Erstmal ein Commit:
authorms <ms@ea5c0bd1-69bd-2848-81d8-4f18e57aeed8>
Sun, 10 Jun 2007 19:10:01 +0000 (19:10 +0000)
committerms <ms@ea5c0bd1-69bd-2848-81d8-4f18e57aeed8>
Sun, 10 Jun 2007 19:10:01 +0000 (19:10 +0000)
OpenVPN zurueck auf den Stand des alten gebracht. Wir bevorzugen die stabile Loesung.
ISDN4K-Utils kompiliert - Noch kein rootfile vorhanden.
Ibod aktualisiert.
Snort-Initscript setzt die Berechtigung der PID auf 644.
libxslt hinzugefuegt - Benoetigt vom mISDN-Script.

git-svn-id: http://svn.ipfire.org/svn/ipfire/trunk@623 ea5c0bd1-69bd-2848-81d8-4f18e57aeed8

35 files changed:
config/isdn4k-utils/config [new file with mode: 0644]
config/ovpn/verify
config/rootfiles/common/apache2
config/rootfiles/common/ibod
config/rootfiles/common/initscripts
config/rootfiles/common/libxml2 [new file with mode: 0644]
config/rootfiles/common/libxslt [new file with mode: 0644]
config/rootfiles/common/openvpn
doc/language_issues.de
doc/language_issues.en
doc/packages-list.txt
html/cgi-bin/ovpnfunc.pl [deleted file]
html/cgi-bin/ovpnmain.cgi
lfs/ibod
lfs/isdn4k-utils
lfs/libxslt [new file with mode: 0644]
lfs/mISDN
lfs/openswan
make.sh
src/ibod/ibod.c [deleted file]
src/ibod/ibod.cf [deleted file]
src/ibod/ibod.h [deleted file]
src/initscripts/init.d/mISDN [new file with mode: 0644]
src/initscripts/init.d/snort
src/patches/ibod-config.patch [new file with mode: 0644]
src/patches/isdn4k-utils-0202131200-true.patch [new file with mode: 0644]
src/patches/isdn4k-utils-CVS-2004-11-18-autoconf25x.patch [new file with mode: 0644]
src/patches/isdn4k-utils-CVS-2006-02-13-cleanup.patch [new file with mode: 0644]
src/patches/isdn4k-utils-CVS-2006-07-20-pppd-2.4.4.patch [new file with mode: 0644]
src/patches/isdn4k-utils-CVS-2006-07-20-redhat.patch [new file with mode: 0644]
src/patches/isdn4k-utils-capiinit.patch [new file with mode: 0644]
src/patches/isdn4k-utils-statfs.patch [new file with mode: 0644]
src/patches/isdn4k-utils-v3.2p1-c89.patch [deleted file]
src/patches/isdn4k-utils-v3.2p1-config.patch [deleted file]
src/scripts/vpn-watch

