return %dump;
}
+sub load_peer($) {
+ my $key = shift;
+
+ my $type = $peers{$key}[1];
+
+ my %peer = (
+ "ENABLED" => $peers{$key}[0],
+ "TYPE" => $type,
+ "NAME" => $peers{$key}[2],
+ "PUBLIC_KEY" => $peers{$key}[3],
+ "PRIVATE_KEY" => $peers{$key}[4],
+ "PORT" => $peers{$key}[5],
+ "ENDPOINT_ADDR" => $peers{$key}[6],
+ "ENDPOINT_PORT" => $peers{$key}[7],
+ ($type eq "host") ? "CLIENT_ADDRESS" : "REMOTE_SUBNETS"
+ => &decode_subnets($peers{$key}[8]),
+ "REMARKS" => &decode_remarks($peers{$key}[9]),
+ "LOCAL_SUBNETS" => &decode_subnets($peers{$key}[10]),
+ "PSK" => $peers{$key}[11],
+ "KEEPALIVE" => $peers{$key}[12],
+ );
+
+ return %peer;
+}
+
sub name_is_valid($) {
my $name = shift;
}
sub generate_peer_configuration($) {
- my $peer = shift;
+ my $key = shift;
+
+ # Load the peer
+ my %peer = &load_peer($key);
+
+ # Return if we could not find the peer
+ return undef unless (%peer);
my @allowed_ips = ();
my @dns = ();
# Convert all subnets into CIDR notation
- foreach my $subnet ($peer->{'LOCAL_SUBNETS'}) {
+ foreach my $subnet ($peer{'LOCAL_SUBNETS'}) {
my $netaddress = &Network::get_netaddress($subnet);
my $prefix = &Network::get_prefix($subnet);
my $port = $settings{'PORT'};
# Fetch any DNS servers for hosts
- if ($peer->{'TYPE'} eq 'host') {
+ if ($peer{'TYPE'} eq 'host') {
@dns = split(/\|/, $settings{'CLIENT_DNS'});
}
my @conf = (
"[Interface]",
- "PrivateKey = $peer->{'PRIVATE_KEY'}",
- "Address = $peer->{'CLIENT_ADDRESS'}",
+ "PrivateKey = $peer{'PRIVATE_KEY'}",
+ "Address = $peer{'CLIENT_ADDRESS'}",
);
# Optionally add DNS servers
"[Peer]",
"Endpoint = ${endpoint}:${port}",
"PublicKey = $settings{'PUBLIC_KEY'}",
- "PresharedKey = $peer->{'PSK'}",
+ "PresharedKey = $peer{'PSK'}",
"AllowedIPs = " . join(", ", @allowed_ips),
"PersistentKeepalive = $DEFAULT_KEEPALIVE",
));
WARNING: untranslated string: wg invalid keepalive interval = Invalid Keepalive Interval (Must be between 0 and 65535)
WARNING: untranslated string: wg invalid local subnet = Invalid local subnet
WARNING: untranslated string: wg invalid name = Invalid name (Only letters, numbers, space and hyphen are allowed)
+WARNING: untranslated string: wg invalid private key = unknown string
WARNING: untranslated string: wg invalid psk = Invalid pre-shared key
WARNING: untranslated string: wg invalid public key = Invalid public key
WARNING: untranslated string: wg invalid remote subnet = Invalid remote subnet
WARNING: untranslated string: wg peer does not exist = Peer does not exist
WARNING: untranslated string: wg rw peers = WireGuard Roadwarrior Peers
WARNING: untranslated string: wg scan the qr code = Scan the QR code to import the WireGuard configuration into a mobile client.
-WARNING: untranslated string: wg warning configuration only shown once = Attention: This WireGuard configuration file will only be shown this one time as it contains private key material that is not being stored on IPFire.
