$cgiparams{'ROUTES_PUSH'} = '';
$cgiparams{'DCOMPLZO'} = 'off';
$cgiparams{'MSSFIX'} = '';
+$cgiparams{'number'} = '';
+ $cgiparams{'PMTU_DISCOVERY'} = '';
$routes_push_file = "${General::swroot}/ovpn/routes_push";
unless (-e $routes_push_file) { system("touch $routes_push_file"); }
+unless (-e "${General::swroot}/ovpn/ccd.conf") { system("touch ${General::swroot}/ovpn/ccd.conf"); }
+unless (-e "${General::swroot}/ovpn/ccdroute") { system("touch ${General::swroot}/ovpn/ccdroute"); }
+unless (-e "${General::swroot}/ovpn/ccdroute2") { system("touch ${General::swroot}/ovpn/ccdroute2"); }
&Header::getcgihash(\%cgiparams, {'wantfile' => 1, 'filevar' => 'FH'});
print CONF "dh /var/ipfire/ovpn/ca/dh1024.pem\n";
my @tempovpnsubnet = split("\/",$sovpnsettings{'DOVPN_SUBNET'});
print CONF "server $tempovpnsubnet[0] $tempovpnsubnet[1]\n";
- print CONF "push \"route $netsettings{'GREEN_NETADDRESS'} $netsettings{'GREEN_NETMASK'}\"\n";
+ #print CONF "push \"route $netsettings{'GREEN_NETADDRESS'} $netsettings{'GREEN_NETMASK'}\"\n";
-
+
+ # Check if we are using mssfix, fragment or mtu-disc and set the corretct mtu of 1500.
+ # If we doesn't use one of them, we can use the configured mtu value.
+ if ($sovpnsettings{'MSSFIX'} eq 'on')
+ { print CONF "$sovpnsettings{'DDEVICE'}-mtu 1500\n"; }
+ elsif ($sovpnsettings{'FRAGMENT'} ne '' && $sovpnsettings{'DPROTOCOL'} ne 'tcp')
+ { print CONF "$sovpnsettings{'DDEVICE'}-mtu 1500\n"; }
+ elsif ($sovpnsettings{'PMTU_DISCOVERY'} ne 'off')
+ { print CONF "$sovpnsettings{'DDEVICE'}-mtu 1500\n"; }
+ else
+ { print CONF "$sovpnsettings{'DDEVICE'}-mtu $sovpnsettings{'DMTU'}\n"; }
+
if ($vpnsettings{'ROUTES_PUSH'} ne '') {
- @temp = split(/\n/,$vpnsettings{'ROUTES_PUSH'});
- foreach (@temp)
- {
- @tempovpnsubnet = split("\/",&General::ipcidr2msk($_));
- print CONF "push \"route " . $tempovpnsubnet[0]. " " . $tempovpnsubnet[1] . "\"\n";
+ @temp = split(/\n/,$vpnsettings{'ROUTES_PUSH'});
+ foreach (@temp)
+ {
+ @tempovpnsubnet = split("\/",&General::ipcidr2msk($_));
+ print CONF "push \"route " . $tempovpnsubnet[0]. " " . $tempovpnsubnet[1] . "\"\n";
+ }
}
- }
+# a.marx ccd
+ my %ccdconfhash=();
+ &General::readhasharray("${General::swroot}/ovpn/ccd.conf", \%ccdconfhash);
+ foreach my $key (keys %ccdconfhash) {
+ my $a=$ccdconfhash{$key}[1];
+ my ($b,$c) = split (/\//, $a);
+ print CONF "route $b ".&General::cidrtosub($c)."\n";
+ }
+ my %ccdroutehash=();
+ &General::readhasharray("${General::swroot}/ovpn/ccdroute", \%ccdroutehash);
+ foreach my $key (keys %ccdroutehash) {
+ foreach my $i ( 1 .. $#{$ccdroutehash{$key}}){
+ my ($a,$b)=split (/\//,$ccdroutehash{$key}[$i]);
+ print CONF "route $a $b\n";
+ }
+ }
+# ccd end
- if ($sovpnsettings{CLIENT2CLIENT} eq 'on') {
+ if ($sovpnsettings{CLIENT2CLIENT} eq 'on') {
print CONF "client-to-client\n";
}
if ($sovpnsettings{MSSFIX} eq 'on') {
if ($confighash{$cgiparams{'KEY'}}[24] ne '') {print CLIENTCONF "fragment $confighash{$cgiparams{'KEY'}}[24]\n";}
if ($confighash{$cgiparams{'KEY'}}[23] eq 'on') {print CLIENTCONF "mssfix\n";}
}
- if ($confighash{$cgiparams{'KEY'}}[32] ne 'off') {
++ if ($confighash{$cgiparams{'KEY'}}[38] ne 'off') {
+ if (($confighash{$cgiparams{'KEY'}}[23] ne 'on') || ($confighash{$cgiparams{'KEY'}}[24] eq '')) {
+ if ($tunmtu eq '1500' ) {
- print CLIENTCONF "mtu-disc $confighash{$cgiparams{'KEY'}}[32]\n";
++ print CLIENTCONF "mtu-disc $confighash{$cgiparams{'KEY'}}[38]\n";
+ }
+ }
+ }
print CLIENTCONF "ns-cert-type server\n";
print CLIENTCONF "# Auth. Client\n";
print CLIENTCONF "tls-client\n";
my $zip = Archive::Zip->new();
- print CLIENTCONF "#OpenVPN Server conf\r\n";
+ print CLIENTCONF "#OpenVPN Client conf\r\n";
print CLIENTCONF "tls-client\r\n";
print CLIENTCONF "client\r\n";
+ print CLIENTCONF "nobind\n";
print CLIENTCONF "dev $vpnsettings{'DDEVICE'}\r\n";
print CLIENTCONF "proto $vpnsettings{'DPROTOCOL'}\r\n";
- print CLIENTCONF "$vpnsettings{'DDEVICE'}-mtu $vpnsettings{'DMTU'}\r\n";
+
+ # Check if we are using fragment, mssfix or mtu-disc and set MTU to 1500
+ # or use configured value.
