-WARNING: translation string unused: Client status and controlc
WARNING: translation string unused: ConnSched scheduler
WARNING: translation string unused: ConnSched select profile
WARNING: translation string unused: HDD temperature
WARNING: translation string unused: and
WARNING: translation string unused: apply
WARNING: translation string unused: archive not exist
+ WARNING: translation string unused: attemps
WARNING: translation string unused: available updates
WARNING: translation string unused: backup config floppy
WARNING: translation string unused: backup configuration
WARNING: translation string unused: ddns help plus
WARNING: translation string unused: debugme
WARNING: translation string unused: deep scan directories
+ WARNING: translation string unused: default ip
WARNING: translation string unused: default networks
WARNING: translation string unused: default services
WARNING: translation string unused: description
WARNING: translation string unused: dial user password has been changed
WARNING: translation string unused: dialup settings
WARNING: translation string unused: disconnect
+ WARNING: translation string unused: disconnects
WARNING: translation string unused: display traffic at home
WARNING: translation string unused: display webinterface effects
WARNING: translation string unused: dmz pinhole configuration
WARNING: translation string unused: network traffic graphs
WARNING: translation string unused: network updated
WARNING: translation string unused: networks settings
+WARNING: translation string unused: never
WARNING: translation string unused: new optionsfw must boot
WARNING: translation string unused: no alcatelusb firmware
WARNING: translation string unused: no cfg upload
WARNING: translation string unused: outgoing firewall view group
WARNING: translation string unused: outgoing firewall warning
WARNING: translation string unused: override mtu
-WARNING: translation string unused: ovpn
WARNING: translation string unused: ovpn config
WARNING: translation string unused: ovpn dl
+WARNING: translation string unused: ovpn engines
WARNING: translation string unused: ovpn log
+WARNING: translation string unused: ovpn reneg sec
WARNING: translation string unused: ovpn_fastio
WARNING: translation string unused: ovpn_fragment
WARNING: translation string unused: ovpn_mssfix
WARNING: translation string unused: removable device advice
WARNING: translation string unused: reportfile
WARNING: translation string unused: requested data
-WARNING: translation string unused: reserved dst port
-WARNING: translation string unused: reserved src port
WARNING: translation string unused: restore hardware settings
WARNING: translation string unused: root
WARNING: translation string unused: root path
WARNING: translation string unused: root user password
WARNING: translation string unused: route subnet is invalid
WARNING: translation string unused: router ip
-WARNING: translation string unused: rsvd dst port overlap
-WARNING: translation string unused: rsvd src port overlap
WARNING: translation string unused: rules already up to date
WARNING: translation string unused: safe removal of umounted device
WARNING: translation string unused: save error
WARNING: translation string unused: tor accounting period monthly
WARNING: translation string unused: tor accounting period weekly
WARNING: translation string unused: tor exit country
+ WARNING: translation string unused: total connection time
WARNING: translation string unused: traffic back
WARNING: translation string unused: traffic calc time
WARNING: translation string unused: traffic calc time bad
WARNING: untranslated string: bytes
WARNING: untranslated string: community rules
WARNING: untranslated string: dead peer detection
+WARNING: untranslated string: dns servers
+WARNING: untranslated string: downlink
WARNING: untranslated string: emerging rules
+WARNING: untranslated string: first
WARNING: untranslated string: fwhost err hostip
+WARNING: untranslated string: last
WARNING: untranslated string: qos add subclass
WARNING: untranslated string: route config changed
WARNING: untranslated string: routing config added
WARNING: untranslated string: routing config changed
WARNING: untranslated string: routing table
+WARNING: untranslated string: uplink
-WARNING: translation string unused: Client status and controlc
WARNING: translation string unused: ConnSched scheduler
WARNING: translation string unused: ConnSched select profile
WARNING: translation string unused: HDD temperature
WARNING: translation string unused: ansi t1.483
WARNING: translation string unused: apply
WARNING: translation string unused: archive not exist
+ WARNING: translation string unused: attemps
WARNING: translation string unused: available updates
WARNING: translation string unused: backup archive
WARNING: translation string unused: backup clear archive
WARNING: translation string unused: ddns help plus
WARNING: translation string unused: debugme
WARNING: translation string unused: deep scan directories
+ WARNING: translation string unused: default ip
WARNING: translation string unused: default networks
WARNING: translation string unused: default services
WARNING: translation string unused: description
WARNING: translation string unused: dial user password has been changed
WARNING: translation string unused: dialup settings
WARNING: translation string unused: disconnect
+ WARNING: translation string unused: disconnects
WARNING: translation string unused: display traffic at home
WARNING: translation string unused: display webinterface effects
WARNING: translation string unused: dmz pinhole configuration
WARNING: translation string unused: network traffic graphs
WARNING: translation string unused: network updated
WARNING: translation string unused: networks settings
+WARNING: translation string unused: never
WARNING: translation string unused: new optionsfw must boot
WARNING: translation string unused: no alcatelusb firmware
WARNING: translation string unused: no cfg upload
WARNING: translation string unused: outgoing firewall view group
WARNING: translation string unused: outgoing firewall warning
WARNING: translation string unused: override mtu
-WARNING: translation string unused: ovpn
WARNING: translation string unused: ovpn config
WARNING: translation string unused: ovpn dl
+WARNING: translation string unused: ovpn engines
WARNING: translation string unused: ovpn log
+WARNING: translation string unused: ovpn reneg sec
WARNING: translation string unused: ovpn_fastio
WARNING: translation string unused: ovpn_fragment
WARNING: translation string unused: ovpn_mssfix
WARNING: translation string unused: removable device advice
WARNING: translation string unused: reportfile
WARNING: translation string unused: requested data
-WARNING: translation string unused: reserved dst port
-WARNING: translation string unused: reserved src port
WARNING: translation string unused: restore hardware settings
WARNING: translation string unused: root
WARNING: translation string unused: root path
WARNING: translation string unused: root user password
WARNING: translation string unused: route subnet is invalid
WARNING: translation string unused: router ip
-WARNING: translation string unused: rsvd dst port overlap
-WARNING: translation string unused: rsvd src port overlap
WARNING: translation string unused: rules already up to date
WARNING: translation string unused: safe removal of umounted device
WARNING: translation string unused: save error
WARNING: translation string unused: tor bridge enabled
WARNING: translation string unused: tor errmsg invalid node id
WARNING: translation string unused: tor exit country
+ WARNING: translation string unused: total connection time
WARNING: translation string unused: traffic back
WARNING: translation string unused: traffic calc time
WARNING: translation string unused: traffic calc time bad
WARNING: translation string unused: yearly firewallhits
WARNING: untranslated string: Scan for Songs
WARNING: untranslated string: bytes
+WARNING: untranslated string: dns servers
+WARNING: untranslated string: downlink
+WARNING: untranslated string: first
WARNING: untranslated string: fwhost err hostip
+WARNING: untranslated string: last
WARNING: untranslated string: route config changed
WARNING: untranslated string: routing config added
WARNING: untranslated string: routing config changed
WARNING: untranslated string: routing table
+WARNING: untranslated string: uplink
WARNING: translation string unused: ansi t1.483
WARNING: translation string unused: apply
WARNING: translation string unused: archive not exist
+ WARNING: translation string unused: attemps
WARNING: translation string unused: available updates
WARNING: translation string unused: backup archive
WARNING: translation string unused: backup clear archive
WARNING: translation string unused: dial user password has been changed
WARNING: translation string unused: dialup settings
WARNING: translation string unused: disconnect
+ WARNING: translation string unused: disconnects
WARNING: translation string unused: display traffic at home
WARNING: translation string unused: display webinterface effects
WARNING: translation string unused: dmz pinhole configuration
WARNING: translation string unused: outgoing firewall reset
WARNING: translation string unused: outgoing firewall warning
WARNING: translation string unused: override mtu
-WARNING: translation string unused: ovpn
WARNING: translation string unused: ovpn config
WARNING: translation string unused: ovpn dl
WARNING: translation string unused: ovpn log
WARNING: translation string unused: removable device advice
WARNING: translation string unused: reportfile
WARNING: translation string unused: requested data
-WARNING: translation string unused: reserved dst port
-WARNING: translation string unused: reserved src port
WARNING: translation string unused: restore hardware settings
WARNING: translation string unused: root
WARNING: translation string unused: root path
WARNING: translation string unused: root user password
WARNING: translation string unused: route subnet is invalid
WARNING: translation string unused: router ip
-WARNING: translation string unused: rsvd dst port overlap
-WARNING: translation string unused: rsvd src port overlap
WARNING: translation string unused: rules already up to date
WARNING: translation string unused: safe removal of umounted device
WARNING: translation string unused: save error
WARNING: translation string unused: to install an update
WARNING: translation string unused: to warn email bad
WARNING: translation string unused: too long 80 char max
+ WARNING: translation string unused: total connection time
WARNING: translation string unused: traffic back
WARNING: translation string unused: traffic calc time
WARNING: translation string unused: traffic calc time bad
WARNING: translation string unused: use ibod
WARNING: translation string unused: view log
WARNING: translation string unused: vpn aggrmode
+WARNING: translation string unused: vpn configuration main
WARNING: translation string unused: vpn incompatible use of defaultroute
WARNING: translation string unused: vpn mtu invalid
WARNING: translation string unused: vpn on blue
WARNING: untranslated string: ccd err invalidnet
WARNING: untranslated string: ccd err irouteexist
WARNING: untranslated string: ccd err isipsecnet
+ WARNING: untranslated string: ccd err isipsecrw
+ WARNING: untranslated string: ccd err isovpnn2n
WARNING: untranslated string: ccd err isovpnnet
WARNING: untranslated string: ccd err issubnet
WARNING: untranslated string: ccd err name
WARNING: untranslated string: ccd routes
WARNING: untranslated string: ccd subnet
WARNING: untranslated string: ccd used
+ WARNING: untranslated string: count
+ WARNING: untranslated string: countries
+ WARNING: untranslated string: country codes and flags
+ WARNING: untranslated string: countrycode
WARNING: untranslated string: dead peer detection
- WARNING: untranslated string: default ip
WARNING: untranslated string: deprecated fs warn
+ WARNING: untranslated string: details
+WARNING: untranslated string: dh
+WARNING: untranslated string: dh key warn
+WARNING: untranslated string: dh name is invalid
WARNING: untranslated string: dnat address
WARNING: untranslated string: dns servers
WARNING: untranslated string: dnsforward
WARNING: untranslated string: emerging rules
WARNING: untranslated string: encryption
WARNING: untranslated string: entropy
+ WARNING: untranslated string: entropy graphs
WARNING: untranslated string: fireinfo ipfire version
WARNING: untranslated string: fireinfo is disabled
WARNING: untranslated string: fireinfo is enabled
WARNING: untranslated string: fireinfo your profile id
WARNING: untranslated string: firewall rules
WARNING: untranslated string: first
+ WARNING: untranslated string: flag
WARNING: untranslated string: fw default drop
WARNING: untranslated string: fw settings
WARNING: untranslated string: fw settings color
WARNING: untranslated string: fwdfw use srcport
WARNING: untranslated string: fwdfw use srv
WARNING: untranslated string: fwdfw useless rule
+ WARNING: untranslated string: fwdfw warn1
WARNING: untranslated string: fwdfw wd_fri
WARNING: untranslated string: fwdfw wd_mon
WARNING: untranslated string: fwdfw wd_sat
WARNING: untranslated string: fwhost type
WARNING: untranslated string: fwhost used
WARNING: untranslated string: fwhost welcome
+WARNING: untranslated string: gen dh
+WARNING: untranslated string: generate dh key
WARNING: untranslated string: grouptype
+ WARNING: untranslated string: hardware support
WARNING: untranslated string: integrity
WARNING: untranslated string: invalid input for dpd delay
WARNING: untranslated string: invalid input for dpd timeout
WARNING: untranslated string: minimum
WARNING: untranslated string: minute
WARNING: untranslated string: most preferred
+ WARNING: untranslated string: no hardware random number generator
+WARNING: untranslated string: not a valid dh key
WARNING: untranslated string: notice
WARNING: untranslated string: openvpn default
WARNING: untranslated string: openvpn destination port used
WARNING: untranslated string: other
WARNING: untranslated string: outgoing firewall p2p allow
WARNING: untranslated string: outgoing firewall p2p deny
+WARNING: untranslated string: ovpn crypt options
+WARNING: untranslated string: ovpn dh
+WARNING: untranslated string: ovpn dh name
WARNING: untranslated string: ovpn errmsg green already pushed
WARNING: untranslated string: ovpn errmsg invalid ip or mask
+WARNING: untranslated string: ovpn generating the root and host certificates
+WARNING: untranslated string: ovpn ha
+WARNING: untranslated string: ovpn hmac
WARNING: untranslated string: ovpn mgmt in root range
WARNING: untranslated string: ovpn mtu-disc
WARNING: untranslated string: ovpn mtu-disc and mtu not 1500
WARNING: untranslated string: routing config changed
WARNING: untranslated string: routing table
WARNING: untranslated string: server restart
+WARNING: untranslated string: show dh
WARNING: untranslated string: snat new source ip address
WARNING: untranslated string: ssh
WARNING: untranslated string: static routes
WARNING: untranslated string: support donation
+ WARNING: untranslated string: system has hwrng
+ WARNING: untranslated string: system has rdrand
WARNING: untranslated string: system information
WARNING: untranslated string: tor
WARNING: untranslated string: tor accounting
WARNING: untranslated string: tor traffic read written
WARNING: untranslated string: tor use exit nodes
WARNING: untranslated string: uplink
+WARNING: untranslated string: upload dh key
WARNING: untranslated string: uptime load average
WARNING: untranslated string: urlfilter redirect template
WARNING: untranslated string: visit us at
WARNING: translation string unused: ansi t1.483
WARNING: translation string unused: apply
WARNING: translation string unused: archive not exist
+ WARNING: translation string unused: attemps
WARNING: translation string unused: available updates
WARNING: translation string unused: backup archive
WARNING: translation string unused: backup clear archive
WARNING: translation string unused: dial user password has been changed
WARNING: translation string unused: dialup settings
WARNING: translation string unused: disconnect
+ WARNING: translation string unused: disconnects
WARNING: translation string unused: display traffic at home
WARNING: translation string unused: display webinterface effects
WARNING: translation string unused: dmz pinhole configuration
WARNING: translation string unused: outgoing firewall view group
WARNING: translation string unused: outgoing firewall warning
WARNING: translation string unused: override mtu
-WARNING: translation string unused: ovpn
WARNING: translation string unused: ovpn config
WARNING: translation string unused: ovpn dl
WARNING: translation string unused: ovpn log
WARNING: translation string unused: removable device advice
WARNING: translation string unused: reportfile
WARNING: translation string unused: requested data
-WARNING: translation string unused: reserved dst port
-WARNING: translation string unused: reserved src port
WARNING: translation string unused: restore hardware settings
WARNING: translation string unused: root
WARNING: translation string unused: root path
WARNING: translation string unused: root user password
WARNING: translation string unused: route subnet is invalid
WARNING: translation string unused: router ip
-WARNING: translation string unused: rsvd dst port overlap
-WARNING: translation string unused: rsvd src port overlap
WARNING: translation string unused: rules already up to date
WARNING: translation string unused: safe removal of umounted device
WARNING: translation string unused: save error
WARNING: translation string unused: to install an update
WARNING: translation string unused: to warn email bad
WARNING: translation string unused: too long 80 char max
+ WARNING: translation string unused: total connection time
WARNING: translation string unused: traffic back
WARNING: translation string unused: traffic calc time
WARNING: translation string unused: traffic calc time bad
WARNING: translation string unused: use ibod
WARNING: translation string unused: view log
WARNING: translation string unused: vpn aggrmode
+WARNING: translation string unused: vpn configuration main
WARNING: translation string unused: vpn incompatible use of defaultroute
WARNING: translation string unused: vpn mtu invalid
WARNING: translation string unused: vpn on blue
WARNING: untranslated string: ccd err invalidnet
WARNING: untranslated string: ccd err irouteexist
WARNING: untranslated string: ccd err isipsecnet
+ WARNING: untranslated string: ccd err isipsecrw
+ WARNING: untranslated string: ccd err isovpnn2n
WARNING: untranslated string: ccd err isovpnnet
WARNING: untranslated string: ccd err issubnet
WARNING: untranslated string: ccd err name
WARNING: untranslated string: ccd routes
WARNING: untranslated string: ccd subnet
WARNING: untranslated string: ccd used
+ WARNING: untranslated string: count
+ WARNING: untranslated string: countries
+ WARNING: untranslated string: country codes and flags
+ WARNING: untranslated string: countrycode
WARNING: untranslated string: dead peer detection
- WARNING: untranslated string: default ip
WARNING: untranslated string: deprecated fs warn
+ WARNING: untranslated string: details
+WARNING: untranslated string: dh
+WARNING: untranslated string: dh key warn
+WARNING: untranslated string: dh name is invalid
WARNING: untranslated string: dnat address
WARNING: untranslated string: dns address deleted txt
WARNING: untranslated string: dns servers
WARNING: untranslated string: emerging rules
WARNING: untranslated string: encryption
WARNING: untranslated string: entropy
+ WARNING: untranslated string: entropy graphs
WARNING: untranslated string: fireinfo ipfire version
WARNING: untranslated string: fireinfo is disabled
WARNING: untranslated string: fireinfo is enabled
WARNING: untranslated string: fireinfo your profile id
WARNING: untranslated string: firewall rules
WARNING: untranslated string: first
+ WARNING: untranslated string: flag
WARNING: untranslated string: fw default drop
WARNING: untranslated string: fw settings
WARNING: untranslated string: fw settings color
WARNING: untranslated string: fwdfw use srcport
WARNING: untranslated string: fwdfw use srv
WARNING: untranslated string: fwdfw useless rule
+ WARNING: untranslated string: fwdfw warn1
WARNING: untranslated string: fwdfw wd_fri
WARNING: untranslated string: fwdfw wd_mon
WARNING: untranslated string: fwdfw wd_sat
WARNING: untranslated string: fwhost type
WARNING: untranslated string: fwhost used
WARNING: untranslated string: fwhost welcome
+WARNING: untranslated string: gen dh
+WARNING: untranslated string: generate dh key
WARNING: untranslated string: grouptype
+ WARNING: untranslated string: hardware support
WARNING: untranslated string: integrity
WARNING: untranslated string: invalid input for dpd delay
WARNING: untranslated string: invalid input for dpd timeout
WARNING: untranslated string: minimum
