my $errormessage = '';
my %settings=();
my $routes_push_file = '';
+my $confighost="${General::swroot}/fwhosts/customhosts";
+my $configgrp="${General::swroot}/fwhosts/customgroups";
+my $customnet="${General::swroot}/fwhosts/customnetworks";
+my $name;
&General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
$cgiparams{'ENABLED'} = 'off';
$cgiparams{'ENABLED_BLUE'} = 'off';
my @ccdconf=();
my $ccdname=$_[0];
my $ccdnet=$_[1];
- my $ovpnsubnet=$_[2];
my $subcidr;
my @ip2=();
my $checkup;
return;
}
+ $errormessage=&General::checksubnets($ccdname,$ccdnet);
- #check if we try to use same network as ovpn server
- if (&General::iporsubtocidr($ccdnet) eq &General::iporsubtocidr($ovpnsubnet)) {
- $errormessage=$errormessage.$Lang::tr{'ccd err isovpnnet'}."<br>";
- }
-
- #check if we use a name/subnet that already exists
- &General::readhasharray("${General::swroot}/ovpn/ccd.conf", \%ccdconfhash);
- foreach my $key (keys %ccdconfhash) {
- @ccdconf=split(/\//,$ccdconfhash{$key}[1]);
- if ($ccdname eq $ccdconfhash{$key}[0]) {$errormessage=$errormessage.$Lang::tr{'ccd err nameexist'}."<br>";}
- my ($newip,$newsub) = split(/\//,$ccdnet);
- if (&General::IpInSubnet($newip,$ccdconf[0],&General::iporsubtodec($ccdconf[1]))) {$errormessage=$errormessage.$Lang::tr{'ccd err issubnet'}."<br>";}
-
- }
- #check if we use one of ipfire's networks (green,orange,blue)
- my %ownnet=();
- &General::readhash("${General::swroot}/ethernet/settings", \%ownnet);
- if (($ownnet{'GREEN_NETADDRESS'} ne '' && $ownnet{'GREEN_NETADDRESS'} ne '0.0.0.0') && &General::IpInSubnet($ownnet{'GREEN_NETADDRESS'},$ccdip,&General::iporsubtodec($subcidr))){ $errormessage=$Lang::tr{'ccd err green'};}
- if (($ownnet{'ORANGE_NETADDRESS'} ne '' && $ownnet{'ORANGE_NETADDRESS'} ne '0.0.0.0') && &General::IpInSubnet($ownnet{'ORANGE_NETADDRESS'},$ccdip,&General::iporsubtodec($subcidr))){ $errormessage=$Lang::tr{'ccd err orange'};}
- if (($ownnet{'BLUE_NETADDRESS'} ne '' && $ownnet{'BLUE_NETADDRESS'} ne '0.0.0.0') && &General::IpInSubnet($ownnet{'BLUE_NETADDRESS'},$ccdip,&General::iporsubtodec($subcidr))){ $errormessage=$Lang::tr{'ccd err blue'};}
- if (($ownnet{'RED_NETADDRESS'} ne '' && $ownnet{'RED_NETADDRESS'} ne '0.0.0.0') && &General::IpInSubnet($ownnet{'RED_NETADDRESS'},$ccdip,&General::iporsubtodec($subcidr))){ $errormessage=$Lang::tr{'ccd err red'};}
-
if (!$errormessage) {
my %ccdconfhash=();
my %ccdhash=();
&General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%ccdhash);
$iprange[0]=$ip1.".".$ip2.".".$ip3.".".2;
- for (my $i=0;$i<=$count-1;$i++) {
+ for (my $i=1;$i<=$count;$i++) {
my $tmpip=$iprange[$i-1];
my $stepper=$i*4;
$iprange[$i]= &General::getnextip($tmpip,4);
}
if ($cgiparams{'ACTION'} eq $Lang::tr{'ccd add'}) {
- &addccdnet($cgiparams{'ccdname'},$cgiparams{'ccdsubnet'},$cgiparams{'DOVPN_SUBNET'});
+ &addccdnet($cgiparams{'ccdname'},$cgiparams{'ccdsubnet'});
}
if ($errormessage) {
&Header::openbox('100%', 'LEFT', $Lang::tr{'error messages'});
&General::readhasharray("${General::swroot}/ovpn/ccd.conf", \%ccdconfhash);
my @ccdconf=();
my $count=0;
- foreach my $key (keys %ccdconfhash) {
+ foreach my $key (sort { uc($ccdconfhash{$a}[0]) cmp uc($ccdconfhash{$b}[0]) } keys %ccdconfhash) {
@ccdconf=($ccdconfhash{$key}[0],$ccdconfhash{$key}[1]);
$count++;
my $ccdhosts = &hostsinnet($ccdconf[0]);
$cgiparams{'COMPLZO'} = $confighash{$cgiparams{'KEY'}}[30];
$cgiparams{'MTU'} = $confighash{$cgiparams{'KEY'}}[31];
$cgiparams{'CHECK1'} = $confighash{$cgiparams{'KEY'}}[32];
- my $name=$cgiparams{'CHECK1'} ;
+ $name=$cgiparams{'CHECK1'} ;
$cgiparams{$name} = $confighash{$cgiparams{'KEY'}}[33];
$cgiparams{'RG'} = $confighash{$cgiparams{'KEY'}}[34];
$cgiparams{'CCD_DNS1'} = $confighash{$cgiparams{'KEY'}}[35];
goto VPNCONF_ERROR;
}
- if (($cgiparams{'PMTU_DISCOVERY'} ne 'off') && ($cgiparams{'MTU'} ne '1500')) {
