}: $filestr $Lang::tr{'could not be opened'}";
+ $skip=1;
+ # Note: This is in case the log does not exist for that date
+}
+my $lines = 0;
+my @log=();
+
+if (!$skip)
+{
+ while (<FILE>)
+ {
+ if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=.*)$/) {
+ $log[$lines] = $_;
+ $lines++;
+ }
+ }
+ close (FILE);
+}
+
+$skip=0;
+if ($multifile) {
+ $datediff=$datediff-1;
+ if ($datediff==0) {
+ $filestr="/var/log/messages";
+ } else {
+ $filestr="/var/log/messages.$datediff";
+ $filestr = "$filestr.gz" if -f "$filestr.gz";
+ }
+ if (!(open (FILE,($filestr =~ /.gz$/ ? "gzip -dc $filestr |" : $filestr)))) {
+ $errormessage="$Lang::tr{'date not in logs'}: $filestr $Lang::tr{'could not be opened'}";
+ $skip=1;
+ }
+ if (!$skip) {
+ while (<FILE>) {
+ if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=.*)$/) {
+ $log[$lines] = $_;
+ $lines++;
+ }
+ }
+ close (FILE);
+ }
+}
+
+my $MODNAME="fwlogs";
+
+&Header::showhttpheaders();
+&Header::openpage($Lang::tr{'firewall log'}, 1, '');
+&Header::openbigbox('100%', 'left', '', $errormessage);
+
+
+if ($errormessage) {
+ &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
+ print "<font class='base'>$errormessage </font>\n";
+ &Header::closebox();
+}
+
+&Header::openbox('100%', 'left', "$Lang::tr{'settings'}");
+
+print <<END
+<form method='post' action='$ENV{'SCRIPT_NAME'}'>
+<table width='100%'>
+<tr>
+ <td width='10%' class='base'>$Lang::tr{'month'}: </td>
+ <td width='10%'>
+ <select name='MONTH'>
+END
+;
+my $month;
+for ($month = 0; $month < 12; $month++)
+{
+ print "\t<option ";
+ if ($month == $cgiparams{'MONTH'}) {
+ print "selected='selected' "; }
+ print "value='$month'>$longmonths[$month]</option>\n";
+}
+print <<END
+ </select>
+ </td>
+ <td width='10%' class='base' align='right'> $Lang::tr{'day'}: </td>
+ <td width='40%'>
+ <select name='DAY'>
+END
+;
+for ($day = 1; $day <= 31; $day++)
+{
+ print "\t<option ";
+ if ($day == $cgiparams{'DAY'}) {
+ print "selected='selected' "; }
+ print "value='$day'>$day</option>\n";
+}
+
+if( $cgiparams{'pienumber'} != 0){$pienumber=$cgiparams{'pienumber'};}
+if( $cgiparams{'otherspie'} != 0){$otherspie=$cgiparams{'otherspie'};}
+if( $cgiparams{'showpie'} != 0){$showpie=$cgiparams{'showpie'};}
+if( $cgiparams{'sortcolumn'} != 0){$sortcolumn=$cgiparams{'sortcolumn'};}
+
+print <<END
+</select>
+</td>
+<td width='5%' align='center'><input type='submit' name='ACTION' title='$Lang::tr{'day before'}' value='<<' /></td>
+<td width='5%' align='center'><input type='submit' name='ACTION' title='$Lang::tr{'day after'}' value='>>' /></td>
+<td width='20%' align='right'><input type='submit' name='ACTION' value='$Lang::tr{'update'}' /></td>
+</tr>
+<tr>
+ <td colspan='3' align='left' valign="left">$Lang::tr{'Number of Countries for the pie chart'}:</td>
+ <td colspan='3' align='left' valign="center"><input type='text' name='pienumber' value='$pienumber' size='4'></td>
+ <td align='right'><input type='submit' name='ACTION' value='$Lang::tr{'save'}' /></td>
+</tr>
+</table>
+</form>
+END
+;
+
+&Header::closebox();
+
+&Header::openbox('100%', 'left', 'Firewall Logs');
+print "<p><b>$Lang::tr{'firewall hits'} $longmonthstr $daystr: $lines</b></p>";
+
+my $linesjc = 0;
+my %tabjc;
+my $gi = Geo::IP::PurePerl->new();
+
+if ($pienumber == -1 || $pienumber > $lines || $sortcolumn == 2) { $pienumber = $lines; };
+$lines = 0;
+foreach $_ (@log)
+{
+ /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/;
+ my $packet = $4;
+ $packet =~ /IN=(\w+)/; my $iface=$1; if ( $1 =~ /2./ ){ $iface="";}
+ $packet =~ /SRC=([\d\.]+)/; my $srcaddr=$1;
+
+ if($iface eq 'red0') {
+ if($srcaddr ne '') {
+ my $ccode = $gi->country_code_by_name($srcaddr);
+ if( $ccode eq '') {
+ $ccode = 'unknown';
+ }
+ $tabjc{$ccode} = $tabjc{$ccode} + 1 ;
+ if(($tabjc{$ccode} == 1) && ($lines < $pienumber)) { $lines = $lines + 1; }
+ $linesjc++;
+ }
+ }
+ else {
+ if($iface ne '') {
+ $tabjc{$iface} = $tabjc{$iface} + 1 ;
+ if(($tabjc{$iface} == 1) && ($lines < $pienumber)) { $lines = $lines + 1; }
+ $linesjc++;
+ }
+ }
+}
+
+$pienumber = $lines;
+
+my @keytabjc = keys %tabjc;
+
+my @slice;
+my $go;
+my $nblinejc;
+
+if( $cgiparams{'linejc'} eq 'all' ){ $nblinejc = $linesjc; $go=1; }
+if( ($cgiparams{'linejc'} != 0) && ($cgiparams{'linejc'} ne 'all') ){ $nblinejc = $cgiparams{'linejc'}; $go=1;}
+if( $go != 1){ $nblinejc = 1000; }
+
+my @key;
+my @value;
+my $indice=0;
+my @tabjc2;
+
+if ($sortcolumn == 1)
+{
+ @tabjc2 = sort { $b <=> $a } values (%tabjc);
+}
+else
+{
+ @tabjc2 = sort { $a <=> $b } keys (%tabjc);
+}
+
+my $colour=1;
+
+##############################################
+#pie chart generation
+use GD::Graph::pie;
+use GD::Graph::colour;
+#ips sort by hits number
+my $v;
+
+if ($sortcolumn == 1)
+{
+ for ($v=0;$v<$pienumber;$v++){
+ findkey($tabjc2[$v]);
+ }
+}
+else
+{
+ foreach $v (@tabjc2) {
+ $key[$indice] = $v;
+ $value[$indice] = $tabjc{$v};
+ $indice++;
+ }
+}
+
+my @ips;
+my @numb;
+
+@ips = @key;
+@numb = @value;
+
+my $o;
+
+if($cgiparams{'otherspie'} == 2 ){}
+else{
+ my $numothers;
+ for($o=0;$o<$pienumber;$o++){
+ $numothers = $numothers + $numb[$o];
+ }
+ $numothers = $linesjc - $numothers;
+ if ($numothers > 0) {
+ $ips[$pienumber]="$Lang::tr{'otherip'}";
+ $numb[$pienumber] = $numothers;
+ }
+}
+
+my @data = (\@ips,\@numb);
+use GD::Graph::colour qw( :files );
+
+my $color=0;
+my %color = ();
+my %mainsettings = ();
+&General::readhash("${General::swroot}/main/settings", \%mainsettings);
+&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
+
+if ($showpie != 2 && $pienumber <= 50 && $pienumber != 0) {
+ my $mygraph = GD::Graph::pie->new(500, 350);
+ $mygraph->set(
+ 'title' => '',
+ 'pie_height' => 50,
+ 'start_angle' => 89
+ ) or warn $mygraph->error;
+
+ $mygraph->set_value_font(GD::gdMediumBoldFont);
+ $mygraph->set( dclrs => [ "$color{'color1'}" , "$color{'color2'}" , "$color{'color3'}" , "$color{'color4'}" , "$color{'color5'}" , "$color{'color6'}" , "$color{'color7'}" , "$color{'color8'}" , "$color{'color9'}" , "$color{'color10'}" ] );
+ my $myimage = $mygraph->plot(\@data) or die $mygraph->error;
+
+ my @filenames = glob("/srv/web/ipfire/html/graphs/fwlog-country*.png");
+ unlink(@filenames);
+ my $imagerandom = rand(1000000);
+ my $imagename = "/srv/web/ipfire/html/graphs/fwlog-country$imagerandom.png";
+ open(FILE,">$imagename");
+ print FILE $myimage->png;
+ close(FILE);
+ #####################################################
+ print "<div style='text-align:center;'>";
+ print "<img src='/graphs/fwlog-country$imagerandom.png'>";
+ print "</div>";
+}
+
+print <<END
+<table width='100%' class='tbl'>
+<tr>
+<th width='10%' align='center' class='boldbase'></th>
+<th width='30%' align='center' class='boldbase'><b>$Lang::tr{'country'}</b></th>
+<th width='30%' align='center' class='boldbase'><b>Count</b></th>
+<th width='30%' align='center' class='boldbase'><b>$Lang::tr{'percentage'}</b></th>
+</tr>
+END
+;
+
+my $total=0;
+my $show=0;
+
+my $s;
+my $percent;
+my $col="";
+
+for($s=0;$s<$lines;$s++)
+{
+ $show++;
+ $percent = $value[$s] * 100 / $linesjc;
+ $percent = sprintf("%.f", $percent);
+ $total = $total + $value[$s];
+ my $colorIndex = $color % 10;
+ if($colorIndex == 0) {
+ $colorIndex = 10;
+ }
+ $col="bgcolor='$color{\"color$colorIndex\"}'";
+ $color++;
+ print "<tr>";
+
+ print "<td align='center' $col><form method='post' action='showrequestfromcountry.dat'><input type='hidden' name='MONTH' value='$cgiparams{'MONTH'}'> <input type='hidden' name='DAY' value='$cgiparams{'DAY'}'> <input type='hidden' name='country' value='$key[$s]'> <input type='submit' value='details'></form></td>";
+ if($key[$s] eq 'blue0' || $key[$s] eq 'green0' || $key[$s] eq 'orange0') {
+ print "<td align='center' $col>$key[$s]</td>";
+ }
+ else {
+ if($key[$s] ne 'unknown' ) {
+ my $fcode = lc($key[$s]);
+ print "<td align='center' $col><a href='/cgi-bin/country.cgi#$fcode'><img src='/images/flags/$fcode.png' border='0' align='absmiddle' alt='$key[$s]' title='$key[$s]'></a></td>";}
+ else {
+ print "<td align='center' $col>$key[$s]</td>";
+ }
+ }
+ print "<td align='center' $col>$value[$s]</td>";
+ print "<td align='center' $col>$percent</td>";
+ print "</tr>";
+}
+
+if($cgiparams{'otherspie'} == 2 ){}
+else{
+ my $colorIndex = $color % 10;
+ if($colorIndex == 0) {
+ $colorIndex = 10;
+ }
+ $col="bgcolor='$color{\"color$colorIndex\"}'";
+ print "<tr>";
+
+if ( $linesjc ne "0")
+{
+my $dif;
+$dif = $linesjc - $total;
+$percent = $dif * 100 / $linesjc;
+$percent = sprintf("%.f", $percent);
+print <<END
+<td align='center' $col></TD>
+<td align='center' $col>$Lang::tr{'other countries'}</td>
+<td align='center' $col>$dif</TD>
+<td align='center' $col>$percent</TD>
+</tr>
+END
+;
+}
+}
+print <<END
+</TABLE>
+END
+;
+
+&Header::closebox();
+&Header::closebigbox();
+&Header::closepage();
+
+sub findkey {
+ my $v;
+ foreach $v (@keytabjc) {
+ if ($tabjc{$v} eq $_[0]) {
+ delete $tabjc{$v};
+ $key[$indice] = "$v";
+ $value[$indice] = $_[0];
+ $indice++;
+ last;
+ }
+ }
+}
+sub checkversion {
+ #Automatic Updates is disabled
+ return "0","0";
+}
+
--- /dev/null
+#!/usr/bin/perl
+# SmoothWall CGIs
+#
+# This code is distributed under the terms of the GPL
+#
+# JC HERITIER
+# page inspired from the initial firewalllog.dat
+#
+# Modified for IPFire by Christian Schmidt (www.ipfire.org)
+
+# enable only the following on debugging purpose
+#use warnings;
+#use CGI::Carp 'fatalsToBrowser';
+
+#use strict;
+use Geo::IP::PurePerl;
+
+require '/var/ipfire/general-functions.pl';
+require "${General::swroot}/lang.pl";
+require "${General::swroot}/header.pl";
+
+use POSIX();
+
+#workaround to suppress a warning when a variable is used only once
+my @dummy = ( ${Header::table2colour} );
+undef (@dummy);
+
+my %cgiparams=();
+my %logsettings=();
+my $errormessage = '';
+
+my @shortmonths = ( 'Jan', 'Feb', 'Mar', 'Apr', 'May', 'Jun', 'Jul', 'Aug',
+ 'Sep', 'Oct', 'Nov', 'Dec' );
+my @longmonths = ( $Lang::tr{'january'}, $Lang::tr{'february'}, $Lang::tr{'march'},
+ $Lang::tr{'april'}, $Lang::tr{'may'}, $Lang::tr{'june'}, $Lang::tr{'july'}, $Lang::tr{'august'},
+ $Lang::tr{'september'}, $Lang::tr{'october'}, $Lang::tr{'november'},
+ $Lang::tr{'december'} );
+
+my @now = localtime();
+my $dow = $now[6];
+my $doy = $now[7];
+my $tdoy = $now[7];
+my $year = $now[5]+1900;
+
+$cgiparams{'DAY'} = $now[3];
+$cgiparams{'MONTH'} = $now[4];
+$cgiparams{'ACTION'} = '';
+
+&Header::getcgihash(\%cgiparams);
+
+$logsettings{'LOGVIEW_REVERSE'} = 'off';
+&General::readhash("${General::swroot}/logging/settings", \%logsettings);
+
+my $start = -1;
+if ($ENV{'QUERY_STRING'} && $cgiparams{'ACTION'} ne $Lang::tr{'update'})
+{
+ my @temp = split(',',$ENV{'QUERY_STRING'});
+ $start = $temp[0];
+ $cgiparams{'MONTH'} = $temp[1];
+ $cgiparams{'DAY'} = $temp[2];
+ $cgiparams{country} = $temp[3];
+}
+
+if (!($cgiparams{'MONTH'} =~ /^(0|1|2|3|4|5|6|7|8|9|10|11)$/) ||
+ !($cgiparams{'DAY'} =~ /^(1|2|3|4|5|6|7|8|9|10|11|12|13|14|15|16|17|18|19|20|21|22|23|24|25|26|27|28|29|30|31)$/))
+{
+ $cgiparams{'DAY'} = $now[3];
+ $cgiparams{'MONTH'} = $now[4];
+}
+elsif($cgiparams{'ACTION'} eq '>>')
+{
+ my @temp_then=();
+ my @temp_now = localtime(time);
+ $temp_now[4] = $cgiparams{'MONTH'};
+ $temp_now[3] = $cgiparams{'DAY'};
+ @temp_then = localtime(POSIX::mktime(@temp_now) + 86400);
+ ## Retrieve the same time on the next day -
+ ## 86400 seconds in a day
+ $cgiparams{'MONTH'} = $temp_then[4];
+ $cgiparams{'DAY'} = $temp_then[3];
+}
+elsif($cgiparams{'ACTION'} eq '<<')
+{
+ my @temp_then=();
+ my @temp_now = localtime(time);
+ $temp_now[4] = $cgiparams{'MONTH'};
+ $temp_now[3] = $cgiparams{'DAY'};
+ @temp_then = localtime(POSIX::mktime(@temp_now) - 86400);
+ ## Retrieve the same time on the previous day -
+ ## 86400 seconds in a day
+ $cgiparams{'MONTH'} = $temp_then[4];
+ $cgiparams{'DAY'} = $temp_then[3];
+}
+
+if (($cgiparams{'DAY'} ne $now[3]) || ($cgiparams{'MONTH'} ne $now[4]))
+{
+ my @then = ();
+ if ( ( $cgiparams{'MONTH'} eq $now[4]) && ($cgiparams{'DAY'} > $now[3]) ||
+ ( $cgiparams{'MONTH'} > $now[4] ) ) {
+ @then = localtime(POSIX::mktime( 0, 0, 0, $cgiparams{'DAY'}, $cgiparams{'MONTH'}, $year - 1901 ));
+ } else {
+ @then = localtime(POSIX::mktime( 0, 0, 0, $cgiparams{'DAY'}, $cgiparams{'MONTH'}, $year - 1900 ));
+ }
+ $tdoy = $then[7];
+ my $lastleap=($year-1)%4;
+ if ($tdoy>$doy) {
+ if ($lastleap == 0 && $tdoy < 60) {
+ $doy=$tdoy+366;
+ } else {
+ $doy=$doy+365;
+ }
+ }
+}
+my $datediff=0;
+my $dowd=0;
+my $multifile=0;
+if ($tdoy ne $doy) {
+ $datediff=int(($doy-$tdoy)/7);
+ $dowd=($doy-$tdoy)%7;
+ if (($dow-$dowd)<1) {
+ $datediff=$datediff+1;
+ }
+ if (($dow-$dowd)==0) {
+ $multifile=1;
+ }
+}
+
+my $monthstr = $shortmonths[$cgiparams{'MONTH'}];
+my $longmonthstr = $longmonths[$cgiparams{'MONTH'}];
+my $day = $cgiparams{'DAY'};
+my $daystr='';
+if ($day <= 9) {
+ $daystr = " $day"; }
+else {
+ $daystr = $day;
+}
+
+my $skip=0;
+my $filestr='';
+if ($datediff==0) {
+ $filestr="/var/log/messages";
+} else {
+ $filestr="/var/log/messages.$datediff";
+ $filestr = "$filestr.gz" if -f "$filestr.gz";
+}
+
+if (!(open (FILE,($filestr =~ /.gz$/ ? "gzip -dc $filestr |" : $filestr)))) {
+ $errormessage = "$Lang::tr{'date not in logs'}: $filestr $Lang::tr{'could not be opened'}";
+ $skip=1;
+ # Note: This is in case the log does not exist for that date
+}
+my $lines = 0;
+my @log=();
+my $country = $cgiparams{country};
+my $gi = Geo::IP::PurePerl->new();
+
+if (!$skip)
+{
+ while (<FILE>)
+ {
+ if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=.*)$/) {
+ my $packet = $2;
+ $packet =~ /IN=(\w+)/; my $iface=$1; if ( $1 =~ /2./ ){ $iface="";}
+ $packet =~ /SRC=([\d\.]+)/; my $srcaddr=$1;
+
+ if($iface eq $country) {
+ $log[$lines] = $_;
+ $lines++;
+ }
+ elsif($srcaddr ne '') {
+ my $ccode = $gi->country_code_by_name($srcaddr);
+ if($ccode eq $country){
+ $log[$lines] = $_;
+ $lines++;
+ }
+ }
+ }
+ }
+ close (FILE);
+}
+
+$skip=0;
+if ($multifile) {
+ $datediff=$datediff-1;
+ if ($datediff==0) {
+ $filestr="/var/log/messages";
+ } else {
+ $filestr="/var/log/messages.$datediff";
+ $filestr = "$filestr.gz" if -f "$filestr.gz";
+ }
+ if (!(open (FILE,($filestr =~ /.gz$/ ? "gzip -dc $filestr |" : $filestr)))) {
+ $errormessage="$Lang::tr{'date not in logs'}: $filestr $Lang::tr{'could not be opened'}";
+ $skip=1;
+ }
+ if (!$skip) {
+ while (<FILE>) {
+ if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=.*)$/) {
+ if($_ =~ /SRC\=([\d\.]+)/){
+ my $srcaddr=$1;
+ my $ccode = $gi->country_code_by_name($srcaddr);
+ if($ccode eq $country){
+ $log[$lines] = $_;
+ $lines++;
+ }
+ }
+ }
+ }
+ close (FILE);
+ }
+}
+
+&Header::showhttpheaders();
+&Header::openpage($Lang::tr{'firewall log'}, 1, '');
+&Header::openbigbox('100%', 'left', '', $errormessage);
+
+if ($errormessage) {
+ &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
+ print "<font class='base'>$errormessage </font>\n";
+ &Header::closebox();
+}
+
+&Header::openbox('100%', 'left', "$Lang::tr{'settings'}:");
+
+print <<END
+<form method='post' action='$ENV{'SCRIPT_NAME'}'>
+<table width='100%'>
+<tr>
+ <td width='10%' class='base'>$Lang::tr{'month'}: </td>
+ <td width='10%'>
+ <select name='MONTH'>
+END
+;
+my $month;
+for ($month = 0; $month < 12; $month++)
+{
+ print "\t<option ";
+ if ($month == $cgiparams{'MONTH'}) {
+ print "selected='selected' "; }
+ print "value='$month'>$longmonths[$month]</option>\n";
+}
+print <<END
+ </select>
+ </td>
+ <td width='10%' class='base' align='right'> $Lang::tr{'day'}: </td>
+ <td width='40%'>
+ <select name='DAY'>
+END
+;
+for ($day = 1; $day <= 31; $day++)
+{
+ print "\t<option ";
+ if ($day == $cgiparams{'DAY'}) {
+ print "selected='selected' "; }
+ print "value='$day'>$day</option>\n";
+}
+print <<END
+</select>
+</td>
+<td width='5%' align='center'><input type='submit' name='ACTION' title='$Lang::tr{'day before'}' value='<<' /></td>
+<td width='5%' align='center'><input type='submit' name='ACTION' title='$Lang::tr{'day after'}' value='>>' /></td>
+<td width='10%' align='center'><input type='submit' name='ACTION' value='$Lang::tr{'update'}' /></td>
