]> git.ipfire.org Git - people/pmueller/ipfire-2.x.git/commitdiff
projects / people / pmueller / ipfire-2.x.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (from parent 1: 541d93f)
Erstmal ein Commit:
authorms <ms@ea5c0bd1-69bd-2848-81d8-4f18e57aeed8>
Sun, 10 Jun 2007 19:10:01 +0000 (19:10 +0000)
committerms <ms@ea5c0bd1-69bd-2848-81d8-4f18e57aeed8>
Sun, 10 Jun 2007 19:10:01 +0000 (19:10 +0000)
OpenVPN zurueck auf den Stand des alten gebracht. Wir bevorzugen die stabile Loesung.
ISDN4K-Utils kompiliert - Noch kein rootfile vorhanden.
Ibod aktualisiert.
Snort-Initscript setzt die Berechtigung der PID auf 644.
libxslt hinzugefuegt - Benoetigt vom mISDN-Script.

git-svn-id: http://svn.ipfire.org/svn/ipfire/trunk@623 ea5c0bd1-69bd-2848-81d8-4f18e57aeed8

35 files changed:
config/isdn4k-utils/config [new file with mode: 0644] patch | blob
config/ovpn/verify patch | blob | blame | history
config/rootfiles/common/apache2 patch | blob | blame | history
config/rootfiles/common/ibod patch | blob | blame | history
config/rootfiles/common/initscripts patch | blob | blame | history
config/rootfiles/common/libxml2 [new file with mode: 0644] patch | blob
config/rootfiles/common/libxslt [new file with mode: 0644] patch | blob
config/rootfiles/common/openvpn patch | blob | blame | history
doc/language_issues.de patch | blob | blame | history
doc/language_issues.en patch | blob | blame | history
doc/packages-list.txt patch | blob | blame | history
html/cgi-bin/ovpnfunc.pl [deleted file] patch | blob | blame | history
html/cgi-bin/ovpnmain.cgi patch | blob | blame | history
lfs/ibod patch | blob | blame | history
lfs/isdn4k-utils patch | blob | blame | history
lfs/libxslt [new file with mode: 0644] patch | blob
lfs/mISDN patch | blob | blame | history
lfs/openswan patch | blob | blame | history
make.sh patch | blob | blame | history
src/ibod/ibod.c [deleted file] patch | blob | blame | history
src/ibod/ibod.cf [deleted file] patch | blob | blame | history
src/ibod/ibod.h [deleted file] patch | blob | blame | history
src/initscripts/init.d/mISDN [new file with mode: 0644] patch | blob
src/initscripts/init.d/snort patch | blob | blame | history
src/patches/ibod-config.patch [new file with mode: 0644] patch | blob
src/patches/isdn4k-utils-0202131200-true.patch [new file with mode: 0644] patch | blob
src/patches/isdn4k-utils-CVS-2004-11-18-autoconf25x.patch [new file with mode: 0644] patch | blob
src/patches/isdn4k-utils-CVS-2006-02-13-cleanup.patch [new file with mode: 0644] patch | blob
src/patches/isdn4k-utils-CVS-2006-07-20-pppd-2.4.4.patch [new file with mode: 0644] patch | blob
src/patches/isdn4k-utils-CVS-2006-07-20-redhat.patch [new file with mode: 0644] patch | blob
src/patches/isdn4k-utils-capiinit.patch [new file with mode: 0644] patch | blob
src/patches/isdn4k-utils-statfs.patch [new file with mode: 0644] patch | blob
src/patches/isdn4k-utils-v3.2p1-c89.patch [deleted file] patch | blob | blame | history
src/patches/isdn4k-utils-v3.2p1-config.patch [deleted file] patch | blob | blame | history
src/scripts/vpn-watch patch | blob | blame | history

diff --git a/config/isdn4k-utils/config b/config/isdn4k-utils/config
new file mode 100644 (file)
index 0000000..acb092d
--- /dev/null
+++ b/config/isdn4k-utils/config
@@ -0,0 +1,120 @@
+#
+# Automatically generated by make menuconfig: don't edit
+#
+
+#
+# Code maturity level options
+#
+# CONFIG_EXPERIMENTAL is not set
+
+#
+# General configuration
+#
+# CONFIG_BUILDX11 is not set
+CONFIG_KERNELDIR='/usr/src/linux'
+CONFIG_BINDIR='/usr/bin'
+CONFIG_SBINDIR='/usr/sbin'
+CONFIG_CARD_SBINDIR='/sbin'
+CONFIG_MANDIR='/usr/share/man'
+CONFIG_FIRMWAREDIR='/usr/lib/isdn'
+CONFIG_RUNDIR='/var/run'
+CONFIG_LOCKDIR='/var/lock'
+CONFIG_LOCKFILE='LCK..'
+CONFIG_I4LCONFDIR='/etc/isdn'
+CONFIG_CONFFILE='isdn.conf'
+CONFIG_CALLERIDFILE='callerid.conf'
+CONFIG_USERCONFFILE='~/.isdn'
+CONFIG_COUNTRYCODE='49'
+CONFIG_AREACODE='2363'
+CONFIG_COUNTRY_PREFIX='+'
+CONFIG_AREA_PREFIX='0'
+CONFIG_DATADIR='/usr/lib/isdn'
+LIBDIR='/usr/lib'
+
+#
+# Runtime configuration tools
+#
+CONFIG_ISDNCTRL=y
+CONFIG_ISDNCTRL_CONF=y
+CONFIG_ISDNCTRL_TIMRU=y
+CONFIG_IPROFD=y
+CONFIG_DIVERTCTRL=y
+
+#
+# Card configuration tools
+#
+CONFIG_HISAXCTRL=y
+CONFIG_ICNCTRL=y
+# CONFIG_ICNCTRL_DEBUG is not set
+# CONFIG_ACTCTRL is not set
+CONFIG_PCBITCTL=y
+CONFIG_AVMCAPICTRL=y
+# CONFIG_ACTCTRL is not set
+CONFIG_EICONCTRL=y
+
+#
+# Tools for monitoring activity
+#
+CONFIG_IMON=y
+CONFIG_IMONTTY=y
+CONFIG_ISDNLOG=y
+
+#
+# Options for isdnlog package
+#
+CONFIG_ISDNLOG_SERV_PORT=20011
+CONFIG_ISDNLOG_USERFILE='isdnlog.users'
+CONFIG_ISDNLOG_CHARGEFILE='charge.dat'
+CONFIG_ISDNLOG_LOGFILE='/var/log/isdn.log'
+CONFIG_ISDNLOG_RELOADCMD='/etc/rc.d/init.d/isdn restart'
+CONFIG_ISDNLOG_STOPCMD='/etc/rc.d/init.d/isdn stop'
+CONFIG_ISDNLOG_REBOOTCMD='/sbin/reboot'
+CONFIG_ISDNLOG_DOCDIR=''
+CONFIG_ISDNLOG_OLDI4LCONFDIR='/etc/isdnlog'
+CONFIG_ISDNLOG_OLDI4LCONFFILE='isdnlog.conf'
+# CONFIG_ISDNLOG_POSTGRES is not set
+# CONFIG_ISDNLOG_MYSQLDB is not set
+# CONFIG_ISDNLOG_ORACLE is not set
+CONFIG_ISDN_LOG_DE=y
+CONFIG_ISDN_LOG_CC_DE=y
+CONFIG_ISDN_LOG_DEST_DE=y
+CONFIG_ISDN_LOG_DEST_AT=y
+CONFIG_ISDN_LOG_DEST_NL=y
+CONFIG_ISDN_LOG_DEST_CH=y
+# CONFIG_ISDN_LOG_DEST_BE is not set
+# CONFIG_ISDN_LOG_DEST_CN is not set
+CONFIG_IPPPSTATS=y
+# CONFIG_XISDNLOAD is not set
+# CONFIG_XMONISDN is not set
+
+#
+# Applications
+#
+CONFIG_VBOX=y
+
+#
+# Options for vbox package
+#
+VBOX_SPOOLDIR='/var/spool/vbox'
+VBOX_LOGDIR='/var/log/vbox'
+VBOX_PIDDIR='/var/run'
+VBOX_LOCKDIR='/var/lock'
+VBOX_DOCDIR='/usr/share/doc/vbox'
+VBOX_TCL='tcl8.3'
+# VBOX_SUSPEND_ID is not set
+CONFIG_IPPPD=y
+
+#
+# Options for ipppd
+#
+# CONFIG_IPPPD_MSCHAP is not set
+CONFIG_IPPP_FILTER=y
+# CONFIG_IPPPD_RADIUS is not set
+# CONFIG_RADIUS_WTMP_LOGGING is not set
+RADIUS_CLIENT_CONFIG_FILE=''
+
+#
+# Documentation
+#
+# CONFIG_GENMAN is not set
+# CONFIG_FAQ is not set
diff --git a/config/ovpn/verify b/config/ovpn/verify
index 41f443257622493f4af7624e26618fd90a85c22d..8fbe59e0e13dc8e9129dd434b04c65c20fc99f07 100644 (file)
--- a/config/ovpn/verify
+++ b/config/ovpn/verify
@@ -5,12 +5,8 @@ if [ $1 -eq 0 ]; then
     name4=${name3##*CN=}
     clientdisabled=`/bin/grep -iwc off,.*,$name4 /var/ipfire/ovpn/ovpnconfig`
     if [ "$clientdisabled" = "1" ]; then
     name4=${name3##*CN=}
     clientdisabled=`/bin/grep -iwc off,.*,$name4 /var/ipfire/ovpn/ovpnconfig`
     if [ "$clientdisabled" = "1" ]; then
-    exit 1
+       exit 1
     fi
     exit 0
 fi
     fi
     exit 0
 fi
-
 exit 0
 exit 0
-
-
-
diff --git a/config/rootfiles/common/apache2 b/config/rootfiles/common/apache2
index e43accb52f979c06635f8ca695637739a9dcd95e..9dbeeeee9c55554b34bde2d639dfee862b26be0c 100644 (file)
--- a/config/rootfiles/common/apache2
+++ b/config/rootfiles/common/apache2
@@ -1303,7 +1303,6 @@ srv/web/ipfire/cgi-bin/network.cgi
 srv/web/ipfire/cgi-bin/networks.cgi
 srv/web/ipfire/cgi-bin/optionsfw.cgi
 srv/web/ipfire/cgi-bin/outgoingfw.cgi
 srv/web/ipfire/cgi-bin/networks.cgi
 srv/web/ipfire/cgi-bin/optionsfw.cgi
 srv/web/ipfire/cgi-bin/outgoingfw.cgi
-srv/web/ipfire/cgi-bin/ovpnfunc.pl
 srv/web/ipfire/cgi-bin/ovpnmain.cgi
 srv/web/ipfire/cgi-bin/pakfire.cgi
 srv/web/ipfire/cgi-bin/portfw.cgi
 srv/web/ipfire/cgi-bin/ovpnmain.cgi
 srv/web/ipfire/cgi-bin/pakfire.cgi
 srv/web/ipfire/cgi-bin/portfw.cgi
@@ -1320,7 +1319,6 @@ srv/web/ipfire/cgi-bin/speed.cgi
 srv/web/ipfire/cgi-bin/system.cgi
 srv/web/ipfire/cgi-bin/time.cgi
 srv/web/ipfire/cgi-bin/traffic.cgi
 srv/web/ipfire/cgi-bin/system.cgi
 srv/web/ipfire/cgi-bin/time.cgi
 srv/web/ipfire/cgi-bin/traffic.cgi
-#srv/web/ipfire/cgi-bin/trafficadm.cgi
 srv/web/ipfire/cgi-bin/traffics.cgi
 srv/web/ipfire/cgi-bin/updatexlrator.cgi
 srv/web/ipfire/cgi-bin/upload.cgi
 srv/web/ipfire/cgi-bin/traffics.cgi
 srv/web/ipfire/cgi-bin/updatexlrator.cgi
 srv/web/ipfire/cgi-bin/upload.cgi
diff --git a/config/rootfiles/common/ibod b/config/rootfiles/common/ibod
index 5afff3e19038e50d12b8665ceb0ba82e690a954e..a9e0b4a6b8219fb9610a62c45d6e597f12c1854c 100644 (file)
--- a/config/rootfiles/common/ibod
+++ b/config/rootfiles/common/ibod
@@ -1,2 +1,2 @@
-etc/ppp/ibod.cf
+etc/isdn/ibod.cf
 usr/sbin/ibod
 usr/sbin/ibod
diff --git a/config/rootfiles/common/initscripts b/config/rootfiles/common/initscripts
index cbd8d774e65e058a5d21579ae12a4d8b45a30492..f15782ec35e4834018651caf0e03db73d31800ba 100644 (file)
--- a/config/rootfiles/common/initscripts
+++ b/config/rootfiles/common/initscripts
@@ -15,6 +15,7 @@ etc/rc.d/init.d/firewall
 etc/rc.d/init.d/functions
 etc/rc.d/init.d/halt
 etc/rc.d/init.d/localnet
 etc/rc.d/init.d/functions
 etc/rc.d/init.d/halt
 etc/rc.d/init.d/localnet
+etc/rc.d/init.d/mISDN
 etc/rc.d/init.d/modules
 etc/rc.d/init.d/mountfs
 etc/rc.d/init.d/mountkernfs
 etc/rc.d/init.d/modules
 etc/rc.d/init.d/mountfs
 etc/rc.d/init.d/mountkernfs
diff --git a/config/rootfiles/common/libxml2 b/config/rootfiles/common/libxml2
new file mode 100644 (file)
index 0000000..8e78911
--- /dev/null
+++ b/config/rootfiles/common/libxml2
@@ -0,0 +1,335 @@
+#usr/bin/xml2-config
+#usr/bin/xmlcatalog
+#usr/bin/xmllint
+#usr/include/libxml2
+#usr/include/libxml2/libxml
+#usr/include/libxml2/libxml/DOCBparser.h
+#usr/include/libxml2/libxml/HTMLparser.h
+#usr/include/libxml2/libxml/HTMLtree.h
+#usr/include/libxml2/libxml/SAX.h
+#usr/include/libxml2/libxml/SAX2.h
+#usr/include/libxml2/libxml/c14n.h
+#usr/include/libxml2/libxml/catalog.h
+#usr/include/libxml2/libxml/chvalid.h
+#usr/include/libxml2/libxml/debugXML.h
+#usr/include/libxml2/libxml/dict.h
+#usr/include/libxml2/libxml/encoding.h
+#usr/include/libxml2/libxml/entities.h
+#usr/include/libxml2/libxml/globals.h
+#usr/include/libxml2/libxml/hash.h
+#usr/include/libxml2/libxml/list.h
+#usr/include/libxml2/libxml/nanoftp.h
+#usr/include/libxml2/libxml/nanohttp.h
+#usr/include/libxml2/libxml/parser.h
+#usr/include/libxml2/libxml/parserInternals.h
+#usr/include/libxml2/libxml/pattern.h
+#usr/include/libxml2/libxml/relaxng.h
+#usr/include/libxml2/libxml/schemasInternals.h
+#usr/include/libxml2/libxml/schematron.h
+#usr/include/libxml2/libxml/threads.h
+#usr/include/libxml2/libxml/tree.h
+#usr/include/libxml2/libxml/uri.h
+#usr/include/libxml2/libxml/valid.h
+#usr/include/libxml2/libxml/xinclude.h
+#usr/include/libxml2/libxml/xlink.h
+#usr/include/libxml2/libxml/xmlIO.h
+#usr/include/libxml2/libxml/xmlautomata.h
+#usr/include/libxml2/libxml/xmlerror.h
+#usr/include/libxml2/libxml/xmlexports.h
+#usr/include/libxml2/libxml/xmlmemory.h
+#usr/include/libxml2/libxml/xmlmodule.h
+#usr/include/libxml2/libxml/xmlreader.h
+#usr/include/libxml2/libxml/xmlregexp.h
+#usr/include/libxml2/libxml/xmlsave.h
+#usr/include/libxml2/libxml/xmlschemas.h
+#usr/include/libxml2/libxml/xmlschemastypes.h
+#usr/include/libxml2/libxml/xmlstring.h
+#usr/include/libxml2/libxml/xmlunicode.h
+#usr/include/libxml2/libxml/xmlversion.h
+#usr/include/libxml2/libxml/xmlwriter.h
+#usr/include/libxml2/libxml/xpath.h
+#usr/include/libxml2/libxml/xpathInternals.h
+#usr/include/libxml2/libxml/xpointer.h
+#usr/lib/libxml2.a
+#usr/lib/libxml2.la
+usr/lib/libxml2.so
+usr/lib/libxml2.so.2
+usr/lib/libxml2.so.2.6.26
+#usr/lib/pkgconfig/libxml-2.0.pc
+usr/lib/python2.4/site-packages/drv_libxml2.py
+usr/lib/python2.4/site-packages/libxml2.py
+#usr/lib/python2.4/site-packages/libxml2mod.a
+#usr/lib/python2.4/site-packages/libxml2mod.la
+usr/lib/python2.4/site-packages/libxml2mod.so
+#usr/lib/xml2Conf.sh
+#usr/man/man1/xml2-config.1
+#usr/man/man1/xmlcatalog.1
+#usr/man/man1/xmllint.1
+#usr/man/man3/libxml.3
+#usr/share/aclocal/libxml.m4
+#usr/share/doc/libxml2-2.6.26
+#usr/share/doc/libxml2-2.6.26/Copyright
+#usr/share/doc/libxml2-2.6.26/examples
+#usr/share/doc/libxml2-2.6.26/examples/testHTML.c
+#usr/share/doc/libxml2-2.6.26/examples/testSAX.c
+#usr/share/doc/libxml2-2.6.26/examples/testXPath.c
+#usr/share/doc/libxml2-2.6.26/examples/xmllint.c
+#usr/share/doc/libxml2-2.6.26/html
+#usr/share/doc/libxml2-2.6.26/html/DOM.gif
+#usr/share/doc/libxml2-2.6.26/html/FAQ.html
+#usr/share/doc/libxml2-2.6.26/html/Libxml2-Logo-180x168.gif
+#usr/share/doc/libxml2-2.6.26/html/Libxml2-Logo-90x34.gif
+#usr/share/doc/libxml2-2.6.26/html/encoding.html
+#usr/share/doc/libxml2-2.6.26/html/examples.xml
+#usr/share/doc/libxml2-2.6.26/html/examples.xsl
+#usr/share/doc/libxml2-2.6.26/html/html
+#usr/share/doc/libxml2-2.6.26/html/html/book1.html
+#usr/share/doc/libxml2-2.6.26/html/html/home.png
+#usr/share/doc/libxml2-2.6.26/html/html/index.html
+#usr/share/doc/libxml2-2.6.26/html/html/left.png
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-DOCBparser.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-HTMLparser.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-HTMLtree.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-SAX.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-SAX2.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-c14n.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-catalog.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-chvalid.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-debugXML.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-dict.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-encoding.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-entities.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-globals.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-hash.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-lib.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-list.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-nanoftp.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-nanohttp.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-parser.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-parserInternals.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-pattern.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-relaxng.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-schemasInternals.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-schematron.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-threads.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-tree.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-uri.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-valid.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-xinclude.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-xlink.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-xmlIO.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-xmlautomata.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-xmlerror.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-xmlexports.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-xmlmemory.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-xmlmodule.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-xmlreader.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-xmlregexp.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-xmlsave.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-xmlschemas.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-xmlschemastypes.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-xmlstring.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-xmlunicode.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-xmlversion.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-xmlwriter.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-xpath.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-xpathInternals.html
+#usr/share/doc/libxml2-2.6.26/html/html/libxml-xpointer.html
+#usr/share/doc/libxml2-2.6.26/html/html/right.png
+#usr/share/doc/libxml2-2.6.26/html/html/up.png
+#usr/share/doc/libxml2-2.6.26/html/io1.c
+#usr/share/doc/libxml2-2.6.26/html/io1.res
+#usr/share/doc/libxml2-2.6.26/html/io2.c
+#usr/share/doc/libxml2-2.6.26/html/io2.res
+#usr/share/doc/libxml2-2.6.26/html/libxml.gif
+#usr/share/doc/libxml2-2.6.26/html/parse1.c
+#usr/share/doc/libxml2-2.6.26/html/parse2.c
+#usr/share/doc/libxml2-2.6.26/html/parse3.c
+#usr/share/doc/libxml2-2.6.26/html/parse4.c
+#usr/share/doc/libxml2-2.6.26/html/reader1.c
+#usr/share/doc/libxml2-2.6.26/html/reader1.res
+#usr/share/doc/libxml2-2.6.26/html/reader2.c
+#usr/share/doc/libxml2-2.6.26/html/reader3.c
+#usr/share/doc/libxml2-2.6.26/html/reader3.res
+#usr/share/doc/libxml2-2.6.26/html/reader4.c
+#usr/share/doc/libxml2-2.6.26/html/reader4.res
+#usr/share/doc/libxml2-2.6.26/html/redhat.gif
+#usr/share/doc/libxml2-2.6.26/html/smallfootonly.gif
+#usr/share/doc/libxml2-2.6.26/html/structure.gif
+#usr/share/doc/libxml2-2.6.26/html/test1.xml
+#usr/share/doc/libxml2-2.6.26/html/test2.xml
+#usr/share/doc/libxml2-2.6.26/html/test3.xml
+#usr/share/doc/libxml2-2.6.26/html/testWriter.c
+#usr/share/doc/libxml2-2.6.26/html/tree1.c
+#usr/share/doc/libxml2-2.6.26/html/tree1.res
+#usr/share/doc/libxml2-2.6.26/html/tree2.c
+#usr/share/doc/libxml2-2.6.26/html/tree2.res
+#usr/share/doc/libxml2-2.6.26/html/tst.xml
+#usr/share/doc/libxml2-2.6.26/html/tutorial
+#usr/share/doc/libxml2-2.6.26/html/tutorial/apa.html
+#usr/share/doc/libxml2-2.6.26/html/tutorial/apb.html
+#usr/share/doc/libxml2-2.6.26/html/tutorial/apc.html
+#usr/share/doc/libxml2-2.6.26/html/tutorial/apd.html
+#usr/share/doc/libxml2-2.6.26/html/tutorial/ape.html
+#usr/share/doc/libxml2-2.6.26/html/tutorial/apf.html
+#usr/share/doc/libxml2-2.6.26/html/tutorial/apg.html
+#usr/share/doc/libxml2-2.6.26/html/tutorial/aph.html
+#usr/share/doc/libxml2-2.6.26/html/tutorial/api.html
+#usr/share/doc/libxml2-2.6.26/html/tutorial/ar01s02.html
+#usr/share/doc/libxml2-2.6.26/html/tutorial/ar01s03.html
+#usr/share/doc/libxml2-2.6.26/html/tutorial/ar01s04.html
+#usr/share/doc/libxml2-2.6.26/html/tutorial/ar01s05.html
+#usr/share/doc/libxml2-2.6.26/html/tutorial/ar01s06.html
+#usr/share/doc/libxml2-2.6.26/html/tutorial/ar01s07.html
+#usr/share/doc/libxml2-2.6.26/html/tutorial/ar01s08.html
+#usr/share/doc/libxml2-2.6.26/html/tutorial/ar01s09.html
+#usr/share/doc/libxml2-2.6.26/html/tutorial/images
+#usr/share/doc/libxml2-2.6.26/html/tutorial/images/blank.png
+#usr/share/doc/libxml2-2.6.26/html/tutorial/images/callouts
+#usr/share/doc/libxml2-2.6.26/html/tutorial/images/callouts/1.png
+#usr/share/doc/libxml2-2.6.26/html/tutorial/images/callouts/10.png
+#usr/share/doc/libxml2-2.6.26/html/tutorial/images/callouts/2.png
+#usr/share/doc/libxml2-2.6.26/html/tutorial/images/callouts/3.png
+#usr/share/doc/libxml2-2.6.26/html/tutorial/images/callouts/4.png
+#usr/share/doc/libxml2-2.6.26/html/tutorial/images/callouts/5.png
+#usr/share/doc/libxml2-2.6.26/html/tutorial/images/callouts/6.png
+#usr/share/doc/libxml2-2.6.26/html/tutorial/images/callouts/7.png
+#usr/share/doc/libxml2-2.6.26/html/tutorial/images/callouts/8.png
+#usr/share/doc/libxml2-2.6.26/html/tutorial/images/callouts/9.png
+#usr/share/doc/libxml2-2.6.26/html/tutorial/images/caution.png
+#usr/share/doc/libxml2-2.6.26/html/tutorial/images/draft.png
+#usr/share/doc/libxml2-2.6.26/html/tutorial/images/home.png
+#usr/share/doc/libxml2-2.6.26/html/tutorial/images/important.png
+#usr/share/doc/libxml2-2.6.26/html/tutorial/images/next.png
+#usr/share/doc/libxml2-2.6.26/html/tutorial/images/note.png
+#usr/share/doc/libxml2-2.6.26/html/tutorial/images/prev.png
+#usr/share/doc/libxml2-2.6.26/html/tutorial/images/tip.png
+#usr/share/doc/libxml2-2.6.26/html/tutorial/images/toc-blank.png
+#usr/share/doc/libxml2-2.6.26/html/tutorial/images/toc-minus.png
+#usr/share/doc/libxml2-2.6.26/html/tutorial/images/toc-plus.png
+#usr/share/doc/libxml2-2.6.26/html/tutorial/images/up.png
+#usr/share/doc/libxml2-2.6.26/html/tutorial/images/warning.png
+#usr/share/doc/libxml2-2.6.26/html/tutorial/includeaddattribute.c
+#usr/share/doc/libxml2-2.6.26/html/tutorial/includeaddkeyword.c
+#usr/share/doc/libxml2-2.6.26/html/tutorial/includeconvert.c
+#usr/share/doc/libxml2-2.6.26/html/tutorial/includegetattribute.c
+#usr/share/doc/libxml2-2.6.26/html/tutorial/includekeyword.c
+#usr/share/doc/libxml2-2.6.26/html/tutorial/includexpath.c
+#usr/share/doc/libxml2-2.6.26/html/tutorial/index.html
+#usr/share/doc/libxml2-2.6.26/html/tutorial/ix01.html
+#usr/share/doc/libxml2-2.6.26/html/tutorial/xmltutorial.pdf
+#usr/share/doc/libxml2-2.6.26/html/w3c.png
+#usr/share/doc/libxml2-2.6.26/html/writer.xml
+#usr/share/doc/libxml2-2.6.26/html/xml.html
+#usr/share/doc/libxml2-2.6.26/html/xpath1.c
+#usr/share/doc/libxml2-2.6.26/html/xpath1.res
+#usr/share/doc/libxml2-2.6.26/html/xpath2.c
+#usr/share/doc/libxml2-2.6.26/html/xpath2.res
+#usr/share/doc/libxml2-python-2.6.26
+#usr/share/doc/libxml2-python-2.6.26/TODO
+#usr/share/doc/libxml2-python-2.6.26/examples
+#usr/share/doc/libxml2-python-2.6.26/examples/attribs.py
+#usr/share/doc/libxml2-python-2.6.26/examples/build.py
+#usr/share/doc/libxml2-python-2.6.26/examples/ctxterror.py
+#usr/share/doc/libxml2-python-2.6.26/examples/cutnpaste.py
+#usr/share/doc/libxml2-python-2.6.26/examples/dtdvalid.py
+#usr/share/doc/libxml2-python-2.6.26/examples/error.py
+#usr/share/doc/libxml2-python-2.6.26/examples/inbuf.py
+#usr/share/doc/libxml2-python-2.6.26/examples/indexes.py
+#usr/share/doc/libxml2-python-2.6.26/examples/invalid.xml
+#usr/share/doc/libxml2-python-2.6.26/examples/nsdel.py
+#usr/share/doc/libxml2-python-2.6.26/examples/outbuf.py
+#usr/share/doc/libxml2-python-2.6.26/examples/push.py
+#usr/share/doc/libxml2-python-2.6.26/examples/pushSAX.py
+#usr/share/doc/libxml2-python-2.6.26/examples/pushSAXhtml.py
+#usr/share/doc/libxml2-python-2.6.26/examples/reader.py
+#usr/share/doc/libxml2-python-2.6.26/examples/reader2.py
+#usr/share/doc/libxml2-python-2.6.26/examples/reader3.py
+#usr/share/doc/libxml2-python-2.6.26/examples/reader4.py
+#usr/share/doc/libxml2-python-2.6.26/examples/reader5.py
+#usr/share/doc/libxml2-python-2.6.26/examples/reader6.py
+#usr/share/doc/libxml2-python-2.6.26/examples/reader7.py
+#usr/share/doc/libxml2-python-2.6.26/examples/reader8.py
+#usr/share/doc/libxml2-python-2.6.26/examples/readererr.py
+#usr/share/doc/libxml2-python-2.6.26/examples/readernext.py
+#usr/share/doc/libxml2-python-2.6.26/examples/regexp.py
+#usr/share/doc/libxml2-python-2.6.26/examples/relaxng.py
+#usr/share/doc/libxml2-python-2.6.26/examples/resolver.py
+#usr/share/doc/libxml2-python-2.6.26/examples/schema.py
+#usr/share/doc/libxml2-python-2.6.26/examples/serialize.py
+#usr/share/doc/libxml2-python-2.6.26/examples/sync.py
+#usr/share/doc/libxml2-python-2.6.26/examples/test.dtd
+#usr/share/doc/libxml2-python-2.6.26/examples/thread2.py
+#usr/share/doc/libxml2-python-2.6.26/examples/tst.py
+#usr/share/doc/libxml2-python-2.6.26/examples/tst.xml
+#usr/share/doc/libxml2-python-2.6.26/examples/tstLastError.py
+#usr/share/doc/libxml2-python-2.6.26/examples/tstURI.py
+#usr/share/doc/libxml2-python-2.6.26/examples/tstmem.py
+#usr/share/doc/libxml2-python-2.6.26/examples/tstxpath.py
+#usr/share/doc/libxml2-python-2.6.26/examples/valid.xml
+#usr/share/doc/libxml2-python-2.6.26/examples/validDTD.py
+#usr/share/doc/libxml2-python-2.6.26/examples/validRNG.py
+#usr/share/doc/libxml2-python-2.6.26/examples/validSchemas.py
+#usr/share/doc/libxml2-python-2.6.26/examples/validate.py
+#usr/share/doc/libxml2-python-2.6.26/examples/walker.py
+#usr/share/doc/libxml2-python-2.6.26/examples/xpath.py
+#usr/share/doc/libxml2-python-2.6.26/examples/xpathext.py
+#usr/share/doc/libxml2-python-2.6.26/examples/xpathret.py
+#usr/share/gtk-doc
+#usr/share/gtk-doc/html
+#usr/share/gtk-doc/html/libxml2
+#usr/share/gtk-doc/html/libxml2/general.html
+#usr/share/gtk-doc/html/libxml2/home.png
+#usr/share/gtk-doc/html/libxml2/index.html
+#usr/share/gtk-doc/html/libxml2/left.png
+#usr/share/gtk-doc/html/libxml2/libxml2-DOCBparser.html
+#usr/share/gtk-doc/html/libxml2/libxml2-HTMLparser.html
+#usr/share/gtk-doc/html/libxml2/libxml2-HTMLtree.html
+#usr/share/gtk-doc/html/libxml2/libxml2-SAX.html
+#usr/share/gtk-doc/html/libxml2/libxml2-SAX2.html
+#usr/share/gtk-doc/html/libxml2/libxml2-c14n.html
+#usr/share/gtk-doc/html/libxml2/libxml2-catalog.html
+#usr/share/gtk-doc/html/libxml2/libxml2-chvalid.html
+#usr/share/gtk-doc/html/libxml2/libxml2-debugXML.html
+#usr/share/gtk-doc/html/libxml2/libxml2-dict.html
+#usr/share/gtk-doc/html/libxml2/libxml2-encoding.html
+#usr/share/gtk-doc/html/libxml2/libxml2-entities.html
+#usr/share/gtk-doc/html/libxml2/libxml2-globals.html
+#usr/share/gtk-doc/html/libxml2/libxml2-hash.html
+#usr/share/gtk-doc/html/libxml2/libxml2-list.html
+#usr/share/gtk-doc/html/libxml2/libxml2-nanoftp.html
+#usr/share/gtk-doc/html/libxml2/libxml2-nanohttp.html
+#usr/share/gtk-doc/html/libxml2/libxml2-parser.html
+#usr/share/gtk-doc/html/libxml2/libxml2-parserInternals.html
+#usr/share/gtk-doc/html/libxml2/libxml2-pattern.html
+#usr/share/gtk-doc/html/libxml2/libxml2-relaxng.html
+#usr/share/gtk-doc/html/libxml2/libxml2-schemasInternals.html
+#usr/share/gtk-doc/html/libxml2/libxml2-schematron.html
+#usr/share/gtk-doc/html/libxml2/libxml2-threads.html
+#usr/share/gtk-doc/html/libxml2/libxml2-tree.html
+#usr/share/gtk-doc/html/libxml2/libxml2-uri.html
+#usr/share/gtk-doc/html/libxml2/libxml2-valid.html
+#usr/share/gtk-doc/html/libxml2/libxml2-xinclude.html
+#usr/share/gtk-doc/html/libxml2/libxml2-xlink.html
+#usr/share/gtk-doc/html/libxml2/libxml2-xmlIO.html
+#usr/share/gtk-doc/html/libxml2/libxml2-xmlautomata.html
+#usr/share/gtk-doc/html/libxml2/libxml2-xmlerror.html
+#usr/share/gtk-doc/html/libxml2/libxml2-xmlexports.html
+#usr/share/gtk-doc/html/libxml2/libxml2-xmlmemory.html
+#usr/share/gtk-doc/html/libxml2/libxml2-xmlmodule.html
+#usr/share/gtk-doc/html/libxml2/libxml2-xmlreader.html
+#usr/share/gtk-doc/html/libxml2/libxml2-xmlregexp.html
+#usr/share/gtk-doc/html/libxml2/libxml2-xmlsave.html
+#usr/share/gtk-doc/html/libxml2/libxml2-xmlschemas.html
+#usr/share/gtk-doc/html/libxml2/libxml2-xmlschemastypes.html
+#usr/share/gtk-doc/html/libxml2/libxml2-xmlstring.html
+#usr/share/gtk-doc/html/libxml2/libxml2-xmlunicode.html
+#usr/share/gtk-doc/html/libxml2/libxml2-xmlversion.html
+#usr/share/gtk-doc/html/libxml2/libxml2-xmlwriter.html
+#usr/share/gtk-doc/html/libxml2/libxml2-xpath.html
+#usr/share/gtk-doc/html/libxml2/libxml2-xpathInternals.html
+#usr/share/gtk-doc/html/libxml2/libxml2-xpointer.html
+#usr/share/gtk-doc/html/libxml2/libxml2.devhelp
+#usr/share/gtk-doc/html/libxml2/right.png
+#usr/share/gtk-doc/html/libxml2/style.css
+#usr/share/gtk-doc/html/libxml2/up.png
diff --git a/config/rootfiles/common/libxslt b/config/rootfiles/common/libxslt
new file mode 100644 (file)
index 0000000..bdcf7b6
--- /dev/null
+++ b/config/rootfiles/common/libxslt
@@ -0,0 +1,150 @@
+#usr/bin/xslt-config
+usr/bin/xsltproc
+#usr/include/libexslt
+#usr/include/libexslt/exslt.h
+#usr/include/libexslt/exsltconfig.h
+#usr/include/libexslt/exsltexports.h
+#usr/include/libxslt
+#usr/include/libxslt/attributes.h
+#usr/include/libxslt/documents.h
+#usr/include/libxslt/extensions.h
+#usr/include/libxslt/extra.h
+#usr/include/libxslt/functions.h
+#usr/include/libxslt/imports.h
+#usr/include/libxslt/keys.h
+#usr/include/libxslt/namespaces.h
+#usr/include/libxslt/numbersInternals.h
+#usr/include/libxslt/pattern.h
+#usr/include/libxslt/preproc.h
+#usr/include/libxslt/security.h
+#usr/include/libxslt/templates.h
+#usr/include/libxslt/transform.h
+#usr/include/libxslt/variables.h
+#usr/include/libxslt/xslt.h
+#usr/include/libxslt/xsltInternals.h
+#usr/include/libxslt/xsltconfig.h
+#usr/include/libxslt/xsltexports.h
+#usr/include/libxslt/xsltutils.h
+#usr/lib/libexslt.a
+#usr/lib/libexslt.la
+usr/lib/libexslt.so
+usr/lib/libexslt.so.0
+usr/lib/libexslt.so.0.8.13
+#usr/lib/libxslt-plugins
+#usr/lib/libxslt.a
+#usr/lib/libxslt.la
+usr/lib/libxslt.so
+usr/lib/libxslt.so.1
+usr/lib/libxslt.so.1.1.17
+#usr/lib/pkgconfig/libexslt.pc
+#usr/lib/pkgconfig/libxslt.pc
+usr/lib/python2.4/site-packages/libxslt.py
+#usr/lib/python2.4/site-packages/libxsltmod.a
+#usr/lib/python2.4/site-packages/libxsltmod.la
+usr/lib/python2.4/site-packages/libxsltmod.so
+#usr/lib/xsltConf.sh
+#usr/man/man1/xsltproc.1
+#usr/man/man3/libexslt.3
+#usr/man/man3/libxslt.3
+#usr/share/aclocal/libxslt.m4
+#usr/share/doc/libxslt-1.1.17
+#usr/share/doc/libxslt-1.1.17/html
+#usr/share/doc/libxslt-1.1.17/html/API.html
+#usr/share/doc/libxslt-1.1.17/html/APIchunk0.html
+#usr/share/doc/libxslt-1.1.17/html/APIchunk1.html
+#usr/share/doc/libxslt-1.1.17/html/APIchunk2.html
+#usr/share/doc/libxslt-1.1.17/html/APIchunk3.html
+#usr/share/doc/libxslt-1.1.17/html/APIchunk4.html
+#usr/share/doc/libxslt-1.1.17/html/APIchunk5.html
+#usr/share/doc/libxslt-1.1.17/html/APIchunk6.html
+#usr/share/doc/libxslt-1.1.17/html/APIchunk7.html
+#usr/share/doc/libxslt-1.1.17/html/APIchunk8.html
+#usr/share/doc/libxslt-1.1.17/html/APIchunk9.html
+#usr/share/doc/libxslt-1.1.17/html/APIconstructors.html
+#usr/share/doc/libxslt-1.1.17/html/APIfiles.html
+#usr/share/doc/libxslt-1.1.17/html/APIfunctions.html
+#usr/share/doc/libxslt-1.1.17/html/APIsymbols.html
+#usr/share/doc/libxslt-1.1.17/html/EXSLT
+#usr/share/doc/libxslt-1.1.17/html/EXSLT/APIchunk0.html
+#usr/share/doc/libxslt-1.1.17/html/EXSLT/APIconstructors.html
+#usr/share/doc/libxslt-1.1.17/html/EXSLT/APIfiles.html
+#usr/share/doc/libxslt-1.1.17/html/EXSLT/APIfunctions.html
+#usr/share/doc/libxslt-1.1.17/html/EXSLT/APIsymbols.html
+#usr/share/doc/libxslt-1.1.17/html/EXSLT/bugs.html
+#usr/share/doc/libxslt-1.1.17/html/EXSLT/docs.html
+#usr/share/doc/libxslt-1.1.17/html/EXSLT/downloads.html
+#usr/share/doc/libxslt-1.1.17/html/EXSLT/exslt.html
+#usr/share/doc/libxslt-1.1.17/html/EXSLT/help.html
+#usr/share/doc/libxslt-1.1.17/html/EXSLT/index.html
+#usr/share/doc/libxslt-1.1.17/html/EXSLT/intro.html
+#usr/share/doc/libxslt-1.1.17/html/FAQ.html
+#usr/share/doc/libxslt-1.1.17/html/Libxslt-Logo-180x168.gif
+#usr/share/doc/libxslt-1.1.17/html/Libxslt-Logo-90x34.gif
+#usr/share/doc/libxslt-1.1.17/html/bugs.html
+#usr/share/doc/libxslt-1.1.17/html/contexts.gif
+#usr/share/doc/libxslt-1.1.17/html/contribs.html
+#usr/share/doc/libxslt-1.1.17/html/docbook.html
+#usr/share/doc/libxslt-1.1.17/html/docs.html
+#usr/share/doc/libxslt-1.1.17/html/downloads.html
+#usr/share/doc/libxslt-1.1.17/html/extensions.html
+#usr/share/doc/libxslt-1.1.17/html/help.html
+#usr/share/doc/libxslt-1.1.17/html/html
+#usr/share/doc/libxslt-1.1.17/html/html/book1.html
+#usr/share/doc/libxslt-1.1.17/html/html/home.png
+#usr/share/doc/libxslt-1.1.17/html/html/index.html
+#usr/share/doc/libxslt-1.1.17/html/html/left.png
+#usr/share/doc/libxslt-1.1.17/html/html/libxslt-attributes.html
+#usr/share/doc/libxslt-1.1.17/html/html/libxslt-documents.html
+#usr/share/doc/libxslt-1.1.17/html/html/libxslt-extensions.html
+#usr/share/doc/libxslt-1.1.17/html/html/libxslt-extra.html
+#usr/share/doc/libxslt-1.1.17/html/html/libxslt-functions.html
+#usr/share/doc/libxslt-1.1.17/html/html/libxslt-imports.html
+#usr/share/doc/libxslt-1.1.17/html/html/libxslt-keys.html
+#usr/share/doc/libxslt-1.1.17/html/html/libxslt-lib.html
+#usr/share/doc/libxslt-1.1.17/html/html/libxslt-namespaces.html
+#usr/share/doc/libxslt-1.1.17/html/html/libxslt-numbersInternals.html
+#usr/share/doc/libxslt-1.1.17/html/html/libxslt-pattern.html
+#usr/share/doc/libxslt-1.1.17/html/html/libxslt-preproc.html
+#usr/share/doc/libxslt-1.1.17/html/html/libxslt-security.html
+#usr/share/doc/libxslt-1.1.17/html/html/libxslt-templates.html
+#usr/share/doc/libxslt-1.1.17/html/html/libxslt-transform.html
+#usr/share/doc/libxslt-1.1.17/html/html/libxslt-variables.html
+#usr/share/doc/libxslt-1.1.17/html/html/libxslt-xslt.html
+#usr/share/doc/libxslt-1.1.17/html/html/libxslt-xsltInternals.html
+#usr/share/doc/libxslt-1.1.17/html/html/libxslt-xsltexports.html
+#usr/share/doc/libxslt-1.1.17/html/html/libxslt-xsltutils.html
+#usr/share/doc/libxslt-1.1.17/html/html/right.png
+#usr/share/doc/libxslt-1.1.17/html/html/up.png
+#usr/share/doc/libxslt-1.1.17/html/index.html
+#usr/share/doc/libxslt-1.1.17/html/internals.html
+#usr/share/doc/libxslt-1.1.17/html/intro.html
+#usr/share/doc/libxslt-1.1.17/html/news.html
+#usr/share/doc/libxslt-1.1.17/html/node.gif
+#usr/share/doc/libxslt-1.1.17/html/object.gif
+#usr/share/doc/libxslt-1.1.17/html/processing.gif
+#usr/share/doc/libxslt-1.1.17/html/python.html
+#usr/share/doc/libxslt-1.1.17/html/redhat.gif
+#usr/share/doc/libxslt-1.1.17/html/smallfootonly.gif
+#usr/share/doc/libxslt-1.1.17/html/stylesheet.gif
+#usr/share/doc/libxslt-1.1.17/html/templates.gif
+#usr/share/doc/libxslt-1.1.17/html/tutorial
+#usr/share/doc/libxslt-1.1.17/html/tutorial/libxslt_tutorial.c
+#usr/share/doc/libxslt-1.1.17/html/tutorial/libxslttutorial.html
+#usr/share/doc/libxslt-1.1.17/html/tutorial/libxslttutorial.xml
+#usr/share/doc/libxslt-1.1.17/html/tutorial2
+#usr/share/doc/libxslt-1.1.17/html/tutorial2/libxslt_pipes.c
+#usr/share/doc/libxslt-1.1.17/html/tutorial2/libxslt_pipes.html
+#usr/share/doc/libxslt-1.1.17/html/tutorial2/libxslt_pipes.xml
+#usr/share/doc/libxslt-1.1.17/html/xslt.html
+#usr/share/doc/libxslt-1.1.17/html/xsltproc.html
+#usr/share/doc/libxslt-1.1.17/html/xsltproc2.html
+#usr/share/doc/libxslt-python-1.1.17
+#usr/share/doc/libxslt-python-1.1.17/TODO
+#usr/share/doc/libxslt-python-1.1.17/examples
+#usr/share/doc/libxslt-python-1.1.17/examples/basic.py
+#usr/share/doc/libxslt-python-1.1.17/examples/exslt.py
+#usr/share/doc/libxslt-python-1.1.17/examples/extelem.py
+#usr/share/doc/libxslt-python-1.1.17/examples/extfunc.py
+#usr/share/doc/libxslt-python-1.1.17/examples/pyxsltproc.py
+#usr/share/doc/libxslt-python-1.1.17/examples/test.xml
+#usr/share/doc/libxslt-python-1.1.17/examples/test.xsl
diff --git a/config/rootfiles/common/openvpn b/config/rootfiles/common/openvpn
index 012296f0d2c40a4713c4f4bc1571b7ff6680c751..f415476a9ac63c8b570d5d1b0857792b7012a0fd 100644 (file)
--- a/config/rootfiles/common/openvpn
+++ b/config/rootfiles/common/openvpn
@@ -3,12 +3,11 @@ usr/sbin/openvpn
 var/ipfire/ovpn
 var/ipfire/ovpn/ca
 var/ipfire/ovpn/caconfig
 var/ipfire/ovpn
 var/ipfire/ovpn/ca
 var/ipfire/ovpn/caconfig
-var/ipfire/ovpn/certs
+#var/ipfire/ovpn/certs
 var/ipfire/ovpn/certs/index.txt
 var/ipfire/ovpn/certs/serial
 var/ipfire/ovpn/crls
 var/ipfire/ovpn/certs/index.txt
 var/ipfire/ovpn/certs/serial
 var/ipfire/ovpn/crls
-var/ipfire/ovpn/n2nconf
-var/ipfire/ovpn/openssl
+#var/ipfire/ovpn/openssl
 var/ipfire/ovpn/openssl/ovpn.cnf
 var/ipfire/ovpn/ovpnconfig
 var/ipfire/ovpn/settings
 var/ipfire/ovpn/openssl/ovpn.cnf
 var/ipfire/ovpn/ovpnconfig
 var/ipfire/ovpn/settings
diff --git a/doc/language_issues.de b/doc/language_issues.de
index 5db31c987681f67e46b94cb85f287bb56711b47c..0974360c1f7d2c55a1341a62b6d23e64b0cf5fff 100644 (file)
--- a/doc/language_issues.de
+++ b/doc/language_issues.de
@@ -174,7 +174,6 @@ WARNING: translation string unused: invalid upstream proxy username or password
 WARNING: translation string unused: iowait
 WARNING: translation string unused: ip address in use
 WARNING: translation string unused: ipfire side
 WARNING: translation string unused: iowait
 WARNING: translation string unused: ip address in use
 WARNING: translation string unused: ipfire side
-WARNING: translation string unused: ipfire side is invalid
 WARNING: translation string unused: iptable rules
 WARNING: translation string unused: javascript menu error1
 WARNING: translation string unused: javascript menu error2
 WARNING: translation string unused: iptable rules
 WARNING: translation string unused: javascript menu error1
 WARNING: translation string unused: javascript menu error2
@@ -365,3 +364,4 @@ WARNING: translation string unused: written sectors
 WARNING: translation string unused: xtaccess bad transfert
 WARNING: translation string unused: year
 WARNING: translation string unused: yearly firewallhits
 WARNING: translation string unused: xtaccess bad transfert
 WARNING: translation string unused: year
 WARNING: translation string unused: yearly firewallhits
+WARNING: untranslated string: OVPN
diff --git a/doc/language_issues.en b/doc/language_issues.en
index 0f7239ba5262cd676e6082f550fbb4f9fd4dbad8..3371a94d8dc7e45b31a999953798782416f26992 100644 (file)
--- a/doc/language_issues.en
+++ b/doc/language_issues.en
@@ -185,7 +185,6 @@ WARNING: translation string unused: invalid upstream proxy username or password
 WARNING: translation string unused: iowait
 WARNING: translation string unused: ip address in use
 WARNING: translation string unused: ipfire side
 WARNING: translation string unused: iowait
 WARNING: translation string unused: ip address in use
 WARNING: translation string unused: ipfire side
-WARNING: translation string unused: ipfire side is invalid
 WARNING: translation string unused: iptable rules
 WARNING: translation string unused: javascript menu error1
 WARNING: translation string unused: javascript menu error2
 WARNING: translation string unused: iptable rules
 WARNING: translation string unused: javascript menu error1
 WARNING: translation string unused: javascript menu error2
@@ -368,3 +367,4 @@ WARNING: translation string unused: weekly firewallhits
 WARNING: translation string unused: written sectors
 WARNING: translation string unused: year
 WARNING: translation string unused: yearly firewallhits
 WARNING: translation string unused: written sectors
 WARNING: translation string unused: year
 WARNING: translation string unused: yearly firewallhits
+WARNING: untranslated string: OVPN
diff --git a/doc/packages-list.txt b/doc/packages-list.txt
index 6a9f145b3fa64ff152610d3eadc848c8e7888c27..8fb7909f666b49546d59e807e2dc55865f8aa4b9 100644 (file)
--- a/doc/packages-list.txt
+++ b/doc/packages-list.txt
@@ -120,6 +120,7 @@
 * iptables-1.3.5
 * iptstate-2.1
 * iputils-ss020927
 * iptables-1.3.5
 * iptstate-2.1
 * iputils-ss020927
+* isdn4k-utils-CVS-2006-07-20
 * java-1.5.0_06-for-ipfire
 * jpegsrc.v6b
 * kbd-1.12
 * java-1.5.0_06-for-ipfire
 * jpegsrc.v6b
 * kbd-1.12
@@ -144,6 +145,7 @@
 * libvorbis-1.1.2
 * libwww-perl-5.803
 * libxml2-2.6.26
 * libvorbis-1.1.2
 * libwww-perl-5.803
 * libxml2-2.6.26
+* libxslt-1.1.17
 * linux-2.6.16.50
 * linux-atm-2.4.1
 * linux-libc-headers-2.6.12.0
 * linux-2.6.16.50
 * linux-atm-2.4.1
 * linux-libc-headers-2.6.12.0
diff --git a/html/cgi-bin/ovpnfunc.pl b/html/cgi-bin/ovpnfunc.pl
deleted file mode 100644 (file)
index 42199cc..0000000
--- a/html/cgi-bin/ovpnfunc.pl
+++ /dev/null
@@ -1,1145 +0,0 @@
-#!/usr/bin/perl -w
-package Ovpnfunc;
-use Archive::Zip qw(:ERROR_CODES :CONSTANTS);
-use Net::DNS;
-use File::Copy;
-use File::Temp qw/ tempfile tempdir /;
-use strict;
-require '/var/ipfire/general-functions.pl';
-my %netsettings=();
-my $errormessage = '';
-my $errormessage2 = '';
-my @subnets;        # array of anonymous hashes {cn, from, to}
-my @subnets2;        # array of anonymous hashes {cn, from, to}
-my %overlaps;       # hash {cn} of anonymous arrays of subnets
-my ($subnet, $from, $to, $i, $j);
-&General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
-sub haveOrangeNet
-{
-       if ($netsettings{'CONFIG_TYPE'} == 1) {return 1;}
-       if ($netsettings{'CONFIG_TYPE'} == 3) {return 1;}
-       if ($netsettings{'CONFIG_TYPE'} == 5) {return 1;}
-       if ($netsettings{'CONFIG_TYPE'} == 7) {return 1;}
-       return 0;
-}
-
-sub haveBlueNet
-{
-       if ($netsettings{'CONFIG_TYPE'} == 4) {return 1;}
-       if ($netsettings{'CONFIG_TYPE'} == 5) {return 1;}
-       if ($netsettings{'CONFIG_TYPE'} == 6) {return 1;}
-       if ($netsettings{'CONFIG_TYPE'} == 7) {return 1;}
-       return 0;
-}
-
-sub sizeformat{
-    my $bytesize = $_[0];
-    my $i = 0;
-
-    while(abs($bytesize) >= 1024){
-       $bytesize=$bytesize/1024;
-       $i++;
-       last if($i==6);
-    }
-
-    my @units = ("Bytes","KB","MB","GB","TB","PB","EB");
-    my $newsize=(int($bytesize*100 +0.5))/100;
-    return("$newsize $units[$i]");
-}
-
-sub valid_dns_host {
-       my $hostname = $_[0];
-       unless ($hostname) { return "No hostname"};
-       my $res = new Net::DNS::Resolver;
-       my $query = $res->search("$hostname");
-       if ($query) {
-               foreach my $rr ($query->answer) {
-                       ## Potential bug - we are only looking at A records:
-                       return 0 if $rr->type eq "A";
-               }
-       } else {
-               return $res->errorstring;
-       }
-}
-
-sub cleanssldatabase
-{
-    if (open(FILE, ">${General::swroot}/ovpn/certs/serial")) {
-       print FILE "01";
-       close FILE;
-    }
-    if (open(FILE, ">${General::swroot}/ovpn/certs/index.txt")) {
-       print FILE "";
-       close FILE;
-    }
-    unlink ("${General::swroot}/ovpn/certs/index.txt.old");
-    unlink ("${General::swroot}/ovpn/certs/serial.old");
-    unlink ("${General::swroot}/ovpn/certs/01.pem");
-}
-
-sub newcleanssldatabase
-{
-    if (! -s "${General::swroot}/ovpn/certs/serial" )  {
-        open(FILE, ">${General::swroot}(ovpn/certs/serial");
-       print FILE "01";
-       close FILE;
-    }
-    if (! -s ">${General::swroot}/ovpn/certs/index.txt") {
-       system ("touch ${General::swroot}/ovpn/certs/index.txt");
-    }
-    unlink ("${General::swroot}/ovpn/certs/index.txt.old");
-    unlink ("${General::swroot}/ovpn/certs/serial.old");
-}
-
-sub deletebackupcert
-{
-       if (open(FILE, "${General::swroot}/ovpn/certs/serial.old")) {
-               my $hexvalue = <FILE>;
-               chomp $hexvalue;
-               close FILE;
-               unlink ("${General::swroot}/ovpn/certs/$hexvalue.pem");
-       }
-}
-
-sub checkportfw {
-    my $KEY2 = $_[0]; # key2
-    my $SRC_PORT = $_[1]; # src_port
-    my $PROTOCOL = $_[2]; # protocol
-    my $SRC_IP = $_[3]; # sourceip    
-    my $pfwfilename = "${General::swroot}/portfw/config";
-    open(FILE, $pfwfilename) or die 'Unable to open config file.';
-    my @pfwcurrent = <FILE>;
-    close(FILE);
-    my $pfwkey1 = 0; # used for finding last sequence number used 
-    foreach my $pfwline (@pfwcurrent)
-    {
-       my @pfwtemp = split(/\,/,$pfwline);
-
-       chomp ($pfwtemp[8]);
-       if ($KEY2 eq "0"){ # if key2 is 0 then it is a portfw addition
-               if ( $SRC_PORT eq $pfwtemp[3] &&
-                       $PROTOCOL eq $pfwtemp[2] &&
-                       $SRC_IP eq $pfwtemp[7])
-               {
-                        $errormessage = "$Lang::tr{'source port in use'} $SRC_PORT";
-               }
-               # Check if key2 = 0, if it is then it is a port forward entry and we want the sequence number
-               if ( $pfwtemp[1] eq "0") {
-                       $pfwkey1=$pfwtemp[0];
-               }
-               # Darren Critchley - Duplicate or overlapping Port range check
-               if ($pfwtemp[1] eq "0" && 
-                       $PROTOCOL eq $pfwtemp[2] &&
-                       $SRC_IP eq $pfwtemp[7] &&
-                       $errormessage eq '') 
-               {
-                       &portchecks($SRC_PORT, $pfwtemp[5]);            
-#                      &portchecks($pfwtemp[3], $pfwtemp[5]);
-#                      &portchecks($pfwtemp[3], $SRC_IP);
-               }
-       }
-    }
-#    $errormessage="$KEY2 $SRC_PORT $PROTOCOL $SRC_IP";
-
-    return $errormessage;
-}
-
-sub checkportoverlap
-{
-       my $portrange1 = $_[0]; # New port range
-       my $portrange2 = $_[1]; # existing port range
-       my @tempr1 = split(/\:/,$portrange1);
-       my @tempr2 = split(/\:/,$portrange2);
-
-       unless (&checkportinc($tempr1[0], $portrange2)){ return 0;}
-       unless (&checkportinc($tempr1[1], $portrange2)){ return 0;}
-       
-       unless (&checkportinc($tempr2[0], $portrange1)){ return 0;}
-       unless (&checkportinc($tempr2[1], $portrange1)){ return 0;}
-
-       return 1; # Everything checks out!
-}
-
-# Darren Critchley - we want to make sure that a port entry is not within an already existing range
-sub checkportinc
-{
-       my $port1 = $_[0]; # Port
-       my $portrange2 = $_[1]; # Port range
-       my @tempr1 = split(/\:/,$portrange2);
-
-       if ($port1 < $tempr1[0] || $port1 > $tempr1[1]) {
-               return 1; 
-       } else {
-               return 0; 
-       }
-}
-# Darren Critchley - Duplicate or overlapping Port range check
-sub portchecks
-{
-       my $p1 = $_[0]; # New port range
-       my $p2 = $_[1]; # existing port range
-#      $_ = $_[0];
-       our ($prtrange1, $prtrange2);
-       $prtrange1 = 0;
-#      if (m/:/ && $prtrange1 == 1) { # comparing two port ranges
-#              unless (&checkportoverlap($p1,$p2)) {
-#                      $errormessage = "$Lang::tr{'source port overlaps'} $p1";
-#              }
-#      }
-       if (m/:/ && $prtrange1 == 0 && $errormessage eq '') { # compare one port to a range
-               unless (&checkportinc($p2,$p1)) {
-                       $errormessage = "$Lang::tr{'srcprt within existing'} $p1";
-               }
-       }
-       $prtrange1 = 1;
-       if (! m/:/ && $prtrange1 == 1 && $errormessage eq '') { # compare one port to a range
-               unless (&checkportinc($p1,$p2)) {
-                       $errormessage = "$Lang::tr{'srcprt range overlaps'} $p2";
-               }
-       }
-       return;
-}
-
-# Darren Critchley - certain ports are reserved for IPFire 
-# TCP 67,68,81,222,444
-# UDP 67,68
-# Params passed in -> port, rangeyn, protocol
-sub disallowreserved
-{
-       # port 67 and 68 same for tcp and udp, don't bother putting in an array
-       my $msg = "";
-       my @tcp_reserved = (81,222,444);
-       my $prt = $_[0]; # the port or range
-       my $ryn = $_[1]; # tells us whether or not it is a port range
-       my $prot = $_[2]; # protocol
-       my $srcdst = $_[3]; # source or destination
-       if ($ryn) { # disect port range
-               if ($srcdst eq "src") {
-                       $msg = "$Lang::tr{'rsvd src port overlap'}";
-               } else {
-                       $msg = "$Lang::tr{'rsvd dst port overlap'}";
-               }
-               my @tmprng = split(/\:/,$prt);
-               unless (67 < $tmprng[0] || 67 > $tmprng[1]) { $errormessage="$msg 67"; return; }
-               unless (68 < $tmprng[0] || 68 > $tmprng[1]) { $errormessage="$msg 68"; return; }
-               if ($prot eq "tcp") {
-                       foreach my $prange (@tcp_reserved) {
-                               unless ($prange < $tmprng[0] || $prange > $tmprng[1]) { $errormessage="$msg $prange"; return; }
-                       }
-               }
-       } else {
-               if ($srcdst eq "src") {
-                       $msg = "$Lang::tr{'reserved src port'}";
-               } else {
-                       $msg = "$Lang::tr{'reserved dst port'}";
-               }
-               if ($prt == 67) { $errormessage="$msg 67"; return; }
-               if ($prt == 68) { $errormessage="$msg 68"; return; }
-               if ($prot eq "tcp") {
-                       foreach my $prange (@tcp_reserved) {
-                               if ($prange == $prt) { 
-                                       $errormessage = "$msg $prange"; 
-                                       return $errormessage; }
-                       }
-               }
-       }
-       return $errormessage;
-}
-
-sub writeserverconf {
-    my %sovpnsettings = ();    
-    &General::readhash("${General::swroot}/ovpn/settings", \%sovpnsettings);
-
-    open(CONF,    ">${General::swroot}/ovpn/server.conf") or die "Unable to open ${General::swroot}/ovpn/server.conf: $!";
-    flock CONF, 2;
-    print CONF "#OpenVPN Server conf\n";
-    print CONF "\n";
-    print CONF "daemon openvpnserver\n";
-    print CONF "writepid /var/run/openvpn.pid\n";
-    print CONF "#DAN prepare ZERINA for listening on blue and orange\n";
-    print CONF ";local $sovpnsettings{'VPN_IP'}\n";
-    print CONF "dev $sovpnsettings{'DDEVICE'}\n";
-    print CONF "$sovpnsettings{'DDEVICE'}-mtu $sovpnsettings{'DMTU'}\n";
-       if ($sovpnsettings{'DPROTOCOL'} eq 'tcp') {
-               print CONF "proto $sovpnsettings{'DPROTOCOL'}-server\n";
-       } else {        
-               print CONF "proto $sovpnsettings{'DPROTOCOL'}\n";
-       }       
-    print CONF "port $sovpnsettings{'DDEST_PORT'}\n";
-    print CONF "tls-server\n";
-    print CONF "ca /var/ipfire/ovpn/ca/cacert.pem\n";
-    print CONF "cert /var/ipfire/ovpn/certs/servercert.pem\n";
-    print CONF "key /var/ipfire/ovpn/certs/serverkey.pem\n";
-    print CONF "dh /var/ipfire/ovpn/ca/dh1024.pem\n";
-    my @tempovpnsubnet = split("\/",$sovpnsettings{'DOVPN_SUBNET'});
-    print CONF "server $tempovpnsubnet[0] $tempovpnsubnet[1]\n";
-    print CONF "push \"route $netsettings{'GREEN_NETADDRESS'} $netsettings{'GREEN_NETMASK'}\"\n";
-       if ($sovpnsettings{AD_ROUTE1} ne '') {
-               my @tempovpnsubnet = split("\/",$sovpnsettings{'AD_ROUTE1'});
-               print CONF "push \"route $tempovpnsubnet[0] $tempovpnsubnet[1]\"\n";
-    }
-       if ($sovpnsettings{AD_ROUTE2} ne '') {
-               my @tempovpnsubnet = split("\/",$sovpnsettings{'AD_ROUTE2'});
-               print CONF "push \"route $tempovpnsubnet[0] $tempovpnsubnet[1]\"\n";
-    }
-       if ($sovpnsettings{AD_ROUTE3} ne '') {
-               my @tempovpnsubnet = split("\/",$sovpnsettings{'AD_ROUTE3'});
-               print CONF "push \"route $tempovpnsubnet[0] $tempovpnsubnet[1]\"\n";
-    }
-    if ($sovpnsettings{CLIENT2CLIENT} eq 'on') {
-       print CONF "client-to-client\n";
-    }
-    if ($sovpnsettings{KEEPALIVE_1} > 0 && $sovpnsettings{KEEPALIVE_2} > 0) {  
-       print CONF "keepalive $sovpnsettings{'KEEPALIVE_1'} $sovpnsettings{'KEEPALIVE_2'}\n";
-    }  
-    print CONF "status-version 1\n";    
-       print CONF "status /var/log/ovpnserver.log 30\n";
-    print CONF "cipher $sovpnsettings{DCIPHER}\n";
-    if ($sovpnsettings{DCOMPLZO} eq 'on') {
-        print CONF "comp-lzo\n";
-    }
-    if ($sovpnsettings{REDIRECT_GW_DEF1} eq 'on') {
-        print CONF "push \"redirect-gateway def1\"\n";
-    }
-    if ($sovpnsettings{DHCP_DOMAIN} ne '') {
-        print CONF "push \"dhcp-option DOMAIN $sovpnsettings{DHCP_DOMAIN}\"\n";
-    }
-
-    if ($sovpnsettings{DHCP_DNS} ne '') {
-        print CONF "push \"dhcp-option DNS $sovpnsettings{DHCP_DNS}\"\n";
-    }
-
-    if ($sovpnsettings{DHCP_WINS} ne '') {
-        print CONF "push \"dhcp-option WINS $sovpnsettings{DHCP_WINS}\"\n";
-    }
-    
-    if ($sovpnsettings{DHCP_WINS} eq '') {
-       print CONF "max-clients 100\n";
-    }  
-    
-    if ($sovpnsettings{DHCP_WINS} ne '') {
-       print CONF "max-clients $sovpnsettings{MAX_CLIENTS}\n";
-    }  
-
-    #################################################################################
-    #  Added by Philipp Jenni                                                       #
-    #                                                                               #
-    #  Contact: philipp.jenni-at-gmx.ch                                             #
-    #  Date:    2006-04-22                                                          #
-    #  Description:  Add the FAST-IO Parameter from OpenVPN to der Server.Config.   #
-    #                Add the NICE Parameter from OpenVPN to der Server.Config.      #
-    #                Add the MTU-DISC Parameter from OpenVPN to der Server.Config.  #
-    #                Add the MSSFIX Parameter from OpenVPN to der Server.Config.    #
-    #                Add the FRAMGMENT Parameter from OpenVPN to der Server.Config. #
-    #################################################################################
-    if ($sovpnsettings{EXTENDED_FASTIO} eq 'on') {
-      print CONF "fast-io\n";  
-    }
-    if ($sovpnsettings{EXTENDED_NICE} != 0) {
-      print CONF "nice $sovpnsettings{EXTENDED_NICE}\n"; 
-    }
-    if ($sovpnsettings{EXTENDED_MTUDISC} eq 'on') {
-      print CONF "mtu-disc yes\n";  
-    }    
-    if ($sovpnsettings{EXTENDED_MSSFIX} ne '') {
-      print CONF "mssfix $sovpnsettings{EXTENDED_MSSFIX}\n";  
-    }    
-    if ($sovpnsettings{EXTENDED_FRAGMENT} ne '') {
-      print CONF "fragment $sovpnsettings{EXTENDED_FRAGMENT}\n";  
-    }    
-    #################################################################################
-    #  End of Inserted Data                                                         #
-    #################################################################################
-
-    print CONF "tls-verify /var/ipfire/ovpn/verify\n";
-    print CONF "crl-verify /var/ipfire/ovpn/crls/cacrl.pem\n";
-    print CONF "user nobody\n";
-    print CONF "group nobody\n";
-    print CONF "persist-key\n";
-    print CONF "persist-tun\n";
-       if ($sovpnsettings{LOG_VERB} ne '') {
-               print CONF "verb $sovpnsettings{LOG_VERB}\n";
-       } else {
-               print CONF "verb 3\n";
-       }       
-    print CONF "\n";
-    
-    close(CONF); 
-}
-
-sub writenet2netconf {
-    my $n2nkey = $_[0];
-    my $zerinaclient = $_[1];
-    my %n2nconfighash = ();
-    my $file = '';
-#    my $file = '';
-       my $clientovpn = '';
-       my @fileholder;
-       my $tempdir = tempdir( CLEANUP => 1 );
-       my $zippath = "$tempdir/";
-    &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%n2nconfighash);
-    if (! $n2nkey) {
-        $n2nkey = &General::findhasharraykey (\%n2nconfighash);
-        foreach my $i (0 .. 25) { $n2nconfighash{$n2nkey}[$i] = "";}
-    }
-       my $zipname = "$n2nconfighash{$n2nkey}[1].zip";
-       my $zippathname = "$zippath$zipname";   
-    if ($n2nconfighash{$n2nkey}[3] eq 'net') {
-               if ($zerinaclient eq '') {
-                       if ( -d "${General::swroot}/ovpn/n2nconf/$n2nconfighash{$n2nkey}[1]"){
-                               while ($file = glob("${General::swroot}/ovpn/n2nconf/$n2nconfighash{$n2nkey}[1]/*.conf")) {
-                                       unlink $file            
-                               }
-                       } else {
-                               mkdir("${General::swroot}/ovpn/n2nconf/$n2nconfighash{$n2nkey}[1]", 0770);
-                       }
-                       open(CONF, ">${General::swroot}/ovpn/n2nconf/$n2nconfighash{$n2nkey}[1]/$n2nconfighash{$n2nkey}[1].conf") or die "Unable to open ${General::swroot}/ovpn/n2nconf/$n2nconfighash{$n2nkey}[1]/$n2nconfighash{$n2nkey}[1].conf: $!";       
-               } else {                        
-                       $clientovpn = "$n2nconfighash{$n2nkey}[1].conf";
-                       open(CONF, ">$tempdir/$clientovpn") or die "Unable to open $tempdir/$clientovpn: $!";                                           
-               }               
-               flock CONF, 2;          
-               print CONF "dev tun\n";         
-               print CONF "tun-mtu $n2nconfighash{$n2nkey}[17]\n";
-               if ($n2nconfighash{$n2nkey}[14] eq 'udp') {
-                       print CONF "proto $n2nconfighash{$n2nkey}[14]\n";
-               } elsif ((($zerinaclient eq '') && ($n2nconfighash{$n2nkey}[6] eq 'server'))) {
-                       print CONF "proto $n2nconfighash{$n2nkey}[14]-server\n";
-               } else {
-                       print CONF "proto $n2nconfighash{$n2nkey}[14]-client\n";
-               }
-               print CONF "port $n2nconfighash{$n2nkey}[15]\n";
-               my @tempovpnsubnet = split("\/",$n2nconfighash{$n2nkey}[13]);
-               my @ovpnip = split /\./,$tempovpnsubnet[0];
-#              if ((($zerinaclient eq '') && ($n2nconfighash{$n2nkey}[19] eq 'no'))) {
-               if ((($zerinaclient eq '') && ($n2nconfighash{$n2nkey}[6] eq 'server'))) {
-                       print CONF "ifconfig $ovpnip[0].$ovpnip[1].$ovpnip[2].1 $ovpnip[0].$ovpnip[1].$ovpnip[2].2\n";
-                       print CONF "remote $n2nconfighash{$n2nkey}[10]\n";
-                       print CONF "tls-server\n";
-                       print CONF "ca /var/ipfire/ovpn/ca/cacert.pem\n";
-                       print CONF "cert /var/ipfire/ovpn/certs/servercert.pem\n";
-                       print CONF "key /var/ipfire/ovpn/certs/serverkey.pem\n";
-                       print CONF "dh /var/ipfire/ovpn/ca/dh1024.pem\n";
-                       my @tempremotesubnet = split("\/",$n2nconfighash{$n2nkey}[11]);
-                       print CONF "route $tempremotesubnet[0] $tempremotesubnet[1]\n";
-               } else {
-                       print CONF "ifconfig $ovpnip[0].$ovpnip[1].$ovpnip[2].2 $ovpnip[0].$ovpnip[1].$ovpnip[2].1\n";
-                       #print CONF "$zerinaclient ufuk 10=$n2nconfighash{$n2nkey}[10] 18=$n2nconfighash{$n2nkey}[18] 19=$n2nconfighash{$n2nkey}[19] \n";
-                       if ($zerinaclient ne 'true'){                   
-                               if ($n2nconfighash{$n2nkey}[19] eq 'no'){
-                                       print CONF "remote $n2nconfighash{$n2nkey}[10]\n";                              
-                               } else {
-                                       print CONF "remote $n2nconfighash{$n2nkey}[10]\n";      
-                               }
-                       } else {
-                               print CONF "remote $n2nconfighash{$n2nkey}[18]\n";      
-                       }
-                       print CONF "tls-client\n";
-                       if ($zerinaclient ne 'true'){
-                               print CONF "pkcs12 ${General::swroot}/ovpn/n2nconf/$n2nconfighash{$n2nkey}[1]/$n2nconfighash{$n2nkey}[1].p12\n";
-                       } else {
-                               print CONF "pkcs12 $n2nconfighash{$n2nkey}[1].p12\n";
-                       }
-                       if ($n2nconfighash{$n2nkey}[19] eq 'no'){
-                               my @tempremotesubnet = split("\/",$n2nconfighash{$n2nkey}[8]);
-                               print CONF "route $tempremotesubnet[0] $tempremotesubnet[1]\n";
-                       } else {
-                               my @tempremotesubnet = split("\/",$n2nconfighash{$n2nkey}[11]);
-                               print CONF "route $tempremotesubnet[0] $tempremotesubnet[1]\n";
-                       }
-               }
-               if ($n2nconfighash{$n2nkey}[26] > 0 && $n2nconfighash{$n2nkey}[27] > 0) {       
-                       print CONF "keepalive $n2nconfighash{$n2nkey}[26] $n2nconfighash{$n2nkey}[27]\n";
-               } else {
-                       print CONF "keepalive 10 60\n";
-               }               
-               print CONF "cipher $n2nconfighash{$n2nkey}[20]\n";
-               if ($n2nconfighash{$n2nkey}[16] eq 'on') {
-                       print CONF "comp-lzo\n";                
-               }
-               if ($n2nconfighash{$n2nkey}[42] ne '') {
-                       print CONF "verb $n2nconfighash{$n2nkey}[42]\n";
-               } else {
-                       print CONF "verb 3\n";
-               }       
-               if ($n2nconfighash{$n2nkey}[19] eq 'no'){
-                       print CONF "#$n2nconfighash{$n2nkey}[11]\n";
-               } else {
-                       print CONF "#$n2nconfighash{$n2nkey}[8]\n";
-               }
-               if ($zerinaclient ne 'true') {
-                       print CONF "daemon OVPN_$n2nconfighash{$n2nkey}[1]\n";          
-                       print CONF "#status ${General::swroot}/ovpn/n2nconf/$n2nconfighash{$n2nkey}[1]/$n2nconfighash{$n2nkey}[1].log 2\n";
-               }
-               close(CONF);            
-               if ($zerinaclient eq 'true') {
-                       my $zip = Archive::Zip->new();
-                       $zip->addFile( "${General::swroot}/ovpn/certs/$n2nconfighash{$n2nkey}[1].p12", "$n2nconfighash{$n2nkey}[1].p12") or die "Can't add file ${General::swroot}/ovpn/certs/$n2nconfighash{$n2nkey}[1].p12\n";                        
-                       $zip->addFile( "$tempdir/$clientovpn", $clientovpn) or die "Can't add file $clientovpn\n";
-                       my $status = $zip->writeToFileNamed($zippathname);
-                       open(DLFILE, "<$zippathname") or die "Unable to open $zippathname: $!";
-                       @fileholder = <DLFILE>;
-                       print "Content-Type:application/x-download\n";
-                       print "Content-Disposition:attachment;filename=$zipname\n\n";
-                       print @fileholder;
-                       exit (0);                       
-               }               
-       }       
-}
-
-sub removenet2netconf {
-    my %n2nconfighash = ();
-    my $key = $_[0];
-    my $file = '';
-    &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%n2nconfighash);
-    if ($n2nconfighash{$key}[3] eq 'net') {
-               if ( -d "${General::swroot}/ovpn/n2nconf/$n2nconfighash{$key}[1]"){
-                       while ($file = glob("${General::swroot}/ovpn/n2nconf/$n2nconfighash{$key}[1]/*")) {
-                               unlink $file
-                       }
-                       rmdir("${General::swroot}/ovpn/n2nconf/$n2nconfighash{$key}[1]");
-               }           
-    }
-}
-
-sub emptyserverlog{    
-       if (open(FILE, ">/var/log/ovpnserver.log")) {
-       flock FILE, 2;
-       print FILE "";
-       close FILE;
-    }
-}
-
-sub displayca {
-       my $key = $_[0];
-       my %cahash = ();
-    &General::readhasharray("${General::swroot}/ovpn/caconfig", \%cahash);
-    if ( -f "${General::swroot}/ovpn/ca/$cahash{$key}[0]cert.pem") {
-               &Header::showhttpheaders();
-               &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
-               &Header::openbigbox('100%', 'LEFT', '', $errormessage);
-               &Header::openbox('100%', 'LEFT', "$Lang::tr{'ca certificate'}:");
-               my $output = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/ca/$cahash{$key}[0]cert.pem`;
-               $output = &Header::cleanhtml($output,"y");
-               print "<pre>$output</pre>\n";
-               &Header::closebox();
-               print "<div align='center'><a href='/cgi-bin/ovpnmain.cgi'>$Lang::tr{'back'}</a></div>";
-               &Header::closebigbox();
-               &Header::closepage();
-               exit(0);
-    } else {
-               $errormessage = $Lang::tr{'invalid key'};
-    }
-}
-sub displayroothost {
-       my $roothost = $_[0];
-    my $output;
-    &Header::showhttpheaders();
-    &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
-    &Header::openbigbox('100%', 'LEFT', '', '');
-    if ($roothost eq $Lang::tr{'show root certificate'}) {
-               &Header::openbox('100%', 'LEFT', "$Lang::tr{'root certificate'}:");
-               $output = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/ca/cacert.pem`;
-    } else {
-               &Header::openbox('100%', 'LEFT', "$Lang::tr{'host certificate'}:");
-               $output = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/certs/servercert.pem`;
-    }
-    $output = &Header::cleanhtml($output,"y");
-    print "<pre>$output</pre>\n";
-    &Header::closebox();
-    print "<div align='center'><a href='/cgi-bin/ovpnmain.cgi'>$Lang::tr{'back'}</a></div>";
-    &Header::closebigbox();
-    &Header::closepage();
-    exit(0);
-}
-
-sub killconnection {
-       my $key = $_[0];
-       my %n2nconfighash = ();
-       &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%n2nconfighash);
-       my $n2nactive = `/bin/ps ax|grep $n2nconfighash{$key}[1].conf|grep -v grep|awk \'{print \$1}\'`;
-       if ($n2nactive ne ''){                          
-               system('/usr/local/bin/openvpnctrl', '-kn2n', $n2nactive);
-       }                                               
-}
-
-sub cidrormask {
-       my $cidrmask = $_[0];
-       my $cidrmask2 = $cidrmask;
-       if ("/$cidrmask" =~ /^\/(\d+)/){#cidr                       
-               if ($cidrmask2 = &cidr2mask("/$cidrmask")) {
-                       return $cidrmask2;
-               } else {
-                       if ($cidrmask =~ /^\d+\.\d+\.\d+\.\d+/){#mask                                    
-                               return $cidrmask;
-                       }
-               }               
-       } else {
-               if ($cidrmask =~ /^\d+\.\d+\.\d+\.\d+/){#mask                                    
-                       return $cidrmask;
-               }
-       }       
-}                          
-sub cidr2mask {
-    my( $cidr ) = @_;
-    my( $one32 ) = 0xffffffff;
-    my( @d, $n, $bits );
-
-    if ( $cidr eq "/0" ) {
-        return "0.0.0.0";
-    }
-
-    if ( $cidr !~ /\/(\d+)/ ) {
-        return undef;
-    }
-    $bits = $1;
-
-    if ( $bits > 32 ) {
-        return undef;
-    }
-
-    #-- convert to subnet-style mask
-       $n = $one32 << (32 - $bits);
-       $d[3] = $n % 256; $n = int( $n / 256);
-       $d[2] = $n % 256; $n = int( $n / 256);
-       $d[1] = $n % 256; $n = int( $n / 256);
-       $d[0] = $n;
-       return join '.', @d;
-}
-
-
-# ----------------------------------------------------------------------------
-# $cidr = &mask2cidr( $mask )
-# ----------------------------------------------------------------------------
-
-sub mask2cidr {
-    my( $mask ) = @_;
-    my( @d, $n, $bits );
-    
-    if ( $mask eq "0.0.0.0" ) {
-        return "/0";
-    }
-    
-    if ( ! &validMask( $mask ) ) {
-        return undef;
-    }
-
-    @d = split /\./, $mask;
-    $n = ((((($d[0] * 256) + $d[1])  * 256) + $d[2]) * 256) + $d[3];
-    $bits = 32;
-    while ( ($n % 2) == 0 ) {
-        $n >>= 1;
-        $bits -= 1;
-    }
-    return "/$bits";
-}
-
-
-# ----------------------------------------------------------------------------
-# $yesno = &validMask( $mask )
-# ----------------------------------------------------------------------------
-
-sub validMask {
-    my( $mask ) = @_;
-    my( @d, $n, $str );
-
-    @d = split /\./, $mask;
-    $n = ((((($d[0] * 256) + $d[1]) * 256) + $d[2]) * 256) + $d[3];
-    $str = sprintf "%b", $n;
-    return ( $str =~ /^1+0*$/ );
-}
-
-sub overlapping {
-       # read all subnets from AD, convert to integer range, and sort. 
-       foreach $subnet (@subnets2) {
-               ($from, $to) = &subnet2range ($subnet);
-               push @subnets, { cn => $subnet, from => $from, to => $to };
-       }
-       @subnets = sort { $a->{from} <=> $b->{from} } @subnets;
-
-       # compare all possible subnets for overlap; depend on sort order. 
-       for ($i=0; $i<=$#subnets; $i++) {
-               for ($j=$i+1; $j<=$#subnets; $j++) {
-                       last if $subnets[$i]->{to} < $subnets[$j]->{from};    # no possible overlap anymore;
-                       push @{$overlaps{$subnets[$i]->{cn}}}, $subnets[$j]->{cn} if $subnets[$i]->{to} >= $subnets[$j]->{from};
-               }
-       }
-
-       if (scalar (keys %overlaps)) {
-               foreach $subnet (sort keys %overlaps) {         
-                       #$errormessage = "$Lang::tr{'ovpn subnet overlap'} IPFire IPSEC  : %s\n", $subnet, join (", ", sort @{$overlaps{$subnet}});                     
-                       $errormessage = "$subnet : $overlaps{$subnet}[0]";
-                       last;
-               }
-       }       
-               return $errormessage;
-}
-
-# &subnet2range ($subnet)
-# convert subnets to integers in order to compare them later.
-# A subnet looks like this: 10.1.2.0/24
-# returns beginning and end of subnet as integer
-#
-sub subnet2range {
-    my $subnet = shift (@_);
-    my ($from, $to);
-    
-    $subnet =~ /^(\d+)\.(\d+)\.(\d+)\.(\d+)\/(\d+)$/ || die "bad subnet $subnet\n";
-    $from = $1*2**24 + $2*2**16 + $3*2**8 + $4;
-    $to = $from + 2**(32-$5) - 1;
-    return ($from, $to);
-}
-
-sub ovelapplausi {
-       my $tmpovpnsubnet0 = $_[0];
-       my $tmpovpnsubnet1 = $_[1];
-    my %vpnconfighash = ();
-       my $tmpcidr = '';
-       my @tmpremotevpnsubnet;
-    &General::readhasharray("${General::swroot}/vpn/config", \%vpnconfighash);
-
-    if (&General::IpInSubnet ( $netsettings{'GREEN_ADDRESS'}, 
-               $tmpovpnsubnet0, $tmpovpnsubnet1)) {
-        $errormessage = "$Lang::tr{'ovpn subnet overlap'} IPFire Green Network $netsettings{'GREEN_ADDRESS'}";
-        return $errormessage;
-    }
-
-       if (&haveBlueNet()) {
-               if (&General::IpInSubnet ( $netsettings{'BLUE_ADDRESS'}, 
-                       $tmpovpnsubnet0, $tmpovpnsubnet1)) {
-                       $errormessage = "$Lang::tr{'ovpn subnet overlap'} IPFire Blue Network $netsettings{'BLUE_ADDRESS'}";
-                       return $errormessage;
-               }
-       }       
-    if (&haveOrangeNet()) {
-               if (&General::IpInSubnet ( $netsettings{'ORANGE_ADDRESS'}, 
-                       $tmpovpnsubnet0, $tmpovpnsubnet1)) {
-                       $errormessage = "$Lang::tr{'ovpn subnet overlap'} IPFire Orange Network $netsettings{'ORANGE_ADDRESS'}";
-                       return $errormessage;
-               }
-       }       
-    open(ALIASES, "${General::swroot}/ethernet/aliases") or die 'Unable to open aliases file.';
-    while (<ALIASES>)
-    {
-               chomp($_);
-               my @tempalias = split(/\,/,$_);
-               if ($tempalias[1] eq 'on') {
-                       if (&General::IpInSubnet ($tempalias[0] , 
-                               $tmpovpnsubnet0, $tmpovpnsubnet1)) {
-                               $errormessage = "$Lang::tr{'ovpn subnet overlap'} IPFire alias entry $tempalias[0]";
-                               exit $errormessage;
-                       }               
-               }
-    }
-       close(ALIASES);
-       
-       #check against ipsec connections
-       foreach my $key (keys %vpnconfighash) {
-               #$confighash{$key}[8] = $cgiparams{'LOCAL_SUBNET'};
-               #$confighash{$key}[3]#host or net
-               #$confighash{$key}[11] = $cgiparams{'REMOTE_SUBNET'};
-               #$confighash{$key}[10] = $cgiparams{'REMOTE'};
-               &emptyarray();
-               $tmpcidr = &mask2cidr($tmpovpnsubnet1);
-               push @subnets2, "$tmpovpnsubnet0$tmpcidr";              
-               @tmpremotevpnsubnet = split("\/",$vpnconfighash{$key}[8]);                      
-               $tmpcidr = &mask2cidr($tmpremotevpnsubnet[1]);
-               push @subnets2, "$tmpremotevpnsubnet[0]$tmpcidr";                       
-               $errormessage2 = &overlapping();
-               if ($errormessage2 ne '') {
-                       $errormessage = "$Lang::tr{'ovpn subnet overlap'}IPSCEC Connection=$vpnconfighash{$key}[1] $Lang::tr{'local subnet'} $errormessage2 ";
-                       last;
-               }
-               &emptyarray();
-               if ($vpnconfighash{$key}[3] eq 'net'){
-                       if (&General::IpInSubnet ($vpnconfighash{$key}[10],$tmpovpnsubnet0, $tmpovpnsubnet1)) {
-                               $errormessage = "$Lang::tr{'ovpn subnet overlap'} IPFire IPSEC Connection/IP: $vpnconfighash{$key}[1]/$vpnconfighash{$key}[10]";
-                               last;                           
-                       }
-                       #check agains ipsec local subent                        
-                       push @subnets2, "$tmpovpnsubnet0$tmpcidr";
-                       @tmpremotevpnsubnet = split("\/",$vpnconfighash{$key}[11]);                     
-                       $tmpcidr = &mask2cidr($tmpremotevpnsubnet[1]);
-                       push @subnets2, "$tmpremotevpnsubnet[0]$tmpcidr";                       
-                       $errormessage2 = &overlapping();
-                       if ($errormessage2 ne '') {
-                               $errormessage = "$Lang::tr{'ovpn subnet overlap'}IPSCEC Connection=$vpnconfighash{$key}[1] $Lang::tr{'remote subnet'} $errormessage2 ";
-                               last;
-                       }       
-                       &emptyarray();
-                       push @subnets2, "$tmpovpnsubnet0$tmpcidr";
-                       @tmpremotevpnsubnet = split("\/",$vpnconfighash{$key}[8]);                      
-                       $tmpcidr = &mask2cidr($tmpremotevpnsubnet[1]);
-                       push @subnets2, "$tmpremotevpnsubnet[0]$tmpcidr";                       
-                       $errormessage2 = &overlapping();
-                       if ($errormessage2 ne '') {
-                               $errormessage = "$Lang::tr{'ovpn subnet overlap'}IPSCEC Connection=$vpnconfighash{$key}[1] $Lang::tr{'local subnet'} $errormessage2 ";
-                               last;
-                       }
-                       &emptyarray();                  
-               }               
-       }
-       #check against OpenVPN Connections (aware check against itself)
-       return $errormessage;
-}
-sub emptyarray {
-       @subnets2 = ();
-       @subnets = ();
-}
-sub rwclientstatus {
-       my $activeonrun = $_[0];
-       my @status = `/bin/cat /var/log/ovpnserver.log`;
-       my %confighash = ();
-       my $dis = ''
-       &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
-       if ( -f "${General::swroot}/ovpn/ca/cacert.pem" ) {
-               $dis = '';
-       } else {
-               $dis = "disabled='disabled'";
-       }       
-               
-               &Header::openbox('100%', 'LEFT', "Roadwarrior $Lang::tr{'Client status and controlc'}");
-               print <<END
-               <table width='100%' border='0' cellspacing='1' cellpadding='0'>
-               <tr>
-               <td width='10%' class='boldbase' align='center'><b>$Lang::tr{'name'}</b></td>
-               <td width='15%' class='boldbase' align='center'><b>$Lang::tr{'type'}</b></td>
-               <td width='18%' class='boldbase' align='center'><b>$Lang::tr{'common name'}</b></td>
-               <td width='17%' class='boldbase' align='center'><b>$Lang::tr{'valid till'}</b></td>
-               <td width='25%' class='boldbase' align='center'><b>$Lang::tr{'remark'}</b><br /><img src='/images/null.gif' width='125' height='1' border='0' alt='L2089' /></td>
-               <td width='10%' class='boldbase' align='center'><b>$Lang::tr{'status'}</b></td>
-               <td width='5%' class='boldbase' colspan='6' align='center'><b>$Lang::tr{'action'}</b></td>
-               </tr>
-END
-               ;
-               my $id = 0;
-               my $gif;
-               foreach my $key (keys %confighash) {
-                       if ($confighash{$key}[3] eq 'host') {
-                               if ($confighash{$key}[0] eq 'on') { $gif = 'on.gif'; } else { $gif = 'off.gif'; }
-                                       if ($id % 2) {
-                                               print "<tr bgcolor='${Header::table1colour}'>\n";
-                                       } else {
-                                               print "<tr bgcolor='${Header::table2colour}'>\n";
-                                       }
-                               print "<td align='center' nowrap='nowrap'>$confighash{$key}[1]</td>";           
-                               print "<td align='center' nowrap='nowrap'>" . $Lang::tr{"$confighash{$key}[3]"} . " (" . $Lang::tr{"$confighash{$key}[4]"} . ")</td>";                  
-                               if ($confighash{$key}[4] eq 'cert') {
-                                       print "<td align='left' nowrap='nowrap'>$confighash{$key}[2]</td>";
-                               } else {
-                                       print "<td align='left'>&nbsp;</td>";
-                               }
-                               if ($confighash{$key}[19] ne 'yes') {
-                                       my $cavalid = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/certs/$confighash{$key}[1]cert.pem`;
-                                       $cavalid    =~ /Not After : (.*)[\n]/;
-                                       $cavalid    = $1;
-                                       print "<td align='center'>$cavalid</td>";
-                               } else {
-                                       print "<td>&nbsp;</td>";
-                               }       
-                               print "<td align='center'>$confighash{$key}[25]</td>";
-                               my $active = "<table cellpadding='2' cellspacing='0' bgcolor='${Header::colourred}' width='100%'><tr><td align='center'><b><font color='#FFFFFF'>$Lang::tr{'capsclosed'}</font></b></td></tr></table>";
-                               if ($confighash{$key}[0] eq 'off') {
-                                       $active = "<table cellpadding='2' cellspacing='0' bgcolor='${Header::colourblue}' width='100%'><tr><td align='center'><b><font color='#FFFFFF'>$Lang::tr{'capsclosed'}</font></b></td></tr></table>";
-                               } else {                                
-                                       my $cn;
-                                       my @match = (); 
-                                       foreach my $line (@status) {
-                                               chomp($line);
-                                               if ( $line =~ /^(.+),(\d+\.\d+\.\d+\.\d+\:\d+),(\d+),(\d+),(.+)/) {
-                                                       @match = split(m/^(.+),(\d+\.\d+\.\d+\.\d+\:\d+),(\d+),(\d+),(.+)/, $line);
-                                                       if ($match[1] ne "Common Name") {
-                                                               $cn = $match[1];
-                                                       }           
-                                                       $cn =~ s/[_]/ /g;
-                                                       if ($cn eq "$confighash{$key}[2]") {
-                                                               $active = "<table cellpadding='2' cellspacing='0' bgcolor='${Header::colourgreen}' width='100%'><tr><td align='center'><b><font color='#FFFFFF'>$Lang::tr{'capsopen'}</font></b></td></tr></table>";
-                                                       }
-                                               }    
-                                       }                               
-                               }                               
-                               print "<td align='center'>$active</td>";
-                               my $disable_clientdl = "";
-                               if ($confighash{$key}[6] ne 'client') {                 
-                                       print <<END             
-                                       <form method='post' name='frm${key}a'><td align='center'>
-                                       <input type='image'  name='$Lang::tr{'dl client arch'}' $disable_clientdl src='/images/openvpn.gif' alt='$Lang::tr{'dl client arch'}' title='$Lang::tr{'dl client arch'}' border='0' />
-                                       <input type='hidden' name='ACTION' value='$Lang::tr{'dl client arch'}' $disable_clientdl />
-                                       <input type='hidden' name='KEY' value='$key' $disable_clientdl />
-                                       </td></form>
-END
-               ;               } else {
-                                       print "<td>&nbsp;</td>";        
-                               }       
-                               if ($confighash{$key}[4] eq 'cert' && $confighash{$key}[19] ne 'yes') {
-                                       print <<END
-                                       <form method='post' name='frm${key}b'><td align='center'>
-                                       <input type='image' name='$Lang::tr{'show certificate'}' src='/images/info.gif' alt='$Lang::tr{'show certificate'}' title='$Lang::tr{'show certificate'}' border='0' />
-                                       <input type='hidden' name='ACTION' value='$Lang::tr{'show certificate'}' />
-                                       <input type='hidden' name='KEY' value='$key' />
-                                       </td></form>
-END
-               ;               } else {
-                                       print "<td>&nbsp;</td>";
-                               }
-                               if ($confighash{$key}[4] eq 'cert' && -f "${General::swroot}/ovpn/certs/$confighash{$key}[1].p12") { 
-                                       print <<END
-                                       <form method='post' name='frm${key}c'><td align='center'>
-                                       <input type='image' name='$Lang::tr{'download pkcs12 file'}' src='/images/floppy.gif' alt='$Lang::tr{'download pkcs12 file'}' title='$Lang::tr{'download pkcs12 file'}' border='0' />
-                                       <input type='hidden' name='ACTION' value='$Lang::tr{'download pkcs12 file'}' />
-                                       <input type='hidden' name='KEY' value='$key' />
-                                       </td></form>
-END
-               ;               } elsif ($confighash{$key}[4] eq 'cert' && $confighash{$key}[19] ne 'yes') {
-                                       print <<END
-                                       <form method='post' name='frm${key}c'><td align='center'>
-                                       <input type='image' name='$Lang::tr{'download certificate'}' src='/images/floppy.gif' alt='$Lang::tr{'download certificate'}' title='$Lang::tr{'download certificate'}' border='0' />
-                                       <input type='hidden' name='ACTION' value='$Lang::tr{'download certificate'}' />
-                                       <input type='hidden' name='KEY' value='$key' />
-                                       </td></form>
-END
-               ;               } else {
-                                       print "<td>&nbsp;</td>";
-                               }
-                               print <<END
-                               <form method='post' name='frm${key}d'><td align='center'>
-                               <input type='image' name='$Lang::tr{'toggle enable disable'}' src='/images/$gif' alt='$Lang::tr{'toggle enable disable'}' title='$Lang::tr{'toggle enable disable'}' border='0' />
-                               <input type='hidden' name='ACTION' value='$Lang::tr{'toggle enable disable'}' />
-                               <input type='hidden' name='KEY' value='$key' />
-                               </td></form>
-                               <form method='post' name='frm${key}e'><td align='center'>
-                               <input type='hidden' name='ACTION' value='$Lang::tr{'edit'}' />
-                               <input type='image' name='$Lang::tr{'edit'}' src='/images/edit.gif' alt='$Lang::tr{'edit'}' title='$Lang::tr{'edit'}' width='20' height='20' border='0'/>
-                               <input type='hidden' name='KEY' value='$key' />
-                               </td></form>
-                               <form method='post' name='frm${key}f'><td align='center'>
-                               <input type='hidden' name='ACTION' value='$Lang::tr{'remove'}' />
-                               <input type='image'  name='$Lang::tr{'remove'}' src='/images/delete.gif' alt='$Lang::tr{'remove'}' title='$Lang::tr{'remove'}' width='20' height='20' border='0' />
-                               <input type='hidden' name='KEY' value='$key' />
-                               </td></form>
-                               </tr>
-END
-               ;
-                               $id++;
-                       }
-               }
-           ;
-           # If the config file contains entries, print Key to action icons
-           if ( $id ) {
-                       print <<END
-                       <table>
-                       <tr>
-                       <td class='boldbase'>&nbsp; <b>$Lang::tr{'legend'}:</b></td>
-                       <td>&nbsp; <img src='/images/on.gif' alt='$Lang::tr{'click to disable'}' /></td>
-                       <td class='base'>$Lang::tr{'click to disable'}</td>
-                       <td>&nbsp; &nbsp; <img src='/images/info.gif' alt='$Lang::tr{'show certificate'}' /></td>
-                       <td class='base'>$Lang::tr{'show certificate'}</td>
-                       <td>&nbsp; &nbsp; <img src='/images/edit.gif' alt='$Lang::tr{'edit'}' /></td>
-                       <td class='base'>$Lang::tr{'edit'}</td>
-                       <td>&nbsp; &nbsp; <img src='/images/delete.gif' alt='$Lang::tr{'remove'}' /></td>
-                       <td class='base'>$Lang::tr{'remove'}</td>
-                       </tr>
-                       <tr>
-                       <td>&nbsp; </td>
-                       <td>&nbsp; <img src='/images/off.gif' alt='?OFF' /></td>
-                       <td class='base'>$Lang::tr{'click to enable'}</td>
-                       <td>&nbsp; &nbsp; <img src='/images/floppy.gif' alt='?FLOPPY' /></td>
-                       <td class='base'>$Lang::tr{'download certificate'}</td>
-                       <td>&nbsp; &nbsp; <img src='/images/openvpn.gif' alt='?RELOAD'/></td>
-                       <td class='base'>$Lang::tr{'dl client arch'}</td>
-                       </tr>
-                       </table>
-END
-           ;
-           }
-           print <<END
-           <table width='100%'>
-           <form method='post'>
-           <tr><td width='50%' ><input type='submit' name='ACTION' value='$Lang::tr{'add'}' $dis />
-                                            <input type='hidden' name='TYPE' value='host' /></td>                              
-               <td width='50%' ><input type='submit' name='ACTION' value='$Lang::tr{'ovpn con stat'}' $activeonrun /></td></tr>
-           </form>
-           </table>
-END
-           ;    
-           &Header::closebox();
-       #}
-}
-sub net2netstatus {
-#net2net connections
-       my $activeonrun = $_[0];
-       my @status = `/bin/cat /var/log/ovpnserver.log`;
-       my %confighash = ();
-       my $dis = ''
-       &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
-       if ( -f "${General::swroot}/ovpn/ca/cacert.pem" ) {
-               $dis = '';
-       } else {
-               $dis = "disabled='disabled'";
-       }
-               &Header::openbox('100%', 'LEFT', "Net to Net Connection status and control:");
-               print <<END
-               <table width='100%' border='0' cellspacing='1' cellpadding='0'>
-               <tr>
-               <td width='10%' class='boldbase' align='center'><b>$Lang::tr{'name'}</b></td>
-               <td width='15%' class='boldbase' align='center'><b>$Lang::tr{'type'}</b></td>
-               <td width='18%' class='boldbase' align='center'><b>$Lang::tr{'common name'}</b></td>
-               <td width='17%' class='boldbase' align='center'><b>$Lang::tr{'valid till'}</b></td>
-               <td width='25%' class='boldbase' align='center'><b>$Lang::tr{'remark'}</b><br /><img src='/images/null.gif' width='125' height='1' border='0' alt='L2089' /></td>
-               <td width='10%' class='boldbase' align='center'><b>$Lang::tr{'status'}</b></td>
-               <td width='5%' class='boldbase' colspan='6' align='center'><b>$Lang::tr{'action'}</b></td>
-               </tr>
-END
-               ;
-               my $id = 0;
-               my $gif;
-               foreach my $key (keys %confighash) {
-                       if ($confighash{$key}[3] eq 'net') {
-                               if ($confighash{$key}[0] eq 'on') { $gif = 'on.gif'; } else { $gif = 'off.gif'; }
-                               if ($id % 2) {
-                                       print "<tr bgcolor='${Header::table1colour}'>\n";
-                               } else {
-                                       print "<tr bgcolor='${Header::table2colour}'>\n";
-                               }
-                               print "<td align='center' nowrap='nowrap'>$confighash{$key}[1]</td>";
-                               print "<td align='center' nowrap='nowrap'>" . $confighash{$key}[6] . "-" . $Lang::tr{"$confighash{$key}[3]"} . " (" . $Lang::tr{"$confighash{$key}[4]"} . ")</td>";             
-                               if ($confighash{$key}[4] eq 'cert') {
-                                       print "<td align='left' nowrap='nowrap'>$confighash{$key}[2]</td>";
-                               } else {
-                                       print "<td align='left'>&nbsp;</td>";
-                               }
-                               if ($confighash{$key}[19] ne 'yes') {
-                                       my $cavalid = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/certs/$confighash{$key}[1]cert.pem`;
-                                       $cavalid    =~ /Not After : (.*)[\n]/;
-                                       $cavalid    = $1;
-                                       print "<td align='center'>$cavalid</td>";
-                               } else {
-                                       print "<td>&nbsp;</td>";
-                               }       
-                               print "<td align='center'>$confighash{$key}[25]</td>";
-                               my $active = "<table cellpadding='2' cellspacing='0' bgcolor='${Header::colourred}' width='100%'><tr><td align='center'><b><font color='#FFFFFF'>$Lang::tr{'capsclosed'}</font></b></td></tr></table>";
-                               if ($confighash{$key}[0] eq 'off') {
-                                       $active = "<table cellpadding='2' cellspacing='0' bgcolor='${Header::colourblue}' width='100%'><tr><td align='center'><b><font color='#FFFFFF'>$Lang::tr{'capsclosed'}</font></b></td></tr></table>";
-                               } else {
-                                       my @tempovpnsubnet = split("\/",$confighash{$key}[13]);
-                                       my @ovpnip = split /\./,$tempovpnsubnet[0];
-                                       my $pingip = "";
-                                       if ($confighash{$key}[6] eq 'server') {
-                                               $pingip = "$ovpnip[0].$ovpnip[1].$ovpnip[2].2";
-                                       } else {
-                                               $pingip = "$ovpnip[0].$ovpnip[1].$ovpnip[2].1";
-                                       }
-                                       my $p = Net::Ping->new("udp",1);
-                                       if ($p->ping($pingip)) {
-                                               $active = "<table cellpadding='2' cellspacing='0' bgcolor='${Header::colourgreen}' width='100%'><tr><td align='center'><b><font color='#FFFFFF'>$Lang::tr{'capsopen'}</font></b></td></tr></table>";
-                                       }       
-                                       $p->close();                            
-                               }                               
-                               print "<td align='center'>$active</td>";
-                               my $disable_clientdl = "";
-                               if ($confighash{$key}[6] ne 'client') {                 
-                                       print <<END             
-                                       <form method='post' name='frm${key}a'><td align='center'>
-                                       <input type='image'  name='$Lang::tr{'dl client arch'}' $disable_clientdl src='/images/openvpn.gif' alt='$Lang::tr{'dl client arch'}' title='$Lang::tr{'dl client arch'}' border='0' />
-                                       <input type='hidden' name='ACTION' value='$Lang::tr{'dl client arch'}' $disable_clientdl />
-                                       <input type='hidden' name='KEY' value='$key' $disable_clientdl />
-                                       </td></form>
-END
-                                       ;               } else {
-                                       print "<td>&nbsp;</td>";        
-                               }       
-                               if ($confighash{$key}[4] eq 'cert' && $confighash{$key}[19] ne 'yes') {
-                                       print <<END
-                                       <form method='post' name='frm${key}b'><td align='center'>
-                                       <input type='image' name='$Lang::tr{'show certificate'}' src='/images/info.gif' alt='$Lang::tr{'show certificate'}' title='$Lang::tr{'show certificate'}' border='0' />
-                                       <input type='hidden' name='ACTION' value='$Lang::tr{'show certificate'}' />
-                                       <input type='hidden' name='KEY' value='$key' />
-                                       </td></form>
-END
-                                       ;               } else {
-                                       print "<td>&nbsp;</td>";
-                               }
-                               if ($confighash{$key}[4] eq 'cert' && -f "${General::swroot}/ovpn/certs/$confighash{$key}[1].p12") { 
-                                       print <<END
-                                       <form method='post' name='frm${key}c'><td align='center'>
-                                       <input type='image' name='$Lang::tr{'download pkcs12 file'}' src='/images/floppy.gif' alt='$Lang::tr{'download pkcs12 file'}' title='$Lang::tr{'download pkcs12 file'}' border='0' />
-                                       <input type='hidden' name='ACTION' value='$Lang::tr{'download pkcs12 file'}' />
-                                       <input type='hidden' name='KEY' value='$key' />
-                                       </td></form>
-END
-                                       ;               } elsif ($confighash{$key}[4] eq 'cert' && $confighash{$key}[19] ne 'yes') {
-                                       print <<END
-                                       <form method='post' name='frm${key}c'><td align='center'>
-                                       <input type='image' name='$Lang::tr{'download certificate'}' src='/images/floppy.gif' alt='$Lang::tr{'download certificate'}' title='$Lang::tr{'download certificate'}' border='0' />
-                                       <input type='hidden' name='ACTION' value='$Lang::tr{'download certificate'}' />
-                                       <input type='hidden' name='KEY' value='$key' />
-                                       </td></form>
-END
-                                       ;               } else {
-                                       print "<td>&nbsp;</td>";
-                               }
-                               
-                               print <<END
-                               <form method='post' name='frm${key}d'><td align='center'>
-                               <input type='image' name='$Lang::tr{'toggle enable disable'}' src='/images/$gif' alt='$Lang::tr{'toggle enable disable'}' title='$Lang::tr{'toggle enable disable'}' border='0' />
-                               <input type='hidden' name='ACTION' value='$Lang::tr{'toggle enable disable'}' />
-                               <input type='hidden' name='KEY' value='$key' />
-                               </td></form>
-                               <form method='post' name='frm${key}e'><td align='center'>
-                               <input type='hidden' name='ACTION' value='$Lang::tr{'edit'}' />
-                               <input type='image' name='$Lang::tr{'edit'}' src='/images/edit.gif' alt='$Lang::tr{'edit'}' title='$Lang::tr{'edit'}' width='20' height='20' border='0'/>
-                               <input type='hidden' name='KEY' value='$key' />
-                               </td></form>
-                               <form method='post' name='frm${key}f'><td align='center'>
-                               <input type='hidden' name='ACTION' value='$Lang::tr{'remove'}' />
-                               <input type='image'  name='$Lang::tr{'remove'}' src='/images/delete.gif' alt='$Lang::tr{'remove'}' title='$Lang::tr{'remove'}' width='20' height='20' border='0' />
-                               <input type='hidden' name='KEY' value='$key' />
-                               </td></form>
-                               </tr>
-END
-                               ;
-                               $id++;
-                       }
-               }
-               ;
-
-               # If the config file contains entries, print Key to action icons
-               if ( $id ) {
-                       print <<END
-                       <table>
-                       <tr>
-                       <td class='boldbase'>&nbsp; <b>$Lang::tr{'legend'}:</b></td>
-                       <td>&nbsp; <img src='/images/on.gif' alt='$Lang::tr{'click to disable'}' /></td>
-                       <td class='base'>$Lang::tr{'click to disable'}</td>
-                       <td>&nbsp; &nbsp; <img src='/images/info.gif' alt='$Lang::tr{'show certificate'}' /></td>
-                       <td class='base'>$Lang::tr{'show certificate'}</td>
-                       <td>&nbsp; &nbsp; <img src='/images/edit.gif' alt='$Lang::tr{'edit'}' /></td>
-                       <td class='base'>$Lang::tr{'edit'}</td>
-                       <td>&nbsp; &nbsp; <img src='/images/delete.gif' alt='$Lang::tr{'remove'}' /></td>
-                       <td class='base'>$Lang::tr{'remove'}</td>
-                       </tr>
-                       <tr>
-                       <td>&nbsp; </td>
-                       <td>&nbsp; <img src='/images/off.gif' alt='?OFF' /></td>
-                       <td class='base'>$Lang::tr{'click to enable'}</td>
-                       <td>&nbsp; &nbsp; <img src='/images/floppy.gif' alt='?FLOPPY' /></td>
-                       <td class='base'>$Lang::tr{'download certificate'}</td>
-                       <td>&nbsp; &nbsp; <img src='/images/openvpn.gif' alt='?RELOAD'/></td>
-                       <td class='base'>$Lang::tr{'dl client arch'}</td>
-                       </tr>
-                       </table>
-END
-                       ;
-               }
-               print <<END
-               <table width='100%'>
-               <form method='post'>
-               <tr><td width='50%' ><input type='submit' name='ACTION' value='$Lang::tr{'add'}' $ dis /></td></tr>     
-               </form>
-               </table>
-END
-               ;    
-               &Header::closebox();
-       #}      
-#net2net connections
-}
diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi
index 761041402065dfd23730083ec32dc71f773aefec..1c2d42c822013703123b018c0758e393d53c7cb0 100644 (file)
--- a/html/cgi-bin/ovpnmain.cgi
+++ b/html/cgi-bin/ovpnmain.cgi
@@ -3,10 +3,8 @@
 # 
 # This code is distributed under the terms of the GPL
 # Main idea from zeroconcept
 # 
 # This code is distributed under the terms of the GPL
 # Main idea from zeroconcept
-# ZERNINA-VERSION:0.9.7a9
-# (c) 2005 Ufuk Altinkaynak
-#
-# Ipcop and OpenVPN eas as one two three..
+# ZERNINA-VERSION:0.9.4i
+# (c) 2007 Ufuk Altinkaynak
 #
 