- $errormessage = $Lang::tr{'ovpn mtu-disc and mtu not 1500'};
- unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams{'NAME'}.conf") or die "Removing Configfile fail: $!";
- rmdir ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}") || die "Removing Directory fail: $!";
- goto VPNCONF_ERROR;
- }
-
if ($cgiparams{'PMTU_DISCOVERY'} ne 'off') {
if (($cgiparams{'FRAGMENT'} ne '') || ($cgiparams{'MSSFIX'} eq 'on')) {
$errormessage = $Lang::tr{'ovpn mtu-disc with mssfix or fragment'};
}
}
+ if (($cgiparams{'PMTU_DISCOVERY'} ne 'off') && ($cgiparams{'MTU'} ne '1500')) {
+ $errormessage = $Lang::tr{'ovpn mtu-disc and mtu not 1500'};
+ unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams{'NAME'}.conf") or die "Removing Configfile fail: $!";
+ rmdir ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}") || die "Removing Directory fail: $!";
+ goto VPNCONF_ERROR;
+ }
+
if ( &validdotmask ($cgiparams{'LOCAL_SUBNET'})) {
$errormessage = $Lang::tr{'openvpn prefix local subnet'};
unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams{'NAME'}.conf") or die "Removing Configfile fail: $!";
$confighash{$key}[30] = $cgiparams{'COMPLZO'};
$confighash{$key}[31] = $cgiparams{'MTU'};
$confighash{$key}[32] = $cgiparams{'CHECK1'};
- my $name=$cgiparams{'CHECK1'};
+ $name=$cgiparams{'CHECK1'};
$confighash{$key}[33] = $cgiparams{$name};
$confighash{$key}[34] = $cgiparams{'RG'};
$confighash{$key}[35] = $cgiparams{'CCD_DNS1'};
my ($ccdip,$ccdsub)=split "/",$cgiparams{$name};
my ($a,$b,$c,$d) = split (/\./,$ccdip);
- if ( -e "${General::swroot}/ovpn/ccd/$confighash{$key}[2]"){unlink "${General::swroot}/ovpn/ccd/$cgiparams{'CERT_NAME'}";}
+ if ( -e "${General::swroot}/ovpn/ccd/$confighash{$key}[2]"){
+ unlink "${General::swroot}/ovpn/ccd/$cgiparams{'CERT_NAME'}";
+ }
open ( CCDRWCONF,'>',"${General::swroot}/ovpn/ccd/$confighash{$key}[2]") or die "Unable to create clientconfigfile $!";
print CCDRWCONF "# OpenVPN Clientconfig from CCD extension by Copymaster#\n\n";
if($cgiparams{'CHECK1'} eq 'dynamic'){
<tr>
<td class='boldbase' nowrap='nowrap'>$Lang::tr{'ovpn mtu-disc'}</td>
- <td colspan='2'>
+ <td colspan='3'>
<input type='radio' name='PMTU_DISCOVERY' value='yes' $checked{'PMTU_DISCOVERY'}{'yes'} /> $Lang::tr{'ovpn mtu-disc yes'}
<input type='radio' name='PMTU_DISCOVERY' value='maybe' $checked{'PMTU_DISCOVERY'}{'maybe'} /> $Lang::tr{'ovpn mtu-disc maybe'}
<input type='radio' name='PMTU_DISCOVERY' value='no' $checked{'PMTU_DISCOVERY'}{'no'} /> $Lang::tr{'ovpn mtu-disc no'}
if (! -z "${General::swroot}/ovpn/ccd.conf"){
print"<table border='0' width='100%' cellspacing='1' cellpadding='0'><tr><td width='1%'></td><td width='30%' class='boldbase' align='center'><b>$Lang::tr{'ccd name'}</td><td width='15%' class='boldbase' align='center'><b>$Lang::tr{'network'}</td><td class='boldbase' align='center' width='18%'><b>$Lang::tr{'ccd clientip'}</td></tr>";
- foreach my $key (keys %ccdconfhash) {
+ foreach my $key (sort { uc($ccdconfhash{$a}[0]) cmp uc($ccdconfhash{$b}[0]) } keys %ccdconfhash) {
$count++;
@ccdconf=($ccdconfhash{$key}[0],$ccdconfhash{$key}[1]);
if ($count % 2){print"<tr bgcolor='$color{'color22'}'>";}else{print"<tr bgcolor='$color{'color20'}'>";}
my $helpblue=0;
my $helporange=0;
my $other=0;
+ my $none=0;
my @temp=();
our @current = ();
@current = <FILE>;
close (FILE);
&General::readhasharray ("${General::swroot}/ovpn/ccdroute2", \%ccdroute2hash);
- print"<option>$Lang::tr{'ccd none'}</option>";
+ #check for "none"
+ foreach my $key (keys %ccdroute2hash) {
+ if($ccdroute2hash{$key}[0] eq $cgiparams{'NAME'}){
+ if ($ccdroute2hash{$key}[1] eq ''){
+ $none=1;
+ last;
+ }
+ }
+ }
+ if ($none ne '1'){
+ print"<option>$Lang::tr{'ccd none'}</option>";
+ }else{
+ print"<option selected>$Lang::tr{'ccd none'}</option>";
+ }
#check if static routes are defined for client
foreach my $line (@current) {
chomp($line);