+ if ($vpnsettings{FRAGMENT} ne '' && $vpnsettings{DPROTOCOL} ne 'tcp' )
+ { print CLIENTCONF "$vpnsettings{'DDEVICE'}-mtu 1500\n"; }
+ elsif ($vpnsettings{MSSFIX} eq 'on')
+ { print CLIENTCONF "$vpnsettings{'DDEVICE'}-mtu 1500\n"; }
+ elsif ($vpnsettings{PMTU_DISCOVERY} ne 'off')
+ { print CLIENTCONF "$vpnsettings{'DDEVICE'}-mtu 1500\n"; }
+ else
+ { print CLIENTCONF "$vpnsettings{'DDEVICE'}-mtu $vpnsettings{'DMTU'}\r\n"; }
+
if ( $vpnsettings{'ENABLED'} eq 'on'){
print CLIENTCONF "remote $vpnsettings{'VPN_IP'} $vpnsettings{'DDEST_PORT'}\r\n";
if ( $vpnsettings{'ENABLED_BLUE'} eq 'on' && (&haveBlueNet())){
$key = &General::findhasharraykey (\%confighash);
- foreach my $i (0 .. 38) { $confighash{$key}[$i] = "";}
- foreach my $i (0 .. 32) { $confighash{$key}[$i] = "";}
++ foreach my $i (0 .. 39) { $confighash{$key}[$i] = "";}
++
$confighash{$key}[0] = 'off';
$confighash{$key}[1] = $n2nname[0];
- $confighash{$key}[2] = $n2nname[0];
- $confighash{$key}[2] = $n2nname[0];
++ $confighash{$key}[2] = $n2nname[0];
$confighash{$key}[3] = 'net';
$confighash{$key}[4] = 'cert';
$confighash{$key}[6] = 'client';
$confighash{$key}[8] = $n2nlocalsub[2];
- $confighash{$key}[10] = $n2nremote[1];
- $confighash{$key}[11] = "$n2nremsub[1]/$n2nremsub[2]";
- $confighash{$key}[10] = $n2nremote[1];
- $confighash{$key}[11] = "$n2nremsub[1]/$n2nremsub[2]";
++ $confighash{$key}[10] = $n2nremote[1];
++ $confighash{$key}[11] = "$n2nremsub[1]/$n2nremsub[2]";
$confighash{$key}[22] = $n2nmgmt[2];
- $confighash{$key}[23] = $mssfixactive;
- $confighash{$key}[23] = $mssfixactive;
++ $confighash{$key}[23] = $mssfixactive;
$confighash{$key}[24] = $n2nfragment[1];
- $confighash{$key}[25] = 'IPFire n2n Client';
- $confighash{$key}[25] = 'IPFire n2n Client';
++ $confighash{$key}[25] = 'IPFire n2n Client';
$confighash{$key}[26] = 'red';
- $confighash{$key}[27] = "$n2novpnsub[0].$n2novpnsub[1].$n2novpnsub[2].0/255.255.255.0";
- $confighash{$key}[28] = $n2nproto[0];
- $confighash{$key}[29] = $n2nport[1];
- $confighash{$key}[30] = $complzoactive;
- $confighash{$key}[31] = $n2ntunmtu[1];
- $confighash{$key}[27] = "$n2novpnsub[0].$n2novpnsub[1].$n2novpnsub[2].0/255.255.255.0";
- $confighash{$key}[28] = $n2nproto[0];
- $confighash{$key}[29] = $n2nport[1];
- $confighash{$key}[30] = $complzoactive;
- $confighash{$key}[31] = $n2ntunmtu[1];
- $confighash{$key}[32] = $n2nmtudisc[1];
++ $confighash{$key}[27] = "$n2novpnsub[0].$n2novpnsub[1].$n2novpnsub[2].0/255.255.255.0";
++ $confighash{$key}[28] = $n2nproto[0];
++ $confighash{$key}[29] = $n2nport[1];
++ $confighash{$key}[30] = $complzoactive;
++ $confighash{$key}[31] = $n2ntunmtu[1];
++ $confighash{$key}[38] = $n2nmtudisc[1];
&General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
<tr><td class='boldbase' nowrap='nowrap'>MSSFIX </td><td><b>$confighash{$key}[23]</b></td></tr>
<tr><td class='boldbase' nowrap='nowrap'>Fragment </td><td><b>$confighash{$key}[24]</b></td></tr>
<tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'MTU'}</td><td><b>$confighash{$key}[31]</b></td></tr>
- <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'ovpn mtu-disc'}</td><td><b>$confighash{$key}[32]</b></td></tr>
++ <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'ovpn mtu-disc'}</td><td><b>$confighash{$key}[38]</b></td></tr>
