use CGI;
use CGI qw/:standard/;
use Net::DNS;
+use Net::Ping;
use File::Copy;
use File::Temp qw/ tempfile tempdir /;
use strict;
require "${General::swroot}/countries.pl";
# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
+use warnings;
+use CGI::Carp 'fatalsToBrowser';
#workaround to suppress a warning when a variable is used only once
my @dummy = ( ${Header::colourgreen} );
undef (@dummy);
$cgiparams{'DCOMPLZO'} = 'off';
$cgiparams{'MSSFIX'} = '';
+
&Header::getcgihash(\%cgiparams, {'wantfile' => 1, 'filevar' => 'FH'});
# prepare openvpn config file
&writeserverconf();#hier ok
}
+###
+# m.a.d Save net2net server config
+###
+
+if ($cgiparams{'ACTION'} eq $Lang::tr{'save'} && $cgiparams{'TYPE'} eq 'net' && $cgiparams{'SIDE'} eq 'server')
+{
+my @remsubnet = split(/\//,$cgiparams{'REMOTE_SUBNET'});
+my @ovsubnettemp = split(/\./,$cgiparams{'OVPN_SUBNET'});
+my $ovsubnet = "@ovsubnettemp[0].@ovsubnettemp[1].@ovsubnettemp[2]";
+my $tunmtu = $cgiparams{'MTU'};
+if ($tunmtu eq '') {$tunmtu = '1500'} else {$tunmtu = $cgiparams{'MTU'}};
+
+ if ( !-d "${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}") {
+ mkdir("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}", 0770); }
+
+ open(SERVERCONF, ">${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams{'NAME'}.conf") or die "Unable to open ${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams{'NAME'}.conf: $!";
+
+ flock SERVERCONF, 2;
+ print SERVERCONF "# n2n Open VPN Server Config by ummeegge und m.a.d\n";
+ print SERVERCONF "\n";
+ print SERVERCONF "# User Sicherheit\n";
+ print SERVERCONF "user nobody\n";
+ print SERVERCONF "group nobody\n";
+ print SERVERCONF "persist-tun\n";
+ print SERVERCONF "persist-key\n";
+ print SERVERCONF "\n";
+ print SERVERCONF "# IP/DNS fuer das Server Gateway - g2g Mode\n";
+ print SERVERCONF "remote $cgiparams{'REMOTE'}\n";
+ print SERVERCONF "\n";
+ print SERVERCONF "# IP Adressen des VPN Tunnels\n";
+ print SERVERCONF "ifconfig $ovsubnet.1 $ovsubnet.2\n";
+ print SERVERCONF "\n";
+ print SERVERCONF "# Netzwerk auf dem Client Gateway\n";
+ print SERVERCONF "route @remsubnet[0] @remsubnet[1]\n";
+ print SERVERCONF "# Device fuer den Tunnel\n";
+ print SERVERCONF "dev tun\n";
+ print SERVERCONF "\n";
+ print SERVERCONF "#Port und Protokoll\n";
+ print SERVERCONF "port $cgiparams{'DEST_PORT'}\n";
+ print SERVERCONF "proto $cgiparams{'PROTOCOL'}\n";
+ print SERVERCONF "\n";
+ print SERVERCONF "# Paketgroessen\n";
+ print SERVERCONF "tun-mtu $tunmtu\n";
+ print SERVERCONF "fragment 1300\n";
+ print SERVERCONF "mssfix\n";
+ print SERVERCONF "\n";
+ print SERVERCONF "# Auth Server\n";
+ print SERVERCONF "tls-server\n";
+ print SERVERCONF "ca ${General::swroot}/ovpn/ca/cacert.pem\n";
+ print SERVERCONF "cert ${General::swroot}/ovpn/certs/servercert.pem\n";
+ print SERVERCONF "key ${General::swroot}/ovpn/certs/serverkey.pem\n";
+ print SERVERCONF "dh ${General::swroot}/ovpn/ca/dh1024.pem\n";
+ print SERVERCONF "\n";
+ print SERVERCONF "# Verschluesselung\n";
+ print SERVERCONF "cipher AES-256-CBC\n";
+ if ($cgiparams{'COMPLZO'} eq 'on') {
+ print SERVERCONF "# Kompression einschalten\n";
+ print SERVERCONF "comp-lzo\r\n";
+ print SERVERCONF "#\n";
+ }
+ print SERVERCONF "# Debug Level setzen\n";
+ print SERVERCONF "verb 3\n";
+ print SERVERCONF "\n";
+ print SERVERCONF "# Tunnel Ueberwachung\n";
+ print SERVERCONF "keepalive 10 60\n";
+ print SERVERCONF "\n";
+ print SERVERCONF "# Als Daemon starten mit Namen ovpnn2n\n";
+ print SERVERCONF "daemon $cgiparams{'NAME'}n2n\n";
+ print SERVERCONF "writepid /var/run/$cgiparams{'NAME'}n2n.pid\n";
+ print SERVERCONF "\n";
+ print SERVERCONF "# Management Interface aktivieren\n";
+ print SERVERCONF "#management localhost 4711\n";
+ close(SERVERCONF);
+
+}
+
+###
+# m.a.d Save net2net client config
+###
+if ($cgiparams{'ACTION'} eq $Lang::tr{'save'} && $cgiparams{'TYPE'} eq 'net' && $cgiparams{'SIDE'} eq 'client')
+{
+ my @ovsubnettemp = split(/\./,$cgiparams{'OVPN_SUBNET'});
+ my $ovsubnet = "@ovsubnettemp[0].@ovsubnettemp[1].@ovsubnettemp[2]";
+ my @remsubnet = split(/\//,$cgiparams{'REMOTE_SUBNET'});
+ my $tunmtu = $cgiparams{'MTU'};
+ if ($tunmtu eq '') {$tunmtu = '1500'} else {$tunmtu = $cgiparams{'MTU'}};
+
+ if ( !-d "${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}") {
+ mkdir("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}", 0770); }
+
+ open(CLIENTCONF, ">${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams{'NAME'}.conf") or die "Unable to open ${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams{'NAME'}.conf: $!";
+
+ flock CLIENTCONF, 2;
+ print CLIENTCONF "# rewritten n2n Open VPN Client Config by ummeegge und m.a.d\n";
+ print CLIENTCONF "#\n";
+ print CLIENTCONF "# User Sicherheit\n";
+ print CLIENTCONF "user nobody\n";
+ print CLIENTCONF "group nobody\n";
+ print CLIENTCONF "persist-tun\n";
+ print CLIENTCONF "persist-key\n";
+ print CLIENTCONF "#\n";
+ print CLIENTCONF "# IP/DNS fuer das Server Gateway - g2g Mode\n";
+ print CLIENTCONF "remote $cgiparams{'REMOTE'}\n";
+ print CLIENTCONF "#\n";
+ print CLIENTCONF "# IP Adressen des VPN Tunnels\n";
+ print CLIENTCONF "ifconfig $ovsubnet.2 $ovsubnet.1\n";
+ print CLIENTCONF "#\n";
+ print CLIENTCONF "# Netzwerk auf dem Server Gateway\n";
+ print CLIENTCONF "route @remsubnet[0]/@remsubnet[1]\n";
