WARNING: translation string unused: ovpn device
WARNING: translation string unused: ovpn dl
WARNING: translation string unused: ovpn engines
+WARNING: translation string unused: ovpn errmsg green already pushed
+WARNING: translation string unused: ovpn errmsg invalid ip or mask
WARNING: translation string unused: ovpn error md5
WARNING: translation string unused: ovpn generating the root and host certificates
WARNING: translation string unused: ovpn log
WARNING: untranslated string: ovpn crypto settings = Cryptographic Settings
WARNING: untranslated string: ovpn dhcp settings = DHCP Settings
WARNING: untranslated string: ovpn dynamic client subnet = Dynamic Client Subnet
+WARNING: untranslated string: ovpn errmsg invalid route = Invalid route
WARNING: untranslated string: ovpn fallback cipher = Fallback Cipher
WARNING: untranslated string: ovpn fallback cipher help = This cipher is being used by clients that do not support cipher negotiation.
WARNING: untranslated string: ovpn fqdn = FQDN
WARNING: untranslated string: ovpn crypto settings = Cryptographic Settings
WARNING: untranslated string: ovpn dhcp settings = DHCP Settings
WARNING: untranslated string: ovpn dynamic client subnet = Dynamic Client Subnet
-WARNING: untranslated string: ovpn errmsg green already pushed = Route for green network is always set
-WARNING: untranslated string: ovpn errmsg invalid ip or mask = Invalid network-address or subnetmask
+WARNING: untranslated string: ovpn errmsg invalid route = Invalid route
WARNING: untranslated string: ovpn fallback cipher = Fallback Cipher
WARNING: untranslated string: ovpn fallback cipher help = This cipher is being used by clients that do not support cipher negotiation.
WARNING: untranslated string: ovpn fqdn = FQDN
WARNING: translation string unused: ovpn device
WARNING: translation string unused: ovpn dl
WARNING: translation string unused: ovpn engines
+WARNING: translation string unused: ovpn errmsg green already pushed
+WARNING: translation string unused: ovpn errmsg invalid ip or mask
WARNING: translation string unused: ovpn error md5
WARNING: translation string unused: ovpn generating the root and host certificates
WARNING: translation string unused: ovpn log
WARNING: untranslated string: ovpn crypto settings = Cryptographic Settings
WARNING: untranslated string: ovpn dhcp settings = DHCP Settings
WARNING: untranslated string: ovpn dynamic client subnet = Dynamic Client Subnet
+WARNING: untranslated string: ovpn errmsg invalid route = Invalid route
WARNING: untranslated string: ovpn fallback cipher = Fallback Cipher
WARNING: untranslated string: ovpn fallback cipher help = This cipher is being used by clients that do not support cipher negotiation.
WARNING: untranslated string: ovpn fqdn = FQDN
WARNING: translation string unused: ovpn device
WARNING: translation string unused: ovpn dl
WARNING: translation string unused: ovpn engines
+WARNING: translation string unused: ovpn errmsg green already pushed
+WARNING: translation string unused: ovpn errmsg invalid ip or mask
WARNING: translation string unused: ovpn error md5
WARNING: translation string unused: ovpn generating the root and host certificates
WARNING: translation string unused: ovpn log
WARNING: untranslated string: ovpn crypto settings = Cryptographic Settings
WARNING: untranslated string: ovpn dhcp settings = DHCP Settings
WARNING: untranslated string: ovpn dynamic client subnet = Dynamic Client Subnet
+WARNING: untranslated string: ovpn errmsg invalid route = Invalid route
WARNING: untranslated string: ovpn fallback cipher = Fallback Cipher
WARNING: untranslated string: ovpn fallback cipher help = This cipher is being used by clients that do not support cipher negotiation.
WARNING: untranslated string: ovpn fqdn = FQDN
WARNING: translation string unused: ovpn device
WARNING: translation string unused: ovpn dl
WARNING: translation string unused: ovpn engines
+WARNING: translation string unused: ovpn errmsg green already pushed
+WARNING: translation string unused: ovpn errmsg invalid ip or mask
WARNING: translation string unused: ovpn generating the root and host certificates
WARNING: translation string unused: ovpn hmac
WARNING: translation string unused: ovpn log
WARNING: untranslated string: ovpn crypto settings = Cryptographic Settings
WARNING: untranslated string: ovpn dhcp settings = DHCP Settings
WARNING: untranslated string: ovpn dynamic client subnet = Dynamic Client Subnet
+WARNING: untranslated string: ovpn errmsg invalid route = Invalid route
WARNING: untranslated string: ovpn fallback cipher = Fallback Cipher
WARNING: untranslated string: ovpn fallback cipher help = This cipher is being used by clients that do not support cipher negotiation.
