return join("\n", @conf);
}
-sub parse_configuration($) {
+sub parse_configuration($$) {
+ my $name = shift;
my $fh = shift;
- my %peer = ();
+ my %peer = (
+ "NAME" => $name,
+ );
# Collect any errors
my @errormessages = ();
my $key = undef;
my $val = undef;
+ # Check if the name is valid
+ unless (&Wireguard::name_is_valid($name)) {
+ push(@errormessages, $Lang::tr{'wg invalid name'});
+ }
+
+ # Check if the name is already taken
+ unless (&Wireguard::name_is_free($name)) {
+ push(@errormessages, $Lang::tr{'wg name is already used'});
+ }
+
while (<$fh>) {
# Remove line breaks
chomp;
push(@errormessages, $Lang::tr{'invalid ip address'});
}
+ # Port
+ } elsif ($key eq "Port") {
+ if (&General::validport($val)) {
+ $peer{'PORT'} = $val;
+ } else {
+ push(@errormessages, $Lang::tr{'wg invalid endpoint port'});
+ }
+
# PrivateKey
} elsif ($key eq "PrivateKey") {
if (&key_is_valid($val)) {
}
}
- $peer{'REMOTE_SUBNETS'} = join(", ", @networks);
+ $peer{'REMOTE_SUBNETS'} = \@networks;
# Endpoint
} elsif ($key eq "Endpoint") {
my $address = $val;
}
}
- return %peer, @errormessages;
+ return \%peer, @errormessages;
}
sub get_free_port() {
WARNING: untranslated string: cake profile pppoe-ptm 27 = PPPoE PTM (27 bytes)
WARNING: untranslated string: cake profile pppoe-vcmux 32 = PPPoE VC-MUX (32 bytes)
WARNING: untranslated string: cake profile raw 0 = Raw (no overhead compensation)
+WARNING: untranslated string: configuration file = Configuration File
WARNING: untranslated string: data transfer = Data Transfer
WARNING: untranslated string: desired = Desired
WARNING: untranslated string: disable = Disable
WARNING: untranslated string: wg edit host-to-net peer = Edit Host-To-Net Peer
WARNING: untranslated string: wg edit net-to-net peer = Edit Net-To-Net Peer
WARNING: untranslated string: wg host to net client settings = Host-To-Net Client Settings
+WARNING: untranslated string: wg import peer = Import Peer
WARNING: untranslated string: wg invalid client dns = Invalid client DNS address
WARNING: untranslated string: wg invalid client pool = Invalid client pool
WARNING: untranslated string: wg invalid endpoint address = Invalid endpoint address
WARNING: untranslated string: comp-lzo = LZO-Compression:
WARNING: untranslated string: computer to modem rate = Computer to modem rate:
WARNING: untranslated string: concentrator name = Concentrator name:
+WARNING: untranslated string: configuration file = Configuration File
WARNING: untranslated string: confirmation = confirmation
WARNING: untranslated string: connect timeout = Connect timeout:
WARNING: untranslated string: connected = Connected
WARNING: untranslated string: wg edit host-to-net peer = Edit Host-To-Net Peer
WARNING: untranslated string: wg edit net-to-net peer = Edit Net-To-Net Peer
WARNING: untranslated string: wg host to net client settings = Host-To-Net Client Settings
+WARNING: untranslated string: wg import peer = Import Peer
WARNING: untranslated string: wg invalid client dns = Invalid client DNS address
WARNING: untranslated string: wg invalid client pool = Invalid client pool
WARNING: untranslated string: wg invalid endpoint address = Invalid endpoint address
WARNING: untranslated string: allowed subnets = Allowed Subnets
WARNING: untranslated string: bypassed = Bypassed
WARNING: untranslated string: ca name must only contain characters and spaces = unknown string
+WARNING: untranslated string: configuration file = Configuration File
WARNING: untranslated string: cpu frequency = CPU frequency
WARNING: untranslated string: data transfer = Data Transfer
WARNING: untranslated string: dhcp fixed ip address in dynamic range = Fixed IP Address in dynamic range
WARNING: untranslated string: wg edit host-to-net peer = Edit Host-To-Net Peer
WARNING: untranslated string: wg edit net-to-net peer = Edit Net-To-Net Peer
WARNING: untranslated string: wg host to net client settings = Host-To-Net Client Settings
+WARNING: untranslated string: wg import peer = Import Peer
WARNING: untranslated string: wg invalid client dns = Invalid client DNS address
WARNING: untranslated string: wg invalid client pool = Invalid client pool
WARNING: untranslated string: wg invalid endpoint address = Invalid endpoint address
WARNING: untranslated string: allowed subnets = Allowed Subnets
WARNING: untranslated string: bypassed = Bypassed
WARNING: untranslated string: ca name must only contain characters and spaces = unknown string
+WARNING: untranslated string: configuration file = Configuration File
WARNING: untranslated string: core notice 3 = available.