+ print CLIENTCONF "# Device fuer den Tunnel\n";
+ print CLIENTCONF "dev tun\n";
+ print CLIENTCONF "#\n";
+ print CLIENTCONF "#Port und Protokoll\n";
+ print CLIENTCONF "port $cgiparams{'DEST_PORT'}\n";
+ print CLIENTCONF "proto $cgiparams{'PROTOCOL'}\n";
+ print CLIENTCONF "#\n";
+ print CLIENTCONF "# Paketgroessen\n";
+ print CLIENTCONF "tun-mtu $tunmtu\n";
+ print CLIENTCONF "fragment 1300\n";
+ print CLIENTCONF "mssfix\n";
+ print CLIENTCONF "#\n";
+ print CLIENTCONF "# Auth. Client\n";
+ print CLIENTCONF "tls-client\n";
+ print CLIENTCONF "#\n";
+ print CLIENTCONF "# Verschluesselung\n";
+ print CLIENTCONF "cipher AES-256-CBC\n";
+ print CLIENTCONF "pkcs12 ${General::swroot}/ovpn/certs/$cgiparams{'NAME'}.p12\r\n";
+ print CLIENTCONF "#\n";
+ if ($cgiparams{'COMPLZO'} eq 'on') {
+ print CLIENTCONF "# Kompression einschalten\n";
+ print CLIENTCONF "comp-lzo\r\n";
+ print CLIENTCONF "#\n";
+ }
+ print CLIENTCONF "#\n";
+ print CLIENTCONF "# Debug Level\n";
+ print CLIENTCONF "verb 3\n";
+ print CLIENTCONF "#\n";
+ print CLIENTCONF "# Tunnel Ueberwachung\n";
+ print CLIENTCONF "keepalive 10 60\n";
+ print CLIENTCONF "#\n";
+ print CLIENTCONF "# Als Daemon starten\n";
+ print CLIENTCONF "daemon $cgiparams{'NAME'}n2n\n";
+ print CLIENTCONF "writepid /var/run/$cgiparams{'NAME'}n2n.pid\n";
+ print CLIENTCONF "#\n";
+ print CLIENTCONF "# Management Interface aktivieren\n";
+ print CLIENTCONF "# management localhost 4711\n";
+ close(CLIENTCONF);
+}
+
+###
+# m.a.d Save net2net config end
+###
###
### Save main settings
###
+
+
if ($cgiparams{'ACTION'} eq $Lang::tr{'save'} && $cgiparams{'TYPE'} eq '' && $cgiparams{'KEY'} eq '') {
&General::readhash("${General::swroot}/ovpn/settings", \%vpnsettings);
#DAN do we really need (to to check) this value? Besides if we listen on blue and orange too,
###
### Enable/Disable connection
###
+
+###
+# m.a.d net2net Anpassung
+###
+
}elsif ($cgiparams{'ACTION'} eq $Lang::tr{'toggle enable disable'}) {
&General::readhash("${General::swroot}/ovpn/settings", \%vpnsettings);
&General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
-
+# my $n2nactive = '';
+ my $n2nactive = `/bin/ps ax|grep $confighash{$cgiparams{'KEY'}}[1]|grep -v grep|awk \'{print \$1}\'`;
+
if ($confighash{$cgiparams{'KEY'}}) {
- if ($confighash{$cgiparams{'KEY'}}[0] eq 'off') {
+
+
+ if ($confighash{$cgiparams{'KEY'}}[0] eq 'off') {
$confighash{$cgiparams{'KEY'}}[0] = 'on';
&General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
- #&writeserverconf();
-# if ($vpnsettings{'ENABLED'} eq 'on' ||
-# $vpnsettings{'ENABLED_BLUE'} eq 'on') {
-# system('/usr/local/bin/ipsecctrl', 'S', $cgiparams{'KEY'});
-# }
- } else {
+
+ if ($confighash{$cgiparams{'KEY'}}[3] eq 'net'){
+ system('/usr/local/bin/openvpnctrl', '-sn2n', $confighash{$cgiparams{'KEY'}}[1]);
+ }
+
+ } else {
+
$confighash{$cgiparams{'KEY'}}[0] = 'off';
-# if ($vpnsettings{'ENABLED'} eq 'on' ||
-# $vpnsettings{'ENABLED_BLUE'} eq 'on') {
-# system('/usr/local/bin/ipsecctrl', 'D', $cgiparams{'KEY'});
-# }
- &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
- #&writeserverconf();
- }
- } else {
- $errormessage = $Lang::tr{'invalid key'};
- }
+ &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
+
+ if ($confighash{$cgiparams{'KEY'}}[3] eq 'net'){
+ if ($n2nactive ne ''){
+ system('/usr/local/bin/openvpnctrl', '-kn2n', $confighash{$cgiparams{'KEY'}}[1]);
+ }
+
+ } else {
+ $errormessage = $Lang::tr{'invalid key'};
+ }
+ }
+ }
###
### Download OpenVPN client package
###
+
+
} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'dl client arch'}) {
&General::readhash("${General::swroot}/ovpn/settings", \%vpnsettings);
&General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
my @fileholder;
my $tempdir = tempdir( CLEANUP => 1 );
my $zippath = "$tempdir/";
- my $zipname = "$confighash{$cgiparams{'KEY'}}[1]-TO-IPFire.zip";
- my $zippathname = "$zippath$zipname";
- $clientovpn = "$confighash{$cgiparams{'KEY'}}[1]-TO-IPFire.ovpn";
+
+###
+# m.a.d net2net DL Client Package
+###
+
+if ($confighash{$cgiparams{'KEY'}}[3] eq 'net'){
+
+ my $zipname = "$confighash{$cgiparams{'KEY'}}[1]-Client.zip";
+ my $zippathname = "$zippath$zipname";
+ $clientovpn = "$confighash{$cgiparams{'KEY'}}[1].conf";
+ my @ovsubnettemp = split(/\./,$confighash{$cgiparams{'KEY'}}[27]);
+ my $ovsubnet = "@ovsubnettemp[0].@ovsubnettemp[1].@ovsubnettemp[2]";
+ my $tunmtu = '';
+
+ open(CLIENTCONF, ">$tempdir/$clientovpn") or die "Unable to open tempfile: $!";
+ flock CLIENTCONF, 2;
+
+ my $zip = Archive::Zip->new();
+ print CLIENTCONF "# n2n Open VPN Client Config by ummeegge und m.a.d\n";
+ print CLIENTCONF "# \n";
+ print CLIENTCONF "# User Sicherheit\n";
+ print CLIENTCONF "user nobody\n";
+ print CLIENTCONF "group nobody\n";
+ print CLIENTCONF "persist-tun\n";
+ print CLIENTCONF "persist-key\n";
+ print CLIENTCONF "#\n";
+ print CLIENTCONF "# IP/DNS fuer das Server Gateway - g2g Mode\n";
+ print CLIENTCONF "remote $netsettings{'RED_ADDRESS'}\n";
+ print CLIENTCONF "#\n";
+ print CLIENTCONF "# IP Adressen des VPN Tunnels\n";
+ print CLIENTCONF "ifconfig $ovsubnet.2 $ovsubnet.1\n";
+ print CLIENTCONF "#\n";
+ print CLIENTCONF "# Netzwerk auf dem Server Gateway\n";
+ print CLIENTCONF "route $confighash{$cgiparams{'KEY'}}[8]\n";
+ print CLIENTCONF "# Device fuer den Tunnel\n";