 use CGI;
 #
 
 use CGI;
@@ -16,9 +14,7 @@ use File::Copy;
 use File::Temp qw/ tempfile tempdir /;
 use strict;
 use Archive::Zip qw(:ERROR_CODES :CONSTANTS);
 use File::Temp qw/ tempfile tempdir /;
 use strict;
 use Archive::Zip qw(:ERROR_CODES :CONSTANTS);
-use Net::Ping;
 require '/var/ipfire/general-functions.pl';
 require '/var/ipfire/general-functions.pl';
-require '/srv/web/ipfire/cgi-bin/ovpnfunc.pl';
 require "${General::swroot}/lang.pl";
 require "${General::swroot}/header.pl";
 require "${General::swroot}/countries.pl";
 require "${General::swroot}/lang.pl";
 require "${General::swroot}/header.pl";
 require "${General::swroot}/countries.pl";
@@ -35,6 +31,8 @@ my %mainsettings = ();
 &General::readhash("${General::swroot}/main/settings", \%mainsettings);
 &General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
 
 &General::readhash("${General::swroot}/main/settings", \%mainsettings);
 &General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
 
+
+
 ###
 ### Initialize variables
 ###
 ###
 ### Initialize variables
 ###
@@ -48,7 +46,6 @@ my %selected=();
 my $warnmessage = '';
 my $errormessage = '';
 my %settings=();
 my $warnmessage = '';
 my $errormessage = '';
 my %settings=();
-my $zerinaclient = '';
 &General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
 $cgiparams{'ENABLED'} = 'off';
 $cgiparams{'ENABLED_BLUE'} = 'off';
 &General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
 $cgiparams{'ENABLED'} = 'off';
 $cgiparams{'ENABLED_BLUE'} = 'off';
@@ -69,6 +66,337 @@ $cgiparams{'DCOMPLZO'} = 'off';
 ###
 ### Useful functions
 ###
 ###
 ### Useful functions
 ###
+sub haveOrangeNet
+{
+       if ($netsettings{'CONFIG_TYPE'} == 1) {return 1;}
+       if ($netsettings{'CONFIG_TYPE'} == 3) {return 1;}
+       if ($netsettings{'CONFIG_TYPE'} == 5) {return 1;}
+       if ($netsettings{'CONFIG_TYPE'} == 7) {return 1;}
+       return 0;
+}
+
+sub haveBlueNet
+{
+       if ($netsettings{'CONFIG_TYPE'} == 4) {return 1;}
+       if ($netsettings{'CONFIG_TYPE'} == 5) {return 1;}
+       if ($netsettings{'CONFIG_TYPE'} == 6) {return 1;}
+       if ($netsettings{'CONFIG_TYPE'} == 7) {return 1;}
+       return 0;
+}
+
+sub sizeformat{
+    my $bytesize = shift;
+    my $i = 0;
+
+    while(abs($bytesize) >= 1024){
+       $bytesize=$bytesize/1024;
+       $i++;
+       last if($i==6);
+    }
+
+    my @units = ("Bytes","KB","MB","GB","TB","PB","EB");
+    my $newsize=(int($bytesize*100 +0.5))/100;
+    return("$newsize $units[$i]");
+}
+
+sub valid_dns_host {
+       my $hostname = $_[0];
+       unless ($hostname) { return "No hostname"};
+       my $res = new Net::DNS::Resolver;
+       my $query = $res->search("$hostname");
+       if ($query) {
+               foreach my $rr ($query->answer) {
+                       ## Potential bug - we are only looking at A records:
+                       return 0 if $rr->type eq "A";
+               }
+       } else {
+               return $res->errorstring;
+       }
+}
+
+sub cleanssldatabase
+{
+    if (open(FILE, ">${General::swroot}/ovpn/certs/serial")) {
+       print FILE "01";
+       close FILE;
+    }
+    if (open(FILE, ">${General::swroot}/ovpn/certs/index.txt")) {
+       print FILE "";
+       close FILE;
+    }
+    unlink ("${General::swroot}/ovpn/certs/index.txt.old");
+    unlink ("${General::swroot}/ovpn/certs/serial.old");
+    unlink ("${General::swroot}/ovpn/certs/01.pem");
+}
+
+sub newcleanssldatabase
+{
+    if (! -s "${General::swroot}/ovpn/certs/serial" )  {
+        open(FILE, ">${General::swroot}(ovpn/certs/serial");
+       print FILE "01";
+       close FILE;
+    }
+    if (! -s ">${General::swroot}/ovpn/certs/index.txt") {
+       system ("touch ${General::swroot}/ovpn/certs/index.txt");
+    }
+    unlink ("${General::swroot}/ovpn/certs/index.txt.old");
+    unlink ("${General::swroot}/ovpn/certs/serial.old");
+}
+
+sub deletebackupcert
+{
+       if (open(FILE, "${General::swroot}/ovpn/certs/serial.old")) {
+               my $hexvalue = <FILE>;
+               chomp $hexvalue;
+               close FILE;
+               unlink ("${General::swroot}/ovpn/certs/$hexvalue.pem");
+       }
+}
+
+sub checkportfw {
+    my $KEY2 = $_[0]; # key2
+    my $SRC_PORT = $_[1]; # src_port
+    my $PROTOCOL = $_[2]; # protocol
+    my $SRC_IP = $_[3]; # sourceip
+
+    my $pfwfilename = "${General::swroot}/portfw/config";
+    open(FILE, $pfwfilename) or die 'Unable to open config file.';
+    my @pfwcurrent = <FILE>;
+    close(FILE);
+    my $pfwkey1 = 0; # used for finding last sequence number used 
+    foreach my $pfwline (@pfwcurrent)
+    {
+       my @pfwtemp = split(/\,/,$pfwline);
+
+       chomp ($pfwtemp[8]);
+       if ($KEY2 eq "0"){ # if key2 is 0 then it is a portfw addition
+               if ( $SRC_PORT eq $pfwtemp[3] &&
+                       $PROTOCOL eq $pfwtemp[2] &&
+                       $SRC_IP eq $pfwtemp[7])
+               {
+                        $errormessage = "$Lang::tr{'source port in use'} $SRC_PORT";
+               }
+               # Check if key2 = 0, if it is then it is a port forward entry and we want the sequence number
+               if ( $pfwtemp[1] eq "0") {
+                       $pfwkey1=$pfwtemp[0];
+               }
+               # Darren Critchley - Duplicate or overlapping Port range check
+               if ($pfwtemp[1] eq "0" && 
+                       $PROTOCOL eq $pfwtemp[2] &&
+                       $SRC_IP eq $pfwtemp[7] &&
+                       $errormessage eq '') 
+               {
+                       &portchecks($SRC_PORT, $pfwtemp[5]);            
+#                      &portchecks($pfwtemp[3], $pfwtemp[5]);
+#                      &portchecks($pfwtemp[3], $SRC_IP);
+               }
+       }
+    }
+#    $errormessage="$KEY2 $SRC_PORT $PROTOCOL $SRC_IP";
+
+    return;
+}
+
+sub checkportoverlap
+{
+       my $portrange1 = $_[0]; # New port range
+       my $portrange2 = $_[1]; # existing port range
+       my @tempr1 = split(/\:/,$portrange1);
+       my @tempr2 = split(/\:/,$portrange2);
+
+       unless (&checkportinc($tempr1[0], $portrange2)){ return 0;}
+       unless (&checkportinc($tempr1[1], $portrange2)){ return 0;}
+       
+       unless (&checkportinc($tempr2[0], $portrange1)){ return 0;}
+       unless (&checkportinc($tempr2[1], $portrange1)){ return 0;}
+
+       return 1; # Everything checks out!
+}
+
+# Darren Critchley - we want to make sure that a port entry is not within an already existing range
+sub checkportinc
+{
+       my $port1 = $_[0]; # Port
+       my $portrange2 = $_[1]; # Port range
+       my @tempr1 = split(/\:/,$portrange2);
+
+       if ($port1 < $tempr1[0] || $port1 > $tempr1[1]) {
+               return 1; 
+       } else {
+               return 0; 
+       }
+}
+# Darren Critchley - Duplicate or overlapping Port range check
+sub portchecks
+{
+       my $p1 = $_[0]; # New port range
+       my $p2 = $_[1]; # existing port range
+#      $_ = $_[0];
+       our ($prtrange1, $prtrange2);
+       $prtrange1 = 0;
+#      if (m/:/ && $prtrange1 == 1) { # comparing two port ranges
+#              unless (&checkportoverlap($p1,$p2)) {
+#                      $errormessage = "$Lang::tr{'source port overlaps'} $p1";
+#              }
+#      }
+       if (m/:/ && $prtrange1 == 0 && $errormessage eq '') { # compare one port to a range
+               unless (&checkportinc($p2,$p1)) {
+                       $errormessage = "$Lang::tr{'srcprt within existing'} $p1";
+               }
+       }
+       $prtrange1 = 1;
+       if (! m/:/ && $prtrange1 == 1 && $errormessage eq '') { # compare one port to a range
+               unless (&checkportinc($p1,$p2)) {
+                       $errormessage = "$Lang::tr{'srcprt range overlaps'} $p2";
+               }
+       }
+       return;
+}
+
+# Darren Critchley - certain ports are reserved for IPFire 
+# TCP 67,68,81,222,445
+# UDP 67,68
+# Params passed in -> port, rangeyn, protocol
+sub disallowreserved
+{
+       # port 67 and 68 same for tcp and udp, don't bother putting in an array
+       my $msg = "";
+       my @tcp_reserved = (81,222,445);
+       my $prt = $_[0]; # the port or range
+       my $ryn = $_[1]; # tells us whether or not it is a port range
+       my $prot = $_[2]; # protocol
+       my $srcdst = $_[3]; # source or destination
+       if ($ryn) { # disect port range
+               if ($srcdst eq "src") {
+                       $msg = "$Lang::tr{'rsvd src port overlap'}";
+               } else {
+                       $msg = "$Lang::tr{'rsvd dst port overlap'}";
+               }
+               my @tmprng = split(/\:/,$prt);
+               unless (67 < $tmprng[0] || 67 > $tmprng[1]) { $errormessage="$msg 67"; return; }
+               unless (68 < $tmprng[0] || 68 > $tmprng[1]) { $errormessage="$msg 68"; return; }
+               if ($prot eq "tcp") {
+                       foreach my $prange (@tcp_reserved) {
+                               unless ($prange < $tmprng[0] || $prange > $tmprng[1]) { $errormessage="$msg $prange"; return; }
+                       }
+               }
+       } else {
+               if ($srcdst eq "src") {
+                       $msg = "$Lang::tr{'reserved src port'}";
+               } else {
+                       $msg = "$Lang::tr{'reserved dst port'}";
+               }
+               if ($prt == 67) { $errormessage="$msg 67"; return; }
+               if ($prt == 68) { $errormessage="$msg 68"; return; }
+               if ($prot eq "tcp") {
+                       foreach my $prange (@tcp_reserved) {
+                               if ($prange == $prt) { $errormessage="$msg $prange"; return; }
+                       }
+               }
+       }
+       return;
+}
+
+sub writeserverconf {
+    my %sovpnsettings = ();    
+    &General::readhash("${General::swroot}/ovpn/settings", \%sovpnsettings);
+
+    open(CONF,    ">${General::swroot}/ovpn/server.conf") or die "Unable to open ${General::swroot}/ovpn/server.conf: $!";
+    flock CONF, 2;
+    print CONF "#OpenVPN Server conf\n";
+    print CONF "\n";
+    print CONF "daemon openvpnserver\n";
+    print CONF "writepid /var/run/openvpn.pid\n";
+    print CONF "#DAN prepare ZERINA for listening on blue and orange\n";
+    print CONF ";local $sovpnsettings{'VPN_IP'}\n";
+    print CONF "dev $sovpnsettings{'DDEVICE'}\n";
+    print CONF "$sovpnsettings{'DDEVICE'}-mtu $sovpnsettings{'DMTU'}\n";
+    print CONF "proto $sovpnsettings{'DPROTOCOL'}\n";
+    print CONF "port $sovpnsettings{'DDEST_PORT'}\n";
+    print CONF "tls-server\n";
+    print CONF "ca /var/ipfire/ovpn/ca/cacert.pem\n";
+    print CONF "cert /var/ipfire/ovpn/certs/servercert.pem\n";
+    print CONF "key /var/ipfire/ovpn/certs/serverkey.pem\n";
+    print CONF "dh /var/ipfire/ovpn/ca/dh1024.pem\n";
+    my @tempovpnsubnet = split("\/",$sovpnsettings{'DOVPN_SUBNET'});
+    print CONF "server $tempovpnsubnet[0] $tempovpnsubnet[1]\n";
+    print CONF "push \"route $netsettings{'GREEN_NETADDRESS'} $netsettings{'GREEN_NETMASK'}\"\n";
+    if ($sovpnsettings{CLIENT2CLIENT} eq 'on') {
+       print CONF "client-to-client\n";
+    }
+    if ($sovpnsettings{KEEPALIVE_1} > 0 && $sovpnsettings{KEEPALIVE_2} > 0) {  
+       print CONF "keepalive $sovpnsettings{'KEEPALIVE_1'} $sovpnsettings{'KEEPALIVE_2'}\n";
+    }  
+    print CONF "status-version 1\n";
+    print CONF "status /var/ipfire/ovpn/server.log 30\n";
+    print CONF "cipher $sovpnsettings{DCIPHER}\n";
+    if ($sovpnsettings{DCOMPLZO} eq 'on') {
+        print CONF "comp-lzo\n";
+    }
+    if ($sovpnsettings{REDIRECT_GW_DEF1} eq 'on') {
+        print CONF "push \"redirect-gateway def1\"\n";
+    }
+    if ($sovpnsettings{DHCP_DOMAIN} ne '') {
+        print CONF "push \"dhcp-option DOMAIN $sovpnsettings{DHCP_DOMAIN}\"\n";
+    }
+
+    if ($sovpnsettings{DHCP_DNS} ne '') {
+        print CONF "push \"dhcp-option DNS $sovpnsettings{DHCP_DNS}\"\n";
+    }
+
+    if ($sovpnsettings{DHCP_WINS} ne '') {
+        print CONF "push \"dhcp-option WINS $sovpnsettings{DHCP_WINS}\"\n";
+    }
+    
+    if ($sovpnsettings{DHCP_WINS} eq '') {
+       print CONF "max-clients 100\n";
+    }  
+    
+    if ($sovpnsettings{DHCP_WINS} ne '') {
+       print CONF "max-clients $sovpnsettings{MAX_CLIENTS}\n";
+    }  
+    print CONF "tls-verify /var/ipfire/ovpn/verify\n";
+    print CONF "crl-verify /var/ipfire/ovpn/crls/cacrl.pem\n";
+    print CONF "user nobody\n";
+    print CONF "group nobody\n";
+    print CONF "persist-key\n";
+    print CONF "persist-tun\n";
+       if ($sovpnsettings{LOG_VERB} ne '') {
+               print CONF "verb $sovpnsettings{LOG_VERB}\n";
+       } else {
+               print CONF "verb 3\n";
+       }       
+    print CONF "\n";
+    
+    close(CONF);
+}    
+#
+sub emptyserverlog{
+    if (open(FILE, ">${General::swroot}/ovpn/server.log")) {
+       flock FILE, 2;
+       print FILE "";
+       close FILE;
+    }
+
+}
+
+#hier die refresh page
+if ( -e "${General::swroot}/ovpn/gencanow") {
+    my $refresh = '';
+    $refresh = "<meta http-equiv='refresh' content='15;' />";
+    &Header::showhttpheaders();
+    &Header::openpage($Lang::tr{'OVPN'}, 1, $refresh);
+    &Header::openbigbox('100%', 'center');
+    &Header::openbox('100%', 'left', "$Lang::tr{'generate root/host certificates'}:");
+    print "<tr>\n<td align='center'><img src='/images/clock.gif' alt='' /></td>\n";
+    print "<td colspan='2'><font color='red'>Please be patient this realy can take some time on older hardware...</font></td></tr>\n";
+    &Header::closebox();
+    &Header::closebigbox();
+    &Header::closepage();
+    exit (0);
+}
+##hier die refresh page
+
 
 ###
 ### OpenVPN Server Control
 
 ###
 ### OpenVPN Server Control
@@ -76,29 +404,21 @@ $cgiparams{'DCOMPLZO'} = 'off';
 if ($cgiparams{'ACTION'} eq $Lang::tr{'start ovpn server'} ||
     $cgiparams{'ACTION'} eq $Lang::tr{'stop ovpn server'} ||
     $cgiparams{'ACTION'} eq $Lang::tr{'restart ovpn server'}) {
 if ($cgiparams{'ACTION'} eq $Lang::tr{'start ovpn server'} ||
     $cgiparams{'ACTION'} eq $Lang::tr{'stop ovpn server'} ||
     $cgiparams{'ACTION'} eq $Lang::tr{'restart ovpn server'}) {
-       my $serveractive = `/bin/ps ax|grep server.conf|grep -v grep|awk \'{print \$1}\'`;
     #start openvpn server
     if ($cgiparams{'ACTION'} eq $Lang::tr{'start ovpn server'}){
     #start openvpn server
     if ($cgiparams{'ACTION'} eq $Lang::tr{'start ovpn server'}){
-       &Ovpnfunc::emptyserverlog();
+       &emptyserverlog();
        system('/usr/local/bin/openvpnctrl', '-s');
     }   
     #stop openvpn server
     if ($cgiparams{'ACTION'} eq $Lang::tr{'stop ovpn server'}){
        system('/usr/local/bin/openvpnctrl', '-s');
     }   
     #stop openvpn server
     if ($cgiparams{'ACTION'} eq $Lang::tr{'stop ovpn server'}){
-               if ($serveractive ne ''){
-                       system('/usr/local/bin/openvpnctrl', '-kn2n', $serveractive);
-               }
        system('/usr/local/bin/openvpnctrl', '-k');
        system('/usr/local/bin/openvpnctrl', '-k');
-               &Ovpnfunc::emptyserverlog();    
+       &emptyserverlog();      
     }   
 #    #restart openvpn server
     if ($cgiparams{'ACTION'} eq $Lang::tr{'restart ovpn server'}){
 #workarund, till SIGHUP also works when running as nobody    
     }   
 #    #restart openvpn server
     if ($cgiparams{'ACTION'} eq $Lang::tr{'restart ovpn server'}){
 #workarund, till SIGHUP also works when running as nobody    
-               if ($serveractive ne ''){
-                       system('/usr/local/bin/openvpnctrl', '-kn2n', $serveractive);
-               }
-               system('/usr/local/bin/openvpnctrl', '-k');     
-               &Ovpnfunc::emptyserverlog();
-               system('/usr/local/bin/openvpnctrl', '-s');
+       system('/usr/local/bin/openvpnctrl', '-r');     
+       &emptyserverlog();      
     }       
 }
 
     }       
 }
 
@@ -120,32 +440,6 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'save-adv-options'}) {
     $vpnsettings{'DHCP_DOMAIN'} = $cgiparams{'DHCP_DOMAIN'};
     $vpnsettings{'DHCP_DNS'} = $cgiparams{'DHCP_DNS'};
     $vpnsettings{'DHCP_WINS'} = $cgiparams{'DHCP_WINS'};
     $vpnsettings{'DHCP_DOMAIN'} = $cgiparams{'DHCP_DOMAIN'};
     $vpnsettings{'DHCP_DNS'} = $cgiparams{'DHCP_DNS'};
     $vpnsettings{'DHCP_WINS'} = $cgiparams{'DHCP_WINS'};
-       #additional push route
-       $vpnsettings{'AD_ROUTE1'} = $cgiparams{'AD_ROUTE1'};
-       $vpnsettings{'AD_ROUTE2'} = $cgiparams{'AD_ROUTE2'};
-       $vpnsettings{'AD_ROUTE3'} = $cgiparams{'AD_ROUTE3'};
-       #additional push route
-       
-    #################################################################################
-    #  Added by Philipp Jenni                                                       #
-    #                                                                               #
-    #  Contact: philipp.jenni-at-gmx.ch                                             #
-    #  Date:    2006-04-22                                                          #
-    #  Description:  Add the FAST-IO Parameter from OpenVPN to the Zerina Config    #
-    #                Add the NICE Parameter from OpenVPN to the Zerina Config       #
-    #                Add the MTU-DISC Parameter from OpenVPN to the Zerina Config   #
-    #                Add the MSSFIX Parameter from OpenVPN to the Zerina Config     #
-    #                Add the FRAMGMENT Parameter from OpenVPN to the Zerina Config  #
-    #################################################################################
-    $vpnsettings{'EXTENDED_FASTIO'} = $cgiparams{'EXTENDED_FASTIO'};
-    $vpnsettings{'EXTENDED_NICE'} = $cgiparams{'EXTENDED_NICE'};
-    $vpnsettings{'EXTENDED_MTUDISC'} = $cgiparams{'EXTENDED_MTUDISC'};
-    $vpnsettings{'EXTENDED_MSSFIX'} = $cgiparams{'EXTENDED_MSSFIX'};
-    $vpnsettings{'EXTENDED_FRAGMENT'} = $cgiparams{'EXTENDED_FRAGMENT'};
-    #################################################################################
-    #  End of Inserted Data                                                         #
-    #################################################################################
-
     
     if ($cgiparams{'DHCP_DOMAIN'} ne ''){
        unless (&General::validfqdn($cgiparams{'DHCP_DOMAIN'}) || &General::validip($cgiparams{'DHCP_DOMAIN'})) {
     
     if ($cgiparams{'DHCP_DOMAIN'} ne ''){
        unless (&General::validfqdn($cgiparams{'DHCP_DOMAIN'}) || &General::validip($cgiparams{'DHCP_DOMAIN'})) {
@@ -165,25 +459,6 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'save-adv-options'}) {
        goto ADV_ERROR;
        }
     }
        goto ADV_ERROR;
        }
     }
-       if ($cgiparams{'AD_ROUTE1'} ne ''){
-               if (! &General::validipandmask($cgiparams{'AD_ROUTE1'})) {
-                       $errormessage = $Lang::tr{'route subnet is invalid'};
-                       goto ADV_ERROR;
-               }
-       }
-       if ($cgiparams{'AD_ROUTE2'} ne ''){
-               if (! &General::validipandmask($cgiparams{'AD_ROUTE2'})) {
-                       $errormessage = $Lang::tr{'route subnet is invalid'};
-                       goto ADV_ERROR;
-               }
-       }       
-       if ($cgiparams{'AD_ROUTE3'} ne ''){
-               if (! &General::validipandmask($cgiparams{'AD_ROUTE3'})) {
-                       $errormessage = $Lang::tr{'route subnet is invalid'};
-                       goto ADV_ERROR;
-               }
-       }
-       
     if ((length($cgiparams{'MAX_CLIENTS'}) == 0) || (($cgiparams{'MAX_CLIENTS'}) < 1 ) || (($cgiparams{'MAX_CLIENTS'}) > 255 )) {
         $errormessage = $Lang::tr{'invalid input for max clients'};
         goto ADV_ERROR;
     if ((length($cgiparams{'MAX_CLIENTS'}) == 0) || (($cgiparams{'MAX_CLIENTS'}) < 1 ) || (($cgiparams{'MAX_CLIENTS'}) > 255 )) {
         $errormessage = $Lang::tr{'invalid input for max clients'};
         goto ADV_ERROR;
@@ -206,47 +481,81 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'save-adv-options'}) {
     }
     
