From 55842dda690b077eeb3b0ed0af8f06827ef03f43 Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Wed, 28 Nov 2018 14:46:15 +0000 Subject: [PATCH] IPsec: Add UI for set interface MTU Signed-off-by: Michael Tremer --- doc/language_issues.de | 2 ++ doc/language_issues.en | 2 ++ doc/language_issues.es | 2 ++ doc/language_issues.fr | 2 ++ doc/language_issues.it | 2 ++ doc/language_issues.nl | 2 ++ doc/language_issues.pl | 2 ++ doc/language_issues.ru | 2 ++ doc/language_issues.tr | 2 ++ doc/language_missings | 16 ++++++++++++++++ html/cgi-bin/vpnmain.cgi | 18 +++++++++++++++++- langs/en/cgi-bin/en.pl | 2 ++ 12 files changed, 53 insertions(+), 1 deletion(-) diff --git a/doc/language_issues.de b/doc/language_issues.de index 9168a898bf..c72cc40b91 100644 --- a/doc/language_issues.de +++ b/doc/language_issues.de @@ -778,12 +778,14 @@ WARNING: untranslated string: info messages = unknown string WARNING: untranslated string: interface mode = Interface WARNING: untranslated string: invalid input for interface address = Invalid input for interface address WARNING: untranslated string: invalid input for interface mode = Invalid input for interface mode +WARNING: untranslated string: invalid input for interface mtu = Invalid input to interface MTU WARNING: untranslated string: invalid input for mode = Invalid input for mode WARNING: untranslated string: ipsec interface mode gre = GRE WARNING: untranslated string: ipsec interface mode none = - None (Default) - WARNING: untranslated string: ipsec interface mode vti = VTI WARNING: untranslated string: ipsec mode transport = Transport WARNING: untranslated string: ipsec mode tunnel = Tunnel +WARNING: untranslated string: mtu = MTU WARNING: untranslated string: no data = unknown string WARNING: untranslated string: none = none WARNING: untranslated string: qos add subclass = Add subclass diff --git a/doc/language_issues.en b/doc/language_issues.en index 1e78ec5c2e..efc4fce1f3 100644 --- a/doc/language_issues.en +++ b/doc/language_issues.en @@ -1083,6 +1083,7 @@ WARNING: untranslated string: invalid input for ike lifetime = Invalid input for WARNING: untranslated string: invalid input for inactivity timeout = Invalid input for Inactivity Timeout WARNING: untranslated string: invalid input for interface address = Invalid input for interface address WARNING: untranslated string: invalid input for interface mode = Invalid input for interface mode +WARNING: untranslated string: invalid input for interface mtu = Invalid input to interface MTU WARNING: untranslated string: invalid input for keepalive 1 = Invalid input for Keepalive ping WARNING: untranslated string: invalid input for keepalive 1:2 = Invalid input for Keepalive use at least a ratio of 1:2 WARNING: untranslated string: invalid input for keepalive 2 = Invalid input for Keepalive ping-restart @@ -1273,6 +1274,7 @@ WARNING: untranslated string: mpfire scanning = Scan for new files WARNING: untranslated string: mpfire search = MPFire Search WARNING: untranslated string: mpfire songs = MPFire songlist WARNING: untranslated string: mpfire webradio = MPFire Webradio +WARNING: untranslated string: mtu = MTU WARNING: untranslated string: my new share = My new share WARNING: untranslated string: name = Name WARNING: untranslated string: name is invalid = Name is invalid diff --git a/doc/language_issues.es b/doc/language_issues.es index 2264ef3227..6994a9e92e 100644 --- a/doc/language_issues.es +++ b/doc/language_issues.es @@ -1056,6 +1056,7 @@ WARNING: untranslated string: invalid input for dpd timeout = Invalid input for WARNING: untranslated string: invalid input for inactivity timeout = Invalid input for Inactivity Timeout WARNING: untranslated string: invalid input for interface address = Invalid input for interface address WARNING: untranslated string: invalid input for interface mode = Invalid input for interface mode +WARNING: untranslated string: invalid input for interface mtu = Invalid input to interface MTU WARNING: untranslated string: invalid input for mode = Invalid input for mode WARNING: untranslated string: invalid input for valid till days = Invalid input for Valid till (days). WARNING: untranslated string: invalid ip or hostname = Invalid IP Address or Hostname @@ -1097,6 +1098,7 @@ WARNING: untranslated string: modem sim information = SIM Information WARNING: untranslated string: modem status = Modem Status WARNING: untranslated