IPsec: Allow to configure a connection in waiting state
authorMichael Tremer <michael.tremer@ipfire.org>
Wed, 13 Jun 2018 14:47:57 +0000 (15:47 +0100)
committerMichael Tremer <michael.tremer@ipfire.org>
Wed, 13 Jun 2018 14:47:57 +0000 (15:47 +0100)
This allows to create an IPsec connection that will never actively
try to reach the other peer. It helps in environments where this is
not desired or impossible because of NAT.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
html/cgi-bin/index.cgi
html/cgi-bin/vpnmain.cgi
langs/de/cgi-bin/de.pl
langs/en/cgi-bin/en.pl

index 580671b..ef9da23 100644 (file)
@@ -479,6 +479,9 @@ END
                                                } elsif ($line =~ /$vpnconfig{$key}[1]\{.*ROUTED/) {
                                                        $activecolor = $Header::colourorange;
                                                        $activestatus = $Lang::tr{'vpn on-demand'};
+                                               } elsif ($vpnconfig{$key}[33] eq "add") {
+                                                       $activecolor = ${Header::colourorange};
+                                                       $activestatus = $Lang::tr{'vpn wait'};
                                                }
                                        }
                                }
index 378acb3..eefe975 100644 (file)
@@ -2439,6 +2439,7 @@ if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) ||
        $selected{'DPD_ACTION'}{'none'} = '';
        $selected{'DPD_ACTION'}{$cgiparams{'DPD_ACTION'}} = "selected='selected'";
 
+       $selected{'START_ACTION'}{'add'} = '';
        $selected{'START_ACTION'}{'route'} = '';
        $selected{'START_ACTION'}{'start'} = '';
        $selected{'START_ACTION'}{$cgiparams{'START_ACTION'}} = "selected='selected'";
@@ -2664,6 +2665,7 @@ if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) ||
                        <select name="START_ACTION">
                                <option value="route" $selected{'START_ACTION'}{'route'}>$Lang::tr{'vpn start action route'}</option>
                                <option value="start" $selected{'START_ACTION'}{'start'}>$Lang::tr{'vpn start action start'}</option>
+                               <option value="add"   $selected{'START_ACTION'}{'add'}  >$Lang::tr{'vpn start action add'}</option>
                        </select>
                </td>
        </tr>
@@ -2861,6 +2863,9 @@ END
                } elsif ($line =~ /$confighash{$key}[1]\{.*ROUTED/) {
                        $col1="bgcolor='${Header::colourorange}'";
                        $active = "<b><font color='#FFFFFF'>$Lang::tr{'vpn on-demand'}</font></b>";
+               } elsif ($confighash{$key}[33] eq "add") {
+                       $col1="bgcolor='${Header::colourorange}'";
+                       $active = "<b><font color='#FFFFFF'>$Lang::tr{'vpn wait'}</font></b>";
                }
        }
        # move to blue if really down
index edff684..630d9b2 100644 (file)
 'vpn red name' => 'Öffentliche IP oder FQDN für das rote Interface oder <%defaultroute>',
 'vpn remote id' => 'Remote ID',
 'vpn start action' => 'Startaktion',
+'vpn start action add' => 'Auf Verbindungseingang warten',
 'vpn start action route' => 'Bei Bedarf',
 'vpn start action start' => 'Immer An',
 'vpn statistic n2n' => 'OpenVPN-Netz-zu-Netz-Statistik',
 'vpn statistic rw' => 'OpenVPN-Roadwarrior-Statistik',
 'vpn subjectaltname' => 'Subjekt Alternativer Name',
+'vpn wait' => 'WARTE',
 'vpn watch' => 'Netz-zu-Netz VPN neu starten, wenn sich Remote-IP ändert (DynDNS).',
 'vpn weak' => 'schwach',
 'waiting to synchronize clock' => 'Bitte warten, die Uhr wird synchronisiert',
index 0c77ce4..8ec5bf4 100644 (file)
 'vpn red name' => 'Public IP or FQDN for RED interface or <%defaultroute>',
 'vpn remote id' => 'Remote ID',
 'vpn start action' => 'Start Action',
+'vpn start action add' => 'Wait for connection initiation',
 'vpn start action route' => 'On Demand',
 'vpn start action start' => 'Always On',
 'vpn statistic n2n' => 'OpenVPN Net-to-Net Statistics',
 'vpn statistic rw' => 'OpenVPN Roadwarrior Statistics',
 'vpn subjectaltname' => 'Subject Alt Name',
+'vpn wait' => 'WAITING',
 'vpn watch' => 'Restart net-to-net vpn when remote peer IP changes (dyndns).',
 'vpn weak' => 'Weak',
 'waiting to synchronize clock' => 'Waiting to synchronize clock',