     &General::writehash("${General::swroot}/ovpn/settings", \%vpnsettings);
     }
     
     &General::writehash("${General::swroot}/ovpn/settings", \%vpnsettings);
-    &Ovpnfunc::writeserverconf();#hier ok
+    &writeserverconf();#hier ok
 }
 
 }
 
+
+
+
 ###
 ### Save main settings
 ###
 if ($cgiparams{'ACTION'} eq $Lang::tr{'save'} && $cgiparams{'TYPE'} eq '' && $cgiparams{'KEY'} eq '') {
     &General::readhash("${General::swroot}/ovpn/settings", \%vpnsettings);
 ###
 ### Save main settings
 ###
 if ($cgiparams{'ACTION'} eq $Lang::tr{'save'} && $cgiparams{'TYPE'} eq '' && $cgiparams{'KEY'} eq '') {
     &General::readhash("${General::swroot}/ovpn/settings", \%vpnsettings);
-       &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
     #DAN do we really need (to to check) this value? Besides if we listen on blue and orange too,
     #DAN this value has to leave.
     if ($cgiparams{'ENABLED'} eq 'on'){
        unless (&General::validfqdn($cgiparams{'VPN_IP'}) || &General::validip($cgiparams{'VPN_IP'})) {
                $errormessage = $Lang::tr{'invalid input for hostname'};
     #DAN do we really need (to to check) this value? Besides if we listen on blue and orange too,
     #DAN this value has to leave.
     if ($cgiparams{'ENABLED'} eq 'on'){
        unless (&General::validfqdn($cgiparams{'VPN_IP'}) || &General::validip($cgiparams{'VPN_IP'})) {
                $errormessage = $Lang::tr{'invalid input for hostname'};
-               goto SETTINGS_ERROR;
+       goto SETTINGS_ERROR;
        }
     }
     if ($cgiparams{'ENABLED'} eq 'on'){
        }
     }
     if ($cgiparams{'ENABLED'} eq 'on'){
-               $errormessage = &Ovpnfunc::disallowreserved($cgiparams{'DDEST_PORT'},0,$cgiparams{'DPROTOCOL'},"dest");
+       &disallowreserved($cgiparams{'DDEST_PORT'},0,$cgiparams{'DPROTOCOL'},"dest");
     }  
     if ($errormessage) { goto SETTINGS_ERROR; }
     
     
     if ($cgiparams{'ENABLED'} eq 'on'){
     }  
     if ($errormessage) { goto SETTINGS_ERROR; }
     
     
     if ($cgiparams{'ENABLED'} eq 'on'){
-               $errormessage = &Ovpnfunc::checkportfw(0,$cgiparams{'DDEST_PORT'},$cgiparams{'DPROTOCOL'},'0.0.0.0');
+       &checkportfw(0,$cgiparams{'DDEST_PORT'},$cgiparams{'DPROTOCOL'},'0.0.0.0');
     }
        
     if ($errormessage) { goto SETTINGS_ERROR; }
     
     if (! &General::validipandmask($cgiparams{'DOVPN_SUBNET'})) {
     }
        
     if ($errormessage) { goto SETTINGS_ERROR; }
     
     if (! &General::validipandmask($cgiparams{'DOVPN_SUBNET'})) {
-               $errormessage = $Lang::tr{'ovpn subnet is invalid'};
-               goto SETTINGS_ERROR;
-    }
-    my @tmpovpnsubnet = split("\/",$cgiparams{'DOVPN_SUBNET'});        
-    $tmpovpnsubnet[1]  = &Ovpnfunc::cidrormask($tmpovpnsubnet[1]);
-       $cgiparams{'DOVPN_SUBNET'} = "$tmpovpnsubnet[0]/$tmpovpnsubnet[1]";#convert from cidr
-       #plausi1
-       $errormessage = &Ovpnfunc::ovelapplausi($tmpovpnsubnet[0],$tmpovpnsubnet[1]);
-       #plausi1
+            $errormessage = $Lang::tr{'ovpn subnet is invalid'};
+       goto SETTINGS_ERROR;
+    }
+    my @tmpovpnsubnet = split("\/",$cgiparams{'DOVPN_SUBNET'});
+    
+    if (&General::IpInSubnet ( $netsettings{'RED_ADDRESS'}, 
+       $tmpovpnsubnet[0], $tmpovpnsubnet[1])) {
+       $errormessage = "$Lang::tr{'ovpn subnet overlap'} IPFire RED Network $netsettings{'RED_ADDRESS'}";
+       goto SETTINGS_ERROR;
+    }
+    
+    if (&General::IpInSubnet ( $netsettings{'GREEN_ADDRESS'}, 
+       $tmpovpnsubnet[0], $tmpovpnsubnet[1])) {
+        $errormessage = "$Lang::tr{'ovpn subnet overlap'} IPFire Green Network $netsettings{'GREEN_ADDRESS'}";
+        goto SETTINGS_ERROR;
+    }
+
+    if (&General::IpInSubnet ( $netsettings{'BLUE_ADDRESS'}, 
+       $tmpovpnsubnet[0], $tmpovpnsubnet[1])) {
+       $errormessage = "$Lang::tr{'ovpn subnet overlap'} IPFire Blue Network $netsettings{'BLUE_ADDRESS'}";
+       goto SETTINGS_ERROR;
+    }
+    
+    if (&General::IpInSubnet ( $netsettings{'ORANGE_ADDRESS'}, 
+       $tmpovpnsubnet[0], $tmpovpnsubnet[1])) {
+       $errormessage = "$Lang::tr{'ovpn subnet overlap'} IPFire Orange Network $netsettings{'ORANGE_ADDRESS'}";
+       goto SETTINGS_ERROR;
+    }
+    open(ALIASES, "${General::swroot}/ethernet/aliases") or die 'Unable to open aliases file.';
+    while (<ALIASES>)
+    {
+       chomp($_);
+       my @tempalias = split(/\,/,$_);
+       if ($tempalias[1] eq 'on') {
+           if (&General::IpInSubnet ($tempalias[0] , 
+               $tmpovpnsubnet[0], $tmpovpnsubnet[1])) {
+               $errormessage = "$Lang::tr{'ovpn subnet overlap'} IPFire alias entry $tempalias[0]";
+           }           
+       }
+    }
+    close(ALIASES);
     if ($errormessage ne ''){
     if ($errormessage ne ''){
-               goto SETTINGS_ERROR;
+       goto SETTINGS_ERROR;
     }
     if ($cgiparams{'ENABLED'} !~ /^(on|off)$/) {
         $errormessage = $Lang::tr{'invalid input'};
     }
     if ($cgiparams{'ENABLED'} !~ /^(on|off)$/) {
         $errormessage = $Lang::tr{'invalid input'};
@@ -258,17 +567,9 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'save'} && $cgiparams{'TYPE'} eq '' && $cg
     }
     
     unless (&General::validport($cgiparams{'DDEST_PORT'})) {
     }
     
     unless (&General::validport($cgiparams{'DDEST_PORT'})) {
-               $errormessage = $Lang::tr{'invalid port'};
-               goto SETTINGS_ERROR;
+       $errormessage = $Lang::tr{'invalid port'};
+       goto SETTINGS_ERROR;
     }
     }
-       #hhh
-       foreach my $dkey (keys %confighash) {#Check if there is no other entry with this name   
-               if ($confighash{$dkey}[14] eq $cgiparams{'DPROTOCOL'} &&  $confighash{$dkey}[15] eq $cgiparams{'DDEST_PORT'}){                  
-                       $errormessage = "Choosed Protocol/Port combination is already used by connection: $confighash{$dkey}[1]";
-                       goto SETTINGS_ERROR;                    
-               }               
-       }
-       #hhh
     $vpnsettings{'ENABLED_BLUE'} = $cgiparams{'ENABLED_BLUE'};
     $vpnsettings{'ENABLED_ORANGE'} =$cgiparams{'ENABLED_ORANGE'};
     $vpnsettings{'ENABLED'} = $cgiparams{'ENABLED'};
     $vpnsettings{'ENABLED_BLUE'} = $cgiparams{'ENABLED_BLUE'};
     $vpnsettings{'ENABLED_ORANGE'} =$cgiparams{'ENABLED_ORANGE'};
     $vpnsettings{'ENABLED'} = $cgiparams{'ENABLED'};
@@ -283,7 +584,7 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'save'} && $cgiparams{'TYPE'} eq '' && $cg
     $vpnsettings{'DCIPHER'} = $cgiparams{'DCIPHER'};
 #new settings for daemon    
     &General::writehash("${General::swroot}/ovpn/settings", \%vpnsettings);
     $vpnsettings{'DCIPHER'} = $cgiparams{'DCIPHER'};
 #new settings for daemon    
     &General::writehash("${General::swroot}/ovpn/settings", \%vpnsettings);
-    &Ovpnfunc::writeserverconf();#hier ok
+    &writeserverconf();#hier ok
 SETTINGS_ERROR:
 ###
 ### Reset all step 2
 SETTINGS_ERROR:
 ###
 ### Reset all step 2
@@ -293,25 +594,26 @@ SETTINGS_ERROR:
     &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
 
     foreach my $key (keys %confighash) {
     &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
 
     foreach my $key (keys %confighash) {
-               if ($confighash{$key}[4] eq 'cert') {
-                       delete $confighash{$cgiparams{'$key'}};
-               }
+       if ($confighash{$key}[4] eq 'cert') {
+           delete $confighash{$cgiparams{'$key'}};
+       }
     }
     while ($file = glob("${General::swroot}/ovpn/ca/*")) {
     }
     while ($file = glob("${General::swroot}/ovpn/ca/*")) {
-               unlink $file
+       unlink $file
     }
     while ($file = glob("${General::swroot}/ovpn/certs/*")) {
     }
     while ($file = glob("${General::swroot}/ovpn/certs/*")) {
-               unlink $file
+       unlink $file
     }
     while ($file = glob("${General::swroot}/ovpn/crls/*")) {
     }
     while ($file = glob("${General::swroot}/ovpn/crls/*")) {
-               unlink $file
+       unlink $file
     }
     }
-    &Ovpnfunc::cleanssldatabase();
+    &cleanssldatabase();
     if (open(FILE, ">${General::swroot}/ovpn/caconfig")) {
         print FILE "";
         close FILE;
     }
     &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
     if (open(FILE, ">${General::swroot}/ovpn/caconfig")) {
         print FILE "";
         close FILE;
     }
     &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
+    #&writeserverconf();
 ###
 ### Reset all step 1
 ###
 ###
 ### Reset all step 1
 ###
@@ -358,34 +660,34 @@ END
 
     # Check if there is no other entry with this name
     foreach my $key (keys %cahash) {
 
     # Check if there is no other entry with this name
     foreach my $key (keys %cahash) {
-               if ($cahash{$key}[0] eq $cgiparams{'CA_NAME'}) {
-                       $errormessage = $Lang::tr{'a ca certificate with this name already exists'};
-                       goto UPLOADCA_ERROR;
-               }
+       if ($cahash{$key}[0] eq $cgiparams{'CA_NAME'}) {
+           $errormessage = $Lang::tr{'a ca certificate with this name already exists'};
+           goto UPLOADCA_ERROR;
+       }
     }
 
     if (ref ($cgiparams{'FH'}) ne 'Fh') {
     }
 
     if (ref ($cgiparams{'FH'}) ne 'Fh') {
-               $errormessage = $Lang::tr{'there was no file upload'};
-               goto UPLOADCA_ERROR;
+       $errormessage = $Lang::tr{'there was no file upload'};
+       goto UPLOADCA_ERROR;
     }
     # Move uploaded ca to a temporary file
     (my $fh, my $filename) = tempfile( );
     if (copy ($cgiparams{'FH'}, $fh) != 1) {
     }
     # Move uploaded ca to a temporary file
     (my $fh, my $filename) = tempfile( );
     if (copy ($cgiparams{'FH'}, $fh) != 1) {
-               $errormessage = $!;
-               goto UPLOADCA_ERROR;
+       $errormessage = $!;
+       goto UPLOADCA_ERROR;
     }
     my $temp = `/usr/bin/openssl x509 -text -in $filename`;
     }
     my $temp = `/usr/bin/openssl x509 -text -in $filename`;
-       if ($temp !~ /CA:TRUE/i) {
-               $errormessage = $Lang::tr{'not a valid ca certificate'};
-               unlink ($filename);
-               goto UPLOADCA_ERROR;
+    if ($temp !~ /CA:TRUE/i) {
+       $errormessage = $Lang::tr{'not a valid ca certificate'};
+       unlink ($filename);
+       goto UPLOADCA_ERROR;
     } else {
     } else {
-               move($filename, "${General::swroot}/ovpn/ca/$cgiparams{'CA_NAME'}cert.pem");
-               if ($? ne 0) {
-                       $errormessage = "$Lang::tr{'certificate file move failed'}: $!";
-                       unlink ($filename);
-                       goto UPLOADCA_ERROR;
-               }
+       move($filename, "${General::swroot}/ovpn/ca/$cgiparams{'CA_NAME'}cert.pem");
+       if ($? ne 0) {
+           $errormessage = "$Lang::tr{'certificate file move failed'}: $!";
+           unlink ($filename);
+           goto UPLOADCA_ERROR;
+       }
     }
 
     my $casubject = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/ca/$cgiparams{'CA_NAME'}cert.pem`;
     }
 
     my $casubject = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/ca/$cgiparams{'CA_NAME'}cert.pem`;
@@ -399,13 +701,33 @@ END
     $cahash{$key}[0] = $cgiparams{'CA_NAME'};
     $cahash{$key}[1] = $casubject;
     &General::writehasharray("${General::swroot}/ovpn/caconfig", \%cahash);
     $cahash{$key}[0] = $cgiparams{'CA_NAME'};
     $cahash{$key}[1] = $casubject;
     &General::writehasharray("${General::swroot}/ovpn/caconfig", \%cahash);
+#    system('/usr/local/bin/ipsecctrl', 'R');
+
     UPLOADCA_ERROR:
 
 ###
 ### Display ca certificate
 ###
 } elsif ($cgiparams{'ACTION'} eq $Lang::tr{'show ca certificate'}) {
     UPLOADCA_ERROR:
 
 ###
 ### Display ca certificate
 ###
 } elsif ($cgiparams{'ACTION'} eq $Lang::tr{'show ca certificate'}) {
-       &Ovpnfunc::displayca($cgiparams{'KEY'});
+    &General::readhasharray("${General::swroot}/ovpn/caconfig", \%cahash);
+
+    if ( -f "${General::swroot}/ovpn/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem") {
+       &Header::showhttpheaders();
+       &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
+       &Header::openbigbox('100%', 'LEFT', '', $errormessage);
+       &Header::openbox('100%', 'LEFT', "$Lang::tr{'ca certificate'}:");
+       my $output = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem`;
+       $output = &Header::cleanhtml($output,"y");
+       print "<pre>$output</pre>\n";
+       &Header::closebox();
+       print "<div align='center'><a href='/cgi-bin/ovpnmain.cgi'>$Lang::tr{'back'}</a></div>";
+       &Header::closebigbox();
+       &Header::closepage();
+       exit(0);
+    } else {
+       $errormessage = $Lang::tr{'invalid key'};
+    }
+
 ###
 ### Download ca certificate
 ###
 ###
 ### Download ca certificate
 ###
@@ -432,15 +754,22 @@ END
        foreach my $key (keys %confighash) {
            my $test = `/usr/bin/openssl verify -CAfile ${General::swroot}/ovpn/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem ${General::swroot}/ovpn/certs/$confighash{$key}[1]cert.pem`;
            if ($test =~ /: OK/) {
        foreach my $key (keys %confighash) {
            my $test = `/usr/bin/openssl verify -CAfile ${General::swroot}/ovpn/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem ${General::swroot}/ovpn/certs/$confighash{$key}[1]cert.pem`;
            if ($test =~ /: OK/) {
+               # Delete connection
+#              if ($vpnsettings{'ENABLED'} eq 'on' ||
+#                  $vpnsettings{'ENABLED_BLUE'} eq 'on') {
+#                  system('/usr/local/bin/ipsecctrl', 'D', $key);
+#              }
                unlink ("${General::swroot}/ovpn//certs/$confighash{$key}[1]cert.pem");
                unlink ("${General::swroot}/ovpn/certs/$confighash{$key}[1].p12");
                delete $confighash{$key};
                &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
                unlink ("${General::swroot}/ovpn//certs/$confighash{$key}[1]cert.pem");
                unlink ("${General::swroot}/ovpn/certs/$confighash{$key}[1].p12");
                delete $confighash{$key};
                &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
+#              &writeipsecfiles();
            }
        }
        unlink ("${General::swroot}/ovpn/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem");
        delete $cahash{$cgiparams{'KEY'}};
        &General::writehasharray("${General::swroot}/ovpn/caconfig", \%cahash);
            }
        }
        unlink ("${General::swroot}/ovpn/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem");
        delete $cahash{$cgiparams{'KEY'}};
        &General::writehasharray("${General::swroot}/ovpn/caconfig", \%cahash);
+#      system('/usr/local/bin/ipsecctrl', 'R');
     } else {
        $errormessage = $Lang::tr{'invalid key'};
     }
     } else {
        $errormessage = $Lang::tr{'invalid key'};
     }
@@ -492,8 +821,27 @@ END
 ###
 ### Display root certificate
 ###
 ###
 ### Display root certificate
 ###
-}elsif ($cgiparams{'ACTION'} eq $Lang::tr{'show root certificate'} || $cgiparams{'ACTION'} eq $Lang::tr{'show host certificate'}) {
-       &Ovpnfunc::displayroothost($cgiparams{'ACTION'});
+}elsif ($cgiparams{'ACTION'} eq $Lang::tr{'show root certificate'} ||
+    $cgiparams{'ACTION'} eq $Lang::tr{'show host certificate'}) {
+    my $output;
+    &Header::showhttpheaders();
+    &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
+    &Header::openbigbox('100%', 'LEFT', '', '');
+    if ($cgiparams{'ACTION'} eq $Lang::tr{'show root certificate'}) {
+       &Header::openbox('100%', 'LEFT', "$Lang::tr{'root certificate'}:");
+       $output = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/ca/cacert.pem`;
+    } else {
+       &Header::openbox('100%', 'LEFT', "$Lang::tr{'host certificate'}:");
+       $output = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/certs/servercert.pem`;
+    }
+    $output = &Header::cleanhtml($output,"y");
+    print "<pre>$output</pre>\n";
+    &Header::closebox();
+    print "<div align='center'><a href='/cgi-bin/ovpnmain.cgi'>$Lang::tr{'back'}</a></div>";
+    &Header::closebigbox();
+    &Header::closepage();
+    exit(0);
+
 ###
 ### Download root certificate
 ###
 ###
 ### Download root certificate
 ###
@@ -721,7 +1069,7 @@ END
        (my $state = $cgiparams{'ROOTCERT_STATE'}) =~ s/^\s*$/\./;
 
        # refresh
        (my $state = $cgiparams{'ROOTCERT_STATE'}) =~ s/^\s*$/\./;
 
        # refresh
-       #system ('/usr/bin/touch', "${General::swroot}/ovpn/gencanow");
+       #system ('/bin/touch', "${General::swroot}/ovpn/gencanow");
        
        # Create the CA certificate
        my $pid = open(OPENSSL, "|-");
        
        # Create the CA certificate
        my $pid = open(OPENSSL, "|-");
@@ -802,11 +1150,11 @@ END
            unlink ("${General::swroot}/ovpn/serverkey.pem");
            unlink ("${General::swroot}/ovpn/certs/serverreq.pem");
            unlink ("${General::swroot}/ovpn/certs/servercert.pem");
            unlink ("${General::swroot}/ovpn/serverkey.pem");
            unlink ("${General::swroot}/ovpn/certs/serverreq.pem");
            unlink ("${General::swroot}/ovpn/certs/servercert.pem");
-           &Ovpnfunc::newcleanssldatabase();
+           &newcleanssldatabase();
            goto ROOTCERT_ERROR;
        } else {
            unlink ("${General::swroot}/ovpn/certs/serverreq.pem");
            goto ROOTCERT_ERROR;
        } else {
            unlink ("${General::swroot}/ovpn/certs/serverreq.pem");
-           &Ovpnfunc::deletebackupcert();
+           &deletebackupcert();
        }
 
        # Create an empty CRL
        }
 
        # Create an empty CRL
@@ -819,8 +1167,10 @@ END
            unlink ("${General::swroot}/ovpn/certs/servercert.pem");
            unlink ("${General::swroot}/ovpn/ca/cacert.pem");
            unlink ("${General::swroot}/ovpn/crls/cacrl.pem");      
            unlink ("${General::swroot}/ovpn/certs/servercert.pem");
            unlink ("${General::swroot}/ovpn/ca/cacert.pem");
            unlink ("${General::swroot}/ovpn/crls/cacrl.pem");      
-           &Ovpnfunc::cleanssldatabase();
+           &cleanssldatabase();
            goto ROOTCERT_ERROR;
            goto ROOTCERT_ERROR;
+#      } else {
+#          &cleanssldatabase();
        }
        # Create Diffie Hellmann Parameter
        system('/usr/bin/openssl', 'dhparam', '-rand', '/proc/interrupts:/proc/net/rt_cache',
        }
        # Create Diffie Hellmann Parameter
        system('/usr/bin/openssl', 'dhparam', '-rand', '/proc/interrupts:/proc/net/rt_cache',
@@ -833,8 +1183,10 @@ END
            unlink ("${General::swroot}/ovpn/ca/cacert.pem");
            unlink ("${General::swroot}/ovpn/crls/cacrl.pem");
            unlink ("${General::swroot}/ovpn/ca/dh1024.pem");
            unlink ("${General::swroot}/ovpn/ca/cacert.pem");
            unlink ("${General::swroot}/ovpn/crls/cacrl.pem");
            unlink ("${General::swroot}/ovpn/ca/dh1024.pem");
-           &Ovpnfunc::cleanssldatabase();
+           &cleanssldatabase();
            goto ROOTCERT_ERROR;
            goto ROOTCERT_ERROR;
+#      } else {
+#          &cleanssldatabase();
        }       
        goto ROOTCERT_SUCCESS;
     }
        }       
        goto ROOTCERT_SUCCESS;
     }
@@ -919,33 +1271,40 @@ END
 
     ROOTCERT_SUCCESS:
     system ("chmod 600 ${General::swroot}/ovpn/certs/serverkey.pem");
 
     ROOTCERT_SUCCESS:
     system ("chmod 600 ${General::swroot}/ovpn/certs/serverkey.pem");
+#    if ($vpnsettings{'ENABLED'} eq 'on' ||
+#      $vpnsettings{'ENABLE_BLUE'} eq 'on') {
+#      system('/usr/local/bin/ipsecctrl', 'S');
+#    }
 
 ###
 ### Enable/Disable connection
 ###
 }elsif ($cgiparams{'ACTION'} eq $Lang::tr{'toggle enable disable'}) {
 
 ###
 ### Enable/Disable connection
 ###
 }elsif ($cgiparams{'ACTION'} eq $Lang::tr{'toggle enable disable'}) {
+    
+    &General::readhash("${General::swroot}/ovpn/settings", \%vpnsettings);
     &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
     &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
+
     if ($confighash{$cgiparams{'KEY'}}) {
     if ($confighash{$cgiparams{'KEY'}}) {
-               my $n2nactive = `/bin/ps ax|grep $confighash{$cgiparams{'KEY'}}[1].conf|grep -v grep|awk \'{print \$1}\'`;
-               if ($confighash{$cgiparams{'KEY'}}[0] eq 'off') {
-                       $confighash{$cgiparams{'KEY'}}[0] = 'on';
-                       &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
-                       if ($n2nactive eq ''){
-                               system('/usr/local/bin/openvpnctrl', '-sn2n', $confighash{$cgiparams{'KEY'}}[1]);
-                       } else {
-                               system('/usr/local/bin/openvpnctrl', '-kn2n', $n2nactive);
-                               system('/usr/local/bin/openvpnctrl', '-sn2n', $confighash{$cgiparams{'KEY'}}[1]);
-                       }                       
-               } else {
-                       $confighash{$cgiparams{'KEY'}}[0] = 'off';
-                       &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
-                       if ($n2nactive ne ''){                          
-                               system('/usr/local/bin/openvpnctrl', '-kn2n', $n2nactive);
-                       }                                               
-               }
-    } else {
-               $errormessage = $Lang::tr{'invalid key'};
+       if ($confighash{$cgiparams{'KEY'}}[0] eq 'off') {
+           $confighash{$cgiparams{'KEY'}}[0] = 'on';
+           &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
+           #&writeserverconf();
+#          if ($vpnsettings{'ENABLED'} eq 'on' ||
+#              $vpnsettings{'ENABLED_BLUE'} eq 'on') {
+#              system('/usr/local/bin/ipsecctrl', 'S', $cgiparams{'KEY'});
+#          }
+       } else {
+           $confighash{$cgiparams{'KEY'}}[0] = 'off';
+#          if ($vpnsettings{'ENABLED'} eq 'on' ||
+#              $vpnsettings{'ENABLED_BLUE'} eq 'on') {
+#              system('/usr/local/bin/ipsecctrl', 'D', $cgiparams{'KEY'});
+#          }
+           &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
+           #&writeserverconf();
        }
        }
+    } else {
+       $errormessage = $Lang::tr{'invalid key'};
+    }
 
 ###
 ### Download OpenVPN client package
 
 ###
 ### Download OpenVPN client package
@@ -956,69 +1315,51 @@ END
     my $file = '';
     my $clientovpn = '';
     my @fileholder;
     my $file = '';
     my $clientovpn = '';
     my @fileholder;
-       my $uhost3 = '';
-       my $uhost = `/bin/uname -n`;
-       if ($uhost ne '') {
-               my @uhost2 = split /\./, $uhost;
-               $uhost3 = $uhost2[0];
-       } else {
-               $uhost3 = "IPFire";
-       }       
     my $tempdir = tempdir( CLEANUP => 1 );
     my $zippath = "$tempdir/";
     my $tempdir = tempdir( CLEANUP => 1 );
     my $zippath = "$tempdir/";
-    my $zipname = "$confighash{$cgiparams{'KEY'}}[1]-TO-$uhost3.zip";
+    my $zipname = "$confighash{$cgiparams{'KEY'}}[1]-TO-IPFire.zip";
     my $zippathname = "$zippath$zipname";
     my $zippathname = "$zippath$zipname";
-    #anna
-    if ($confighash{$cgiparams{'KEY'}}[3] eq 'net'){
-               $zerinaclient = 'true';
-               &Ovpnfunc::writenet2netconf($cgiparams{'KEY'},$zerinaclient);
-               exit(0);
-       }
-    $clientovpn = "$confighash{$cgiparams{'KEY'}}[1]-TO-$uhost3.ovpn";
-    open(CLIENTCONF, ">$tempdir/$clientovpn") or die "Unable to open tempfile: $clientovpn $!";
+    $clientovpn = "$confighash{$cgiparams{'KEY'}}[1]-TO-IPFire.ovpn";
+    open(CLIENTCONF, ">$tempdir/$clientovpn") or die "Unable to open tempfile: $!";
     flock CLIENTCONF, 2;
     
     my $zip = Archive::Zip->new();
     
     flock CLIENTCONF, 2;
     
     my $zip = Archive::Zip->new();
     
-    print CLIENTCONF "#OpenVPN Client conf\r\n";
+    print CLIENTCONF "#OpenVPN Server conf\r\n";
     print CLIENTCONF "tls-client\r\n";
     print CLIENTCONF "client\r\n";
     print CLIENTCONF "dev $vpnsettings{'DDEVICE'}\r\n";
     print CLIENTCONF "tls-client\r\n";
     print CLIENTCONF "client\r\n";
     print CLIENTCONF "dev $vpnsettings{'DDEVICE'}\r\n";
-       if ($vpnsettings{'DPROTOCOL'} eq 'tcp') {
-               print CLIENTCONF "proto $vpnsettings{'DPROTOCOL'}-client\r\n";
-       } else {        
-               print CLIENTCONF "proto $vpnsettings{'DPROTOCOL'}\r\n";
-       }       
+    print CLIENTCONF "proto $vpnsettings{'DPROTOCOL'}\r\n";
     print CLIENTCONF "$vpnsettings{'DDEVICE'}-mtu $vpnsettings{'DMTU'}\r\n";
     if ( $vpnsettings{'ENABLED'} eq 'on'){
        print CLIENTCONF "remote $vpnsettings{'VPN_IP'} $vpnsettings{'DDEST_PORT'}\r\n";
     print CLIENTCONF "$vpnsettings{'DDEVICE'}-mtu $vpnsettings{'DMTU'}\r\n";
     if ( $vpnsettings{'ENABLED'} eq 'on'){
        print CLIENTCONF "remote $vpnsettings{'VPN_IP'} $vpnsettings{'DDEST_PORT'}\r\n";
-               if ( $vpnsettings{'ENABLED_BLUE'} eq 'on' && (&Ovpnfunc::haveBlueNet())){       
-                       print CLIENTCONF "#Coment the above line and uncoment the next line, if you want to connect on the Blue interface\r\n"; 
-                       print CLIENTCONF ";remote $netsettings{'BLUE_ADDRESS'} $vpnsettings{'DDEST_PORT'}\r\n";
-               }
-               if ( $vpnsettings{'ENABLED_ORANGE'} eq 'on' && (&Ovpnfunc::haveOrangeNet())){
-                       print CLIENTCONF "#Coment the above line and uncoment the next line, if you want to connect on the Orange interface\r\n";               
-                       print CLIENTCONF ";remote $netsettings{'ORANGE_ADDRESS'} $vpnsettings{'DDEST_PORT'}\r\n";
-               }
-    } elsif ( $vpnsettings{'ENABLED_BLUE'} eq 'on' && (&Ovpnfunc::haveBlueNet())){
-               print CLIENTCONF "remote $netsettings{'BLUE_ADDRESS'} $vpnsettings{'DDEST_PORT'}\r\n";
-               if ( $vpnsettings{'ENABLED_ORANGE'} eq 'on' && (&Ovpnfunc::haveOrangeNet())){
-                       print CLIENTCONF "#Coment the above line and uncoment the next line, if you want to connect on the Orange interface\r\n";               
-                       print CLIENTCONF ";remote $netsettings{'ORANGE_ADDRESS'} $vpnsettings{'DDEST_PORT'}\r\n";
-               }
-    } elsif ( $vpnsettings{'ENABLED_ORANGE'} eq 'on' && (&Ovpnfunc::haveOrangeNet())){
-               print CLIENTCONF "remote $netsettings{'ORANGE_ADDRESS'} $vpnsettings{'DDEST_PORT'}\r\n";
+       if ( $vpnsettings{'ENABLED_BLUE'} eq 'on' && (&haveBlueNet())){ 
+           print CLIENTCONF "#Coment the above line and uncoment the next line, if you want to connect on the Blue interface\r\n";     
+           print CLIENTCONF ";remote $netsettings{'BLUE_ADDRESS'} $vpnsettings{'DDEST_PORT'}\r\n";
+       }
+       if ( $vpnsettings{'ENABLED_ORANGE'} eq 'on' && (&haveOrangeNet())){
+           print CLIENTCONF "#Coment the above line and uncoment the next line, if you want to connect on the Orange interface\r\n";           
+           print CLIENTCONF ";remote $netsettings{'ORANGE_ADDRESS'} $vpnsettings{'DDEST_PORT'}\r\n";
+       }
+    } elsif ( $vpnsettings{'ENABLED_BLUE'} eq 'on' && (&haveBlueNet())){
+       print CLIENTCONF "remote $netsettings{'BLUE_ADDRESS'} $vpnsettings{'DDEST_PORT'}\r\n";
+       if ( $vpnsettings{'ENABLED_ORANGE'} eq 'on' && (&haveOrangeNet())){
+           print CLIENTCONF "#Coment the above line and uncoment the next line, if you want to connect on the Orange interface\r\n";           
+           print CLIENTCONF ";remote $netsettings{'ORANGE_ADDRESS'} $vpnsettings{'DDEST_PORT'}\r\n";
+       }
+    } elsif ( $vpnsettings{'ENABLED_ORANGE'} eq 'on' && (&haveOrangeNet())){
+       print CLIENTCONF "remote $netsettings{'ORANGE_ADDRESS'} $vpnsettings{'DDEST_PORT'}\r\n";
     }
                        
     if ($confighash{$cgiparams{'KEY'}}[4] eq 'cert' && -f "${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12") { 
     }
                        
     if ($confighash{$cgiparams{'KEY'}}[4] eq 'cert' && -f "${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12") { 
-               print CLIENTCONF "pkcs12 $confighash{$cgiparams{'KEY'}}[1].p12\r\n";
-               $zip->addFile( "${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12", "$confighash{$cgiparams{'KEY'}}[1].p12") or die "Can't add file $confighash{$cgiparams{'KEY'}}[1].p12\n";
+       print CLIENTCONF "pkcs12 $confighash{$cgiparams{'KEY'}}[1].p12\r\n";
+       $zip->addFile( "${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12", "$confighash{$cgiparams{'KEY'}}[1].p12") or die "Can't add file $confighash{$cgiparams{'KEY'}}[1].p12\n";
     } else {
     } else {
-               print CLIENTCONF "ca cacert.pem\r\n";
-               print CLIENTCONF "cert $confighash{$cgiparams{'KEY'}}[1]cert.pem\r\n";
-               print CLIENTCONF "key $confighash{$cgiparams{'KEY'}}[1].key\r\n";
-               $zip->addFile( "${General::swroot}/ovpn/ca/cacert.pem", "cacert.pem")  or die "Can't add file cacert.pem\n";
-               $zip->addFile( "${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem", "$confighash{$cgiparams{'KEY'}}[1]cert.pem") or die "Can't add file $confighash{$cgiparams{'KEY'}}[1]cert.pem\n";    
+       print CLIENTCONF "ca cacert.pem\r\n";
+       print CLIENTCONF "cert $confighash{$cgiparams{'KEY'}}[1]cert.pem\r\n";
+       print CLIENTCONF "key $confighash{$cgiparams{'KEY'}}[1].key\r\n";
+       $zip->addFile( "${General::swroot}/ovpn/ca/cacert.pem", "cacert.pem")  or die "Can't add file cacert.pem\n";
+       $zip->addFile( "${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem", "$confighash{$cgiparams{'KEY'}}[1]cert.pem") or die "Can't add file $confighash{$cgiparams{'KEY'}}[1]cert.pem\n";    
     }
     print CLIENTCONF "cipher $vpnsettings{DCIPHER}\r\n";
     if ($vpnsettings{DCOMPLZO} eq 'on') {
     }
     print CLIENTCONF "cipher $vpnsettings{DCIPHER}\r\n";
     if ($vpnsettings{DCOMPLZO} eq 'on') {
@@ -1043,24 +1384,22 @@ END
 } elsif ($cgiparams{'ACTION'} eq $Lang::tr{'remove'}) {
     &General::readhash("${General::swroot}/ovpn/settings", \%vpnsettings);
     &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
 } elsif ($cgiparams{'ACTION'} eq $Lang::tr{'remove'}) {
     &General::readhash("${General::swroot}/ovpn/settings", \%vpnsettings);
     &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
-       if ($confighash{$cgiparams{'KEY'}}) {
-               if ($confighash{$cgiparams{'KEY'}}[19] eq 'yes') {                      
-                       &Ovpnfunc::killconnection($cgiparams{'KEY'});
-                       &Ovpnfunc::removenet2netconf($cgiparams{'KEY'});
-                       delete $confighash{$cgiparams{'KEY'}};
-                       &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);           
-               } else {
-                       my $temp = `/usr/bin/openssl ca -revoke ${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem -config ${General::swroot}/ovpn/openssl/ovpn.cnf`;
-                       unlink ("${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem");
-                       unlink ("${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12");
-                       &Ovpnfunc::killconnection($cgiparams{'KEY'});
-                       &Ovpnfunc::removenet2netconf($cgiparams{'KEY'});
-                       delete $confighash{$cgiparams{'KEY'}};
-                       my $temp2 = `/usr/bin/openssl ca -gencrl -out ${General::swroot}/ovpn/crls/cacrl.pem -config ${General::swroot}/ovpn/openssl/ovpn.cnf`;
-                       &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
-               }       
+
+    if ($confighash{$cgiparams{'KEY'}}) {
+#      if ($vpnsettings{'ENABLED'} eq 'on' ||
+#          $vpnsettings{'ENABLED_BLUE'} eq 'on') {
+#          system('/usr/local/bin/ipsecctrl', 'D', $cgiparams{'KEY'});
+#      }
+#
+       my $temp = `/usr/bin/openssl ca -revoke ${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem -config ${General::swroot}/ovpn/openssl/ovpn.cnf`;
+       unlink ("${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem");
+       unlink ("${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12");
+       delete $confighash{$cgiparams{'KEY'}};
+       my $temp2 = `/usr/bin/openssl ca -gencrl -out ${General::swroot}/ovpn/crls/cacrl.pem -config ${General::swroot}/ovpn/openssl/ovpn.cnf`;
+       &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
+       #&writeserverconf();
     } else {
     } else {
-               $errormessage = $Lang::tr{'invalid key'};
+       $errormessage = $Lang::tr{'invalid key'};
     }
 ###
 ### Download PKCS12 file
     }
 ###
 ### Download PKCS12 file
@@ -1080,36 +1419,38 @@ END
     &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
 
     if ( -f "${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem") {
     &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
 
     if ( -f "${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem") {
-               &Header::showhttpheaders();
-               &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
-               &Header::openbigbox('100%', 'LEFT', '', '');
-               &Header::openbox('100%', 'LEFT', "$Lang::tr{'certificate'}:");
-               my $output = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem`;
-               $output = &Header::cleanhtml($output,"y");
-               print "<pre>$output</pre>\n";
-               &Header::closebox();
-               print "<div align='center'><a href='/cgi-bin/ovpnmain.cgi'>$Lang::tr{'back'}</a></div>";
-               &Header::closebigbox();
-               &Header::closepage();
-               exit(0);
+       &Header::showhttpheaders();
+       &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
+       &Header::openbigbox('100%', 'LEFT', '', '');
+       &Header::openbox('100%', 'LEFT', "$Lang::tr{'certificate'}:");
+       my $output = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem`;
+       $output = &Header::cleanhtml($output,"y");
+       print "<pre>$output</pre>\n";
+       &Header::closebox();
+       print "<div align='center'><a href='/cgi-bin/ovpnmain.cgi'>$Lang::tr{'back'}</a></div>";
+       &Header::closebigbox();
+       &Header::closepage();
+       exit(0);
     }
 ###
 ### Display Certificate Revoke List
 ###
 } elsif ($cgiparams{'ACTION'} eq $Lang::tr{'show crl'}) {
     }
 ###
 ### Display Certificate Revoke List
 ###
 } elsif ($cgiparams{'ACTION'} eq $Lang::tr{'show crl'}) {
+#    &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
+
     if ( -f "${General::swroot}/ovpn/crls/cacrl.pem") {
     if ( -f "${General::swroot}/ovpn/crls/cacrl.pem") {
-               &Header::showhttpheaders();
-               &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
-               &Header::openbigbox('100%', 'LEFT', '', '');
-               &Header::openbox('100%', 'LEFT', "$Lang::tr{'crl'}:");
-               my $output = `/usr/bin/openssl crl -text -noout -in ${General::swroot}/ovpn/crls/cacrl.pem`;
-               $output = &Header::cleanhtml($output,"y");
-               print "<pre>$output</pre>\n";
-               &Header::closebox();
-               print "<div align='center'><a href='/cgi-bin/ovpnmain.cgi'>$Lang::tr{'back'}</a></div>";
-               &Header::closebigbox();
-               &Header::closepage();
-               exit(0);
+       &Header::showhttpheaders();
+       &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
+       &Header::openbigbox('100%', 'LEFT', '', '');
+       &Header::openbox('100%', 'LEFT', "$Lang::tr{'crl'}:");
+       my $output = `/usr/bin/openssl crl -text -noout -in ${General::swroot}/ovpn/crls/cacrl.pem`;
+       $output = &Header::cleanhtml($output,"y");
+       print "<pre>$output</pre>\n";
+       &Header::closebox();
+       print "<div align='center'><a href='/cgi-bin/ovpnmain.cgi'>$Lang::tr{'back'}</a></div>";
+       &Header::closebigbox();
+       &Header::closepage();
+       exit(0);
     }
 
 ###
     }
 
 ###
@@ -1122,23 +1463,23 @@ END
     %confighash = ();
     &General::readhash("${General::swroot}/ovpn/settings", \%cgiparams);
 
     %confighash = ();
     &General::readhash("${General::swroot}/ovpn/settings", \%cgiparams);
 
+#    if ($cgiparams{'CLIENT2CLIENT'} eq '') {
+#      $cgiparams{'CLIENT2CLIENT'} =  'on';     
+#    }
 ADV_ERROR:
     if ($cgiparams{'MAX_CLIENTS'} eq '') {
 ADV_ERROR:
     if ($cgiparams{'MAX_CLIENTS'} eq '') {
-               $cgiparams{'MAX_CLIENTS'} =  '100';     
+       $cgiparams{'MAX_CLIENTS'} =  '100';     
     }
     
     if ($cgiparams{'KEEPALIVE_1'} eq '') {
     }
     
     if ($cgiparams{'KEEPALIVE_1'} eq '') {
-               $cgiparams{'KEEPALIVE_1'} =  '10';     
+       $cgiparams{'KEEPALIVE_1'} =  '10';     
     }
     if ($cgiparams{'KEEPALIVE_2'} eq '') {
     }
     if ($cgiparams{'KEEPALIVE_2'} eq '') {
-               $cgiparams{'KEEPALIVE_2'} =  '60';     
+       $cgiparams{'KEEPALIVE_2'} =  '60';     
     }
     if ($cgiparams{'LOG_VERB'} eq '') {
     }
     if ($cgiparams{'LOG_VERB'} eq '') {
-               $cgiparams{'LOG_VERB'} =  '3';     
+       $cgiparams{'LOG_VERB'} =  '3';     
     }
     }
-       if ($cgiparams{'EXTENDED_NICE'} eq '') {
-               $cgiparams{'EXTENDED_NICE'} =  '0';     
-    }  
     $checked{'CLIENT2CLIENT'}{'off'} = '';
     $checked{'CLIENT2CLIENT'}{'on'} = '';
     $checked{'CLIENT2CLIENT'}{$cgiparams{'CLIENT2CLIENT'}} = 'CHECKED';
     $checked{'CLIENT2CLIENT'}{'off'} = '';
     $checked{'CLIENT2CLIENT'}{'on'} = '';
     $checked{'CLIENT2CLIENT'}{$cgiparams{'CLIENT2CLIENT'}} = 'CHECKED';
@@ -1158,44 +1499,15 @@ ADV_ERROR:
     $selected{'LOG_VERB'}{'11'} = '';
     $selected{'LOG_VERB'}{'0'} = '';
     $selected{'LOG_VERB'}{$cgiparams{'LOG_VERB'}} = 'SELECTED';
     $selected{'LOG_VERB'}{'11'} = '';
     $selected{'LOG_VERB'}{'0'} = '';
     $selected{'LOG_VERB'}{$cgiparams{'LOG_VERB'}} = 'SELECTED';
-
-    #################################################################################
-    #  Added by Philipp Jenni                                                       #
-    #                                                                               #
-    #  Contact: philipp.jenni-at-gmx.ch                                             #
-    #  Date:    2006-04-22                                                          #
-    #  Description:  Definitions to set the FASTIO Checkbox                         #
-    #                Definitions to set the MTUDISC Checkbox                        #
-    #                Definitions to set the NICE Selectionbox                       #
-    #################################################################################
-    $checked{'EXTENDED_FASTIO'}{'off'} = '';
-    $checked{'EXTENDED_FASTIO'}{'on'} = '';
-    $checked{'EXTENDED_FASTIO'}{$cgiparams{'EXTENDED_FASTIO'}} = 'CHECKED';
-    $checked{'EXTENDED_MTUDISC'}{'off'} = '';
-    $checked{'EXTENDED_MTUDISC'}{'on'} = '';
-    $checked{'EXTENDED_MTUDISC'}{$cgiparams{'EXTENDED_MTUDISC'}} = 'CHECKED';
-    $selected{'EXTENDED_NICE'}{'-13'} = '';
-    $selected{'EXTENDED_NICE'}{'-10'} = '';
-    $selected{'EXTENDED_NICE'}{'-7'} = '';
-    $selected{'EXTENDED_NICE'}{'-3'} = '';
-    $selected{'EXTENDED_NICE'}{'0'} = '';
-    $selected{'EXTENDED_NICE'}{'3'} = '';
-    $selected{'EXTENDED_NICE'}{'7'} = '';
-    $selected{'EXTENDED_NICE'}{'10'} = '';
-    $selected{'EXTENDED_NICE'}{'13'} = '';
-    $selected{'EXTENDED_NICE'}{$cgiparams{'EXTENDED_NICE'}} = 'SELECTED';
-    #################################################################################
-    #  End of inserted Data                                                         #
-    #################################################################################
     
     &Header::showhttpheaders();
     &Header::openpage($Lang::tr{'status ovpn'}, 1, '');
     &Header::openbigbox('100%', 'LEFT', '', $errormessage);    
     if ($errormessage) {
     
     &Header::showhttpheaders();
     &Header::openpage($Lang::tr{'status ovpn'}, 1, '');
     &Header::openbigbox('100%', 'LEFT', '', $errormessage);    
     if ($errormessage) {
-               &Header::openbox('100%', 'LEFT', $Lang::tr{'error messages'});
-               print "<class name='base'>$errormessage\n";
-               print "&nbsp;</class>\n";
-               &Header::closebox();
+       &Header::openbox('100%', 'LEFT', $Lang::tr{'error messages'});
+       print "<class name='base'>$errormessage\n";
+       print "&nbsp;</class>\n";
+       &Header::closebox();
     }
     &Header::openbox('100%', 'LEFT', $Lang::tr{'advanced server'});
     print <<END
     }
     &Header::openbox('100%', 'LEFT', $Lang::tr{'advanced server'});
     print <<END
@@ -1221,29 +1533,6 @@ ADV_ERROR:
     </tr>
 </table>
 <hr size='1'>
     </tr>
 </table>
 <hr size='1'>
-<!-- Additional push route START-->
-    <table width='100%'>
-    <tr>
-       <td colspan='4'><b>$Lang::tr{'add-route'}</b></td>
-    </tr>
-    <tr>
-       <td width='25%'></td> <td width='20%'> </td><td width='25%'> </td><td width='30%'></td>
-    </tr>      
-    <tr>               
-       <td class='base'>$Lang::tr{'subnet'} 1</td>
-        <td><input type='TEXT' name='AD_ROUTE1' value='$cgiparams{'AD_ROUTE1'}' size='30' /></td>
-    </tr>
-    <tr>       
-       <td class='base'>$Lang::tr{'subnet'} 2</td>
-       <td><input type='TEXT' name='AD_ROUTE2' value='$cgiparams{'AD_ROUTE2'}' size='30' /></td>
-    </tr>      
-    <tr>       
-       <td class='base'>$Lang::tr{'subnet'} 3</td>
-       <td><input type='TEXT' name='AD_ROUTE3' value='$cgiparams{'AD_ROUTE3'}' size='30' /></td>
-    </tr>
-</table>
-<hr size='1'>
-<!-- Additional push route END-->
     <table width='100%'>
     <tr>
        <td class'base'><b>$Lang::tr{'misc-options'}</b></td>
     <table width='100%'>
     <tr>
        <td class'base'><b>$Lang::tr{'misc-options'}</b></td>
@@ -1267,71 +1556,6 @@ ADV_ERROR:
        <td><input type='TEXT' name='KEEPALIVE_1' value='$cgiparams{'KEEPALIVE_1'}' size='30' /></td>
        <td><input type='TEXT' name='KEEPALIVE_2' value='$cgiparams{'KEEPALIVE_2'}' size='30' /></td>
     </tr>      
        <td><input type='TEXT' name='KEEPALIVE_1' value='$cgiparams{'KEEPALIVE_1'}' size='30' /></td>
        <td><input type='TEXT' name='KEEPALIVE_2' value='$cgiparams{'KEEPALIVE_2'}' size='30' /></td>
     </tr>      
-
-<!--                       
-    #################################################################################
-    #  Added by Philipp Jenni                                                       #
-    #                                                                               #
-    #  Contact: philipp.jenni-at-gmx.ch                                             #
-    #  Date:    2006-04-22                                                          #
-    #  Description:  Add the FAST-IO Checkbox to the HTML Form                      #
-    #                Add the NICE Selectionbox to the HTML Form                     #
-    #                Add the MTU-DISC Checkbox to the HTML Form                     #
-    #                Add the MSSFIX Textbox to the HTML Form                        #
-    #                Add the FRAMGMENT Textbox to the HTML Form                     #
-    #  Updates:                                                                     #
-    #  2006-04-27    Include Multilanguage-Support                                  #
-    #################################################################################
--->
-    </tr>
-    <tr>
-      <td class='base'>$Lang::tr{'ovpn_processprio'}</td>        
-      <td>
-        <select name='EXTENDED_NICE'>
-                                 <option value='-13' $selected{'EXTENDED_NICE'}{'-13'}>$Lang::tr{'ovpn_processprioEH'}</option>
-                                 <option value='-10' $selected{'EXTENDED_NICE'}{'-10'}>$Lang::tr{'ovpn_processprioVH'}</option>
-                                 <option value='-7'  $selected{'EXTENDED_NICE'}{'-7'}>$Lang::tr{'ovpn_processprioH'}</option>
-                                 <option value='-3'  $selected{'EXTENDED_NICE'}{'-3'}>$Lang::tr{'ovpn_processprioEN'}</option>
-                                 <option value='0'  $selected{'EXTENDED_NICE'}{'0'}>$Lang::tr{'ovpn_processprioN'}</option>
-                                 <option value='3'  $selected{'EXTENDED_NICE'}{'3'}>$Lang::tr{'ovpn_processprioLN'}</option>
-                                 <option value='7'  $selected{'EXTENDED_NICE'}{'7'}>$Lang::tr{'ovpn_processprioD'}</option>
-                                 <option value='10' $selected{'EXTENDED_NICE'}{'10'}>$Lang::tr{'ovpn_processprioVD'}</option>
-                                 <option value='13' $selected{'EXTENDED_NICE'}{'13'}>$Lang::tr{'ovpn_processprioED'}</option>
-                               </select>
-                 </td>
-               </tr>
-    <tr>
-      <td class='base'>$Lang::tr{'ovpn_fastio'}</td>        
-      <td>
-        <input type='checkbox' name='EXTENDED_FASTIO' $checked{'EXTENDED_FASTIO'}{'on'} />
-                 </td>
-               </tr>
-    <tr>
-      <td class='base'>$Lang::tr{'ovpn_mtudisc'}</td>        
-      <td>
-        <input type='checkbox' name='EXTENDED_MTUDISC' $checked{'EXTENDED_MTUDISC'}{'on'} />
-                 </td>
-               </tr>  
-    <tr>
-      <td class='base'>$Lang::tr{'ovpn_mssfix'}</td>        
-      <td>
-        <input type='TEXT' name='EXTENDED_MSSFIX' value='$cgiparams{'EXTENDED_MSSFIX'}' size='30'/>
-                 </td>
-               </tr>  
-    <tr>
-      <td class='base'>$Lang::tr{'ovpn_fragment'}</td>        
-      <td>
-        <input type='TEXT' name='EXTENDED_FRAGMENT' value='$cgiparams{'EXTENDED_FRAGMENT'}' size='30'/>
-                 </td>
-               </tr>  
-
-<!--
-    #################################################################################
-    #  End of Inserted Data                                                         #
-    #################################################################################
--->
-                       
-    
 </table>
 <hr size='1'>
     <table width='100%'>
 </table>
 <hr size='1'>
     <table width='100%'>
@@ -1354,23 +1578,7 @@ ADV_ERROR:
                                    <option value='9'  $selected{'LOG_VERB'}{'9'}>9</option>
                                    <option value='10' $selected{'LOG_VERB'}{'10'}>10</option>
                                    <option value='11' $selected{'LOG_VERB'}{'11'}>11</option>
                                    <option value='9'  $selected{'LOG_VERB'}{'9'}>9</option>
                                    <option value='10' $selected{'LOG_VERB'}{'10'}>10</option>
                                    <option value='11' $selected{'LOG_VERB'}{'11'}>11</option>
-                                   <option value='0'  $selected{'LOG_VERB'}{'0'}>0</option></select></td>
-<!--                       
-    #################################################################################
-    #  Added by Philipp Jenni                                                       #
-    #                                                                               #
-    #  Contact: philipp.jenni-at-gmx.ch                                             #
-    #  Date:    2006-04-22                                                          #
-    #  Description:  Required </TR> Command from this Table                         #
-    #################################################################################
--->
-    </tr>                                  
-<!--
-    #################################################################################
-    #  End of Inserted Data                                                         #
-    #################################################################################
--->
-           
+                                   <option value='0'  $selected{'LOG_VERB'}{'0'}>0</option></select></td>      
 </table>
 <hr size='1'>
 <table width='100%'>
 </table>
 <hr size='1'>
 <table width='100%'>
@@ -1386,6 +1594,7 @@ END
 ;                                 
 
     &Header::closebox();
 ;                                 
 
     &Header::closebox();
+#    print "<div align='center'><a href='/cgi-bin/ovpnmain.cgi'>$Lang::tr{'back'}</a></div>";
     &Header::closebigbox();
     &Header::closepage();
     exit(0);
     &Header::closebigbox();
     &Header::closepage();
     exit(0);
@@ -1415,7 +1624,7 @@ END
     </tr>
 END
 ;
     </tr>
 END
 ;
-       my $filename = "/var/log/ovpnserver.log";
+       my $filename = "${General::swroot}/ovpn/server.log";
        open(FILE, $filename) or die 'Unable to open config file.';
        my @current = <FILE>;
        close(FILE);
        open(FILE, $filename) or die 'Unable to open config file.';
        my @current = <FILE>;
        close(FILE);
@@ -1434,6 +1643,7 @@ END
                @match = split( /^Updated,(.+)/, $line); 
                $status = $match[1];
            }
                @match = split( /^Updated,(.+)/, $line); 
                $status = $match[1];
            }
+#gian      
            if ( $line =~ /^(.+),(\d+\.\d+\.\d+\.\d+\:\d+),(\d+),(\d+),(.+)/) {
                @match = split(m/^(.+),(\d+\.\d+\.\d+\.\d+\:\d+),(\d+),(\d+),(.+)/, $line);
                if ($match[1] ne "Common Name") {
            if ( $line =~ /^(.+),(\d+\.\d+\.\d+\.\d+\:\d+),(\d+),(\d+),(.+)/) {
                @match = split(m/^(.+),(\d+\.\d+\.\d+\.\d+\:\d+),(\d+),(\d+),(.+)/, $line);
                if ($match[1] ne "Common Name") {
@@ -1441,8 +1651,8 @@ END
                    $userlookup{$match[2]} = $uid;
                    $users[$uid]{'CommonName'} = $match[1];
                    $users[$uid]{'RealAddress'} = $match[2];
                    $userlookup{$match[2]} = $uid;
                    $users[$uid]{'CommonName'} = $match[1];
                    $users[$uid]{'RealAddress'} = $match[2];
-                   $users[$uid]{'BytesReceived'} = &Ovpnfunc::sizeformat($match[3]);
-                   $users[$uid]{'BytesSent'} = &Ovpnfunc::sizeformat($match[4]);
+                   $users[$uid]{'BytesReceived'} = &sizeformat($match[3]);
+                   $users[$uid]{'BytesSent'} = &sizeformat($match[4]);
                    $users[$uid]{'Since'} = $match[5];
                    $users[$uid]{'Proto'} = $proto;
                    $uid++;
                    $users[$uid]{'Since'} = $match[5];
                    $users[$uid]{'Proto'} = $proto;
                    $uid++;
@@ -1463,9 +1673,9 @@ END
        if ($user2 >= 1){
            for (my $idx = 1; $idx <= $user2; $idx++){
                                                if ($idx % 2) {
        if ($user2 >= 1){
            for (my $idx = 1; $idx <= $user2; $idx++){
                                                if ($idx % 2) {
-                                       print "<tr bgcolor='$color{'color20'}'>\n";
+                                       print "<tr bgcolor='${Header::table1colour}'>\n";
                                } else {
                                } else {
-                                       print "<tr bgcolor='$color{'color22'}'>\n";
+                                       print "<tr bgcolor='${Header::table2colour}'>\n";
                                                }
                                                print "<td align='left'>$users[$idx-1]{'CommonName'}</td>";
                                                print "<td align='left'>$users[$idx-1]{'RealAddress'}</td>";
                                                }
                                                print "<td align='left'>$users[$idx-1]{'CommonName'}</td>";
                                                print "<td align='left'>$users[$idx-1]{'RealAddress'}</td>";
@@ -1500,11 +1710,42 @@ END
 ###
 } elsif ($cgiparams{'ACTION'} eq $Lang::tr{'download certificate'}) {
     &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
 ###
 } elsif ($cgiparams{'ACTION'} eq $Lang::tr{'download certificate'}) {
     &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
+
     if ( -f "${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem") {
     if ( -f "${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem") {
-               print "Content-Disposition: filename=" . $confighash{$cgiparams{'KEY'}}[1] . "cert.pem\r\n";
-               print "Content-Type: application/octet-stream\r\n\r\n";
-               print `/bin/cat ${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem`;
-               exit (0);
+       print "Content-Disposition: filename=" . $confighash{$cgiparams{'KEY'}}[1] . "cert.pem\r\n";
+       print "Content-Type: application/octet-stream\r\n\r\n";
+       print `/bin/cat ${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem`;
+       exit (0);
+    }
+
+###
+### Enable/Disable connection
+###
+} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'toggle enable disable'}) {
+    
+    &General::readhash("${General::swroot}/ovpn/settings", \%vpnsettings);
+    &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
+
+    if ($confighash{$cgiparams{'KEY'}}) {
+       if ($confighash{$cgiparams{'KEY'}}[0] eq 'off') {
+           $confighash{$cgiparams{'KEY'}}[0] = 'on';
+           &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
+           #&writeserverconf();
+#          if ($vpnsettings{'ENABLED'} eq 'on' ||
+#              $vpnsettings{'ENABLED_BLUE'} eq 'on') {
+#              system('/usr/local/bin/ipsecctrl', 'S', $cgiparams{'KEY'});
+#          }
+       } else {
+           $confighash{$cgiparams{'KEY'}}[0] = 'off';
+#          if ($vpnsettings{'ENABLED'} eq 'on' ||
+#              $vpnsettings{'ENABLED_BLUE'} eq 'on') {
+#              system('/usr/local/bin/ipsecctrl', 'D', $cgiparams{'KEY'});
+#          }
+           &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
+           #&writeserverconf();
+       }
+    } else {
+       $errormessage = $Lang::tr{'invalid key'};
     }
 
 ###
     }
 
 ###
@@ -1515,28 +1756,53 @@ END
     &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
 
     if ($confighash{$cgiparams{'KEY'}}) {
     &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
 
     if ($confighash{$cgiparams{'KEY'}}) {
+#      if ($vpnsettings{'ENABLED'} eq 'on' ||
+#          $vpnsettings{'ENABLED_BLUE'} eq 'on') {
+#          system('/usr/local/bin/ipsecctrl', 'S', $cgiparams{'KEY'});
+#      }
     } else {
     } else {
-               $errormessage = $Lang::tr{'invalid key'};
+       $errormessage = $Lang::tr{'invalid key'};
     }
 