diff --git a/config/isdn4k-utils/config b/config/isdn4k-utils/config
new file mode 100644 (file)
index 0000000..acb092d
--- /dev/null
@@ -0,0 +1,120 @@
+#
+# Automatically generated by make menuconfig: don't edit
+#
+
+#
+# Code maturity level options
+#
+# CONFIG_EXPERIMENTAL is not set
+
+#
+# General configuration
+#
+# CONFIG_BUILDX11 is not set
+CONFIG_KERNELDIR='/usr/src/linux'
+CONFIG_BINDIR='/usr/bin'
+CONFIG_SBINDIR='/usr/sbin'
+CONFIG_CARD_SBINDIR='/sbin'
+CONFIG_MANDIR='/usr/share/man'
+CONFIG_FIRMWAREDIR='/usr/lib/isdn'
+CONFIG_RUNDIR='/var/run'
+CONFIG_LOCKDIR='/var/lock'
+CONFIG_LOCKFILE='LCK..'
+CONFIG_I4LCONFDIR='/etc/isdn'
+CONFIG_CONFFILE='isdn.conf'
+CONFIG_CALLERIDFILE='callerid.conf'
+CONFIG_USERCONFFILE='~/.isdn'
+CONFIG_COUNTRYCODE='49'
+CONFIG_AREACODE='2363'
+CONFIG_COUNTRY_PREFIX='+'
+CONFIG_AREA_PREFIX='0'
+CONFIG_DATADIR='/usr/lib/isdn'
+LIBDIR='/usr/lib'
+
+#
+# Runtime configuration tools
+#
+CONFIG_ISDNCTRL=y
+CONFIG_ISDNCTRL_CONF=y
+CONFIG_ISDNCTRL_TIMRU=y
+CONFIG_IPROFD=y
+CONFIG_DIVERTCTRL=y
+
+#
+# Card configuration tools
+#
+CONFIG_HISAXCTRL=y
+CONFIG_ICNCTRL=y
+# CONFIG_ICNCTRL_DEBUG is not set
+# CONFIG_ACTCTRL is not set
+CONFIG_PCBITCTL=y
+CONFIG_AVMCAPICTRL=y
+# CONFIG_ACTCTRL is not set
+CONFIG_EICONCTRL=y
+
+#
+# Tools for monitoring activity
+#
+CONFIG_IMON=y
+CONFIG_IMONTTY=y
+CONFIG_ISDNLOG=y
+
+#
+# Options for isdnlog package
+#
+CONFIG_ISDNLOG_SERV_PORT=20011
+CONFIG_ISDNLOG_USERFILE='isdnlog.users'
+CONFIG_ISDNLOG_CHARGEFILE='charge.dat'
+CONFIG_ISDNLOG_LOGFILE='/var/log/isdn.log'
+CONFIG_ISDNLOG_RELOADCMD='/etc/rc.d/init.d/isdn restart'
+CONFIG_ISDNLOG_STOPCMD='/etc/rc.d/init.d/isdn stop'
+CONFIG_ISDNLOG_REBOOTCMD='/sbin/reboot'
+CONFIG_ISDNLOG_DOCDIR=''
+CONFIG_ISDNLOG_OLDI4LCONFDIR='/etc/isdnlog'
+CONFIG_ISDNLOG_OLDI4LCONFFILE='isdnlog.conf'
+# CONFIG_ISDNLOG_POSTGRES is not set
+# CONFIG_ISDNLOG_MYSQLDB is not set
+# CONFIG_ISDNLOG_ORACLE is not set
+CONFIG_ISDN_LOG_DE=y
+CONFIG_ISDN_LOG_CC_DE=y
+CONFIG_ISDN_LOG_DEST_DE=y
+CONFIG_ISDN_LOG_DEST_AT=y
+CONFIG_ISDN_LOG_DEST_NL=y
+CONFIG_ISDN_LOG_DEST_CH=y
+# CONFIG_ISDN_LOG_DEST_BE is not set
+# CONFIG_ISDN_LOG_DEST_CN is not set
+CONFIG_IPPPSTATS=y
+# CONFIG_XISDNLOAD is not set
+# CONFIG_XMONISDN is not set
+
+#
+# Applications
+#
+CONFIG_VBOX=y
+
+#
+# Options for vbox package
+#
+VBOX_SPOOLDIR='/var/spool/vbox'
+VBOX_LOGDIR='/var/log/vbox'
+VBOX_PIDDIR='/var/run'
+VBOX_LOCKDIR='/var/lock'
+VBOX_DOCDIR='/usr/share/doc/vbox'
+VBOX_TCL='tcl8.3'
+# VBOX_SUSPEND_ID is not set
+CONFIG_IPPPD=y
+
+#
+# Options for ipppd
+#
+# CONFIG_IPPPD_MSCHAP is not set
+CONFIG_IPPP_FILTER=y
+# CONFIG_IPPPD_RADIUS is not set
+# CONFIG_RADIUS_WTMP_LOGGING is not set
+RADIUS_CLIENT_CONFIG_FILE=''
+
+#
+# Documentation
+#
+# CONFIG_GENMAN is not set
+# CONFIG_FAQ is not set
index 41f4432..8fbe59e 100644 (file)
@@ -5,12 +5,8 @@ if [ $1 -eq 0 ]; then
     name4=${name3##*CN=}
     clientdisabled=`/bin/grep -iwc off,.*,$name4 /var/ipfire/ovpn/ovpnconfig`
     if [ "$clientdisabled" = "1" ]; then
-    exit 1
+       exit 1
     fi
     exit 0
 fi
-
 exit 0
-
-
-
index e43accb..9dbeeee 100644 (file)
@@ -1303,7 +1303,6 @@ srv/web/ipfire/cgi-bin/network.cgi
 srv/web/ipfire/cgi-bin/networks.cgi
 srv/web/ipfire/cgi-bin/optionsfw.cgi
 srv/web/ipfire/cgi-bin/outgoingfw.cgi
-srv/web/ipfire/cgi-bin/ovpnfunc.pl
 srv/web/ipfire/cgi-bin/ovpnmain.cgi
 srv/web/ipfire/cgi-bin/pakfire.cgi
 srv/web/ipfire/cgi-bin/portfw.cgi
@@ -1320,7 +1319,6 @@ srv/web/ipfire/cgi-bin/speed.cgi
 srv/web/ipfire/cgi-bin/system.cgi
 srv/web/ipfire/cgi-bin/time.cgi
 srv/web/ipfire/cgi-bin/traffic.cgi
-#srv/web/ipfire/cgi-bin/trafficadm.cgi
 srv/web/ipfire/cgi-bin/traffics.cgi
 srv/web/ipfire/cgi-bin/updatexlrator.cgi
 srv/web/ipfire/cgi-bin/upload.cgi
index 5afff3e..a9e0b4a 100644 (file)
@@ -1,2 +1,2 @@
-etc/ppp/ibod.cf
+etc/isdn/ibod.cf
 usr/sbin/ibod
index cbd8d77..f15782e 100644 (file)
@@ -15,6 +15,7 @@ etc/rc.d/init.d/firewall
 etc/rc.d/init.d/functions
 etc/rc.d/init.d/halt
 etc/rc.d/init.d/localnet
+etc/rc.d/init.d/mISDN
 etc/rc.d/init.d/modules
 etc/rc.d/init.d/mountfs
 etc/rc.d/init.d/mountkernfs
diff --git a/config/rootfiles/common/libxml2 b/config/rootfiles/common/libxml2
new file mode 100644 (file)
index 0000000..8e78911
--- /dev/null
@@ -0,0 +1,335 @@
+#usr/bin/xml2-config
+#usr/bin/xmlcatalog
+#usr/bin/xmllint
+#usr/include/libxml2
+#usr/include/libxml2/libxml
+#usr/include/libxml2/libxml/DOCBparser.h
+#usr/include/libxml2/libxml/HTMLparser.h
+#usr/include/libxml2/libxml/HTMLtree.h
+#usr/include/libxml2/libxml/SAX.h
+#usr/include/libxml2/libxml/SAX2.h
+#usr/include/libxml2/libxml/c14n.h
+#usr/include/libxml2/libxml/catalog.h
+#usr/include/libxml2/libxml/chvalid.h
+#usr/include/libxml2/libxml/debugXML.h
+#usr/include/libxml2/libxml/dict.h
+#usr/include/libxml2/libxml/encoding.h
+#usr/include/libxml2/libxml/entities.h
+#usr/include/libxml2/libxml/globals.h
+#usr/include/libxml2/libxml/hash.h
+#usr/include/libxml2/libxml/list.h
+#usr/include/libxml2/libxml/nanoftp.h
+#usr/include/libxml2/libxml/nanohttp.h
+#usr/include/libxml2/libxml/parser.h
+#usr/include/libxml2/libxml/parserInternals.h
+#usr/include/libxml2/libxml/pattern.h
+#usr/include/libxml2/libxml/relaxng.h
+#usr/include/libxml2/libxml/schemasInternals.h
+#usr/include/libxml2/libxml/schematron.h
+#usr/include/libxml2/libxml/threads.h
+#usr/include/libxml2/libxml/tree.h
+#usr/include/libxml2/libxml/uri.h
+#usr/include/libxml2/libxml/valid.h
+#usr/include/libxml2/libxml/xinclude.h
+#usr/include/libxml2/libxml/xlink.h
+#usr/include/libxml2/libxml/xmlIO.h
+#usr/include/libxml2/libxml/xmlautomata.h
+#usr/include/libxml2/libxml/xmlerror.h
+#usr/include/libxml2/libxml/xmlexports.h
+#usr/include/libxml2/libxml/xmlmemory.h
+#usr/include/libxml2/libxml/xmlmodule.h
+#usr/include/libxml2/libxml/xmlreader.h
+#usr/include/libxml2/libxml/xmlregexp.h
+#usr/include/libxml2/libxml/xmlsave.h
+#usr/include/libxml2/libxml/xmlschemas.h
+#usr/include/libxml2/libxml/xmlschemastypes.h
+#usr/include/libxml2/libxml/xmlstring.h
+#usr/include/libxml2/libxml/xmlunicode.h
+#usr/include/libxml2/libxml/xmlversion.h
+#usr/include/libxml2/libxml/xmlwriter.h
+#usr/include/libxml2/libxml/xpath.h
+#usr/include/libxml2/libxml/xpathInternals.h
+#usr/include/libxml2/libxml/xpointer.h
+#usr/lib/libxml2.a
+#usr/lib/libxml2.la
+usr/lib/libxml2.so
+usr/lib/libxml2.so.2
+usr/lib/libxml2.so.2.6.26
+#usr/lib/pkgconfig/libxml-2.0.pc
+usr/lib/python2.4/site-packages/drv_libxml2.py
+usr/lib/python2.4/site-packages/libxml2.py
+#usr/lib/python2.4/site-packages/libxml2mod.a
+#usr/lib/python2.4/site-packages/libxml2mod.la
+usr/lib/python2.4/site-packages/libxml2mod.so
+#usr/lib/xml2Conf.sh
+#usr/man/man1/xml2-config.1
+#usr/man/man1/xmlcatalog.1
+#usr/man/man1/xmllint.1
+#usr/man/man3/libxml.3
+#usr/share/aclocal/libxml.m4
+#usr/share/doc/libxml2-2.6.26
+#usr/share/doc/libxml2-2.6.26/Copyright
+#usr/share/doc/libxml2-2.6.26/examples
+#usr/share/doc/libxml2-2.6.26/examples/testHTML.c
+#usr/share/doc/libxml2-2.6.26/examples/testSAX.c
+#usr/share/doc/libxml2-2.6.26/examples/testXPath.c
+#usr/share/doc/libxml2-2.6.26/examples/xmllint.c
+#usr/share/doc/libxml2-2.6.26/html
+#usr/share/doc/libxml2-2.6.26/html/DOM.gif
+#usr/share/doc/libxml2-2.6.26/html/FAQ.html
+#usr/share/doc/libxml2-2.6.26/html/Libxml2-Logo-180x168.gif
+#usr/share/doc/libxml2-2.6.26/html/Libxml2-Logo-90x34.gif
+#usr/share/doc/libxml2-2.6.26/html/encoding.html
+#usr/share/doc/libxml2-2.6.26/html/examples.xml
+#usr/share/doc/libxml2-2.6.26/html/examples.xsl
+#usr/share/doc/libxml2-2.6.26/html/html
+#usr/share/doc/libxml2-2.6.26/html/html/book1.html
+#usr/share/doc/libxml2-2.6.26/html/html/home.png
+#usr/share/doc/libxml2-2.6.26/html/html/index.html
+#usr/share/doc/libxml2-2.6.26/html/html/left.png
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-DOCBparser.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-HTMLparser.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-HTMLtree.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-SAX.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-SAX2.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-c14n.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-catalog.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-chvalid.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-debugXML.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-dict.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-encoding.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-entities.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-globals.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-hash.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-lib.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-list.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-nanoftp.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-nanohttp.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-parser.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-parserInternals.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-pattern.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-relaxng.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-schemasInternals.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-schematron.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-threads.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-tree.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-uri.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-valid.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-xinclude.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-xlink.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-xmlIO.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-xmlautomata.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-xmlerror.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-xmlexports.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-xmlmemory.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-xmlmodule.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-xmlreader.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-xmlregexp.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-xmlsave.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-xmlschemas.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-xmlschemastypes.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-xmlstring.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-xmlunicode.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-xmlversion.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-xmlwriter.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-xpath.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-xpathInternals.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-xpointer.html
+#usr/share/doc/libxml2-2.6.26/html/html/right.png
+#usr/share/doc/libxml2-2.6.26/html/html/up.png
+#usr/share/doc/libxml2-2.6.26/html/io1.c
+#usr/share/doc/libxml2-2.6.26/html/io1.res
+#usr/share/doc/libxml2-2.6.26/html/io2.c
+#usr/share/doc/libxml2-2.6.26/html/io2.res
+#usr/share/doc/libxml2-2.6.26/html/libxml.gif
+#usr/share/doc/libxml2-2.6.26/html/parse1.c
+#usr/share/doc/libxml2-2.6.26/html/parse2.c
+#usr/share/doc/libxml2-2.6.26/html/parse3.c
+#usr/share/doc/libxml2-2.6.26/html/parse4.c
+#usr/share/doc/libxml2-2.6.26/html/reader1.c
+#usr/share/doc/libxml2-2.6.26/html/reader1.res
+#usr/share/doc/libxml2-2.6.26/html/reader2.c
+#usr/share/doc/libxml2-2.6.26/html/reader3.c
+#usr/share/doc/libxml2-2.6.26/html/reader3.res
+#usr/share/doc/libxml2-2.6.26/html/reader4.c
+#usr/share/doc/libxml2-2.6.26/html/reader4.res
+#usr/share/doc/libxml2-2.6.26/html/redhat.gif
+#usr/share/doc/libxml2-2.6.26/html/smallfootonly.gif
+#usr/share/doc/libxml2-2.6.26/html/structure.gif
+#usr/share/doc/libxml2-2.6.26/html/test1.xml
+#usr/share/doc/libxml2-2.6.26/html/test2.xml
+#usr/share/doc/libxml2-2.6.26/html/test3.xml
+#usr/share/doc/libxml2-2.6.26/html/testWriter.c
+#usr/share/doc/libxml2-2.6.26/html/tree1.c
+#usr/share/doc/libxml2-2.6.26/html/tree1.res
+#usr/share/doc/libxml2-2.6.26/html/tree2.c
+#usr/share/doc/libxml2-2.6.26/html/tree2.res
+#usr/share/doc/libxml2-2.6.26/html/tst.xml
+#usr/share/doc/libxml2-2.6.26/html/tutorial
+#usr/share/doc/libxml2-2.6.26/html/tutorial/apa.html
+#usr/share/doc/libxml2-2.6.26/html/tutorial/apb.html
+#usr/share/doc/libxml2-2.6.26/html/tutorial/apc.html
+#usr/share/doc/libxml2-2.6.26/html/tutorial/apd.html
+#usr/share/doc/libxml2-2.6.26/html/tutorial/ape.html
+#usr/share/doc/libxml2-2.6.26/html/tutorial/apf.html
+#usr/share/doc/libxml2-2.6.26/html/tutorial/apg.html
+#usr/share/doc/libxml2-2.6.26/html/tutorial/aph.html
+#usr/share/doc/libxml2-2.6.26/html/tutorial/api.html
+#usr/share/doc/libxml2-2.6.26/html/tutorial/ar01s02.html
+#usr/share/doc/libxml2-2.6.26/html/tutorial/ar01s03.html
+#usr/share/doc/libxml2-2.6.26/html/tutorial/ar01s04.html
+#usr/share/doc/libxml2-2.6.26/html/tutorial/ar01s05.html
+#usr/share/doc/libxml2-2.6.26/html/tutorial/ar01s06.html
+#usr/share/doc/libxml2-2.6.26/html/tutorial/ar01s07.html
+#usr/share/doc/libxml2-2.6.26/html/tutorial/ar01s08.html
+#usr/share/doc/libxml2-2.6.26/html/tutorial/ar01s09.html
+#usr/share/doc/libxml2-2.6.26/html/tutorial/images
+#usr/share/doc/libxml2-2.6.26/html/tutorial/images/blank.png
+#usr/share/doc/libxml2-2.6.26/html/tutorial/images/callouts
+#usr/share/doc/libxml2-2.6.26/html/tutorial/images/callouts/1.png
+#usr/share/doc/libxml2-2.6.26/html/tutorial/images/callouts/10.png
+#usr/share/doc/libxml2-2.6.26/html/tutorial/images/callouts/2.png
+#usr/share/doc/libxml2-2.6.26/html/tutorial/images/callouts/3.png
+#usr/share/doc/libxml2-2.6.26/html/tutorial/images/callouts/4.png
+#usr/share/doc/libxml2-2.6.26/html/tutorial/images/callouts/5.png
+#usr/share/doc/libxml2-2.6.26/html/tutorial/images/callouts/6.png
+#usr/share/doc/libxml2-2.6.26/html/tutorial/images/callouts/7.png
+#usr/share/doc/libxml2-2.6.26/html/tutorial/images/callouts/8.png
+#usr/share/doc/libxml2-2.6.26/html/tutorial/images/callouts/9.png
+#usr/share/doc/libxml2-2.6.26/html/tutorial/images/caution.png
+#usr/share/doc/libxml2-2.6.26/html/tutorial/images/draft.png
+#usr/share/doc/libxml2-2.6.26/html/tutorial/images/home.png
+#usr/share/doc/libxml2-2.6.26/html/tutorial/images/important.png
+#usr/share/doc/libxml2-2.6.26/html/tutorial/images/next.png
+#usr/share/doc/libxml2-2.6.26/html/tutorial/images/note.png
+#usr/share/doc/libxml2-2.6.26/html/tutorial/images/prev.png
+#usr/share/doc/libxml2-2.6.26/html/tutorial/images/tip.png
+#usr/share/doc/libxml2-2.6.26/html/tutorial/images/toc-blank.png
+#usr/share/doc/libxml2-2.6.26/html/tutorial/images/toc-minus.png
+#usr/share/doc/libxml2-2.6.26/html/tutorial/images/toc-plus.png
+#usr/share/doc/libxml2-2.6.26/html/tutorial/images/up.png
+#usr/share/doc/libxml2-2.6.26/html/tutorial/images/warning.png
+#usr/share/doc/libxml2-2.6.26/html/tutorial/includeaddattribute.c
+#usr/share/doc/libxml2-2.6.26/html/tutorial/includeaddkeyword.c
+#usr/share/doc/libxml2-2.6.26/html/tutorial/includeconvert.c
+#usr/share/doc/libxml2-2.6.26/html/tutorial/includegetattribute.c
+#usr/share/doc/libxml2-2.6.26/html/tutorial/includekeyword.c
+#usr/share/doc/libxml2-2.6.26/html/tutorial/includexpath.c
+#usr/share/doc/libxml2-2.6.26/html/tutorial/index.html
+#usr/share/doc/libxml2-2.6.26/html/tutorial/ix01.html
+#usr/share/doc/libxml2-2.6.26/html/tutorial/xmltutorial.pdf
+#usr/share/doc/libxml2-2.6.26/html/w3c.png
+#usr/share/doc/libxml2-2.6.26/html/writer.xml
+#usr/share/doc/libxml2-2.6.26/html/xml.html
+#usr/share/doc/libxml2-2.6.26/html/xpath1.c
+#usr/share/doc/libxml2-2.6.26/html/xpath1.res
+#usr/share/doc/libxml2-2.6.26/html/xpath2.c
+#usr/share/doc/libxml2-2.6.26/html/xpath2.res
+#usr/share/doc/libxml2-python-2.6.26
+#usr/share/doc/libxml2-python-2.6.26/TODO
+#usr/share/doc/libxml2-python-2.6.26/examples
+#usr/share/doc/libxml2-python-2.6.26/examples/attribs.py
+#usr/share/doc/libxml2-python-2.6.26/examples/build.py
+#usr/share/doc/libxml2-python-2.6.26/examples/ctxterror.py
+#usr/share/doc/libxml2-python-2.6.26/examples/cutnpaste.py
+#usr/share/doc/libxml2-python-2.6.26/examples/dtdvalid.py
+#usr/share/doc/libxml2-python-2.6.26/examples/error.py
+#usr/share/doc/libxml2-python-2.6.26/examples/inbuf.py
+#usr/share/doc/libxml2-python-2.6.26/examples/indexes.py
+#usr/share/doc/libxml2-python-2.6.26/examples/invalid.xml
+#usr/share/doc/libxml2-python-2.6.26/examples/nsdel.py
+#usr/share/doc/libxml2-python-2.6.26/examples/outbuf.py
+#usr/share/doc/libxml2-python-2.6.26/examples/push.py
+#usr/share/doc/libxml2-python-2.6.26/examples/pushSAX.py
+#usr/share/doc/libxml2-python-2.6.26/examples/pushSAXhtml.py
+#usr/share/doc/libxml2-python-2.6.26/examples/reader.py
+#usr/share/doc/libxml2-python-2.6.26/examples/reader2.py
+#usr/share/doc/libxml2-python-2.6.26/examples/reader3.py
+#usr/share/doc/libxml2-python-2.6.26/examples/reader4.py
+#usr/share/doc/libxml2-python-2.6.26/examples/reader5.py
+#usr/share/doc/libxml2-python-2.6.26/examples/reader6.py
+#usr/share/doc/libxml2-python-2.6.26/examples/reader7.py
+#usr/share/doc/libxml2-python-2.6.26/examples/reader8.py
+#usr/share/doc/libxml2-python-2.6.26/examples/readererr.py
+#usr/share/doc/libxml2-python-2.6.26/examples/readernext.py
+#usr/share/doc/libxml2-python-2.6.26/examples/regexp.py
+#usr/share/doc/libxml2-python-2.6.26/examples/relaxng.py
+#usr/share/doc/libxml2-python-2.6.26/examples/resolver.py
+#usr/share/doc/libxml2-python-2.6.26/examples/schema.py
+#usr/share/doc/libxml2-python-2.6.26/examples/serialize.py
+#usr/share/doc/libxml2-python-2.6.26/examples/sync.py
+#usr/share/doc/libxml2-python-2.6.26/examples/test.dtd
+#usr/share/doc/libxml2-python-2.6.26/examples/thread2.py
+#usr/share/doc/libxml2-python-2.6.26/examples/tst.py
+#usr/share/doc/libxml2-python-2.6.26/examples/tst.xml
+#usr/share/doc/libxml2-python-2.6.26/examples/tstLastError.py
+#usr/share/doc/libxml2-python-2.6.26/examples/tstURI.py
+#usr/share/doc/libxml2-python-2.6.26/examples/tstmem.py
+#usr/share/doc/libxml2-python-2.6.26/examples/tstxpath.py
+#usr/share/doc/libxml2-python-2.6.26/examples/valid.xml
+#usr/share/doc/libxml2-python-2.6.26/examples/validDTD.py
+#usr/share/doc/libxml2-python-2.6.26/examples/validRNG.py
+#usr/share/doc/libxml2-python-2.6.26/examples/validSchemas.py
+#usr/share/doc/libxml2-python-2.6.26/examples/validate.py
+#usr/share/doc/libxml2-python-2.6.26/examples/walker.py
+#usr/share/doc/libxml2-python-2.6.26/examples/xpath.py
+#usr/share/doc/libxml2-python-2.6.26/examples/xpathext.py
+#usr/share/doc/libxml2-python-2.6.26/examples/xpathret.py
+#usr/share/gtk-doc
+#usr/share/gtk-doc/html
+#usr/share/gtk-doc/html/libxml2
+#usr/share/gtk-doc/html/libxml2/general.html
+#usr/share/gtk-doc/html/libxml2/home.png
+#usr/share/gtk-doc/html/libxml2/index.html
+#usr/share/gtk-doc/html/libxml2/left.png
+#usr/share/gtk-doc/html/libxml2/libxml2-DOCBparser.html
+#usr/share/gtk-doc/html/libxml2/libxml2-HTMLparser.html
+#usr/share/gtk-doc/html/libxml2/libxml2-HTMLtree.html
+#usr/share/gtk-doc/html/libxml2/libxml2-SAX.html
+#usr/share/gtk-doc/html/libxml2/libxml2-SAX2.html
+#usr/share/gtk-doc/html/libxml2/libxml2-c14n.html
+#usr/share/gtk-doc/html/libxml2/libxml2-catalog.html
+#usr/share/gtk-doc/html/libxml2/libxml2-chvalid.html
+#usr/share/gtk-doc/html/libxml2/libxml2-debugXML.html
+#usr/share/gtk-doc/html/libxml2/libxml2-dict.html
+#usr/share/gtk-doc/html/libxml2/libxml2-encoding.html
+#usr/share/gtk-doc/html/libxml2/libxml2-entities.html
+#usr/share/gtk-doc/html/libxml2/libxml2-globals.html
+#usr/share/gtk-doc/html/libxml2/libxml2-hash.html
+#usr/share/gtk-doc/html/libxml2/libxml2-list.html
+#usr/share/gtk-doc/html/libxml2/libxml2-nanoftp.html
+#usr/share/gtk-doc/html/libxml2/libxml2-nanohttp.html
+#usr/share/gtk-doc/html/libxml2/libxml2-parser.html
+#usr/share/gtk-doc/html/libxml2/libxml2-parserInternals.html
+#usr/share/gtk-doc/html/libxml2/libxml2-pattern.html
+#usr/share/gtk-doc/html/libxml2/libxml2-relaxng.html
+#usr/share/gtk-doc/html/libxml2/libxml2-schemasInternals.html
+#usr/share/gtk-doc/html/libxml2/libxml2-schematron.html
+#usr/share/gtk-doc/html/libxml2/libxml2-threads.html
+#usr/share/gtk-doc/html/libxml2/libxml2-tree.html
+#usr/share/gtk-doc/html/libxml2/libxml2-uri.html
+#usr/share/gtk-doc/html/libxml2/libxml2-valid.html
+#usr/share/gtk-doc/html/libxml2/libxml2-xinclude.html
+#usr/share/gtk-doc/html/libxml2/libxml2-xlink.html
+#usr/share/gtk-doc/html/libxml2/libxml2-xmlIO.html
+#usr/share/gtk-doc/html/libxml2/libxml2-xmlautomata.html
+#usr/share/gtk-doc/html/libxml2/libxml2-xmlerror.html
+#usr/share/gtk-doc/html/libxml2/libxml2-xmlexports.html
+#usr/share/gtk-doc/html/libxml2/libxml2-xmlmemory.html
+#usr/share/gtk-doc/html/libxml2/libxml2-xmlmodule.html
+#usr/share/gtk-doc/html/libxml2/libxml2-xmlreader.html
+#usr/share/gtk-doc/html/libxml2/libxml2-xmlregexp.html
+#usr/share/gtk-doc/html/libxml2/libxml2-xmlsave.html
+#usr/share/gtk-doc/html/libxml2/libxml2-xmlschemas.html
+#usr/share/gtk-doc/html/libxml2/libxml2-xmlschemastypes.html
+#usr/share/gtk-doc/html/libxml2/libxml2-xmlstring.html
+#usr/share/gtk-doc/html/libxml2/libxml2-xmlunicode.html
+#usr/share/gtk-doc/html/libxml2/libxml2-xmlversion.html
+#usr/share/gtk-doc/html/libxml2/libxml2-xmlwriter.html
+#usr/share/gtk-doc/html/libxml2/libxml2-xpath.html
+#usr/share/gtk-doc/html/libxml2/libxml2-xpathInternals.html
+#usr/share/gtk-doc/html/libxml2/libxml2-xpointer.html
+#usr/share/gtk-doc/html/libxml2/libxml2.devhelp
+#usr/share/gtk-doc/html/libxml2/right.png
+#usr/share/gtk-doc/html/libxml2/style.css
+#usr/share/gtk-doc/html/libxml2/up.png
diff --git a/config/rootfiles/common/libxslt b/config/rootfiles/common/libxslt
new file mode 100644 (file)
index 0000000..bdcf7b6
--- /dev/null
@@ -0,0 +1,150 @@
+#usr/bin/xslt-config
+usr/bin/xsltproc
+#usr/include/libexslt
+#usr/include/libexslt/exslt.h
+#usr/include/libexslt/exsltconfig.h
+#usr/include/libexslt/exsltexports.h
+#usr/include/libxslt
+#usr/include/libxslt/attributes.h
+#usr/include/libxslt/documents.h
+#usr/include/libxslt/extensions.h
+#usr/include/libxslt/extra.h
+#usr/include/libxslt/functions.h
+#usr/include/libxslt/imports.h
+#usr/include/libxslt/keys.h
+#usr/include/libxslt/namespaces.h
+#usr/include/libxslt/numbersInternals.h
+#usr/include/libxslt/pattern.h
+#usr/include/libxslt/preproc.h
+#usr/include/libxslt/security.h
+#usr/include/libxslt/templates.h
+#usr/include/libxslt/transform.h
+#usr/include/libxslt/variables.h
+#usr/include/libxslt/xslt.h
+#usr/include/libxslt/xsltInternals.h
+#usr/include/libxslt/xsltconfig.h
+#usr/include/libxslt/xsltexports.h
+#usr/include/libxslt/xsltutils.h
+#usr/lib/libexslt.a
+#usr/lib/libexslt.la
+usr/lib/libexslt.so
+usr/lib/libexslt.so.0
+usr/lib/libexslt.so.0.8.13
+#usr/lib/libxslt-plugins
+#usr/lib/libxslt.a
+#usr/lib/libxslt.la
+usr/lib/libxslt.so
+usr/lib/libxslt.so.1
+usr/lib/libxslt.so.1.1.17
+#usr/lib/pkgconfig/libexslt.pc
+#usr/lib/pkgconfig/libxslt.pc
+usr/lib/python2.4/site-packages/libxslt.py
+#usr/lib/python2.4/site-packages/libxsltmod.a
+#usr/lib/python2.4/site-packages/libxsltmod.la
+usr/lib/python2.4/site-packages/libxsltmod.so
+#usr/lib/xsltConf.sh
+#usr/man/man1/xsltproc.1
+#usr/man/man3/libexslt.3
+#usr/man/man3/libxslt.3
+#usr/share/aclocal/libxslt.m4
+#usr/share/doc/libxslt-1.1.17
+#usr/share/doc/libxslt-1.1.17/html
+#usr/share/doc/libxslt-1.1.17/html/API.html
+#usr/share/doc/libxslt-1.1.17/html/APIchunk0.html
+#usr/share/doc/libxslt-1.1.17/html/APIchunk1.html
+#usr/share/doc/libxslt-1.1.17/html/APIchunk2.html
+#usr/share/doc/libxslt-1.1.17/html/APIchunk3.html
+#usr/share/doc/libxslt-1.1.17/html/APIchunk4.html
+#usr/share/doc/libxslt-1.1.17/html/APIchunk5.html
+#usr/share/doc/libxslt-1.1.17/html/APIchunk6.html
+#usr/share/doc/libxslt-1.1.17/html/APIchunk7.html
+#usr/share/doc/libxslt-1.1.17/html/APIchunk8.html
+#usr/share/doc/libxslt-1.1.17/html/APIchunk9.html
+#usr/share/doc/libxslt-1.1.17/html/APIconstructors.html
+#usr/share/doc/libxslt-1.1.17/html/APIfiles.html
+#usr/share/doc/libxslt-1.1.17/html/APIfunctions.html
+#usr/share/doc/libxslt-1.1.17/html/APIsymbols.html
+#usr/share/doc/libxslt-1.1.17/html/EXSLT
+#usr/share/doc/libxslt-1.1.17/html/EXSLT/APIchunk0.html
+#usr/share/doc/libxslt-1.1.17/html/EXSLT/APIconstructors.html
+#usr/share/doc/libxslt-1.1.17/html/EXSLT/APIfiles.html
+#usr/share/doc/libxslt-1.1.17/html/EXSLT/APIfunctions.html
+#usr/share/doc/libxslt-1.1.17/html/EXSLT/APIsymbols.html
+#usr/share/doc/libxslt-1.1.17/html/EXSLT/bugs.html
+#usr/share/doc/libxslt-1.1.17/html/EXSLT/docs.html
+#usr/share/doc/libxslt-1.1.17/html/EXSLT/downloads.html
+#usr/share/doc/libxslt-1.1.17/html/EXSLT/exslt.html
+#usr/share/doc/libxslt-1.1.17/html/EXSLT/help.html
+#usr/share/doc/libxslt-1.1.17/html/EXSLT/index.html
+#usr/share/doc/libxslt-1.1.17/html/EXSLT/intro.html
+#usr/share/doc/libxslt-1.1.17/html/FAQ.html
+#usr/share/doc/libxslt-1.1.17/html/Libxslt-Logo-180x168.gif
+#usr/share/doc/libxslt-1.1.17/html/Libxslt-Logo-90x34.gif
+#usr/share/doc/libxslt-1.1.17/html/bugs.html
+#usr/share/doc/libxslt-1.1.17/html/contexts.gif
+#usr/share/doc/libxslt-1.1.17/html/contribs.html
+#usr/share/doc/libxslt-1.1.17/html/docbook.html
+#usr/share/doc/libxslt-1.1.17/html/docs.html
+#usr/share/doc/libxslt-1.1.17/html/downloads.html
+#usr/share/doc/libxslt-1.1.17/html/extensions.html
+#usr/share/doc/libxslt-1.1.17/html/help.html
+#usr/share/doc/libxslt-1.1.17/html/html
+#usr/share/doc/libxslt-1.1.17/html/html/book1.html
+#usr/share/doc/libxslt-1.1.17/html/html/home.png
+#usr/share/doc/libxslt-1.1.17/html/html/index.html
+#usr/share/doc/libxslt-1.1.17/html/html/left.png
+#usr/share/doc/libxslt-1.1.17/html/html/libxslt-attributes.html
+#usr/share/doc/libxslt-1.1.17/html/html/libxslt-documents.html
+#usr/share/doc/libxslt-1.1.17/html/html/libxslt-extensions.html
+#usr/share/doc/libxslt-1.1.17/html/html/libxslt-extra.html
+#usr/share/doc/libxslt-1.1.17/html/html/libxslt-functions.html
+#usr/share/doc/libxslt-1.1.17/html/html/libxslt-imports.html
+#usr/share/doc/libxslt-1.1.17/html/html/libxslt-keys.html
+#usr/share/doc/libxslt-1.1.17/html/html/libxslt-lib.html
+#usr/share/doc/libxslt-1.1.17/html/html/libxslt-namespaces.html
+#usr/share/doc/libxslt-1.1.17/html/html/libxslt-numbersInternals.html
+#usr/share/doc/libxslt-1.1.17/html/html/libxslt-pattern.html
+#usr/share/doc/libxslt-1.1.17/html/html/libxslt-preproc.html
+#usr/share/doc/libxslt-1.1.17/html/html/libxslt-security.html
+#usr/share/doc/libxslt-1.1.17/html/html/libxslt-templates.html
+#usr/share/doc/libxslt-1.1.17/html/html/libxslt-transform.html
+#usr/share/doc/libxslt-1.1.17/html/html/libxslt-variables.html
+#usr/share/doc/libxslt-1.1.17/html/html/libxslt-xslt.html
+#usr/share/doc/libxslt-1.1.17/html/html/libxslt-xsltInternals.html
+#usr/share/doc/libxslt-1.1.17/html/html/libxslt-xsltexports.html
+#usr/share/doc/libxslt-1.1.17/html/html/libxslt-xsltutils.html
+#usr/share/doc/libxslt-1.1.17/html/html/right.png
+#usr/share/doc/libxslt-1.1.17/html/html/up.png
+#usr/share/doc/libxslt-1.1.17/html/index.html
+#usr/share/doc/libxslt-1.1.17/html/internals.html
+#usr/share/doc/libxslt-1.1.17/html/intro.html
+#usr/share/doc/libxslt-1.1.17/html/news.html
+#usr/share/doc/libxslt-1.1.17/html/node.gif
+#usr/share/doc/libxslt-1.1.17/html/object.gif
+#usr/share/doc/libxslt-1.1.17/html/processing.gif
+#usr/share/doc/libxslt-1.1.17/html/python.html
+#usr/share/doc/libxslt-1.1.17/html/redhat.gif
+#usr/share/doc/libxslt-1.1.17/html/smallfootonly.gif
+#usr/share/doc/libxslt-1.1.17/html/stylesheet.gif
+#usr/share/doc/libxslt-1.1.17/html/templates.gif
+#usr/share/doc/libxslt-1.1.17/html/tutorial
+#usr/share/doc/libxslt-1.1.17/html/tutorial/libxslt_tutorial.c
+#usr/share/doc/libxslt-1.1.17/html/tutorial/libxslttutorial.html
+#usr/share/doc/libxslt-1.1.17/html/tutorial/libxslttutorial.xml
+#usr/share/doc/libxslt-1.1.17/html/tutorial2
+#usr/share/doc/libxslt-1.1.17/html/tutorial2/libxslt_pipes.c
+#usr/share/doc/libxslt-1.1.17/html/tutorial2/libxslt_pipes.html
+#usr/share/doc/libxslt-1.1.17/html/tutorial2/libxslt_pipes.xml
+#usr/share/doc/libxslt-1.1.17/html/xslt.html
+#usr/share/doc/libxslt-1.1.17/html/xsltproc.html
+#usr/share/doc/libxslt-1.1.17/html/xsltproc2.html
+#usr/share/doc/libxslt-python-1.1.17
+#usr/share/doc/libxslt-python-1.1.17/TODO
+#usr/share/doc/libxslt-python-1.1.17/examples
+#usr/share/doc/libxslt-python-1.1.17/examples/basic.py
+#usr/share/doc/libxslt-python-1.1.17/examples/exslt.py
+#usr/share/doc/libxslt-python-1.1.17/examples/extelem.py
+#usr/share/doc/libxslt-python-1.1.17/examples/extfunc.py
+#usr/share/doc/libxslt-python-1.1.17/examples/pyxsltproc.py
+#usr/share/doc/libxslt-python-1.1.17/examples/test.xml
+#usr/share/doc/libxslt-python-1.1.17/examples/test.xsl
index 012296f..f415476 100644 (file)
@@ -3,12 +3,11 @@ usr/sbin/openvpn
 var/ipfire/ovpn
 var/ipfire/ovpn/ca
 var/ipfire/ovpn/caconfig
-var/ipfire/ovpn/certs
+#var/ipfire/ovpn/certs
 var/ipfire/ovpn/certs/index.txt
 var/ipfire/ovpn/certs/serial
 var/ipfire/ovpn/crls
-var/ipfire/ovpn/n2nconf
-var/ipfire/ovpn/openssl
+#var/ipfire/ovpn/openssl
 var/ipfire/ovpn/openssl/ovpn.cnf
 var/ipfire/ovpn/ovpnconfig
 var/ipfire/ovpn/settings
index 5db31c9..0974360 100644 (file)
@@ -174,7 +174,6 @@ WARNING: translation string unused: invalid upstream proxy username or password
 WARNING: translation string unused: iowait
 WARNING: translation string unused: ip address in use
 WARNING: translation string unused: ipfire side
-WARNING: translation string unused: ipfire side is invalid
 WARNING: translation string unused: iptable rules
 WARNING: translation string unused: javascript menu error1
 WARNING: translation string unused: javascript menu error2
@@ -365,3 +364,4 @@ WARNING: translation string unused: written sectors
 WARNING: translation string unused: xtaccess bad transfert
 WARNING: translation string unused: year
 WARNING: translation string unused: yearly firewallhits
+WARNING: untranslated string: OVPN
index 0f7239b..3371a94 100644 (file)
@@ -185,7 +185,6 @@ WARNING: translation string unused: invalid upstream proxy username or password
 WARNING: translation string unused: iowait
 WARNING: translation string unused: ip address in use
 WARNING: translation string unused: ipfire side
-WARNING: translation string unused: ipfire side is invalid
 WARNING: translation string unused: iptable rules
 WARNING: translation string unused: javascript menu error1
 WARNING: translation string unused: javascript menu error2
@@ -368,3 +367,4 @@ WARNING: translation string unused: weekly firewallhits
 WARNING: translation string unused: written sectors
 WARNING: translation string unused: year
 WARNING: translation string unused: yearly firewallhits
+WARNING: untranslated string: OVPN
index 6a9f145..8fb7909 100644 (file)
 * iptables-1.3.5
 * iptstate-2.1
 * iputils-ss020927
+* isdn4k-utils-CVS-2006-07-20
 * java-1.5.0_06-for-ipfire
 * jpegsrc.v6b
 * kbd-1.12
 * libvorbis-1.1.2
 * libwww-perl-5.803
 * libxml2-2.6.26
+* libxslt-1.1.17
 * linux-2.6.16.50
 * linux-atm-2.4.1
 * linux-libc-headers-2.6.12.0
diff --git a/html/cgi-bin/ovpnfunc.pl b/html/cgi-bin/ovpnfunc.pl
deleted file mode 100644 (file)
index 42199cc..0000000
+++ /dev/null
@@ -1,1145 +0,0 @@
-#!/usr/bin/perl -w
-package Ovpnfunc;
-use Archive::Zip qw(:ERROR_CODES :CONSTANTS);
-use Net::DNS;
-use File::Copy;
-use File::Temp qw/ tempfile tempdir /;
-use strict;
-require '/var/ipfire/general-functions.pl';
-my %netsettings=();
-my $errormessage = '';
-my $errormessage2 = '';
-my @subnets;        # array of anonymous hashes {cn, from, to}
-my @subnets2;        # array of anonymous hashes {cn, from, to}
-my %overlaps;       # hash {cn} of anonymous arrays of subnets
-my ($subnet, $from, $to, $i, $j);
-&General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
-sub haveOrangeNet
-{
-       if ($netsettings{'CONFIG_TYPE'} == 1) {return 1;}
-       if ($netsettings{'CONFIG_TYPE'} == 3) {return 1;}
-       if ($netsettings{'CONFIG_TYPE'} == 5) {return 1;}
-       if ($netsettings{'CONFIG_TYPE'} == 7) {return 1;}
-       return 0;
-}
-
-sub haveBlueNet
-{
-       if ($netsettings{'CONFIG_TYPE'} == 4) {return 1;}
-       if ($netsettings{'CONFIG_TYPE'} == 5) {return 1;}
-       if ($netsettings{'CONFIG_TYPE'} == 6) {return 1;}
-       if ($netsettings{'CONFIG_TYPE'} == 7) {return 1;}
-       return 0;
-}
-
-sub sizeformat{
-    my $bytesize = $_[0];
-    my $i = 0;
-
-    while(abs($bytesize) >= 1024){
-       $bytesize=$bytesize/1024;
-       $i++;
-       last if($i==6);
-    }
-
-    my @units = ("Bytes","KB","MB","GB","TB","PB","EB");
-    my $newsize=(int($bytesize*100 +0.5))/100;
-    return("$newsize $units[$i]");
-}
-
-sub valid_dns_host {
-       my $hostname = $_[0];
-       unless ($hostname) { return "No hostname"};
-       my $res = new Net::DNS::Resolver;
-       my $query = $res->search("$hostname");
-       if ($query) {
-               foreach my $rr ($query->answer) {
-                       ## Potential bug - we are only looking at A records:
-                       return 0 if $rr->type eq "A";
-               }
-       } else {
-               return $res->errorstring;
-       }
-}
-
-sub cleanssldatabase
-{
-    if (open(FILE, ">${General::swroot}/ovpn/certs/serial")) {
-       print FILE "01";
-       close FILE;
-    }
-    if (open(FILE, ">${General::swroot}/ovpn/certs/index.txt")) {
-       print FILE "";
-       close FILE;
-    }
-    unlink ("${General::swroot}/ovpn/certs/index.txt.old");
-    unlink ("${General::swroot}/ovpn/certs/serial.old");
-    unlink ("${General::swroot}/ovpn/certs/01.pem");
-}
-
-sub newcleanssldatabase
-{
-    if (! -s "${General::swroot}/ovpn/certs/serial" )  {
-        open(FILE, ">${General::swroot}(ovpn/certs/serial");
-       print FILE "01";
-       close FILE;
-    }
-    if (! -s ">${General::swroot}/ovpn/certs/index.txt") {
-       system ("touch ${General::swroot}/ovpn/certs/index.txt");
-    }
-    unlink ("${General::swroot}/ovpn/certs/index.txt.old");
-    unlink ("${General::swroot}/ovpn/certs/serial.old");
-}
-
-sub deletebackupcert
-{
-       if (open(FILE, "${General::swroot}/ovpn/certs/serial.old")) {
-               my $hexvalue = <FILE>;
-               chomp $hexvalue;
-               close FILE;
-               unlink ("${General::swroot}/ovpn/certs/$hexvalue.pem");
-       }
-}
-
-sub checkportfw {
-    my $KEY2 = $_[0]; # key2
-    my $SRC_PORT = $_[1]; # src_port
-    my $PROTOCOL = $_[2]; # protocol
-    my $SRC_IP = $_[3]; # sourceip    
-    my $pfwfilename = "${General::swroot}/portfw/config";
-    open(FILE, $pfwfilename) or die 'Unable to open config file.';
-    my @pfwcurrent = <FILE>;
-    close(FILE);
-    my $pfwkey1 = 0; # used for finding last sequence number used 
-    foreach my $pfwline (@pfwcurrent)
-    {
-       my @pfwtemp = split(/\,/,$pfwline);
-
-       chomp ($pfwtemp[8]);
-       if ($KEY2 eq "0"){ # if key2 is 0 then it is a portfw addition
-               if ( $SRC_PORT eq $pfwtemp[3] &&
-                       $PROTOCOL eq $pfwtemp[2] &&
-                       $SRC_IP eq $pfwtemp[7])
-               {
-                        $errormessage = "$Lang::tr{'source port in use'} $SRC_PORT";
-               }
-               # Check if key2 = 0, if it is then it is a port forward entry and we want the sequence number
-               if ( $pfwtemp[1] eq "0") {
-                       $pfwkey1=$pfwtemp[0];
-               }
-               # Darren Critchley - Duplicate or overlapping Port range check
-               if ($pfwtemp[1] eq "0" && 
-                       $PROTOCOL eq $pfwtemp[2] &&
-                       $SRC_IP eq $pfwtemp[7] &&
-                       $errormessage eq '') 
-               {
-                       &portchecks($SRC_PORT, $pfwtemp[5]);            
-#                      &portchecks($pfwtemp[3], $pfwtemp[5]);
-#                      &portchecks($pfwtemp[3], $SRC_IP);
-               }
-       }
-    }
-#    $errormessage="$KEY2 $SRC_PORT $PROTOCOL $SRC_IP";
-
-    return $errormessage;
-}
-
-sub checkportoverlap
-{
-       my $portrange1 = $_[0]; # New port range
-       my $portrange2 = $_[1]; # existing port range
-       my @tempr1 = split(/\:/,$portrange1);
-       my @tempr2 = split(/\:/,$portrange2);
-
-       unless (&checkportinc($tempr1[0], $portrange2)){ return 0;}
-       unless (&checkportinc($tempr1[1], $portrange2)){ return 0;}
-       
-       unless (&checkportinc($tempr2[0], $portrange1)){ return 0;}
-       unless (&checkportinc($tempr2[1], $portrange1)){ return 0;}
-
-       return 1; # Everything checks out!
-}
-
-# Darren Critchley - we want to make sure that a port entry is not within an already existing range
-sub checkportinc
-{
-       my $port1 = $_[0]; # Port
-       my $portrange2 = $_[1]; # Port range
-       my @tempr1 = split(/\:/,$portrange2);
-
-       if ($port1 < $tempr1[0] || $port1 > $tempr1[1]) {
-               return 1; 
-       } else {
-               return 0; 
-       }
-}
-# Darren Critchley - Duplicate or overlapping Port range check
-sub portchecks
-{
-       my $p1 = $_[0]; # New port range
-       my $p2 = $_[1]; # existing port range
-#      $_ = $_[0];
-       our ($prtrange1, $prtrange2);
-       $prtrange1 = 0;
-#      if (m/:/ && $prtrange1 == 1) { # comparing two port ranges
-#              unless (&checkportoverlap($p1,$p2)) {
-#                      $errormessage = "$Lang::tr{'source port overlaps'} $p1";
-#              }
-#      }
-       if (m/:/ && $prtrange1 == 0 && $errormessage eq '') { # compare one port to a range
-               unless (&checkportinc($p2,$p1)) {
-                       $errormessage = "$Lang::tr{'srcprt within existing'} $p1";
-               }
-       }
-       $prtrange1 = 1;
-       if (! m/:/ && $prtrange1 == 1 && $errormessage eq '') { # compare one port to a range
-               unless (&checkportinc($p1,$p2)) {
-                       $errormessage = "$Lang::tr{'srcprt range overlaps'} $p2";
-               }
-       }
-       return;
-}
-
-# Darren Critchley - certain ports are reserved for IPFire 
-# TCP 67,68,81,222,444
-# UDP 67,68
-# Params passed in -> port, rangeyn, protocol
-sub disallowreserved
-{
-       # port 67 and 68 same for tcp and udp, don't bother putting in an array
-       my $msg = "";
-       my @tcp_reserved = (81,222,444);
-       my $prt = $_[0]; # the port or range
-       my $ryn = $_[1]; # tells us whether or not it is a port range
-       my $prot = $_[2]; # protocol
-       my $srcdst = $_[3]; # source or destination
-       if ($ryn) { # disect port range
-               if ($srcdst eq "src") {
-                       $msg = "$Lang::tr{'rsvd src port overlap'}";
-               } else {
-                       $msg = "$Lang::tr{'rsvd dst port overlap'}";
-               }
-               my @tmprng = split(/\:/,$prt);
-               unless (67 < $tmprng[0] || 67 > $tmprng[1]) { $errormessage="$msg 67"; return; }
-               unless (68 < $tmprng[0] || 68 > $tmprng[1]) { $errormessage="$msg 68"; return; }
-               if ($prot eq "tcp") {
-                       foreach my $prange (@tcp_reserved) {
-                               unless ($prange < $tmprng[0] || $prange > $tmprng[1]) { $errormessage="$msg $prange"; return; }
-                       }
-               }
-       } else {
-               if ($srcdst eq "src") {
-                       $msg = "$Lang::tr{'reserved src port'}";
-               } else {
-                       $msg = "$Lang::tr{'reserved dst port'}";
-               }
-               if ($prt == 67) { $errormessage="$msg 67"; return; }
-               if ($prt == 68) { $errormessage="$msg 68"; return; }
-               if ($prot eq "tcp") {
-                       foreach my $prange (@tcp_reserved) {
-                               if ($prange == $prt) { 
-                                       $errormessage = "$msg $prange"; 
-                                       return $errormessage; }
-                       }
-               }
-       }
-       return $errormessage;
-}
-
-sub writeserverconf {
-    my %sovpnsettings = ();    
-    &General::readhash("${General::swroot}/ovpn/settings", \%sovpnsettings);
-
-    open(CONF,    ">${General::swroot}/ovpn/server.conf") or die "Unable to open ${General::swroot}/ovpn/server.conf: $!";
-    flock CONF, 2;
-    print CONF "#OpenVPN Server conf\n";
-    print CONF "\n";
-    print CONF "daemon openvpnserver\n";
-    print CONF "writepid /var/run/openvpn.pid\n";
-    print CONF "#DAN prepare ZERINA for listening on blue and orange\n";
-    print CONF ";local $sovpnsettings{'VPN_IP'}\n";
-    print CONF "dev $sovpnsettings{'DDEVICE'}\n";
-    print CONF "$sovpnsettings{'DDEVICE'}-mtu $sovpnsettings{'DMTU'}\n";
-       if ($sovpnsettings{'DPROTOCOL'} eq 'tcp') {
-               print CONF "proto $sovpnsettings{'DPROTOCOL'}-server\n";
-       } else {        
-               print CONF "proto $sovpnsettings{'DPROTOCOL'}\n";
-       }       
-    print CONF "port $sovpnsettings{'DDEST_PORT'}\n";
-    print CONF "tls-server\n";
-    print CONF "ca /var/ipfire/ovpn/ca/cacert.pem\n";
-    print CONF "cert /var/ipfire/ovpn/certs/servercert.pem\n";
-    print CONF "key /var/ipfire/ovpn/certs/serverkey.pem\n";
-    print CONF "dh /var/ipfire/ovpn/ca/dh1024.pem\n";
-    my @tempovpnsubnet = split("\/",$sovpnsettings{'DOVPN_SUBNET'});
-    print CONF "server $tempovpnsubnet[0] $tempovpnsubnet[1]\n";
-    print CONF "push \"route $netsettings{'GREEN_NETADDRESS'} $netsettings{'GREEN_NETMASK'}\"\n";
-       if ($sovpnsettings{AD_ROUTE1} ne '') {
-               my @tempovpnsubnet = split("\/",$sovpnsettings{'AD_ROUTE1'});
-               print CONF "push \"route $tempovpnsubnet[0] $tempovpnsubnet[1]\"\n";
-    }
-       if ($sovpnsettings{AD_ROUTE2} ne '') {
-               my @tempovpnsubnet = split("\/",$sovpnsettings{'AD_ROUTE2'});
-               print CONF "push \"route $tempovpnsubnet[0] $tempovpnsubnet[1]\"\n";
-    }
-       if ($sovpnsettings{AD_ROUTE3} ne '') {
-               my @tempovpnsubnet = split("\/",$sovpnsettings{'AD_ROUTE3'});
-               print CONF "push \"route $tempovpnsubnet[0] $tempovpnsubnet[1]\"\n";
-    }
-    if ($sovpnsettings{CLIENT2CLIENT} eq 'on') {
-       print CONF "client-to-client\n";
-    }
-    if ($sovpnsettings{KEEPALIVE_1} > 0 && $sovpnsettings{KEEPALIVE_2} > 0) {  
-       print CONF "keepalive $sovpnsettings{'KEEPALIVE_1'} $sovpnsettings{'KEEPALIVE_2'}\n";
-    }  
-    print CONF "status-version 1\n";    
-       print CONF "status /var/log/ovpnserver.log 30\n";
-    print CONF "cipher $sovpnsettings{DCIPHER}\n";
-    if ($sovpnsettings{DCOMPLZO} eq 'on') {
-        print CONF "comp-lzo\n";
-    }
-    if ($sovpnsettings{REDIRECT_GW_DEF1} eq 'on') {
-        print CONF "push \"redirect-gateway def1\"\n";
-    }
-    if ($sovpnsettings{DHCP_DOMAIN} ne '') {
-        print CONF "push \"dhcp-option DOMAIN $sovpnsettings{DHCP_DOMAIN}\"\n";
-    }
-
-    if ($sovpnsettings{DHCP_DNS} ne '') {
-        print CONF "push \"dhcp-option DNS $sovpnsettings{DHCP_DNS}\"\n";
-    }
-
-    if ($sovpnsettings{DHCP_WINS} ne '') {
-        print CONF "push \"dhcp-option WINS $sovpnsettings{DHCP_WINS}\"\n";
-    }
-    
-    if ($sovpnsettings{DHCP_WINS} eq '') {
-       print CONF "max-clients 100\n";
-    }  
-    
-    if ($sovpnsettings{DHCP_WINS} ne '') {
-       print CONF "max-clients $sovpnsettings{MAX_CLIENTS}\n";
-    }  
-
-    #################################################################################
-    #  Added by Philipp Jenni                                                       #
-    #                                                                               #
-    #  Contact: philipp.jenni-at-gmx.ch                                             #
-    #  Date:    2006-04-22                                                          #
-    #  Description:  Add the FAST-IO Parameter from OpenVPN to der Server.Config.   #
-    #                Add the NICE Parameter from OpenVPN to der Server.Config.      #
-    #                Add the MTU-DISC Parameter from OpenVPN to der Server.Config.  #
-    #                Add the MSSFIX Parameter from OpenVPN to der Server.Config.    #
-    #                Add the FRAMGMENT Parameter from OpenVPN to der Server.Config. #
-    #################################################################################
-    if ($sovpnsettings{EXTENDED_FASTIO} eq 'on') {
-      print CONF "fast-io\n";  
-    }
-    if ($sovpnsettings{EXTENDED_NICE} != 0) {
-      print CONF "nice $sovpnsettings{EXTENDED_NICE}\n"; 
-    }
-    if ($sovpnsettings{EXTENDED_MTUDISC} eq 'on') {
-      print CONF "mtu-disc yes\n";  
-    }    
-    if ($sovpnsettings{EXTENDED_MSSFIX} ne '') {
-      print CONF "mssfix $sovpnsettings{EXTENDED_MSSFIX}\n";  
-    }    
-    if ($sovpnsettings{EXTENDED_FRAGMENT} ne '') {
-      print CONF "fragment $sovpnsettings{EXTENDED_FRAGMENT}\n";  
-    }    
-    #################################################################################
-    #  End of Inserted Data                                                         #
-    #################################################################################
-
-    print CONF "tls-verify /var/ipfire/ovpn/verify\n";
-    print CONF "crl-verify /var/ipfire/ovpn/crls/cacrl.pem\n";
-    print CONF "user nobody\n";
-    print CONF "group nobody\n";
-    print CONF "persist-key\n";
-    print CONF "persist-tun\n";
-       if ($sovpnsettings{LOG_VERB} ne '') {
-               print CONF "verb $sovpnsettings{LOG_VERB}\n";
-       } else {
-               print CONF "verb 3\n";
-       }       
-    print CONF "\n";
-    
-    close(CONF); 
-}
-
-sub writenet2netconf {
-    my $n2nkey = $_[0];
-    my $zerinaclient = $_[1];
-    my %n2nconfighash = ();
-    my $file = '';
-#    my $file = '';
-       my $clientovpn = '';
-       my @fileholder;
-       my $tempdir = tempdir( CLEANUP => 1 );
-       my $zippath = "$tempdir/";
-    &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%n2nconfighash);
-    if (! $n2nkey) {
-        $n2nkey = &General::findhasharraykey (\%n2nconfighash);
-        foreach my $i (0 .. 25) { $n2nconfighash{$n2nkey}[$i] = "";}
-    }
-       my $zipname = "$n2nconfighash{$n2nkey}[1].zip";
-       my $zippathname = "$zippath$zipname";   
-    if ($n2nconfighash{$n2nkey}[3] eq 'net') {
-               if ($zerinaclient eq '') {
-                       if ( -d "${General::swroot}/ovpn/n2nconf/$n2nconfighash{$n2nkey}[1]"){
-                               while ($file = glob("${General::swroot}/ovpn/n2nconf/$n2nconfighash{$n2nkey}[1]/*.conf")) {
-                                       unlink $file            
-                               }
-                       } else {
-                               mkdir("${General::swroot}/ovpn/n2nconf/$n2nconfighash{$n2nkey}[1]", 0770);
-                       }
-                       open(CONF, ">${General::swroot}/ovpn/n2nconf/$n2nconfighash{$n2nkey}[1]/$n2nconfighash{$n2nkey}[1].conf") or die "Unable to open ${General::swroot}/ovpn/n2nconf/$n2nconfighash{$n2nkey}[1]/$n2nconfighash{$n2nkey}[1].conf: $!";       
-               } else {                        
-                       $clientovpn = "$n2nconfighash{$n2nkey}[1].conf";
-                       open(CONF, ">$tempdir/$clientovpn") or die "Unable to open $tempdir/$clientovpn: $!";                                           
-               }               
-               flock CONF, 2;          
-               print CONF "dev tun\n";         
-               print CONF "tun-mtu $n2nconfighash{$n2nkey}[17]\n";
-               if ($n2nconfighash{$n2nkey}[14] eq 'udp') {
-                       print CONF "proto $n2nconfighash{$n2nkey}[14]\n";
-               } elsif ((($zerinaclient eq '') && ($n2nconfighash{$n2nkey}[6] eq 'server'))) {
-                       print CONF "proto $n2nconfighash{$n2nkey}[14]-server\n";
-               } else {
-                       print CONF "proto $n2nconfighash{$n2nkey}[14]-client\n";
-               }
-               print CONF "port $n2nconfighash{$n2nkey}[15]\n";
-               my @tempovpnsubnet = split("\/",$n2nconfighash{$n2nkey}[13]);
-               my @ovpnip = split /\./,$tempovpnsubnet[0];
-#              if ((($zerinaclient eq '') && ($n2nconfighash{$n2nkey}[19] eq 'no'))) {
-               if ((($zerinaclient eq '') && ($n2nconfighash{$n2nkey}[6] eq 'server'))) {
-                       print CONF "ifconfig $ovpnip[0].$ovpnip[1].$ovpnip[2].1 $ovpnip[0].$ovpnip[1].$ovpnip[2].2\n";
-                       print CONF "remote $n2nconfighash{$n2nkey}[10]\n";
-                       print CONF "tls-server\n";
-                       print CONF "ca /var/ipfire/ovpn/ca/cacert.pem\n";
-                       print CONF "cert /var/ipfire/ovpn/certs/servercert.pem\n";
-                       print CONF "key /var/ipfire/ovpn/certs/serverkey.pem\n";
-                       print CONF "dh /var/ipfire/ovpn/ca/dh1024.pem\n";
-                       my @tempremotesubnet = split("\/",$n2nconfighash{$n2nkey}[11]);
-                       print CONF "route $tempremotesubnet[0] $tempremotesubnet[1]\n";
-               } else {
-                       print CONF "ifconfig $ovpnip[0].$ovpnip[1].$ovpnip[2].2 $ovpnip[0].$ovpnip[1].$ovpnip[2].1\n";
-                       #print CONF "$zerinaclient ufuk 10=$n2nconfighash{$n2nkey}[10] 18=$n2nconfighash{$n2nkey}[18] 19=$n2nconfighash{$n2nkey}[19] \n";
-                       if ($zerinaclient ne 'true'){                   
-                               if ($n2nconfighash{$n2nkey}[19] eq 'no'){
-                                       print CONF "remote $n2nconfighash{$n2nkey}[10]\n";                              
-                               } else {
-                                       print CONF "remote $n2nconfighash{$n2nkey}[10]\n";      
-                               }
-                       } else {
-                               print CONF "remote $n2nconfighash{$n2nkey}[18]\n";      
-                       }
-                       print CONF "tls-client\n";
-                       if ($zerinaclient ne 'true'){
-                               print CONF "pkcs12 ${General::swroot}/ovpn/n2nconf/$n2nconfighash{$n2nkey}[1]/$n2nconfighash{$n2nkey}[1].p12\n";
-                       } else {
-                               print CONF "pkcs12 $n2nconfighash{$n2nkey}[1].p12\n";
-                       }
-                       if ($n2nconfighash{$n2nkey}[19] eq 'no'){
-                               my @tempremotesubnet = split("\/",$n2nconfighash{$n2nkey}[8]);
-                               print CONF "route $tempremotesubnet[0] $tempremotesubnet[1]\n";
-                       } else {
-                               my @tempremotesubnet = split("\/",$n2nconfighash{$n2nkey}[11]);
-                               print CONF "route $tempremotesubnet[0] $tempremotesubnet[1]\n";
-                       }
-               }
-               if ($n2nconfighash{$n2nkey}[26] > 0 && $n2nconfighash{$n2nkey}[27] > 0) {       
-                       print CONF "keepalive $n2nconfighash{$n2nkey}[26] $n2nconfighash{$n2nkey}[27]\n";
-               } else {
-                       print CONF "keepalive 10 60\n";
-               }               
-               print CONF "cipher $n2nconfighash{$n2nkey}[20]\n";
-               if ($n2nconfighash{$n2nkey}[16] eq 'on') {
-                       print CONF "comp-lzo\n";                
-               }
-               if ($n2nconfighash{$n2nkey}[42] ne '') {
-                       print CONF "verb $n2nconfighash{$n2nkey}[42]\n";
-               } else {
-                       print CONF "verb 3\n";
-               }       
-               if ($n2nconfighash{$n2nkey}[19] eq 'no'){
-                       print CONF "#$n2nconfighash{$n2nkey}[11]\n";
-               } else {
-                       print CONF "#$n2nconfighash{$n2nkey}[8]\n";
-               }
-               if ($zerinaclient ne 'true') {
-                       print CONF "daemon OVPN_$n2nconfighash{$n2nkey}[1]\n";          
-                       print CONF "#status ${General::swroot}/ovpn/n2nconf/$n2nconfighash{$n2nkey}[1]/$n2nconfighash{$n2nkey}[1].log 2\n";
-               }
-               close(CONF);            
-               if ($zerinaclient eq 'true') {
-                       my $zip = Archive::Zip->new();
-                       $zip->addFile( "${General::swroot}/ovpn/certs/$n2nconfighash{$n2nkey}[1].p12", "$n2nconfighash{$n2nkey}[1].p12") or die "Can't add file ${General::swroot}/ovpn/certs/$n2nconfighash{$n2nkey}[1].p12\n";                        
-                       $zip->addFile( "$tempdir/$clientovpn", $clientovpn) or die "Can't add file $clientovpn\n";
-                       my $status = $zip->writeToFileNamed($zippathname);
-                       open(DLFILE, "<$zippathname") or die "Unable to open $zippathname: $!";
-                       @fileholder = <DLFILE>;
-                       print "Content-Type:application/x-download\n";
-                       print "Content-Disposition:attachment;filename=$zipname\n\n";
-                       print @fileholder;
-                       exit (0);                       
-               }               
-       }       
-}
-
-sub removenet2netconf {
-    my %n2nconfighash = ();
-    my $key = $_[0];
-    my $file = '';
-    &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%n2nconfighash);
-    if ($n2nconfighash{$key}[3] eq 'net') {
-               if ( -d "${General::swroot}/ovpn/n2nconf/$n2nconfighash{$key}[1]"){
-                       while ($file = glob("${General::swroot}/ovpn/n2nconf/$n2nconfighash{$key}[1]/*")) {
-                               unlink $file
-                       }
-                       rmdir("${General::swroot}/ovpn/n2nconf/$n2nconfighash{$key}[1]");
-               }           
-    }
-}
-
-sub emptyserverlog{    
-       if (open(FILE, ">/var/log/ovpnserver.log")) {
-       flock FILE, 2;
-       print FILE "";
-       close FILE;
-    }
-}
-
-sub displayca {
-       my $key = $_[0];
-       my %cahash = ();
-    &General::readhasharray("${General::swroot}/ovpn/caconfig", \%cahash);
-    if ( -f "${General::swroot}/ovpn/ca/$cahash{$key}[0]cert.pem") {
-               &Header::showhttpheaders();
-               &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
-               &Header::openbigbox('100%', 'LEFT', '', $errormessage);
-               &Header::openbox('100%', 'LEFT', "$Lang::tr{'ca certificate'}:");
-               my $output = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/ca/$cahash{$key}[0]cert.pem`;
-               $output = &Header::cleanhtml($output,"y");
-               print "<pre>$output</pre>\n";
-               &Header::closebox();
-               print "<div align='center'><a href='/cgi-bin/ovpnmain.cgi'>$Lang::tr{'back'}</a></div>";
-               &Header::closebigbox();
-               &Header::closepage();
-               exit(0);
-    } else {
-               $errormessage = $Lang::tr{'invalid key'};
-    }
-}
-sub displayroothost {
-       my $roothost = $_[0];
-    my $output;
-    &Header::showhttpheaders();
-    &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
-    &Header::openbigbox('100%', 'LEFT', '', '');
-    if ($roothost eq $Lang::tr{'show root certificate'}) {
-               &Header::openbox('100%', 'LEFT', "$Lang::tr{'root certificate'}:");
-               $output = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/ca/cacert.pem`;
-    } else {
-               &Header::openbox('100%', 'LEFT', "$Lang::tr{'host certificate'}:");
-               $output = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/certs/servercert.pem`;
-    }
-    $output = &Header::cleanhtml($output,"y");
-    print "<pre>$output</pre>\n";
-    &Header::closebox();
-    print "<div align='center'><a href='/cgi-bin/ovpnmain.cgi'>$Lang::tr{'back'}</a></div>";
-    &Header::closebigbox();
-    &Header::closepage();
-    exit(0);
-}
-
-sub killconnection {
-       my $key = $_[0];
-       my %n2nconfighash = ();
-       &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%n2nconfighash);
-       my $n2nactive = `/bin/ps ax|grep $n2nconfighash{$key}[1].conf|grep -v grep|awk \'{print \$1}\'`;
-       if ($n2nactive ne ''){                          
-               system('/usr/local/bin/openvpnctrl', '-kn2n', $n2nactive);
-       }                                               
-}
-
-sub cidrormask {
-       my $cidrmask = $_[0];
-       my $cidrmask2 = $cidrmask;
-       if ("/$cidrmask" =~ /^\/(\d+)/){#cidr                       
-               if ($cidrmask2 = &cidr2mask("/$cidrmask")) {
-                       return $cidrmask2;
-               } else {
-                       if ($cidrmask =~ /^\d+\.\d+\.\d+\.\d+/){#mask                                    
-                               return $cidrmask;
-                       }
-               }               
-       } else {
-               if ($cidrmask =~ /^\d+\.\d+\.\d+\.\d+/){#mask                                    
-                       return $cidrmask;
-               }
-       }       
-}                          
-sub cidr2mask {
-    my( $cidr ) = @_;
-    my( $one32 ) = 0xffffffff;
-    my( @d, $n, $bits );
-
-    if ( $cidr eq "/0" ) {
-        return "0.0.0.0";
-    }
-
-    if ( $cidr !~ /\/(\d+)/ ) {
-        return undef;
-    }
-    $bits = $1;
-
-    if ( $bits > 32 ) {
-        return undef;
-    }
-
-    #-- convert to subnet-style mask
-       $n = $one32 << (32 - $bits);
-       $d[3] = $n % 256; $n = int( $n / 256);
-       $d[2] = $n % 256; $n = int( $n / 256);
-       $d[1] = $n % 256; $n = int( $n / 256);
-       $d[0] = $n;
-       return join '.', @d;
-}
-
-
-# ----------------------------------------------------------------------------
-# $cidr = &mask2cidr( $mask )
-# ----------------------------------------------------------------------------
-
-sub mask2cidr {
-    my( $mask ) = @_;
-    my( @d, $n, $bits );
-    
-    if ( $mask eq "0.0.0.0" ) {
-        return "/0";
-    }
-    
-    if ( ! &validMask( $mask ) ) {
-        return undef;
-    }
-
-    @d = split /\./, $mask;
-    $n = ((((($d[0] * 256) + $d[1])  * 256) + $d[2]) * 256) + $d[3];
-    $bits = 32;
-    while ( ($n % 2) == 0 ) {
-        $n >>= 1;
-        $bits -= 1;
-    }
-    return "/$bits";
-}
-
-
-# ----------------------------------------------------------------------------
-# $yesno = &validMask( $mask )
-# ----------------------------------------------------------------------------
-
-sub validMask {
-    my( $mask ) = @_;
-    my( @d, $n, $str );
-
-    @d = split /\./, $mask;
-    $n = ((((($d[0] * 256) + $d[1]) * 256) + $d[2]) * 256) + $d[3];
-    $str = sprintf "%b", $n;
-    return ( $str =~ /^1+0*$/ );
-}
-
-sub overlapping {
-       # read all subnets from AD, convert to integer range, and sort. 
-       foreach $subnet (@subnets2) {
-               ($from, $to) = &subnet2range ($subnet);
-               push @subnets, { cn => $subnet, from => $from, to => $to };
-       }
-       @subnets = sort { $a->{from} <=> $b->{from} } @subnets;
-
-       # compare all possible subnets for overlap; depend on sort order. 
-       for ($i=0; $i<=$#subnets; $i++) {
-               for ($j=$i+1; $j<=$#subnets; $j++) {
-                       last if $subnets[$i]->{to} < $subnets[$j]->{from};    # no possible overlap anymore;
-                       push @{$overlaps{$subnets[$i]->{cn}}}, $subnets[$j]->{cn} if $subnets[$i]->{to} >= $subnets[$j]->{from};
-               }
-       }
-
-       if (scalar (keys %overlaps)) {
-               foreach $subnet (sort keys %overlaps) {         
-                       #$errormessage = "$Lang::tr{'ovpn subnet overlap'} IPFire IPSEC  : %s\n", $subnet, join (", ", sort @{$overlaps{$subnet}});                     
-                       $errormessage = "$subnet : $overlaps{$subnet}[0]";
-                       last;
-               }
-       }       
-               return $errormessage;
-}
-
-# &subnet2range ($subnet)
-# convert subnets to integers in order to compare them later.
-# A subnet looks like this: 10.1.2.0/24
-# returns beginning and end of subnet as integer
-#
-sub subnet2range {
-    my $subnet = shift (@_);
-    my ($from, $to);
-    
-    $subnet =~ /^(\d+)\.(\d+)\.(\d+)\.(\d+)\/(\d+)$/ || die "bad subnet $subnet\n";
-    $from = $1*2**24 + $2*2**16 + $3*2**8 + $4;
-    $to = $from + 2**(32-$5) - 1;
-    return ($from, $to);
-}
-
-sub ovelapplausi {
-       my $tmpovpnsubnet0 = $_[0];
-       my $tmpovpnsubnet1 = $_[1];
-    my %vpnconfighash = ();
-       my $tmpcidr = '';
-       my @tmpremotevpnsubnet;
-    &General::readhasharray("${General::swroot}/vpn/config", \%vpnconfighash);
-
-    if (&General::IpInSubnet ( $netsettings{'GREEN_ADDRESS'}, 
-               $tmpovpnsubnet0, $tmpovpnsubnet1)) {
-        $errormessage = "$Lang::tr{'ovpn subnet overlap'} IPFire Green Network $netsettings{'GREEN_ADDRESS'}";
-        return $errormessage;
-    }
-
-       if (&haveBlueNet()) {
-               if (&General::IpInSubnet ( $netsettings{'BLUE_ADDRESS'}, 
-                       $tmpovpnsubnet0, $tmpovpnsubnet1)) {
-                       $errormessage = "$Lang::tr{'ovpn subnet overlap'} IPFire Blue Network $netsettings{'BLUE_ADDRESS'}";
-                       return $errormessage;
-               }
-       }       
-    if (&haveOrangeNet()) {
-               if (&General::IpInSubnet ( $netsettings{'ORANGE_ADDRESS'}, 
-                       $tmpovpnsubnet0, $tmpovpnsubnet1)) {
-                       $errormessage = "$Lang::tr{'ovpn subnet overlap'} IPFire Orange Network $netsettings{'ORANGE_ADDRESS'}";
-                       return $errormessage;
-               }
-       }       
-    open(ALIASES, "${General::swroot}/ethernet/aliases") or die 'Unable to open aliases file.';
-    while (<ALIASES>)
-    {
-               chomp($_);
-               my @tempalias = split(/\,/,$_);
-               if ($tempalias[1] eq 'on') {
-                       if (&General::IpInSubnet ($tempalias[0] , 
-                               $tmpovpnsubnet0, $tmpovpnsubnet1)) {
-                               $errormessage = "$Lang::tr{'ovpn subnet overlap'} IPFire alias entry $tempalias[0]";
-                               exit $errormessage;
-                       }               
-               }
-    }
-       close(ALIASES);
-       
-       #check against ipsec connections
-       foreach my $key (keys %vpnconfighash) {
-               #$confighash{$key}[8] = $cgiparams{'LOCAL_SUBNET'};
-               #$confighash{$key}[3]#host or net
-               #$confighash{$key}[11] = $cgiparams{'REMOTE_SUBNET'};
-               #$confighash{$key}[10] = $cgiparams{'REMOTE'};
-               &emptyarray();
-               $tmpcidr = &mask2cidr($tmpovpnsubnet1);
-               push @subnets2, "$tmpovpnsubnet0$tmpcidr";              
-               @tmpremotevpnsubnet = split("\/",$vpnconfighash{$key}[8]);                      
-               $tmpcidr = &mask2cidr($tmpremotevpnsubnet[1]);
-               push @subnets2, "$tmpremotevpnsubnet[0]$tmpcidr";                       
-               $errormessage2 = &overlapping();
-               if ($errormessage2 ne '') {
-                       $errormessage = "$Lang::tr{'ovpn subnet overlap'}IPSCEC Connection=$vpnconfighash{$key}[1] $Lang::tr{'local subnet'} $errormessage2 ";
-                       last;
-               }
-               &emptyarray();
-               if ($vpnconfighash{$key}[3] eq 'net'){
-                       if (&General::IpInSubnet ($vpnconfighash{$key}[10],$tmpovpnsubnet0, $tmpovpnsubnet1)) {
-                               $errormessage = "$Lang::tr{'ovpn subnet overlap'} IPFire IPSEC Connection/IP: $vpnconfighash{$key}[1]/$vpnconfighash{$key}[10]";
-                               last;                           
-                       }
-                       #check agains ipsec local subent                        
-                       push @subnets2, "$tmpovpnsubnet0$tmpcidr";
-                       @tmpremotevpnsubnet = split("\/",$vpnconfighash{$key}[11]);                     
-                       $tmpcidr = &mask2cidr($tmpremotevpnsubnet[1]);
-                       push @subnets2, "$tmpremotevpnsubnet[0]$tmpcidr";                       
-                       $errormessage2 = &overlapping();
-                       if ($errormessage2 ne '') {
-                               $errormessage = "$Lang::tr{'ovpn subnet overlap'}IPSCEC Connection=$vpnconfighash{$key}[1] $Lang::tr{'remote subnet'} $errormessage2 ";
-                               last;
-                       }       
-                       &emptyarray();
-                       push @subnets2, "$tmpovpnsubnet0$tmpcidr";
-                       @tmpremotevpnsubnet = split("\/",$vpnconfighash{$key}[8]);                      
-                       $tmpcidr = &mask2cidr($tmpremotevpnsubnet[1]);
-                       push @subnets2, "$tmpremotevpnsubnet[0]$tmpcidr";                       
-                       $errormessage2 = &overlapping();
-                       if ($errormessage2 ne '') {
-                               $errormessage = "$Lang::tr{'ovpn subnet overlap'}IPSCEC Connection=$vpnconfighash{$key}[1] $Lang::tr{'local subnet'} $errormessage2 ";
-                               last;
-                       }
-                       &emptyarray();                  
-               }               
-       }
-       #check against OpenVPN Connections (aware check against itself)
-       return $errormessage;
-}
-sub emptyarray {
-       @subnets2 = ();
-       @subnets = ();
-}
-sub rwclientstatus {
-       my $activeonrun = $_[0];
-       my @status = `/bin/cat /var/log/ovpnserver.log`;
-       my %confighash = ();
-       my $dis = ''
-       &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
-       if ( -f "${General::swroot}/ovpn/ca/cacert.pem" ) {
-               $dis = '';
-       } else {
-               $dis = "disabled='disabled'";
-       }       
-               
-               &Header::openbox('100%', 'LEFT', "Roadwarrior $Lang::tr{'Client status and controlc'}");
-               print <<END
-               <table width='100%' border='0' cellspacing='1' cellpadding='0'>
-               <tr>
-               <td width='10%' class='boldbase' align='center'><b>$Lang::tr{'name'}</b></td>
-               <td width='15%' class='boldbase' align='center'><b>$Lang::tr{'type'}</b></td>
-               <td width='18%' class='boldbase' align='center'><b>$Lang::tr{'common name'}</b></td>
-               <td width='17%' class='boldbase' align='center'><b>$Lang::tr{'valid till'}</b></td>
-               <td width='25%' class='boldbase' align='center'><b>$Lang::tr{'remark'}</b><br /><img src='/images/null.gif' width='125' height='1' border='0' alt='L2089' /></td>
-               <td width='10%' class='boldbase' align='center'><b>$Lang::tr{'status'}</b></td>
-               <td width='5%' class='boldbase' colspan='6' align='center'><b>$Lang::tr{'action'}</b></td>
-               </tr>
-END
-               ;
-               my $id = 0;
-               my $gif;
-               foreach my $key (keys %confighash) {
-                       if ($confighash{$key}[3] eq 'host') {
-                               if ($confighash{$key}[0] eq 'on') { $gif = 'on.gif'; } else { $gif = 'off.gif'; }
-                                       if ($id % 2) {
-                                               print "<tr bgcolor='${Header::table1colour}'>\n";
-                                       } else {
-                                               print "<tr bgcolor='${Header::table2colour}'>\n";
-                                       }
-                               print "<td align='center' nowrap='nowrap'>$confighash{$key}[1]</td>";           
-                               print "<td align='center' nowrap='nowrap'>" . $Lang::tr{"$confighash{$key}[3]"} . " (" . $Lang::tr{"$confighash{$key}[4]"} . ")</td>";                  
-                               if ($confighash{$key}[4] eq 'cert') {
-                                       print "<td align='left' nowrap='nowrap'>$confighash{$key}[2]</td>";
-                               } else {
-                                       print "<td align='left'>&nbsp;</td>";
-                               }
-                               if ($confighash{$key}[19] ne 'yes') {
-                                       my $cavalid = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/certs/$confighash{$key}[1]cert.pem`;
-                                       $cavalid    =~ /Not After : (.*)[\n]/;
-                                       $cavalid    = $1;
-                                       print "<td align='center'>$cavalid</td>";
-                               } else {
-                                       print "<td>&nbsp;</td>";
-                               }       
-                               print "<td align='center'>$confighash{$key}[25]</td>";
-                               my $active = "<table cellpadding='2' cellspacing='0' bgcolor='${Header::colourred}' width='100%'><tr><td align='center'><b><font color='#FFFFFF'>$Lang::tr{'capsclosed'}</font></b></td></tr></table>";
-                               if ($confighash{$key}[0] eq 'off') {
-                                       $active = "<table cellpadding='2' cellspacing='0' bgcolor='${Header::colourblue}' width='100%'><tr><td align='center'><b><font color='#FFFFFF'>$Lang::tr{'capsclosed'}</font></b></td></tr></table>";
-                               } else {                                
-                                       my $cn;
-                                       my @match = (); 
-                                       foreach my $line (@status) {
-                                               chomp($line);
-                                               if ( $line =~ /^(.+),(\d+\.\d+\.\d+\.\d+\:\d+),(\d+),(\d+),(.+)/) {
-                                                       @match = split(m/^(.+),(\d+\.\d+\.\d+\.\d+\:\d+),(\d+),(\d+),(.+)/, $line);
-                                                       if ($match[1] ne "Common Name") {
-                                                               $cn = $match[1];
-                                                       }           
-                                                       $cn =~ s/[_]/ /g;
-                                                       if ($cn eq "$confighash{$key}[2]") {
-                                                               $active = "<table cellpadding='2' cellspacing='0' bgcolor='${Header::colourgreen}' width='100%'><tr><td align='center'><b><font color='#FFFFFF'>$Lang::tr{'capsopen'}</font></b></td></tr></table>";
-                                                       }
-                                               }    
-                                       }                               
-                               }                               
-                               print "<td align='center'>$active</td>";
-                               my $disable_clientdl = "";
-                               if ($confighash{$key}[6] ne 'client') {                 
-                                       print <<END             
-                                       <form method='post' name='frm${key}a'><td align='center'>
-                                       <input type='image'  name='$Lang::tr{'dl client arch'}' $disable_clientdl src='/images/openvpn.gif' alt='$Lang::tr{'dl client arch'}' title='$Lang::tr{'dl client arch'}' border='0' />
-                                       <input type='hidden' name='ACTION' value='$Lang::tr{'dl client arch'}' $disable_clientdl />
-                                       <input type='hidden' name='KEY' value='$key' $disable_clientdl />
-                                       </td></form>
-END
-               ;               } else {
-                                       print "<td>&nbsp;</td>";        
-                               }       
-                               if ($confighash{$key}[4] eq 'cert' && $confighash{$key}[19] ne 'yes') {
-                                       print <<END
-                                       <form method='post' name='frm${key}b'><td align='center'>
-                                       <input type='image' name='$Lang::tr{'show certificate'}' src='/images/info.gif' alt='$Lang::tr{'show certificate'}' title='$Lang::tr{'show certificate'}' border='0' />
-                                       <input type='hidden' name='ACTION' value='$Lang::tr{'show certificate'}' />
-                                       <input type='hidden' name='KEY' value='$key' />
-                                       </td></form>
-END
-               ;               } else {
-                                       print "<td>&nbsp;</td>";
-                               }
-                               if ($confighash{$key}[4] eq 'cert' && -f "${General::swroot}/ovpn/certs/$confighash{$key}[1].p12") { 
-                                       print <<END
-                                       <form method='post' name='frm${key}c'><td align='center'>
-                                       <input type='image' name='$Lang::tr{'download pkcs12 file'}' src='/images/floppy.gif' alt='$Lang::tr{'download pkcs12 file'}' title='$Lang::tr{'download pkcs12 file'}' border='0' />
-                                       <input type='hidden' name='ACTION' value='$Lang::tr{'download pkcs12 file'}' />
-                                       <input type='hidden' name='KEY' value='$key' />
-                                       </td></form>
-END
-               ;               } elsif ($confighash{$key}[4] eq 'cert' && $confighash{$key}[19] ne 'yes') {
-                                       print <<END
-                                       <form method='post' name='frm${key}c'><td align='center'>
-                                       <input type='image' name='$Lang::tr{'download certificate'}' src='/images/floppy.gif' alt='$Lang::tr{'download certificate'}' title='$Lang::tr{'download certificate'}' border='0' />
-                                       <input type='hidden' name='ACTION' value='$Lang::tr{'download certificate'}' />
-                                       <input type='hidden' name='KEY' value='$key' />
-                                       </td></form>
-END
-               ;               } else {
-                                       print "<td>&nbsp;</td>";
-                               }
-                               print <<END
-                               <form method='post' name='frm${key}d'><td align='center'>
-                               <input type='image' name='$Lang::tr{'toggle enable disable'}' src='/images/$gif' alt='$Lang::tr{'toggle enable disable'}' title='$Lang::tr{'toggle enable disable'}' border='0' />
-                               <input type='hidden' name='ACTION' value='$Lang::tr{'toggle enable disable'}' />
-                               <input type='hidden' name='KEY' value='$key' />
-                               </td></form>
-                               <form method='post' name='frm${key}e'><td align='center'>
-                               <input type='hidden' name='ACTION' value='$Lang::tr{'edit'}' />
-                               <input type='image' name='$Lang::tr{'edit'}' src='/images/edit.gif' alt='$Lang::tr{'edit'}' title='$Lang::tr{'edit'}' width='20' height='20' border='0'/>
-                               <input type='hidden' name='KEY' value='$key' />
-                               </td></form>
-                               <form method='post' name='frm${key}f'><td align='center'>
-                               <input type='hidden' name='ACTION' value='$Lang::tr{'remove'}' />
-                               <input type='image'  name='$Lang::tr{'remove'}' src='/images/delete.gif' alt='$Lang::tr{'remove'}' title='$Lang::tr{'remove'}' width='20' height='20' border='0' />
-                               <input type='hidden' name='KEY' value='$key' />
-                               </td></form>
-                               </tr>
-END
-               ;
-                               $id++;
-                       }
-               }
-           ;
-           # If the config file contains entries, print Key to action icons
-           if ( $id ) {
-                       print <<END
-                       <table>
-                       <tr>
-                       <td class='boldbase'>&nbsp; <b>$Lang::tr{'legend'}:</b></td>
-                       <td>&nbsp; <img src='/images/on.gif' alt='$Lang::tr{'click to disable'}' /></td>
-                       <td class='base'>$Lang::tr{'click to disable'}</td>
-                       <td>&nbsp; &nbsp; <img src='/images/info.gif' alt='$Lang::tr{'show certificate'}' /></td>
-                       <td class='base'>$Lang::tr{'show certificate'}</td>
-                       <td>&nbsp; &nbsp; <img src='/images/edit.gif' alt='$Lang::tr{'edit'}' /></td>
-                       <td class='base'>$Lang::tr{'edit'}</td>
-                       <td>&nbsp; &nbsp; <img src='/images/delete.gif' alt='$Lang::tr{'remove'}' /></td>
-                       <td class='base'>$Lang::tr{'remove'}</td>
-                       </tr>
-                       <tr>
-                       <td>&nbsp; </td>
-                       <td>&nbsp; <img src='/images/off.gif' alt='?OFF' /></td>
-                       <td class='base'>$Lang::tr{'click to enable'}</td>
-                       <td>&nbsp; &nbsp; <img src='/images/floppy.gif' alt='?FLOPPY' /></td>
-                       <td class='base'>$Lang::tr{'download certificate'}</td>
-                       <td>&nbsp; &nbsp; <img src='/images/openvpn.gif' alt='?RELOAD'/></td>
-                       <td class='base'>$Lang::tr{'dl client arch'}</td>
-                       </tr>
-                       </table>
-END
-           ;
-           }
-           print <<END
-           <table width='100%'>
-           <form method='post'>
-           <tr><td width='50%' ><input type='submit' name='ACTION' value='$Lang::tr{'add'}' $dis />
-                                            <input type='hidden' name='TYPE' value='host' /></td>                              
-               <td width='50%' ><input type='submit' name='ACTION' value='$Lang::tr{'ovpn con stat'}' $activeonrun /></td></tr>
-           </form>
-           </table>
-END
-           ;    
-           &Header::closebox();
-       #}
-}
-sub net2netstatus {
-#net2net connections
-       my $activeonrun = $_[0];
-       my @status = `/bin/cat /var/log/ovpnserver.log`;
-       my %confighash = ();
-       my $dis = ''
-       &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
-       if ( -f "${General::swroot}/ovpn/ca/cacert.pem" ) {
-               $dis = '';
-       } else {
-               $dis = "disabled='disabled'";
-       }
-               &Header::openbox('100%', 'LEFT', "Net to Net Connection status and control:");
-               print <<END
-               <table width='100%' border='0' cellspacing='1' cellpadding='0'>
-               <tr>
-               <td width='10%' class='boldbase' align='center'><b>$Lang::tr{'name'}</b></td>
-               <td width='15%' class='boldbase' align='center'><b>$Lang::tr{'type'}</b></td>
-               <td width='18%' class='boldbase' align='center'><b>$Lang::tr{'common name'}</b></td>
-               <td width='17%' class='boldbase' align='center'><b>$Lang::tr{'valid till'}</b></td>
-               <td width='25%' class='boldbase' align='center'><b>$Lang::tr{'remark'}</b><br /><img src='/images/null.gif' width='125' height='1' border='0' alt='L2089' /></td>
-               <td width='10%' class='boldbase' align='center'><b>$Lang::tr{'status'}</b></td>
-               <td width='5%' class='boldbase' colspan='6' align='center'><b>$Lang::tr{'action'}</b></td>
-               </tr>
-END
-               ;
-               my $id = 0;
-               my $gif;
-               foreach my $key (keys %confighash) {
-                       if ($confighash{$key}[3] eq 'net') {
-                               if ($confighash{$key}[0] eq 'on') { $gif = 'on.gif'; } else { $gif = 'off.gif'; }
-                               if ($id % 2) {
-                                       print "<tr bgcolor='${Header::table1colour}'>\n";
-                               } else {
-                                       print "<tr bgcolor='${Header::table2colour}'>\n";
-                               }
-                               print "<td align='center' nowrap='nowrap'>$confighash{$key}[1]</td>";
-                               print "<td align='center' nowrap='nowrap'>" . $confighash{$key}[6] . "-" . $Lang::tr{"$confighash{$key}[3]"} . " (" . $Lang::tr{"$confighash{$key}[4]"} . ")</td>";             
-                               if ($confighash{$key}[4] eq 'cert') {
-                                       print "<td align='left' nowrap='nowrap'>$confighash{$key}[2]</td>";
-                               } else {
-                                       print "<td align='left'>&nbsp;</td>";
-                               }
-                               if ($confighash{$key}[19] ne 'yes') {
-                                       my $cavalid = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/certs/$confighash{$key}[1]cert.pem`;
-                                       $cavalid    =~ /Not After : (.*)[\n]/;
-                                       $cavalid    = $1;
-                                       print "<td align='center'>$cavalid</td>";
-                               } else {
-                                       print "<td>&nbsp;</td>";
-                               }       
-                               print "<td align='center'>$confighash{$key}[25]</td>";
-                               my $active = "<table cellpadding='2' cellspacing='0' bgcolor='${Header::colourred}' width='100%'><tr><td align='center'><b><font color='#FFFFFF'>$Lang::tr{'capsclosed'}</font></b></td></tr></table>";
-                               if ($confighash{$key}[0] eq 'off') {
-                                       $active = "<table cellpadding='2' cellspacing='0' bgcolor='${Header::colourblue}' width='100%'><tr><td align='center'><b><font color='#FFFFFF'>$Lang::tr{'capsclosed'}</font></b></td></tr></table>";
-                               } else {
-                                       my @tempovpnsubnet = split("\/",$confighash{$key}[13]);
-                                       my @ovpnip = split /\./,$tempovpnsubnet[0];
-                                       my $pingip = "";
-                                       if ($confighash{$key}[6] eq 'server') {
-                                               $pingip = "$ovpnip[0].$ovpnip[1].$ovpnip[2].2";
-                                       } else {
-                                               $pingip = "$ovpnip[0].$ovpnip[1].$ovpnip[2].1";
-                                       }
-                                       my $p = Net::Ping->new("udp",1);
-                                       if ($p->ping($pingip)) {
-                                               $active = "<table cellpadding='2' cellspacing='0' bgcolor='${Header::colourgreen}' width='100%'><tr><td align='center'><b><font color='#FFFFFF'>$Lang::tr{'capsopen'}</font></b></td></tr></table>";
-                                       }       
-                                       $p->close();                            
-                               }                               
-                               print "<td align='center'>$active</td>";
-                               my $disable_clientdl = "";
-                               if ($confighash{$key}[6] ne 'client') {                 
-                                       print <<END             
-                                       <form method='post' name='frm${key}a'><td align='center'>
-                                       <input type='image'  name='$Lang::tr{'dl client arch'}' $disable_clientdl src='/images/openvpn.gif' alt='$Lang::tr{'dl client arch'}' title='$Lang::tr{'dl client arch'}' border='0' />
-                                       <input type='hidden' name='ACTION' value='$Lang::tr{'dl client arch'}' $disable_clientdl />
-                                       <input type='hidden' name='KEY' value='$key' $disable_clientdl />
-                                       </td></form>
-END
-                                       ;               } else {
-                                       print "<td>&nbsp;</td>";        
-                               }       
-                               if ($confighash{$key}[4] eq 'cert' && $confighash{$key}[19] ne 'yes') {
-                                       print <<END
-                                       <form method='post' name='frm${key}b'><td align='center'>
-                                       <input type='image' name='$Lang::tr{'show certificate'}' src='/images/info.gif' alt='$Lang::tr{'show certificate'}' title='$Lang::tr{'show certificate'}' border='0' />
-                                       <input type='hidden' name='ACTION' value='$Lang::tr{'show certificate'}' />
-                                       <input type='hidden' name='KEY' value='$key' />
-                                       </td></form>
-END
-                                       ;               } else {
-                                       print "<td>&nbsp;</td>";
-                               }
-                               if ($confighash{$key}[4] eq 'cert' && -f "${General::swroot}/ovpn/certs/$confighash{$key}[1].p12") { 
-                                       print <<END
-                                       <form method='post' name='frm${key}c'><td align='center'>
-                                       <input type='image' name='$Lang::tr{'download pkcs12 file'}' src='/images/floppy.gif' alt='$Lang::tr{'download pkcs12 file'}' title='$Lang::tr{'download pkcs12 file'}' border='0' />
-                                       <input type='hidden' name='ACTION' value='$Lang::tr{'download pkcs12 file'}' />
-                                       <input type='hidden' name='KEY' value='$key' />
-                                       </td></form>
-END
-                                       ;               } elsif ($confighash{$key}[4] eq 'cert' && $confighash{$key}[19] ne 'yes') {
-                                       print <<END
-                                       <form method='post' name='frm${key}c'><td align='center'>
-                                       <input type='image' name='$Lang::tr{'download certificate'}' src='/images/floppy.gif' alt='$Lang::tr{'download certificate'}' title='$Lang::tr{'download certificate'}' border='0' />
-                                       <input type='hidden' name='ACTION' value='$Lang::tr{'download certificate'}' />
-                                       <input type='hidden' name='KEY' value='$key' />
-                                       </td></form>
-END
-                                       ;               } else {
-                                       print "<td>&nbsp;</td>";
-                               }
-                               
-                               print <<END
-                               <form method='post' name='frm${key}d'><td align='center'>
-                               <input type='image' name='$Lang::tr{'toggle enable disable'}' src='/images/$gif' alt='$Lang::tr{'toggle enable disable'}' title='$Lang::tr{'toggle enable disable'}' border='0' />
-                               <input type='hidden' name='ACTION' value='$Lang::tr{'toggle enable disable'}' />
-                               <input type='hidden' name='KEY' value='$key' />
-                               </td></form>
-                               <form method='post' name='frm${key}e'><td align='center'>
-                               <input type='hidden' name='ACTION' value='$Lang::tr{'edit'}' />
-                               <input type='image' name='$Lang::tr{'edit'}' src='/images/edit.gif' alt='$Lang::tr{'edit'}' title='$Lang::tr{'edit'}' width='20' height='20' border='0'/>
-                               <input type='hidden' name='KEY' value='$key' />
-                               </td></form>
-                               <form method='post' name='frm${key}f'><td align='center'>
-                               <input type='hidden' name='ACTION' value='$Lang::tr{'remove'}' />
-                               <input type='image'  name='$Lang::tr{'remove'}' src='/images/delete.gif' alt='$Lang::tr{'remove'}' title='$Lang::tr{'remove'}' width='20' height='20' border='0' />
-                               <input type='hidden' name='KEY' value='$key' />
-                               </td></form>
-                               </tr>
-END
-                               ;
-                               $id++;
-                       }
-               }
-               ;
-
-               # If the config file contains entries, print Key to action icons
-               if ( $id ) {
-                       print <<END
-                       <table>
-                       <tr>
-                       <td class='boldbase'>&nbsp; <b>$Lang::tr{'legend'}:</b></td>
-                       <td>&nbsp; <img src='/images/on.gif' alt='$Lang::tr{'click to disable'}' /></td>
-                       <td class='base'>$Lang::tr{'click to disable'}</td>
-                       <td>&nbsp; &nbsp; <img src='/images/info.gif' alt='$Lang::tr{'show certificate'}' /></td>
-                       <td class='base'>$Lang::tr{'show certificate'}</td>
-                       <td>&nbsp; &nbsp; <img src='/images/edit.gif' alt='$Lang::tr{'edit'}' /></td>
-                       <td class='base'>$Lang::tr{'edit'}</td>
-                       <td>&nbsp; &nbsp; <img src='/images/delete.gif' alt='$Lang::tr{'remove'}' /></td>
-                       <td class='base'>$Lang::tr{'remove'}</td>
-                       </tr>
-                       <tr>
-                       <td>&nbsp; </td>
-                       <td>&nbsp; <img src='/images/off.gif' alt='?OFF' /></td>
-                       <td class='base'>$Lang::tr{'click to enable'}</td>
-                       <td>&nbsp; &nbsp; <img src='/images/floppy.gif' alt='?FLOPPY' /></td>
-                       <td class='base'>$Lang::tr{'download certificate'}</td>
-                       <td>&nbsp; &nbsp; <img src='/images/openvpn.gif' alt='?RELOAD'/></td>
-                       <td class='base'>$Lang::tr{'dl client arch'}</td>
-                       </tr>
-                       </table>
-END
-                       ;
-               }
-               print <<END
-               <table width='100%'>
-               <form method='post'>
-               <tr><td width='50%' ><input type='submit' name='ACTION' value='$Lang::tr{'add'}' $ dis /></td></tr>     
-               </form>
-               </table>
-END
-               ;    
-               &Header::closebox();
-       #}      
-#net2net connections
-}
index 7610414..1c2d42c 100644 (file)
@@ -3,10 +3,8 @@
 # 
 # This code is distributed under the terms of the GPL
 # Main idea from zeroconcept
-# ZERNINA-VERSION:0.9.7a9
-# (c) 2005 Ufuk Altinkaynak
-#
-# Ipcop and OpenVPN eas as one two three..
+# ZERNINA-VERSION:0.9.4i
+# (c) 2007 Ufuk Altinkaynak
 #
 