<tr><td class='boldbase' nowrap='nowrap'>Management Port </td><td><b>$confighash{$key}[22]</b></td></tr>
<tr><td> </td><td> </td></tr>
</table>
&General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
if ($cgiparams{'ACTION'} eq $Lang::tr{'edit'}) {
- if (! $confighash{$cgiparams{'KEY'}}[0]) {
- $errormessage = $Lang::tr{'invalid key'};
- goto VPNCONF_END;
- }
- $cgiparams{'ENABLED'} = $confighash{$cgiparams{'KEY'}}[0];
- $cgiparams{'NAME'} = $confighash{$cgiparams{'KEY'}}[1];
- $cgiparams{'TYPE'} = $confighash{$cgiparams{'KEY'}}[3];
- $cgiparams{'AUTH'} = $confighash{$cgiparams{'KEY'}}[4];
- $cgiparams{'PSK'} = $confighash{$cgiparams{'KEY'}}[5];
- $cgiparams{'SIDE'} = $confighash{$cgiparams{'KEY'}}[6];
- $cgiparams{'LOCAL_SUBNET'} = $confighash{$cgiparams{'KEY'}}[8];
- $cgiparams{'REMOTE'} = $confighash{$cgiparams{'KEY'}}[10];
- $cgiparams{'REMOTE_SUBNET'} = $confighash{$cgiparams{'KEY'}}[11];
-# n2n m.a.d new fields
- $cgiparams{'OVPN_MGMT'} = $confighash{$cgiparams{'KEY'}}[22];
- $cgiparams{'MSSFIX'} = $confighash{$cgiparams{'KEY'}}[23];
- $cgiparams{'FRAGMENT'} = $confighash{$cgiparams{'KEY'}}[24];
- $cgiparams{'REMARK'} = $confighash{$cgiparams{'KEY'}}[25];
- $cgiparams{'INTERFACE'} = $confighash{$cgiparams{'KEY'}}[26];
-#new fields
- $cgiparams{'OVPN_SUBNET'} = $confighash{$cgiparams{'KEY'}}[27];
- $cgiparams{'PROTOCOL'} = $confighash{$cgiparams{'KEY'}}[28];
- $cgiparams{'DEST_PORT'} = $confighash{$cgiparams{'KEY'}}[29];
- $cgiparams{'COMPLZO'} = $confighash{$cgiparams{'KEY'}}[30];
- $cgiparams{'MTU'} = $confighash{$cgiparams{'KEY'}}[31];
- $cgiparams{'PMTU_DISCOVERY'} = $confighash{$cgiparams{'KEY'}}[32];
-
-#new fields
-#ab hiere error uebernehmen
-
- } elsif ($cgiparams{'ACTION'} eq $Lang::tr{'save'}) {
+ if (! $confighash{$cgiparams{'KEY'}}[0]) {
+ $errormessage = $Lang::tr{'invalid key'};
+ goto VPNCONF_END;
+ }
+ $cgiparams{'ENABLED'} = $confighash{$cgiparams{'KEY'}}[0];
+ $cgiparams{'NAME'} = $confighash{$cgiparams{'KEY'}}[1];
+ $cgiparams{'TYPE'} = $confighash{$cgiparams{'KEY'}}[3];
+ $cgiparams{'AUTH'} = $confighash{$cgiparams{'KEY'}}[4];
+ $cgiparams{'PSK'} = $confighash{$cgiparams{'KEY'}}[5];
+ $cgiparams{'SIDE'} = $confighash{$cgiparams{'KEY'}}[6];
+ $cgiparams{'LOCAL_SUBNET'} = $confighash{$cgiparams{'KEY'}}[8];
+ $cgiparams{'REMOTE'} = $confighash{$cgiparams{'KEY'}}[10];
+ $cgiparams{'REMOTE_SUBNET'} = $confighash{$cgiparams{'KEY'}}[11];
+ $cgiparams{'OVPN_MGMT'} = $confighash{$cgiparams{'KEY'}}[22];
+ $cgiparams{'MSSFIX'} = $confighash{$cgiparams{'KEY'}}[23];
+ $cgiparams{'FRAGMENT'} = $confighash{$cgiparams{'KEY'}}[24];
+ $cgiparams{'REMARK'} = $confighash{$cgiparams{'KEY'}}[25];
+ $cgiparams{'INTERFACE'} = $confighash{$cgiparams{'KEY'}}[26];
+ $cgiparams{'OVPN_SUBNET'} = $confighash{$cgiparams{'KEY'}}[27];
+ $cgiparams{'PROTOCOL'} = $confighash{$cgiparams{'KEY'}}[28];
+ $cgiparams{'DEST_PORT'} = $confighash{$cgiparams{'KEY'}}[29];
+ $cgiparams{'COMPLZO'} = $confighash{$cgiparams{'KEY'}}[30];
+ $cgiparams{'MTU'} = $confighash{$cgiparams{'KEY'}}[31];
+ $cgiparams{'CHECK1'} = $confighash{$cgiparams{'KEY'}}[32];
+ my $name=$cgiparams{'CHECK1'} ;
+ $cgiparams{$name} = $confighash{$cgiparams{'KEY'}}[33];