WARNING: untranslated string: winbind daemon = Winbind Daemon
WARNING: untranslated string: wio = unknown string
WARNING: untranslated string: wio checked = unknown string
WARNING: untranslated string: wg client pool = Client Pool
WARNING: untranslated string: wg create peer = Create A New Peer
WARNING: untranslated string: wg dns = DNS
+WARNING: untranslated string: wg download configuration = Download Configuration
WARNING: untranslated string: wg download configuration file = Download the configuration file
WARNING: untranslated string: wg edit peer = Edit Peer
WARNING: untranslated string: wg host to net client settings = Host-To-Net Client Settings
WARNING: untranslated string: wg invalid keepalive interval = Invalid Keepalive Interval (Must be between 0 and 65535)
WARNING: untranslated string: wg invalid local subnet = Invalid local subnet
WARNING: untranslated string: wg invalid name = Invalid name (Only letters, numbers, space and hyphen are allowed)
+WARNING: untranslated string: wg invalid private key = unknown string
WARNING: untranslated string: wg invalid psk = Invalid pre-shared key
WARNING: untranslated string: wg invalid public key = Invalid public key
WARNING: untranslated string: wg invalid remote subnet = Invalid remote subnet
WARNING: untranslated string: wg peer does not exist = Peer does not exist
WARNING: untranslated string: wg rw peers = WireGuard Roadwarrior Peers
WARNING: untranslated string: wg scan the qr code = Scan the QR code to import the WireGuard configuration into a mobile client.
-WARNING: untranslated string: wg warning configuration only shown once = Attention: This WireGuard configuration file will only be shown this one time as it contains private key material that is not being stored on IPFire.
+WARNING: untranslated string: wg show configuration qrcode = Show Configuration QR Code
WARNING: untranslated string: whitelisted = Whitelisted
WARNING: untranslated string: whois results from = WHOIS results from
WARNING: untranslated string: winbind daemon = Winbind Daemon
WARNING: untranslated string: wg client pool = Client Pool
WARNING: untranslated string: wg create peer = Create A New Peer
WARNING: untranslated string: wg dns = DNS
+WARNING: untranslated string: wg download configuration = Download Configuration
WARNING: untranslated string: wg download configuration file = Download the configuration file
WARNING: untranslated string: wg edit peer = Edit Peer
WARNING: untranslated string: wg host to net client settings = Host-To-Net Client Settings
WARNING: untranslated string: wg invalid keepalive interval = Invalid Keepalive Interval (Must be between 0 and 65535)
WARNING: untranslated string: wg invalid local subnet = Invalid local subnet
WARNING: untranslated string: wg invalid name = Invalid name (Only letters, numbers, space and hyphen are allowed)
+WARNING: untranslated string: wg invalid private key = unknown string
WARNING: untranslated string: wg invalid psk = Invalid pre-shared key
WARNING: untranslated string: wg invalid public key = Invalid public key
WARNING: untranslated string: wg invalid remote subnet = Invalid remote subnet
WARNING: untranslated string: wg peer does not exist = Peer does not exist
WARNING: untranslated string: wg rw peers = WireGuard Roadwarrior Peers
WARNING: untranslated string: wg scan the qr code = Scan the QR code to import the WireGuard configuration into a mobile client.
-WARNING: untranslated string: wg warning configuration only shown once = Attention: This WireGuard configuration file will only be shown this one time as it contains private key material that is not being stored on IPFire.
+WARNING: untranslated string: wg show configuration qrcode = Show Configuration QR Code
WARNING: untranslated string: whitelisted = Whitelisted
WARNING: untranslated string: wio = unknown string
WARNING: untranslated string: wio checked = unknown string
WARNING: untranslated string: wg client pool = Client Pool
WARNING: untranslated string: wg create peer = Create A New Peer
WARNING: untranslated string: wg dns = DNS
+WARNING: untranslated string: wg download configuration = Download Configuration
WARNING: untranslated string: wg download configuration file = Download the configuration file
WARNING: untranslated string: wg edit peer = Edit Peer
WARNING: untranslated string: wg host to net client settings = Host-To-Net Client Settings
WARNING: untranslated string: wg invalid keepalive interval = Invalid Keepalive Interval (Must be between 0 and 65535)
WARNING: untranslated string: wg invalid local subnet = Invalid local subnet
WARNING: untranslated string: wg invalid name = Invalid name (Only letters, numbers, space and hyphen are allowed)
+WARNING: untranslated string: wg invalid private key = unknown string
WARNING: untranslated string: wg invalid psk = Invalid pre-shared key
WARNING: untranslated string: wg invalid public key = Invalid public key
WARNING: untranslated string: wg invalid remote subnet = Invalid remote subnet
WARNING: untranslated string: wg peer does not exist = Peer does not exist
WARNING: untranslated string: wg rw peers = WireGuard Roadwarrior Peers
WARNING: untranslated string: wg scan the qr code = Scan the QR code to import the WireGuard configuration into a mobile client.
