$cgiparams{'DHCP_DNS'} = '';
$cgiparams{'DHCP_WINS'} = '';
$cgiparams{'DCOMPLZO'} = 'off';
+$cgiparams{'MSSFIX'} = '';
+
&Header::getcgihash(\%cgiparams, {'wantfile' => 1, 'filevar' => 'FH'});
# prepare openvpn config file
print CONF "$sovpnsettings{'DDEVICE'}-mtu $sovpnsettings{'DMTU'}\n";
print CONF "proto $sovpnsettings{'DPROTOCOL'}\n";
print CONF "port $sovpnsettings{'DDEST_PORT'}\n";
+ print CONF "script-security 3 system\n";
+ print CONF "ifconfig-pool-persist /var/ipfire/ovpn/ovpn-leases.db 3600\n";
print CONF "tls-server\n";
print CONF "ca /var/ipfire/ovpn/ca/cacert.pem\n";
print CONF "cert /var/ipfire/ovpn/certs/servercert.pem\n";
if ($sovpnsettings{CLIENT2CLIENT} eq 'on') {
print CONF "client-to-client\n";
}
+ if ($sovpnsettings{MSSFIX} eq 'on') {
+ print CONF "mssfix\n";
+ }
+ if ($sovpnsettings{FRAGMENT} ne '' && $sovpnsettings{'DPROTOCOL'} ne 'tcp') {
+ print CONF "fragment $sovpnsettings{'FRAGMENT'}\n";
+ }
if ($sovpnsettings{KEEPALIVE_1} > 0 && $sovpnsettings{KEEPALIVE_2} > 0) {
print CONF "keepalive $sovpnsettings{'KEEPALIVE_1'} $sovpnsettings{'KEEPALIVE_2'}\n";
}
if ($sovpnsettings{DHCP_WINS} eq '') {
print CONF "max-clients 100\n";
- }
-
+ }
if ($sovpnsettings{DHCP_WINS} ne '') {
print CONF "max-clients $sovpnsettings{MAX_CLIENTS}\n";
}
$vpnsettings{'DHCP_DNS'} = $cgiparams{'DHCP_DNS'};
$vpnsettings{'DHCP_WINS'} = $cgiparams{'DHCP_WINS'};
+ if ($cgiparams{'FRAGMENT'} eq '') {
+ delete $vpnsettings{'FRAGMENT'};
+ } else {
+ if ($cgiparams{'FRAGMENT'} !~ /^[0-9]+$/) {
+ $errormessage = "Incorrect value, please insert only numbers.";
+ goto ADV_ERROR;
+ } else {
+ $vpnsettings{'FRAGMENT'} = $cgiparams{'FRAGMENT'};
+ }
+ }
+ if ($cgiparams{'MSSFIX'} ne 'on') {
+ delete $vpnsettings{'MSSFIX'};
+ } else {
+ $vpnsettings{'MSSFIX'} = $cgiparams{'MSSFIX'};
+ }
if ($cgiparams{'DHCP_DOMAIN'} ne ''){
unless (&General::validfqdn($cgiparams{'DHCP_DOMAIN'}) || &General::validip($cgiparams{'DHCP_DOMAIN'})) {
$errormessage = $Lang::tr{'invalid input for dhcp domain'};
}
print CLIENTCONF "verb 3\r\n";
print CLIENTCONF "ns-cert-type server\r\n";
- print CLIENTCONF "tls-remote $vpnsettings{ROOTCERT_HOSTNAME}\r\n";
+ print CLIENTCONF "tls-remote $vpnsettings{ROOTCERT_HOSTNAME}\r\n";
+ if ($vpnsettings{MSSFIX} eq 'on') {
+ print CLIENTCONF "mssfix\r\n";
+ }
+ if ($vpnsettings{FRAGMENT} ne '' && $vpnsettings{DPROTOCOL} ne 'tcp' ) {
+ print CLIENTCONF "fragment $vpnsettings{'FRAGMENT'}\r\n";
+ }
close(CLIENTCONF);
$zip->addFile( "$tempdir/$clientovpn", $clientovpn) or die "Can't add file $clientovpn\n";
my $status = $zip->writeToFileNamed($zippathname);
$checked{'REDIRECT_GW_DEF1'}{'off'} = '';
$checked{'REDIRECT_GW_DEF1'}{'on'} = '';
$checked{'REDIRECT_GW_DEF1'}{$cgiparams{'REDIRECT_GW_DEF1'}} = 'CHECKED';
+ $selected{'ENGINES'}{$cgiparams{'ENGINES'}} = 'SELECTED';
+ $checked{'MSSFIX'}{'off'} = '';
+ $checked{'MSSFIX'}{'on'} = '';
+ $checked{'MSSFIX'}{$cgiparams{'MSSFIX'}} = 'CHECKED';
$selected{'LOG_VERB'}{'1'} = '';
$selected{'LOG_VERB'}{'2'} = '';
$selected{'LOG_VERB'}{'3'} = '';
$selected{'LOG_VERB'}{'11'} = '';
$selected{'LOG_VERB'}{'0'} = '';
$selected{'LOG_VERB'}{$cgiparams{'LOG_VERB'}} = 'SELECTED';
+
+
&Header::showhttpheaders();
&Header::openpage($Lang::tr{'status ovpn'}, 1, '');
<td class'base'><b>$Lang::tr{'misc-options'}</b></td>
</tr>
<tr>