string: monitor interface = Monitor Interface WARNING: untranslated string: most preferred = most preferred +WARNING: untranslated string: mtu = MTU WARNING: untranslated string: nameserver = Nameserver WARNING: untranslated string: no data = unknown string WARNING: untranslated string: none = none diff --git a/doc/language_issues.fr b/doc/language_issues.fr index b37f5eb626..42ef8d5c75 100644 --- a/doc/language_issues.fr +++ b/doc/language_issues.fr @@ -813,6 +813,7 @@ WARNING: untranslated string: info messages = unknown string WARNING: untranslated string: interface mode = Interface WARNING: untranslated string: invalid input for interface address = Invalid input for interface address WARNING: untranslated string: invalid input for interface mode = Invalid input for interface mode +WARNING: untranslated string: invalid input for interface mtu = Invalid input to interface MTU WARNING: untranslated string: invalid input for mode = Invalid input for mode WARNING: untranslated string: invalid ip or hostname = Invalid IP Address or Hostname WARNING: untranslated string: ipsec interface mode gre = GRE @@ -820,6 +821,7 @@ WARNING: untranslated string: ipsec interface mode none = - None (Default) - WARNING: untranslated string: ipsec interface mode vti = VTI WARNING: untranslated string: ipsec mode transport = Transport WARNING: untranslated string: ipsec mode tunnel = Tunnel +WARNING: untranslated string: mtu = MTU WARNING: untranslated string: no data = unknown string WARNING: untranslated string: pakfire ago = ago. WARNING: untranslated string: route config changed = unknown string diff --git a/doc/language_issues.it b/doc/language_issues.it index f2c4765da1..04676a9854 100644 --- a/doc/language_issues.it +++ b/doc/language_issues.it @@ -888,6 +888,7 @@ WARNING: untranslated string: interface mode = Interface WARNING: untranslated string: invalid input for inactivity timeout = Invalid input for Inactivity Timeout WARNING: untranslated string: invalid input for interface address = Invalid input for interface address WARNING: untranslated string: invalid input for interface mode = Invalid input for interface mode +WARNING: untranslated string: invalid input for interface mtu = Invalid input to interface MTU WARNING: untranslated string: invalid input for mode = Invalid input for mode WARNING: untranslated string: invalid input for valid till days = Invalid input for Valid till (days). WARNING: untranslated string: invalid ip or hostname = Invalid IP Address or Hostname @@ -905,6 +906,7 @@ WARNING: untranslated string: masquerading = Masquerading WARNING: untranslated string: masquerading disabled = Masquerading disabled WARNING: untranslated string: masquerading enabled = Masquerading enabled WARNING: untranslated string: messages = Messages +WARNING: untranslated string: mtu = MTU WARNING: untranslated string: no data = unknown string WARNING: untranslated string: none = none WARNING: untranslated string: one hour = One Hour diff --git a/doc/language_issues.nl b/doc/language_issues.nl index 6fd6bd9592..22b5f84330 100644 --- a/doc/language_issues.nl +++ b/doc/language_issues.nl @@ -902,6 +902,7 @@ WARNING: untranslated string: interface mode = Interface WARNING: untranslated string: invalid input for inactivity timeout = Invalid input for Inactivity Timeout WARNING: untranslated string: invalid input for interface address = Invalid input for interface address WARNING: untranslated string: invalid input for interface mode = Invalid input for interface mode +WARNING: untranslated string: invalid input for interface mtu = Invalid input to interface MTU WARNING: untranslated string: invalid input for mode = Invalid input for mode WARNING: untranslated string: invalid input for valid till days = Invalid input for Valid till (days). WARNING: untranslated string: invalid ip or hostname = Invalid IP Address or Hostname @@ -933,6 +934,7 @@ WARNING: untranslated string: modem no connection message = No connection to the WARNING: untranslated string: modem sim information = SIM Information WARNING: untranslated string: modem status = Modem Status WARNING: untranslated string: monitor interface = Monitor Interface +WARNING: untranslated string: mtu = MTU WARNING: untranslated string: nameserver = Nameserver WARNING: untranslated string: no data = unknown string WARNING: untranslated string: none = none diff --git a/doc/language_issues.pl