+ $cgiparams{'RG'} = $confighash{$cgiparams{'KEY'}}[34];
+ $cgiparams{'CCD_DNS1'} = $confighash{$cgiparams{'KEY'}}[35];
+ $cgiparams{'CCD_DNS2'} = $confighash{$cgiparams{'KEY'}}[36];
+ $cgiparams{'CCD_WINS'} = $confighash{$cgiparams{'KEY'}}[37];
++ $cgiparams{'PMTU_DISCOVERY'} = $confighash{$cgiparams{'KEY'}}[38];
+ } elsif ($cgiparams{'ACTION'} eq $Lang::tr{'save'}) {
$cgiparams{'REMARK'} = &Header::cleanhtml($cgiparams{'REMARK'});
- if ($cgiparams{'TYPE'} !~ /^(host|net)$/) {
+#A.Marx CCD check iroute field and convert it to decimal
+
+ my @temp=();
+ my %ccdroutehash=();
+ my $keypoint=0;
+ if ($cgiparams{'IR'} ne ''){
+ @temp = split("\n",$cgiparams{'IR'});
+ &General::readhasharray("${General::swroot}/ovpn/ccdroute", \%ccdroutehash);
+ #find key to use
+ foreach my $key (keys %ccdroutehash) {
+ if ($ccdroutehash{$key}[0] eq $cgiparams{'NAME'}) {
+ $keypoint=$key;
+ delete $ccdroutehash{$key};
+ }else{
+ $keypoint = &General::findhasharraykey (\%ccdroutehash);
+ }
+ }
+ $ccdroutehash{$keypoint}[0]=$cgiparams{'NAME'};
+ my $i=1;
+ my $val=0;
+ foreach $val (@temp){
+ chomp($val);
+ $val=~s/\s*$//g;
+ my($ip,$cidr) = split(/\//,$val);
+ $cidr=&General::iporsubtodec($cidr);
+
+ #check if iroute exists in ccdroute
+ foreach my $key (keys %ccdroutehash) {
+ foreach my $oldiroute ( 1 .. $#{$ccdroutehash{$key}}){
+ if ($ccdroutehash{$key}[$oldiroute] eq "$ip/$cidr") {
+ $errormessage=$Lang::tr{'ccd err irouteexist'};
+ goto VPNCONF_ERROR;
+ }
+ }
+ }
+
+ #check for existing network IP's
+ if ((&General::IpInSubnet ($ip,$netsettings{GREEN_NETADDRESS},$netsettings{GREEN_NETMASK}) && $netsettings{GREEN_NETADDRESS} ne '0.0.0.0')||
+ (&General::IpInSubnet ($ip,$netsettings{RED_NETADDRESS},$netsettings{RED_NETMASK}) && $netsettings{RED_NETADDRESS} ne '0.0.0.0')||
+ (&General::IpInSubnet ($ip,$netsettings{BLUE_NETADDRESS},$netsettings{BLUE_NETMASK}) && $netsettings{BLUE_NETADDRESS} ne '0.0.0.0' && $netsettings{BLUE_NETADDRESS} gt '')||
+ (&General::IpInSubnet ($ip,$netsettings{ORANGE_NETADDRESS},$netsettings{ORANGE_NETMASK}) && $netsettings{ORANGE_NETADDRESS} ne '0.0.0.0' && $netsettings{ORANGE_NETADDRESS} gt '' )){
+ $errormessage="$ip USED FOR SYSTEM!";
+ goto VPNCONF_ERROR;
+ }
+
+
+
+ if (&General::validipandmask($val)){
+ $ccdroutehash{$keypoint}[$i] = $ip."/".$cidr;
+ }else{
+ $errormessage=$errormessage."Route ".$Lang::tr{'ccd invalid'}." ($ip/$cidr)";
+ goto VPNCONF_ERROR;
+ }
+ $i++;
+ }
+ &General::writehasharray("${General::swroot}/ovpn/ccdroute", \%ccdroutehash);
+ &writeserverconf;
+ }else{
+ &General::readhasharray("${General::swroot}/ovpn/ccdroute", \%ccdroutehash);
+ foreach my $key (keys %ccdroutehash) {
+ if ($ccdroutehash{$key}[0] eq $cgiparams{'NAME'}) {
+ delete $ccdroutehash{$key};
+ &General::writehasharray("${General::swroot}/ovpn/ccdroute", \%ccdroutehash);
+ &writeserverconf;
+ }
+ }
+ }
+ undef @temp;
+ #check route field and convert it to decimal
+ my %ccdroute2hash=();
+ my $val=0;
+ my $i=1;
+
+ &General::readhasharray("${General::swroot}/ovpn/ccdroute2", \%ccdroute2hash);
+ if($cgiparams{'IFROUTE'} eq $Lang::tr{'ccd none'} || $cgiparams{'IFROUTE'} eq '') {
+ undef $cgiparams{'IFROUTE'};
+ foreach my $key (keys %ccdroute2hash){