WARNING: untranslated string: minute
WARNING: untranslated string: most preferred
+ WARNING: untranslated string: no hardware random number generator
+WARNING: untranslated string: not a valid dh key
WARNING: untranslated string: notice
WARNING: untranslated string: ntp common settings
WARNING: untranslated string: ntp sync
WARNING: untranslated string: openvpn prefix remote subnet
WARNING: untranslated string: openvpn subnet is used
WARNING: untranslated string: other
+WARNING: untranslated string: ovpn crypt options
+WARNING: untranslated string: ovpn dh
+WARNING: untranslated string: ovpn dh name
+WARNING: untranslated string: ovpn generating the root and host certificates
+WARNING: untranslated string: ovpn ha
+WARNING: untranslated string: ovpn hmac
WARNING: untranslated string: ovpn mgmt in root range
WARNING: untranslated string: ovpn mtu-disc
WARNING: untranslated string: ovpn mtu-disc and mtu not 1500
WARNING: untranslated string: routing config changed
WARNING: untranslated string: routing table
WARNING: untranslated string: server restart
+WARNING: untranslated string: show dh
WARNING: untranslated string: snat new source ip address
WARNING: untranslated string: snort working
WARNING: untranslated string: ssh
WARNING: untranslated string: static routes
WARNING: untranslated string: support donation
+ WARNING: untranslated string: system has hwrng
+ WARNING: untranslated string: system has rdrand
WARNING: untranslated string: system information
WARNING: untranslated string: tor
WARNING: untranslated string: tor accounting
WARNING: untranslated string: tor traffic read written
WARNING: untranslated string: tor use exit nodes
WARNING: untranslated string: uplink
+WARNING: untranslated string: upload dh key
WARNING: untranslated string: upload new ruleset
WARNING: untranslated string: uptime load average
WARNING: untranslated string: urlfilter file ext block
WARNING: translation string unused: ansi t1.483
WARNING: translation string unused: apply
WARNING: translation string unused: archive not exist
+ WARNING: translation string unused: attemps
WARNING: translation string unused: available updates
WARNING: translation string unused: backup archive
WARNING: translation string unused: backup clear archive
WARNING: translation string unused: dial user password has been changed
WARNING: translation string unused: dialup settings
WARNING: translation string unused: disconnect
+ WARNING: translation string unused: disconnects
WARNING: translation string unused: display traffic at home
WARNING: translation string unused: display webinterface effects
WARNING: translation string unused: dmz pinhole configuration
WARNING: translation string unused: outgoing firewall view group
WARNING: translation string unused: outgoing firewall warning
WARNING: translation string unused: override mtu
-WARNING: translation string unused: ovpn
WARNING: translation string unused: ovpn config
WARNING: translation string unused: ovpn dl
WARNING: translation string unused: ovpn log
WARNING: translation string unused: removable device advice
WARNING: translation string unused: reportfile
WARNING: translation string unused: requested data
-WARNING: translation string unused: reserved dst port
-WARNING: translation string unused: reserved src port
WARNING: translation string unused: restore hardware settings
WARNING: translation string unused: root
WARNING: translation string unused: root path
WARNING: translation string unused: root user password
WARNING: translation string unused: route subnet is invalid
WARNING: translation string unused: router ip
-WARNING: translation string unused: rsvd dst port overlap
-WARNING: translation string unused: rsvd src port overlap
WARNING: translation string unused: rules already up to date
WARNING: translation string unused: safe removal of umounted device
WARNING: translation string unused: save error
WARNING: translation string unused: to install an update
WARNING: translation string unused: to warn email bad
WARNING: translation string unused: too long 80 char max
+ WARNING: translation string unused: total connection time
WARNING: translation string unused: traffic back
WARNING: translation string unused: traffic calc time
WARNING: translation string unused: traffic calc time bad
WARNING: translation string unused: use ibod
WARNING: translation string unused: view log
WARNING: translation string unused: vpn aggrmode
+WARNING: translation string unused: vpn configuration main
WARNING: translation string unused: vpn incompatible use of defaultroute
WARNING: translation string unused: vpn mtu invalid
WARNING: translation string unused: vpn on blue
WARNING: untranslated string: advproxy proxy port transparent
WARNING: untranslated string: bit
WARNING: untranslated string: bytes
+ WARNING: untranslated string: ccd err isipsecrw
+ WARNING: untranslated string: ccd err isovpnn2n
WARNING: untranslated string: ccd iroute2
+ WARNING: untranslated string: count
+ WARNING: untranslated string: countries
+ WARNING: untranslated string: country codes and flags
+ WARNING: untranslated string: countrycode
WARNING: untranslated string: dead peer detection
- WARNING: untranslated string: default ip
+ WARNING: untranslated string: details
+WARNING: untranslated string: dh
+WARNING: untranslated string: dh key warn
+WARNING: untranslated string: dh name is invalid
WARNING: untranslated string: dnat address
WARNING: untranslated string: dns servers
WARNING: untranslated string: dnsforward
WARNING: untranslated string: drop outgoing
WARNING: untranslated string: encryption
WARNING: untranslated string: entropy
+ WARNING: untranslated string: entropy graphs
WARNING: untranslated string: firewall rules
WARNING: untranslated string: first
+ WARNING: untranslated string: flag
WARNING: untranslated string: fw default drop
WARNING: untranslated string: fw settings
WARNING: untranslated string: fw settings color
WARNING: untranslated string: fwdfw use srcport
WARNING: untranslated string: fwdfw use srv
WARNING: untranslated string: fwdfw useless rule
+ WARNING: untranslated string: fwdfw warn1
WARNING: untranslated string: fwdfw wd_fri
WARNING: untranslated string: fwdfw wd_mon
WARNING: untranslated string: fwdfw wd_sat
WARNING: untranslated string: fwhost type
WARNING: untranslated string: fwhost used
WARNING: untranslated string: fwhost welcome
+WARNING: untranslated string: gen dh
+WARNING: untranslated string: generate dh key
WARNING: untranslated string: grouptype
+ WARNING: untranslated string: hardware support
WARNING: untranslated string: integrity
WARNING: untranslated string: invalid input for dpd delay
WARNING: untranslated string: invalid input for dpd timeout
WARNING: untranslated string: maximum
WARNING: untranslated string: minimum
WARNING: untranslated string: most preferred
+ WARNING: untranslated string: no hardware random number generator
+WARNING: untranslated string: not a valid dh key
WARNING: untranslated string: notice
WARNING: untranslated string: openvpn network
+WARNING: untranslated string: ovpn crypt options
+WARNING: untranslated string: ovpn dh
+WARNING: untranslated string: ovpn dh name
+WARNING: untranslated string: ovpn generating the root and host certificates
+WARNING: untranslated string: ovpn ha
+WARNING: untranslated string: ovpn hmac
WARNING: untranslated string: ovpn mgmt in root range
WARNING: untranslated string: ovpn no connections
WARNING: untranslated string: ovpn port in root range
WARNING: untranslated string: routing config added
WARNING: untranslated string: routing config changed
WARNING: untranslated string: routing table
+WARNING: untranslated string: show dh
WARNING: untranslated string: snat new source ip address
WARNING: untranslated string: ssh
WARNING: untranslated string: support donation
+ WARNING: untranslated string: system has hwrng
+ WARNING: untranslated string: system has rdrand
WARNING: untranslated string: tor
WARNING: untranslated string: tor accounting
WARNING: untranslated string: tor accounting bytes
WARNING: untranslated string: tor traffic read written
WARNING: untranslated string: tor use exit nodes
WARNING: untranslated string: uplink
+WARNING: untranslated string: upload dh key
WARNING: untranslated string: uptime load average
WARNING: untranslated string: urlfilter redirect template
WARNING: untranslated string: wlan client
WARNING: translation string unused: ansi t1.483
WARNING: translation string unused: apply
WARNING: translation string unused: archive not exist
+ WARNING: translation string unused: attemps
WARNING: translation string unused: available updates
WARNING: translation string unused: backup archive
WARNING: translation string unused: backup clear archive
WARNING: translation string unused: dial user password has been changed
WARNING: translation string unused: dialup settings
WARNING: translation string unused: disconnect
+ WARNING: translation string unused: disconnects
WARNING: translation string unused: display traffic at home
WARNING: translation string unused: display webinterface effects
WARNING: translation string unused: dmz pinhole configuration
WARNING: translation string unused: outgoing firewall reset
WARNING: translation string unused: outgoing firewall warning
WARNING: translation string unused: override mtu
-WARNING: translation string unused: ovpn
WARNING: translation string unused: ovpn config
WARNING: translation string unused: ovpn dl
WARNING: translation string unused: ovpn log
WARNING: translation string unused: removable device advice
WARNING: translation string unused: reportfile
WARNING: translation string unused: requested data
-WARNING: translation string unused: reserved dst port
-WARNING: translation string unused: reserved src port
WARNING: translation string unused: restore hardware settings
WARNING: translation string unused: root
WARNING: translation string unused: root path
WARNING: translation string unused: root user password
WARNING: translation string unused: route subnet is invalid
WARNING: translation string unused: router ip
-WARNING: translation string unused: rsvd dst port overlap
-WARNING: translation string unused: rsvd src port overlap
WARNING: translation string unused: rules already up to date
WARNING: translation string unused: safe removal of umounted device
WARNING: translation string unused: save error
WARNING: translation string unused: to install an update
WARNING: translation string unused: to warn email bad
WARNING: translation string unused: too long 80 char max
+ WARNING: translation string unused: total connection time
WARNING: translation string unused: traffic back
WARNING: translation string unused: traffic calc time
WARNING: translation string unused: traffic calc time bad
WARNING: translation string unused: use ibod
WARNING: translation string unused: view log
WARNING: translation string unused: vpn aggrmode
+WARNING: translation string unused: vpn configuration main
WARNING: translation string unused: vpn incompatible use of defaultroute
WARNING: translation string unused: vpn mtu invalid
WARNING: translation string unused: vpn on blue
WARNING: untranslated string: ccd err invalidnet
WARNING: untranslated string: ccd err irouteexist
WARNING: untranslated string: ccd err isipsecnet
+ WARNING: untranslated string: ccd err isipsecrw
+ WARNING: untranslated string: ccd err isovpnn2n
WARNING: untranslated string: ccd err isovpnnet
WARNING: untranslated string: ccd err issubnet
WARNING: untranslated string: ccd err name
WARNING: untranslated string: ccd routes
WARNING: untranslated string: ccd subnet
WARNING: untranslated string: ccd used
+ WARNING: untranslated string: count
+ WARNING: untranslated string: countries
+ WARNING: untranslated string: country codes and flags
+ WARNING: untranslated string: countrycode
WARNING: untranslated string: dead peer detection
- WARNING: untranslated string: default ip
WARNING: untranslated string: deprecated fs warn
+ WARNING: untranslated string: details
+WARNING: untranslated string: dh
+WARNING: untranslated string: dh key warn
+WARNING: untranslated string: dh name is invalid
WARNING: untranslated string: dnat address
WARNING: untranslated string: dns servers
WARNING: untranslated string: dnsforward
WARNING: untranslated string: emerging rules
WARNING: untranslated string: encryption
WARNING: untranslated string: entropy
+ WARNING: untranslated string: entropy graphs
WARNING: untranslated string: fireinfo ipfire version
WARNING: untranslated string: fireinfo is disabled
WARNING: untranslated string: fireinfo is enabled
WARNING: untranslated string: fireinfo your profile id
WARNING: untranslated string: firewall rules
WARNING: untranslated string: first
+ WARNING: untranslated string: flag
WARNING: untranslated string: fw default drop
WARNING: untranslated string: fw settings
WARNING: untranslated string: fw settings color
WARNING: untranslated string: fwdfw use srcport
WARNING: untranslated string: fwdfw use srv
WARNING: untranslated string: fwdfw useless rule
+ WARNING: untranslated string: fwdfw warn1
WARNING: untranslated string: fwdfw wd_fri
WARNING: untranslated string: fwdfw wd_mon
WARNING: untranslated string: fwdfw wd_sat
WARNING: untranslated string: fwhost type
WARNING: untranslated string: fwhost used
WARNING: untranslated string: fwhost welcome
+WARNING: untranslated string: gen dh
+WARNING: untranslated string: generate dh key
WARNING: untranslated string: grouptype
+ WARNING: untranslated string: hardware support
WARNING: untranslated string: integrity
WARNING: untranslated string: invalid input for dpd delay
WARNING: untranslated string: invalid input for dpd timeout
WARNING: untranslated string: minimum
WARNING: untranslated string: minute
WARNING: untranslated string: most preferred
+ WARNING: untranslated string: no hardware random number generator
+WARNING: untranslated string: not a valid dh key
WARNING: untranslated string: notice
WARNING: untranslated string: openvpn default
WARNING: untranslated string: openvpn destination port used
WARNING: untranslated string: other
WARNING: untranslated string: outgoing firewall p2p allow
WARNING: untranslated string: outgoing firewall p2p deny
+WARNING: untranslated string: ovpn crypt options
+WARNING: untranslated string: ovpn dh
+WARNING: untranslated string: ovpn dh name
WARNING: untranslated string: ovpn errmsg green already pushed
WARNING: untranslated string: ovpn errmsg invalid ip or mask
+WARNING: untranslated string: ovpn generating the root and host certificates
+WARNING: untranslated string: ovpn ha
+WARNING: untranslated string: ovpn hmac
WARNING: untranslated string: ovpn mgmt in root range
WARNING: untranslated string: ovpn mtu-disc
WARNING: untranslated string: ovpn mtu-disc and mtu not 1500
WARNING: untranslated string: routing config changed
WARNING: untranslated string: routing table
WARNING: untranslated string: server restart
+WARNING: untranslated string: show dh
WARNING: untranslated string: snat new source ip address
WARNING: untranslated string: ssh
WARNING: untranslated string: static routes
WARNING: untranslated string: support donation
+ WARNING: untranslated string: system has hwrng
+ WARNING: untranslated string: system has rdrand
WARNING: untranslated string: system information
WARNING: untranslated string: tor
WARNING: untranslated string: tor accounting
WARNING: untranslated string: tor traffic read written
WARNING: untranslated string: tor use exit nodes
WARNING: untranslated string: uplink
+WARNING: untranslated string: upload dh key
WARNING: untranslated string: uptime load average
WARNING: untranslated string: urlfilter redirect template
WARNING: untranslated string: visit us at
WARNING: translation string unused: ansi t1.483
WARNING: translation string unused: apply
WARNING: translation string unused: archive not exist
+ WARNING: translation string unused: attemps
WARNING: translation string unused: available updates
WARNING: translation string unused: backup archive
WARNING: translation string unused: backup clear archive
WARNING: translation string unused: dial user password has been changed
WARNING: translation string unused: dialup settings
WARNING: translation string unused: disconnect
+ WARNING: translation string unused: disconnects
WARNING: translation string unused: display traffic at home
WARNING: translation string unused: display webinterface effects
WARNING: translation string unused: dmz pinhole configuration
WARNING: translation string unused: outgoing firewall view group
WARNING: translation string unused: outgoing firewall warning
WARNING: translation string unused: override mtu
-WARNING: translation string unused: ovpn
WARNING: translation string unused: ovpn config
WARNING: translation string unused: ovpn dl
WARNING: translation string unused: ovpn log
WARNING: translation string unused: removable device advice
WARNING: translation string unused: reportfile
WARNING: translation string unused: requested data
-WARNING: translation string unused: reserved dst port
-WARNING: translation string unused: reserved src port
WARNING: translation string unused: restore hardware settings
WARNING: translation string unused: root
WARNING: translation string unused: root path
WARNING: translation string unused: root user password
WARNING: translation string unused: route subnet is invalid
WARNING: translation string unused: router ip
-WARNING: translation string unused: rsvd dst port overlap
-WARNING: translation string unused: rsvd src port overlap
WARNING: translation string unused: rules already up to date
WARNING: translation string unused: safe removal of umounted device
WARNING: translation string unused: save error
WARNING: translation string unused: to install an update
WARNING: translation string unused: to warn email bad
WARNING: translation string unused: too long 80 char max
+ WARNING: translation string unused: total connection time
WARNING: translation string unused: traffic back
WARNING: translation string unused: traffic calc time
WARNING: translation string unused: traffic calc time bad
WARNING: translation string unused: use ibod
WARNING: translation string unused: view log
WARNING: translation string unused: vpn aggrmode
+WARNING: translation string unused: vpn configuration main
WARNING: translation string unused: vpn incompatible use of defaultroute
WARNING: translation string unused: vpn mtu invalid
WARNING: translation string unused: vpn on blue
WARNING: untranslated string: ccd err invalidnet
WARNING: untranslated string: ccd err irouteexist
WARNING: untranslated string: ccd err isipsecnet
+ WARNING: untranslated string: ccd err isipsecrw
+ WARNING: untranslated string: ccd err isovpnn2n
WARNING: untranslated string: ccd err isovpnnet
WARNING: untranslated string: ccd err issubnet
WARNING: untranslated string: ccd err name
WARNING: untranslated string: ccd subnet
WARNING: untranslated string: ccd used
WARNING: untranslated string: community rules
+ WARNING: untranslated string: count
+ WARNING: untranslated string: countries
+ WARNING: untranslated string: country codes and flags
+ WARNING: untranslated string: countrycode
WARNING: untranslated string: dead peer detection
- WARNING: untranslated string: default ip
WARNING: untranslated string: deprecated fs warn
+ WARNING: untranslated string: details
+WARNING: untranslated string: dh
+WARNING: untranslated string: dh key warn
+WARNING: untranslated string: dh name is invalid
WARNING: untranslated string: disk access per
WARNING: untranslated string: dnat address
WARNING: untranslated string: dns servers
WARNING: untranslated string: emerging rules
WARNING: untranslated string: encryption
WARNING: untranslated string: entropy
+ WARNING: untranslated string: entropy graphs
WARNING: untranslated string: extrahd because there is already a device mounted
WARNING: untranslated string: extrahd cant umount
WARNING: untranslated string: extrahd install or load driver
WARNING: untranslated string: extrahd you cant mount
WARNING: untranslated string: firewall rules
WARNING: untranslated string: first
+ WARNING: untranslated string: flag
WARNING: untranslated string: fw default drop
WARNING: untranslated string: fw settings
WARNING: untranslated string: fw settings color
WARNING: untranslated string: fwdfw use srcport
WARNING: untranslated string: fwdfw use srv
WARNING: untranslated string: fwdfw useless rule
+ WARNING: untranslated string: fwdfw warn1
WARNING: untranslated string: fwdfw wd_fri
WARNING: untranslated string: fwdfw wd_mon
WARNING: untranslated string: fwdfw wd_sat
WARNING: untranslated string: fwhost type
WARNING: untranslated string: fwhost used
WARNING: untranslated string: fwhost welcome
+WARNING: untranslated string: gen dh
+WARNING: untranslated string: generate dh key
WARNING: untranslated string: grouptype
+ WARNING: untranslated string: hardware support
WARNING: untranslated string: incoming traffic in bytes per second
WARNING: untranslated string: integrity
WARNING: untranslated string: invalid input for dpd delay
WARNING: untranslated string: minimum
WARNING: untranslated string: minute