b/doc/language_issues.pl index 2264ef3227..6994a9e92e 100644 --- a/doc/language_issues.pl +++ b/doc/language_issues.pl @@ -1056,6 +1056,7 @@ WARNING: untranslated string: invalid input for dpd timeout = Invalid input for WARNING: untranslated string: invalid input for inactivity timeout = Invalid input for Inactivity Timeout WARNING: untranslated string: invalid input for interface address = Invalid input for interface address WARNING: untranslated string: invalid input for interface mode = Invalid input for interface mode +WARNING: untranslated string: invalid input for interface mtu = Invalid input to interface MTU WARNING: untranslated string: invalid input for mode = Invalid input for mode WARNING: untranslated string: invalid input for valid till days = Invalid input for Valid till (days). WARNING: untranslated string: invalid ip or hostname = Invalid IP Address or Hostname @@ -1097,6 +1098,7 @@ WARNING: untranslated string: modem sim information = SIM Information WARNING: untranslated string: modem status = Modem Status WARNING: untranslated string: monitor interface = Monitor Interface WARNING: untranslated string: most preferred = most preferred +WARNING: untranslated string: mtu = MTU WARNING: untranslated string: nameserver = Nameserver WARNING: untranslated string: no data = unknown string WARNING: untranslated string: none = none diff --git a/doc/language_issues.ru b/doc/language_issues.ru index 771395391e..869ccd786f 100644 --- a/doc/language_issues.ru +++ b/doc/language_issues.ru @@ -1058,6 +1058,7 @@ WARNING: untranslated string: invalid input for dpd timeout = Invalid input for WARNING: untranslated string: invalid input for inactivity timeout = Invalid input for Inactivity Timeout WARNING: untranslated string: invalid input for interface address = Invalid input for interface address WARNING: untranslated string: invalid input for interface mode = Invalid input for interface mode +WARNING: untranslated string: invalid input for interface mtu = Invalid input to interface MTU WARNING: untranslated string: invalid input for mode = Invalid input for mode WARNING: untranslated string: invalid input for valid till days = Invalid input for Valid till (days). WARNING: untranslated string: invalid ip or hostname = Invalid IP Address or Hostname @@ -1099,6 +1100,7 @@ WARNING: untranslated string: modem sim information = SIM Information WARNING: untranslated string: modem status = Modem Status WARNING: untranslated string: monitor interface = Monitor Interface WARNING: untranslated string: most preferred = most preferred +WARNING: untranslated string: mtu = MTU WARNING: untranslated string: nameserver = Nameserver WARNING: untranslated string: no data = unknown string WARNING: untranslated string: none = none diff --git a/doc/language_issues.tr b/doc/language_issues.tr index 0d5095d6f8..c455234411 100644 --- a/doc/language_issues.tr +++ b/doc/language_issues.tr @@ -816,6 +816,7 @@ WARNING: untranslated string: info messages = unknown string WARNING: untranslated string: interface mode = Interface WARNING: untranslated string: invalid input for interface address = Invalid input for interface address WARNING: untranslated string: invalid input for interface mode = Invalid input for interface mode +WARNING: untranslated string: invalid input for interface mtu = Invalid input to interface MTU WARNING: untranslated string: invalid input for mode = Invalid input for mode WARNING: untranslated string: invalid ip or hostname = Invalid IP Address or Hostname WARNING: untranslated string: ipsec interface mode gre = GRE @@ -823,6 +824,7 @@ WARNING: untranslated string: ipsec interface mode none = - None (Default) - WARNING: untranslated string: ipsec interface mode vti = VTI WARNING: untranslated string: ipsec mode transport = Transport WARNING: untranslated string: ipsec mode tunnel = Tunnel +WARNING: untranslated string: mtu = MTU WARNING: untranslated string: no data = unknown string WARNING: untranslated string: ovpn error dh = The Diffie-Hellman parameter needs to be in minimum 2048 bit!
Please generate or upload a new Diffie-Hellman parameter, this can be made below in the section "Diffie-Hellman parameters options".
WARNING: untranslated string: ovpn error md5 = You host certificate uses MD5 for the signature which is not accepted anymore.
Please update to the latest IPFire version and generate a new root and host certificate.