 ###
     }
 
 ###
-### Choose between adding a host-net or net-net connection
+### Remove connection
 ###
 ###
-} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'add'} && $cgiparams{'TYPE'} eq '') {
-       &General::readhash("${General::swroot}/ovpn/settings", \%vpnsettings);
-       &Header::showhttpheaders();
+} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'remove'}) {
+    &General::readhash("${General::swroot}/ovpn/settings", \%vpnsettings);
+    &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
+
+    if ($confighash{$cgiparams{'KEY'}}) {
+#      if ($vpnsettings{'ENABLED'} eq 'on' ||
+#          $vpnsettings{'ENABLED_BLUE'} eq 'on') {
+#          system('/usr/local/bin/ipsecctrl', 'D', $cgiparams{'KEY'});
+#      }
+       unlink ("${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem");
+       unlink ("${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12");
+       delete $confighash{$cgiparams{'KEY'}};
+       &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
+       #&writeserverconf();
+    } else {
+       $errormessage = $Lang::tr{'invalid key'};
+    }
+#test33
+
+###
+### Choose between adding a host-net or net-net connection
+###
+} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'add'} && $cgiparams{'TYPE'} eq '') {
+       &General::readhash("${General::swroot}/ovpn/settings", \%vpnsettings);
+       &Header::showhttpheaders();
        &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
        &Header::openbigbox('100%', 'LEFT', '', '');
        &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
        &Header::openbigbox('100%', 'LEFT', '', '');
-       &Header::openbox('100%', 'LEFT', "Net to Net $Lang::tr{'connection type'}");
+       &Header::openbox('100%', 'LEFT', $Lang::tr{'connection type'});
        print <<END
            <b>$Lang::tr{'connection type'}:</b><br />
        print <<END
            <b>$Lang::tr{'connection type'}:</b><br />
-           <table><form method='post' enctype='multipart/form-data'>           
-           <tr><td><input type='radio' name='TYPE' value='net' checked /></td>
+           <table><form method='post'>
+           <tr><td><input type='radio' name='TYPE' value='host' checked /></td>
+               <td class='base'>$Lang::tr{'host to net vpn'}</td></tr>
+           <tr><td><input type='radio' name='TYPE' value='net' disabled='disabled' /></td>
                <td class='base'>$Lang::tr{'net to net vpn'}</td></tr>
                <td class='base'>$Lang::tr{'net to net vpn'}</td></tr>
-               <tr><td><input type='radio' name='TYPE' value='zerinan2n' /></td>               
-                       <td class='base'>upload a ZERINA Net-to-Net package</td>
-               <td class='base'><input type='file' name='FH' size='30'></td></tr>              
-           <tr><td align='center'><input type='submit' name='ACTION' value='$Lang::tr{'add'}' /></td></tr>
+           <tr><td align='center' colspan='2'><input type='submit' name='ACTION' value='$Lang::tr{'add'}' /></td></tr>
            </form></table>
 END
        ;
            </form></table>
 END
        ;
@@ -1544,230 +1810,6 @@ END
        &Header::closebigbox();
        &Header::closepage();
        exit (0);
        &Header::closebigbox();
        &Header::closepage();
        exit (0);
-       
-###
-### uploading a ZERINA n2n connection package
-###
-}  elsif (($cgiparams{'ACTION'} eq $Lang::tr{'add'}) && ($cgiparams{'TYPE'} eq 'zerinan2n')){
-       my @zerinaconf;
-       my @confdetails;
-       my $uplconffilename ='';
-       my $uplp12name = '';
-       my $complzoactive ='';
-       my @rem_subnet;
-       my @rem_subnet2;
-       my @tmposupnet3;        
-       my $key;
-       &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);    
-# Move uploaded ZERINA n2n package to a temporary file
-       if (ref ($cgiparams{'FH'}) ne 'Fh') {
-               $errormessage = $Lang::tr{'there was no file upload'};
-               goto ZERINA_ERROR;
-    }
-    # Move uploaded ca to a temporary file
-    (my $fh, my $filename) = tempfile( );
-    if (copy ($cgiparams{'FH'}, $fh) != 1) {
-               $errormessage = $!;
-               goto ZERINA_ERROR;
-    }
-
-       my $zip = Archive::Zip->new();
-       my $zipName = $filename;
-       my $status = $zip->read( $zipName );
-       if ($status != AZ_OK) {   
-               $errormessage = "Read of $zipName failed\n";
-               goto ZERINA_ERROR;
-       }
-       #my $tempdir = tempdir( CLEANUP => 1 );
-       my $tempdir = tempdir();
-       my @files = $zip->memberNames();
-       for(@files) {
-       $zip->extractMemberWithoutPaths($_,"$tempdir/$_");
-       }
-       my $countfiles = @files;
-       # see if we have 2 files
-       if ( $countfiles == 2){
-               foreach (@files){
-                       if ( $_ =~ /.conf$/){
-                               $uplconffilename = $_;
-                       }
-                       if ( $_ =~ /.p12$/){
-                               $uplp12name = $_;
-                       }                       
-               }
-               if (($uplconffilename eq '') || ($uplp12name eq '')){
-                       $errormessage = "Either no *.conf or no *.p12 file found\n";
-                       goto ZERINA_ERROR;
-               }
-               open(FILE, "$tempdir/$uplconffilename") or die 'Unable to open*.conf file';
-               @zerinaconf = <FILE>;
-               close (FILE);
-               chomp(@zerinaconf);
-       } else {
-       # only 2 files are allowed
-               $errormessage = "Filecount does not match only 2 files are allowed\n";
-               goto ZERINA_ERROR;
-       }
-       #prepare imported data not elegant, will be changed later
-       my $ufuk = (@zerinaconf);
-       push(@confdetails, substr($zerinaconf[0],4));#dev tun 0
-       push(@confdetails, substr($zerinaconf[1],8));#mtu value 1
-       push(@confdetails, substr($zerinaconf[2],6));#protocol 2
-       if ($confdetails[2] eq 'tcp-client' || $confdetails[2] eq 'tcp-server') {
-               $confdetails[2] = 'tcp';
-       }       
-       push(@confdetails, substr($zerinaconf[3],5));#port 3
-       push(@confdetails, substr($zerinaconf[4],9));#ovpn subnet 4
-       push(@confdetails, substr($zerinaconf[5],7));#remote ip 5
-       push(@confdetails, $zerinaconf[6]);     #tls-server/tls-client 6
-       push(@confdetails, substr($zerinaconf[7],7));#pkcs12    name 7  
-       push(@confdetails, substr($zerinaconf[$ufuk-1],1));#remote subnet        8
-       push(@confdetails, substr($zerinaconf[9],10));#keepalive 9
-       push(@confdetails, substr($zerinaconf[10],7));#cipher 10        
-       if ($ufuk == 14) {
-               push(@confdetails, $zerinaconf[$ufuk-3]);#complzo        11     
-               $complzoactive = "on";
-       } else {
-               $complzoactive = "off";
-       }       
-       push(@confdetails, substr($zerinaconf[$ufuk-2],5));#verb 12
-       push(@confdetails, substr($zerinaconf[8],6));#localsubnet 13
-       #push(@confdetails, substr($uplconffilename,0,-5));#connection Name 14
-       push(@confdetails, substr($uplp12name,0,-4));#connection Name 14
-       #chomp(@confdetails);   
-       foreach my $dkey (keys %confighash) {#Check if there is no other entry with this name
-               if ($confighash{$dkey}[1] eq $confdetails[$ufuk]) {
-                       $errormessage = $Lang::tr{'a connection with this name already exists'};
-                       goto ZERINA_ERROR;                      
-               }
-       }
-       if ($confdetails[$ufuk] eq 'server') {
-                       $errormessage = $Lang::tr{'server reserved'};
-                       goto ZERINA_ERROR;                      
-       }
-       @rem_subnet2 = split(/ /,$confdetails[4]);
-       @tmposupnet3 = split /\./,$rem_subnet2[0];
-       $errormessage = &Ovpnfunc::ovelapplausi("$tmposupnet3[0].$tmposupnet3[1].$tmposupnet3[2].0","255.255.255.0");
-       if ($errormessage ne ''){
-               goto ZERINA_ERROR;
-       }
-       
-       $key = &General::findhasharraykey (\%confighash);
-       foreach my $i (0 .. 42) { $confighash{$key}[$i] = "";}
-       $confighash{$key}[0] = 'off';
-       $confighash{$key}[1] = $confdetails[$ufuk];
-       #$confighash{$key}[2] = $confdetails[7];        
-       $confighash{$key}[2] = $confdetails[$ufuk];
-       $confighash{$key}[3] = 'net';
-       $confighash{$key}[4] = 'cert';  
-       $confighash{$key}[6] = 'client';                
-       $confighash{$key}[8] = $confdetails[8];         
-       @rem_subnet = split(/ /,$confdetails[$ufuk-1]);
-       $confighash{$key}[11] = "$rem_subnet[0]/$rem_subnet[1]";
-       $confighash{$key}[10] = $confdetails[5];
-       $confighash{$key}[25] = 'imported';
-       $confighash{$key}[12] = 'red';
-       my @tmposupnet = split(/ /,$confdetails[4]);
-       my @tmposupnet2 = split /\./,$tmposupnet[0];
-       $confighash{$key}[13] = "$tmposupnet2[0].$tmposupnet2[1].$tmposupnet2[2].0/255.255.255.0";
-       $confighash{$key}[14] = $confdetails[2];
-       $confighash{$key}[15] = $confdetails[3];
-       $confighash{$key}[16] = $complzoactive;
-       $confighash{$key}[17] = $confdetails[1];
-       $confighash{$key}[18] = '';# nn2nvpn_ip
-       $confighash{$key}[19] = 'yes';# nn2nvpn_ip
-       $confighash{$key}[20] = $confdetails[10];
-       $cgiparams{'KEY'} = $key;
-       &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
-       mkdir("${General::swroot}/ovpn/n2nconf/$confdetails[$ufuk]", 0770);
-       move("$tempdir/$uplconffilename", "${General::swroot}/ovpn/n2nconf/$confdetails[$ufuk]/$uplconffilename");
-       if ($? ne 0) {
-           $errormessage = "*.conf move failed: $!";
-           unlink ($filename);
-           goto ZERINA_ERROR;
-       }
-       move("$tempdir/$uplp12name", "${General::swroot}/ovpn/n2nconf/$confdetails[$ufuk]/$uplp12name");
-       if ($? ne 0) {
-           $errormessage = "$Lang::tr{'certificate file move failed'}: $!";
-           unlink ($filename);
-           goto ZERINA_ERROR;
-       }       
-       ZERINA_ERROR:
-               
-       &Header::showhttpheaders();
-       &Header::openpage('Validate imported configuration', 1, '');
-       &Header::openbigbox('100%', 'LEFT', '', $errormessage);
-       if ($errormessage) {
-           &Header::openbox('100%', 'LEFT', $Lang::tr{'error messages'});
-           print "<class name='base'>$errormessage";
-           print "&nbsp;</class>";
-           &Header::closebox();                
-       } else {                
-               &Header::openbox('100%', 'LEFT', 'Validate imported configuration');
-       }
-       if ($errormessage eq ''){
-               print <<END             
-               <!-- net2net config gui -->
-               <tr><td width='25%'>&nbsp;</td>
-                       <td width='25%'>&nbsp;</td></tr>
-               <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'name'}:</td>
-                       <td><b>$confdetails[$ufuk]</b></td></tr>        
-               <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'Act as'}</td>
-                       <td><b>$confdetails[6]</b></td>                                                         
-                       <td class='boldbase'>$Lang::tr{'remote host/ip'}:</td>
-                       <td><b>$confdetails[5]</b></td></tr>
-               <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'local subnet'}</td>
-                       <td><b>$confighash{$key}[8]</b></td>
-                       <td class='boldbase' nowrap='nowrap'>$Lang::tr{'remote subnet'}</td>
-                       <td><b>$confighash{$key}[11]</b></td></tr>
-               <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'ovpn subnet'}</td>
-                       <td><b>$confighash{$key}[$ufuk-1]</b></td></tr>
-               <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'protocol'}</td>
-                       <td><b>$confdetails[2]</b></td>
-                       <td class='boldbase'>$Lang::tr{'destination port'}:</td>
-                       <td><b>$confdetails[3]</b></td></tr>
-               <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'comp-lzo'}</td>
-                       <td><b>$complzoactive</b></td>
-                       <td class='boldbase'>$Lang::tr{'cipher'}</td>
-                       <td><b>$confdetails[10]</b></td></tr>
-               <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'MTU'}&nbsp;<img src='/blob.gif' /></td>
-                   <td><b>$confdetails[1]</b></td></tr>        
-END
-;      
-       
-               &Header::closebox();
-       }
-       if ($errormessage) {
-               print "<div align='center'><a href='/cgi-bin/ovpnmain.cgi'>$Lang::tr{'back'}</a></div>";
-       } else {        
-               print "<div align='center'><form method='post' enctype='multipart/form-data'><input type='submit' name='ACTION' value='Approved' />";           
-               print "<input type='hidden' name='TYPE' value='zerinan2n' />";
-               print "<input type='hidden' name='KEY' value='$cgiparams{'KEY'}' />";                   
-               print "<input type='submit' name='ACTION' value='Discard' /></div></form>";
-       }       
-       &Header::closebigbox();
-       &Header::closepage();
-       exit(0);        
-
-###
-### Approve Zerina n2n
-###
-}  elsif (($cgiparams{'ACTION'} eq 'Approved') && ($cgiparams{'TYPE'} eq 'zerinan2n')){
-       &Ovpnfunc::writenet2netconf($cgiparams{'KEY'},$zerinaclient);
-###
-### Discard Zerina n2n
-###
-}  elsif (($cgiparams{'ACTION'} eq 'Discard') && ($cgiparams{'TYPE'} eq 'zerinan2n')){
-    &General::readhash("${General::swroot}/ovpn/settings", \%vpnsettings);
-    &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
-
-    if ($confighash{$cgiparams{'KEY'}}) {      
-               &Ovpnfunc::removenet2netconf();
-               delete $confighash{$cgiparams{'KEY'}};  
-               &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);   
-    } else {
-               $errormessage = $Lang::tr{'invalid key'};
-    }  
 ###
 ### Adding a new connection
 ###
 ###
 ### Adding a new connection
 ###
@@ -1780,498 +1822,431 @@ END
     &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
 
     if ($cgiparams{'ACTION'} eq $Lang::tr{'edit'}) {
     &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
 
     if ($cgiparams{'ACTION'} eq $Lang::tr{'edit'}) {
-               if (! $confighash{$cgiparams{'KEY'}}[0]) {
-                       $errormessage = $Lang::tr{'invalid key'};
-                       goto VPNCONF_END;
-               }
-               $cgiparams{'ENABLED'}   = $confighash{$cgiparams{'KEY'}}[0];
-               $cgiparams{'NAME'}      = $confighash{$cgiparams{'KEY'}}[1];
-               $cgiparams{'TYPE'}      = $confighash{$cgiparams{'KEY'}}[3];
-               $cgiparams{'AUTH'}      = $confighash{$cgiparams{'KEY'}}[4];
-               $cgiparams{'PSK'}       = $confighash{$cgiparams{'KEY'}}[5];
-               $cgiparams{'SIDE'}      = $confighash{$cgiparams{'KEY'}}[6];
-               $cgiparams{'LOCAL_SUBNET'} = $confighash{$cgiparams{'KEY'}}[8];
-               $cgiparams{'REMOTE'}    = $confighash{$cgiparams{'KEY'}}[10];
-               $cgiparams{'REMOTE_SUBNET'} = $confighash{$cgiparams{'KEY'}}[11];
-               $cgiparams{'REMARK'}    = $confighash{$cgiparams{'KEY'}}[25];
-               $cgiparams{'INTERFACE'} = $confighash{$cgiparams{'KEY'}}[12];
-               $cgiparams{'OVPN_SUBNET'} = $confighash{$cgiparams{'KEY'}}[13];#new fields      
-               $cgiparams{'PROTOCOL'}    = $confighash{$cgiparams{'KEY'}}[14];
-               $cgiparams{'DEST_PORT'}   = $confighash{$cgiparams{'KEY'}}[15];
-               $cgiparams{'COMPLZO'}     = $confighash{$cgiparams{'KEY'}}[16];
-               $cgiparams{'MTU'}         = $confighash{$cgiparams{'KEY'}}[17];
-               $cgiparams{'N2NVPN_IP'}   = $confighash{$cgiparams{'KEY'}}[18];#new fields
-               $cgiparams{'ZERINA_CLIENT'}       = $confighash{$cgiparams{'KEY'}}[19];#new fields
-               $cgiparams{'CIPHER'}      = $confighash{$cgiparams{'KEY'}}[20];#new fields
-               if ($cgiparams{'ZERINA_CLIENT'} eq ''){
-                       $cgiparams{'ZERINA_CLIENT'} = 'no';
-               }
-    } elsif ($cgiparams{'ACTION'} eq $Lang::tr{'save'}) {#ab hiere error uebernehmen
-               $cgiparams{'REMARK'} = &Header::cleanhtml($cgiparams{'REMARK'});
-               # n2n error
-               if ($cgiparams{'TYPE'} !~ /^(host|net)$/) {
-                       $errormessage = $Lang::tr{'connection type is invalid'};
-                       goto VPNCONF_ERROR;
-               }
-               if ($cgiparams{'NAME'} !~ /^[a-zA-Z0-9]+$/) {
-                       $errormessage = $Lang::tr{'name must only contain characters'};
-                       goto VPNCONF_ERROR;
-               }
-               if ($cgiparams{'NAME'} =~ /^(host|01|block|private|clear|packetdefault|server)$/) {
-                       $errormessage = $Lang::tr{'name is invalid'};
-                       goto VPNCONF_ERROR;
-               }
-               if (length($cgiparams{'NAME'}) >60) {
-                       $errormessage = $Lang::tr{'name too long'};
-                       goto VPNCONF_ERROR;
-               }
-               if (! $cgiparams{'KEY'}) {# Check if there is no other entry with this name
-                       foreach my $key (keys %confighash) {
-                               if ($confighash{$key}[1] eq $cgiparams{'NAME'}) {
-                                       $errormessage = $Lang::tr{'a connection with this name already exists'};
-                                       goto VPNCONF_ERROR;
-                               }
-                       }
-               }               
-               if (($cgiparams{'TYPE'} eq 'net') && (! $cgiparams{'REMOTE'})) {
-                       $errormessage = $Lang::tr{'invalid input for remote host/ip'};
-                       goto VPNCONF_ERROR;
-               }
-               if ($cgiparams{'REMOTE'}) {
-                       if (! &General::validip($cgiparams{'REMOTE'})) {
-                               if (! &General::validfqdn ($cgiparams{'REMOTE'}))  {
-                                       $errormessage = $Lang::tr{'invalid input for remote host/ip'};
-                                       goto VPNCONF_ERROR;
-                               } else {
-                                       if (&Ovpnfunc::valid_dns_host($cgiparams{'REMOTE'})) {
-                                               $warnmessage = "$Lang::tr{'check vpn lr'} $cgiparams{'REMOTE'}. $Lang::tr{'dns check failed'}";
-                                       }
-                               }
-                       }
-               }
-               if ($cgiparams{'TYPE'} ne 'host') {
-                       unless (&General::validipandmask($cgiparams{'LOCAL_SUBNET'})) {
-                               $errormessage = $Lang::tr{'local subnet is invalid'}; 
-                               goto VPNCONF_ERROR;
-                       }
-               }
-               #hier1
-               my @tmpovpnsubnet = split("\/",$cgiparams{'LOCAL_SUBNET'});     
-               $tmpovpnsubnet[1]  = &Ovpnfunc::cidrormask($tmpovpnsubnet[1]);
-               $cgiparams{'LOCAL_SUBNET'} = "$tmpovpnsubnet[0]/$tmpovpnsubnet[1]";#convert from cidr
-               #hier1
-               if ($cgiparams{'REMOTE'} eq '') {# Check if there is no other entry without IP-address and PSK
-                       foreach my $key (keys %confighash) {
-                               if(($cgiparams{'KEY'} ne $key) && ($confighash{$key}[4] eq 'psk' || $cgiparams{'AUTH'} eq 'psk') && $confighash{$key}[10] eq '') {
-                                       $errormessage = $Lang::tr{'you can only define one roadwarrior connection when using pre-shared key authentication'};
-                                       goto VPNCONF_ERROR;
-                               }
-                       }
-               }
-               if (($cgiparams{'TYPE'} eq 'net') && (! &General::validipandmask($cgiparams{'REMOTE_SUBNET'}))) {
-                       $errormessage = $Lang::tr{'remote subnet is invalid'};
-                       goto VPNCONF_ERROR;
-               }
-               #hier2
-               my @tmpovpnsubnet = split("\/",$cgiparams{'REMOTE_SUBNET'});    
-               $tmpovpnsubnet[1]  = &Ovpnfunc::cidrormask($tmpovpnsubnet[1]);
-               $cgiparams{'REMOTE_SUBNET'} = "$tmpovpnsubnet[0]/$tmpovpnsubnet[1]";#convert from cidr
-               #hier2
-               if ($cgiparams{'ENABLED'} !~ /^(on|off)$/) {
-                       $errormessage = $Lang::tr{'invalid input'};
-                       goto VPNCONF_ERROR;
-               }
-               if ($cgiparams{'EDIT_ADVANCED'} !~ /^(on|off)$/) {
-                       $errormessage = $Lang::tr{'invalid input'};
-                       goto VPNCONF_ERROR;
-               }
-               if ($cgiparams{'ENABLED'} eq 'on'){
-                       $errormessage = &Ovpnfunc::disallowreserved($cgiparams{'DEST_PORT'},0,$cgiparams{'PROTOCOL'},"dest");
-               }       
-               if ($errormessage) { goto VPNCONF_ERROR; }
-    
-               if ($cgiparams{'ENABLED'} eq 'on'){
-                       $errormessage = &Ovpnfunc::checkportfw(0,$cgiparams{'DEST_PORT'},$cgiparams{'PROTOCOL'},'0.0.0.0');
-               }       
-               if ($errormessage) { goto VPNCONF_ERROR; }
-#raul
-               if ($cgiparams{'TYPE'} eq 'net') {
-                       if (! &General::validipandmask($cgiparams{'OVPN_SUBNET'})) {
-                               $errormessage = $Lang::tr{'ovpn subnet is invalid'};
-                               goto VPNCONF_ERROR;
-                       }
-                       #hier3
-                       my @tmpovpnsubnet = split("\/",$cgiparams{'OVPN_SUBNET'});
-                       $tmpovpnsubnet[1]  = &Ovpnfunc::cidrormask($tmpovpnsubnet[1]);
-                       $cgiparams{'OVPN_SUBNET'} = "$tmpovpnsubnet[0]/$tmpovpnsubnet[1]";#convert from cidr
-                       #hier3  
-                       #plausi2        
-                       $errormessage = &Ovpnfunc::ovelapplausi($tmpovpnsubnet[0],$tmpovpnsubnet[1]);
-                       #plausi2
-                       if ($errormessage ne ''){
-                               goto VPNCONF_ERROR;
-                       }
-                       if ((length($cgiparams{'MTU'})==0) || (($cgiparams{'MTU'}) < 1000 )) {
-                               $errormessage = $Lang::tr{'invalid mtu input'};
-                               goto VPNCONF_ERROR;
-                       }  
-                       unless (&General::validport($cgiparams{'DEST_PORT'})) {
-                               $errormessage = $Lang::tr{'invalid port'};
-                               goto VPNCONF_ERROR;
-                       }
-                       # check protcol/port overlap against existing connections gian
-                       foreach my $dkey (keys %confighash) {#Check if there is no other entry with this name
-                               if ($dkey ne $cgiparams{'KEY'}) {
-                                       if ($confighash{$dkey}[14] eq $cgiparams{'PROTOCOL'} &&  $confighash{$dkey}[15] eq $cgiparams{'DEST_PORT'}){
-                                               #if ($confighash{$dkey}[14] eq 'on') {
-                                                       $errormessage = "Choosed Protocol/Port combination is already used by connection: $confighash{$dkey}[1]";
-                                                       goto VPNCONF_ERROR;                     
-                                               #} else {
-                                               #       $warnmessage = "Choosed Protcol/Port combination is used by inactive connection: $confighash{$dkey}[1]";
-                                               #}      
-                                       }
-                               }
-                       }                       
-                       #check  protcol/port overlap against RWserver gian
-                       if ($vpnsettings{'ENABLED'} eq 'on') {          
-                               if ($vpnsettings{'DPROTOCOL'} eq $cgiparams{'PROTOCOL'} &&  $vpnsettings{'DDEST_PORT'} eq $cgiparams{'DEST_PORT'}){
-                                       $errormessage = "Choosed Protocol/Port combination is already used OpenVPN Roadwarrior Server";
-                                       goto VPNCONF_ERROR;                     
-                               }
-                       }                       
+       if (! $confighash{$cgiparams{'KEY'}}[0]) {
+           $errormessage = $Lang::tr{'invalid key'};
+           goto VPNCONF_END;
+       }
+       $cgiparams{'ENABLED'}   = $confighash{$cgiparams{'KEY'}}[0];
+       $cgiparams{'NAME'}      = $confighash{$cgiparams{'KEY'}}[1];
+       $cgiparams{'TYPE'}      = $confighash{$cgiparams{'KEY'}}[3];
+       $cgiparams{'AUTH'}      = $confighash{$cgiparams{'KEY'}}[4];
+       $cgiparams{'PSK'}       = $confighash{$cgiparams{'KEY'}}[5];
+       $cgiparams{'SIDE'}      = $confighash{$cgiparams{'KEY'}}[6];
+       $cgiparams{'LOCAL_SUBNET'} = $confighash{$cgiparams{'KEY'}}[8];
+       $cgiparams{'REMOTE'}    = $confighash{$cgiparams{'KEY'}}[10];
+       $cgiparams{'REMOTE_SUBNET'} = $confighash{$cgiparams{'KEY'}}[11];
+       $cgiparams{'REMARK'}    = $confighash{$cgiparams{'KEY'}}[25];
+       $cgiparams{'INTERFACE'} = $confighash{$cgiparams{'KEY'}}[26];
+#new fields    
+       $cgiparams{'OVPN_SUBNET'} = $confighash{$cgiparams{'KEY'}}[27];
+       $cgiparams{'PROTOCOL'}    = $confighash{$cgiparams{'KEY'}}[28];
+       $cgiparams{'DEST_PORT'}   = $confighash{$cgiparams{'KEY'}}[29];
+       $cgiparams{'COMPLZO'}     = $confighash{$cgiparams{'KEY'}}[30];
+       $cgiparams{'MTU'}         = $confighash{$cgiparams{'KEY'}}[31];
+#new fields
+#ab hiere error uebernehmen
+    } elsif ($cgiparams{'ACTION'} eq $Lang::tr{'save'}) {
+       $cgiparams{'REMARK'} = &Header::cleanhtml($cgiparams{'REMARK'});
+       if ($cgiparams{'TYPE'} !~ /^(host|net)$/) {
+           $errormessage = $Lang::tr{'connection type is invalid'};
+           goto VPNCONF_ERROR;
+       }
+
+
+       if ($cgiparams{'NAME'} !~ /^[a-zA-Z0-9]+$/) {
+           $errormessage = $Lang::tr{'name must only contain characters'};
+           goto VPNCONF_ERROR;
+       }
+
+       if ($cgiparams{'NAME'} =~ /^(host|01|block|private|clear|packetdefault)$/) {
+           $errormessage = $Lang::tr{'name is invalid'};
+           goto VPNCONF_ERROR;
+       }
+
+       if (length($cgiparams{'NAME'}) >60) {
+           $errormessage = $Lang::tr{'name too long'};
+           goto VPNCONF_ERROR;
+       }
+
+#      if (($cgiparams{'TYPE'} eq 'net') && ($cgiparams{'SIDE'} !~ /^(left|right)$/)) {
+#          $errormessage = $Lang::tr{'ipfire side is invalid'};
+#          goto VPNCONF_ERROR;
+#      }
+
+       # Check if there is no other entry with this name
+       if (! $cgiparams{'KEY'}) {
+           foreach my $key (keys %confighash) {
+               if ($confighash{$key}[1] eq $cgiparams{'NAME'}) {
+                   $errormessage = $Lang::tr{'a connection with this name already exists'};
+                   goto VPNCONF_ERROR;
                }
                }
-               if ($cgiparams{'AUTH'} eq 'psk')  {
-                       #removed
-               } elsif ($cgiparams{'AUTH'} eq 'certreq') {
-               #       {
-                       if ($cgiparams{'KEY'}) {
-                               $errormessage = $Lang::tr{'cant change certificates'};
-                               goto VPNCONF_ERROR;
-                       }
-                       if (ref ($cgiparams{'FH'}) ne 'Fh') {
-                               $errormessage = $Lang::tr{'there was no file upload'};
-                               goto VPNCONF_ERROR;
-                       }
-                       (my $fh, my $filename) = tempfile( );# Move uploaded certificate request to a temporary file
-                       if (copy ($cgiparams{'FH'}, $fh) != 1) {
-                               $errormessage = $!;
-                               goto VPNCONF_ERROR;
-                       }
-                       # Sign the certificate request and move it
-                       # Sign the host certificate request
-                       system('/usr/bin/openssl', 'ca', '-days', '999999',
-                       '-batch', '-notext',
-                       '-in', $filename,
-                       '-out', "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem",
-                       '-config',"${General::swroot}/ovpn/openssl/ovpn.cnf");
-                       if ($?) {
-                               $errormessage = "$Lang::tr{'openssl produced an error'}: $?";
-                               unlink ($filename);
-                               unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem");
-                               &Ovpnfunc::newcleanssldatabase();
-                               goto VPNCONF_ERROR;
-                       } else {
-                               unlink ($filename);
-                               &Ovpnfunc::deletebackupcert();
-                       }
-                       my $temp = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem`;
-                       $temp =~ /Subject:.*CN=(.*)[\n]/;
-                       $temp = $1;
-                       $temp =~ s+/Email+, E+;
-                       $temp =~ s/ ST=/ S=/;
-                       $cgiparams{'CERT_NAME'} = $temp;
-                       $cgiparams{'CERT_NAME'} =~ s/,//g;
-                       $cgiparams{'CERT_NAME'} =~ s/\'//g;
-                       if ($cgiparams{'CERT_NAME'} eq '') {
-                               $errormessage = $Lang::tr{'could not retrieve common name from certificate'};
-                               goto VPNCONF_ERROR;
-                       }
-               } elsif ($cgiparams{'AUTH'} eq 'certfile') {
-                       if ($cgiparams{'KEY'}) {
-                               $errormessage = $Lang::tr{'cant change certificates'};
-                               goto VPNCONF_ERROR;
-                       }
-                       if (ref ($cgiparams{'FH'}) ne 'Fh') {
-                       $errormessage = $Lang::tr{'there was no file upload'};
-                       goto VPNCONF_ERROR;
-                       }           
-                       (my $fh, my $filename) = tempfile( );# Move uploaded certificate to a temporary file
-                       if (copy ($cgiparams{'FH'}, $fh) != 1) {
-                               $errormessage = $!;
-                               goto VPNCONF_ERROR;
-                       }
-                       my $validca = 0;# Verify the certificate has a valid CA and move it
-                       my $test = `/usr/bin/openssl verify -CAfile ${General::swroot}/ovpn/ca/cacert.pem $filename`;
-                       if ($test =~ /: OK/) {
-                               $validca = 1;
-                       } else {
-                               foreach my $key (keys %cahash) {
-                                       $test = `/usr/bin/openssl verify -CAfile ${General::swroot}/ovpn/ca/$cahash{$key}[0]cert.pem $filename`;
-                                       if ($test =~ /: OK/) {
-                                               $validca = 1;
-                                       }
-                               }
-                       }
-                       if (! $validca) {
-                               $errormessage = $Lang::tr{'certificate does not have a valid ca associated with it'};
-                               unlink ($filename);
-                               goto VPNCONF_ERROR;
-                       } else {
-                               move($filename, "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem");
-                               if ($? ne 0) {
-                                       $errormessage = "$Lang::tr{'certificate file move failed'}: $!";
-                                       unlink ($filename);
-                                       goto VPNCONF_ERROR;
-                               }
-                       }
-                       my $temp = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem`;
-                       $temp =~ /Subject:.*CN=(.*)[\n]/;
-                       $temp = $1;
-                       $temp =~ s+/Email+, E+;
-                       $temp =~ s/ ST=/ S=/;
-                       $cgiparams{'CERT_NAME'} = $temp;
-                       $cgiparams{'CERT_NAME'} =~ s/,//g;
-                       $cgiparams{'CERT_NAME'} =~ s/\'//g;
-                       if ($cgiparams{'CERT_NAME'} eq '') {
-                               unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem");
-                               $errormessage = $Lang::tr{'could not retrieve common name from certificate'};
-                               goto VPNCONF_ERROR;
-                       }                                       
-               } elsif ($cgiparams{'AUTH'} eq 'certgen'){              
-                       if ($cgiparams{'KEY'}) {
-                               $errormessage = $Lang::tr{'cant change certificates'};
-                               goto VPNCONF_ERROR;
-                       }
-                       if (length($cgiparams{'CERT_NAME'}) >60) {# Validate input since the form was submitted
-                               $errormessage = $Lang::tr{'name too long'};
-                               goto VPNCONF_ERROR;
-                       }
-                       if ($cgiparams{'CERT_NAME'} !~ /^[a-zA-Z0-9 ,\.\-_]+$/) {
-                               $errormessage = $Lang::tr{'invalid input for name'};
-                               goto VPNCONF_ERROR;
-                       }
-                       if ($cgiparams{'CERT_EMAIL'} ne '' && (! &General::validemail($cgiparams{'CERT_EMAIL'}))) {
-                               $errormessage = $Lang::tr{'invalid input for e-mail address'};
-                               goto VPNCONF_ERROR;
-                       }
-                       if (length($cgiparams{'CERT_EMAIL'}) > 40) {
-                               $errormessage = $Lang::tr{'e-mail address too long'};
-                               goto VPNCONF_ERROR;
-                       }
-                       if ($cgiparams{'CERT_OU'} ne '' && $cgiparams{'CERT_OU'} !~ /^[a-zA-Z0-9 ,\.\-_]*$/) {
-                               $errormessage = $Lang::tr{'invalid input for department'};
-                               goto VPNCONF_ERROR;
-                       }
-                       if (length($cgiparams{'CERT_ORGANIZATION'}) >60) {
-                               $errormessage = $Lang::tr{'organization too long'};
-                               goto VPNCONF_ERROR;
-                       }
-                       if ($cgiparams{'CERT_ORGANIZATION'} !~ /^[a-zA-Z0-9 ,\.\-_]+$/) {
-                               $errormessage = $Lang::tr{'invalid input for organization'};
-                               goto VPNCONF_ERROR;
-                       }
-                       if ($cgiparams{'CERT_CITY'} ne '' && $cgiparams{'CERT_CITY'} !~ /^[a-zA-Z0-9 ,\.\-_]*$/) {
-                               $errormessage = $Lang::tr{'invalid input for city'};
-                               goto VPNCONF_ERROR;
-                       }
-                       if ($cgiparams{'CERT_STATE'} ne '' && $cgiparams{'CERT_STATE'} !~ /^[a-zA-Z0-9 ,\.\-_]*$/) {
-                               $errormessage = $Lang::tr{'invalid input for state or province'};
-                               goto VPNCONF_ERROR;
-                       }
-                       if ($cgiparams{'CERT_COUNTRY'} !~ /^[A-Z]*$/) {
-                               $errormessage = $Lang::tr{'invalid input for country'};
-                               goto VPNCONF_ERROR;
-                       }
-                       if ($cgiparams{'CERT_PASS1'} ne '' && $cgiparams{'CERT_PASS2'} ne ''){
-                               if (length($cgiparams{'CERT_PASS1'}) < 5) {
-                                       $errormessage = $Lang::tr{'password too short'};
-                                       goto VPNCONF_ERROR;
-                               }
-                       }       
-                       if ($cgiparams{'CERT_PASS1'} ne $cgiparams{'CERT_PASS2'}) {
-                               $errormessage = $Lang::tr{'passwords do not match'};
-                               goto VPNCONF_ERROR;
-                       }
-                       (my $ou = $cgiparams{'CERT_OU'}) =~ s/^\s*$/\./;# Replace empty strings with a .
-                       (my $city = $cgiparams{'CERT_CITY'}) =~ s/^\s*$/\./;
-                       (my $state = $cgiparams{'CERT_STATE'}) =~ s/^\s*$/\./;
-                       my $pid = open(OPENSSL, "|-");# Create the Host certificate request client
-                       $SIG{ALRM} = sub { $errormessage = $Lang::tr{'broken pipe'}; goto VPNCONF_ERROR;};
-                       if ($pid) {     # parent
-                               print OPENSSL "$cgiparams{'CERT_COUNTRY'}\n";
-                               print OPENSSL "$state\n";
-                               print OPENSSL "$city\n";
-                               print OPENSSL "$cgiparams{'CERT_ORGANIZATION'}\n";
-                               print OPENSSL "$ou\n";
-                               print OPENSSL "$cgiparams{'CERT_NAME'}\n";
-                               print OPENSSL "$cgiparams{'CERT_EMAIL'}\n";
-                               print OPENSSL ".\n";
-                               print OPENSSL ".\n";
-                               close (OPENSSL);
-                               if ($?) {
-                                       $errormessage = "$Lang::tr{'openssl produced an error'}: $?";
-                                       unlink ("${General::swroot}ovpn/certs/$cgiparams{'NAME'}key.pem");
-                                       unlink ("${General::swroot}ovpn/certs/$cgiparams{'NAME'}req.pem");
-                                       goto VPNCONF_ERROR;
-                               }
-                       } else {        # child
-                               unless (exec ('/usr/bin/openssl', 'req', '-nodes', '-rand', '/proc/interrupts:/proc/net/rt_cache',
-                                       '-newkey', 'rsa:1024',
-                                       '-keyout', "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}key.pem",
-                                       '-out', "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}req.pem",
-                                       '-config',"${General::swroot}/ovpn/openssl/ovpn.cnf")) {
-                                       $errormessage = "$Lang::tr{'cant start openssl'}: $!";
-                                       unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}key.pem");
-                                       unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}req.pem");
-                                       goto VPNCONF_ERROR;
-                               }
-                       }
-                       # Sign the host certificate request
-                       system('/usr/bin/openssl', 'ca', '-days', '999999',
-                       '-batch', '-notext',
-                       '-in',  "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}req.pem",
-                       '-out', "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem",
-                       '-config',"${General::swroot}/ovpn/openssl/ovpn.cnf");
-                       if ($?) {
-                               $errormessage = "$Lang::tr{'openssl produced an error'}: $?";
-                               unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}key.pem");
-                               unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}req.pem");
-                               unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem");
-                               &Ovpnfunc::newcleanssldatabase();
-                               goto VPNCONF_ERROR;
-                       } else {
-                               unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}req.pem");
-                               &Ovpnfunc::deletebackupcert();
-                       }
-                       # Create the pkcs12 file
-                       system('/usr/bin/openssl', 'pkcs12', '-export', 
-                       '-inkey', "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}key.pem",
-                       '-in', "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem",
-                       '-name', $cgiparams{'NAME'},
-                       '-passout', "pass:$cgiparams{'CERT_PASS1'}",
-                       '-certfile', "${General::swroot}/ovpn/ca/cacert.pem", 
-                       '-caname', "$vpnsettings{'ROOTCERT_ORGANIZATION'} CA",
-                       '-out', "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}.p12");
-                       if ($?) {
-                               $errormessage = "$Lang::tr{'openssl produced an error'}: $?";
-                               unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}key.pem");
-                               unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem");
-                               unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}.p12");
-                               goto VPNCONF_ERROR;
-                       } else {
-                               unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}key.pem");
-                       }
-               } elsif ($cgiparams{'AUTH'} eq 'cert') {
-                       ;# Nothing, just editing
+           }
+       }
+
+       if (($cgiparams{'TYPE'} eq 'net') && (! $cgiparams{'REMOTE'})) {
+           $errormessage = $Lang::tr{'invalid input for remote host/ip'};
+           goto VPNCONF_ERROR;
+       }
+
+       if ($cgiparams{'REMOTE'}) {
+           if (! &General::validip($cgiparams{'REMOTE'})) {
+               if (! &General::validfqdn ($cgiparams{'REMOTE'}))  {
+                   $errormessage = $Lang::tr{'invalid input for remote host/ip'};
+                   goto VPNCONF_ERROR;
                } else {
                } else {
-                       $errormessage = $Lang::tr{'invalid input for authentication method'};
-                       goto VPNCONF_ERROR;
+                   if (&valid_dns_host($cgiparams{'REMOTE'})) {
+                       $warnmessage = "$Lang::tr{'check vpn lr'} $cgiparams{'REMOTE'}. $Lang::tr{'dns check failed'}";
+                   }
                }
                }
-               if ((! $cgiparams{'KEY'}) && ($cgiparams{'AUTH'} ne 'psk')) {# Check if there is no other entry with this common name
-                       foreach my $key (keys %confighash) {
-                               if ($confighash{$key}[2] eq $cgiparams{'CERT_NAME'}) {
-                                       $errormessage = $Lang::tr{'a connection with this common name already exists'};
-                                       goto VPNCONF_ERROR;
-                               }
-                       }
+           }
+       }
+       if ($cgiparams{'TYPE'} ne 'host') {
+            unless (&General::validipandmask($cgiparams{'LOCAL_SUBNET'})) {
+                   $errormessage = $Lang::tr{'local subnet is invalid'}; 
+                       goto VPNCONF_ERROR;}
+       }
+       # Check if there is no other entry without IP-address and PSK
+       if ($cgiparams{'REMOTE'} eq '') {
+           foreach my $key (keys %confighash) {
+               if(($cgiparams{'KEY'} ne $key) && 
+                  ($confighash{$key}[4] eq 'psk' || $cgiparams{'AUTH'} eq 'psk') && 
+                   $confighash{$key}[10] eq '') {
+                       $errormessage = $Lang::tr{'you can only define one roadwarrior connection when using pre-shared key authentication'};
+                       goto VPNCONF_ERROR;
                }
                }
+           }
+       }
+       if (($cgiparams{'TYPE'} eq 'net') && (! &General::validipandmask($cgiparams{'REMOTE_SUBNET'}))) {
+                $errormessage = $Lang::tr{'remote subnet is invalid'};
+               goto VPNCONF_ERROR;
+       }
+
+       if ($cgiparams{'ENABLED'} !~ /^(on|off)$/) {
+           $errormessage = $Lang::tr{'invalid input'};
+           goto VPNCONF_ERROR;
+       }
+       if ($cgiparams{'EDIT_ADVANCED'} !~ /^(on|off)$/) {
+           $errormessage = $Lang::tr{'invalid input'};
+           goto VPNCONF_ERROR;
+       }
+
+#fixplausi
+       if ($cgiparams{'AUTH'} eq 'psk')  {
+#          if (! length($cgiparams{'PSK'}) ) {
+#              $errormessage = $Lang::tr{'pre-shared key is too short'};
+#              goto VPNCONF_ERROR;
+#          }
+#          if ($cgiparams{'PSK'} =~ /['",&]/) {
+#              $errormessage = $Lang::tr{'invalid characters found in pre-shared key'};
+#              goto VPNCONF_ERROR;
+#          }
+       } elsif ($cgiparams{'AUTH'} eq 'certreq') {
+           if ($cgiparams{'KEY'}) {
+               $errormessage = $Lang::tr{'cant change certificates'};
+               goto VPNCONF_ERROR;
+           }
+           if (ref ($cgiparams{'FH'}) ne 'Fh') {
+               $errormessage = $Lang::tr{'there was no file upload'};
+               goto VPNCONF_ERROR;
+           }
+
+           # Move uploaded certificate request to a temporary file
+           (my $fh, my $filename) = tempfile( );
+           if (copy ($cgiparams{'FH'}, $fh) != 1) {
+               $errormessage = $!;
+               goto VPNCONF_ERROR;
+           }
 
 
-               my $key = $cgiparams{'KEY'};# Save the config
-               if (! $key) {
-                       $key = &General::findhasharraykey (\%confighash);
-                       foreach my $i (0 .. 42) { $confighash{$key}[$i] = "";}
+           # Sign the certificate request and move it
+           # Sign the host certificate request
+           system('/usr/bin/openssl', 'ca', '-days', '999999',
+               '-batch', '-notext',
+               '-in', $filename,
+               '-out', "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem",
+               '-config',"${General::swroot}/ovpn/openssl/ovpn.cnf");
+           if ($?) {
+               $errormessage = "$Lang::tr{'openssl produced an error'}: $?";
+               unlink ($filename);
+               unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem");
+               &newcleanssldatabase();
+               goto VPNCONF_ERROR;
+           } else {
+               unlink ($filename);
+               &deletebackupcert();
+           }
+
+           my $temp = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem`;
+           $temp =~ /Subject:.*CN=(.*)[\n]/;
+           $temp = $1;
+           $temp =~ s+/Email+, E+;
+           $temp =~ s/ ST=/ S=/;
+           $cgiparams{'CERT_NAME'} = $temp;
+           $cgiparams{'CERT_NAME'} =~ s/,//g;
+           $cgiparams{'CERT_NAME'} =~ s/\'//g;
+           if ($cgiparams{'CERT_NAME'} eq '') {
+               $errormessage = $Lang::tr{'could not retrieve common name from certificate'};
+               goto VPNCONF_ERROR;
+           }
+       } elsif ($cgiparams{'AUTH'} eq 'certfile') {
+           if ($cgiparams{'KEY'}) {
+               $errormessage = $Lang::tr{'cant change certificates'};
+               goto VPNCONF_ERROR;
+           }
+           if (ref ($cgiparams{'FH'}) ne 'Fh') {
+               $errormessage = $Lang::tr{'there was no file upload'};
+               goto VPNCONF_ERROR;
+           }
+           # Move uploaded certificate to a temporary file
+           (my $fh, my $filename) = tempfile( );
+           if (copy ($cgiparams{'FH'}, $fh) != 1) {
+               $errormessage = $!;
+               goto VPNCONF_ERROR;
+           }
+
+           # Verify the certificate has a valid CA and move it
+           my $validca = 0;
+           my $test = `/usr/bin/openssl verify -CAfile ${General::swroot}/ovpn/ca/cacert.pem $filename`;
+           if ($test =~ /: OK/) {
+               $validca = 1;
+           } else {
+               foreach my $key (keys %cahash) {
+                   $test = `/usr/bin/openssl verify -CAfile ${General::swroot}/ovpn/ca/$cahash{$key}[0]cert.pem $filename`;
+                   if ($test =~ /: OK/) {
+                       $validca = 1;
+                   }
                }
                }
-               $confighash{$key}[0] = $cgiparams{'ENABLED'};
-               $confighash{$key}[1] = $cgiparams{'NAME'};
-               if ((! $cgiparams{'KEY'}) && $cgiparams{'AUTH'} ne 'psk') {
-                       $confighash{$key}[2] = $cgiparams{'CERT_NAME'};
+           }
+           if (! $validca) {
+               $errormessage = $Lang::tr{'certificate does not have a valid ca associated with it'};
+               unlink ($filename);
+               goto VPNCONF_ERROR;
+           } else {
+               move($filename, "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem");
+               if ($? ne 0) {
+                   $errormessage = "$Lang::tr{'certificate file move failed'}: $!";
+                   unlink ($filename);
+                   goto VPNCONF_ERROR;
                }
                }
-               $confighash{$key}[3] = $cgiparams{'TYPE'};
-               if ($cgiparams{'AUTH'} eq 'psk') {
-                       $confighash{$key}[4] = 'psk';
-                       $confighash{$key}[5] = $cgiparams{'PSK'};
-               } else {
-                       $confighash{$key}[4] = 'cert';
+           }
+
+           my $temp = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem`;
+           $temp =~ /Subject:.*CN=(.*)[\n]/;
+           $temp = $1;
+           $temp =~ s+/Email+, E+;
+           $temp =~ s/ ST=/ S=/;
+           $cgiparams{'CERT_NAME'} = $temp;
+           $cgiparams{'CERT_NAME'} =~ s/,//g;
+           $cgiparams{'CERT_NAME'} =~ s/\'//g;
+           if ($cgiparams{'CERT_NAME'} eq '') {
+               unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem");
+               $errormessage = $Lang::tr{'could not retrieve common name from certificate'};
+               goto VPNCONF_ERROR;
+           }
+       } elsif ($cgiparams{'AUTH'} eq 'certgen') {
+           if ($cgiparams{'KEY'}) {
+               $errormessage = $Lang::tr{'cant change certificates'};
+               goto VPNCONF_ERROR;
+           }
+           # Validate input since the form was submitted
+           if (length($cgiparams{'CERT_NAME'}) >60) {
+               $errormessage = $Lang::tr{'name too long'};
+               goto VPNCONF_ERROR;
+           }
+           if ($cgiparams{'CERT_NAME'} !~ /^[a-zA-Z0-9 ,\.\-_]+$/) {
+               $errormessage = $Lang::tr{'invalid input for name'};
+               goto VPNCONF_ERROR;
+           }
+           if ($cgiparams{'CERT_EMAIL'} ne '' && (! &General::validemail($cgiparams{'CERT_EMAIL'}))) {
+               $errormessage = $Lang::tr{'invalid input for e-mail address'};
+               goto VPNCONF_ERROR;
+           }
+           if (length($cgiparams{'CERT_EMAIL'}) > 40) {
+               $errormessage = $Lang::tr{'e-mail address too long'};
+               goto VPNCONF_ERROR;
+           }
+           if ($cgiparams{'CERT_OU'} ne '' && $cgiparams{'CERT_OU'} !~ /^[a-zA-Z0-9 ,\.\-_]*$/) {
+               $errormessage = $Lang::tr{'invalid input for department'};
+               goto VPNCONF_ERROR;
+           }
+           if (length($cgiparams{'CERT_ORGANIZATION'}) >60) {
+               $errormessage = $Lang::tr{'organization too long'};
+               goto VPNCONF_ERROR;
+           }
+           if ($cgiparams{'CERT_ORGANIZATION'} !~ /^[a-zA-Z0-9 ,\.\-_]+$/) {
+               $errormessage = $Lang::tr{'invalid input for organization'};
+               goto VPNCONF_ERROR;
+           }
+           if ($cgiparams{'CERT_CITY'} ne '' && $cgiparams{'CERT_CITY'} !~ /^[a-zA-Z0-9 ,\.\-_]*$/) {
+               $errormessage = $Lang::tr{'invalid input for city'};
+               goto VPNCONF_ERROR;
+           }
+           if ($cgiparams{'CERT_STATE'} ne '' && $cgiparams{'CERT_STATE'} !~ /^[a-zA-Z0-9 ,\.\-_]*$/) {
+               $errormessage = $Lang::tr{'invalid input for state or province'};
+               goto VPNCONF_ERROR;
+           }
+           if ($cgiparams{'CERT_COUNTRY'} !~ /^[A-Z]*$/) {
+               $errormessage = $Lang::tr{'invalid input for country'};
+               goto VPNCONF_ERROR;
+           }
+           if ($cgiparams{'CERT_PASS1'} ne '' && $cgiparams{'CERT_PASS2'} ne ''){
+               if (length($cgiparams{'CERT_PASS1'}) < 5) {
+                   $errormessage = $Lang::tr{'password too short'};
+                   goto VPNCONF_ERROR;
                }
                }
-               if ($cgiparams{'TYPE'} eq 'net') {
-                       $confighash{$key}[6] = $cgiparams{'SIDE'};
-                       $confighash{$key}[11] = $cgiparams{'REMOTE_SUBNET'};
-                       if ( $cgiparams{'SIDE'} eq  'client') {
-                                       $confighash{$key}[19] = 'yes';
-                       } else{
-                               $confighash{$key}[19] = 'no';
-                       }
+           }   
+           if ($cgiparams{'CERT_PASS1'} ne $cgiparams{'CERT_PASS2'}) {
+               $errormessage = $Lang::tr{'passwords do not match'};
+               goto VPNCONF_ERROR;
+           }
+
+           # Replace empty strings with a .
+           (my $ou = $cgiparams{'CERT_OU'}) =~ s/^\s*$/\./;
+           (my $city = $cgiparams{'CERT_CITY'}) =~ s/^\s*$/\./;
+           (my $state = $cgiparams{'CERT_STATE'}) =~ s/^\s*$/\./;
+
+           # Create the Host certificate request client
+           my $pid = open(OPENSSL, "|-");
+           $SIG{ALRM} = sub { $errormessage = $Lang::tr{'broken pipe'}; goto VPNCONF_ERROR;};
+           if ($pid) { # parent
+               print OPENSSL "$cgiparams{'CERT_COUNTRY'}\n";
+               print OPENSSL "$state\n";
+               print OPENSSL "$city\n";
+               print OPENSSL "$cgiparams{'CERT_ORGANIZATION'}\n";
+               print OPENSSL "$ou\n";
+               print OPENSSL "$cgiparams{'CERT_NAME'}\n";
+               print OPENSSL "$cgiparams{'CERT_EMAIL'}\n";
+               print OPENSSL ".\n";
+               print OPENSSL ".\n";
+               close (OPENSSL);
+               if ($?) {
+                   $errormessage = "$Lang::tr{'openssl produced an error'}: $?";
+                   unlink ("${General::swroot}ovpn/certs/$cgiparams{'NAME'}key.pem");
+                   unlink ("${General::swroot}ovpn/certs/$cgiparams{'NAME'}req.pem");
+                   goto VPNCONF_ERROR;
                }
                }
-               $confighash{$key}[8] = $cgiparams{'LOCAL_SUBNET'};
-               $confighash{$key}[10] = $cgiparams{'REMOTE'};
-               $confighash{$key}[25] = $cgiparams{'REMARK'};
-               $confighash{$key}[12] = $cgiparams{'INTERFACE'};
-               $confighash{$key}[13] = $cgiparams{'OVPN_SUBNET'};# new fields  
-               $confighash{$key}[14] = $cgiparams{'PROTOCOL'};
-               $confighash{$key}[15] = $cgiparams{'DEST_PORT'};
-               $confighash{$key}[16] = $cgiparams{'COMPLZO'};
-               $confighash{$key}[17] = $cgiparams{'MTU'};
-               $confighash{$key}[18] = $cgiparams{'N2NVPN_IP'};# new fileds
-               $confighash{$key}[19] = $cgiparams{'ZERINA_CLIENT'};# new fileds
-               $confighash{$key}[20] = $cgiparams{'CIPHER'};
-               
-               #default n2n advanced
-               $confighash{$key}[26] = '10';#keepalive ping
-               $confighash{$key}[27] = '60';#keepalive restart
-               $confighash{$key}[28] = '0';#nice
-               $confighash{$key}[42] = '3';#verb
-               #default n2n advanced
-               &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
-               &Ovpnfunc::writenet2netconf($key,$zerinaclient);
-               #ppp
-               my $n2nactive = `/bin/ps ax|grep $cgiparams{'NAME'}.conf|grep -v grep|awk \'{print \$1}\'`;
-               if ($cgiparams{'ENABLED'}) {                    
-                       if ($n2nactive eq ''){
-                               system('/usr/local/bin/openvpnctrl', '-sn2n', $cgiparams{'NAME'});
-                       } else {
-                               system('/usr/local/bin/openvpnctrl', '-kn2n', $n2nactive);
-                               system('/usr/local/bin/openvpnctrl', '-sn2n', $cgiparams{'NAME'});
-                       }                       
-               } else {                                        
-                       if ($n2nactive ne ''){                          
-                               system('/usr/local/bin/openvpnctrl', '-kn2n', $cgiparams{'NAME'});
-                       }                                               
+           } else {    # child
+               unless (exec ('/usr/bin/openssl', 'req', '-nodes', '-rand', '/proc/interrupts:/proc/net/rt_cache',
+                       '-newkey', 'rsa:1024',
+                       '-keyout', "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}key.pem",
+                       '-out', "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}req.pem",
+                       '-config',"${General::swroot}/ovpn/openssl/ovpn.cnf")) {
+                   $errormessage = "$Lang::tr{'cant start openssl'}: $!";
+                   unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}key.pem");
+                   unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}req.pem");
+                   goto VPNCONF_ERROR;
                }
                }
-               if ($cgiparams{'EDIT_ADVANCED'} eq 'on') {
-                       $cgiparams{'KEY'} = $key;
-                       $cgiparams{'ACTION'} = $Lang::tr{'advanced'};
+           }
+       
+           # Sign the host certificate request
+           system('/usr/bin/openssl', 'ca', '-days', '999999',
+               '-batch', '-notext',
+               '-in',  "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}req.pem",
+               '-out', "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem",
+               '-config',"${General::swroot}/ovpn/openssl/ovpn.cnf");
+           if ($?) {
+               $errormessage = "$Lang::tr{'openssl produced an error'}: $?";
+               unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}key.pem");
+               unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}req.pem");
+               unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem");
+               &newcleanssldatabase();
+               goto VPNCONF_ERROR;
+           } else {
+               unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}req.pem");
+               &deletebackupcert();
+           }
+
+           # Create the pkcs12 file
+           system('/usr/bin/openssl', 'pkcs12', '-export', 
+               '-inkey', "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}key.pem",
+               '-in', "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem",
+               '-name', $cgiparams{'NAME'},
+               '-passout', "pass:$cgiparams{'CERT_PASS1'}",
+               '-certfile', "${General::swroot}/ovpn/ca/cacert.pem", 
+               '-caname', "$vpnsettings{'ROOTCERT_ORGANIZATION'} CA",
+               '-out', "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}.p12");
+           if ($?) {
+               $errormessage = "$Lang::tr{'openssl produced an error'}: $?";
+               unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}key.pem");
+               unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem");
+               unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}.p12");
+               goto VPNCONF_ERROR;
+           } else {
+               unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}key.pem");
+           }
+       } elsif ($cgiparams{'AUTH'} eq 'cert') {
+           ;# Nothing, just editing
+       } else {
+           $errormessage = $Lang::tr{'invalid input for authentication method'};
+           goto VPNCONF_ERROR;
+       }
+
+       # Check if there is no other entry with this common name
+       if ((! $cgiparams{'KEY'}) && ($cgiparams{'AUTH'} ne 'psk')) {
+           foreach my $key (keys %confighash) {
+               if ($confighash{$key}[2] eq $cgiparams{'CERT_NAME'}) {
+                   $errormessage = $Lang::tr{'a connection with this common name already exists'};
+                   goto VPNCONF_ERROR;
                }
                }
-               goto VPNCONF_END;
+           }
+       }
+
+        # Save the config
+       my $key = $cgiparams{'KEY'};
+       if (! $key) {
+           $key = &General::findhasharraykey (\%confighash);
+           foreach my $i (0 .. 31) { $confighash{$key}[$i] = "";}
+       }
+       $confighash{$key}[0] = $cgiparams{'ENABLED'};
+       $confighash{$key}[1] = $cgiparams{'NAME'};
+       if ((! $cgiparams{'KEY'}) && $cgiparams{'AUTH'} ne 'psk') {
+           $confighash{$key}[2] = $cgiparams{'CERT_NAME'};
+       }
+       $confighash{$key}[3] = $cgiparams{'TYPE'};
+       if ($cgiparams{'AUTH'} eq 'psk') {
+           $confighash{$key}[4] = 'psk';
+           $confighash{$key}[5] = $cgiparams{'PSK'};
+       } else {
+           $confighash{$key}[4] = 'cert';
+       }
+       if ($cgiparams{'TYPE'} eq 'net') {
+           $confighash{$key}[6] = $cgiparams{'SIDE'};
+           $confighash{$key}[11] = $cgiparams{'REMOTE_SUBNET'};
+       }
+       $confighash{$key}[8] = $cgiparams{'LOCAL_SUBNET'};
+       $confighash{$key}[10] = $cgiparams{'REMOTE'};
+       $confighash{$key}[25] = $cgiparams{'REMARK'};
+       $confighash{$key}[26] = $cgiparams{'INTERFACE'};
+# new fields   
+       $confighash{$key}[27] = $cgiparams{'OVPN_SUBNET'};
+       $confighash{$key}[28] = $cgiparams{'PROTOCOL'};
+       $confighash{$key}[29] = $cgiparams{'DEST_PORT'};
+       $confighash{$key}[30] = $cgiparams{'COMPLZO'};
+       $confighash{$key}[31] = $cgiparams{'MTU'};
+# new fileds   
+       &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
+       if ($cgiparams{'EDIT_ADVANCED'} eq 'on') {
+           $cgiparams{'KEY'} = $key;
+           $cgiparams{'ACTION'} = $Lang::tr{'advanced'};
+       }
+       goto VPNCONF_END;
     } else {
     } else {
-               $cgiparams{'ENABLED'} = 'on';
-               if ($cgiparams{'ZERINA_CLIENT'} eq ''){
-                       $cgiparams{'ZERINA_CLIENT'} = 'no';
-               }                       
-               if ( ! -f "${General::swroot}/ovpn/ca/cakey.pem" ) {
-                       $cgiparams{'AUTH'} = 'psk';
-               } elsif ( ! -f "${General::swroot}/ovpn/ca/cacert.pem") {
-                       $cgiparams{'AUTH'} = 'certfile';
-               } else {
+        $cgiparams{'ENABLED'} = 'on';
+       $cgiparams{'SIDE'} = 'left';
+       if ( ! -f "${General::swroot}/ovpn/ca/cakey.pem" ) {
+           $cgiparams{'AUTH'} = 'psk';
+       } elsif ( ! -f "${General::swroot}/ovpn/ca/cacert.pem") {
+           $cgiparams{'AUTH'} = 'certfile';
+       } else {
             $cgiparams{'AUTH'} = 'certgen';
             $cgiparams{'AUTH'} = 'certgen';
-               }
-               $cgiparams{'LOCAL_SUBNET'}      ="$netsettings{'GREEN_NETADDRESS'}/$netsettings{'GREEN_NETMASK'}";
-               $cgiparams{'CERT_ORGANIZATION'} = $vpnsettings{'ROOTCERT_ORGANIZATION'};
-               $cgiparams{'CERT_CITY'}         = $vpnsettings{'ROOTCERT_CITY'};
-               $cgiparams{'CERT_STATE'}        = $vpnsettings{'ROOTCERT_STATE'};
-               $cgiparams{'CERT_COUNTRY'}      = $vpnsettings{'ROOTCERT_COUNTRY'};
+       }
+       $cgiparams{'LOCAL_SUBNET'}      ="$netsettings{'GREEN_NETADDRESS'}/$netsettings{'GREEN_NETMASK'}";
+       $cgiparams{'CERT_ORGANIZATION'} = $vpnsettings{'ROOTCERT_ORGANIZATION'};
+       $cgiparams{'CERT_CITY'}         = $vpnsettings{'ROOTCERT_CITY'};
+       $cgiparams{'CERT_STATE'}        = $vpnsettings{'ROOTCERT_STATE'};
+       $cgiparams{'CERT_COUNTRY'}      = $vpnsettings{'ROOTCERT_COUNTRY'};
     }
     }
+
     VPNCONF_ERROR:
     VPNCONF_ERROR:
-       # n2n default settings
-       if ($cgiparams{'CIPHER'} eq '') {
-               $cgiparams{'CIPHER'} =  'BF-CBC';     
-    }
-    if ($cgiparams{'MTU'} eq '') {
-               $cgiparams{'MTU'} =  '1400';     
-    }
-    if ($cgiparams{'OVPN_SUBNET'} eq '') {
-               $cgiparams{'OVPN_SUBNET'} = '10.' . int(rand(256)) . '.' . int(rand(256)) . '.0/255.255.255.0';
-    }
-       #n2n default settings
     $checked{'ENABLED'}{'off'} = '';
     $checked{'ENABLED'}{'on'} = '';
     $checked{'ENABLED'}{$cgiparams{'ENABLED'}} = 'CHECKED';
     $checked{'ENABLED'}{'off'} = '';
     $checked{'ENABLED'}{'on'} = '';
     $checked{'ENABLED'}{$cgiparams{'ENABLED'}} = 'CHECKED';
@@ -2281,43 +2256,28 @@ END
     $checked{'ENABLED_ORANGE'}{'off'} = '';
     $checked{'ENABLED_ORANGE'}{'on'} = '';
     $checked{'ENABLED_ORANGE'}{$cgiparams{'ENABLED_ORANGE'}} = 'CHECKED';
     $checked{'ENABLED_ORANGE'}{'off'} = '';
     $checked{'ENABLED_ORANGE'}{'on'} = '';
     $checked{'ENABLED_ORANGE'}{$cgiparams{'ENABLED_ORANGE'}} = 'CHECKED';
+
+
     $checked{'EDIT_ADVANCED'}{'off'} = '';
     $checked{'EDIT_ADVANCED'}{'on'} = '';
     $checked{'EDIT_ADVANCED'}{$cgiparams{'EDIT_ADVANCED'}} = 'CHECKED';
     $checked{'EDIT_ADVANCED'}{'off'} = '';
     $checked{'EDIT_ADVANCED'}{'on'} = '';
     $checked{'EDIT_ADVANCED'}{$cgiparams{'EDIT_ADVANCED'}} = 'CHECKED';
+
     $selected{'SIDE'}{'server'} = '';
     $selected{'SIDE'}{'client'} = '';
     $selected{'SIDE'}{$cgiparams{'SIDE'}} = 'SELECTED';
     $selected{'SIDE'}{'server'} = '';
     $selected{'SIDE'}{'client'} = '';
     $selected{'SIDE'}{$cgiparams{'SIDE'}} = 'SELECTED';
-       
-#      $selected{'DDEVICE'}{'tun'} = '';
-#    $selected{'DDEVICE'}{'tap'} = '';
-#    $selected{'DDEVICE'}{$cgiparams{'DDEVICE'}} = 'SELECTED';
-
-    $selected{'PROTOCOL'}{'udp'} = '';
-    $selected{'PROTOCOL'}{'tcp'} = '';
-    $selected{'PROTOCOL'}{$cgiparams{'PROTOCOL'}} = 'SELECTED';
+
     $checked{'AUTH'}{'psk'} = '';
     $checked{'AUTH'}{'certreq'} = '';
     $checked{'AUTH'}{'certgen'} = '';
     $checked{'AUTH'}{'certfile'} = '';
     $checked{'AUTH'}{$cgiparams{'AUTH'}} = 'CHECKED';
     $checked{'AUTH'}{'psk'} = '';
     $checked{'AUTH'}{'certreq'} = '';
     $checked{'AUTH'}{'certgen'} = '';
     $checked{'AUTH'}{'certfile'} = '';
     $checked{'AUTH'}{$cgiparams{'AUTH'}} = 'CHECKED';
+
     $selected{'INTERFACE'}{$cgiparams{'INTERFACE'}} = 'SELECTED';
     $selected{'INTERFACE'}{$cgiparams{'INTERFACE'}} = 'SELECTED';
+    
     $checked{'COMPLZO'}{'off'} = '';
     $checked{'COMPLZO'}{'on'} = '';
     $checked{'COMPLZO'}{$cgiparams{'COMPLZO'}} = 'CHECKED';
     $checked{'COMPLZO'}{'off'} = '';
     $checked{'COMPLZO'}{'on'} = '';
     $checked{'COMPLZO'}{$cgiparams{'COMPLZO'}} = 'CHECKED';
-       $selected{'CIPHER'}{'DES-CBC'} = '';
-    $selected{'CIPHER'}{'DES-EDE-CBC'} = '';
-    $selected{'CIPHER'}{'DES-EDE3-CBC'} = '';
-    $selected{'CIPHER'}{'DESX-CBC'} = '';
-    $selected{'CIPHER'}{'RC2-CBC'} = '';
-    $selected{'CIPHER'}{'RC2-40-CBC'} = '';
-    $selected{'CIPHER'}{'RC2-64-CBC'} = '';
-    $selected{'CIPHER'}{'BF-CBC'} = '';
-    $selected{'CIPHER'}{'CAST5-CBC'} = '';    
-    $selected{'CIPHER'}{'AES-128-CBC'} = '';
-    $selected{'CIPHER'}{'AES-192-CBC'} = '';
-    $selected{'CIPHER'}{'AES-256-CBC'} = '';
-    $selected{'CIPHER'}{$cgiparams{'CIPHER'}} = 'SELECTED';
+
 
     if (1) {
        &Header::showhttpheaders();
 
     if (1) {
        &Header::showhttpheaders();
@@ -2329,19 +2289,22 @@ END
            print "&nbsp;</class>";
            &Header::closebox();
        }
            print "&nbsp;</class>";
            &Header::closebox();
        }
+
        if ($warnmessage) {
            &Header::openbox('100%', 'LEFT', "$Lang::tr{'warning messages'}:");
            print "<class name='base'>$warnmessage";
            print "&nbsp;</class>";
            &Header::closebox();
        }
        if ($warnmessage) {
            &Header::openbox('100%', 'LEFT', "$Lang::tr{'warning messages'}:");
            print "<class name='base'>$warnmessage";
            print "&nbsp;</class>";
            &Header::closebox();
        }
+
        print "<form method='post' enctype='multipart/form-data'>";
        print "<input type='hidden' name='TYPE' value='$cgiparams{'TYPE'}' />";
        print "<form method='post' enctype='multipart/form-data'>";
        print "<input type='hidden' name='TYPE' value='$cgiparams{'TYPE'}' />";
-       print "<input type='hidden' name='ZERINA_CLIENT' value='$cgiparams{'ZERINA_CLIENT'}' />";
+
        if ($cgiparams{'KEY'}) {
            print "<input type='hidden' name='KEY' value='$cgiparams{'KEY'}' />";
            print "<input type='hidden' name='AUTH' value='$cgiparams{'AUTH'}' />";
        }
        if ($cgiparams{'KEY'}) {
            print "<input type='hidden' name='KEY' value='$cgiparams{'KEY'}' />";
            print "<input type='hidden' name='AUTH' value='$cgiparams{'AUTH'}' />";
        }
+
        &Header::openbox('100%', 'LEFT', "$Lang::tr{'connection'}:");
        print "<table width='100%'>\n";
        print "<tr><td width='25%' class='boldbase'>$Lang::tr{'name'}:</td>";
        &Header::openbox('100%', 'LEFT', "$Lang::tr{'connection'}:");
        print "<table width='100%'>\n";
        print "<tr><td width='25%' class='boldbase'>$Lang::tr{'name'}:</td>";
@@ -2351,77 +2314,81 @@ END
            } else {
                print "<td width='35%'><input type='text' name='NAME' value='$cgiparams{'NAME'}' maxlength='20' size='30' /></td>";
            }
            } else {
                print "<td width='35%'><input type='text' name='NAME' value='$cgiparams{'NAME'}' maxlength='20' size='30' /></td>";
            }
+#          print "<tr><td>$Lang::tr{'interface'}</td>";
+#          print "<td><select name='INTERFACE'>";
+#          print "<option value='RED' $selected{'INTERFACE'}{'RED'}>RED</option>";
+#          if ($netsettings{'BLUE_DEV'} ne '') {
+#              print "<option value='BLUE' $selected{'INTERFACE'}{'BLUE'}>BLUE</option>";
+#          }
+#          print "<option value='GREEN' $selected{'INTERFACE'}{'GREEN'}>GREEN</option>";
+#          print "<option value='ORANGE' $selected{'INTERFACE'}{'ORANGE'}>ORANGE</option>";
+#          print "</select></td></tr>";
+#          print <<END
        } else {
            print "<input type='hidden' name='INTERFACE' value='red' />";
            if ($cgiparams{'KEY'}) {
        } else {
            print "<input type='hidden' name='INTERFACE' value='red' />";
            if ($cgiparams{'KEY'}) {
-                       print "<td width='25%' class='base' nowrap='nowrap'><input type='hidden' name='NAME' value='$cgiparams{'NAME'}' />$cgiparams{'NAME'}</td>";
+               print "<td width='25%' class='base' nowrap='nowrap'><input type='hidden' name='NAME' value='$cgiparams{'NAME'}' />$cgiparams{'NAME'}</td>";
            } else {
            } else {
-                       print "<td width='25%'><input type='text' name='NAME' value='$cgiparams{'NAME'}' maxlength='20' /></td>";
+               print "<td width='25%'><input type='text' name='NAME' value='$cgiparams{'NAME'}' maxlength='20' /></td>";
            }
            }
-                       print "<!-- net2net config gui -->";
-                       print "<td width='25%'>&nbsp;</td>";
-                   print "<td width='25%'>&nbsp;</td></tr>";
-                       if ((($cgiparams{'ACTION'} eq $Lang::tr{'edit'}) && ($cgiparams{'ZERINA_CLIENT'} eq 'no')) ||
-                          (($cgiparams{'ACTION'} eq $Lang::tr{'save'}) && ($cgiparams{'ZERINA_CLIENT'} eq 'no')) ||
-                          (($cgiparams{'ACTION'} eq $Lang::tr{'add'}) && ($cgiparams{'ZERINA_CLIENT'} eq 'no'))) {
-                               print "<tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'Act as'}</td>";
-                                       print "<td><select name='SIDE'><option value='server' $selected{'SIDE'}{'server'}>OpenVPN Server</option>";
-                                                                                       print "<option value='client' $selected{'SIDE'}{'client'}>OpenVPN Client</option></select></td>";
-                               print "<tr><td class='base' nowrap='nowrap'>$Lang::tr{'local vpn hostname/ip'}:</td>";
-                                       print "<td><input type='text' name='N2NVPN_IP' value='$cgiparams{'N2NVPN_IP'}' size='30' /></td>";                                              
-                               print "<td class='boldbase'>$Lang::tr{'remote host/ip'}:</td>";
-                       } else {
-                               print "<tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'Act as'}</td>";
-                                       print "<td>$cgiparams{'SIDE'}</td><input type='hidden' name='SIDE' value='$cgiparams{'SIDE'}' />";                                                              
-                               print "<td class='boldbase'>$Lang::tr{'remote host/ip'}:</td>";                         
-                       }       
-                               print "<td><input type='TEXT' name='REMOTE' value='$cgiparams{'REMOTE'}' /></td></tr>";
-                               print "<tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'local subnet'}</td>";
-                               print "<td><input type='TEXT' name='LOCAL_SUBNET' value='$cgiparams{'LOCAL_SUBNET'}' /></td>";
-                               print "<td class='boldbase' nowrap='nowrap'>$Lang::tr{'remote subnet'}</td>";
-                               print "<td><input type='text' name='REMOTE_SUBNET' value='$cgiparams{'REMOTE_SUBNET'}' /></td></tr>";
-                               print "<tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'ovpn subnet'}</td>";
-                               print "<td><input type='TEXT' name='OVPN_SUBNET' value='$cgiparams{'OVPN_SUBNET'}' /></td></tr>";
-                               print "<tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'protocol'}</td>";
-                               print "<td><select name='PROTOCOL'><option value='udp' $selected{'PROTOCOL'}{'udp'}>UDP</option>";
-                                                                                       print "<option value='tcp' $selected{'PROTOCOL'}{'tcp'}>TCP</option></select></td>";
-                               print "<td class='boldbase'>$Lang::tr{'destination port'}:</td>";
-                               print "<td><input type='TEXT' name='DEST_PORT' value='$cgiparams{'DEST_PORT'}' size='5' /></td></tr>";
-                               print "<tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'comp-lzo'}</td>";
-                               print "<td><input type='checkbox' name='COMPLZO' $checked{'COMPLZO'}{'on'} /></td>";
-                               print "<td class='boldbase' nowrap='nowrap'>$Lang::tr{'cipher'}</td>";
-                               print "<td><select name='CIPHER'><option value='DES-CBC' $selected{'CIPHER'}{'DES-CBC'}>DES-CBC</option>";
-                               print "<option value='DES-EDE-CBC' $selected{'CIPHER'}{'DES-EDE-CBC'}>DES-EDE-CBC</option>";
-                               print "<option value='DES-EDE3-CBC' $selected{'CIPHER'}{'DES-EDE3-CBC'}>DES-EDE3-CBC</option>";
-                               print "<option value='DESX-CBC' $selected{'CIPHER'}{'DESX-CBC'}>DESX-CBC</option>";
-                               print "<option value='RC2-CBC' $selected{'CIPHER'}{'RC2-CBC'}>RC2-CBC</option>";
-                               print "<option value='RC2-40-CBC' $selected{'CIPHER'}{'RC2-40-CBC'}>RC2-40-CBC</option>";
-                               print "<option value='RC2-64-CBC' $selected{'CIPHER'}{'RC2-64-CBC'}>RC2-64-CBC</option>";
-                               print "<option value='BF-CBC' $selected{'CIPHER'}{'BF-CBC'}>BF-CBC</option>";
-                               print "<option value='CAST5-CBC' $selected{'CIPHER'}{'CAST5-CBC'}>CAST5-CBC</option>";
-                               print "<option value='AES-128-CBC' $selected{'CIPHER'}{'AES-128-CBC'}>AES-128-CBC</option>";
-                               print "<option value='AES-192-CBC' $selected{'CIPHER'}{'AES-192-CBC'}>AES-192-CBC</option>";
-                               print "<option value='AES-256-CBC' $selected{'CIPHER'}{'AES-256-CBC'}>AES-256-CBC</option></select></td>";
-                               print "<tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'MTU'}&nbsp;</td>";
-                               print "<td> <input type='TEXT' name='MTU' VALUE='$cgiparams{'MTU'}'size='5' /></TD>";
+           print <<END
+                   <td width='25%'>&nbsp;</td>
+                   <td width='25%'>&nbsp;</td></tr>
+               <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'Act as'}</td>
+                   <td><select name='SIDE'><option value='server' $selected{'SIDE'}{'server'}>OpenVPN Server</option>
+                                           <option value='client' $selected{'SIDE'}{'client'}>OpenVPN Client</option></select></td>
+                   <td class='boldbase'>$Lang::tr{'remote host/ip'}:</td>
+                   <td><input type='TEXT' name='REMOTE' value='$cgiparams{'REMOTE'}' /></td></tr>
+               <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'local subnet'}</td>
+                   <td><input type='TEXT' name='LOCAL_SUBNET' value='$cgiparams{'LOCAL_SUBNET'}' /></td>
+                   <td class='boldbase' nowrap='nowrap'>$Lang::tr{'remote subnet'}</td>
+                   <td><input type='text' name='REMOTE_SUBNET' value='$cgiparams{'REMOTE_SUBNET'}' /></td></tr>
+ttt
+               <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'ovpn subnet'}</td>
+                   <td><input type='TEXT' name='OVPN_SUBNET' value='$cgiparams{'OVPN_SUBNET'}' /></td></tr>
+               <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'protocol'}</td>
+                   <td><select name='PROTOCOL'><option value='udp' $selected{'PROTOCOL'}{'udp'}>UDP</option>
+                                               <option value='tcp' $selected{'PROTOCOL'}{'tcp'}>TCP</option></select></td>
+                   <td class='boldbase'>$Lang::tr{'destination port'}:</td>
+                   <td><input type='TEXT' name='DEST_PORT' value='$cgiparams{'DEST_PORT'}' size='5' /></td></tr>
+               <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'comp-lzo'}</td>
+                   <td><input type='checkbox' name='COMPLZO' $checked{'COMPLZO'}{'on'} /></td>
+               <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'MTU'}&nbsp;<img src='/blob.gif' /></td>
+                   <td> <input type='TEXT' name='MTU' VALUE='$cgiparams{'MTU'}'size='5' /></TD>
+                                   
+
+END
+           ;
        }
        print "<tr><td class='boldbase'>$Lang::tr{'remark title'}&nbsp;<img src='/blob.gif' /></td>";
        print "<td colspan='3'><input type='text' name='REMARK' value='$cgiparams{'REMARK'}' size='55' maxlength='50' /></td></tr>";
        }
        print "<tr><td class='boldbase'>$Lang::tr{'remark title'}&nbsp;<img src='/blob.gif' /></td>";
        print "<td colspan='3'><input type='text' name='REMARK' value='$cgiparams{'REMARK'}' size='55' maxlength='50' /></td></tr>";
+       
 #      if ($cgiparams{'TYPE'} eq 'net') {
            print "<tr><td>$Lang::tr{'enabled'} <input type='checkbox' name='ENABLED' $checked{'ENABLED'}{'on'} /></td>\n";
        