 use CGI;
@@ -16,9 +14,7 @@ use File::Copy;
 use File::Temp qw/ tempfile tempdir /;
 use strict;
 use Archive::Zip qw(:ERROR_CODES :CONSTANTS);
-use Net::Ping;
 require '/var/ipfire/general-functions.pl';
-require '/srv/web/ipfire/cgi-bin/ovpnfunc.pl';
 require "${General::swroot}/lang.pl";
 require "${General::swroot}/header.pl";
 require "${General::swroot}/countries.pl";
@@ -35,6 +31,8 @@ my %mainsettings = ();
 &General::readhash("${General::swroot}/main/settings", \%mainsettings);
 &General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
 
+
+
 ###
 ### Initialize variables
 ###
@@ -48,7 +46,6 @@ my %selected=();
 my $warnmessage = '';
 my $errormessage = '';
 my %settings=();
-my $zerinaclient = '';
 &General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
 $cgiparams{'ENABLED'} = 'off';
 $cgiparams{'ENABLED_BLUE'} = 'off';
@@ -69,6 +66,337 @@ $cgiparams{'DCOMPLZO'} = 'off';
 ###
 ### Useful functions
 ###
+sub haveOrangeNet
+{
+       if ($netsettings{'CONFIG_TYPE'} == 1) {return 1;}
+       if ($netsettings{'CONFIG_TYPE'} == 3) {return 1;}
+       if ($netsettings{'CONFIG_TYPE'} == 5) {return 1;}
+       if ($netsettings{'CONFIG_TYPE'} == 7) {return 1;}
+       return 0;
+}
+
+sub haveBlueNet
+{
+       if ($netsettings{'CONFIG_TYPE'} == 4) {return 1;}
+       if ($netsettings{'CONFIG_TYPE'} == 5) {return 1;}
+       if ($netsettings{'CONFIG_TYPE'} == 6) {return 1;}
+       if ($netsettings{'CONFIG_TYPE'} == 7) {return 1;}
+       return 0;
+}
+
+sub sizeformat{
+    my $bytesize = shift;
+    my $i = 0;
+
+    while(abs($bytesize) >= 1024){
+       $bytesize=$bytesize/1024;
+       $i++;
+       last if($i==6);
+    }
+
+    my @units = ("Bytes","KB","MB","GB","TB","PB","EB");
+    my $newsize=(int($bytesize*100 +0.5))/100;
+    return("$newsize $units[$i]");
+}
+
+sub valid_dns_host {
+       my $hostname = $_[0];
+       unless ($hostname) { return "No hostname"};
+       my $res = new Net::DNS::Resolver;
+       my $query = $res->search("$hostname");
+       if ($query) {
+               foreach my $rr ($query->answer) {
+                       ## Potential bug - we are only looking at A records:
+                       return 0 if $rr->type eq "A";
+               }
+       } else {
+               return $res->errorstring;
+       }
+}
+
+sub cleanssldatabase
+{
+    if (open(FILE, ">${General::swroot}/ovpn/certs/serial")) {
+       print FILE "01";
+       close FILE;
+    }
+    if (open(FILE, ">${General::swroot}/ovpn/certs/index.txt")) {
+       print FILE "";
+       close FILE;
+    }
+    unlink ("${General::swroot}/ovpn/certs/index.txt.old");
+    unlink ("${General::swroot}/ovpn/certs/serial.old");
+    unlink ("${General::swroot}/ovpn/certs/01.pem");
+}
+
+sub newcleanssldatabase
+{
+    if (! -s "${General::swroot}/ovpn/certs/serial" )  {
+        open(FILE, ">${General::swroot}(ovpn/certs/serial");
+       print FILE "01";
+       close FILE;
+    }
+    if (! -s ">${General::swroot}/ovpn/certs/index.txt") {
+       system ("touch ${General::swroot}/ovpn/certs/index.txt");
+    }
+    unlink ("${General::swroot}/ovpn/certs/index.txt.old");
+    unlink ("${General::swroot}/ovpn/certs/serial.old");
+}
+
+sub deletebackupcert
+{
+       if (open(FILE, "${General::swroot}/ovpn/certs/serial.old")) {
+               my $hexvalue = <FILE>;
+               chomp $hexvalue;
+               close FILE;
+               unlink ("${General::swroot}/ovpn/certs/$hexvalue.pem");
+       }
+}
+
+sub checkportfw {
+    my $KEY2 = $_[0]; # key2
+    my $SRC_PORT = $_[1]; # src_port
+    my $PROTOCOL = $_[2]; # protocol
+    my $SRC_IP = $_[3]; # sourceip
+
+    my $pfwfilename = "${General::swroot}/portfw/config";
+    open(FILE, $pfwfilename) or die 'Unable to open config file.';
+    my @pfwcurrent = <FILE>;
+    close(FILE);
+    my $pfwkey1 = 0; # used for finding last sequence number used 
+    foreach my $pfwline (@pfwcurrent)
+    {
+       my @pfwtemp = split(/\,/,$pfwline);
+
+       chomp ($pfwtemp[8]);
+       if ($KEY2 eq "0"){ # if key2 is 0 then it is a portfw addition
+               if ( $SRC_PORT eq $pfwtemp[3] &&
+                       $PROTOCOL eq $pfwtemp[2] &&
+                       $SRC_IP eq $pfwtemp[7])
+               {
+                        $errormessage = "$Lang::tr{'source port in use'} $SRC_PORT";
+               }
+               # Check if key2 = 0, if it is then it is a port forward entry and we want the sequence number
+               if ( $pfwtemp[1] eq "0") {
+                       $pfwkey1=$pfwtemp[0];
+               }
+               # Darren Critchley - Duplicate or overlapping Port range check
+               if ($pfwtemp[1] eq "0" && 
+                       $PROTOCOL eq $pfwtemp[2] &&
+                       $SRC_IP eq $pfwtemp[7] &&
+                       $errormessage eq '') 
+               {
+                       &portchecks($SRC_PORT, $pfwtemp[5]);            
+#                      &portchecks($pfwtemp[3], $pfwtemp[5]);
+#                      &portchecks($pfwtemp[3], $SRC_IP);
+               }
+       }
+    }
+#    $errormessage="$KEY2 $SRC_PORT $PROTOCOL $SRC_IP";
+
+    return;
+}
+
+sub checkportoverlap
+{
+       my $portrange1 = $_[0]; # New port range
+       my $portrange2 = $_[1]; # existing port range
+       my @tempr1 = split(/\:/,$portrange1);
+       my @tempr2 = split(/\:/,$portrange2);
+
+       unless (&checkportinc($tempr1[0], $portrange2)){ return 0;}
+       unless (&checkportinc($tempr1[1], $portrange2)){ return 0;}
+       
+       unless (&checkportinc($tempr2[0], $portrange1)){ return 0;}
+       unless (&checkportinc($tempr2[1], $portrange1)){ return 0;}
+
+       return 1; # Everything checks out!
+}
+
+# Darren Critchley - we want to make sure that a port entry is not within an already existing range
+sub checkportinc
+{
+       my $port1 = $_[0]; # Port
+       my $portrange2 = $_[1]; # Port range
+       my @tempr1 = split(/\:/,$portrange2);
+
+       if ($port1 < $tempr1[0] || $port1 > $tempr1[1]) {
+               return 1; 
+       } else {
+               return 0; 
+       }
+}
+# Darren Critchley - Duplicate or overlapping Port range check
+sub portchecks
+{
+       my $p1 = $_[0]; # New port range
+       my $p2 = $_[1]; # existing port range
+#      $_ = $_[0];
+       our ($prtrange1, $prtrange2);
+       $prtrange1 = 0;
+#      if (m/:/ && $prtrange1 == 1) { # comparing two port ranges
+#              unless (&checkportoverlap($p1,$p2)) {
+#                      $errormessage = "$Lang::tr{'source port overlaps'} $p1";
+#              }
+#      }
+       if (m/:/ && $prtrange1 == 0 && $errormessage eq '') { # compare one port to a range
+               unless (&checkportinc($p2,$p1)) {
+                       $errormessage = "$Lang::tr{'srcprt within existing'} $p1";
+               }
+       }
+       $prtrange1 = 1;
+       if (! m/:/ && $prtrange1 == 1 && $errormessage eq '') { # compare one port to a range
+               unless (&checkportinc($p1,$p2)) {
+                       $errormessage = "$Lang::tr{'srcprt range overlaps'} $p2";
+               }
+       }
+       return;
+}
+
+# Darren Critchley - certain ports are reserved for IPFire 
+# TCP 67,68,81,222,445
+# UDP 67,68
+# Params passed in -> port, rangeyn, protocol
+sub disallowreserved
+{
+       # port 67 and 68 same for tcp and udp, don't bother putting in an array
+       my $msg = "";
+       my @tcp_reserved = (81,222,445);
+       my $prt = $_[0]; # the port or range
+       my $ryn = $_[1]; # tells us whether or not it is a port range
+       my $prot = $_[2]; # protocol
+       my $srcdst = $_[3]; # source or destination
+       if ($ryn) { # disect port range
+               if ($srcdst eq "src") {
+                       $msg = "$Lang::tr{'rsvd src port overlap'}";
+               } else {
+                       $msg = "$Lang::tr{'rsvd dst port overlap'}";
+               }
+               my @tmprng = split(/\:/,$prt);
+               unless (67 < $tmprng[0] || 67 > $tmprng[1]) { $errormessage="$msg 67"; return; }
+               unless (68 < $tmprng[0] || 68 > $tmprng[1]) { $errormessage="$msg 68"; return; }
+               if ($prot eq "tcp") {
+                       foreach my $prange (@tcp_reserved) {
+                               unless ($prange < $tmprng[0] || $prange > $tmprng[1]) { $errormessage="$msg $prange"; return; }
+                       }
+               }
+       } else {
+               if ($srcdst eq "src") {
+                       $msg = "$Lang::tr{'reserved src port'}";
+               } else {
+                       $msg = "$Lang::tr{'reserved dst port'}";
+               }
+               if ($prt == 67) { $errormessage="$msg 67"; return; }
+               if ($prt == 68) { $errormessage="$msg 68"; return; }
+               if ($prot eq "tcp") {
+                       foreach my $prange (@tcp_reserved) {
+                               if ($prange == $prt) { $errormessage="$msg $prange"; return; }
+                       }
+               }
+       }
+       return;
+}
+
+sub writeserverconf {
+    my %sovpnsettings = ();    
+    &General::readhash("${General::swroot}/ovpn/settings", \%sovpnsettings);
+
+    open(CONF,    ">${General::swroot}/ovpn/server.conf") or die "Unable to open ${General::swroot}/ovpn/server.conf: $!";
+    flock CONF, 2;
+    print CONF "#OpenVPN Server conf\n";
+    print CONF "\n";
+    print CONF "daemon openvpnserver\n";
+    print CONF "writepid /var/run/openvpn.pid\n";
+    print CONF "#DAN prepare ZERINA for listening on blue and orange\n";
+    print CONF ";local $sovpnsettings{'VPN_IP'}\n";
+    print CONF "dev $sovpnsettings{'DDEVICE'}\n";
+    print CONF "$sovpnsettings{'DDEVICE'}-mtu $sovpnsettings{'DMTU'}\n";
+    print CONF "proto $sovpnsettings{'DPROTOCOL'}\n";
+    print CONF "port $sovpnsettings{'DDEST_PORT'}\n";
+    print CONF "tls-server\n";
+    print CONF "ca /var/ipfire/ovpn/ca/cacert.pem\n";
+    print CONF "cert /var/ipfire/ovpn/certs/servercert.pem\n";
+    print CONF "key /var/ipfire/ovpn/certs/serverkey.pem\n";
+    print CONF "dh /var/ipfire/ovpn/ca/dh1024.pem\n";
+    my @tempovpnsubnet = split("\/",$sovpnsettings{'DOVPN_SUBNET'});
+    print CONF "server $tempovpnsubnet[0] $tempovpnsubnet[1]\n";
+    print CONF "push \"route $netsettings{'GREEN_NETADDRESS'} $netsettings{'GREEN_NETMASK'}\"\n";
+    if ($sovpnsettings{CLIENT2CLIENT} eq 'on') {
+       print CONF "client-to-client\n";
+    }
+    if ($sovpnsettings{KEEPALIVE_1} > 0 && $sovpnsettings{KEEPALIVE_2} > 0) {  
+       print CONF "keepalive $sovpnsettings{'KEEPALIVE_1'} $sovpnsettings{'KEEPALIVE_2'}\n";
+    }  
+    print CONF "status-version 1\n";
+    print CONF "status /var/ipfire/ovpn/server.log 30\n";
+    print CONF "cipher $sovpnsettings{DCIPHER}\n";
+    if ($sovpnsettings{DCOMPLZO} eq 'on') {
+        print CONF "comp-lzo\n";
+    }
+    if ($sovpnsettings{REDIRECT_GW_DEF1} eq 'on') {
+        print CONF "push \"redirect-gateway def1\"\n";
+    }
+    if ($sovpnsettings{DHCP_DOMAIN} ne '') {
+        print CONF "push \"dhcp-option DOMAIN $sovpnsettings{DHCP_DOMAIN}\"\n";
+    }
+
+    if ($sovpnsettings{DHCP_DNS} ne '') {
+        print CONF "push \"dhcp-option DNS $sovpnsettings{DHCP_DNS}\"\n";
+    }
+
+    if ($sovpnsettings{DHCP_WINS} ne '') {
+        print CONF "push \"dhcp-option WINS $sovpnsettings{DHCP_WINS}\"\n";
+    }
+    
+    if ($sovpnsettings{DHCP_WINS} eq '') {
+       print CONF "max-clients 100\n";
+    }  
+    
+    if ($sovpnsettings{DHCP_WINS} ne '') {
+       print CONF "max-clients $sovpnsettings{MAX_CLIENTS}\n";
+    }  
+    print CONF "tls-verify /var/ipfire/ovpn/verify\n";
+    print CONF "crl-verify /var/ipfire/ovpn/crls/cacrl.pem\n";
+    print CONF "user nobody\n";
+    print CONF "group nobody\n";
+    print CONF "persist-key\n";
+    print CONF "persist-tun\n";
+       if ($sovpnsettings{LOG_VERB} ne '') {
+               print CONF "verb $sovpnsettings{LOG_VERB}\n";
+       } else {
+               print CONF "verb 3\n";
+       }       
+    print CONF "\n";
+    
+    close(CONF);
+}    
+#
+sub emptyserverlog{
+    if (open(FILE, ">${General::swroot}/ovpn/server.log")) {
+       flock FILE, 2;
+       print FILE "";
+       close FILE;
+    }
+
+}
+
+#hier die refresh page
+if ( -e "${General::swroot}/ovpn/gencanow") {
+    my $refresh = '';
+    $refresh = "<meta http-equiv='refresh' content='15;' />";
+    &Header::showhttpheaders();
+    &Header::openpage($Lang::tr{'OVPN'}, 1, $refresh);
+    &Header::openbigbox('100%', 'center');
+    &Header::openbox('100%', 'left', "$Lang::tr{'generate root/host certificates'}:");
+    print "<tr>\n<td align='center'><img src='/images/clock.gif' alt='' /></td>\n";
+    print "<td colspan='2'><font color='red'>Please be patient this realy can take some time on older hardware...</font></td></tr>\n";
+    &Header::closebox();
+    &Header::closebigbox();
+    &Header::closepage();
+    exit (0);
+}
+##hier die refresh page
+
 
 ###
 ### OpenVPN Server Control
@@ -76,29 +404,21 @@ $cgiparams{'DCOMPLZO'} = 'off';
 if ($cgiparams{'ACTION'} eq $Lang::tr{'start ovpn server'} ||
     $cgiparams{'ACTION'} eq $Lang::tr{'stop ovpn server'} ||
     $cgiparams{'ACTION'} eq $Lang::tr{'restart ovpn server'}) {
-       my $serveractive = `/bin/ps ax|grep server.conf|grep -v grep|awk \'{print \$1}\'`;
     #start openvpn server
     if ($cgiparams{'ACTION'} eq $Lang::tr{'start ovpn server'}){
-       &Ovpnfunc::emptyserverlog();
+       &emptyserverlog();
        system('/usr/local/bin/openvpnctrl', '-s');
     }   
     #stop openvpn server
     if ($cgiparams{'ACTION'} eq $Lang::tr{'stop ovpn server'}){
-               if ($serveractive ne ''){
-                       system('/usr/local/bin/openvpnctrl', '-kn2n', $serveractive);
-               }
        system('/usr/local/bin/openvpnctrl', '-k');
-               &Ovpnfunc::emptyserverlog();    
+       &emptyserverlog();      
     }   
 #    #restart openvpn server
     if ($cgiparams{'ACTION'} eq $Lang::tr{'restart ovpn server'}){
 #workarund, till SIGHUP also works when running as nobody    
-               if ($serveractive ne ''){
-                       system('/usr/local/bin/openvpnctrl', '-kn2n', $serveractive);
-               }
-               system('/usr/local/bin/openvpnctrl', '-k');     
-               &Ovpnfunc::emptyserverlog();
-               system('/usr/local/bin/openvpnctrl', '-s');
+       system('/usr/local/bin/openvpnctrl', '-r');     
+       &emptyserverlog();      
     }       
 }
 
@@ -120,32 +440,6 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'save-adv-options'}) {
     $vpnsettings{'DHCP_DOMAIN'} = $cgiparams{'DHCP_DOMAIN'};
     $vpnsettings{'DHCP_DNS'} = $cgiparams{'DHCP_DNS'};
     $vpnsettings{'DHCP_WINS'} = $cgiparams{'DHCP_WINS'};
-       #additional push route
-       $vpnsettings{'AD_ROUTE1'} = $cgiparams{'AD_ROUTE1'};
-       $vpnsettings{'AD_ROUTE2'} = $cgiparams{'AD_ROUTE2'};
-       $vpnsettings{'AD_ROUTE3'} = $cgiparams{'AD_ROUTE3'};
-       #additional push route
-       
-    #################################################################################
-    #  Added by Philipp Jenni                                                       #
-    #                                                                               #
-    #  Contact: philipp.jenni-at-gmx.ch                                             #
-    #  Date:    2006-04-22                                                          #
-    #  Description:  Add the FAST-IO Parameter from OpenVPN to the Zerina Config    #
-    #                Add the NICE Parameter from OpenVPN to the Zerina Config       #
-    #                Add the MTU-DISC Parameter from OpenVPN to the Zerina Config   #
-    #                Add the MSSFIX Parameter from OpenVPN to the Zerina Config     #
-    #                Add the FRAMGMENT Parameter from OpenVPN to the Zerina Config  #
-    #################################################################################
-    $vpnsettings{'EXTENDED_FASTIO'} = $cgiparams{'EXTENDED_FASTIO'};
-    $vpnsettings{'EXTENDED_NICE'} = $cgiparams{'EXTENDED_NICE'};
-    $vpnsettings{'EXTENDED_MTUDISC'} = $cgiparams{'EXTENDED_MTUDISC'};
-    $vpnsettings{'EXTENDED_MSSFIX'} = $cgiparams{'EXTENDED_MSSFIX'};
-    $vpnsettings{'EXTENDED_FRAGMENT'} = $cgiparams{'EXTENDED_FRAGMENT'};
-    #################################################################################
-    #  End of Inserted Data                                                         #
-    #################################################################################
-
     
     if ($cgiparams{'DHCP_DOMAIN'} ne ''){
        unless (&General::validfqdn($cgiparams{'DHCP_DOMAIN'}) || &General::validip($cgiparams{'DHCP_DOMAIN'})) {
@@ -165,25 +459,6 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'save-adv-options'}) {
        goto ADV_ERROR;
        }
     }
-       if ($cgiparams{'AD_ROUTE1'} ne ''){
-               if (! &General::validipandmask($cgiparams{'AD_ROUTE1'})) {
-                       $errormessage = $Lang::tr{'route subnet is invalid'};
-                       goto ADV_ERROR;
-               }
-       }
-       if ($cgiparams{'AD_ROUTE2'} ne ''){
-               if (! &General::validipandmask($cgiparams{'AD_ROUTE2'})) {
-                       $errormessage = $Lang::tr{'route subnet is invalid'};
-                       goto ADV_ERROR;
-               }
-       }       
-       if ($cgiparams{'AD_ROUTE3'} ne ''){
-               if (! &General::validipandmask($cgiparams{'AD_ROUTE3'})) {
-                       $errormessage = $Lang::tr{'route subnet is invalid'};
-                       goto ADV_ERROR;
-               }
-       }
-       
     if ((length($cgiparams{'MAX_CLIENTS'}) == 0) || (($cgiparams{'MAX_CLIENTS'}) < 1 ) || (($cgiparams{'MAX_CLIENTS'}) > 255 )) {
         $errormessage = $Lang::tr{'invalid input for max clients'};
         goto ADV_ERROR;
@@ -206,47 +481,81 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'save-adv-options'}) {
     }
     
     &General::writehash("${General::swroot}/ovpn/settings", \%vpnsettings);
-    &Ovpnfunc::writeserverconf();#hier ok
+    &writeserverconf();#hier ok
 }
 