WARNING: untranslated string: most preferred
+ WARNING: untranslated string: no hardware random number generator
+WARNING: untranslated string: not a valid dh key
WARNING: untranslated string: notice
WARNING: untranslated string: openvpn default
WARNING: untranslated string: openvpn destination port used
WARNING: untranslated string: openvpn subnet is used
WARNING: untranslated string: other
WARNING: untranslated string: outgoing traffic in bytes per second
+WARNING: untranslated string: ovpn crypt options
+WARNING: untranslated string: ovpn dh
+WARNING: untranslated string: ovpn dh name
+WARNING: untranslated string: ovpn generating the root and host certificates
+WARNING: untranslated string: ovpn ha
+WARNING: untranslated string: ovpn hmac
WARNING: untranslated string: ovpn mgmt in root range
WARNING: untranslated string: ovpn mtu-disc
WARNING: untranslated string: ovpn mtu-disc and mtu not 1500
WARNING: untranslated string: routing config changed
WARNING: untranslated string: routing table
WARNING: untranslated string: server restart
+WARNING: untranslated string: show dh
WARNING: untranslated string: snat new source ip address
WARNING: untranslated string: ssh
WARNING: untranslated string: static routes
WARNING: untranslated string: support donation
+ WARNING: untranslated string: system has hwrng
+ WARNING: untranslated string: system has rdrand
WARNING: untranslated string: tor
WARNING: untranslated string: tor accounting
WARNING: untranslated string: tor accounting bytes
WARNING: untranslated string: tor traffic read written
WARNING: untranslated string: tor use exit nodes
WARNING: untranslated string: uplink
+WARNING: untranslated string: upload dh key
WARNING: untranslated string: uptime load average
WARNING: untranslated string: urlfilter redirect template
WARNING: untranslated string: visit us at
WARNING: translation string unused: ansi t1.483
WARNING: translation string unused: apply
WARNING: translation string unused: archive not exist
+ WARNING: translation string unused: attemps
WARNING: translation string unused: available updates
WARNING: translation string unused: backup archive
WARNING: translation string unused: backup clear archive
WARNING: translation string unused: ddns help plus
WARNING: translation string unused: debugme
WARNING: translation string unused: deep scan directories
+ WARNING: translation string unused: default ip
WARNING: translation string unused: default networks
WARNING: translation string unused: default services
WARNING: translation string unused: description
WARNING: translation string unused: dial user password has been changed
WARNING: translation string unused: dialup settings
WARNING: translation string unused: disconnect
+ WARNING: translation string unused: disconnects
WARNING: translation string unused: display traffic at home
WARNING: translation string unused: display webinterface effects
WARNING: translation string unused: dmz pinhole configuration
WARNING: translation string unused: firmware
WARNING: translation string unused: firmware upload
WARNING: translation string unused: force update
+ WARNING: translation string unused: forward firewall
WARNING: translation string unused: forwarding rule added
WARNING: translation string unused: forwarding rule removed
WARNING: translation string unused: forwarding rule updated
WARNING: translation string unused: fwdfw till
WARNING: translation string unused: fwdfw time
WARNING: translation string unused: fwdfw xt access
- WARNING: translation string unused: fwhost addrule
WARNING: translation string unused: fwhost attention
WARNING: translation string unused: fwhost blue
WARNING: translation string unused: fwhost changeremark
WARNING: translation string unused: invert
WARNING: translation string unused: ip address in use
WARNING: translation string unused: ipfire side
+ WARNING: translation string unused: ipsec no connections
WARNING: translation string unused: iptable rules
WARNING: translation string unused: isdn
WARNING: translation string unused: isdn settings
WARNING: translation string unused: outgoing firewall view group
WARNING: translation string unused: outgoing firewall warning
WARNING: translation string unused: override mtu
-WARNING: translation string unused: ovpn
WARNING: translation string unused: ovpn config
WARNING: translation string unused: ovpn dl
WARNING: translation string unused: ovpn log
WARNING: translation string unused: removable device advice
WARNING: translation string unused: reportfile
WARNING: translation string unused: requested data
-WARNING: translation string unused: reserved dst port
-WARNING: translation string unused: reserved src port
WARNING: translation string unused: restore hardware settings
WARNING: translation string unused: root
WARNING: translation string unused: root path
WARNING: translation string unused: root user password
WARNING: translation string unused: route subnet is invalid
WARNING: translation string unused: router ip
-WARNING: translation string unused: rsvd dst port overlap
-WARNING: translation string unused: rsvd src port overlap
WARNING: translation string unused: rules already up to date
WARNING: translation string unused: safe removal of umounted device
WARNING: translation string unused: save error
WARNING: translation string unused: tor bridge enabled
WARNING: translation string unused: tor errmsg invalid node id
WARNING: translation string unused: tor exit country
+ WARNING: translation string unused: total connection time
WARNING: translation string unused: traffic back
WARNING: translation string unused: traffic calc time
WARNING: translation string unused: traffic calc time bad
WARNING: translation string unused: use ibod
WARNING: translation string unused: view log
WARNING: translation string unused: vpn aggrmode
+WARNING: translation string unused: vpn configuration main
WARNING: translation string unused: vpn incompatible use of defaultroute
WARNING: translation string unused: vpn mtu invalid
WARNING: translation string unused: vpn on blue
WARNING: translation string unused: year-graph
WARNING: translation string unused: yearly firewallhits
WARNING: untranslated string: Scan for Songs
- WARNING: untranslated string: addons
- WARNING: untranslated string: advproxy errmsg proxy ports equal
- WARNING: untranslated string: advproxy proxy port transparent
- WARNING: untranslated string: bit
WARNING: untranslated string: bytes
- WARNING: untranslated string: dead peer detection
- WARNING: untranslated string: default ip
+ WARNING: untranslated string: ccd err isipsecrw
+ WARNING: untranslated string: ccd err isovpnn2n
+ WARNING: untranslated string: count
+ WARNING: untranslated string: countries
+ WARNING: untranslated string: country codes and flags
+ WARNING: untranslated string: countrycode
+ WARNING: untranslated string: details
+WARNING: untranslated string: dh
+WARNING: untranslated string: dh key warn
+WARNING: untranslated string: dh name is invalid
- WARNING: untranslated string: dnat address
- WARNING: untranslated string: dns servers
- WARNING: untranslated string: downlink
- WARNING: untranslated string: dpd delay
- WARNING: untranslated string: dpd timeout
- WARNING: untranslated string: drop action
- WARNING: untranslated string: drop action1
- WARNING: untranslated string: drop action2
- WARNING: untranslated string: drop forward
WARNING: untranslated string: drop outgoing
- WARNING: untranslated string: encryption
- WARNING: untranslated string: entropy
- WARNING: untranslated string: firewall rules
- WARNING: untranslated string: first
- WARNING: untranslated string: fwdfw dnat extport
- WARNING: untranslated string: fwdfw dnat nochoice
- WARNING: untranslated string: fwdfw dnat porterr2
- WARNING: untranslated string: fwdfw hint mac
+ WARNING: untranslated string: entropy graphs
+ WARNING: untranslated string: flag
+ WARNING: untranslated string: fwdfw warn1
WARNING: untranslated string: fwhost err hostip
- WARNING: untranslated string: grouptype
- WARNING: untranslated string: integrity
- WARNING: untranslated string: invalid input for dpd delay
- WARNING: untranslated string: invalid input for dpd timeout
- WARNING: untranslated string: ipsec
- WARNING: untranslated string: ipsec network
+WARNING: untranslated string: gen dh
+WARNING: untranslated string: generate dh key
+ WARNING: untranslated string: hardware support
WARNING: untranslated string: last
- WARNING: untranslated string: least preferred
- WARNING: untranslated string: lifetime
- WARNING: untranslated string: mac filter
- WARNING: untranslated string: maximum
- WARNING: untranslated string: minimum
- WARNING: untranslated string: most preferred
+ WARNING: untranslated string: no hardware random number generator
+WARNING: untranslated string: not a valid dh key
- WARNING: untranslated string: notice
- WARNING: untranslated string: openvpn network
+WARNING: untranslated string: ovpn crypt options
+WARNING: untranslated string: ovpn dh
+WARNING: untranslated string: ovpn dh name
+WARNING: untranslated string: ovpn generating the root and host certificates
+WARNING: untranslated string: ovpn ha
+WARNING: untranslated string: ovpn hmac
- WARNING: untranslated string: ovpn mgmt in root range
- WARNING: untranslated string: ovpn no connections
- WARNING: untranslated string: ovpn port in root range
- WARNING: untranslated string: p2p block
- WARNING: untranslated string: p2p block save notice
- WARNING: untranslated string: red1
WARNING: untranslated string: route config changed
WARNING: untranslated string: routing config added
WARNING: untranslated string: routing config changed
WARNING: untranslated string: routing table
- WARNING: untranslated string: snat new source ip address
- WARNING: untranslated string: ssh
- WARNING: untranslated string: support donation
- WARNING: untranslated string: tor directory port
- WARNING: untranslated string: tor errmsg invalid directory port
- WARNING: untranslated string: uplink
+WARNING: untranslated string: show dh
- WARNING: untranslated string: urlfilter redirect template
- WARNING: untranslated string: wlan clients
+ WARNING: untranslated string: system has hwrng
+ WARNING: untranslated string: system has rdrand
+WARNING: untranslated string: upload dh key
< ccd err iroute
< ccd err irouteexist
< ccd err isipsecnet
+ < ccd err isipsecrw
+ < ccd err isovpnn2n
< ccd err isovpnnet
< ccd err issubnet
< ccd err name
< ccd routes
< ccd subnet
< ccd used
+ < count
+ < countries
+ < countrycode
+ < country codes and flags
< default ip
< deprecated fs warn
+ < details
+< dh
+< dh key warn
+< dh name is invalid
< dnat address
< dns address deleted txt
< dnsforward
< dnsforward entries
< dnsforward forward_server
< dnsforward zone
-< dns servers
-< downlink
< dpd delay
< dpd timeout
< drop action
< drop outgoing
< encryption
< entropy
+ < entropy graphs
< fireinfo ipfire version
< fireinfo is disabled
< fireinfo is enabled
< fireinfo why read more
< fireinfo your profile id
< firewall rules
-< first
+ < flag
< forward firewall
< fw default drop
< fwdfw ACCEPT
< fwdfw use nat
< fwdfw use srcport
< fwdfw use srv
+ < fwdfw warn1
< fwdfw wd_fri
< fwdfw wd_mon
< fwdfw wd_sat
< fw settings dropdown
< fw settings remark
< fw settings ruletable
+< gen dh
+< generate dh key
< grouptype
+ < hardware support
< integrity
< invalid input for dpd delay
< invalid input for dpd timeout
< ipsec
< ipsec network
< ipsec no connections
-< last
< least preferred
< lifetime
< mac filter
< minimum
< minute
< most preferred
+< never
+ < no hardware random number generator
+< not a valid dh key
< notice
< ntp common settings
< ntp sync
< openvpn subnet is used
< other
< our donors
+< ovpn crypt options
+< ovpn dh
+< ovpn dh name
+< ovpn engines
+< ovpn generating the root and host certificates
+< ovpn ha
+< ovpn hmac
< ovpn mgmt in root range
< ovpn mtu-disc
< ovpn mtu-disc and mtu not 1500
< ovpn mtu-disc yes
< ovpn no connections
< ovpn port in root range
+< ovpn reneg sec
< p2p block
< p2p block save notice
< proxy reports
< qos enter bandwidths
< red1
< server restart
+< show dh
< snat new source ip address
< snort working
< ssh
< static routes
< support donation
+ < system has hwrng
+ < system has rdrand
< system information
< tor
< tor 0 = disabled
< tor use exit nodes
< updxlrtr sources
< updxlrtr standard view
-< uplink
+< upload dh key
< upload new ruleset
< uptime
< uptime load average
< ccd err iroute
< ccd err irouteexist
< ccd err isipsecnet
+ < ccd err isipsecrw
+ < ccd err isovpnn2n
< ccd err isovpnnet
< ccd err issubnet
< ccd err name
< ccd routes
< ccd subnet
< ccd used
+ < count
+ < countries
+ < countrycode
+ < country codes and flags
< default ip
< deprecated fs warn
+ < details
+< dh
+< dh key warn
+< dh name is invalid
< dnat address
< dnsforward
< dnsforward add a new entry
< dnsforward entries
< dnsforward forward_server
< dnsforward zone
-< dns servers
-< downlink
< dpd delay
< dpd timeout
< drop action
< drop outgoing
< encryption
< entropy
+ < entropy graphs
< fireinfo ipfire version
< fireinfo is disabled
< fireinfo is enabled
< fireinfo why read more
< fireinfo your profile id
< firewall rules
-< first
+ < flag
< forward firewall
< fw default drop
< fwdfw ACCEPT
< fwdfw use nat
< fwdfw use srcport
< fwdfw use srv
+ < fwdfw warn1
< fwdfw wd_fri
< fwdfw wd_mon
< fwdfw wd_sat
< fw settings dropdown
< fw settings remark
< fw settings ruletable
+< gen dh
+< generate dh key
< grouptype
+ < hardware support
< integrity
< invalid input for dpd delay
< invalid input for dpd timeout
< ipsec
< ipsec network
< ipsec no connections
-< last
< least preferred
< lifetime
< mac filter
< minimum
< minute
< most preferred
+< never
+ < no hardware random number generator
+< not a valid dh key
< notice
< openvpn default
< openvpn destination port used
< outgoing firewall p2p description 2
< outgoing firewall p2p description 3
< outgoing firewall view group
+< ovpn crypt options
+< ovpn dh
+< ovpn dh name
+< ovpn engines
< ovpn errmsg green already pushed
< ovpn errmsg invalid ip or mask
+< ovpn generating the root and host certificates
+< ovpn ha
+< ovpn hmac
< ovpn mgmt in root range
< ovpn mtu-disc
< ovpn mtu-disc and mtu not 1500
< ovpn mtu-disc yes
< ovpn no connections
< ovpn port in root range
+< ovpn reneg sec
< ovpn routes push
< ovpn routes push options
< p2p block
< red1
< server restart
< Set time on boot
+< show dh
< snat new source ip address
< ssh
< static routes
< support donation
+ < system has hwrng
+ < system has rdrand
< system information
< tor
< tor 0 = disabled
< tor use exit nodes
< updxlrtr sources
< updxlrtr standard view
-< uplink
+< upload dh key
< uptime
< uptime load average
< urlfilter redirect template
< ccd err iroute
< ccd err irouteexist
< ccd err isipsecnet
+ < ccd err isipsecrw
+ < ccd err isovpnn2n
< ccd err isovpnnet
< ccd err issubnet
< ccd err name
< ccd routes
< ccd subnet
< ccd used
+ < count
+ < countries
+ < countrycode
+ < country codes and flags
< default ip
< deprecated fs warn
+ < details
+< dh
+< dh key warn
+< dh name is invalid
< dnat address
< dnsforward
< dnsforward add a new entry
< dnsforward entries
< dnsforward forward_server
< dnsforward zone
-< dns servers
-< downlink
< dpd delay
< dpd timeout
< drop action
< drop outgoing
< encryption
< entropy
+ < entropy graphs
< extrahd because there is already a device mounted
< extrahd cant umount
< extrahd install or load driver
< extrahd unable to write
< extrahd you cant mount
< firewall rules
-< first
+ < flag
< forward firewall
< fw default drop
< fwdfw ACCEPT
< fwdfw use nat
< fwdfw use srcport
< fwdfw use srv
+ < fwdfw warn1
< fwdfw wd_fri
< fwdfw wd_mon
< fwdfw wd_sat
< fw settings dropdown
< fw settings remark
< fw settings ruletable
+< gen dh
+< generate dh key
< grouptype
+ < hardware support
< integrity
< invalid input for dpd delay
< invalid input for dpd timeout
< ipsec
< ipsec network
< ipsec no connections
-< last
< least preferred
< lifetime
< mac filter
< minimum
< minute
< most preferred
+< never
+ < no hardware random number generator
+< not a valid dh key
< notice
< openvpn default
< openvpn destination port used
< openvpn subnet is used
< other
< our donors
+< ovpn crypt options
+< ovpn dh
+< ovpn dh name
+< ovpn engines
< ovpn errmsg green already pushed
< ovpn errmsg invalid ip or mask
+< ovpn generating the root and host certificates
+< ovpn ha
+< ovpn hmac
< ovpn mgmt in root range
< ovpn mtu-disc
< ovpn mtu-disc and mtu not 1500
< ovpn mtu-disc yes
< ovpn no connections
< ovpn port in root range
+< ovpn reneg sec
< ovpn routes push
< ovpn routes push options
< p2p block
< qos enter bandwidths
< red1
< server restart
+< show dh
< snat new source ip address
< ssh
< static routes
< support donation
+ < system has hwrng
+ < system has rdrand
< tor
< tor 0 = disabled
< tor accounting
< tor use exit nodes
< updxlrtr sources
< updxlrtr standard view
-< uplink
+< upload dh key
< uptime
< uptime load average
< urlfilter redirect template
< ccd err iroute
< ccd err irouteexist
< ccd err isipsecnet
+ < ccd err isipsecrw
+ < ccd err isovpnn2n
< ccd err isovpnnet
< ccd err issubnet
< ccd err name
< ccd routes
< ccd subnet
< ccd used
+ < count
+ < countries
+ < countrycode
+ < country codes and flags
< day-graph
< default ip
< deprecated fs warn
+ < details
+< dh
+< dh key warn
+< dh name is invalid
< disk access per
< dnat address
< dnsforward
< dnsforward entries
< dnsforward forward_server
< dnsforward zone
-< dns servers
-< downlink
< dpd delay
< dpd timeout
< drop action
< Edit an existing route
< encryption
< entropy
+ < entropy graphs
< extrahd because there is already a device mounted
< extrahd cant umount
< extrahd install or load driver
< extrahd unable to write
< extrahd you cant mount
< firewall rules
-< first
+ < flag
< forward firewall
< frequency
< fw default drop
< fwdfw use nat
< fwdfw use srcport
< fwdfw use srv
+ < fwdfw warn1
< fwdfw wd_fri
< fwdfw wd_mon
< fwdfw wd_sat
< fw settings dropdown
< fw settings remark
< fw settings ruletable
+< gen dh
+< generate dh key
< grouptype
+ < hardware support
< hour-graph
< incoming traffic in bytes per second
< integrity
< ipsec
< ipsec network
< ipsec no connections
-< last
< least preferred
< lifetime
< mac filter
< minute
< month-graph
< most preferred
+< never
+ < no hardware random number generator
+< not a valid dh key
< notice
< openvpn default
< openvpn destination port used
< other
< our donors
< outgoing traffic in bytes per second
+< ovpn crypt options
+< ovpn dh
+< ovpn dh name
+< ovpn engines
+< ovpn generating the root and host certificates
+< ovpn ha
+< ovpn hmac
< ovpn mgmt in root range
< ovpn mtu-disc
< ovpn mtu-disc and mtu not 1500
< ovpn mtu-disc yes
< ovpn no connections
< ovpn port in root range
+< ovpn reneg sec
< p2p block
< p2p block save notice
< proxy reports
< qos enter bandwidths
< red1
< server restart
+< show dh
< snat new source ip address
< ssh
< static routes
< support donation
+ < system has hwrng
+ < system has rdrand
< tor
< tor 0 = disabled
< tor accounting
< tor use exit nodes
< updxlrtr sources
< updxlrtr standard view
-< uplink
+< upload dh key
< uptime
< uptime load average
< urlfilter redirect template
# #
###############################################################################
###
-# Based on IPFireCore 55
+# Based on IPFireCore 76
###
use CGI;
use CGI qw/:standard/;
$cgiparams{'ONLY_PROPOSED'} = 'off';
$cgiparams{'ACTION'} = '';
$cgiparams{'CA_NAME'} = '';
+$cgiparams{'DH_NAME'} = 'dh1024.pem';
+$cgiparams{'DHLENGHT'} = '';
$cgiparams{'DHCP_DOMAIN'} = '';
$cgiparams{'DHCP_DNS'} = '';
$cgiparams{'DHCP_WINS'} = '';
$cgiparams{'MSSFIX'} = '';
$cgiparams{'number'} = '';
$cgiparams{'PMTU_DISCOVERY'} = '';
+$cgiparams{'DAUTH'} = '';
+$cgiparams{'DCIPHER'} = '';
$routes_push_file = "${General::swroot}/ovpn/routes_push";
unless (-e $routes_push_file) { system("touch $routes_push_file"); }
unless (-e "${General::swroot}/ovpn/ccd.conf") { system("touch ${General::swroot}/ovpn/ccd.conf"); }
}
}
+# Darren Critchley - certain ports are reserved for IPFire
+# TCP 67,68,81,222,444
+# UDP 67,68
+# Params passed in -> port, rangeyn, protocol
+sub disallowreserved
+{
+ # port 67 and 68 same for tcp and udp, don't bother putting in an array
+ my $msg = "";
+ my @tcp_reserved = (81,222,444);
+ my $prt = $_[0]; # the port or range
+ my $ryn = $_[1]; # tells us whether or not it is a port range
+ my $prot = $_[2]; # protocol
+ my $srcdst = $_[3]; # source or destination
+ if ($ryn) { # disect port range
+ if ($srcdst eq "src") {
+ $msg = "$Lang::tr{'rsvd src port overlap'}";
+ } else {
+ $msg = "$Lang::tr{'rsvd dst port overlap'}";
+ }
+ my @tmprng = split(/\:/,$prt);
+ unless (67 < $tmprng[0] || 67 > $tmprng[1]) { $errormessage="$msg 67"; return; }
+ unless (68 < $tmprng[0] || 68 > $tmprng[1]) { $errormessage="$msg 68"; return; }
+ if ($prot eq "tcp") {
+ foreach my $prange (@tcp_reserved) {
+ unless ($prange < $tmprng[0] || $prange > $tmprng[1]) { $errormessage="$msg $prange"; return; }
+ }
+ }
+ } else {
+ if ($srcdst eq "src") {
+ $msg = "$Lang::tr{'reserved src port'}";
+ } else {