All OpenVPN clients needs then to be renewed!
diff --git a/doc/language_missings b/doc/language_missings index 54b8e6770d..a770c13b28 100644 --- a/doc/language_missings +++ b/doc/language_missings @@ -42,12 +42,14 @@ < interface mode < invalid input for interface address < invalid input for interface mode +< invalid input for interface mtu < invalid input for mode < ipsec interface mode gre < ipsec interface mode none < ipsec interface mode vti < ipsec mode transport < ipsec mode tunnel +< mtu < none < notes < qos add subclass @@ -508,6 +510,7 @@ < invalid input for inactivity timeout < invalid input for interface address < invalid input for interface mode +< invalid input for interface mtu < invalid input for mode < invalid input for valid till days < invalid ip or hostname @@ -552,6 +555,7 @@ < modem status < monitor interface < most preferred +< mtu < MTU settings < nameserver < never @@ -809,6 +813,7 @@ < interface mode < invalid input for interface address < invalid input for interface mode +< invalid input for interface mtu < invalid input for mode < invalid ip or hostname < ipsec interface mode gre @@ -816,6 +821,7 @@ < ipsec interface mode vti < ipsec mode transport < ipsec mode tunnel +< mtu < subnet mask ############################################################################ # Checking cgi-bin translations for language: it # @@ -956,6 +962,7 @@ < invalid input for inactivity timeout < invalid input for interface address < invalid input for interface mode +< invalid input for interface mtu < invalid input for mode < invalid input for valid till days < invalid ip or hostname @@ -973,6 +980,7 @@ < masquerading disabled < masquerading enabled < messages +< mtu < MTU settings < none < Number of Countries for the pie chart @@ -1203,6 +1211,7 @@ < invalid input for inactivity timeout < invalid input for interface address < invalid input for interface mode +< invalid input for interface mtu < invalid input for mode < invalid input for valid till days < invalid ip or hostname @@ -1234,6 +1243,7 @@ < modem sim information < modem status < monitor interface +< mtu < MTU settings < nameserver < never @@ -1771,6 +1781,7 @@ < invalid input for inactivity timeout < invalid input for interface address < invalid input for interface mode +< invalid input for interface mtu < invalid input for mode < invalid input for valid till days < invalid ip or hostname @@ -1815,6 +1826,7 @@ < modem status < monitor interface < most preferred +< mtu < MTU settings < nameserver < never @@ -2501,6 +2513,7 @@ < invalid input for inactivity timeout < invalid input for interface address < invalid input for interface mode +< invalid input for interface mtu < invalid input for mode < invalid input for valid till days < invalid ip or hostname @@ -2546,6 +2559,7 @@ < monitor interface < month-graph < most preferred +< mtu < MTU settings < nameserver < never @@ -2789,6 +2803,7 @@ < interface mode < invalid input for interface address < invalid input for interface mode +< invalid input for interface mtu < invalid input for mode < invalid ip or hostname < ipsec interface mode gre @@ -2796,6 +2811,7 @@ < ipsec interface mode vti < ipsec mode transport < ipsec mode tunnel +< mtu < ovpn error dh < ovpn error md5 < ovpn warning rfc3280 diff --git a/html/cgi-bin/vpnmain.cgi b/html/cgi-bin/vpnmain.cgi index 02284ddf35..e1ec348aac 100644 --- a/html/cgi-bin/vpnmain.cgi +++ b/html/cgi-bin/vpnmain.cgi @@ -114,6 +114,7 @@ $cgiparams{'INACTIVITY_TIMEOUT'} = 1800; $cgiparams{'MODE'} = "tunnel"; $cgiparams{'INTERFACE_MODE'} = ""; $cgiparams{'INTERFACE_ADDRESS'} = ""; +$cgiparams{'INTERFACE_MTU'} = 1500; &Header::getcgihash(\%cgiparams, {'wantfile' => 1, 'filevar' => 'FH'}); ### @@ -1329,6 +1330,7 @@ END $cgiparams{'MODE'} = $confighash{$cgiparams{'KEY'}}[35]; $cgiparams{'INTERFACE_MODE'} = $confighash{$cgiparams{'KEY'}}[36]; $cgiparams{'INTERFACE_ADDRESS'} = $confighash{$cgiparams{'KEY'}}[37]; + $cgiparams{'INTERFACE_MTU'} = $confighash{$cgiparams{'KEY'}}[38]; if (!