+
+
+
 ###
 ### Save main settings
 ###
 if ($cgiparams{'ACTION'} eq $Lang::tr{'save'} && $cgiparams{'TYPE'} eq '' && $cgiparams{'KEY'} eq '') {
     &General::readhash("${General::swroot}/ovpn/settings", \%vpnsettings);
-       &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
     #DAN do we really need (to to check) this value? Besides if we listen on blue and orange too,
     #DAN this value has to leave.
     if ($cgiparams{'ENABLED'} eq 'on'){
        unless (&General::validfqdn($cgiparams{'VPN_IP'}) || &General::validip($cgiparams{'VPN_IP'})) {
                $errormessage = $Lang::tr{'invalid input for hostname'};
-               goto SETTINGS_ERROR;
+       goto SETTINGS_ERROR;
        }
     }
     if ($cgiparams{'ENABLED'} eq 'on'){
-               $errormessage = &Ovpnfunc::disallowreserved($cgiparams{'DDEST_PORT'},0,$cgiparams{'DPROTOCOL'},"dest");
+       &disallowreserved($cgiparams{'DDEST_PORT'},0,$cgiparams{'DPROTOCOL'},"dest");
     }  
     if ($errormessage) { goto SETTINGS_ERROR; }
     
     
     if ($cgiparams{'ENABLED'} eq 'on'){
-               $errormessage = &Ovpnfunc::checkportfw(0,$cgiparams{'DDEST_PORT'},$cgiparams{'DPROTOCOL'},'0.0.0.0');
+       &checkportfw(0,$cgiparams{'DDEST_PORT'},$cgiparams{'DPROTOCOL'},'0.0.0.0');
     }
        
     if ($errormessage) { goto SETTINGS_ERROR; }
     
     if (! &General::validipandmask($cgiparams{'DOVPN_SUBNET'})) {
-               $errormessage = $Lang::tr{'ovpn subnet is invalid'};
-               goto SETTINGS_ERROR;
-    }
-    my @tmpovpnsubnet = split("\/",$cgiparams{'DOVPN_SUBNET'});        
-    $tmpovpnsubnet[1]  = &Ovpnfunc::cidrormask($tmpovpnsubnet[1]);
-       $cgiparams{'DOVPN_SUBNET'} = "$tmpovpnsubnet[0]/$tmpovpnsubnet[1]";#convert from cidr
-       #plausi1
-       $errormessage = &Ovpnfunc::ovelapplausi($tmpovpnsubnet[0],$tmpovpnsubnet[1]);
-       #plausi1
+            $errormessage = $Lang::tr{'ovpn subnet is invalid'};
+       goto SETTINGS_ERROR;
+    }
+    my @tmpovpnsubnet = split("\/",$cgiparams{'DOVPN_SUBNET'});
+    
+    if (&General::IpInSubnet ( $netsettings{'RED_ADDRESS'}, 
+       $tmpovpnsubnet[0], $tmpovpnsubnet[1])) {
+       $errormessage = "$Lang::tr{'ovpn subnet overlap'} IPFire RED Network $netsettings{'RED_ADDRESS'}";
+       goto SETTINGS_ERROR;
+    }
+    
+    if (&General::IpInSubnet ( $netsettings{'GREEN_ADDRESS'}, 
+       $tmpovpnsubnet[0], $tmpovpnsubnet[1])) {
+        $errormessage = "$Lang::tr{'ovpn subnet overlap'} IPFire Green Network $netsettings{'GREEN_ADDRESS'}";
+        goto SETTINGS_ERROR;
+    }
+
+    if (&General::IpInSubnet ( $netsettings{'BLUE_ADDRESS'}, 
+       $tmpovpnsubnet[0], $tmpovpnsubnet[1])) {
+       $errormessage = "$Lang::tr{'ovpn subnet overlap'} IPFire Blue Network $netsettings{'BLUE_ADDRESS'}";
+       goto SETTINGS_ERROR;
+    }
+    
+    if (&General::IpInSubnet ( $netsettings{'ORANGE_ADDRESS'}, 
+       $tmpovpnsubnet[0], $tmpovpnsubnet[1])) {
+       $errormessage = "$Lang::tr{'ovpn subnet overlap'} IPFire Orange Network $netsettings{'ORANGE_ADDRESS'}";
+       goto SETTINGS_ERROR;
+    }
+    open(ALIASES, "${General::swroot}/ethernet/aliases") or die 'Unable to open aliases file.';
+    while (<ALIASES>)
+    {
+       chomp($_);
+       my @tempalias = split(/\,/,$_);
+       if ($tempalias[1] eq 'on') {
+           if (&General::IpInSubnet ($tempalias[0] , 
+               $tmpovpnsubnet[0], $tmpovpnsubnet[1])) {
+               $errormessage = "$Lang::tr{'ovpn subnet overlap'} IPFire alias entry $tempalias[0]";
+           }           
+       }
+    }
+    close(ALIASES);
     if ($errormessage ne ''){
-               goto SETTINGS_ERROR;
+       goto SETTINGS_ERROR;
     }
     if ($cgiparams{'ENABLED'} !~ /^(on|off)$/) {
         $errormessage = $Lang::tr{'invalid input'};
@@ -258,17 +567,9 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'save'} && $cgiparams{'TYPE'} eq '' && $cg
     }
     
     unless (&General::validport($cgiparams{'DDEST_PORT'})) {
-               $errormessage = $Lang::tr{'invalid port'};
-               goto SETTINGS_ERROR;
+       $errormessage = $Lang::tr{'invalid port'};
+       goto SETTINGS_ERROR;
     }
-       #hhh
-       foreach my $dkey (keys %confighash) {#Check if there is no other entry with this name   
-               if ($confighash{$dkey}[14] eq $cgiparams{'DPROTOCOL'} &&  $confighash{$dkey}[15] eq $cgiparams{'DDEST_PORT'}){                  
-                       $errormessage = "Choosed Protocol/Port combination is already used by connection: $confighash{$dkey}[1]";
-                       goto SETTINGS_ERROR;                    
-               }               
-       }
-       #hhh
     $vpnsettings{'ENABLED_BLUE'} = $cgiparams{'ENABLED_BLUE'};
     $vpnsettings{'ENABLED_ORANGE'} =$cgiparams{'ENABLED_ORANGE'};
     $vpnsettings{'ENABLED'} = $cgiparams{'ENABLED'};
@@ -283,7 +584,7 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'save'} && $cgiparams{'TYPE'} eq '' && $cg
     $vpnsettings{'DCIPHER'} = $cgiparams{'DCIPHER'};
 #new settings for daemon    
     &General::writehash("${General::swroot}/ovpn/settings", \%vpnsettings);
-    &Ovpnfunc::writeserverconf();#hier ok
+    &writeserverconf();#hier ok
 SETTINGS_ERROR:
 ###
 ### Reset all step 2
@@ -293,25 +594,26 @@ SETTINGS_ERROR:
     &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
 
     foreach my $key (keys %confighash) {
-               if ($confighash{$key}[4] eq 'cert') {
-                       delete $confighash{$cgiparams{'$key'}};
-               }
+       if ($confighash{$key}[4] eq 'cert') {
+           delete $confighash{$cgiparams{'$key'}};
+       }
     }
     while ($file = glob("${General::swroot}/ovpn/ca/*")) {
-               unlink $file
+       unlink $file
     }
     while ($file = glob("${General::swroot}/ovpn/certs/*")) {
-               unlink $file
+       unlink $file
     }
     while ($file = glob("${General::swroot}/ovpn/crls/*")) {
-               unlink $file
+       unlink $file
     }
-    &Ovpnfunc::cleanssldatabase();
+    &cleanssldatabase();
     if (open(FILE, ">${General::swroot}/ovpn/caconfig")) {
         print FILE "";
         close FILE;
     }
     &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
+    #&writeserverconf();
 ###
 ### Reset all step 1
 ###
@@ -358,34 +660,34 @@ END
 
     # Check if there is no other entry with this name
     foreach my $key (keys %cahash) {
-               if ($cahash{$key}[0] eq $cgiparams{'CA_NAME'}) {
-                       $errormessage = $Lang::tr{'a ca certificate with this name already exists'};
-                       goto UPLOADCA_ERROR;
-               }
+       if ($cahash{$key}[0] eq $cgiparams{'CA_NAME'}) {
+           $errormessage = $Lang::tr{'a ca certificate with this name already exists'};
+           goto UPLOADCA_ERROR;
+       }
     }
 
     if (ref ($cgiparams{'FH'}) ne 'Fh') {
-               $errormessage = $Lang::tr{'there was no file upload'};
-               goto UPLOADCA_ERROR;
+       $errormessage = $Lang::tr{'there was no file upload'};
+       goto UPLOADCA_ERROR;
     }
     # Move uploaded ca to a temporary file
     (my $fh, my $filename) = tempfile( );
     if (copy ($cgiparams{'FH'}, $fh) != 1) {
-               $errormessage = $!;
-               goto UPLOADCA_ERROR;
+       $errormessage = $!;
+       goto UPLOADCA_ERROR;
     }
     my $temp = `/usr/bin/openssl x509 -text -in $filename`;
-       if ($temp !~ /CA:TRUE/i) {
-               $errormessage = $Lang::tr{'not a valid ca certificate'};
-               unlink ($filename);
-               goto UPLOADCA_ERROR;
+    if ($temp !~ /CA:TRUE/i) {
+       $errormessage = $Lang::tr{'not a valid ca certificate'};
+       unlink ($filename);
+       goto UPLOADCA_ERROR;
     } else {
-               move($filename, "${General::swroot}/ovpn/ca/$cgiparams{'CA_NAME'}cert.pem");
-               if ($? ne 0) {
-                       $errormessage = "$Lang::tr{'certificate file move failed'}: $!";
-                       unlink ($filename);
-                       goto UPLOADCA_ERROR;
-               }
+       move($filename, "${General::swroot}/ovpn/ca/$cgiparams{'CA_NAME'}cert.pem");
+       if ($? ne 0) {
+           $errormessage = "$Lang::tr{'certificate file move failed'}: $!";
+           unlink ($filename);
+           goto UPLOADCA_ERROR;
+       }
     }
 
     my $casubject = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/ca/$cgiparams{'CA_NAME'}cert.pem`;
@@ -399,13 +701,33 @@ END
     $cahash{$key}[0] = $cgiparams{'CA_NAME'};
     $cahash{$key}[1] = $casubject;
     &General::writehasharray("${General::swroot}/ovpn/caconfig", \%cahash);
+#    system('/usr/local/bin/ipsecctrl', 'R');
+
     UPLOADCA_ERROR:
 
 ###
 ### Display ca certificate
 ###
 } elsif ($cgiparams{'ACTION'} eq $Lang::tr{'show ca certificate'}) {
-       &Ovpnfunc::displayca($cgiparams{'KEY'});
+    &General::readhasharray("${General::swroot}/ovpn/caconfig", \%cahash);
+
+    if ( -f "${General::swroot}/ovpn/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem") {
+       &Header::showhttpheaders();
+       &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
+       &Header::openbigbox('100%', 'LEFT', '', $errormessage);
+       &Header::openbox('100%', 'LEFT', "$Lang::tr{'ca certificate'}:");
+       my $output = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem`;
+       $output = &Header::cleanhtml($output,"y");
+       print "<pre>$output</pre>\n";
+       &Header::closebox();
+       print "<div align='center'><a href='/cgi-bin/ovpnmain.cgi'>$Lang::tr{'back'}</a></div>";
+       &Header::closebigbox();
+       &Header::closepage();
+       exit(0);
+    } else {
+       $errormessage = $Lang::tr{'invalid key'};
+    }
+
 ###
 ### Download ca certificate
 ###
@@ -432,15 +754,22 @@ END
        foreach my $key (keys %confighash) {
            my $test = `/usr/bin/openssl verify -CAfile ${General::swroot}/ovpn/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem ${General::swroot}/ovpn/certs/$confighash{$key}[1]cert.pem`;
            if ($test =~ /: OK/) {
+               # Delete connection
+#              if ($vpnsettings{'ENABLED'} eq 'on' ||
+#                  $vpnsettings{'ENABLED_BLUE'} eq 'on') {
+#                  system('/usr/local/bin/ipsecctrl', 'D', $key);
+#              }
                unlink ("${General::swroot}/ovpn//certs/$confighash{$key}[1]cert.pem");
                unlink ("${General::swroot}/ovpn/certs/$confighash{$key}[1].p12");
                delete $confighash{$key};
                &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
+#              &writeipsecfiles();
            }
        }
        unlink ("${General::swroot}/ovpn/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem");
        delete $cahash{$cgiparams{'KEY'}};
        &General::writehasharray("${General::swroot}/ovpn/caconfig", \%cahash);
+#      system('/usr/local/bin/ipsecctrl', 'R');
     } else {
        $errormessage = $Lang::tr{'invalid key'};
     }
@@ -492,8 +821,27 @@ END
 ###
 ### Display root certificate
 ###
-}elsif ($cgiparams{'ACTION'} eq $Lang::tr{'show root certificate'} || $cgiparams{'ACTION'} eq $Lang::tr{'show host certificate'}) {
-       &Ovpnfunc::displayroothost($cgiparams{'ACTION'});
+}elsif ($cgiparams{'ACTION'} eq $Lang::tr{'show root certificate'} ||
+    $cgiparams{'ACTION'} eq $Lang::tr{'show host certificate'}) {
+    my $output;
+    &Header::showhttpheaders();
+    &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
+    &Header::openbigbox('100%', 'LEFT', '', '');
+    if ($cgiparams{'ACTION'} eq $Lang::tr{'show root certificate'}) {
+       &Header::openbox('100%', 'LEFT', "$Lang::tr{'root certificate'}:");
+       $output = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/ca/cacert.pem`;
+    } else {
+       &Header::openbox('100%', 'LEFT', "$Lang::tr{'host certificate'}:");
+       $output = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/certs/servercert.pem`;
+    }
+    $output = &Header::cleanhtml($output,"y");
+    print "<pre>$output</pre>\n";
+    &Header::closebox();
+    print "<div align='center'><a href='/cgi-bin/ovpnmain.cgi'>$Lang::tr{'back'}</a></div>";
+    &Header::closebigbox();
+    &Header::closepage();
+    exit(0);
+
 ###
 ### Download root certificate
 ###
@@ -721,7 +1069,7 @@ END
        (my $state = $cgiparams{'ROOTCERT_STATE'}) =~ s/^\s*$/\./;
 
        # refresh
-       #system ('/usr/bin/touch', "${General::swroot}/ovpn/gencanow");
+       #system ('/bin/touch', "${General::swroot}/ovpn/gencanow");
        
        # Create the CA certificate
        my $pid = open(OPENSSL, "|-");
@@ -802,11 +1150,11 @@ END
            unlink ("${General::swroot}/ovpn/serverkey.pem");
            unlink ("${General::swroot}/ovpn/certs/serverreq.pem");
            unlink ("${General::swroot}/ovpn/certs/servercert.pem");
-           &Ovpnfunc::newcleanssldatabase();
+           &newcleanssldatabase();
            goto ROOTCERT_ERROR;
        } else {
            unlink ("${General::swroot}/ovpn/certs/serverreq.pem");
-           &Ovpnfunc::deletebackupcert();
+           &deletebackupcert();
        }
 
        # Create an empty CRL
@@ -819,8 +1167,10 @@ END
            unlink ("${General::swroot}/ovpn/certs/servercert.pem");
            unlink ("${General::swroot}/ovpn/ca/cacert.pem");
            unlink ("${General::swroot}/ovpn/crls/cacrl.pem");      
-           &Ovpnfunc::cleanssldatabase();
+           &cleanssldatabase();
            goto ROOTCERT_ERROR;
+#      } else {
+#          &cleanssldatabase();
        }
        # Create Diffie Hellmann Parameter
        system('/usr/bin/openssl', 'dhparam', '-rand', '/proc/interrupts:/proc/net/rt_cache',
@@ -833,8 +1183,10 @@ END
            unlink ("${General::swroot}/ovpn/ca/cacert.pem");
            unlink ("${General::swroot}/ovpn/crls/cacrl.pem");
            unlink ("${General::swroot}/ovpn/ca/dh1024.pem");
-           &Ovpnfunc::cleanssldatabase();
+           &cleanssldatabase();
            goto ROOTCERT_ERROR;
+#      } else {
+#          &cleanssldatabase();
        }       
        goto ROOTCERT_SUCCESS;
     }
@@ -919,33 +1271,40 @@ END
 
     ROOTCERT_SUCCESS:
     system ("chmod 600 ${General::swroot}/ovpn/certs/serverkey.pem");
+#    if ($vpnsettings{'ENABLED'} eq 'on' ||
+#      $vpnsettings{'ENABLE_BLUE'} eq 'on') {
+#      system('/usr/local/bin/ipsecctrl', 'S');
+#    }
 
 ###
 ### Enable/Disable connection
 ###
 }elsif ($cgiparams{'ACTION'} eq $Lang::tr{'toggle enable disable'}) {
+    
+    &General::readhash("${General::swroot}/ovpn/settings", \%vpnsettings);
     &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
+
     if ($confighash{$cgiparams{'KEY'}}) {
-               my $n2nactive = `/bin/ps ax|grep $confighash{$cgiparams{'KEY'}}[1].conf|grep -v grep|awk \'{print \$1}\'`;
-               if ($confighash{$cgiparams{'KEY'}}[0] eq 'off') {
-                       $confighash{$cgiparams{'KEY'}}[0] = 'on';
-                       &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
-                       if ($n2nactive eq ''){
-                               system('/usr/local/bin/openvpnctrl', '-sn2n', $confighash{$cgiparams{'KEY'}}[1]);
-                       } else {
-                               system('/usr/local/bin/openvpnctrl', '-kn2n', $n2nactive);
-                               system('/usr/local/bin/openvpnctrl', '-sn2n', $confighash{$cgiparams{'KEY'}}[1]);
-                       }                       
-               } else {
-                       $confighash{$cgiparams{'KEY'}}[0] = 'off';
-                       &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
-                       if ($n2nactive ne ''){                          
-                               system('/usr/local/bin/openvpnctrl', '-kn2n', $n2nactive);
-                       }                                               
-               }
-    } else {
-               $errormessage = $Lang::tr{'invalid key'};
+       if ($confighash{$cgiparams{'KEY'}}[0] eq 'off') {
+           $confighash{$cgiparams{'KEY'}}[0] = 'on';
+           &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
+           #&writeserverconf();
+#          if ($vpnsettings{'ENABLED'} eq 'on' ||
+#              $vpnsettings{'ENABLED_BLUE'} eq 'on') {
+#              system('/usr/local/bin/ipsecctrl', 'S', $cgiparams{'KEY'});
+#          }
+       } else {
+           $confighash{$cgiparams{'KEY'}}[0] = 'off';
+#          if ($vpnsettings{'ENABLED'} eq 'on' ||
+#              $vpnsettings{'ENABLED_BLUE'} eq 'on') {
+#              system('/usr/local/bin/ipsecctrl', 'D', $cgiparams{'KEY'});
+#          }
+           &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
+           #&writeserverconf();
        }
+    } else {
+       $errormessage = $Lang::tr{'invalid key'};
+    }
 
 ###
 ### Download OpenVPN client package
@@ -956,69 +1315,51 @@ END
     my $file = '';
     my $clientovpn = '';
     my @fileholder;
-       my $uhost3 = '';
-       my $uhost = `/bin/uname -n`;
-       if ($uhost ne '') {
-               my @uhost2 = split /\./, $uhost;
-               $uhost3 = $uhost2[0];
-       } else {
-               $uhost3 = "IPFire";
-       }       
     my $tempdir = tempdir( CLEANUP => 1 );
     my $zippath = "$tempdir/";
-    my $zipname = "$confighash{$cgiparams{'KEY'}}[1]-TO-$uhost3.zip";
+    my $zipname = "$confighash{$cgiparams{'KEY'}}[1]-TO-IPFire.zip";
     my $zippathname = "$zippath$zipname";
-    #anna
-    if ($confighash{$cgiparams{'KEY'}}[3] eq 'net'){
-               $zerinaclient = 'true';
-               &Ovpnfunc::writenet2netconf($cgiparams{'KEY'},$zerinaclient);
-               exit(0);
-       }
-    $clientovpn = "$confighash{$cgiparams{'KEY'}}[1]-TO-$uhost3.ovpn";
-    open(CLIENTCONF, ">$tempdir/$clientovpn") or die "Unable to open tempfile: $clientovpn $!";
+    $clientovpn = "$confighash{$cgiparams{'KEY'}}[1]-TO-IPFire.ovpn";
+    open(CLIENTCONF, ">$tempdir/$clientovpn") or die "Unable to open tempfile: $!";
     flock CLIENTCONF, 2;
     
     my $zip = Archive::Zip->new();
     
-    print CLIENTCONF "#OpenVPN Client conf\r\n";
+    print CLIENTCONF "#OpenVPN Server conf\r\n";
     print CLIENTCONF "tls-client\r\n";
     print CLIENTCONF "client\r\n";
     print CLIENTCONF "dev $vpnsettings{'DDEVICE'}\r\n";
-       if ($vpnsettings{'DPROTOCOL'} eq 'tcp') {
-               print CLIENTCONF "proto $vpnsettings{'DPROTOCOL'}-client\r\n";
-       } else {        
-               print CLIENTCONF "proto $vpnsettings{'DPROTOCOL'}\r\n";
-       }       
+    print CLIENTCONF "proto $vpnsettings{'DPROTOCOL'}\r\n";
     print CLIENTCONF "$vpnsettings{'DDEVICE'}-mtu $vpnsettings{'DMTU'}\r\n";
     if ( $vpnsettings{'ENABLED'} eq 'on'){
        print CLIENTCONF "remote $vpnsettings{'VPN_IP'} $vpnsettings{'DDEST_PORT'}\r\n";
-               if ( $vpnsettings{'ENABLED_BLUE'} eq 'on' && (&Ovpnfunc::haveBlueNet())){       
-                       print CLIENTCONF "#Coment the above line and uncoment the next line, if you want to connect on the Blue interface\r\n"; 
-                       print CLIENTCONF ";remote $netsettings{'BLUE_ADDRESS'} $vpnsettings{'DDEST_PORT'}\r\n";
-               }
-               if ( $vpnsettings{'ENABLED_ORANGE'} eq 'on' && (&Ovpnfunc::haveOrangeNet())){
-                       print CLIENTCONF "#Coment the above line and uncoment the next line, if you want to connect on the Orange interface\r\n";               
-                       print CLIENTCONF ";remote $netsettings{'ORANGE_ADDRESS'} $vpnsettings{'DDEST_PORT'}\r\n";
-               }
-    } elsif ( $vpnsettings{'ENABLED_BLUE'} eq 'on' && (&Ovpnfunc::haveBlueNet())){
-               print CLIENTCONF "remote $netsettings{'BLUE_ADDRESS'} $vpnsettings{'DDEST_PORT'}\r\n";
-               if ( $vpnsettings{'ENABLED_ORANGE'} eq 'on' && (&Ovpnfunc::haveOrangeNet())){
-                       print CLIENTCONF "#Coment the above line and uncoment the next line, if you want to connect on the Orange interface\r\n";               
-                       print CLIENTCONF ";remote $netsettings{'ORANGE_ADDRESS'} $vpnsettings{'DDEST_PORT'}\r\n";
-               }
-    } elsif ( $vpnsettings{'ENABLED_ORANGE'} eq 'on' && (&Ovpnfunc::haveOrangeNet())){
-               print CLIENTCONF "remote $netsettings{'ORANGE_ADDRESS'} $vpnsettings{'DDEST_PORT'}\r\n";
+       if ( $vpnsettings{'ENABLED_BLUE'} eq 'on' && (&haveBlueNet())){ 
+           print CLIENTCONF "#Coment the above line and uncoment the next line, if you want to connect on the Blue interface\r\n";     
+           print CLIENTCONF ";remote $netsettings{'BLUE_ADDRESS'} $vpnsettings{'DDEST_PORT'}\r\n";
+       }
+       if ( $vpnsettings{'ENABLED_ORANGE'} eq 'on' && (&haveOrangeNet())){
+           print CLIENTCONF "#Coment the above line and uncoment the next line, if you want to connect on the Orange interface\r\n";           
+           print CLIENTCONF ";remote $netsettings{'ORANGE_ADDRESS'} $vpnsettings{'DDEST_PORT'}\r\n";
+       }
+    } elsif ( $vpnsettings{'ENABLED_BLUE'} eq 'on' && (&haveBlueNet())){
+       print CLIENTCONF "remote $netsettings{'BLUE_ADDRESS'} $vpnsettings{'DDEST_PORT'}\r\n";
+       if ( $vpnsettings{'ENABLED_ORANGE'} eq 'on' && (&haveOrangeNet())){
+           print CLIENTCONF "#Coment the above line and uncoment the next line, if you want to connect on the Orange interface\r\n";           
+           print CLIENTCONF ";remote $netsettings{'ORANGE_ADDRESS'} $vpnsettings{'DDEST_PORT'}\r\n";
+       }
+    } elsif ( $vpnsettings{'ENABLED_ORANGE'} eq 'on' && (&haveOrangeNet())){
+       print CLIENTCONF "remote $netsettings{'ORANGE_ADDRESS'} $vpnsettings{'DDEST_PORT'}\r\n";
     }
                        
     if ($confighash{$cgiparams{'KEY'}}[4] eq 'cert' && -f "${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12") { 
-               print CLIENTCONF "pkcs12 $confighash{$cgiparams{'KEY'}}[1].p12\r\n";
-               $zip->addFile( "${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12", "$confighash{$cgiparams{'KEY'}}[1].p12") or die "Can't add file $confighash{$cgiparams{'KEY'}}[1].p12\n";
+       print CLIENTCONF "pkcs12 $confighash{$cgiparams{'KEY'}}[1].p12\r\n";
+       $zip->addFile( "${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12", "$confighash{$cgiparams{'KEY'}}[1].p12") or die "Can't add file $confighash{$cgiparams{'KEY'}}[1].p12\n";
     } else {
-               print CLIENTCONF "ca cacert.pem\r\n";
-               print CLIENTCONF "cert $confighash{$cgiparams{'KEY'}}[1]cert.pem\r\n";
-               print CLIENTCONF "key $confighash{$cgiparams{'KEY'}}[1].key\r\n";
-               $zip->addFile( "${General::swroot}/ovpn/ca/cacert.pem", "cacert.pem")  or die "Can't add file cacert.pem\n";
-               $zip->addFile( "${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem", "$confighash{$cgiparams{'KEY'}}[1]cert.pem") or die "Can't add file $confighash{$cgiparams{'KEY'}}[1]cert.pem\n";    
+       print CLIENTCONF "ca cacert.pem\r\n";
+       print CLIENTCONF "cert $confighash{$cgiparams{'KEY'}}[1]cert.pem\r\n";
+       print CLIENTCONF "key $confighash{$cgiparams{'KEY'}}[1].key\r\n";
+       $zip->addFile( "${General::swroot}/ovpn/ca/cacert.pem", "cacert.pem")  or die "Can't add file cacert.pem\n";
+       $zip->addFile( "${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem", "$confighash{$cgiparams{'KEY'}}[1]cert.pem") or die "Can't add file $confighash{$cgiparams{'KEY'}}[1]cert.pem\n";    
     }
     print CLIENTCONF "cipher $vpnsettings{DCIPHER}\r\n";
     if ($vpnsettings{DCOMPLZO} eq 'on') {
@@ -1043,24 +1384,22 @@ END
 } elsif ($cgiparams{'ACTION'} eq $Lang::tr{'remove'}) {
     &General::readhash("${General::swroot}/ovpn/settings", \%vpnsettings);
     &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
-       if ($confighash{$cgiparams{'KEY'}}) {
-               if ($confighash{$cgiparams{'KEY'}}[19] eq 'yes') {                      
-                       &Ovpnfunc::killconnection($cgiparams{'KEY'});
-                       &Ovpnfunc::removenet2netconf($cgiparams{'KEY'});
-                       delete $confighash{$cgiparams{'KEY'}};
-                       &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);           
-               } else {
-                       my $temp = `/usr/bin/openssl ca -revoke ${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem -config ${General::swroot}/ovpn/openssl/ovpn.cnf`;
-                       unlink ("${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem");
-                       unlink ("${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12");
-                       &Ovpnfunc::killconnection($cgiparams{'KEY'});
-                       &Ovpnfunc::removenet2netconf($cgiparams{'KEY'});
-                       delete $confighash{$cgiparams{'KEY'}};
-                       my $temp2 = `/usr/bin/openssl ca -gencrl -out ${General::swroot}/ovpn/crls/cacrl.pem -config ${General::swroot}/ovpn/openssl/ovpn.cnf`;
-                       &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
-               }       
+
+    if ($confighash{$cgiparams{'KEY'}}) {
+#      if ($vpnsettings{'ENABLED'} eq 'on' ||
+#          $vpnsettings{'ENABLED_BLUE'} eq 'on') {
+#          system('/usr/local/bin/ipsecctrl', 'D', $cgiparams{'KEY'});
+#      }
+#
+       my $temp = `/usr/bin/openssl ca -revoke ${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem -config ${General::swroot}/ovpn/openssl/ovpn.cnf`;
+       unlink ("${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem");
+       unlink ("${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12");
+       delete $confighash{$cgiparams{'KEY'}};
+       my $temp2 = `/usr/bin/openssl ca -gencrl -out ${General::swroot}/ovpn/crls/cacrl.pem -config ${General::swroot}/ovpn/openssl/ovpn.cnf`;
+       &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
+       #&writeserverconf();
     } else {
-               $errormessage = $Lang::tr{'invalid key'};
+       $errormessage = $Lang::tr{'invalid key'};
     }
 ###
 ### Download PKCS12 file
@@ -1080,36 +1419,38 @@ END
     &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
 
     if ( -f "${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem") {
-               &Header::showhttpheaders();
-               &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
-               &Header::openbigbox('100%', 'LEFT', '', '');
-               &Header::openbox('100%', 'LEFT', "$Lang::tr{'certificate'}:");
-               my $output = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem`;
-               $output = &Header::cleanhtml($output,"y");
-               print "<pre>$output</pre>\n";
-               &Header::closebox();
-               print "<div align='center'><a href='/cgi-bin/ovpnmain.cgi'>$Lang::tr{'back'}</a></div>";
-               &Header::closebigbox();
-               &Header::closepage();
-               exit(0);
+       &Header::showhttpheaders();
+       &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
+       &Header::openbigbox('100%', 'LEFT', '', '');
+       &Header::openbox('100%', 'LEFT', "$Lang::tr{'certificate'}:");
+       my $output = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem`;
+       $output = &Header::cleanhtml($output,"y");
+       print "<pre>$output</pre>\n";
+       &Header::closebox();
+       print "<div align='center'><a href='/cgi-bin/ovpnmain.cgi'>$Lang::tr{'back'}</a></div>";
+       &Header::closebigbox();
+       &Header::closepage();
+       exit(0);
     }
 ###
 ### Display Certificate Revoke List
 ###
 } elsif ($cgiparams{'ACTION'} eq $Lang::tr{'show crl'}) {
+#    &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
+
     if ( -f "${General::swroot}/ovpn/crls/cacrl.pem") {
-               &Header::showhttpheaders();
-               &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
-               &Header::openbigbox('100%', 'LEFT', '', '');
-               &Header::openbox('100%', 'LEFT', "$Lang::tr{'crl'}:");
-               my $output = `/usr/bin/openssl crl -text -noout -in ${General::swroot}/ovpn/crls/cacrl.pem`;
-               $output = &Header::cleanhtml($output,"y");
-               print "<pre>$output</pre>\n";
-               &Header::closebox();
-               print "<div align='center'><a href='/cgi-bin/ovpnmain.cgi'>$Lang::tr{'back'}</a></div>";
-               &Header::closebigbox();
-               &Header::closepage();
-               exit(0);
+       &Header::showhttpheaders();
+       &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
+       &Header::openbigbox('100%', 'LEFT', '', '');
+       &Header::openbox('100%', 'LEFT', "$Lang::tr{'crl'}:");
+       my $output = `/usr/bin/openssl crl -text -noout -in ${General::swroot}/ovpn/crls/cacrl.pem`;
+       $output = &Header::cleanhtml($output,"y");
+       print "<pre>$output</pre>\n";
+       &Header::closebox();
+       print "<div align='center'><a href='/cgi-bin/ovpnmain.cgi'>$Lang::tr{'back'}</a></div>";
+       &Header::closebigbox();
+       &Header::closepage();
+       exit(0);
     }
 
 ###
@@ -1122,23 +1463,23 @@ END
     %confighash = ();
     &General::readhash("${General::swroot}/ovpn/settings", \%cgiparams);
 
+#    if ($cgiparams{'CLIENT2CLIENT'} eq '') {
+#      $cgiparams{'CLIENT2CLIENT'} =  'on';     
+#    }
 ADV_ERROR:
     if ($cgiparams{'MAX_CLIENTS'} eq '') {
-               $cgiparams{'MAX_CLIENTS'} =  '100';     
+       $cgiparams{'MAX_CLIENTS'} =  '100';     
     }
     
     if ($cgiparams{'KEEPALIVE_1'} eq '') {
-               $cgiparams{'KEEPALIVE_1'} =  '10';     
+       $cgiparams{'KEEPALIVE_1'} =  '10';     
     }
     if ($cgiparams{'KEEPALIVE_2'} eq '') {
-               $cgiparams{'KEEPALIVE_2'} =  '60';     
+       $cgiparams{'KEEPALIVE_2'} =  '60';     
     }
     if ($cgiparams{'LOG_VERB'} eq '') {
-               $cgiparams{'LOG_VERB'} =  '3';     
+       $cgiparams{'LOG_VERB'} =  '3';     
     }
-       if ($cgiparams{'EXTENDED_NICE'} eq '') {
-               $cgiparams{'EXTENDED_NICE'} =  '0';     
-    }  
     $checked{'CLIENT2CLIENT'}{'off'} = '';
     $checked{'CLIENT2CLIENT'}{'on'} = '';
     $checked{'CLIENT2CLIENT'}{$cgiparams{'CLIENT2CLIENT'}} = 'CHECKED';
@@ -1158,44 +1499,15 @@ ADV_ERROR:
     $selected{'LOG_VERB'}{'11'} = '';
     $selected{'LOG_VERB'}{'0'} = '';
     $selected{'LOG_VERB'}{$cgiparams{'LOG_VERB'}} = 'SELECTED';
-
-    #################################################################################
-    #  Added by Philipp Jenni                                                       #
-    #                                                                               #
-    #  Contact: philipp.jenni-at-gmx.ch                                             #
-    #  Date:    2006-04-22                                                          #
-    #  Description:  Definitions to set the FASTIO Checkbox                         #
-    #                Definitions to set the MTUDISC Checkbox                        #
-    #                Definitions to set the NICE Selectionbox                       #
-    #################################################################################
-    $checked{'EXTENDED_FASTIO'}{'off'} = '';
-    $checked{'EXTENDED_FASTIO'}{'on'} = '';
-    $checked{'EXTENDED_FASTIO'}{$cgiparams{'EXTENDED_FASTIO'}} = 'CHECKED';
-    $checked{'EXTENDED_MTUDISC'}{'off'} = '';
-    $checked{'EXTENDED_MTUDISC'}{'on'} = '';
-    $checked{'EXTENDED_MTUDISC'}{$cgiparams{'EXTENDED_MTUDISC'}} = 'CHECKED';
-    $selected{'EXTENDED_NICE'}{'-13'} = '';
-    $selected{'EXTENDED_NICE'}{'-10'} = '';
-    $selected{'EXTENDED_NICE'}{'-7'} = '';
-    $selected{'EXTENDED_NICE'}{'-3'} = '';
-    $selected{'EXTENDED_NICE'}{'0'} = '';
-    $selected{'EXTENDED_NICE'}{'3'} = '';
-    $selected{'EXTENDED_NICE'}{'7'} = '';
-    $selected{'EXTENDED_NICE'}{'10'} = '';
-    $selected{'EXTENDED_NICE'}{'13'} = '';
-    $selected{'EXTENDED_NICE'}{$cgiparams{'EXTENDED_NICE'}} = 'SELECTED';
-    #################################################################################
-    #  End of inserted Data                                                         #
-    #################################################################################
     
     &Header::showhttpheaders();
     &Header::openpage($Lang::tr{'status ovpn'}, 1, '');
     &Header::openbigbox('100%', 'LEFT', '', $errormessage);    
     if ($errormessage) {
-               &Header::openbox('100%', 'LEFT', $Lang::tr{'error messages'});
-               print "<class name='base'>$errormessage\n";
-               print "&nbsp;</class>\n";
-               &Header::closebox();
+       &Header::openbox('100%', 'LEFT', $Lang::tr{'error messages'});
+       print "<class name='base'>$errormessage\n";
+       print "&nbsp;</class>\n";
+       &Header::closebox();
     }
     &Header::openbox('100%', 'LEFT', $Lang::tr{'advanced server'});
     print <<END
@@ -1221,29 +1533,6 @@ ADV_ERROR:
     </tr>
 </table>
 <hr size='1'>
-<!-- Additional push route START-->
-    <table width='100%'>
-    <tr>
-       <td colspan='4'><b>$Lang::tr{'add-route'}</b></td>
-    </tr>
-    <tr>
-       <td width='25%'></td> <td width='20%'> </td><td width='25%'> </td><td width='30%'></td>
-    </tr>      
-    <tr>               
-       <td class='base'>$Lang::tr{'subnet'} 1</td>
-        <td><input type='TEXT' name='AD_ROUTE1' value='$cgiparams{'AD_ROUTE1'}' size='30' /></td>
-    </tr>
-    <tr>       
-       <td class='base'>$Lang::tr{'subnet'} 2</td>
-       <td><input type='TEXT' name='AD_ROUTE2' value='$cgiparams{'AD_ROUTE2'}' size='30' /></td>
-    </tr>      
-    <tr>       
-       <td class='base'>$Lang::tr{'subnet'} 3</td>
-       <td><input type='TEXT' name='AD_ROUTE3' value='$cgiparams{'AD_ROUTE3'}' size='30' /></td>
-    </tr>
-</table>
-<hr size='1'>
-<!-- Additional push route END-->
     <table width='100%'>
     <tr>
        <td class'base'><b>$Lang::tr{'misc-options'}</b></td>
@@ -1267,71 +1556,6 @@ ADV_ERROR:
        <td><input type='TEXT' name='KEEPALIVE_1' value='$cgiparams{'KEEPALIVE_1'}' size='30' /></td>
        <td><input type='TEXT' name='KEEPALIVE_2' value='$cgiparams{'KEEPALIVE_2'}' size='30' /></td>
     </tr>      
-
-<!--                       
-    #################################################################################
-    #  Added by Philipp Jenni                                                       #
-    #                                                                               #
-    #  Contact: philipp.jenni-at-gmx.ch                                             #
-    #  Date:    2006-04-22                                                          #
-    #  Description:  Add the FAST-IO Checkbox to the HTML Form                      #
-    #                Add the NICE Selectionbox to the HTML Form                     #
-    #                Add the MTU-DISC Checkbox to the HTML Form                     #
-    #                Add the MSSFIX Textbox to the HTML Form                        #
-    #                Add the FRAMGMENT Textbox to the HTML Form                     #
-    #  Updates:                                                                     #
-    #  2006-04-27    Include Multilanguage-Support                                  #
-    #################################################################################
--->
-    </tr>
-    <tr>
-      <td class='base'>$Lang::tr{'ovpn_processprio'}</td>        
-      <td>
-        <select name='EXTENDED_NICE'>
-                                 <option value='-13' $selected{'EXTENDED_NICE'}{'-13'}>$Lang::tr{'ovpn_processprioEH'}</option>
-                                 <option value='-10' $selected{'EXTENDED_NICE'}{'-10'}>$Lang::tr{'ovpn_processprioVH'}</option>
-                                 <option value='-7'  $selected{'EXTENDED_NICE'}{'-7'}>$Lang::tr{'ovpn_processprioH'}</option>
-                                 <option value='-3'  $selected{'EXTENDED_NICE'}{'-3'}>$Lang::tr{'ovpn_processprioEN'}</option>
-                                 <option value='0'  $selected{'EXTENDED_NICE'}{'0'}>$Lang::tr{'ovpn_processprioN'}</option>
-                                 <option value='3'  $selected{'EXTENDED_NICE'}{'3'}>$Lang::tr{'ovpn_processprioLN'}</option>
-                                 <option value='7'  $selected{'EXTENDED_NICE'}{'7'}>$Lang::tr{'ovpn_processprioD'}</option>
-                                 <option value='10' $selected{'EXTENDED_NICE'}{'10'}>$Lang::tr{'ovpn_processprioVD'}</option>
-                                 <option value='13' $selected{'EXTENDED_NICE'}{'13'}>$Lang::tr{'ovpn_processprioED'}</option>
-                               </select>
-                 </td>
-               </tr>
-    <tr>
-      <td class='base'>$Lang::tr{'ovpn_fastio'}</td>        
-      <td>
-        <input type='checkbox' name='EXTENDED_FASTIO' $checked{'EXTENDED_FASTIO'}{'on'} />
-                 </td>
-               </tr>
-    <tr>
-      <td class='base'>$Lang::tr{'ovpn_mtudisc'}</td>        
-      <td>
-        <input type='checkbox' name='EXTENDED_MTUDISC' $checked{'EXTENDED_MTUDISC'}{'on'} />
-                 </td>
-               </tr>  
-    <tr>
-      <td class='base'>$Lang::tr{'ovpn_mssfix'}</td>        
-      <td>
-        <input type='TEXT' name='EXTENDED_MSSFIX' value='$cgiparams{'EXTENDED_MSSFIX'}' size='30'/>
-                 </td>
-               </tr>  
-    <tr>
-      <td class='base'>$Lang::tr{'ovpn_fragment'}</td>        
-      <td>
-        <input type='TEXT' name='EXTENDED_FRAGMENT' value='$cgiparams{'EXTENDED_FRAGMENT'}' size='30'/>
-                 </td>
-               </tr>  
-
-<!--
-    #################################################################################
-    #  End of Inserted Data                                                         #
-    #################################################################################
--->
-                       
-    
 </table>
 <hr size='1'>
     <table width='100%'>
@@ -1354,23 +1578,7 @@ ADV_ERROR:
                                    <option value='9'  $selected{'LOG_VERB'}{'9'}>9</option>
                                    <option value='10' $selected{'LOG_VERB'}{'10'}>10</option>
                                    <option value='11' $selected{'LOG_VERB'}{'11'}>11</option>
-                                   <option value='0'  $selected{'LOG_VERB'}{'0'}>0</option></select></td>
-<!--                       
-    #################################################################################
-    #  Added by Philipp Jenni                                                       #
-    #                                                                               #
-    #  Contact: philipp.jenni-at-gmx.ch                                             #
-    #  Date:    2006-04-22                                                          #
-    #  Description:  Required </TR> Command from this Table                         #
-    #################################################################################
--->
-    </tr>                                  
-<!--
-    #################################################################################
-    #  End of Inserted Data                                                         #
-    #################################################################################
--->
-           
+                                   <option value='0'  $selected{'LOG_VERB'}{'0'}>0</option></select></td>      
 </table>
 <hr size='1'>
 <table width='100%'>
@@ -1386,6 +1594,7 @@ END
 ;                                 
 