+ $msg = "$Lang::tr{'reserved dst port'}";
+ }
+ if ($prt == 67) { $errormessage="$msg 67"; return; }
+ if ($prt == 68) { $errormessage="$msg 68"; return; }
+ if ($prot eq "tcp") {
+ foreach my $prange (@tcp_reserved) {
+ if ($prange == $prt) { $errormessage="$msg $prange"; return; }
+ }
+ }
+ }
+ return;
+}
+
+
sub writeserverconf {
my %sovpnsettings = ();
my @temp = ();
print CONF "ifconfig-pool-persist /var/ipfire/ovpn/ovpn-leases.db 3600\n";
print CONF "client-config-dir /var/ipfire/ovpn/ccd\n";
print CONF "tls-server\n";
- print CONF "ca /var/ipfire/ovpn/ca/cacert.pem\n";
- print CONF "cert /var/ipfire/ovpn/certs/servercert.pem\n";
- print CONF "key /var/ipfire/ovpn/certs/serverkey.pem\n";
- print CONF "dh /var/ipfire/ovpn/ca/dh1024.pem\n";
+ print CONF "ca ${General::swroot}/ovpn/ca/cacert.pem\n";
+ print CONF "cert ${General::swroot}/ovpn/certs/servercert.pem\n";
+ print CONF "key ${General::swroot}/ovpn/certs/serverkey.pem\n";
+ print CONF "dh ${General::swroot}/ovpn/ca/dh1024.pem\n";
my @tempovpnsubnet = split("\/",$sovpnsettings{'DOVPN_SUBNET'});
print CONF "server $tempovpnsubnet[0] $tempovpnsubnet[1]\n";
#print CONF "push \"route $netsettings{'GREEN_NETADDRESS'} $netsettings{'GREEN_NETMASK'}\"\n";
-
+
# Check if we are using mssfix, fragment or mtu-disc and set the corretct mtu of 1500.
# If we doesn't use one of them, we can use the configured mtu value.
if ($sovpnsettings{'MSSFIX'} eq 'on')
elsif ($sovpnsettings{'FRAGMENT'} ne '' && $sovpnsettings{'DPROTOCOL'} ne 'tcp')
{ print CONF "$sovpnsettings{'DDEVICE'}-mtu 1500\n"; }
elsif (($sovpnsettings{'PMTU_DISCOVERY'} eq 'yes') ||
- ($sovpnsettings{'PMTU_DISCOVERY'} eq 'maybe') ||
- ($sovpnsettings{'PMTU_DISCOVERY'} eq 'no' ))
+ ($sovpnsettings{'PMTU_DISCOVERY'} eq 'maybe') ||
+ ($sovpnsettings{'PMTU_DISCOVERY'} eq 'no' ))
{ print CONF "$sovpnsettings{'DDEVICE'}-mtu 1500\n"; }
else
{ print CONF "$sovpnsettings{'DDEVICE'}-mtu $sovpnsettings{'DMTU'}\n"; }
print CONF "client-to-client\n";
}
if ($sovpnsettings{MSSFIX} eq 'on') {
- print CONF "mssfix\n";
+ print CONF "mssfix\n";
}
if ($sovpnsettings{FRAGMENT} ne '' && $sovpnsettings{'DPROTOCOL'} ne 'tcp') {
- print CONF "fragment $sovpnsettings{'FRAGMENT'}\n";
+ print CONF "fragment $sovpnsettings{'FRAGMENT'}\n";
}
# Check if a valid operating mode has been choosen and use it.
print CONF "status-version 1\n";
print CONF "status /var/log/ovpnserver.log 30\n";
print CONF "cipher $sovpnsettings{DCIPHER}\n";
+ print CONF "auth $sovpnsettings{DAUTH}\n";
if ($sovpnsettings{DCOMPLZO} eq 'on') {
print CONF "comp-lzo\n";
}
my @iprange=();
my %ccdhash=();
&General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%ccdhash);
- $iprange[0]=$ip1.".".$ip2.".".$ip3.".".($ip4+2);
+ $iprange[0]=$ip1.".".$ip2.".".$ip3.".".2;
for (my $i=1;$i<=$count;$i++) {
my $tmpip=$iprange[$i-1];
my $stepper=$i*4;
$vpnsettings{'DHCP_WINS'} = $cgiparams{'DHCP_WINS'};
$vpnsettings{'ROUTES_PUSH'} = $cgiparams{'ROUTES_PUSH'};
$vpnsettings{'PMTU_DISCOVERY'} = $cgiparams{'PMTU_DISCOVERY'};
+ $vpnsettings{'DAUTH'} = $cgiparams{'DAUTH'};
my @temp=();
if ($cgiparams{'FRAGMENT'} eq '') {
print SERVERCONF "ca ${General::swroot}/ovpn/ca/cacert.pem\n";
print SERVERCONF "cert ${General::swroot}/ovpn/certs/servercert.pem\n";
print SERVERCONF "key ${General::swroot}/ovpn/certs/serverkey.pem\n";
- print SERVERCONF "dh ${General::swroot}/ovpn/ca/dh1024.pem\n";
+ print SERVERCONF "dh ${General::swroot}/ovpn/ca/dh1024.pem\n";
print SERVERCONF "# Cipher\n";
- print SERVERCONF "cipher AES-256-CBC\n";
+ print SERVERCONF "cipher $cgiparams{'DCIPHER'}\n";
+ print SERVERCONF "# HMAC algorithm\n";
+ print SERVERCONF "auth $cgiparams{'DAUTH'}\n";
if ($cgiparams{'COMPLZO'} eq 'on') {
print SERVERCONF "# Enable Compression\n";
print SERVERCONF "comp-lzo\r\n";
if ($cgiparams{'ACTION'} eq $Lang::tr{'save'} && $cgiparams{'TYPE'} eq 'net' && $cgiparams{'SIDE'} eq 'client')
{
+
my @ovsubnettemp = split(/\./,$cgiparams{'OVPN_SUBNET'});
my $ovsubnet = "$ovsubnettemp[0].$ovsubnettemp[1].$ovsubnettemp[2]";
my @remsubnet = split(/\//,$cgiparams{'REMOTE_SUBNET'});
print CLIENTCONF "# Auth. Client\n";
print CLIENTCONF "tls-client\n";
print CLIENTCONF "# Cipher\n";
- print CLIENTCONF "cipher AES-256-CBC\n";
+ print CLIENTCONF "cipher $cgiparams{'DCIPHER'}\n";
+ print CLIENTCONF "# HMAC algorithm\n";
+ print CLIENTCONF "auth $cgiparams{'DAUTH'}\n";
print CLIENTCONF "pkcs12 ${General::swroot}/ovpn/certs/$cgiparams{'NAME'}.p12\r\n";
if ($cgiparams{'COMPLZO'} eq 'on') {
print CLIENTCONF "# Enable Compression\n";
print CLIENTCONF "comp-lzo\r\n";
- }
+ }
print CLIENTCONF "# Debug Level\n";
print CLIENTCONF "verb 3\n";
print CLIENTCONF "# Tunnel check\n";
if (! &General::validipandmask($cgiparams{'DOVPN_SUBNET'})) {
$errormessage = $Lang::tr{'ovpn subnet is invalid'};
- goto SETTINGS_ERROR;
+ goto SETTINGS_ERROR;
}
my @tmpovpnsubnet = split("\/",$cgiparams{'DOVPN_SUBNET'});
$errormessage = $Lang::tr{'invalid port'};
goto SETTINGS_ERROR;
}
-
- if ($cgiparams{'DDEST_PORT'} <= 1023) {
- $errormessage = $Lang::tr{'ovpn port in root range'};
- goto SETTINGS_ERROR;
- }
$vpnsettings{'ENABLED_BLUE'} = $cgiparams{'ENABLED_BLUE'};
$vpnsettings{'ENABLED_ORANGE'} =$cgiparams{'ENABLED_ORANGE'};
###
### Reset all step 2
###
-}elsif ($cgiparams{'ACTION'} eq $Lang::tr{'reset'} && $cgiparams{'AREUSURE'} eq 'yes') {
+}elsif ($cgiparams{'ACTION'} eq $Lang::tr{'remove x509'} && $cgiparams{'AREUSURE'} eq 'yes') {
my $file = '';
&General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
}
}
while ($file = glob("${General::swroot}/ovpn/ca/*")) {
- unlink $file
+ unlink $file
}
while ($file = glob("${General::swroot}/ovpn/certs/*")) {
- unlink $file
+ unlink $file
}
while ($file = glob("${General::swroot}/ovpn/crls/*")) {
- unlink $file
+ unlink $file
}
- &cleanssldatabase();
+ &cleanssldatabase();
if (open(FILE, ">${General::swroot}/ovpn/caconfig")) {
print FILE "";
close FILE;
}
- &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
- #&writeserverconf();
+ if (open(FILE, ">${General::swroot}/ovpn/ccdroute")) {
+ print FILE "";
+ close FILE;
+ }
+ if (open(FILE, ">${General::swroot}/ovpn/ccdroute2")) {
+ print FILE "";
+ close FILE;
+ }
+ while ($file = glob("${General::swroot}/ovpn/ccd/*")) {
+ unlink $file
+ }
+ if (open(FILE, ">${General::swroot}/ovpn/ovpn-leases.db")) {
+ print FILE "";
+ close FILE;
+ }
+ if (open(FILE, ">${General::swroot}/ovpn/ovpnconfig")) {
+ print FILE "";
+ close FILE;
+ }
+ while ($file = glob("${General::swroot}/ovpn/n2nconf/*")) {
+ system ("rm -rf $file")
+ }
###
### Reset all step 1
###
-}elsif ($cgiparams{'ACTION'} eq $Lang::tr{'reset'}) {
+}elsif ($cgiparams{'ACTION'} eq $Lang::tr{'remove x509'}) {
&Header::showhttpheaders();
- &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
- &Header::openbigbox('100%', 'LEFT', '', '');
- &Header::openbox('100%', 'LEFT', $Lang::tr{'are you sure'});
- print <<END
- <table><form method='post'><input type='hidden' name='AREUSURE' value='yes' />
- <tr><td align='center'>
- <b><font color='${Header::colourred}'>$Lang::tr{'capswarning'}</font></b>:
- $Lang::tr{'resetting the vpn configuration will remove the root ca, the host certificate and all certificate based connections'}
- <tr><td align='center'><input type='submit' name='ACTION' value='$Lang::tr{'reset'}' />
- <input type='submit' name='ACTION' value='$Lang::tr{'cancel'}' /></td></tr>
- </form></table>
+ &Header::openpage($Lang::tr{'ovpn'}, 1, '');
+ &Header::openbigbox('100%', 'left', '', '');
+ &Header::openbox('100%', 'left', $Lang::tr{'are you sure'});
+ print <<END;
+ <form method='post'>
+ <table width='100%'>
+ <tr>
+ <td align='center'>
+ <input type='hidden' name='AREUSURE' value='yes' />
+ <b><font color='${Header::colourred}'>$Lang::tr{'capswarning'}</font></b>:
+ $Lang::tr{'resetting the vpn configuration will remove the root ca, the host certificate and all certificate based connections'}</td>
+ </tr>
+ <tr>
+ <td align='center'><input type='submit' name='ACTION' value='$Lang::tr{'remove x509'}' />
+ <input type='submit' name='ACTION' value='$Lang::tr{'cancel'}' /></td>
+ </tr>
+ </table>
+ </form>
END
;
&Header::closebox();
&Header::closepage();
exit (0);
+###
+### Generate DH key step 2
+###
+} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'generate dh key'} && $cgiparams{'AREUSURE'} eq 'yes') {
+ # Delete if old key exists
+ if (-f "${General::swroot}/ovpn/ca/$cgiparams{'DH_NAME'}") {
+ unlink "${General::swroot}/ovpn/ca/$cgiparams{'DH_NAME'}";
+ }
+ # Create Diffie Hellmann Parameter
+ system('/usr/bin/openssl', 'dhparam', '-rand', '/proc/interrupts:/proc/net/rt_cache',
+ '-out', "${General::swroot}/ovpn/ca/dh1024.pem", "$cgiparams{'DHLENGHT'}");
+ if ($?) {
+ $errormessage = "$Lang::tr{'openssl produced an error'}: $?";
+ unlink ("${General::swroot}/ovpn/ca/dh1024.pem");
+ }
+
+###
+### Generate DH key step 1
+###
+} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'generate dh key'}) {
+ &Header::showhttpheaders();
+ &Header::openpage($Lang::tr{'ovpn'}, 1, '');
+ &Header::openbigbox('100%', 'LEFT', '', '');
+ &Header::openbox('100%', 'LEFT', "$Lang::tr{'gen dh'}:");
+ print <<END;
+ <table width='100%'>
+ <tr>
+ <td width='15%'> </td> <td width='15%'></td> <td width='65%'></td>
+ </tr>
+ <tr>
+ <td class='base'>$Lang::tr{'ovpn dh'}:</td>
+ <td align='center'>
+ <form method='post'><input type='hidden' name='AREUSURE' value='yes' />
+ <input type='hidden' name='KEY' value='$cgiparams{'KEY'}' />
+ <select name='DHLENGHT'>
+ <option value='1024' $selected{'DHLENGHT'}{'1024'}>1024 $Lang::tr{'bit'}</option>
+ <option value='2048' $selected{'DHLENGHT'}{'2048'}>2048 $Lang::tr{'bit'}</option>
+ <option value='3072' $selected{'DHLENGHT'}{'3072'}>3072 $Lang::tr{'bit'}</option>
+ <option value='4096' $selected{'DHLENGHT'}{'4096'}>4096 $Lang::tr{'bit'}</option>
+ </select>
+ </td>
+ </tr>
+ <tr><td colspan='4'><br></td></tr>
+ </table>
+ <table width='100%'>
+ <tr>
+ <b><font color='${Header::colourred}'>$Lang::tr{'capswarning'}:</font></b>
+ $Lang::tr{'dh key warn'}
+ </td>
+ </tr>
+ <tr>
+ <td align='center'><input type='submit' name='ACTION' value='$Lang::tr{'generate dh key'}' /></td>
+ </form>
+ </tr>
+ </table>
+
+END
+ ;
+ &Header::closebox();
+ print "<div align='center'><a href='/cgi-bin/ovpnmain.cgi'>$Lang::tr{'back'}</a></div>";
+ &Header::closebigbox();
+ &Header::closepage();
+ exit (0);
+
+###
+### Upload DH key
+###
+} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'upload dh key'}) {
+ if ($cgiparams{'DH_NAME'} !~ /dh1024.pem/) {
+ $errormessage = $Lang::tr{'dh name is invalid'};
+ goto UPLOADCA_ERROR;
+ }
+ if (ref ($cgiparams{'FH'}) ne 'Fh') {
+ $errormessage = $Lang::tr{'there was no file upload'};
+ goto UPLOADCA_ERROR;
+ }
+ # Move uploaded dh key to a temporary file
+ (my $fh, my $filename) = tempfile( );
+ if (copy ($cgiparams{'FH'}, $fh) != 1) {
+ $errormessage = $!;
+ goto UPLOADCA_ERROR;
+ }
+ my $temp = `/usr/bin/openssl dhparam -text -in $filename`;
+ if ($temp !~ /DH Parameters: \((1024|2048|3072|4096) bit\)/) {
+ $errormessage = $Lang::tr{'not a valid dh key'};
+ unlink ($filename);
+ goto UPLOADCA_ERROR;
+ } else {
+ # Delete if old key exists
+ if (-f "${General::swroot}/ovpn/ca/$cgiparams{'DH_NAME'}") {
+ unlink "${General::swroot}/ovpn/ca/$cgiparams{'DH_NAME'}";
+ }
+ move($filename, "${General::swroot}/ovpn/ca/$cgiparams{'DH_NAME'}");
+ if ($? ne 0) {
+ $errormessage = "$Lang::tr{'certificate file move failed'}: $!";
+ unlink ($filename);
+ goto UPLOADCA_ERROR;
+ }
+ }
+
+
###
### Upload CA Certificate
###
if ($cgiparams{'CA_NAME'} eq 'ca') {
$errormessage = $Lang::tr{'name is invalid'};
- goto UPLOAD_CA_ERROR;
+ goto UPLOADCA_ERROR;
}
# Check if there is no other entry with this name
if ( -f "${General::swroot}/ovpn/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem") {
&Header::showhttpheaders();
- &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
+ &Header::openpage($Lang::tr{'ovpn'}, 1, '');
&Header::openbigbox('100%', 'LEFT', '', $errormessage);
&Header::openbox('100%', 'LEFT', "$Lang::tr{'ca certificate'}:");
my $output = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem`;
}
if ($assignedcerts) {
&Header::showhttpheaders();
- &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
+ &Header::openpage($Lang::tr{'ovpn'}, 1, '');
&Header::openbigbox('100%', 'LEFT', '', $errormessage);
&Header::openbox('100%', 'LEFT', $Lang::tr{'are you sure'});
- print <<END
+ print <<END;
<table><form method='post'><input type='hidden' name='AREUSURE' value='yes' />
<input type='hidden' name='KEY' value='$cgiparams{'KEY'}' />
<tr><td align='center'>
$cgiparams{'ACTION'} eq $Lang::tr{'show host certificate'}) {
my $output;
&Header::showhttpheaders();
- &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
+ &Header::openpage($Lang::tr{'ovpn'}, 1, '');
&Header::openbigbox('100%', 'LEFT', '', '');
if ($cgiparams{'ACTION'} eq $Lang::tr{'show root certificate'}) {
&Header::openbox('100%', 'LEFT', "$Lang::tr{'root certificate'}:");
}
} else { # child
unless (exec ('/usr/bin/openssl', 'req', '-x509', '-nodes', '-rand', '/proc/interrupts:/proc/net/rt_cache',
- '-days', '999999', '-newkey', 'rsa:2048',
+ '-days', '999999', '-newkey', 'rsa:4096',
'-keyout', "${General::swroot}/ovpn/ca/cakey.pem",
'-out', "${General::swroot}/ovpn/ca/cacert.pem",
'-config',"${General::swroot}/ovpn/openssl/ovpn.cnf")) {
}
} else { # child
unless (exec ('/usr/bin/openssl', 'req', '-nodes', '-rand', '/proc/interrupts:/proc/net/rt_cache',
- '-newkey', 'rsa:1024',
+ '-newkey', 'rsa:2048',
'-keyout', "${General::swroot}/ovpn/certs/serverkey.pem",
'-out', "${General::swroot}/ovpn/certs/serverreq.pem",
'-extensions', 'server',
}
# Create Diffie Hellmann Parameter
system('/usr/bin/openssl', 'dhparam', '-rand', '/proc/interrupts:/proc/net/rt_cache',
- '-out', "${General::swroot}/ovpn/ca/dh1024.pem",
- '1024' );
+ '-out', "${General::swroot}/ovpn/ca/dh1024.pem", "$cgiparams{'DHLENGHT'}");
if ($?) {
$errormessage = "$Lang::tr{'openssl produced an error'}: $?";
unlink ("${General::swroot}/ovpn/certs/serverkey.pem");
ROOTCERT_ERROR:
if ($cgiparams{'ACTION'} ne '') {
&Header::showhttpheaders();
- &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
+ &Header::openpage($Lang::tr{'ovpn'}, 1, '');
&Header::openbigbox('100%', 'LEFT', '', '');
if ($errormessage) {
&Header::openbox('100%', 'LEFT', $Lang::tr{'error messages'});
&Header::closebox();
}
&Header::openbox('100%', 'LEFT', "$Lang::tr{'generate root/host certificates'}:");
- print <<END
+ print <<END;
<form method='post' enctype='multipart/form-data'>
<table width='100%' border='0' cellspacing='1' cellpadding='0'>
<tr><td width='30%' class='base'>$Lang::tr{'organization name'}:</td>
}
print ">$country</option>";
}
- print <<END
- </select></td>
- <td colspan='2'> </td></tr>
+ print <<END;
+ </select></td>
+ <tr><td class='base'>$Lang::tr{'ovpn dh'}:</td>
+ <td class='base'><select name='DHLENGHT'>
+ <option value='1024' $selected{'DHLENGHT'}{'1024'}>1024 $Lang::tr{'bit'}</option>
+ <option value='2048' $selected{'DHLENGHT'}{'2048'}>2048 $Lang::tr{'bit'}</option>
+ <option value='3072' $selected{'DHLENGHT'}{'3072'}>3072 $Lang::tr{'bit'}</option>
+ <option value='4096' $selected{'DHLENGHT'}{'4096'}>4096 $Lang::tr{'bit'}</option>
+ </select>
+ </td>
+ </tr>
+
<tr><td> </td>
<td><input type='submit' name='ACTION' value='$Lang::tr{'generate root/host certificates'}' /></td>
<td> </td><td> </td></tr>
<tr><td class='base' colspan='4' align='left'>
<img src='/blob.gif' valign='top' alt='*' /> $Lang::tr{'this field may be blank'}</td></tr>
- <tr><td class='base' colspan='4' align='left'>
- <b><font color='${Header::colourred}'>$Lang::tr{'capswarning'}</font></b>:
- $Lang::tr{'generating the root and host certificates may take a long time. it can take up to several minutes on older hardware. please be patient'}
- </td></tr>
- <tr><td colspan='4' bgcolor='#000000'><img src='/images/null.gif' width='1' height='1' border='0' /></td></tr>
+ <tr><td colspan='4'><br><br></td></tr>
+ <tr><td class='base' colspan='4' align='center'>
+ <b><font color='${Header::colourred}'>$Lang::tr{'capswarning'}:</font></b>
+ $Lang::tr{'ovpn generating the root and host certificates'}
+ </td>
+ </tr>
+ <tr><td class='base' colspan='4' align='center'>
+ $Lang::tr{'dh key warn'}
+ </td>
+ </tr>
+
+ <tr><td colspan='4'><hr></td></tr>
<tr><td class='base' nowrap='nowrap'>$Lang::tr{'upload p12 file'}:</td>
<td nowrap='nowrap'><input type='file' name='FH' size='32'></td>
<td colspan='2'> </td></tr>
<td><input type='submit' name='ACTION' value='$Lang::tr{'upload p12 file'}' /></td>
<td colspan='2'> </td></tr>
<tr><td class='base' colspan='4' align='left'>
- <img src='/blob.gif' valign='top' al='*' > $Lang::tr{'this field may be blank'}</td></tr>
+ <img src='/blob.gif' valign='top' al='*' > $Lang::tr{'this field may be blank'}</td>
+ </tr>
</form></table>
END
;
&Header::closebox();
-
+ print "<div align='center'><a href='/cgi-bin/ovpnmain.cgi'>$Lang::tr{'back'}</a></div>";
&Header::closebigbox();
&Header::closepage();
exit(0)
print CLIENTCONF "# Auth. Client\n";
print CLIENTCONF "tls-client\n";
print CLIENTCONF "# Cipher\n";
- print CLIENTCONF "cipher AES-256-CBC\n";
+ print CLIENTCONF "cipher $confighash{$cgiparams{'KEY'}}[40]\n";
+ print CLIENTCONF "# HMAC algorithm\n";
+ print CLIENTCONF "auth $confighash{$cgiparams{'KEY'}}[39]\n";
if ($confighash{$cgiparams{'KEY'}}[4] eq 'cert' && -f "${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12") {
print CLIENTCONF "pkcs12 ${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12\r\n";
$zip->addFile( "${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12", "$confighash{$cgiparams{'KEY'}}[1].p12") or die "Can't add file $confighash{$cgiparams{'KEY'}}[1].p12\n";
}
- if ($confighash{$cgiparams{'KEY'}}[30] eq 'on') {
+ if ($confighash{$cgiparams{'KEY'}}[30] eq 'on') {
print CLIENTCONF "# Enable Compression\n";
print CLIENTCONF "comp-lzo\r\n";
}
$zip->addFile( "${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem", "$confighash{$cgiparams{'KEY'}}[1]cert.pem") or die "Can't add file $confighash{$cgiparams{'KEY'}}[1]cert.pem\n";
}
print CLIENTCONF "cipher $vpnsettings{DCIPHER}\r\n";
+ print CLIENTCONF "auth $vpnsettings{DAUTH}\r\n";
if ($vpnsettings{DCOMPLZO} eq 'on') {
print CLIENTCONF "comp-lzo\r\n";
}
} else {
$errormessage = $Lang::tr{'invalid key'};
}
-
+ &General::firewall_reload();
###
### Download PKCS12 file
if ( -f "${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem") {
&Header::showhttpheaders();
- &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
+ &Header::openpage($Lang::tr{'ovpn'}, 1, '');
&Header::openbigbox('100%', 'LEFT', '', '');
&Header::openbox('100%', 'LEFT', "$Lang::tr{'certificate'}:");
my $output = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem`;
&Header::closepage();
exit(0);
}
+
+###
+### Display Diffie-Hellman key
+###
+} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'show dh'}) {
+
+ if (! -e "${General::swroot}/ovpn/ca/dh1024.pem") {
+ $errormessage = $Lang::tr{'not present'};
+ } else {
+ &Header::showhttpheaders();
+ &Header::openpage($Lang::tr{'ovpn'}, 1, '');
+ &Header::openbigbox('100%', 'LEFT', '', '');
+ &Header::openbox('100%', 'LEFT', "$Lang::tr{'dh'}:");
+ my $output = `/usr/bin/openssl dhparam -text -in ${General::swroot}/ovpn/ca/dh1024.pem`;
+ $output = &Header::cleanhtml($output,"y");
+ print "<pre>$output</pre>\n";
+ &Header::closebox();
+ print "<div align='center'><a href='/cgi-bin/ovpnmain.cgi'>$Lang::tr{'back'}</a></div>";
+ &Header::closebigbox();
+ &Header::closepage();
+ exit(0);
+ }
+
###
### Display Certificate Revoke List
###
if ( -f "${General::swroot}/ovpn/crls/cacrl.pem") {
&Header::showhttpheaders();
- &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
+ &Header::openpage($Lang::tr{'ovpn'}, 1, '');
&Header::openbigbox('100%', 'LEFT', '', '');
&Header::openbox('100%', 'LEFT', "$Lang::tr{'crl'}:");
my $output = `/usr/bin/openssl crl -text -noout -in ${General::swroot}/ovpn/crls/cacrl.pem`;
# }
ADV_ERROR:
if ($cgiparams{'MAX_CLIENTS'} eq '') {
- $cgiparams{'MAX_CLIENTS'} = '100';
+ $cgiparams{'MAX_CLIENTS'} = '100';
}
if ($cgiparams{'KEEPALIVE_1'} eq '') {
- $cgiparams{'KEEPALIVE_1'} = '10';
+ $cgiparams{'KEEPALIVE_1'} = '10';
}
if ($cgiparams{'KEEPALIVE_2'} eq '') {
- $cgiparams{'KEEPALIVE_2'} = '60';
+ $cgiparams{'KEEPALIVE_2'} = '60';
}
if ($cgiparams{'LOG_VERB'} eq '') {
- $cgiparams{'LOG_VERB'} = '3';
+ $cgiparams{'LOG_VERB'} = '3';
}
if ($cgiparams{'PMTU_DISCOVERY'} eq '') {
- $cgiparams{'PMTU_DISCOVERY'} = 'off';
+ $cgiparams{'PMTU_DISCOVERY'} = 'off';
+ }
+ if ($cgiparams{'DAUTH'} eq '') {
+ $cgiparams{'DAUTH'} = 'SHA1';
}
$checked{'CLIENT2CLIENT'}{'off'} = '';
$checked{'CLIENT2CLIENT'}{'on'} = '';
$checked{'REDIRECT_GW_DEF1'}{'off'} = '';
$checked{'REDIRECT_GW_DEF1'}{'on'} = '';
$checked{'REDIRECT_GW_DEF1'}{$cgiparams{'REDIRECT_GW_DEF1'}} = 'CHECKED';
- $selected{'ENGINES'}{$cgiparams{'ENGINES'}} = 'SELECTED';
$checked{'MSSFIX'}{'off'} = '';
$checked{'MSSFIX'}{'on'} = '';
$checked{'MSSFIX'}{$cgiparams{'MSSFIX'}} = 'CHECKED';
$selected{'LOG_VERB'}{'11'} = '';