+<tr><td width='15%'>$Lang::tr{'source ip country'}</td><td><input type='text' name='country' value='$cgiparams{country}'size='15'></td></tr>
+</tr>
+</table>
+</form>
+END
+;
+
+&Header::closebox();
+
+&Header::openbox('100%', 'left', $Lang::tr{'firewall log'});
+print "<p><b>$Lang::tr{'firewall hits'} $longmonthstr $daystr: $lines</b></p>";
+
+if ($start == -1) {
+ $start = $lines - ${Header::viewsize}; }
+if ($start >= $lines - ${Header::viewsize}) { $start = $lines - ${Header::viewsize}; };
+if ($start < 0) { $start = 0; }
+
+my $prev = $start - ${Header::viewsize};
+my $next = $start + ${Header::viewsize};
+
+if ($prev < 0) { $prev = 0; }
+if ($next >= $lines) { $next = -1 }
+if ($start == 0) { $prev = -1; }
+
+if ($lines != 0) { &oldernewer(); }
+
+print <<END
+<table width='100%'>
+<tr>
+<td width='10%' align='center' class='boldbase'><b>$Lang::tr{'time'}</b></td>
+<td width='13%' align='center' class='boldbase'><b>$Lang::tr{'chain'}</b></td>
+<td width='5%' align='center' class='boldbase'><b>$Lang::tr{'iface'}</b></td>
+<td width='5%' align='center' class='boldbase'><b>$Lang::tr{'proto'}</b></td>
+<td width='16%' align='center' class='boldbase'><b>$Lang::tr{'source'}</b></td>
+<td width='10%' align='center' class='boldbase'><b>$Lang::tr{'src port'}</b></td>
+<td width='16%' align='center' class='boldbase'><b>$Lang::tr{'destination'}</b></td>
+<td width='16%' align='center' class='boldbase'><b>$Lang::tr{'dst port'}</b></td>
+</tr>
+END
+;
+
+my @slice = splice(@log, $start, ${Header::viewsize});
+
+if ($logsettings{'LOGVIEW_REVERSE'} eq 'on') { @slice = reverse @slice; }
+
+$lines = 0;
+foreach $_ (@slice)
+{
+ $a = $_;
+ /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/;
+ my $packet = $4;
+ $packet =~ /IN=(\w+)/; my $iface=$1; if ( $1 =~ /2./ ){ $iface="";}
+ $packet =~ /SRC=([\d\.]+)/; my $srcaddr=$1;
+
+ if($iface eq $country || $srcaddr ne '') {
+ my $ccode;
+ if($iface ne $country) {
+ $ccode = $gi->country_code_by_name($srcaddr);
+ }
+ if($iface eq $country || $ccode eq $country) {
+ my $chain = '';
+ my $in = '-'; my $out = '-';
+ my $srcaddr = ''; my $dstaddr = '';
+ my $protostr = '';
+ my $srcport = ''; my $dstport = '';
+
+ $_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/;
+ my $timestamp = $1; my $chain = $2; my $packet = $3;
+ $timestamp =~ /(...) (..) (..:..:..)/;
+ my $month = $1; my $day = $2; my $time = $3;
+
+ if ($a =~ /IN\=(\w+)/) { $iface = $1; }
+ if ($a =~ /OUT\=(\w+)/) { $out = $1; }
+ if ($a =~ /SRC\=([\d\.]+)/) { $srcaddr = $1; }
+ if ($a =~ /DST\=([\d\.]+)/) { $dstaddr = $1; }
+ if ($a =~ /PROTO\=(\w+)/) { $protostr = $1; }
+ my $protostrlc = lc($protostr);
+ if ($a =~ /SPT\=([\d\.]+)/){ $srcport = $1; }
+ if ($a =~ /DPT\=([\d\.]+)/){ $dstport = $1; }
+
+ if ($lines % 2) {
+ print "<tr bgcolor='${Header::table1colour}'>\n"; }
+ else {
+ print "<tr bgcolor='${Header::table2colour}'>\n"; }
+ print <<END
+ <td align='center'>$time</td>
+ <td align='center'>$chain</td>
+ <td align='center'>$iface</td>
+ <td align='center'>$protostr</td>
+ <td align='center'>
+ <table width='100%' cellpadding='0' cellspacing='0'><tr>
+ <td align='center'><a href='/cgi-bin/ipinfo.cgi?ip=$srcaddr'>$srcaddr</a></td>
+ </tr></table>
+ </td>
+ <td align='center'>$srcport</td>
+ <td align='center'>
+ <table width='100%' cellpadding='0' cellspacing='0'><tr>
+ <td align='center'><a href='/cgi-bin/ipinfo.cgi?ip=$dstaddr'>$dstaddr</a></td>
+ </tr></table>
+ </td>
+ <td align='center'>$dstport</td>
+ </tr>
+END
+ ;
+ $lines++;
+ }
+ }
+}
+
+print <<END
+</table>
+END
+;
+
+&oldernewer();
+
+&Header::closebox();
+
+&Header::closebigbox();
+
+&Header::closepage();
+
+sub oldernewer
+{
+ print <<END
+ <table width='100%'>
+ <tr>
+END
+;
+
+ print "<td align='center' width='50%'>";
+ if ($prev != -1) {
+ print "<a href='/cgi-bin/logs.cgi/showrequestfromcountry.dat?$prev,$cgiparams{'MONTH'},$cgiparams{'DAY'},$cgiparams{country}'>$Lang::tr{'older'}</a>"; }
+ else {
+ print "$Lang::tr{'older'}"; }
+ print "</td>\n";
+
+ print "<td align='center' width='50%'>";
+ if ($next != -1) {
+ print "<a href='/cgi-bin/logs.cgi/showrequestfromcountry.dat?$next,$cgiparams{'MONTH'},$cgiparams{'DAY'},$cgiparams{country}'>$Lang::tr{'newer'}</a>"; }
+ else {
+ print "$Lang::tr{'newer'}"; }
+ print "</td>\n";
+
+print <<END
+ </tr>
+ </table>
+END
+;
+}
+
--- /dev/null
+#!/usr/bin/perl
+###############################################################################
+# #
+# IPFire.org - A linux based firewall #
+# Copyright (C) 2008 Michael Tremer & Christian Schmidt #
+# #
+# This program is free software: you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation, either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# This program is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with this program. If not, see <http://www.gnu.org/licenses/>. #
+# #
+###############################################################################
+
+use strict;
+
+# enable only the following on debugging purpose
+use warnings;
+use CGI::Carp 'fatalsToBrowser';
+
+require '/var/ipfire/general-functions.pl';
+require "${General::swroot}/lang.pl";
+require "${General::swroot}/header.pl";
+require "${General::swroot}/modem-lib.pl";
+
+my $modem;
+my %ethsettings = {};
+my %pppsettings = {};
+
+&General::readhash("${General::swroot}/ethernet/settings", \%ethsettings);
+
+if ($ethsettings{"RED_TYPE"} eq "PPPOE") {
+ &General::readhash("${General::swroot}/ppp/settings", \%pppsettings);
+
+ # Establish the connection to the modem.
+ my $port = $pppsettings{'MONPORT'};
+ if ($port) {
+ $port = "/dev/$port";
+ $modem = Modem->new($port, $pppsettings{"DTERATE"});
+ }
+}
+
+&Header::showhttpheaders();
+&Header::openpage($Lang::tr{'modem information'}, 1, '');
+&Header::openbigbox('100%', 'left');
+
+if ($modem) {
+ &Header::openbox("100%", "center", $Lang::tr{'modem hardware details'});
+
+ print <<END;
+ <table width="100%">
+ <tbody>
+END
+
+ my $vendor = $modem->get_vendor();
+ if ($vendor) {
+ print <<END;
+ <tr>
+ <td width="33%">$Lang::tr{'vendor'}</td>
+ <td>$vendor</td>
+ </tr>
+END
+ }
+
+ my $model = $modem->get_model();
+ if ($model) {
+ print <<END;
+ <tr>
+ <td width="33%">$Lang::tr{'model'}</td>
+ <td>$model</td>
+ </tr>
+END
+ }
+
+ my $software_version = $modem->get_software_version();
+ if ($software_version) {
+ print <<END;
+ <tr>
+ <td width="33%">$Lang::tr{'software version'}</td>
+ <td>$software_version</td>
+ </tr>
+END
+ }
+
+ my $imei = $modem->get_imei();
+ if ($imei) {
+ print <<END;
+ <tr>
+ <td width="33%">$Lang::tr{'imei'}</td>
+ <td>$imei</td>
+ </tr>
+END
+ }
+
+ my @caps = $modem->get_capabilities();
+ if (@caps) {
+ my $caps_string = join(", ", @caps);
+
+ print <<END;
+ <tr>
+ <td width="33%">$Lang::tr{'capabilities'}</td>
+ <td>$caps_string</td>
+ </tr>
+END
+ }
+
+ print <<END;
+ </tbody>
+ </table>
+END
+ &Header::closebox();
+
+
+ &Header::openbox("100%", "center", $Lang::tr{'modem sim information'});
+ print <<END;
+ <table width="100%">
+ <tbody>
+END
+
+ my $imsi = $modem->get_sim_imsi();
+ if ($imsi) {
+ print <<END;
+ <tr>
+ <td width="33%">$Lang::tr{'imsi'}</td>
+ <td>$imsi</td>
+ </tr>
+END
+ }
+
+ print <<END;
+ </tbody>
+ </table>
+END
+ &Header::closebox();
+
+ &Header::openbox("100%", "center", $Lang::tr{'modem network information'});
+ print <<END;
+ <table width="100%">
+ <tbody>
+END
+
+ my $network_registration = $modem->get_network_registration();
+ if ($network_registration) {
+ print <<END;
+ <tr>
+ <td width="33%">$Lang::tr{'modem network registration'}</td>
+ <td>$network_registration</td>
+ </tr>
+END
+ }
+
+ my $network_operator = $modem->get_network_operator();
+ if ($network_operator) {
+ print <<END;
+ <tr>
+ <td width="33%">$Lang::tr{'modem network operator'}</td>
+ <td>$network_operator</td>
+ </tr>
+END
+ }
+
+ my $network_mode = $modem->get_network_mode();
+ if ($network_mode) {
+ print <<END;
+ <tr>
+ <td width="33%">$Lang::tr{'modem network mode'}</td>
+ <td>$network_mode</td>
+ </tr>
+END
+ }
+
+ my $signal_quality = $modem->get_signal_quality();
+ if ($signal_quality) {
+ print <<END;
+ <tr>
+ <td width="33%">$Lang::tr{'modem network signal quality'}</td>
+ <td>$signal_quality dBm</td>
+ </tr>
+END
+ }
+
+ my $bit_error_rate = $modem->get_bit_error_rate();
+ if ($bit_error_rate) {
+ print <<END;
+ <tr>
+ <td width="33%">$Lang::tr{'modem network bit error rate'}</td>
+ <td>$bit_error_rate</td>
+ </tr>
+END
+ }
+ print <<END;
+ </tbody>
+ </table>
+END
+
+ &Header::closebox();
+} else {
+ &Header::openbox("100%", "center", $Lang::tr{'modem no connection'});
+ print "<p>$Lang::tr{'modem no connection message'}</p>";
+ &Header::closebox();
+}
+
+&Header::closebigbox();
+&Header::closepage();
# #
###############################################################################
###
-# Based on IPFireCore 55
+# Based on IPFireCore 76
###
use CGI;
use CGI qw/:standard/;
$cgiparams{'ONLY_PROPOSED'} = 'off';
$cgiparams{'ACTION'} = '';
$cgiparams{'CA_NAME'} = '';
+$cgiparams{'DH_NAME'} = 'dh1024.pem';
+$cgiparams{'DHLENGHT'} = '';
$cgiparams{'DHCP_DOMAIN'} = '';
$cgiparams{'DHCP_DNS'} = '';
$cgiparams{'DHCP_WINS'} = '';
$cgiparams{'MSSFIX'} = '';
$cgiparams{'number'} = '';
$cgiparams{'PMTU_DISCOVERY'} = '';
+$cgiparams{'DAUTH'} = '';
+$cgiparams{'DCIPHER'} = '';
$routes_push_file = "${General::swroot}/ovpn/routes_push";
unless (-e $routes_push_file) { system("touch $routes_push_file"); }
unless (-e "${General::swroot}/ovpn/ccd.conf") { system("touch ${General::swroot}/ovpn/ccd.conf"); }
}
}
+
sub writeserverconf {
my %sovpnsettings = ();
my @temp = ();
print CONF "ifconfig-pool-persist /var/ipfire/ovpn/ovpn-leases.db 3600\n";
print CONF "client-config-dir /var/ipfire/ovpn/ccd\n";
print CONF "tls-server\n";
- print CONF "ca /var/ipfire/ovpn/ca/cacert.pem\n";
- print CONF "cert /var/ipfire/ovpn/certs/servercert.pem\n";
- print CONF "key /var/ipfire/ovpn/certs/serverkey.pem\n";
- print CONF "dh /var/ipfire/ovpn/ca/dh1024.pem\n";
+ print CONF "ca ${General::swroot}/ovpn/ca/cacert.pem\n";
+ print CONF "cert ${General::swroot}/ovpn/certs/servercert.pem\n";
+ print CONF "key ${General::swroot}/ovpn/certs/serverkey.pem\n";
+ print CONF "dh ${General::swroot}/ovpn/ca/dh1024.pem\n";
my @tempovpnsubnet = split("\/",$sovpnsettings{'DOVPN_SUBNET'});
print CONF "server $tempovpnsubnet[0] $tempovpnsubnet[1]\n";
#print CONF "push \"route $netsettings{'GREEN_NETADDRESS'} $netsettings{'GREEN_NETMASK'}\"\n";
-
+
# Check if we are using mssfix, fragment or mtu-disc and set the corretct mtu of 1500.
# If we doesn't use one of them, we can use the configured mtu value.
if ($sovpnsettings{'MSSFIX'} eq 'on')
elsif ($sovpnsettings{'FRAGMENT'} ne '' && $sovpnsettings{'DPROTOCOL'} ne 'tcp')
{ print CONF "$sovpnsettings{'DDEVICE'}-mtu 1500\n"; }
elsif (($sovpnsettings{'PMTU_DISCOVERY'} eq 'yes') ||
- ($sovpnsettings{'PMTU_DISCOVERY'} eq 'maybe') ||
- ($sovpnsettings{'PMTU_DISCOVERY'} eq 'no' ))
+ ($sovpnsettings{'PMTU_DISCOVERY'} eq 'maybe') ||
+ ($sovpnsettings{'PMTU_DISCOVERY'} eq 'no' ))
{ print CONF "$sovpnsettings{'DDEVICE'}-mtu 1500\n"; }
else
{ print CONF "$sovpnsettings{'DDEVICE'}-mtu $sovpnsettings{'DMTU'}\n"; }
print CONF "client-to-client\n";
}
if ($sovpnsettings{MSSFIX} eq 'on') {
- print CONF "mssfix\n";
+ print CONF "mssfix\n";
}
if ($sovpnsettings{FRAGMENT} ne '' && $sovpnsettings{'DPROTOCOL'} ne 'tcp') {
- print CONF "fragment $sovpnsettings{'FRAGMENT'}\n";
+ print CONF "fragment $sovpnsettings{'FRAGMENT'}\n";
}
# Check if a valid operating mode has been choosen and use it.
print CONF "status-version 1\n";
print CONF "status /var/log/ovpnserver.log 30\n";
print CONF "cipher $sovpnsettings{DCIPHER}\n";
+ if ($sovpnsettings{'DAUTH'} eq '') {
+ print CONF "";
+ } else {
+ print CONF "auth $sovpnsettings{'DAUTH'}\n";
+ }
if ($sovpnsettings{DCOMPLZO} eq 'on') {
print CONF "comp-lzo\n";
}
$vpnsettings{'DHCP_WINS'} = $cgiparams{'DHCP_WINS'};
$vpnsettings{'ROUTES_PUSH'} = $cgiparams{'ROUTES_PUSH'};
$vpnsettings{'PMTU_DISCOVERY'} = $cgiparams{'PMTU_DISCOVERY'};
+ $vpnsettings{'DAUTH'} = $cgiparams{'DAUTH'};
my @temp=();
if ($cgiparams{'FRAGMENT'} eq '') {
print SERVERCONF "ca ${General::swroot}/ovpn/ca/cacert.pem\n";
print SERVERCONF "cert ${General::swroot}/ovpn/certs/servercert.pem\n";
print SERVERCONF "key ${General::swroot}/ovpn/certs/serverkey.pem\n";
- print SERVERCONF "dh ${General::swroot}/ovpn/ca/dh1024.pem\n";
+ print SERVERCONF "dh ${General::swroot}/ovpn/ca/dh1024.pem\n";
print SERVERCONF "# Cipher\n";
- print SERVERCONF "cipher AES-256-CBC\n";
+ print SERVERCONF "cipher $cgiparams{'DCIPHER'}\n";
+ print SERVERCONF "# HMAC algorithm\n";
+ print SERVERCONF "auth $cgiparams{'DAUTH'}\n";
if ($cgiparams{'COMPLZO'} eq 'on') {
print SERVERCONF "# Enable Compression\n";
print SERVERCONF "comp-lzo\r\n";
if ($cgiparams{'ACTION'} eq $Lang::tr{'save'} && $cgiparams{'TYPE'} eq 'net' && $cgiparams{'SIDE'} eq 'client')
{
+
my @ovsubnettemp = split(/\./,$cgiparams{'OVPN_SUBNET'});
my $ovsubnet = "$ovsubnettemp[0].$ovsubnettemp[1].$ovsubnettemp[2]";
my @remsubnet = split(/\//,$cgiparams{'REMOTE_SUBNET'});
print CLIENTCONF "# Auth. Client\n";
print CLIENTCONF "tls-client\n";
print CLIENTCONF "# Cipher\n";
- print CLIENTCONF "cipher AES-256-CBC\n";
+ print CLIENTCONF "cipher $cgiparams{'DCIPHER'}\n";
+ print CLIENTCONF "# HMAC algorithm\n";
+ print CLIENTCONF "auth $cgiparams{'DAUTH'}\n";
print CLIENTCONF "pkcs12 ${General::swroot}/ovpn/certs/$cgiparams{'NAME'}.p12\r\n";
if ($cgiparams{'COMPLZO'} eq 'on') {
print CLIENTCONF "# Enable Compression\n";
print CLIENTCONF "comp-lzo\r\n";
- }
+ }
print CLIENTCONF "# Debug Level\n";
print CLIENTCONF "verb 3\n";
print CLIENTCONF "# Tunnel check\n";
if (! &General::validipandmask($cgiparams{'DOVPN_SUBNET'})) {
$errormessage = $Lang::tr{'ovpn subnet is invalid'};
- goto SETTINGS_ERROR;
+ goto SETTINGS_ERROR;
}
my @tmpovpnsubnet = split("\/",$cgiparams{'DOVPN_SUBNET'});
$errormessage = $Lang::tr{'invalid port'};
goto SETTINGS_ERROR;
}
-
- if ($cgiparams{'DDEST_PORT'} <= 1023) {
- $errormessage = $Lang::tr{'ovpn port in root range'};
- goto SETTINGS_ERROR;
- }
$vpnsettings{'ENABLED_BLUE'} = $cgiparams{'ENABLED_BLUE'};
$vpnsettings{'ENABLED_ORANGE'} =$cgiparams{'ENABLED_ORANGE'};
###
### Reset all step 2
###
-}elsif ($cgiparams{'ACTION'} eq $Lang::tr{'reset'} && $cgiparams{'AREUSURE'} eq 'yes') {
+}elsif ($cgiparams{'ACTION'} eq $Lang::tr{'remove x509'} && $cgiparams{'AREUSURE'} eq 'yes') {
my $file = '';
&General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
}
}
while ($file = glob("${General::swroot}/ovpn/ca/*")) {
- unlink $file
+ unlink $file
}
while ($file = glob("${General::swroot}/ovpn/certs/*")) {
- unlink $file
+ unlink $file
}
while ($file = glob("${General::swroot}/ovpn/crls/*")) {
- unlink $file
+ unlink $file
}
- &cleanssldatabase();
+ &cleanssldatabase();
if (open(FILE, ">${General::swroot}/ovpn/caconfig")) {
print FILE "";
close FILE;
}
- &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
- #&writeserverconf();
+ if (open(FILE, ">${General::swroot}/ovpn/ccdroute")) {
+ print FILE "";
+ close FILE;
+ }
+ if (open(FILE, ">${General::swroot}/ovpn/ccdroute2")) {
+ print FILE "";
+ close FILE;
+ }
+ while ($file = glob("${General::swroot}/ovpn/ccd/*")) {
+ unlink $file
+ }
+ if (open(FILE, ">${General::swroot}/ovpn/ovpn-leases.db")) {
+ print FILE "";
+ close FILE;
+ }
+ if (open(FILE, ">${General::swroot}/ovpn/ovpnconfig")) {
+ print FILE "";
+ close FILE;
+ }
+ while ($file = glob("${General::swroot}/ovpn/n2nconf/*")) {
+ system ("rm -rf $file")
+ }
###
### Reset all step 1
###
-}elsif ($cgiparams{'ACTION'} eq $Lang::tr{'reset'}) {
+}elsif ($cgiparams{'ACTION'} eq $Lang::tr{'remove x509'}) {
&Header::showhttpheaders();
- &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
- &Header::openbigbox('100%', 'LEFT', '', '');
- &Header::openbox('100%', 'LEFT', $Lang::tr{'are you sure'});
- print <<END
- <table><form method='post'><input type='hidden' name='AREUSURE' value='yes' />
- <tr><td align='center'>
- <b><font color='${Header::colourred}'>$Lang::tr{'capswarning'}</font></b>:
- $Lang::tr{'resetting the vpn configuration will remove the root ca, the host certificate and all certificate based connections'}