 #      if ($cgiparams{'TYPE'} eq 'net') {
            print "<tr><td>$Lang::tr{'enabled'} <input type='checkbox' name='ENABLED' $checked{'ENABLED'}{'on'} /></td>\n";
        
-       if ($cgiparams{'TYPE'} eq 'host') {
+#          if ($cgiparams{'KEY'}) {
+#              print "<td colspan='3'>&nbsp;</td></tr></table>";
+#          } else {
+#              print "<td colspan='3'><input type='checkbox' name='EDIT_ADVANCED' $checked{'EDIT_ADVANCED'}{'on'} /> $Lang::tr{'edit advanced settings when done'}</tr></table>";
+#          }
+#      }else{
            print "<td colspan='3'>&nbsp;</td></tr></table>";
            print "<td colspan='3'>&nbsp;</td></tr></table>";
-       } elsif  ($cgiparams{'ACTION'} ne $Lang::tr{'edit'}){
-               print "<td colspan='3'><input type='checkbox' name='EDIT_ADVANCED' $checked{'EDIT_ADVANCED'}{'on'}/> $Lang::tr{'edit advanced settings when done'}</tr></table>";
-    } else {
-               print "<td colspan='3'></tr></table>";
-       }       
+#      }    
+           
        
 
        &Header::closebox();
        
 
        &Header::closebox();
+       
        if ($cgiparams{'KEY'} && $cgiparams{'AUTH'} eq 'psk') {
        if ($cgiparams{'KEY'} && $cgiparams{'AUTH'} eq 'psk') {
-       ;#we dont have psk
+       #    &Header::openbox('100%', 'LEFT', $Lang::tr{'authentication'});
+       #    print <<END
+       #    <table width='100%' cellpadding='0' cellspacing='5' border='0'>
+       #    <tr><td class='base' width='50%'>$Lang::tr{'use a pre-shared key'}</td>
+       #       <td class='base' width='50%'><input type='text' name='PSK' size='30' value='$cgiparams{'PSK'}' /></td></tr>
+       #    </table>
+END
+       #    ;
+       #    &Header::closebox();
        } elsif (! $cgiparams{'KEY'}) {
            my $disabled='';
            my $cakeydisabled='';
        } elsif (! $cgiparams{'KEY'}) {
            my $disabled='';
            my $cakeydisabled='';
@@ -2462,6 +2429,7 @@ END
                <td class='base'>$Lang::tr{'country'}:</td>
                <td class='base'><select name='CERT_COUNTRY' $cakeydisabled>
 END
                <td class='base'>$Lang::tr{'country'}:</td>
                <td class='base'><select name='CERT_COUNTRY' $cakeydisabled>
 END
+
            ;
            foreach my $country (sort keys %{Countries::countries}) {
                print "<option value='$Countries::countries{$country}'";
            ;
            foreach my $country (sort keys %{Countries::countries}) {
                print "<option value='$Countries::countries{$country}'";
@@ -2477,612 +2445,521 @@ END
                <td class='base' nowrap='nowrap'><input type='password' name='CERT_PASS1' value='$cgiparams{'CERT_PASS1'}' size='32' $cakeydisabled /></td></tr>
            <tr><td>&nbsp;</td><td class='base'>$Lang::tr{'pkcs12 file password'}:<BR>($Lang::tr{'confirmation'})</td>
                <td class='base' nowrap='nowrap'><input type='password' name='CERT_PASS2' value='$cgiparams{'CERT_PASS2'}' size='32' $cakeydisabled /></td></tr>
                <td class='base' nowrap='nowrap'><input type='password' name='CERT_PASS1' value='$cgiparams{'CERT_PASS1'}' size='32' $cakeydisabled /></td></tr>
            <tr><td>&nbsp;</td><td class='base'>$Lang::tr{'pkcs12 file password'}:<BR>($Lang::tr{'confirmation'})</td>
                <td class='base' nowrap='nowrap'><input type='password' name='CERT_PASS2' value='$cgiparams{'CERT_PASS2'}' size='32' $cakeydisabled /></td></tr>
-           </table>
-END
-           ;
-           &Header::closebox();
-       }
-       print "<div align='center'><input type='submit' name='ACTION' value='$Lang::tr{'save'}' />";
-       if ($cgiparams{'KEY'}) {
-               if ($cgiparams{'TYPE'} ne 'host') { 
-                       print "<input type='submit' name='ACTION' value='$Lang::tr{'advanced'}' />";
-               }       
-       }
-       print "<input type='submit' name='ACTION' value='$Lang::tr{'cancel'}' /></div></form>";
-       &Header::closebigbox();
-       &Header::closepage();
-       exit (0);
-    }
-    VPNCONF_END:
-}
-###
-### Advanced settings
-###
-if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) ||
-       ($cgiparams{'ACTION'} eq $Lang::tr{'save'} && $cgiparams{'ADVANCED'} eq 'yes')) {
-    &General::readhash("${General::swroot}/ovpn/settings", \%vpnsettings);
-    &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
-       
-    if (! $confighash{$cgiparams{'KEY'}}) {
-               $errormessage = $Lang::tr{'invalid key'};
-               goto ADVANCED_END;
-    }
-       #n2n advanced error
-       if ($cgiparams{'KEEPALIVE_1'} ne '') {
-               if ($cgiparams{'KEEPALIVE_1'} !~ /^[0-9]+$/) { 
-           $errormessage = $Lang::tr{'invalid input for keepalive 1'};
-                       goto ADVANCED_ERROR;
-               }
-    }
-    if ($cgiparams{'KEEPALIVE_2'} ne ''){
-               if ($cgiparams{'KEEPALIVE_2'} !~ /^[0-9]+$/) { 
-           $errormessage = $Lang::tr{'invalid input for keepalive 2'};
-                       goto ADVANCED_ERROR;
-               }
-    }
-    if ($cgiparams{'KEEPALIVE_2'} < ($cgiparams{'KEEPALIVE_1'} * 2)){
-        $errormessage = $Lang::tr{'invalid input for keepalive 1:2'};
-        goto ADVANCED_ERROR;   
-    }
-       if ($cgiparams{'ACTION'} eq $Lang::tr{'save'}) {
-#              if ($cgiparams{'NAT'} !~ /^(on|off)$/) {
-#                      $errormessage = $Lang::tr{'invalid input'};
-#                      goto ADVANCED_ERROR;
-#              }
-       #n2n advanced error
-       #cgi an config
-               $confighash{$cgiparams{'KEY'}}[26] = $cgiparams{'KEEPALIVE_1'};
-               $confighash{$cgiparams{'KEY'}}[27] = $cgiparams{'KEEPALIVE_2'};
-               $confighash{$cgiparams{'KEY'}}[28] = $cgiparams{'EXTENDED_NICE'};
-               $confighash{$cgiparams{'KEY'}}[29] = $cgiparams{'EXTENDED_FASTIO'};
-               $confighash{$cgiparams{'KEY'}}[30] = $cgiparams{'EXTENDED_MTUDISC'};
-               $confighash{$cgiparams{'KEY'}}[31] = $cgiparams{'EXTENDED_MSSFIX'};
-               $confighash{$cgiparams{'KEY'}}[32] = $cgiparams{'EXTENDED_FRAGMENT'};
-               $confighash{$cgiparams{'KEY'}}[33] = $cgiparams{'PROXY_HOST'};
-               $confighash{$cgiparams{'KEY'}}[34] = $cgiparams{'PROXY_PORT'};
-               $confighash{$cgiparams{'KEY'}}[35] = $cgiparams{'PROXY_USERNAME'};
-               $confighash{$cgiparams{'KEY'}}[36] = $cgiparams{'PROXY_PASS'};
-               $confighash{$cgiparams{'KEY'}}[37] = $cgiparams{'PROXY_AUTH_METHOD'};
-               $confighash{$cgiparams{'KEY'}}[38] = $cgiparams{'http-proxy-retry'};
-               $confighash{$cgiparams{'KEY'}}[39] = $cgiparams{'PROXY_TIMEOUT'};
-               $confighash{$cgiparams{'KEY'}}[40] = $cgiparams{'PROXY_OPT_VERSION'};
-               $confighash{$cgiparams{'KEY'}}[41] = $cgiparams{'PROXY_OPT_AGENT'};
-               $confighash{$cgiparams{'KEY'}}[42] = $cgiparams{'LOG_VERB'};
-               &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
-               &Ovpnfunc::writenet2netconf($cgiparams{'KEY'},$zerinaclient);
-       #       restart n2n after advanced save ?
-               goto ADVANCED_END;
-       } else {        
-               $cgiparams{'KEEPALIVE_1'}         =  $confighash{$cgiparams{'KEY'}}[26];
-               $cgiparams{'KEEPALIVE_2'}         =  $confighash{$cgiparams{'KEY'}}[27];
-               $cgiparams{'EXTENDED_NICE'}       =  $confighash{$cgiparams{'KEY'}}[28];
-               $cgiparams{'EXTENDED_FASTIO'}     =  $confighash{$cgiparams{'KEY'}}[29];
-               $cgiparams{'EXTENDED_MTUDISC'}    =  $confighash{$cgiparams{'KEY'}}[30];
-               $cgiparams{'EXTENDED_MSSFIX'}     =  $confighash{$cgiparams{'KEY'}}[31];
-               $cgiparams{'EXTENDED_FRAGMENT'}   =  $confighash{$cgiparams{'KEY'}}[32];
-               $cgiparams{'PROXY_HOST'}          =  $confighash{$cgiparams{'KEY'}}[33];
-               $cgiparams{'PROXY_PORT'}          =  $confighash{$cgiparams{'KEY'}}[34];
-               $cgiparams{'PROXY_USERNAME'}      =  $confighash{$cgiparams{'KEY'}}[35];
-               $cgiparams{'PROXY_PASS'}          =  $confighash{$cgiparams{'KEY'}}[36];
-               $cgiparams{'PROXY_AUTH_METHOD'}   =  $confighash{$cgiparams{'KEY'}}[37];
-               $cgiparams{'http-proxy-retry'}    =  $confighash{$cgiparams{'KEY'}}[38];
-               $cgiparams{'PROXY_TIMEOUT'}       =  $confighash{$cgiparams{'KEY'}}[39];
-               $cgiparams{'PROXY_OPT_VERSION'}   =  $confighash{$cgiparams{'KEY'}}[40];
-               $cgiparams{'PROXY_OPT_AGENT'}     =  $confighash{$cgiparams{'KEY'}}[41];
-               $cgiparams{'LOG_VERB'}            =  $confighash{$cgiparams{'KEY'}}[42];
-               #cgi an config
-       }       
-       ADVANCED_ERROR:
-       #Schalter setzen
-    $selected{'EXTENDED_NICE'}{'-13'} = '';
-    $selected{'EXTENDED_NICE'}{'-10'} = '';
-    $selected{'EXTENDED_NICE'}{'-7'} = '';
-    $selected{'EXTENDED_NICE'}{'-3'} = '';
-    $selected{'EXTENDED_NICE'}{'0'} = '';
-    $selected{'EXTENDED_NICE'}{'3'} = '';
-    $selected{'EXTENDED_NICE'}{'7'} = '';
-    $selected{'EXTENDED_NICE'}{'10'} = '';
-    $selected{'EXTENDED_NICE'}{'13'} = '';
-    $selected{'EXTENDED_NICE'}{$cgiparams{'EXTENDED_NICE'}} = 'SELECTED';
-       $checked{'EXTENDED_FASTIO'}{'off'} = '';
-    $checked{'EXTENDED_FASTIO'}{'on'} = '';
-    $checked{'EXTENDED_FASTIO'}{$cgiparams{'EXTENDED_FASTIO'}} = 'CHECKED';
-    $checked{'EXTENDED_MTUDISC'}{'off'} = '';
-    $checked{'EXTENDED_MTUDISC'}{'on'} = '';
-    $checked{'EXTENDED_MTUDISC'}{$cgiparams{'EXTENDED_MTUDISC'}} = 'CHECKED';
-       $selected{'LOG_VERB'}{'1'} = '';
-    $selected{'LOG_VERB'}{'2'} = '';
-    $selected{'LOG_VERB'}{'3'} = '';
-    $selected{'LOG_VERB'}{'4'} = '';
-    $selected{'LOG_VERB'}{'5'} = '';
-    $selected{'LOG_VERB'}{'6'} = '';
-    $selected{'LOG_VERB'}{'7'} = '';
-    $selected{'LOG_VERB'}{'8'} = '';
-    $selected{'LOG_VERB'}{'9'} = '';
-    $selected{'LOG_VERB'}{'10'} = '';
-    $selected{'LOG_VERB'}{'11'} = '';
-    $selected{'LOG_VERB'}{'0'} = '';
-    $selected{'LOG_VERB'}{$cgiparams{'LOG_VERB'}} = 'SELECTED';
-       $selected{'PROXY_AUTH_METHOD'}{'none'} = '';
-       $selected{'PROXY_AUTH_METHOD'}{'basic'} = '';
-       $selected{'PROXY_AUTH_METHOD'}{'ntlm'} = '';
-       $selected{'PROXY_AUTH_METHOD'}{$cgiparams{'PROXY_AUTH_METHOD'}} = 'SELECTED';
-       $checked{'PROXY_RETRY'}{'off'} = '';
-       $checked{'PROXY_RETRY'}{'on'} = '';
-       $checked{'PROXY_RETRY'}{$cgiparams{'PROXY_RETRY'}} = 'CHECKED';
-       #Schalter setzen
-    &Header::showhttpheaders();
-    &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
-    &Header::openbigbox('100%', 'LEFT', '', $errormessage);
-
-    if ($errormessage) {
-       &Header::openbox('100%', 'LEFT', $Lang::tr{'error messages'});
-       print "<class name='base'>$errormessage";
-       print "&nbsp;</class>";
-       &Header::closebox();
-    }
+           </table>
+END
+           ;
+           &Header::closebox();
+       }
 
 
-    if ($warnmessage) {
-       &Header::openbox('100%', 'LEFT', $Lang::tr{'warning messages'});
-       print "<class name='base'>$warnmessage";
-       print "&nbsp;</class>";
-       &Header::closebox();
+       print "<div align='center'><input type='submit' name='ACTION' value='$Lang::tr{'save'}' />";
+       if ($cgiparams{'KEY'}) {
+#          print "<input type='submit' name='ACTION' value='$Lang::tr{'advanced'}' />";
+       }
+       print "<input type='submit' name='ACTION' value='$Lang::tr{'cancel'}' /></div></form>";
+       &Header::closebigbox();
+       &Header::closepage();
+       exit (0);
     }
     }
-
-    print "<form method='post' enctype='multipart/form-data'>\n";
-    print "<input type='hidden' name='ADVANCED' value='yes' />\n";
-    print "<input type='hidden' name='KEY' value='$cgiparams{'KEY'}' />\n";
-
-    &Header::openbox('100%', 'LEFT', "$Lang::tr{'advanced'}:");    
-    print <<EOF
-    <form method='post' enctype='multipart/form-data'>
-    <table width='100%'>
-    <tr>
-       <td class'base'><b>$Lang::tr{'misc-options'}</b></td>
-    </tr>
-    <tr>
-       <td width='25%'></td> <td width='20%'> </td><td width='25%'> </td><td width='30%'></td>
-    </tr>
-    <td class='base'>Keppalive (ping/ping-restart)</td>        
-       <td><input type='TEXT' name='KEEPALIVE_1' value='$cgiparams{'KEEPALIVE_1'}' size='30' /></td>
-       <td><input type='TEXT' name='KEEPALIVE_2' value='$cgiparams{'KEEPALIVE_2'}' size='30' /></td>
-    </tr>      
-    </tr>
-    <tr>
-      <td class='base'>$Lang::tr{'ovpn_processprio'}</td>        
-      <td>
-        <select name='EXTENDED_NICE' disabled='disabled'>
-                                 <option value='-13' $selected{'EXTENDED_NICE'}{'-13'}>$Lang::tr{'ovpn_processprioEH'}</option>
-                                 <option value='-10' $selected{'EXTENDED_NICE'}{'-10'}>$Lang::tr{'ovpn_processprioVH'}</option>
-                                 <option value='-7'  $selected{'EXTENDED_NICE'}{'-7'}>$Lang::tr{'ovpn_processprioH'}</option>
-                                 <option value='-3'  $selected{'EXTENDED_NICE'}{'-3'}>$Lang::tr{'ovpn_processprioEN'}</option>
-                                 <option value='0'  $selected{'EXTENDED_NICE'}{'0'}>$Lang::tr{'ovpn_processprioN'}</option>
-                                 <option value='3'  $selected{'EXTENDED_NICE'}{'3'}>$Lang::tr{'ovpn_processprioLN'}</option>
-                                 <option value='7'  $selected{'EXTENDED_NICE'}{'7'}>$Lang::tr{'ovpn_processprioD'}</option>
-                                 <option value='10' $selected{'EXTENDED_NICE'}{'10'}>$Lang::tr{'ovpn_processprioVD'}</option>
-                                 <option value='13' $selected{'EXTENDED_NICE'}{'13'}>$Lang::tr{'ovpn_processprioED'}</option>
-                               </select>
-                 </td>
-               </tr>
-    <tr>
-      <td class='base'>$Lang::tr{'ovpn_fastio'}</td>        
-      <td>
-        <input type='checkbox' name='EXTENDED_FASTIO' $checked{'EXTENDED_FASTIO'}{'on'} disabled='disabled'/>
-                 </td>
-               </tr>
-    <tr>
-      <td class='base'>$Lang::tr{'ovpn_mtudisc'}</td>        
-      <td>
-        <input type='checkbox' name='EXTENDED_MTUDISC' $checked{'EXTENDED_MTUDISC'}{'on'} disabled='disabled'/>
-                 </td>
-               </tr>  
-    <tr>
-      <td class='base'>$Lang::tr{'ovpn_mssfix'}</td>        
-      <td>
-        <input type='TEXT' name='EXTENDED_MSSFIX' value='$cgiparams{'EXTENDED_MSSFIX'}' size='30' disabled='disabled'/>
-                 </td>
-               </tr>  
-    <tr>
-      <td class='base'>$Lang::tr{'ovpn_fragment'}</td>        
-      <td>
-        <input type='TEXT' name='EXTENDED_FRAGMENT' value='$cgiparams{'EXTENDED_FRAGMENT'}' size='30' disabled='disabled'/>
-                 </td>
-               </tr>    
-</table>
-<hr size='1'>
-    <table width='100%'>
-    <tr>
-       <td class'base'><b>$Lang::tr{'proxy'} $Lang::tr{'settings'}</b></td>
-    </tr>
-    <tr>
-       <td width='25%'></td> <td width='25%'> </td><td width='25%'> </td><td width='25%'></td>
-    </tr>
-    <td class='base'>$Lang::tr{'proxy'} $Lang::tr{'host'}:</td>        
-       <td><input type='TEXT' name='PROXY_HOST' value='$cgiparams{'PROXY_HOST'}' size='30' disabled='disabled'/></td>
-       <td class='base'>$Lang::tr{'proxy port'}:</td>
-       <td><input type='TEXT' name='PROXY_PORT' value='$cgiparams{'PROXY_PORT'}' size='10' disabled='disabled'/></td>
-       </tr>
-       <tr>
-       <td class='base'>$Lang::tr{'username'}</td>     
-    <td><input type='TEXT' name='PROXY_USERNAME' value='$cgiparams{'PROXY_USERNAME'}' size='30' disabled='disabled' /></td>
-       <td class='base'>$Lang::tr{'password'}</td>
-       <td><input type='TEXT' name='PROXY_PASS' value='$cgiparams{'PROXY_PASS'}' size='10' disabled='disabled'/></td>
-       </tr>
-       <tr>
-       <td class='base'>$Lang::tr{'authentication'} $Lang::tr{'method'}</td>
-               <td>    
-           <select name='PROXY_AUTH_METHOD' disabled='disabled'>
-                                 <option value='none' $selected{'PROXY_AUTH_METHOD'}{'none'}>none</option>
-                                 <option value='basic' $selected{'PROXY_AUTH_METHOD'}{'basic'}>basic</option>
-                                 <option value='ntlm' $selected{'PROXY_AUTH_METHOD'}{'ntlm'}>ntlm</option>                               
-                               </select>       
-               </td>                                   
-       </tr>
-       <tr>
-               <td class='base'>http-proxy-retry</td>  
-               <td><input type='checkbox' name='PROXY_RETRY' $checked{'PROXY_RETRY'}{'on'} disabled='disabled' /></td>
-               <td class='base'>http-proxy-timeout</td>
-               <td><input type='TEXT' name='PROXY_TIMEOUT' value='$cgiparams{'PROXY_TIMEOUT'}' size='10' disabled='disabled'/></td>
-       </tr>
-       <td class='base'>http-proxy-option VERSION</td>
-    <td><input type='TEXT' name='PROXY_OPT_VERSION' value='$cgiparams{'PROXY_OPT_VERSION'}' size='30' disabled='disabled'/></td>
-       <td class='base'>http-proxy-option AGENT</td>
-       <td><input type='TEXT' name='PROXY_OPT_AGENT' value='$cgiparams{'PROXY_OPT_AGENT'}' size='10' disabled='disabled'/></td>
-       </tr>
-</table>
-<hr size='1'>
-    <table width='100%'>
-    <tr>
-       <td class'base'><b>$Lang::tr{'log-options'}</b></td>
-    </tr>
-    <tr>
-       <td width='25%'></td> <td width='20%'> </td><td width='25%'> </td><td width='30%'></td>
-    </tr>      
-    <tr><td class='base'>VERB</td>        
-        <td><select name='LOG_VERB'><option value='1'  $selected{'LOG_VERB'}{'1'}>1</option>
-                                   <option value='2'  $selected{'LOG_VERB'}{'2'}>2</option>
-                                   <option value='3'  $selected{'LOG_VERB'}{'3'}>3</option>
-                                   <option value='4'  $selected{'LOG_VERB'}{'4'}>4</option>
-                                   <option value='5'  $selected{'LOG_VERB'}{'5'}>5</option>
-                                   <option value='6'  $selected{'LOG_VERB'}{'6'}>6</option>                                                                
-                                   <option value='7'  $selected{'LOG_VERB'}{'7'}>7</option>
-                                   <option value='8'  $selected{'LOG_VERB'}{'8'}>8</option>
-                                   <option value='9'  $selected{'LOG_VERB'}{'9'}>9</option>
-                                   <option value='10' $selected{'LOG_VERB'}{'10'}>10</option>
-                                   <option value='11' $selected{'LOG_VERB'}{'11'}>11</option>
-                                   <option value='0'  $selected{'LOG_VERB'}{'0'}>0</option></select></td>
-    </tr>      
-</table>
-</form>
-EOF
-    ;
-    &Header::closebox();
-    print "<div align='center'><input type='submit' name='ACTION' value='$Lang::tr{'save'}' />";
-    print "<input type='submit' name='ACTION' value='$Lang::tr{'cancel'}' /></div></form>";
-    &Header::closebigbox();
-    &Header::closepage();
-    exit(0);
-
-    ADVANCED_END:
+    VPNCONF_END:
 }
 }
+
+#    SETTINGS_ERROR:
 ###
 ### Default status page
 ###
 ###
 ### Default status page
 ###
-%cgiparams = ();
-%cahash = ();
-%confighash = ();
-&General::readhash("${General::swroot}/ovpn/settings", \%cgiparams);
-&General::readhasharray("${General::swroot}/ovpn/caconfig", \%cahash);
-&General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
-my @status = `/bin/cat /var/log/ovpnserver.log`;
-if ($cgiparams{'VPN_IP'} eq '' && -e "${General::swroot}/red/active") {
+    %cgiparams = ();
+    %cahash = ();
+    %confighash = ();
+    &General::readhash("${General::swroot}/ovpn/settings", \%cgiparams);
+    &General::readhasharray("${General::swroot}/ovpn/caconfig", \%cahash);
+    &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
+
+    my @status = `/bin/cat /var/ipfire/ovpn/server.log`;
+
+    if ($cgiparams{'VPN_IP'} eq '' && -e "${General::swroot}/red/active") {
        if (open(IPADDR, "${General::swroot}/red/local-ipaddress")) {
            my $ipaddr = <IPADDR>;
            close IPADDR;
            chomp ($ipaddr);
            $cgiparams{'VPN_IP'} = (gethostbyaddr(pack("C4", split(/\./, $ipaddr)), 2))[0];
            if ($cgiparams{'VPN_IP'} eq '') {
        if (open(IPADDR, "${General::swroot}/red/local-ipaddress")) {
            my $ipaddr = <IPADDR>;
            close IPADDR;
            chomp ($ipaddr);
            $cgiparams{'VPN_IP'} = (gethostbyaddr(pack("C4", split(/\./, $ipaddr)), 2))[0];
            if ($cgiparams{'VPN_IP'} eq '') {
-                       $cgiparams{'VPN_IP'} = $ipaddr;
+               $cgiparams{'VPN_IP'} = $ipaddr;
            }
        }
            }
        }
-}
+    }
+    
 #default setzen
 #default setzen
-if ($cgiparams{'DCIPHER'} eq '') {
+    if ($cgiparams{'DCIPHER'} eq '') {
        $cgiparams{'DCIPHER'} =  'BF-CBC';     
        $cgiparams{'DCIPHER'} =  'BF-CBC';     
-}
+    }
 #    if ($cgiparams{'DCOMPLZO'} eq '') {
 #      $cgiparams{'DCOMPLZO'} =  'on';     
 #    }
 #    if ($cgiparams{'DCOMPLZO'} eq '') {
 #      $cgiparams{'DCOMPLZO'} =  'on';     
 #    }
-if ($cgiparams{'DDEST_PORT'} eq '') {
+    if ($cgiparams{'DDEST_PORT'} eq '') {
        $cgiparams{'DDEST_PORT'} =  '1194';     
        $cgiparams{'DDEST_PORT'} =  '1194';     
-}
-if ($cgiparams{'DMTU'} eq '') {
+    }
+    if ($cgiparams{'DMTU'} eq '') {
        $cgiparams{'DMTU'} =  '1400';     
        $cgiparams{'DMTU'} =  '1400';     
-}
-if ($cgiparams{'DOVPN_SUBNET'} eq '') {
+    }
+    if ($cgiparams{'DOVPN_SUBNET'} eq '') {
        $cgiparams{'DOVPN_SUBNET'} = '10.' . int(rand(256)) . '.' . int(rand(256)) . '.0/255.255.255.0';
        $cgiparams{'DOVPN_SUBNET'} = '10.' . int(rand(256)) . '.' . int(rand(256)) . '.0/255.255.255.0';
-}
-$checked{'ENABLED'}{'off'} = '';
-$checked{'ENABLED'}{'on'} = '';
-$checked{'ENABLED'}{$cgiparams{'ENABLED'}} = 'CHECKED';
-$checked{'ENABLED_BLUE'}{'off'} = '';
-$checked{'ENABLED_BLUE'}{'on'} = '';
-$checked{'ENABLED_BLUE'}{$cgiparams{'ENABLED_BLUE'}} = 'CHECKED';
-$checked{'ENABLED_ORANGE'}{'off'} = '';
-$checked{'ENABLED_ORANGE'}{'on'} = '';
-$checked{'ENABLED_ORANGE'}{$cgiparams{'ENABLED_ORANGE'}} = 'CHECKED';
+    }
+
+    $checked{'ENABLED'}{'off'} = '';
+    $checked{'ENABLED'}{'on'} = '';
+    $checked{'ENABLED'}{$cgiparams{'ENABLED'}} = 'CHECKED';
+    $checked{'ENABLED_BLUE'}{'off'} = '';
+    $checked{'ENABLED_BLUE'}{'on'} = '';
+    $checked{'ENABLED_BLUE'}{$cgiparams{'ENABLED_BLUE'}} = 'CHECKED';
+    $checked{'ENABLED_ORANGE'}{'off'} = '';
+    $checked{'ENABLED_ORANGE'}{'on'} = '';
+    $checked{'ENABLED_ORANGE'}{$cgiparams{'ENABLED_ORANGE'}} = 'CHECKED';
+    
+
 #new settings
 #new settings
-$selected{'DDEVICE'}{'tun'} = '';
-$selected{'DDEVICE'}{'tap'} = '';
-$selected{'DDEVICE'}{$cgiparams{'DDEVICE'}} = 'SELECTED';
-$selected{'DPROTOCOL'}{'udp'} = '';
-$selected{'DPROTOCOL'}{'tcp'} = '';
-$selected{'DPROTOCOL'}{$cgiparams{'DPROTOCOL'}} = 'SELECTED';
-$selected{'DCIPHER'}{'DES-CBC'} = '';
-$selected{'DCIPHER'}{'DES-EDE-CBC'} = '';
-$selected{'DCIPHER'}{'DES-EDE3-CBC'} = '';
-$selected{'DCIPHER'}{'DESX-CBC'} = '';
-$selected{'DCIPHER'}{'RC2-CBC'} = '';
-$selected{'DCIPHER'}{'RC2-40-CBC'} = '';
-$selected{'DCIPHER'}{'RC2-64-CBC'} = '';
-$selected{'DCIPHER'}{'BF-CBC'} = '';
-$selected{'DCIPHER'}{'CAST5-CBC'} = '';    
-$selected{'DCIPHER'}{'AES-128-CBC'} = '';
-$selected{'DCIPHER'}{'AES-192-CBC'} = '';
-$selected{'DCIPHER'}{'AES-256-CBC'} = '';
-$selected{'DCIPHER'}{$cgiparams{'DCIPHER'}} = 'SELECTED';
-$checked{'DCOMPLZO'}{'off'} = '';
-$checked{'DCOMPLZO'}{'on'} = '';
-$checked{'DCOMPLZO'}{$cgiparams{'DCOMPLZO'}} = 'CHECKED';
+    $selected{'DDEVICE'}{'tun'} = '';
+    $selected{'DDEVICE'}{'tap'} = '';
+    $selected{'DDEVICE'}{$cgiparams{'DDEVICE'}} = 'SELECTED';
+
+    $selected{'DPROTOCOL'}{'udp'} = '';
+    $selected{'DPROTOCOL'}{'tcp'} = '';
+    $selected{'DPROTOCOL'}{$cgiparams{'DPROTOCOL'}} = 'SELECTED';
+    
+    $selected{'DCIPHER'}{'DES-CBC'} = '';
+    $selected{'DCIPHER'}{'DES-EDE-CBC'} = '';
+    $selected{'DCIPHER'}{'DES-EDE3-CBC'} = '';
+    $selected{'DCIPHER'}{'DESX-CBC'} = '';
+    $selected{'DCIPHER'}{'RC2-CBC'} = '';
+    $selected{'DCIPHER'}{'RC2-40-CBC'} = '';
+    $selected{'DCIPHER'}{'RC2-64-CBC'} = '';
+    $selected{'DCIPHER'}{'BF-CBC'} = '';
+    $selected{'DCIPHER'}{'CAST5-CBC'} = '';    
+    $selected{'DCIPHER'}{'AES-128-CBC'} = '';
+    $selected{'DCIPHER'}{'AES-192-CBC'} = '';
+    $selected{'DCIPHER'}{'AES-256-CBC'} = '';
+    $selected{'DCIPHER'}{$cgiparams{'DCIPHER'}} = 'SELECTED';
+    $checked{'DCOMPLZO'}{'off'} = '';
+    $checked{'DCOMPLZO'}{'on'} = '';
+    $checked{'DCOMPLZO'}{$cgiparams{'DCOMPLZO'}} = 'CHECKED';
 
 #new settings
 
 #new settings
-&Header::showhttpheaders();
-&Header::openpage($Lang::tr{'status ovpn'}, 1, '');
-&Header::openbigbox('100%', 'LEFT', '', $errormessage);
+    &Header::showhttpheaders();
+    &Header::openpage($Lang::tr{'status ovpn'}, 1, '');
+    &Header::openbigbox('100%', 'LEFT', '', $errormessage);
 
 
-if ($errormessage) {
+    if ($errormessage) {
        &Header::openbox('100%', 'LEFT', $Lang::tr{'error messages'});
        print "<class name='base'>$errormessage\n";
        print "&nbsp;</class>\n";
        &Header::closebox();
        &Header::openbox('100%', 'LEFT', $Lang::tr{'error messages'});
        print "<class name='base'>$errormessage\n";
        print "&nbsp;</class>\n";
        &Header::closebox();
-}
+    }
 
 
-my $sactive = "<table cellpadding='2' cellspacing='0' bgcolor='${Header::colourred}' width='50%'><tr><td align='center'><b><font color='#FFFFFF'>$Lang::tr{'stopped'}</font></b></td></tr></table>";
-my $srunning = "no";
-my $activeonrun = "";
-if ( -e "/var/run/openvpn.pid"){
+    my $sactive = "<table cellpadding='2' cellspacing='0' bgcolor='${Header::colourred}' width='50%'><tr><td align='center'><b><font color='#FFFFFF'>$Lang::tr{'stopped'}</font></b></td></tr></table>";
+    my $srunning = "no";
+    my $activeonrun = "";
+    if ( -e "/var/run/openvpn.pid"){
        $sactive = "<table cellpadding='2' cellspacing='0' bgcolor='${Header::colourgreen}' width='50%'><tr><td align='center'><b><font color='#FFFFFF'>$Lang::tr{'running'}</font></b></td></tr></table>";
        $srunning ="yes";
        $activeonrun = "";
        $sactive = "<table cellpadding='2' cellspacing='0' bgcolor='${Header::colourgreen}' width='50%'><tr><td align='center'><b><font color='#FFFFFF'>$Lang::tr{'running'}</font></b></td></tr></table>";
        $srunning ="yes";
        $activeonrun = "";
-} else {
+    } else {
        $activeonrun = "disabled='disabled'";
        $activeonrun = "disabled='disabled'";
-}      
-#ufuk
-#CERT
-&Header::openbox('100%', 'LEFT', "$Lang::tr{'certificate authorities'}:");
-print "<div align='center'><strong>ZERINA-0.9.7a9</strong></div>";     
-print "&nbsp";
-print <<EOF
-<table width='100%' border='0' cellspacing='1' cellpadding='0'>
-<tr>
-    <td width='25%' class='boldbase' align='center'><b>$Lang::tr{'name'}</b></td>
+    }  
+    &Header::openbox('100%', 'LEFT', $Lang::tr{'global settings'});
+       print "<div align='center'><strong>ZERINA-0.9.4i</strong></div>";       
+    print <<END        
+    <table width='100%'>
+    <form method='post'>
+    <td width='25%'>&nbsp;</td>
+    <td width='25%'>&nbsp;</td>
+    <td width='25%'>&nbsp;</td></tr>
+    <tr><td class='boldbase'>$Lang::tr{'ovpn server status'}</td>
+    <td align='left'>$sactive</td>
+    <tr><td class='boldbase'>$Lang::tr{'ovpn on red'}</td>
+        <td><input type='checkbox' name='ENABLED' $checked{'ENABLED'}{'on'} /></td>
+END
+;
+    if (&haveBlueNet()) {
+       print "<tr><td class='boldbase'>$Lang::tr{'ovpn on blue'}</td>";
+       print "<td><input type='checkbox' name='ENABLED_BLUE' $checked{'ENABLED_BLUE'}{'on'} /></td>";
+    }
+    if (&haveOrangeNet()) {    
+       print "<tr><td class='boldbase'>$Lang::tr{'ovpn on orange'}</td>";
+       print "<td><input type='checkbox' name='ENABLED_ORANGE' $checked{'ENABLED_ORANGE'}{'on'} /></td>";
+    }  
+    print <<END        
+    <tr><td class='base' nowrap='nowrap'>$Lang::tr{'local vpn hostname/ip'}:</td>
+        <td><input type='text' name='VPN_IP' value='$cgiparams{'VPN_IP'}' size='30' /></td>
+       <td class='boldbase' nowrap='nowrap'>$Lang::tr{'ovpn subnet'}</td>
+       <td><input type='TEXT' name='DOVPN_SUBNET' value='$cgiparams{'DOVPN_SUBNET'}' size='30' /></td></tr>
+    <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'ovpn device'}</td>
+        <td><select name='DDEVICE' ><option value='tun' $selected{'DDEVICE'}{'tun'}>TUN</option>
+                                           <option value='tap' $selected{'DDEVICE'}{'tap'}>TAP</option></select></td>                              
+    <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'protocol'}</td>
+        <td><select name='DPROTOCOL'><option value='udp' $selected{'DPROTOCOL'}{'udp'}>UDP</option>
+                                           <option value='tcp' $selected{'DPROTOCOL'}{'tcp'}>TCP</option></select></td>                                    
+        <td class='boldbase'>$Lang::tr{'destination port'}:</td>
+        <td><input type='TEXT' name='DDEST_PORT' value='$cgiparams{'DDEST_PORT'}' size='5' /></td></tr>
+    <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'MTU'}&nbsp;</td>
+        <td> <input type='TEXT' name='DMTU' VALUE='$cgiparams{'DMTU'}'size='5' /></TD>
+    <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'comp-lzo'}</td>
+        <td><input type='checkbox' name='DCOMPLZO' $checked{'DCOMPLZO'}{'on'} /></td>
+        <td class='boldbase' nowrap='nowrap'>$Lang::tr{'cipher'}</td>
+        <td><select name='DCIPHER'><option value='DES-CBC' $selected{'DCIPHER'}{'DES-CBC'}>DES-CBC</option>
+                                  <option value='DES-EDE-CBC' $selected{'DCIPHER'}{'DES-EDE-CBC'}>DES-EDE-CBC</option>
+                                  <option value='DES-EDE3-CBC' $selected{'DCIPHER'}{'DES-EDE3-CBC'}>DES-EDE3-CBC</option>
+                                  <option value='DESX-CBC' $selected{'DCIPHER'}{'DESX-CBC'}>DESX-CBC</option>
+                                  <option value='RC2-CBC' $selected{'DCIPHER'}{'RC2-CBC'}>RC2-CBC</option>                                                                 
+                                  <option value='RC2-40-CBC' $selected{'DCIPHER'}{'RC2-40-CBC'}>RC2-40-CBC</option>
+                                  <option value='RC2-64-CBC' $selected{'DCIPHER'}{'RC2-64-CBC'}>RC2-64-CBC</option>
+                                  <option value='BF-CBC' $selected{'DCIPHER'}{'BF-CBC'}>BF-CBC</option>
+                                  <option value='CAST5-CBC' $selected{'DCIPHER'}{'CAST5-CBC'}>CAST5-CBC</option>
+                                  <option value='AES-128-CBC' $selected{'DCIPHER'}{'AES-128-CBC'}>AES-128-CBC</option>
+                                  <option value='AES-192-CBC' $selected{'DCIPHER'}{'AES-192-CBC'}>AES-192-CBC</option>
+                                  <option value='AES-256-CBC' $selected{'DCIPHER'}{'AES-256-CBC'}>AES-256-CBC</option></select></td>
+END
+;                                 
+    
+    if ( $srunning eq "yes" ) {
+       print "<tr><td align='left'><input type='submit' name='ACTION' value='$Lang::tr{'save'}' disabled='disabled' /></td>";
+       print "<td><input type='submit' name='ACTION' value='$Lang::tr{'advanced server'}' disabled='disabled'/></td>"; 
+       print "<td><input type='submit' name='ACTION' value='$Lang::tr{'stop ovpn server'}' /></td>";
+       print "<td><input type='submit' name='ACTION' value='$Lang::tr{'restart ovpn server'}' /></td></tr>";   
+    } else{
+       print "<tr><td align='left'><input type='submit' name='ACTION' value='$Lang::tr{'save'}' /></td>";
+       print "<td><input type='submit' name='ACTION' value='$Lang::tr{'advanced server'}' /></td>";
+       if (( -e "${General::swroot}/ovpn/ca/cacert.pem" &&
+            -e "${General::swroot}/ovpn/ca/dh1024.pem" &&
+            -e "${General::swroot}/ovpn/certs/servercert.pem" &&
+            -e "${General::swroot}/ovpn/certs/serverkey.pem") &&
+           (( $cgiparams{'ENABLED'} eq 'on') || 
+           ( $cgiparams{'ENABLED_BLUE'} eq 'on') ||
+           ( $cgiparams{'ENABLED_ORANGE'} eq 'on'))){
+           print "<td><input type='submit' name='ACTION' value='$Lang::tr{'start ovpn server'}' /></td>";
+           print "<td><input type='submit' name='ACTION' value='$Lang::tr{'restart ovpn server'}' /></td></tr>";       
+       } else {
+           print "<td><input type='submit' name='ACTION' value='$Lang::tr{'start ovpn server'}' disabled='disabled' /></td>";    
+           print "<td><input type='submit' name='ACTION' value='$Lang::tr{'restart ovpn server'}' disabled='disabled' /></td></tr>";               
+       }    
+    }
+    print "</form></table>";
+    &Header::closebox();
+    &Header::openbox('100%', 'LEFT', "$Lang::tr{'certificate authorities'}:");
+    print <<EOF#'
+    <table width='100%' border='0' cellspacing='1' cellpadding='0'>
+    <tr>
+       <td width='25%' class='boldbase' align='center'><b>$Lang::tr{'name'}</b></td>
        <td width='65%' class='boldbase' align='center'><b>$Lang::tr{'subject'}</b></td>
        <td width='10%' class='boldbase' colspan='3' align='center'><b>$Lang::tr{'action'}</b></td>
        <td width='65%' class='boldbase' align='center'><b>$Lang::tr{'subject'}</b></td>
        <td width='10%' class='boldbase' colspan='3' align='center'><b>$Lang::tr{'action'}</b></td>
-</tr>
+    </tr>
 EOF
     ;
 EOF
     ;
-if (-f "${General::swroot}/ovpn/ca/cacert.pem") {
+    if (-f "${General::swroot}/ovpn/ca/cacert.pem") {
        my $casubject = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/ca/cacert.pem`;
        $casubject    =~ /Subject: (.*)[\n]/;
        $casubject    = $1;
        $casubject    =~ s+/Email+, E+;
        $casubject    =~ s/ ST=/ S=/;
        my $casubject = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/ca/cacert.pem`;
        $casubject    =~ /Subject: (.*)[\n]/;
        $casubject    = $1;
        $casubject    =~ s+/Email+, E+;
        $casubject    =~ s/ ST=/ S=/;
+
        print <<END
        print <<END
-       <tr bgcolor='$color{'color22'}'>
-           <td class='base'>$Lang::tr{'root certificate'}</td>
-               <td class='base'>$casubject</td>
-               <form method='post' name='frmrootcrta'><td width='3%' align='center'>
-                       <input type='hidden' name='ACTION' value='$Lang::tr{'show root certificate'}' />
-                       <input type='image' name='$Lang::tr{'edit'}' src='/images/info.gif' alt='$Lang::tr{'show root certificate'}' title='$Lang::tr{'show root certificate'}' width='20' height='20' border='0' />
-               </td></form>
-               <form method='post' name='frmrootcrtb'><td width='3%' align='center'>
+       <tr bgcolor='${Header::table2colour}'>
+       <td class='base'>$Lang::tr{'root certificate'}</td>
+       <td class='base'>$casubject</td>
+       <form method='post' name='frmrootcrta'><td width='3%' align='center'>
+           <input type='hidden' name='ACTION' value='$Lang::tr{'show root certificate'}' />
+           <input type='image' name='$Lang::tr{'edit'}' src='/images/info.gif' alt='$Lang::tr{'show root certificate'}' title='$Lang::tr{'show root certificate'}' width='20' height='20' border='0' />
+       </td></form>
+       <form method='post' name='frmrootcrtb'><td width='3%' align='center'>
            <input type='image' name='$Lang::tr{'download root certificate'}' src='/images/floppy.gif' alt='$Lang::tr{'download root certificate'}' title='$Lang::tr{'download root certificate'}' border='0' />
            <input type='hidden' name='ACTION' value='$Lang::tr{'download root certificate'}' />
            <input type='image' name='$Lang::tr{'download root certificate'}' src='/images/floppy.gif' alt='$Lang::tr{'download root certificate'}' title='$Lang::tr{'download root certificate'}' border='0' />
            <input type='hidden' name='ACTION' value='$Lang::tr{'download root certificate'}' />
-               </td></form>
-               <td width='4%'>&nbsp;</td></tr>
+       </td></form>
+       <td width='4%'>&nbsp;</td></tr>
 END
        ;
 END
        ;
-} else {
+    } else {
        # display rootcert generation buttons
        print <<END
        # display rootcert generation buttons
        print <<END
-       <tr bgcolor='$color{'color22'}'>
+       <tr bgcolor='${Header::table2colour}'>
        <td class='base'>$Lang::tr{'root certificate'}:</td>
        <td class='base'>$Lang::tr{'not present'}</td>
        <td colspan='3'>&nbsp;</td></tr>
 END
        ;
        <td class='base'>$Lang::tr{'root certificate'}:</td>
        <td class='base'>$Lang::tr{'not present'}</td>
        <td colspan='3'>&nbsp;</td></tr>
 END
        ;
-}
+    }
 
 
-if (-f "${General::swroot}/ovpn/certs/servercert.pem") {
+    if (-f "${General::swroot}/ovpn/certs/servercert.pem") {
        my $hostsubject = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/certs/servercert.pem`;
        $hostsubject    =~ /Subject: (.*)[\n]/;
        $hostsubject    = $1;
        $hostsubject    =~ s+/Email+, E+;
        $hostsubject    =~ s/ ST=/ S=/;
        my $hostsubject = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/certs/servercert.pem`;
        $hostsubject    =~ /Subject: (.*)[\n]/;
        $hostsubject    = $1;
        $hostsubject    =~ s+/Email+, E+;
        $hostsubject    =~ s/ ST=/ S=/;
+
        print <<END
        print <<END
-       <tr bgcolor='$color{'color20'}'>
+       <tr bgcolor='${Header::table1colour}'>
        <td class='base'>$Lang::tr{'host certificate'}</td>
        <td class='base'>$hostsubject</td>
        <form method='post' name='frmhostcrta'><td width='3%' align='center'>
        <td class='base'>$Lang::tr{'host certificate'}</td>
        <td class='base'>$hostsubject</td>
        <form method='post' name='frmhostcrta'><td width='3%' align='center'>
-               <input type='hidden' name='ACTION' value='$Lang::tr{'show host certificate'}' />
-               <input type='image' name='$Lang::tr{'show host certificate'}' src='/images/info.gif' alt='$Lang::tr{'show host certificate'}' title='$Lang::tr{'show host certificate'}' width='20' height='20' border='0' />
+           <input type='hidden' name='ACTION' value='$Lang::tr{'show host certificate'}' />
+           <input type='image' name='$Lang::tr{'show host certificate'}' src='/images/info.gif' alt='$Lang::tr{'show host certificate'}' title='$Lang::tr{'show host certificate'}' width='20' height='20' border='0' />
        </td></form>
        <form method='post' name='frmhostcrtb'><td width='3%' align='center'>
        </td></form>
        <form method='post' name='frmhostcrtb'><td width='3%' align='center'>
-               <input type='image' name='$Lang::tr{'download host certificate'}' src='/images/floppy.gif' alt='$Lang::tr{'download host certificate'}' title='$Lang::tr{'download host certificate'}' border='0' />
-               <input type='hidden' name='ACTION' value='$Lang::tr{'download host certificate'}' />
+           <input type='image' name='$Lang::tr{'download host certificate'}' src='/images/floppy.gif' alt='$Lang::tr{'download host certificate'}' title='$Lang::tr{'download host certificate'}' border='0' />
+           <input type='hidden' name='ACTION' value='$Lang::tr{'download host certificate'}' />
        </td></form>
        <td width='4%'>&nbsp;</td></tr>
 END
        ;
        </td></form>
        <td width='4%'>&nbsp;</td></tr>
 END
        ;
-} else {
+    } else {
        # Nothing
        print <<END
        # Nothing
        print <<END
-       <tr bgcolor='$color{'color20'}'>
+       <tr bgcolor='${Header::table1colour}'>
        <td width='25%' class='base'>$Lang::tr{'host certificate'}:</td>
        <td class='base'>$Lang::tr{'not present'}</td>
        </td><td colspan='3'>&nbsp;</td></tr>
 END
        ;
        <td width='25%' class='base'>$Lang::tr{'host certificate'}:</td>
        <td class='base'>$Lang::tr{'not present'}</td>
        </td><td colspan='3'>&nbsp;</td></tr>
 END
        ;
-}
+    }
 
 
-if (! -f "${General::swroot}/ovpn/ca/cacert.pem") {
-       print "<tr><td colspan='5' align='center'><form method='post'>";
+    if (! -f "${General::swroot}/ovpn/ca/cacert.pem") {
+        print "<tr><td colspan='5' align='center'><form method='post'>";
        print "<input type='submit' name='ACTION' value='$Lang::tr{'generate root/host certificates'}' />";
        print "<input type='submit' name='ACTION' value='$Lang::tr{'generate root/host certificates'}' />";
-    print "</form></td></tr>\n";
-}
+        print "</form></td></tr>\n";
+    }
 