     &Header::closebox();
+#    print "<div align='center'><a href='/cgi-bin/ovpnmain.cgi'>$Lang::tr{'back'}</a></div>";
     &Header::closebigbox();
     &Header::closepage();
     exit(0);
@@ -1415,7 +1624,7 @@ END
     </tr>
 END
 ;
-       my $filename = "/var/log/ovpnserver.log";
+       my $filename = "${General::swroot}/ovpn/server.log";
        open(FILE, $filename) or die 'Unable to open config file.';
        my @current = <FILE>;
        close(FILE);
@@ -1434,6 +1643,7 @@ END
                @match = split( /^Updated,(.+)/, $line); 
                $status = $match[1];
            }
+#gian      
            if ( $line =~ /^(.+),(\d+\.\d+\.\d+\.\d+\:\d+),(\d+),(\d+),(.+)/) {
                @match = split(m/^(.+),(\d+\.\d+\.\d+\.\d+\:\d+),(\d+),(\d+),(.+)/, $line);
                if ($match[1] ne "Common Name") {
@@ -1441,8 +1651,8 @@ END
                    $userlookup{$match[2]} = $uid;
                    $users[$uid]{'CommonName'} = $match[1];
                    $users[$uid]{'RealAddress'} = $match[2];
-                   $users[$uid]{'BytesReceived'} = &Ovpnfunc::sizeformat($match[3]);
-                   $users[$uid]{'BytesSent'} = &Ovpnfunc::sizeformat($match[4]);
+                   $users[$uid]{'BytesReceived'} = &sizeformat($match[3]);
+                   $users[$uid]{'BytesSent'} = &sizeformat($match[4]);
                    $users[$uid]{'Since'} = $match[5];
                    $users[$uid]{'Proto'} = $proto;
                    $uid++;
@@ -1463,9 +1673,9 @@ END
        if ($user2 >= 1){
            for (my $idx = 1; $idx <= $user2; $idx++){
                                                if ($idx % 2) {
-                                       print "<tr bgcolor='$color{'color20'}'>\n";
+                                       print "<tr bgcolor='${Header::table1colour}'>\n";
                                } else {
-                                       print "<tr bgcolor='$color{'color22'}'>\n";
+                                       print "<tr bgcolor='${Header::table2colour}'>\n";
                                                }
                                                print "<td align='left'>$users[$idx-1]{'CommonName'}</td>";
                                                print "<td align='left'>$users[$idx-1]{'RealAddress'}</td>";
@@ -1500,11 +1710,42 @@ END
 ###
 } elsif ($cgiparams{'ACTION'} eq $Lang::tr{'download certificate'}) {
     &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
+
     if ( -f "${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem") {
-               print "Content-Disposition: filename=" . $confighash{$cgiparams{'KEY'}}[1] . "cert.pem\r\n";
-               print "Content-Type: application/octet-stream\r\n\r\n";
-               print `/bin/cat ${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem`;
-               exit (0);
+       print "Content-Disposition: filename=" . $confighash{$cgiparams{'KEY'}}[1] . "cert.pem\r\n";
+       print "Content-Type: application/octet-stream\r\n\r\n";
+       print `/bin/cat ${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem`;
+       exit (0);
+    }
+
+###
+### Enable/Disable connection
+###
+} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'toggle enable disable'}) {
+    
+    &General::readhash("${General::swroot}/ovpn/settings", \%vpnsettings);
+    &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
+
+    if ($confighash{$cgiparams{'KEY'}}) {
+       if ($confighash{$cgiparams{'KEY'}}[0] eq 'off') {
+           $confighash{$cgiparams{'KEY'}}[0] = 'on';
+           &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
+           #&writeserverconf();
+#          if ($vpnsettings{'ENABLED'} eq 'on' ||
+#              $vpnsettings{'ENABLED_BLUE'} eq 'on') {
+#              system('/usr/local/bin/ipsecctrl', 'S', $cgiparams{'KEY'});
+#          }
+       } else {
+           $confighash{$cgiparams{'KEY'}}[0] = 'off';
+#          if ($vpnsettings{'ENABLED'} eq 'on' ||
+#              $vpnsettings{'ENABLED_BLUE'} eq 'on') {
+#              system('/usr/local/bin/ipsecctrl', 'D', $cgiparams{'KEY'});
+#          }
+           &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
+           #&writeserverconf();
+       }
+    } else {
+       $errormessage = $Lang::tr{'invalid key'};
     }
 
 ###
@@ -1515,28 +1756,53 @@ END
     &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
 
     if ($confighash{$cgiparams{'KEY'}}) {
+#      if ($vpnsettings{'ENABLED'} eq 'on' ||
+#          $vpnsettings{'ENABLED_BLUE'} eq 'on') {
+#          system('/usr/local/bin/ipsecctrl', 'S', $cgiparams{'KEY'});
+#      }
     } else {
-               $errormessage = $Lang::tr{'invalid key'};
+       $errormessage = $Lang::tr{'invalid key'};
     }
 
 ###
-### Choose between adding a host-net or net-net connection
+### Remove connection
 ###
-} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'add'} && $cgiparams{'TYPE'} eq '') {
-       &General::readhash("${General::swroot}/ovpn/settings", \%vpnsettings);
-       &Header::showhttpheaders();
+} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'remove'}) {
+    &General::readhash("${General::swroot}/ovpn/settings", \%vpnsettings);
+    &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
+
+    if ($confighash{$cgiparams{'KEY'}}) {
+#      if ($vpnsettings{'ENABLED'} eq 'on' ||
+#          $vpnsettings{'ENABLED_BLUE'} eq 'on') {
+#          system('/usr/local/bin/ipsecctrl', 'D', $cgiparams{'KEY'});
+#      }
+       unlink ("${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem");
+       unlink ("${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12");
+       delete $confighash{$cgiparams{'KEY'}};
+       &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
+       #&writeserverconf();
+    } else {
+       $errormessage = $Lang::tr{'invalid key'};
+    }
+#test33
+
+###
+### Choose between adding a host-net or net-net connection
+###
+} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'add'} && $cgiparams{'TYPE'} eq '') {
+       &General::readhash("${General::swroot}/ovpn/settings", \%vpnsettings);
+       &Header::showhttpheaders();
        &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
        &Header::openbigbox('100%', 'LEFT', '', '');
-       &Header::openbox('100%', 'LEFT', "Net to Net $Lang::tr{'connection type'}");
+       &Header::openbox('100%', 'LEFT', $Lang::tr{'connection type'});
        print <<END
            <b>$Lang::tr{'connection type'}:</b><br />
-           <table><form method='post' enctype='multipart/form-data'>           
-           <tr><td><input type='radio' name='TYPE' value='net' checked /></td>
+           <table><form method='post'>
+           <tr><td><input type='radio' name='TYPE' value='host' checked /></td>
+               <td class='base'>$Lang::tr{'host to net vpn'}</td></tr>
+           <tr><td><input type='radio' name='TYPE' value='net' disabled='disabled' /></td>
                <td class='base'>$Lang::tr{'net to net vpn'}</td></tr>
-               <tr><td><input type='radio' name='TYPE' value='zerinan2n' /></td>               
-                       <td class='base'>upload a ZERINA Net-to-Net package</td>
-               <td class='base'><input type='file' name='FH' size='30'></td></tr>              
-           <tr><td align='center'><input type='submit' name='ACTION' value='$Lang::tr{'add'}' /></td></tr>
+           <tr><td align='center' colspan='2'><input type='submit' name='ACTION' value='$Lang::tr{'add'}' /></td></tr>
            </form></table>
 END
        ;
@@ -1544,230 +1810,6 @@ END
        &Header::closebigbox();
        &Header::closepage();
        exit (0);
-       
-###
-### uploading a ZERINA n2n connection package
-###
-}  elsif (($cgiparams{'ACTION'} eq $Lang::tr{'add'}) && ($cgiparams{'TYPE'} eq 'zerinan2n')){
-       my @zerinaconf;
-       my @confdetails;
-       my $uplconffilename ='';
-       my $uplp12name = '';
-       my $complzoactive ='';
-       my @rem_subnet;
-       my @rem_subnet2;
-       my @tmposupnet3;        
-       my $key;
-       &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);    
-# Move uploaded ZERINA n2n package to a temporary file
-       if (ref ($cgiparams{'FH'}) ne 'Fh') {
-               $errormessage = $Lang::tr{'there was no file upload'};
-               goto ZERINA_ERROR;
-    }
-    # Move uploaded ca to a temporary file
-    (my $fh, my $filename) = tempfile( );
-    if (copy ($cgiparams{'FH'}, $fh) != 1) {
-               $errormessage = $!;
-               goto ZERINA_ERROR;
-    }
-
-       my $zip = Archive::Zip->new();
-       my $zipName = $filename;
-       my $status = $zip->read( $zipName );
-       if ($status != AZ_OK) {   
-               $errormessage = "Read of $zipName failed\n";
-               goto ZERINA_ERROR;
-       }
-       #my $tempdir = tempdir( CLEANUP => 1 );
-       my $tempdir = tempdir();
-       my @files = $zip->memberNames();
-       for(@files) {
-       $zip->extractMemberWithoutPaths($_,"$tempdir/$_");
-       }
-       my $countfiles = @files;
-       # see if we have 2 files
-       if ( $countfiles == 2){
-               foreach (@files){
-                       if ( $_ =~ /.conf$/){
-                               $uplconffilename = $_;
-                       }
-                       if ( $_ =~ /.p12$/){
-                               $uplp12name = $_;
-                       }                       
-               }
-               if (($uplconffilename eq '') || ($uplp12name eq '')){
-                       $errormessage = "Either no *.conf or no *.p12 file found\n";
-                       goto ZERINA_ERROR;
-               }
-               open(FILE, "$tempdir/$uplconffilename") or die 'Unable to open*.conf file';
-               @zerinaconf = <FILE>;
-               close (FILE);
-               chomp(@zerinaconf);
-       } else {
-       # only 2 files are allowed
-               $errormessage = "Filecount does not match only 2 files are allowed\n";
-               goto ZERINA_ERROR;
-       }
-       #prepare imported data not elegant, will be changed later
-       my $ufuk = (@zerinaconf);
-       push(@confdetails, substr($zerinaconf[0],4));#dev tun 0
-       push(@confdetails, substr($zerinaconf[1],8));#mtu value 1
-       push(@confdetails, substr($zerinaconf[2],6));#protocol 2
-       if ($confdetails[2] eq 'tcp-client' || $confdetails[2] eq 'tcp-server') {
-               $confdetails[2] = 'tcp';
-       }       
-       push(@confdetails, substr($zerinaconf[3],5));#port 3
-       push(@confdetails, substr($zerinaconf[4],9));#ovpn subnet 4
-       push(@confdetails, substr($zerinaconf[5],7));#remote ip 5
-       push(@confdetails, $zerinaconf[6]);     #tls-server/tls-client 6
-       push(@confdetails, substr($zerinaconf[7],7));#pkcs12    name 7  
-       push(@confdetails, substr($zerinaconf[$ufuk-1],1));#remote subnet        8
-       push(@confdetails, substr($zerinaconf[9],10));#keepalive 9
-       push(@confdetails, substr($zerinaconf[10],7));#cipher 10        
-       if ($ufuk == 14) {
-               push(@confdetails, $zerinaconf[$ufuk-3]);#complzo        11     
-               $complzoactive = "on";
-       } else {
-               $complzoactive = "off";
-       }       
-       push(@confdetails, substr($zerinaconf[$ufuk-2],5));#verb 12
-       push(@confdetails, substr($zerinaconf[8],6));#localsubnet 13
-       #push(@confdetails, substr($uplconffilename,0,-5));#connection Name 14
-       push(@confdetails, substr($uplp12name,0,-4));#connection Name 14
-       #chomp(@confdetails);   
-       foreach my $dkey (keys %confighash) {#Check if there is no other entry with this name
-               if ($confighash{$dkey}[1] eq $confdetails[$ufuk]) {
-                       $errormessage = $Lang::tr{'a connection with this name already exists'};
-                       goto ZERINA_ERROR;                      
-               }
-       }
-       if ($confdetails[$ufuk] eq 'server') {
-                       $errormessage = $Lang::tr{'server reserved'};
-                       goto ZERINA_ERROR;                      
-       }
-       @rem_subnet2 = split(/ /,$confdetails[4]);
-       @tmposupnet3 = split /\./,$rem_subnet2[0];
-       $errormessage = &Ovpnfunc::ovelapplausi("$tmposupnet3[0].$tmposupnet3[1].$tmposupnet3[2].0","255.255.255.0");
-       if ($errormessage ne ''){
-               goto ZERINA_ERROR;
-       }
-       
-       $key = &General::findhasharraykey (\%confighash);
-       foreach my $i (0 .. 42) { $confighash{$key}[$i] = "";}
-       $confighash{$key}[0] = 'off';
-       $confighash{$key}[1] = $confdetails[$ufuk];
-       #$confighash{$key}[2] = $confdetails[7];        
-       $confighash{$key}[2] = $confdetails[$ufuk];
-       $confighash{$key}[3] = 'net';
-       $confighash{$key}[4] = 'cert';  
-       $confighash{$key}[6] = 'client';                
-       $confighash{$key}[8] = $confdetails[8];         
-       @rem_subnet = split(/ /,$confdetails[$ufuk-1]);
-       $confighash{$key}[11] = "$rem_subnet[0]/$rem_subnet[1]";
-       $confighash{$key}[10] = $confdetails[5];
-       $confighash{$key}[25] = 'imported';
-       $confighash{$key}[12] = 'red';
-       my @tmposupnet = split(/ /,$confdetails[4]);
-       my @tmposupnet2 = split /\./,$tmposupnet[0];
-       $confighash{$key}[13] = "$tmposupnet2[0].$tmposupnet2[1].$tmposupnet2[2].0/255.255.255.0";
-       $confighash{$key}[14] = $confdetails[2];
-       $confighash{$key}[15] = $confdetails[3];
-       $confighash{$key}[16] = $complzoactive;
-       $confighash{$key}[17] = $confdetails[1];
-       $confighash{$key}[18] = '';# nn2nvpn_ip
-       $confighash{$key}[19] = 'yes';# nn2nvpn_ip
-       $confighash{$key}[20] = $confdetails[10];
-       $cgiparams{'KEY'} = $key;
-       &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
-       mkdir("${General::swroot}/ovpn/n2nconf/$confdetails[$ufuk]", 0770);
-       move("$tempdir/$uplconffilename", "${General::swroot}/ovpn/n2nconf/$confdetails[$ufuk]/$uplconffilename");
-       if ($? ne 0) {
-           $errormessage = "*.conf move failed: $!";
-           unlink ($filename);
-           goto ZERINA_ERROR;
-       }
-       move("$tempdir/$uplp12name", "${General::swroot}/ovpn/n2nconf/$confdetails[$ufuk]/$uplp12name");
-       if ($? ne 0) {
-           $errormessage = "$Lang::tr{'certificate file move failed'}: $!";
-           unlink ($filename);
-           goto ZERINA_ERROR;
-       }       
-       ZERINA_ERROR:
-               
-       &Header::showhttpheaders();
-       &Header::openpage('Validate imported configuration', 1, '');
-       &Header::openbigbox('100%', 'LEFT', '', $errormessage);
-       if ($errormessage) {
-           &Header::openbox('100%', 'LEFT', $Lang::tr{'error messages'});
-           print "<class name='base'>$errormessage";
-           print "&nbsp;</class>";
-           &Header::closebox();                
-       } else {                
-               &Header::openbox('100%', 'LEFT', 'Validate imported configuration');
-       }
-       if ($errormessage eq ''){
-               print <<END             
-               <!-- net2net config gui -->
-               <tr><td width='25%'>&nbsp;</td>
-                       <td width='25%'>&nbsp;</td></tr>
-               <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'name'}:</td>
-                       <td><b>$confdetails[$ufuk]</b></td></tr>        
-               <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'Act as'}</td>
-                       <td><b>$confdetails[6]</b></td>                                                         
-                       <td class='boldbase'>$Lang::tr{'remote host/ip'}:</td>
-                       <td><b>$confdetails[5]</b></td></tr>
-               <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'local subnet'}</td>
-                       <td><b>$confighash{$key}[8]</b></td>
-                       <td class='boldbase' nowrap='nowrap'>$Lang::tr{'remote subnet'}</td>
-                       <td><b>$confighash{$key}[11]</b></td></tr>
-               <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'ovpn subnet'}</td>
-                       <td><b>$confighash{$key}[$ufuk-1]</b></td></tr>
-               <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'protocol'}</td>
-                       <td><b>$confdetails[2]</b></td>
-                       <td class='boldbase'>$Lang::tr{'destination port'}:</td>
-                       <td><b>$confdetails[3]</b></td></tr>
-               <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'comp-lzo'}</td>
-                       <td><b>$complzoactive</b></td>
-                       <td class='boldbase'>$Lang::tr{'cipher'}</td>
-                       <td><b>$confdetails[10]</b></td></tr>
-               <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'MTU'}&nbsp;<img src='/blob.gif' /></td>
-                   <td><b>$confdetails[1]</b></td></tr>        
-END
-;      
-       
-               &Header::closebox();
-       }
-       if ($errormessage) {
-               print "<div align='center'><a href='/cgi-bin/ovpnmain.cgi'>$Lang::tr{'back'}</a></div>";
-       } else {        
-               print "<div align='center'><form method='post' enctype='multipart/form-data'><input type='submit' name='ACTION' value='Approved' />";           
-               print "<input type='hidden' name='TYPE' value='zerinan2n' />";
-               print "<input type='hidden' name='KEY' value='$cgiparams{'KEY'}' />";                   
-               print "<input type='submit' name='ACTION' value='Discard' /></div></form>";
-       }       
-       &Header::closebigbox();
-       &Header::closepage();
-       exit(0);        
-
-###
-### Approve Zerina n2n
-###
-}  elsif (($cgiparams{'ACTION'} eq 'Approved') && ($cgiparams{'TYPE'} eq 'zerinan2n')){
-       &Ovpnfunc::writenet2netconf($cgiparams{'KEY'},$zerinaclient);
-###
-### Discard Zerina n2n
-###
-}  elsif (($cgiparams{'ACTION'} eq 'Discard') && ($cgiparams{'TYPE'} eq 'zerinan2n')){
-    &General::readhash("${General::swroot}/ovpn/settings", \%vpnsettings);
-    &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
-
-    if ($confighash{$cgiparams{'KEY'}}) {      
-               &Ovpnfunc::removenet2netconf();
-               delete $confighash{$cgiparams{'KEY'}};  
-               &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);   
-    } else {
-               $errormessage = $Lang::tr{'invalid key'};
-    }  
 ###
 ### Adding a new connection
 ###
@@ -1780,498 +1822,431 @@ END
     &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
 
     if ($cgiparams{'ACTION'} eq $Lang::tr{'edit'}) {
-               if (! $confighash{$cgiparams{'KEY'}}[0]) {
-                       $errormessage = $Lang::tr{'invalid key'};
-                       goto VPNCONF_END;
-               }
-               $cgiparams{'ENABLED'}   = $confighash{$cgiparams{'KEY'}}[0];
-               $cgiparams{'NAME'}      = $confighash{$cgiparams{'KEY'}}[1];
-               $cgiparams{'TYPE'}      = $confighash{$cgiparams{'KEY'}}[3];
-               $cgiparams{'AUTH'}      = $confighash{$cgiparams{'KEY'}}[4];
-               $cgiparams{'PSK'}       = $confighash{$cgiparams{'KEY'}}[5];
-               $cgiparams{'SIDE'}      = $confighash{$cgiparams{'KEY'}}[6];
-               $cgiparams{'LOCAL_SUBNET'} = $confighash{$cgiparams{'KEY'}}[8];
-               $cgiparams{'REMOTE'}    = $confighash{$cgiparams{'KEY'}}[10];
-               $cgiparams{'REMOTE_SUBNET'} = $confighash{$cgiparams{'KEY'}}[11];
-               $cgiparams{'REMARK'}    = $confighash{$cgiparams{'KEY'}}[25];
-               $cgiparams{'INTERFACE'} = $confighash{$cgiparams{'KEY'}}[12];
-               $cgiparams{'OVPN_SUBNET'} = $confighash{$cgiparams{'KEY'}}[13];#new fields      
-               $cgiparams{'PROTOCOL'}    = $confighash{$cgiparams{'KEY'}}[14];
-               $cgiparams{'DEST_PORT'}   = $confighash{$cgiparams{'KEY'}}[15];
-               $cgiparams{'COMPLZO'}     = $confighash{$cgiparams{'KEY'}}[16];
-               $cgiparams{'MTU'}         = $confighash{$cgiparams{'KEY'}}[17];
-               $cgiparams{'N2NVPN_IP'}   = $confighash{$cgiparams{'KEY'}}[18];#new fields
-               $cgiparams{'ZERINA_CLIENT'}       = $confighash{$cgiparams{'KEY'}}[19];#new fields
-               $cgiparams{'CIPHER'}      = $confighash{$cgiparams{'KEY'}}[20];#new fields
-               if ($cgiparams{'ZERINA_CLIENT'} eq ''){
-                       $cgiparams{'ZERINA_CLIENT'} = 'no';
-               }
-    } elsif ($cgiparams{'ACTION'} eq $Lang::tr{'save'}) {#ab hiere error uebernehmen
-               $cgiparams{'REMARK'} = &Header::cleanhtml($cgiparams{'REMARK'});
-               # n2n error
-               if ($cgiparams{'TYPE'} !~ /^(host|net)$/) {
-                       $errormessage = $Lang::tr{'connection type is invalid'};
-                       goto VPNCONF_ERROR;
-               }
-               if ($cgiparams{'NAME'} !~ /^[a-zA-Z0-9]+$/) {
-                       $errormessage = $Lang::tr{'name must only contain characters'};
-                       goto VPNCONF_ERROR;
-               }
-               if ($cgiparams{'NAME'} =~ /^(host|01|block|private|clear|packetdefault|server)$/) {
-                       $errormessage = $Lang::tr{'name is invalid'};
-                       goto VPNCONF_ERROR;
-               }
-               if (length($cgiparams{'NAME'}) >60) {
-                       $errormessage = $Lang::tr{'name too long'};
-                       goto VPNCONF_ERROR;
-               }
-               if (! $cgiparams{'KEY'}) {# Check if there is no other entry with this name
-                       foreach my $key (keys %confighash) {
-                               if ($confighash{$key}[1] eq $cgiparams{'NAME'}) {
-                                       $errormessage = $Lang::tr{'a connection with this name already exists'};
-                                       goto VPNCONF_ERROR;
-                               }
-                       }
-               }               
-               if (($cgiparams{'TYPE'} eq 'net') && (! $cgiparams{'REMOTE'})) {
-                       $errormessage = $Lang::tr{'invalid input for remote host/ip'};
-                       goto VPNCONF_ERROR;
-               }
-               if ($cgiparams{'REMOTE'}) {
-                       if (! &General::validip($cgiparams{'REMOTE'})) {
-                               if (! &General::validfqdn ($cgiparams{'REMOTE'}))  {
-                                       $errormessage = $Lang::tr{'invalid input for remote host/ip'};
-                                       goto VPNCONF_ERROR;
-                               } else {
-                                       if (&Ovpnfunc::valid_dns_host($cgiparams{'REMOTE'})) {
-                                               $warnmessage = "$Lang::tr{'check vpn lr'} $cgiparams{'REMOTE'}. $Lang::tr{'dns check failed'}";
-                                       }
-                               }
-                       }
-               }
-               if ($cgiparams{'TYPE'} ne 'host') {
-                       unless (&General::validipandmask($cgiparams{'LOCAL_SUBNET'})) {
-                               $errormessage = $Lang::tr{'local subnet is invalid'}; 
-                               goto VPNCONF_ERROR;
-                       }
-               }
-               #hier1
-               my @tmpovpnsubnet = split("\/",$cgiparams{'LOCAL_SUBNET'});     
-               $tmpovpnsubnet[1]  = &Ovpnfunc::cidrormask($tmpovpnsubnet[1]);
-               $cgiparams{'LOCAL_SUBNET'} = "$tmpovpnsubnet[0]/$tmpovpnsubnet[1]";#convert from cidr
-               #hier1
-               if ($cgiparams{'REMOTE'} eq '') {# Check if there is no other entry without IP-address and PSK
-                       foreach my $key (keys %confighash) {
-                               if(($cgiparams{'KEY'} ne $key) && ($confighash{$key}[4] eq 'psk' || $cgiparams{'AUTH'} eq 'psk') && $confighash{$key}[10] eq '') {
-                                       $errormessage = $Lang::tr{'you can only define one roadwarrior connection when using pre-shared key authentication'};
-                                       goto VPNCONF_ERROR;
-                               }
-                       }
-               }
-               if (($cgiparams{'TYPE'} eq 'net') && (! &General::validipandmask($cgiparams{'REMOTE_SUBNET'}))) {
-                       $errormessage = $Lang::tr{'remote subnet is invalid'};
-                       goto VPNCONF_ERROR;
-               }
-               #hier2
-               my @tmpovpnsubnet = split("\/",$cgiparams{'REMOTE_SUBNET'});    
-               $tmpovpnsubnet[1]  = &Ovpnfunc::cidrormask($tmpovpnsubnet[1]);
-               $cgiparams{'REMOTE_SUBNET'} = "$tmpovpnsubnet[0]/$tmpovpnsubnet[1]";#convert from cidr
-               #hier2
-               if ($cgiparams{'ENABLED'} !~ /^(on|off)$/) {
-                       $errormessage = $Lang::tr{'invalid input'};
-                       goto VPNCONF_ERROR;
-               }
-               if ($cgiparams{'EDIT_ADVANCED'} !~ /^(on|off)$/) {
-                       $errormessage = $Lang::tr{'invalid input'};
-                       goto VPNCONF_ERROR;
-               }
-               if ($cgiparams{'ENABLED'} eq 'on'){
-                       $errormessage = &Ovpnfunc::disallowreserved($cgiparams{'DEST_PORT'},0,$cgiparams{'PROTOCOL'},"dest");
-               }       
-               if ($errormessage) { goto VPNCONF_ERROR; }
-    
-               if ($cgiparams{'ENABLED'} eq 'on'){
-                       $errormessage = &Ovpnfunc::checkportfw(0,$cgiparams{'DEST_PORT'},$cgiparams{'PROTOCOL'},'0.0.0.0');
-               }       
-               if ($errormessage) { goto VPNCONF_ERROR; }
-#raul
-               if ($cgiparams{'TYPE'} eq 'net') {
-                       if (! &General::validipandmask($cgiparams{'OVPN_SUBNET'})) {
-                               $errormessage = $Lang::tr{'ovpn subnet is invalid'};
-                               goto VPNCONF_ERROR;
-                       }
-                       #hier3
-                       my @tmpovpnsubnet = split("\/",$cgiparams{'OVPN_SUBNET'});
-                       $tmpovpnsubnet[1]  = &Ovpnfunc::cidrormask($tmpovpnsubnet[1]);
-                       $cgiparams{'OVPN_SUBNET'} = "$tmpovpnsubnet[0]/$tmpovpnsubnet[1]";#convert from cidr
-                       #hier3  
-                       #plausi2        
-                       $errormessage = &Ovpnfunc::ovelapplausi($tmpovpnsubnet[0],$tmpovpnsubnet[1]);
-                       #plausi2
-                       if ($errormessage ne ''){
-                               goto VPNCONF_ERROR;
-                       }
-                       if ((length($cgiparams{'MTU'})==0) || (($cgiparams{'MTU'}) < 1000 )) {
-                               $errormessage = $Lang::tr{'invalid mtu input'};
-                               goto VPNCONF_ERROR;
-                       }  
-                       unless (&General::validport($cgiparams{'DEST_PORT'})) {
-                               $errormessage = $Lang::tr{'invalid port'};
-                               goto VPNCONF_ERROR;
-                       }
-                       # check protcol/port overlap against existing connections gian
-                       foreach my $dkey (keys %confighash) {#Check if there is no other entry with this name
-                               if ($dkey ne $cgiparams{'KEY'}) {
-                                       if ($confighash{$dkey}[14] eq $cgiparams{'PROTOCOL'} &&  $confighash{$dkey}[15] eq $cgiparams{'DEST_PORT'}){
-                                               #if ($confighash{$dkey}[14] eq 'on') {
-                                                       $errormessage = "Choosed Protocol/Port combination is already used by connection: $confighash{$dkey}[1]";
-                                                       goto VPNCONF_ERROR;                     
-                                               #} else {
-                                               #       $warnmessage = "Choosed Protcol/Port combination is used by inactive connection: $confighash{$dkey}[1]";
-                                               #}      
-                                       }
-                               }
-                       }                       
-                       #check  protcol/port overlap against RWserver gian
-                       if ($vpnsettings{'ENABLED'} eq 'on') {          
-                               if ($vpnsettings{'DPROTOCOL'} eq $cgiparams{'PROTOCOL'} &&  $vpnsettings{'DDEST_PORT'} eq $cgiparams{'DEST_PORT'}){
-                                       $errormessage = "Choosed Protocol/Port combination is already used OpenVPN Roadwarrior Server";
-                                       goto VPNCONF_ERROR;                     
-                               }
-                       }                       
+       if (! $confighash{$cgiparams{'KEY'}}[0]) {
+           $errormessage = $Lang::tr{'invalid key'};
+           goto VPNCONF_END;
+       }
+       $cgiparams{'ENABLED'}   = $confighash{$cgiparams{'KEY'}}[0];
+       $cgiparams{'NAME'}      = $confighash{$cgiparams{'KEY'}}[1];
+       $cgiparams{'TYPE'}      = $confighash{$cgiparams{'KEY'}}[3];
+       $cgiparams{'AUTH'}      = $confighash{$cgiparams{'KEY'}}[4];
+       $cgiparams{'PSK'}       = $confighash{$cgiparams{'KEY'}}[5];
+       $cgiparams{'SIDE'}      = $confighash{$cgiparams{'KEY'}}[6];
+       $cgiparams{'LOCAL_SUBNET'} = $confighash{$cgiparams{'KEY'}}[8];
+       $cgiparams{'REMOTE'}    = $confighash{$cgiparams{'KEY'}}[10];
+       $cgiparams{'REMOTE_SUBNET'} = $confighash{$cgiparams{'KEY'}}[11];
+       $cgiparams{'REMARK'}    = $confighash{$cgiparams{'KEY'}}[25];
+       $cgiparams{'INTERFACE'} = $confighash{$cgiparams{'KEY'}}[26];
+#new fields    
+       $cgiparams{'OVPN_SUBNET'} = $confighash{$cgiparams{'KEY'}}[27];
+       $cgiparams{'PROTOCOL'}    = $confighash{$cgiparams{'KEY'}}[28];
+       $cgiparams{'DEST_PORT'}   = $confighash{$cgiparams{'KEY'}}[29];
+       $cgiparams{'COMPLZO'}     = $confighash{$cgiparams{'KEY'}}[30];
+       $cgiparams{'MTU'}         = $confighash{$cgiparams{'KEY'}}[31];
+#new fields
+#ab hiere error uebernehmen
+    } elsif ($cgiparams{'ACTION'} eq $Lang::tr{'save'}) {
+       $cgiparams{'REMARK'} = &Header::cleanhtml($cgiparams{'REMARK'});
+       if ($cgiparams{'TYPE'} !~ /^(host|net)$/) {
+           $errormessage = $Lang::tr{'connection type is invalid'};
+           goto VPNCONF_ERROR;
+       }
+
+
+       if ($cgiparams{'NAME'} !~ /^[a-zA-Z0-9]+$/) {
+           $errormessage = $Lang::tr{'name must only contain characters'};
+           goto VPNCONF_ERROR;
+       }
+
+       if ($cgiparams{'NAME'} =~ /^(host|01|block|private|clear|packetdefault)$/) {
+           $errormessage = $Lang::tr{'name is invalid'};
+           goto VPNCONF_ERROR;
+       }
+
+       if (length($cgiparams{'NAME'}) >60) {
+           $errormessage = $Lang::tr{'name too long'};
+           goto VPNCONF_ERROR;
+       }
+
+#      if (($cgiparams{'TYPE'} eq 'net') && ($cgiparams{'SIDE'} !~ /^(left|right)$/)) {
+#          $errormessage = $Lang::tr{'ipfire side is invalid'};
+#          goto VPNCONF_ERROR;
+#      }
+
+       # Check if there is no other entry with this name
+       if (! $cgiparams{'KEY'}) {
+           foreach my $key (keys %confighash) {
+               if ($confighash{$key}[1] eq $cgiparams{'NAME'}) {
+                   $errormessage = $Lang::tr{'a connection with this name already exists'};
+                   goto VPNCONF_ERROR;
                }
-               if ($cgiparams{'AUTH'} eq 'psk')  {
-                       #removed
-               } elsif ($cgiparams{'AUTH'} eq 'certreq') {
-               #       {
-                       if ($cgiparams{'KEY'}) {
-                               $errormessage = $Lang::tr{'cant change certificates'};
-                               goto VPNCONF_ERROR;
-                       }
-                       if (ref ($cgiparams{'FH'}) ne 'Fh') {
-                               $errormessage = $Lang::tr{'there was no file upload'};
-                               goto VPNCONF_ERROR;
-                       }
-                       (my $fh, my $filename) = tempfile( );# Move uploaded certificate request to a temporary file
-                       if (copy ($cgiparams{'FH'}, $fh) != 1) {
-                               $errormessage = $!;
-                               goto VPNCONF_ERROR;
-                       }
-                       # Sign the certificate request and move it
-                       # Sign the host certificate request
-                       system('/usr/bin/openssl', 'ca', '-days', '999999',
-                       '-batch', '-notext',
-                       '-in', $filename,
-                       '-out', "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem",
-                       '-config',"${General::swroot}/ovpn/openssl/ovpn.cnf");
-                       if ($?) {
-                               $errormessage = "$Lang::tr{'openssl produced an error'}: $?";
-                               unlink ($filename);
-                               unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem");
-                               &Ovpnfunc::newcleanssldatabase();
-                               goto VPNCONF_ERROR;
-                       } else {
-                               unlink ($filename);
-                               &Ovpnfunc::deletebackupcert();
-                       }
-                       my $temp = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem`;
-                       $temp =~ /Subject:.*CN=(.*)[\n]/;
-                       $temp = $1;
-                       $temp =~ s+/Email+, E+;
-                       $temp =~ s/ ST=/ S=/;
-                       $cgiparams{'CERT_NAME'} = $temp;
-                       $cgiparams{'CERT_NAME'} =~ s/,//g;
-                       $cgiparams{'CERT_NAME'} =~ s/\'//g;
-                       if ($cgiparams{'CERT_NAME'} eq '') {
-                               $errormessage = $Lang::tr{'could not retrieve common name from certificate'};
-                               goto VPNCONF_ERROR;
-                       }
-               } elsif ($cgiparams{'AUTH'} eq 'certfile') {
-                       if ($cgiparams{'KEY'}) {
-                               $errormessage = $Lang::tr{'cant change certificates'};
-                               goto VPNCONF_ERROR;
-                       }
-                       if (ref ($cgiparams{'FH'}) ne 'Fh') {
-                       $errormessage = $Lang::tr{'there was no file upload'};
-                       goto VPNCONF_ERROR;
-                       }           
-                       (my $fh, my $filename) = tempfile( );# Move uploaded certificate to a temporary file
-                       if (copy ($cgiparams{'FH'}, $fh) != 1) {
-                               $errormessage = $!;
-                               goto VPNCONF_ERROR;
-                       }
-                       my $validca = 0;# Verify the certificate has a valid CA and move it
-                       my $test = `/usr/bin/openssl verify -CAfile ${General::swroot}/ovpn/ca/cacert.pem $filename`;
-                       if ($test =~ /: OK/) {
-                               $validca = 1;
-                       } else {
-                               foreach my $key (keys %cahash) {
-                                       $test = `/usr/bin/openssl verify -CAfile ${General::swroot}/ovpn/ca/$cahash{$key}[0]cert.pem $filename`;
-                                       if ($test =~ /: OK/) {
-                                               $validca = 1;
-                                       }
-                               }
-                       }
-                       if (! $validca) {
-                               $errormessage = $Lang::tr{'certificate does not have a valid ca associated with it'};
-                               unlink ($filename);
-                               goto VPNCONF_ERROR;
-                       } else {
-                               move($filename, "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem");
-                               if ($? ne 0) {
-                                       $errormessage = "$Lang::tr{'certificate file move failed'}: $!";
-                                       unlink ($filename);
-                                       goto VPNCONF_ERROR;
-                               }
-                       }
-                       my $temp = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem`;
-                       $temp =~ /Subject:.*CN=(.*)[\n]/;
-                       $temp = $1;
-                       $temp =~ s+/Email+, E+;
-                       $temp =~ s/ ST=/ S=/;
-                       $cgiparams{'CERT_NAME'} = $temp;
-                       $cgiparams{'CERT_NAME'} =~ s/,//g;
-                       $cgiparams{'CERT_NAME'} =~ s/\'//g;
-                       if ($cgiparams{'CERT_NAME'} eq '') {
-                               unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem");
-                               $errormessage = $Lang::tr{'could not retrieve common name from certificate'};
-                               goto VPNCONF_ERROR;
-                       }                                       
-               } elsif ($cgiparams{'AUTH'} eq 'certgen'){              
-                       if ($cgiparams{'KEY'}) {
-                               $errormessage = $Lang::tr{'cant change certificates'};
-                               goto VPNCONF_ERROR;
-                       }
-                       if (length($cgiparams{'CERT_NAME'}) >60) {# Validate input since the form was submitted
-                               $errormessage = $Lang::tr{'name too long'};
-                               goto VPNCONF_ERROR;
-                       }
-                       if ($cgiparams{'CERT_NAME'} !~ /^[a-zA-Z0-9 ,\.\-_]+$/) {
-                               $errormessage = $Lang::tr{'invalid input for name'};
-                               goto VPNCONF_ERROR;
-                       }
-                       if ($cgiparams{'CERT_EMAIL'} ne '' && (! &General::validemail($cgiparams{'CERT_EMAIL'}))) {
-                               $errormessage = $Lang::tr{'invalid input for e-mail address'};
-                               goto VPNCONF_ERROR;
-                       }
-                       if (length($cgiparams{'CERT_EMAIL'}) > 40) {
-                               $errormessage = $Lang::tr{'e-mail address too long'};
-                               goto VPNCONF_ERROR;
-                       }
-                       if ($cgiparams{'CERT_OU'} ne '' && $cgiparams{'CERT_OU'} !~ /^[a-zA-Z0-9 ,\.\-_]*$/) {
-                               $errormessage = $Lang::tr{'invalid input for department'};
-                               goto VPNCONF_ERROR;
-                       }
-                       if (length($cgiparams{'CERT_ORGANIZATION'}) >60) {
-                               $errormessage = $Lang::tr{'organization too long'};
-                               goto VPNCONF_ERROR;
-                       }
-                       if ($cgiparams{'CERT_ORGANIZATION'} !~ /^[a-zA-Z0-9 ,\.\-_]+$/) {
-                               $errormessage = $Lang::tr{'invalid input for organization'};
-                               goto VPNCONF_ERROR;
-                       }
-                       if ($cgiparams{'CERT_CITY'} ne '' && $cgiparams{'CERT_CITY'} !~ /^[a-zA-Z0-9 ,\.\-_]*$/) {
-                               $errormessage = $Lang::tr{'invalid input for city'};
-                               goto VPNCONF_ERROR;
-                       }
-                       if ($cgiparams{'CERT_STATE'} ne '' && $cgiparams{'CERT_STATE'} !~ /^[a-zA-Z0-9 ,\.\-_]*$/) {
-                               $errormessage = $Lang::tr{'invalid input for state or province'};
-                               goto VPNCONF_ERROR;
-                       }
-                       if ($cgiparams{'CERT_COUNTRY'} !~ /^[A-Z]*$/) {
-                               $errormessage = $Lang::tr{'invalid input for country'};
-                               goto VPNCONF_ERROR;
-                       }
-                       if ($cgiparams{'CERT_PASS1'} ne '' && $cgiparams{'CERT_PASS2'} ne ''){
-                               if (length($cgiparams{'CERT_PASS1'}) < 5) {
-                                       $errormessage = $Lang::tr{'password too short'};
-                                       goto VPNCONF_ERROR;
-                               }
-                       }       
-                       if ($cgiparams{'CERT_PASS1'} ne $cgiparams{'CERT_PASS2'}) {
-                               $errormessage = $Lang::tr{'passwords do not match'};
-                               goto VPNCONF_ERROR;
-                       }
-                       (my $ou = $cgiparams{'CERT_OU'}) =~ s/^\s*$/\./;# Replace empty strings with a .
-                       (my $city = $cgiparams{'CERT_CITY'}) =~ s/^\s*$/\./;
-                       (my $state = $cgiparams{'CERT_STATE'}) =~ s/^\s*$/\./;
-                       my $pid = open(OPENSSL, "|-");# Create the Host certificate request client
-                       $SIG{ALRM} = sub { $errormessage = $Lang::tr{'broken pipe'}; goto VPNCONF_ERROR;};
-                       if ($pid) {     # parent
-                               print OPENSSL "$cgiparams{'CERT_COUNTRY'}\n";
-                               print OPENSSL "$state\n";
-                               print OPENSSL "$city\n";
-                               print OPENSSL "$cgiparams{'CERT_ORGANIZATION'}\n";
-                               print OPENSSL "$ou\n";
-                               print OPENSSL "$cgiparams{'CERT_NAME'}\n";
-                               print OPENSSL "$cgiparams{'CERT_EMAIL'}\n";
-                               print OPENSSL ".\n";
-                               print OPENSSL ".\n";
-                               close (OPENSSL);
-                               if ($?) {
-                                       $errormessage = "$Lang::tr{'openssl produced an error'}: $?";
-                                       unlink ("${General::swroot}ovpn/certs/$cgiparams{'NAME'}key.pem");
-                                       unlink ("${General::swroot}ovpn/certs/$cgiparams{'NAME'}req.pem");
-                                       goto VPNCONF_ERROR;
-                               }
-                       } else {        # child
-                               unless (exec ('/usr/bin/openssl', 'req', '-nodes', '-rand', '/proc/interrupts:/proc/net/rt_cache',
-                                       '-newkey', 'rsa:1024',
-                                       '-keyout', "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}key.pem",
-                                       '-out', "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}req.pem",
-                                       '-config',"${General::swroot}/ovpn/openssl/ovpn.cnf")) {
-                                       $errormessage = "$Lang::tr{'cant start openssl'}: $!";
-                                       unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}key.pem");
-                                       unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}req.pem");
-                                       goto VPNCONF_ERROR;
-                               }
-                       }
-                       # Sign the host certificate request
-                       system('/usr/bin/openssl', 'ca', '-days', '999999',
-                       '-batch', '-notext',
-                       '-in',  "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}req.pem",
-                       '-out', "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem",
-                       '-config',"${General::swroot}/ovpn/openssl/ovpn.cnf");
-                       if ($?) {
-                               $errormessage = "$Lang::tr{'openssl produced an error'}: $?";
-                               unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}key.pem");
-                               unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}req.pem");
-                               unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem");
-                               &Ovpnfunc::newcleanssldatabase();
-                               goto VPNCONF_ERROR;
-                       } else {
-                               unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}req.pem");
-                               &Ovpnfunc::deletebackupcert();
-                       }
-                       # Create the pkcs12 file
-                       system('/usr/bin/openssl', 'pkcs12', '-export', 
-                       '-inkey', "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}key.pem",
-                       '-in', "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem",
-                       '-name', $cgiparams{'NAME'},
-                       '-passout', "pass:$cgiparams{'CERT_PASS1'}",
-                       '-certfile', "${General::swroot}/ovpn/ca/cacert.pem", 
-                       '-caname', "$vpnsettings{'ROOTCERT_ORGANIZATION'} CA",
-                       '-out', "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}.p12");
-                       if ($?) {
-                               $errormessage = "$Lang::tr{'openssl produced an error'}: $?";
-                               unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}key.pem");
-                               unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem");
-                               unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}.p12");
-                               goto VPNCONF_ERROR;
-                       } else {
-                               unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}key.pem");
-                       }
-               } elsif ($cgiparams{'AUTH'} eq 'cert') {
-                       ;# Nothing, just editing
+           }
+       }
+
+       if (($cgiparams{'TYPE'} eq 'net') && (! $cgiparams{'REMOTE'})) {
+           $errormessage = $Lang::tr{'invalid input for remote host/ip'};
+           goto VPNCONF_ERROR;
+       }
+
+       if ($cgiparams{'REMOTE'}) {
+           if (! &General::validip($cgiparams{'REMOTE'})) {
+               if (! &General::validfqdn ($cgiparams{'REMOTE'}))  {
+                   $errormessage = $Lang::tr{'invalid input for remote host/ip'};
+                   goto VPNCONF_ERROR;
                } else {
-                       $errormessage = $Lang::tr{'invalid input for authentication method'};
-                       goto VPNCONF_ERROR;
+                   if (&valid_dns_host($cgiparams{'REMOTE'})) {
+                       $warnmessage = "$Lang::tr{'check vpn lr'} $cgiparams{'REMOTE'}. $Lang::tr{'dns check failed'}";
+                   }
                }
-               if ((! $cgiparams{'KEY'}) && ($cgiparams{'AUTH'} ne 'psk')) {# Check if there is no other entry with this common name
-                       foreach my $key (keys %confighash) {
-                               if ($confighash{$key}[2] eq $cgiparams{'CERT_NAME'}) {
-                                       $errormessage = $Lang::tr{'a connection with this common name already exists'};
-                                       goto VPNCONF_ERROR;
-                               }
-                       }
+           }
+       }
+       if ($cgiparams{'TYPE'} ne 'host') {
+            unless (&General::validipandmask($cgiparams{'LOCAL_SUBNET'})) {
+                   $errormessage = $Lang::tr{'local subnet is invalid'}; 
+                       goto VPNCONF_ERROR;}
+       }
+       # Check if there is no other entry without IP-address and PSK
+       if ($cgiparams{'REMOTE'} eq '') {
+           foreach my $key (keys %confighash) {
+               if(($cgiparams{'KEY'} ne $key) && 
+                  ($confighash{$key}[4] eq 'psk' || $cgiparams{'AUTH'} eq 'psk') && 
+                   $confighash{$key}[10] eq '') {
+                       $errormessage = $Lang::tr{'you can only define one roadwarrior connection when using pre-shared key authentication'};
+                       goto VPNCONF_ERROR;
                }
+           }
+       }
+       if (($cgiparams{'TYPE'} eq 'net') && (! &General::validipandmask($cgiparams{'REMOTE_SUBNET'}))) {
+                $errormessage = $Lang::tr{'remote subnet is invalid'};
+               goto VPNCONF_ERROR;
+       }
+
+       if ($cgiparams{'ENABLED'} !~ /^(on|off)$/) {
+           $errormessage = $Lang::tr{'invalid input'};
+           goto VPNCONF_ERROR;
+       }
+       if ($cgiparams{'EDIT_ADVANCED'} !~ /^(on|off)$/) {
+           $errormessage = $Lang::tr{'invalid input'};
+           goto VPNCONF_ERROR;
+       }
+
+#fixplausi
+       if ($cgiparams{'AUTH'} eq 'psk')  {
+#          if (! length($cgiparams{'PSK'}) ) {
+#              $errormessage = $Lang::tr{'pre-shared key is too short'};
+#              goto VPNCONF_ERROR;
+#          }
+#          if ($cgiparams{'PSK'} =~ /['",&]/) {
+#              $errormessage = $Lang::tr{'invalid characters found in pre-shared key'};
+#              goto VPNCONF_ERROR;
+#          }
+       } elsif ($cgiparams{'AUTH'} eq 'certreq') {
+           if ($cgiparams{'KEY'}) {
+               $errormessage = $Lang::tr{'cant change certificates'};
+               goto VPNCONF_ERROR;
+           }
+           if (ref ($cgiparams{'FH'}) ne 'Fh') {
+               $errormessage = $Lang::tr{'there was no file upload'};
+               goto VPNCONF_ERROR;
+           }
+
+           # Move uploaded certificate request to a temporary file
+           (my $fh, my $filename) = tempfile( );
+           if (copy ($cgiparams{'FH'}, $fh) != 1) {
+               $errormessage = $!;
+               goto VPNCONF_ERROR;
+           }
 