+ print CLIENTCONF "dev $vpnsettings{'DDEVICE'}\n";
+ print CLIENTCONF "#\n";
+ print CLIENTCONF "#Port und Protokoll\n";
+ print CLIENTCONF "port $confighash{$cgiparams{'KEY'}}[29]\n";
+ print CLIENTCONF "proto $confighash{$cgiparams{'KEY'}}[28]\n";
+ print CLIENTCONF "#\n";
+ print CLIENTCONF "# Paketgroessen\n";
+ if ($confighash{$cgiparams{'KEY'}}[31] eq '') {$tunmtu = '1500'} else {$tunmtu = $confighash{$cgiparams{'KEY'}}[31]};
+ print CLIENTCONF "tun-mtu $tunmtu\n";
+ print CLIENTCONF "fragment 1300\n";
+ print CLIENTCONF "mssfix\n";
+ print CLIENTCONF "#\n";
+ print CLIENTCONF "# Auth. Client\n";
+ print CLIENTCONF "tls-client\n";
+ print CLIENTCONF "#\n";
+ print CLIENTCONF "# Verschluesselung\n";
+ print CLIENTCONF "cipher AES-256-CBC\n";
+ if ($confighash{$cgiparams{'KEY'}}[4] eq 'cert' && -f "${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12") {
+ print CLIENTCONF "pkcs12 ${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12\r\n";
+ $zip->addFile( "${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12", "$confighash{$cgiparams{'KEY'}}[1].p12") or die "Can't add file $confighash{$cgiparams{'KEY'}}[1].p12\n";
+ }
+ print CLIENTCONF "#\n";
+ if ($confighash{$cgiparams{'KEY'}}[30] eq 'on') {
+ print CLIENTCONF "# Kompression einschalten\n";
+ print CLIENTCONF "comp-lzo\r\n";
+ print CLIENTCONF "#\n";
+ }
+ print CLIENTCONF "# Debug Level\n";
+ print CLIENTCONF "verb 3\n";
+ print CLIENTCONF "#\n";
+ print CLIENTCONF "# Tunnel Ueberwachung\n";
+ print CLIENTCONF "keepalive 10 60\n";
+ print CLIENTCONF "#\n";
+ print CLIENTCONF "# Als Daemon starten\n";
+ print CLIENTCONF "daemon $confighash{$cgiparams{'KEY'}}[1]n2n\n";
+ print CLIENTCONF "writepid /var/run/$confighash{$cgiparams{'KEY'}}[1]n2n.pid\n";
+ print CLIENTCONF "#\n";
+ print CLIENTCONF "# Management Interface aktivieren\n";
+ print CLIENTCONF "# management localhost 4711\n";
+ print CLIENTCONF "# remsub $confighash{$cgiparams{'KEY'}}[11]\n";
+
+
+ close(CLIENTCONF);
+
+ $zip->addFile( "$tempdir/$clientovpn", $clientovpn) or die "Can't add file $clientovpn\n";
+ my $status = $zip->writeToFileNamed($zippathname);
+
+ open(DLFILE, "<$zippathname") or die "Unable to open $zippathname: $!";
+ @fileholder = <DLFILE>;
+ print "Content-Type:application/x-download\n";
+ print "Content-Disposition:attachment;filename=$zipname\n\n";
+ print @fileholder;
+ exit (0);
+}
+else
+{
+ my $zipname = "$confighash{$cgiparams{'KEY'}}[1]-TO-IPFire.zip";
+ my $zippathname = "$zippath$zipname";
+ $clientovpn = "$confighash{$cgiparams{'KEY'}}[1]-TO-IPFire.ovpn";
+
+###
+# m.a.d net2net DL Client Package end
+###
+
open(CLIENTCONF, ">$tempdir/$clientovpn") or die "Unable to open tempfile: $!";
flock CLIENTCONF, 2;
print CLIENTCONF "fragment $vpnsettings{'FRAGMENT'}\r\n";
}
close(CLIENTCONF);
+
$zip->addFile( "$tempdir/$clientovpn", $clientovpn) or die "Can't add file $clientovpn\n";
my $status = $zip->writeToFileNamed($zippathname);
print "Content-Disposition:attachment;filename=$zipname\n\n";
print @fileholder;
exit (0);
-
+ }
+
+
+
###
### Remove connection
###
+
+
} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'remove'}) {
&General::readhash("${General::swroot}/ovpn/settings", \%vpnsettings);
&General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
# }
#
my $temp = `/usr/bin/openssl ca -revoke ${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem -config ${General::swroot}/ovpn/openssl/ovpn.cnf`;
- unlink ("${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem");
+
+###
+# m.a.d net2net Anpassung
+###
+ if ($confighash{$cgiparams{'KEY'}}[3] eq 'net') {
+
+ my $conffile = glob("${General::swroot}/ovpn/n2nconf/$confighash{$cgiparams{'KEY'}}[1]/$confighash{$cgiparams{'KEY'}}[1].conf");
+ my $certfile = glob("${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12");
+ unlink ($certfile) or die "Removing $certfile fail: $!";
+ unlink ($conffile) or die "Removing $conffile fail: $!";
+ rmdir ("${General::swroot}/ovpn/n2nconf/$confighash{$cgiparams{'KEY'}}[1]") || die "Kann Verzeichnis nicht loeschen: $!";
+
+}
+###
+# m.a.d net2net Anpassung end
+###
+
+ unlink ("${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem");
unlink ("${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12");
delete $confighash{$cgiparams{'KEY'}};
my $temp2 = `/usr/bin/openssl ca -gencrl -out ${General::swroot}/ovpn/crls/cacrl.pem -config ${General::swroot}/ovpn/openssl/ovpn.cnf`;
} else {
$errormessage = $Lang::tr{'invalid key'};
}
+
+
###
### Download PKCS12 file
###
###
### Enable/Disable connection
###
+
} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'toggle enable disable'}) {
&General::readhash("${General::swroot}/ovpn/settings", \%vpnsettings);
&General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
if ($confighash{$cgiparams{'KEY'}}) {
- if ($confighash{$cgiparams{'KEY'}}[0] eq 'off') {
+ if ($confighash{$cgiparams{'KEY'}}[0] eq 'off') {
$confighash{$cgiparams{'KEY'}}[0] = 'on';
&General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
#&writeserverconf();
} else {
$errormessage = $Lang::tr{'invalid key'};
}
+#test33
+
+###
+### Choose between adding a host-net or net-net connection
+###
+
+###
+# m.a.d Anpassung wegen upload n2n Package
+###
+
+} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'add'} && $cgiparams{'TYPE'} eq '') {