-WARNING: untranslated string: wg warning configuration only shown once = Attention: This WireGuard configuration file will only be shown this one time as it contains private key material that is not being stored on IPFire.
+WARNING: untranslated string: wg show configuration qrcode = Show Configuration QR Code
WARNING: untranslated string: whitelisted = Whitelisted
WARNING: untranslated string: wio = unknown string
WARNING: untranslated string: wio checked = unknown string
WARNING: untranslated string: wg client pool = Client Pool
WARNING: untranslated string: wg create peer = Create A New Peer
WARNING: untranslated string: wg dns = DNS
+WARNING: untranslated string: wg download configuration = Download Configuration
WARNING: untranslated string: wg download configuration file = Download the configuration file
WARNING: untranslated string: wg edit peer = Edit Peer
WARNING: untranslated string: wg host to net client settings = Host-To-Net Client Settings
WARNING: untranslated string: wg invalid keepalive interval = Invalid Keepalive Interval (Must be between 0 and 65535)
WARNING: untranslated string: wg invalid local subnet = Invalid local subnet
WARNING: untranslated string: wg invalid name = Invalid name (Only letters, numbers, space and hyphen are allowed)
+WARNING: untranslated string: wg invalid private key = unknown string
WARNING: untranslated string: wg invalid psk = Invalid pre-shared key
WARNING: untranslated string: wg invalid public key = Invalid public key
WARNING: untranslated string: wg invalid remote subnet = Invalid remote subnet
WARNING: untranslated string: wg peer does not exist = Peer does not exist
WARNING: untranslated string: wg rw peers = WireGuard Roadwarrior Peers
WARNING: untranslated string: wg scan the qr code = Scan the QR code to import the WireGuard configuration into a mobile client.
-WARNING: untranslated string: wg warning configuration only shown once = Attention: This WireGuard configuration file will only be shown this one time as it contains private key material that is not being stored on IPFire.
+WARNING: untranslated string: wg show configuration qrcode = Show Configuration QR Code
WARNING: untranslated string: whitelisted = Whitelisted
WARNING: untranslated string: whois results from = WHOIS results from
WARNING: untranslated string: winbind daemon = Winbind Daemon
WARNING: untranslated string: wg client pool = Client Pool
WARNING: untranslated string: wg create peer = Create A New Peer
WARNING: untranslated string: wg dns = DNS
+WARNING: untranslated string: wg download configuration = Download Configuration
WARNING: untranslated string: wg download configuration file = Download the configuration file
WARNING: untranslated string: wg edit peer = Edit Peer
WARNING: untranslated string: wg host to net client settings = Host-To-Net Client Settings
WARNING: untranslated string: wg invalid keepalive interval = Invalid Keepalive Interval (Must be between 0 and 65535)
WARNING: untranslated string: wg invalid local subnet = Invalid local subnet
WARNING: untranslated string: wg invalid name = Invalid name (Only letters, numbers, space and hyphen are allowed)
+WARNING: untranslated string: wg invalid private key = unknown string
WARNING: untranslated string: wg invalid psk = Invalid pre-shared key
WARNING: untranslated string: wg invalid public key = Invalid public key
WARNING: untranslated string: wg invalid remote subnet = Invalid remote subnet
WARNING: untranslated string: wg peer does not exist = Peer does not exist
WARNING: untranslated string: wg rw peers = WireGuard Roadwarrior Peers
WARNING: untranslated string: wg scan the qr code = Scan the QR code to import the WireGuard configuration into a mobile client.
-WARNING: untranslated string: wg warning configuration only shown once = Attention: This WireGuard configuration file will only be shown this one time as it contains private key material that is not being stored on IPFire.