WARNING: untranslated string: data transfer = Data Transfer
WARNING: untranslated string: done = Done
WARNING: untranslated string: wg edit host-to-net peer = Edit Host-To-Net Peer
WARNING: untranslated string: wg edit net-to-net peer = Edit Net-To-Net Peer
WARNING: untranslated string: wg host to net client settings = Host-To-Net Client Settings
+WARNING: untranslated string: wg import peer = Import Peer
WARNING: untranslated string: wg invalid client dns = Invalid client DNS address
WARNING: untranslated string: wg invalid client pool = Invalid client pool
WARNING: untranslated string: wg invalid endpoint address = Invalid endpoint address
WARNING: untranslated string: cake profile pppoe-vcmux 32 = PPPoE VC-MUX (32 bytes)
WARNING: untranslated string: cake profile raw 0 = Raw (no overhead compensation)
WARNING: untranslated string: check all = Check all
+WARNING: untranslated string: configuration file = Configuration File
WARNING: untranslated string: core update = Core-Update
WARNING: untranslated string: cpu frequency = CPU frequency
WARNING: untranslated string: crypto error = Cryptographic error
WARNING: untranslated string: wg edit host-to-net peer = Edit Host-To-Net Peer
WARNING: untranslated string: wg edit net-to-net peer = Edit Net-To-Net Peer
WARNING: untranslated string: wg host to net client settings = Host-To-Net Client Settings
+WARNING: untranslated string: wg import peer = Import Peer
WARNING: untranslated string: wg invalid client dns = Invalid client DNS address
WARNING: untranslated string: wg invalid client pool = Invalid client pool
WARNING: untranslated string: wg invalid endpoint address = Invalid endpoint address
WARNING: untranslated string: cake profile raw 0 = Raw (no overhead compensation)
WARNING: untranslated string: capabilities = Capabilities
WARNING: untranslated string: check all = Check all
+WARNING: untranslated string: configuration file = Configuration File
WARNING: untranslated string: cpu frequency = CPU frequency
WARNING: untranslated string: crypto error = Cryptographic error
WARNING: untranslated string: crypto warning = Cryptographic warning
WARNING: untranslated string: wg edit host-to-net peer = Edit Host-To-Net Peer
WARNING: untranslated string: wg edit net-to-net peer = Edit Net-To-Net Peer
WARNING: untranslated string: wg host to net client settings = Host-To-Net Client Settings
+WARNING: untranslated string: wg import peer = Import Peer
WARNING: untranslated string: wg invalid client dns = Invalid client DNS address
WARNING: untranslated string: wg invalid client pool = Invalid client pool
WARNING: untranslated string: wg invalid endpoint address = Invalid endpoint address
WARNING: untranslated string: ccd subnet = Subnet
WARNING: untranslated string: ccd used = Used addresses
WARNING: untranslated string: check all = Check all
+WARNING: untranslated string: configuration file = Configuration File
WARNING: untranslated string: core update = Core-Update
WARNING: untranslated string: count = Count
WARNING: untranslated string: countries = Countries
WARNING: untranslated string: wg edit host-to-net peer = Edit Host-To-Net Peer
WARNING: untranslated string: wg edit net-to-net peer = Edit Net-To-Net Peer
WARNING: untranslated string: wg host to net client settings = Host-To-Net Client Settings
+WARNING: untranslated string: wg import peer = Import Peer
WARNING: untranslated string: wg invalid client dns = Invalid client DNS address
WARNING: untranslated string: wg invalid client pool = Invalid client pool
WARNING: untranslated string: wg invalid endpoint address = Invalid endpoint address
WARNING: untranslated string: ccd subnet = Subnet
WARNING: untranslated string: ccd used = Used addresses
WARNING: untranslated string: check all = Check all
+WARNING: untranslated string: configuration file = Configuration File
WARNING: untranslated string: core update = Core-Update
WARNING: untranslated string: count = Count
WARNING: untranslated string: countries = Countries
WARNING: untranslated string: wg edit host-to-net peer = Edit Host-To-Net Peer
WARNING: untranslated string: wg edit net-to-net peer = Edit Net-To-Net Peer
WARNING: untranslated string: wg host to net client settings = Host-To-Net Client Settings