-               my $key = $cgiparams{'KEY'};# Save the config
-               if (! $key) {
-                       $key = &General::findhasharraykey (\%confighash);
-                       foreach my $i (0 .. 42) { $confighash{$key}[$i] = "";}
+           # Sign the certificate request and move it
+           # Sign the host certificate request
+           system('/usr/bin/openssl', 'ca', '-days', '999999',
+               '-batch', '-notext',
+               '-in', $filename,
+               '-out', "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem",
+               '-config',"${General::swroot}/ovpn/openssl/ovpn.cnf");
+           if ($?) {
+               $errormessage = "$Lang::tr{'openssl produced an error'}: $?";
+               unlink ($filename);
+               unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem");
+               &newcleanssldatabase();
+               goto VPNCONF_ERROR;
+           } else {
+               unlink ($filename);
+               &deletebackupcert();
+           }
+
+           my $temp = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem`;
+           $temp =~ /Subject:.*CN=(.*)[\n]/;
+           $temp = $1;
+           $temp =~ s+/Email+, E+;
+           $temp =~ s/ ST=/ S=/;
+           $cgiparams{'CERT_NAME'} = $temp;
+           $cgiparams{'CERT_NAME'} =~ s/,//g;
+           $cgiparams{'CERT_NAME'} =~ s/\'//g;
+           if ($cgiparams{'CERT_NAME'} eq '') {
+               $errormessage = $Lang::tr{'could not retrieve common name from certificate'};
+               goto VPNCONF_ERROR;
+           }
+       } elsif ($cgiparams{'AUTH'} eq 'certfile') {
+           if ($cgiparams{'KEY'}) {
+               $errormessage = $Lang::tr{'cant change certificates'};
+               goto VPNCONF_ERROR;
+           }
+           if (ref ($cgiparams{'FH'}) ne 'Fh') {
+               $errormessage = $Lang::tr{'there was no file upload'};
+               goto VPNCONF_ERROR;
+           }
+           # Move uploaded certificate to a temporary file
+           (my $fh, my $filename) = tempfile( );
+           if (copy ($cgiparams{'FH'}, $fh) != 1) {
+               $errormessage = $!;
+               goto VPNCONF_ERROR;
+           }
+
+           # Verify the certificate has a valid CA and move it
+           my $validca = 0;
+           my $test = `/usr/bin/openssl verify -CAfile ${General::swroot}/ovpn/ca/cacert.pem $filename`;
+           if ($test =~ /: OK/) {
+               $validca = 1;
+           } else {
+               foreach my $key (keys %cahash) {
+                   $test = `/usr/bin/openssl verify -CAfile ${General::swroot}/ovpn/ca/$cahash{$key}[0]cert.pem $filename`;
+                   if ($test =~ /: OK/) {
+                       $validca = 1;
+                   }
                }
-               $confighash{$key}[0] = $cgiparams{'ENABLED'};
-               $confighash{$key}[1] = $cgiparams{'NAME'};
-               if ((! $cgiparams{'KEY'}) && $cgiparams{'AUTH'} ne 'psk') {
-                       $confighash{$key}[2] = $cgiparams{'CERT_NAME'};
+           }
+           if (! $validca) {
+               $errormessage = $Lang::tr{'certificate does not have a valid ca associated with it'};
+               unlink ($filename);
+               goto VPNCONF_ERROR;
+           } else {
+               move($filename, "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem");
+               if ($? ne 0) {
+                   $errormessage = "$Lang::tr{'certificate file move failed'}: $!";
+                   unlink ($filename);
+                   goto VPNCONF_ERROR;
                }
-               $confighash{$key}[3] = $cgiparams{'TYPE'};
-               if ($cgiparams{'AUTH'} eq 'psk') {
-                       $confighash{$key}[4] = 'psk';
-                       $confighash{$key}[5] = $cgiparams{'PSK'};
-               } else {
-                       $confighash{$key}[4] = 'cert';
+           }
+
+           my $temp = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem`;
+           $temp =~ /Subject:.*CN=(.*)[\n]/;
+           $temp = $1;
+           $temp =~ s+/Email+, E+;
+           $temp =~ s/ ST=/ S=/;
+           $cgiparams{'CERT_NAME'} = $temp;
+           $cgiparams{'CERT_NAME'} =~ s/,//g;
+           $cgiparams{'CERT_NAME'} =~ s/\'//g;
+           if ($cgiparams{'CERT_NAME'} eq '') {
+               unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem");
+               $errormessage = $Lang::tr{'could not retrieve common name from certificate'};
+               goto VPNCONF_ERROR;
+           }
+       } elsif ($cgiparams{'AUTH'} eq 'certgen') {
+           if ($cgiparams{'KEY'}) {
+               $errormessage = $Lang::tr{'cant change certificates'};
+               goto VPNCONF_ERROR;
+           }
+           # Validate input since the form was submitted
+           if (length($cgiparams{'CERT_NAME'}) >60) {
+               $errormessage = $Lang::tr{'name too long'};
+               goto VPNCONF_ERROR;
+           }
+           if ($cgiparams{'CERT_NAME'} !~ /^[a-zA-Z0-9 ,\.\-_]+$/) {
+               $errormessage = $Lang::tr{'invalid input for name'};
+               goto VPNCONF_ERROR;
+           }
+           if ($cgiparams{'CERT_EMAIL'} ne '' && (! &General::validemail($cgiparams{'CERT_EMAIL'}))) {
+               $errormessage = $Lang::tr{'invalid input for e-mail address'};
+               goto VPNCONF_ERROR;
+           }
+           if (length($cgiparams{'CERT_EMAIL'}) > 40) {
+               $errormessage = $Lang::tr{'e-mail address too long'};
+               goto VPNCONF_ERROR;
+           }
+           if ($cgiparams{'CERT_OU'} ne '' && $cgiparams{'CERT_OU'} !~ /^[a-zA-Z0-9 ,\.\-_]*$/) {
+               $errormessage = $Lang::tr{'invalid input for department'};
+               goto VPNCONF_ERROR;
+           }
+           if (length($cgiparams{'CERT_ORGANIZATION'}) >60) {
+               $errormessage = $Lang::tr{'organization too long'};
+               goto VPNCONF_ERROR;
+           }
+           if ($cgiparams{'CERT_ORGANIZATION'} !~ /^[a-zA-Z0-9 ,\.\-_]+$/) {
+               $errormessage = $Lang::tr{'invalid input for organization'};
+               goto VPNCONF_ERROR;
+           }
+           if ($cgiparams{'CERT_CITY'} ne '' && $cgiparams{'CERT_CITY'} !~ /^[a-zA-Z0-9 ,\.\-_]*$/) {
+               $errormessage = $Lang::tr{'invalid input for city'};
+               goto VPNCONF_ERROR;
+           }
+           if ($cgiparams{'CERT_STATE'} ne '' && $cgiparams{'CERT_STATE'} !~ /^[a-zA-Z0-9 ,\.\-_]*$/) {
+               $errormessage = $Lang::tr{'invalid input for state or province'};
+               goto VPNCONF_ERROR;
+           }
+           if ($cgiparams{'CERT_COUNTRY'} !~ /^[A-Z]*$/) {
+               $errormessage = $Lang::tr{'invalid input for country'};
+               goto VPNCONF_ERROR;
+           }
+           if ($cgiparams{'CERT_PASS1'} ne '' && $cgiparams{'CERT_PASS2'} ne ''){
+               if (length($cgiparams{'CERT_PASS1'}) < 5) {
+                   $errormessage = $Lang::tr{'password too short'};
+                   goto VPNCONF_ERROR;
                }
-               if ($cgiparams{'TYPE'} eq 'net') {
-                       $confighash{$key}[6] = $cgiparams{'SIDE'};
-                       $confighash{$key}[11] = $cgiparams{'REMOTE_SUBNET'};
-                       if ( $cgiparams{'SIDE'} eq  'client') {
-                                       $confighash{$key}[19] = 'yes';
-                       } else{
-                               $confighash{$key}[19] = 'no';
-                       }
+           }   
+           if ($cgiparams{'CERT_PASS1'} ne $cgiparams{'CERT_PASS2'}) {
+               $errormessage = $Lang::tr{'passwords do not match'};
+               goto VPNCONF_ERROR;
+           }
+
+           # Replace empty strings with a .
+           (my $ou = $cgiparams{'CERT_OU'}) =~ s/^\s*$/\./;
+           (my $city = $cgiparams{'CERT_CITY'}) =~ s/^\s*$/\./;
+           (my $state = $cgiparams{'CERT_STATE'}) =~ s/^\s*$/\./;
+
+           # Create the Host certificate request client
+           my $pid = open(OPENSSL, "|-");
+           $SIG{ALRM} = sub { $errormessage = $Lang::tr{'broken pipe'}; goto VPNCONF_ERROR;};
+           if ($pid) { # parent
+               print OPENSSL "$cgiparams{'CERT_COUNTRY'}\n";
+               print OPENSSL "$state\n";
+               print OPENSSL "$city\n";
+               print OPENSSL "$cgiparams{'CERT_ORGANIZATION'}\n";
+               print OPENSSL "$ou\n";
+               print OPENSSL "$cgiparams{'CERT_NAME'}\n";
+               print OPENSSL "$cgiparams{'CERT_EMAIL'}\n";
+               print OPENSSL ".\n";
+               print OPENSSL ".\n";
+               close (OPENSSL);
+               if ($?) {
+                   $errormessage = "$Lang::tr{'openssl produced an error'}: $?";
+                   unlink ("${General::swroot}ovpn/certs/$cgiparams{'NAME'}key.pem");
+                   unlink ("${General::swroot}ovpn/certs/$cgiparams{'NAME'}req.pem");
+                   goto VPNCONF_ERROR;
                }
-               $confighash{$key}[8] = $cgiparams{'LOCAL_SUBNET'};
-               $confighash{$key}[10] = $cgiparams{'REMOTE'};
-               $confighash{$key}[25] = $cgiparams{'REMARK'};
-               $confighash{$key}[12] = $cgiparams{'INTERFACE'};
-               $confighash{$key}[13] = $cgiparams{'OVPN_SUBNET'};# new fields  
-               $confighash{$key}[14] = $cgiparams{'PROTOCOL'};
-               $confighash{$key}[15] = $cgiparams{'DEST_PORT'};
-               $confighash{$key}[16] = $cgiparams{'COMPLZO'};
-               $confighash{$key}[17] = $cgiparams{'MTU'};
-               $confighash{$key}[18] = $cgiparams{'N2NVPN_IP'};# new fileds
-               $confighash{$key}[19] = $cgiparams{'ZERINA_CLIENT'};# new fileds
-               $confighash{$key}[20] = $cgiparams{'CIPHER'};
-               
-               #default n2n advanced
-               $confighash{$key}[26] = '10';#keepalive ping
-               $confighash{$key}[27] = '60';#keepalive restart
-               $confighash{$key}[28] = '0';#nice
-               $confighash{$key}[42] = '3';#verb
-               #default n2n advanced
-               &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
-               &Ovpnfunc::writenet2netconf($key,$zerinaclient);
-               #ppp
-               my $n2nactive = `/bin/ps ax|grep $cgiparams{'NAME'}.conf|grep -v grep|awk \'{print \$1}\'`;
-               if ($cgiparams{'ENABLED'}) {                    
-                       if ($n2nactive eq ''){
-                               system('/usr/local/bin/openvpnctrl', '-sn2n', $cgiparams{'NAME'});
-                       } else {
-                               system('/usr/local/bin/openvpnctrl', '-kn2n', $n2nactive);
-                               system('/usr/local/bin/openvpnctrl', '-sn2n', $cgiparams{'NAME'});
-                       }                       
-               } else {                                        
-                       if ($n2nactive ne ''){                          
-                               system('/usr/local/bin/openvpnctrl', '-kn2n', $cgiparams{'NAME'});
-                       }                                               
+           } else {    # child
+               unless (exec ('/usr/bin/openssl', 'req', '-nodes', '-rand', '/proc/interrupts:/proc/net/rt_cache',
+                       '-newkey', 'rsa:1024',
+                       '-keyout', "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}key.pem",
+                       '-out', "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}req.pem",
+                       '-config',"${General::swroot}/ovpn/openssl/ovpn.cnf")) {
+                   $errormessage = "$Lang::tr{'cant start openssl'}: $!";
+                   unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}key.pem");
+                   unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}req.pem");
+                   goto VPNCONF_ERROR;
                }
-               if ($cgiparams{'EDIT_ADVANCED'} eq 'on') {
-                       $cgiparams{'KEY'} = $key;
-                       $cgiparams{'ACTION'} = $Lang::tr{'advanced'};
+           }
+       
+           # Sign the host certificate request
+           system('/usr/bin/openssl', 'ca', '-days', '999999',
+               '-batch', '-notext',
+               '-in',  "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}req.pem",
+               '-out', "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem",
+               '-config',"${General::swroot}/ovpn/openssl/ovpn.cnf");
+           if ($?) {
+               $errormessage = "$Lang::tr{'openssl produced an error'}: $?";
+               unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}key.pem");
+               unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}req.pem");
+               unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem");
+               &newcleanssldatabase();
+               goto VPNCONF_ERROR;
+           } else {
+               unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}req.pem");
+               &deletebackupcert();
+           }
+
+           # Create the pkcs12 file
+           system('/usr/bin/openssl', 'pkcs12', '-export', 
+               '-inkey', "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}key.pem",
+               '-in', "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem",
+               '-name', $cgiparams{'NAME'},
+               '-passout', "pass:$cgiparams{'CERT_PASS1'}",
+               '-certfile', "${General::swroot}/ovpn/ca/cacert.pem", 
+               '-caname', "$vpnsettings{'ROOTCERT_ORGANIZATION'} CA",
+               '-out', "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}.p12");
+           if ($?) {
+               $errormessage = "$Lang::tr{'openssl produced an error'}: $?";
+               unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}key.pem");
+               unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem");
+               unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}.p12");
+               goto VPNCONF_ERROR;
+           } else {
+               unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}key.pem");
+           }
+       } elsif ($cgiparams{'AUTH'} eq 'cert') {
+           ;# Nothing, just editing
+       } else {
+           $errormessage = $Lang::tr{'invalid input for authentication method'};
+           goto VPNCONF_ERROR;
+       }
+
+       # Check if there is no other entry with this common name
+       if ((! $cgiparams{'KEY'}) && ($cgiparams{'AUTH'} ne 'psk')) {
+           foreach my $key (keys %confighash) {
+               if ($confighash{$key}[2] eq $cgiparams{'CERT_NAME'}) {
+                   $errormessage = $Lang::tr{'a connection with this common name already exists'};
+                   goto VPNCONF_ERROR;
                }
-               goto VPNCONF_END;
+           }
+       }
+
+        # Save the config
+       my $key = $cgiparams{'KEY'};
+       if (! $key) {
+           $key = &General::findhasharraykey (\%confighash);
+           foreach my $i (0 .. 31) { $confighash{$key}[$i] = "";}
+       }
+       $confighash{$key}[0] = $cgiparams{'ENABLED'};
+       $confighash{$key}[1] = $cgiparams{'NAME'};
+       if ((! $cgiparams{'KEY'}) && $cgiparams{'AUTH'} ne 'psk') {
+           $confighash{$key}[2] = $cgiparams{'CERT_NAME'};
+       }
+       $confighash{$key}[3] = $cgiparams{'TYPE'};
+       if ($cgiparams{'AUTH'} eq 'psk') {
+           $confighash{$key}[4] = 'psk';
+           $confighash{$key}[5] = $cgiparams{'PSK'};
+       } else {
+           $confighash{$key}[4] = 'cert';
+       }
+       if ($cgiparams{'TYPE'} eq 'net') {
+           $confighash{$key}[6] = $cgiparams{'SIDE'};
+           $confighash{$key}[11] = $cgiparams{'REMOTE_SUBNET'};
+       }
+       $confighash{$key}[8] = $cgiparams{'LOCAL_SUBNET'};
+       $confighash{$key}[10] = $cgiparams{'REMOTE'};
+       $confighash{$key}[25] = $cgiparams{'REMARK'};
+       $confighash{$key}[26] = $cgiparams{'INTERFACE'};
+# new fields   
+       $confighash{$key}[27] = $cgiparams{'OVPN_SUBNET'};
+       $confighash{$key}[28] = $cgiparams{'PROTOCOL'};
+       $confighash{$key}[29] = $cgiparams{'DEST_PORT'};
+       $confighash{$key}[30] = $cgiparams{'COMPLZO'};
+       $confighash{$key}[31] = $cgiparams{'MTU'};
+# new fileds   
+       &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
+       if ($cgiparams{'EDIT_ADVANCED'} eq 'on') {
+           $cgiparams{'KEY'} = $key;
+           $cgiparams{'ACTION'} = $Lang::tr{'advanced'};
+       }
+       goto VPNCONF_END;
     } else {
-               $cgiparams{'ENABLED'} = 'on';
-               if ($cgiparams{'ZERINA_CLIENT'} eq ''){
-                       $cgiparams{'ZERINA_CLIENT'} = 'no';
-               }                       
-               if ( ! -f "${General::swroot}/ovpn/ca/cakey.pem" ) {
-                       $cgiparams{'AUTH'} = 'psk';
-               } elsif ( ! -f "${General::swroot}/ovpn/ca/cacert.pem") {
-                       $cgiparams{'AUTH'} = 'certfile';
-               } else {
+        $cgiparams{'ENABLED'} = 'on';
+       $cgiparams{'SIDE'} = 'left';
+       if ( ! -f "${General::swroot}/ovpn/ca/cakey.pem" ) {
+           $cgiparams{'AUTH'} = 'psk';
+       } elsif ( ! -f "${General::swroot}/ovpn/ca/cacert.pem") {
+           $cgiparams{'AUTH'} = 'certfile';
+       } else {
             $cgiparams{'AUTH'} = 'certgen';
-               }
-               $cgiparams{'LOCAL_SUBNET'}      ="$netsettings{'GREEN_NETADDRESS'}/$netsettings{'GREEN_NETMASK'}";
-               $cgiparams{'CERT_ORGANIZATION'} = $vpnsettings{'ROOTCERT_ORGANIZATION'};
-               $cgiparams{'CERT_CITY'}         = $vpnsettings{'ROOTCERT_CITY'};
-               $cgiparams{'CERT_STATE'}        = $vpnsettings{'ROOTCERT_STATE'};
-               $cgiparams{'CERT_COUNTRY'}      = $vpnsettings{'ROOTCERT_COUNTRY'};
+       }
+       $cgiparams{'LOCAL_SUBNET'}      ="$netsettings{'GREEN_NETADDRESS'}/$netsettings{'GREEN_NETMASK'}";
+       $cgiparams{'CERT_ORGANIZATION'} = $vpnsettings{'ROOTCERT_ORGANIZATION'};
+       $cgiparams{'CERT_CITY'}         = $vpnsettings{'ROOTCERT_CITY'};
+       $cgiparams{'CERT_STATE'}        = $vpnsettings{'ROOTCERT_STATE'};
+       $cgiparams{'CERT_COUNTRY'}      = $vpnsettings{'ROOTCERT_COUNTRY'};
     }
+
     VPNCONF_ERROR:
-       # n2n default settings
-       if ($cgiparams{'CIPHER'} eq '') {
-               $cgiparams{'CIPHER'} =  'BF-CBC';     
-    }
-    if ($cgiparams{'MTU'} eq '') {
-               $cgiparams{'MTU'} =  '1400';     
-    }
-    if ($cgiparams{'OVPN_SUBNET'} eq '') {
-               $cgiparams{'OVPN_SUBNET'} = '10.' . int(rand(256)) . '.' . int(rand(256)) . '.0/255.255.255.0';
-    }
-       #n2n default settings
     $checked{'ENABLED'}{'off'} = '';
     $checked{'ENABLED'}{'on'} = '';
     $checked{'ENABLED'}{$cgiparams{'ENABLED'}} = 'CHECKED';
@@ -2281,43 +2256,28 @@ END
     $checked{'ENABLED_ORANGE'}{'off'} = '';
     $checked{'ENABLED_ORANGE'}{'on'} = '';
     $checked{'ENABLED_ORANGE'}{$cgiparams{'ENABLED_ORANGE'}} = 'CHECKED';
+
+
     $checked{'EDIT_ADVANCED'}{'off'} = '';
     $checked{'EDIT_ADVANCED'}{'on'} = '';
     $checked{'EDIT_ADVANCED'}{$cgiparams{'EDIT_ADVANCED'}} = 'CHECKED';
+
     $selected{'SIDE'}{'server'} = '';
     $selected{'SIDE'}{'client'} = '';
     $selected{'SIDE'}{$cgiparams{'SIDE'}} = 'SELECTED';
-       
-#      $selected{'DDEVICE'}{'tun'} = '';
-#    $selected{'DDEVICE'}{'tap'} = '';
-#    $selected{'DDEVICE'}{$cgiparams{'DDEVICE'}} = 'SELECTED';
-
-    $selected{'PROTOCOL'}{'udp'} = '';
-    $selected{'PROTOCOL'}{'tcp'} = '';
-    $selected{'PROTOCOL'}{$cgiparams{'PROTOCOL'}} = 'SELECTED';
+
     $checked{'AUTH'}{'psk'} = '';
     $checked{'AUTH'}{'certreq'} = '';
     $checked{'AUTH'}{'certgen'} = '';
     $checked{'AUTH'}{'certfile'} = '';
     $checked{'AUTH'}{$cgiparams{'AUTH'}} = 'CHECKED';
+
     $selected{'INTERFACE'}{$cgiparams{'INTERFACE'}} = 'SELECTED';
+    
     $checked{'COMPLZO'}{'off'} = '';
     $checked{'COMPLZO'}{'on'} = '';
     $checked{'COMPLZO'}{$cgiparams{'COMPLZO'}} = 'CHECKED';
-       $selected{'CIPHER'}{'DES-CBC'} = '';
-    $selected{'CIPHER'}{'DES-EDE-CBC'} = '';
-    $selected{'CIPHER'}{'DES-EDE3-CBC'} = '';
-    $selected{'CIPHER'}{'DESX-CBC'} = '';
-    $selected{'CIPHER'}{'RC2-CBC'} = '';
-    $selected{'CIPHER'}{'RC2-40-CBC'} = '';
-    $selected{'CIPHER'}{'RC2-64-CBC'} = '';
-    $selected{'CIPHER'}{'BF-CBC'} = '';
-    $selected{'CIPHER'}{'CAST5-CBC'} = '';    
-    $selected{'CIPHER'}{'AES-128-CBC'} = '';
-    $selected{'CIPHER'}{'AES-192-CBC'} = '';
-    $selected{'CIPHER'}{'AES-256-CBC'} = '';
-    $selected{'CIPHER'}{$cgiparams{'CIPHER'}} = 'SELECTED';
+
 
     if (1) {
        &Header::showhttpheaders();
@@ -2329,19 +2289,22 @@ END
            print "&nbsp;</class>";
            &Header::closebox();
        }
+
        if ($warnmessage) {
            &Header::openbox('100%', 'LEFT', "$Lang::tr{'warning messages'}:");
            print "<class name='base'>$warnmessage";
            print "&nbsp;</class>";
            &Header::closebox();
        }
+
        print "<form method='post' enctype='multipart/form-data'>";
        print "<input type='hidden' name='TYPE' value='$cgiparams{'TYPE'}' />";
-       print "<input type='hidden' name='ZERINA_CLIENT' value='$cgiparams{'ZERINA_CLIENT'}' />";
+
        if ($cgiparams{'KEY'}) {
            print "<input type='hidden' name='KEY' value='$cgiparams{'KEY'}' />";
            print "<input type='hidden' name='AUTH' value='$cgiparams{'AUTH'}' />";
        }
+
        &Header::openbox('100%', 'LEFT', "$Lang::tr{'connection'}:");
        print "<table width='100%'>\n";
        print "<tr><td width='25%' class='boldbase'>$Lang::tr{'name'}:</td>";
@@ -2351,77 +2314,81 @@ END
            } else {
                print "<td width='35%'><input type='text' name='NAME' value='$cgiparams{'NAME'}' maxlength='20' size='30' /></td>";
            }
+#          print "<tr><td>$Lang::tr{'interface'}</td>";
+#          print "<td><select name='INTERFACE'>";
+#          print "<option value='RED' $selected{'INTERFACE'}{'RED'}>RED</option>";
+#          if ($netsettings{'BLUE_DEV'} ne '') {
+#              print "<option value='BLUE' $selected{'INTERFACE'}{'BLUE'}>BLUE</option>";
+#          }
+#          print "<option value='GREEN' $selected{'INTERFACE'}{'GREEN'}>GREEN</option>";
+#          print "<option value='ORANGE' $selected{'INTERFACE'}{'ORANGE'}>ORANGE</option>";
+#          print "</select></td></tr>";
+#          print <<END
        } else {
            print "<input type='hidden' name='INTERFACE' value='red' />";
            if ($cgiparams{'KEY'}) {
-                       print "<td width='25%' class='base' nowrap='nowrap'><input type='hidden' name='NAME' value='$cgiparams{'NAME'}' />$cgiparams{'NAME'}</td>";
+               print "<td width='25%' class='base' nowrap='nowrap'><input type='hidden' name='NAME' value='$cgiparams{'NAME'}' />$cgiparams{'NAME'}</td>";
            } else {
-                       print "<td width='25%'><input type='text' name='NAME' value='$cgiparams{'NAME'}' maxlength='20' /></td>";
+               print "<td width='25%'><input type='text' name='NAME' value='$cgiparams{'NAME'}' maxlength='20' /></td>";
            }
-                       print "<!-- net2net config gui -->";
-                       print "<td width='25%'>&nbsp;</td>";
-                   print "<td width='25%'>&nbsp;</td></tr>";
-                       if ((($cgiparams{'ACTION'} eq $Lang::tr{'edit'}) && ($cgiparams{'ZERINA_CLIENT'} eq 'no')) ||
-                          (($cgiparams{'ACTION'} eq $Lang::tr{'save'}) && ($cgiparams{'ZERINA_CLIENT'} eq 'no')) ||
-                          (($cgiparams{'ACTION'} eq $Lang::tr{'add'}) && ($cgiparams{'ZERINA_CLIENT'} eq 'no'))) {
-                               print "<tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'Act as'}</td>";
-                                       print "<td><select name='SIDE'><option value='server' $selected{'SIDE'}{'server'}>OpenVPN Server</option>";
-                                                                                       print "<option value='client' $selected{'SIDE'}{'client'}>OpenVPN Client</option></select></td>";
-                               print "<tr><td class='base' nowrap='nowrap'>$Lang::tr{'local vpn hostname/ip'}:</td>";
-                                       print "<td><input type='text' name='N2NVPN_IP' value='$cgiparams{'N2NVPN_IP'}' size='30' /></td>";                                              
-                               print "<td class='boldbase'>$Lang::tr{'remote host/ip'}:</td>";
-                       } else {
-                               print "<tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'Act as'}</td>";
-                                       print "<td>$cgiparams{'SIDE'}</td><input type='hidden' name='SIDE' value='$cgiparams{'SIDE'}' />";                                                              
-                               print "<td class='boldbase'>$Lang::tr{'remote host/ip'}:</td>";                         
-                       }       
-                               print "<td><input type='TEXT' name='REMOTE' value='$cgiparams{'REMOTE'}' /></td></tr>";
-                               print "<tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'local subnet'}</td>";
-                               print "<td><input type='TEXT' name='LOCAL_SUBNET' value='$cgiparams{'LOCAL_SUBNET'}' /></td>";
-                               print "<td class='boldbase' nowrap='nowrap'>$Lang::tr{'remote subnet'}</td>";
-                               print "<td><input type='text' name='REMOTE_SUBNET' value='$cgiparams{'REMOTE_SUBNET'}' /></td></tr>";
-                               print "<tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'ovpn subnet'}</td>";
-                               print "<td><input type='TEXT' name='OVPN_SUBNET' value='$cgiparams{'OVPN_SUBNET'}' /></td></tr>";
-                               print "<tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'protocol'}</td>";
-                               print "<td><select name='PROTOCOL'><option value='udp' $selected{'PROTOCOL'}{'udp'}>UDP</option>";
-                                                                                       print "<option value='tcp' $selected{'PROTOCOL'}{'tcp'}>TCP</option></select></td>";
-                               print "<td class='boldbase'>$Lang::tr{'destination port'}:</td>";
-                               print "<td><input type='TEXT' name='DEST_PORT' value='$cgiparams{'DEST_PORT'}' size='5' /></td></tr>";
-                               print "<tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'comp-lzo'}</td>";
-                               print "<td><input type='checkbox' name='COMPLZO' $checked{'COMPLZO'}{'on'} /></td>";
-                               print "<td class='boldbase' nowrap='nowrap'>$Lang::tr{'cipher'}</td>";
-                               print "<td><select name='CIPHER'><option value='DES-CBC' $selected{'CIPHER'}{'DES-CBC'}>DES-CBC</option>";
-                               print "<option value='DES-EDE-CBC' $selected{'CIPHER'}{'DES-EDE-CBC'}>DES-EDE-CBC</option>";
-                               print "<option value='DES-EDE3-CBC' $selected{'CIPHER'}{'DES-EDE3-CBC'}>DES-EDE3-CBC</option>";
-                               print "<option value='DESX-CBC' $selected{'CIPHER'}{'DESX-CBC'}>DESX-CBC</option>";
-                               print "<option value='RC2-CBC' $selected{'CIPHER'}{'RC2-CBC'}>RC2-CBC</option>";
-                               print "<option value='RC2-40-CBC' $selected{'CIPHER'}{'RC2-40-CBC'}>RC2-40-CBC</option>";
-                               print "<option value='RC2-64-CBC' $selected{'CIPHER'}{'RC2-64-CBC'}>RC2-64-CBC</option>";
-                               print "<option value='BF-CBC' $selected{'CIPHER'}{'BF-CBC'}>BF-CBC</option>";
-                               print "<option value='CAST5-CBC' $selected{'CIPHER'}{'CAST5-CBC'}>CAST5-CBC</option>";
-                               print "<option value='AES-128-CBC' $selected{'CIPHER'}{'AES-128-CBC'}>AES-128-CBC</option>";
-                               print "<option value='AES-192-CBC' $selected{'CIPHER'}{'AES-192-CBC'}>AES-192-CBC</option>";
-                               print "<option value='AES-256-CBC' $selected{'CIPHER'}{'AES-256-CBC'}>AES-256-CBC</option></select></td>";
-                               print "<tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'MTU'}&nbsp;</td>";
-                               print "<td> <input type='TEXT' name='MTU' VALUE='$cgiparams{'MTU'}'size='5' /></TD>";
+           print <<END
+                   <td width='25%'>&nbsp;</td>
+                   <td width='25%'>&nbsp;</td></tr>
+               <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'Act as'}</td>
+                   <td><select name='SIDE'><option value='server' $selected{'SIDE'}{'server'}>OpenVPN Server</option>
+                                           <option value='client' $selected{'SIDE'}{'client'}>OpenVPN Client</option></select></td>
+                   <td class='boldbase'>$Lang::tr{'remote host/ip'}:</td>
+                   <td><input type='TEXT' name='REMOTE' value='$cgiparams{'REMOTE'}' /></td></tr>
+               <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'local subnet'}</td>
+                   <td><input type='TEXT' name='LOCAL_SUBNET' value='$cgiparams{'LOCAL_SUBNET'}' /></td>
+                   <td class='boldbase' nowrap='nowrap'>$Lang::tr{'remote subnet'}</td>
+                   <td><input type='text' name='REMOTE_SUBNET' value='$cgiparams{'REMOTE_SUBNET'}' /></td></tr>
+ttt
+               <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'ovpn subnet'}</td>
+                   <td><input type='TEXT' name='OVPN_SUBNET' value='$cgiparams{'OVPN_SUBNET'}' /></td></tr>
+               <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'protocol'}</td>
+                   <td><select name='PROTOCOL'><option value='udp' $selected{'PROTOCOL'}{'udp'}>UDP</option>
+                                               <option value='tcp' $selected{'PROTOCOL'}{'tcp'}>TCP</option></select></td>
+                   <td class='boldbase'>$Lang::tr{'destination port'}:</td>
+                   <td><input type='TEXT' name='DEST_PORT' value='$cgiparams{'DEST_PORT'}' size='5' /></td></tr>
+               <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'comp-lzo'}</td>
+                   <td><input type='checkbox' name='COMPLZO' $checked{'COMPLZO'}{'on'} /></td>
+               <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'MTU'}&nbsp;<img src='/blob.gif' /></td>
+                   <td> <input type='TEXT' name='MTU' VALUE='$cgiparams{'MTU'}'size='5' /></TD>
+                                   
+
+END
+           ;
        }
        print "<tr><td class='boldbase'>$Lang::tr{'remark title'}&nbsp;<img src='/blob.gif' /></td>";
        print "<td colspan='3'><input type='text' name='REMARK' value='$cgiparams{'REMARK'}' size='55' maxlength='50' /></td></tr>";
+       
 #      if ($cgiparams{'TYPE'} eq 'net') {
            print "<tr><td>$Lang::tr{'enabled'} <input type='checkbox' name='ENABLED' $checked{'ENABLED'}{'on'} /></td>\n";
        
-       if ($cgiparams{'TYPE'} eq 'host') {
+#          if ($cgiparams{'KEY'}) {
+#              print "<td colspan='3'>&nbsp;</td></tr></table>";
+#          } else {
+#              print "<td colspan='3'><input type='checkbox' name='EDIT_ADVANCED' $checked{'EDIT_ADVANCED'}{'on'} /> $Lang::tr{'edit advanced settings when done'}</tr></table>";
+#          }
+#      }else{
            print "<td colspan='3'>&nbsp;</td></tr></table>";
-       } elsif  ($cgiparams{'ACTION'} ne $Lang::tr{'edit'}){
-               print "<td colspan='3'><input type='checkbox' name='EDIT_ADVANCED' $checked{'EDIT_ADVANCED'}{'on'}/> $Lang::tr{'edit advanced settings when done'}</tr></table>";
-    } else {
-               print "<td colspan='3'></tr></table>";
-       }       
+#      }    
+           
        