- <tr><td align='center'><input type='submit' name='ACTION' value='$Lang::tr{'reset'}' />
- <input type='submit' name='ACTION' value='$Lang::tr{'cancel'}' /></td></tr>
- </form></table>
+ &Header::openpage($Lang::tr{'ovpn'}, 1, '');
+ &Header::openbigbox('100%', 'left', '', '');
+ &Header::openbox('100%', 'left', $Lang::tr{'are you sure'});
+ print <<END;
+ <form method='post'>
+ <table width='100%'>
+ <tr>
+ <td align='center'>
+ <input type='hidden' name='AREUSURE' value='yes' />
+ <b><font color='${Header::colourred}'>$Lang::tr{'capswarning'}</font></b>:
+ $Lang::tr{'resetting the vpn configuration will remove the root ca, the host certificate and all certificate based connections'}</td>
+ </tr>
+ <tr>
+ <td align='center'><input type='submit' name='ACTION' value='$Lang::tr{'remove x509'}' />
+ <input type='submit' name='ACTION' value='$Lang::tr{'cancel'}' /></td>
+ </tr>
+ </table>
+ </form>
END
;
&Header::closebox();
&Header::closepage();
exit (0);
+###
+### Generate DH key step 2
+###
+} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'generate dh key'} && $cgiparams{'AREUSURE'} eq 'yes') {
+ # Delete if old key exists
+ if (-f "${General::swroot}/ovpn/ca/$cgiparams{'DH_NAME'}") {
+ unlink "${General::swroot}/ovpn/ca/$cgiparams{'DH_NAME'}";
+ }
+ # Create Diffie Hellmann Parameter
+ system('/usr/bin/openssl', 'dhparam', '-rand', '/proc/interrupts:/proc/net/rt_cache',
+ '-out', "${General::swroot}/ovpn/ca/dh1024.pem", "$cgiparams{'DHLENGHT'}");
+ if ($?) {
+ $errormessage = "$Lang::tr{'openssl produced an error'}: $?";
+ unlink ("${General::swroot}/ovpn/ca/dh1024.pem");
+ }
+
+###
+### Generate DH key step 1
+###
+} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'generate dh key'}) {
+ &Header::showhttpheaders();
+ &Header::openpage($Lang::tr{'ovpn'}, 1, '');
+ &Header::openbigbox('100%', 'LEFT', '', '');
+ &Header::openbox('100%', 'LEFT', "$Lang::tr{'gen dh'}:");
+ print <<END;
+ <table width='100%'>
+ <tr>
+ <td width='15%'> </td> <td width='15%'></td> <td width='65%'></td>
+ </tr>
+ <tr>
+ <td class='base'>$Lang::tr{'ovpn dh'}:</td>
+ <td align='center'>
+ <form method='post'><input type='hidden' name='AREUSURE' value='yes' />
+ <input type='hidden' name='KEY' value='$cgiparams{'KEY'}' />
+ <select name='DHLENGHT'>
+ <option value='1024' $selected{'DHLENGHT'}{'1024'}>1024 $Lang::tr{'bit'}</option>
+ <option value='2048' $selected{'DHLENGHT'}{'2048'}>2048 $Lang::tr{'bit'}</option>
+ <option value='3072' $selected{'DHLENGHT'}{'3072'}>3072 $Lang::tr{'bit'}</option>
+ <option value='4096' $selected{'DHLENGHT'}{'4096'}>4096 $Lang::tr{'bit'}</option>
+ </select>
+ </td>
+ </tr>
+ <tr><td colspan='4'><br></td></tr>
+ </table>
+ <table width='100%'>
+ <tr>
+ <b><font color='${Header::colourred}'>$Lang::tr{'capswarning'}:</font></b>
+ $Lang::tr{'dh key warn'}
+ </td>
+ </tr>
+ <tr>
+ <td align='center'><input type='submit' name='ACTION' value='$Lang::tr{'generate dh key'}' /></td>
+ </form>
+ </tr>
+ </table>
+
+END
+ ;
+ &Header::closebox();
+ print "<div align='center'><a href='/cgi-bin/ovpnmain.cgi'>$Lang::tr{'back'}</a></div>";
+ &Header::closebigbox();
+ &Header::closepage();
+ exit (0);
+
+###
+### Upload DH key
+###
+} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'upload dh key'}) {
+ if ($cgiparams{'DH_NAME'} !~ /dh1024.pem/) {
+ $errormessage = $Lang::tr{'dh name is invalid'};
+ goto UPLOADCA_ERROR;
+ }
+ if (ref ($cgiparams{'FH'}) ne 'Fh') {
+ $errormessage = $Lang::tr{'there was no file upload'};
+ goto UPLOADCA_ERROR;
+ }
+ # Move uploaded dh key to a temporary file
+ (my $fh, my $filename) = tempfile( );
+ if (copy ($cgiparams{'FH'}, $fh) != 1) {
+ $errormessage = $!;
+ goto UPLOADCA_ERROR;
+ }
+ my $temp = `/usr/bin/openssl dhparam -text -in $filename`;
+ if ($temp !~ /DH Parameters: \((1024|2048|3072|4096) bit\)/) {
+ $errormessage = $Lang::tr{'not a valid dh key'};
+ unlink ($filename);
+ goto UPLOADCA_ERROR;
+ } else {
+ # Delete if old key exists
+ if (-f "${General::swroot}/ovpn/ca/$cgiparams{'DH_NAME'}") {
+ unlink "${General::swroot}/ovpn/ca/$cgiparams{'DH_NAME'}";
+ }
+ move($filename, "${General::swroot}/ovpn/ca/$cgiparams{'DH_NAME'}");
+ if ($? ne 0) {
+ $errormessage = "$Lang::tr{'certificate file move failed'}: $!";
+ unlink ($filename);
+ goto UPLOADCA_ERROR;
+ }
+ }
+
###
### Upload CA Certificate
###
if ($cgiparams{'CA_NAME'} eq 'ca') {
$errormessage = $Lang::tr{'name is invalid'};
- goto UPLOAD_CA_ERROR;
+ goto UPLOADCA_ERROR;
}
# Check if there is no other entry with this name
if ( -f "${General::swroot}/ovpn/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem") {
&Header::showhttpheaders();
- &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
+ &Header::openpage($Lang::tr{'ovpn'}, 1, '');
&Header::openbigbox('100%', 'LEFT', '', $errormessage);
&Header::openbox('100%', 'LEFT', "$Lang::tr{'ca certificate'}:");
my $output = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem`;
}
if ($assignedcerts) {
&Header::showhttpheaders();
- &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
+ &Header::openpage($Lang::tr{'ovpn'}, 1, '');
&Header::openbigbox('100%', 'LEFT', '', $errormessage);
&Header::openbox('100%', 'LEFT', $Lang::tr{'are you sure'});
- print <<END
+ print <<END;
<table><form method='post'><input type='hidden' name='AREUSURE' value='yes' />
<input type='hidden' name='KEY' value='$cgiparams{'KEY'}' />
<tr><td align='center'>
$cgiparams{'ACTION'} eq $Lang::tr{'show host certificate'}) {
my $output;
&Header::showhttpheaders();
- &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
+ &Header::openpage($Lang::tr{'ovpn'}, 1, '');
&Header::openbigbox('100%', 'LEFT', '', '');
if ($cgiparams{'ACTION'} eq $Lang::tr{'show root certificate'}) {
&Header::openbox('100%', 'LEFT', "$Lang::tr{'root certificate'}:");
}
} else { # child
unless (exec ('/usr/bin/openssl', 'req', '-x509', '-nodes', '-rand', '/proc/interrupts:/proc/net/rt_cache',
- '-days', '999999', '-newkey', 'rsa:2048',
+ '-days', '999999', '-newkey', 'rsa:4096',
'-keyout', "${General::swroot}/ovpn/ca/cakey.pem",
'-out', "${General::swroot}/ovpn/ca/cacert.pem",
'-config',"${General::swroot}/ovpn/openssl/ovpn.cnf")) {
}
} else { # child
unless (exec ('/usr/bin/openssl', 'req', '-nodes', '-rand', '/proc/interrupts:/proc/net/rt_cache',
- '-newkey', 'rsa:1024',
+ '-newkey', 'rsa:2048',
'-keyout', "${General::swroot}/ovpn/certs/serverkey.pem",
'-out', "${General::swroot}/ovpn/certs/serverreq.pem",
'-extensions', 'server',
}
# Create Diffie Hellmann Parameter
system('/usr/bin/openssl', 'dhparam', '-rand', '/proc/interrupts:/proc/net/rt_cache',
- '-out', "${General::swroot}/ovpn/ca/dh1024.pem",
- '1024' );
+ '-out', "${General::swroot}/ovpn/ca/dh1024.pem", "$cgiparams{'DHLENGHT'}");
if ($?) {
$errormessage = "$Lang::tr{'openssl produced an error'}: $?";
unlink ("${General::swroot}/ovpn/certs/serverkey.pem");
ROOTCERT_ERROR:
if ($cgiparams{'ACTION'} ne '') {
&Header::showhttpheaders();
- &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
+ &Header::openpage($Lang::tr{'ovpn'}, 1, '');
&Header::openbigbox('100%', 'LEFT', '', '');
if ($errormessage) {
&Header::openbox('100%', 'LEFT', $Lang::tr{'error messages'});
&Header::closebox();
}
&Header::openbox('100%', 'LEFT', "$Lang::tr{'generate root/host certificates'}:");
- print <<END
+ print <<END;
<form method='post' enctype='multipart/form-data'>
<table width='100%' border='0' cellspacing='1' cellpadding='0'>
<tr><td width='30%' class='base'>$Lang::tr{'organization name'}:</td>
}
print ">$country</option>";
}
- print <<END
- </select></td>
- <td colspan='2'> </td></tr>
+ print <<END;
+ </select></td>
+ <tr><td class='base'>$Lang::tr{'ovpn dh'}:</td>
+ <td class='base'><select name='DHLENGHT'>
+ <option value='1024' $selected{'DHLENGHT'}{'1024'}>1024 $Lang::tr{'bit'}</option>
+ <option value='2048' $selected{'DHLENGHT'}{'2048'}>2048 $Lang::tr{'bit'}</option>
+ <option value='3072' $selected{'DHLENGHT'}{'3072'}>3072 $Lang::tr{'bit'}</option>
+ <option value='4096' $selected{'DHLENGHT'}{'4096'}>4096 $Lang::tr{'bit'}</option>
+ </select>
+ </td>
+ </tr>
+
<tr><td> </td>
<td><input type='submit' name='ACTION' value='$Lang::tr{'generate root/host certificates'}' /></td>
<td> </td><td> </td></tr>
<tr><td class='base' colspan='4' align='left'>
<img src='/blob.gif' valign='top' alt='*' /> $Lang::tr{'this field may be blank'}</td></tr>
- <tr><td class='base' colspan='4' align='left'>
- <b><font color='${Header::colourred}'>$Lang::tr{'capswarning'}</font></b>:
- $Lang::tr{'generating the root and host certificates may take a long time. it can take up to several minutes on older hardware. please be patient'}
- </td></tr>
- <tr><td colspan='4' bgcolor='#000000'><img src='/images/null.gif' width='1' height='1' border='0' /></td></tr>
+ <tr><td colspan='4'><br><br></td></tr>
+ <tr><td class='base' colspan='4' align='center'>
+ <b><font color='${Header::colourred}'>$Lang::tr{'capswarning'}:</font></b>
+ $Lang::tr{'ovpn generating the root and host certificates'}
+ </td>
+ </tr>
+ <tr><td class='base' colspan='4' align='center'>
+ $Lang::tr{'dh key warn'}
+ </td>
+ </tr>
+
+ <tr><td colspan='4'><hr></td></tr>
<tr><td class='base' nowrap='nowrap'>$Lang::tr{'upload p12 file'}:</td>
<td nowrap='nowrap'><input type='file' name='FH' size='32'></td>
<td colspan='2'> </td></tr>
<td><input type='submit' name='ACTION' value='$Lang::tr{'upload p12 file'}' /></td>
<td colspan='2'> </td></tr>
<tr><td class='base' colspan='4' align='left'>
- <img src='/blob.gif' valign='top' al='*' > $Lang::tr{'this field may be blank'}</td></tr>
+ <img src='/blob.gif' valign='top' al='*' > $Lang::tr{'this field may be blank'}</td>
+ </tr>
</form></table>
END
;
&Header::closebox();
-
+ print "<div align='center'><a href='/cgi-bin/ovpnmain.cgi'>$Lang::tr{'back'}</a></div>";
&Header::closebigbox();
&Header::closepage();
exit(0)
print CLIENTCONF "# Auth. Client\n";
print CLIENTCONF "tls-client\n";
print CLIENTCONF "# Cipher\n";
- print CLIENTCONF "cipher AES-256-CBC\n";
+ print CLIENTCONF "cipher $confighash{$cgiparams{'KEY'}}[40]\n";
+ print CLIENTCONF "# HMAC algorithm\n";
+ print CLIENTCONF "auth $confighash{$cgiparams{'KEY'}}[39]\n";
if ($confighash{$cgiparams{'KEY'}}[4] eq 'cert' && -f "${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12") {
print CLIENTCONF "pkcs12 ${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12\r\n";
$zip->addFile( "${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12", "$confighash{$cgiparams{'KEY'}}[1].p12") or die "Can't add file $confighash{$cgiparams{'KEY'}}[1].p12\n";
}
- if ($confighash{$cgiparams{'KEY'}}[30] eq 'on') {
+ if ($confighash{$cgiparams{'KEY'}}[30] eq 'on') {
print CLIENTCONF "# Enable Compression\n";
print CLIENTCONF "comp-lzo\r\n";
}
$zip->addFile( "${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem", "$confighash{$cgiparams{'KEY'}}[1]cert.pem") or die "Can't add file $confighash{$cgiparams{'KEY'}}[1]cert.pem\n";
}
print CLIENTCONF "cipher $vpnsettings{DCIPHER}\r\n";
+ if ($vpnsettings{'DAUTH'} eq '') {
+ print CLIENTCONF "";
+ } else {
+ print CLIENTCONF "auth $vpnsettings{'DAUTH'}\r\n";
+ }
if ($vpnsettings{DCOMPLZO} eq 'on') {
print CLIENTCONF "comp-lzo\r\n";
}
} else {
$errormessage = $Lang::tr{'invalid key'};
}
- &General::firewall_reload();
+
+ &General::firewall_reload();
###
### Download PKCS12 file
if ( -f "${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem") {
&Header::showhttpheaders();
- &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
+ &Header::openpage($Lang::tr{'ovpn'}, 1, '');
&Header::openbigbox('100%', 'LEFT', '', '');
&Header::openbox('100%', 'LEFT', "$Lang::tr{'certificate'}:");
my $output = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem`;
&Header::closepage();
exit(0);
}
+
+###
+### Display Diffie-Hellman key
+###
+} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'show dh'}) {
+
+ if (! -e "${General::swroot}/ovpn/ca/dh1024.pem") {
+ $errormessage = $Lang::tr{'not present'};
+ } else {
+ &Header::showhttpheaders();
+ &Header::openpage($Lang::tr{'ovpn'}, 1, '');
+ &Header::openbigbox('100%', 'LEFT', '', '');
+ &Header::openbox('100%', 'LEFT', "$Lang::tr{'dh'}:");
+ my $output = `/usr/bin/openssl dhparam -text -in ${General::swroot}/ovpn/ca/dh1024.pem`;
+ $output = &Header::cleanhtml($output,"y");
+ print "<pre>$output</pre>\n";
+ &Header::closebox();
+ print "<div align='center'><a href='/cgi-bin/ovpnmain.cgi'>$Lang::tr{'back'}</a></div>";
+ &Header::closebigbox();
+ &Header::closepage();
+ exit(0);
+ }
+
###
### Display Certificate Revoke List
###
} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'show crl'}) {
# &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
- if ( -f "${General::swroot}/ovpn/crls/cacrl.pem") {
- &Header::showhttpheaders();
- &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
- &Header::openbigbox('100%', 'LEFT', '', '');
- &Header::openbox('100%', 'LEFT', "$Lang::tr{'crl'}:");
- my $output = `/usr/bin/openssl crl -text -noout -in ${General::swroot}/ovpn/crls/cacrl.pem`;
- $output = &Header::cleanhtml($output,"y");
- print "<pre>$output</pre>\n";
- &Header::closebox();
- print "<div align='center'><a href='/cgi-bin/ovpnmain.cgi'>$Lang::tr{'back'}</a></div>";
- &Header::closebigbox();
- &Header::closepage();
- exit(0);
+ if (! -e "${General::swroot}/ovpn/crls/cacrl.pem") {
+ $errormessage = $Lang::tr{'not present'};
+ } else {
+ &Header::showhttpheaders();
+ &Header::openpage($Lang::tr{'ovpn'}, 1, '');
+ &Header::openbigbox('100%', 'LEFT', '', '');
+ &Header::openbox('100%', 'LEFT', "$Lang::tr{'crl'}:");
+ my $output = `/usr/bin/openssl crl -text -noout -in ${General::swroot}/ovpn/crls/cacrl.pem`;
+ $output = &Header::cleanhtml($output,"y");
+ print "<pre>$output</pre>\n";
+ &Header::closebox();
+ print "<div align='center'><a href='/cgi-bin/ovpnmain.cgi'>$Lang::tr{'back'}</a></div>";
+ &Header::closebigbox();
+ &Header::closepage();
+ exit(0);
}
###
# }
ADV_ERROR:
if ($cgiparams{'MAX_CLIENTS'} eq '') {
- $cgiparams{'MAX_CLIENTS'} = '100';
+ $cgiparams{'MAX_CLIENTS'} = '100';
}
if ($cgiparams{'KEEPALIVE_1'} eq '') {
- $cgiparams{'KEEPALIVE_1'} = '10';
+ $cgiparams{'KEEPALIVE_1'} = '10';
}
if ($cgiparams{'KEEPALIVE_2'} eq '') {
- $cgiparams{'KEEPALIVE_2'} = '60';
+ $cgiparams{'KEEPALIVE_2'} = '60';
}
if ($cgiparams{'LOG_VERB'} eq '') {
- $cgiparams{'LOG_VERB'} = '3';
+ $cgiparams{'LOG_VERB'} = '3';
}
if ($cgiparams{'PMTU_DISCOVERY'} eq '') {
- $cgiparams{'PMTU_DISCOVERY'} = 'off';
+ $cgiparams{'PMTU_DISCOVERY'} = 'off';
+ }
+ if ($cgiparams{'DAUTH'} eq '') {
+ $cgiparams{'DAUTH'} = 'SHA1';
}
$checked{'CLIENT2CLIENT'}{'off'} = '';
$checked{'CLIENT2CLIENT'}{'on'} = '';
$checked{'REDIRECT_GW_DEF1'}{'off'} = '';
$checked{'REDIRECT_GW_DEF1'}{'on'} = '';
$checked{'REDIRECT_GW_DEF1'}{$cgiparams{'REDIRECT_GW_DEF1'}} = 'CHECKED';
- $selected{'ENGINES'}{$cgiparams{'ENGINES'}} = 'SELECTED';
$checked{'MSSFIX'}{'off'} = '';
$checked{'MSSFIX'}{'on'} = '';
$checked{'MSSFIX'}{$cgiparams{'MSSFIX'}} = 'CHECKED';
$selected{'LOG_VERB'}{'11'} = '';
$selected{'LOG_VERB'}{'0'} = '';
$selected{'LOG_VERB'}{$cgiparams{'LOG_VERB'}} = 'SELECTED';
-
+ $selected{'DAUTH'}{'whirlpool'} = '';
+ $selected{'DAUTH'}{'SHA512'} = '';
+ $selected{'DAUTH'}{'SHA384'} = '';
+ $selected{'DAUTH'}{'SHA256'} = '';
+ $selected{'DAUTH'}{'ecdsa-with-SHA1'} = '';
+ $selected{'DAUTH'}{'SHA1'} = '';
+ $selected{'DAUTH'}{$cgiparams{'DAUTH'}} = 'SELECTED';
+
&Header::showhttpheaders();
&Header::openpage($Lang::tr{'status ovpn'}, 1, '');
&Header::openbigbox('100%', 'LEFT', '', $errormessage);
&Header::closebox();
}
&Header::openbox('100%', 'LEFT', $Lang::tr{'advanced server'});
- print <<END
+ print <<END;
<form method='post' enctype='multipart/form-data'>
<table width='100%' border='0'>
- <tr>
- <td colspan='4'><b>$Lang::tr{'dhcp-options'}</b></td>
+ <tr>
+ <td colspan='4'><b>$Lang::tr{'dhcp-options'}</b></td>
</tr>
<tr>
- <td width='25%'></td> <td width='20%'> </td><td width='25%'> </td><td width='30%'></td>
+ <td width='25%'></td> <td width='20%'> </td><td width='25%'> </td><td width='30%'></td>
</tr>
<tr>
- <td class='base'>Domain</td>