WARNING: untranslated string: ovpn fqdn = FQDN
WARNING: translation string unused: ovpn config
WARNING: translation string unused: ovpn device
WARNING: translation string unused: ovpn dl
+WARNING: translation string unused: ovpn errmsg green already pushed
+WARNING: translation string unused: ovpn errmsg invalid ip or mask
WARNING: translation string unused: ovpn log
WARNING: translation string unused: ovpn mtu-disc
WARNING: translation string unused: ovpn mtu-disc and mtu not 1500
WARNING: untranslated string: ovpn crypto settings = Cryptographic Settings
WARNING: untranslated string: ovpn dhcp settings = DHCP Settings
WARNING: untranslated string: ovpn dynamic client subnet = Dynamic Client Subnet
+WARNING: untranslated string: ovpn errmsg invalid route = Invalid route
WARNING: untranslated string: ovpn fallback cipher = Fallback Cipher
WARNING: untranslated string: ovpn fallback cipher help = This cipher is being used by clients that do not support cipher negotiation.
WARNING: untranslated string: ovpn fqdn = FQDN
WARNING: untranslated string: ovpn crypto settings = Cryptographic Settings
WARNING: untranslated string: ovpn dhcp settings = DHCP Settings
WARNING: untranslated string: ovpn dynamic client subnet = Dynamic Client Subnet
-WARNING: untranslated string: ovpn errmsg green already pushed = Route for green network is always set
-WARNING: untranslated string: ovpn errmsg invalid ip or mask = Invalid network-address or subnetmask
+WARNING: untranslated string: ovpn errmsg invalid route = Invalid route
WARNING: untranslated string: ovpn fallback cipher = Fallback Cipher
WARNING: untranslated string: ovpn fallback cipher help = This cipher is being used by clients that do not support cipher negotiation.
WARNING: untranslated string: ovpn fqdn = FQDN
WARNING: translation string unused: ovpn config
WARNING: translation string unused: ovpn device
WARNING: translation string unused: ovpn dl
+WARNING: translation string unused: ovpn errmsg green already pushed
+WARNING: translation string unused: ovpn errmsg invalid ip or mask
WARNING: translation string unused: ovpn log
WARNING: translation string unused: ovpn on blue
WARNING: translation string unused: ovpn on orange
WARNING: untranslated string: ovpn crypto settings = Cryptographic Settings
WARNING: untranslated string: ovpn dhcp settings = DHCP Settings
WARNING: untranslated string: ovpn dynamic client subnet = Dynamic Client Subnet
+WARNING: untranslated string: ovpn errmsg invalid route = Invalid route
WARNING: untranslated string: ovpn fallback cipher = Fallback Cipher
WARNING: untranslated string: ovpn fallback cipher help = This cipher is being used by clients that do not support cipher negotiation.
WARNING: untranslated string: ovpn fqdn = FQDN
WARNING: translation string unused: ovpn device
WARNING: translation string unused: ovpn dl
WARNING: translation string unused: ovpn engines
+WARNING: translation string unused: ovpn errmsg green already pushed
+WARNING: translation string unused: ovpn errmsg invalid ip or mask
WARNING: translation string unused: ovpn generating the root and host certificates
WARNING: translation string unused: ovpn hmac
WARNING: translation string unused: ovpn log
WARNING: untranslated string: ovpn crypto settings = Cryptographic Settings
WARNING: untranslated string: ovpn dhcp settings = DHCP Settings
WARNING: untranslated string: ovpn dynamic client subnet = Dynamic Client Subnet
+WARNING: untranslated string: ovpn errmsg invalid route = Invalid route
WARNING: untranslated string: ovpn fallback cipher = Fallback Cipher
WARNING: untranslated string: ovpn fallback cipher help = This cipher is being used by clients that do not support cipher negotiation.
WARNING: untranslated string: ovpn fqdn = FQDN
< ovpn crypto settings
< ovpn dhcp settings
< ovpn dynamic client subnet
+< ovpn errmsg invalid route
< ovpn fallback cipher
< ovpn fallback cipher help
< ovpn fqdn
< ovpn crypto settings
< ovpn dhcp settings
< ovpn dynamic client subnet
+< ovpn errmsg invalid route
< ovpn fallback cipher
< ovpn fallback cipher help
< ovpn fqdn
< ovpn crypto settings
< ovpn dhcp settings
< ovpn dynamic client subnet
+< ovpn errmsg invalid route
< ovpn fallback cipher
< ovpn fallback cipher help
< ovpn fqdn
< ovpn crypto settings
< ovpn dhcp settings
< ovpn dynamic client subnet
+< ovpn errmsg invalid route
< ovpn error md5
< ovpn fallback cipher
< ovpn fallback cipher help
< ovpn dhcp settings
< ovpn dynamic client subnet
< ovpn engines
+< ovpn errmsg invalid route
< ovpn error md5
< ovpn fallback cipher
< ovpn fallback cipher help
< ovpn engines
< ovpn errmsg green already pushed
< ovpn errmsg invalid ip or mask
+< ovpn errmsg invalid route
< ovpn error md5
< ovpn fallback cipher
< ovpn fallback cipher help
< ovpn dhcp settings
< ovpn dynamic client subnet
< ovpn engines
+< ovpn errmsg invalid route
< ovpn error md5
< ovpn fallback cipher
< ovpn fallback cipher help
< ovpn crypto settings
< ovpn dhcp settings
< ovpn dynamic client subnet
+< ovpn errmsg invalid route
< ovpn error md5
< ovpn fallback cipher
< ovpn fallback cipher help
if ($cgiparams{'ACTION'} eq $Lang::tr{'save-adv-options'}) {
&General::readhash("${General::swroot}/ovpn/settings", \%vpnsettings);
- #DAN do we really need (to to check) this value? Besides if we listen on blue and orange too,
- #DAN this value has to leave.