- <td width='25%'></td> <td width='20%'> </td><td width='25%'> </td><td width='30%'></td>
+ <td width='20%'></td> <td width='15%'> </td><td width='15%'> </td><td width='50%'></td>
</tr>
<tr>
<td class='base'>Client-To-Client</td>
</tr>
<tr>
<td class='base'>Max-Clients</td>
- <td><input type='text' name='MAX_CLIENTS' value='$cgiparams{'MAX_CLIENTS'}' size='30' /></td>
+ <td><input type='text' name='MAX_CLIENTS' value='$cgiparams{'MAX_CLIENTS'}' size='10' /></td>
</tr>
- <td class='base'>Keppalive (ping/ping-restart)</td>
- <td><input type='TEXT' name='KEEPALIVE_1' value='$cgiparams{'KEEPALIVE_1'}' size='30' /></td>
- <td><input type='TEXT' name='KEEPALIVE_2' value='$cgiparams{'KEEPALIVE_2'}' size='30' /></td>
+ <tr>
+ <td class='base'>Keppalive <br />
+ (ping/ping-restart)</td>
+ <td><input type='TEXT' name='KEEPALIVE_1' value='$cgiparams{'KEEPALIVE_1'}' size='10' /></td>
+ <td><input type='TEXT' name='KEEPALIVE_2' value='$cgiparams{'KEEPALIVE_2'}' size='10' /></td>
+ </tr>
+ <tr>
+ <td class='base'>fragment <br></td>
+ <td><input type='TEXT' name='FRAGMENT' value='$cgiparams{'FRAGMENT'}' size='10' /></td>
+ <td>Default: <span class="base">1300</span></td>
+ </tr>
+ <tr>
+ <td class='base'>mssfix</td>
+ <td><input type='checkbox' name='MSSFIX' $checked{'MSSFIX'}{'on'} /></td>
+ <td>Default: on</td>
+ </tr>
+</table>
+
+<!--
+<hr size='1'>
+ <table width='100%'>
+ <tr>
+ <td class'base'><b>Crypto-Engines</b></td>
+ </tr>
+ <tr>
+ <td width='15%'></td> <td width='30%'> </td><td width='25%'> </td><td width='30%'></td>
</tr>
+ <tr><td class='base'>Engines:</td>
+ <td><select name='ENGINES'><option value="none" $selected{'ENGINES'}{'none'}>none</option>
+ <option value="cryptodev" $selected{'ENGINES'}{'cryptodev'}>cryptodev</option>
+ <option value="padlock" $selected{'ENGINES'}{'padlock'}>padlock</option>
+ </select>
+ </td>
</table>
+-->
<hr size='1'>
<table width='100%'>
<tr>
<td class'base'><b>$Lang::tr{'log-options'}</b></td>
</tr>
<tr>
- <td width='25%'></td> <td width='20%'> </td><td width='25%'> </td><td width='30%'></td>
+ <td width='15%'></td> <td width='30%'> </td><td width='25%'> </td><td width='30%'></td>
</tr>
<tr><td class='base'>VERB</td>
<input type='image' name='$Lang::tr{'edit'}' src='/images/info.gif' alt='$Lang::tr{'show root certificate'}' title='$Lang::tr{'show root certificate'}' width='20' height='20' border='0' />
</td></form>
<form method='post' name='frmrootcrtb'><td width='3%' align='center'>
- <input type='image' name='$Lang::tr{'download root certificate'}' src='/images/floppy.gif' alt='$Lang::tr{'download root certificate'}' title='$Lang::tr{'download root certificate'}' border='0' />
+ <input type='image' name='$Lang::tr{'download root certificate'}' src='/images/media-floppy.png' alt='$Lang::tr{'download root certificate'}' title='$Lang::tr{'download root certificate'}' border='0' />
<input type='hidden' name='ACTION' value='$Lang::tr{'download root certificate'}' />
</td></form>
<td width='4%'> </td></tr>
<input type='image' name='$Lang::tr{'show host certificate'}' src='/images/info.gif' alt='$Lang::tr{'show host certificate'}' title='$Lang::tr{'show host certificate'}' width='20' height='20' border='0' />
</td></form>
<form method='post' name='frmhostcrtb'><td width='3%' align='center'>
- <input type='image' name='$Lang::tr{'download host certificate'}' src='/images/floppy.gif' alt='$Lang::tr{'download host certificate'}' title='$Lang::tr{'download host certificate'}' border='0' />