+WARNING: untranslated string: wg import peer = Import Peer
WARNING: untranslated string: wg invalid client dns = Invalid client DNS address
WARNING: untranslated string: wg invalid client pool = Invalid client pool
WARNING: untranslated string: wg invalid endpoint address = Invalid endpoint address
WARNING: untranslated string: cake profile pppoe-ptm 27 = PPPoE PTM (27 bytes)
WARNING: untranslated string: cake profile pppoe-vcmux 32 = PPPoE VC-MUX (32 bytes)
WARNING: untranslated string: cake profile raw 0 = Raw (no overhead compensation)
+WARNING: untranslated string: configuration file = Configuration File
WARNING: untranslated string: core update = Core-Update
WARNING: untranslated string: cpu frequency = CPU frequency
WARNING: untranslated string: crypto error = Cryptographic error
WARNING: untranslated string: wg edit host-to-net peer = Edit Host-To-Net Peer
WARNING: untranslated string: wg edit net-to-net peer = Edit Net-To-Net Peer
WARNING: untranslated string: wg host to net client settings = Host-To-Net Client Settings
+WARNING: untranslated string: wg import peer = Import Peer
WARNING: untranslated string: wg invalid client dns = Invalid client DNS address
WARNING: untranslated string: wg invalid client pool = Invalid client pool
WARNING: untranslated string: wg invalid endpoint address = Invalid endpoint address
< Captive invalid coupon
< Captive please enter a coupon code
< choose media
+< configuration file
< could not connect to www ipfire org
< cryptographic settings
< data transfer
< wg edit net-to-net peer
< wg edit peer
< wg host to net client settings
+< wg import peer
< wg invalid client dns
< wg invalid client pool
< wg invalid endpoint address
< allowed subnets
< bypassed
< ca name must only contain characters or spaces
+< configuration file
< cpu frequency
< data transfer
< dhcp fixed ip address in dynamic range
< wg edit net-to-net peer
< wg edit peer
< wg host to net client settings
+< wg import peer
< wg invalid client dns
< wg invalid client pool
< wg invalid endpoint address
< bewan adsl usb
< bypassed
< ca name must only contain characters or spaces
+< configuration file
< data transfer
< done
< endpoint
< wg edit net-to-net peer
< wg edit peer
< wg host to net client settings
+< wg import peer
< wg invalid client dns
< wg invalid client pool
< wg invalid endpoint address
< Captive WiFi coupon
< Captive wrong type
< check all
+< configuration file
< core update
< cpu frequency
< crypto error
< wg edit net-to-net peer
< wg edit peer
< wg host to net client settings
+< wg import peer
< wg invalid client dns
< wg invalid client pool
< wg invalid endpoint address
< Captive WiFi coupon
< Captive wrong type
< check all
+< configuration file
< cpu frequency
< crypto error
< cryptographic settings
< wg edit net-to-net peer
< wg edit peer
< wg host to net client settings
+< wg import peer
< wg invalid client dns
< wg invalid client pool
< wg invalid endpoint address
< ccd used
< check all
< community rules
+< configuration file
< ConnSched dial
< ConnSched hangup
< ConnSched reboot
< wg edit net-to-net peer
< wg edit peer
< wg host to net client settings
+< wg import peer
< wg invalid client dns
< wg invalid client pool
< wg invalid endpoint address
< ccd used
< check all
< community rules
+< configuration file
< ConnSched dial
< ConnSched hangup
< ConnSched reboot
< wg edit net-to-net peer
< wg edit peer
< wg host to net client settings
+< wg import peer
< wg invalid client dns
< wg invalid client pool
< wg invalid endpoint address
< cake profile raw 0
< ca name must only contain characters or spaces
< Captive delete logo
+< configuration file
< core update
< cpu frequency
< crypto error
< wg edit net-to-net peer
< wg edit peer
< wg host to net client settings
+< wg import peer
< wg invalid client dns
< wg invalid client pool
< wg invalid endpoint address
die "Unsupported type: $type";
}
+} elsif ($cgiparams{"ACTION"} eq "IMPORT") {
+ my @local_subnets = ();
+ my $peer;
+
+ # Parse the configuration file
+ ($peer, @errormessages) = &Wireguard::parse_configuration($cgiparams{'NAME'}, $cgiparams{'FH'});
+
+ # Check local subnets