$selected{'LOG_VERB'}{'0'} = '';
$selected{'LOG_VERB'}{$cgiparams{'LOG_VERB'}} = 'SELECTED';
-
+ $selected{'DAUTH'}{'whirlpool'} = '';
+ $selected{'DAUTH'}{'SHA512'} = '';
+ $selected{'DAUTH'}{'SHA384'} = '';
+ $selected{'DAUTH'}{'SHA256'} = '';
+ $selected{'DAUTH'}{'ecdsa-with-SHA1'} = '';
+ $selected{'DAUTH'}{'SHA1'} = '';
+ $selected{'DAUTH'}{$cgiparams{'DAUTH'}} = 'SELECTED';
+
&Header::showhttpheaders();
&Header::openpage($Lang::tr{'status ovpn'}, 1, '');
&Header::openbigbox('100%', 'LEFT', '', $errormessage);
&Header::closebox();
}
&Header::openbox('100%', 'LEFT', $Lang::tr{'advanced server'});
- print <<END
+ print <<END;
<form method='post' enctype='multipart/form-data'>
- <table width='100%' border='0'>
- <tr>
- <td colspan='4'><b>$Lang::tr{'dhcp-options'}</b></td>
+<table width='100%' border=0>
+ <tr>
+ <td colspan='4'><b>$Lang::tr{'dhcp-options'}</b></td>
</tr>
<tr>
- <td width='25%'></td> <td width='20%'> </td><td width='25%'> </td><td width='30%'></td>
+ <td width='25%'></td> <td width='20%'> </td><td width='25%'> </td><td width='30%'></td>
</tr>
<tr>
- <td class='base'>Domain</td>
+ <td class='base'>Domain</td>
<td><input type='TEXT' name='DHCP_DOMAIN' value='$cgiparams{'DHCP_DOMAIN'}' size='30' /></td>
</tr>
<tr>
- <td class='base'>DNS</td>
- <td><input type='TEXT' name='DHCP_DNS' value='$cgiparams{'DHCP_DNS'}' size='30' /></td>
+ <td class='base'>DNS</td>
+ <td><input type='TEXT' name='DHCP_DNS' value='$cgiparams{'DHCP_DNS'}' size='30' /></td>
</tr>
<tr>
- <td class='base'>WINS</td>
- <td><input type='TEXT' name='DHCP_WINS' value='$cgiparams{'DHCP_WINS'}' size='30' /></td>
- </tr>
+ <td class='base'>WINS</td>
+ <td><input type='TEXT' name='DHCP_WINS' value='$cgiparams{'DHCP_WINS'}' size='30' /></td>
+ </tr>
<tr>
- <td colspan='4'><b>$Lang::tr{'ovpn routes push options'}</b></td>
+ <td colspan='4'><b>$Lang::tr{'ovpn routes push options'}</b></td>
</tr>
<tr>
- <td class='base'>$Lang::tr{'ovpn routes push'}</td>
- <td colspan='2'>
- <textarea name='ROUTES_PUSH' cols='26' rows='6' wrap='off'>
+ <td class='base'>$Lang::tr{'ovpn routes push'}</td>
+ <td colspan='2'>
+ <textarea name='ROUTES_PUSH' cols='26' rows='6' wrap='off'>
END
;
</tr>
</table>
<hr size='1'>
+<table width='100%'>
<tr>
- <td class'base'><b>$Lang::tr{'misc-options'}</b></td>
+ <td class'base'><b>$Lang::tr{'misc-options'}</b></td>
</tr>
<tr>
- <td width='20%'></td> <td width='15%'> </td><td width='15%'> </td><td width='15%'></td><td width='35%'></td>
+ <td width='20%'></td> <td width='15%'> </td><td width='15%'> </td><td width='15%'></td><td width='35%'></td>
</tr>
<tr>
- <td class='base'>Client-To-Client</td>
- <td><input type='checkbox' name='CLIENT2CLIENT' $checked{'CLIENT2CLIENT'}{'on'} /></td>
+ <td class='base'>Client-To-Client</td>
+ <td><input type='checkbox' name='CLIENT2CLIENT' $checked{'CLIENT2CLIENT'}{'on'} /></td>
</tr>
<tr>
- <td class='base'>Redirect-Gateway def1</td>
- <td><input type='checkbox' name='REDIRECT_GW_DEF1' $checked{'REDIRECT_GW_DEF1'}{'on'} /></td>
+ <td class='base'>Redirect-Gateway def1</td>
+ <td><input type='checkbox' name='REDIRECT_GW_DEF1' $checked{'REDIRECT_GW_DEF1'}{'on'} /></td>
</tr>
<tr>
<td class='base'>Max-Clients</td>
<td><input type='text' name='MAX_CLIENTS' value='$cgiparams{'MAX_CLIENTS'}' size='10' /></td>
</tr>
- <tr>
+ <tr>
<td class='base'>Keepalive <br />
(ping/ping-restart)</td>
<td><input type='TEXT' name='KEEPALIVE_1' value='$cgiparams{'KEEPALIVE_1'}' size='10' /></td>
<td><input type='TEXT' name='KEEPALIVE_2' value='$cgiparams{'KEEPALIVE_2'}' size='10' /></td>
</tr>
- <tr>
+ <tr>
<td class='base'>fragment <br></td>
<td><input type='TEXT' name='FRAGMENT' value='$cgiparams{'FRAGMENT'}' size='10' /></td>
- <td>$Lang::tr{'openvpn default'}: <span class="base">1300</span></td>
- </tr>
- <tr>
+ </tr>
+ <tr>
<td class='base'>mssfix</td>
<td><input type='checkbox' name='MSSFIX' $checked{'MSSFIX'}{'on'} /></td>
- <td>$Lang::tr{'openvpn default'}: on</td>
- </tr>
-
+ </tr>
<tr>
<td class='base'>$Lang::tr{'ovpn mtu-disc'}</td>
<td><input type='radio' name='PMTU_DISCOVERY' value='yes' $checked{'PMTU_DISCOVERY'}{'yes'} /> $Lang::tr{'ovpn mtu-disc yes'}</td>
</tr>
</table>
-<!--
<hr size='1'>
+<table width='100%'>
<tr>
- <td class'base'><b>Crypto-Engines</b></td>
+ <td class'base'><b>$Lang::tr{'log-options'}</b></td>
</tr>
<tr>
- <td width='15%'></td> <td width='30%'> </td><td width='25%'> </td><td width='30%'></td>
- </tr>
- <tr><td class='base'>Engines:</td>
- <td><select name='ENGINES'><option value="none" $selected{'ENGINES'}{'none'}>none</option>
- <option value="cryptodev" $selected{'ENGINES'}{'cryptodev'}>cryptodev</option>
- <option value="padlock" $selected{'ENGINES'}{'padlock'}>padlock</option>
+ <td width='20%'></td> <td width='30%'> </td><td width='25%'> </td><td width='25%'></td>
+ </tr>
+
+ <tr><td class='base'>VERB</td>
+ <td><select name='LOG_VERB'>
+ <option value='0' $selected{'LOG_VERB'}{'0'}>0</option>
+ <option value='1' $selected{'LOG_VERB'}{'1'}>1</option>
+ <option value='2' $selected{'LOG_VERB'}{'2'}>2</option>
+ <option value='3' $selected{'LOG_VERB'}{'3'}>3</option>
+ <option value='4' $selected{'LOG_VERB'}{'4'}>4</option>
+ <option value='5' $selected{'LOG_VERB'}{'5'}>5</option>
+ <option value='6' $selected{'LOG_VERB'}{'6'}>6</option>
+ <option value='7' $selected{'LOG_VERB'}{'7'}>7</option>
+ <option value='8' $selected{'LOG_VERB'}{'8'}>8</option>
+ <option value='9' $selected{'LOG_VERB'}{'9'}>9</option>
+ <option value='10' $selected{'LOG_VERB'}{'10'}>10</option>
+ <option value='11' $selected{'LOG_VERB'}{'11'}>11</option>
</select>
- </td>
+ </td>
+ </tr>
</table>
--->
+
<hr size='1'>
- <table width='100%'>
- <tr>
- <td class'base'><b>$Lang::tr{'log-options'}</b></td>
- </tr>
+<table width='100%'>
<tr>
- <td width='15%'></td> <td width='30%'> </td><td width='25%'> </td><td width='30%'></td>
+ <td class'base'><b>$Lang::tr{'ovpn crypt options'}</b></td>
+ </tr>
+ <tr>
+ <td width='20%'></td> <td width='30%'> </td><td width='25%'> </td><td width='25%'></td>
</tr>
-
- <tr><td class='base'>VERB</td>
- <td><select name='LOG_VERB'><option value='1' $selected{'LOG_VERB'}{'1'}>1</option>
- <option value='2' $selected{'LOG_VERB'}{'2'}>2</option>
- <option value='3' $selected{'LOG_VERB'}{'3'}>3</option>
- <option value='4' $selected{'LOG_VERB'}{'4'}>4</option>
- <option value='5' $selected{'LOG_VERB'}{'5'}>5</option>
- <option value='6' $selected{'LOG_VERB'}{'6'}>6</option>
- <option value='7' $selected{'LOG_VERB'}{'7'}>7</option>
- <option value='8' $selected{'LOG_VERB'}{'8'}>8</option>
- <option value='9' $selected{'LOG_VERB'}{'9'}>9</option>
- <option value='10' $selected{'LOG_VERB'}{'10'}>10</option>
- <option value='11' $selected{'LOG_VERB'}{'11'}>11</option>
- <option value='0' $selected{'LOG_VERB'}{'0'}>0</option></select></td>
+ <tr><td class='base'>$Lang::tr{'ovpn ha'}</td>
+ <td><select name='DAUTH'>
+ <option value='whirlpool' $selected{'DAUTH'}{'whirlpool'}>Whirlpool (512 $Lang::tr{'bit'})</option>
+ <option value='SHA512' $selected{'DAUTH'}{'SHA512'}>SHA2 (512 $Lang::tr{'bit'})</option>
+ <option value='SHA384' $selected{'DAUTH'}{'SHA384'}>SHA2 (384 $Lang::tr{'bit'})</option>
+ <option value='SHA256' $selected{'DAUTH'}{'SHA256'}>SHA2 (256 $Lang::tr{'bit'})</option>
+ <option value='ecdsa-with-SHA1' $selected{'DAUTH'}{'ecdsa-with-SHA1'}>ECDSA-SHA1 (160 $Lang::tr{'bit'})</option>
+ <option value='SHA1' $selected{'DAUTH'}{'SHA1'}>SHA1 (160 $Lang::tr{'bit'})</option>
+ </select>
+ </td>
+ <td>Default: <span class="base">SHA1 (160 $Lang::tr{'bit'})</span></td>
</table><hr>
+
END
if ( -e "/var/run/openvpn.pid"){
&Header::openbox('100%', 'LEFT', $Lang::tr{'ccd modify'});
- print <<END
- <table width='100%' border='0'>
+ print <<END;
+ <table width='100%' border=0>
<tr><form method='post'>
<td width='10%' nowrap='nowrap'>$Lang::tr{'ccd name'}:</td><td><input type='TEXT' name='ccdname' value='$cgiparams{'ccdname'}' /></td>
- <td width='8%'>$Lang::tr{'ccd subnet'}:</td><td><input type='TEXT' name='ccdsubnet' value='$cgiparams{'ccdsubnet'}' readonly='readonly' /></td></tr>
+ <td width='8%'>$Lang::tr{'ccd subnet'}:</td><td><input type='TEXT' name='ccdsubnet' value='$cgiparams{'ccdsubnet'}' readonly /></td></tr>
<tr><td colspan='4' align='right'><hr><input type='submit' value='$Lang::tr{'save'}' /><input type='hidden' name='ACTION' value='editsave'/>
<input type='hidden' name='ccdname' value='$cgiparams{'ccdname'}'/><input type='submit' value='$Lang::tr{'cancel'}' />
</td></tr>
&Header::closebox();
&Header::openbox('100%', 'LEFT',$Lang::tr{'ccd net'} );
- print <<END
+ print <<END;
<table width='100%' border='0' cellpadding='0' cellspacing='1'>
<tr>
<td class='boldbase' align='center'><b>$Lang::tr{'ccd name'}</td><td class='boldbase' align='center'><b>$Lang::tr{'network'}</td><td class='boldbase' width='15%' align='center'><b>$Lang::tr{'ccd used'}</td><td width='3%'></td><td width='3%'></td></tr>
print "$Lang::tr{'ccd noaddnet'}<br><hr>";
}
- print <<END
+ print <<END;
<table width='100%' cellpadding='0' cellspacing='1'>
<tr>
<td class='boldbase' align='center' nowrap='nowrap' width='20%'><b>$Lang::tr{'ccd name'}</td><td class='boldbase' align='center' width='8%'><b>$Lang::tr{'network'}</td><td class='boldbase' width='8%' align='center' nowrap='nowrap'><b>$Lang::tr{'ccd used'}</td><td width='1%' align='center'></td><td width='1%' align='center'></td></tr>
if ($count % 2){ print" <tr bgcolor='$color{'color22'}'>";}
else{ print" <tr bgcolor='$color{'color20'}'>";}
print"<td>$ccdconf[0]</td><td align='center'>$ccdconf[1]</td><td align='center'>$ccdhosts/".(&ccdmaxclients($ccdconf[1])+1)."</td><td>";
-print <<END
+ print <<END;
<form method='post' />
- <input type='image' src='/images/edit.gif' align='middle' alt='$Lang::tr{'edit'}' title='$Lang::tr{'edit'}' />
+ <input type='image' src='/images/edit.gif' align='middle' alt=$Lang::tr{'edit'} title=$Lang::tr{'edit'} />
<input type='hidden' name='ACTION' value='edit'/>
<input type='hidden' name='ccdname' value='$ccdconf[0]' />
<input type='hidden' name='ccdsubnet' value='$ccdconf[1]' />
<td><input type='hidden' name='ACTION' value='kill'/>
<input type='hidden' name='number' value='$count' />
<input type='hidden' name='net' value='$ccdconf[0]' />
- <input type='image' src='/images/delete.gif' align='middle' alt='$Lang::tr{'remove'}' title='$Lang::tr{'remove'}' /></form></td></tr>
+ <input type='image' src='/images/delete.gif' align='middle' alt=$Lang::tr{'remove'} title=$Lang::tr{'remove'} /></form></td></tr>
END
;
}
#
# <td><b>$Lang::tr{'protocol'}</b></td>
# protocol temp removed
- print <<END
+ print <<END;
<table width='100%' cellpadding='2' cellspacing='0' class='tbl'>
<tr>
<th><b>$Lang::tr{'common name'}</b></th>
}
print "</table>";
- print <<END
+ print <<END;
<table width='100%' border='0' cellpadding='2' cellspacing='0'>
<tr><td></td></tr>
<tr><td></td></tr>
} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'add'} && $cgiparams{'TYPE'} eq '') {
&General::readhash("${General::swroot}/ovpn/settings", \%vpnsettings);
&Header::showhttpheaders();
- &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
+ &Header::openpage($Lang::tr{'ovpn'}, 1, '');
&Header::openbigbox('100%', 'LEFT', '', '');
&Header::openbox('100%', 'LEFT', $Lang::tr{'connection type'});
if ( -s "${General::swroot}/ovpn/settings") {
- print <<END
+ print <<END;
<b>$Lang::tr{'connection type'}:</b><br />
<table border='0' width='100%'><form method='post' ENCTYPE="multipart/form-data">
<tr><td><input type='radio' name='TYPE' value='host' checked /></td>
<td class='base'>$Lang::tr{'net to net vpn'} (Upload Client Package)</td></tr>
<tr><td> </td><td class='base'><input type='file' name='FH' size='30'></td></tr>
<tr><td> </td><td>Import Connection Name <img src='/blob.gif' /></td></tr>
- <tr><td> </td><td class='base'><input type='text' name='n2nname' size='30'>$Lang::tr{'openvpn default'}: Client Packagename</td></tr>
+ <tr><td> </td><td class='base'><input type='text' name='n2nname' size='30'>Default : Client Packagename</td></tr>
<tr><td colspan='3'><hr /></td></tr>
<tr><td align='right' colspan='3'><input type='submit' name='ACTION' value='$Lang::tr{'add'}' /></td></tr>
<tr><td class='base' colspan='3' align='left'><img src='/blob.gif' alt='*' /> $Lang::tr{'this field may be blank'}</td></tr>
} else {
- print <<END
+ print <<END;
<b>$Lang::tr{'connection type'}:</b><br />
<table border='0' width='100%'><form method='post' ENCTYPE="multipart/form-data">
<tr><td><input type='radio' name='TYPE' value='host' checked /></td> <td class='base'>$Lang::tr{'host to net vpn'}</td></tr>
}
&Header::closebox();
+ print "<div align='center'><a href='/cgi-bin/ovpnmain.cgi'>$Lang::tr{'back'}</a></div>";
&Header::closebigbox();
&Header::closepage();
exit (0);
my $complzoactive;
my $mssfixactive;
+my $authactive;
my $n2nfragment;
-my @n2nmtudisc = split(/ /, (grep { /^mtu-disc/ } @firen2nconf)[0]);;
+my @n2nmtudisc = split(/ /, (grep { /^mtu-disc/ } @firen2nconf)[0]);
my @n2nproto2 = split(/ /, (grep { /^proto/ } @firen2nconf)[0]);
my @n2nproto = split(/-/, $n2nproto2[1]);
my @n2nport = split(/ /, (grep { /^port/ } @firen2nconf)[0]);
my @n2nremsub = split(/ /, (grep { /^route/ } @firen2nconf)[0]);
my @n2nmgmt = split(/ /, (grep { /^management/ } @firen2nconf)[0]);
my @n2nlocalsub = split(/ /, (grep { /^# remsub/ } @firen2nconf)[0]);
+my @n2ncipher = split(/ /, (grep { /^cipher/ } @firen2nconf)[0]);
+my @n2nauth = split(/ /, (grep { /^auth/ } @firen2nconf)[0]);
###
$n2nfragment[1] =~ s/\n|\r//g;
$n2nmgmt[2] =~ s/\n|\r//g;
$n2nmtudisc[1] =~ s/\n|\r//g;
+$n2ncipher[1] =~ s/\n|\r//g;
+$n2nauth[1] =~ s/\n|\r//g;
chomp ($complzoactive);
chomp ($mssfixactive);
}
###
-# Check im Dest Port is vaild
+# Check if Dest Port is vaild
###
foreach my $dkey (keys %confighash) {
$key = &General::findhasharraykey (\%confighash);
- foreach my $i (0 .. 39) { $confighash{$key}[$i] = "";}
+ foreach my $i (0 .. 41) { $confighash{$key}[$i] = "";}
$confighash{$key}[0] = 'off';
$confighash{$key}[1] = $n2nname[0];
$confighash{$key}[30] = $complzoactive;
$confighash{$key}[31] = $n2ntunmtu[1];
$confighash{$key}[38] = $n2nmtudisc[1];
-
+ $confighash{$key}[39] = $n2nauth[1];
+ $confighash{$key}[40] = $n2ncipher[1];
&General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
&Header::openbox('100%', 'LEFT', 'import ipfire net2net config');
}
if ($errormessage eq ''){
- print <<END
+ print <<END;
<!-- ipfire net2net config gui -->
<table width='100%'>
<tr><td width='25%'> </td><td width='25%'> </td></tr>
<tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'Act as'}</td><td><b>$confighash{$key}[6]</b></td></tr>
<tr><td class='boldbase' nowrap='nowrap'>Remote Host </td><td><b>$confighash{$key}[10]</b></td></tr>
<tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'local subnet'}</td><td><b>$confighash{$key}[8]</b></td></tr>
- <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'remote subnet'}</td><td><b>$confighash{$key}[11]</b></td></tr>
+ <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'remote subnet'}:</td><td><b>$confighash{$key}[11]</b></td></tr>
<tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'ovpn subnet'}</td><td><b>$confighash{$key}[27]</b></td></tr>
<tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'protocol'}</td><td><b>$confighash{$key}[28]</b></td></tr>
<tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'destination port'}:</td><td><b>$confighash{$key}[29]</b></td></tr>
<tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'comp-lzo'}</td><td><b>$confighash{$key}[30]</b></td></tr>
- <tr><td class='boldbase' nowrap='nowrap'>MSSFIX </td><td><b>$confighash{$key}[23]</b></td></tr>
- <tr><td class='boldbase' nowrap='nowrap'>Fragment </td><td><b>$confighash{$key}[24]</b></td></tr>
+ <tr><td class='boldbase' nowrap='nowrap'>MSSFIX:</td><td><b>$confighash{$key}[23]</b></td></tr>
+ <tr><td class='boldbase' nowrap='nowrap'>Fragment:</td><td><b>$confighash{$key}[24]</b></td></tr>
<tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'MTU'}</td><td><b>$confighash{$key}[31]</b></td></tr>
- <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'ovpn mtu-disc'}</td><td><b>$confighash{$key}[38]</b></td></tr>
- <tr><td class='boldbase' nowrap='nowrap'>Management Port </td><td><b>$confighash{$key}[22]</b></td></tr>
+ <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'ovpn mtu-disc'}:</td><td><b>$confighash{$key}[38]</b></td></tr>
+ <tr><td class='boldbase' nowrap='nowrap'>Management Port:</td><td><b>$confighash{$key}[22]</b></td></tr>
+ <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'ovpn hmac'}:</td><td><b>$confighash{$key}[39]</b></td></tr>
+ <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'cipher'}</td><td><b>$confighash{$key}[40]</b></td></tr>
<tr><td> </td><td> </td></tr>
</table>
END
}
&Header::closebigbox();
&Header::closepage();
- exit(0);
+ exit(0);
##
$errormessage = $Lang::tr{'invalid key'};
goto VPNCONF_END;
}
- $cgiparams{'ENABLED'} = $confighash{$cgiparams{'KEY'}}[0];
- $cgiparams{'NAME'} = $confighash{$cgiparams{'KEY'}}[1];
- $cgiparams{'TYPE'} = $confighash{$cgiparams{'KEY'}}[3];
- $cgiparams{'AUTH'} = $confighash{$cgiparams{'KEY'}}[4];
- $cgiparams{'PSK'} = $confighash{$cgiparams{'KEY'}}[5];
- $cgiparams{'SIDE'} = $confighash{$cgiparams{'KEY'}}[6];
- $cgiparams{'LOCAL_SUBNET'} = $confighash{$cgiparams{'KEY'}}[8];
- $cgiparams{'REMOTE'} = $confighash{$cgiparams{'KEY'}}[10];
+ $cgiparams{'ENABLED'} = $confighash{$cgiparams{'KEY'}}[0];
+ $cgiparams{'NAME'} = $confighash{$cgiparams{'KEY'}}[1];
+ $cgiparams{'TYPE'} = $confighash{$cgiparams{'KEY'}}[3];
+ $cgiparams{'AUTH'} = $confighash{$cgiparams{'KEY'}}[4];
+ $cgiparams{'PSK'} = $confighash{$cgiparams{'KEY'}}[5];
+ $cgiparams{'SIDE'} = $confighash{$cgiparams{'KEY'}}[6];
+ $cgiparams{'LOCAL_SUBNET'} = $confighash{$cgiparams{'KEY'}}[8];
+ $cgiparams{'REMOTE'} = $confighash{$cgiparams{'KEY'}}[10];
$cgiparams{'REMOTE_SUBNET'} = $confighash{$cgiparams{'KEY'}}[11];
- $cgiparams{'OVPN_MGMT'} = $confighash{$cgiparams{'KEY'}}[22];
- $cgiparams{'MSSFIX'} = $confighash{$cgiparams{'KEY'}}[23];
- $cgiparams{'FRAGMENT'} = $confighash{$cgiparams{'KEY'}}[24];
- $cgiparams{'REMARK'} = $confighash{$cgiparams{'KEY'}}[25];
- $cgiparams{'INTERFACE'} = $confighash{$cgiparams{'KEY'}}[26];
- $cgiparams{'OVPN_SUBNET'} = $confighash{$cgiparams{'KEY'}}[27];
- $cgiparams{'PROTOCOL'} = $confighash{$cgiparams{'KEY'}}[28];
- $cgiparams{'DEST_PORT'} = $confighash{$cgiparams{'KEY'}}[29];
- $cgiparams{'COMPLZO'} = $confighash{$cgiparams{'KEY'}}[30];
- $cgiparams{'MTU'} = $confighash{$cgiparams{'KEY'}}[31];
- $cgiparams{'CHECK1'} = $confighash{$cgiparams{'KEY'}}[32];
+ $cgiparams{'OVPN_MGMT'} = $confighash{$cgiparams{'KEY'}}[22];
+ $cgiparams{'MSSFIX'} = $confighash{$cgiparams{'KEY'}}[23];
+ $cgiparams{'FRAGMENT'} = $confighash{$cgiparams{'KEY'}}[24];
+ $cgiparams{'REMARK'} = $confighash{$cgiparams{'KEY'}}[25];
+ $cgiparams{'INTERFACE'} = $confighash{$cgiparams{'KEY'}}[26];
+ $cgiparams{'OVPN_SUBNET'} = $confighash{$cgiparams{'KEY'}}[27];
+ $cgiparams{'PROTOCOL'} = $confighash{$cgiparams{'KEY'}}[28];
+ $cgiparams{'DEST_PORT'} = $confighash{$cgiparams{'KEY'}}[29];
+ $cgiparams{'COMPLZO'} = $confighash{$cgiparams{'KEY'}}[30];
+ $cgiparams{'MTU'} = $confighash{$cgiparams{'KEY'}}[31];
+ $cgiparams{'CHECK1'} = $confighash{$cgiparams{'KEY'}}[32];
$name=$cgiparams{'CHECK1'} ;
- $cgiparams{$name} = $confighash{$cgiparams{'KEY'}}[33];
- $cgiparams{'RG'} = $confighash{$cgiparams{'KEY'}}[34];
- $cgiparams{'CCD_DNS1'} = $confighash{$cgiparams{'KEY'}}[35];
- $cgiparams{'CCD_DNS2'} = $confighash{$cgiparams{'KEY'}}[36];
- $cgiparams{'CCD_WINS'} = $confighash{$cgiparams{'KEY'}}[37];
+ $cgiparams{$name} = $confighash{$cgiparams{'KEY'}}[33];
+ $cgiparams{'RG'} = $confighash{$cgiparams{'KEY'}}[34];
+ $cgiparams{'CCD_DNS1'} = $confighash{$cgiparams{'KEY'}}[35];
+ $cgiparams{'CCD_DNS2'} = $confighash{$cgiparams{'KEY'}}[36];
+ $cgiparams{'CCD_WINS'} = $confighash{$cgiparams{'KEY'}}[37];
$cgiparams{'PMTU_DISCOVERY'} = $confighash{$cgiparams{'KEY'}}[38];
+ $cgiparams{'DAUTH'} = $confighash{$cgiparams{'KEY'}}[39];
+ $cgiparams{'DCIPHER'} = $confighash{$cgiparams{'KEY'}}[40];
} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'save'}) {
$cgiparams{'REMARK'} = &Header::cleanhtml($cgiparams{'REMARK'});
goto VPNCONF_ERROR;
}
- if ($cgiparams{'OVPN_MGMT'} eq '') {
+ if ($cgiparams{'OVPN_MGMT'} eq '') {
$cgiparams{'OVPN_MGMT'} = $cgiparams{'DEST_PORT'};
}
unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams{'NAME'}.conf") or die "Removing Configfile fail: $!";
rmdir ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}") || die "Removing Directory fail: $!";
goto VPNCONF_ERROR;
- }
-
+ }
+ #Check if remote subnet is used elsewhere
+ my ($n2nip,$n2nsub)=split("/",$cgiparams{'REMOTE_SUBNET'});
+ $warnmessage=&General::checksubnets('',$n2nip,'ovpn');
+ if ($warnmessage){
+ $warnmessage=$Lang::tr{'remote subnet'}." ($cgiparams{'REMOTE_SUBNET'}) <br>".$warnmessage;
+ }
}
# if (($cgiparams{'TYPE'} eq 'net') && ($cgiparams{'SIDE'} !~ /^(left|right)$/)) {
}
if ($cgiparams{'CERT_NAME'} !~ /^[a-zA-Z0-9 ,\.\-_]+$/) {