+ <td class='base'>Domain</td>
<td><input type='TEXT' name='DHCP_DOMAIN' value='$cgiparams{'DHCP_DOMAIN'}' size='30' /></td>
</tr>
<tr>
- <td class='base'>DNS</td>
- <td><input type='TEXT' name='DHCP_DNS' value='$cgiparams{'DHCP_DNS'}' size='30' /></td>
+ <td class='base'>DNS</td>
+ <td><input type='TEXT' name='DHCP_DNS' value='$cgiparams{'DHCP_DNS'}' size='30' /></td>
</tr>
<tr>
- <td class='base'>WINS</td>
- <td><input type='TEXT' name='DHCP_WINS' value='$cgiparams{'DHCP_WINS'}' size='30' /></td>
- </tr>
+ <td class='base'>WINS</td>
+ <td><input type='TEXT' name='DHCP_WINS' value='$cgiparams{'DHCP_WINS'}' size='30' /></td>
+ </tr>
<tr>
- <td colspan='4'><b>$Lang::tr{'ovpn routes push options'}</b></td>
+ <td colspan='4'><b>$Lang::tr{'ovpn routes push options'}</b></td>
</tr>
<tr>
- <td class='base'>$Lang::tr{'ovpn routes push'}</td>
- <td colspan='2'>
- <textarea name='ROUTES_PUSH' cols='26' rows='6' wrap='off'>
+ <td class='base'>$Lang::tr{'ovpn routes push'}</td>
+ <td colspan='2'>
+ <textarea name='ROUTES_PUSH' cols='26' rows='6' wrap='off'>
END
;
</tr>
</table>
<hr size='1'>
- <table width='100%'>
+<table width='100%'>
<tr>
- <td class'base'><b>$Lang::tr{'misc-options'}</b></td>
+ <td class'base'><b>$Lang::tr{'misc-options'}</b></td>
</tr>
<tr>
- <td width='20%'></td> <td width='15%'> </td><td width='15%'> </td><td width='15%'></td><td width='35%'></td>
+ <td width='20%'></td> <td width='15%'> </td><td width='15%'> </td><td width='15%'></td><td width='35%'></td>
</tr>
<tr>
- <td class='base'>Client-To-Client</td>
- <td><input type='checkbox' name='CLIENT2CLIENT' $checked{'CLIENT2CLIENT'}{'on'} /></td>
+ <td class='base'>Client-To-Client</td>
+ <td><input type='checkbox' name='CLIENT2CLIENT' $checked{'CLIENT2CLIENT'}{'on'} /></td>
</tr>
<tr>
- <td class='base'>Redirect-Gateway def1</td>
- <td><input type='checkbox' name='REDIRECT_GW_DEF1' $checked{'REDIRECT_GW_DEF1'}{'on'} /></td>
+ <td class='base'>Redirect-Gateway def1</td>
+ <td><input type='checkbox' name='REDIRECT_GW_DEF1' $checked{'REDIRECT_GW_DEF1'}{'on'} /></td>
</tr>
<tr>
<td class='base'>Max-Clients</td>
<td><input type='text' name='MAX_CLIENTS' value='$cgiparams{'MAX_CLIENTS'}' size='10' /></td>
</tr>
- <tr>
+ <tr>
<td class='base'>Keepalive <br />
(ping/ping-restart)</td>
<td><input type='TEXT' name='KEEPALIVE_1' value='$cgiparams{'KEEPALIVE_1'}' size='10' /></td>
<td><input type='TEXT' name='KEEPALIVE_2' value='$cgiparams{'KEEPALIVE_2'}' size='10' /></td>
</tr>
- <tr>
+ <tr>
<td class='base'>fragment <br></td>
<td><input type='TEXT' name='FRAGMENT' value='$cgiparams{'FRAGMENT'}' size='10' /></td>
- <td>$Lang::tr{'openvpn default'}: <span class="base">1300</span></td>
- </tr>
- <tr>
+ </tr>
+ <tr>
<td class='base'>mssfix</td>
<td><input type='checkbox' name='MSSFIX' $checked{'MSSFIX'}{'on'} /></td>
- <td>$Lang::tr{'openvpn default'}: on</td>
- </tr>
-
+ <td>$Lang::tr{'openvpn default'}: on</td>
+ </tr>
<tr>
<td class='base'>$Lang::tr{'ovpn mtu-disc'}</td>
<td><input type='radio' name='PMTU_DISCOVERY' value='yes' $checked{'PMTU_DISCOVERY'}{'yes'} /> $Lang::tr{'ovpn mtu-disc yes'}</td>
</tr>
</table>
-<!--
<hr size='1'>
- <table width='100%'>
+<table width='100%'>
<tr>
- <td class'base'><b>Crypto-Engines</b></td>
+ <td class'base'><b>$Lang::tr{'log-options'}</b></td>
</tr>
<tr>
- <td width='15%'></td> <td width='30%'> </td><td width='25%'> </td><td width='30%'></td>
- </tr>
- <tr><td class='base'>Engines:</td>
- <td><select name='ENGINES'><option value="none" $selected{'ENGINES'}{'none'}>none</option>
- <option value="cryptodev" $selected{'ENGINES'}{'cryptodev'}>cryptodev</option>
- <option value="padlock" $selected{'ENGINES'}{'padlock'}>padlock</option>
+ <td width='20%'></td> <td width='30%'> </td><td width='25%'> </td><td width='25%'></td>
+ </tr>
+
+ <tr><td class='base'>VERB</td>
+ <td><select name='LOG_VERB'>
+ <option value='0' $selected{'LOG_VERB'}{'0'}>0</option>
+ <option value='1' $selected{'LOG_VERB'}{'1'}>1</option>
+ <option value='2' $selected{'LOG_VERB'}{'2'}>2</option>
+ <option value='3' $selected{'LOG_VERB'}{'3'}>3</option>
+ <option value='4' $selected{'LOG_VERB'}{'4'}>4</option>
+ <option value='5' $selected{'LOG_VERB'}{'5'}>5</option>
+ <option value='6' $selected{'LOG_VERB'}{'6'}>6</option>
+ <option value='7' $selected{'LOG_VERB'}{'7'}>7</option>
+ <option value='8' $selected{'LOG_VERB'}{'8'}>8</option>
+ <option value='9' $selected{'LOG_VERB'}{'9'}>9</option>
+ <option value='10' $selected{'LOG_VERB'}{'10'}>10</option>
+ <option value='11' $selected{'LOG_VERB'}{'11'}>11</option>
</select>
- </td>
+ </td>
+ </tr>
</table>
--->
+
<hr size='1'>
- <table width='100%'>
- <tr>
- <td class'base'><b>$Lang::tr{'log-options'}</b></td>
- </tr>
+<table width='100%'>
<tr>
- <td width='15%'></td> <td width='30%'> </td><td width='25%'> </td><td width='30%'></td>
+ <td class'base'><b>$Lang::tr{'ovpn crypt options'}</b></td>
+ </tr>
+ <tr>
+ <td width='20%'></td> <td width='30%'> </td><td width='25%'> </td><td width='25%'></td>
</tr>
-
- <tr><td class='base'>VERB</td>
- <td><select name='LOG_VERB'><option value='1' $selected{'LOG_VERB'}{'1'}>1</option>
- <option value='2' $selected{'LOG_VERB'}{'2'}>2</option>
- <option value='3' $selected{'LOG_VERB'}{'3'}>3</option>
- <option value='4' $selected{'LOG_VERB'}{'4'}>4</option>
- <option value='5' $selected{'LOG_VERB'}{'5'}>5</option>
- <option value='6' $selected{'LOG_VERB'}{'6'}>6</option>
- <option value='7' $selected{'LOG_VERB'}{'7'}>7</option>
- <option value='8' $selected{'LOG_VERB'}{'8'}>8</option>
- <option value='9' $selected{'LOG_VERB'}{'9'}>9</option>
- <option value='10' $selected{'LOG_VERB'}{'10'}>10</option>
- <option value='11' $selected{'LOG_VERB'}{'11'}>11</option>
- <option value='0' $selected{'LOG_VERB'}{'0'}>0</option></select></td>
+ <tr><td class='base'>$Lang::tr{'ovpn ha'}</td>
+ <td><select name='DAUTH'>
+ <option value='whirlpool' $selected{'DAUTH'}{'whirlpool'}>Whirlpool (512 $Lang::tr{'bit'})</option>
+ <option value='SHA512' $selected{'DAUTH'}{'SHA512'}>SHA2 (512 $Lang::tr{'bit'})</option>
+ <option value='SHA384' $selected{'DAUTH'}{'SHA384'}>SHA2 (384 $Lang::tr{'bit'})</option>
+ <option value='SHA256' $selected{'DAUTH'}{'SHA256'}>SHA2 (256 $Lang::tr{'bit'})</option>
+ <option value='ecdsa-with-SHA1' $selected{'DAUTH'}{'ecdsa-with-SHA1'}>ECDSA-SHA1 (160 $Lang::tr{'bit'})</option>
+ <option value='SHA1' $selected{'DAUTH'}{'SHA1'}>SHA1 (160 $Lang::tr{'bit'})</option>
+ </select>
+ </td>
+ <td>Default: <span class="base">SHA1 (160 $Lang::tr{'bit'})</span></td>
</table><hr>
+
END
if ( -e "/var/run/openvpn.pid"){
&Header::openbox('100%', 'LEFT', $Lang::tr{'ccd modify'});
- print <<END
+ print <<END;
<table width='100%' border='0'>
<tr><form method='post'>
<td width='10%' nowrap='nowrap'>$Lang::tr{'ccd name'}:</td><td><input type='TEXT' name='ccdname' value='$cgiparams{'ccdname'}' /></td>
&Header::closebox();
&Header::openbox('100%', 'LEFT',$Lang::tr{'ccd net'} );
- print <<END
+ print <<END;
<table width='100%' border='0' cellpadding='0' cellspacing='1'>
<tr>
<td class='boldbase' align='center'><b>$Lang::tr{'ccd name'}</td><td class='boldbase' align='center'><b>$Lang::tr{'network'}</td><td class='boldbase' width='15%' align='center'><b>$Lang::tr{'ccd used'}</td><td width='3%'></td><td width='3%'></td></tr>
print "$Lang::tr{'ccd noaddnet'}<br><hr>";
}
- print <<END
+ print <<END;
<table width='100%' cellpadding='0' cellspacing='1'>
<tr>
<td class='boldbase' align='center' nowrap='nowrap' width='20%'><b>$Lang::tr{'ccd name'}</td><td class='boldbase' align='center' width='8%'><b>$Lang::tr{'network'}</td><td class='boldbase' width='8%' align='center' nowrap='nowrap'><b>$Lang::tr{'ccd used'}</td><td width='1%' align='center'></td><td width='1%' align='center'></td></tr>
if ($count % 2){ print" <tr bgcolor='$color{'color22'}'>";}
else{ print" <tr bgcolor='$color{'color20'}'>";}
print"<td>$ccdconf[0]</td><td align='center'>$ccdconf[1]</td><td align='center'>$ccdhosts/".(&ccdmaxclients($ccdconf[1])+1)."</td><td>";
-print <<END
+ print <<END;
<form method='post' />
<input type='image' src='/images/edit.gif' align='middle' alt='$Lang::tr{'edit'}' title='$Lang::tr{'edit'}' />
<input type='hidden' name='ACTION' value='edit'/>
#
# <td><b>$Lang::tr{'protocol'}</b></td>
# protocol temp removed
- print <<END
+ print <<END;
<table width='100%' cellpadding='2' cellspacing='0' class='tbl'>
<tr>
<th><b>$Lang::tr{'common name'}</b></th>
}
print "</table>";
- print <<END
+ print <<END;
<table width='100%' border='0' cellpadding='2' cellspacing='0'>
<tr><td></td></tr>
<tr><td></td></tr>
} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'add'} && $cgiparams{'TYPE'} eq '') {
&General::readhash("${General::swroot}/ovpn/settings", \%vpnsettings);
&Header::showhttpheaders();
- &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
+ &Header::openpage($Lang::tr{'ovpn'}, 1, '');
&Header::openbigbox('100%', 'LEFT', '', '');
&Header::openbox('100%', 'LEFT', $Lang::tr{'connection type'});
if ( -s "${General::swroot}/ovpn/settings") {
- print <<END
+ print <<END;
<b>$Lang::tr{'connection type'}:</b><br />
<table border='0' width='100%'><form method='post' ENCTYPE="multipart/form-data">
<tr><td><input type='radio' name='TYPE' value='host' checked /></td>
} else {
- print <<END
+ print <<END;
<b>$Lang::tr{'connection type'}:</b><br />
<table border='0' width='100%'><form method='post' ENCTYPE="multipart/form-data">
<tr><td><input type='radio' name='TYPE' value='host' checked /></td> <td class='base'>$Lang::tr{'host to net vpn'}</td></tr>
}
&Header::closebox();
+ print "<div align='center'><a href='/cgi-bin/ovpnmain.cgi'>$Lang::tr{'back'}</a></div>";
&Header::closebigbox();
&Header::closepage();
exit (0);
my $complzoactive;
my $mssfixactive;
+my $authactive;
my $n2nfragment;
-my @n2nmtudisc = split(/ /, (grep { /^mtu-disc/ } @firen2nconf)[0]);;
+my @n2nmtudisc = split(/ /, (grep { /^mtu-disc/ } @firen2nconf)[0]);
my @n2nproto2 = split(/ /, (grep { /^proto/ } @firen2nconf)[0]);
my @n2nproto = split(/-/, $n2nproto2[1]);
my @n2nport = split(/ /, (grep { /^port/ } @firen2nconf)[0]);
my @n2nremsub = split(/ /, (grep { /^route/ } @firen2nconf)[0]);
my @n2nmgmt = split(/ /, (grep { /^management/ } @firen2nconf)[0]);
my @n2nlocalsub = split(/ /, (grep { /^# remsub/ } @firen2nconf)[0]);
+my @n2ncipher = split(/ /, (grep { /^cipher/ } @firen2nconf)[0]);
+my @n2nauth = split(/ /, (grep { /^auth/ } @firen2nconf)[0]);
###
$n2nfragment[1] =~ s/\n|\r//g;
$n2nmgmt[2] =~ s/\n|\r//g;
$n2nmtudisc[1] =~ s/\n|\r//g;
+$n2ncipher[1] =~ s/\n|\r//g;
+$n2nauth[1] =~ s/\n|\r//g;
chomp ($complzoactive);
chomp ($mssfixactive);
}
###
-# Check im Dest Port is vaild
+# Check if Dest Port is vaild
###
foreach my $dkey (keys %confighash) {
$key = &General::findhasharraykey (\%confighash);
- foreach my $i (0 .. 39) { $confighash{$key}[$i] = "";}
+ foreach my $i (0 .. 41) { $confighash{$key}[$i] = "";}
$confighash{$key}[0] = 'off';
$confighash{$key}[1] = $n2nname[0];
$confighash{$key}[30] = $complzoactive;
$confighash{$key}[31] = $n2ntunmtu[1];
$confighash{$key}[38] = $n2nmtudisc[1];
-
+ $confighash{$key}[39] = $n2nauth[1];
+ $confighash{$key}[40] = $n2ncipher[1];
&General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
&Header::openbox('100%', 'LEFT', 'import ipfire net2net config');
}
if ($errormessage eq ''){
- print <<END
+ print <<END;
<!-- ipfire net2net config gui -->
<table width='100%'>
<tr><td width='25%'> </td><td width='25%'> </td></tr>
<tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'Act as'}</td><td><b>$confighash{$key}[6]</b></td></tr>
<tr><td class='boldbase' nowrap='nowrap'>Remote Host </td><td><b>$confighash{$key}[10]</b></td></tr>
<tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'local subnet'}</td><td><b>$confighash{$key}[8]</b></td></tr>
- <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'remote subnet'}</td><td><b>$confighash{$key}[11]</b></td></tr>
+ <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'remote subnet'}:</td><td><b>$confighash{$key}[11]</b></td></tr>
<tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'ovpn subnet'}</td><td><b>$confighash{$key}[27]</b></td></tr>
<tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'protocol'}</td><td><b>$confighash{$key}[28]</b></td></tr>
<tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'destination port'}:</td><td><b>$confighash{$key}[29]</b></td></tr>
<tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'comp-lzo'}</td><td><b>$confighash{$key}[30]</b></td></tr>
- <tr><td class='boldbase' nowrap='nowrap'>MSSFIX </td><td><b>$confighash{$key}[23]</b></td></tr>
- <tr><td class='boldbase' nowrap='nowrap'>Fragment </td><td><b>$confighash{$key}[24]</b></td></tr>
+ <tr><td class='boldbase' nowrap='nowrap'>MSSFIX:</td><td><b>$confighash{$key}[23]</b></td></tr>
+ <tr><td class='boldbase' nowrap='nowrap'>Fragment:</td><td><b>$confighash{$key}[24]</b></td></tr>
<tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'MTU'}</td><td><b>$confighash{$key}[31]</b></td></tr>
- <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'ovpn mtu-disc'}</td><td><b>$confighash{$key}[38]</b></td></tr>
- <tr><td class='boldbase' nowrap='nowrap'>Management Port </td><td><b>$confighash{$key}[22]</b></td></tr>
+ <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'ovpn mtu-disc'}:</td><td><b>$confighash{$key}[38]</b></td></tr>
+ <tr><td class='boldbase' nowrap='nowrap'>Management Port:</td><td><b>$confighash{$key}[22]</b></td></tr>
+ <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'ovpn hmac'}:</td><td><b>$confighash{$key}[39]</b></td></tr>
+ <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'cipher'}</td><td><b>$confighash{$key}[40]</b></td></tr>
<tr><td> </td><td> </td></tr>
</table>
END
}
&Header::closebigbox();
&Header::closepage();
- exit(0);
+ exit(0);
##
$errormessage = $Lang::tr{'invalid key'};
goto VPNCONF_END;
}
- $cgiparams{'ENABLED'} = $confighash{$cgiparams{'KEY'}}[0];
- $cgiparams{'NAME'} = $confighash{$cgiparams{'KEY'}}[1];
- $cgiparams{'TYPE'} = $confighash{$cgiparams{'KEY'}}[3];
- $cgiparams{'AUTH'} = $confighash{$cgiparams{'KEY'}}[4];
- $cgiparams{'PSK'} = $confighash{$cgiparams{'KEY'}}[5];
- $cgiparams{'SIDE'} = $confighash{$cgiparams{'KEY'}}[6];
- $cgiparams{'LOCAL_SUBNET'} = $confighash{$cgiparams{'KEY'}}[8];
- $cgiparams{'REMOTE'} = $confighash{$cgiparams{'KEY'}}[10];
+ $cgiparams{'ENABLED'} = $confighash{$cgiparams{'KEY'}}[0];
+ $cgiparams{'NAME'} = $confighash{$cgiparams{'KEY'}}[1];
+ $cgiparams{'TYPE'} = $confighash{$cgiparams{'KEY'}}[3];
+ $cgiparams{'AUTH'} = $confighash{$cgiparams{'KEY'}}[4];
+ $cgiparams{'PSK'} = $confighash{$cgiparams{'KEY'}}[5];
+ $cgiparams{'SIDE'} = $confighash{$cgiparams{'KEY'}}[6];
+ $cgiparams{'LOCAL_SUBNET'} = $confighash{$cgiparams{'KEY'}}[8];
+ $cgiparams{'REMOTE'} = $confighash{$cgiparams{'KEY'}}[10];
$cgiparams{'REMOTE_SUBNET'} = $confighash{$cgiparams{'KEY'}}[11];
- $cgiparams{'OVPN_MGMT'} = $confighash{$cgiparams{'KEY'}}[22];
- $cgiparams{'MSSFIX'} = $confighash{$cgiparams{'KEY'}}[23];
- $cgiparams{'FRAGMENT'} = $confighash{$cgiparams{'KEY'}}[24];
- $cgiparams{'REMARK'} = $confighash{$cgiparams{'KEY'}}[25];
- $cgiparams{'INTERFACE'} = $confighash{$cgiparams{'KEY'}}[26];
- $cgiparams{'OVPN_SUBNET'} = $confighash{$cgiparams{'KEY'}}[27];
- $cgiparams{'PROTOCOL'} = $confighash{$cgiparams{'KEY'}}[28];
- $cgiparams{'DEST_PORT'} = $confighash{$cgiparams{'KEY'}}[29];
- $cgiparams{'COMPLZO'} = $confighash{$cgiparams{'KEY'}}[30];
- $cgiparams{'MTU'} = $confighash{$cgiparams{'KEY'}}[31];
- $cgiparams{'CHECK1'} = $confighash{$cgiparams{'KEY'}}[32];
+ $cgiparams{'OVPN_MGMT'} = $confighash{$cgiparams{'KEY'}}[22];
+ $cgiparams{'MSSFIX'} = $confighash{$cgiparams{'KEY'}}[23];
+ $cgiparams{'FRAGMENT'} = $confighash{$cgiparams{'KEY'}}[24];
+ $cgiparams{'REMARK'} = $confighash{$cgiparams{'KEY'}}[25];
+ $cgiparams{'INTERFACE'} = $confighash{$cgiparams{'KEY'}}[26];
+ $cgiparams{'OVPN_SUBNET'} = $confighash{$cgiparams{'KEY'}}[27];
+ $cgiparams{'PROTOCOL'} = $confighash{$cgiparams{'KEY'}}[28];
+ $cgiparams{'DEST_PORT'} = $confighash{$cgiparams{'KEY'}}[29];
+ $cgiparams{'COMPLZO'} = $confighash{$cgiparams{'KEY'}}[30];