+ if (defined $cgiparams{'LOCAL_SUBNETS'}) {
+ @local_subnets = split(/,/, $cgiparams{'LOCAL_SUBNETS'});
+
+ foreach my $subnet (@local_subnets) {
+ $subnet =~ s/^\s+//g;
+ $subnet =~ s/\s+$//g;
+
+ unless (&Network::check_subnet($subnet)) {
+ push(@errormessages, $Lang::tr{'wg invalid local subnet'} . ": ${subnet}");
+ }
+ }
+ } else {
+ push(@errormessages, $Lang::tr{'wg no local subnets'});
+ }
+
+ # Show any error messages
+ goto IMPORT if (@errormessages);
+
+ # Allocate a new key
+ my $key = &General::findhasharraykey(\%Wireguard::peers);
+
+ # Save the connection
+ $Wireguard::peers{$key} = [
+ # 0 = Enabled
+ "on",
+ # 1 = Type
+ "net",
+ # 2 = Name
+ $peer->{"NAME"},
+ # 3 = Remote Public Key
+ $peer->{"PUBLIC_KEY"},
+ # 4 = Local Private Key
+ $peer->{"PRIVATE_KEY"},
+ # 5 = Port
+ $peer->{"PORT"},
+ # 6 = Endpoint Address
+ $peer->{"ENDPOINT_ADDRESS"},
+ # 7 = Endpoint Port
+ $peer->{"ENDPOINT_PORT"},
+ # 8 = Remote Subnets
+ &Wireguard::encode_subnets(@{ $peer->{"REMOTE_SUBNETS"} }),
+ # 9 = Remark
+ &Wireguard::encode_remarks($cgiparams{"REMARKS"}),
+ # 10 = Local Subnets
+ &Wireguard::encode_subnets(@local_subnets),
+ # 11 = PSK
+ $peer->{"PSK"},
+ # 12 = Keepalive
+ $peer->{"KEEPALIVE"} || $Wireguard::DEFAULT_KEEPALIVE,
+ ];
+
+ # Store the configuration
+ &General::writehasharray("/var/ipfire/wireguard/peers", \%Wireguard::peers);
+
+ # Reload if enabled
+ if ($Wireguard::settings{'ENABLED'} eq "on") {
+ &General::system("/usr/local/bin/wireguardctrl", "start");
+ }
+
} elsif ($cgiparams{"ACTION"} eq "CREATE-PEER-NET") {
my @local_subnets = ();
my @remote_subnets = ();
goto CREATEHOST;
} elsif ($cgiparams{"TYPE"} eq "import") {
- # Parse the configuration file
- (%cgiparams, @errormessages) = &Wireguard::parse_configuration($cgiparams{'FH'});
-
- # We basically don't support importing RW connections, so we always
- # need to go and show the N2N editor.
- goto EDITNET;
+ goto IMPORT;
# Ask the user what type they want
} else {
<input type='radio' name='TYPE' value='import' />
$Lang::tr{'import connection'}
</label>
-
- <input type='file' name='FH' />
</p>
<table class="form">
exit(0);
+IMPORT:
+ # Send HTTP Headers
+ &Header::showhttpheaders();
+
+ # Open the page
+ &Header::openpage($Lang::tr{'wireguard'}, 1, '');
+
+ # Show any error messages
+ &Header::errorbox(@errormessages);
+
+ # Open a new box
+ &Header::openbox('100%', '', $Lang::tr{'wg import peer'});
+
+ print <<END;
+ <form method="POST" ENCTYPE="multipart/form-data">
+ <input type="hidden" name="ACTION" value="IMPORT">
+
+ <table class="form">
+ <tr>
+ <td>
+ $Lang::tr{'name'}
+ </td>
+
+ <td>
+ <input type="text" name="NAME"
+ value="$cgiparams{'NAME'}" required />
+ </td>
+ </tr>
+
+ <tr>
+ <td>
+ $Lang::tr{'remarks'}
+ </td>
+
+ <td>
+ <input type="text" name="REMARKS"
+ value="$cgiparams{'REMARKS'}" />
+ </td>
+ </tr>
+
+ <tr>
+ <td>
+ $Lang::tr{'configuration file'}
+ </td>
+
+ <td>
+ <input type='file' name='FH' required />
+ </td>
+ </tr>
+ </table>
+
+ <h6>$Lang::tr{'routing'}</h6>
+
+ <table class="form">
+ <tr>
+ <td>
+ $Lang::tr{'local subnets'}
+ </td>
+
+ <td>
+ <input type="text" name="LOCAL_SUBNETS"
+ value="$cgiparams{'LOCAL_SUBNETS'}" required />
+ </td>
+ </tr>
+ </table>
+
+ <table class="form">
+ <tr class="action">
+ <td colspan="2">
+ <input type='submit' value='$Lang::tr{'import'}' />
+ </td>
+ </tr>
+ </table>
+ </form>
+END
+
+ &Header::closebox();
+ &Header::closepage();
+
+ exit(0);
+
CREATENET:
# Send HTTP Headers
&Header::showhttpheaders();
'compression' => 'Compression:',
'computer to modem rate' => 'Computer to modem rate:',
'concentrator name' => 'Concentrator name:',
+'configuration file' => 'Configuration File',
'confirmation' => 'confirmation',
'connect' => 'OVPN Start / Connect',
'connect the modem' => 'Connect the modem',
'wg edit net-to-net peer' => 'Edit Net-To-Net Peer',
'wg edit peer' => 'Edit Peer',
'wg host to net client settings' => 'Host-To-Net Client Settings',
+'wg import peer' => 'Import Peer',
'wg invalid client dns' => 'Invalid client DNS address',
'wg invalid client pool' => 'Invalid client pool',
'wg invalid endpoint address' => 'Invalid endpoint address',
projects / ipfire-2.x.git / commitdiff