+ &General::readhash("${General::swroot}/ovpn/settings", \%vpnsettings);
+ &Header::showhttpheaders();
+ &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
+ &Header::openbigbox('100%', 'LEFT', '', '');
+ &Header::openbox('100%', 'LEFT', $Lang::tr{'connection type'});
+ print <<END
+ <b>$Lang::tr{'connection type'}:</b><br />
+ <table><form method='post' ENCTYPE="multipart/form-data">
+ <tr><td><input type='radio' name='TYPE' value='host' checked /></td>
+ <td class='base'>$Lang::tr{'host to net vpn'}</td></tr>
+ <tr><td><input type='radio' name='TYPE' value='net' /></td>
+ <td class='base'>$Lang::tr{'net to net vpn'}</td></tr>
+ <tr><td><input type='radio' name='TYPE' value='net2net' /></td>
+ <td class='base'>$Lang::tr{'net to net vpn'} (Upload Client Package)</td></tr>
+ <tr><td> </td><td class='base'><input type='file' name='FH' size='30'></td></tr>
+ <tr><td align='center'><input type='submit' name='ACTION' value='$Lang::tr{'add'}' /></td></tr>
+ </form></table>
+END
+ ;
+
+ &Header::closebox();
+ &Header::closebigbox();
+ &Header::closepage();
+ exit (0);
+
+###
+# m.a.d uploading a IPFire n2n Client package
+###
+
+} elsif (($cgiparams{'ACTION'} eq $Lang::tr{'add'}) && ($cgiparams{'TYPE'} eq 'net2net')){
+
+ my @firen2nconf;
+ my @confdetails;
+ my $uplconffilename ='';
+ my $uplp12name = '';
+ my $complzoactive ='';
+ my @rem_subnet;
+ my @rem_subnet2;
+ my @tmposupnet3;
+ my $key;
+
+ &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
+
+# Check if a file is uploaded
+
+ if (ref ($cgiparams{'FH'}) ne 'Fh') {
+ $errormessage = $Lang::tr{'there was no file upload'};
+ goto N2N_ERROR;
+ }
+
+# Move uploaded IPfire n2n package to temporary file
+
+ (my $fh, my $filename) = tempfile( );
+ if (copy ($cgiparams{'FH'}, $fh) != 1) {
+ $errormessage = $!;
+ goto N2N_ERROR;
+ }
+
+ my $zip = Archive::Zip->new();
+ my $zipName = $filename;
+ my $status = $zip->read( $zipName );
+ if ($status != AZ_OK) {
+ $errormessage = "Read of $zipName failed\n";
+ goto N2N_ERROR;
+ }
+
+ my $tempdir = tempdir( CLEANUP => 1 );
+ my @files = $zip->memberNames();
+ for(@files) {
+ $zip->extractMemberWithoutPaths($_,"$tempdir/$_");
+ }
+ my $countfiles = @files;
+
+# Check if we have not more then 2 files
+
+ if ( $countfiles == 2){
+ foreach (@files){
+ if ( $_ =~ /.conf$/){
+ $uplconffilename = $_;
+ }
+ if ( $_ =~ /.p12$/){
+ $uplp12name = $_;
+ }
+ }
+ if (($uplconffilename eq '') || ($uplp12name eq '')){
+ $errormessage = "Either no *.conf or no *.p12 file found\n";
+ goto N2N_ERROR;
+ }
+
+ open(FILE, "$tempdir/$uplconffilename") or die 'Unable to open*.conf file';
+ @firen2nconf = <FILE>;
+ close (FILE);
+ chomp(@firen2nconf);
+
+ } else {
+
+ $errormessage = "Filecount does not match only 2 files are allowed\n";
+ goto N2N_ERROR;
+ }
+
+###
+# m.a.d prepare imported ipfire net2net data
+###
+
+ my @n2nname = split(/\./,$uplconffilename);
+ $n2nname[0] =~ s/\n|\r//g;
+
+ if ( !-d "${General::swroot}/ovpn/n2nconf/$n2nname[0]") {
+ mkdir("${General::swroot}/ovpn/n2nconf/$n2nname[0]", 0770); }
+
+ move("$tempdir/$uplconffilename", "${General::swroot}/ovpn/n2nconf/$n2nname[0]/$uplconffilename");
+
+ if ($? ne 0) {
+ $errormessage = "*.conf move failed: $!";
+ unlink ($filename);
+ goto N2N_ERROR;
+ }
+
+ move("$tempdir/$uplp12name", "${General::swroot}/ovpn/certs/$uplp12name");
+ if ($? ne 0) {
+ $errormessage = "$Lang::tr{'certificate file move failed'}: $!";
+ unlink ($filename);
+ goto N2N_ERROR;
+ }
+
+my $complzoactive;
+#my @n2nroute = split(/ /, (grep { /^route/ } @firen2nconf)[0]);
+my @n2nproto = split(/ /, (grep { /^proto/ } @firen2nconf)[0]);
+my @n2nport = split(/ /, (grep { /^port/ } @firen2nconf)[0]);
+my @n2ntunmtu = split(/ /, (grep { /^tun-mtu/ } @firen2nconf)[0]);
+my @n2ncomplzo = grep { /^comp-lzo/ } @firen2nconf;
+if ($n2ncomplzo[0] =~ /comp-lzo/){$complzoactive = "on";} else {$complzoactive = "off";}
+my @n2nremote = split(/ /, (grep { /^remote/ } @firen2nconf)[0]);
+my @n2novpnsuball = split(/ /, (grep { /^ifconfig/ } @firen2nconf)[0]);
+my @n2novpnsub = split(/\./,$n2novpnsuball[1]);
+my @n2nremsub = split(/ /, (grep { /^route/ } @firen2nconf)[0]);
+my @n2nlocalsub = split(/ /, (grep { /^# remsub/ } @firen2nconf)[0]);
+
+# $errormessage = &Ovpnfunc::ovelapplausi("$tmposupnet3[0].$tmposupnet3[1].$tmposupnet3[2].0","255.255.255.0");
+# if ($errormessage ne ''){
+# goto N2N_ERROR;
+# }
+
+###
+# m.a.d delete CR and LF from arrays for this chomp doesnt work
+###
+
+#$n2nroute[1] =~ s/\n|\r//g;
+$n2nremote[1] =~ s/\n|\r//g;
+#$n2nroute[1] =~ s/\n|\r//g;
+#$n2nroute[2] =~ s/\n|\r//g;
+$n2novpnsub[0] =~ s/\n|\r//g;
+$n2novpnsub[1] =~ s/\n|\r//g;
+$n2novpnsub[2] =~ s/\n|\r//g;
+$n2nproto[1] =~ s/\n|\r//g;
+$n2nport[1] =~ s/\n|\r//g;
+$n2ntunmtu[1] =~ s/\n|\r//g;
+$n2nremsub[1] =~ s/\n|\r//g;
+$n2nlocalsub[2] =~ s/\n|\r//g;
+chomp ($complzoactive);
+
+###
+# m.a.d Write n2n config
+###
+
+###
+# Check if there is no other entry with this name
+###
+
+ foreach my $dkey (keys %confighash) {
+ if ($confighash{$dkey}[1] eq $n2nname[0]) {
+ $errormessage = $Lang::tr{'a connection with this name already exists'};
+ goto N2N_ERROR;
+ }
+ }
+
+ $key = &General::findhasharraykey (\%confighash);
+
+ foreach my $i (0 .. 31) { $confighash{$key}[$i] = "";}
+ $confighash{$key}[0] = 'off';
+ $confighash{$key}[1] = $n2nname[0];
+ $confighash{$key}[2] = $n2nname[0];