+ $cgiparams{'MTU'} = $confighash{$cgiparams{'KEY'}}[31];
+ $cgiparams{'CHECK1'} = $confighash{$cgiparams{'KEY'}}[32];
$name=$cgiparams{'CHECK1'} ;
- $cgiparams{$name} = $confighash{$cgiparams{'KEY'}}[33];
- $cgiparams{'RG'} = $confighash{$cgiparams{'KEY'}}[34];
- $cgiparams{'CCD_DNS1'} = $confighash{$cgiparams{'KEY'}}[35];
- $cgiparams{'CCD_DNS2'} = $confighash{$cgiparams{'KEY'}}[36];
- $cgiparams{'CCD_WINS'} = $confighash{$cgiparams{'KEY'}}[37];
+ $cgiparams{$name} = $confighash{$cgiparams{'KEY'}}[33];
+ $cgiparams{'RG'} = $confighash{$cgiparams{'KEY'}}[34];
+ $cgiparams{'CCD_DNS1'} = $confighash{$cgiparams{'KEY'}}[35];
+ $cgiparams{'CCD_DNS2'} = $confighash{$cgiparams{'KEY'}}[36];
+ $cgiparams{'CCD_WINS'} = $confighash{$cgiparams{'KEY'}}[37];
$cgiparams{'PMTU_DISCOVERY'} = $confighash{$cgiparams{'KEY'}}[38];
+ $cgiparams{'DAUTH'} = $confighash{$cgiparams{'KEY'}}[39];
+ $cgiparams{'DCIPHER'} = $confighash{$cgiparams{'KEY'}}[40];
} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'save'}) {
$cgiparams{'REMARK'} = &Header::cleanhtml($cgiparams{'REMARK'});
goto VPNCONF_ERROR;
}
- if ($cgiparams{'OVPN_MGMT'} eq '') {
+ if ($cgiparams{'OVPN_MGMT'} eq '') {
$cgiparams{'OVPN_MGMT'} = $cgiparams{'DEST_PORT'};
}
unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams{'NAME'}.conf") or die "Removing Configfile fail: $!";
rmdir ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}") || die "Removing Directory fail: $!";
goto VPNCONF_ERROR;
- }
- #Check if remote subnet is used elsewhere
- my ($n2nip,$n2nsub)=split("/",$cgiparams{'REMOTE_SUBNET'});
- $warnmessage=&General::checksubnets('',$n2nip,'ovpn');
- if ($warnmessage){
- $warnmessage=$Lang::tr{'remote subnet'}." ($cgiparams{'REMOTE_SUBNET'}) <br>".$warnmessage;
- }
+ }
+ #Check if remote subnet is used elsewhere
+ my ($n2nip,$n2nsub)=split("/",$cgiparams{'REMOTE_SUBNET'});
+ $warnmessage=&General::checksubnets('',$n2nip,'ovpn');
+ if ($warnmessage){
+ $warnmessage=$Lang::tr{'remote subnet'}." ($cgiparams{'REMOTE_SUBNET'}) <br>".$warnmessage;
+ }
+
}
# if (($cgiparams{'TYPE'} eq 'net') && ($cgiparams{'SIDE'} !~ /^(left|right)$/)) {
}
if ($cgiparams{'CERT_NAME'} !~ /^[a-zA-Z0-9 ,\.\-_]+$/) {
$errormessage = $Lang::tr{'invalid input for name'};
+ unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams{'NAME'}.conf") or die "Removing Configfile fail: $!";
+ rmdir ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}") || die "Removing Directory fail: $!";
goto VPNCONF_ERROR;
}
if ($cgiparams{'CERT_EMAIL'} ne '' && (! &General::validemail($cgiparams{'CERT_EMAIL'}))) {
}
} else { # child
unless (exec ('/usr/bin/openssl', 'req', '-nodes', '-rand', '/proc/interrupts:/proc/net/rt_cache',
- '-newkey', 'rsa:1024',
+ '-newkey', 'rsa:2048',
'-keyout', "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}key.pem",
'-out', "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}req.pem",
'-config',"${General::swroot}/ovpn/openssl/ovpn.cnf")) {
if (! $key) {
$key = &General::findhasharraykey (\%confighash);
- foreach my $i (0 .. 38) { $confighash{$key}[$i] = "";}
+ foreach my $i (0 .. 41) { $confighash{$key}[$i] = "";}
}
$confighash{$key}[0] = $cgiparams{'ENABLED'};
$confighash{$key}[1] = $cgiparams{'NAME'};
$confighash{$key}[6] = $cgiparams{'SIDE'};
$confighash{$key}[11] = $cgiparams{'REMOTE_SUBNET'};
}
- $confighash{$key}[8] = $cgiparams{'LOCAL_SUBNET'};
+ $confighash{$key}[8] = $cgiparams{'LOCAL_SUBNET'};
$confighash{$key}[10] = $cgiparams{'REMOTE'};
- if ($cgiparams{'OVPN_MGMT'} eq '') {
+ if ($cgiparams{'OVPN_MGMT'} eq '') {
$confighash{$key}[22] = $confighash{$key}[29];
- } else {
+ } else {
$confighash{$key}[22] = $cgiparams{'OVPN_MGMT'};
- }
+ }
$confighash{$key}[23] = $cgiparams{'MSSFIX'};
$confighash{$key}[24] = $cgiparams{'FRAGMENT'};
$confighash{$key}[25] = $cgiparams{'REMARK'};
$confighash{$key}[35] = $cgiparams{'CCD_DNS1'};
$confighash{$key}[36] = $cgiparams{'CCD_DNS2'};
$confighash{$key}[37] = $cgiparams{'CCD_WINS'};
- $confighash{$key}[38] = $cgiparams{'PMTU_DISCOVERY'};
-
+ $confighash{$key}[38] = $cgiparams{'PMTU_DISCOVERY'};
+ $confighash{$key}[39] = $cgiparams{'DAUTH'};
+ $confighash{$key}[40] = $cgiparams{'DCIPHER'};
&General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
###
$cgiparams{'MSSFIX'} = 'on';
$cgiparams{'FRAGMENT'} = '1300';
- $cgiparams{'PMTU_DISCOVERY'} = 'off';
+ $cgiparams{'PMTU_DISCOVERY'} = 'off';
+ $cgiparams{'DAUTH'} = 'SHA1';
###
# m.a.d n2n end
###
- $cgiparams{'SIDE'} = 'left';
+ $cgiparams{'SIDE'} = 'left';
if ( ! -f "${General::swroot}/ovpn/ca/cakey.pem" ) {
$cgiparams{'AUTH'} = 'psk';
} elsif ( ! -f "${General::swroot}/ovpn/ca/cacert.pem") {
}
$checked{'PMTU_DISCOVERY'}{$cgiparams{'PMTU_DISCOVERY'}} = 'checked=\'checked\'';
+ $selected{'DAUTH'}{'whirlpool'} = '';
+ $selected{'DAUTH'}{'SHA512'} = '';
+ $selected{'DAUTH'}{'SHA384'} = '';
+ $selected{'DAUTH'}{'SHA256'} = '';
+ $selected{'DAUTH'}{'ecdsa-with-SHA1'} = '';
+ $selected{'DAUTH'}{'SHA1'} = '';
+ $selected{'DAUTH'}{$cgiparams{'DAUTH'}} = 'SELECTED';
+
+ $selected{'DCIPHER'}{'CAMELLIA-256-CBC'} = '';
+ $selected{'DCIPHER'}{'CAMELLIA-192-CBC'} = '';
+ $selected{'DCIPHER'}{'CAMELLIA-128-CBC'} = '';
+ $selected{'DCIPHER'}{'AES-256-CBC'} = '';
+ $selected{'DCIPHER'}{'AES-192-CBC'} = '';
+ $selected{'DCIPHER'}{'AES-128-CBC'} = '';
+ $selected{'DCIPHER'}{'DESX-CBC'} = '';
+ $selected{'DCIPHER'}{'SEED-CBC'} = '';
+ $selected{'DCIPHER'}{'DES-EDE3-CBC'} = '';
+ $selected{'DCIPHER'}{'DES-EDE-CBC'} = '';
+ $selected{'DCIPHER'}{'CAST5-CBC'} = '';
+ $selected{'DCIPHER'}{'BF-CBC'} = '';
+ $selected{'DCIPHER'}{'RC2-CBC'} = '';
+ $selected{'DCIPHER'}{'DES-CBC'} = '';
+ $selected{'DCIPHER'}{'RC2-64-CBC'} = '';
+ $selected{'DCIPHER'}{'RC2-40-CBC'} = '';
+ $selected{'DCIPHER'}{$cgiparams{'DCIPHER'}} = 'SELECTED';
if (1) {
&Header::showhttpheaders();
- &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
+ &Header::openpage($Lang::tr{'ovpn'}, 1, '');
&Header::openbigbox('100%', 'LEFT', '', $errormessage);
if ($errormessage) {
&Header::openbox('100%', 'LEFT', $Lang::tr{'error messages'});
&Header::openbox('100%', 'LEFT', "$Lang::tr{'connection'}:");
print "<table width='100%' border='0'>\n";
-
-
-
+
print "<tr><td width='14%' class='boldbase'>$Lang::tr{'name'}: </td>";
if ($cgiparams{'TYPE'} eq 'host') {
if ($cgiparams{'KEY'}) {
print "<td width='35%' class='base'><input type='hidden' name='NAME' value='$cgiparams{'NAME'}' />$cgiparams{'NAME'}</td>";
} else {
-
print "<td width='35%'><input type='text' name='NAME' value='$cgiparams{'NAME'}' maxlength='20' size='30' /></td>";
}
# print "<tr><td>$Lang::tr{'interface'}</td>";
# print "<td><select name='INTERFACE'>";
# print "<option value='RED' $selected{'INTERFACE'}{'RED'}>RED</option>";
-# if ($netsettings{'BLUE_DEV'} ne '') {
-# print "<option value='BLUE' $selected{'INTERFACE'}{'BLUE'}>BLUE</option>";
-# }
-# print "<option value='GREEN' $selected{'INTERFACE'}{'GREEN'}>GREEN</option>";
-# print "<option value='ORANGE' $selected{'INTERFACE'}{'ORANGE'}>ORANGE</option>";
-# print "</select></td></tr>";
-# print <<END
+# if ($netsettings{'BLUE_DEV'} ne '') {
+# print "<option value='BLUE' $selected{'INTERFACE'}{'BLUE'}>BLUE</option>";
+# }
+# print "<option value='GREEN' $selected{'INTERFACE'}{'GREEN'}>GREEN</option>";
+# print "<option value='ORANGE' $selected{'INTERFACE'}{'ORANGE'}>ORANGE</option>";
+# print "</select></td></tr>";
+# print <<END;
} else {
print "<input type='hidden' name='INTERFACE' value='red' />";
if ($cgiparams{'KEY'}) {
} else {
print "<td width='25%'><input type='text' name='NAME' value='$cgiparams{'NAME'}' maxlength='20' /></td>";
}
-
-
-
- print <<END
+
+ print <<END;
<td width='25%'> </td>
<td width='25%'> </td></tr>
+
<tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'Act as'}</td>
<td><select name='SIDE'><option value='server' $selected{'SIDE'}{'server'}>$Lang::tr{'openvpn server'}</option>
<option value='client' $selected{'SIDE'}{'client'}>$Lang::tr{'openvpn client'}</option></select></td>
+
<td class='boldbase'>$Lang::tr{'remote host/ip'}:</td>
<td><input type='TEXT' name='REMOTE' value='$cgiparams{'REMOTE'}' /></td></tr>
+
<tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'local subnet'}</td>
<td><input type='TEXT' name='LOCAL_SUBNET' value='$cgiparams{'LOCAL_SUBNET'}' /></td>
+
<td class='boldbase' nowrap='nowrap'>$Lang::tr{'remote subnet'}</td>
<td><input type='text' name='REMOTE_SUBNET' value='$cgiparams{'REMOTE_SUBNET'}' /></td></tr>
+
<tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'ovpn subnet'}</td>
- <td><input type='TEXT' name='OVPN_SUBNET' value='$cgiparams{'OVPN_SUBNET'}' /></td></tr>
- <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'protocol'}</td>
-
- <td><select name='PROTOCOL'><option value='udp' $selected{'PROTOCOL'}{'udp'}>UDP</option>
- <option value='tcp' $selected{'PROTOCOL'}{'tcp'}>TCP</option></select></td>
-
- <td class='boldbase'>$Lang::tr{'destination port'}:</td>
- <td><input type='TEXT' name='DEST_PORT' value='$cgiparams{'DEST_PORT'}' size='5' /></td></tr>
- <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'comp-lzo'} <img src='/blob.gif'</td>
- <td><input type='checkbox' name='COMPLZO' $checked{'COMPLZO'}{'on'} /></td>
-
- <tr><td class='boldbase' nowrap='nowrap'>mssfix <img src='/blob.gif' /></td>
- <td><input type='checkbox' name='MSSFIX' $checked{'MSSFIX'}{'on'} /></td>
- <td>$Lang::tr{'openvpn default'}: <span class="base">on</span></td>
-
- <tr><td class='boldbase' nowrap='nowrap'>fragment <img src='/blob.gif' /></td>
- <td><input type='TEXT' name='FRAGMENT' VALUE='$cgiparams{'FRAGMENT'}'size='5' /></td>
- <td>$Lang::tr{'openvpn default'}: <span class="base">1300</span></td>
-
- <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'MTU'} <img src='/blob.gif' /></td>
- <td> <input type='TEXT' name='MTU' VALUE='$cgiparams{'MTU'}'size='5' /></td>
- <td colspan='2'>$Lang::tr{'openvpn default'}: udp/tcp <span class="base">1500/1400</span></td>
-
- <tr><td class='boldbase' nowrap='nowrap'>Management Port <img src='/blob.gif' /></td>
- <td> <input type='TEXT' name='OVPN_MGMT' VALUE='$cgiparams{'OVPN_MGMT'}'size='5' /></td>
- <td colspan='2'>$Lang::tr{'openvpn default'}: <span class="base">$Lang::tr{'destination port'}</span></td>
+ <td><input type='TEXT' name='OVPN_SUBNET' value='$cgiparams{'OVPN_SUBNET'}' /></td>
- <tr>
- <td class='boldbase' nowrap='nowrap'>$Lang::tr{'ovpn mtu-disc'}</td>
- <td colspan='3'>
- <input type='radio' name='PMTU_DISCOVERY' value='yes' $checked{'PMTU_DISCOVERY'}{'yes'} /> $Lang::tr{'ovpn mtu-disc yes'}
- <input type='radio' name='PMTU_DISCOVERY' value='maybe' $checked{'PMTU_DISCOVERY'}{'maybe'} /> $Lang::tr{'ovpn mtu-disc maybe'}
- <input type='radio' name='PMTU_DISCOVERY' value='no' $checked{'PMTU_DISCOVERY'}{'no'} /> $Lang::tr{'ovpn mtu-disc no'}
- <input type='radio' name='PMTU_DISCOVERY' value='off' $checked{'PMTU_DISCOVERY'}{'off'} /> $Lang::tr{'ovpn mtu-disc off'}
- </td>
- </tr>
+ <td class='boldbase'>$Lang::tr{'destination port'}:</td>
+ <td><input type='TEXT' name='DEST_PORT' value='$cgiparams{'DEST_PORT'}' size='5' /></td>
+
+ <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'protocol'}</td>
+ <td><select name='PROTOCOL'><option value='udp' $selected{'PROTOCOL'}{'udp'}>UDP</option>
+ <option value='tcp' $selected{'PROTOCOL'}{'tcp'}>TCP</option></select></td>
+
+ <td class='boldbase' nowrap='nowrap'>Management Port ($Lang::tr{'openvpn default'}: <span class="base">$Lang::tr{'destination port'}): <img src='/blob.gif' /></td>
+ <td> <input type='TEXT' name='OVPN_MGMT' VALUE='$cgiparams{'OVPN_MGMT'}'size='5' /></td>
+ </tr>
+
+ <tr><td class='boldbase'>$Lang::tr{'cipher'}</td>
+ <td><select name='DCIPHER'>
+ <option value='CAMELLIA-256-CBC' $selected{'DCIPHER'}{'CAMELLIA-256-CBC'}>CAMELLIA-CBC (256 $Lang::tr{'bit'})</option>
+ <option value='CAMELLIA-192-CBC' $selected{'DCIPHER'}{'CAMELLIA-192-CBC'}>CAMELLIA-CBC (196 $Lang::tr{'bit'})</option>
+ <option value='CAMELLIA-128-CBC' $selected{'DCIPHER'}{'CAMELLIA-128-CBC'}>CAMELLIA-CBC (128 $Lang::tr{'bit'})</option>
+ <option value='AES-256-CBC' $selected{'DCIPHER'}{'AES-256-CBC'}>AES-CBC (256 $Lang::tr{'bit'})</option>
+ <option value='AES-192-CBC' $selected{'DCIPHER'}{'AES-192-CBC'}>AES-CBC (192 $Lang::tr{'bit'})</option>
+ <option value='AES-128-CBC' $selected{'DCIPHER'}{'AES-128-CBC'}>AES-CBC (128 $Lang::tr{'bit'})</option>
+ <option value='DES-EDE3-CBC' $selected{'DCIPHER'}{'DES-EDE3-CBC'}>DES-EDE3-CBC (192 $Lang::tr{'bit'})</option>
+ <option value='DESX-CBC' $selected{'DCIPHER'}{'DESX-CBC'}>DESX-CBC (192 $Lang::tr{'bit'})</option>
+ <option value='SEED-CBC' $selected{'DCIPHER'}{'SEED-CBC'}>SEED-CBC (128 $Lang::tr{'bit'})</option>
+ <option value='DES-EDE-CBC' $selected{'DCIPHER'}{'DES-EDE-CBC'}>DES-EDE-CBC (128 $Lang::tr{'bit'})</option>
+ <option value='BF-CBC' $selected{'DCIPHER'}{'BF-CBC'}>BF-CBC (128 $Lang::tr{'bit'})</option>
+ <option value='CAST5-CBC' $selected{'DCIPHER'}{'CAST5-CBC'}>CAST5-CBC (128 $Lang::tr{'bit'})</option>
+ <option value='RC2-CBC' $selected{'DCIPHER'}{'RC2-CBC'}>RC2-CBC (128 $Lang::tr{'bit'})</option>
+ <option value='DES-CBC' $selected{'DCIPHER'}{'DES-CBC'}>DES-CBC (64 $Lang::tr{'bit'} not recommended)</option>
+ <option value='RC2-64-CBC' $selected{'DCIPHER'}{'RC2-64-CBC'}>RC2-CBC (64 $Lang::tr{'bit'} not recommended)</option>
+ <option value='RC2-40-CBC' $selected{'DCIPHER'}{'RC2-40-CBC'}>RC2-CBC (40 $Lang::tr{'bit'} not recommended)</option>
+ </select>
+ </td>
+
+ <td class='boldbase'>$Lang::tr{'ovpn ha'}:</td>
+ <td><select name='DAUTH'>
+ <option value='whirlpool' $selected{'DAUTH'}{'whirlpool'}>Whirlpool (512 $Lang::tr{'bit'})</option>
+ <option value='SHA512' $selected{'DAUTH'}{'SHA512'}>SHA2 (512 $Lang::tr{'bit'})</option>
+ <option value='SHA384' $selected{'DAUTH'}{'SHA384'}>SHA2 (384 $Lang::tr{'bit'})</option>
+ <option value='SHA256' $selected{'DAUTH'}{'SHA256'}>SHA2 (256 $Lang::tr{'bit'})</option>
+ <option value='ecdsa-with-SHA1' $selected{'DAUTH'}{'ecdsa-with-SHA1'}>ECDSA-SHA1 (160 $Lang::tr{'bit'})</option>
+ <option value='SHA1' $selected{'DAUTH'}{'SHA1'}>SHA1 (160 $Lang::tr{'bit'} Default)</option>
+ </select>
+ </td>
+ </tr>
+
+ <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'MTU'} <img src='/blob.gif' /></td>
+ <td> <input type='TEXT' name='MTU' VALUE='$cgiparams{'MTU'}'size='5' /></td>
+ <td colspan='2'>$Lang::tr{'openvpn default'}: udp/tcp <span class="base">1500/1400</span></td>
+
+ <tr><td class='boldbase' nowrap='nowrap'>fragment: <img src='/blob.gif' /></td>
+ <td><input type='TEXT' name='FRAGMENT' VALUE='$cgiparams{'FRAGMENT'}'size='5' /></td>
+ <td>$Lang::tr{'openvpn default'}: <span class="base">1300</span></td>
+
+ <tr><td class='boldbase' nowrap='nowrap'>mssfix: <img src='/blob.gif' /></td>
+ <td><input type='checkbox' name='MSSFIX' $checked{'MSSFIX'}{'on'} /></td>
+ <td>$Lang::tr{'openvpn default'}: <span class="base">on</span></td>
+
+ <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'comp-lzo'} <img src='/blob.gif'</td>
+ <td><input type='checkbox' name='COMPLZO' $checked{'COMPLZO'}{'on'} /></td>
+ </tr>
+
+ <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'ovpn mtu-disc'}:</td>
+ <td colspan='3'>
+ <input type='radio' name='PMTU_DISCOVERY' value='yes' $checked{'PMTU_DISCOVERY'}{'yes'} /> $Lang::tr{'ovpn mtu-disc yes'}
+ <input type='radio' name='PMTU_DISCOVERY' value='maybe' $checked{'PMTU_DISCOVERY'}{'maybe'} /> $Lang::tr{'ovpn mtu-disc maybe'}
+ <input type='radio' name='PMTU_DISCOVERY' value='no' $checked{'PMTU_DISCOVERY'}{'no'} /> $Lang::tr{'ovpn mtu-disc no'}
+ <input type='radio' name='PMTU_DISCOVERY' value='off' $checked{'PMTU_DISCOVERY'}{'off'} /> $Lang::tr{'ovpn mtu-disc off'}
+ </td>
+ </tr>
END
;
if ($cgiparams{'TYPE'} eq 'host') {
-print <<END
+ print <<END;
<table width='100%' cellpadding='0' cellspacing='5' border='0'>
<tr><td><input type='radio' name='AUTH' value='certreq' $checked{'AUTH'}{'certreq'} $cakeydisabled /></td><td class='base'>$Lang::tr{'upload a certificate request'}</td><td class='base' rowspan='2'><input type='file' name='FH' size='30' $cacrtdisabled></td></tr>
} else {
-print <<END
+ print <<END;