+WARNING: untranslated string: wg show configuration qrcode = Show Configuration QR Code
WARNING: untranslated string: whitelisted = Whitelisted
WARNING: untranslated string: whois results from = WHOIS results from
WARNING: untranslated string: winbind daemon = Winbind Daemon
WARNING: untranslated string: wg client pool = Client Pool
WARNING: untranslated string: wg create peer = Create A New Peer
WARNING: untranslated string: wg dns = DNS
+WARNING: untranslated string: wg download configuration = Download Configuration
WARNING: untranslated string: wg download configuration file = Download the configuration file
WARNING: untranslated string: wg edit peer = Edit Peer
WARNING: untranslated string: wg host to net client settings = Host-To-Net Client Settings
WARNING: untranslated string: wg invalid keepalive interval = Invalid Keepalive Interval (Must be between 0 and 65535)
WARNING: untranslated string: wg invalid local subnet = Invalid local subnet
WARNING: untranslated string: wg invalid name = Invalid name (Only letters, numbers, space and hyphen are allowed)
+WARNING: untranslated string: wg invalid private key = unknown string
WARNING: untranslated string: wg invalid psk = Invalid pre-shared key
WARNING: untranslated string: wg invalid public key = Invalid public key
WARNING: untranslated string: wg invalid remote subnet = Invalid remote subnet
WARNING: untranslated string: wg peer does not exist = Peer does not exist
WARNING: untranslated string: wg rw peers = WireGuard Roadwarrior Peers
WARNING: untranslated string: wg scan the qr code = Scan the QR code to import the WireGuard configuration into a mobile client.
-WARNING: untranslated string: wg warning configuration only shown once = Attention: This WireGuard configuration file will only be shown this one time as it contains private key material that is not being stored on IPFire.
+WARNING: untranslated string: wg show configuration qrcode = Show Configuration QR Code
WARNING: untranslated string: whitelisted = Whitelisted
WARNING: untranslated string: whois results from = WHOIS results from
WARNING: untranslated string: winbind daemon = Winbind Daemon
WARNING: untranslated string: wg client pool = Client Pool
WARNING: untranslated string: wg create peer = Create A New Peer
WARNING: untranslated string: wg dns = DNS
+WARNING: untranslated string: wg download configuration = Download Configuration
WARNING: untranslated string: wg download configuration file = Download the configuration file
WARNING: untranslated string: wg edit peer = Edit Peer
WARNING: untranslated string: wg host to net client settings = Host-To-Net Client Settings
WARNING: untranslated string: wg invalid keepalive interval = Invalid Keepalive Interval (Must be between 0 and 65535)
WARNING: untranslated string: wg invalid local subnet = Invalid local subnet
WARNING: untranslated string: wg invalid name = Invalid name (Only letters, numbers, space and hyphen are allowed)
+WARNING: untranslated string: wg invalid private key = unknown string
WARNING: untranslated string: wg invalid psk = Invalid pre-shared key
WARNING: untranslated string: wg invalid public key = Invalid public key
WARNING: untranslated string: wg invalid remote subnet = Invalid remote subnet
WARNING: untranslated string: wg peer does not exist = Peer does not exist
WARNING: untranslated string: wg rw peers = WireGuard Roadwarrior Peers
WARNING: untranslated string: wg scan the qr code = Scan the QR code to import the WireGuard configuration into a mobile client.
-WARNING: untranslated string: wg warning configuration only shown once = Attention: This WireGuard configuration file will only be shown this one time as it contains private key material that is not being stored on IPFire.