+ if ($ccdroute2hash{$key}[0] eq $cgiparams{'NAME'}) {
+ delete $ccdroute2hash{$key};
+ }
+ }
+ &General::writehasharray("${General::swroot}/ovpn/ccdroute2", \%ccdroute2hash);
+ }else{
+ #find key to use
+ foreach my $key (keys %ccdroute2hash) {
+ if ($ccdroute2hash{$key}[0] eq $cgiparams{'NAME'}) {
+ $keypoint=$key;
+ delete $ccdroute2hash{$key};
+ }else{
+ $keypoint = &General::findhasharraykey (\%ccdroute2hash);
+ &General::writehasharray("${General::swroot}/ovpn/ccdroute", \%ccdroutehash);
+ &writeserverconf;
+ }
+ }
+ $ccdroute2hash{$keypoint}[0]=$cgiparams{'NAME'};
+ @temp = split(/\|/,$cgiparams{'IFROUTE'});
+ my %ownnet=();
+ &General::readhash("${General::swroot}/ethernet/settings", \%ownnet);
+ foreach $val (@temp){
+ chomp($val);
+ $val=~s/\s*$//g;
+ if ($val eq $Lang::tr{'green'})
+ {
+ $val=$ownnet{GREEN_NETADDRESS}."/".$ownnet{GREEN_NETMASK};
+ }
+ if ($val eq $Lang::tr{'blue'})
+ {
+ $val=$ownnet{BLUE_NETADDRESS}."/".$ownnet{BLUE_NETMASK};
+ }
+ if ($val eq $Lang::tr{'orange'})
+ {
+ $val=$ownnet{ORANGE_NETADDRESS}."/".$ownnet{ORANGE_NETMASK};
+ }
+ my ($ip,$cidr) = split (/\//, $val);
+ if (! &check_routes_push($val)){$errormessage=$errormessage."Route $val ".$Lang::tr{'ccd err routeovpn2'}." ($val)";goto VPNCONF_ERROR;}
+ if (! &check_ccdroute($val)){$errormessage=$errormessage."<br>Route $val ".$Lang::tr{'ccd err inuse'}." ($val)" ;goto VPNCONF_ERROR;}
+ if (! &check_ccdconf($val)){$errormessage=$errormessage."<br>Route $val ".$Lang::tr{'ccd err routeovpn'}." ($val)";goto VPNCONF_ERROR;}
+ if (&General::validipandmask($val)){
+ $val=$ip."/".&General::iporsubtodec($cidr);
+ $ccdroute2hash{$keypoint}[$i] = $val;
+ }else{
+ $errormessage=$errormessage."Route ".$Lang::tr{'ccd invalid'}." ($val)";
+ goto VPNCONF_ERROR;
+ }
+ $i++;
+ }
+ &General::writehasharray("${General::swroot}/ovpn/ccdroute2", \%ccdroute2hash);
+ }
+ #check dns1 ip
+ if ($cgiparams{'CCD_DNS1'} ne '' && ! &General::validip($cgiparams{'CCD_DNS1'})) {
+ $errormessage=$errormessage."<br>".$Lang::tr{'invalid input for dhcp dns'}." 1";
+ goto VPNCONF_ERROR;
+ }
+ #check dns2 ip
+ if ($cgiparams{'CCD_DNS2'} ne '' && ! &General::validip($cgiparams{'CCD_DNS2'})) {
+ $errormessage=$errormessage."<br>".$Lang::tr{'invalid input for dhcp dns'}." 2";
+ goto VPNCONF_ERROR;
+ }
+ #check wins ip
+ if ($cgiparams{'CCD_WINS'} ne '' && ! &General::validip($cgiparams{'CCD_WINS'})) {
+ $errormessage=$errormessage."<br>".$Lang::tr{'invalid input for dhcp wins'};
+ goto VPNCONF_ERROR;
+ }
+
+
+#CCD End
+
+
+ if ($cgiparams{'TYPE'} !~ /^(host|net)$/) {
$errormessage = $Lang::tr{'connection type is invalid'};
if ($cgiparams{'TYPE'} eq 'net') {
unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams{'NAME'}.conf") or die "Removing Configfile fail: $!";
# Save the config
my $key = $cgiparams{'KEY'};
+
if (! $key) {
$key = &General::findhasharraykey (\%confighash);
- foreach my $i (0 .. 31) { $confighash{$key}[$i] = "";}
+ foreach my $i (0 .. 38) { $confighash{$key}[$i] = "";}
}
- $confighash{$key}[0] = $cgiparams{'ENABLED'};
- $confighash{$key}[1] = $cgiparams{'NAME'};
+ $confighash{$key}[0] = $cgiparams{'ENABLED'};
+ $confighash{$key}[1] = $cgiparams{'NAME'};
if ((! $cgiparams{'KEY'}) && $cgiparams{'AUTH'} ne 'psk') {