-#new settings for daemon
+
$vpnsettings{'DPROTOCOL'} = $cgiparams{'DPROTOCOL'};
$vpnsettings{'DDEST_PORT'} = $cgiparams{'DDEST_PORT'};
$vpnsettings{'DMTU'} = $cgiparams{'DMTU'};
$vpnsettings{'DCIPHER'} = $cgiparams{'DCIPHER'};
$vpnsettings{'DAUTH'} = $cgiparams{'DAUTH'};
$vpnsettings{'TLSAUTH'} = $cgiparams{'TLSAUTH'};
- my @temp=();
# We must have at least one cipher selected
if ($cgiparams{'DATACIPHERS'} eq '') {
goto ADV_ERROR;
}
}
+
+ # Validate pushed routes
if ($cgiparams{'ROUTES_PUSH'} ne ''){
- @temp = split(/\n/,$cgiparams{'ROUTES_PUSH'});
- undef $vpnsettings{'ROUTES_PUSH'};
+ my @temp = split(/\n/, $cgiparams{'ROUTES_PUSH'});
- foreach my $tmpip (@temp)
- {
- s/^\s+//g; s/\s+$//g;
+ # Reset stored routes
+ $vpnsettings{'ROUTES_PUSH'} = "";
- if ($tmpip)
- {
- $tmpip=~s/\s*$//g;
- unless (&General::validipandmask($tmpip)) {
- $errormessage = "$tmpip ".$Lang::tr{'ovpn errmsg invalid ip or mask'};
- goto ADV_ERROR;
- }
- my ($ip, $cidr) = split("\/",&General::ipcidr2msk($tmpip));
+ foreach my $route (@temp) {
+ chomp($route);
- if ($ip eq $Network::ethernet{'GREEN_NETADDRESS'} && $cidr eq $Network::ethernet{'GREEN_NETMASK'}) {
- $errormessage = $Lang::tr{'ovpn errmsg green already pushed'};
- goto ADV_ERROR;
- }
+ # Remove any excess whitespace
+ $route =~ s/^\s+//g;
+ $route =~ s/\s+$//g;
- my %ccdroutehash=();
- &General::readhasharray("${General::swroot}/ovpn/ccdroute", \%ccdroutehash);
- foreach my $key (keys %ccdroutehash) {
- foreach my $i (1 .. $#{$ccdroutehash{$key}}) {
- if ( $ip."/".$cidr eq $ccdroutehash{$key}[$i] ){
- $errormessage="Route $ip\/$cidr ".$Lang::tr{'ccd err inuse'}." $ccdroutehash{$key}[0]" ;
- goto ADV_ERROR;
- }
- my ($ip2,$cidr2) = split(/\//,$ccdroutehash{$key}[$i]);
- if (&General::IpInSubnet ($ip,$ip2,$cidr2)){
- $errormessage="Route $ip\/$cidr ".$Lang::tr{'ccd err inuse'}." $ccdroutehash{$key}[0]" ;
- goto ADV_ERROR;
- }
- }
+ # Skip empty lines
+ next if ($route eq "");
+
+ unless (&Network::check_subnet($route)) {
+ $errormessage = "$Lang::tr{'ovpn errmsg invalid route'}: $route";
+ goto ADV_ERROR;
}
- $vpnsettings{'ROUTES_PUSH'} .= $tmpip."\n";
+ $vpnsettings{'ROUTES_PUSH'} .= $route . "\n";
}
- }
- &write_routepushfile;
- undef $vpnsettings{'ROUTES_PUSH'};
- }
- else {
- undef $vpnsettings{'ROUTES_PUSH'};
- &write_routepushfile;
+
+ &write_routepushfile();
+
+ undef $vpnsettings{'ROUTES_PUSH'};
}
+
if ((length($cgiparams{'MAX_CLIENTS'}) == 0) || (($cgiparams{'MAX_CLIENTS'}) < 1 ) || (($cgiparams{'MAX_CLIENTS'}) > 1024 )) {
$errormessage = $Lang::tr{'invalid input for max clients'};
goto ADV_ERROR;
'ovpn engines' => 'Crypto engine',
'ovpn errmsg green already pushed' => 'Route for green network is always set',
'ovpn errmsg invalid ip or mask' => 'Invalid network-address or subnetmask',
+'ovpn errmsg invalid route' => 'Invalid route',
'ovpn error md5' => 'You host certificate uses MD5 for the signature which is not accepted anymore. <br>Please update to the latest IPFire version and generate a new root and host certificate.</br><br>All OpenVPN clients needs then to be renewed!</br>',
'ovpn fallback cipher' => 'Fallback Cipher',
'ovpn fallback cipher help' => 'This cipher is being used by clients that do not support cipher negotiation.',
projects / ipfire-2.x.git / commitdiff