 
-if (keys %cahash > 0) {
+    if (keys %cahash > 0) {
        foreach my $key (keys %cahash) {
        foreach my $key (keys %cahash) {
-               if (($key + 1) % 2) {
-                       print "<tr bgcolor='$color{'color20'}'>\n";
-               } else {
-                       print "<tr bgcolor='$color{'color22'}'>\n";
-               }
-               print "<td class='base'>$cahash{$key}[0]</td>\n";
-               print "<td class='base'>$cahash{$key}[1]</td>\n";
-               print <<END
-               <form method='post' name='cafrm${key}a'><td align='center'>
+           if (($key + 1) % 2) {
+               print "<tr bgcolor='${Header::table1colour}'>\n";
+           } else {
+               print "<tr bgcolor='${Header::table2colour}'>\n";
+           }
+           print "<td class='base'>$cahash{$key}[0]</td>\n";
+           print "<td class='base'>$cahash{$key}[1]</td>\n";
+           print <<END
+           <form method='post' name='cafrm${key}a'><td align='center'>
                <input type='image' name='$Lang::tr{'show ca certificate'}' src='/images/info.gif' alt='$Lang::tr{'show ca certificate'}' title='$Lang::tr{'show ca certificate'}' border='0' />
                <input type='hidden' name='ACTION' value='$Lang::tr{'show ca certificate'}' />
                <input type='hidden' name='KEY' value='$key' />
                <input type='image' name='$Lang::tr{'show ca certificate'}' src='/images/info.gif' alt='$Lang::tr{'show ca certificate'}' title='$Lang::tr{'show ca certificate'}' border='0' />
                <input type='hidden' name='ACTION' value='$Lang::tr{'show ca certificate'}' />
                <input type='hidden' name='KEY' value='$key' />
-               </td></form>
-               <form method='post' name='cafrm${key}b'><td align='center'>
+           </td></form>
+           <form method='post' name='cafrm${key}b'><td align='center'>
                <input type='image' name='$Lang::tr{'download ca certificate'}' src='/images/floppy.gif' alt='$Lang::tr{'download ca certificate'}' title='$Lang::tr{'download ca certificate'}' border='0' />
                <input type='hidden' name='ACTION' value='$Lang::tr{'download ca certificate'}' />
                <input type='hidden' name='KEY' value='$key' />
                <input type='image' name='$Lang::tr{'download ca certificate'}' src='/images/floppy.gif' alt='$Lang::tr{'download ca certificate'}' title='$Lang::tr{'download ca certificate'}' border='0' />
                <input type='hidden' name='ACTION' value='$Lang::tr{'download ca certificate'}' />
                <input type='hidden' name='KEY' value='$key' />
-               </td></form>
-               <form method='post' name='cafrm${key}c'><td align='center'>
+           </td></form>
+           <form method='post' name='cafrm${key}c'><td align='center'>
                <input type='hidden' name='ACTION' value='$Lang::tr{'remove ca certificate'}' />
                <input type='image'  name='$Lang::tr{'remove ca certificate'}' src='/images/delete.gif' alt='$Lang::tr{'remove ca certificate'}' title='$Lang::tr{'remove ca certificate'}' width='20' height='20' border='0' />
                <input type='hidden' name='KEY' value='$key' />
                <input type='hidden' name='ACTION' value='$Lang::tr{'remove ca certificate'}' />
                <input type='image'  name='$Lang::tr{'remove ca certificate'}' src='/images/delete.gif' alt='$Lang::tr{'remove ca certificate'}' title='$Lang::tr{'remove ca certificate'}' width='20' height='20' border='0' />
                <input type='hidden' name='KEY' value='$key' />
-               </td></form></tr>
+           </td></form></tr>
 END
            ;
        }
 END
            ;
        }
-}
-print "</table>"; 
-if ( -f "${General::swroot}/ovpn/ca/cacert.pem") {# If the file contains entries, print Key to action icons
-       print <<END
-       <table>
-       <tr>
+    }
+
+    print "</table>";
+
+    # If the file contains entries, print Key to action icons
+    if ( -f "${General::swroot}/ovpn/ca/cacert.pem") {
+    print <<END
+    <table>
+    <tr>
        <td class='boldbase'>&nbsp; <b>$Lang::tr{'legend'}:</b></td>
        <td>&nbsp; &nbsp; <img src='/images/info.gif' alt='$Lang::tr{'show certificate'}' /></td>
        <td class='base'>$Lang::tr{'show certificate'}</td>
        <td>&nbsp; &nbsp; <img src='/images/floppy.gif' alt='$Lang::tr{'download certificate'}' /></td>
        <td class='base'>$Lang::tr{'download certificate'}</td>
        <td class='boldbase'>&nbsp; <b>$Lang::tr{'legend'}:</b></td>
        <td>&nbsp; &nbsp; <img src='/images/info.gif' alt='$Lang::tr{'show certificate'}' /></td>
        <td class='base'>$Lang::tr{'show certificate'}</td>
        <td>&nbsp; &nbsp; <img src='/images/floppy.gif' alt='$Lang::tr{'download certificate'}' /></td>
        <td class='base'>$Lang::tr{'download certificate'}</td>
-       </tr>
-       </table>
+    </tr>
+    </table>
 END
     ;
 END
     ;
-}
-print <<END
-<form method='post' enctype='multipart/form-data'>
-<table width='100%' border='0' cellspacing='1' cellpadding='0'>
-<tr><td class='base' nowrap='nowrap'>$Lang::tr{'ca name'}:</td>
-<td nowrap='nowrap'><input type='text' name='CA_NAME' value='$cgiparams{'CA_NAME'}' size='15' />
-<td nowrap='nowrap'><input type='file' name='FH' size='30' /></td>
-<td nowrap='nowrap'><input type='submit' name='ACTION' value='$Lang::tr{'upload ca certificate'}' /><br /><input type='submit' name='ACTION' value='$Lang::tr{'show crl'}' /></td>    
-</tr></table></form>
+    }
+    print <<END
+    <form method='post' enctype='multipart/form-data'>
+    <table width='100%' border='0' cellspacing='1' cellpadding='0'>
+    <tr><td class='base' nowrap='nowrap'>$Lang::tr{'ca name'}:</td>
+    <td nowrap='nowrap'><input type='text' name='CA_NAME' value='$cgiparams{'CA_NAME'}' size='15' />
+    <td nowrap='nowrap'><input type='file' name='FH' size='30' /></td>
+    <td nowrap='nowrap'><input type='submit' name='ACTION' value='$Lang::tr{'upload ca certificate'}' /></td>
+    <td nowrap='nowrap'><input type='submit' name='ACTION' value='$Lang::tr{'show crl'}' /></td>    
+    </tr></table></form>
 END
     ;
 END
     ;
-&Header::closebox();
-if ( $srunning eq "yes" ) {    
+
+    &Header::closebox();
+    if ( $srunning eq "yes" ) {    
        print "<div align='center'><form method='post'><input type='submit' name='ACTION' value='$Lang::tr{'reset'}' disabled='disabled' /></div></form>\n";    
        print "<div align='center'><form method='post'><input type='submit' name='ACTION' value='$Lang::tr{'reset'}' disabled='disabled' /></div></form>\n";    
-}else{
-       print "<div align='center'><form method='post'><input type='submit' name='ACTION' value='$Lang::tr{'reset'}' /></div></form>\n";
-}          
-#CERT
-#RWSERVER
-#&Header::openbox('100%', 'LEFT', $Lang::tr{'global settings'});
-&Header::openbox('100%', 'LEFT', 'Roadwarrior Server');
-print <<END    
-<table width='100%'>
-<form method='post'>
-<td width='25%'>&nbsp;</td>
-<td width='25%'>&nbsp;</td>
-<td width='25%'>&nbsp;</td></tr>
-<tr><td class='boldbase'>$Lang::tr{'ovpn server status'}</td>
-<td align='left'>$sactive</td>
-<tr><td class='boldbase'>$Lang::tr{'ovpn on red'}</td>
-    <td><input type='checkbox' name='ENABLED' $checked{'ENABLED'}{'on'} /></td>
-END
-;
-if (&Ovpnfunc::haveBlueNet()) {
-       print "<tr><td class='boldbase'>$Lang::tr{'ovpn on blue'}</td>";
-       print "<td><input type='checkbox' name='ENABLED_BLUE' $checked{'ENABLED_BLUE'}{'on'} /></td>";
-}
-if (&Ovpnfunc::haveOrangeNet()) {    
-       print "<tr><td class='boldbase'>$Lang::tr{'ovpn on orange'}</td>";
-       print "<td><input type='checkbox' name='ENABLED_ORANGE' $checked{'ENABLED_ORANGE'}{'on'} /></td>";
-}      
-print <<END            
-<tr><td class='base' nowrap='nowrap'>$Lang::tr{'local vpn hostname/ip'}:</td>
-    <td><input type='text' name='VPN_IP' value='$cgiparams{'VPN_IP'}' size='30' /></td>
-       <td class='boldbase' nowrap='nowrap'></td><td class='boldbase' nowrap='nowrap'>$Lang::tr{'ovpn subnet'}
-       <br /><input type='TEXT' name='DOVPN_SUBNET' value='$cgiparams{'DOVPN_SUBNET'}' size='30' /></td></tr>
-<tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'ovpn device'}</td>
-    <td><select name='DDEVICE' ><option value='tun' $selected{'DDEVICE'}{'tun'}>TUN</option>
-                                <option value='tap' $selected{'DDEVICE'}{'tap'}>TAP</option></select></td>                                 
-<tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'protocol'}</td>
-    <td><select name='DPROTOCOL'><option value='udp' $selected{'DPROTOCOL'}{'udp'}>UDP</option>
-                                 <option value='tcp' $selected{'DPROTOCOL'}{'tcp'}>TCP</option></select></td>                              
-    <td class='boldbase'>$Lang::tr{'destination port'}:</td>
-    <td><input type='TEXT' name='DDEST_PORT' value='$cgiparams{'DDEST_PORT'}' size='5' /></td></tr>
-<tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'MTU'}&nbsp;</td>
-    <td> <input type='TEXT' name='DMTU' VALUE='$cgiparams{'DMTU'}'size='5' /></TD>
-<tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'comp-lzo'}</td>
-    <td><input type='checkbox' name='DCOMPLZO' $checked{'DCOMPLZO'}{'on'} /></td>
-    <td class='boldbase' nowrap='nowrap'>$Lang::tr{'cipher'}</td>
-    <td><select name='DCIPHER'><option value='DES-CBC' $selected{'DCIPHER'}{'DES-CBC'}>DES-CBC</option>
-                                              <option value='DES-EDE-CBC' $selected{'DCIPHER'}{'DES-EDE-CBC'}>DES-EDE-CBC</option>
-                                              <option value='DES-EDE3-CBC' $selected{'DCIPHER'}{'DES-EDE3-CBC'}>DES-EDE3-CBC</option>
-                                              <option value='DESX-CBC' $selected{'DCIPHER'}{'DESX-CBC'}>DESX-CBC</option>
-                                              <option value='RC2-CBC' $selected{'DCIPHER'}{'RC2-CBC'}>RC2-CBC</option>                                                             
-                                              <option value='RC2-40-CBC' $selected{'DCIPHER'}{'RC2-40-CBC'}>RC2-40-CBC</option>
-                                              <option value='RC2-64-CBC' $selected{'DCIPHER'}{'RC2-64-CBC'}>RC2-64-CBC</option>
-                                              <option value='BF-CBC' $selected{'DCIPHER'}{'BF-CBC'}>BF-CBC</option>
-                                              <option value='CAST5-CBC' $selected{'DCIPHER'}{'CAST5-CBC'}>CAST5-CBC</option>
-                                              <option value='AES-128-CBC' $selected{'DCIPHER'}{'AES-128-CBC'}>AES-128-CBC</option>
-                                              <option value='AES-192-CBC' $selected{'DCIPHER'}{'AES-192-CBC'}>AES-192-CBC</option>
-                                              <option value='AES-256-CBC' $selected{'DCIPHER'}{'AES-256-CBC'}>AES-256-CBC</option></select></td>
+    }else{
+       print "<div align='center'><form method='post'><input type='submit' name='ACTION' value='$Lang::tr{'reset'}' /></div></form>\n";
+    }      
+    if ( -f "${General::swroot}/ovpn/ca/cacert.pem" ) {
+    &Header::openbox('100%', 'LEFT', $Lang::tr{'Client status and controlc' });
+    print <<END
+    <table width='100%' border='0' cellspacing='1' cellpadding='0'>
+<tr>
+    <td width='10%' class='boldbase' align='center'><b>$Lang::tr{'name'}</b></td>
+    <td width='15%' class='boldbase' align='center'><b>$Lang::tr{'type'}</b></td>
+    <td width='18%' class='boldbase' align='center'><b>$Lang::tr{'common name'}</b></td>
+    <td width='17%' class='boldbase' align='center'><b>$Lang::tr{'valid till'}</b></td>
+    <td width='25%' class='boldbase' align='center'><b>$Lang::tr{'remark'}</b><br /><img src='/images/null.gif' width='125' height='1' border='0' alt='L2089' /></td>
+    <td width='10%' class='boldbase' align='center'><b>$Lang::tr{'status'}</b></td>
+    <td width='5%' class='boldbase' colspan='6' align='center'><b>$Lang::tr{'action'}</b></td>
+</tr>
 END
 END
-;                                 
-    
-if ( $srunning eq "yes" ) {
-       print "<tr><td align='left'><input type='submit' name='ACTION' value='$Lang::tr{'save'}' disabled='disabled' /></td>";
-       print "<td><input type='submit' name='ACTION' value='$Lang::tr{'advanced server'}' disabled='disabled'/></td>"; 
-       print "<td><input type='submit' name='ACTION' value='$Lang::tr{'stop ovpn server'}' /></td>";
-       print "<td><input type='submit' name='ACTION' value='$Lang::tr{'restart ovpn server'}' /></td></tr>";   
-} else{
-       print "<tr><td align='left'><input type='submit' name='ACTION' value='$Lang::tr{'save'}' /></td>";
-       print "<td><input type='submit' name='ACTION' value='$Lang::tr{'advanced server'}' /></td>";
-       if (( -e "${General::swroot}/ovpn/ca/cacert.pem" &&
-             -e "${General::swroot}/ovpn/ca/dh1024.pem" &&
-          -e "${General::swroot}/ovpn/certs/servercert.pem" &&
-          -e "${General::swroot}/ovpn/certs/serverkey.pem") &&
-          (( $cgiparams{'ENABLED'} eq 'on') || 
-        ( $cgiparams{'ENABLED_BLUE'} eq 'on') ||
-        ( $cgiparams{'ENABLED_ORANGE'} eq 'on'))){
-               print "<td><input type='submit' name='ACTION' value='$Lang::tr{'start ovpn server'}' /></td>";
-               print "<td><input type='submit' name='ACTION' value='$Lang::tr{'restart ovpn server'}' /></td></tr>";   
+       ;
+        my $id = 0;
+        my $gif;
+        foreach my $key (keys %confighash) {
+       if ($confighash{$key}[0] eq 'on') { $gif = 'on.gif'; } else { $gif = 'off.gif'; }
+
+       if ($id % 2) {
+           print "<tr bgcolor='${Header::table1colour}'>\n";
        } else {
        } else {
-               print "<td><input type='submit' name='ACTION' value='$Lang::tr{'start ovpn server'}' disabled='disabled' /></td>";    
-               print "<td><input type='submit' name='ACTION' value='$Lang::tr{'restart ovpn server'}' disabled='disabled' /></td></tr>";                   
-       }    
+           print "<tr bgcolor='${Header::table2colour}'>\n";
+       }
+       print "<td align='center' nowrap='nowrap'>$confighash{$key}[1]</td>";
+       print "<td align='center' nowrap='nowrap'>" . $Lang::tr{"$confighash{$key}[3]"} . " (" . $Lang::tr{"$confighash{$key}[4]"} . ")</td>";
+       if ($confighash{$key}[4] eq 'cert') {
+           print "<td align='left' nowrap='nowrap'>$confighash{$key}[2]</td>";
+       } else {
+           print "<td align='left'>&nbsp;</td>";
+       }
+       my $cavalid = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/certs/$confighash{$key}[1]cert.pem`;
+       $cavalid    =~ /Not After : (.*)[\n]/;
+       $cavalid    = $1;
+       print "<td align='center'>$cavalid</td>";
+       print "<td align='center'>$confighash{$key}[25]</td>";
+       my $active = "<table cellpadding='2' cellspacing='0' bgcolor='${Header::colourred}' width='100%'><tr><td align='center'><b><font color='#FFFFFF'>$Lang::tr{'capsclosed'}</font></b></td></tr></table>";
+       if ($confighash{$key}[0] eq 'off') {
+           $active = "<table cellpadding='2' cellspacing='0' bgcolor='${Header::colourblue}' width='100%'><tr><td align='center'><b><font color='#FFFFFF'>$Lang::tr{'capsclosed'}</font></b></td></tr></table>";
+       } else {
+           my $cn;
+           my @match = ();     
+           foreach my $line (@status) {
+               chomp($line);
+               if ( $line =~ /^(.+),(\d+\.\d+\.\d+\.\d+\:\d+),(\d+),(\d+),(.+)/) {
+                   @match = split(m/^(.+),(\d+\.\d+\.\d+\.\d+\:\d+),(\d+),(\d+),(.+)/, $line);
+                   if ($match[1] ne "Common Name") {
+                       $cn = $match[1];
+                   }       
+               $cn =~ s/[_]/ /g;
+                   if ($cn eq "$confighash{$key}[2]") {
+                       $active = "<table cellpadding='2' cellspacing='0' bgcolor='${Header::colourgreen}' width='100%'><tr><td align='center'><b><font color='#FFFFFF'>$Lang::tr{'capsopen'}</font></b></td></tr></table>";
+                   }
+               }    
+           }
+       }
+       my $disable_clientdl = "disabled='disabled'";
+       if (( $cgiparams{'ENABLED'} eq 'on') || 
+           ( $cgiparams{'ENABLED_BLUE'} eq 'on') ||
+           ( $cgiparams{'ENABLED_ORANGE'} eq 'on')){
+           $disable_clientdl = "";
+       }
+       print <<END
+       <td align='center'>$active</td>
+               
+       <form method='post' name='frm${key}a'><td align='center'>
+           <input type='image'  name='$Lang::tr{'dl client arch'}' $disable_clientdl src='/images/openvpn.png' alt='$Lang::tr{'dl client arch'}' title='$Lang::tr{'dl client arch'}' border='0' />
+           <input type='hidden' name='ACTION' value='$Lang::tr{'dl client arch'}' $disable_clientdl />
+           <input type='hidden' name='KEY' value='$key' $disable_clientdl />
+       </td></form>
+END
+       ;
+       if ($confighash{$key}[4] eq 'cert') {
+           print <<END
+           <form method='post' name='frm${key}b'><td align='center'>
+               <input type='image' name='$Lang::tr{'show certificate'}' src='/images/info.gif' alt='$Lang::tr{'show certificate'}' title='$Lang::tr{'show certificate'}' border='0' />
+               <input type='hidden' name='ACTION' value='$Lang::tr{'show certificate'}' />
+               <input type='hidden' name='KEY' value='$key' />
+           </td></form>
+END
+       ; } else {
+           print "<td>&nbsp;</td>";
+       }
+       if ($confighash{$key}[4] eq 'cert' && -f "${General::swroot}/ovpn/certs/$confighash{$key}[1].p12") { 
+           print <<END
+           <form method='post' name='frm${key}c'><td align='center'>
+               <input type='image' name='$Lang::tr{'download pkcs12 file'}' src='/images/floppy.gif' alt='$Lang::tr{'download pkcs12 file'}' title='$Lang::tr{'download pkcs12 file'}' border='0' />
+               <input type='hidden' name='ACTION' value='$Lang::tr{'download pkcs12 file'}' />
+               <input type='hidden' name='KEY' value='$key' />
+           </td></form>
+END
+       ; } elsif ($confighash{$key}[4] eq 'cert') {
+           print <<END
+           <form method='post' name='frm${key}c'><td align='center'>
+               <input type='image' name='$Lang::tr{'download certificate'}' src='/images/floppy.gif' alt='$Lang::tr{'download certificate'}' title='$Lang::tr{'download certificate'}' border='0' />
+               <input type='hidden' name='ACTION' value='$Lang::tr{'download certificate'}' />
+               <input type='hidden' name='KEY' value='$key' />
+           </td></form>
+END
+       ; } else {
+           print "<td>&nbsp;</td>";
+       }
+       print <<END
+       <form method='post' name='frm${key}d'><td align='center'>
+           <input type='image' name='$Lang::tr{'toggle enable disable'}' src='/images/$gif' alt='$Lang::tr{'toggle enable disable'}' title='$Lang::tr{'toggle enable disable'}' border='0' />
+           <input type='hidden' name='ACTION' value='$Lang::tr{'toggle enable disable'}' />
+           <input type='hidden' name='KEY' value='$key' />
+       </td></form>
+
+       <form method='post' name='frm${key}e'><td align='center'>
+           <input type='hidden' name='ACTION' value='$Lang::tr{'edit'}' />
+           <input type='image' name='$Lang::tr{'edit'}' src='/images/edit.gif' alt='$Lang::tr{'edit'}' title='$Lang::tr{'edit'}' width='20' height='20' border='0'/>
+           <input type='hidden' name='KEY' value='$key' />
+       </td></form>
+       <form method='post' name='frm${key}f'><td align='center'>
+           <input type='hidden' name='ACTION' value='$Lang::tr{'remove'}' />
+           <input type='image'  name='$Lang::tr{'remove'}' src='/images/delete.gif' alt='$Lang::tr{'remove'}' title='$Lang::tr{'remove'}' width='20' height='20' border='0' />
+           <input type='hidden' name='KEY' value='$key' />
+       </td></form>
+       </tr>
+END
+       ;
+       $id++;
+    }
+    ;
+
+    # If the config file contains entries, print Key to action icons
+    if ( $id ) {
+    print <<END
+    <table>
+    <tr>
+       <td class='boldbase'>&nbsp; <b>$Lang::tr{'legend'}:</b></td>
+       <td>&nbsp; <img src='/images/on.gif' alt='$Lang::tr{'click to disable'}' /></td>
+       <td class='base'>$Lang::tr{'click to disable'}</td>
+       <td>&nbsp; &nbsp; <img src='/images/info.gif' alt='$Lang::tr{'show certificate'}' /></td>
+       <td class='base'>$Lang::tr{'show certificate'}</td>
+       <td>&nbsp; &nbsp; <img src='/images/edit.gif' alt='$Lang::tr{'edit'}' /></td>
+       <td class='base'>$Lang::tr{'edit'}</td>
+       <td>&nbsp; &nbsp; <img src='/images/delete.gif' alt='$Lang::tr{'remove'}' /></td>
+       <td class='base'>$Lang::tr{'remove'}</td>
+    </tr>
+    <tr>
+       <td>&nbsp; </td>
+       <td>&nbsp; <img src='/images/off.gif' alt='?OFF' /></td>
+       <td class='base'>$Lang::tr{'click to enable'}</td>
+       <td>&nbsp; &nbsp; <img src='/images/floppy.gif' alt='?FLOPPY' /></td>
+       <td class='base'>$Lang::tr{'download certificate'}</td>
+       <td>&nbsp; &nbsp; <img src='/images/openvpn.png' alt='?RELOAD'/></td>
+       <td class='base'>$Lang::tr{'dl client arch'}</td>
+    </tr>
+    </table>
+END
+    ;
+    }
+
+    print <<END
+    <table width='100%'>
+    <form method='post'>
+    <tr><td width='50%' ><input type='submit' name='ACTION' value='$Lang::tr{'add'}' /></td>
+       <td width='50%' ><input type='submit' name='ACTION' value='$Lang::tr{'ovpn con stat'}' $activeonrun /></td></tr>
+    </form>
+    </table>
+END
+    ;    
+    &Header::closebox();
 }
 }
-print "</form></table>";
-&Header::closebox();
-#RWSERVER
-&Ovpnfunc::rwclientstatus($activeonrun);
-&Ovpnfunc::net2netstatus($activeonrun);
+    print "$Lang::tr{'this feature has been sponsored by'} : ";
+    print "<a href='http://www.stareventsgroup.com/' target='_blank'>Star Events Group Ltd</a>.\n";
+    print "<a href='http://www.ibdozing.com/' target='_blank'>IBDOZING</a>.\n";
+    print "<a href='http://www.xencon.net/' target='_blank'>Xen by x|encon</a>.\n";
+       print "<a href='http://www.savatec.de/' target='_blank'>SAVATEC e.K.</a>.\n";    
 &Header::closepage();
 &Header::closepage();
diff --git a/lfs/ibod b/lfs/ibod
index bfeeed7a0e0d2902dc912d439acf04dd7ccaf3bb..8e35c982ac0a9158c681ed873ff95560a80a4637 100644 (file)
--- a/lfs/ibod
+++ b/lfs/ibod
@@ -26,33 +26,55 @@
 
 include Config
 
 
 include Config
 
-VER = ipfire
+VER        = 1.4
 
 
-THISAPP    = ibod
-DIR_APP    = $(DIR_SRC)/src/$(THISAPP)
+THISAPP    = ibod-$(VER)
+DL_FILE    = $(THISAPP)-src.tar.gz
+DL_FROM    = $(URL_IPFIRE)
+DIR_APP    = $(DIR_SRC)/$(THISAPP)
 TARGET     = $(DIR_INFO)/$(THISAPP)
 
 ###############################################################################
 # Top-level Rules
 ###############################################################################
 TARGET     = $(DIR_INFO)/$(THISAPP)
 
 ###############################################################################
 # Top-level Rules
 ###############################################################################
+objects = $(DL_FILE)
+
+$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
+
+$(DL_FILE)_MD5 = 38b45be27c0a82b38380f680fdee0aff
 
 install : $(TARGET)
 
 
 install : $(TARGET)
 
-check :
+check : $(patsubst %,$(DIR_CHK)/%,$(objects))
+
+download :$(patsubst %,$(DIR_DL)/%,$(objects))
+
+md5 : $(subst %,%_MD5,$(objects))
+
+###############################################################################
+# Downloading, checking, md5sum
+###############################################################################
+
+$(patsubst %,$(DIR_CHK)/%,$(objects)) :
+       @$(CHECK)
 
 
-download :
+$(patsubst %,$(DIR_DL)/%,$(objects)) :
+       @$(LOAD)
 
 
-md5 :
+$(subst %,%_MD5,$(objects)) :
+       @$(MD5)
 
 ###############################################################################
 # Installation Details
 ###############################################################################
 
 
 ###############################################################################
 # Installation Details
 ###############################################################################
 
-$(TARGET) : 
+$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
        @$(PREBUILD)
        @$(PREBUILD)
-       cd $(DIR_APP) && make ibod
-       mkdir -p /etc/ppp
-       cd $(DIR_APP) && install -m 0644 ibod.cf /etc/ppp
+       @-mkdir -p $(DIR_APP)
+       @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) -C $(DIR_APP)
+       cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/ibod-config.patch
+       cd $(DIR_APP) && gcc $(CFLAGS) ibod.c -o ibod
+       cd $(DIR_APP) && install -m 0644 ibod.cf /etc/isdn
        cd $(DIR_APP) && install -m 0755 ibod /usr/sbin
        cd $(DIR_APP) && install -m 0755 ibod /usr/sbin
-       cd $(DIR_APP) && rm -f ibod
+       @rm -rf $(DIR_APP)
        @$(POSTBUILD)
        @$(POSTBUILD)
diff --git a/lfs/isdn4k-utils b/lfs/isdn4k-utils
index d8cfb3417deed9e18e614927834dfd9e7d3865e6..cac21fdd333b53a20b0ef91eb3134a010bfb85de 100644 (file)
--- a/lfs/isdn4k-utils
+++ b/lfs/isdn4k-utils
@@ -18,12 +18,6 @@
 # Makefiles are based on LFSMake, which is                                    #
 # Copyright (C) 2002 Rod Roard <rod@sunsetsystems.com>                        #
 #                                                                             #
 # Makefiles are based on LFSMake, which is                                    #
 # Copyright (C) 2002 Rod Roard <rod@sunsetsystems.com>                        #
 #                                                                             #
-# Modifications by:                                                           #
-# ??-12-2003 Mark Wormgoor < mark@wormgoor.com>                               #
-#          - Modified Makefile for IPCop build                                #
-#                                                                             #
-# $Id: isdn4k-utils,v 1.8.2.4 2005/02/05 15:38:15 gespinasse Exp $
-#                                                                             #
 ###############################################################################
 
 ###############################################################################
 ###############################################################################
 
 ###############################################################################
@@ -32,24 +26,24 @@
 
 include Config
 
 
 include Config
 
-VER        = v3.2p1
+VER        = CVS-2006-07-20
 
 
-THISAPP    = isdn4k-utils.$(VER)
+THISAPP    = isdn4k-utils-$(VER)
 DL_FILE    = $(THISAPP).tar.bz2
 DL_FILE    = $(THISAPP).tar.bz2
-DL_FROM    = ftp://ftp.isdn4linux.de/pub/isdn4linux/utils
-DIR_APP    = $(DIR_SRC)/isdn4k-utils
+DL_FROM    = $(URL_IPFIRE)
+DIR_APP    = $(DIR_SRC)/$(THISAPP)
 TARGET     = $(DIR_INFO)/$(THISAPP)
 TARGET     = $(DIR_INFO)/$(THISAPP)
+CFLAGS     += -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE
+RPM_OPT_FLAGS = "$(CFLAGS)"
 
 ###############################################################################
 # Top-level Rules
 ###############################################################################
 
 ###############################################################################
 # Top-level Rules
 ###############################################################################
-objects = $(DL_FILE) isdn4k-utils_ippp-filter.diff
+objects = $(DL_FILE)
 
 
-$(DL_FILE)                         = $(DL_FROM)/$(DL_FILE)
-isdn4k-utils_ippp-filter.diff      = http://trash.net/~kaber/ippp-filter/isdn4k-utils_ippp-filter.diff
+$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
 
-$(DL_FILE)_MD5                     = d347afa462e46eccfd1284aebae227b6
-isdn4k-utils_ippp-filter.diff_MD5  = b8ff58859b9e379d1f9842d43ce5956e
+$(DL_FILE)_MD5 = 7cde4a61e870bb7e53cd912a3fc30207
 
 install : $(TARGET)
 
 
 install : $(TARGET)
 
@@ -79,30 +73,28 @@ $(subst %,%_MD5,$(objects)) :
 $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
        @$(PREBUILD)
        @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE)
 $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
        @$(PREBUILD)
        @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE)
-       cd $(DIR_APP) && patch -Np1 < $(DIR_DL)/isdn4k-utils_ippp-filter.diff
-       cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/isdn4k-utils-v3.2p1-c89.patch
-       cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/isdn4k-utils-v3.2p1-config.patch
-       cd $(DIR_APP) && sed -i 's%-lt 64%-lt 16%' scripts/makedev.sh
-       cd $(DIR_APP)/capi20 && rm -f lt* aclocal.m4 
-       cd $(DIR_APP)/capi20 && aclocal
-       cd $(DIR_APP)/capi20 && libtoolize --force --automake
-       cd $(DIR_APP)/capi20 && automake --add-missing
-       cd $(DIR_APP)/capi20 && autoconf
-       cd $(DIR_APP)/capiinfo && rm -f aclocal.m4
-       cd $(DIR_APP)/capiinfo && aclocal
-       cd $(DIR_APP)/capiinfo && libtoolize --force --automake
-       cd $(DIR_APP)/capiinfo && automake --add-missing
-       cd $(DIR_APP)/capiinfo && autoconf
-       cd $(DIR_APP)/capiinit && rm -f aclocal.m4
-       cd $(DIR_APP)/capiinit && aclocal
-       cd $(DIR_APP)/capiinit && libtoolize --force --automake
-       cd $(DIR_APP)/capiinit && automake --add-missing
-       cd $(DIR_APP)/capiinit && autoconf
-       cd $(DIR_APP)/ipppd && autoconf
-       cd $(DIR_APP)/ipppd && sed -i -e 's/net\/bpf/pcap/' sys-linux.c
-       cd $(DIR_APP)/ipppd && sed -i -e 's/net\/bpf/pcap/' ipppd.h
+       #cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/isdn4k-utils_ippp-filter.diff
+       cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/isdn4k-utils-CVS-2006-07-20-redhat.patch
+       cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/isdn4k-utils-CVS-2004-11-18-autoconf25x.patch
+       cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/isdn4k-utils-0202131200-true.patch
+       cd $(DIR_APP) && patch -Np0 < $(DIR_SRC)/src/patches/isdn4k-utils-CVS-2006-02-13-cleanup.patch
+       cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/isdn4k-utils-statfs.patch
+       cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/isdn4k-utils-capiinit.patch
+       cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/isdn4k-utils-CVS-2006-07-20-pppd-2.4.4.patch
+
+       cd $(DIR_APP) && for i in */configure; do       \
+               cd `dirname $$i`; \
+               autoreconf --force --install; \
+               cd ..; \
+       done
+       
+       cd $(DIR_APP) && iconv -f iso-8859-1 -t utf-8 < imontty/imontty.8.in > imontty/imontty.8.in_
+       cd $(DIR_APP) && mv imontty/imontty.8.in_ imontty/imontty.8.in
+       
+       cd $(DIR_APP) && cp -fv $(DIR_SRC)/config/isdn4k-utils/config .config
+       cd $(DIR_APP) && sed -e "s,',,g" .config > .config.h
+       
        cd $(DIR_APP) && make subconfig
        cd $(DIR_APP) && make subconfig
-       cd $(DIR_APP)/ipppd && sed -i 's/^IPPP_FILTER.*$$/IPPP_FILTER := 1/' Makefile
        cd $(DIR_APP) && make
        cd $(DIR_APP) && make install
        @rm -rf $(DIR_APP)
        cd $(DIR_APP) && make
        cd $(DIR_APP) && make install
        @rm -rf $(DIR_APP)
diff --git a/lfs/libxslt b/lfs/libxslt
new file mode 100644 (file)
index 0000000..0e99fd0
--- /dev/null
+++ b/lfs/libxslt
@@ -0,0 +1,79 @@
+###############################################################################
+# This file is part of the IPCop Firewall.                                    #
+#                                                                             #
+# IPCop is free software; you can redistribute it and/or modify               #
+# it under the terms of the GNU General Public License as published by        #
+# the Free Software Foundation; either version 2 of the License, or           #
+# (at your option) any later version.                                         #
+#                                                                             #
+# IPCop is distributed in the hope that it will be useful,                    #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
+# GNU General Public License for more details.                                #
+#                                                                             #
+# You should have received a copy of the GNU General Public License           #
+# along with IPCop; if not, write to the Free Software                        #
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307 USA    #
+#                                                                             #
+# Makefiles are based on LFSMake, which is                                    #
+# Copyright (C) 2002 Rod Roard <rod@sunsetsystems.com>                        #
+#                                                                             #
+###############################################################################
+
+###############################################################################
+# Definitions
+###############################################################################
+
+include Config
+
+VER        = 1.1.17
+
+THISAPP    = libxslt-$(VER)
+DL_FILE    = $(THISAPP).tar.gz
+DL_FROM    = $(URL_IPFIRE)
+DIR_APP    = $(DIR_SRC)/$(THISAPP)
+TARGET     = $(DIR_INFO)/$(THISAPP)
+
+###############################################################################
+# Top-level Rules
+###############################################################################
+
+objects = $(DL_FILE)
+
+$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
+
+$(DL_FILE)_MD5 = fde6a7a93c0eb14cba628692fa3a1000
+
+install : $(TARGET)
+
+check : $(patsubst %,$(DIR_CHK)/%,$(objects))
+
+download :$(patsubst %,$(DIR_DL)/%,$(objects))
+
+md5 : $(subst %,%_MD5,$(objects))
+
+###############################################################################
+# Downloading, checking, md5sum
+###############################################################################
+
+$(patsubst %,$(DIR_CHK)/%,$(objects)) :
+       @$(CHECK)
+
+$(patsubst %,$(DIR_DL)/%,$(objects)) :
+       @$(LOAD)
+
+$(subst %,%_MD5,$(objects)) :
+       @$(MD5)
+
+###############################################################################
+# Installation Details
+###############################################################################
+
+$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
+       @$(PREBUILD)
+       @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
+       cd $(DIR_APP) && ./configure --prefix=/usr
+       cd $(DIR_APP) && make $(MAKETUNING)
+       cd $(DIR_APP) && make install
+       @rm -rf $(DIR_APP)
+       @$(POSTBUILD)
diff --git a/lfs/mISDN b/lfs/mISDN
index b48d83b97c4df7612257bde023ebf2191836bc72..d05e526a51b44e2716239aaa8a19b773027e2c3d 100644 (file)
--- a/lfs/mISDN
+++ b/lfs/mISDN
@@ -74,5 +74,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
        @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
        cd $(DIR_APP) && make MISDNDIR=/usr/src/linux
        cd $(DIR_APP) && make install MISDNDIR=/usr/src/linux
        @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
        cd $(DIR_APP) && make MISDNDIR=/usr/src/linux
        cd $(DIR_APP) && make install MISDNDIR=/usr/src/linux
+       -mkdir -p /usr/lib/mISDN
+       cd $(DIR_APP) && cp config/*.xsl /usr/lib/mISDN
        @rm -rf $(DIR_APP)
        @$(POSTBUILD)
        @rm -rf $(DIR_APP)
        @$(POSTBUILD)
diff --git a/lfs/openswan b/lfs/openswan
index 989ce96aa40659486a141b538f1f975eb70a4de8..e46b840aa84c92974e6ee12e0c0ee2f7417cce44 100644 (file)
--- a/lfs/openswan
+++ b/lfs/openswan
@@ -76,12 +76,11 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
                -e 's%^INC_USRLOCAL.*$$%INC_USRLOCAL=/usr%' \
                -e 's%^USERCOMPILE.*$$%USERCOMPILE=$(CFLAGS)%' \
                -e 's%^KLIPSCOMPILE.*$$%KLIPSCOMPILE=$(CFLAGS)%' Makefile.inc
                -e 's%^INC_USRLOCAL.*$$%INC_USRLOCAL=/usr%' \
                -e 's%^USERCOMPILE.*$$%USERCOMPILE=$(CFLAGS)%' \
                -e 's%^KLIPSCOMPILE.*$$%KLIPSCOMPILE=$(CFLAGS)%' Makefile.inc
-       cd $(DIR_APP) && sed -i -e 's/CWARNINGS = -Werror/CWARNINGS =/' \
-                                                                                       lib/liblwres/Makefile
        cd $(DIR_APP) && make programs
        cd $(DIR_APP) && make install
        cd $(DIR_APP) && make programs
        cd $(DIR_APP) && make install
-       #mv -f /etc/rc.d/init.d/ipsec /etc/rc.d/
+       
        -rm -rfv /etc/rc*.d/*ipsec
        -rm -rfv /etc/rc*.d/*ipsec
+       cd $(DIR_SRC) && cp src/initscripts/init.d/ipsec /etc/rc.d/init.d/ipsec
        rm -f /etc/ipsec.conf /etc/ipsec.secrets
        ln -sf $(CONFIG_ROOT)/vpn/ipsec.conf /etc/ipsec.conf
        ln -sf $(CONFIG_ROOT)/vpn/ipsec.secrets /etc/ipsec.secrets
        rm -f /etc/ipsec.conf /etc/ipsec.secrets
        ln -sf $(CONFIG_ROOT)/vpn/ipsec.conf /etc/ipsec.conf
        ln -sf $(CONFIG_ROOT)/vpn/ipsec.secrets /etc/ipsec.secrets
diff --git a/make.sh b/make.sh
index 603bb78517be2b314f839aea0290b8c99890c273..95bf7dc6b419c8a651c01db809fba5bffa3260c7 100755 (executable)
--- a/make.sh
+++ b/make.sh
@@ -374,6 +374,7 @@ buildipfire() {
   ipfiremake libcap
   ipfiremake pciutils
   ipfiremake libxml2
   ipfiremake libcap
   ipfiremake pciutils
   ipfiremake libxml2
+  ipfiremake libxslt
   ipfiremake BerkeleyDB
   ipfiremake mysql
   ipfiremake cyrus-sasl
   ipfiremake BerkeleyDB
   ipfiremake mysql
   ipfiremake cyrus-sasl
@@ -413,7 +414,7 @@ buildipfire() {
   ipfiremake iptstate
   ipfiremake iputils
   ipfiremake l7-protocols
   ipfiremake iptstate
   ipfiremake iputils
   ipfiremake l7-protocols
-#  ipfiremake isdn4k-utils # What about mISDN???
+  ipfiremake isdn4k-utils
   ipfiremake mISDN
   ipfiremake hwdata
   ipfiremake kudzu
   ipfiremake mISDN
   ipfiremake hwdata
   ipfiremake kudzu
diff --git a/src/ibod/ibod.c b/src/ibod/ibod.c
deleted file mode 100644 (file)
index 6c8e0e0..0000000
--- a/src/ibod/ibod.c
+++ /dev/null
@@ -1,367 +0,0 @@
-/* Customised version of ibod - GUI code removed by Mark Wormgoor\r
- *                              Buffer overflow fixes by Robert Kerr\r
- *\r
- * ibod originally by Bjoern Smith\r
- */\r
-\r
-static char *rcsId = "$Id: ibod.c,v 1.1.1.1.8.1 2005/05/07 12:46:16 rkerr Exp $";\r
-static char *rcsSymbol = "$Symbol$";\r
-\r
-#include <stdlib.h>\r
-#include <string.h>\r
-#include <stdio.h>\r
-#include <signal.h>\r
-#include <sys/time.h>\r
-#include <sys/types.h>\r
-#include <sys/stat.h>\r
-#include <fcntl.h>\r
-#include <sys/socket.h>\r
-#include <netinet/in.h>\r
-#include <linux/isdn.h>\r
-#include <syslog.h>\r
-#include <errno.h>\r
-#include "ibod.h"\r
-\r
-static int setattr();\r
-static void reread(int sig);\r
-static void pipehndl(int sig);\r
-static void setinterval();\r
-static void get_if_state();\r
-static int bring_up_slave();\r
-static int bring_down_slave();\r
-static Conf cf;\r
-static struct timeval timeout, tv_last, tv_up;\r
-static int usageflags[ISDN_MAX_CHANNELS];\r
-static char phone[ISDN_MAX_CHANNELS][20];\r
-static Siobytes iobytes[ISDN_MAX_CHANNELS];\r
-static unsigned long in_bytes_last, out_bytes_last;\r
-static unsigned long in_bytes_per_sec, out_bytes_per_sec;\r
-static unsigned long channels_last;\r
-static int  channels_now;\r
-\r
-main(int argc, char *argv[])\r
-{\r
-    openlog("ibod", LOG_PID, LOG_DAEMON);\r
-\r
-    channels_last = -1;\r
-\r
-    /* Setup initial attributes */\r
-    if (setattr() == -1) {\r
-        closelog();\r
-        exit(1);\r
-    }\r
-\r
-    setinterval();\r
-\r
-    /* Setup handlig of signal SIGHUP and SIGPIPE */\r
-    signal(SIGHUP, reread);\r
-    signal(SIGPIPE, pipehndl);\r
-\r
-    do {\r
-        setinterval();\r
-\r
-       usleep(timeout.tv_usec);\r
-\r
-        /* Gate state of interface */\r
-        get_if_state();\r
-\r
-    } while (1);\r
-}\r
-\r
-\r
-static int setattr()\r
-{\r
-    FILE *fd;\r
-    char config_filename[MAX_STR_LEN] = IBOD_DEFAULT_DIR "/ibod.cf";\r
-    char linebuf[MAX_STR_LEN];\r
-    char *key, *value;\r
-    int  val;\r
-\r
-    strcpy(cf.dev, DEVICE);\r
-    cf.enable      = ENABLE;\r
-    cf.interval    = INTERVAL;\r
-    cf.filter      = FILTER;\r
-    cf.limit       = LIMIT;\r
-    cf.stayup      = STAYUP;\r
-    cf.stayup_time = STAYUP_TIME;\r
-\r
-    /* Open config file */\r
-    if ((fd = fopen(config_filename, "r")) == NULL) {\r
-        syslog(LOG_ERR, "%s: %s\n", config_filename, strerror(errno));\r
-        return -1;\r
-    }\r
-\r
-    /* Loop over the config file to setup attributes */\r
-    while (fgets(linebuf, MAX_STR_LEN, fd) != NULL) {\r
-\r
-        if (*linebuf == '#')           /* Ignore comments */\r
-            continue;\r
-\r
-        key = strtok(linebuf, " \t");\r
-        value = strtok(NULL, " \t\n");\r
-\r
-        if (strcmp(key, "DEVICE") == 0) {\r
-            if (strcmp(cf.dev, value) != 0)\r
-                syslog(LOG_NOTICE,\r
-                       "Parameter DEVICE reconfigured to %s\n", value);\r
-            snprintf(cf.dev, 32,"%s", value);\r
-        }\r
-\r
-        if (strcmp(key, "ENABLE") == 0) {\r
-            val = atoi(value);\r
-            if (cf.enable != val)\r
-                syslog(LOG_NOTICE,\r
-                       "Parameter ENABLE reconfigured to %d\n", val);\r
-            cf.enable = val;\r
-        }\r
-\r
-        if (strcmp(key, "INTERVAL") == 0) {\r
-            val = atoi(value);\r
-            if (cf.interval != val)\r
-                syslog(LOG_NOTICE,\r
-                       "Parameter INTERVAL reconfigured to %d\n", val);\r
-            cf.interval = atoi(value);\r
-        }\r
-\r
-        if (strcmp(key, "FILTER") == 0) {\r
-            val = atoi(value);\r
-            if (cf.filter != val)\r
-                syslog(LOG_NOTICE,\r
-                       "Parameter FILTER reconfigured to %d\n", val);\r
-            cf.filter = atoi(value);\r
-        }\r
-\r
-        if (strcmp(key, "LIMIT") == 0) {\r
-            val = atoi(value);\r
-            if (cf.limit != val)\r
-                syslog(LOG_NOTICE,\r
-                       "Parameter LIMIT reconfigured to %d\n", val);\r
-            cf.limit = atoi(value);\r
-        }\r
-\r
-        if (strcmp(key, "STAYUP") == 0) {\r
-            val = atoi(value);\r
-            if (cf.stayup != val)\r
-                syslog(LOG_NOTICE,\r
-                       "Parameter STAYUP reconfigured to %d\n", val);\r
-            cf.stayup = atoi(value);\r
-        }\r
-\r
-        if (strcmp(key, "STAYUP_TIME") == 0) {\r
-            val = atoi(value);\r
-            if (cf.stayup_time != val)\r
-                syslog(LOG_NOTICE,\r
-                       "Parameter STAYUP_TIME reconfigured to %d\n", val);\r
-            cf.stayup_time = atoi(value);\r
-        }\r
-    }\r
-\r
-    fclose(fd);\r
-    return 0;\r
-}\r
-\r
-\r
-\r
-static void setinterval()\r
-{\r
-    timeout.tv_sec = cf.interval / 1000;\r
-    timeout.tv_usec = (cf.interval % 1000) * 1000;\r
-}\r
-\r
-\r
-static void reread(int sig)\r
-{\r
-    (void) setattr();\r
-\r
-    setinterval();\r
-\r
-    signal(SIGHUP, reread);\r
-}\r
-\r
-\r
-static void pipehndl(int sig)\r
-{\r
-    syslog(LOG_ERR, "caught SIGPIPE: %s\n", sys_errlist[errno]);\r
-\r
-    signal(SIGPIPE, pipehndl);\r
-}\r
-\r
-\r
-static void get_if_state()\r
-{\r
-    static char buf[4096];\r
-    struct timeval tv_now;\r
-    int    ms_delta;\r
-    int    in_bytes_now, out_bytes_now;\r
-    int  fd;\r
-    int  i;\r
-\r
-    /* Open the info device */\r
-    if ((fd = open(ISDN_INFO_DEV, O_RDONLY | O_NDELAY)) < 0) {\r
-        syslog(LOG_ERR, "%s: %s\n", ISDN_INFO_DEV, sys_errlist[errno]);\r
-        closelog();\r
-        exit(1);\r
-    }\r
-\r
-    /* Whats the time now */\r
-    gettimeofday(&tv_now, NULL);\r
-    ms_delta = (tv_now.tv_sec * 1000 + tv_now.tv_usec / 1000) -\r
-               (tv_last.tv_sec * 1000 + tv_last.tv_usec / 1000);\r
-    tv_last = tv_now;\r
-\r
-    /* Get info from interface */\r
-    if (read(fd, buf, sizeof(buf))> 0) {\r
-        sscanf(strstr(buf, "usage:"),\r
-            "usage: %d %d %d %d %d %d %d %d %d %d %d %d %d %d %d %d",\r
-            &usageflags[0], &usageflags[1], &usageflags[2], &usageflags[3],\r
-            &usageflags[4], &usageflags[5], &usageflags[6], &usageflags[7],\r
-            &usageflags[8], &usageflags[9], &usageflags[10], &usageflags[11],\r
-            &usageflags[12], &usageflags[13], &usageflags[14], &usageflags[15]);\r
-        sscanf(strstr(buf, "phone:"),\r
-            "phone: %s %s %s %s %s %s %s %s %s %s %s %s %s %s %s %s",\r
-            phone[0], phone[1], phone[2], phone[3],\r
-            phone[4], phone[5], phone[6], phone[7],\r
-            phone[8], phone[8], phone[10], phone[11],\r
-            phone[12], phone[13], phone[14], phone[15]);\r
-    }\r
-\r
-    in_bytes_now = 0;\r
-    out_bytes_now = 0;\r
-    channels_now = 0;\r
-\r
-    /* Get byte in/out for all channels */\r
-    if (ioctl(fd, IIOCGETCPS, &iobytes)) {\r
-        syslog(LOG_ERR, "%s: %s\n", IIOCGETCPS, sys_errlist[errno]);\r
-        closelog();\r
-        exit(1);\r
-    }\r
-    close(fd);\r
-          \r
-    /* Count number of open channes and total in/out bytes */\r
-    for (i = 0; i < ISDN_MAX_CHANNELS; i++) {\r
-        if (usageflags[i]) {\r
-            channels_now++;\r
-            in_bytes_now += iobytes[i].ibytes;\r
-            out_bytes_now += iobytes[i].obytes;\r
-        }\r
-    }\r
-\r
-    if (channels_last == -1 || channels_now < channels_last) {\r
-        channels_last = channels_now;\r
-        in_bytes_last = in_bytes_now;\r
-        out_bytes_last = out_bytes_now;\r
-        return;\r
-    }\r
-\r
-    /* Calculate the total through put in bytes/sec */\r
-    if (cf.filter < 1) {\r
-        in_bytes_per_sec =\r
-            (in_bytes_now - in_bytes_last) * 1000 / ms_delta;\r
-        out_bytes_per_sec =\r
-            (out_bytes_now - out_bytes_last) * 1000 / ms_delta;\r
-    }\r
-    else {\r
-        in_bytes_per_sec = (in_bytes_per_sec * (cf.filter - 1) +\r
-            (in_bytes_now - in_bytes_last) * 1000 / ms_delta) / cf.filter;\r
-        out_bytes_per_sec = (out_bytes_per_sec * (cf.filter - 1) +\r
-            (out_bytes_now - out_bytes_last) * 1000 / ms_delta) / cf.filter;\r
-    }\r
-\r
-    in_bytes_last = in_bytes_now;\r
-    out_bytes_last = out_bytes_now;\r
-\r
-    if (channels_now == 0) {\r
-        channels_last = channels_now;\r
-        return;\r
-    }\r
-\r
-    /* Take up or down slave channel */\r
-\r
-    if (cf.enable == 0) {\r
-        channels_last = channels_now;\r
-        return;\r
-    }\r
-\r
-    if (channels_now == 1 &&\r
-        (in_bytes_per_sec > cf.limit || out_bytes_per_sec >  cf.limit)) {\r
-\r
-        /* Bring up slave interface */\r
-        if (bring_up_slave() == -1)\r
-            exit(1);\r
-\r
-        /* Start stay up timer */\r
-        gettimeofday(&tv_up, NULL);\r
-    }\r
-\r
-    if ((channels_now > 1) &&\r
-        (in_bytes_per_sec <= cf.limit) &&\r
-        (out_bytes_per_sec <= cf.limit) &&\r
-        (cf.stayup == 0)) {\r
-\r
-        /* Check that the min stay up timer has expired */\r
-        gettimeofday(&tv_now, NULL);\r
-        if (tv_now.tv_sec - tv_up.tv_sec > cf.stayup_time) {\r
-\r
-            /* Bring down slave interface */\r
-            if (bring_down_slave() == -1)\r
-                exit(1);\r
-        }\r
-    }\r
-\r
-    channels_last = channels_now;\r
-}\r
-\r
-\r
-static int bring_up_slave()\r
-{\r
-    int  fd, rc;\r
-\r
-    if ((fd = open(ISDN_CTLR_DEV, O_RDWR)) < 0) {\r
-        syslog(LOG_ERR, "%s: %s\n", ISDN_CTLR_DEV, sys_errlist[errno]);\r
-        closelog();\r
-        return -1;\r
-    }\r
-\r
-    if ((rc = ioctl(fd, IIOCNETALN, cf.dev)) < 0) {\r
-        syslog(LOG_ERR, "%s: %s\n", cf.dev, sys_errlist[errno]);\r
-        closelog();\r
-        return -1;\r
-    }\r
-\r
-    close(fd);\r
-\r
-    if (! rc) {\r
-        syslog(LOG_NOTICE, "added new link\n");\r
-        channels_now = 2;\r
-    }\r
-\r
-    return 0;\r
-}\r
-\r
-\r
-static int bring_down_slave()\r
-{\r
-    int  fd, rc;\r
-\r
-    if ((fd = open(ISDN_CTLR_DEV, O_RDWR)) < 0) {\r
-        syslog(LOG_ERR, "%s: %s\n", ISDN_CTLR_DEV, sys_errlist[errno]);\r
-        closelog();\r
-        return -1;\r
-    }\r
-\r
-    if ((rc = ioctl(fd, IIOCNETDLN, cf.dev)) < 0) {\r
-        syslog(LOG_ERR, "%s: %s\n", cf.dev, sys_errlist[errno]);\r
-        closelog();\r
-        return -1;\r
-    }\r
-\r
-    close(fd);\r
-\r
-    if (rc)\r
-        syslog(LOG_ERR, "unable to remove additional link: %d\n", rc);\r
-    else {\r
-        syslog(LOG_NOTICE, "removed link\n");\r
-    }\r
-\r
-    return 0;\r
-}\r
diff --git a/src/ibod/ibod.cf b/src/ibod/ibod.cf
deleted file mode 100644 (file)
index 8a49598..0000000
--- a/src/ibod/ibod.cf
+++ /dev/null
@@ -1,58 +0,0 @@
-# $Id: ibod.cf,v 1.1.1.1 2001/11/27 08:08:03 riddles Exp $
-# $Symbol$
-#
-#
-#
-# Configuration file for ibod (ISDN Bandwidth On Demand)
-#
-# This file contain the initial configuration values for the
-# ibod daemon. Each line contain a keyword and a value.
-#
-# Boolean attributes are set with 0 or 1 which corresponds to
-# false and true respectively. A boolean attribute not specified
-# at all is allways false.
-#
-# Lines beginning with # are treated as comments and are ignored.
-#
-# IMPORTANT RULES!
-#
-#      1. Keywords are case sensitive.
-#      2. Kewords must begin at first column.
-#      3. Keyword and value must be separated by exctly one (1)
-#         space ot tab chracter.
-#
-# This file is re-read every time ibod receives SIGHUP (1) signal.
-#
-# DEVICE       <name>  Name of ISDN PPP device.
-#                      Default is ippp0.
-#
-# ENABLE       1|0     Enable/disable bandwidth-on-demand.
-#                      Default is enable (1).
-#
-# INTERVAL     <n>     Specify the sample time interval in ms.
-#                      Default is 500 ms.
-#
-# FILTER       <n>     Defines "filtering factor". A value of 10 means
-#                      that the average bytes/sec value measured over 10
-#                      intervals must pass the limit defined by LIMIT
-#                      to bring up or down the slave link.
-#                      Default is 5.
-#
-# LIMIT                <n>     Transfer rate limit in bytes/sec for bringing
-#                      up or down isdn slave channel.
-#                      Default is 5000.
-#
-# STAYUP       0|1     Enable/disable slave channel stay up function.
-#                      If enabled the 2:nd cannel (slave link) will stay
-#                      up even if the average bytes/sec decrease the value
-#                      defined by LIMIT. In this case the slave link will
-#                      stay up until hangup time is reached.
-#                      (Example: isdnctrl huptimeout ippp1 60)
-#                      If disabled the slave link will be brought down in
-#                      the same way it is brought up.
-#                      Default is 0.
-#
-# STAYUP_TIME  <n>     Defines the minimum time in seconds the 2:nd
-#                      channel will unconditionally stay up after it has
-#                      been brought up. Default value is 30.
-#
diff --git a/src/ibod/ibod.h b/src/ibod/ibod.h
deleted file mode 100644 (file)
index eba1922..0000000
--- a/src/ibod/ibod.h
+++ /dev/null
@@ -1,39 +0,0 @@
-/* $Id: ibod.h,v 1.1.1.1 2001/11/27 08:08:03 riddles Exp $\r
- * $Symbol$\r
- */\r
-\r
-#define DEVICE                 "ippp0"\r
-#define ENABLE                 1\r
-#define INTERVAL                       500\r
-#define FILTER                 5\r
-#define LIMIT                  7000\r
-#define STAYUP                 0\r
-#define STAYUP_TIME            30\r
-\r
-#define IBOD_DEFAULT_DIR       "/etc/ppp"\r
-#define MAX_STR_LEN            512\r
-#define ISDN_INFO_DEV          "/dev/isdninfo"\r
-#define ISDN_CTLR_DEV          "/dev/isdnctrl"\r
-#define IBOD_PORT                      6050\r
-\r
-#define CMD_OPEN                       0\r
-#define CMD_CLOSE                      1\r
-#define CMD_ENABLE             2\r
-#define CMD_DISABLE            3\r
-#define CMD_UP2                        4\r
-#define CMD_DOWN2                      5\r
-\r
-typedef struct {\r
-       char    dev[32];\r
-       int     enable;\r
-       int     interval;\r
-       int     limit;\r
-       int     filter;\r
-       int     stayup;\r
-       int     stayup_time;\r
-} Conf;\r
-\r
-typedef struct {\r
-       unsigned long ibytes;\r
-       unsigned long obytes;\r
-} Siobytes;\r
diff --git a/src/initscripts/init.d/mISDN b/src/initscripts/init.d/mISDN
new file mode 100644 (file)
index 0000000..bbe054a
--- /dev/null
+++ b/src/initscripts/init.d/mISDN
@@ -0,0 +1,475 @@
+#!/bin/bash
+
+#----------------------------------------------
+#
+# CONFIGURATION:
+#
+MISDN_CONF="/etc/mISDN.conf"
+MISDN_CONF_XSL="/usr/lib/mISDN/mISDN.conf.xsl"
+#
+#----------------------------------------------
+
+SELF="${0}"
+USAGE="Usage: ${SELF} start|stop|restart|config|scan|help"
+
+function die {
+       echo "[!!] ${1}"
+       exit 1
+}
+
+function check_cmd
+{
+       if ! type -p "${1}" > /dev/null; then
+               if [ "${2}" = "opt" ]; then
+                       return
+               fi
+               if [ "$(id -u)" != "0" ]; then
+                       die "$1 not in path, please install and/or be root."
+               else
+                       die "$1 not in path, please install."
+               fi
+               exit 1
+       else
+               local var=$(echo ${1} | tr a-z A-Z)
+               eval "$var=`type -p ${1}`"
+       fi
+}
+
+function check_misdn_conf
+{
+       if [ ! -f ${MISDN_CONF} ]; then
+               die "${MISDN_CONF} not found. Please run: ${SELF} config"
+       fi
+}
+
+check_cmd sed
+check_cmd cut
+check_cmd cp
+check_cmd wc
+check_cmd grep
+check_cmd xsltproc
+check_cmd modprobe
+check_cmd sleep
+check_cmd lspci
+check_cmd lsusb opt
+check_cmd mknod
+check_cmd chown
+check_cmd chmod
+
+declare -a START_COMMANDS
+declare -a STOP_COMMANDS
+
+declare -a HFCMULTI_card
+declare -a HFCMULTI_type
+declare -a HFCMULTI_protocol
+declare -a HFCMULTI_layermask
+HFCMULTI_options=''
+MISDNDSP_options=''
+L1OIP_options=''
+
+AVMFRITZ_protocol=''
+AVMFRITZ_layermask=''
+
+HFCPCI_protocol=''
+HFCPCI_layermask=''
+
+L1OIP_type=''
+L1OIP_protocol=''
+L1OIP_layermask=''
+L1OIP_codec=''
+L1OIP_ip=''
+L1OIP_port=''
+L1OIP_localport=''
+L1OIP_ondemand=''
+L1OIP_id=''
+
+DEVNODE_user='root'
+DEVNODE_group='root'
+DEVNODE_mode='0644'
+
+declare -a SCAN_card
+declare -a SCAN_opts
+declare -a SCAN_num_ports
+declare -a SCAN_port_opts
+
+function parse_config
+{
+       local CONFIG=$(${XSLTPROC} ${MISDN_CONF_XSL} ${MISDN_CONF})
+       local t p l line i tmpcmd curr tmpstr val
+       local IFS=$'\n'
+       
+       START_COMMANDS[${#START_COMMANDS[@]}]="${MODPROBE} --ignore-install capi"
+       START_COMMANDS[${#START_COMMANDS[@]}]="${MODPROBE} --ignore-install mISDN_core debug=0"
+       START_COMMANDS[${#START_COMMANDS[@]}]="${MODPROBE} --ignore-install mISDN_l1 debug=0"
+       START_COMMANDS[${#START_COMMANDS[@]}]="${MODPROBE} --ignore-install mISDN_l2 debug=0"
+       START_COMMANDS[${#START_COMMANDS[@]}]="${MODPROBE} --ignore-install l3udss1 debug=0"
+       START_COMMANDS[${#START_COMMANDS[@]}]="${MODPROBE} --ignore-install mISDN_capi"
+       
+       for line in ${CONFIG}; do
+               case "${line}" in
+                       DEVNODE:mISDN*)
+                               tmpstr=$(echo ${line} | ${SED} -n 's/.*user:\([^ ]*\).*/\1/p')
+                               if [ ! -z "${tmpstr}" ]; then
+                                       DEVNODE_user="${tmpstr}"
+                               fi
+                               tmpstr=$(echo ${line} | ${SED} -n 's/.*group:\([^ ]*\).*/\1/p')
+                               if [ ! -z "${tmpstr}" ]; then
+                                       DEVNODE_group="${tmpstr}"
+                               fi
+                               tmpstr=$(echo ${line} | ${SED} -n 's/.*mode:\([^ ]*\).*/\1/p')
+                               if [ ! -z "${tmpstr}" ]; then
+                                       DEVNODE_mode="${tmpstr}"
+                               fi
+                               ;;
+                       MODULE:hfcmulti*)
+                               HFCMULTI_options=${line:16}
+                               ;;
+                       MODULE:mISDN_dsp*)
+                               MISDNDSP_options=${line:17}
+                               ;;
+                       MODULE:l1oip*)
+                               L1OIP_options=${line:13}
+                               ;;
+                       CARD:BN*)
+                               curr='hfcmulti'
+                               i=${#HFCMULTI_type[@]}
+                               let "t = $(echo ${line} | ${SED} -n 's/.*type:\([^,]*\).*/\1/p')"
+                               HFCMULTI_type[${i}]=$(printf "0x%x" ${t})
+
+# this is for the BN2E1 card that needs two type numbers
+                               t=$(echo ${line} | ${SED} -n 's/.*type:[^,]*,\([^ ]*\).*/\1/p')
+                               if [ ! -z "${t}" ]; then
+                                       let "t = ${t}"
+                                       HFCMULTI_type[${i}]="${HFCMULTI_type[${i}]},$(printf "0x%x" ${t})"
+                               fi
+
+                               HFCMULTI_card[${i}]=$(echo ${line:5} | ${CUT} -d" " -f1)
+                               ;;
+                       CARD:hfcpci*)
+                               curr='hfcpci'
+                               ;;
+                       CARD:avmfritz*)
+                               curr='avmfritz'
+                               ;;
+                       CARD:l1oip*)
+                               curr='l1oip'
+                               ;;
+                       PORT*)
+                               case "${curr}" in
+                                       hfcmulti)
+                                               let "p = $(echo ${line} | ${SED} -n 's/.*protocol:\([^ ]*\).*/\1/p')"
+                                               HFCMULTI_protocol[${i}]="${HFCMULTI_protocol[${i}]:+"${HFCMULTI_protocol[${i}]},"}$(printf "0x%x" ${p})"
+                                               let "l = $(echo ${line} | ${SED} -n 's/.*layermask:\([^ ]*\).*/\1/p')"
+                                               HFCMULTI_layermask[${i}]="${HFCMULTI_layermask[${i}]:+"${HFCMULTI_layermask[${i}]},"}$(printf "0x%x" ${l})"
+                                               ;;
+                                       hfcpci)
+                                               let "p = $(echo ${line} | ${SED} -n 's/.*protocol:\([^ ]*\).*/\1/p')"
+                                               HFCPCI_protocol="${HFCPCI_protocol:+"${HFCPCI_protocol},"}$(printf "0x%x" ${p})"
+                                               let "l = $(echo ${line} | ${SED} -n 's/.*layermask:\([^ ]*\).*/\1/p')"
+                                               HFCPCI_layermask="${HFCPCI_layermask:+"${HFCPCI_layermask},"}$(printf "0x%x" ${l})"
+                                               ;;
+                                       avmfritz)
+                                               let "p = $(echo ${line} | ${SED} -n 's/.*protocol:\([^ ]*\).*/\1/p')"
+                                               AVMFRITZ_protocol="${AVMFRITZ_protocol:+"${AVMFRITZ_protocol},"}$(printf "0x%x" ${p})"
+                                               let "l = $(echo ${line} | ${SED} -n 's/.*layermask:\([^ ]*\).*/\1/p')"
+                                               AVMFRITZ_layermask="${AVMFRITZ_layermask:+"${AVMFRITZ_layermask},"}$(printf "0x%x" ${l})"
+                                               ;;
+                                       l1oip)
+                                               let "val = $(echo ${line} | ${SED} -n 's/.*type:\([^ ]*\).*/\1/p')"
+                                               L1OIP_type="${L1OIP_type:+"${L1OIP_type},"}$(printf "0x%x" ${val})"
+                                               let "val = $(echo ${line} | ${SED} -n 's/.*protocol:\([^ ]*\).*/\1/p')"
+                                               L1OIP_protocol="${L1OIP_protocol:+"${L1OIP_protocol},"}$(printf "0x%x" ${val})"
+                                               let "val = $(echo ${line} | ${SED} -n 's/.*layermask:\([^ ]*\).*/\1/p')"
+                                               L1OIP_layermask="${L1OIP_layermask:+"${L1OIP_layermask},"}$(printf "0x%x" ${val})"
+                                               val="$(echo ${line} | ${SED} -n 's/.*codec:\([^ ]*\).*/\1/p')"
+                                               L1OIP_codec="${L1OIP_codec:+"${L1OIP_codec},"}${val}"
+                                               val="$(echo ${line} | ${SED} -n 's/.*ip:\([^ ]*\).*/\1/p')"
+                                               L1OIP_ip="${L1OIP_ip:+"${L1OIP_ip},"}${val}"
+                                               val="$(echo ${line} | ${SED} -n 's/.*port:\([^ ]*\).*/\1/p')"
+                                               L1OIP_port="${L1OIP_port:+"${L1OIP_port},"}${val}"
+                                               val="$(echo ${line} | ${SED} -n 's/.*localport:\([^ ]*\).*/\1/p')"
+                                               L1OIP_localport="${L1OIP_localport:+"${L1OIP_localport},"}${val}"
+                                               val="$(echo ${line} | ${SED} -n 's/.*ondemand:\([^ ]*\).*/\1/p')"
+                                               L1OIP_ondemand="${L1OIP_ondemand:+"${L1OIP_ondemand},"}${val}"
+                                               val="$(echo ${line} | ${SED} -n 's/.*id:\([^ ]*\).*/\1/p')"
+                                               L1OIP_id="${L1OIP_id:+"${L1OIP_id},"}${val}"
+                                               ;;
+                               esac
+                               ;;
+               esac
+       done
+
+       if [ ! -z "${HFCMULTI_protocol[0]}" ]; then
+               tmpcmd="${MODPROBE} --ignore-install hfcmulti type=${HFCMULTI_type[0]}"
+               i=1
+               while [ ! -z "${HFCMULTI_type[${i}]}" ]; do
+                       tmpcmd="${tmpcmd},${HFCMULTI_type[${i}]}"
+                       let "i = ${i} + 1"
+               done
+               tmpcmd="${tmpcmd} protocol=${HFCMULTI_protocol[0]}"
+               i=1
+               while [ ! -z "${HFCMULTI_protocol[${i}]}" ]; do
+                       tmpcmd="${tmpcmd},${HFCMULTI_protocol[${i}]}"
+                       let "i = ${i} + 1"
+               done
+               tmpcmd="${tmpcmd} layermask=${HFCMULTI_layermask[0]}"
+               i=1
+               while [ ! -z "${HFCMULTI_layermask[${i}]}" ]; do
+                       tmpcmd="${tmpcmd},${HFCMULTI_layermask[${i}]}"
+                       let "i = ${i} + 1"
+               done
+               START_COMMANDS[${#START_COMMANDS[@]}]="${tmpcmd} ${HFCMULTI_options}"
+       fi
+
+       if [ ! -z "${HFCPCI_protocol}" ]; then
+               START_COMMANDS[${#START_COMMANDS[@]}]="${MODPROBE} --ignore-install hfcpci protocol=${HFCPCI_protocol} layermask=${HFCPCI_layermask}"
+       fi
+
+       if [ ! -z "${AVMFRITZ_protocol}" ]; then
+               START_COMMANDS[${#START_COMMANDS[@]}]="${MODPROBE} --ignore-install avmfritz protocol=${AVMFRITZ_protocol} layermask=${AVMFRITZ_layermask}"
+       fi
+
+       if [ ! -z "${L1OIP_type}" ]; then
+               START_COMMANDS[${#START_COMMANDS[@]}]="${MODPROBE} --ignore-install l1oip type=${L1OIP_type} protocol=${L1OIP_protocol} layermask=${L1OIP_layermask} codec=${L1OIP_codec} ip=${L1OIP_ip} port=${L1OIP_port} localport=${L1OIP_localport} ondemand=${L1OIP_ondemand} id=${L1OIP_id} ${L1OIP_options}"
+       fi
+
+       START_COMMANDS[${#START_COMMANDS[@]}]="${MODPROBE} --ignore-install mISDN_dsp ${MISDNDSP_options}"
+}
+
+function run_start_commands
+{
+       local i=0
+
+       echo "-- Loading mISDN modules --"
+       while [ ! -z "${START_COMMANDS[${i}]}" ]; do
+               echo ">> ${START_COMMANDS[${i}]}"
+               eval "${START_COMMANDS[${i}]}"
+               let "i = ${i} + 1"
+       done
+}
+
+function run_stop_commands
+{
+       local mod i=0
+
+       for mod in $(lsmod | ${SED} -ne '/Module/!{s/\([^ ]*\).*/\1/;p}');      do
+               case "${mod}" in
+                       mISDN_capi | mISDN_dsp | l3udss1 | mISDN_l2 | mISDN_l1 | mISDN_isac | hfcmulti | avmfritz | l1oip)
+                               STOP_COMMANDS[0]="${STOP_COMMANDS[0]:-"${MODPROBE} -r --ignore-remove"} ${mod}"
+                               ;;
+                       mISDN_core)
+                               STOP_COMMANDS[1]="${MODPROBE} -r --ignore-remove mISDN_core"
+                               ;;
+               esac
+       done
+
+       echo "-- Unloading mISDN modules --"
+       while [ ! -z "${STOP_COMMANDS[${i}]}" ]; do
+               echo ">> ${STOP_COMMANDS[${i}]}"
+               eval "${STOP_COMMANDS[${i}]}"
+               let "i = ${i} + 1"
+       done
+}
+
+function scan_devices
+{
+       local skipnext=0 IFS=$'\n'
+       local NL="
+"
+       
+       function addcard {
+               SCAN_card[${#SCAN_card[@]}]="${1}"
+               SCAN_opts[${#SCAN_opts[@]}]="${2}"
+               SCAN_num_ports[${#SCAN_num_ports[@]}]="${3}"
+               SCAN_port_opts[${#SCAN_port_opts[@]}]="${4}"
+       }
+
+       for line in $(${LSPCI} -n -d 0xd161:b410); do
+               addcard "BN4S0" "" 4 'mode="te" link="ptmp"'
+       done
+
+       for line in $(${LSPCI} -n | ${SED} -n 's/^\(0000:\|\)\([0-9a-f]\{2\}:[0-9a-f]\{2\}.[0-9a-f]\{1\}\)\( Class \| \)[0-9a-f]\{4\}: 1397:\([0-9a-f]\{4\}\).*$/\4 \2/p'); do
+               if [ ${skipnext} -eq 1 ]; then
+                       skipnext=0
+                       continue
+               fi
+               case "${line}" in
+                       30b1*)
+                               case "${line:5}" in
+                                       00*)
+                                               addcard "BN1E1" "" 1 'mode="nt" link="ptp"'
+                                               ;;
+                                       *)
+                                               if [ $(${LSPCI} -n -s "${line:5:3}" | ${WC} -l) -eq 2 ]; then
+                                                       addcard "BN2E1" "" 2 'mode="nt" link="ptp"'
+                                                       skipnext=1
+                                               else
+                                                       addcard "BN1E1" "" 1 'mode="nt" link="ptp"'
+                                               fi
+                                               ;;
+                               esac
+                               ;;
+                       16b8*)
+                               addcard "BN8S0" "" 8 'mode="te" link="ptmp"'
+                               ;;
+                       08b4*)
+                               if ${LSPCI} -n -v -s "${line:5}" | ${GREP} "Subsystem" | ${GREP} "1397:b567" > /dev/null ; then
+                                       addcard "BN1S0" "" 1 'mode="te" link="ptmp"'
+                               elif ${LSPCI} -n -v -s "${line:5}" | ${GREP} "Subsystem" | ${GREP} "1397:b566\|1397:b569" > /dev/null ; then
+                                       addcard "BN2S0" "" 2 'mode="te" link="ptmp"'
+                               else
+                                       addcard "BN4S0" "" 4 'mode="te" link="ptmp"'
+                               fi
+                               ;;
+               esac
+       done
+       for line in $(${LSPCI} -n | ${GREP} "1397:\(2bd\(0\|6\|7\|8\|9\|a\|b\|c\)\|b100\)\|1043:0675\|0871:ffa\(1\|2\)\|1051:0100\|15b0:2bd0\|114f:007\(0\|1\|2\|3\)\|13d1:2bd1\|182d:3069"); do
+               addcard "hfcpci" "" 1 'mode="te" link="ptmp"'
+       done
+       for line in $(${LSPCI} -n | ${GREP} "1244:\(0a00\|0e00\)"); do
+               addcard "avmfritz" "" 1 'mode="te" link="ptmp"'
+       done
+       for line in $(${LSPCI} -n -d 1050:6692); do
+               addcard "w6692pci" "" 1 'mode="te" link="ptmp"'
+       done
+       if [ -e ${LSUSB} ]; then 
+               for line in $(${LSUSB} | ${GREP} "0959:2bd0\|0675:1688\|07b0:0007\|0742:200\(7\|8\|9\|A\)\|08e3:0301\|07fa:084\(7\|8\)\|07ba:0006"); do
+                       addcard "hfcsusb" "" 1 'mode="te" link="ptmp"'
+               done
+       fi
+}
+
+function write_mISDN_conf
+{
+       local NL="
+"
+       local TAB="     "
+       local HEADER="<?xml version=\"1.0\"?>
+<!--
+- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+Card Type: BN2S0, BN4S0, BN8S0
+Card Attributes: ulaw=(yes|no), dtmf=(yes|no), pcm_slave=(yes|no),
+                 ignore_pcm_frameclock=(yes|no), rxclock=(yes|no),
+                 crystalclock=(yes|no), watchdog=(yes|no)
+Port Attributes: mode=(te|nt), link=(ptp|ptmp), master-clock=(yes|no),
+                 capi=(yes|no)
+- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+Card Type: BN2E1
+Card Attributes: ulaw=(yes|no), dtmf=(yes|no), pcm_slave=(yes|no),
+                 ignore_pcm_frameclock=(yes|no), rxclock=(yes|no),
+                 crystalclock=(yes|no), watchdog=(yes|no)
+Port Attributes: mode=(te|nt), link=(ptp|ptmp), optical=(yes|no), los=(yes|no),
+                 ais=(yes|no), slip=(yes|no), nocrc4=(yes|no), capi=(yes|no)
+- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+Card Type: hfcmulti, avmfritz, w6692pci
+Port Attributes: mode=(te|nt), link=(ptp|ptmp), capi=(yes|no)
+- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+Module: hfcmulti
+Options: poll=<number>, pcm=<number>, debug=<number>, timer=(yes|no)
+- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+Module: mISDN_dsp
+Options: debug=<number>, options=<number>, poll=<number>,
+         dtmfthreshold=<number>
+- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+-->
+<mISDNconf>
+${TAB}<module poll=\"128\" debug=\"0\" timer=\"no\">hfcmulti</module>
+${TAB}<module debug=\"0\" options=\"0\">mISDN_dsp</module>
+${TAB}<devnode user=\"root\" group=\"root\" mode=\"644\">mISDN</devnode>"
+       local FOOTER="</mISDNconf>"
+       local i=0 j=0 MAIN=""
+
+       echo "Writing ${MISDN_CONF} for ${#SCAN_card[@]} mISDN compatible device(s):"
+       while [ ! -z "${SCAN_card[${i}]}" ]; do
+               echo ">> ${SCAN_card[${i}]}"
+               MAIN="${MAIN}${NL}${TAB}<card type=\"${SCAN_card[${i}]}\"${SCAN_opts[${i}]:+" ${SCAN_opts[${i}]}"}>"
+               j=1
+               while [ ${j} -le ${SCAN_num_ports[${i}]} ]; do
+                       MAIN="${MAIN}${NL}${TAB}${TAB}<port${SCAN_port_opts[${i}]:+" ${SCAN_port_opts[${i}]}"}>${j}</port>"
+                       let "j = ${j} + 1"
+               done
+               MAIN="${MAIN}${NL}${TAB}</card>"
+               let "i = ${i} + 1"
+       done
+
+       if [ -f ${MISDN_CONF} ]; then
+               echo "${MISDN_CONF} already present, saving a backup: ${MISDN_CONF}.bak"
+               ${CP} "${MISDN_CONF}" "${MISDN_CONF}.bak" || die "Could not backup your existing ${MISDN_CONF}!"
+       fi
+       echo "${HEADER}${MAIN}${NL}${FOOTER}" > ${MISDN_CONF}
+}
+
+function print_scan_results
+{
+       local i=0
+       
+       echo "${#SCAN_card[@]} mISDN compatible device(s) found:"
+       while [ ! -z "${SCAN_card[${i}]}" ]; do
+               echo ">> ${SCAN_card[${i}]}"
+               let "i = ${i} + 1"
+       done
+}
+
+function mk_misdn_dev
+{
+       if [ ! -e /dev/mISDN ]; then
+               echo "creating device node: /dev/mISDN"
+               ${MKNOD} /dev/mISDN c 46 0
+       fi
+       ${CHOWN} ${DEVNODE_user}:${DEVNODE_group} /dev/mISDN
+       ${CHMOD} ${DEVNODE_mode} /dev/mISDN
+}
+
+#
+# MAIN
+#
+
+case "${1}" in
+
+       start|--start)
+
+               check_misdn_conf
+               parse_config
+               run_start_commands
+               mk_misdn_dev
+               ;;
+
+       stop|--stop)
+
+               run_stop_commands
+               ;;
+
+       restart|--restart)
+
+               check_misdn_conf
+               parse_config
+               run_stop_commands
+               ${SLEEP} 2
+               run_start_commands
+               mk_misdn_dev
+               ;;
+
+       config|--config)
+               
+               scan_devices
+               write_mISDN_conf
+               ;;
+
+       scan|--scan)
+
+               scan_devices
+               print_scan_results
+               ;;
+
+       help|--help)
+               echo "${USAGE}"
+               exit 0
+               ;;
+
+       *)
+               echo "${USAGE}"
+               exit 2
+               ;;
+
+esac
+
diff --git a/src/initscripts/init.d/snort b/src/initscripts/init.d/snort
index 0087cb54a73f30b7df00edb4be07b659063ffdef..b139a6c2e34bea3dda2d16ba5efa7d9871d20a96 100755 (executable)
--- a/src/initscripts/init.d/snort
+++ b/src/initscripts/init.d/snort
@@ -64,6 +64,7 @@ case "$1" in
                        boot_mesg "Starting Intrusion Detection System on $DEVICE..."
                        /usr/sbin/snort -c /etc/snort/snort.conf -i $DEVICE -D -l /var/log/snort --pid-path /var/run/snort_$DEVICE.pid
                        evaluate_retval
                        boot_mesg "Starting Intrusion Detection System on $DEVICE..."
                        /usr/sbin/snort -c /etc/snort/snort.conf -i $DEVICE -D -l /var/log/snort --pid-path /var/run/snort_$DEVICE.pid
                        evaluate_retval
+                       chmod 644 /var/run/snort_$DEVICE.pid
                done
                ;;
                