- $confighash{$key}[2] = $cgiparams{'CERT_NAME'};
+ $confighash{$key}[2] = $cgiparams{'CERT_NAME'};
}
- $confighash{$key}[3] = $cgiparams{'TYPE'};
+
+ $confighash{$key}[3] = $cgiparams{'TYPE'};
if ($cgiparams{'AUTH'} eq 'psk') {
- $confighash{$key}[4] = 'psk';
- $confighash{$key}[5] = $cgiparams{'PSK'};
+ $confighash{$key}[4] = 'psk';
+ $confighash{$key}[5] = $cgiparams{'PSK'};
} else {
- $confighash{$key}[4] = 'cert';
+ $confighash{$key}[4] = 'cert';
}
if ($cgiparams{'TYPE'} eq 'net') {
- $confighash{$key}[6] = $cgiparams{'SIDE'};
- $confighash{$key}[11] = $cgiparams{'REMOTE_SUBNET'};
+ $confighash{$key}[6] = $cgiparams{'SIDE'};
+ $confighash{$key}[11] = $cgiparams{'REMOTE_SUBNET'};
}
- $confighash{$key}[8] = $cgiparams{'LOCAL_SUBNET'};
- $confighash{$key}[10] = $cgiparams{'REMOTE'};
+ $confighash{$key}[8] = $cgiparams{'LOCAL_SUBNET'};
+ $confighash{$key}[10] = $cgiparams{'REMOTE'};
if ($cgiparams{'OVPN_MGMT'} eq '') {
- $confighash{$key}[22] = $confighash{$key}[29];
+ $confighash{$key}[22] = $confighash{$key}[29];
} else {
- $confighash{$key}[22] = $cgiparams{'OVPN_MGMT'};
+ $confighash{$key}[22] = $cgiparams{'OVPN_MGMT'};
}
- $confighash{$key}[23] = $cgiparams{'MSSFIX'};
- $confighash{$key}[24] = $cgiparams{'FRAGMENT'};
- $confighash{$key}[25] = $cgiparams{'REMARK'};
- $confighash{$key}[26] = $cgiparams{'INTERFACE'};
+ $confighash{$key}[23] = $cgiparams{'MSSFIX'};
+ $confighash{$key}[24] = $cgiparams{'FRAGMENT'};
+ $confighash{$key}[25] = $cgiparams{'REMARK'};
+ $confighash{$key}[26] = $cgiparams{'INTERFACE'};
# new fields
- $confighash{$key}[27] = $cgiparams{'OVPN_SUBNET'};
- $confighash{$key}[28] = $cgiparams{'PROTOCOL'};
- $confighash{$key}[29] = $cgiparams{'DEST_PORT'};
- $confighash{$key}[30] = $cgiparams{'COMPLZO'};
- $confighash{$key}[31] = $cgiparams{'MTU'};
- $confighash{$key}[32] = $cgiparams{'PMTU_DISCOVERY'};
-# new fileds
+ $confighash{$key}[27] = $cgiparams{'OVPN_SUBNET'};
+ $confighash{$key}[28] = $cgiparams{'PROTOCOL'};
+ $confighash{$key}[29] = $cgiparams{'DEST_PORT'};
+ $confighash{$key}[30] = $cgiparams{'COMPLZO'};
+ $confighash{$key}[31] = $cgiparams{'MTU'};
+ $confighash{$key}[32] = $cgiparams{'CHECK1'};
+ my $name=$cgiparams{'CHECK1'};
+ $confighash{$key}[33] = $cgiparams{$name};
+ $confighash{$key}[34] = $cgiparams{'RG'};
+ $confighash{$key}[35] = $cgiparams{'CCD_DNS1'};
+ $confighash{$key}[36] = $cgiparams{'CCD_DNS2'};
+ $confighash{$key}[37] = $cgiparams{'CCD_WINS'};
-
-
++ $confighash{$key}[38] = $cgiparams{'PMTU_DISCOVERY'};
++
++
&General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
+
+ if ($cgiparams{'CHECK1'} ){
+
+ my ($ccdip,$ccdsub)=split "/",$cgiparams{$name};
+ my ($a,$b,$c,$d) = split (/\./,$ccdip);
+ if ( -e "${General::swroot}/ovpn/ccd/$confighash{$key}[2]"){unlink "${General::swroot}/ovpn/ccd/$cgiparams{'CERT_NAME'}";}
+ open ( CCDRWCONF,'>',"${General::swroot}/ovpn/ccd/$confighash{$key}[2]") or die "Unable to create clientconfigfile $!";
+ print CCDRWCONF "# OpenVPN Clientconfig from CCD extension by Copymaster#\n\n";
+ if($cgiparams{'CHECK1'} eq 'dynamic'){
+ print CCDRWCONF "#This client uses the dynamic pool\n";
+ }else{
+ print CCDRWCONF "#Ip address client and Server\n";