$errormessage = $Lang::tr{'invalid input for name'};
+ unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams{'NAME'}.conf") or die "Removing Configfile fail: $!";
+ rmdir ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}") || die "Removing Directory fail: $!";
goto VPNCONF_ERROR;
}
if ($cgiparams{'CERT_EMAIL'} ne '' && (! &General::validemail($cgiparams{'CERT_EMAIL'}))) {
}
} else { # child
unless (exec ('/usr/bin/openssl', 'req', '-nodes', '-rand', '/proc/interrupts:/proc/net/rt_cache',
- '-newkey', 'rsa:1024',
+ '-newkey', 'rsa:2048',
'-keyout', "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}key.pem",
'-out', "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}req.pem",
'-config',"${General::swroot}/ovpn/openssl/ovpn.cnf")) {
if (! $key) {
$key = &General::findhasharraykey (\%confighash);
- foreach my $i (0 .. 38) { $confighash{$key}[$i] = "";}
+ foreach my $i (0 .. 41) { $confighash{$key}[$i] = "";}
}
$confighash{$key}[0] = $cgiparams{'ENABLED'};
$confighash{$key}[1] = $cgiparams{'NAME'};
$confighash{$key}[6] = $cgiparams{'SIDE'};
$confighash{$key}[11] = $cgiparams{'REMOTE_SUBNET'};
}
- $confighash{$key}[8] = $cgiparams{'LOCAL_SUBNET'};
+ $confighash{$key}[8] = $cgiparams{'LOCAL_SUBNET'};
$confighash{$key}[10] = $cgiparams{'REMOTE'};
- if ($cgiparams{'OVPN_MGMT'} eq '') {
+ if ($cgiparams{'OVPN_MGMT'} eq '') {
$confighash{$key}[22] = $confighash{$key}[29];
- } else {
+ } else {
$confighash{$key}[22] = $cgiparams{'OVPN_MGMT'};
- }
+ }
$confighash{$key}[23] = $cgiparams{'MSSFIX'};
$confighash{$key}[24] = $cgiparams{'FRAGMENT'};
$confighash{$key}[25] = $cgiparams{'REMARK'};
$confighash{$key}[35] = $cgiparams{'CCD_DNS1'};
$confighash{$key}[36] = $cgiparams{'CCD_DNS2'};
$confighash{$key}[37] = $cgiparams{'CCD_WINS'};
- $confighash{$key}[38] = $cgiparams{'PMTU_DISCOVERY'};
-
+ $confighash{$key}[38] = $cgiparams{'PMTU_DISCOVERY'};
+ $confighash{$key}[39] = $cgiparams{'DAUTH'};
+ $confighash{$key}[40] = $cgiparams{'DCIPHER'};
&General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
###
$cgiparams{'MSSFIX'} = 'on';
$cgiparams{'FRAGMENT'} = '1300';
- $cgiparams{'PMTU_DISCOVERY'} = 'off';
+ $cgiparams{'PMTU_DISCOVERY'} = 'off';
+ $cgiparams{'DAUTH'} = 'SHA1';
###
# m.a.d n2n end
###
- $cgiparams{'SIDE'} = 'left';
+ $cgiparams{'SIDE'} = 'left';
if ( ! -f "${General::swroot}/ovpn/ca/cakey.pem" ) {
$cgiparams{'AUTH'} = 'psk';
} elsif ( ! -f "${General::swroot}/ovpn/ca/cacert.pem") {
}
$checked{'PMTU_DISCOVERY'}{$cgiparams{'PMTU_DISCOVERY'}} = 'checked=\'checked\'';
+ $selected{'DAUTH'}{'whirlpool'} = '';
+ $selected{'DAUTH'}{'SHA512'} = '';
+ $selected{'DAUTH'}{'SHA384'} = '';
+ $selected{'DAUTH'}{'SHA256'} = '';
+ $selected{'DAUTH'}{'ecdsa-with-SHA1'} = '';
+ $selected{'DAUTH'}{'SHA1'} = '';
+ $selected{'DAUTH'}{$cgiparams{'DAUTH'}} = 'SELECTED';
+
+ $selected{'DCIPHER'}{'CAMELLIA-256-CBC'} = '';
+ $selected{'DCIPHER'}{'CAMELLIA-192-CBC'} = '';
+ $selected{'DCIPHER'}{'CAMELLIA-128-CBC'} = '';
+ $selected{'DCIPHER'}{'AES-256-CBC'} = '';
+ $selected{'DCIPHER'}{'AES-192-CBC'} = '';
+ $selected{'DCIPHER'}{'AES-128-CBC'} = '';
+ $selected{'DCIPHER'}{'DESX-CBC'} = '';
+ $selected{'DCIPHER'}{'SEED-CBC'} = '';
+ $selected{'DCIPHER'}{'DES-EDE3-CBC'} = '';
+ $selected{'DCIPHER'}{'DES-EDE-CBC'} = '';
+ $selected{'DCIPHER'}{'CAST5-CBC'} = '';
+ $selected{'DCIPHER'}{'BF-CBC'} = '';
+ $selected{'DCIPHER'}{'RC2-CBC'} = '';
+ $selected{'DCIPHER'}{'DES-CBC'} = '';
+ $selected{'DCIPHER'}{'RC2-64-CBC'} = '';
+ $selected{'DCIPHER'}{'RC2-40-CBC'} = '';
+ $selected{'DCIPHER'}{$cgiparams{'DCIPHER'}} = 'SELECTED';
if (1) {
&Header::showhttpheaders();
- &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
+ &Header::openpage($Lang::tr{'ovpn'}, 1, '');
&Header::openbigbox('100%', 'LEFT', '', $errormessage);
if ($errormessage) {
&Header::openbox('100%', 'LEFT', $Lang::tr{'error messages'});
&Header::openbox('100%', 'LEFT', "$Lang::tr{'connection'}:");
print "<table width='100%' border='0'>\n";
-
-
-
+
print "<tr><td width='14%' class='boldbase'>$Lang::tr{'name'}: </td>";
if ($cgiparams{'TYPE'} eq 'host') {
if ($cgiparams{'KEY'}) {
print "<td width='35%' class='base'><input type='hidden' name='NAME' value='$cgiparams{'NAME'}' />$cgiparams{'NAME'}</td>";
} else {
-
print "<td width='35%'><input type='text' name='NAME' value='$cgiparams{'NAME'}' maxlength='20' size='30' /></td>";
}
# print "<tr><td>$Lang::tr{'interface'}</td>";
# print "<td><select name='INTERFACE'>";
# print "<option value='RED' $selected{'INTERFACE'}{'RED'}>RED</option>";
-# if ($netsettings{'BLUE_DEV'} ne '') {
-# print "<option value='BLUE' $selected{'INTERFACE'}{'BLUE'}>BLUE</option>";
-# }
-# print "<option value='GREEN' $selected{'INTERFACE'}{'GREEN'}>GREEN</option>";
-# print "<option value='ORANGE' $selected{'INTERFACE'}{'ORANGE'}>ORANGE</option>";
-# print "</select></td></tr>";
-# print <<END
+# if ($netsettings{'BLUE_DEV'} ne '') {
+# print "<option value='BLUE' $selected{'INTERFACE'}{'BLUE'}>BLUE</option>";
+# }
+# print "<option value='GREEN' $selected{'INTERFACE'}{'GREEN'}>GREEN</option>";
+# print "<option value='ORANGE' $selected{'INTERFACE'}{'ORANGE'}>ORANGE</option>";
+# print "</select></td></tr>";
+# print <<END;
} else {
print "<input type='hidden' name='INTERFACE' value='red' />";
if ($cgiparams{'KEY'}) {
} else {
print "<td width='25%'><input type='text' name='NAME' value='$cgiparams{'NAME'}' maxlength='20' /></td>";
}
-
-
-
- print <<END
+
+ print <<END;
<td width='25%'> </td>
<td width='25%'> </td></tr>
+
<tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'Act as'}</td>
<td><select name='SIDE'><option value='server' $selected{'SIDE'}{'server'}>$Lang::tr{'openvpn server'}</option>
<option value='client' $selected{'SIDE'}{'client'}>$Lang::tr{'openvpn client'}</option></select></td>
+
<td class='boldbase'>$Lang::tr{'remote host/ip'}:</td>
<td><input type='TEXT' name='REMOTE' value='$cgiparams{'REMOTE'}' /></td></tr>
+
<tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'local subnet'}</td>
<td><input type='TEXT' name='LOCAL_SUBNET' value='$cgiparams{'LOCAL_SUBNET'}' /></td>
+
<td class='boldbase' nowrap='nowrap'>$Lang::tr{'remote subnet'}</td>
<td><input type='text' name='REMOTE_SUBNET' value='$cgiparams{'REMOTE_SUBNET'}' /></td></tr>
+
<tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'ovpn subnet'}</td>
- <td><input type='TEXT' name='OVPN_SUBNET' value='$cgiparams{'OVPN_SUBNET'}' /></td></tr>
- <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'protocol'}</td>
-
- <td><select name='PROTOCOL'><option value='udp' $selected{'PROTOCOL'}{'udp'}>UDP</option>
- <option value='tcp' $selected{'PROTOCOL'}{'tcp'}>TCP</option></select></td>
-
- <td class='boldbase'>$Lang::tr{'destination port'}:</td>
- <td><input type='TEXT' name='DEST_PORT' value='$cgiparams{'DEST_PORT'}' size='5' /></td></tr>
- <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'comp-lzo'} <img src='/blob.gif'</td>
- <td><input type='checkbox' name='COMPLZO' $checked{'COMPLZO'}{'on'} /></td>
-
- <tr><td class='boldbase' nowrap='nowrap'>mssfix <img src='/blob.gif' /></td>
- <td><input type='checkbox' name='MSSFIX' $checked{'MSSFIX'}{'on'} /></td>
- <td>$Lang::tr{'openvpn default'}: <span class="base">on</span></td>
-
- <tr><td class='boldbase' nowrap='nowrap'>fragment <img src='/blob.gif' /></td>
- <td><input type='TEXT' name='FRAGMENT' VALUE='$cgiparams{'FRAGMENT'}'size='5' /></td>
- <td>$Lang::tr{'openvpn default'}: <span class="base">1300</span></td>
-
- <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'MTU'} <img src='/blob.gif' /></td>
- <td> <input type='TEXT' name='MTU' VALUE='$cgiparams{'MTU'}'size='5' /></td>
- <td colspan='2'>$Lang::tr{'openvpn default'}: udp/tcp <span class="base">1500/1400</span></td>
-
- <tr><td class='boldbase' nowrap='nowrap'>Management Port <img src='/blob.gif' /></td>
- <td> <input type='TEXT' name='OVPN_MGMT' VALUE='$cgiparams{'OVPN_MGMT'}'size='5' /></td>
- <td colspan='2'>$Lang::tr{'openvpn default'}: <span class="base">$Lang::tr{'destination port'}</span></td>
+ <td><input type='TEXT' name='OVPN_SUBNET' value='$cgiparams{'OVPN_SUBNET'}' /></td>
- <tr>
- <td class='boldbase' nowrap='nowrap'>$Lang::tr{'ovpn mtu-disc'}</td>
- <td colspan='3'>
- <input type='radio' name='PMTU_DISCOVERY' value='yes' $checked{'PMTU_DISCOVERY'}{'yes'} /> $Lang::tr{'ovpn mtu-disc yes'}
- <input type='radio' name='PMTU_DISCOVERY' value='maybe' $checked{'PMTU_DISCOVERY'}{'maybe'} /> $Lang::tr{'ovpn mtu-disc maybe'}
- <input type='radio' name='PMTU_DISCOVERY' value='no' $checked{'PMTU_DISCOVERY'}{'no'} /> $Lang::tr{'ovpn mtu-disc no'}
- <input type='radio' name='PMTU_DISCOVERY' value='off' $checked{'PMTU_DISCOVERY'}{'off'} /> $Lang::tr{'ovpn mtu-disc off'}
- </td>
- </tr>
+ <td class='boldbase'>$Lang::tr{'destination port'}:</td>
+ <td><input type='TEXT' name='DEST_PORT' value='$cgiparams{'DEST_PORT'}' size='5' /></td>
+
+ <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'protocol'}</td>
+ <td><select name='PROTOCOL'><option value='udp' $selected{'PROTOCOL'}{'udp'}>UDP</option>
+ <option value='tcp' $selected{'PROTOCOL'}{'tcp'}>TCP</option></select></td>
+
+ <td class='boldbase' nowrap='nowrap'>Management Port ($Lang::tr{'openvpn default'}: <span class="base">$Lang::tr{'destination port'}): <img src='/blob.gif' /></td>
+ <td> <input type='TEXT' name='OVPN_MGMT' VALUE='$cgiparams{'OVPN_MGMT'}'size='5' /></td>
+ </tr>
+
+ <tr><td class='boldbase'>$Lang::tr{'cipher'}</td>
+ <td><select name='DCIPHER'>
+ <option value='CAMELLIA-256-CBC' $selected{'DCIPHER'}{'CAMELLIA-256-CBC'}>CAMELLIA-CBC (256 $Lang::tr{'bit'})</option>
+ <option value='CAMELLIA-192-CBC' $selected{'DCIPHER'}{'CAMELLIA-192-CBC'}>CAMELLIA-CBC (196 $Lang::tr{'bit'})</option>
+ <option value='CAMELLIA-128-CBC' $selected{'DCIPHER'}{'CAMELLIA-128-CBC'}>CAMELLIA-CBC (128 $Lang::tr{'bit'})</option>
+ <option value='AES-256-CBC' $selected{'DCIPHER'}{'AES-256-CBC'}>AES-CBC (256 $Lang::tr{'bit'})</option>
+ <option value='AES-192-CBC' $selected{'DCIPHER'}{'AES-192-CBC'}>AES-CBC (192 $Lang::tr{'bit'})</option>
+ <option value='AES-128-CBC' $selected{'DCIPHER'}{'AES-128-CBC'}>AES-CBC (128 $Lang::tr{'bit'})</option>
+ <option value='DES-EDE3-CBC' $selected{'DCIPHER'}{'DES-EDE3-CBC'}>DES-EDE3-CBC (192 $Lang::tr{'bit'})</option>
+ <option value='DESX-CBC' $selected{'DCIPHER'}{'DESX-CBC'}>DESX-CBC (192 $Lang::tr{'bit'})</option>
+ <option value='SEED-CBC' $selected{'DCIPHER'}{'SEED-CBC'}>SEED-CBC (128 $Lang::tr{'bit'})</option>
+ <option value='DES-EDE-CBC' $selected{'DCIPHER'}{'DES-EDE-CBC'}>DES-EDE-CBC (128 $Lang::tr{'bit'})</option>
+ <option value='BF-CBC' $selected{'DCIPHER'}{'BF-CBC'}>BF-CBC (128 $Lang::tr{'bit'})</option>
+ <option value='CAST5-CBC' $selected{'DCIPHER'}{'CAST5-CBC'}>CAST5-CBC (128 $Lang::tr{'bit'})</option>
+ <option value='RC2-CBC' $selected{'DCIPHER'}{'RC2-CBC'}>RC2-CBC (128 $Lang::tr{'bit'})</option>
+ <option value='DES-CBC' $selected{'DCIPHER'}{'DES-CBC'}>DES-CBC (64 $Lang::tr{'bit'} not recommended)</option>
+ <option value='RC2-64-CBC' $selected{'DCIPHER'}{'RC2-64-CBC'}>RC2-CBC (64 $Lang::tr{'bit'} not recommended)</option>
+ <option value='RC2-40-CBC' $selected{'DCIPHER'}{'RC2-40-CBC'}>RC2-CBC (40 $Lang::tr{'bit'} not recommended)</option>
+ </select>
+ </td>
+
+ <td class='boldbase'>$Lang::tr{'ovpn ha'}:</td>
+ <td><select name='DAUTH'>
+ <option value='whirlpool' $selected{'DAUTH'}{'whirlpool'}>Whirlpool (512 $Lang::tr{'bit'})</option>
+ <option value='SHA512' $selected{'DAUTH'}{'SHA512'}>SHA2 (512 $Lang::tr{'bit'})</option>
+ <option value='SHA384' $selected{'DAUTH'}{'SHA384'}>SHA2 (384 $Lang::tr{'bit'})</option>
+ <option value='SHA256' $selected{'DAUTH'}{'SHA256'}>SHA2 (256 $Lang::tr{'bit'})</option>
+ <option value='ecdsa-with-SHA1' $selected{'DAUTH'}{'ecdsa-with-SHA1'}>ECDSA-SHA1 (160 $Lang::tr{'bit'})</option>
+ <option value='SHA1' $selected{'DAUTH'}{'SHA1'}>SHA1 (160 $Lang::tr{'bit'} Default)</option>
+ </select>
+ </td>
+ </tr>
+
+ <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'MTU'} <img src='/blob.gif' /></td>
+ <td> <input type='TEXT' name='MTU' VALUE='$cgiparams{'MTU'}'size='5' /></td>
+ <td colspan='2'>$Lang::tr{'openvpn default'}: udp/tcp <span class="base">1500/1400</span></td>
+
+ <tr><td class='boldbase' nowrap='nowrap'>fragment: <img src='/blob.gif' /></td>
+ <td><input type='TEXT' name='FRAGMENT' VALUE='$cgiparams{'FRAGMENT'}'size='5' /></td>
+ <td>$Lang::tr{'openvpn default'}: <span class="base">1300</span></td>
+
+ <tr><td class='boldbase' nowrap='nowrap'>mssfix: <img src='/blob.gif' /></td>
+ <td><input type='checkbox' name='MSSFIX' $checked{'MSSFIX'}{'on'} /></td>
+ <td>$Lang::tr{'openvpn default'}: <span class="base">on</span></td>
+
+ <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'comp-lzo'} <img src='/blob.gif'</td>
+ <td><input type='checkbox' name='COMPLZO' $checked{'COMPLZO'}{'on'} /></td>
+ </tr>
+
+ <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'ovpn mtu-disc'}:</td>
+ <td colspan='3'>
+ <input type='radio' name='PMTU_DISCOVERY' value='yes' $checked{'PMTU_DISCOVERY'}{'yes'} /> $Lang::tr{'ovpn mtu-disc yes'}
+ <input type='radio' name='PMTU_DISCOVERY' value='maybe' $checked{'PMTU_DISCOVERY'}{'maybe'} /> $Lang::tr{'ovpn mtu-disc maybe'}
+ <input type='radio' name='PMTU_DISCOVERY' value='no' $checked{'PMTU_DISCOVERY'}{'no'} /> $Lang::tr{'ovpn mtu-disc no'}
+ <input type='radio' name='PMTU_DISCOVERY' value='off' $checked{'PMTU_DISCOVERY'}{'off'} /> $Lang::tr{'ovpn mtu-disc off'}
+ </td>
+ </tr>
END
;
if ($cgiparams{'TYPE'} eq 'host') {
-print <<END
+ print <<END;
<table width='100%' cellpadding='0' cellspacing='5' border='0'>
<tr><td><input type='radio' name='AUTH' value='certreq' $checked{'AUTH'}{'certreq'} $cakeydisabled /></td><td class='base'>$Lang::tr{'upload a certificate request'}</td><td class='base' rowspan='2'><input type='file' name='FH' size='30' $cacrtdisabled></td></tr>
} else {
-print <<END
+ print <<END;
<table width='100%' cellpadding='0' cellspacing='5' border='0'>
<tr><td><input type='radio' name='AUTH' value='certgen' $checked{'AUTH'}{'certgen'} $cakeydisabled /></td><td class='base'>$Lang::tr{'generate a certificate'}</td><td> </td></tr>
###
if ($cgiparams{'TYPE'} eq 'host') {
- print <<END
+ print <<END;
</select></td></tr>
<td> </td><td class='base'>$Lang::tr{'valid till'} (days):</td>
<tr><td> </td>
<td class='base'>$Lang::tr{'pkcs12 file password'}:</td>
<td class='base' nowrap='nowrap'><input type='password' name='CERT_PASS1' value='$cgiparams{'CERT_PASS1'}' size='32' $cakeydisabled /></td></tr>
- <tr><td> </td><td class='base'>$Lang::tr{'pkcs12 file password'}:<br>($Lang::tr{'confirmation'})</td>
+ <tr><td> </td><td class='base'>$Lang::tr{'pkcs12 file password'}:<BR>($Lang::tr{'confirmation'})</td>
<td class='base' nowrap='nowrap'><input type='password' name='CERT_PASS2' value='$cgiparams{'CERT_PASS2'}' size='32' $cakeydisabled /></td></tr>
<tr><td colspan='3'> </td></tr>
<tr><td colspan='3'><hr /></td></tr>
</table>
END
}else{
- print <<END
+ print <<END;
</select></td></tr>
<tr><td> </td><td> </td><td> </td></tr>
<tr><td> </td><td> </td><td> </td></tr>
#default setzen
if ($cgiparams{'DCIPHER'} eq '') {
- $cgiparams{'DCIPHER'} = 'AES-256-CBC';
+ $cgiparams{'DCIPHER'} = 'AES-256-CBC';
}
if ($cgiparams{'DDEST_PORT'} eq '') {
- $cgiparams{'DDEST_PORT'} = '1194';
+ $cgiparams{'DDEST_PORT'} = '1194';
}
if ($cgiparams{'DMTU'} eq '') {
- $cgiparams{'DMTU'} = '1400';
+ $cgiparams{'DMTU'} = '1400';
+ }
+ if ($cgiparams{'MSSFIX'} eq '') {
+ $cgiparams{'MSSFIX'} = 'off';
+ }
+ if ($cgiparams{'DAUTH'} eq '') {
+ $cgiparams{'DAUTH'} = 'SHA1';
}
if ($cgiparams{'DOVPN_SUBNET'} eq '') {
- $cgiparams{'DOVPN_SUBNET'} = '10.' . int(rand(256)) . '.' . int(rand(256)) . '.0/255.255.255.0';
+ $cgiparams{'DOVPN_SUBNET'} = '10.' . int(rand(256)) . '.' . int(rand(256)) . '.0/255.255.255.0';
}
- $checked{'ENABLED'}{'off'} = '';
+ $checked{'ENABLED'}{'off'} = '';
$checked{'ENABLED'}{'on'} = '';
$checked{'ENABLED'}{$cgiparams{'ENABLED'}} = 'CHECKED';
$checked{'ENABLED_BLUE'}{'off'} = '';
$selected{'DPROTOCOL'}{'udp'} = '';
$selected{'DPROTOCOL'}{'tcp'} = '';
$selected{'DPROTOCOL'}{$cgiparams{'DPROTOCOL'}} = 'SELECTED';
-
- $selected{'DCIPHER'}{'DES-CBC'} = '';
- $selected{'DCIPHER'}{'DES-EDE-CBC'} = '';
+
+ $selected{'DCIPHER'}{'CAMELLIA-256-CBC'} = '';
+ $selected{'DCIPHER'}{'CAMELLIA-192-CBC'} = '';
+ $selected{'DCIPHER'}{'CAMELLIA-128-CBC'} = '';
+ $selected{'DCIPHER'}{'AES-256-CBC'} = '';
+ $selected{'DCIPHER'}{'AES-192-CBC'} = '';
+ $selected{'DCIPHER'}{'AES-128-CBC'} = '';
$selected{'DCIPHER'}{'DES-EDE3-CBC'} = '';
$selected{'DCIPHER'}{'DESX-CBC'} = '';
+ $selected{'DCIPHER'}{'SEED-CBC'} = '';
+ $selected{'DCIPHER'}{'DES-EDE-CBC'} = '';
+ $selected{'DCIPHER'}{'CAST5-CBC'} = '';
+ $selected{'DCIPHER'}{'BF-CBC'} = '';
$selected{'DCIPHER'}{'RC2-CBC'} = '';
- $selected{'DCIPHER'}{'RC2-40-CBC'} = '';
+ $selected{'DCIPHER'}{'DES-CBC'} = '';
$selected{'DCIPHER'}{'RC2-64-CBC'} = '';
- $selected{'DCIPHER'}{'BF-CBC'} = '';
- $selected{'DCIPHER'}{'CAST5-CBC'} = '';
- $selected{'DCIPHER'}{'AES-128-CBC'} = '';
- $selected{'DCIPHER'}{'AES-192-CBC'} = '';
- $selected{'DCIPHER'}{'AES-256-CBC'} = '';
- $selected{'DCIPHER'}{'CAMELLIA-128-CBC'} = '';
- $selected{'DCIPHER'}{'CAMELLIA-192-CBC'} = '';
- $selected{'DCIPHER'}{'CAMELLIA-256-CBC'} = '';
+ $selected{'DCIPHER'}{'RC2-40-CBC'} = '';
$selected{'DCIPHER'}{$cgiparams{'DCIPHER'}} = 'SELECTED';
+
+ $selected{'DAUTH'}{'whirlpool'} = '';
+ $selected{'DAUTH'}{'SHA512'} = '';
+ $selected{'DAUTH'}{'SHA384'} = '';
+ $selected{'DAUTH'}{'SHA256'} = '';
+ $selected{'DAUTH'}{'ecdsa-with-SHA1'} = '';
+ $selected{'DAUTH'}{'SHA1'} = '';
+ $selected{'DAUTH'}{$cgiparams{'DAUTH'}} = 'SELECTED';
+
$checked{'DCOMPLZO'}{'off'} = '';
$checked{'DCOMPLZO'}{'on'} = '';
$checked{'DCOMPLZO'}{$cgiparams{'DCOMPLZO'}} = 'CHECKED';
+
# m.a.d
$checked{'MSSFIX'}{'off'} = '';
$checked{'MSSFIX'}{'on'} = '';
&Header::closebox();
}
+ if ($warnmessage) {
+ &Header::openbox('100%', 'LEFT', $Lang::tr{'warning messages'});
+ print "$warnmessage<br>";
+ print "$Lang::tr{'fwdfw warn1'}<br>";
+ &Header::closebox();
+ print"<center><form method='post'><input type='submit' name='ACTION' value='$Lang::tr{'ok'}' style='width: 5em;'></form>";
+ &Header::closepage();
+ exit 0;
+ }
+
my $sactive = "<table cellpadding='2' cellspacing='0' bgcolor='${Header::colourred}' width='50%'><tr><td align='center'><b><font color='#FFFFFF'>$Lang::tr{'stopped'}</font></b></td></tr></table>";
my $srunning = "no";
my $activeonrun = "";
$activeonrun = "disabled='disabled'";
}
&Header::openbox('100%', 'LEFT', $Lang::tr{'global settings'});
- print <<END
- <table width='100%' border='0'>
+ print <<END;
+ <table width='100%' border=0>
<form method='post'>
<td width='25%'> </td>
<td width='25%'> </td>
print "<tr><td class='boldbase'>$Lang::tr{'ovpn on orange'}</td>";
print "<td><input type='checkbox' name='ENABLED_ORANGE' $checked{'ENABLED_ORANGE'}{'on'} /></td>";
}
- print <<END
+ print <<END;
<tr><td class='base' nowrap='nowrap' colspan='2'>$Lang::tr{'local vpn hostname/ip'}:<br /><input type='text' name='VPN_IP' value='$cgiparams{'VPN_IP'}' size='30' /></td>
<td class='boldbase' nowrap='nowrap' colspan='2'>$Lang::tr{'ovpn subnet'}<br /><input type='TEXT' name='DOVPN_SUBNET' value='$cgiparams{'DOVPN_SUBNET'}' size='30' /></td></tr>
<tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'ovpn device'}</td>
<td><input type='TEXT' name='DDEST_PORT' value='$cgiparams{'DDEST_PORT'}' size='5' /></td></tr>
<tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'MTU'} </td>
<td> <input type='TEXT' name='DMTU' VALUE='$cgiparams{'DMTU'}'size='5' /></td>
+ <td class='boldbase' nowrap='nowrap'>$Lang::tr{'cipher'}</td>
+ <td><select name='DCIPHER'>
+ <option value='CAMELLIA-256-CBC' $selected{'DCIPHER'}{'CAMELLIA-256-CBC'}>CAMELLIA-CBC (256 $Lang::tr{'bit'})</option>
+ <option value='CAMELLIA-192-CBC' $selected{'DCIPHER'}{'CAMELLIA-192-CBC'}>CAMELLIA-CBC (196 $Lang::tr{'bit'})</option>
+ <option value='CAMELLIA-128-CBC' $selected{'DCIPHER'}{'CAMELLIA-128-CBC'}>CAMELLIA-CBC (128 $Lang::tr{'bit'})</option>
+ <option value='AES-256-CBC' $selected{'DCIPHER'}{'AES-256-CBC'}>AES-CBC (256 $Lang::tr{'bit'})</option>
+ <option value='AES-192-CBC' $selected{'DCIPHER'}{'AES-192-CBC'}>AES-CBC (192 $Lang::tr{'bit'})</option>
+ <option value='AES-128-CBC' $selected{'DCIPHER'}{'AES-128-CBC'}>AES-CBC (128 $Lang::tr{'bit'})</option>
+ <option value='DES-EDE3-CBC' $selected{'DCIPHER'}{'DES-EDE3-CBC'}>DES-EDE3-CBC (192 $Lang::tr{'bit'})</option>
+ <option value='DESX-CBC' $selected{'DCIPHER'}{'DESX-CBC'}>DESX-CBC (192 $Lang::tr{'bit'})</option>
+ <option value='SEED-CBC' $selected{'DCIPHER'}{'SEED-CBC'}>SEED-CBC (128 $Lang::tr{'bit'})</option>
+ <option value='DES-EDE-CBC' $selected{'DCIPHER'}{'DES-EDE-CBC'}>DES-EDE-CBC (128 $Lang::tr{'bit'})</option>
+ <option value='BF-CBC' $selected{'DCIPHER'}{'BF-CBC'}>BF-CBC (128 $Lang::tr{'bit'})</option>
+ <option value='CAST5-CBC' $selected{'DCIPHER'}{'CAST5-CBC'}>CAST5-CBC (128 $Lang::tr{'bit'})</option>
+ <option value='RC2-CBC' $selected{'DCIPHER'}{'RC2-CBC'}>RC2-CBC (128 $Lang::tr{'bit'})</option>