                done
                ;;
                
diff --git a/src/patches/ibod-config.patch b/src/patches/ibod-config.patch
new file mode 100644 (file)
index 0000000..6c92ddc
--- /dev/null
+++ b/src/patches/ibod-config.patch
@@ -0,0 +1,11 @@
+--- isdn4k-utils-07022001/ibod.h.orig  Wed Nov  1 21:06:07 2000
++++ isdn4k-utils-07022001/ibod.h       Wed Nov  1 21:06:29 2000
+@@ -10,7 +10,7 @@
+ #define STAYUP                        0
+ #define STAYUP_TIME           30
+-#define IBOD_DEFAULT_DIR      "/etc/ppp"
++#define IBOD_DEFAULT_DIR      "/etc/isdn"
+ #define MAX_STR_LEN           512
+ #define ISDN_INFO_DEV         "/dev/isdninfo"
+ #define ISDN_CTLR_DEV         "/dev/isdnctrl"
diff --git a/src/patches/isdn4k-utils-0202131200-true.patch b/src/patches/isdn4k-utils-0202131200-true.patch
new file mode 100644 (file)
index 0000000..33ef17c
--- /dev/null
+++ b/src/patches/isdn4k-utils-0202131200-true.patch
@@ -0,0 +1,13 @@
+--- isdn4k-utils/imon/imon.c.orig      Fri Feb 22 17:24:54 2002
++++ isdn4k-utils/imon/imon.c   Fri Feb 22 17:28:00 2002
+@@ -63,6 +63,10 @@
+ #include <linux/isdn.h>
++#ifndef TRUE
++#define TRUE 1
++#endif
++
+ #define KEY_Q                81
+ #define KEY_q               113
diff --git a/src/patches/isdn4k-utils-CVS-2004-11-18-autoconf25x.patch b/src/patches/isdn4k-utils-CVS-2004-11-18-autoconf25x.patch
new file mode 100644 (file)
index 0000000..fa8dd31
--- /dev/null
+++ b/src/patches/isdn4k-utils-CVS-2004-11-18-autoconf25x.patch
@@ -0,0 +1,564 @@
+--- isdn4k-utils-CVS-2004-11-18/vbox/configure.in.ac25x        1998-11-23 10:18:04.000000000 +0100
++++ isdn4k-utils-CVS-2004-11-18/vbox/configure.in      2004-11-18 17:47:52.638741078 +0100
+@@ -17,9 +17,9 @@
+ AC_PREFIX_DEFAULT()
+-AC_DEFINE_UNQUOTED(PACKAGE, "${PACKAGE}")
+-AC_DEFINE_UNQUOTED(VERSION, "${VERSION}")
+-AC_DEFINE_UNQUOTED(VERDATE, "${VERDATE}")
++AC_DEFINE_UNQUOTED(PACKAGE, "${PACKAGE}", [package])
++AC_DEFINE_UNQUOTED(VERSION, "${VERSION}", [version])
++AC_DEFINE_UNQUOTED(VERDATE, "${VERDATE}", [verdate])
+ AC_SUBST(PACKAGE)
+ AC_SUBST(VERSION)
+@@ -87,7 +87,7 @@
+ AC_MSG_RESULT(${VBOX_SPOOLDIR})
+-AC_DEFINE_UNQUOTED(SPOOLDIR, "${VBOX_SPOOLDIR}")
++AC_DEFINE_UNQUOTED(SPOOLDIR, "${VBOX_SPOOLDIR}", [spool dir])
+ AC_SUBST(VBOX_SPOOLDIR)
+    dnl #===============#
+@@ -105,7 +105,7 @@
+ AC_MSG_RESULT(${VBOX_LOGDIR})
+-AC_DEFINE_UNQUOTED(LOGFILEDIR, "${VBOX_LOGDIR}")
++AC_DEFINE_UNQUOTED(LOGFILEDIR, "${VBOX_LOGDIR}", [log dir])
+ AC_SUBST(VBOX_LOGDIR)
+    dnl #===============#
+@@ -123,7 +123,7 @@
+ AC_MSG_RESULT(${VBOX_PIDDIR})
+-AC_DEFINE_UNQUOTED(PIDFILEDIR, "${VBOX_PIDDIR}")
++AC_DEFINE_UNQUOTED(PIDFILEDIR, "${VBOX_PIDDIR}", [pid dir])
+ AC_SUBST(VBOX_PIDDIR)
+    dnl #================#
+@@ -141,7 +141,7 @@
+ AC_MSG_RESULT(${VBOX_LCKDIR})
+-AC_DEFINE_UNQUOTED(LCKFILEDIR, "${VBOX_LCKDIR}")
++AC_DEFINE_UNQUOTED(LCKFILEDIR, "${VBOX_LCKDIR}", [lock dir])
+ AC_SUBST(VBOX_LCKDIR)
+    dnl #===================#
+@@ -159,7 +159,7 @@
+ AC_MSG_RESULT(${ISDN_GLOBAL_CONFIG})
+-AC_DEFINE_UNQUOTED(I4LCONFDIR, "${ISDN_GLOBAL_CONFIG}")
++AC_DEFINE_UNQUOTED(I4LCONFDIR, "${ISDN_GLOBAL_CONFIG}", [global config])
+ dnl #------------------------------------------------------------------------#
+ dnl # Check and optimize compiler flags:                                     #
+--- isdn4k-utils-CVS-2004-11-18/vbox/acinclude.m4.ac25x        2002-07-06 02:11:19.000000000 +0200
++++ isdn4k-utils-CVS-2004-11-18/vbox/acinclude.m4      2004-11-18 17:47:52.639740930 +0100
+@@ -49,23 +49,23 @@
+          cos,
+          AC_CHECK_LIB(dl,
+             dlerror,
+-            [AC_CHECK_LIB(${gnd_1st_tcl_lib_test},
++            AC_CHECK_LIB(${gnd_1st_tcl_lib_test},
+                Tcl_CreateInterp,
+                LINK_TCL_LIBS="${gnd_tcl_lib_dir} -l${gnd_1st_tcl_lib_test} -lm -ldl",
+-               [AC_CHECK_LIB(${gnd_2nd_tcl_lib_test},
++               AC_CHECK_LIB(${gnd_2nd_tcl_lib_test},
+                   Tcl_CreateInterp,
+                   LINK_TCL_LIBS="${gnd_tcl_lib_dir} -l${gnd_2nd_tcl_lib_test} -lm -ldl",
+-                  [AC_CHECK_LIB(${gnd_3rd_tcl_lib_test},
++                  AC_CHECK_LIB(${gnd_3rd_tcl_lib_test},
+                      Tcl_CreateInterp,
+                      LINK_TCL_LIBS="${gnd_tcl_lib_dir} -l${gnd_3rd_tcl_lib_test} -lm -ldl",
+                      ,
+                      ${gnd_tcl_lib_dir} -lm -ldl
+-                  )],
++                  ),
+                   ${gnd_tcl_lib_dir} -lm -ldl
+-               )],
++               ),
+                ${gnd_tcl_lib_dir} -lm -ldl
+-            )],
+-         )],
++            ),
++         ),
+       )
+       if (test "${LINK_TCL_LIBS}" != "")
+@@ -154,7 +154,7 @@
+          AC_CHECK_LIB(ncurses,
+             resizeterm,
+-            AC_DEFINE(HAVE_RESIZETERM)
++            AC_DEFINE(HAVE_RESIZETERM, 1, [have resizeterm])
+ )
+       fi
+--- isdn4k-utils-CVS-2004-11-18/vbox/aclocal.m4.ac25x  2002-07-06 02:11:19.000000000 +0200
++++ isdn4k-utils-CVS-2004-11-18/vbox/aclocal.m4        2004-11-18 17:47:52.640740782 +0100
+@@ -61,23 +61,23 @@
+          cos,
+          [AC_CHECK_LIB(dl,
+             dlerror,
+-            [AC_CHECK_LIB(${gnd_1st_tcl_lib_test},
++            AC_CHECK_LIB(${gnd_1st_tcl_lib_test},
+                Tcl_CreateInterp,
+                LINK_TCL_LIBS="${gnd_tcl_lib_dir} -l${gnd_1st_tcl_lib_test} -lm -ldl",
+-               [AC_CHECK_LIB(${gnd_2nd_tcl_lib_test},
++               AC_CHECK_LIB(${gnd_2nd_tcl_lib_test},
+                   Tcl_CreateInterp,
+                   LINK_TCL_LIBS="${gnd_tcl_lib_dir} -l${gnd_2nd_tcl_lib_test} -lm -ldl",
+-                  [AC_CHECK_LIB(${gnd_3rd_tcl_lib_test},
++                  AC_CHECK_LIB(${gnd_3rd_tcl_lib_test},
+                      Tcl_CreateInterp,
+                      LINK_TCL_LIBS="${gnd_tcl_lib_dir} -l${gnd_3rd_tcl_lib_test} -lm -ldl",
+                      ,
+                      ${gnd_tcl_lib_dir} -lm -ldl
+-                  )],
++                  ),
+                   ${gnd_tcl_lib_dir} -lm -ldl
+-               )],
++               ),
+                ${gnd_tcl_lib_dir} -lm -ldl
+-            )],
+-         )],
++            ),
++         ),
+       )
+       if (test "${LINK_TCL_LIBS}" != "")
+@@ -103,15 +103,7 @@
+                HAVE_TCL_INCL="y"
+                LINK_TCL_INCL="${gnd_tcl_inc_dir}"
+-            fi
+-         else
+-            AC_MSG_CHECKING("for tcl header in /usr/include/tcl8.3/tcl.h")
+-            if (test -e "/usr/include/tcl8.3/tcl.h")
+-            then
+-               AC_MSG_RESULT("yes")
+-               HAVE_TCL_INCL="y"
+-               LINK_TCL_INCL="-I/usr/include/tcl8.3"
+-            else
++                      else
+                AC_MSG_RESULT("no")
+             fi
+          fi
+--- isdn4k-utils-CVS-2004-11-18/ipppd/configure.in.ac25x       2004-08-30 16:56:36.000000000 +0200
++++ isdn4k-utils-CVS-2004-11-18/ipppd/configure.in     2004-11-18 17:55:56.899083430 +0100
+@@ -17,21 +17,21 @@
+ AC_PROG_CC
+ dnl Checks for libraries.
+-AC_CHECK_LIB(bsd, daemon,HAVE_LIBBSD=1; AC_DEFINE(HAVE_LIBBSD),
++AC_CHECK_LIB(bsd, daemon,HAVE_LIBBSD=1; AC_DEFINE(HAVE_LIBBSD,1,[libbsd]),
+       [AC_MSG_WARN(Could not find libbsd, build disabled)])
+ dnl Replace `main' with a function in -lcrypt:
+-AC_CHECK_LIB(crypt, main,HAVE_LIBCRYPT=1; AC_DEFINE(HAVE_LIBCRYPT))
+-AC_CHECK_LIB(des, des_ecb_encrypt, HAVE_LIBDES=1; AC_DEFINE(HAVE_LIBDES))
+-AC_CHECK_LIB(ssl, DES_ecb_encrypt, HAVE_LIBSSL=1; AC_DEFINE(HAVE_LIBSSL))
++AC_CHECK_LIB(crypt, main,HAVE_LIBCRYPT=1; AC_DEFINE(HAVE_LIBCRYPT,1,[libcrypt]))
++AC_CHECK_LIB(des, des_ecb_encrypt, HAVE_LIBDES=1; AC_DEFINE(HAVE_LIBDES,1,[libdes]))
++AC_CHECK_LIB(ssl, DES_ecb_encrypt, HAVE_LIBSSL=1; AC_DEFINE(HAVE_LIBSSL,1,[libssl]))
+ dnl Checks for header files.
+ AC_HEADER_STDC
+ AC_HEADER_SYS_WAIT
+ AC_CHECK_HEADERS(fcntl.h limits.h paths.h sys/file.h sys/ioctl.h sys/time.h syslog.h unistd.h)
+-AC_CHECK_HEADER(shadow.h, HAVE_SHADOW_H=1; AC_DEFINE(HAVE_SHADOW_H))
+-AC_CHECK_HEADER(linux/isdn_lzscomp.h, HAVE_LZSCOMP_H=1; AC_DEFINE(HAVE_LZSCOMP_H))
+-AC_CHECK_HEADER(pcap-bpf.h, [HAVE_PCAP_BPF_H=1; AC_DEFINE(HAVE_PCAP_BPF_H)],
+-      [AC_CHECK_HEADER(net/bpf.h, [HAVE_NET_BPF_H=1; AC_DEFINE(HAVE_NET_BPF_H)],
++AC_CHECK_HEADER(shadow.h, HAVE_SHADOW_H=1; AC_DEFINE(HAVE_SHADOW_H,1,[have shadow.h]))
++AC_CHECK_HEADER(linux/isdn_lzscomp.h, HAVE_LZSCOMP_H=1; AC_DEFINE(HAVE_LZSCOMP_H,1,[isdn_lzscomp.h]))
++AC_CHECK_HEADER(pcap-bpf.h, [HAVE_PCAP_BPF_H=1; AC_DEFINE(HAVE_PCAP_BPF_H,1,[pcap-bpf.h])],
++      [AC_CHECK_HEADER(net/bpf.h, [HAVE_NET_BPF_H=1; AC_DEFINE(HAVE_NET_BPF_H,1,[net/bpf.h])],
+               [AC_MSG_ERROR(Could not find pcap header file)])])
+ dnl Checks for typedefs, structures, and compiler characteristics.
+@@ -51,62 +51,63 @@
+ AC_ARG_WITH(sbin,
+       [  --with-sbin=DIR         Set directory where ipppd is istalled. [/sbin]],
+       CONFIG_SBINDIR="${withval}"
+-      AC_DEFINE(CONFIG_SBINDIR,"${withval}"),
++      AC_DEFINE(CONFIG_SBINDIR,"${withval}",[sbin dir]),
+ )
+ dnl Optional man directory
+ AC_ARG_WITH(sbin,
+       [  --with-man=DIR          Set manpage directory. [/usr/man]],
+       CONFIG_MANDIR="${withval}"
+-      AC_DEFINE(CONFIG_MANDIR,"${withval}"),
++      AC_DEFINE(CONFIG_MANDIR,"${withval}",[man dir]),
+ )
+ dnl Optional /var/run directory
+ AC_ARG_WITH(sbin,
+       [  --with-varrun=DIR       Set directory for .pid files. [/var/run]],
+       CONFIG_RUNDIR="${withval}"
+-      AC_DEFINE(CONFIG_RUNDIR,"${withval}"),
++      AC_DEFINE(CONFIG_RUNDIR,"${withval}",[/var/run dir]),
+ )
+ dnl Optional MSCHAP
+ AC_ARG_ENABLE(mschap,
+       [  --enable-mschap         Enable Microsoft chap authentication [no]],
+       CONFIG_IPPPD_MSCHAP="y"
+-      AC_DEFINE(CONFIG_IPPPD_MSCHAP,"y"),
++      AC_DEFINE(CONFIG_IPPPD_MSCHAP,"y",[support M$-chap]),
+ )
+ dnl Optional RADIUS
+ AC_ARG_ENABLE(radius,
+       [  --enable-radius         Enable RADIUS authentication [no]],
+       CONFIG_IPPPD_RADIUS="y"
+-      AC_DEFINE(CONFIG_IPPPD_RADIUS,"y"),
++      AC_DEFINE(CONFIG_IPPPD_RADIUS,"y",[support radius]),
+ )
+ dnl Optional radiusclient config file
+ AC_ARG_WITH(radiusclient_config,
+       [  --with-radiusclient=FILE Set filename for radiusclient configuration],
+       RADIUS_CLIENT_CONFIG_FILE="${withval}"
+-      AC_DEFINE(RADIUS_CLIENT_CONFIG_FILE,"${withval}"),
++      AC_DEFINE(RADIUS_CLIENT_CONFIG_FILE,"${withval}",[radius config]),
+ )
+ dnl Optional RADIUS_WTMP_LOGGING
+ AC_ARG_ENABLE(radius_wtmp_logging,
+       [  --enable-radius-wtmp       Enable RADIUS_WTMP_LOGGING authentication [no]],
+       CONFIG_IPPPD_RADIUS_WTMP_LOGGING="y"
+-      AC_DEFINE(CONFIG_IPPPD_RADIUS_WTMP_LOGGING,"y"),
++      AC_DEFINE(CONFIG_IPPPD_RADIUS_WTMP_LOGGING,"y",[radius logging]),
+ )
+ dnl Optional DEBUGGING
+ AC_ARG_ENABLE(debug,
+       [  --enable-debug          Enable debugging [no]],
+       CONFIG_IPPPD_DEBUGFLAGS="-DDEBUGALL"
+-      AC_DEFINE(CONFIG_IPPPD_DEBUGFLAGS,"-DDEBUGALL"),
++      AC_DEFINE(CONFIG_IPPPD_DEBUGFLAGS,"-DDEBUGALL",[options]),
+ )
+ AC_ARG_ENABLE(ippp-filter,
+       [  --enable-ippp-filter    Enable IPPP Filters (needs kernel supports) [no]],
+       CONFIG_IPPP_FILTER="y"
+       AC_DEFINE(CONFIG_IPPP_FILTER,"y"),
++      AC_DEFINE(CONFIG_IPPP_FILTER,"y", [ipppd filter]),
+ )
+ AC_SUBST(I4LVERSION)
+--- isdn4k-utils-CVS-2004-11-18/isdnlog/configure.in.ac25x     2004-10-28 03:53:29.000000000 +0200
++++ isdn4k-utils-CVS-2004-11-18/isdnlog/configure.in   2004-11-18 17:47:52.642740487 +0100
+@@ -79,45 +79,46 @@
+ dnl To make it possible to set variables in policy.h
+ dnl they have to be defined with AC_DEFINE...
+ dnl
+-AC_DEFINE_UNQUOTED(OLDCONFDIR,"$OLDCONFDIR")
+-AC_DEFINE_UNQUOTED(OLDCONFFILE,"$OLDCONFFILE")
+-AC_DEFINE_UNQUOTED(DATADIR,"$datadir")
+-AC_DEFINE_UNQUOTED(SERV_PORT,$SERV_PORT)
+-AC_DEFINE_UNQUOTED(USERFILE,"$USERFILE")
+-AC_DEFINE_UNQUOTED(LOGFILE,"$LOGFILE")
+-AC_DEFINE_UNQUOTED(CHARGEFILE,"$CHARGEFILE")
+-AC_DEFINE_UNQUOTED(RELOADCMD,"$RELOADCMD")
+-AC_DEFINE_UNQUOTED(STOPCMD,"$STOPCMD")
+-AC_DEFINE_UNQUOTED(REBOOTCMD,"$REBOOTCMD")
++AC_DEFINE_UNQUOTED(OLDCONFDIR,"$OLDCONFDIR", [old config dir])
++AC_DEFINE_UNQUOTED(OLDCONFFILE,"$OLDCONFFILE", [old config file])
++AC_DEFINE_UNQUOTED(DATADIR,"$datadir", [data dir])
++AC_DEFINE_UNQUOTED(SERV_PORT,$SERV_PORT, [server port])
++AC_DEFINE_UNQUOTED(USERFILE,"$USERFILE", [user file])
++AC_DEFINE_UNQUOTED(LOGFILE,"$LOGFILE", [log file])
++AC_DEFINE_UNQUOTED(CHARGEFILE,"$CHARGEFILE", [charge file])
++AC_DEFINE_UNQUOTED(RELOADCMD,"$RELOADCMD", [reload command])
++AC_DEFINE_UNQUOTED(STOPCMD,"$STOPCMD", [stop command])
++AC_DEFINE_UNQUOTED(REBOOTCMD,"$REBOOTCMD", [reboot command])
++
+ if test "$CONFIG_ISDN_LOG_DE" = "y" ; then
+       NATION="de"
+       NATION_MACRO="ISDN_DE"
+-      AC_DEFINE(ISDN_DE)
++      AC_DEFINE(ISDN_DE, 1, [German ISDN])
+ fi
+ if test "$CONFIG_ISDN_LOG_AT" = "y" ; then
+       NATION="at"
+       NATION_MACRO="ISDN_AT"
+-      AC_DEFINE(ISDN_AT)
++      AC_DEFINE(ISDN_AT, 1, [Austrian ISDN])
+ fi
+ if test "$CONFIG_ISDN_LOG_CH" = "y" ; then
+       NATION="ch"
+       NATION_MACRO="ISDN_CH"
+-      AC_DEFINE(ISDN_CH)
++      AC_DEFINE(ISDN_CH, 1, [Swiss ISDN])
+ fi
+ if test "$CONFIG_ISDN_LOG_NL" = "y" ; then
+       NATION="nl"
+       NATION_MACRO="ISDN_NL"
+-      AC_DEFINE(ISDN_NL)
++      AC_DEFINE(ISDN_NL, 1, [Dutch ISDN])
+ fi
+ if test "$CONFIG_ISDN_LOG_LU" = "y" ; then
+       NATION="lu"
+       NATION_MACRO="ISDN_LU"
+-      AC_DEFINE(ISDN_LU)
++      AC_DEFINE(ISDN_LU, 1, [Luxembourg ISDN])
+ fi
+ if test "$CONFIG_ISDN_LOG_XX" = "y" ; then
+       NATION=$CONFIG_ISDN_LOG_CC
+       NATION_MACRO="ISDN_XX"
+-      AC_DEFINE(ISDN_XX)
++      AC_DEFINE(ISDN_XX, 1, [Other country])
+ fi
+ dnl Checks for programs.
+@@ -130,17 +131,17 @@
+ dnl Checks for libraries.
+ if test -e tools/cdb/i4l_cdb.c  ; then
+-    AC_DEFINE(USE_CDB)
++    AC_DEFINE(USE_CDB, 1, [Use CDB])
+     CDBEXTRALIBS="tools/cdb/i4l_cdb.a"
+     DBEXT=".cdb"
+     RDBEXT=".cdb"
+     AC_MSG_RESULT(Using 'cdb' as database)
+ else
+-AC_CHECK_LIB(gdbm, gdbm_open, DBMLIB=-lgdbm; AC_DEFINE(HAVE_LIBGDBM),
+-      [AC_CHECK_LIB(dbm, dbm_open, DBMLIB=-ldbm; AC_DEFINE(HAVE_LIBDBM),
+-              [AC_CHECK_LIB(db, dbm_open, DBMLIB=-ldb; AC_DEFINE(HAVE_LIBDB))])])
++AC_CHECK_LIB(gdbm, gdbm_open, DBMLIB=-lgdbm; AC_DEFINE(HAVE_LIBGDBM, 1, [Use libgdbm]),
++      AC_CHECK_LIB(dbm, dbm_open, DBMLIB=-ldbm; AC_DEFINE(HAVE_LIBDBM, 1, [Use libdbm]),
++              AC_CHECK_LIB(db, dbm_open, DBMLIB=-ldb; AC_DEFINE(HAVE_LIBDB, 1, [use libdb]))))
+ fi
+-AC_DEFINE_UNQUOTED(RDBEXT,"$RDBEXT")
++AC_DEFINE_UNQUOTED(RDBEXT,"$RDBEXT",[rdb extension])
+ dnl log database support
+ AC_CHECK_POSTGRES
+@@ -158,7 +159,7 @@
+ dnl Manual config
+ AC_ARG_WITH(isdnlib,
+       [  --with-isdnlib=DIR      Set isdn library [../lib]],
+-      LIBISDNDIR=$withval; AC_DEFINE_UNQUOTED(LIBISDNDIR,"$withval"))
++      LIBISDNDIR=$withval; AC_DEFINE_UNQUOTED(LIBISDNDIR,"$withval",[libisdn dir]))
+ AC_ARG_WITH(area-lib,
+       [  --with-area-lib=STRING  Set area library type [area]],
+       ALIB=$withval)
+@@ -167,16 +168,16 @@
+       CHARGECOUNTRY=$withval)
+ AC_ARG_WITH(oldconfdir,
+       [  --with-oldconfdir=DIR   Set old config directory [/etc/isdnlog]],
+-      OLDCONFDIR=$withval; AC_DEFINE_UNQUOTED(OLDCONFDIR,"$withval"))
++      OLDCONFDIR=$withval; AC_DEFINE_UNQUOTED(OLDCONFDIR,"$withval", [old config dir]))
+ AC_ARG_WITH(oldconf,
+       [  --with-oldconf=NAME     Set old config file name [isdnlog.conf]],
+-      OLDCONFFILE=$withval; AC_DEFINE_UNQUOTED(OLDCONFFILE,"$withval"))
++      OLDCONFFILE=$withval; AC_DEFINE_UNQUOTED(OLDCONFFILE,"$withval", [old config file]))
+ AC_ARG_WITH(datadir,
+         [  --with-datadir=DIR      Set data directory [/usr/lib/isdn]],
+-        datadir=$withval; AC_DEFINE_UNQUOTED(DATADIR,"$withval"))
++        datadir=$withval; AC_DEFINE_UNQUOTED(DATADIR,"$withval", [data dir]))
+ AC_ARG_WITH(sport,
+       [  --with-sport=INT        Set server port [20011]],
+-      SERV_PORT=$withval; AC_DEFINE_UNQUOTED(SERV_PORT,$withval))
++      SERV_PORT=$withval; AC_DEFINE_UNQUOTED(SERV_PORT,$withval, [server port]))
+ dnl Checks for typedefs, structures, and compiler characteristics.
+ AC_C_CONST
+@@ -196,28 +197,28 @@
+ if test "$ALIB" = "area" ; then
+       LIBAREA=1
+-      AC_DEFINE(LIBAREA)
++      AC_DEFINE(LIBAREA, 1, [libarea])
+ fi
+ case "$CHARGECOUNTRY" in
+       DE)
+               NATION="de"
+               NATION_MACRO="ISDN_DE"
+-              AC_DEFINE(ISDN_DE)
++              AC_DEFINE(ISDN_DE, 1, [German ISDN])
+               ;;
+       AT)
+               NATION="at"
+               NATION_MACRO="ISDN_AT"
+-              AC_DEFINE(ISDN_AT)
++              AC_DEFINE(ISDN_AT, 1, [Austrian ISDN])
+               ;;
+       CH)
+               NATION="ch"
+               NATION_MACRO="ISDN_CH"
+-              AC_DEFINE(ISDN_CH)
++              AC_DEFINE(ISDN_CH, 1, [Swiss ISDN])
+               ;;
+       NL)
+               NATION="nl"
+               NATION_MACRO="ISDN_NL"
+-              AC_DEFINE(ISDN_NL)
++              AC_DEFINE(ISDN_NL, 1, [Dutch ISDN])
+               ;;
+ esac
+--- isdn4k-utils-CVS-2004-11-18/isdnlog/aclocal.m4.ac25x       2002-07-19 21:03:55.000000000 +0200
++++ isdn4k-utils-CVS-2004-11-18/isdnlog/aclocal.m4     2004-11-18 17:47:52.643740339 +0100
+@@ -45,13 +45,13 @@
+       if test "$pqdir" != "no" ; then
+               AC_MSG_RESULT("yes")
+               POSTGRES=1
+-              AC_DEFINE_UNQUOTED(POSTGRES,1)
++              AC_DEFINE_UNQUOTED(POSTGRES,1,[postgres support])
+       else
+               AC_MSG_RESULT("no POSTGRES DISABLED")
+               pqdir=""
+       fi
+       POSTGRESDIR="$pqdir"
+-      AC_DEFINE_UNQUOTED(POSTGRESDIR,"$pqdir")
++      AC_DEFINE_UNQUOTED(POSTGRESDIR,"$pqdir",[postgres dir])
+       AC_SUBST(POSTGRES)
+       AC_SUBST(POSTGRESDIR)
+ ])
+@@ -108,13 +108,13 @@
+       if test "$mydir" != "no" ; then
+               AC_MSG_RESULT("yes")
+               MYSQLDB=1
+-              AC_DEFINE_UNQUOTED(MYSQLDB,1)
++              AC_DEFINE_UNQUOTED(MYSQLDB,1,[MySQL support])
+       else
+               AC_MSG_RESULT("no MYSQL DISABLED")
+               mydir=""
+       fi
+       MYSQLDIR="$mydir"
+-      AC_DEFINE_UNQUOTED(MYSQLDIR,"$mydir")
++      AC_DEFINE_UNQUOTED(MYSQLDIR,"$mydir",[MySQL dir])
+       AC_SUBST(MYSQLDB)
+       AC_SUBST(MYSQLDIR)
+ ])
+@@ -134,7 +134,7 @@
+       if test "$oradir" != "no" ; then
+               AC_MSG_RESULT("yes")
+               ORACLE=1
+-              AC_DEFINE_UNQUOTED(ORACLE,1)
++              AC_DEFINE_UNQUOTED(ORACLE,1,[oracle support, unsupported])
+       else
+               AC_MSG_RESULT("no ORACLE DISABLED")
+       fi
+--- isdn4k-utils-CVS-2004-11-18/vbox3/configure.in.ac25x       1998-11-10 19:36:19.000000000 +0100
++++ isdn4k-utils-CVS-2004-11-18/vbox3/configure.in     2004-11-18 17:47:52.644740191 +0100
+@@ -17,11 +17,9 @@
+ ## programs ###############################################################
+ AC_PROG_CC
+-AC_PROG_CC_WORKS
+-AC_PROG_CC_GNU
+ AC_PROG_RANLIB
+-AM_PROG_INSTALL
++AC_PROG_INSTALL
+ ## libraries ##############################################################
+--- isdn4k-utils-CVS-2004-11-18/vbox3/vboxgetty/Makefile.am.ac25x      1998-11-10 19:36:25.000000000 +0100
++++ isdn4k-utils-CVS-2004-11-18/vbox3/vboxgetty/Makefile.am    2004-11-18 17:47:52.644740191 +0100
+@@ -12,7 +12,7 @@
+ ## vboxgetty ##############################################################
+-DEFS                 += -DSYSCONFDIR='"$(sysconfdir)"' -DPKGDATADIR='"$(pkgdatadir)"' -DLOGDIR='"$(packagelogdir)"' -DLOCKDIR='"$(packagelockdir)"' -DPIDDIR='"$(packagepiddir)"'
++DEFS                  = -DSYSCONFDIR='"$(sysconfdir)"' -DPKGDATADIR='"$(pkgdatadir)"' -DLOGDIR='"$(packagelogdir)"' -DLOCKDIR='"$(packagelockdir)"' -DPIDDIR='"$(packagepiddir)"'
+ INCLUDES              = $(all_includes) $(tcl_include)
+--- isdn4k-utils-CVS-2004-11-18/isdnctrl/configure.in.ac25x    2002-07-19 23:23:54.000000000 +0200
++++ isdn4k-utils-CVS-2004-11-18/isdnctrl/configure.in  2004-11-18 17:47:52.645740043 +0100
+@@ -30,21 +30,21 @@
+ AC_ARG_WITH(sbin,
+       [  --with-sbin=DIR         Set dir where binary is istalled. [/sbin]],
+       CONFIG_SBINDIR="${withval}"
+-      AC_DEFINE(CONFIG_SBINDIR,"${withval}"),
++      AC_DEFINE(CONFIG_SBINDIR,"${withval}",[sbin dir]),
+ )
+ dnl Optional man directory
+ AC_ARG_WITH(man,
+       [  --with-man=DIR          Set manpage dir. [/usr/man]],
+       CONFIG_MANDIR="${withval}"
+-      AC_DEFINE(CONFIG_MANDIR,"${withval}"),
++      AC_DEFINE(CONFIG_MANDIR,"${withval}",[man dir]),
+ )
+ dnl Optional config-file-option
+ AC_ARG_ENABLE(cfile,
+       [  --enable-cfile          Enable configfile option [no]],
+       CONFIG_ISDNCTRL_CONF=y
+-      AC_DEFINE(CONFIG_ISDNCTRL_CONF,y),
++      AC_DEFINE(CONFIG_ISDNCTRL_CONF,y,[enable config file]),
+ )
+ AC_SUBST(INSTALL)
+--- isdn4k-utils-CVS-2004-11-18/imon/configure.in.ac25x        2002-07-19 21:03:53.000000000 +0200
++++ isdn4k-utils-CVS-2004-11-18/imon/configure.in      2004-11-18 17:47:52.646739895 +0100
+@@ -38,14 +38,14 @@
+ AC_ARG_WITH(sbin,
+       [  --with-sbin=DIR         Set dir where binary is istalled. [/sbin]],
+       CONFIG_SBINDIR="${withval}"
+-      AC_DEFINE(CONFIG_SBINDIR,"${withval}"),
++      AC_DEFINE(CONFIG_SBINDIR,"${withval}",[kernel directory]),
+ )
+ dnl Optional man directory
+ AC_ARG_WITH(man,
+-      [  --with-man=DIR          Set manpage dir. [/usr/man]],
++      [  --with-man=DIR          Set manpage dir. [/usr/share/man]],
+       CONFIG_MANDIR="${withval}"
+-      AC_DEFINE(CONFIG_MANDIR,"${withval}"),
++      AC_DEFINE(CONFIG_MANDIR,"${withval}",[man directory]),
+ )
+ AC_SUBST(INSTALL)
+--- isdn4k-utils-CVS-2004-11-18/eicon/configure.in.ac25x       2002-07-19 20:42:01.000000000 +0200
++++ isdn4k-utils-CVS-2004-11-18/eicon/configure.in     2004-11-18 17:47:52.646739895 +0100
+@@ -35,21 +35,21 @@
+ AC_ARG_WITH(firmware,
+       [  --with-firmware=DIR     Set dir where firmware istalled. [/usr/lib/isdn]],
+       CONFIG_DATADIR="${withval}"
+-      AC_DEFINE(CONFIG_DATADIR,"${withval}"),
++      AC_DEFINE(CONFIG_DATADIR,"${withval}",[data dir]),
+ )
+ dnl Optional sbin directory
+ AC_ARG_WITH(sbin,
+       [  --with-sbin=DIR         Set dir where binary is istalled. [/sbin]],
+       CONFIG_SBINDIR="${withval}"
+-      AC_DEFINE(CONFIG_SBINDIR,"${withval}"),
++      AC_DEFINE(CONFIG_SBINDIR,"${withval}",[sbin dir]),
+ )
+ dnl Optional man directory
+ AC_ARG_WITH(man,
+       [  --with-man=DIR          Set manpage dir. [/usr/man]],
+       CONFIG_MANDIR="${withval}"
+-      AC_DEFINE(CONFIG_MANDIR,"${withval}"),
++      AC_DEFINE(CONFIG_MANDIR,"${withval}",[man dir]),
+ )
+ dnl Check, if user wants dump option for debugging
+@@ -58,10 +58,10 @@
+       CONFIG_EICONCTRL_DEBUG="y"
+ )
+-AC_DEFINE(HAVE_XLOG)
++AC_DEFINE(HAVE_XLOG,1,[define if you have xlog])
+ AC_SUBST(HAVE_XLOG)
+-AC_DEFINE(HAVE_TRACE)
++AC_DEFINE(HAVE_TRACE,1,[define if you have trace])
+ AC_SUBST(HAVE_TRACE)
+ AC_SUBST(HAVE_NPCI)
diff --git a/src/patches/isdn4k-utils-CVS-2006-02-13-cleanup.patch b/src/patches/isdn4k-utils-CVS-2006-02-13-cleanup.patch
new file mode 100644 (file)
index 0000000..09a3118
--- /dev/null
+++ b/src/patches/isdn4k-utils-CVS-2006-02-13-cleanup.patch
@@ -0,0 +1,125 @@
+*** ./icn/icnctrl.c.old        2002-11-27 14:30:43.000000000 +0000
+--- ./icn/icnctrl.c    2002-11-27 14:31:10.000000000 +0000
+***************
+*** 223,229 ****
+       icn_cdef newcard;
+  
+       cmd = strrchr(argv[0], '/');
+!      cmd = (cmd == NULL) ? argv[0] : ++cmd;
+       if (argc > 1) {
+               if (!strcmp(argv[1], "-d")) {
+                       strcpy(ioctl_s.drvid, argv[2]);
+--- 223,229 ----
+       icn_cdef newcard;
+  
+       cmd = strrchr(argv[0], '/');
+!      cmd = (cmd == NULL) ? argv[0] : (cmd + 1);
+       if (argc > 1) {
+               if (!strcmp(argv[1], "-d")) {
+                       strcpy(ioctl_s.drvid, argv[2]);
+*** ./isdnlog/isdnlog/processor.c.old  2002-11-27 14:27:28.000000000 +0000
+--- ./isdnlog/isdnlog/processor.c      2002-11-27 14:27:41.000000000 +0000
+***************
+*** 3497,3503 ****
+       isdn_net_ioctl_phone netdvX_phone;
+  #endif
+    }     phone;
+!   auto          int rc, chan, l1, l2, lmin, lmax, ldiv, match;
+  
+    if ((iflst = fopen("/proc/net/dev", "r")) == NULL)
+      return(-1);
+--- 3497,3503 ----
+       isdn_net_ioctl_phone netdvX_phone;
+  #endif
+    }     phone;
+!   auto          int rc, chan = 0, l1, l2, lmin, lmax, ldiv, match;
+  
+    if ((iflst = fopen("/proc/net/dev", "r")) == NULL)
+      return(-1);
+*** ./isdnlog/isdnrep/isdnbill.c.old   2002-11-27 14:30:11.000000000 +0000
+--- ./isdnlog/isdnrep/isdnbill.c       2002-11-27 14:30:22.000000000 +0000
+***************
+*** 874,880 ****
+  #endif
+    auto     char     s[BUFSIZ], sx[BUFSIZ];
+    auto     int      i, l, col, day, lday = UNKNOWN, month, lmonth = UNKNOWN;
+!   auto     double   dur;
+    auto     char    *version;
+    auto     char    *myname = basename(argv[0]);
+    auto     int      opt, go, s0, indent;
+--- 874,880 ----
+  #endif
+    auto     char     s[BUFSIZ], sx[BUFSIZ];
+    auto     int      i, l, col, day, lday = UNKNOWN, month, lmonth = UNKNOWN;
+!   auto     double   dur = 0.0;
+    auto     char    *version;
+    auto     char    *myname = basename(argv[0]);
+    auto     int      opt, go, s0, indent;
+*** ./isdnlog/isdnrep/isdnrep.c.old    2002-11-27 14:29:13.000000000 +0000
+--- ./isdnlog/isdnrep/isdnrep.c        2002-11-27 14:29:50.000000000 +0000
+***************
+*** 2593,2599 ****
+  {
+    static char String[256];
+    one_call *tmp_call;
+!   int RetCode;
+  
+  
+    if (bill)
+--- 2593,2599 ----
+  {
+    static char String[256];
+    one_call *tmp_call;
+!   int RetCode = 0;
+  
+  
+    if (bill)
+*** ./isdnlog/tools/zone.c.old 2002-11-27 14:28:01.000000000 +0000
+--- ./isdnlog/tools/zone.c     2002-11-27 14:28:11.000000000 +0000
+***************
+*** 531,537 ****
+                       char *p = value.dptr;
+                       char to[10];
+                       US count;
+!                      int ito;
+                       unsigned char z=0;
+                       if (sthp->cc) /* if areacodes */
+                               /* here is since 1.00 a zero-terminated strring */
+--- 531,537 ----
+                       char *p = value.dptr;
+                       char to[10];
+                       US count;
+!                      int ito = 0;
+                       unsigned char z=0;
+                       if (sthp->cc) /* if areacodes */
+                               /* here is since 1.00 a zero-terminated strring */
+*** ./loop/loopctrl.c.old      2002-11-27 14:32:08.000000000 +0000
+--- ./loop/loopctrl.c  2002-11-27 14:32:23.000000000 +0000
+***************
+*** 175,181 ****
+       isdnloop_sdef startparm;
+  
+       cmd = strrchr(argv[0], '/');
+!      cmd = (cmd == NULL) ? argv[0] : ++cmd;
+       if (argc > 1) {
+               if (!strcmp(argv[1], "-d")) {
+                       strcpy(ioctl_s.drvid, argv[2]);
+--- 175,181 ----
+       isdnloop_sdef startparm;
+  
+       cmd = strrchr(argv[0], '/');
+!      cmd = (cmd == NULL) ? argv[0] : (cmd + 1);
+       if (argc > 1) {
+               if (!strcmp(argv[1], "-d")) {
+                       strcpy(ioctl_s.drvid, argv[2]);
+--- eicon/eiconctrl.c.orig     2006-04-19 16:16:02.000000000 +0200
++++ eicon/eiconctrl.c  2006-04-19 16:17:25.000000000 +0200
+@@ -1970,7 +1970,7 @@
+                               val = strtol(p, &q, 16);
+                               p = q;
+                               val = strtol(p, &q, 16);
+-                              (unsigned short) *buffer = (unsigned short) val;
++                              *buffer = (unsigned short) val;
+                               pos = 2;
+                               while ((p != q) && (*q != 0)) {
+                                       p = q;
diff --git a/src/patches/isdn4k-utils-CVS-2006-07-20-pppd-2.4.4.patch b/src/patches/isdn4k-utils-CVS-2006-07-20-pppd-2.4.4.patch
new file mode 100644 (file)
index 0000000..64918c0
--- /dev/null
+++ b/src/patches/isdn4k-utils-CVS-2006-07-20-pppd-2.4.4.patch
@@ -0,0 +1,11 @@
+--- isdn4k-utils-CVS-2006-07-20/pppdcapiplugin/Makefile.me     2006-07-19 16:43:45.000000000 +0200
++++ isdn4k-utils-CVS-2006-07-20/pppdcapiplugin/Makefile        2006-07-19 16:43:59.000000000 +0200
+@@ -18,7 +18,7 @@
+ PPPSRCDIRS=/src/isdn/pppd
+ ifeq ($(PPPVERSIONS),)
+-PPPVERSIONS = 2.4.3
++PPPVERSIONS = 2.4.3 2.4.4
+ endif
+ PEERDIR=${DESTDIR}/etc/ppp/peers/isdn
diff --git a/src/patches/isdn4k-utils-CVS-2006-07-20-redhat.patch b/src/patches/isdn4k-utils-CVS-2006-07-20-redhat.patch
new file mode 100644 (file)
index 0000000..ff1fc6d
--- /dev/null
+++ b/src/patches/isdn4k-utils-CVS-2006-07-20-redhat.patch
@@ -0,0 +1,967 @@
+--- isdn4k-utils-CVS-2003-09-23/act2000/Makefile.in.redhat     2002-07-19 21:03:49.000000000 +0200
++++ isdn4k-utils-CVS-2003-09-23/act2000/Makefile.in    2003-09-30 17:44:24.000000000 +0200
+@@ -5,8 +5,8 @@
+ #
+ #
+ SHELL                 = /bin/sh
+-CFLAGS                        = -Wall -O2
+-INCLUDES              = -I.
++CFLAGS                        = $(RPM_OPT_FLAGS)
++INCLUDES              = -I.
+ DEFS                  =
+ LDFLAGS                       = -L../lib @LIBS@
+ PROGRAM                       = actctrl
+@@ -18,9 +18,9 @@
+ MANDIR                        = @CONFIG_MANDIR@
+ MAN8DIR                       = $(MANDIR)/man8
+ INSTALL                       = @INSTALL@
+-INSTALL_PROGRAM       = $(INSTALL) -o 0 -g 0 -m 0750
+-INSTALL_DATA  = $(INSTALL) -o 0 -g 0 -m 0644
+-INSTALL_MAN           = $(INSTALL) -o 0 -g 0 -m 0644
++INSTALL_PROGRAM       = $(INSTALL) -m 0750
++INSTALL_DATA  = $(INSTALL) -m 0644
++INSTALL_MAN           = $(INSTALL) -m 0644
+ prefix                        = @prefix@
+ exec_prefix           = @exec_prefix@
+ CC                            = @CC@
+--- isdn4k-utils-CVS-2003-09-23/areacode/Makefile.in.redhat    1999-06-19 11:39:59.000000000 +0200
++++ isdn4k-utils-CVS-2003-09-23/areacode/Makefile.in   2003-09-30 17:44:24.000000000 +0200
+@@ -12,7 +12,7 @@
+       # only ones that _really_ exist on _every_ system.
+       #
+       BUILDOPTS   := $(DATAOPTS)
+-      INSTALLOPTS := $(DATAOPTS) INSTALL="install -o 0 -g 0 -m 644"
++      INSTALLOPTS := $(DATAOPTS) INSTALL="install -m 644"
+ endif
+ all: .depend
+--- isdn4k-utils-CVS-2003-09-23/avmb1/Makefile.in.redhat       2002-07-19 21:03:50.000000000 +0200
++++ isdn4k-utils-CVS-2003-09-23/avmb1/Makefile.in      2003-09-30 17:44:24.000000000 +0200
+@@ -5,7 +5,7 @@
+ #
+ #
+ SHELL                 = /bin/sh
+-CFLAGS                        = -Wall -O2
++CFLAGS                        = $(RPM_OPT_FLAGS)
+ LDFLAGS                       = -L../lib @LIBS@
+ INCLUDES              = -I.
+ PROGRAMS              = avmcapictrl
+@@ -15,8 +15,8 @@
+ MANDIR                        = @CONFIG_MANDIR@
+ MAN8DIR                       = $(MANDIR)/man8
+ INSTALL                       = @INSTALL@
+-INSTALL_PROGRAM       = $(INSTALL) -o 0 -g 0 -m 0750
+-INSTALL_MAN           = $(INSTALL) -o 0 -g 0 -m 0644
++INSTALL_PROGRAM       = $(INSTALL) -m 0750
++INSTALL_MAN           = $(INSTALL) -m 0644
+ prefix                        = @prefix@
+ exec_prefix           = @exec_prefix@
+ CC                            = @CC@
+--- isdn4k-utils-CVS-2003-09-23/capifax/Makefile.am.redhat     2000-03-03 16:54:12.000000000 +0100
++++ isdn4k-utils-CVS-2003-09-23/capifax/Makefile.am    2003-09-30 17:44:24.000000000 +0200
+@@ -8,7 +8,7 @@
+                         stamp-h.in
+ INCLUDES = -I../capi20 $(all_includes)
+-CFLAGS = -Wall -O2
++CFLAGS = -Wall $(RPM_OPT_FLAGS)
+ LDFLAGS = -L../capi20/.libs -L../capi20 $(all_libraries)
+ LDADD = -lcapi20
+--- isdn4k-utils-CVS-2003-09-23/capiinfo/Makefile.am.redhat    2000-10-20 19:14:20.000000000 +0200
++++ isdn4k-utils-CVS-2003-09-23/capiinfo/Makefile.am   2003-09-30 17:44:24.000000000 +0200
+@@ -8,7 +8,7 @@
+                         stamp-h.in comperr
+ INCLUDES = -I../capi20 $(all_includes)
+-CFLAGS = -Wall -O2
++CFLAGS = -Wall $(RPM_OPT_FLAGS)
+ LDFLAGS = -L../capi20/.libs -L../capi20 $(all_libraries)
+ LDADD = -lcapi20
+--- isdn4k-utils-CVS-2003-09-23/capiinit/Makefile.am.redhat    2000-03-17 17:19:43.000000000 +0100
++++ isdn4k-utils-CVS-2003-09-23/capiinit/Makefile.am   2003-09-30 17:44:24.000000000 +0200
+@@ -8,7 +8,7 @@
+                         stamp-h.in comperr core
+ INCLUDES = $(all_includes)
+-CFLAGS = -Wall -O2 -D_GNU_SOURCE # -g
++CFLAGS = -Wall -D_GNU_SOURCE $(RPM_OPT_FLAGS)
+ LDFLAGS = $(all_libraries)
+ LDADD = 
+--- isdn4k-utils-CVS-2003-09-23/divertctrl/Makefile.in.redhat  2002-07-19 21:03:51.000000000 +0200
++++ isdn4k-utils-CVS-2003-09-23/divertctrl/Makefile.in 2003-09-30 17:44:24.000000000 +0200
+@@ -5,16 +5,16 @@
+ #
+ #
+ SHELL                 = /bin/sh
+-CFLAGS                        = -Wall -O2
+-INCLUDES              = -I.
++CFLAGS                        = -Wall $(RPM_OPT_FLAGS)
++INCLUDES              = -I.
+ DEFS                  =
+ LDFLAGS                       = -L../lib @LIBS@
+ PROGRAM                       = divertctrl
+ MODULES                       = divertctrl.o
+ MANPAGE                       = divertctrl.8
+ INSTALL                       = @INSTALL@
+-INSTALL_PROGRAM       = $(INSTALL) -o 0 -g 0 -m 0750
+-INSTALL_MAN           = $(INSTALL) -o 0 -g 0 -m 0644
++INSTALL_PROGRAM       = $(INSTALL) -m 0750
++INSTALL_MAN           = $(INSTALL) -m 0644
+ prefix                        = @prefix@
+ exec_prefix           = @exec_prefix@
+ ifeq (../.config,$(wildcard ../.config))
+--- isdn4k-utils-CVS-2003-09-23/doc/Makefile.in.redhat 1999-12-24 15:14:50.000000000 +0100
++++ isdn4k-utils-CVS-2003-09-23/doc/Makefile.in        2003-09-30 17:44:24.000000000 +0200
+@@ -9,7 +9,7 @@
+ SED                           = @SED@
+ MANDIR                        = @CONFIG_MANDIR@
+ MANPAGES              = ttyI.4 isdninfo.4 isdn_audio.4 isdnctrl.4 isdn_cause.7
+-INSTALL_MAN           = @INSTALL@ -o 0 -g 0 -m 0644
++INSTALL_MAN           = @INSTALL@ -m 0644
+ prefix                        = @prefix@
+ %.1: %.man
+--- isdn4k-utils-CVS-2003-09-23/eicon/Makefile.in.redhat       2002-07-19 20:42:01.000000000 +0200
++++ isdn4k-utils-CVS-2003-09-23/eicon/Makefile.in      2003-09-30 17:44:24.000000000 +0200
+@@ -7,8 +7,8 @@
+ #
+ SHELL                 = /bin/sh
+-CFLAGS                        = -Wall -O2 -DUNIX -DLINUX
+-INCLUDES              = -I. -Iinclude
++CFLAGS                        = -Wall -DUNIX -DLINUX $(RPM_OPT_FLAGS)
++INCLUDES              = -I. -Iinclude
+ LDFLAGS                       = -L../lib @LIBS@
+ PROGRAMS              = 
+ PROGRAM                       = eiconctrl
+@@ -22,9 +22,9 @@
+ DATA_DIR              = @CONFIG_DATADIR@
+ MANDIR                        = @CONFIG_MANDIR@
+ MAN8DIR                       = $(MANDIR)/man8
+-INSTALL_PROGRAM       = $(INSTALL) -o 0 -g 0 -m 0750
+-INSTALL_DATA  = $(INSTALL) -o 0 -g 0 -m 0644
+-INSTALL_MAN           = $(INSTALL) -o 0 -g 0 -m 0644
++INSTALL_PROGRAM       = $(INSTALL) -m 0750
++INSTALL_DATA  = $(INSTALL) -m 0644
++INSTALL_MAN           = $(INSTALL) -m 0644
+ CC                            = @CC@
+ COPTS                 = -DDATADIR=\"$(shell echo $(DESTDIR)$(DATA_DIR))\"
+--- isdn4k-utils-CVS-2003-09-23/hisax/Makefile.in.redhat       2002-07-19 21:03:51.000000000 +0200
++++ isdn4k-utils-CVS-2003-09-23/hisax/Makefile.in      2003-09-30 17:44:24.000000000 +0200
+@@ -6,7 +6,7 @@
+ #
+ #
+ SHELL                 = /bin/sh
+-CFLAGS                        = -Wall -O2 -I.
++CFLAGS                        = -Wall $(RPM_OPT_FLAGS) -I.
+ LDFLAGS                       = -L../lib @LIBS@
+ PROGRAMS              =
+ MODULES                       = hisaxctrl.o
+@@ -16,9 +16,9 @@
+ DATADIR                       = @CONFIG_DATADIR@
+ MANDIR                        = @CONFIG_MANDIR@
+ MAN8DIR                       = $(MANDIR)/man8
+-INSTALL_PROGRAM       = $(INSTALL) -o 0 -g 0 -m 0750
+-INSTALL_DATA  = $(INSTALL) -o 0 -g 0 -m 0644
+-INSTALL_MAN           = $(INSTALL) -o 0 -g 0 -m 0644
++INSTALL_PROGRAM       = $(INSTALL) -m 0750
++INSTALL_DATA  = $(INSTALL) -m 0644
++INSTALL_MAN           = $(INSTALL) -m 0644
+ prefix                        = @prefix@
+ exec_prefix           = @exec_prefix@
+ ifeq ("@CONFIG_HISAXCTRL@","y")
+--- isdn4k-utils-CVS-2003-09-23/icn/Makefile.in.redhat 2002-07-19 21:03:52.000000000 +0200
++++ isdn4k-utils-CVS-2003-09-23/icn/Makefile.in        2003-09-30 17:44:24.000000000 +0200
+@@ -5,8 +5,8 @@
+ #
+ #
+ SHELL                 = /bin/sh
+-CFLAGS                        = -Wall -O2
+-INCLUDES              = -I.
++CFLAGS                        = -Wall $(RPM_OPT_FLAGS)
++INCLUDES              = -I.
+ DEFS                  =
+ LDFLAGS                       = -L../lib @LIBS@
+ PROGRAM                       = icnctrl
+@@ -17,9 +17,9 @@
+ DATADIR                       = @CONFIG_DATADIR@
+ MANDIR                        = @CONFIG_MANDIR@
+ MAN8DIR                       = $(MANDIR)/man8
+-INSTALL_PROGRAM       = $(INSTALL) -o 0 -g 0 -m 0750
+-INSTALL_DATA  = $(INSTALL) -o 0 -g 0 -m 0644
+-INSTALL_MAN           = $(INSTALL) -o 0 -g 0 -m 0644
++INSTALL_PROGRAM       = $(INSTALL) -m 0750
++INSTALL_DATA  = $(INSTALL) -m 0644
++INSTALL_MAN           = $(INSTALL) -m 0644
+ CC                            = @CC@
+ COPTS                 =
+--- isdn4k-utils-CVS-2003-09-23/imon/Makefile.in.redhat        2002-07-19 21:03:53.000000000 +0200
++++ isdn4k-utils-CVS-2003-09-23/imon/Makefile.in       2003-09-30 17:44:24.000000000 +0200
+@@ -7,8 +7,8 @@
+ #
+ #
+ SHELL                 = /bin/sh
+-CFLAGS                        = -Wall -O2
+-INCLUDES              = -I.
++CFLAGS                        = -Wall $(RPM_OPT_FLAGS)
++INCLUDES              = -I.
+ LDFLAGS                       = -L../lib @LIBS@
+ PROGRAM                       = imon
+ MODULES                       = imon.o
+@@ -18,8 +18,8 @@
+ SBINDIR                       = @CONFIG_SBINDIR@
+ MAN8DIR                       = $(MANDIR)/man8
+ INSTALL                       = @INSTALL@
+-INSTALL_PROGRAM       = $(INSTALL) -o 0 -g 0 -m 0750
+-INSTALL_MAN           = $(INSTALL) -o 0 -g 0 -m 0644
++INSTALL_PROGRAM       = $(INSTALL) -m 0750
++INSTALL_MAN           = $(INSTALL) -m 0644
+ prefix                        = @prefix@
+ exec_prefix           = @exec_prefix@
+ CC                            = @CC@
+--- isdn4k-utils-CVS-2003-09-23/imontty/Makefile.redhat        2002-07-19 23:23:53.000000000 +0200
++++ isdn4k-utils-CVS-2003-09-23/imontty/Makefile       2003-09-30 17:44:24.000000000 +0200
+@@ -15,14 +15,14 @@
+       # Manual config standalone
+       #
+       CONFIG_SBINDRIR := /sbin
+-      MAN8DIR         := /usr/man/man8
++      MAN8DIR         := /usr/share/man/man8
+ endif
+ INSTALL=install
+-INSTALL_MAN=$(INSTALL) -o 0 -g 0 -m 0644
++INSTALL_MAN=$(INSTALL) -m 0644
+ MANPAGE=imontty.8
+-CCFLAGS=-O2
++CCFLAGS=$(RPM_OPT_FLAGS)
+ #CCFLAGS=-I$(ISDN_INCLUDE) -g
+ # nothing to change behind this line
+@@ -34,13 +34,6 @@
+ imontty: imontty.c imontty.h
+       cc $(CCFLAGS) -o imontty imontty.c
+-rootperm:
+-      @echo 'main(int argc,char**argv){unlink(argv[0]);return(getuid()==0);}'>g
+-      @if gcc -x c -o G g && rm -f g && ./G ; then \
+-              echo -e "\n\n      Need root permission for (de)installation!\n\n"; \
+-              exit 1; \
+-      fi
+-
+ imontty.8: imontty.8.in
+       MANDATE=`grep CHECKIN $< | awk '{print $$4}'`; \
+       sed \
+@@ -52,10 +45,10 @@
+       mkdir -p $(DESTDIR)$(MAN8DIR)
+       $(INSTALL_MAN) $< $(DESTDIR)$(MAN8DIR)/$(MANPAGE)
+-install: $(PROGS) rootperm install-man
+-      install -s -o 0 -g 0 -m 0755 $(PROGS) $(DESTDIR)$(CONFIG_SBINDIR)
++install: $(PROGS) install-man
++      install -m 0755 $(PROGS) $(DESTDIR)$(CONFIG_SBINDIR)
+-uninstall: rootperm
++uninstall:
+       for i in $(PROGS) ; do rm -f $(DESTDIR)$(CONFIG_SBINDIR)/$$i; done
+ clean:
+--- isdn4k-utils-CVS-2003-09-23/ipppstats/Makefile.in.redhat   2002-07-19 21:03:54.000000000 +0200
++++ isdn4k-utils-CVS-2003-09-23/ipppstats/Makefile.in  2003-09-30 17:44:24.000000000 +0200
+@@ -6,14 +6,14 @@
+ MANDIR       = @CONFIG_MANDIR@
+ CC           = @CC@
+ INSTALL      = @INSTALL@
+-INSTALL_SBIN = $(INSTALL) -m 755 -o 0 -g 0
+-INSTALL_DATA = $(INSTALL) -m 644 -o 0 -g 0
+-INSTALL_DIR  = $(INSTALL) -m 755 -o 0 -g 0 -d
++INSTALL_SBIN = $(INSTALL) -m 755
++INSTALL_DATA = $(INSTALL) -m 644
++INSTALL_DIR  = $(INSTALL) -m 755 -d
+ PPPSTATSRCS  = ipppstats.c
+ PPPSTATOBJS  = ipppstats.o
+-CFLAGS       = -fomit-frame-pointer -O2
++CFLAGS       = $(RPM_OPT_FLAGS)
+ all: ipppstats
+--- isdn4k-utils-CVS-2003-09-23/iprofd/Makefile.in.redhat      2002-07-19 23:23:53.000000000 +0200
++++ isdn4k-utils-CVS-2003-09-23/iprofd/Makefile.in     2003-09-30 17:44:24.000000000 +0200
+@@ -5,8 +5,8 @@
+ #
+ #
+ SHELL                 = /bin/sh
+-CFLAGS                        = -Wall -O2
+-INCLUDES              = -I.
++CFLAGS                        = -Wall $(RPM_OPT_FLAGS)
++INCLUDES              = -I.
+ LDFLAGS                       = -L../lib @LIBS@
+ PROGRAM                       = iprofd
+ MODULES                       = iprofd.o
+@@ -15,8 +15,8 @@
+ MANDIR                        = @CONFIG_MANDIR@
+ MAN8DIR                       = $(MANDIR)/man8
+ INSTALL                       = @INSTALL@
+-INSTALL_PROGRAM       = $(INSTALL) -o 0 -g 0 -m 0750
+-INSTALL_MAN           = $(INSTALL) -o 0 -g 0 -m 0644
++INSTALL_PROGRAM       = $(INSTALL) -m 0750
++INSTALL_MAN           = $(INSTALL) -m 0644
+ prefix                        = @prefix@
+ exec_prefix           = @exec_prefix@
+ CC                            = @CC@
+--- isdn4k-utils-CVS-2003-09-23/isdnctrl/Makefile.in.redhat    2002-07-19 23:23:54.000000000 +0200
++++ isdn4k-utils-CVS-2003-09-23/isdnctrl/Makefile.in   2003-09-30 17:44:24.000000000 +0200
+@@ -5,8 +5,8 @@
+ #
+ #
+ SHELL                   = /bin/sh
+-CFLAGS                        = -Wall -O2
+-INCLUDES              = -I.
++CFLAGS                        = -Wall $(RPM_OPT_FLAGS)
++INCLUDES              = -I.
+ LDFLAGS                       = @LIBS@ 
+ PROGRAM                       = isdnctrl
+ MODULES                       = isdnctrl.o
+@@ -15,8 +15,8 @@
+ MANDIR                        = @CONFIG_MANDIR@
+ MAN8DIR                       = $(MANDIR)/man8
+ INSTALL                       = @INSTALL@
+-INSTALL_PROGRAM       = $(INSTALL) -o 0 -g 0 -m 0750
+-INSTALL_MAN           = $(INSTALL) -o 0 -g 0 -m 0644
++INSTALL_PROGRAM       = $(INSTALL) -m 0750
++INSTALL_MAN           = $(INSTALL) -m 0644
+ CC                            = @CC@ -DVERSION=\"@I4LVERSION@\"
+ prefix                        = @prefix@
+ exec_prefix           = @exec_prefix@
+--- isdn4k-utils-CVS-2003-09-23/isdnlog/samples/callerid.conf.redhat   2000-09-08 10:55:51.000000000 +0200
++++ isdn4k-utils-CVS-2003-09-23/isdnlog/samples/callerid.conf  2003-09-30 17:44:24.000000000 +0200
+@@ -2,38 +2,31 @@
+ # 
+ # More information: See the isdnlog documentation
++#INTERFACE = ippp0      # Isdn network interface. This information  is  required
++                        # with the "-hx" / hangup="value" option.
++
++
+ [MSN]
+ NUMBER = 4711
+ ALIAS  = Phone
+ SI     = 1
+ ZONE   = 1
+-START = {
+-  [FLAG]
+-  FLAGS = I|O|R|C|B|A|E|H
+-  PROGRAM = /bin/myprog \$1 \$2 \$3 Phone
+-}
++#START = {
++#  [FLAG]
++#  FLAGS = I|O|R|C|B|A|E|H
++#  PROGRAM = /bin/myprog \$1 \$2 \$3 Phone
++#}
+ [MSN]
+ NUMBER = 4711
+ ALIAS  = HDLC
+ SI     = 7
+ ZONE   = 1
+-START = {
+-  [FLAG]
+-  FLAGS = I|O|R|C|B|A|E|
+-  PROGRAM = /bin/myprog \$1 \$2 \$3 HDLC @/home/user1/parameter
+-}
+-
+-[MSN]
+-NUMBER = 4712
+-ALIAS  = Modem
+-SI     = 1
+-ZONE   = 1
+-START = {
+-  [FLAG]
+-  FLAGS = I|O|R|C|B|A|E|H
+-  PROGRAM = /bin/myprog \$1 \$2 \$3 Modem
+-}
++#START = {
++#  [FLAG]
++#  FLAGS = I|O|R|C|B|A|E|
++#  PROGRAM = /bin/myprog \$1 \$2 \$3 HDLC @/home/user1/parameter
++#}
+ [NUMBER]
+ NUMBER = 01910
+--- isdn4k-utils-CVS-2003-09-23/isdnlog/tools/cdb/Makefile.in.redhat   2000-08-15 17:16:23.000000000 +0200
++++ isdn4k-utils-CVS-2003-09-23/isdnlog/tools/cdb/Makefile.in  2003-09-30 17:44:24.000000000 +0200
+@@ -20,7 +20,7 @@
+ BINDIR:=$(DESTDIR)@prefix@/bin
+ INCDIR:=$(DESTDIR)@prefix@/include
+-CFLAGS:=-Wall -O2
++CFLAGS:=-Wall $(RPM_OPT_FLAGS)
+ all: depend $(FILES)
+@@ -46,7 +46,7 @@
+       install -d -m0755 $(MAN1DIR) $(MAN3DIR) $(LIBDIR) $(BINDIR) \
+               $(INCDIR)
+-install:
++install: install-dirs
+       install -m0755 $(BINS) $(BINDIR)
+       install -m0644 $(MAN1) $(MAN1DIR)
+       install -m0644 $(MAN3) $(MAN3DIR)
+--- isdn4k-utils-CVS-2003-09-23/isdnlog/tools/dest/Makefile.in.redhat  2003-07-25 23:23:15.000000000 +0200
++++ isdn4k-utils-CVS-2003-09-23/isdnlog/tools/dest/Makefile.in 2003-09-30 17:44:24.000000000 +0200
+@@ -6,7 +6,7 @@
+ -include ../../../.config
+ BZIP2                 = @BZIP2@
+ SHELL                 = /bin/sh
+-CFLAGS                        = -Wall -g
++CFLAGS                        = -Wall $(RPM_OPT_FLAGS)
+ INCLUDES              =
+ LDFLAGS                       = @DBMLIB@
+ export DBEXT          = @DBEXT@
+@@ -20,9 +20,9 @@
+ SBINDIR                       = @CONFIG_SBINDIR@
+ MAN8DIR                       = $(MANDIR)/man8
+ INSTALL                       = @INSTALL@
+-INSTALL_PROGRAM               = $(INSTALL) -o 0 -g 0 -m 0750
+-INSTALL_MAN           = $(INSTALL) -o 0 -g 0 -m 0644
+-INSTALL_DATA          = $(INSTALL) -o 0 -g 0 -m 0644
++INSTALL_PROGRAM               = $(INSTALL) -m 0750
++INSTALL_MAN           = $(INSTALL) -m 0644
++INSTALL_DATA          = $(INSTALL) -m 0644
+ prefix                        = @prefix@
+ exec_prefix           = @exec_prefix@
+ DATADIR                       = @datadir@
+--- isdn4k-utils-CVS-2003-09-23/isdnlog/tools/telrate/Makefile.in.redhat       1999-12-24 15:17:08.000000000 +0100
++++ isdn4k-utils-CVS-2003-09-23/isdnlog/tools/telrate/Makefile.in      2003-09-30 17:44:24.000000000 +0200
+@@ -8,8 +8,8 @@
+ CGIDIR                = @CGIDIR@
+ TELDIR                = @TELDIR@
+ INSTALL               = @INSTALL@
+-INSTALL_PROGRAM       = $(INSTALL) -o 0 -g 0 -m 0755
+-INSTALL_FILE  = $(INSTALL) -o 0 -g 0 -m 0644
++INSTALL_PROGRAM       = $(INSTALL) -m 0755
++INSTALL_FILE  = $(INSTALL) -m 0644
+ FILES = index.html info.html *.jpg *.gif tt.js
+--- isdn4k-utils-CVS-2003-09-23/isdnlog/tools/zone/Makefile.in.redhat  2003-03-11 14:08:00.000000000 +0100