<table width='100%' cellpadding='0' cellspacing='5' border='0'>
<tr><td><input type='radio' name='AUTH' value='certgen' $checked{'AUTH'}{'certgen'} $cakeydisabled /></td><td class='base'>$Lang::tr{'generate a certificate'}</td><td> </td></tr>
###
if ($cgiparams{'TYPE'} eq 'host') {
- print <<END
+ print <<END;
</select></td></tr>
<td> </td><td class='base'>$Lang::tr{'valid till'} (days):</td>
</table>
END
}else{
- print <<END
+ print <<END;
</select></td></tr>
<tr><td> </td><td> </td><td> </td></tr>
<tr><td> </td><td> </td><td> </td></tr>
#default setzen
if ($cgiparams{'DCIPHER'} eq '') {
- $cgiparams{'DCIPHER'} = 'AES-256-CBC';
+ $cgiparams{'DCIPHER'} = 'AES-256-CBC';
}
if ($cgiparams{'DDEST_PORT'} eq '') {
- $cgiparams{'DDEST_PORT'} = '1194';
+ $cgiparams{'DDEST_PORT'} = '1194';
}
if ($cgiparams{'DMTU'} eq '') {
- $cgiparams{'DMTU'} = '1400';
+ $cgiparams{'DMTU'} = '1400';
+ }
+ if ($cgiparams{'MSSFIX'} eq '') {
+ $cgiparams{'MSSFIX'} = 'off';
+ }
+ if ($cgiparams{'DAUTH'} eq '') {
+ $cgiparams{'DAUTH'} = 'SHA1';
}
if ($cgiparams{'DOVPN_SUBNET'} eq '') {
- $cgiparams{'DOVPN_SUBNET'} = '10.' . int(rand(256)) . '.' . int(rand(256)) . '.0/255.255.255.0';
+ $cgiparams{'DOVPN_SUBNET'} = '10.' . int(rand(256)) . '.' . int(rand(256)) . '.0/255.255.255.0';
}
- $checked{'ENABLED'}{'off'} = '';
+ $checked{'ENABLED'}{'off'} = '';
$checked{'ENABLED'}{'on'} = '';
$checked{'ENABLED'}{$cgiparams{'ENABLED'}} = 'CHECKED';
$checked{'ENABLED_BLUE'}{'off'} = '';
$selected{'DPROTOCOL'}{'udp'} = '';
$selected{'DPROTOCOL'}{'tcp'} = '';
$selected{'DPROTOCOL'}{$cgiparams{'DPROTOCOL'}} = 'SELECTED';
-
- $selected{'DCIPHER'}{'DES-CBC'} = '';
- $selected{'DCIPHER'}{'DES-EDE-CBC'} = '';
+
+ $selected{'DCIPHER'}{'CAMELLIA-256-CBC'} = '';
+ $selected{'DCIPHER'}{'CAMELLIA-192-CBC'} = '';
+ $selected{'DCIPHER'}{'CAMELLIA-128-CBC'} = '';
+ $selected{'DCIPHER'}{'AES-256-CBC'} = '';
+ $selected{'DCIPHER'}{'AES-192-CBC'} = '';
+ $selected{'DCIPHER'}{'AES-128-CBC'} = '';
$selected{'DCIPHER'}{'DES-EDE3-CBC'} = '';
$selected{'DCIPHER'}{'DESX-CBC'} = '';
+ $selected{'DCIPHER'}{'SEED-CBC'} = '';
+ $selected{'DCIPHER'}{'DES-EDE-CBC'} = '';
+ $selected{'DCIPHER'}{'CAST5-CBC'} = '';
+ $selected{'DCIPHER'}{'BF-CBC'} = '';
$selected{'DCIPHER'}{'RC2-CBC'} = '';
- $selected{'DCIPHER'}{'RC2-40-CBC'} = '';
+ $selected{'DCIPHER'}{'DES-CBC'} = '';
$selected{'DCIPHER'}{'RC2-64-CBC'} = '';
- $selected{'DCIPHER'}{'BF-CBC'} = '';
- $selected{'DCIPHER'}{'CAST5-CBC'} = '';
- $selected{'DCIPHER'}{'AES-128-CBC'} = '';
- $selected{'DCIPHER'}{'AES-192-CBC'} = '';
- $selected{'DCIPHER'}{'AES-256-CBC'} = '';
- $selected{'DCIPHER'}{'CAMELLIA-128-CBC'} = '';
- $selected{'DCIPHER'}{'CAMELLIA-192-CBC'} = '';
- $selected{'DCIPHER'}{'CAMELLIA-256-CBC'} = '';
+ $selected{'DCIPHER'}{'RC2-40-CBC'} = '';
$selected{'DCIPHER'}{$cgiparams{'DCIPHER'}} = 'SELECTED';
+
+ $selected{'DAUTH'}{'whirlpool'} = '';
+ $selected{'DAUTH'}{'SHA512'} = '';
+ $selected{'DAUTH'}{'SHA384'} = '';
+ $selected{'DAUTH'}{'SHA256'} = '';
+ $selected{'DAUTH'}{'ecdsa-with-SHA1'} = '';
+ $selected{'DAUTH'}{'SHA1'} = '';
+ $selected{'DAUTH'}{$cgiparams{'DAUTH'}} = 'SELECTED';
+
$checked{'DCOMPLZO'}{'off'} = '';
$checked{'DCOMPLZO'}{'on'} = '';
$checked{'DCOMPLZO'}{$cgiparams{'DCOMPLZO'}} = 'CHECKED';
+
# m.a.d
$checked{'MSSFIX'}{'off'} = '';
$checked{'MSSFIX'}{'on'} = '';
&Header::closebox();
}
- if ($warnmessage) {
- &Header::openbox('100%', 'LEFT', $Lang::tr{'warning messages'});
- print "$warnmessage<br>";
- print "$Lang::tr{'fwdfw warn1'}<br>";
- &Header::closebox();
- print"<center><form method='post'><input type='submit' name='ACTION' value='$Lang::tr{'ok'}' style='width: 5em;'></form>";
- &Header::closepage();
- exit 0;
- }
+ if ($warnmessage) {
+ &Header::openbox('100%', 'LEFT', $Lang::tr{'warning messages'});
+ print "$warnmessage<br>";
+ print "$Lang::tr{'fwdfw warn1'}<br>";
+ &Header::closebox();
+ print"<center><form method='post'><input type='submit' name='ACTION' value='$Lang::tr{'ok'}' style='width: 5em;'></form>";
+ &Header::closepage();
+ exit 0;
+ }
my $sactive = "<table cellpadding='2' cellspacing='0' bgcolor='${Header::colourred}' width='50%'><tr><td align='center'><b><font color='#FFFFFF'>$Lang::tr{'stopped'}</font></b></td></tr></table>";
my $srunning = "no";
$activeonrun = "disabled='disabled'";
}
&Header::openbox('100%', 'LEFT', $Lang::tr{'global settings'});
- print <<END
+ print <<END;
<table width='100%' border='0'>
<form method='post'>
<td width='25%'> </td>
print "<tr><td class='boldbase'>$Lang::tr{'ovpn on orange'}</td>";
print "<td><input type='checkbox' name='ENABLED_ORANGE' $checked{'ENABLED_ORANGE'}{'on'} /></td>";
}
- print <<END
+ print <<END;
<tr><td class='base' nowrap='nowrap' colspan='2'>$Lang::tr{'local vpn hostname/ip'}:<br /><input type='text' name='VPN_IP' value='$cgiparams{'VPN_IP'}' size='30' /></td>
<td class='boldbase' nowrap='nowrap' colspan='2'>$Lang::tr{'ovpn subnet'}<br /><input type='TEXT' name='DOVPN_SUBNET' value='$cgiparams{'DOVPN_SUBNET'}' size='30' /></td></tr>
<tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'ovpn device'}</td>
<td><input type='TEXT' name='DDEST_PORT' value='$cgiparams{'DDEST_PORT'}' size='5' /></td></tr>
<tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'MTU'} </td>
<td> <input type='TEXT' name='DMTU' VALUE='$cgiparams{'DMTU'}'size='5' /></td>
+ <td class='boldbase' nowrap='nowrap'>$Lang::tr{'cipher'}</td>
+ <td><select name='DCIPHER'>
+ <option value='CAMELLIA-256-CBC' $selected{'DCIPHER'}{'CAMELLIA-256-CBC'}>CAMELLIA-CBC (256 $Lang::tr{'bit'})</option>
+ <option value='CAMELLIA-192-CBC' $selected{'DCIPHER'}{'CAMELLIA-192-CBC'}>CAMELLIA-CBC (196 $Lang::tr{'bit'})</option>
+ <option value='CAMELLIA-128-CBC' $selected{'DCIPHER'}{'CAMELLIA-128-CBC'}>CAMELLIA-CBC (128 $Lang::tr{'bit'})</option>
+ <option value='AES-256-CBC' $selected{'DCIPHER'}{'AES-256-CBC'}>AES-CBC (256 $Lang::tr{'bit'})</option>
+ <option value='AES-192-CBC' $selected{'DCIPHER'}{'AES-192-CBC'}>AES-CBC (192 $Lang::tr{'bit'})</option>
+ <option value='AES-128-CBC' $selected{'DCIPHER'}{'AES-128-CBC'}>AES-CBC (128 $Lang::tr{'bit'})</option>
+ <option value='DES-EDE3-CBC' $selected{'DCIPHER'}{'DES-EDE3-CBC'}>DES-EDE3-CBC (192 $Lang::tr{'bit'})</option>
+ <option value='DESX-CBC' $selected{'DCIPHER'}{'DESX-CBC'}>DESX-CBC (192 $Lang::tr{'bit'})</option>
+ <option value='SEED-CBC' $selected{'DCIPHER'}{'SEED-CBC'}>SEED-CBC (128 $Lang::tr{'bit'})</option>
+ <option value='DES-EDE-CBC' $selected{'DCIPHER'}{'DES-EDE-CBC'}>DES-EDE-CBC (128 $Lang::tr{'bit'})</option>
+ <option value='BF-CBC' $selected{'DCIPHER'}{'BF-CBC'}>BF-CBC (128 $Lang::tr{'bit'})</option>
+ <option value='CAST5-CBC' $selected{'DCIPHER'}{'CAST5-CBC'}>CAST5-CBC (128 $Lang::tr{'bit'})</option>
+ <option value='RC2-CBC' $selected{'DCIPHER'}{'RC2-CBC'}>RC2-CBC (128 $Lang::tr{'bit'})</option>
+ <option value='DES-CBC' $selected{'DCIPHER'}{'DES-CBC'}>DES-CBC (64 $Lang::tr{'bit'} not recommended)</option>
+ <option value='RC2-64-CBC' $selected{'DCIPHER'}{'RC2-64-CBC'}>RC2-CBC (64 $Lang::tr{'bit'} not recommended)</option>
+ <option value='RC2-40-CBC' $selected{'DCIPHER'}{'RC2-40-CBC'}>RC2-CBC (40 $Lang::tr{'bit'} not recommended)</option>
+ </select>
+ </td>
<tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'comp-lzo'}</td>
<td><input type='checkbox' name='DCOMPLZO' $checked{'DCOMPLZO'}{'on'} /></td>
- <td class='boldbase' nowrap='nowrap'>$Lang::tr{'cipher'}</td>
- <td><select name='DCIPHER'>
- <option value='CAMELLIA-256-CBC' $selected{'DCIPHER'}{'CAMELLIA-256-CBC'}>CAMELLIA-256-CBC</option>
- <option value='CAMELLIA-192-CBC' $selected{'DCIPHER'}{'CAMELLIA-192-CBC'}>CAMELLIA-192-CBC</option>
- <option value='CAMELLIA-128-CBC' $selected{'DCIPHER'}{'CAMELLIA-128-CBC'}>CAMELLIA-128-CBC</option>
- <option value='AES-256-CBC' $selected{'DCIPHER'}{'AES-256-CBC'}>AES-256-CBC</option>
- <option value='AES-192-CBC' $selected{'DCIPHER'}{'AES-192-CBC'}>AES-192-CBC</option>
- <option value='AES-128-CBC' $selected{'DCIPHER'}{'AES-128-CBC'}>AES-128-CBC</option>
- <option value='CAST5-CBC' $selected{'DCIPHER'}{'CAST5-CBC'}>CAST5-CBC</option>
- <option value='RC2-64-CBC' $selected{'DCIPHER'}{'RC2-64-CBC'}>RC2-64-CBC</option>
- <option value='RC2-40-CBC' $selected{'DCIPHER'}{'RC2-40-CBC'}>RC2-40-CBC</option>
- <option value='RC2-CBC' $selected{'DCIPHER'}{'RC2-CBC'}>RC2-CBC</option>
- <option value='BF-CBC' $selected{'DCIPHER'}{'BF-CBC'}>BF-CBC</option>
- <option value='DES-CBC' $selected{'DCIPHER'}{'DES-CBC'}>DES-CBC</option>
- <option value='DES-EDE-CBC' $selected{'DCIPHER'}{'DES-EDE-CBC'}>DES-EDE-CBC</option>
- <option value='DES-EDE3-CBC' $selected{'DCIPHER'}{'DES-EDE3-CBC'}>DES-EDE3-CBC</option>
- <option value='DESX-CBC' $selected{'DCIPHER'}{'DESX-CBC'}>DESX-CBC</option>
- </select></td></tr>
+ </tr>
<tr><td colspan='4'><br><br></td></tr>
END
;
}
print "</form></table>";
&Header::closebox();
- &Header::openbox('100%', 'LEFT', "$Lang::tr{'certificate authorities'}");
- print <<EOF#'
- <table width='100%' cellspacing='1' cellpadding='0' class='tbl'>
- <tr>
- <th width='25%' class='boldbase' align='center'><b>$Lang::tr{'name'}</b></th>
- <th width='65%' class='boldbase' align='center'><b>$Lang::tr{'subject'}</b></th>
- <th width='10%' class='boldbase' colspan='3' align='center'><b>$Lang::tr{'action'}</b></th>
- </tr>
-EOF
- ;
- my $col1="bgcolor='$color{'color22'}'";
- my $col2="bgcolor='$color{'color20'}'";
- if (-f "${General::swroot}/ovpn/ca/cacert.pem") {
- my $casubject = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/ca/cacert.pem`;
- $casubject =~ /Subject: (.*)[\n]/;
- $casubject = $1;
- $casubject =~ s+/Email+, E+;
- $casubject =~ s/ ST=/ S=/;
- print <<END
- <tr>
- <td class='base' $col1>$Lang::tr{'root certificate'}</td>
- <td class='base' $col1>$casubject</td>
- <form method='post' name='frmrootcrta'><td width='3%' align='center' $col1>
- <input type='hidden' name='ACTION' value='$Lang::tr{'show root certificate'}' />
- <input type='image' name='$Lang::tr{'edit'}' src='/images/info.gif' alt='$Lang::tr{'show root certificate'}' title='$Lang::tr{'show root certificate'}' width='20' height='20' border='0' />
- </td></form>
- <form method='post' name='frmrootcrtb'><td width='3%' align='center' $col1>
- <input type='image' name='$Lang::tr{'download root certificate'}' src='/images/media-floppy.png' alt='$Lang::tr{'download root certificate'}' title='$Lang::tr{'download root certificate'}' border='0' />
- <input type='hidden' name='ACTION' value='$Lang::tr{'download root certificate'}' />
- </td></form>
- <td width='4%' $col1> </td></tr>
-END
- ;
- } else {
- # display rootcert generation buttons
- print <<END
- <tr>
- <td class='base' $col1>$Lang::tr{'root certificate'}:</td>
- <td class='base' $col1>$Lang::tr{'not present'}</td>
- <td colspan='3' $col1> </td></tr>
-END
- ;
- }
-
- if (-f "${General::swroot}/ovpn/certs/servercert.pem") {
- my $hostsubject = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/certs/servercert.pem`;
- $hostsubject =~ /Subject: (.*)[\n]/;
- $hostsubject = $1;
- $hostsubject =~ s+/Email+, E+;
- $hostsubject =~ s/ ST=/ S=/;
-
- print <<END
- <tr>
- <td class='base' $col2>$Lang::tr{'host certificate'}</td>
- <td class='base' $col2>$hostsubject</td>
- <form method='post' name='frmhostcrta'><td width='3%' align='center' $col2>
- <input type='hidden' name='ACTION' value='$Lang::tr{'show host certificate'}' />
- <input type='image' name='$Lang::tr{'show host certificate'}' src='/images/info.gif' alt='$Lang::tr{'show host certificate'}' title='$Lang::tr{'show host certificate'}' width='20' height='20' border='0' />
- </td></form>
- <form method='post' name='frmhostcrtb'><td width='3%' align='center' $col2>
- <input type='image' name="$Lang::tr{'download host certificate'}" src='/images/media-floppy.png' alt="$Lang::tr{'download host certificate'}" title="$Lang::tr{'download host certificate'}" border='0' />
- <input type='hidden' name='ACTION' value="$Lang::tr{'download host certificate'}" />
- </td></form>
- <td width='4%' $col2> </td></tr>
-END
- ;
- } else {
- # Nothing
- print <<END
- <tr>
- <td width='25%' class='base' $col2>$Lang::tr{'host certificate'}:</td>
- <td class='base' $col2>$Lang::tr{'not present'}</td>
- </td><td colspan='3' $col2> </td></tr>
-END
- ;
- }
-
- if (! -f "${General::swroot}/ovpn/ca/cacert.pem") {
- print "<tr><td colspan='5' align='center'><form method='post'>";
- print "<input type='submit' name='ACTION' value='$Lang::tr{'generate root/host certificates'}' />";
- print "</form></td></tr>\n";
- }
-
- if (keys %cahash > 0) {
- foreach my $key (keys %cahash) {
- if (($key + 1) % 2) {
- print "<tr bgcolor='$color{'color20'}'>\n";
- } else {
- print "<tr bgcolor='$color{'color22'}'>\n";
- }
- print "<td class='base'>$cahash{$key}[0]</td>\n";
- print "<td class='base'>$cahash{$key}[1]</td>\n";
- print <<END
- <form method='post' name='cafrm${key}a'><td align='center'>
- <input type='image' name='$Lang::tr{'show ca certificate'}' src='/images/info.gif' alt='$Lang::tr{'show ca certificate'}' title='$Lang::tr{'show ca certificate'}' border='0' />
- <input type='hidden' name='ACTION' value='$Lang::tr{'show ca certificate'}' />
- <input type='hidden' name='KEY' value='$key' />
- </td></form>
- <form method='post' name='cafrm${key}b'><td align='center'>
- <input type='image' name='$Lang::tr{'download ca certificate'}' src='/images/media-floppy.png' alt='$Lang::tr{'download ca certificate'}' title='$Lang::tr{'download ca certificate'}' border='0' />
- <input type='hidden' name='ACTION' value='$Lang::tr{'download ca certificate'}' />
- <input type='hidden' name='KEY' value='$key' />
- </td></form>
- <form method='post' name='cafrm${key}c'><td align='center'>
- <input type='hidden' name='ACTION' value='$Lang::tr{'remove ca certificate'}' />
- <input type='image' name='$Lang::tr{'remove ca certificate'}' src='/images/delete.gif' alt='$Lang::tr{'remove ca certificate'}' title='$Lang::tr{'remove ca certificate'}' width='20' height='20' border='0' />
- <input type='hidden' name='KEY' value='$key' />
- </td></form></tr>
-END
- ;
- }
- }
- print "</table>";
-
- # If the file contains entries, print Key to action icons
- if ( -f "${General::swroot}/ovpn/ca/cacert.pem") {
- print <<END
- <table>
- <tr>
- <td class='boldbase'> <b>$Lang::tr{'legend'}:</b></td>
- <td> <img src='/images/info.gif' alt='$Lang::tr{'show certificate'}' /></td>
- <td class='base'>$Lang::tr{'show certificate'}</td>
- <td> <img src='/images/media-floppy.png' alt='$Lang::tr{'download certificate'}' /></td>
- <td class='base'>$Lang::tr{'download certificate'}</td>
- </tr>
- </table>
-END
-;
- }
-
-print <<END
-<form method='post' enctype='multipart/form-data'>
-<table width='100%' border='0'>
-<tr><td class='base' nowrap='nowrap'>$Lang::tr{'ca name'}:</td><td nowrap='nowrap' width='8%'><input type='text' name='CA_NAME' value='$cgiparams{'CA_NAME'}' size='15' align='left'/></td><td nowrap='nowrap' align='right'><input type='file' name='FH' size='25' /><input type='submit' name='ACTION' value='$Lang::tr{'upload ca certificate'}' /></td></tr>
-<tr><td colspan='4'><br></td></tr>
-<tr align='right'><td colspan='4' align='right' width='80%'><input type='submit' name='ACTION' value='$Lang::tr{'show crl'}' /></td></tr>
-</table>
-END
-;
-
-
- &Header::closebox();
- if ( $srunning eq "yes" ) {
- print "<div align='center'><form method='post'><input type='submit' name='ACTION' value='$Lang::tr{'reset'}' disabled='disabled' /></div></form>\n";
- }else{
- print "<div align='center'><form method='post'><input type='submit' name='ACTION' value='$Lang::tr{'reset'}' /></div></form>\n";
- }
if ( -f "${General::swroot}/ovpn/ca/cacert.pem" ) {
-
###
# m.a.d net2net
#<td width='25%' class='boldbase' align='center'><b>$Lang::tr{'remark'}</b><br /><img src='/images/null.gif' width='125' height='1' border='0' alt='L2089' /></td>
###
- &Header::openbox('100%', 'LEFT', $Lang::tr{'Client status and controlc' });
- print <<END
+ &Header::openbox('100%', 'LEFT', $Lang::tr{'connection status and controlc' });
+ print <<END;
<table width='100%' cellspacing='1' cellpadding='0' class='tbl'>
#EXITING -- A graceful exit is in progress.