+ $confighash{$key}[3] = 'net';
+ $confighash{$key}[4] = 'cert';
+ $confighash{$key}[6] = 'client';
+ $confighash{$key}[8] = $n2nlocalsub[2];
+ $confighash{$key}[10] = $n2nremote[1];
+ $confighash{$key}[11] = $n2nremsub[1];
+ $confighash{$key}[25] = 'IPFire n2n Client';
+ $confighash{$key}[26] = 'red';
+ $confighash{$key}[27] = "$n2novpnsub[0].$n2novpnsub[1].$n2novpnsub[2].0/255.255.255.0";
+ $confighash{$key}[28] = $n2nproto[1];
+ $confighash{$key}[29] = $n2nport[1];
+ $confighash{$key}[30] = $complzoactive;
+ $confighash{$key}[31] = $n2ntunmtu[1];
+
+
+ &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
+ N2N_ERROR:
+
+ &Header::showhttpheaders();
+ &Header::openpage('Validate imported configuration', 1, '');
+ &Header::openbigbox('100%', 'LEFT', '', $errormessage);
+ if ($errormessage) {
+ &Header::openbox('100%', 'LEFT', $Lang::tr{'error messages'});
+ print "<class name='base'>$errormessage";
+ print " </class>";
+ &Header::closebox();
+
+ } else
+ {
+ &Header::openbox('100%', 'LEFT', 'import ipfire net2net config');
+ }
+ if ($errormessage eq ''){
+ print <<END
+ <!-- ipfire net2net config gui -->
+ <table width='100%'>
+ <tr><td width='25%'> </td><td width='25%'> </td></tr>
+ <tr><td class='boldbase'>$Lang::tr{'name'}:</td><td><b>$n2nname[0]</b></td></tr>
+ <tr><td> </td><td> </td></tr>
+ <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'Act as'}</td><td><b>$confighash{$key}[6]</b></td></tr>
+ <tr><td class='boldbase' nowrap='nowrap'>Remote Host </td><td><b>$confighash{$key}[10]</b></td></tr>
+ <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'local subnet'}</td><td><b>$confighash{$key}[8]</b></td></tr>
+ <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'remote subnet'}</td><td><b>$confighash{$key}[11]</b></td></tr>
+ <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'ovpn subnet'}</td><td><b>$confighash{$key}[27]</b></td></tr>
+ <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'protocol'}</td><td><b>$confighash{$key}[28]</b></td></tr>
+ <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'destination port'}:</td><td><b>$confighash{$key}[29]</b></td></tr>
+ <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'comp-lzo'}</td><td><b>$confighash{$key}[30]</b></td></tr>
+ <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'MTU'}</td><td><b>$confighash{$key}[31]</b></td></tr>
+ <tr><td> </td><td> </td></tr>
+ </table>
+END
+;
+ &Header::closebox();
+ }
+
+ if ($errormessage) {
+ print "<div align='center'><a href='/cgi-bin/ovpnmain.cgi'>$Lang::tr{'back'}</a></div>";
+ } else {
+ print "<div align='center'><form method='post' ENCTYPE='multipart/form-data'><input type='submit' name='ACTION' value='$Lang::tr{'add'}' />";
+ print "<input type='hidden' name='TYPE' value='net2netakn' />";
+ print "<input type='hidden' name='KEY' value='$key' />";
+ print "<input type='submit' name='ACTION' value='$Lang::tr{'cancel'}' /></div></form>";
+ }
+ &Header::closebigbox();
+ &Header::closepage();
+ exit(0);
+
+
+##
+### Accept IPFire n2n Package Settings
+###
+
+ } elsif (($cgiparams{'ACTION'} eq $Lang::tr{'add'}) && ($cgiparams{'TYPE'} eq 'net2netakn')){
+
+###
+### Discard and Rollback IPFire n2n Package Settings
+###
+
+ } elsif (($cgiparams{'ACTION'} eq $Lang::tr{'cancel'}) && ($cgiparams{'TYPE'} eq 'net2netakn')){
+
+ &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
+
+if ($confighash{$cgiparams{'KEY'}}) {
+
+ my $conffile = glob("${General::swroot}/ovpn/n2nconf/$confighash{$cgiparams{'KEY'}}[1]/$confighash{$cgiparams{'KEY'}}[1].conf");
+ my $certfile = glob("${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12");
+ unlink ($certfile) or die "Removing $certfile fail: $!";
+ unlink ($conffile) or die "Removing $conffile fail: $!";
+ rmdir ("${General::swroot}/ovpn/n2nconf/$confighash{$cgiparams{'KEY'}}[1]") || die "Kann Verzeichnis nicht loeschen: $!";
+ delete $confighash{$cgiparams{'KEY'}};
+ &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
+
+ } else {
+ $errormessage = $Lang::tr{'invalid key'};
+ }
+
+
+###
+# m.a.d end uploading a IPFire n2n Client package
+###
+
+
+###
+### Adding a new connection
+###
} elsif (($cgiparams{'ACTION'} eq $Lang::tr{'add'}) ||
($cgiparams{'ACTION'} eq $Lang::tr{'edit'}) ||
($cgiparams{'ACTION'} eq $Lang::tr{'save'} && $cgiparams{'ADVANCED'} eq '')) {
$errormessage = $Lang::tr{'invalid key'};
goto VPNCONF_END;
}
-
$cgiparams{'ENABLED'} = $confighash{$cgiparams{'KEY'}}[0];
$cgiparams{'NAME'} = $confighash{$cgiparams{'KEY'}}[1];
- $cgiparams{'TYPE'} = 'host';
+ $cgiparams{'TYPE'} = $confighash{$cgiparams{'KEY'}}[3];
$cgiparams{'AUTH'} = $confighash{$cgiparams{'KEY'}}[4];
$cgiparams{'PSK'} = $confighash{$cgiparams{'KEY'}}[5];
$cgiparams{'SIDE'} = $confighash{$cgiparams{'KEY'}}[6];
goto VPNCONF_ERROR;
}
+# if (($cgiparams{'TYPE'} eq 'net') && ($cgiparams{'SIDE'} !~ /^(left|right)$/)) {
+# $errormessage = $Lang::tr{'ipfire side is invalid'};
+# goto VPNCONF_ERROR;
+# }
+
# Check if there is no other entry with this name
if (! $cgiparams{'KEY'}) {
foreach my $key (keys %confighash) {
}
}
+ if (($cgiparams{'TYPE'} eq 'net') && (! $cgiparams{'REMOTE'})) {
+ $errormessage = $Lang::tr{'invalid input for remote host/ip'};
+ goto VPNCONF_ERROR;
+ }
+
if ($cgiparams{'REMOTE'}) {
if (! &General::validip($cgiparams{'REMOTE'})) {