+ print CCDRWCONF "ifconfig-push $ccdip ".&General::getlastip($ccdip,1)."\n";
+ }
+ if ($confighash{$key}[34] eq 'on'){
+ print CCDRWCONF "\n#Redirect Gateway: \n#All IP traffic is redirected through the vpn \n";
+ print CCDRWCONF "push redirect-gateway\n";
+ }
+ if ($cgiparams{'IR'} ne ''){
+ print CCDRWCONF "\n#Client routes these Networks (behind Client)\n";
+ foreach my $key (keys %ccdroutehash){
+ if ($ccdroutehash{$key}[0] eq $cgiparams{'NAME'}){
+ foreach my $i ( 1 .. $#{$ccdroutehash{$key}}){
+ my ($a,$b)=split (/\//,$ccdroutehash{$key}[$i]);
+ print CCDRWCONF "iroute $a $b\n";
+ }
+ }
+ }
+ }
+ if ($cgiparams{'IFROUTE'} ne ''){
+ print CCDRWCONF "\n#Client gets routes to these Networks (behind IPFIRE)\n";
+ foreach my $key (keys %ccdroute2hash){
+ if ($ccdroute2hash{$key}[0] eq $cgiparams{'NAME'}){
+ foreach my $i ( 1 .. $#{$ccdroute2hash{$key}}){
+ if($ccdroute2hash{$key}[$i] eq $Lang::tr{'blue'}){
+ my %blue=();
+ &General::readhash("${General::swroot}/ethernet/settings", \%blue);
+ print CCDRWCONF "push \"route $blue{BLUE_ADDRESS} $blue{BLUE_NETMASK}\n";
+ }elsif($ccdroute2hash{$key}[$i] eq $Lang::tr{'orange'}){
+ my %orange=();
+ &General::readhash("${General::swroot}/ethernet/settings", \%orange);
+ print CCDRWCONF "push \"route $orange{ORANGE_ADDRESS} $orange{ORANGE_NETMASK}\n";
+ }else{
+ my ($a,$b)=split (/\//,$ccdroute2hash{$key}[$i]);
+ print CCDRWCONF "push \"route $a $b\"\n";
+ }
+ }
+ }
+ }
+ }
+ if(($cgiparams{'CCD_DNS1'} eq '') && ($cgiparams{'CCD_DNS1'} ne '')){ $cgiparams{'CCD_DNS1'} = $cgiparams{'CCD_DNS2'};$cgiparams{'CCD_DNS2'}='';}
+ if($cgiparams{'CCD_DNS1'} ne ''){
+ print CCDRWCONF "\n#Client gets these Nameservers\n";
+ print CCDRWCONF "push \"dhcp-option DNS $cgiparams{'CCD_DNS1'}\" \n";
+ }
+ if($cgiparams{'CCD_DNS2'} ne ''){
+ print CCDRWCONF "push \"dhcp-option DNS $cgiparams{'CCD_DNS2'}\" \n";
+ }
+ if($cgiparams{'CCD_WINS'} ne ''){
+ print CCDRWCONF "\n#Client gets this WINS server\n";
+ print CCDRWCONF "push \"dhcp-option WINS $cgiparams{'CCD_WINS'}\" \n";
+ }
+ close CCDRWCONF;
+ }
###
# m.a.d n2n begin
<td> <input type='TEXT' name='OVPN_MGMT' VALUE='$cgiparams{'OVPN_MGMT'}'size='5' /></td>
<td colspan='2'>$Lang::tr{'openvpn default'}: <span class="base">$Lang::tr{'destination port'}</span></td>
+ <tr>
+ <td class='boldbase' nowrap='nowrap'>$Lang::tr{'ovpn mtu-disc'}</td>
+ <td colspan='2'>
+ <input type='radio' name='PMTU_DISCOVERY' value='yes' $checked{'PMTU_DISCOVERY'}{'yes'} /> $Lang::tr{'ovpn mtu-disc yes'}
+ <input type='radio' name='PMTU_DISCOVERY' value='maybe' $checked{'PMTU_DISCOVERY'}{'maybe'} /> $Lang::tr{'ovpn mtu-disc maybe'}
+ <input type='radio' name='PMTU_DISCOVERY' value='no' $checked{'PMTU_DISCOVERY'}{'no'} /> $Lang::tr{'ovpn mtu-disc no'}
+ <input type='radio' name='PMTU_DISCOVERY' value='off' $checked{'PMTU_DISCOVERY'}{'off'} /> $Lang::tr{'ovpn mtu-disc off'}
+ </td>
+ </tr>
+
END
- ;
+;
}
-
+ #jumper
print "<tr><td class='boldbase'>$Lang::tr{'remark title'} <img src='/blob.gif' /></td>";
- print "<td colspan='3'><input type='text' name='REMARK' value='$cgiparams{'REMARK'}' size='55' maxlength='50' /></td></tr>";
+ print "<td colspan='3'><input type='text' name='REMARK' value='$cgiparams{'REMARK'}' size='55' maxlength='50' /></td></tr></table>";