 
        &Header::closebox();
+       
        if ($cgiparams{'KEY'} && $cgiparams{'AUTH'} eq 'psk') {
-       ;#we dont have psk
+       #    &Header::openbox('100%', 'LEFT', $Lang::tr{'authentication'});
+       #    print <<END
+       #    <table width='100%' cellpadding='0' cellspacing='5' border='0'>
+       #    <tr><td class='base' width='50%'>$Lang::tr{'use a pre-shared key'}</td>
+       #       <td class='base' width='50%'><input type='text' name='PSK' size='30' value='$cgiparams{'PSK'}' /></td></tr>
+       #    </table>
+END
+       #    ;
+       #    &Header::closebox();
        } elsif (! $cgiparams{'KEY'}) {
            my $disabled='';
            my $cakeydisabled='';
@@ -2462,6 +2429,7 @@ END
                <td class='base'>$Lang::tr{'country'}:</td>
                <td class='base'><select name='CERT_COUNTRY' $cakeydisabled>
 END
+
            ;
            foreach my $country (sort keys %{Countries::countries}) {
                print "<option value='$Countries::countries{$country}'";
@@ -2477,612 +2445,521 @@ END
                <td class='base' nowrap='nowrap'><input type='password' name='CERT_PASS1' value='$cgiparams{'CERT_PASS1'}' size='32' $cakeydisabled /></td></tr>
            <tr><td>&nbsp;</td><td class='base'>$Lang::tr{'pkcs12 file password'}:<BR>($Lang::tr{'confirmation'})</td>
                <td class='base' nowrap='nowrap'><input type='password' name='CERT_PASS2' value='$cgiparams{'CERT_PASS2'}' size='32' $cakeydisabled /></td></tr>
-           </table>
-END
-           ;
-           &Header::closebox();
-       }
-       print "<div align='center'><input type='submit' name='ACTION' value='$Lang::tr{'save'}' />";
-       if ($cgiparams{'KEY'}) {
-               if ($cgiparams{'TYPE'} ne 'host') { 
-                       print "<input type='submit' name='ACTION' value='$Lang::tr{'advanced'}' />";
-               }       
-       }
-       print "<input type='submit' name='ACTION' value='$Lang::tr{'cancel'}' /></div></form>";
-       &Header::closebigbox();
-       &Header::closepage();
-       exit (0);
-    }
-    VPNCONF_END:
-}
-###
-### Advanced settings
-###
-if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) ||
-       ($cgiparams{'ACTION'} eq $Lang::tr{'save'} && $cgiparams{'ADVANCED'} eq 'yes')) {
-    &General::readhash("${General::swroot}/ovpn/settings", \%vpnsettings);
-    &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
-       
-    if (! $confighash{$cgiparams{'KEY'}}) {
-               $errormessage = $Lang::tr{'invalid key'};
-               goto ADVANCED_END;
-    }
-       #n2n advanced error
-       if ($cgiparams{'KEEPALIVE_1'} ne '') {
-               if ($cgiparams{'KEEPALIVE_1'} !~ /^[0-9]+$/) { 
-           $errormessage = $Lang::tr{'invalid input for keepalive 1'};
-                       goto ADVANCED_ERROR;
-               }
-    }
-    if ($cgiparams{'KEEPALIVE_2'} ne ''){
-               if ($cgiparams{'KEEPALIVE_2'} !~ /^[0-9]+$/) { 
-           $errormessage = $Lang::tr{'invalid input for keepalive 2'};
-                       goto ADVANCED_ERROR;
-               }
-    }
-    if ($cgiparams{'KEEPALIVE_2'} < ($cgiparams{'KEEPALIVE_1'} * 2)){
-        $errormessage = $Lang::tr{'invalid input for keepalive 1:2'};
-        goto ADVANCED_ERROR;   
-    }
-       if ($cgiparams{'ACTION'} eq $Lang::tr{'save'}) {
-#              if ($cgiparams{'NAT'} !~ /^(on|off)$/) {
-#                      $errormessage = $Lang::tr{'invalid input'};
-#                      goto ADVANCED_ERROR;
-#              }
-       #n2n advanced error
-       #cgi an config
-               $confighash{$cgiparams{'KEY'}}[26] = $cgiparams{'KEEPALIVE_1'};
-               $confighash{$cgiparams{'KEY'}}[27] = $cgiparams{'KEEPALIVE_2'};
-               $confighash{$cgiparams{'KEY'}}[28] = $cgiparams{'EXTENDED_NICE'};
-               $confighash{$cgiparams{'KEY'}}[29] = $cgiparams{'EXTENDED_FASTIO'};
-               $confighash{$cgiparams{'KEY'}}[30] = $cgiparams{'EXTENDED_MTUDISC'};
-               $confighash{$cgiparams{'KEY'}}[31] = $cgiparams{'EXTENDED_MSSFIX'};
-               $confighash{$cgiparams{'KEY'}}[32] = $cgiparams{'EXTENDED_FRAGMENT'};
-               $confighash{$cgiparams{'KEY'}}[33] = $cgiparams{'PROXY_HOST'};
-               $confighash{$cgiparams{'KEY'}}[34] = $cgiparams{'PROXY_PORT'};
-               $confighash{$cgiparams{'KEY'}}[35] = $cgiparams{'PROXY_USERNAME'};
-               $confighash{$cgiparams{'KEY'}}[36] = $cgiparams{'PROXY_PASS'};
-               $confighash{$cgiparams{'KEY'}}[37] = $cgiparams{'PROXY_AUTH_METHOD'};
-               $confighash{$cgiparams{'KEY'}}[38] = $cgiparams{'http-proxy-retry'};
-               $confighash{$cgiparams{'KEY'}}[39] = $cgiparams{'PROXY_TIMEOUT'};
-               $confighash{$cgiparams{'KEY'}}[40] = $cgiparams{'PROXY_OPT_VERSION'};
-               $confighash{$cgiparams{'KEY'}}[41] = $cgiparams{'PROXY_OPT_AGENT'};
-               $confighash{$cgiparams{'KEY'}}[42] = $cgiparams{'LOG_VERB'};
-               &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
-               &Ovpnfunc::writenet2netconf($cgiparams{'KEY'},$zerinaclient);
-       #       restart n2n after advanced save ?
-               goto ADVANCED_END;
-       } else {        
-               $cgiparams{'KEEPALIVE_1'}         =  $confighash{$cgiparams{'KEY'}}[26];
-               $cgiparams{'KEEPALIVE_2'}         =  $confighash{$cgiparams{'KEY'}}[27];
-               $cgiparams{'EXTENDED_NICE'}       =  $confighash{$cgiparams{'KEY'}}[28];
-               $cgiparams{'EXTENDED_FASTIO'}     =  $confighash{$cgiparams{'KEY'}}[29];
-               $cgiparams{'EXTENDED_MTUDISC'}    =  $confighash{$cgiparams{'KEY'}}[30];
-               $cgiparams{'EXTENDED_MSSFIX'}     =  $confighash{$cgiparams{'KEY'}}[31];
-               $cgiparams{'EXTENDED_FRAGMENT'}   =  $confighash{$cgiparams{'KEY'}}[32];
-               $cgiparams{'PROXY_HOST'}          =  $confighash{$cgiparams{'KEY'}}[33];
-               $cgiparams{'PROXY_PORT'}          =  $confighash{$cgiparams{'KEY'}}[34];
-               $cgiparams{'PROXY_USERNAME'}      =  $confighash{$cgiparams{'KEY'}}[35];
-               $cgiparams{'PROXY_PASS'}          =  $confighash{$cgiparams{'KEY'}}[36];
-               $cgiparams{'PROXY_AUTH_METHOD'}   =  $confighash{$cgiparams{'KEY'}}[37];
-               $cgiparams{'http-proxy-retry'}    =  $confighash{$cgiparams{'KEY'}}[38];
-               $cgiparams{'PROXY_TIMEOUT'}       =  $confighash{$cgiparams{'KEY'}}[39];
-               $cgiparams{'PROXY_OPT_VERSION'}   =  $confighash{$cgiparams{'KEY'}}[40];
-               $cgiparams{'PROXY_OPT_AGENT'}     =  $confighash{$cgiparams{'KEY'}}[41];
-               $cgiparams{'LOG_VERB'}            =  $confighash{$cgiparams{'KEY'}}[42];
-               #cgi an config
-       }       
-       ADVANCED_ERROR:
-       #Schalter setzen
-    $selected{'EXTENDED_NICE'}{'-13'} = '';
-    $selected{'EXTENDED_NICE'}{'-10'} = '';
-    $selected{'EXTENDED_NICE'}{'-7'} = '';
-    $selected{'EXTENDED_NICE'}{'-3'} = '';
-    $selected{'EXTENDED_NICE'}{'0'} = '';
-    $selected{'EXTENDED_NICE'}{'3'} = '';
-    $selected{'EXTENDED_NICE'}{'7'} = '';
-    $selected{'EXTENDED_NICE'}{'10'} = '';
-    $selected{'EXTENDED_NICE'}{'13'} = '';
-    $selected{'EXTENDED_NICE'}{$cgiparams{'EXTENDED_NICE'}} = 'SELECTED';
-       $checked{'EXTENDED_FASTIO'}{'off'} = '';
-    $checked{'EXTENDED_FASTIO'}{'on'} = '';
-    $checked{'EXTENDED_FASTIO'}{$cgiparams{'EXTENDED_FASTIO'}} = 'CHECKED';
-    $checked{'EXTENDED_MTUDISC'}{'off'} = '';
-    $checked{'EXTENDED_MTUDISC'}{'on'} = '';
-    $checked{'EXTENDED_MTUDISC'}{$cgiparams{'EXTENDED_MTUDISC'}} = 'CHECKED';
-       $selected{'LOG_VERB'}{'1'} = '';
-    $selected{'LOG_VERB'}{'2'} = '';
-    $selected{'LOG_VERB'}{'3'} = '';
-    $selected{'LOG_VERB'}{'4'} = '';
-    $selected{'LOG_VERB'}{'5'} = '';
-    $selected{'LOG_VERB'}{'6'} = '';
-    $selected{'LOG_VERB'}{'7'} = '';
-    $selected{'LOG_VERB'}{'8'} = '';
-    $selected{'LOG_VERB'}{'9'} = '';
-    $selected{'LOG_VERB'}{'10'} = '';
-    $selected{'LOG_VERB'}{'11'} = '';
-    $selected{'LOG_VERB'}{'0'} = '';
-    $selected{'LOG_VERB'}{$cgiparams{'LOG_VERB'}} = 'SELECTED';
-       $selected{'PROXY_AUTH_METHOD'}{'none'} = '';
-       $selected{'PROXY_AUTH_METHOD'}{'basic'} = '';
-       $selected{'PROXY_AUTH_METHOD'}{'ntlm'} = '';
-       $selected{'PROXY_AUTH_METHOD'}{$cgiparams{'PROXY_AUTH_METHOD'}} = 'SELECTED';
-       $checked{'PROXY_RETRY'}{'off'} = '';
-       $checked{'PROXY_RETRY'}{'on'} = '';
-       $checked{'PROXY_RETRY'}{$cgiparams{'PROXY_RETRY'}} = 'CHECKED';
-       #Schalter setzen
-    &Header::showhttpheaders();
-    &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
-    &Header::openbigbox('100%', 'LEFT', '', $errormessage);
-
-    if ($errormessage) {
-       &Header::openbox('100%', 'LEFT', $Lang::tr{'error messages'});
-       print "<class name='base'>$errormessage";
-       print "&nbsp;</class>";
-       &Header::closebox();
-    }
+           </table>
+END
+           ;
+           &Header::closebox();
+       }
 
-    if ($warnmessage) {
-       &Header::openbox('100%', 'LEFT', $Lang::tr{'warning messages'});
-       print "<class name='base'>$warnmessage";
-       print "&nbsp;</class>";
-       &Header::closebox();
+       print "<div align='center'><input type='submit' name='ACTION' value='$Lang::tr{'save'}' />";
+       if ($cgiparams{'KEY'}) {
+#          print "<input type='submit' name='ACTION' value='$Lang::tr{'advanced'}' />";
+       }
+       print "<input type='submit' name='ACTION' value='$Lang::tr{'cancel'}' /></div></form>";
+       &Header::closebigbox();
+       &Header::closepage();
+       exit (0);
     }
-
-    print "<form method='post' enctype='multipart/form-data'>\n";
-    print "<input type='hidden' name='ADVANCED' value='yes' />\n";
-    print "<input type='hidden' name='KEY' value='$cgiparams{'KEY'}' />\n";
-
-    &Header::openbox('100%', 'LEFT', "$Lang::tr{'advanced'}:");    
-    print <<EOF
-    <form method='post' enctype='multipart/form-data'>
-    <table width='100%'>
-    <tr>
-       <td class'base'><b>$Lang::tr{'misc-options'}</b></td>
-    </tr>
-    <tr>
-       <td width='25%'></td> <td width='20%'> </td><td width='25%'> </td><td width='30%'></td>
-    </tr>
-    <td class='base'>Keppalive (ping/ping-restart)</td>        
-       <td><input type='TEXT' name='KEEPALIVE_1' value='$cgiparams{'KEEPALIVE_1'}' size='30' /></td>
-       <td><input type='TEXT' name='KEEPALIVE_2' value='$cgiparams{'KEEPALIVE_2'}' size='30' /></td>
-    </tr>      
-    </tr>
-    <tr>
-      <td class='base'>$Lang::tr{'ovpn_processprio'}</td>        
-      <td>
-        <select name='EXTENDED_NICE' disabled='disabled'>
-                                 <option value='-13' $selected{'EXTENDED_NICE'}{'-13'}>$Lang::tr{'ovpn_processprioEH'}</option>
-                                 <option value='-10' $selected{'EXTENDED_NICE'}{'-10'}>$Lang::tr{'ovpn_processprioVH'}</option>
-                                 <option value='-7'  $selected{'EXTENDED_NICE'}{'-7'}>$Lang::tr{'ovpn_processprioH'}</option>
-                                 <option value='-3'  $selected{'EXTENDED_NICE'}{'-3'}>$Lang::tr{'ovpn_processprioEN'}</option>
-                                 <option value='0'  $selected{'EXTENDED_NICE'}{'0'}>$Lang::tr{'ovpn_processprioN'}</option>
-                                 <option value='3'  $selected{'EXTENDED_NICE'}{'3'}>$Lang::tr{'ovpn_processprioLN'}</option>
-                                 <option value='7'  $selected{'EXTENDED_NICE'}{'7'}>$Lang::tr{'ovpn_processprioD'}</option>
-                                 <option value='10' $selected{'EXTENDED_NICE'}{'10'}>$Lang::tr{'ovpn_processprioVD'}</option>
-                                 <option value='13' $selected{'EXTENDED_NICE'}{'13'}>$Lang::tr{'ovpn_processprioED'}</option>
-                               </select>
-                 </td>
-               </tr>
-    <tr>
-      <td class='base'>$Lang::tr{'ovpn_fastio'}</td>        
-      <td>
-        <input type='checkbox' name='EXTENDED_FASTIO' $checked{'EXTENDED_FASTIO'}{'on'} disabled='disabled'/>
-                 </td>
-               </tr>
-    <tr>
-      <td class='base'>$Lang::tr{'ovpn_mtudisc'}</td>        
-      <td>
-        <input type='checkbox' name='EXTENDED_MTUDISC' $checked{'EXTENDED_MTUDISC'}{'on'} disabled='disabled'/>
-                 </td>
-               </tr>  
-    <tr>
-      <td class='base'>$Lang::tr{'ovpn_mssfix'}</td>        
-      <td>
-        <input type='TEXT' name='EXTENDED_MSSFIX' value='$cgiparams{'EXTENDED_MSSFIX'}' size='30' disabled='disabled'/>
-                 </td>
-               </tr>  
-    <tr>
-      <td class='base'>$Lang::tr{'ovpn_fragment'}</td>        
-      <td>
-        <input type='TEXT' name='EXTENDED_FRAGMENT' value='$cgiparams{'EXTENDED_FRAGMENT'}' size='30' disabled='disabled'/>
-                 </td>
-               </tr>    
-</table>
-<hr size='1'>
-    <table width='100%'>
-    <tr>
-       <td class'base'><b>$Lang::tr{'proxy'} $Lang::tr{'settings'}</b></td>
-    </tr>
-    <tr>
-       <td width='25%'></td> <td width='25%'> </td><td width='25%'> </td><td width='25%'></td>
-    </tr>
-    <td class='base'>$Lang::tr{'proxy'} $Lang::tr{'host'}:</td>        
-       <td><input type='TEXT' name='PROXY_HOST' value='$cgiparams{'PROXY_HOST'}' size='30' disabled='disabled'/></td>
-       <td class='base'>$Lang::tr{'proxy port'}:</td>
-       <td><input type='TEXT' name='PROXY_PORT' value='$cgiparams{'PROXY_PORT'}' size='10' disabled='disabled'/></td>
-       </tr>
-       <tr>
-       <td class='base'>$Lang::tr{'username'}</td>     
-    <td><input type='TEXT' name='PROXY_USERNAME' value='$cgiparams{'PROXY_USERNAME'}' size='30' disabled='disabled' /></td>
-       <td class='base'>$Lang::tr{'password'}</td>
-       <td><input type='TEXT' name='PROXY_PASS' value='$cgiparams{'PROXY_PASS'}' size='10' disabled='disabled'/></td>
-       </tr>
-       <tr>
-       <td class='base'>$Lang::tr{'authentication'} $Lang::tr{'method'}</td>
-               <td>    
-           <select name='PROXY_AUTH_METHOD' disabled='disabled'>
-                                 <option value='none' $selected{'PROXY_AUTH_METHOD'}{'none'}>none</option>
-                                 <option value='basic' $selected{'PROXY_AUTH_METHOD'}{'basic'}>basic</option>
-                                 <option value='ntlm' $selected{'PROXY_AUTH_METHOD'}{'ntlm'}>ntlm</option>                               
-                               </select>       
-               </td>                                   
-       </tr>
-       <tr>
-               <td class='base'>http-proxy-retry</td>  
-               <td><input type='checkbox' name='PROXY_RETRY' $checked{'PROXY_RETRY'}{'on'} disabled='disabled' /></td>
-               <td class='base'>http-proxy-timeout</td>
-               <td><input type='TEXT' name='PROXY_TIMEOUT' value='$cgiparams{'PROXY_TIMEOUT'}' size='10' disabled='disabled'/></td>
-       </tr>
-       <td class='base'>http-proxy-option VERSION</td>
-    <td><input type='TEXT' name='PROXY_OPT_VERSION' value='$cgiparams{'PROXY_OPT_VERSION'}' size='30' disabled='disabled'/></td>
-       <td class='base'>http-proxy-option AGENT</td>
-       <td><input type='TEXT' name='PROXY_OPT_AGENT' value='$cgiparams{'PROXY_OPT_AGENT'}' size='10' disabled='disabled'/></td>
-       </tr>
-</table>
-<hr size='1'>
-    <table width='100%'>
-    <tr>
-       <td class'base'><b>$Lang::tr{'log-options'}</b></td>
-    </tr>
-    <tr>
-       <td width='25%'></td> <td width='20%'> </td><td width='25%'> </td><td width='30%'></td>
-    </tr>      
-    <tr><td class='base'>VERB</td>        
-        <td><select name='LOG_VERB'><option value='1'  $selected{'LOG_VERB'}{'1'}>1</option>
-                                   <option value='2'  $selected{'LOG_VERB'}{'2'}>2</option>
-                                   <option value='3'  $selected{'LOG_VERB'}{'3'}>3</option>
-                                   <option value='4'  $selected{'LOG_VERB'}{'4'}>4</option>
-                                   <option value='5'  $selected{'LOG_VERB'}{'5'}>5</option>
-                                   <option value='6'  $selected{'LOG_VERB'}{'6'}>6</option>                                                                
-                                   <option value='7'  $selected{'LOG_VERB'}{'7'}>7</option>
-                                   <option value='8'  $selected{'LOG_VERB'}{'8'}>8</option>
-                                   <option value='9'  $selected{'LOG_VERB'}{'9'}>9</option>
-                                   <option value='10' $selected{'LOG_VERB'}{'10'}>10</option>
-                                   <option value='11' $selected{'LOG_VERB'}{'11'}>11</option>
-                                   <option value='0'  $selected{'LOG_VERB'}{'0'}>0</option></select></td>
-    </tr>      
-</table>
-</form>
-EOF
-    ;
-    &Header::closebox();
-    print "<div align='center'><input type='submit' name='ACTION' value='$Lang::tr{'save'}' />";
-    print "<input type='submit' name='ACTION' value='$Lang::tr{'cancel'}' /></div></form>";
-    &Header::closebigbox();
-    &Header::closepage();
-    exit(0);
-
-    ADVANCED_END:
+    VPNCONF_END:
 }
+
+#    SETTINGS_ERROR:
 ###
 ### Default status page
 ###
-%cgiparams = ();
-%cahash = ();
-%confighash = ();
-&General::readhash("${General::swroot}/ovpn/settings", \%cgiparams);
-&General::readhasharray("${General::swroot}/ovpn/caconfig", \%cahash);
-&General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
-my @status = `/bin/cat /var/log/ovpnserver.log`;
-if ($cgiparams{'VPN_IP'} eq '' && -e "${General::swroot}/red/active") {
+    %cgiparams = ();
+    %cahash = ();
+    %confighash = ();
+    &General::readhash("${General::swroot}/ovpn/settings", \%cgiparams);
+    &General::readhasharray("${General::swroot}/ovpn/caconfig", \%cahash);
+    &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
+
+    my @status = `/bin/cat /var/ipfire/ovpn/server.log`;
+
+    if ($cgiparams{'VPN_IP'} eq '' && -e "${General::swroot}/red/active") {
        if (open(IPADDR, "${General::swroot}/red/local-ipaddress")) {
            my $ipaddr = <IPADDR>;
            close IPADDR;
            chomp ($ipaddr);
            $cgiparams{'VPN_IP'} = (gethostbyaddr(pack("C4", split(/\./, $ipaddr)), 2))[0];
            if ($cgiparams{'VPN_IP'} eq '') {
-                       $cgiparams{'VPN_IP'} = $ipaddr;
+               $cgiparams{'VPN_IP'} = $ipaddr;
            }
        }
-}
+    }
+    
 #default setzen
-if ($cgiparams{'DCIPHER'} eq '') {
+    if ($cgiparams{'DCIPHER'} eq '') {
        $cgiparams{'DCIPHER'} =  'BF-CBC';     
-}
+    }
 #    if ($cgiparams{'DCOMPLZO'} eq '') {
 #      $cgiparams{'DCOMPLZO'} =  'on';     
 #    }
-if ($cgiparams{'DDEST_PORT'} eq '') {
+    if ($cgiparams{'DDEST_PORT'} eq '') {
        $cgiparams{'DDEST_PORT'} =  '1194';     
-}
-if ($cgiparams{'DMTU'} eq '') {
+    }
+    if ($cgiparams{'DMTU'} eq '') {
        $cgiparams{'DMTU'} =  '1400';     
-}
-if ($cgiparams{'DOVPN_SUBNET'} eq '') {
+    }
+    if ($cgiparams{'DOVPN_SUBNET'} eq '') {
        $cgiparams{'DOVPN_SUBNET'} = '10.' . int(rand(256)) . '.' . int(rand(256)) . '.0/255.255.255.0';
-}
-$checked{'ENABLED'}{'off'} = '';
-$checked{'ENABLED'}{'on'} = '';
-$checked{'ENABLED'}{$cgiparams{'ENABLED'}} = 'CHECKED';
-$checked{'ENABLED_BLUE'}{'off'} = '';
-$checked{'ENABLED_BLUE'}{'on'} = '';
-$checked{'ENABLED_BLUE'}{$cgiparams{'ENABLED_BLUE'}} = 'CHECKED';
-$checked{'ENABLED_ORANGE'}{'off'} = '';
-$checked{'ENABLED_ORANGE'}{'on'} = '';
-$checked{'ENABLED_ORANGE'}{$cgiparams{'ENABLED_ORANGE'}} = 'CHECKED';
+    }
+
+    $checked{'ENABLED'}{'off'} = '';
+    $checked{'ENABLED'}{'on'} = '';
+    $checked{'ENABLED'}{$cgiparams{'ENABLED'}} = 'CHECKED';
+    $checked{'ENABLED_BLUE'}{'off'} = '';
+    $checked{'ENABLED_BLUE'}{'on'} = '';
+    $checked{'ENABLED_BLUE'}{$cgiparams{'ENABLED_BLUE'}} = 'CHECKED';
+    $checked{'ENABLED_ORANGE'}{'off'} = '';
+    $checked{'ENABLED_ORANGE'}{'on'} = '';
+    $checked{'ENABLED_ORANGE'}{$cgiparams{'ENABLED_ORANGE'}} = 'CHECKED';
+    
+
 #new settings
-$selected{'DDEVICE'}{'tun'} = '';
-$selected{'DDEVICE'}{'tap'} = '';
-$selected{'DDEVICE'}{$cgiparams{'DDEVICE'}} = 'SELECTED';
-$selected{'DPROTOCOL'}{'udp'} = '';
-$selected{'DPROTOCOL'}{'tcp'} = '';
-$selected{'DPROTOCOL'}{$cgiparams{'DPROTOCOL'}} = 'SELECTED';
-$selected{'DCIPHER'}{'DES-CBC'} = '';
-$selected{'DCIPHER'}{'DES-EDE-CBC'} = '';
-$selected{'DCIPHER'}{'DES-EDE3-CBC'} = '';
-$selected{'DCIPHER'}{'DESX-CBC'} = '';
-$selected{'DCIPHER'}{'RC2-CBC'} = '';
-$selected{'DCIPHER'}{'RC2-40-CBC'} = '';
-$selected{'DCIPHER'}{'RC2-64-CBC'} = '';
-$selected{'DCIPHER'}{'BF-CBC'} = '';
-$selected{'DCIPHER'}{'CAST5-CBC'} = '';    
-$selected{'DCIPHER'}{'AES-128-CBC'} = '';
-$selected{'DCIPHER'}{'AES-192-CBC'} = '';
-$selected{'DCIPHER'}{'AES-256-CBC'} = '';
-$selected{'DCIPHER'}{$cgiparams{'DCIPHER'}} = 'SELECTED';
-$checked{'DCOMPLZO'}{'off'} = '';
-$checked{'DCOMPLZO'}{'on'} = '';
-$checked{'DCOMPLZO'}{$cgiparams{'DCOMPLZO'}} = 'CHECKED';
+    $selected{'DDEVICE'}{'tun'} = '';
+    $selected{'DDEVICE'}{'tap'} = '';
+    $selected{'DDEVICE'}{$cgiparams{'DDEVICE'}} = 'SELECTED';
+
+    $selected{'DPROTOCOL'}{'udp'} = '';
+    $selected{'DPROTOCOL'}{'tcp'} = '';
+    $selected{'DPROTOCOL'}{$cgiparams{'DPROTOCOL'}} = 'SELECTED';
+    
+    $selected{'DCIPHER'}{'DES-CBC'} = '';
+    $selected{'DCIPHER'}{'DES-EDE-CBC'} = '';
+    $selected{'DCIPHER'}{'DES-EDE3-CBC'} = '';
+    $selected{'DCIPHER'}{'DESX-CBC'} = '';
+    $selected{'DCIPHER'}{'RC2-CBC'} = '';
+    $selected{'DCIPHER'}{'RC2-40-CBC'} = '';
+    $selected{'DCIPHER'}{'RC2-64-CBC'} = '';
+    $selected{'DCIPHER'}{'BF-CBC'} = '';
+    $selected{'DCIPHER'}{'CAST5-CBC'} = '';    
+    $selected{'DCIPHER'}{'AES-128-CBC'} = '';
+    $selected{'DCIPHER'}{'AES-192-CBC'} = '';
+    $selected{'DCIPHER'}{'AES-256-CBC'} = '';
+    $selected{'DCIPHER'}{$cgiparams{'DCIPHER'}} = 'SELECTED';
+    $checked{'DCOMPLZO'}{'off'} = '';
+    $checked{'DCOMPLZO'}{'on'} = '';
+    $checked{'DCOMPLZO'}{$cgiparams{'DCOMPLZO'}} = 'CHECKED';
 
 #new settings
-&Header::showhttpheaders();
-&Header::openpage($Lang::tr{'status ovpn'}, 1, '');
-&Header::openbigbox('100%', 'LEFT', '', $errormessage);
+    &Header::showhttpheaders();
+    &Header::openpage($Lang::tr{'status ovpn'}, 1, '');
+    &Header::openbigbox('100%', 'LEFT', '', $errormessage);
 
-if ($errormessage) {
+    if ($errormessage) {
        &Header::openbox('100%', 'LEFT', $Lang::tr{'error messages'});
        print "<class name='base'>$errormessage\n";
        print "&nbsp;</class>\n";
        &Header::closebox();
-}
+    }
 
-my $sactive = "<table cellpadding='2' cellspacing='0' bgcolor='${Header::colourred}' width='50%'><tr><td align='center'><b><font color='#FFFFFF'>$Lang::tr{'stopped'}</font></b></td></tr></table>";
-my $srunning = "no";
-my $activeonrun = "";
-if ( -e "/var/run/openvpn.pid"){
+    my $sactive = "<table cellpadding='2' cellspacing='0' bgcolor='${Header::colourred}' width='50%'><tr><td align='center'><b><font color='#FFFFFF'>$Lang::tr{'stopped'}</font></b></td></tr></table>";
+    my $srunning = "no";
+    my $activeonrun = "";
+    if ( -e "/var/run/openvpn.pid"){
        $sactive = "<table cellpadding='2' cellspacing='0' bgcolor='${Header::colourgreen}' width='50%'><tr><td align='center'><b><font color='#FFFFFF'>$Lang::tr{'running'}</font></b></td></tr></table>";
        $srunning ="yes";
        $activeonrun = "";
-} else {
+    } else {
        $activeonrun = "disabled='disabled'";
-}      
-#ufuk
-#CERT
-&Header::openbox('100%', 'LEFT', "$Lang::tr{'certificate authorities'}:");
-print "<div align='center'><strong>ZERINA-0.9.7a9</strong></div>";     
-print "&nbsp";
-print <<EOF
-<table width='100%' border='0' cellspacing='1' cellpadding='0'>
-<tr>
-    <td width='25%' class='boldbase' align='center'><b>$Lang::tr{'name'}</b></td>
+    }  
+    &Header::openbox('100%', 'LEFT', $Lang::tr{'global settings'});
+       print "<div align='center'><strong>ZERINA-0.9.4i</strong></div>";       
+    print <<END        
+    <table width='100%'>
+    <form method='post'>
+    <td width='25%'>&nbsp;</td>
+    <td width='25%'>&nbsp;</td>
+    <td width='25%'>&nbsp;</td></tr>
+    <tr><td class='boldbase'>$Lang::tr{'ovpn server status'}</td>
+    <td align='left'>$sactive</td>
+    <tr><td class='boldbase'>$Lang::tr{'ovpn on red'}</td>
+        <td><input type='checkbox' name='ENABLED' $checked{'ENABLED'}{'on'} /></td>
+END
+;
+    if (&haveBlueNet()) {
+       print "<tr><td class='boldbase'>$Lang::tr{'ovpn on blue'}</td>";
+       print "<td><input type='checkbox' name='ENABLED_BLUE' $checked{'ENABLED_BLUE'}{'on'} /></td>";
+    }
+    if (&haveOrangeNet()) {    
+       print "<tr><td class='boldbase'>$Lang::tr{'ovpn on orange'}</td>";
+       print "<td><input type='checkbox' name='ENABLED_ORANGE' $checked{'ENABLED_ORANGE'}{'on'} /></td>";
+    }  
+    print <<END        
+    <tr><td class='base' nowrap='nowrap'>$Lang::tr{'local vpn hostname/ip'}:</td>
+        <td><input type='text' name='VPN_IP' value='$cgiparams{'VPN_IP'}' size='30' /></td>
+       <td class='boldbase' nowrap='nowrap'>$Lang::tr{'ovpn subnet'}</td>
+       <td><input type='TEXT' name='DOVPN_SUBNET' value='$cgiparams{'DOVPN_SUBNET'}' size='30' /></td></tr>
+    <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'ovpn device'}</td>
+        <td><select name='DDEVICE' ><option value='tun' $selected{'DDEVICE'}{'tun'}>TUN</option>
+                                           <option value='tap' $selected{'DDEVICE'}{'tap'}>TAP</option></select></td>                              
+    <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'protocol'}</td>
+        <td><select name='DPROTOCOL'><option value='udp' $selected{'DPROTOCOL'}{'udp'}>UDP</option>
+                                           <option value='tcp' $selected{'DPROTOCOL'}{'tcp'}>TCP</option></select></td>                                    
+        <td class='boldbase'>$Lang::tr{'destination port'}:</td>
+        <td><input type='TEXT' name='DDEST_PORT' value='$cgiparams{'DDEST_PORT'}' size='5' /></td></tr>
+    <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'MTU'}&nbsp;</td>
+        <td> <input type='TEXT' name='DMTU' VALUE='$cgiparams{'DMTU'}'size='5' /></TD>
+    <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'comp-lzo'}</td>
+        <td><input type='checkbox' name='DCOMPLZO' $checked{'DCOMPLZO'}{'on'} /></td>
+        <td class='boldbase' nowrap='nowrap'>$Lang::tr{'cipher'}</td>
+        <td><select name='DCIPHER'><option value='DES-CBC' $selected{'DCIPHER'}{'DES-CBC'}>DES-CBC</option>
+                                  <option value='DES-EDE-CBC' $selected{'DCIPHER'}{'DES-EDE-CBC'}>DES-EDE-CBC</option>
+                                  <option value='DES-EDE3-CBC' $selected{'DCIPHER'}{'DES-EDE3-CBC'}>DES-EDE3-CBC</option>
+                                  <option value='DESX-CBC' $selected{'DCIPHER'}{'DESX-CBC'}>DESX-CBC</option>
+                                  <option value='RC2-CBC' $selected{'DCIPHER'}{'RC2-CBC'}>RC2-CBC</option>                                                                 
+                                  <option value='RC2-40-CBC' $selected{'DCIPHER'}{'RC2-40-CBC'}>RC2-40-CBC</option>
+                                  <option value='RC2-64-CBC' $selected{'DCIPHER'}{'RC2-64-CBC'}>RC2-64-CBC</option>
+                                  <option value='BF-CBC' $selected{'DCIPHER'}{'BF-CBC'}>BF-CBC</option>
+                                  <option value='CAST5-CBC' $selected{'DCIPHER'}{'CAST5-CBC'}>CAST5-CBC</option>
+                                  <option value='AES-128-CBC' $selected{'DCIPHER'}{'AES-128-CBC'}>AES-128-CBC</option>
+                                  <option value='AES-192-CBC' $selected{'DCIPHER'}{'AES-192-CBC'}>AES-192-CBC</option>
+                                  <option value='AES-256-CBC' $selected{'DCIPHER'}{'AES-256-CBC'}>AES-256-CBC</option></select></td>
+END
+;                                 
+    
+    if ( $srunning eq "yes" ) {
+       print "<tr><td align='left'><input type='submit' name='ACTION' value='$Lang::tr{'save'}' disabled='disabled' /></td>";
+       print "<td><input type='submit' name='ACTION' value='$Lang::tr{'advanced server'}' disabled='disabled'/></td>"; 
+       print "<td><input type='submit' name='ACTION' value='$Lang::tr{'stop ovpn server'}' /></td>";
+       print "<td><input type='submit' name='ACTION' value='$Lang::tr{'restart ovpn server'}' /></td></tr>";   
+    } else{
+       print "<tr><td align='left'><input type='submit' name='ACTION' value='$Lang::tr{'save'}' /></td>";
+       print "<td><input type='submit' name='ACTION' value='$Lang::tr{'advanced server'}' /></td>";
+       if (( -e "${General::swroot}/ovpn/ca/cacert.pem" &&
+            -e "${General::swroot}/ovpn/ca/dh1024.pem" &&
+            -e "${General::swroot}/ovpn/certs/servercert.pem" &&
+            -e "${General::swroot}/ovpn/certs/serverkey.pem") &&
+           (( $cgiparams{'ENABLED'} eq 'on') || 
+           ( $cgiparams{'ENABLED_BLUE'} eq 'on') ||
+           ( $cgiparams{'ENABLED_ORANGE'} eq 'on'))){
+           print "<td><input type='submit' name='ACTION' value='$Lang::tr{'start ovpn server'}' /></td>";
+           print "<td><input type='submit' name='ACTION' value='$Lang::tr{'restart ovpn server'}' /></td></tr>";       
+       } else {
+           print "<td><input type='submit' name='ACTION' value='$Lang::tr{'start ovpn server'}' disabled='disabled' /></td>";    
+           print "<td><input type='submit' name='ACTION' value='$Lang::tr{'restart ovpn server'}' disabled='disabled' /></td></tr>";               
+       }    
+    }
+    print "</form></table>";
+    &Header::closebox();
+    &Header::openbox('100%', 'LEFT', "$Lang::tr{'certificate authorities'}:");
+    print <<EOF#'
+    <table width='100%' border='0' cellspacing='1' cellpadding='0'>
+    <tr>
+       <td width='25%' class='boldbase' align='center'><b>$Lang::tr{'name'}</b></td>
        <td width='65%' class='boldbase' align='center'><b>$Lang::tr{'subject'}</b></td>
        <td width='10%' class='boldbase' colspan='3' align='center'><b>$Lang::tr{'action'}</b></td>
-</tr>
+    </tr>
 EOF
     ;
-if (-f "${General::swroot}/ovpn/ca/cacert.pem") {
+    if (-f "${General::swroot}/ovpn/ca/cacert.pem") {
        my $casubject = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/ca/cacert.pem`;
        $casubject    =~ /Subject: (.*)[\n]/;
        $casubject    = $1;
        $casubject    =~ s+/Email+, E+;
        $casubject    =~ s/ ST=/ S=/;
+
        print <<END
-       <tr bgcolor='$color{'color22'}'>
-           <td class='base'>$Lang::tr{'root certificate'}</td>
-               <td class='base'>$casubject</td>
-               <form method='post' name='frmrootcrta'><td width='3%' align='center'>
-                       <input type='hidden' name='ACTION' value='$Lang::tr{'show root certificate'}' />
-                       <input type='image' name='$Lang::tr{'edit'}' src='/images/info.gif' alt='$Lang::tr{'show root certificate'}' title='$Lang::tr{'show root certificate'}' width='20' height='20' border='0' />
-               </td></form>
-               <form method='post' name='frmrootcrtb'><td width='3%' align='center'>
+       <tr bgcolor='${Header::table2colour}'>
+       <td class='base'>$Lang::tr{'root certificate'}</td>
+       <td class='base'>$casubject</td>
+       <form method='post' name='frmrootcrta'><td width='3%' align='center'>
+           <input type='hidden' name='ACTION' value='$Lang::tr{'show root certificate'}' />
+           <input type='image' name='$Lang::tr{'edit'}' src='/images/info.gif' alt='$Lang::tr{'show root certificate'}' title='$Lang::tr{'show root certificate'}' width='20' height='20' border='0' />
+       </td></form>
+       <form method='post' name='frmrootcrtb'><td width='3%' align='center'>
            <input type='image' name='$Lang::tr{'download root certificate'}' src='/images/floppy.gif' alt='$Lang::tr{'download root certificate'}' title='$Lang::tr{'download root certificate'}' border='0' />
            <input type='hidden' name='ACTION' value='$Lang::tr{'download root certificate'}' />
-               </td></form>
-               <td width='4%'>&nbsp;</td></tr>
+       </td></form>
+       <td width='4%'>&nbsp;</td></tr>
 END
        ;
-} else {
+    } else {
        # display rootcert generation buttons
        print <<END
-       <tr bgcolor='$color{'color22'}'>
+       <tr bgcolor='${Header::table2colour}'>
        <td class='base'>$Lang::tr{'root certificate'}:</td>
        <td class='base'>$Lang::tr{'not present'}</td>
        <td colspan='3'>&nbsp;</td></tr>
 END
        ;
-}
+    }
 
-if (-f "${General::swroot}/ovpn/certs/servercert.pem") {
+    if (-f "${General::swroot}/ovpn/certs/servercert.pem") {
        my $hostsubject = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/certs/servercert.pem`;
        $hostsubject    =~ /Subject: (.*)[\n]/;
        $hostsubject    = $1;
        $hostsubject    =~ s+/Email+, E+;
        $hostsubject    =~ s/ ST=/ S=/;
+
        print <<END
-       <tr bgcolor='$color{'color20'}'>
+       <tr bgcolor='${Header::table1colour}'>
        <td class='base'>$Lang::tr{'host certificate'}</td>
        <td class='base'>$hostsubject</td>
        <form method='post' name='frmhostcrta'><td width='3%' align='center'>
-               <input type='hidden' name='ACTION' value='$Lang::tr{'show host certificate'}' />
-               <input type='image' name='$Lang::tr{'show host certificate'}' src='/images/info.gif' alt='$Lang::tr{'show host certificate'}' title='$Lang::tr{'show host certificate'}' width='20' height='20' border='0' />
+           <input type='hidden' name='ACTION' value='$Lang::tr{'show host certificate'}' />
+           <input type='image' name='$Lang::tr{'show host certificate'}' src='/images/info.gif' alt='$Lang::tr{'show host certificate'}' title='$Lang::tr{'show host certificate'}' width='20' height='20' border='0' />
        </td></form>
        <form method='post' name='frmhostcrtb'><td width='3%' align='center'>
-               <input type='image' name='$Lang::tr{'download host certificate'}' src='/images/floppy.gif' alt='$Lang::tr{'download host certificate'}' title='$Lang::tr{'download host certificate'}' border='0' />
-               <input type='hidden' name='ACTION' value='$Lang::tr{'download host certificate'}' />
+           <input type='image' name='$Lang::tr{'download host certificate'}' src='/images/floppy.gif' alt='$Lang::tr{'download host certificate'}' title='$Lang::tr{'download host certificate'}' border='0' />
+           <input type='hidden' name='ACTION' value='$Lang::tr{'download host certificate'}' />
        </td></form>
        <td width='4%'>&nbsp;</td></tr>
 END
        ;
-} else {
+    } else {
        # Nothing
        print <<END
-       <tr bgcolor='$color{'color20'}'>
+       <tr bgcolor='${Header::table1colour}'>
        <td width='25%' class='base'>$Lang::tr{'host certificate'}:</td>
        <td class='base'>$Lang::tr{'not present'}</td>
        </td><td colspan='3'>&nbsp;</td></tr>
 END
        ;
-}
+    }
 
-if (! -f "${General::swroot}/ovpn/ca/cacert.pem") {
-       print "<tr><td colspan='5' align='center'><form method='post'>";
+    if (! -f "${General::swroot}/ovpn/ca/cacert.pem") {
+        print "<tr><td colspan='5' align='center'><form method='post'>";
        print "<input type='submit' name='ACTION' value='$Lang::tr{'generate root/host certificates'}' />";
-    print "</form></td></tr>\n";
-}
+        print "</form></td></tr>\n";
+    }
 