if (! &General::validfqdn ($cgiparams{'REMOTE'})) {
}
}
}
+ if (($cgiparams{'TYPE'} eq 'net') && (! &General::validipandmask($cgiparams{'REMOTE_SUBNET'}))) {
+ $errormessage = $Lang::tr{'remote subnet is invalid'};
+ goto VPNCONF_ERROR;
+ }
if ($cgiparams{'ENABLED'} !~ /^(on|off)$/) {
$errormessage = $Lang::tr{'invalid input'};
goto VPNCONF_ERROR;
}
} elsif ($cgiparams{'AUTH'} eq 'certgen') {
-
- $cgiparams{'CERT_NAME'} =~ s/ //g;
-
if ($cgiparams{'KEY'}) {
$errormessage = $Lang::tr{'cant change certificates'};
goto VPNCONF_ERROR;
if ((! $cgiparams{'KEY'}) && $cgiparams{'AUTH'} ne 'psk') {
$confighash{$key}[2] = $cgiparams{'CERT_NAME'};
}
- $confighash{$key}[3] = 'host';
+ $confighash{$key}[3] = $cgiparams{'TYPE'};
if ($cgiparams{'AUTH'} eq 'psk') {
$confighash{$key}[4] = 'psk';
$confighash{$key}[5] = $cgiparams{'PSK'};
} else {
$confighash{$key}[4] = 'cert';
}
+ if ($cgiparams{'TYPE'} eq 'net') {
+ $confighash{$key}[6] = $cgiparams{'SIDE'};
+ $confighash{$key}[11] = $cgiparams{'REMOTE_SUBNET'};
+ }
$confighash{$key}[8] = $cgiparams{'LOCAL_SUBNET'};
$confighash{$key}[10] = $cgiparams{'REMOTE'};
$confighash{$key}[25] = $cgiparams{'REMARK'};
}
print "<form method='post' enctype='multipart/form-data'>";
- print "<input type='hidden' name='TYPE' value='host' />";
+ print "<input type='hidden' name='TYPE' value='$cgiparams{'TYPE'}' />";
if ($cgiparams{'KEY'}) {
print "<input type='hidden' name='KEY' value='$cgiparams{'KEY'}' />";
&Header::openbox('100%', 'LEFT', "$Lang::tr{'connection'}:");
print "<table width='100%'>\n";
print "<tr><td width='25%' class='boldbase'>$Lang::tr{'name'}:</td>";
+ if ($cgiparams{'TYPE'} eq 'host') {
if ($cgiparams{'KEY'}) {
print "<td width='35%' class='base'><input type='hidden' name='NAME' value='$cgiparams{'NAME'}' />$cgiparams{'NAME'}</td>\n";
} else {
# print "<option value='ORANGE' $selected{'INTERFACE'}{'ORANGE'}>ORANGE</option>";
# print "</select></td></tr>";
# print <<END
+ } else {
+ print "<input type='hidden' name='INTERFACE' value='red' />";
+ if ($cgiparams{'KEY'}) {
+ print "<td width='25%' class='base' nowrap='nowrap'><input type='hidden' name='NAME' value='$cgiparams{'NAME'}' />$cgiparams{'NAME'}</td>";
+ } else {
+ print "<td width='25%'><input type='text' name='NAME' value='$cgiparams{'NAME'}' maxlength='20' /></td>";
+ }
+ print <<END
+ <td width='25%'> </td>
+ <td width='25%'> </td></tr>
+ <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'Act as'}</td>
+ <td><select name='SIDE'><option value='server' $selected{'SIDE'}{'server'}>OpenVPN Server</option>
+ <option value='client' $selected{'SIDE'}{'client'}>OpenVPN Client</option></select></td>
+ <td class='boldbase'>$Lang::tr{'remote host/ip'}:</td>
+ <td><input type='TEXT' name='REMOTE' value='$cgiparams{'REMOTE'}' /></td></tr>
+ <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'local subnet'}</td>
+ <td><input type='TEXT' name='LOCAL_SUBNET' value='$cgiparams{'LOCAL_SUBNET'}' /></td>
+ <td class='boldbase' nowrap='nowrap'>$Lang::tr{'remote subnet'}</td>
+ <td><input type='text' name='REMOTE_SUBNET' value='$cgiparams{'REMOTE_SUBNET'}' /></td></tr>
+ <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'ovpn subnet'}</td>
+ <td><input type='TEXT' name='OVPN_SUBNET' value='$cgiparams{'OVPN_SUBNET'}' /></td></tr>
+ <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'protocol'}</td>
+ <td><select name='PROTOCOL'><option value='udp' $selected{'PROTOCOL'}{'udp'}>UDP</option>
+ <option value='tcp' $selected{'PROTOCOL'}{'tcp'}>TCP</option></select></td>
+ <td class='boldbase'>$Lang::tr{'destination port'}:</td>
+ <td><input type='TEXT' name='DEST_PORT' value='$cgiparams{'DEST_PORT'}' size='5' /></td></tr>
+ <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'comp-lzo'}</td>
+ <td><input type='checkbox' name='COMPLZO' $checked{'COMPLZO'}{'on'} /></td>
+ <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'MTU'} <img src='/blob.gif' /></td>
+ <td> <input type='TEXT' name='MTU' VALUE='$cgiparams{'MTU'}'size='5' /></TD>
+
+
+END
+ ;
+ }
print "<tr><td class='boldbase'>$Lang::tr{'remark title'} <img src='/blob.gif' /></td>";
print "<td colspan='3'><input type='text' name='REMARK' value='$cgiparams{'REMARK'}' size='55' maxlength='50' /></td></tr>";
-# if ($cgiparams{'TYPE'} eq 'net') {
- print "<tr><td>$Lang::tr{'enabled'} <input type='checkbox' name='ENABLED' $checked{'ENABLED'}{'on'} /></td>\n";
-
+ if ($cgiparams{'TYPE'} eq 'host') {
+
+ print "<tr><td>$Lang::tr{'enabled'} <input type='checkbox' name='ENABLED' $checked{'ENABLED'}{'on'} /></td>\n";
+ }
+
# if ($cgiparams{'KEY'}) {
# print "<td colspan='3'> </td></tr></table>";
# } else {
if ( ! -f "${General::swroot}/ovpn/ca/cakey.pem" ) { $cakeydisabled = "disabled='disabled'" } else { $cakeydisabled = "" };
if ( ! -f "${General::swroot}/ovpn/ca/cacert.pem" ) { $cacrtdisabled = "disabled='disabled'" } else { $cacrtdisabled = "" };
&Header::openbox('100%', 'LEFT', $Lang::tr{'authentication'});
- print <<END
+
+
+ if ($cgiparams{'TYPE'} eq 'host') {
+
+print <<END
<table width='100%' cellpadding='0' cellspacing='5' border='0'>
<tr><td colspan='3' bgcolor='#000000'><img src='/images/null.gif' width='1' height='1' border='0' /></td></tr>
- <tr><td><input type='radio' name='AUTH' value='certreq' $checked{'AUTH'}{'certreq'} $cakeydisabled /></td>
- <td class='base'>$Lang::tr{'upload a certificate request'}</td>