+WARNING: untranslated string: wg show configuration qrcode = Show Configuration QR Code
WARNING: untranslated string: whitelisted = Whitelisted
WARNING: untranslated string: whois results from = WHOIS results from
WARNING: untranslated string: winbind daemon = Winbind Daemon
WARNING: untranslated string: wg client pool = Client Pool
WARNING: untranslated string: wg create peer = Create A New Peer
WARNING: untranslated string: wg dns = DNS
+WARNING: untranslated string: wg download configuration = Download Configuration
WARNING: untranslated string: wg download configuration file = Download the configuration file
WARNING: untranslated string: wg edit peer = Edit Peer
WARNING: untranslated string: wg host to net client settings = Host-To-Net Client Settings
WARNING: untranslated string: wg invalid keepalive interval = Invalid Keepalive Interval (Must be between 0 and 65535)
WARNING: untranslated string: wg invalid local subnet = Invalid local subnet
WARNING: untranslated string: wg invalid name = Invalid name (Only letters, numbers, space and hyphen are allowed)
+WARNING: untranslated string: wg invalid private key = unknown string
WARNING: untranslated string: wg invalid psk = Invalid pre-shared key
WARNING: untranslated string: wg invalid public key = Invalid public key
WARNING: untranslated string: wg invalid remote subnet = Invalid remote subnet
WARNING: untranslated string: wg peer does not exist = Peer does not exist
WARNING: untranslated string: wg rw peers = WireGuard Roadwarrior Peers
WARNING: untranslated string: wg scan the qr code = Scan the QR code to import the WireGuard configuration into a mobile client.
-WARNING: untranslated string: wg warning configuration only shown once = Attention: This WireGuard configuration file will only be shown this one time as it contains private key material that is not being stored on IPFire.
+WARNING: untranslated string: wg show configuration qrcode = Show Configuration QR Code
WARNING: untranslated string: whitelisted = Whitelisted
WARNING: untranslated string: whois results from = WHOIS results from
WARNING: untranslated string: winbind daemon = Winbind Daemon
< wg client pool
< wg create peer
< wg dns
+< wg download configuration
< wg download configuration file
< wg edit peer
< wg host to net client settings
< wg pre-shared key (optional)
< wg rw peers
< wg scan the qr code
+< wg show configuration qrcode
< wg warning configuration only shown once
< whitelisted
< wireguard
< wg client pool
< wg create peer
< wg dns
+< wg download configuration
< wg download configuration file
< wg edit peer
< wg host to net client settings
< wg pre-shared key (optional)
< wg rw peers
< wg scan the qr code
+< wg show configuration qrcode
< wg warning configuration only shown once
< whitelisted
< wireguard
< wg client pool
< wg create peer
< wg dns
+< wg download configuration
< wg download configuration file
< wg edit peer
< wg host to net client settings
< wg pre-shared key (optional)
< wg rw peers
< wg scan the qr code
+< wg show configuration qrcode
< wg warning configuration only shown once
< whitelisted
< whois results from
< wg client pool
< wg create peer
< wg dns
+< wg download configuration
< wg download configuration file
< wg edit peer
< wg host to net client settings
< wg pre-shared key (optional)
< wg rw peers
< wg scan the qr code
+< wg show configuration qrcode
< wg warning configuration only shown once
< whitelisted
< whois results from
< wg client pool
< wg create peer
< wg dns
+< wg download configuration
< wg download configuration file
< wg edit peer
< wg host to net client settings
< wg pre-shared key (optional)
< wg rw peers
< wg scan the qr code
+< wg show configuration qrcode
< wg warning configuration only shown once
< whitelisted
< whois results from
< wg client pool
< wg create peer
< wg dns
+< wg download configuration
< wg download configuration file
< wg edit peer
< wg host to net client settings
< wg pre-shared key (optional)
< wg rw peers
< wg scan the qr code
+< wg show configuration qrcode
< wg warning configuration only shown once
< whitelisted
< whois results from
< wg client pool
< wg create peer
< wg dns
+< wg download configuration
< wg download configuration file
< wg edit peer