+ <input type='image' name='$Lang::tr{'download host certificate'}' src='/images/media-floppy.png' alt='$Lang::tr{'download host certificate'}' title='$Lang::tr{'download host certificate'}' border='0' />
<input type='hidden' name='ACTION' value='$Lang::tr{'download host certificate'}' />
</td></form>
<td width='4%'> </td></tr>
<input type='hidden' name='KEY' value='$key' />
</td></form>
<form method='post' name='cafrm${key}b'><td align='center'>
- <input type='image' name='$Lang::tr{'download ca certificate'}' src='/images/floppy.gif' alt='$Lang::tr{'download ca certificate'}' title='$Lang::tr{'download ca certificate'}' border='0' />
+ <input type='image' name='$Lang::tr{'download ca certificate'}' src='/images/media-floppy.png' alt='$Lang::tr{'download ca certificate'}' title='$Lang::tr{'download ca certificate'}' border='0' />
<input type='hidden' name='ACTION' value='$Lang::tr{'download ca certificate'}' />
<input type='hidden' name='KEY' value='$key' />
</td></form>
<td class='boldbase'> <b>$Lang::tr{'legend'}:</b></td>
<td> <img src='/images/info.gif' alt='$Lang::tr{'show certificate'}' /></td>
<td class='base'>$Lang::tr{'show certificate'}</td>
- <td> <img src='/images/floppy.gif' alt='$Lang::tr{'download certificate'}' /></td>
+ <td> <img src='/images/media-floppy.png' alt='$Lang::tr{'download certificate'}' /></td>
<td class='base'>$Lang::tr{'download certificate'}</td>
</tr>
</table>
if ($confighash{$key}[4] eq 'cert' && -f "${General::swroot}/ovpn/certs/$confighash{$key}[1].p12") {
print <<END
<form method='post' name='frm${key}c'><td align='center'>
- <input type='image' name='$Lang::tr{'download pkcs12 file'}' src='/images/floppy.gif' alt='$Lang::tr{'download pkcs12 file'}' title='$Lang::tr{'download pkcs12 file'}' border='0' />
+ <input type='image' name='$Lang::tr{'download pkcs12 file'}' src='/images/media-floppy.png' alt='$Lang::tr{'download pkcs12 file'}' title='$Lang::tr{'download pkcs12 file'}' border='0' />
<input type='hidden' name='ACTION' value='$Lang::tr{'download pkcs12 file'}' />
<input type='hidden' name='KEY' value='$key' />
</td></form>
; } elsif ($confighash{$key}[4] eq 'cert') {
print <<END
<form method='post' name='frm${key}c'><td align='center'>
- <input type='image' name='$Lang::tr{'download certificate'}' src='/images/floppy.gif' alt='$Lang::tr{'download certificate'}' title='$Lang::tr{'download certificate'}' border='0' />
+ <input type='image' name='$Lang::tr{'download certificate'}' src='/images/media-floppy.png' alt='$Lang::tr{'download certificate'}' title='$Lang::tr{'download certificate'}' border='0' />
<input type='hidden' name='ACTION' value='$Lang::tr{'download certificate'}' />
<input type='hidden' name='KEY' value='$key' />
</td></form>
<td> </td>
<td> <img src='/images/off.gif' alt='?OFF' /></td>
<td class='base'>$Lang::tr{'click to enable'}</td>
- <td> <img src='/images/floppy.gif' alt='?FLOPPY' /></td>
+ <td> <img src='/images/media-floppy.png' alt='?FLOPPY' /></td>
<td class='base'>$Lang::tr{'download certificate'}</td>
- <td>
<img src='/images/openvpn.png' alt='?RELOAD'/></td>
+ <td> <img src='/images/openvpn.png' alt='?RELOAD'/></td>
<td class='base'>$Lang::tr{'dl client arch'}</td>
</tr>
</table>
projects / people / pmueller / ipfire-2.x.git / blobdiff