- <td class='base' rowspan='2'><input type='file' name='FH' size='30' $cacrtdisabled></td></tr>
- <tr><td><input type='radio' name='AUTH' value='certfile' $checked{'AUTH'}{'certfile'} $cacrtdisabled /></td>
- <td class='base'>$Lang::tr{'upload a certificate'}</td></tr>
+ <tr><td><input type='radio' name='AUTH' value='certreq' $checked{'AUTH'}{'certreq'} $cakeydisabled /></td><td class='base'>$Lang::tr{'upload a certificate request'}</td><td class='base' rowspan='2'><input type='file' name='FH' size='30' $cacrtdisabled></td></tr>
+ <tr><td><input type='radio' name='AUTH' value='certfile' $checked{'AUTH'}{'certfile'} $cacrtdisabled /></td><td class='base'>$Lang::tr{'upload a certificate'}</td></tr>
<tr><td colspan='3' bgcolor='#000000'><img src='/images/null.gif' width='1' height='1' BORDER='0' /></td></tr>
- <tr><td><input type='radio' name='AUTH' value='certgen' $checked{'AUTH'}{'certgen'} $cakeydisabled /></td>
- <td class='base'>$Lang::tr{'generate a certificate'}</td><td> </td></tr>
- <tr><td> </td>
- <td class='base'>$Lang::tr{'users fullname or system hostname'}:</td>
- <td class='base' nowrap='nowrap'><input type='text' name='CERT_NAME' value='$cgiparams{'CERT_NAME'}' SIZE='32' $cakeydisabled /></td></tr>
- <tr><td> </td>
- <td class='base'>$Lang::tr{'users email'}: <img src='/blob.gif' /></td>
- <td class='base' nowrap='nowrap'><input type='text' name='CERT_EMAIL' value='$cgiparams{'CERT_EMAIL'}' SIZE='32' $cakeydisabled /></td></tr>
- <tr><td> </td>
- <td class='base'>$Lang::tr{'users department'}: <img src='/blob.gif' /></td>
- <td class='base' nowrap='nowrap'><input type='text' name='CERT_OU' value='$cgiparams{'CERT_OU'}' SIZE='32' $cakeydisabled /></td></tr>
- <tr><td> </td>
- <td class='base'>$Lang::tr{'organization name'}: <img src='/blob.gif' /></td>
- <td class='base' nowrap='nowrap'><input type='text' name='CERT_ORGANIZATION' value='$cgiparams{'CERT_ORGANIZATION'}' SIZE='32' $cakeydisabled /></td></tr>
- <tr><td> </td>
- <td class='base'>$Lang::tr{'city'}: <img src='/blob.gif'></td>
- <td class='base' nowrap='nowrap'><input type='text' name='CERT_CITY' value='$cgiparams{'CERT_CITY'}' SIZE='32' $cakeydisabled /></td></tr>
- <tr><td> </td>
- <td class='base'>$Lang::tr{'state or province'}: <img src='/blob.gif' /></td>
- <td class='base' nowrap='nowrap'><input type='text' name='CERT_STATE' value='$cgiparams{'CERT_STATE'}' SIZE='32' $cakeydisabled /></td></tr>
- <tr><td> </td>
- <td class='base'>$Lang::tr{'country'}:</td>
- <td class='base'><select name='CERT_COUNTRY' $cakeydisabled>
+ <tr><td><input type='radio' name='AUTH' value='certgen' $checked{'AUTH'}{'certgen'} $cakeydisabled /></td><td class='base'>$Lang::tr{'generate a certificate'}</td><td> </td></tr>
+ <tr><td> </td><td class='base'>$Lang::tr{'users fullname or system hostname'}:</td><td class='base' nowrap='nowrap'><input type='text' name='CERT_NAME' value='$cgiparams{'CERT_NAME'}' SIZE='32' $cakeydisabled /></td></tr>
+ <tr><td> </td><td class='base'>$Lang::tr{'users email'}: <img src='/blob.gif' /></td><td class='base' nowrap='nowrap'><input type='text' name='CERT_EMAIL' value='$cgiparams{'CERT_EMAIL'}' SIZE='32' $cakeydisabled /></td></tr>
+ <tr><td> </td><td class='base'>$Lang::tr{'users department'}: <img src='/blob.gif' /></td><td class='base' nowrap='nowrap'><input type='text' name='CERT_OU' value='$cgiparams{'CERT_OU'}' SIZE='32' $cakeydisabled /></td></tr>
+ <tr><td> </td><td class='base'>$Lang::tr{'organization name'}: <img src='/blob.gif' /></td><td class='base' nowrap='nowrap'><input type='text' name='CERT_ORGANIZATION' value='$cgiparams{'CERT_ORGANIZATION'}' SIZE='32' $cakeydisabled /></td></tr>
+ <tr><td> </td><td class='base'>$Lang::tr{'city'}: <img src='/blob.gif'></td><td class='base' nowrap='nowrap'><input type='text' name='CERT_CITY' value='$cgiparams{'CERT_CITY'}' SIZE='32' $cakeydisabled /></td></tr>
+ <tr><td> </td><td class='base'>$Lang::tr{'state or province'}: <img src='/blob.gif' /></td><td class='base' nowrap='nowrap'><input type='text' name='CERT_STATE' value='$cgiparams{'CERT_STATE'}' SIZE='32' $cakeydisabled /></td></tr>
+ <tr><td> </td><td class='base'>$Lang::tr{'country'}:</td><td class='base'><select name='CERT_COUNTRY' $cakeydisabled>
END
+;
+
+###
+# m.a.d Disbale upload cert for n2n connections
+###
+
+} else {
+
+print <<END
+ <table width='100%' cellpadding='0' cellspacing='5' border='0'>
+
+ <tr><td><input type='radio' name='AUTH' value='certgen' $checked{'AUTH'}{'certgen'} $cakeydisabled /></td><td class='base'>$Lang::tr{'generate a certificate'}</td><td> </td></tr>
+ <tr><td> </td><td class='base'>$Lang::tr{'users fullname or system hostname'}:</td><td class='base' nowrap='nowrap'><input type='text' name='CERT_NAME' value='$cgiparams{'CERT_NAME'}' SIZE='32' $cakeydisabled /></td></tr>
+ <tr><td> </td><td class='base'>$Lang::tr{'users email'}: <img src='/blob.gif' /></td><td class='base' nowrap='nowrap'><input type='text' name='CERT_EMAIL' value='$cgiparams{'CERT_EMAIL'}' SIZE='32' $cakeydisabled /></td></tr>
+ <tr><td> </td><td class='base'>$Lang::tr{'users department'}: <img src='/blob.gif' /></td><td class='base' nowrap='nowrap'><input type='text' name='CERT_OU' value='$cgiparams{'CERT_OU'}' SIZE='32' $cakeydisabled /></td></tr>