< wg host to net client settings
< wg pre-shared key (optional)
< wg rw peers
< wg scan the qr code
+< wg show configuration qrcode
< wg warning configuration only shown once
< whitelisted
< whois results from
if ($Wireguard::settings{'ENABLED'} eq "on") {
&General::system("/usr/local/bin/wireguardctrl", "start");
}
+
+# Download configuration
+} elsif ($cgiparams{'ACTION'} eq 'CONFIG') {
+ my $key = $cgiparams{'KEY'} || 0;
+
+ # Load the peer
+ my %peer = &Wireguard::load_peer($key);
+
+ # Make the filename for files
+ my $filename = &Header::normalize($peer{'NAME'}) . ".conf";
+
+ # Generate the client configuration
+ my $config = &Wireguard::generate_peer_configuration($key);
+
+ # Send the configuration
+ if (defined $config) {
+ print "Content-Type: application/octet-stream\n";
+ print "Content-Disposition: filename=\"${filename}\"\n";
+ print "\n";
+ print $config;
+
+ # If there is no configuration, we return 404
+ } else {
+ &CGI::header(status => 404);
+ }
+
+ exit(0);
+
+# Show the configuration as QR code
+} elsif ($cgiparams{'ACTION'} eq 'CONFIG-QRCODE') {
+ my $key = $cgiparams{'KEY'} || 0;
+
+ # Show the configuration
+ &show_peer_configuration($key);
+
+ exit(0);
}
# The main page starts here
$Lang::tr{'status'}
</th>
- <th width='10%' colspan='3'>
+ <th width='10%' colspan='5'>
$Lang::tr{'action'}
</th>
</tr>
}
print <<END;
+ <td class="text-center">
+ <form method='post'>
+ <input type='image' name='$Lang::tr{'wg show configuration qrcode'}' src='/images/qr-code.png'
+ alt='$Lang::tr{'wg show configuration qrcode'}' title='$Lang::tr{'wg show configuration qrcode'}' />
+ <input type='hidden' name='ACTION' value='CONFIG-QRCODE' />
+ <input type='hidden' name='KEY' value='$key' />
+ </form>
+ </td>
+
+ <td class="text-center">
+ <form method='post'>
+ <input type='image' name='$Lang::tr{'wg download configuration'}' src='/images/media-floppy.png'
+ alt='$Lang::tr{'wg download configuration'}' title='$Lang::tr{'wg download configuration'}' />
+ <input type='hidden' name='ACTION' value='CONFIG' />
+ <input type='hidden' name='KEY' value='$key' />
+ </form>
+ </td>
+
<td class="text-center">
<form method='post'>
<input type='image' name='$Lang::tr{'toggle enable disable'}' src='/images/$gif'
# Open the page
&Header::openpage($Lang::tr{'wireguard'}, 1, '');
- # Load the configuration
- my %peer = (
- "NAME" => $Wireguard::peers{$key}[2],
- "PUBLIC_KEY" => $Wireguard::peers{$key}[3],
- "PRIVATE_KEY" => $Wireguard::peers{$key}[4],
- "CLIENT_ADDRESS" => $Wireguard::peers{$key}[8],
- "LOCAL_SUBNETS" => &Wireguard::decode_subnets($Wireguard::peers{$key}[10]),
- "PSK" => $Wireguard::peers{$key}[11],
- );
+ # Load the peer
+ my %peer = &Wireguard::load_peer($key);
# Generate the client configuration
- my $config = &Wireguard::generate_peer_configuration(\%peer);
+ my $config = &Wireguard::generate_peer_configuration($key);
# Create a QR code generator
my $qrgen = Imager::QRCode->new(
'week-graph' => 'Woche',
'weekly firewallhits' => 'wöchentliche Firewalltreffer',
'weeks' => 'Wochen',
+'wg download configuration' => 'Konfiguration herunterladen',
+'wg show configuration qrcode' => 'Konfigurations-QR-Code anzeigen',
'whitelisted' => 'Ausgenommen',
'whois results from' => 'WHOIS-Ergebnisse von',
'wildcards' => 'Wildcards',
'wg client pool' => 'Client Pool',
'wg create peer' => 'Create A New Peer',
'wg dns' => 'DNS',
+'wg download configuration' => 'Download Configuration',
'wg download configuration file' => 'Download the configuration file',
'wg edit peer' => 'Edit Peer',
'wg host to net client settings' => 'Host-To-Net Client Settings',
'wg pre-shared key (optional)' => 'Pre-Shared Key (optional)',
'wg rw peers' => 'WireGuard Roadwarrior Peers',
'wg scan the qr code' => 'Scan the QR code to import the WireGuard configuration into a mobile client.',
+'wg show configuration qrcode' => 'Show Configuration QR Code',
'wg warning configuration only shown once' => 'Attention: This WireGuard configuration file will only be shown this one time as it contains private key material that is not being stored on IPFire.',
'whitelisted' => 'Whitelisted',
'whois results from' => 'WHOIS results from',
projects / people / ms / ipfire-2.x.git / commitdiff