+ <option value='DES-CBC' $selected{'DCIPHER'}{'DES-CBC'}>DES-CBC (64 $Lang::tr{'bit'} not recommended)</option>
+ <option value='RC2-64-CBC' $selected{'DCIPHER'}{'RC2-64-CBC'}>RC2-CBC (64 $Lang::tr{'bit'} not recommended)</option>
+ <option value='RC2-40-CBC' $selected{'DCIPHER'}{'RC2-40-CBC'}>RC2-CBC (40 $Lang::tr{'bit'} not recommended)</option>
+ </select>
+ </td>
<tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'comp-lzo'}</td>
<td><input type='checkbox' name='DCOMPLZO' $checked{'DCOMPLZO'}{'on'} /></td>
- <td class='boldbase' nowrap='nowrap'>$Lang::tr{'cipher'}</td>
- <td><select name='DCIPHER'>
- <option value='CAMELLIA-256-CBC' $selected{'DCIPHER'}{'CAMELLIA-256-CBC'}>CAMELLIA-256-CBC</option>
- <option value='CAMELLIA-192-CBC' $selected{'DCIPHER'}{'CAMELLIA-192-CBC'}>CAMELLIA-192-CBC</option>
- <option value='CAMELLIA-128-CBC' $selected{'DCIPHER'}{'CAMELLIA-128-CBC'}>CAMELLIA-128-CBC</option>
- <option value='AES-256-CBC' $selected{'DCIPHER'}{'AES-256-CBC'}>AES-256-CBC</option>
- <option value='AES-192-CBC' $selected{'DCIPHER'}{'AES-192-CBC'}>AES-192-CBC</option>
- <option value='AES-128-CBC' $selected{'DCIPHER'}{'AES-128-CBC'}>AES-128-CBC</option>
- <option value='CAST5-CBC' $selected{'DCIPHER'}{'CAST5-CBC'}>CAST5-CBC</option>
- <option value='RC2-64-CBC' $selected{'DCIPHER'}{'RC2-64-CBC'}>RC2-64-CBC</option>
- <option value='RC2-40-CBC' $selected{'DCIPHER'}{'RC2-40-CBC'}>RC2-40-CBC</option>
- <option value='RC2-CBC' $selected{'DCIPHER'}{'RC2-CBC'}>RC2-CBC</option>
- <option value='BF-CBC' $selected{'DCIPHER'}{'BF-CBC'}>BF-CBC</option>
- <option value='DES-CBC' $selected{'DCIPHER'}{'DES-CBC'}>DES-CBC</option>
- <option value='DES-EDE-CBC' $selected{'DCIPHER'}{'DES-EDE-CBC'}>DES-EDE-CBC</option>
- <option value='DES-EDE3-CBC' $selected{'DCIPHER'}{'DES-EDE3-CBC'}>DES-EDE3-CBC</option>
- <option value='DESX-CBC' $selected{'DCIPHER'}{'DESX-CBC'}>DESX-CBC</option>
- </select></td></tr>
+ </tr>
<tr><td colspan='4'><br><br></td></tr>
END
;
}
print "</form></table>";
&Header::closebox();
- &Header::openbox('100%', 'LEFT', "$Lang::tr{'certificate authorities'}");
- print <<EOF#'
- <table width='100%' cellspacing='1' cellpadding='0' class='tbl'>
- <tr>
- <th width='25%' class='boldbase' align='center'><b>$Lang::tr{'name'}</b></th>
- <th width='65%' class='boldbase' align='center'><b>$Lang::tr{'subject'}</b></th>
- <th width='10%' class='boldbase' colspan='3' align='center'><b>$Lang::tr{'action'}</b></th>
- </tr>
-EOF
- ;
- my $col1="bgcolor='$color{'color22'}'";
- my $col2="bgcolor='$color{'color20'}'";
- if (-f "${General::swroot}/ovpn/ca/cacert.pem") {
- my $casubject = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/ca/cacert.pem`;
- $casubject =~ /Subject: (.*)[\n]/;
- $casubject = $1;
- $casubject =~ s+/Email+, E+;
- $casubject =~ s/ ST=/ S=/;
- print <<END
- <tr>
- <td class='base' $col1>$Lang::tr{'root certificate'}</td>
- <td class='base' $col1>$casubject</td>
- <form method='post' name='frmrootcrta'><td width='3%' align='center' $col1>
- <input type='hidden' name='ACTION' value='$Lang::tr{'show root certificate'}' />
- <input type='image' name='$Lang::tr{'edit'}' src='/images/info.gif' alt='$Lang::tr{'show root certificate'}' title='$Lang::tr{'show root certificate'}' width='20' height='20' border='0' />
- </td></form>
- <form method='post' name='frmrootcrtb'><td width='3%' align='center' $col1>
- <input type='image' name='$Lang::tr{'download root certificate'}' src='/images/media-floppy.png' alt='$Lang::tr{'download root certificate'}' title='$Lang::tr{'download root certificate'}' border='0' />
- <input type='hidden' name='ACTION' value='$Lang::tr{'download root certificate'}' />
- </td></form>
- <td width='4%' $col1> </td></tr>
-END
- ;
- } else {
- # display rootcert generation buttons
- print <<END
- <tr>
- <td class='base' $col1>$Lang::tr{'root certificate'}:</td>
- <td class='base' $col1>$Lang::tr{'not present'}</td>
- <td colspan='3' $col1> </td></tr>
-END
- ;
- }
- if (-f "${General::swroot}/ovpn/certs/servercert.pem") {
- my $hostsubject = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/certs/servercert.pem`;
- $hostsubject =~ /Subject: (.*)[\n]/;
- $hostsubject = $1;
- $hostsubject =~ s+/Email+, E+;
- $hostsubject =~ s/ ST=/ S=/;
-
- print <<END
- <tr>
- <td class='base' $col2>$Lang::tr{'host certificate'}</td>
- <td class='base' $col2>$hostsubject</td>
- <form method='post' name='frmhostcrta'><td width='3%' align='center' $col2>
- <input type='hidden' name='ACTION' value='$Lang::tr{'show host certificate'}' />
- <input type='image' name='$Lang::tr{'show host certificate'}' src='/images/info.gif' alt='$Lang::tr{'show host certificate'}' title='$Lang::tr{'show host certificate'}' width='20' height='20' border='0' />
- </td></form>
- <form method='post' name='frmhostcrtb'><td width='3%' align='center' $col2>
- <input type='image' name="$Lang::tr{'download host certificate'}" src='/images/media-floppy.png' alt="$Lang::tr{'download host certificate'}" title="$Lang::tr{'download host certificate'}" border='0' />
- <input type='hidden' name='ACTION' value="$Lang::tr{'download host certificate'}" />
- </td></form>
- <td width='4%' $col2> </td></tr>
-END
- ;
- } else {
- # Nothing
- print <<END
- <tr>
- <td width='25%' class='base' $col2>$Lang::tr{'host certificate'}:</td>
- <td class='base' $col2>$Lang::tr{'not present'}</td>
- </td><td colspan='3' $col2> </td></tr>
-END
- ;
- }
-
- if (! -f "${General::swroot}/ovpn/ca/cacert.pem") {
- print "<tr><td colspan='5' align='center'><form method='post'>";
- print "<input type='submit' name='ACTION' value='$Lang::tr{'generate root/host certificates'}' />";
- print "</form></td></tr>\n";
- }
-
- if (keys %cahash > 0) {
- foreach my $key (keys %cahash) {
- if (($key + 1) % 2) {
- print "<tr bgcolor='$color{'color20'}'>\n";
- } else {
- print "<tr bgcolor='$color{'color22'}'>\n";
- }
- print "<td class='base'>$cahash{$key}[0]</td>\n";
- print "<td class='base'>$cahash{$key}[1]</td>\n";
- print <<END
- <form method='post' name='cafrm${key}a'><td align='center'>
- <input type='image' name='$Lang::tr{'show ca certificate'}' src='/images/info.gif' alt='$Lang::tr{'show ca certificate'}' title='$Lang::tr{'show ca certificate'}' border='0' />
- <input type='hidden' name='ACTION' value='$Lang::tr{'show ca certificate'}' />
- <input type='hidden' name='KEY' value='$key' />
- </td></form>
- <form method='post' name='cafrm${key}b'><td align='center'>
- <input type='image' name='$Lang::tr{'download ca certificate'}' src='/images/media-floppy.png' alt='$Lang::tr{'download ca certificate'}' title='$Lang::tr{'download ca certificate'}' border='0' />
- <input type='hidden' name='ACTION' value='$Lang::tr{'download ca certificate'}' />
- <input type='hidden' name='KEY' value='$key' />
- </td></form>
- <form method='post' name='cafrm${key}c'><td align='center'>
- <input type='hidden' name='ACTION' value='$Lang::tr{'remove ca certificate'}' />
- <input type='image' name='$Lang::tr{'remove ca certificate'}' src='/images/delete.gif' alt='$Lang::tr{'remove ca certificate'}' title='$Lang::tr{'remove ca certificate'}' width='20' height='20' border='0' />
- <input type='hidden' name='KEY' value='$key' />
- </td></form></tr>
-END
- ;
- }
- }
-
- print "</table>";
-
- # If the file contains entries, print Key to action icons
- if ( -f "${General::swroot}/ovpn/ca/cacert.pem") {
- print <<END
- <table>
- <tr>
- <td class='boldbase'> <b>$Lang::tr{'legend'}:</b></td>
- <td> <img src='/images/info.gif' alt='$Lang::tr{'show certificate'}' /></td>
- <td class='base'>$Lang::tr{'show certificate'}</td>
- <td> <img src='/images/media-floppy.png' alt='$Lang::tr{'download certificate'}' /></td>
- <td class='base'>$Lang::tr{'download certificate'}</td>
- </tr>
- </table>
-END
-;
- }
-
-print <<END
-<form method='post' enctype='multipart/form-data'>
-<table width='100%' border='0'>
-<tr><td class='base' nowrap='nowrap'>$Lang::tr{'ca name'}:</td><td nowrap='nowrap' width='8%'><input type='text' name='CA_NAME' value='$cgiparams{'CA_NAME'}' size='15' align='left'/></td><td nowrap='nowrap' align='right'><input type='file' name='FH' size='25' /><input type='submit' name='ACTION' value='$Lang::tr{'upload ca certificate'}' /></td></tr>
-<tr><td colspan='4'><br></td></tr>
-<tr align='right'><td colspan='4' align='right' width='80%'><input type='submit' name='ACTION' value='$Lang::tr{'show crl'}' /></td></tr>
-</table>
-END
-;
-
-
- &Header::closebox();
- if ( $srunning eq "yes" ) {
- print "<div align='center'><form method='post'><input type='submit' name='ACTION' value='$Lang::tr{'reset'}' disabled='disabled' /></div></form>\n";
- }else{
- print "<div align='center'><form method='post'><input type='submit' name='ACTION' value='$Lang::tr{'reset'}' /></div></form>\n";
- }
if ( -f "${General::swroot}/ovpn/ca/cacert.pem" ) {
-
###
# m.a.d net2net
#<td width='25%' class='boldbase' align='center'><b>$Lang::tr{'remark'}</b><br /><img src='/images/null.gif' width='125' height='1' border='0' alt='L2089' /></td>
###
- &Header::openbox('100%', 'LEFT', $Lang::tr{'Client status and controlc' });
- print <<END
+ &Header::openbox('100%', 'LEFT', $Lang::tr{'connection status and controlc' });
+ print <<END;
<table width='100%' cellspacing='1' cellpadding='0' class='tbl'>
#EXITING -- A graceful exit is in progress.
####
- if (($tustate[1] eq 'CONNECTED') || ($tustate[1] eq 'WAIT')) {
+ if ($tustate[1] eq 'CONNECTED') {
$col1="bgcolor='${Header::colourgreen}'";
$active = "<b><font color='#FFFFFF'>$Lang::tr{'capsopen'}</font></b>";
}else {
}
- print <<END
+ print <<END;
<td align='center' $col1>$active</td>
<form method='post' name='frm${key}a'><td align='center' $col>
END
;
if ($confighash{$key}[4] eq 'cert') {
- print <<END
+ print <<END;
<form method='post' name='frm${key}b'><td align='center' $col>
<input type='image' name='$Lang::tr{'show certificate'}' src='/images/info.gif' alt='$Lang::tr{'show certificate'}' title='$Lang::tr{'show certificate'}' border='0' />
<input type='hidden' name='ACTION' value='$Lang::tr{'show certificate'}' />
print "<td> </td>";
}
if ($confighash{$key}[4] eq 'cert' && -f "${General::swroot}/ovpn/certs/$confighash{$key}[1].p12") {
- print <<END
+ print <<END;
<form method='post' name='frm${key}c'><td align='center' $col>
<input type='image' name='$Lang::tr{'download pkcs12 file'}' src='/images/media-floppy.png' alt='$Lang::tr{'download pkcs12 file'}' title='$Lang::tr{'download pkcs12 file'}' border='0' />
<input type='hidden' name='ACTION' value='$Lang::tr{'download pkcs12 file'}' />
</td></form>
END
; } elsif ($confighash{$key}[4] eq 'cert') {
- print <<END
+ print <<END;
<form method='post' name='frm${key}c'><td align='center' $col>
<input type='image' name='$Lang::tr{'download certificate'}' src='/images/media-floppy.png' alt='$Lang::tr{'download certificate'}' title='$Lang::tr{'download certificate'}' border='0' />
<input type='hidden' name='ACTION' value='$Lang::tr{'download certificate'}' />
# If the config file contains entries, print Key to action icons
if ( $id ) {
- print <<END
+ print <<END;
<table border='0'>
<tr>
- <td class='boldbase'> <b>$Lang::tr{'legend'}:</b></td>
- <td> <img src='/images/on.gif' alt='$Lang::tr{'click to disable'}' /></td>
- <td class='base'>$Lang::tr{'click to disable'}</td>
- <td> <img src='/images/info.gif' alt='$Lang::tr{'show certificate'}' /></td>
- <td class='base'>$Lang::tr{'show certificate'}</td>
- <td> <img src='/images/edit.gif' alt='$Lang::tr{'edit'}' /></td>
- <td class='base'>$Lang::tr{'edit'}</td>
- <td> <img src='/images/delete.gif' alt='$Lang::tr{'remove'}' /></td>
- <td class='base'>$Lang::tr{'remove'}</td>
+ <td class='boldbase'> <b>$Lang::tr{'legend'}:</b></td>
+
<td> <img src='/images/on.gif' alt='$Lang::tr{'click to disable'}' /></td>
+ <td class='base'>$Lang::tr{'click to disable'}</td>
+
<td> <img src='/images/info.gif' alt='$Lang::tr{'show certificate'}' /></td>
+ <td class='base'>$Lang::tr{'show certificate'}</td>
+
<td> <img src='/images/edit.gif' alt='$Lang::tr{'edit'}' /></td>
+ <td class='base'>$Lang::tr{'edit'}</td>
+
<td> <img src='/images/delete.gif' alt='$Lang::tr{'remove'}' /></td>
+ <td class='base'>$Lang::tr{'remove'}</td>
</tr>
<tr>
- <td> </td>
- <td> <img src='/images/off.gif' alt='?OFF' /></td>
- <td class='base'>$Lang::tr{'click to enable'}</td>
-
<td> <img src='/images/media-floppy.png' alt='?FLOPPY' /></td>
- <td class='base'>$Lang::tr{'download certificate'}</td>
-
<td> <img src='/images/openvpn.png' alt='?RELOAD'/></td>
- <td class='base'>$Lang::tr{'dl client arch'}</td>
- </tr>
+ <td> </td>
+
<td> <img src='/images/off.gif' alt='?OFF' /></td>
+ <td class='base'>$Lang::tr{'click to enable'}</td>
+
<td> <img src='/images/media-floppy.png' alt='?FLOPPY' /></td>
+ <td class='base'>$Lang::tr{'download certificate'}</td>
+
<td> <img src='/images/openvpn.png' alt='?RELOAD'/></td>
+ <td class='base'>$Lang::tr{'dl client arch'}</td>
+ </tr>
</table><br>
END
;
}
- print <<END
+ print <<END;
<table width='100%'>
<form method='post'>
- <tr><td align='right'><input type='submit' name='ACTION' value='$Lang::tr{'add'}' />
- <input type='submit' name='ACTION' value='$Lang::tr{'ovpn con stat'}' $activeonrun /></td></tr>
+ <tr><td align='right'>
+ <input type='submit' name='ACTION' value='$Lang::tr{'add'}' />
+ <input type='submit' name='ACTION' value='$Lang::tr{'ovpn con stat'}' $activeonrun /></td>
+ </tr>
</form>
</table>
END
- ;
- &Header::closebox();
-}
-&Header::closepage();
+ ;
+ &Header::closebox();
+ }
+ &Header::openbox('100%', 'LEFT', "$Lang::tr{'certificate authorities'}");
+ print <<END;
+ <table width='100%' cellspacing='1' cellpadding='0' class='tbl'>
+ <tr>
+ <th width='25%' class='boldbase' align='center'><b>$Lang::tr{'name'}</b></th>
+ <th width='65%' class='boldbase' align='center'><b>$Lang::tr{'subject'}</b></th>
+ <th width='10%' class='boldbase' colspan='3' align='center'><b>$Lang::tr{'action'}</b></th>
+ </tr>
+END
+ ;
+ my $col1="bgcolor='$color{'color22'}'";
+ my $col2="bgcolor='$color{'color20'}'";
+ if (-f "${General::swroot}/ovpn/ca/cacert.pem") {
+ my $casubject = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/ca/cacert.pem`;
+ $casubject =~ /Subject: (.*)[\n]/;
+ $casubject = $1;
+ $casubject =~ s+/Email+, E+;
+ $casubject =~ s/ ST=/ S=/;
+ print <<END;
+ <tr>
+ <td class='base' $col1>$Lang::tr{'root certificate'}</td>
+ <td class='base' $col1>$casubject</td>
+ <form method='post' name='frmrootcrta'><td width='3%' align='center' $col1>
+ <input type='hidden' name='ACTION' value='$Lang::tr{'show root certificate'}' />
+ <input type='image' name='$Lang::tr{'edit'}' src='/images/info.gif' alt='$Lang::tr{'show root certificate'}' title='$Lang::tr{'show root certificate'}' width='20' height='20' border='0' />
+ </td></form>
+ <form method='post' name='frmrootcrtb'><td width='3%' align='center' $col1>
+ <input type='image' name='$Lang::tr{'download root certificate'}' src='/images/media-floppy.png' alt='$Lang::tr{'download root certificate'}' title='$Lang::tr{'download root certificate'}' border='0' />
+ <input type='hidden' name='ACTION' value='$Lang::tr{'download root certificate'}' />
+ </td></form>
+ <td width='4%' $col1> </td></tr>
+END
+ ;
+ } else {
+ # display rootcert generation buttons
+ print <<END;
+ <tr>
+ <td class='base' $col1>$Lang::tr{'root certificate'}:</td>
+ <td class='base' $col1>$Lang::tr{'not present'}</td>
+ <td colspan='3' $col1> </td></tr>
+END
+ ;
+ }
+
+ if (-f "${General::swroot}/ovpn/certs/servercert.pem") {
+ my $hostsubject = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/certs/servercert.pem`;
+ $hostsubject =~ /Subject: (.*)[\n]/;
+ $hostsubject = $1;
+ $hostsubject =~ s+/Email+, E+;
+ $hostsubject =~ s/ ST=/ S=/;
+
+ print <<END;
+ <tr>
+ <td class='base' $col2>$Lang::tr{'host certificate'}</td>
+ <td class='base' $col2>$hostsubject</td>
+ <form method='post' name='frmhostcrta'><td width='3%' align='center' $col2>
+ <input type='hidden' name='ACTION' value='$Lang::tr{'show host certificate'}' />
+ <input type='image' name='$Lang::tr{'show host certificate'}' src='/images/info.gif' alt='$Lang::tr{'show host certificate'}' title='$Lang::tr{'show host certificate'}' width='20' height='20' border='0' />
+ </td></form>
+ <form method='post' name='frmhostcrtb'><td width='3%' align='center' $col2>
+ <input type='image' name="$Lang::tr{'download host certificate'}" src='/images/media-floppy.png' alt="$Lang::tr{'download host certificate'}" title="$Lang::tr{'download host certificate'}" border='0' />
+ <input type='hidden' name='ACTION' value="$Lang::tr{'download host certificate'}" />
+ </td></form>
+ <td width='4%' $col2> </td></tr>
+END
+ ;
+ } else {
+ # Nothing
+ print <<END;
+ <tr>
+ <td width='25%' class='base' $col2>$Lang::tr{'host certificate'}:</td>
+ <td class='base' $col2>$Lang::tr{'not present'}</td>
+ </td><td colspan='3' $col2> </td></tr>
+END
+ ;
+ }
+ if (! -f "${General::swroot}/ovpn/ca/cacert.pem") {
+ print "<tr><td colspan='5' align='center'><form method='post'>";
+ print "<input type='submit' name='ACTION' value='$Lang::tr{'generate root/host certificates'}' />";
+ print "</form></td></tr>\n";
+ }
+
+ if (keys %cahash > 0) {
+ foreach my $key (keys %cahash) {
+ if (($key + 1) % 2) {
+ print "<tr bgcolor='$color{'color20'}'>\n";
+ } else {
+ print "<tr bgcolor='$color{'color22'}'>\n";
+ }
+ print "<td class='base'>$cahash{$key}[0]</td>\n";
+ print "<td class='base'>$cahash{$key}[1]</td>\n";
+ print <<END;
+ <form method='post' name='cafrm${key}a'><td align='center'>
+ <input type='image' name='$Lang::tr{'show ca certificate'}' src='/images/info.gif' alt='$Lang::tr{'show ca certificate'}' title='$Lang::tr{'show ca certificate'}' border='0' />
+ <input type='hidden' name='ACTION' value='$Lang::tr{'show ca certificate'}' />
+ <input type='hidden' name='KEY' value='$key' />
+ </td></form>
+ <form method='post' name='cafrm${key}b'><td align='center'>
+ <input type='image' name='$Lang::tr{'download ca certificate'}' src='/images/media-floppy.png' alt='$Lang::tr{'download ca certificate'}' title='$Lang::tr{'download ca certificate'}' border='0' />
+ <input type='hidden' name='ACTION' value='$Lang::tr{'download ca certificate'}' />
+ <input type='hidden' name='KEY' value='$key' />
+ </td></form>
+ <form method='post' name='cafrm${key}c'><td align='center'>
+ <input type='hidden' name='ACTION' value='$Lang::tr{'remove ca certificate'}' />
+ <input type='image' name='$Lang::tr{'remove ca certificate'}' src='/images/delete.gif' alt='$Lang::tr{'remove ca certificate'}' title='$Lang::tr{'remove ca certificate'}' width='20' height='20' border='0' />
+ <input type='hidden' name='KEY' value='$key' />
+ </td></form></tr>
+END
+ ;
+ }
+ }
+
+ print "</table>";
+
+ # If the file contains entries, print Key to action icons
+ if ( -f "${General::swroot}/ovpn/ca/cacert.pem") {
+ print <<END;
+ <table>
+ <tr>
+ <td class='boldbase'> <b>$Lang::tr{'legend'}:</b></td>
+ <td> <img src='/images/info.gif' alt='$Lang::tr{'show certificate'}' /></td>
+ <td class='base'>$Lang::tr{'show certificate'}</td>
+ <td> <img src='/images/media-floppy.png' alt='$Lang::tr{'download certificate'}' /></td>
+ <td class='base'>$Lang::tr{'download certificate'}</td>
+ </tr>
+ </table>
+END
+ ;
+ }
+ print <<END
+ <hr size='1'>
+ <form method='post' enctype='multipart/form-data'>
+ <table width='100%' border='0'cellspacing='1' cellpadding='0'>
+ <tr>
+ <td class='base' nowrap='nowrap'>$Lang::tr{'ca name'}:</td>
+ <td nowrap='nowrap'><input type='text' name='CA_NAME' value='$cgiparams{'CA_NAME'}' size='15' align='left'/></td>
+ <td nowrap='nowrap'><input type='file' name='FH' size='25' />
+ <td nowrap='nowrap' align='right'><input type='submit' name='ACTION' value='$Lang::tr{'upload ca certificate'}' /></td>
+ </tr>
+
+ <tr>
+ <td class='base' nowrap='nowrap'>$Lang::tr{'ovpn dh name'}:</td>
+ <td nowrap='nowrap'><input type='text' name='DH_NAME' value='$cgiparams{'DH_NAME'}' size='15' align='left'/></td>
+ <td nowrap='nowrap'><input type='file' name='FH' size='25' />
+ <td nowrap='nowrap' align='right'><input type='submit' name='ACTION' value='$Lang::tr{'upload dh key'}' /></td>
+ </tr>
+ <tr><td colspan='4'><br></td></tr>
+ <tr>
+ <td nowrap='nowrap'><input type='submit' name='ACTION' value='$Lang::tr{'generate dh key'}' /></td>
+ <td colspan='4' align='right'><input type='submit' name='ACTION' value='$Lang::tr{'show dh'}' /></td>
+ </tr>
+
+ <tr align='right'>
+ <td colspan='4' align='right' width='80%'><input type='submit' name='ACTION' value='$Lang::tr{'show crl'}' /></td>
+ </tr>
+ </table>
+END
+ ;
+
+ if ( $srunning eq "yes" ) {
+ print "<div align='center'><form method='post'><input type='submit' name='ACTION' value='$Lang::tr{'remove x509'}' disabled='disabled' /></div></form>\n";
+ } else {
+ print "<div align='center'><form method='post'><input type='submit' name='ACTION' value='$Lang::tr{'remove x509'}' /></div></form>\n";
+ }
+ &Header::closebox();
+END
+ ;
+
+&Header::closepage();
%tr = (
%tr,
-'Act as' => 'Konfiguriert als',
+'Act as' => 'Konfiguriert als:',
'Add Level7 rule' => 'Level7-Regel hinzufügen',