####
- if (($tustate[1] eq 'CONNECTED') || ($tustate[1] eq 'WAIT')) {
+ if ($tustate[1] eq 'CONNECTED') {
$col1="bgcolor='${Header::colourgreen}'";
$active = "<b><font color='#FFFFFF'>$Lang::tr{'capsopen'}</font></b>";
}else {
}
- print <<END
+ print <<END;
<td align='center' $col1>$active</td>
<form method='post' name='frm${key}a'><td align='center' $col>
END
;
if ($confighash{$key}[4] eq 'cert') {
- print <<END
+ print <<END;
<form method='post' name='frm${key}b'><td align='center' $col>
<input type='image' name='$Lang::tr{'show certificate'}' src='/images/info.gif' alt='$Lang::tr{'show certificate'}' title='$Lang::tr{'show certificate'}' border='0' />
<input type='hidden' name='ACTION' value='$Lang::tr{'show certificate'}' />
print "<td> </td>";
}
if ($confighash{$key}[4] eq 'cert' && -f "${General::swroot}/ovpn/certs/$confighash{$key}[1].p12") {
- print <<END
+ print <<END;
<form method='post' name='frm${key}c'><td align='center' $col>
<input type='image' name='$Lang::tr{'download pkcs12 file'}' src='/images/media-floppy.png' alt='$Lang::tr{'download pkcs12 file'}' title='$Lang::tr{'download pkcs12 file'}' border='0' />
<input type='hidden' name='ACTION' value='$Lang::tr{'download pkcs12 file'}' />
</td></form>
END
; } elsif ($confighash{$key}[4] eq 'cert') {
- print <<END
+ print <<END;
<form method='post' name='frm${key}c'><td align='center' $col>
<input type='image' name='$Lang::tr{'download certificate'}' src='/images/media-floppy.png' alt='$Lang::tr{'download certificate'}' title='$Lang::tr{'download certificate'}' border='0' />
<input type='hidden' name='ACTION' value='$Lang::tr{'download certificate'}' />
# If the config file contains entries, print Key to action icons
if ( $id ) {
- print <<END
+ print <<END;
<table border='0'>
<tr>
- <td class='boldbase'> <b>$Lang::tr{'legend'}:</b></td>
- <td> <img src='/images/on.gif' alt='$Lang::tr{'click to disable'}' /></td>
- <td class='base'>$Lang::tr{'click to disable'}</td>
- <td> <img src='/images/info.gif' alt='$Lang::tr{'show certificate'}' /></td>
- <td class='base'>$Lang::tr{'show certificate'}</td>
- <td> <img src='/images/edit.gif' alt='$Lang::tr{'edit'}' /></td>
- <td class='base'>$Lang::tr{'edit'}</td>
- <td> <img src='/images/delete.gif' alt='$Lang::tr{'remove'}' /></td>
- <td class='base'>$Lang::tr{'remove'}</td>
+ <td class='boldbase'> <b>$Lang::tr{'legend'}:</b></td>
+ <td> <img src='/images/on.gif' alt='$Lang::tr{'click to disable'}' /></td>
+ <td class='base'>$Lang::tr{'click to disable'}</td>
+ <td> <img src='/images/info.gif' alt='$Lang::tr{'show certificate'}' /></td>
+ <td class='base'>$Lang::tr{'show certificate'}</td>
+ <td> <img src='/images/edit.gif' alt='$Lang::tr{'edit'}' /></td>
+ <td class='base'>$Lang::tr{'edit'}</td>
+ <td> <img src='/images/delete.gif' alt='$Lang::tr{'remove'}' /></td>
+ <td class='base'>$Lang::tr{'remove'}</td>
</tr>
<tr>
- <td> </td>
- <td> <img src='/images/off.gif' alt='?OFF' /></td>
- <td class='base'>$Lang::tr{'click to enable'}</td>
- <td> <img src='/images/media-floppy.png' alt='?FLOPPY' /></td>
- <td class='base'>$Lang::tr{'download certificate'}</td>
- <td> <img src='/images/openvpn.png' alt='?RELOAD'/></td>
- <td class='base'>$Lang::tr{'dl client arch'}</td>
- </tr>
+ <td> </td>
+ <td> <img src='/images/off.gif' alt='?OFF' /></td>
+ <td class='base'>$Lang::tr{'click to enable'}</td>
+ <td> <img src='/images/media-floppy.png' alt='?FLOPPY' /></td>
+ <td class='base'>$Lang::tr{'download certificate'}</td>
+ <td> <img src='/images/openvpn.png' alt='?RELOAD'/></td>
+ <td class='base'>$Lang::tr{'dl client arch'}</td>
+ </tr>
</table><br>
END
;
}
- print <<END
+ print <<END;
<table width='100%'>
<form method='post'>
- <tr><td align='right'><input type='submit' name='ACTION' value='$Lang::tr{'add'}' />
- <input type='submit' name='ACTION' value='$Lang::tr{'ovpn con stat'}' $activeonrun /></td></tr>
+ <tr><td align='right'>
+ <input type='submit' name='ACTION' value='$Lang::tr{'add'}' />
+ <input type='submit' name='ACTION' value='$Lang::tr{'ovpn con stat'}' $activeonrun /></td>
+ </tr>
</form>
</table>
END
- ;
- &Header::closebox();
-}
-&Header::closepage();
+ ;
+ &Header::closebox();
+ }
+ &Header::openbox('100%', 'LEFT', "$Lang::tr{'certificate authorities'}");
+ print <<END;
+ <table width='100%' cellspacing='1' cellpadding='0' class='tbl'>
+ <tr>
+ <th width='25%' class='boldbase' align='center'><b>$Lang::tr{'name'}</b></th>
+ <th width='65%' class='boldbase' align='center'><b>$Lang::tr{'subject'}</b></th>
+ <th width='10%' class='boldbase' colspan='3' align='center'><b>$Lang::tr{'action'}</b></th>
+ </tr>
+END
+ ;
+ my $col1="bgcolor='$color{'color22'}'";
+ my $col2="bgcolor='$color{'color20'}'";
+ if (-f "${General::swroot}/ovpn/ca/cacert.pem") {
+ my $casubject = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/ca/cacert.pem`;
+ $casubject =~ /Subject: (.*)[\n]/;
+ $casubject = $1;
+ $casubject =~ s+/Email+, E+;
+ $casubject =~ s/ ST=/ S=/;
+ print <<END;
+ <tr>
+ <td class='base' $col1>$Lang::tr{'root certificate'}</td>
+ <td class='base' $col1>$casubject</td>
+ <form method='post' name='frmrootcrta'><td width='3%' align='center' $col1>
+ <input type='hidden' name='ACTION' value='$Lang::tr{'show root certificate'}' />
+ <input type='image' name='$Lang::tr{'edit'}' src='/images/info.gif' alt='$Lang::tr{'show root certificate'}' title='$Lang::tr{'show root certificate'}' width='20' height='20' border='0' />
+ </td></form>
+ <form method='post' name='frmrootcrtb'><td width='3%' align='center' $col1>
+ <input type='image' name='$Lang::tr{'download root certificate'}' src='/images/media-floppy.png' alt='$Lang::tr{'download root certificate'}' title='$Lang::tr{'download root certificate'}' border='0' />
+ <input type='hidden' name='ACTION' value='$Lang::tr{'download root certificate'}' />
+ </td></form>
+ <td width='4%' $col1> </td></tr>
+END
+ ;
+ } else {
+ # display rootcert generation buttons
+ print <<END;
+ <tr>
+ <td class='base' $col1>$Lang::tr{'root certificate'}:</td>
+ <td class='base' $col1>$Lang::tr{'not present'}</td>
+ <td colspan='3' $col1> </td></tr>
+END
+ ;
+ }
+ if (-f "${General::swroot}/ovpn/certs/servercert.pem") {
+ my $hostsubject = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/certs/servercert.pem`;
+ $hostsubject =~ /Subject: (.*)[\n]/;
+ $hostsubject = $1;
+ $hostsubject =~ s+/Email+, E+;
+ $hostsubject =~ s/ ST=/ S=/;
+ print <<END;
+ <tr>
+ <td class='base' $col2>$Lang::tr{'host certificate'}</td>
+ <td class='base' $col2>$hostsubject</td>
+ <form method='post' name='frmhostcrta'><td width='3%' align='center' $col2>
+ <input type='hidden' name='ACTION' value='$Lang::tr{'show host certificate'}' />
+ <input type='image' name='$Lang::tr{'show host certificate'}' src='/images/info.gif' alt='$Lang::tr{'show host certificate'}' title='$Lang::tr{'show host certificate'}' width='20' height='20' border='0' />
+ </td></form>
+ <form method='post' name='frmhostcrtb'><td width='3%' align='center' $col2>
+ <input type='image' name="$Lang::tr{'download host certificate'}" src='/images/media-floppy.png' alt="$Lang::tr{'download host certificate'}" title="$Lang::tr{'download host certificate'}" border='0' />
+ <input type='hidden' name='ACTION' value="$Lang::tr{'download host certificate'}" />
+ </td></form>
+ <td width='4%' $col2> </td></tr>
+END
+ ;
+ } else {
+ # Nothing
+ print <<END;
+ <tr>
+ <td width='25%' class='base' $col2>$Lang::tr{'host certificate'}:</td>
+ <td class='base' $col2>$Lang::tr{'not present'}</td>
+ </td><td colspan='3' $col2> </td></tr>
+END
+ ;
+ }
+
+ if (! -f "${General::swroot}/ovpn/ca/cacert.pem") {
+ print "<tr><td colspan='5' align='center'><form method='post'>";
+ print "<input type='submit' name='ACTION' value='$Lang::tr{'generate root/host certificates'}' />";
+ print "</form></td></tr>\n";
+ }
+
+ if (keys %cahash > 0) {
+ foreach my $key (keys %cahash) {
+ if (($key + 1) % 2) {
+ print "<tr bgcolor='$color{'color20'}'>\n";
+ } else {
+ print "<tr bgcolor='$color{'color22'}'>\n";
+ }
+ print "<td class='base'>$cahash{$key}[0]</td>\n";
+ print "<td class='base'>$cahash{$key}[1]</td>\n";
+ print <<END;
+ <form method='post' name='cafrm${key}a'><td align='center'>
+ <input type='image' name='$Lang::tr{'show ca certificate'}' src='/images/info.gif' alt='$Lang::tr{'show ca certificate'}' title='$Lang::tr{'show ca certificate'}' border='0' />
+ <input type='hidden' name='ACTION' value='$Lang::tr{'show ca certificate'}' />
+ <input type='hidden' name='KEY' value='$key' />
+ </td></form>
+ <form method='post' name='cafrm${key}b'><td align='center'>
+ <input type='image' name='$Lang::tr{'download ca certificate'}' src='/images/media-floppy.png' alt='$Lang::tr{'download ca certificate'}' title='$Lang::tr{'download ca certificate'}' border='0' />
+ <input type='hidden' name='ACTION' value='$Lang::tr{'download ca certificate'}' />
+ <input type='hidden' name='KEY' value='$key' />
+ </td></form>
+ <form method='post' name='cafrm${key}c'><td align='center'>
+ <input type='hidden' name='ACTION' value='$Lang::tr{'remove ca certificate'}' />
+ <input type='image' name='$Lang::tr{'remove ca certificate'}' src='/images/delete.gif' alt='$Lang::tr{'remove ca certificate'}' title='$Lang::tr{'remove ca certificate'}' width='20' height='20' border='0' />
+ <input type='hidden' name='KEY' value='$key' />
+ </td></form></tr>
+END
+ ;
+ }
+ }
+
+ print "</table>";
+
+ # If the file contains entries, print Key to action icons
+ if ( -f "${General::swroot}/ovpn/ca/cacert.pem") {
+ print <<END;
+ <table>
+ <tr>
+ <td class='boldbase'> <b>$Lang::tr{'legend'}:</b></td>
+ <td> <img src='/images/info.gif' alt='$Lang::tr{'show certificate'}' /></td>
+ <td class='base'>$Lang::tr{'show certificate'}</td>
+ <td> <img src='/images/media-floppy.png' alt='$Lang::tr{'download certificate'}' /></td>
+ <td class='base'>$Lang::tr{'download certificate'}</td>
+ </tr>
+ </table>
+END
+ ;
+ }
+
+ print <<END
+ <hr size='1'>
+ <form method='post' enctype='multipart/form-data'>
+ <table width='100%' border='0'cellspacing='1' cellpadding='0'>
+ <tr>
+ <td class='base' nowrap='nowrap'>$Lang::tr{'ca name'}:</td>
+ <td nowrap='nowrap'><input type='text' name='CA_NAME' value='$cgiparams{'CA_NAME'}' size='15' align='left'/></td>
+ <td nowrap='nowrap'><input type='file' name='FH' size='25' />
+ <td nowrap='nowrap' align='right'><input type='submit' name='ACTION' value='$Lang::tr{'upload ca certificate'}' /></td>
+ </tr>
+
+ <tr>
+ <td class='base' nowrap='nowrap'>$Lang::tr{'ovpn dh name'}:</td>
+ <td nowrap='nowrap'><input type='text' name='DH_NAME' value='$cgiparams{'DH_NAME'}' size='15' align='left'/></td>
+ <td nowrap='nowrap'><input type='file' name='FH' size='25' />
+ <td nowrap='nowrap' align='right'><input type='submit' name='ACTION' value='$Lang::tr{'upload dh key'}' /></td>
+ </tr>
+ <tr><td colspan='4'><br></td></tr>
+ <tr>
+ <td nowrap='nowrap'><input type='submit' name='ACTION' value='$Lang::tr{'generate dh key'}' /></td>
+ <td colspan='4' align='right'><input type='submit' name='ACTION' value='$Lang::tr{'show dh'}' /></td>
+ </tr>
+
+ <tr align='right'>
+ <td colspan='4' align='right' width='80%'><input type='submit' name='ACTION' value='$Lang::tr{'show crl'}' /></td>
+ </tr>
+ </table>
+END
+ ;
+
+ if ( $srunning eq "yes" ) {
+ print "<div align='center'><form method='post'><input type='submit' name='ACTION' value='$Lang::tr{'remove x509'}' disabled='disabled' /></div></form>\n";
+ } else {
+ print "<div align='center'><form method='post'><input type='submit' name='ACTION' value='$Lang::tr{'remove x509'}' /></div></form>\n";
+ }
+ &Header::closebox();
+END
+ ;
+
+&Header::closepage();
if ($pppsettings{'TYPE'} =~ /^(modem|serial|isdn)$/ && $pppsettings{'COMPORT'} !~ /^(ttyS0|ttyS1|ttyS2|ttyS3|ttyS4|ttyACM0|ttyACM1|ttyACM2|ttyACM3|ttyUSB0|ttyUSB1|ttyUSB2|ttyUSB3|rfcomm0|rfcomm1|isdn1|isdn2)$/) {
$errormessage = $Lang::tr{'invalid input'};
goto ERROR; }
+ if ($pppsettings{'TYPE'} =~ /^(modem|serial|isdn)$/ && $pppsettings{'MONPORT'} !~ /^(ttyUSB0|ttyUSB1|ttyUSB2|ttyUSB3)$/) {
+ $errormessage = $Lang::tr{'invalid input'};
+ goto ERROR; }
if ($pppsettings{'TYPE'} =~ /^(modem|serial)$/ && $pppsettings{'DTERATE'} !~ /^(9600|19200|38400|57600|115200|230400|460800|921600)$/) {
$errormessage = $Lang::tr{'invalid input'};
goto ERROR; }
$selected{'COMPORT'}{'rfcomm1'} = '';
$selected{'COMPORT'}{$pppsettings{'COMPORT'}} = "selected='selected'";
+$selected{'MONPORT'}{''} = '';
+$selected{'MONPORT'}{'ttyUSB0'} = '';
+$selected{'MONPORT'}{'ttyUSB1'} = '';
+$selected{'MONPORT'}{'ttyUSB2'} = '';
+$selected{'MONPORT'}{'ttyUSB3'} = '';
+$selected{'MONPORT'}{$pppsettings{'MONPORT'}} = "selected='selected'";
+
$selected{'DTERATE'}{'9600'} = '';
$selected{'DTERATE'}{'19200'} = '';
$selected{'DTERATE'}{'38400'} = '';
;
}
print "</select></td> "}
+
+ if ($pppsettings{'TYPE'} =~ /^(modem|serial)$/) {
+ print <<END;
+ <tr>
+ <td colspan='3' width='75%'>$Lang::tr{'monitor interface'}:</td>
+ <td width='25%'>
+ <select name="MONPORT" style="width: 165px;">
+ <option value="" $selected{'MONPORT'}{''}>---</option>
+ <option value="ttyUSB0" $selected{'MONPORT'}{'ttyUSB0'}>ttyUSB0</option>
+ <option value="ttyUSB1" $selected{'MONPORT'}{'ttyUSB1'}>ttyUSB1</option>
+ <option value="ttyUSB2" $selected{'MONPORT'}{'ttyUSB2'}>ttyUSB2</option>
+ <option value="ttyUSB3" $selected{'MONPORT'}{'ttyUSB3'}>ttyUSB3</option>
+ </select>
+ </td>
+ </tr>
+END
+ }
+
if ($pppsettings{'TYPE'} =~ /^(modem|serial)$/ ) {
print <<END
<tr>
{
$pppsettings{'PROFILENAME'} = $Lang::tr{'unnamed'};
$pppsettings{'COMPORT'} = 'ttyS0';
+ $pppsettings{'MONPORT'} = '';
$pppsettings{'DTERATE'} = 115200;
$pppsettings{'SPEAKER'} = 'off';
$pppsettings{'RECONNECTION'} = 'persistent';
'Local VPN IP' => 'Internes Netzwerk (GREEN)',
'MB read' => 'MB gelesen',
'MB written' => 'MB geschrieben',
-'MTU' => 'MTU Size',
+'MTU' => 'MTU Size:',
'Number of IPs for the pie chart' => 'Anzahl der angezeigten IPs im Diagramm',
'Number of Ports for the pie chart' => 'Anzahl der angezeigten Ports im Diagramm',
'OVPN' => 'OpenVPN',
'cant change certificates' => 'Kann Zertifikate nicht ändern.',
'cant enable xtaccess' => 'Die zugehörige Port-Weiterleitungsregel ist deaktiviert, daher können Sie den externen Zugang für diese Regel nicht aktivieren.',
'cant start openssl' => 'Kann OpenSSL nicht starten',
+'capabilities' => 'Unterstützte Features',
'caps all' => 'ALLE',
'capsclosed' => 'GETRENNT',
'capsinactive' => 'INAKTIV',
'check for net traffic update' => 'Prüfe auf Net-Traffic-Updates',
'check vpn lr' => 'Überprüfen',
'choose config' => 'Konfiguration auswählen',
-'cipher' => 'Verschlüsselung',
+'cipher' => 'Verschlüsselung:',
'city' => 'Stadt',
'class in use' => 'Die aktuelle Klasse wird bereits verwendet.',
'clear cache' => 'Zwischenspeicher löschen',
'details' => 'Mehr',
'device' => 'Gerät',
'devices on blue' => 'Geräte auf Blau',
+'dh' => 'Diffie-Hellman Key',
+'dh key warn' => 'Keys mit 1024 und 2048 Bit können mehrere Minuten, 3072 und 4096 Bit bis zu mehreren Stunden dauern. Bitte haben sie Geduld.',
+'dh name is invalid' => 'Name ist ungültig, bitte "dh1024.pem" verwenden.',
'dhcp advopt add' => 'DHCP Option hinzufügen',
'dhcp advopt added' => 'DHCP Option hinzugefügt',
'dhcp advopt blank value' => 'Wert für DHCP Option darf nicht leer sein',
'fwhost wo subnet' => '(Ohne Subnetz)',
'gateway' => 'Gateway',
'gateway ip' => 'Gateway-IP',
+'gen dh' => 'Diffie-Hellman Key erzeugen',
'gen static key' => 'Statischen Schlüssel erzeugen',
'generate' => 'Root/Host-Zertifikate generieren',
'generate a certificate' => 'Erzeuge ein Zertifikat:',
+'generate dh key' => 'Diffie-Hellman Key generieren',
'generate iso' => 'ISO erstellen',
'generate root/host certificates' => 'Erzeuge Root/Host-Zertifikate',
'generate tripwire keys and init' => 'Tripwire Initalisierung',
'ike integrity' => 'IKE Integrität:',
'ike lifetime' => 'IKE Lebensdauer:',
'ike lifetime should be between 1 and 8 hours' => 'IKE Lebensdauer sollte zwischen 1 und 8 Stunden betragen.',
+'imei' => 'IMEI',
'import' => 'Import',
'importkey' => 'PSK importieren',
+'imsi' => 'IMSI',
'in' => 'Ein',
'inactive' => 'inaktiv',
'include logfiles' => 'mit Logdateien',
'log view' => 'Log Anzeige',
'log viewer' => 'Protokollansicht',
'log viewing options' => 'Log Ansichts-Optionen',
-'log-options' => 'Logfile options',
+'log-options' => 'Logfile Optionen',
'loged in at' => 'Angemeldet seit',
'logging' => 'Logging',
'logging server' => 'Protokollierungs-Server',
'missing dat' => 'Verschlüsseltes Archiv wurde nicht gefunden',
'missing gz' => 'Nichtverschlüsseltes Archiv wurde nicht gefunden',
'mode' => 'Modus',
+'model' => 'Modell',
'modem' => 'Modem',
'modem configuration' => 'Modem-Konfiguration',
+'modem hardware details' => 'Modem-Hardware',
+'modem information' => 'Modem-Informationen',
+'modem network bit error rate' => 'Bit-Fehlerrate',
+'modem network information' => 'Netzwerkinformationen',
+'modem network mode' => 'Netzwerkmodus',
+'modem network operator' => 'Netzbetreiber',
+'modem network registration' => 'Netzregistrierung',
+'modem network signal quality' => 'Signalqualität',
+'modem no connection' => 'Keine Verbindung',
+'modem no connection message' => 'Es konnte keine Verbindung zum Modem aufgebaut werden.',
'modem on com1' => 'Modem an COM1',
'modem on com2' => 'Modem an COM2',
'modem on com3' => 'Modem an COM3',
'modem on com4' => 'Modem an COM4',
'modem on com5' => 'Modem an COM5',
'modem settings have errors' => 'Modemeinstellungen fehlerhaft',
+'modem sim information' => 'SIM-Informationen',
'modem speaker on' => 'Modemlautsprecher an:',
+'modem status' => 'Modem-Status',
'modify' => 'Ändern',
'modulation' => 'Modulation',
'monday' => 'Montag',
'nonetworkname' => 'Kein Netzwerkname wurde eingegeben',
'noservicename' => 'Kein Dienstname wurde eingegeben',
'not a valid ca certificate' => 'Kein gültiges CA Zertifikat.',
+'not a valid dh key' => 'Kein gültiger Diffie-Hellman Schlüssel. Bitte nur 1024, 2048, 3072 oder 4096 Bit im PKCS#3 Format verwenden.',
'not enough disk space' => 'Nicht genügend Plattenplatz vorhanden',
'not present' => '<B>Nicht</B> vorhanden',
'not running' => 'nicht gestartet',
'ovpn' => 'OpenVPN',
'ovpn con stat' => 'OpenVPN Verbindungs-Statistik',
'ovpn config' => 'OVPN-Konfiguration',
-'ovpn device' => 'OpenVPN-Gerät',
+'ovpn crypt options' => 'Kryptografieoptionen',
+'ovpn device' => 'OpenVPN-Gerät:',
+'ovpn dh' => 'Diffie-Hellman Key Länge',
+'ovpn dh name' => 'Diffie-Hellman Key Name',
'ovpn dl' => 'OVPN-Konfiguration downloaden',