$cgiparams{'DPD_DELAY'}) { $cgiparams{'DPD_DELAY'} = 30; @@ -1828,7 +1830,7 @@ END my $key = $cgiparams{'KEY'}; if (! $key) { $key = &General::findhasharraykey (\%confighash); - foreach my $i (0 .. 36) { $confighash{$key}[$i] = "";} + foreach my $i (0 .. 38) { $confighash{$key}[$i] = "";} } $confighash{$key}[0] = $cgiparams{'ENABLED'}; $confighash{$key}[1] = $cgiparams{'NAME'}; @@ -1876,6 +1878,7 @@ END $confighash{$key}[35] = $cgiparams{'MODE'}; $confighash{$key}[36] = $cgiparams{'INTERFACE_MODE'}; $confighash{$key}[37] = $cgiparams{'INTERFACE_ADDRESS'}; + $confighash{$key}[38] = $cgiparams{'INTERFACE_MTU'}; # free unused fields! $confighash{$key}[6] = 'off'; @@ -1953,6 +1956,7 @@ END $cgiparams{'MODE'} = "tunnel"; $cgiparams{'INTERFACE_MODE'} = ""; $cgiparams{'INTERFACE_ADDRESS'} = ""; + $cgiparams{'INTERFACE_MTU'} = 1500; } VPNCONF_ERROR: @@ -2012,6 +2016,7 @@ VPNCONF_ERROR: + END ; if ($cgiparams{'KEY'}) { @@ -2321,6 +2326,11 @@ if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) || goto ADVANCED_ERROR; } + if ($cgiparams{'INTERFACE_MTU'} !~ /^\d+$/) { + $errormessage = $Lang::tr{'invalid input for interface mtu'}; + goto ADVANCED_ERROR; + } + $confighash{$cgiparams{'KEY'}}[29] = $cgiparams{'IKE_VERSION'}; $confighash{$cgiparams{'KEY'}}[18] = $cgiparams{'IKE_ENCRYPTION'}; $confighash{$cgiparams{'KEY'}}[19] = $cgiparams{'IKE_INTEGRITY'}; @@ -2343,6 +2353,7 @@ if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) || $confighash{$cgiparams{'KEY'}}[35] = $cgiparams{'MODE'}; $confighash{$cgiparams{'KEY'}}[36] = $cgiparams{'INTERFACE_MODE'}; $confighash{$cgiparams{'KEY'}}[37] = $cgiparams{'INTERFACE_ADDRESS'}; + $confighash{$cgiparams{'KEY'}}[38] = $cgiparams{'INTERFACE_MTU'}; &General::writehasharray("${General::swroot}/vpn/config", \%confighash); &writeipsecfiles(); if (&vpnenabled) { @@ -2375,6 +2386,7 @@ if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) || $cgiparams{'MODE'} = $confighash{$cgiparams{'KEY'}}[35]; $cgiparams{'INTERFACE_MODE'} = $confighash{$cgiparams{'KEY'}}[36]; $cgiparams{'INTERFACE_ADDRESS'} = $confighash{$cgiparams{'KEY'}}[37]; + $cgiparams{'INTERFACE_MTU'} = $confighash{$cgiparams{'KEY'}}[38]; if (!$cgiparams{'DPD_DELAY'}) { $cgiparams{'DPD_DELAY'} = 30; @@ -2563,6 +2575,10 @@ if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) || + + + + diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl index 6683cb399d..d289aa783b 100644 --- a/langs/en/cgi-bin/en.pl +++ b/langs/en/cgi-bin/en.pl @@ -1429,6 +1429,7 @@ 'invalid input for inactivity timeout' => 'Invalid input for Inactivity Timeout', 'invalid input for interface address' => 'Invalid input for interface address', 'invalid input for interface mode' => 'Invalid input for interface mode', +'invalid input for interface mtu' => 'Invalid input to interface MTU', 'invalid input for keepalive 1' => 'Invalid input for Keepalive ping', 'invalid input for keepalive 1:2' => 'Invalid input for Keepalive use at least a ratio of 1:2', 'invalid input for keepalive 2' => 'Invalid input for Keepalive ping-restart', @@ -1694,6 +1695,7 @@ 'mpfire search' => 'MPFire Search', 'mpfire songs' => 'MPFire songlist', 'mpfire webradio' => 'MPFire Webradio', +'mtu' => 'MTU', 'mtu QoS' => 'This does not change the global MTU, it only sets MTU for QoS.', 'my new share' => 'My new share', 'name' => 'Name', -- 2.39.2