-if (keys %cahash > 0) {
+    if (keys %cahash > 0) {
        foreach my $key (keys %cahash) {
-               if (($key + 1) % 2) {
-                       print "<tr bgcolor='$color{'color20'}'>\n";
-               } else {
-                       print "<tr bgcolor='$color{'color22'}'>\n";
-               }
-               print "<td class='base'>$cahash{$key}[0]</td>\n";
-               print "<td class='base'>$cahash{$key}[1]</td>\n";
-               print <<END
-               <form method='post' name='cafrm${key}a'><td align='center'>
+           if (($key + 1) % 2) {
+               print "<tr bgcolor='${Header::table1colour}'>\n";
+           } else {
+               print "<tr bgcolor='${Header::table2colour}'>\n";
+           }
+           print "<td class='base'>$cahash{$key}[0]</td>\n";
+           print "<td class='base'>$cahash{$key}[1]</td>\n";
+           print <<END
+           <form method='post' name='cafrm${key}a'><td align='center'>
                <input type='image' name='$Lang::tr{'show ca certificate'}' src='/images/info.gif' alt='$Lang::tr{'show ca certificate'}' title='$Lang::tr{'show ca certificate'}' border='0' />
                <input type='hidden' name='ACTION' value='$Lang::tr{'show ca certificate'}' />
                <input type='hidden' name='KEY' value='$key' />
-               </td></form>
-               <form method='post' name='cafrm${key}b'><td align='center'>
+           </td></form>
+           <form method='post' name='cafrm${key}b'><td align='center'>
                <input type='image' name='$Lang::tr{'download ca certificate'}' src='/images/floppy.gif' alt='$Lang::tr{'download ca certificate'}' title='$Lang::tr{'download ca certificate'}' border='0' />
                <input type='hidden' name='ACTION' value='$Lang::tr{'download ca certificate'}' />
                <input type='hidden' name='KEY' value='$key' />
-               </td></form>
-               <form method='post' name='cafrm${key}c'><td align='center'>
+           </td></form>
+           <form method='post' name='cafrm${key}c'><td align='center'>
                <input type='hidden' name='ACTION' value='$Lang::tr{'remove ca certificate'}' />
                <input type='image'  name='$Lang::tr{'remove ca certificate'}' src='/images/delete.gif' alt='$Lang::tr{'remove ca certificate'}' title='$Lang::tr{'remove ca certificate'}' width='20' height='20' border='0' />
                <input type='hidden' name='KEY' value='$key' />
-               </td></form></tr>
+           </td></form></tr>
 END
            ;
        }
-}
-print "</table>"; 
-if ( -f "${General::swroot}/ovpn/ca/cacert.pem") {# If the file contains entries, print Key to action icons
-       print <<END
-       <table>
-       <tr>
+    }
+
+    print "</table>";
+
+    # If the file contains entries, print Key to action icons
+    if ( -f "${General::swroot}/ovpn/ca/cacert.pem") {
+    print <<END
+    <table>
+    <tr>
        <td class='boldbase'>&nbsp; <b>$Lang::tr{'legend'}:</b></td>
        <td>&nbsp; &nbsp; <img src='/images/info.gif' alt='$Lang::tr{'show certificate'}' /></td>
        <td class='base'>$Lang::tr{'show certificate'}</td>
        <td>&nbsp; &nbsp; <img src='/images/floppy.gif' alt='$Lang::tr{'download certificate'}' /></td>
        <td class='base'>$Lang::tr{'download certificate'}</td>
-       </tr>
-       </table>
+    </tr>
+    </table>
 END
     ;
-}
-print <<END
-<form method='post' enctype='multipart/form-data'>
-<table width='100%' border='0' cellspacing='1' cellpadding='0'>
-<tr><td class='base' nowrap='nowrap'>$Lang::tr{'ca name'}:</td>
-<td nowrap='nowrap'><input type='text' name='CA_NAME' value='$cgiparams{'CA_NAME'}' size='15' />
-<td nowrap='nowrap'><input type='file' name='FH' size='30' /></td>
-<td nowrap='nowrap'><input type='submit' name='ACTION' value='$Lang::tr{'upload ca certificate'}' /><br /><input type='submit' name='ACTION' value='$Lang::tr{'show crl'}' /></td>    
-</tr></table></form>
+    }
+    print <<END
+    <form method='post' enctype='multipart/form-data'>
+    <table width='100%' border='0' cellspacing='1' cellpadding='0'>
+    <tr><td class='base' nowrap='nowrap'>$Lang::tr{'ca name'}:</td>
+    <td nowrap='nowrap'><input type='text' name='CA_NAME' value='$cgiparams{'CA_NAME'}' size='15' />
+    <td nowrap='nowrap'><input type='file' name='FH' size='30' /></td>
+    <td nowrap='nowrap'><input type='submit' name='ACTION' value='$Lang::tr{'upload ca certificate'}' /></td>
+    <td nowrap='nowrap'><input type='submit' name='ACTION' value='$Lang::tr{'show crl'}' /></td>    
+    </tr></table></form>
 END
     ;
-&Header::closebox();
-if ( $srunning eq "yes" ) {    
+
+    &Header::closebox();
+    if ( $srunning eq "yes" ) {    
        print "<div align='center'><form method='post'><input type='submit' name='ACTION' value='$Lang::tr{'reset'}' disabled='disabled' /></div></form>\n";    
-}else{
-       print "<div align='center'><form method='post'><input type='submit' name='ACTION' value='$Lang::tr{'reset'}' /></div></form>\n";
-}          
-#CERT
-#RWSERVER
-#&Header::openbox('100%', 'LEFT', $Lang::tr{'global settings'});
-&Header::openbox('100%', 'LEFT', 'Roadwarrior Server');
-print <<END    
-<table width='100%'>
-<form method='post'>
-<td width='25%'>&nbsp;</td>
-<td width='25%'>&nbsp;</td>
-<td width='25%'>&nbsp;</td></tr>
-<tr><td class='boldbase'>$Lang::tr{'ovpn server status'}</td>
-<td align='left'>$sactive</td>
-<tr><td class='boldbase'>$Lang::tr{'ovpn on red'}</td>
-    <td><input type='checkbox' name='ENABLED' $checked{'ENABLED'}{'on'} /></td>
-END
-;
-if (&Ovpnfunc::haveBlueNet()) {
-       print "<tr><td class='boldbase'>$Lang::tr{'ovpn on blue'}</td>";
-       print "<td><input type='checkbox' name='ENABLED_BLUE' $checked{'ENABLED_BLUE'}{'on'} /></td>";
-}
-if (&Ovpnfunc::haveOrangeNet()) {    
-       print "<tr><td class='boldbase'>$Lang::tr{'ovpn on orange'}</td>";
-       print "<td><input type='checkbox' name='ENABLED_ORANGE' $checked{'ENABLED_ORANGE'}{'on'} /></td>";
-}      
-print <<END            
-<tr><td class='base' nowrap='nowrap'>$Lang::tr{'local vpn hostname/ip'}:</td>
-    <td><input type='text' name='VPN_IP' value='$cgiparams{'VPN_IP'}' size='30' /></td>
-       <td class='boldbase' nowrap='nowrap'></td><td class='boldbase' nowrap='nowrap'>$Lang::tr{'ovpn subnet'}
-       <br /><input type='TEXT' name='DOVPN_SUBNET' value='$cgiparams{'DOVPN_SUBNET'}' size='30' /></td></tr>
-<tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'ovpn device'}</td>
-    <td><select name='DDEVICE' ><option value='tun' $selected{'DDEVICE'}{'tun'}>TUN</option>
-                                <option value='tap' $selected{'DDEVICE'}{'tap'}>TAP</option></select></td>                                 
-<tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'protocol'}</td>
-    <td><select name='DPROTOCOL'><option value='udp' $selected{'DPROTOCOL'}{'udp'}>UDP</option>
-                                 <option value='tcp' $selected{'DPROTOCOL'}{'tcp'}>TCP</option></select></td>                              
-    <td class='boldbase'>$Lang::tr{'destination port'}:</td>
-    <td><input type='TEXT' name='DDEST_PORT' value='$cgiparams{'DDEST_PORT'}' size='5' /></td></tr>
-<tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'MTU'}&nbsp;</td>
-    <td> <input type='TEXT' name='DMTU' VALUE='$cgiparams{'DMTU'}'size='5' /></TD>
-<tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'comp-lzo'}</td>
-    <td><input type='checkbox' name='DCOMPLZO' $checked{'DCOMPLZO'}{'on'} /></td>
-    <td class='boldbase' nowrap='nowrap'>$Lang::tr{'cipher'}</td>
-    <td><select name='DCIPHER'><option value='DES-CBC' $selected{'DCIPHER'}{'DES-CBC'}>DES-CBC</option>
-                                              <option value='DES-EDE-CBC' $selected{'DCIPHER'}{'DES-EDE-CBC'}>DES-EDE-CBC</option>
-                                              <option value='DES-EDE3-CBC' $selected{'DCIPHER'}{'DES-EDE3-CBC'}>DES-EDE3-CBC</option>
-                                              <option value='DESX-CBC' $selected{'DCIPHER'}{'DESX-CBC'}>DESX-CBC</option>
-                                              <option value='RC2-CBC' $selected{'DCIPHER'}{'RC2-CBC'}>RC2-CBC</option>                                                             
-                                              <option value='RC2-40-CBC' $selected{'DCIPHER'}{'RC2-40-CBC'}>RC2-40-CBC</option>
-                                              <option value='RC2-64-CBC' $selected{'DCIPHER'}{'RC2-64-CBC'}>RC2-64-CBC</option>
-                                              <option value='BF-CBC' $selected{'DCIPHER'}{'BF-CBC'}>BF-CBC</option>
-                                              <option value='CAST5-CBC' $selected{'DCIPHER'}{'CAST5-CBC'}>CAST5-CBC</option>
-                                              <option value='AES-128-CBC' $selected{'DCIPHER'}{'AES-128-CBC'}>AES-128-CBC</option>
-                                              <option value='AES-192-CBC' $selected{'DCIPHER'}{'AES-192-CBC'}>AES-192-CBC</option>
-                                              <option value='AES-256-CBC' $selected{'DCIPHER'}{'AES-256-CBC'}>AES-256-CBC</option></select></td>
+    }else{
+       print "<div align='center'><form method='post'><input type='submit' name='ACTION' value='$Lang::tr{'reset'}' /></div></form>\n";
+    }      
+    if ( -f "${General::swroot}/ovpn/ca/cacert.pem" ) {
+    &Header::openbox('100%', 'LEFT', $Lang::tr{'Client status and controlc' });
+    print <<END
+    <table width='100%' border='0' cellspacing='1' cellpadding='0'>
+<tr>
+    <td width='10%' class='boldbase' align='center'><b>$Lang::tr{'name'}</b></td>
+    <td width='15%' class='boldbase' align='center'><b>$Lang::tr{'type'}</b></td>
+    <td width='18%' class='boldbase' align='center'><b>$Lang::tr{'common name'}</b></td>
+    <td width='17%' class='boldbase' align='center'><b>$Lang::tr{'valid till'}</b></td>
+    <td width='25%' class='boldbase' align='center'><b>$Lang::tr{'remark'}</b><br /><img src='/images/null.gif' width='125' height='1' border='0' alt='L2089' /></td>
+    <td width='10%' class='boldbase' align='center'><b>$Lang::tr{'status'}</b></td>
+    <td width='5%' class='boldbase' colspan='6' align='center'><b>$Lang::tr{'action'}</b></td>
+</tr>
 END
-;                                 
-    
-if ( $srunning eq "yes" ) {
-       print "<tr><td align='left'><input type='submit' name='ACTION' value='$Lang::tr{'save'}' disabled='disabled' /></td>";
-       print "<td><input type='submit' name='ACTION' value='$Lang::tr{'advanced server'}' disabled='disabled'/></td>"; 
-       print "<td><input type='submit' name='ACTION' value='$Lang::tr{'stop ovpn server'}' /></td>";
-       print "<td><input type='submit' name='ACTION' value='$Lang::tr{'restart ovpn server'}' /></td></tr>";   
-} else{
-       print "<tr><td align='left'><input type='submit' name='ACTION' value='$Lang::tr{'save'}' /></td>";
-       print "<td><input type='submit' name='ACTION' value='$Lang::tr{'advanced server'}' /></td>";
-       if (( -e "${General::swroot}/ovpn/ca/cacert.pem" &&
-             -e "${General::swroot}/ovpn/ca/dh1024.pem" &&
-          -e "${General::swroot}/ovpn/certs/servercert.pem" &&
-          -e "${General::swroot}/ovpn/certs/serverkey.pem") &&
-          (( $cgiparams{'ENABLED'} eq 'on') || 
-        ( $cgiparams{'ENABLED_BLUE'} eq 'on') ||
-        ( $cgiparams{'ENABLED_ORANGE'} eq 'on'))){
-               print "<td><input type='submit' name='ACTION' value='$Lang::tr{'start ovpn server'}' /></td>";
-               print "<td><input type='submit' name='ACTION' value='$Lang::tr{'restart ovpn server'}' /></td></tr>";   
+       ;
+        my $id = 0;
+        my $gif;
+        foreach my $key (keys %confighash) {
+       if ($confighash{$key}[0] eq 'on') { $gif = 'on.gif'; } else { $gif = 'off.gif'; }
+
+       if ($id % 2) {
+           print "<tr bgcolor='${Header::table1colour}'>\n";
        } else {
-               print "<td><input type='submit' name='ACTION' value='$Lang::tr{'start ovpn server'}' disabled='disabled' /></td>";    
-               print "<td><input type='submit' name='ACTION' value='$Lang::tr{'restart ovpn server'}' disabled='disabled' /></td></tr>";                   
-       }    
+           print "<tr bgcolor='${Header::table2colour}'>\n";
+       }
+       print "<td align='center' nowrap='nowrap'>$confighash{$key}[1]</td>";
+       print "<td align='center' nowrap='nowrap'>" . $Lang::tr{"$confighash{$key}[3]"} . " (" . $Lang::tr{"$confighash{$key}[4]"} . ")</td>";
+       if ($confighash{$key}[4] eq 'cert') {
+           print "<td align='left' nowrap='nowrap'>$confighash{$key}[2]</td>";
+       } else {
+           print "<td align='left'>&nbsp;</td>";
+       }
+       my $cavalid = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/certs/$confighash{$key}[1]cert.pem`;
+       $cavalid    =~ /Not After : (.*)[\n]/;
+       $cavalid    = $1;
+       print "<td align='center'>$cavalid</td>";
+       print "<td align='center'>$confighash{$key}[25]</td>";
+       my $active = "<table cellpadding='2' cellspacing='0' bgcolor='${Header::colourred}' width='100%'><tr><td align='center'><b><font color='#FFFFFF'>$Lang::tr{'capsclosed'}</font></b></td></tr></table>";
+       if ($confighash{$key}[0] eq 'off') {
+           $active = "<table cellpadding='2' cellspacing='0' bgcolor='${Header::colourblue}' width='100%'><tr><td align='center'><b><font color='#FFFFFF'>$Lang::tr{'capsclosed'}</font></b></td></tr></table>";
+       } else {
+           my $cn;
+           my @match = ();     
+           foreach my $line (@status) {
+               chomp($line);
+               if ( $line =~ /^(.+),(\d+\.\d+\.\d+\.\d+\:\d+),(\d+),(\d+),(.+)/) {
+                   @match = split(m/^(.+),(\d+\.\d+\.\d+\.\d+\:\d+),(\d+),(\d+),(.+)/, $line);
+                   if ($match[1] ne "Common Name") {
+                       $cn = $match[1];
+                   }       
+               $cn =~ s/[_]/ /g;
+                   if ($cn eq "$confighash{$key}[2]") {
+                       $active = "<table cellpadding='2' cellspacing='0' bgcolor='${Header::colourgreen}' width='100%'><tr><td align='center'><b><font color='#FFFFFF'>$Lang::tr{'capsopen'}</font></b></td></tr></table>";
+                   }
+               }    
+           }
+       }
+       my $disable_clientdl = "disabled='disabled'";
+       if (( $cgiparams{'ENABLED'} eq 'on') || 
+           ( $cgiparams{'ENABLED_BLUE'} eq 'on') ||
+           ( $cgiparams{'ENABLED_ORANGE'} eq 'on')){
+           $disable_clientdl = "";
+       }
+       print <<END
+       <td align='center'>$active</td>
+               
+       <form method='post' name='frm${key}a'><td align='center'>
+           <input type='image'  name='$Lang::tr{'dl client arch'}' $disable_clientdl src='/images/openvpn.png' alt='$Lang::tr{'dl client arch'}' title='$Lang::tr{'dl client arch'}' border='0' />
+           <input type='hidden' name='ACTION' value='$Lang::tr{'dl client arch'}' $disable_clientdl />
+           <input type='hidden' name='KEY' value='$key' $disable_clientdl />
+       </td></form>
+END
+       ;
+       if ($confighash{$key}[4] eq 'cert') {
+           print <<END
+           <form method='post' name='frm${key}b'><td align='center'>
+               <input type='image' name='$Lang::tr{'show certificate'}' src='/images/info.gif' alt='$Lang::tr{'show certificate'}' title='$Lang::tr{'show certificate'}' border='0' />
+               <input type='hidden' name='ACTION' value='$Lang::tr{'show certificate'}' />
+               <input type='hidden' name='KEY' value='$key' />
+           </td></form>
+END
+       ; } else {
+           print "<td>&nbsp;</td>";
+       }
+       if ($confighash{$key}[4] eq 'cert' && -f "${General::swroot}/ovpn/certs/$confighash{$key}[1].p12") { 
+           print <<END
+           <form method='post' name='frm${key}c'><td align='center'>
+               <input type='image' name='$Lang::tr{'download pkcs12 file'}' src='/images/floppy.gif' alt='$Lang::tr{'download pkcs12 file'}' title='$Lang::tr{'download pkcs12 file'}' border='0' />
+               <input type='hidden' name='ACTION' value='$Lang::tr{'download pkcs12 file'}' />
+               <input type='hidden' name='KEY' value='$key' />
+           </td></form>
+END
+       ; } elsif ($confighash{$key}[4] eq 'cert') {
+           print <<END
+           <form method='post' name='frm${key}c'><td align='center'>
+               <input type='image' name='$Lang::tr{'download certificate'}' src='/images/floppy.gif' alt='$Lang::tr{'download certificate'}' title='$Lang::tr{'download certificate'}' border='0' />
+               <input type='hidden' name='ACTION' value='$Lang::tr{'download certificate'}' />
+               <input type='hidden' name='KEY' value='$key' />
+           </td></form>
+END
+       ; } else {
+           print "<td>&nbsp;</td>";
+       }
+       print <<END
+       <form method='post' name='frm${key}d'><td align='center'>
+           <input type='image' name='$Lang::tr{'toggle enable disable'}' src='/images/$gif' alt='$Lang::tr{'toggle enable disable'}' title='$Lang::tr{'toggle enable disable'}' border='0' />
+           <input type='hidden' name='ACTION' value='$Lang::tr{'toggle enable disable'}' />
+           <input type='hidden' name='KEY' value='$key' />
+       </td></form>
+
+       <form method='post' name='frm${key}e'><td align='center'>
+           <input type='hidden' name='ACTION' value='$Lang::tr{'edit'}' />
+           <input type='image' name='$Lang::tr{'edit'}' src='/images/edit.gif' alt='$Lang::tr{'edit'}' title='$Lang::tr{'edit'}' width='20' height='20' border='0'/>
+           <input type='hidden' name='KEY' value='$key' />
+       </td></form>
+       <form method='post' name='frm${key}f'><td align='center'>
+           <input type='hidden' name='ACTION' value='$Lang::tr{'remove'}' />
+           <input type='image'  name='$Lang::tr{'remove'}' src='/images/delete.gif' alt='$Lang::tr{'remove'}' title='$Lang::tr{'remove'}' width='20' height='20' border='0' />
+           <input type='hidden' name='KEY' value='$key' />
+       </td></form>
+       </tr>
+END
+       ;
+       $id++;
+    }
+    ;
+
+    # If the config file contains entries, print Key to action icons
+    if ( $id ) {
+    print <<END
+    <table>
+    <tr>
+       <td class='boldbase'>&nbsp; <b>$Lang::tr{'legend'}:</b></td>
+       <td>&nbsp; <img src='/images/on.gif' alt='$Lang::tr{'click to disable'}' /></td>
+       <td class='base'>$Lang::tr{'click to disable'}</td>
+       <td>&nbsp; &nbsp; <img src='/images/info.gif' alt='$Lang::tr{'show certificate'}' /></td>
+       <td class='base'>$Lang::tr{'show certificate'}</td>
+       <td>&nbsp; &nbsp; <img src='/images/edit.gif' alt='$Lang::tr{'edit'}' /></td>
+       <td class='base'>$Lang::tr{'edit'}</td>
+       <td>&nbsp; &nbsp; <img src='/images/delete.gif' alt='$Lang::tr{'remove'}' /></td>
+       <td class='base'>$Lang::tr{'remove'}</td>
+    </tr>
+    <tr>
+       <td>&nbsp; </td>
+       <td>&nbsp; <img src='/images/off.gif' alt='?OFF' /></td>
+       <td class='base'>$Lang::tr{'click to enable'}</td>
+       <td>&nbsp; &nbsp; <img src='/images/floppy.gif' alt='?FLOPPY' /></td>
+       <td class='base'>$Lang::tr{'download certificate'}</td>
+       <td>&nbsp; &nbsp; <img src='/images/openvpn.png' alt='?RELOAD'/></td>
+       <td class='base'>$Lang::tr{'dl client arch'}</td>
+    </tr>
+    </table>
+END
+    ;
+    }
+
+    print <<END
+    <table width='100%'>
+    <form method='post'>
+    <tr><td width='50%' ><input type='submit' name='ACTION' value='$Lang::tr{'add'}' /></td>
+       <td width='50%' ><input type='submit' name='ACTION' value='$Lang::tr{'ovpn con stat'}' $activeonrun /></td></tr>
+    </form>
+    </table>
+END
+    ;    
+    &Header::closebox();
 }
-print "</form></table>";
-&Header::closebox();
-#RWSERVER
-&Ovpnfunc::rwclientstatus($activeonrun);
-&Ovpnfunc::net2netstatus($activeonrun);
+    print "$Lang::tr{'this feature has been sponsored by'} : ";
+    print "<a href='http://www.stareventsgroup.com/' target='_blank'>Star Events Group Ltd</a>.\n";
+    print "<a href='http://www.ibdozing.com/' target='_blank'>IBDOZING</a>.\n";
+    print "<a href='http://www.xencon.net/' target='_blank'>Xen by x|encon</a>.\n";
+       print "<a href='http://www.savatec.de/' target='_blank'>SAVATEC e.K.</a>.\n";    
 &Header::closepage();
index bfeeed7..8e35c98 100644 (file)
--- a/lfs/ibod
+++ b/lfs/ibod
 
 include Config
 
-VER = ipfire
+VER        = 1.4
 
-THISAPP    = ibod
-DIR_APP    = $(DIR_SRC)/src/$(THISAPP)
+THISAPP    = ibod-$(VER)
+DL_FILE    = $(THISAPP)-src.tar.gz
+DL_FROM    = $(URL_IPFIRE)
+DIR_APP    = $(DIR_SRC)/$(THISAPP)
 TARGET     = $(DIR_INFO)/$(THISAPP)
 
 ###############################################################################
 # Top-level Rules
 ###############################################################################
+objects = $(DL_FILE)
+
+$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
+
+$(DL_FILE)_MD5 = 38b45be27c0a82b38380f680fdee0aff
 
 install : $(TARGET)
 
-check :
+check : $(patsubst %,$(DIR_CHK)/%,$(objects))
+
+download :$(patsubst %,$(DIR_DL)/%,$(objects))
+
+md5 : $(subst %,%_MD5,$(objects))
+
+###############################################################################
+# Downloading, checking, md5sum
+###############################################################################
+
+$(patsubst %,$(DIR_CHK)/%,$(objects)) :
+       @$(CHECK)
 
-download :
+$(patsubst %,$(DIR_DL)/%,$(objects)) :
+       @$(LOAD)
 
-md5 :
+$(subst %,%_MD5,$(objects)) :
+       @$(MD5)
 
 ###############################################################################
 # Installation Details
 ###############################################################################
 
-$(TARGET) : 
+$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
        @$(PREBUILD)
-       cd $(DIR_APP) && make ibod
-       mkdir -p /etc/ppp
-       cd $(DIR_APP) && install -m 0644 ibod.cf /etc/ppp
+       @-mkdir -p $(DIR_APP)
+       @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) -C $(DIR_APP)
+       cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/ibod-config.patch
+       cd $(DIR_APP) && gcc $(CFLAGS) ibod.c -o ibod
+       cd $(DIR_APP) && install -m 0644 ibod.cf /etc/isdn
        cd $(DIR_APP) && install -m 0755 ibod /usr/sbin
-       cd $(DIR_APP) && rm -f ibod
+       @rm -rf $(DIR_APP)
        @$(POSTBUILD)
index d8cfb34..cac21fd 100644 (file)
 # Makefiles are based on LFSMake, which is                                    #
 # Copyright (C) 2002 Rod Roard <rod@sunsetsystems.com>                        #
 #                                                                             #
-# Modifications by:                                                           #
-# ??-12-2003 Mark Wormgoor < mark@wormgoor.com>                               #
-#          - Modified Makefile for IPCop build                                #
-#                                                                             #
-# $Id: isdn4k-utils,v 1.8.2.4 2005/02/05 15:38:15 gespinasse Exp $
-#                                                                             #
 ###############################################################################
 
 ###############################################################################
 
 include Config
 
-VER        = v3.2p1
+VER        = CVS-2006-07-20
 
-THISAPP    = isdn4k-utils.$(VER)
+THISAPP    = isdn4k-utils-$(VER)
 DL_FILE    = $(THISAPP).tar.bz2
-DL_FROM    = ftp://ftp.isdn4linux.de/pub/isdn4linux/utils
-DIR_APP    = $(DIR_SRC)/isdn4k-utils
+DL_FROM    = $(URL_IPFIRE)
+DIR_APP    = $(DIR_SRC)/$(THISAPP)
 TARGET     = $(DIR_INFO)/$(THISAPP)
+CFLAGS     += -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE
+RPM_OPT_FLAGS = "$(CFLAGS)"
 
 ###############################################################################
 # Top-level Rules
 ###############################################################################
-objects = $(DL_FILE) isdn4k-utils_ippp-filter.diff
+objects = $(DL_FILE)
 
-$(DL_FILE)                         = $(DL_FROM)/$(DL_FILE)
-isdn4k-utils_ippp-filter.diff      = http://trash.net/~kaber/ippp-filter/isdn4k-utils_ippp-filter.diff
+$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_MD5                     = d347afa462e46eccfd1284aebae227b6
-isdn4k-utils_ippp-filter.diff_MD5  = b8ff58859b9e379d1f9842d43ce5956e
+$(DL_FILE)_MD5 = 7cde4a61e870bb7e53cd912a3fc30207
 
 install : $(TARGET)
 
@@ -79,30 +73,28 @@ $(subst %,%_MD5,$(objects)) :
 $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
        @$(PREBUILD)
        @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE)
-       cd $(DIR_APP) && patch -Np1 < $(DIR_DL)/isdn4k-utils_ippp-filter.diff
-       cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/isdn4k-utils-v3.2p1-c89.patch
-       cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/isdn4k-utils-v3.2p1-config.patch
-       cd $(DIR_APP) && sed -i 's%-lt 64%-lt 16%' scripts/makedev.sh
-       cd $(DIR_APP)/capi20 && rm -f lt* aclocal.m4 
-       cd $(DIR_APP)/capi20 && aclocal
-       cd $(DIR_APP)/capi20 && libtoolize --force --automake
-       cd $(DIR_APP)/capi20 && automake --add-missing
-       cd $(DIR_APP)/capi20 && autoconf
-       cd $(DIR_APP)/capiinfo && rm -f aclocal.m4
-       cd $(DIR_APP)/capiinfo && aclocal
-       cd $(DIR_APP)/capiinfo && libtoolize --force --automake
-       cd $(DIR_APP)/capiinfo && automake --add-missing
-       cd $(DIR_APP)/capiinfo && autoconf
-       cd $(DIR_APP)/capiinit && rm -f aclocal.m4
-       cd $(DIR_APP)/capiinit && aclocal
-       cd $(DIR_APP)/capiinit && libtoolize --force --automake
-       cd $(DIR_APP)/capiinit && automake --add-missing
-       cd $(DIR_APP)/capiinit && autoconf
-       cd $(DIR_APP)/ipppd && autoconf
-       cd $(DIR_APP)/ipppd && sed -i -e 's/net\/bpf/pcap/' sys-linux.c
-       cd $(DIR_APP)/ipppd && sed -i -e 's/net\/bpf/pcap/' ipppd.h
+       #cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/isdn4k-utils_ippp-filter.diff
+       cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/isdn4k-utils-CVS-2006-07-20-redhat.patch
+       cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/isdn4k-utils-CVS-2004-11-18-autoconf25x.patch
+       cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/isdn4k-utils-0202131200-true.patch
+       cd $(DIR_APP) && patch -Np0 < $(DIR_SRC)/src/patches/isdn4k-utils-CVS-2006-02-13-cleanup.patch
+       cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/isdn4k-utils-statfs.patch
+       cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/isdn4k-utils-capiinit.patch
+       cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/isdn4k-utils-CVS-2006-07-20-pppd-2.4.4.patch
+
+       cd $(DIR_APP) && for i in */configure; do       \
+               cd `dirname $$i`; \
+               autoreconf --force --install; \
+               cd ..; \
+       done
+       
+       cd $(DIR_APP) && iconv -f iso-8859-1 -t utf-8 < imontty/imontty.8.in > imontty/imontty.8.in_
+       cd $(DIR_APP) && mv imontty/imontty.8.in_ imontty/imontty.8.in
+       
+       cd $(DIR_APP) && cp -fv $(DIR_SRC)/config/isdn4k-utils/config .config
+       cd $(DIR_APP) && sed -e "s,',,g" .config > .config.h
+       
        cd $(DIR_APP) && make subconfig
-       cd $(DIR_APP)/ipppd && sed -i 's/^IPPP_FILTER.*$$/IPPP_FILTER := 1/' Makefile
        cd $(DIR_APP) && make
        cd $(DIR_APP) && make install
        @rm -rf $(DIR_APP)
diff --git a/lfs/libxslt b/lfs/libxslt
new file mode 100644 (file)
index 0000000..0e99fd0
--- /dev/null
@@ -0,0 +1,79 @@
+###############################################################################
+# This file is part of the IPCop Firewall.                                    #
+#                                                                             #
+# IPCop is free software; you can redistribute it and/or modify               #
+# it under the terms of the GNU General Public License as published by        #
+# the Free Software Foundation; either version 2 of the License, or           #
+# (at your option) any later version.                                         #
+#                                                                             #
+# IPCop is distributed in the hope that it will be useful,                    #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
+# GNU General Public License for more details.                                #
+#                                                                             #
+# You should have received a copy of the GNU General Public License           #
+# along with IPCop; if not, write to the Free Software                        #
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307 USA    #
+#                                                                             #
+# Makefiles are based on LFSMake, which is                                    #
+# Copyright (C) 2002 Rod Roard <rod@sunsetsystems.com>                        #
+#                                                                             #
+###############################################################################
+
+###############################################################################
+# Definitions
+###############################################################################
+
+include Config
+
+VER        = 1.1.17
+
+THISAPP    = libxslt-$(VER)
+DL_FILE    = $(THISAPP).tar.gz
+DL_FROM    = $(URL_IPFIRE)
+DIR_APP    = $(DIR_SRC)/$(THISAPP)
+TARGET     = $(DIR_INFO)/$(THISAPP)
+
+###############################################################################
+# Top-level Rules
+###############################################################################
+
+objects = $(DL_FILE)
+
+$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
+
+$(DL_FILE)_MD5 = fde6a7a93c0eb14cba628692fa3a1000
+
+install : $(TARGET)
+
+check : $(patsubst %,$(DIR_CHK)/%,$(objects))
+
+download :$(patsubst %,$(DIR_DL)/%,$(objects))
+
+md5 : $(subst %,%_MD5,$(objects))
+
+###############################################################################
+# Downloading, checking, md5sum
+###############################################################################
+
+$(patsubst %,$(DIR_CHK)/%,$(objects)) :
+       @$(CHECK)
+
+$(patsubst %,$(DIR_DL)/%,$(objects)) :
+       @$(LOAD)
+
+$(subst %,%_MD5,$(objects)) :
+       @$(MD5)
+
+###############################################################################
+# Installation Details
+###############################################################################
+
+$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
+       @$(PREBUILD)
+       @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
+       cd $(DIR_APP) && ./configure --prefix=/usr
+       cd $(DIR_APP) && make $(MAKETUNING)
+       cd $(DIR_APP) && make install
+       @rm -rf $(DIR_APP)
+       @$(POSTBUILD)
index b48d83b..d05e526 100644 (file)
--- a/lfs/mISDN
+++ b/lfs/mISDN
@@ -74,5 +74,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
        @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
        cd $(DIR_APP) && make MISDNDIR=/usr/src/linux
        cd $(DIR_APP) && make install MISDNDIR=/usr/src/linux
+       -mkdir -p /usr/lib/mISDN
+       cd $(DIR_APP) && cp config/*.xsl /usr/lib/mISDN
        @rm -rf $(DIR_APP)
        @$(POSTBUILD)
index 989ce96..e46b840 100644 (file)
@@ -76,12 +76,11 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
                -e 's%^INC_USRLOCAL.*$$%INC_USRLOCAL=/usr%' \
                -e 's%^USERCOMPILE.*$$%USERCOMPILE=$(CFLAGS)%' \
                -e 's%^KLIPSCOMPILE.*$$%KLIPSCOMPILE=$(CFLAGS)%' Makefile.inc
-       cd $(DIR_APP) && sed -i -e 's/CWARNINGS = -Werror/CWARNINGS =/' \
-                                                                                       lib/liblwres/Makefile
        cd $(DIR_APP) && make programs
        cd $(DIR_APP) && make install
-       #mv -f /etc/rc.d/init.d/ipsec /etc/rc.d/
+       
        -rm -rfv /etc/rc*.d/*ipsec
+       cd $(DIR_SRC) && cp src/initscripts/init.d/ipsec /etc/rc.d/init.d/ipsec
        rm -f /etc/ipsec.conf /etc/ipsec.secrets
        ln -sf $(CONFIG_ROOT)/vpn/ipsec.conf /etc/ipsec.conf
        ln -sf $(CONFIG_ROOT)/vpn/ipsec.secrets /etc/ipsec.secrets
diff --git a/make.sh b/make.sh
index 603bb78..95bf7dc 100755 (executable)
--- a/make.sh
+++ b/make.sh
@@ -374,6 +374,7 @@ buildipfire() {
   ipfiremake libcap
   ipfiremake pciutils
   ipfiremake libxml2
+  ipfiremake libxslt
   ipfiremake BerkeleyDB
   ipfiremake mysql
   ipfiremake cyrus-sasl
@@ -413,7 +414,7 @@ buildipfire() {
   ipfiremake iptstate
   ipfiremake iputils
   ipfiremake l7-protocols
-#  ipfiremake isdn4k-utils # What about mISDN???
+  ipfiremake isdn4k-utils
   ipfiremake mISDN
   ipfiremake hwdata
   ipfiremake kudzu
diff --git a/src/ibod/ibod.c b/src/ibod/ibod.c
deleted file mode 100644 (file)
index 6c8e0e0..0000000
+++ /dev/null
@@ -1,367 +0,0 @@
-/* Customised version of ibod - GUI code removed by Mark Wormgoor\r
- *                              Buffer overflow fixes by Robert Kerr\r
- *\r
- * ibod originally by Bjoern Smith\r
- */\r
-\r
-static char *rcsId = "$Id: ibod.c,v 1.1.1.1.8.1 2005/05/07 12:46:16 rkerr Exp $";\r
-static char *rcsSymbol = "$Symbol$";\r
-\r
-#include <stdlib.h>\r
-#include <string.h>\r
-#include <stdio.h>\r
-#include <signal.h>\r
-#include <sys/time.h>\r
-#include <sys/types.h>\r
-#include <sys/stat.h>\r
-#include <fcntl.h>\r
-#include <sys/socket.h>\r
-#include <netinet/in.h>\r
-#include <linux/isdn.h>\r
-#include <syslog.h>\r
-#include <errno.h>\r
-#include "ibod.h"\r
-\r
-static int setattr();\r
-static void reread(int sig);\r
-static void pipehndl(int sig);\r
-static void setinterval();\r
-static void get_if_state();\r
-static int bring_up_slave();\r
-static int bring_down_slave();\r
-static Conf cf;\r
-static struct timeval timeout, tv_last, tv_up;\r
-static int usageflags[ISDN_MAX_CHANNELS];\r
-static char phone[ISDN_MAX_CHANNELS][20];\r
-static Siobytes iobytes[ISDN_MAX_CHANNELS];\r
-static unsigned long in_bytes_last, out_bytes_last;\r
-static unsigned long in_bytes_per_sec, out_bytes_per_sec;\r
-static unsigned long channels_last;\r
-static int  channels_now;\r
-\r
-main(int argc, char *argv[])\r
-{\r
-    openlog("ibod", LOG_PID, LOG_DAEMON);\r
-\r
-    channels_last = -1;\r
-\r
-    /* Setup initial attributes */\r
-    if (setattr() == -1) {\r
-        closelog();\r
-        exit(1);\r
-    }\r
-\r
-    setinterval();\r
-\r
-    /* Setup handlig of signal SIGHUP and SIGPIPE */\r
-    signal(SIGHUP, reread);\r
-    signal(SIGPIPE, pipehndl);\r
-\r
-    do {\r
-        setinterval();\r
-\r
-       usleep(timeout.tv_usec);\r
-\r
-        /* Gate state of interface */\r
-        get_if_state();\r
-\r
-    } while (1);\r
-}\r
-\r
-\r
-static int setattr()\r
-{\r
-    FILE *fd;\r
-    char config_filename[MAX_STR_LEN] = IBOD_DEFAULT_DIR "/ibod.cf";\r
-    char linebuf[MAX_STR_LEN];\r
-    char *key, *value;\r
-    int  val;\r
-\r
-    strcpy(cf.dev, DEVICE);\r
-    cf.enable      = ENABLE;\r
-    cf.interval    = INTERVAL;\r
-    cf.filter      = FILTER;\r
-    cf.limit       = LIMIT;\r
-    cf.stayup      = STAYUP;\r
-    cf.stayup_time = STAYUP_TIME;\r
-\r
-    /* Open config file */\r
-    if ((fd = fopen(config_filename, "r")) == NULL) {\r
-        syslog(LOG_ERR, "%s: %s\n", config_filename, strerror(errno));\r
-        return -1;\r
-    }\r
-\r
-    /* Loop over the config file to setup attributes */\r
-    while (fgets(linebuf, MAX_STR_LEN, fd) != NULL) {\r
-\r
-        if (*linebuf == '#')           /* Ignore comments */\r
-            continue;\r
-\r
-        key = strtok(linebuf, " \t");\r
-        value = strtok(NULL, " \t\n");\r
-\r
-        if (strcmp(key, "DEVICE") == 0) {\r
-            if (strcmp(cf.dev, value) != 0)\r
-                syslog(LOG_NOTICE,\r
-                       "Parameter DEVICE reconfigured to %s\n", value);\r
-            snprintf(cf.dev, 32,"%s", value);\r
-        }\r
-\r
-        if (strcmp(key, "ENABLE") == 0) {\r
-            val = atoi(value);\r
-            if (cf.enable != val)\r
-                syslog(LOG_NOTICE,\r
-                       "Parameter ENABLE reconfigured to %d\n", val);\r
-            cf.enable = val;\r
-        }\r
-\r
-        if (strcmp(key, "INTERVAL") == 0) {\r
-            val = atoi(value);\r
-            if (cf.interval != val)\r
-                syslog(LOG_NOTICE,\r
-                       "Parameter INTERVAL reconfigured to %d\n", val);\r
-            cf.interval = atoi(value);\r
-        }\r
-\r
-        if (strcmp(key, "FILTER") == 0) {\r
-            val = atoi(value);\r
-            if (cf.filter != val)\r
-                syslog(LOG_NOTICE,\r
-                       "Parameter FILTER reconfigured to %d\n", val);\r
-            cf.filter = atoi(value);\r
-        }\r
-\r
-        if (strcmp(key, "LIMIT") == 0) {\r
-            val = atoi(value);\r
-            if (cf.limit != val)\r
-                syslog(LOG_NOTICE,\r
-                       "Parameter LIMIT reconfigured to %d\n", val);\r
-            cf.limit = atoi(value);\r
-        }\r
-\r
-        if (strcmp(key, "STAYUP") == 0) {\r
-            val = atoi(value);\r
-            if (cf.stayup != val)\r
-                syslog(LOG_NOTICE,\r
-                       "Parameter STAYUP reconfigured to %d\n", val);\r
-            cf.stayup = atoi(value);\r
-        }\r
-\r
-        if (strcmp(key, "STAYUP_TIME") == 0) {\r
-            val = atoi(value);\r
-            if (cf.stayup_time != val)\r
-                syslog(LOG_NOTICE,\r
-                       "Parameter STAYUP_TIME reconfigured to %d\n", val);\r
-            cf.stayup_time = atoi(value);\r
-        }\r
-    }\r
-\r
-    fclose(fd);\r
-    return 0;\r
-}\r
-\r
-\r
-\r
-static void setinterval()\r
-{\r
-    timeout.tv_sec = cf.interval / 1000;\r
-    timeout.tv_usec = (cf.interval % 1000) * 1000;\r
-}\r
-\r
-\r
-static void reread(int sig)\r
-{\r
-    (void) setattr();\r
-\r
-    setinterval();\r
-\r
-    signal(SIGHUP, reread);\r
-}\r
-\r
-\r
-static void pipehndl(int sig)\r
-{\r
-    syslog(LOG_ERR, "caught SIGPIPE: %s\n", sys_errlist[errno]);\r
-\r
-    signal(SIGPIPE, pipehndl);\r
-}\r
-\r
-\r
-static void get_if_state()\r
-{\r
-    static char buf[4096];\r
-    struct timeval tv_now;\r
-    int    ms_delta;\r
-    int    in_bytes_now, out_bytes_now;\r
-    int  fd;\r
-    int  i;\r
-\r
-    /* Open the info device */\r
-    if ((fd = open(ISDN_INFO_DEV, O_RDONLY | O_NDELAY)) < 0) {\r
-        syslog(LOG_ERR, "%s: %s\n", ISDN_INFO_DEV, sys_errlist[errno]);\r
-        closelog();\r
-        exit(1);\r
-    }\r
-\r
-    /* Whats the time now */\r
-    gettimeofday(&tv_now, NULL);\r
-    ms_delta = (tv_now.tv_sec * 1000 + tv_now.tv_usec / 1000) -\r
-               (tv_last.tv_sec * 1000 + tv_last.tv_usec / 1000);\r
-    tv_last = tv_now;\r
-\r
-    /* Get info from interface */\r
-    if (read(fd, buf, sizeof(buf))> 0) {\r
-        sscanf(strstr(buf, "usage:"),\r
-            "usage: %d %d %d %d %d %d %d %d %d %d %d %d %d %d %d %d",\r
-            &usageflags[0], &usageflags[1], &usageflags[2], &usageflags[3],\r
-            &usageflags[4], &usageflags[5], &usageflags[6], &usageflags[7],\r
-            &usageflags[8], &usageflags[9], &usageflags[10], &usageflags[11],\r
-            &usageflags[12], &usageflags[13], &usageflags[14], &usageflags[15]);\r
-