+ <tr><td> </td><td class='base'>$Lang::tr{'organization name'}: <img src='/blob.gif' /></td><td class='base' nowrap='nowrap'><input type='text' name='CERT_ORGANIZATION' value='$cgiparams{'CERT_ORGANIZATION'}' SIZE='32' $cakeydisabled /></td></tr>
+ <tr><td> </td><td class='base'>$Lang::tr{'city'}: <img src='/blob.gif'></td><td class='base' nowrap='nowrap'><input type='text' name='CERT_CITY' value='$cgiparams{'CERT_CITY'}' SIZE='32' $cakeydisabled /></td></tr>
+ <tr><td> </td><td class='base'>$Lang::tr{'state or province'}: <img src='/blob.gif' /></td><td class='base' nowrap='nowrap'><input type='text' name='CERT_STATE' value='$cgiparams{'CERT_STATE'}' SIZE='32' $cakeydisabled /></td></tr>
+ <tr><td> </td><td class='base'>$Lang::tr{'country'}:</td><td class='base'><select name='CERT_COUNTRY' $cakeydisabled>
+
+END
+;
+
+}
+
+###
+# m.a.d Disbale upload cert for n2n connections end
+###
- ;
foreach my $country (sort keys %{Countries::countries}) {
print "<option value='$Countries::countries{$country}'";
if ( $Countries::countries{$country} eq $cgiparams{'CERT_COUNTRY'} ) {
}
print ">$country</option>";
}
+###
+# m.a.d Disbale pkcs-password for n2n connections
+###
+
+if ($cgiparams{'TYPE'} eq 'host') {
print <<END
</select></td></tr>
- <tr><td> </td>
-
- <td class='base'>$Lang::tr{'valid till'} (days):</td>
- <td class='base' nowrap='nowrap'><input type='text' name='DAYS_VALID' value='$cgiparams{'DAYS_VALID'}' size='32' $cakeydisabled /></td></tr>
-
- <tr><td> </td>
+
+ <td class='base'>$Lang::tr{'valid till'} (days):</td>
+ <td class='base' nowrap='nowrap'><input type='text' name='DAYS_VALID' value='$cgiparams{'DAYS_VALID'}' size='32' $cakeydisabled /></td></tr>
+ <tr><td> </td>
<td class='base'>$Lang::tr{'pkcs12 file password'}:</td>
<td class='base' nowrap='nowrap'><input type='password' name='CERT_PASS1' value='$cgiparams{'CERT_PASS1'}' size='32' $cakeydisabled /></td></tr>
<tr><td> </td><td class='base'>$Lang::tr{'pkcs12 file password'}:<BR>($Lang::tr{'confirmation'})</td>
<td class='base' nowrap='nowrap'><input type='password' name='CERT_PASS2' value='$cgiparams{'CERT_PASS2'}' size='32' $cakeydisabled /></td></tr>
- </table>
+ </table>
+END
+}else{
+ print <<END
+ </select></td></tr>
+ <tr><td> </td><td> </td><td> </td></tr>
+ <tr><td> </td><td> </td><td> </td></tr>
+ </table>
+
END
+}
+
+###
+# m.a.d Disbale pkcs-password for n2n connections end
+###
;
&Header::closebox();
}
$checked{'ENABLED_ORANGE'}{'off'} = '';
$checked{'ENABLED_ORANGE'}{'on'} = '';
$checked{'ENABLED_ORANGE'}{$cgiparams{'ENABLED_ORANGE'}} = 'CHECKED';
-
-
-#new settings
$selected{'DDEVICE'}{'tun'} = '';
$selected{'DDEVICE'}{'tap'} = '';
$selected{'DDEVICE'}{$cgiparams{'DDEVICE'}} = 'SELECTED';
print "<div align='center'><form method='post'><input type='submit' name='ACTION' value='$Lang::tr{'reset'}' /></div></form>\n";
}
if ( -f "${General::swroot}/ovpn/ca/cacert.pem" ) {
+
+###
+# m.a.d Client Status Table
+###
+
&Header::openbox('100%', 'LEFT', $Lang::tr{'Client status and controlc' });
print <<END
+
+
<table width='100%' border='0' cellspacing='1' cellpadding='0'>
<tr>
<td width='10%' class='boldbase' align='center'><b>$Lang::tr{'name'}</b></td>
$cavalid = $1;
print "<td align='center'>$cavalid</td>";
print "<td align='center'>$confighash{$key}[25]</td>";
+
my $active = "<table cellpadding='2' cellspacing='0' bgcolor='${Header::colourred}' width='100%'><tr><td align='center'><b><font color='#FFFFFF'>$Lang::tr{'capsclosed'}</font></b></td></tr></table>";
+
if ($confighash{$key}[0] eq 'off') {
$active = "<table cellpadding='2' cellspacing='0' bgcolor='${Header::colourblue}' width='100%'><tr><td align='center'><b><font color='#FFFFFF'>$Lang::tr{'capsclosed'}</font></b></td></tr></table>";
} else {
+
+###
+# m.a.d net2net Status
+###
+
+ if ($confighash{$cgiparams{'KEY'}}[3] eq 'host'){
+
my $cn;
- my @match = ();
+ my @match = ();
foreach my $line (@status) {
+
chomp($line);
if ( $line =~ /^(.+),(\d+\.\d+\.\d+\.\d+\:\d+),(\d+),(\d+),(.+)/) {
@match = split(m/^(.+),(\d+\.\d+\.\d+\.\d+\:\d+),(\d+),(\d+),(.+)/, $line);
}
$cn =~ s/[_]/ /g;
if ($cn eq "$confighash{$key}[2]") {
- $active = "<table cellpadding='2' cellspacing='0' bgcolor='${Header::colourgreen}' width='100%'><tr><td align='center'><b><font color='#FFFFFF'>$Lang::tr{'capsopen'}</font></b></td></tr></table>";
+ $active = "<table cellpadding='2' cellspacing='0' bgcolor='${Header::colourblue}' width='100%'><tr><td align='center'><b><font color='#FFFFFF'>$Lang::tr{'capsclosed'}</font></b></td></tr></table>";
}
- }
- }
+ }
+ }
+ } else {
+ my @tempovpnsubnet = split("\/",$confighash{$key}[27]);
+ my @ovpnip = split /\./,$tempovpnsubnet[0];
+ my $pingip = "";
+
+ if ($confighash{$key}[6] eq 'server') {
+ $pingip = "$ovpnip[0].$ovpnip[1].$ovpnip[2].2";
+ } else {
+ $pingip = "$ovpnip[0].$ovpnip[1].$ovpnip[2].1";
+ }
+
+ my $p = Net::Ping->new("udp",1);
+
+ if ($p->ping($pingip)) {
+ $active = "<table cellpadding='2' cellspacing='0' bgcolor='${Header::colourgreen}' width='100%'><tr><td align='center'><b><font color='#FFFFFF'>$Lang::tr{'capsopen'}</font></b></td></tr></table>";
+ }
+ $p->close();
+
+ }
}
+
+###
+# m.a.d net2net Status end
+###
+
+
my $disable_clientdl = "disabled='disabled'";
if (( $cgiparams{'ENABLED'} eq 'on') ||
( $cgiparams{'ENABLED_BLUE'} eq 'on') ||
&Header::closebox();
}
&Header::closepage();
+
+
+
projects / ipfire-2.x.git / commitdiff