if ($cgiparams{'TYPE'} eq 'host') {
+ print "<tr><td>$Lang::tr{'enabled'} <input type='checkbox' name='ENABLED' $checked{'ENABLED'}{'on'} /></td>";
+ }
- print "<tr><td>$Lang::tr{'enabled'} <input type='checkbox' name='ENABLED' $checked{'ENABLED'}{'on'} /></td>\n";
- }
-
-# if ($cgiparams{'KEY'}) {
-# print "<td colspan='3'> </td></tr></table>";
-# } else {
-# print "<td colspan='3'><input type='checkbox' name='EDIT_ADVANCED' $checked{'EDIT_ADVANCED'}{'on'} /> $Lang::tr{'edit advanced settings when done'}</tr></table>";
-# }
-# }else{
- print "<td colspan='3'> </td></tr></table>";
-# }
-
+ print"</tr></table><br><br>";
+#A.Marx CCD new client
-
+ print "<table border='0' width='100%' cellspacing='1' cellpadding='0'><tr><td colspan='3'><hr><br><b>$Lang::tr{'ccd choose net'}</td></tr><tr><td height='20' colspan='3'></td></tr>";
+ my %ccdconfhash=();
+ my %ccdroutehash=();
+ my %ccdroute2hash=();
+ my %vpnnet=();
+ my $vpnip;
+ &General::readhash("${General::swroot}/ovpn/settings", \%vpnnet);
+ $vpnip=$vpnnet{'DOVPN_SUBNET'};
+ &General::readhasharray("${General::swroot}/ovpn/ccd.conf", \%ccdconfhash);
+ my @ccdconf=();
+ my $count=0;
+ my $checked;
+ $checked{'check1'}{'off'} = '';
+ $checked{'check1'}{'on'} = '';
+ $checked{'check1'}{$cgiparams{'CHECK1'}} = 'CHECKED';
+ print"<tr><td align='center' width='1%' valign='top'><input type='radio' name='CHECK1' value='dynamic' checked /></td><td align='left' valign='top' width='35%'>$Lang::tr{'ccd dynrange'} ($vpnip)</td><td width='30%'>";
+ print"</td></tr></table><br><br>";
+ my $name=$cgiparams{'CHECK1'};
+ $checked{'RG'}{$cgiparams{'RG'}} = 'CHECKED';
+
+ if (! -z "${General::swroot}/ovpn/ccd.conf"){
+ print"<table border='0' width='100%' cellspacing='1' cellpadding='0'><tr><td width='1%'></td><td width='30%' class='boldbase' align='center'><b>$Lang::tr{'ccd name'}</td><td width='15%' class='boldbase' align='center'><b>$Lang::tr{'network'}</td><td class='boldbase' align='center' width='18%'><b>$Lang::tr{'ccd clientip'}</td></tr>";
+ foreach my $key (keys %ccdconfhash) {
+ $count++;
+ @ccdconf=($ccdconfhash{$key}[0],$ccdconfhash{$key}[1]);
+ if ($count % 2){print"<tr bgcolor='$color{'color22'}'>";}else{print"<tr bgcolor='$color{'color20'}'>";}
+ print"<td align='center' width='1%'><input type='radio' name='CHECK1' value='$ccdconf[0]' $checked{'check1'}{$ccdconf[0]}/></td><td>$ccdconf[0]</td><td width='40%' align='center'>$ccdconf[1]</td><td align='left' width='10%'>";
+ &fillselectbox($ccdconf[1],$ccdconf[0],$cgiparams{$name});
+ print"</td></tr>";
+ }
+ print "</table><br><br><hr><br><br>";
+ }
+# ccd end
&Header::closebox();
-
if ($cgiparams{'KEY'} && $cgiparams{'AUTH'} eq 'psk') {
- # &Header::openbox('100%', 'LEFT', $Lang::tr{'authentication'});
- # print <<END
- # <table width='100%' cellpadding='0' cellspacing='5' border='0'>
- # <tr><td class='base' width='50%'>$Lang::tr{'use a pre-shared key'}</td>
- # <td class='base' width='50%'><input type='text' name='PSK' size='30' value='$cgiparams{'PSK'}' /></td></tr>
- # </table>
-END
- # ;
- # &Header::closebox();
- } elsif (! $cgiparams{'KEY'}) {
+
+ } elsif (! $cgiparams{'KEY'}) {
+
+
my $disabled='';
my $cakeydisabled='';
my $cacrtdisabled='';