'ovpn errmsg green already pushed' => 'Route für grünes Netzwerk wird immer gesetzt',
'ovpn errmsg invalid ip or mask' => 'Ungültige Netzwerk-Adresse oder Subnetzmaske',
+'ovpn generating the root and host certificates' => 'Die Erzeugung der Root- und Host-Zertifikate kann lange Zeit dauern.',
+'ovpn ha' => 'Hash Algorithmus',
+'ovpn hmac' => 'HMAC Optionen',
'ovpn log' => 'OVPN-Log',
'ovpn mgmt in root range' => 'Ein Port von 1024 oder höher ist erforderlich.',
'ovpn mtu-disc' => 'Path MTU Discovery',
'ovpn mtu-disc with mssfix or fragment' => 'Path MTU Discovery kann nicht gemeinsam mit mssfix oder fragment verwendet werden.',
'ovpn mtu-disc yes' => 'Forciert',
'ovpn no connections' => 'Keine aktiven OpenVPN Verbindungen',
-'ovpn on blue' => 'OpenVPN auf BLAU',
-'ovpn on orange' => 'OpenVPN auf ORANGE',
-'ovpn on red' => 'OpenVPN auf ROT',
+'ovpn on blue' => 'OpenVPN auf BLAU:',
+'ovpn on orange' => 'OpenVPN auf ORANGE:',
+'ovpn on red' => 'OpenVPN auf ROT:',
'ovpn port in root range' => 'Ein Port von 1024 oder höher ist erforderlich.',
'ovpn routes push' => 'Routen (eine pro Zeile) z.b. 192.168.10.0/255.255.255.0 192.168.20.0/24',
'ovpn routes push options' => 'Route push Optionen',
'ovpn server status' => 'OpenVPN-Server-Status',
-'ovpn subnet' => 'OpenVPN-Subnetz (z.B. 10.0.10.0/255.255.255.0)',
+'ovpn subnet' => 'OpenVPN-Subnetz:',
'ovpn subnet is invalid' => 'Das OpenVPN-Subnetz ist ungültig.',
'ovpn subnet overlap' => 'OpenVPNSubnetz überschneidet sich mit ',
-'ovpn_fastio' => 'Fast-IO',
'ovpn_fragment' => 'Fragmentgrösse',
'ovpn_mssfix' => 'MSSFIX-Grösse',
'ovpn_mtudisc' => 'MTU-Discovery',
'profile saved' => 'Profil gespeichert: ',
'profiles' => 'Profile:',
'proto' => 'Proto',
-'protocol' => 'Protokoll',
+'protocol' => 'Protokoll:',
'proxy' => 'Proxy',
'proxy access graphs' => 'Diagramme zur Proxyauslastung',
'proxy admin password' => 'Cache Administrator Passwort',
'resetglobals' => 'Globale Einstellungen zurücksetzen',
'resetpolicy' => 'Policy zurücksetzen',
'resetshares' => 'Shares zurücksetzen?',
-'resetting the vpn configuration will remove the root ca, the host certificate and all certificate based connections' => 'Das Zurücksetzen der VPN-Konfiguration wird die Root-CA, die Host-Zertifikate und alle weiteren Zertifikate und alle zertifikatsbasierten Verbindungen entfernen',
+'resetting the vpn configuration will remove the root ca, the host certificate and all certificate based connections' => 'Das Löschen des X509 wird die Root-CA, die Host-Zertifikate und alle zertifikatsbasierten Verbindungen entfernen.',
'restart' => 'Neustart',
'restart ovpn server' => 'OpenVPN-Server neu starten',
'restore' => 'Wiederherstellen',
'show ca certificate' => 'CA Zertifikat anzeigen',
'show certificate' => 'Zertifikat anzeigen',
'show crl' => 'Certificate Revocation List anzeigen',
+'show dh' => 'Diffie-Hellman Key anzeigen',
'show host certificate' => 'Host-Zertifikat anzeigen',
'show last x lines' => 'die letzten x Zeilen anzeigen',
'show root certificate' => 'Root-Zertifikat anzeigen',
'snort hits' => 'Gesamtanzahl der aktivierten Intrusion-Regeln für',
'snort working' => 'Snort führt gerade eine Aufgabe aus... Bitte warten Sie, bis diese erfolgreich beendet wurde.',
'socket options' => 'Socket Options',
+'software version' => 'Software-Version',
'sort ascending' => 'Sortiere aufsteigend',
'sort descending' => 'Sortiere absteigend',
'sound' => 'Klang',
'upload a certificate' => 'Ein Zertifikat hochladen:',
'upload a certificate request' => 'Eine Zertifikatsanfrage hochladen:',
'upload ca certificate' => 'CA-Zertifikat hochladen',
+'upload dh key' => 'Diffie-Hellman Key hochladen',
'upload file' => 'Datei zum hochladen',
'upload new ruleset' => 'Neuen Regelsatz hochladen',
'upload p12 file' => 'PKCS12-Datei hochladen',
'valid root certificate already exists' => 'Ein gültiges Root-Zertifikat existiert bereits.',
'valid till' => 'Gültig bis',
'vci number' => 'VCI-Nummer:',
+'vendor' => 'Hersteller',
'view log' => 'Log anzeigen',
'virtual address' => 'Virtuelle Addresse',
'virtual private networking' => 'Virtuelles Privates Netzwerk',
'cant change certificates' => 'Can\'t change certificates.',
'cant enable xtaccess' => 'The associated port forwarding rule is disabled, therefore you cannot enable external access for this rule.',
'cant start openssl' => 'Can\'t start OpenSSL',
+'capabilities' => 'Capabilities',
'caps all' => 'ALL',
'capsclosed' => 'DISCONNECTED',
'capsinactive' => 'INACTIVE',
'details' => 'Details',
'device' => 'Device',
'devices on blue' => 'Devices on BLUE',
+'dh' => 'Diffie-Hellman Key',
+'dh key warn' => 'Keys with 1024 and 2048 bit takes up to several minutes, 3072 and 4096 bit might needs several hours. Please be patient.',
+'dh name is invalid' => 'Name is invalid, please use "dh1024.pem".',
'dhcp advopt add' => 'Add a DHCP option',
'dhcp advopt added' => 'DHCP option added',
'dhcp advopt blank value' => 'DHCP Option value cannot be empty.',
'firewall log' => 'Firewall log',
'firewall log viewer' => 'Firewall Log Viewer',
'firewall logs' => 'Firewall Logs',
+'firewall logs country' => 'Fw-Loggraphs (Country)',
'firewall logs ip' => 'Fw-Loggraphs (IP)',
'firewall logs port' => 'Fw-Loggraphs (Port)',
'firewall rules' => 'Firewall Rules',
'g.lite' => 'TO BE REMOVED',
'gateway' => 'Gateway',
'gateway ip' => 'Gateway IP',
+'gen dh' => 'Generate Diffie-Hellman key',
'gen static key' => 'Generate a static key',
'generate' => 'Generate root/host zertifikate',
'generate a certificate' => 'Generate a certificate:',
+'generate dh key' => 'Generate Diffie-Hellman key',
'generate iso' => 'Generate ISO',
'generate root/host certificates' => 'Generate root/host certificates',
'generate tripwire keys and init' => 'generate tripwire keys and init',
'ike integrity' => 'IKE Integrity:',
'ike lifetime' => 'IKE Lifetime:',
'ike lifetime should be between 1 and 8 hours' => 'IKE lifetime should be between 1 and 8 hours.',
+'imei' => 'IMEI',
'import' => 'Import',
'importkey' => 'Import PSK',
+'imsi' => 'IMSI',
'in' => 'In',
'inactive' => 'inactive',
'include logfiles' => 'Include logfiles',
'local hard disk' => 'Hard disk',
'local master' => 'Local Master',
'local ntp server specified but not enabled' => 'Local NTP server specified but not enabled',
-'local subnet' => 'Local Subnet:',
+'local subnet' => 'Local subnet:',
'local subnet is invalid' => 'Local subnet is invalid.',
'local vpn hostname/ip' => 'Local VPN Hostname/IP',
'localkey' => 'Localkey',
'missing dat' => 'Encrypted archive not found',
'missing gz' => 'Unencrypted archive not found',
'mode' => 'Mode',
+'model' => 'Model',
'modem' => 'Modem',
'modem configuration' => 'Modem configuration',
+'modem hardware details' => 'Modem Hardware',
+'modem information' => 'Modem Information',
+'modem network bit error rate' => 'Bit Error Rate',
+'modem network information' => 'Network Information',
+'modem network mode' => 'Network Mode',
+'modem network operator' => 'Network Operator',
+'modem network registration' => 'Network Registration',
+'modem network signal quality' => 'Signal Quality',
+'modem no connection' => 'No Connection',
+'modem no connection message' => 'No connection to the modem could be established.',
'modem on com1' => 'Modem on COM1',
'modem on com2' => 'Modem on COM2',
'modem on com3' => 'Modem on COM3',
'modem on com4' => 'Modem on COM4',
'modem on com5' => 'Modem on COM5',
'modem settings have errors' => 'Modem settings have errors',
+'modem sim information' => 'SIM Information',
'modem speaker on' => 'Modem speaker on:',
+'modem status' => 'Modem Status',
'modify' => 'Modify',
'modulation' => 'Modulation',
'monday' => 'Monday',
'nonetworkname' => 'No Network Name entered',
'noservicename' => 'No Service Name entered',
'not a valid ca certificate' => 'Not a valid CA certificate.',
+'not a valid dh key' => 'Not a valid Diffie-Hellman key. Please use 1024, 2048, 3072 or 4096 bit in PKCS#3 format.',
'not enough disk space' => 'Not enough disk space',
'not present' => '<b>Not</b> present',
'not running' => 'not running',
'ovpn' => 'OpenVPN',
'ovpn con stat' => 'OpenVPN Connection Statistics',
'ovpn config' => 'OVPN-Config',
+'ovpn crypt options' => 'Cryptographic options',
'ovpn device' => 'OpenVPN device:',
+'ovpn dh' => 'Diffie-Hellman key lenght',
+'ovpn dh name' => 'Diffie-Hellman key name',
'ovpn dl' => 'OVPN-Config Download',
'ovpn errmsg green already pushed' => 'Route for green network is always set',
'ovpn errmsg invalid ip or mask' => 'Invalid network-address or subnetmask',
+'ovpn generating the root and host certificates' => 'Generating the root and host certifictae can take a long time.',
+'ovpn ha' => 'Hash algorithm',
+'ovpn hmac' => 'HMAC options',
'ovpn log' => 'OVPN-Log',
'ovpn mgmt in root range' => 'A port number of 1024 or higher is required.',
'ovpn mtu-disc' => 'Path MTU Discovery',
'ovpn mtu-disc with mssfix or fragment' => 'Path MTU Discovery cannot be used with mssfix or fragment.',
'ovpn mtu-disc yes' => 'Forced',
'ovpn no connections' => 'No active OpenVPN connections',
-'ovpn on blue' => 'OpenVPN on BLUE',
-'ovpn on orange' => 'OpenVPN on ORANGE',
-'ovpn on red' => 'OpenVPN on RED',
+'ovpn on blue' => 'OpenVPN on BLUE:',
+'ovpn on orange' => 'OpenVPN on ORANGE:',
+'ovpn on red' => 'OpenVPN on RED:',
'ovpn port in root range' => 'A port number of 1024 or higher is required.',
'ovpn routes push' => 'Routes (one per line) e.g. 192.168.10.0/255.255.255.0 192.168.20.0/24',
'ovpn routes push options' => 'Route push options',
'ovpn server status' => 'Current OpenVPN server status:',
-'ovpn subnet' => 'OpenVPN subnet (e.g. 10.0.10.0/255.255.255.0)',
+'ovpn subnet' => 'OpenVPN subnet:',
'ovpn subnet is invalid' => 'OpenVPN subnet is invalid.',
'ovpn subnet overlap' => 'OpenVPN Subnet overlaps with : ',
'ovpn_fastio' => 'Fast-IO',
'profile saved' => 'Profile saved: ',
'profiles' => 'Profiles:',
'proto' => 'Proto',
-'protocol' => 'Protocol',
+'protocol' => 'Protocol:',
'proxy' => 'Proxy',
'proxy access graphs' => 'Proxy access graphs',
'proxy admin password' => 'Cache administrator password',
'resetglobals' => 'Reset global settings',
'resetpolicy' => 'Reset policy to default',
'resetshares' => 'Reset shares?',
-'resetting the vpn configuration will remove the root ca, the host certificate and all certificate based connections' => 'Resetting the VPN configuration will remove the root CA, the host certificate and all certificate based connections',
+'resetting the vpn configuration will remove the root ca, the host certificate and all certificate based connections' => 'Resetting the X509 remove the root CA, the host certificate and all certificate based connections.',
'restart' => 'Restart',
'restart ovpn server' => 'Restart OpenVPN server',
'restore' => 'Restore',
'show ca certificate' => 'Show CA certificate',
'show certificate' => 'Show certificate',
'show crl' => 'Show certificate revocation list',
+'show dh' => 'Show Diffie-Hellman key',
'show host certificate' => 'Show host certificate',
'show last x lines' => 'Show last x lines',
'show lines' => 'Show lines',
'snort hits' => 'Total of number of Intrusion rules activated for',
'snort working' => 'Snort is working ... Please wait until all operations have completed successfully.',
'socket options' => 'Socket options',
+'software version' => 'Software Version',
'sort ascending' => 'Sort ascending',
'sort descending' => 'Sort descending',
'sound' => 'Sound',
'upload a certificate' => 'Upload a certificate:',
'upload a certificate request' => 'Upload a certificate request:',
'upload ca certificate' => 'Upload CA certificate',
+'upload dh key' => 'Upload Diffie-Hellman key',
'upload fcdsl.o' => 'TO BE REMOVED',
'upload file' => 'Upload file',
'upload new ruleset' => 'Upload new ruleset',
'valid root certificate already exists' => 'A valid root certificate already exists.',
'valid till' => 'Valid till',
'vci number' => 'VCI number:',
+'vendor' => 'Vendor',
'view log' => 'view log',
'virtual address' => 'Virtual Address',
'virtual private networking' => 'Virtual Private Networking',
cp $(DIR_SRC)/config/cfgroot/lang.pl $(CONFIG_ROOT)/
cp $(DIR_SRC)/config/cfgroot/countries.pl $(CONFIG_ROOT)/
cp $(DIR_SRC)/config/cfgroot/graphs.pl $(CONFIG_ROOT)/
+ cp $(DIR_SRC)/config/cfgroot/modem-lib.pl $(CONFIG_ROOT)/
cp $(DIR_SRC)/config/cfgroot/advoptions-list $(CONFIG_ROOT)/dhcp/advoptions-list
cp $(DIR_SRC)/config/cfgroot/connscheduler-lib.pl $(CONFIG_ROOT)/connscheduler/lib.pl
cp $(DIR_SRC)/config/cfgroot/connscheduler.conf $(CONFIG_ROOT)/connscheduler
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
+# Copyright (C) 2014 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
include Config
-VER = beta3
+VER = 1.56
-THISAPP = vnstati-$(VER)
+THISAPP = Device-Modem-$(VER)
DL_FILE = $(THISAPP).tar.gz
DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 5652b955e16716cec48da464b083c76f
+$(DL_FILE)_MD5 = a0ec45c3e313bea27ccb476d3b725955
install : $(TARGET)
md5 : $(subst %,%_MD5,$(objects))
-dist:
- @$(PAK)
-
###############################################################################
# Downloading, checking, md5sum
###############################################################################
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
- cd $(DIR_APP) && make $(MAKETUNING) LOCAL_CONFIGURE_OPTIONS="--enable-readline=yes"
+ cd $(DIR_APP) && perl Makefile.PL
+ cd $(DIR_APP) && make $(MAKETUNING)
cd $(DIR_APP) && make install
@rm -rf $(DIR_APP)
@$(POSTBUILD)
--- /dev/null
+###############################################################################
+# #
+# IPFire.org - A linux based firewall #
+# Copyright (C) 2014 IPFire Team <info@ipfire.org> #
+# #
+# This program is free software: you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation, either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# This program is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with this program. If not, see <http://www.gnu.org/licenses/>. #
+# #
+###############################################################################
+
+###############################################################################
+# Definitions
+###############################################################################
+
+include Config
+
+VER = 1.000002
+
+THISAPP = Device-SerialPort-$(VER)
+DL_FILE = $(THISAPP).tar.gz
+DL_FROM = $(URL_IPFIRE)
+DIR_APP = $(DIR_SRC)/$(THISAPP)
+TARGET = $(DIR_INFO)/$(THISAPP)
+
+###############################################################################
+# Top-level Rules
+###############################################################################
+
+objects = $(DL_FILE)
+
+$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
+
+$(DL_FILE)_MD5 = f53db3733679adc5d05d06fa530444b6
+
+install : $(TARGET)
+
+check : $(patsubst %,$(DIR_CHK)/%,$(objects))
+
+download :$(patsubst %,$(DIR_DL)/%,$(objects))
+
+md5 : $(subst %,%_MD5,$(objects))
+
+###############################################################################
+# Downloading, checking, md5sum
+###############################################################################
+
+$(patsubst %,$(DIR_CHK)/%,$(objects)) :
+ @$(CHECK)
+
+$(patsubst %,$(DIR_DL)/%,$(objects)) :
+ @$(LOAD)
+
+$(subst %,%_MD5,$(objects)) :
+ @$(MD5)
+
+###############################################################################
+# Installation Details
+###############################################################################
+
+$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
+ @$(PREBUILD)
+ @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
+ cd $(DIR_APP) && perl Makefile.PL
+ cd $(DIR_APP) && make $(MAKETUNING)
+ cd $(DIR_APP) && make install
+ @rm -rf $(DIR_APP)
+ @$(POSTBUILD)
include Config
-VER = 2.4.5
+VER = 2.4.6
THISAPP = ppp-$(VER)
DL_FILE = $(THISAPP).tar.gz
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 4621bc56167b6953ec4071043fe0ec57
+$(DL_FILE)_MD5 = 3434d2cc9327167a0723aaaa8670083b
install : $(TARGET)
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
cd $(DIR_APP) && rm -f include/pcap-int.h include/linux/if_pppol2tp.h
-# cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/ppp-2.4.2-pppoatm.patch
-# cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/ppp-2.4.2-pppoatm-persist.patch
-# cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/ppp-2.4.1-oedod.patch
-# cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/ppp-2.4.2-pppoatm-modprobe.patch
-# cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/ppp-2.4.2-signal.patch
-# cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/ppp-2.4.2-printstats.patch
-# cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/ppp-2.4.2-close.patch
cd $(DIR_APP) && sed -i -e "s+/etc/ppp/connect-errors+/var/log/connect-errors+" pppd/pathnames.h
cd $(DIR_APP) && ./configure --prefix=/usr --disable-nls
cd $(DIR_APP) && make $(MAKETUNING) CC="gcc $(CFLAGS)"
include Config
-VER = 3.3.11
+VER = 3.4.4
THISAPP = squid-$(VER)
DL_FILE = $(THISAPP).tar.xz
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = dd016ff5f14b2548083b3882207914f6
+$(DL_FILE)_MD5 = dc2bcb967fc6b15bbbc6b961010c0c00
install : $(TARGET)
###############################################################################
# Downloading, checking, md5sum
###############################################################################
+
$(patsubst %,$(DIR_CHK)/%,$(objects)) :
@$(CHECK)
--enable-kill-parent-hack \
--disable-wccpv2 \
--enable-icap-client \
- --disable-esi
+ --disable-esi \
+ --enable-zph-qos
cd $(DIR_APP) && make $(MAKETUNING)
cd $(DIR_APP) && make install
include Config
-VER = 1.6
+VER = 1.11
THISAPP = vnstat-$(VER)
DL_FILE = $(THISAPP).tar.gz
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = ccaffe8e70d47e0cf2f25e52daa25712
+$(DL_FILE)_MD5 = a5a113f9176cd61fb954f2ba297f5fdb
install : $(TARGET)
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
- cd $(DIR_APP) && make $(MAKETUNING) LOCAL_CONFIGURE_OPTIONS="--enable-readline=yes"
+ cd $(DIR_APP) && make all $(MAKETUNING) LOCAL_CONFIGURE_OPTIONS="--enable-readline=yes"
cd $(DIR_APP) && make install
sed -i 's|eth0|green0|g' /etc/vnstat.conf
sed -i 's|/var/lib/vnstat|/var/log/rrd/vnstat|g' /etc/vnstat.conf
ipfiremake perl-GD
ipfiremake GD-Graph
ipfiremake GD-TextUtil
+ ipfiremake perl-Device-SerialPort
+ ipfiremake perl-Device-Modem
ipfiremake gnupg
ipfiremake hdparm
ipfiremake sdparm
ipfiremake git
ipfiremake squidclamav
ipfiremake vnstat
- ipfiremake vnstati
ipfiremake iw
ipfiremake wpa_supplicant
ipfiremake hostapd