++++ isdn4k-utils-CVS-2003-09-23/isdnlog/tools/zone/Makefile.in 2003-09-30 17:44:24.000000000 +0200
+@@ -5,7 +5,7 @@
+ #
+ BZIP2                 = @BZIP2@
+ SHELL                 = /bin/sh
+-CFLAGS                        = -Wall -g
++CFLAGS                        = -Wall $(RPM_OPT_FLAGS)
+ INCLUDES              =
+ LDFLAGS                       = @DBMLIB@
+ CDBEXTRALIBS          = @CDBEXTRALIBS@
+@@ -20,8 +20,8 @@
+ SBINDIR                       = @CONFIG_SBINDIR@
+ MAN8DIR                       = $(MANDIR)/man8
+ INSTALL                       = @INSTALL@
+-INSTALL_PROGRAM               = $(INSTALL) -o 0 -g 0 -m 0750
+-INSTALL_MAN           = $(INSTALL) -o 0 -g 0 -m 0644
++INSTALL_PROGRAM               = $(INSTALL) -m 0750
++INSTALL_MAN           = $(INSTALL) -m 0644
+ prefix                        = @prefix@
+ exec_prefix           = @exec_prefix@
+ #CC                   = @CC@ -V2.7.2.3
+--- isdn4k-utils-CVS-2003-09-23/isdnlog/Makefile.in.redhat     2003-08-26 21:46:11.000000000 +0200
++++ isdn4k-utils-CVS-2003-09-23/isdnlog/Makefile.in    2003-09-30 17:44:24.000000000 +0200
+@@ -1542,10 +1542,10 @@
+ # autoconf isdnlog specific stuff
+ #
+ INSTALL                       := @INSTALL@
+-INSTALL_DIR           := $(INSTALL) -m 0755 -o 0 -g 0 -d
+-INSTALL_SBIN          := $(INSTALL) -m 0700 -o 0 -g 0
+-INSTALL_BIN           := $(INSTALL) -m 0755 -o 0 -g 0
+-INSTALL_DATA          := $(INSTALL) -m 0644 -o 0 -g 0
++INSTALL_DIR           := $(INSTALL) -m 0755 -d
++INSTALL_SBIN          := $(INSTALL) -m 0700
++INSTALL_BIN           := $(INSTALL) -m 0755
++INSTALL_DATA          := $(INSTALL) -m 0644
+ BZIP2                   := @BZIP2@
+ BUNZIP2                 := $(BZIP2) -f -d
+@@ -1600,9 +1600,9 @@
+ SUBDIRS     += $(LIBISDNDIR)
+ endif
+-# export CFLAGS  = -Wall -pipe -O6 -fomit-frame-pointer -fforce-mem -fforce-addr -funroll-loops -fstrength-reduce
++# export CFLAGS  = -Wall -pipe -frame-pointer -fforce-mem -fforce-addr -funroll-loops -fstrength-reduce
+-export CFLAGS  = -Wall -pipe
++export CFLAGS  = -Wall $(RPM_OPT_FLAGS)
+ ifndef _CC
+ export _CC  = gcc
+ endif
+@@ -1837,8 +1837,7 @@
+               echo ""; echo 'Do "make (un)install" as root!' ;echo ""; false; \
+       fi
+-uninstall: rootperm
+-              if ps x | fgrep $(ISDNLOG) >/dev/null; then kill `cat $(RUNDIR)/isdnlog.isdnctrl0.pid` 2>/dev/null; fi
++uninstall:
+               rm -f   $(DESTDIR)$(SBINDIR)/$(ISDNLOG) \
+                       $(DESTDIR)$(BINDIR)/$(ISDNREP)  \
+                       $(DESTDIR)$(BINDIR)/$(ISDNCONF)
+@@ -1859,7 +1858,7 @@
+                       $(DESTDIR)$(DATADIR)/dest.cdb
+-installdirs: rootperm
++installdirs:
+               $(INSTALL_DIR) $(DESTDIR)$(I4LCONFDIR)
+               $(INSTALL_DIR) $(DESTDIR)$(BINDIR)
+               $(INSTALL_DIR) $(DESTDIR)$(SBINDIR)
+@@ -1868,7 +1867,7 @@
+               $(INSTALL_DIR) $(DESTDIR)$(MAN8DIR)
+               $(INSTALL_DIR) $(DESTDIR)$(DATADIR)
+-install: all rootperm installdirs install-conf install-data install-progs
++install: all installdirs install-conf install-data install-progs
+ install-old-conf:
+               @if [ -n "$(DESTDIR)$(OLDCONFDIR)" -a "$(DESTDIR)$(OLDCONFDIR)" != '/' ] ; then \
+--- isdn4k-utils-CVS-2003-09-23/lib/Makefile.in.redhat 1999-12-12 18:22:36.000000000 +0100
++++ isdn4k-utils-CVS-2003-09-23/lib/Makefile.in        2003-09-30 17:44:24.000000000 +0200
+@@ -11,7 +11,7 @@
+       # Install as root with numeric Id's, since these are the
+       # only ones that _really_ exist on _every_ system.
+       #
+-      INSTALLOPTS += INSTALL= install -o 0 -g 0 -m 644
++      INSTALLOPTS += INSTALL= install -m 644
+ endif
+ all: .depend
+--- isdn4k-utils-CVS-2003-09-23/loop/Makefile.in.redhat        2002-07-19 21:03:56.000000000 +0200
++++ isdn4k-utils-CVS-2003-09-23/loop/Makefile.in       2003-09-30 17:44:24.000000000 +0200
+@@ -5,16 +5,16 @@
+ #
+ #
+ SHELL                 = /bin/sh
+-CFLAGS                        = -Wall -O2
+-INCLUDES              = -I.
++CFLAGS                        = -Wall $(RPM_OPT_FLAGS)
++INCLUDES              = -I.
+ DEFS                  =
+ LDFLAGS                       = -L../lib @LIBS@
+ PROGRAM                       = loopctrl
+ MODULES                       = loopctrl.o
+ MANPAGE                       = loopctrl.8
+ INSTALL                       = @INSTALL@
+-INSTALL_PROGRAM       = $(INSTALL) -o 0 -g 0 -m 0750
+-INSTALL_MAN           = $(INSTALL) -o 0 -g 0 -m 0644
++INSTALL_PROGRAM       = $(INSTALL) -m 0750
++INSTALL_MAN           = $(INSTALL) -m 0644
+ prefix                        = @prefix@
+ exec_prefix           = @exec_prefix@
+ ifeq (../.config,$(wildcard ../.config))
+--- isdn4k-utils-CVS-2003-09-23/pcbit/Makefile.in.redhat       2002-07-19 21:03:57.000000000 +0200
++++ isdn4k-utils-CVS-2003-09-23/pcbit/Makefile.in      2003-09-30 17:44:24.000000000 +0200
+@@ -5,8 +5,8 @@
+ #
+ #
+ SHELL                 = /bin/sh
+-CFLAGS                        = -Wall -Wstrict-prototypes -O2 -g
+-INCLUDES              = -I. -DDEBUG 
++CFLAGS                        = -Wall -Wstrict-prototypes $(RPM_OPT_FLAGS)
++INCLUDES              = -I. -DDEBUG
+ LDFLAGS                       = -L../lib @LIBS@
+ PROGRAM                       = pcbitctl
+ MODULES                       = pcbitctl.o convhexbin.o
+@@ -15,8 +15,8 @@
+ MANDIR                        = @CONFIG_MANDIR@
+ MAN8DIR                       = $(MANDIR)/man8
+ INSTALL                       = @INSTALL@
+-INSTALL_PROGRAM               = $(INSTALL) -o 0 -g 0 -m 0750
+-INSTALL_MAN           = $(INSTALL) -o 0 -g 0 -m 0644
++INSTALL_PROGRAM               = $(INSTALL) -m 0750
++INSTALL_MAN           = $(INSTALL) -m 0644
+ prefix                        = @prefix@
+ exec_prefix           = @exec_prefix@
+ CC                            = @CC@
+--- isdn4k-utils-CVS-2003-09-23/pppdcapiplugin/ppp-2.4.1/Makefile.redhat       2001-05-01 14:43:50.000000000 +0200
++++ isdn4k-utils-CVS-2003-09-23/pppdcapiplugin/ppp-2.4.1/Makefile      2003-09-30 17:44:24.000000000 +0200
+@@ -8,7 +8,7 @@
+ #  as published by the Free Software Foundation; either version
+ #  2 of the License, or (at your option) any later version.
+-PLUGINDIR=${DESTDIR}/usr/lib/pppd/$(PPPVERSION)
++PLUGINDIR=${DESTDIR}/$(LIBDIR)/pppd/$(PPPVERSION)
+ include $(TOPDIR)/Rules.make
+--- isdn4k-utils-CVS-2003-09-23/rcapid/Makefile.am.redhat      2002-07-19 23:23:54.000000000 +0200
++++ isdn4k-utils-CVS-2003-09-23/rcapid/Makefile.am     2003-09-30 17:44:24.000000000 +0200
+@@ -8,7 +8,7 @@
+                         stamp-h.in comperr
+ INCLUDES = -I../capi20 $(all_includes)
+-CFLAGS = -Wall -O2
++CFLAGS = -Wall $(RPM_OPT_FLAGS)
+ LDFLAGS = -L../capi20/.libs -L../capi20 $(all_libraries)
+ LDADD = -lcapi20
+--- isdn4k-utils-CVS-2003-09-23/vbox/examples/vboxd.conf.example.redhat        1997-04-28 18:51:29.000000000 +0200
++++ isdn4k-utils-CVS-2003-09-23/vbox/examples/vboxd.conf.example       2003-09-30 17:44:24.000000000 +0200
+@@ -5,7 +5,7 @@
+ # login (server startup) time. If access is 'yes' the host can login
+ # and count messages without special access.
+-L:localhost:Y
++#L:localhost:Y
+ L:*:N
+ # Full access list
+@@ -13,7 +13,7 @@
+ # All hosts in the full access list (begins with 'A') are checked if the
+ # server gets the 'login' command.
+-A:localhost:RW:michael:xxx:/var/spool/vbox/michael:incoming
+-A:localhost:RW:nicole:xxx:/var/spool/vbox/nicole:incoming
++#A:localhost:RW:michael:xxx:/var/spool/vbox/michael:incoming
++#A:localhost:RW:nicole:xxx:/var/spool/vbox/nicole:incoming
+ A:*:!:!:!:!:!
+--- isdn4k-utils-CVS-2003-09-23/vbox/examples/vboxgetty.conf.example.redhat    1997-10-22 22:46:58.000000000 +0200
++++ isdn4k-utils-CVS-2003-09-23/vbox/examples/vboxgetty.conf.example   2003-09-30 17:44:24.000000000 +0200
+@@ -20,18 +20,18 @@
+ # Settings for port ttyI6
+-port /dev/ttyI6
+-  modeminit           ATZ&B512&E7830022
+-  user                        nicole
+-  group                       users
+-  spooldir            /var/spool/vbox/nicole
++#port /dev/ttyI6
++#  modeminit          ATZ&B512&E7830022
++#  user                       nicole
++#  group                      users
++#  spooldir           /var/spool/vbox/nicole
+ # Settings for port ttyI7
+-port /dev/ttyI7
+-  modeminit           ATZ&B512&E7850413
+-  user                        michael
+-  group                       users
+-  spooldir            /var/spool/vbox/michael
++#port /dev/ttyI7
++#  modeminit          ATZ&B512&E7850413
++#  user                       michael
++#  group                      users
++#  spooldir           /var/spool/vbox/michael
+--- isdn4k-utils-CVS-2003-09-23/vbox/Makefile.in.redhat        2002-01-31 21:05:40.000000000 +0100
++++ isdn4k-utils-CVS-2003-09-23/vbox/Makefile.in       2003-09-30 17:44:24.000000000 +0200
+@@ -14,33 +14,33 @@
+ # [*] Program to install binaries to the sbin directory (eg vboxgetty):      #
+ #----------------------------------------------------------------------------#
+-INSTALL_SBIN  = @INSTALL@ -m 750 -o root -g root -s
++INSTALL_SBIN  = @INSTALL@ -m 750
+ #----------------------------------------------------------------------------#
+ # [*] Program to install binaries to the bin directory (eg vboxconvert):     #
+ #----------------------------------------------------------------------------#
+-INSTALL_BIN   = @INSTALL@ -m 755 -o root -g root -s
++INSTALL_BIN   = @INSTALL@ -m 755
+ #----------------------------------------------------------------------------#
+ # [*] Program to install bash scripts to the bin directory (eg vboxplay):    #
+ #----------------------------------------------------------------------------#
+-INSTALL_SHBIN = @INSTALL@ -m 755 -o root -g root
++INSTALL_SHBIN = @INSTALL@ -m 755
+ #----------------------------------------------------------------------------#
+ # [*] Program to install binaries to the bin directory and set the suid bit  #
+ #     (eg vboxbeep):                                                         #
+ #----------------------------------------------------------------------------#
+-INSTALL_UBIN  = @INSTALL@ -m 4755 -o root -g root -s
++INSTALL_UBIN  = @INSTALL@ -m 4755
+ #----------------------------------------------------------------------------#
+ # [*] Program to install configurations to sysconf directory                 #
+ #     (eg vboxgetty.conf):                                                   #
+ #----------------------------------------------------------------------------#
+-INSTALL_SYSCONF       = @INSTALL@ -m 640 -o root -g root
++INSTALL_SYSCONF       = @INSTALL@ -m 640
+ #----------------------------------------------------------------------------#
+ # [*] Program to create missing directories:                                 #
+--- isdn4k-utils-CVS-2003-09-23/xisdnload/Imakefile.redhat     1998-03-08 19:54:01.000000000 +0100
++++ isdn4k-utils-CVS-2003-09-23/xisdnload/Imakefile    2003-09-30 17:44:24.000000000 +0200
+@@ -21,7 +21,7 @@
+            OBJS = xisdnload.o
+  OSMAJORVERSION = OSMajorVersion
+  OSMINORVERSION = OSMinorVersion
+-      DEFINES = -DOSMAJORVERSION=$(OSMAJORVERSION) -DOSMINORVERSION=$(OSMINORVERSION) -DREGEX_NUMBER
++      DEFINES = -D_GNU_SOURCE -DOSMAJORVERSION=$(OSMAJORVERSION) -DOSMINORVERSION=$(OSMINORVERSION) -DREGEX_NUMBER
+ AllTarget(xisdnload)
+ NormalProgramTarget(xisdnload,$(OBJS),$(DEPLIBS),$(LOCAL_LIBRARIES),NullParameter)
+--- isdn4k-utils-CVS-2003-09-23/.config.rpm.redhat     1998-11-23 13:12:04.000000000 +0100
++++ isdn4k-utils-CVS-2003-09-23/.config.rpm    2003-09-30 17:59:55.000000000 +0200
+@@ -5,16 +5,16 @@
+ #
+ # Code maturity level options
+ #
+-CONFIG_EXPERIMENTAL=y
++# CONFIG_EXPERIMENTAL is not set
+ #
+ # General configuration
+ #
+ CONFIG_BUILDX11=y
+-CONFIG_KERNELDIR='/usr/src/linux'
++CONFIG_KERNELDIR='/usr/src/linux'
+ CONFIG_BINDIR='/usr/bin'
+-CONFIG_SBINDIR='/sbin'
+-CONFIG_MANDIR='/usr/man'
++CONFIG_SBINDIR='/usr/sbin'
++CONFIG_MANDIR='/usr/share/man'
+ CONFIG_RUNDIR='/var/run'
+ CONFIG_LOCKDIR='/var/lock'
+ CONFIG_LOCKFILE='LCK..'
+@@ -23,11 +23,9 @@
+ CONFIG_CALLERIDFILE='callerid.conf'
+ CONFIG_USERCONFFILE='~/.isdn'
+ CONFIG_COUNTRYCODE='49'
+-CONFIG_AREACODE=''
++CONFIG_AREACODE='9999'
+ CONFIG_COUNTRY_PREFIX='+'
+ CONFIG_AREA_PREFIX='0'
+-CONFIG_DATADIR='/usr/lib/isdn'
+-CONFIG_LIB_AREACODE=y
+ #
+ # Runtime configuration tools
+@@ -36,18 +34,20 @@
+ CONFIG_ISDNCTRL_CONF=y
+ CONFIG_ISDNCTRL_TIMRU=y
+ CONFIG_IPROFD=y
++CONFIG_DIVERTCTRL=y
+ #
+ # Card configuration tools
+ #
+-# CONFIG_TELESCTRL is not set
++CONFIG_TELESCTRL=y
+ CONFIG_HISAXCTRL=y
+ CONFIG_ICNCTRL=y
+ # CONFIG_ICNCTRL_DEBUG is not set
+ CONFIG_PCBITCTL=y
+ CONFIG_AVMCAPICTRL=y
++CONFIG_EICONCTRL=y
+ CONFIG_LOOPCTRL=y
+-CONFIG_LOOPCTRL_LOOPDIR='/usr/src/linux/drivers/isdn/isdnloop'
++CONFIG_LOOPCTRL_LOOPDIR='/usr/src/linux-2.4/drivers/isdn/isdnloop'
+ # CONFIG_LOOPCTRL_DEBUG is not set
+ #
+@@ -64,14 +64,20 @@
+ CONFIG_ISDNLOG_USERFILE='isdnlog.users'
+ CONFIG_ISDNLOG_CHARGEFILE='charge.dat'
+ CONFIG_ISDNLOG_LOGFILE='/var/log/isdn.log'
+-CONFIG_ISDNLOG_RELOADCMD='reload'
+-CONFIG_ISDNLOG_STOPCMD='stop'
++CONFIG_ISDNLOG_RELOADCMD='/etc/rc.d/init.d/isdn restart'
++CONFIG_ISDNLOG_STOPCMD='/etc/rc.d/init.d/isdn stop'
+ CONFIG_ISDNLOG_REBOOTCMD='/sbin/reboot'
+ CONFIG_ISDNLOG_OLDI4LCONFDIR='/etc/isdnlog'
+ CONFIG_ISDNLOG_OLDI4LCONFFILE='isdnlog.conf'
+ # CONFIG_ISDNLOG_POSTGRES is not set
+ # CONFIG_ISDNLOG_MYSQLDB is not set
++# CONFIG_ISDNLOG_ORACLE is not set
+ CONFIG_ISDN_LOG_DE=y
++CONFIG_ISDN_LOG_CC_DE=y
++CONFIG_ISDN_LOG_DEST_DE=y
++# CONFIG_ISDN_LOG_DEST_AT is not set
++# CONFIG_ISDN_LOG_DEST_NL is not set
++# CONFIG_ISDN_LOG_DEST_CH is not set
+ CONFIG_IPPPSTATS=y
+ CONFIG_XISDNLOAD=y
+ CONFIG_XMONISDN=y
+@@ -79,8 +85,8 @@
+ #
+ # Options for xmonisdn
+ #
+-CONFIG_XMONISDN_UPCMD='/sbin/netup'
+-CONFIG_XMONISDN_DOWNCMD='/sbin/netdown'
++CONFIG_XMONISDN_UPCMD='/sbin/ifup'
++CONFIG_XMONISDN_DOWNCMD='/sbin/ifdown'
+ #
+ # Applications
+@@ -94,23 +100,22 @@
+ VBOX_LOGDIR='/var/log/vbox'
+ VBOX_PIDDIR='/var/run'
+ VBOX_LOCKDIR='/var/lock'
+-VBOX_DOCDIR='/usr/doc/vbox'
+-VBOX_TCL='tcl8.0'
++VBOX_DOCDIR='/usr/share/doc/vbox'
++VBOX_TCL='tcl8.3'
++# VBOX_SUSPEND_ID is not set
+ CONFIG_IPPPD=y
+ #
+ # Options for ipppd
+ #
+-CONFIG_IPPPD_MSCHAP=y
++# CONFIG_IPPPD_MSCHAP is not set
++CONFIG_IPPP_FILTER=y
+ # CONFIG_IPPPD_RADIUS is not set
+ # CONFIG_RADIUS_WTMP_LOGGING is not set
+ RADIUS_CLIENT_CONFIG_FILE=''
+ CONFIG_CAPIFAX=y
+ CONFIG_RCAPID=y
+-#
+-# Documentation
+-#
+-CONFIG_GENMAN=y
+-CONFIG_FAQ=y
+-CONFIG_FAQDIR='/usr/doc/faq/isdn4linux'
++# CAPI plugins
++CONFIG_PPPDCAPIPLUGIN=y
++
+--- isdn4k-utils-CVS-2003-09-23/ipppd/ccp.c.redhat     2000-11-12 17:06:42.000000000 +0100
++++ isdn4k-utils-CVS-2003-09-23/ipppd/ccp.c    2004-01-20 19:14:07.000000000 +0100
+@@ -41,7 +41,7 @@
+ #include "compressions.h"
+-#if 0
++#if HAVE_LZSCOMP_H
+ #include <linux/isdn_lzscomp.h>
+ #else
+ #include "../ipppcomp/isdn_lzscomp.h"
+--- isdn4k-utils-CVS-2004-11-18/pppdcapiplugin/Makefile.redhat 2004-02-14 16:02:46.000000000 +0100
++++ isdn4k-utils-CVS-2004-11-18/pppdcapiplugin/Makefile        2004-11-18 16:48:54.848276370 +0100
+@@ -12,13 +12,13 @@
+ export CAPIINC=$(TOPDIR)/../capi20
+ export CAPILIB=$(TOPDIR)/../capi20
+ export INSTALL=$(TOPDIR)/install-sh -c
+-export INSTALLDATA=$(TOPDIR)/install-sh -c -o root -m 600
++export INSTALLDATA=$(TOPDIR)/install-sh -c -m 600
+ export MKDIR=$(TOPDIR)/mkinstalldirs
+ PPPSRCDIRS=/src/isdn/pppd
+ ifeq ($(PPPVERSIONS),)
+-PPPVERSIONS = 2.3.11 2.4.0 2.4.1 2.4.1b1 2.4.1b2 2.4.2b3 2.4.2 2.4.3
++PPPVERSIONS = 2.4.3
+ endif
+ PEERDIR=${DESTDIR}/etc/ppp/peers/isdn
+@@ -62,7 +62,7 @@
+       done
+ install-man:
+-      for i in ${DESTDIR}/usr/share/man ${DESTDIR}/usr/man; do \
++      for i in ${DESTDIR}/usr/share/man ; do \
+               if [ -d $$i/man8 ] ; then \
+                       echo $(INSTALLDATA) capiplugin.8 $$i/man8; \
+                       $(INSTALLDATA) capiplugin.8 $$i/man8; \
+--- isdn4k-utils-CVS-2004-11-18/Makefile.redhat        2004-08-30 16:06:42.000000000 +0200
++++ isdn4k-utils-CVS-2004-11-18/Makefile       2004-12-01 22:19:13.193347501 +0100
+@@ -16,8 +16,8 @@
+ # Following line is important for lib and isdnlog (sl).
+ export ROOTDIR=$(shell pwd)
+-ifeq (.config,$(wildcard .config))
+-include .config
++ifeq (.config.h,$(wildcard .config.h))
++include .config.h
+ do-it-all:      subtargets
+ else
+ CONFIGURATION = config
+@@ -130,16 +130,10 @@
+               exit 1; \
+       fi
+-install: rootperm
++install:
+       set -e; for i in `echo $(SUBDIRS)`; do $(MAKE) -C $$i install; done
+-      @if [ -c $(DESTDIR)/dev/isdnctrl0 ] && ls -l $(DESTDIR)/dev/isdnctrl0 | egrep "[[:space:]]45,[[:space:]]+64[[:space:]]" > /dev/null; \
+-      then \
+-              /bin/echo -e '(some) ISDN devices already exist, not creating them.\nUse scripts/makedev.sh manually if necessary.'; \
+-      else \
+-              sh scripts/makedev.sh $(DESTDIR) ; \
+-      fi
+-uninstall: rootperm
++uninstall:
+       set -e; for i in `echo $(SUBDIRS)`; do $(MAKE) -C $$i uninstall; done
+ #
+@@ -202,7 +196,7 @@
+       @set -e; for i in `echo $(BUILD_ONLY) $(SUBDIRS)`; do \
+               if [ -x $$i/configure ] ; then \
+                       /bin/echo -e "\nRunning configure in $$i ...\n"; sleep 1; \
+-                      (cd $$i; ./configure --sbindir=$(CONFIG_SBINDIR) --bindir=$(CONFIG_BINDIR) --mandir=$(CONFIG_MANDIR) --datadir=$(CONFIG_DATADIR) || $(MAKE) -C ../ ERRDIR=$$i cfgerror); \
++                      (cd $$i; ./configure --sbindir=$(CONFIG_SBINDIR) --bindir=$(CONFIG_BINDIR) --mandir=$(CONFIG_MANDIR) --libdir=$(LIBDIR) --datadir=$(CONFIG_DATADIR) --enable-ippp-filter || $(MAKE) -C ../ ERRDIR=$$i cfgerror); \
+               elif [ -f $$i/Makefile.in ] ; then \
+                       /bin/echo -e "\nRunning make -f Makefile.in config in $$i ...\n"; sleep 1; \
+                       $(MAKE) -C $$i -f Makefile.in config; \
+--- isdn4k-utils-CVS-2005-02-16/ipppd/Makefile.in.redhat       2004-08-30 16:56:36.000000000 +0200
++++ isdn4k-utils-CVS-2005-02-16/ipppd/Makefile.in      2005-02-16 18:42:54.119955183 +0100
+@@ -15,10 +15,10 @@
+ MANDIR        := @CONFIG_MANDIR@
+ CC            := @CC@
+ INSTALL       := @INSTALL@
+-INSTALL_DIR   := $(INSTALL) -m 0755 -o 0 -g 0 -d
+-INSTALL_SBIN  := $(INSTALL) -m 0700 -o 0 -g 0
+-INSTALL_BIN   := $(INSTALL) -m 0755 -o 0 -g 0
+-INSTALL_DATA  := $(INSTALL) -m 0644 -o 0 -g 0
++INSTALL_DIR   := $(INSTALL) -m 0755 -d
++INSTALL_SBIN  := $(INSTALL) -m 0700 
++INSTALL_BIN   := $(INSTALL) -m 0755
++INSTALL_DATA  := $(INSTALL) -m 0644
+ RADIUS_CLIENT_CONFIG_FILE := @RADIUS_CLIENT_CONFIG_FILE@
+ ifeq (@CONFIG_IPPPD_MSCHAP@,y)
+@@ -73,7 +73,7 @@
+ DEBUG_FLAGS   = @CONFIG_IPPPD_DEBUGFLAGS@
+ COMPILE_FLAGS = 
+-CFLAGS        = -O2 -fomit-frame-pointer -Wall
++CFLAGS        = $(RPM_OPT_FLAGS)
+ VER           = 2.2.0
+ # it's a hack
+--- isdn4k-utils-CVS-2005-02-16/isdnlog/tools/Makefile.cflags  2005-02-16 18:53:15.393382578 +0100
++++ isdn4k-utils-CVS-2005-02-16/isdnlog/tools/Makefile 2005-02-16 18:53:51.914999474 +0100
+@@ -1,4 +1,4 @@
+-CC=gcc -m486 -O2 -Wall -DSTANDALONE -I. -I.. -I../isdnlog -I../connect -I../../lib
++CC=gcc $(RPM_OPT_FLAGS) -DSTANDALONE -I. -I.. -I../isdnlog -I../connect -I../../lib
+ #CC=gcc -m486 -O2 -g -pg -Wall -DSTANDALONE -I. -I.. -I../isdnlog
+ all: rate-at
+--- isdn4k-utils-CVS-2005-02-16/lib/Makefile.cflags    2005-02-16 19:04:04.338731270 +0100
++++ isdn4k-utils-CVS-2005-02-16/lib/Makefile   2005-02-16 19:04:24.150811068 +0100
+@@ -28,7 +28,7 @@
+ # USER CONFIGURATION AREA
+ ######################################################################
+-CFLAGS      = -g -Wall -pipe #-O6
++CFLAGS      = $(RPM_OPT_FLAGS)
+ DEFS        =
+ ifndef _CC
+ export _CC  = gcc
diff --git a/src/patches/isdn4k-utils-capiinit.patch b/src/patches/isdn4k-utils-capiinit.patch
new file mode 100644 (file)
index 0000000..7593d07
--- /dev/null
+++ b/src/patches/isdn4k-utils-capiinit.patch
@@ -0,0 +1,41 @@
+--- isdn4k-utils.orig/capiinit/capiinit.c      2006-04-18 19:27:03.689945766 +0200
++++ isdn4k-utils/capiinit/capiinit.c   2006-04-18 19:36:53.130636890 +0200
+@@ -1251,6 +1251,7 @@
+       if (check_procfs() < 0) return -1;
+       if (check_for_kernelcapi() < 0) return -1;
+       if (check_for_capi() < 0) return -1;
++      sleep(5); /* wait until the device node is created successfully by udev */
+       if (check_for_devcapi() < 0) return -1;
+       if (check_for_capifs() < 0) return 0; /* only warning */
+       if (check_for_capifs_mounted() < 0) return -1;
+--- isdn4k-utils.orig/capiinit/capi.conf       2006-04-18 19:37:43.515250539 +0200
++++ isdn4k-utils/capiinit/capi.conf    2006-04-18 19:37:53.953559630 +0200
+@@ -1,10 +1,10 @@
+ # card                file    proto   io      irq     mem     cardnr  options
+ #b1isa                b1.t4   DSS1    0x150   7       -       -       P2P
+-b1pci         b1.t4   DSS1    -       -       -       -
+-c4            c4.bin  DSS1    -       -       -       -
+-c4            -       DSS1    -       -       -       -
+-c4            -       DSS1    -       -       -       -       P2P
+-c4            -       DSS1    -       -       -       -       P2P
++#b1pci                b1.t4   DSS1    -       -       -       -
++#c4           c4.bin  DSS1    -       -       -       -
++#c4           -       DSS1    -       -       -       -
++#c4           -       DSS1    -       -       -       -       P2P
++#c4           -       DSS1    -       -       -       -       P2P
+ #c2           c2.bin  DSS1    -       -       -       -
+ #c2           -       DSS1    -       -       -       -
+ #t1isa                t1.t4   DSS1    0x340   9       -       0
+--- isdn4k-utils-CVS-2003-09-23/capiinit/capiinit.c.capi       2006-04-18 20:53:22.437430551 +0200
++++ isdn4k-utils-CVS-2003-09-23/capiinit/capiinit.c    2006-04-19 11:50:56.385891286 +0200
+@@ -1495,8 +1496,8 @@
+               unload_module("capiutil");
+               if ((mp = mounted("capifs")) != 0 && strcmp(mp, "/dev/capi") == 0)
+                       system("umount /dev/capi");
+-              if (filesystem_available("capifs"))
+-                      unload_filesystem("capifs");
++              /*if (filesystem_available("capifs"))
++                      unload_filesystem("capifs"); */
+       }
+       if (cardname && cname[0] == 0) {
+               fprintf(stderr,"ERROR: card \"%s\"  not found\n", cardname);
diff --git a/src/patches/isdn4k-utils-statfs.patch b/src/patches/isdn4k-utils-statfs.patch
new file mode 100644 (file)
index 0000000..7c6b2c3
--- /dev/null
+++ b/src/patches/isdn4k-utils-statfs.patch
@@ -0,0 +1,84 @@
+--- isdn4k-utils-CVS-2005-03-09/vbox/src/vboxgetty.c.old       2000-11-30 16:35:20.000000000 +0100
++++ isdn4k-utils-CVS-2005-03-09/vbox/src/vboxgetty.c   2005-04-20 16:30:31.000000000 +0200
+@@ -434,7 +434,7 @@
+ static int check_spool_space(unsigned long need)
+ {
+       struct statfs stat;
+-      unsigned long have;
++      unsigned long long have;
+       log(L_DEBUG, "Checking free space on \"%s\"...\n", setup.spool);
+@@ -449,7 +449,7 @@
+       {
+               have = (stat.f_bfree * stat.f_bsize);
+-              log_line(L_JUNK, "%ld bytes available; %ld bytes needed... ", have, need);
++              log_line(L_JUNK, "%lld bytes available; %ld bytes needed... ", have, need);
+               if (have >= need)
+               {
+--- isdn4k-utils-CVS-2005-03-09/eurofile/src/wuauth/extensions.h.old   2005-04-20 16:35:37.000000000 +0200
++++ isdn4k-utils-CVS-2005-03-09/eurofile/src/wuauth/extensions.h       2005-04-20 16:37:02.000000000 +0200
+@@ -42,3 +42,8 @@
+ #define ARG8    entry->arg[8]
+ #define ARG9    entry->arg[9]
+ #define ARG     entry->arg
++
++#if defined(HAVE_STATVFS) || defined(HAVE_SYS_VFS) || defined (HAVE_SYS_MOUNT)
++unsigned long long getSize(s);
++#endif
++
+--- isdn4k-utils-CVS-2005-03-09/eurofile/src/wuauth/extensions.c.old   2005-04-20 16:20:17.000000000 +0200
++++ isdn4k-utils-CVS-2005-03-09/eurofile/src/wuauth/extensions.c       2005-04-20 16:24:56.000000000 +0200
+@@ -154,7 +154,7 @@
+ }
+ #if defined(HAVE_STATVFS)
+-int getSize(s)
++unsigned long long getSize(s)
+ char *s;
+ {
+     int c;
+@@ -163,10 +163,10 @@
+     if (( c = statvfs(s, &buf)) != 0)
+         return(0);
+-    return(buf.f_bavail * buf.f_frsize / 1024);
++    return((unsigned long long)(buf.f_bavail * buf.f_frsize / 1024));
+ }
+ #elif defined(HAVE_SYS_VFS) || defined (HAVE_SYS_MOUNT)
+-int getSize(s)
++unsigned long long getSize(s)
+ char *s;
+ {
+     int c;
+@@ -175,7 +175,7 @@
+     if (( c = statfs(s, &buf)) != 0)
+         return(0);
+-    return(buf.f_bavail * buf.f_bsize / 1024);
++    return((unsigned long long)(buf.f_bavail * buf.f_bsize / 1024));
+ }
+ #endif
+@@ -236,7 +236,7 @@
+             case 'F':
+ #if defined(HAVE_STATVFS) || defined(HAVE_SYS_VFS) || defined(HAVE_SYS_MOUNT)
+-                sprintf(outptr, "%lu", getSize("."));
++                sprintf(outptr, "%llu",(unsigned long long)getSize("."));
+ #endif
+                 break;
+--- isdn4k-utils-CVS-2005-03-09/eurofile/src/wuauth/divfunc.c.old      2001-03-01 15:59:14.000000000 +0100
++++ isdn4k-utils-CVS-2005-03-09/eurofile/src/wuauth/divfunc.c  2005-04-20 16:34:26.000000000 +0200
+@@ -121,7 +121,7 @@
+             case 'F':
+ #if defined(HAVE_STATVFS) || defined(HAVE_SYS_VFS) || defined(HAVE_SYS_MOUNT)
+-                sprintf(outptr, "%lu", getSize("."));
++                sprintf(outptr, "%llu",(unsigned long long)getSize("."));
+ #endif
+                 break;
diff --git a/src/patches/isdn4k-utils-v3.2p1-c89.patch b/src/patches/isdn4k-utils-v3.2p1-c89.patch
deleted file mode 100644 (file)
index e5c0f87..0000000
--- a/src/patches/isdn4k-utils-v3.2p1-c89.patch
+++ /dev/null
@@ -1,69 +0,0 @@
-# --- ROCK-COPYRIGHT-NOTE-BEGIN ---
-# 
-# This copyright note is auto-generated by ./scripts/Create-CopyPatch.
-# Please add additional copyright information _after_ the line containing
-# the ROCK-COPYRIGHT-NOTE-END tag. Otherwise it might get removed by
-# the ./scripts/Create-CopyPatch script. Do not edit this copyright text!
-# 
-# ROCK Linux: rock-src/package/base/isdn4k-utils/multi-line-strings.patch
-# ROCK Linux is Copyright (C) 1998 - 2003 Clifford Wolf
-# 
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 2 of the License, or
-# (at your option) any later version. A copy of the GNU General Public
-# License can be found at Documentation/COPYING.
-# 
-# Many people helped and are helping developing ROCK Linux. Please
-# have a look at http://www.rocklinux.org/ and the Documentation/TEAM
-# file for details.
-# 
-# --- ROCK-COPYRIGHT-NOTE-END ---
-
-diff -urN -x '*~' isdn4k-utils/ipppd/options.c isdn4k-utils-gcc-3.3.1/ipppd/options.c
---- isdn4k-utils-old/ipppd/options.c   2002-07-06 02:34:08.000000000 +0200
-+++ isdn4k-utils-new/ipppd/options.c   2003-08-19 22:36:18.000000000 +0200
-@@ -479,26 +479,25 @@
- #define IMPLEMENTATION ""
- #endif
--static char *usage_string = "\
--ipppd version %s patch level %d%s\n\
--Usage: %s [ options ], where options are:\n\
--\t<device>    Communicate over the named device\n\
-+static char *usage_string = ""
-+"ipppd version %s patch level %d%s\n"
-+"Usage: %s [ options ], where options are:\n"
-+"\t<device>   Communicate over the named device\n"
- #ifdef INCLUDE_OBSOLETE_FEATURES
--\tcrtscts             Use hardware RTS/CTS flow control\n\
--\t<speed>             Set the baud rate to <speed>\n\
--\tmodem               Use modem control lines\n\
-+"\tcrtscts            Use hardware RTS/CTS flow control\n"
-+"\t<speed>            Set the baud rate to <speed>\n"
-+"\tmodem              Use modem control lines\n"
- #endif
--\t<loc>:<rem> Set the local and/or remote interface IP\n\
--\t\taddresses.  (you also may use the option 'useifip' to get IPs).\n\
--\tasyncmap <n>        Set the desired async map to hex <n>\n\
--\tauth                Require authentication from peer\n\
--\tconnect <p>     Invoke shell command <p> to set up the serial line\n\
--\tdefaultroute        Add default route through interface\n\
--\tfile <f>    Take options from file <f>\n\
--\tmru <n>             Set MRU value to <n> for negotiation\n\
--\tnetmask <n> Set interface netmask to <n>\n\
--See ipppd(8) for more options.\n\
--";
-+"\t<loc>:<rem>        Set the local and/or remote interface IP\n"
-+"\t\taddresses.  (you also may use the option 'useifip' to get IPs).\n"
-+"\tasyncmap <n>       Set the desired async map to hex <n>\n"
-+"\tauth               Require authentication from peer\n"
-+"\tconnect <p>     Invoke shell command <p> to set up the serial line\n"
-+"\tdefaultroute       Add default route through interface\n"
-+"\tfile <f>   Take options from file <f>\n"
-+"\tmru <n>            Set MRU value to <n> for negotiation\n"
-+"\tnetmask <n>        Set interface netmask to <n>\n"
-+"See ipppd(8) for more options.\n";
- static char *current_option;   /* the name of the option being parsed */
diff --git a/src/patches/isdn4k-utils-v3.2p1-config.patch b/src/patches/isdn4k-utils-v3.2p1-config.patch
deleted file mode 100644 (file)
index 4bdec44..0000000
--- a/src/patches/isdn4k-utils-v3.2p1-config.patch
+++ /dev/null
@@ -1,96 +0,0 @@
-diff -ruN isdn4k-utils.old/.config isdn4k-utils/.config
---- isdn4k-utils.old/.config   Thu Jan  1 01:00:00 1970
-+++ isdn4k-utils/.config       Mon Dec  1 13:47:00 2003
-@@ -0,0 +1,92 @@
-+#
-+# Automatically generated by make menuconfig: don't edit
-+#
-+
-+#
-+# Code maturity level options
-+#
-+CONFIG_EXPERIMENTAL=y
-+
-+#
-+# General configuration
-+#
-+# CONFIG_BUILDX11 is not set
-+CONFIG_KERNELDIR='/usr/src/linux'
-+CONFIG_BINDIR='/usr/bin'
-+CONFIG_SBINDIR='/usr/sbin'
-+CONFIG_MANDIR='/usr/share/man'
-+CONFIG_RUNDIR='/var/run'
-+CONFIG_LOCKDIR='/var/lock'
-+CONFIG_LOCKFILE='LCK..'
-+CONFIG_I4LCONFDIR='/etc/isdn'
-+CONFIG_CONFFILE='isdn.conf'
-+CONFIG_CALLERIDFILE='callerid.conf'
-+CONFIG_USERCONFFILE=''
-+CONFIG_COUNTRYCODE=''
-+CONFIG_AREACODE=''
-+CONFIG_COUNTRY_PREFIX='+'
-+CONFIG_AREA_PREFIX='0'
-+CONFIG_DATADIR='/usr/lib/isdn'
-+
-+#
-+# Runtime configuration tools
-+#
-+CONFIG_ISDNCTRL=y
-+CONFIG_ISDNCTRL_CONF=y
-+# CONFIG_ISDNCTRL_TIMRU is not set
-+# CONFIG_ISDNCTRL_DWABC_UDP_INFO is not set
-+# CONFIG_IPROFD is not set
-+# CONFIG_DIVERTCTRL is not set
-+
-+#
-+# Card configuration tools
-+#
-+CONFIG_HISAXCTRL=y
-+CONFIG_ICNCTRL=y
-+# CONFIG_ICNCTRL_DEBUG is not set
-+CONFIG_PCBITCTL=y
-+#CONFIG_AVMCAPICTRL is not set
-+CONFIG_EICONCTRL=y
-+# CONFIG_LOOPCTRL is not set
-+
-+#
-+# Tools for monitoring activity
-+#
-+# CONFIG_IMON is not set
-+# CONFIG_IMONTTY is not set
-+# CONFIG_ISDNLOG is not set
-+# CONFIG_IPPPSTATS is not set
-+# CONFIG_XISDNLOAD is not set
-+# CONFIG_XMONISDN is not set
-+
-+#
-+# Applications
-+#
-+# CONFIG_VBOX is not set
-+CONFIG_IPPPD=y
-+
-+#
-+# Options for ipppd
-+#
-+CONFIG_IPPPD_MSCHAP=y
-+CONFIG_IPPP_FILTER=y
-+# CONFIG_IPPPD_RADIUS is not set
-+# CONFIG_RADIUS_WTMP_LOGGING is not set
-+RADIUS_CLIENT_CONFIG_FILE=''
-+# CONFIG_CAPIFAX is not set
-+# CONFIG_RCAPID is not set
-+# CONFIG_PPPDCAPIPLUGIN is not set
-+# CONFIG_EUROFILE is not set
-+
-+#
-+# Options for eurofile
-+#
-+# CONFIG_EFTD is not set
-+# CONFIG_EFTP is not set
-+# CONFIG_EFT_INSTALL_CONF is not set
-+
-+#
-+# Documentation
-+#
-+CONFIG_GENMAN=y
-+# CONFIG_FAQ is not set
diff --git a/src/scripts/vpn-watch b/src/scripts/vpn-watch
index 70345dbccbaac77832875433661f014a5c431940..8bd75215755ebae00a885e66439fd40d7010a718 100755 (executable)
--- a/src/scripts/vpn-watch
+++ b/src/scripts/vpn-watch
@@ -1,181 +1,239 @@
-#!/bin/sh
-# IPsec startup and shutdown script
-# Copyright (C) 1998, 1999, 2001  Henry Spencer.
-# Copyright (C) 2002              Michael Richardson <mcr@freeswan.org>
+#!/bin/sh 
+################################################## 
+#####     VPN-Watch.sh     Version 1.6.3     ##### 
+################################################## 
+
+# This program is free software; you can redistribute it and/or modify 
+# it under the terms of the GNU General Public License as published by 
+# the Free Software Foundation; either version 2, or (at your option) 
+# any later version. 
 # 
 # 
-# This program is free software; you can redistribute it and/or modify it
-# under the terms of the GNU General Public License as published by the
-# Free Software Foundation; either version 2 of the License, or (at your
-# option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+# This program is distributed in the hope that it will be useful, 
+# but WITHOUT ANY WARRANTY; without even the implied warranty of 
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the 
+# GNU General Public License for more details. 
+
+# Written by: Daniel Berlin <daniel.berlin@itechnology.de>. 
+# Download: http://www.itechnology.de/front_content.php?idcat=87 
+# 
+
+# changed by: Rüdiger Sobeck 
+# last changed: 31-01-2006 
+
+# Configuration 
 # 
 # 
-# This program is distributed in the hope that it will be useful, but
-# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-# or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
-# for more details.
-#
-# RCSID $Id: setup.in,v 1.122.6.3 2006/10/26 23:54:32 paul Exp $
-#
-# ipsec         init.d script for starting and stopping
-#               the IPsec security subsystem (KLIPS and Pluto).
-#
-# This script becomes /etc/rc.d/init.d/ipsec (or possibly /etc/init.d/ipsec)
-# and is also accessible as "ipsec setup" (the preferred route for human
-# invocation).
-#
-# The startup and shutdown times are a difficult compromise (in particular,
-# it is almost impossible to reconcile them with the insanely early/late
-# times of NFS filesystem startup/shutdown).  Startup is after startup of
-# syslog and pcmcia support; shutdown is just before shutdown of syslog.
-#
-# chkconfig: 2345 47 76
-# description: IPsec provides encrypted and authenticated communications; \
-# KLIPS is the kernel half of it, Pluto is the user-level management daemon.
-
-me='ipsec setup'               # for messages
-
-# where the private directory and the config files are
-IPSEC_EXECDIR="${IPSEC_EXECDIR-/usr/libexec/ipsec}"
-IPSEC_LIBDIR="${IPSEC_LIBDIR-/usr/lib/ipsec}"
-IPSEC_SBINDIR="${IPSEC_SBINDIR-/usr/sbin}"
-IPSEC_CONFS="${IPSEC_CONFS-/etc}"
-
-if test " $IPSEC_DIR" = " "    # if we were not called by the ipsec command
-then
-    # we must establish a suitable PATH ourselves
-    PATH="${IPSEC_SBINDIR}":/sbin:/usr/sbin:/usr/local/bin:/bin:/usr/bin
-    export PATH
-
-    IPSEC_DIR="$IPSEC_LIBDIR"
-    export IPSEC_DIR IPSEC_CONFS IPSEC_LIBDIR IPSEC_EXECDIR
-fi
-
-# Check that the ipsec command is available.
-found=
-for dir in `echo $PATH | tr ':' ' '`
-do
-       if test -f $dir/ipsec -a -x $dir/ipsec
-       then
-               found=yes
-               break                   # NOTE BREAK OUT
-       fi
-done
-if ! test "$found"
-then
-       echo "cannot find ipsec command -- \`$1' aborted" |
-               logger -s -p daemon.error -t ipsec_setup
-       exit 1
-fi
-
-# accept a few flags
-
-export IPSEC_setupflags
-IPSEC_setupflags=""
-
-config=""
-
-for dummy
-do
-       case "$1" in
-       --showonly|--show)  IPSEC_setupflags="$1" ;;
-       --config)  config="--config $2" ; shift ;;
-       *) break ;;
-       esac
-       shift
-done
-
-
-# Pick up IPsec configuration (until we have done this, successfully, we
-# do not know where errors should go, hence the explicit "daemon.error"s.)
-# Note the "--export", which exports the variables created.
-eval `ipsec _confread $config --optional --varprefix IPSEC --export --type config setup`
-
-if test " $IPSEC_confreadstatus" != " "
-then
-    case $1 in 
-    stop|--stop|_autostop) 
-       echo "$IPSEC_confreadstatus -- \`$1' may not work" |
-               logger -s -p daemon.error -t ipsec_setup;;
-               
-    *) echo "$IPSEC_confreadstatus -- \`$1' aborted" |
-           logger -s -p daemon.error -t ipsec_setup;
-       exit 1;;
-    esac
-fi
-
-IPSEC_confreadsection=${IPSEC_confreadsection:-setup}
-export IPSEC_confreadsection
-
-IPSECsyslog=${IPSECsyslog-daemon.error}
-export IPSECsyslog
-
-# misc setup
-umask 022
-
-mkdir -p /var/run/pluto
-
-
-# do it
-case "$1" in
-  start|--start|stop|--stop|_autostop|_autostart)
-  wanttodo=$1
-       if test " `id -u`" != " 0"
-       then
-               echo "permission denied (must be superuser)" |
-                       logger -s -p $IPSECsyslog -t ipsec_setup 2>&1
-               exit 1
-       fi
-       tmp=/var/run/pluto/ipsec_setup.st
-       outtmp=/var/run/pluto/ipsec_setup.out
-       (
-               ipsec _realsetup $1
-               echo "$?" >$tmp
-       ) > ${outtmp} 2>&1
-       st=$?
-       if test -f $tmp
-       then
-               st=`cat $tmp`
-               rm -f $tmp
-       fi
-       if [ -f ${outtmp} ]; then
-               cat ${outtmp} | logger -s -p $IPSECsyslog -t ipsec_setup 2>&1
-               rm -f ${outtmp}
-       fi
-       if [ "$wanttodo" = "start" -o "$wanttodo" = "--start" -o "$wanttodo" = "_autostart" ]; then
-               sleep 20 && chown root:nobody  /var/run/pluto -R && chmod 770 /var/run/pluto -R && ln -f /var/run/pluto/pluto.pid /var/run/pluto.pid 2>&1 &
-       fi
-       exit $st
-       ;;
-
-  restart|--restart|force-reload)
-       $0 $IPSEC_setupflags stop
-       $0 $IPSEC_setupflags start
-       ;;
-
-  _autorestart)                        # for internal use only
-       $0 $IPSEC_setupflags _autostop
-       $0 $IPSEC_setupflags _autostart
-       ;;
-
-  status|--status)
-       ipsec _realsetup $1
-       exit
-       ;;
-
-  --version)
-       echo "$me $IPSEC_VERSION"
-       exit 0
-       ;;
-
-  --help)
-       echo "Usage: $me [ --showonly ] {--start|--stop|--restart}"
-       echo "       $me --status"
-       exit 0
-       ;;
-
-  *)
-       echo "Usage: $me [ --showonly ] {--start|--stop|--restart}"
-       echo "       $me --status"
-       exit 2
-esac
-
-exit 0
+CHECK_INTERVAL='120'            # Check this often (in seconds) 
+DNS_RESOLVE_TRIES='3'            # Try to resolve IPs this often (each try takes max. 2 seconds) 
+NICENESS='+5'               # Adjust niceness of child processes: '-20' ... '+19'; '0' is default 
+ipfire_VPN_CONFIG='/var/ipfire/vpn/config'   # Location of ipfire's vpn configuration file 
+ipfire_VPN_SETTINGS='/var/ipfire/vpn/settings'    # Location of ipfire's vpn settings file 
+VERSION='1.6.3' 
+
+# Workaround for nonexistent "nl" command on ipfire 1.4.x 
+nl --help >/dev/null 2>&1 
+if test $? -ne 0; then 
+    alias nl='cat' 
+fi 
+
+MyHost=`grep VPN_IP /var/ipfire/vpn/settings |  cut --delimiter='=' --output-delimiter=' ' -f2` 
+MyIP=`cat /var/ipfire/red/local-ipaddress` 
+MyDynDnsIP=`ping -c 1 "$1" 2>/dev/null | head -n1 | awk '{print $3}' | tr -d '()' | tr -d ':'` 
+
+case "$1" in 
+   'start' | '--start') 
+      if test ! -r "$ipfire_VPN_CONFIG"; then 
+         echo 'Error: cannot read ipfire VPN configuration file; exit.' >&2 
+         exit 1 
+      fi 
+
+      mknod -m 0660 "/var/run/$(basename $0)" p >/dev/null 2>&1   # Create pipe for status-information 
+
+      # Read VPN configuration and fork a child process for each VPN connection 
+      # 
+      while read line; do 
+         VPN=($(echo $line | cut --delimiter=',' --output-delimiter=' ' -f1,2,3,5,6,12))   # 
+                        CONNR=${VPN[0]}                             # connection number 
+                        CONACTIVE=${VPN[1]}                        # active (on|off) 
+                        CONNAME=${VPN[2]}                        # connection name 
+                        CONTYPE=${VPN[3]}                        # connection type (host|net) 
+                        CONCERTPSK=${VPN[4]}                        # key type (cert|psk) 
+                        CONDNSNAME=${VPN[5]}                        # FQDN name of other side 
+                        
+         echo -n "${CONACTIVE}" | grep -qi '^off$' && continue            # Ignore: deactivated connections 
+         echo -n "${CONTYPE}" | grep -qi '^host$' && continue            # Ignore: Roadwarriors (->DPD) 
+#         echo -n "${VPN[1]}${MyHost}" | grep -q '^[[:digit:]\.]\+$' && continue      # Ignore: "left" and "right" side set to an IP 
+
+         $0 'conn:' "${CONNAME}" "${MyHost}" "${CONDNSNAME}" "${CONNR}" >/dev/null 2>&1 &      # Fork child process (parameters: "conn: NAME LEFT RIGHT NUMBER") 
+         echo -n 'S' 
+      done < "$ipfire_VPN_CONFIG" 
+      echo Â"ÂStarte VPN-Watch" 
+      exit 0                                          # Parent dies here... RIP 
+      ;; 
+   'stop' | '--stop') 
+      # Terminate processes 
+      for proc in $(pidof -x -o %PPID $(basename $0)); do 
+         kill -15 $proc 
+         echo -n 'T' 
+      done 
+      sleep 1 
+      # Kill remaining processes 
+      for proc in $(pidof -x -o %PPID $(basename $0)); do 
+         kill -9 $proc
+         echo -n 'K' 
+      done 
+      rm -f "/var/run/$(basename $0)"                        # Remove pipe 
+      echo "Stoppe VPN-Watch"
+      exit 0 
+      ;; 
+   'restart' | '--restart') 
+      $0 stop 
+      $0 start 
+      exit 0 
+      ;; 
+   'status' | '--status') 
+      echo "VPN-Watch ${VERSION}  (mail: daniel@itechnology.de, web: www.itechnology.de/vpn-watch)" 
+      if ps --no-heading axw | grep -v 'grep' | grep -q "$(basename $0) conn: "; then 
+         trap '' USR1 
+         killall -q -g -s USR1 -- $(basename $0) 
+         sleep 1 
+         cat "/var/run/$(basename $0)" | sort | nl            # Read children's info from pipe 
+      else 
+         echo '     no instances running.' 
+      fi 
+      exit 0 
+      ;; 
+   'conn:') 
+      # Children proceed here... 
+      renice ${NICENESS:-0} -p $$ >/dev/null 2>&1               # Adjust niceness 
+      shift                              # Remove the first positional parameter ("conn:"), as we don't need it anymore 
+      ;; 
+   *) 
+      echo "Usage: $0 { start | stop | restart | status }" >&2 
+      exit 1 
+      ;; 
+esac 
+
+# Logging, signal handlers 
+# 
+alias log="logger -t '$(basename $0 | cut -d '.' -f 1) ${VERSION}' \(${1}\)" 
+trap 'log "terminated after ${RESTART_COUNT} restarts."' EXIT 
+trap 'echo "connection \"${1}\" restarted ${RESTART_COUNT} times" >>/var/run/$(basename $0)' USR1 
+
+log "started" 
+
+# Get IP of a FQDN... using 'arp', 'traceroute' or 'ping', 
+#  because ipfire has no 'nslookup', 'host' or 'dig' command. 
+# 
+function get_ip () { 
+   local RESULT='' 
+   for ((i=1; ${i} <= ${DNS_RESOLVE_TRIES}; i++)); do 
+      if which arp >/dev/null 2>&1; then 
+         RESULT=$(arp "$1" 2>/dev/null | awk '{ print $2 }' | tr -d '()') 
+      elif which traceroute >/dev/null 2>&1; then 
+         RESULT=$(traceroute -m1 -q1 "$1" 2>/dev/null | head -n1 | awk '{ print $4 }' | tr -d '(),') 
+      else 
+         RESULT=$(ping -c 1 "$1" 2>/dev/null | head -n1 | awk '{print $3}' | tr -d '()' | tr -d ':') 
+      fi 
+      test -n "$RESULT" && break 
+   done 
+   test -z "$RESULT" && log "Warning: could not resolve ${1} after ${DNS_RESOLVE_TRIES} tries..." 
+   echo -n "$RESULT" 
+} 
+
+function get_tunnelip () { 
+   file=/var/tmp/$1.remoteip 
+   local TRESULT='' 
+   TVPN=`grep "$1" /var/ipfire/vpn/config| awk 'BEGIN{FS=","}{print $2}'` 
+   DYNHOST=`grep "$1" /var/ipfire/vpn/config| awk 'BEGIN{FS=","}{print $12}'` 
+   CONNR=`grep "$1" /var/ipfire/vpn/config| awk 'BEGIN{FS=","}{print $1}'` 
+   REMOTEIP=`/usr/bin/ping -c 1 "$DYNHOST" 2>/dev/null | head -n1 | awk '{print $3}' | tr -d '()' | tr -d ':'` 
+   if ! test -f $file; then 
+      cat $REMOTEIP > $file 
+   fi 
+   OLDIP=`cat $file` 
+   TUNIP=`ipsec whack --status | grep "$1"` 
+   if [ "$TUNIP" != "" ]; then 
+      TUNIP=`ipsec whack --status | grep "$1" | awk 'BEGIN{FS="["}{print $2}' | awk 'BEGIN{FS="---"}{print $3}'` 
+      log "currently used tunnel IP = $TUNIP, current remote IP = $REMOTEIP" 
+      echo $REMOTEIP > $file 
+      TRESULT=${TUNIP} 
+   fi 
+
+   test -n "$TRESULT" && break 
+   test -z "$TRESULT" && log "Warning: could not retrieve last used VPN tunnel IP..." 
+   echo -n "$TRESULT" 
+} 
+
+# Restarts a VPN connection 
+# 
+function restart_vpn () { 
+   if test -x /usr/local/bin/ipsecctrl; then 
+      /usr/local/bin/ipsecctrl D "$1"         # This works for ipfire 1.4.x 
+      /usr/local/bin/ipsecctrl R         # re-read secrets 
+      /usr/local/bin/ipsecctrl S "$1"         # start tunnel 
+   else 
+      ipsec auto --down      "$1"         # This works for ipfire 1.3.x 
+      ipsec auto --unroute   "$1" 
+      ipsec auto --delete      "$1" 
+      ipsec auto --rereadall 
+      ipsec auto --add      "$1" 
+      ipsec auto --route      "$1" 
+      ipsec auto --up         "$1" 
+   fi 
+} 
+
+# Get left and right IP 
+# 
+LEFT_IP_OLD=$MyIP 
+RIGHT_IP_OLD=$(get_ip $3) 
+
+# Infinite loop; checks, whether the IP of a left or right FQDN has changed. 
+#  If so, the affected connection gets restarted; this is logged to syslog. 
+# 
+RESTART_COUNT=0 
+while :; do 
+   sleep $CHECK_INTERVAL 
+
+   # Skip check until IPSec is running 
+   ipsec auto --status >/dev/null 2>&1 || continue 
+
+   # get own IP (may have changed) 
+   ThisHostIP=`cat /var/ipfire/red/local-ipaddress` 
+    
+   # this our own IP as reported in /var/ipfire/ppp/local-ipadress 
+   LEFT_IP_NEW=$ThisHostIP 
+   # check our own DYNDNS IP 
+   LEFT_IP_DYN=$(get_ip $MyHost) 
+   # this is DYNDNS IP of other side 
+   RIGHT_IP_NEW=$(get_ip $3) 
+   # this the last used (right) IP for VPN-Tunnel 
+   RIGHT_TUN_IP_OLD=$(get_tunnelip $1) 
+
+#   for whatever reason, ipsec did not notice our own IP has changed for this connection 
+   if [ "${LEFT_IP_NEW}" != "${LEFT_IP_DYN}" ]; then 
+      restart_vpn "$4" 
+      let RESTART_COUNT++ 
+      log "Red IP = $LEFT_IP_NEW, IP by DynDNS = $LEFT_IP_DYN" 
+      log 'incorrect dynamic IP in tunnel used: restarting connection...' 
+   fi 
+    
+#   left or right IP has changed...    
+   if test "${LEFT_IP_OLD} ${RIGHT_IP_OLD}" != "${LEFT_IP_NEW} ${RIGHT_IP_NEW}"; then 
+      restart_vpn "$4" 
+      let RESTART_COUNT++ 
+      log 'left or right IP has changed: restarting connection...' 
+   fi 
+
+#   right IP / IP of tunnel endpoint has changed... 
+   if [ "$RIGHT_TUN_IP_OLD" != "" ]; then 
+      if test "${RIGHT_TUN_IP_OLD}" != "${RIGHT_IP_NEW}"; then 
+         restart_vpn "$4" 
+         let RESTART_COUNT++ 
+         log 'VPN tunnel IP has changed: restarting connection...' 
+      fi 
+   fi 
+
+   LEFT_IP_OLD=$LEFT_IP_NEW 
+   RIGHT_IP_OLD=$RIGHT_IP_NEW 
+done 
+
Peter's tree of IPFire 2.x