'Add Port Rule' => 'Port-Regel hinzufügen',
'Add Rule' => 'Regel hinzufügen',
'Choose Rule' => 'Wählen Sie <u>eine</u> der untenstehenden Regeln aus.',
'Class' => 'Klasse',
'Class was deleted' => 'wurde mit eventuell vorhandenen Unterklassen gelöscht',
-'Client status and controlc' => 'Client-Status und -Kontrolle',
'ConnSched action' => 'Aktion:',
'ConnSched add action' => 'Aktion hinzufügen',
'ConnSched change profile title' => 'Wechsle zu Profil:',
'Level7 Rule' => 'Level7-Regel',
'Level7 rule' => 'Level7-Regel',
'Local VPN IP' => 'Internes Netzwerk (GREEN)',
-'MTU' => 'MTU Size',
+'MTU' => 'MTU Size:',
'Number of IPs for the pie chart' => 'Anzahl der angezeigten IPs im Diagramm',
'Number of Ports for the pie chart' => 'Anzahl der angezeigten Ports im Diagramm',
'OVPN' => 'OpenVPN',
'ccd err iroute' => 'Netzadresse für Route ungültig.',
'ccd err irouteexist' => 'Diese Route wird bereits verwendet.',
'ccd err isipsecnet' => 'Diese Subnetzadresse wird bereits für ein IPsec-Netzwerk verwendet.',
- 'ccd err isovpnnet' => 'Subnetzadresse wird für bereits für den OpenVPN-Server verwendet!',
- 'ccd err issubnet' => 'Subnetzadresse wird bereits verwendet.',
+ 'ccd err isipsecrw' => 'Diese Subnetzadresse wird bereits für das IPsec-RW Netz verwendet.',
+ 'ccd err isovpnn2n' => 'Die Subnetzadresse wird für bereits für eine OpenVPN Netz-zu-Netz-Verbindung verwendet.',
+ 'ccd err isovpnnet' => 'Die Subnetzadresse wird für bereits für den OpenVPN-Server verwendet.',
+ 'ccd err issubnet' => 'Die Subnetzadresse wird bereits verwendet.',
'ccd err name' => 'Es muss ein Name angegeben werden.',
'ccd err nameexist' => 'Name existiert bereits.',
'ccd err netadr' => 'Subnetzadresse ist ungültig oder Bereich zu groß.',
'check for net traffic update' => 'Prüfe auf Net-Traffic-Updates',
'check vpn lr' => 'Überprüfen',
'choose config' => 'Konfiguration auswählen',
-'cipher' => 'Verschlüsselung',
+'cipher' => 'Verschlüsselung:',
'city' => 'Stadt',
'class in use' => 'Die aktuelle Klasse wird bereits verwendet.',
'clear cache' => 'Zwischenspeicher löschen',
'could not open installed updates file' => 'Datei mit Update-Liste konnte nicht geöffnet werden',
'could not open update information file' => 'Datei mit den Update-Information konnte nicht geöffnet werden. Die Update-Datei ist beschädigt.',
'could not retrieve common name from certificate' => 'Der Gemeinsame Name (CN) konnte nicht aus dem Zertifikat gelesen werden.',
+ 'count' => 'Anzahl',
+ 'countries' => 'Länder',
'country' => 'Land',
+ 'country codes and flags' => 'Länder und Länderkennungen',
+ 'countrycode' => 'Kennung',
'cpu frequency per' => 'CPU-Frequenz pro',
'cpu idle usage' => 'Leerlauf CPU-Nutzung',
'cpu interrupt usage' => 'Interrupt CPU-Nutzung',
'destination port numbers' => 'Zielport muß ein(e) gültige(r) Portnummer oder Portbereich sein.',
'destination port overlaps' => 'Der Zielportbereich überlappt einen bereits bestehenden Portbereich.',
'detail level' => 'Detaillierungsgrad',
+ 'details' => 'Mehr',
'device' => 'Gerät',
'devices on blue' => 'Geräte auf Blau',
+'dh' => 'Diffie-Hellman Key',
+'dh key warn' => 'Keys mit 1024 und 2048 Bit können mehreren Minuten, 3072 und 4096 Bit bis zu mehreren Stunden dauern. Bitte haben sie Geduld.',
+'dh name is invalid' => 'Name ist ungültig, bitte "dh1024.pem" verwenden.',
'dhcp advopt add' => 'DHCP Option hinzufügen',
'dhcp advopt added' => 'DHCP Option hinzugefügt',
'dhcp advopt blank value' => 'Wert für DHCP Option darf nicht leer sein',
'dmz pinhole rule added' => 'Regel für DMZ-Schlupfloch hinzugefügt; Starte DMZ-Schlupfloch neu',
'dmz pinhole rule removed' => 'Regel für DMZ-Schlupfloch entfernt; Starte DMZ-Schlupfloch neu',
'dmzpinholes for same net not necessary' => 'DMZ-Schlupflöcher werden im gleichen Netz nicht benötigt. Wählen Sie ein anderes Quell- oder Ziel-Netz.',
- 'dnat address' => 'Externe IP-Adresse',
+ 'dnat address' => 'Firewall-Interface',
'dns address deleted' => 'Erfolgreich gelöscht! ',
'dns address deleted txt' => 'DNS Server Adressen wurden erfolgreich gelöscht. Änderungen werden jedoch erst nach einem Neustart oder einer Wiederverbindung übernommen.',
'dns address done' => 'Die DNS-Server Adressen Einstellungen werden übernommen.',
'dns proxy server' => 'DNS-Proxyserver',
'dns saved' => 'Erfolgreich gespeichert!',
'dns saved txt' => 'Die beiden eingegebenen DNS-Server-Adressen wurde erfolgreich gespeichert.<br/>Um die Änderung wirksam zu machen, müssen Sie neustarten oder wiederverbinden!',
-'dns server' => 'DNS-Server',
-'dns servers' => 'DNS-Server',
+'dns server' => 'DNS Server',
'dns title' => 'Domain Name System',
'dnsforward' => 'DNS-Weiterleitung',
'dnsforward add a new entry' => 'Neuen Eintrag hinzufügen',
'donation-text' => '<strong>IPFire</strong> wird von Freiwilligen in ihrer Freizeit betrieben und auch betreut. Um dieses Projekt am Laufen zu halten, entstehen uns natürlich auch Kosten. Wenn Sie uns unterstützen wollen, würden wir uns über eine kleine Spende sehr freuen.',
'dos charset' => 'DOS Charset',
'down and up speed' => 'Geben Sie bitte hier ihre Download- bzw. Upload-Geschwindigkeit ein <br /> und klicken Sie danach auf <i>Speichern</i>.',
-'downlink' => 'Downlink',
'downlink speed' => 'Downlink-Geschwindigkeit (kBit/sek)',
'downlink std class' => 'Downloadstandardklasse',
'download' => 'herunterladen',
'enter ack class' => 'Legen Sie hier die ACK-Klasse fest <br /> und klicken Sie danach auf <i>Speichern</i>.',
'enter data' => 'Geben Sie die Daten ein <br /> und klicken Sie danach auf <i>Speichern</i>.',
'entropy' => 'Entropie',
+ 'entropy graphs' => 'Entropiegraphen',
'err bk 1' => 'Fehler beim Erzeugen des Archivs',
'err bk 10 password' => 'Fehler beim Datensicherungs-Passwort',
'err bk 2 key' => 'Fehler beim Erzeugen der Schlüsseldatei',
'firewallhits' => 'Firewalltreffer',
'firmware' => 'Firmware',
'firmware upload' => 'Hochladen der Firmware/Treiber',
-'first' => 'Erste',
'fixed ip lease added' => 'Feste IP-Zuordnung hinzugefügt',
'fixed ip lease modified' => 'Feste IP-Zuordnung geändert',
'fixed ip lease removed' => 'Feste IP-Zuordnung gelöscht',
+ 'flag' => 'Flagge',
'force update' => 'Aktualisierung erzwingen',
'force user' => 'Standardbenutzer für das UNIX Dateisystem',
'forward firewall' => 'Firewall',
'fwdfw use srcport' => 'Quellport:',
'fwdfw use srv' => 'Zielport:',
'fwdfw useless rule' => 'Diese Regel ist nicht sinnvoll.',
+ 'fwdfw warn1' => 'Dies kann dazu führen, dass Firewallregeln auf Netze angewendet werden, für die sie nicht gedacht sind.',
'fwdfw wd_fri' => 'Fr',
'fwdfw wd_mon' => 'Mo',
'fwdfw wd_sat' => 'Sa',
'fwhost wo subnet' => '(Ohne Subnetz)',
'gateway' => 'Gateway',
'gateway ip' => 'Gateway-IP',
+'gen dh' => 'Diffie-Hellman Key erzeugen',
'gen static key' => 'Statischen Schlüssel erzeugen',
'generate' => 'Root/Host-Zertifikate generieren',
'generate a certificate' => 'Erzeuge ein Zertifikat:',
+'generate dh key' => 'Diffie-Hellman Key generieren',
'generate iso' => 'ISO erstellen',
'generate root/host certificates' => 'Erzeuge Root/Host-Zertifikate',
'generate tripwire keys and init' => 'Tripwire Initalisierung',
'harddisk temperature' => 'Festplattentemperatur',
'harddisk temperature graphs' => 'HDD-Diagramme',
'hardware graphs' => 'Hardware-Diagramme',
+ 'hardware support' => 'Hardware-Unterstützung',
'hdd temperature in' => 'Festplattentemperatur in',
'help' => 'Hilfe',
'high' => 'Hoch',
'lan' => 'LAN',
'lang' => 'de',
'languagepurpose' => 'Wählen Sie eine Sprache, in der IPFire angezeigt werden soll:',
-'last' => 'Letzte',
'last activity' => 'Letzte Aktivität',
'lateprompting' => 'Late prompting',
'lease expires' => 'Zuordnung verfällt',
'log view' => 'Log Anzeige',
'log viewer' => 'Protokollansicht',
'log viewing options' => 'Log Ansichts-Optionen',
-'log-options' => 'Logfile options',
+'log-options' => 'Logfile Optionen',
'loged in at' => 'Angemeldet seit',
'logging' => 'Logging',
'logging server' => 'Protokollierungs-Server',
'network traffic graphs others' => 'Netzwerk (sonstige)',
'network updated' => 'Benutzerdefiniertes Netzwerk aktualisiert',
'networks settings' => 'Firewall - Netzwerkeinstellungen',
+'never' => 'Nie',
'new optionsfw later' => 'Einige Einstellungen werden erst nach einem Neustart aktiv',
'new optionsfw must boot' => 'Sie müssen Ihren IPFire neu starten',
'newer' => 'Neuer',
'no eciadsl synch.bin file' => 'Keine ECI ADSL Datei synch.bin vorhanden. Bitte hochladen.',
'no filter pass' => 'Legen Sie hier die Standardklassen fest durch die nicht-gefilterte Pakete gehen.',
'no fritzdsl driver' => 'Kein Fritz!DSL-Treiber vorhanden. Bitte hochladen.',
+ 'no hardware random number generator' => 'Dieses System hat keine Entropiequelle.',
'no information available' => 'Keine Informationen verfügbar.',
'no log selected' => 'kein Log ausgewählt',
'no modem selected' => 'Kein Modem ausgewählt',
'nonetworkname' => 'Kein Netzwerkname wurde eingegeben',
'noservicename' => 'Kein Dienstname wurde eingegeben',
'not a valid ca certificate' => 'Kein gültiges CA Zertifikat.',
+'not a valid dh key' => 'Kein gültiger Diffie-Hellman Schlüssel. Bitte nur 1024, 2048, 3072 oder 4096 Bit im PKCS#3 Format verwenden.',
'not enough disk space' => 'Nicht genügend Plattenplatz vorhanden',
'not present' => '<B>Nicht</B> vorhanden',
'not running' => 'nicht gestartet',
'ovpn' => 'OpenVPN',
'ovpn con stat' => 'OpenVPN Verbindungs-Statistik',
'ovpn config' => 'OVPN-Konfiguration',
-'ovpn device' => 'OpenVPN-Gerät',
+'ovpn crypt options' => 'Kryptografieoptionen',
+'ovpn device' => 'OpenVPN-Gerät:',
+'ovpn dh' => 'Diffie-Hellman Key Länge',
+'ovpn dh name' => 'Diffie-Hellman Key Name',
'ovpn dl' => 'OVPN-Konfiguration downloaden',
+'ovpn engines' => 'Krypto Engine',
'ovpn errmsg green already pushed' => 'Route für grünes Netzwerk wird immer gesetzt',
'ovpn errmsg invalid ip or mask' => 'Ungültige Netzwerk-Adresse oder Subnetzmaske',
+'ovpn generating the root and host certificates' => 'Die Erzeugung der Root- und Host-Zertifikate kann lange Zeit dauern.',
+'ovpn ha' => 'Hash Algorithmus',
+'ovpn hmac' => 'HMAC Optionen',
'ovpn log' => 'OVPN-Log',
'ovpn mgmt in root range' => 'Ein Port von 1024 oder höher ist erforderlich.',
'ovpn mtu-disc' => 'Path MTU Discovery',
'ovpn mtu-disc with mssfix or fragment' => 'Path MTU Discovery kann nicht gemeinsam mit mssfix oder fragment verwendet werden.',
'ovpn mtu-disc yes' => 'Forciert',
'ovpn no connections' => 'Keine aktiven OpenVPN Verbindungen',
-'ovpn on blue' => 'OpenVPN auf BLAU',
-'ovpn on orange' => 'OpenVPN auf ORANGE',
-'ovpn on red' => 'OpenVPN auf ROT',
+'ovpn on blue' => 'OpenVPN auf BLAU:',
+'ovpn on orange' => 'OpenVPN auf ORANGE:',
+'ovpn on red' => 'OpenVPN auf ROT:',
'ovpn port in root range' => 'Ein Port von 1024 oder höher ist erforderlich.',
+'ovpn reneg sec' => 'Session Key Lifetime',
'ovpn routes push' => 'Routen (eine pro Zeile) z.b. 192.168.10.0/255.255.255.0 192.168.20.0/24',
'ovpn routes push options' => 'Route push Optionen',
-'ovpn server status' => 'OpenVPN-Server-Status',
-'ovpn subnet' => 'OpenVPN-Subnetz (z.B. 10.0.10.0/255.255.255.0)',
+'ovpn server status' => 'OpenVPN-Server-Status:',
+'ovpn subnet' => 'OpenVPN-Subnetz:',
'ovpn subnet is invalid' => 'Das OpenVPN-Subnetz ist ungültig.',
'ovpn subnet overlap' => 'OpenVPNSubnetz überschneidet sich mit ',
'ovpn_fastio' => 'Fast-IO',
'profile saved' => 'Profil gespeichert: ',
'profiles' => 'Profile:',
'proto' => 'Proto',
-'protocol' => 'Protokoll',
+'protocol' => 'Protokoll:',
'proxy' => 'Proxy',
'proxy access graphs' => 'Diagramme zur Proxyauslastung',
'proxy admin password' => 'Cache Administrator Passwort',
'resetglobals' => 'Globale Einstellungen zurücksetzen',
'resetpolicy' => 'Policy zurücksetzen',
'resetshares' => 'Shares zurücksetzen?',
-'resetting the vpn configuration will remove the root ca, the host certificate and all certificate based connections' => 'Das Zurücksetzen der VPN-Konfiguration wird die Root-CA, die Host-Zertifikate und alle weiteren Zertifikate und alle zertifikatsbasierten Verbindungen entfernen',
+'resetting the vpn configuration will remove the root ca, the host certificate and all certificate based connections' => 'Das Löschen des X509 wird die Root-CA, die Host-Zertifikate und alle zertifikatsbasierten Verbindungen entfernen.',
'restart' => 'Neustart',
'restart ovpn server' => 'OpenVPN-Server neu starten',
'restore' => 'Wiederherstellen',
'show ca certificate' => 'CA Zertifikat anzeigen',
'show certificate' => 'Zertifikat anzeigen',
'show crl' => 'Certificate Revocation List anzeigen',
+'show dh' => 'Diffie-Hellman Key anzeigen',
'show host certificate' => 'Host-Zertifikat anzeigen',
'show last x lines' => 'die letzten x Zeilen anzeigen',
'show root certificate' => 'Root-Zertifikat anzeigen',
'swap usage per' => 'Nutzung von Auslagerungsspeicher (Swap) pro',
'system' => 'System',
'system graphs' => 'System-Diagramme',
+ 'system has hwrng' => 'Dieses System hat einen Hardware-Zufallszahlengenerator.',
+ 'system has rdrand' => 'Dieses System unterstützt Intel(R) RDRAND.',
'system information' => 'Systeminformationen',
'system log viewer' => 'Betrachter der System-Logdateien',
'system logs' => 'System-Logdateien',
'updxlrtr weekly' => 'wöchentlich',
'updxlrtr year' => 'einem Jahr',
'upgrade' => 'upgrade',
-'uplink' => 'Uplink',
'uplink speed' => 'Uplink-Geschwindigkeit (kBit/sek)',
'uplink std class' => 'Uploadstandardklasse',
'upload' => 'Hochladen',
'upload a certificate' => 'Ein Zertifikat hochladen:',
'upload a certificate request' => 'Eine Zertifikatsanfrage hochladen:',
'upload ca certificate' => 'CA-Zertifikat hochladen',
+'upload dh key' => 'Diffie-Hellman Key hochladen',
'upload file' => 'Datei zum hochladen',
'upload new ruleset' => 'Neuen Regelsatz hochladen',
'upload p12 file' => 'PKCS12-Datei hochladen',
'vpn aggrmode' => 'IKE Aggressive Mode zugelassen. Wenn möglich, vermeiden (preshared Schlüssel wird im Klartext übertragen)!',
'vpn altname syntax' => 'Der Subjekt Alternativ Name ist eine durch Komma getrennte Liste von Email, DNS, URI, RID und IP Objekten. <br />Email: eine Email Adresse. Syntax Email: \'copy\' benutzt die Email Adresse aus dem Zertifikatfeld. <br />DNS: ein gültiger Domain Name.<br />URI: eine gültige URI.<br />RID: Registriertes Objekt Identifikation.<br />IP: eine IP Adresse.<br />Bitte beachten: der Zeichensatz ist eingeschränkt und die Groß-/Kleinschreibung ist entscheidend.<br />Beispiel:<br /><b>email:</b>info@ipfire.org<b>,email:</b>copy<b>,DNS:</b>www.ipfire.org<b>,IP:</b>127.0.0.1<b>,URI:</b>http://url/nach/irgendwo',
'vpn auth-dn' => 'Peer wird identifiziert durch entweder ein IPV4_ADDR, FQDN, USER_FQDN oder DER_ASN1_DN string in Remote ID Feld',
-'vpn configuration main' => 'VPN-Konfiguration',
'vpn delayed start' => 'Verzögerung bevor VPN gestartet wird (Sekunden)',
'vpn delayed start help' => 'Falls notwendig, kann diese Verzögerung dazu verwendet werden, um Dynamic-DNS-Updates ordnungsgemäß anzuwenden. 60 ist ein gängiger Wert, wenn ROT (RED) eine dynamische IP Adresse ist.',
'vpn incompatible use of defaultroute' => 'Hostname=%defaultroute nicht zulässig',
'Choose Rule' => 'Choose <u>one</u> of the following rules.',
'Class' => 'Class',
'Class was deleted' => 'with potential subclasses was deleted',
-'Client status and controlc' => 'Client status and control:',
'ConnSched action' => 'Action:',
'ConnSched add action' => 'Add action',
'ConnSched change profile title' => 'Change to profile:',
'behind a proxy' => 'Behind a proxy:',
'bewan adsl pci st' => 'TO BE REMOVED',
'bewan adsl usb' => 'TO BE REMOVED',
-'bit' => 'Bit',
+'bit' => 'bit',
'bitrate' => 'Bitrate',
'bleeding rules' => 'Bleeding Edge Snort Rules',
'blue' => 'BLUE',
'ccd err invalidnet' => 'Invalid IP address. Format: 192.168.0.0/24 or 192.168.0.0/255.255.255.0.',
'ccd err iroute' => 'Network address for route is invalid.',
'ccd err irouteexist' => 'This route is already in use.',
- 'ccd err isipsecnet' => 'The given subnet address already used by an IPsec network.',
- 'ccd err isovpnnet' => 'Subnet address already in use for OpenVPN Server.',
+ 'ccd err isipsecnet' => 'The given subnet address is already used by an IPsec network.',
+ 'ccd err isipsecrw' => 'The given subnet address is already used by the IPsec rw network.',
+ 'ccd err isovpnn2n' => 'The subnet address is already in use for an OpenVPN net-to-net connection.',
+ 'ccd err isovpnnet' => 'The subnet address is already in use for the OpenVPN server.',
'ccd err issubnet' => 'Subnet address already in use.',
'ccd err name' => 'Please choose a name.',
'ccd err nameexist' => 'Name already exists.',
'could not open installed updates file' => 'Could not open installed updates file',
'could not open update information file' => 'Could not open update information file. The update file is corrupt.',
'could not retrieve common name from certificate' => 'Could not retrieve common name from certificate.',
+ 'count' => 'Count',
+ 'countries' => 'Countries',
'country' => 'Country',
+ 'country codes and flags' => 'Country Codes and Flags:',
+ 'countrycode' => 'Code',
'cpu frequency per' => 'CPU frequency per',
'cpu idle usage' => 'Idle CPU Usage',
'cpu interrupt usage' => 'Interrupt CPU Usage',
'destination port numbers' => 'Destination port must be a valid port number or port range.',
'destination port overlaps' => 'Destination port range overlaps an existing port range.',
'detail level' => 'Detail level',
+ 'details' => 'Details',
'device' => 'Device',
'devices on blue' => 'Devices on BLUE',
+'dh' => 'Diffie-Hellman Key',
+'dh key warn' => 'Keys with 1024 and 2048 bit takes up to several minutes, 3072 and 4096 bit might needs several hours. Please be patient.',
+'dh name is invalid' => 'Name ist ung\9fltig, bitte "dh1024.pem" verwenden.',
'dhcp advopt add' => 'Add a DHCP option',
'dhcp advopt added' => 'DHCP option added',
'dhcp advopt blank value' => 'DHCP Option value cannot be empty.',
'dmz pinhole rule added' => 'DMZ pinhole rule added; restarting DMZ pinhole',
'dmz pinhole rule removed' => 'DMZ pinhole rule removed; restarting DMZ pinhole',
'dmzpinholes for same net not necessary' => 'DMZ Pinholes are not necessary for same net. Select different source or destination net.',
- 'dnat address' => 'External IP address',
+ 'dnat address' => 'Firewall Interface',
'dns address deleted' => 'Successfully deleted!',
'dns address deleted txt' => 'The DNS-Server addresses have been successfully deleted.<br />You have to reboot or reconnect that the changes have effect!',
'dns address done' => 'The DNS-Server address settings are going to be saved.',
'dns saved' => 'Successfully saved!',
'dns saved txt' => 'The two entered DNS server addresses have been saved successfully.<br />You have to reboot or reconnect that the changes have effect!',
'dns server' => 'DNS Server',
-'dns servers' => 'DNS Servers',
'dns title' => 'Domain Name System',
'dnsforward' => 'DNS Forwarding',
'dnsforward add a new entry' => 'Add a new entry',
'done' => 'Do it',
'dos charset' => 'DOS Charset',
'down and up speed' => 'Enter your Down- and Uplink-Speed <br /> and then press <i>Save</i>.',
-'downlink' => 'Downlink',
'downlink speed' => 'Downlink speed (kbit/sec)',
'downlink std class' => 'downlink standard class',
'download' => 'download',
'enter ack class' => 'Enter the ACK- Class <br /> and then press <i>Save</i>.',
'enter data' => 'Enter your settings <br /> and then press <i>Save</i>.',
'entropy' => 'Entropy',
+ 'entropy graphs' => 'Entropy Graphs',
'err bk 1' => 'Error creating archive',
'err bk 10 password' => 'Error with backup password',
'err bk 2 key' => 'Error creating key file',
'firewallhits' => 'firewallhits',
'firmware' => 'Firmware',
'firmware upload' => 'Upload Firmware/Drivers',
-'first' => 'First',
'fixed ip lease added' => 'Fixed IP lease added',
'fixed ip lease modified' => 'Fixed IP lease modified',
'fixed ip lease removed' => 'Fixed IP lease removed',
+ 'flag' => 'Flag',
'force update' => 'Force update',
'force user' => 'force all new file to user',
'forward firewall' => 'Firewall',
'fwdfw use srcport' => 'Source port:',
'fwdfw use srv' => 'Destination port:',
'fwdfw useless rule' => 'This rule is useless.',
+ 'fwdfw warn1' => 'This might lead to firewallrules which are applied to networks for which they are not intended to be.',
'fwdfw wd_fri' => 'Fri',
'fwdfw wd_mon' => 'Mon',
'fwdfw wd_sat' => 'Sat',
'g.lite' => 'TO BE REMOVED',
'gateway' => 'Gateway',
'gateway ip' => 'Gateway IP',
+'gen dh' => 'Generate Diffie-Hellman key',
'gen static key' => 'Generate a static key',
'generate' => 'Generate root/host zertifikate',
'generate a certificate' => 'Generate a certificate:',
+'generate dh key' => 'Generate Diffie-Hellman key',
'generate iso' => 'Generate ISO',
'generate root/host certificates' => 'Generate root/host certificates',
'generate tripwire keys and init' => 'generate tripwire keys and init',
'harddisk temperature' => 'Harddisk Temperature',
'harddisk temperature graphs' => 'HDD Graphs',
'hardware graphs' => 'Hardware Graphs',
+ 'hardware support' => 'Hardware Support',
'hdd temperature in' => 'Harddisk temperature in',
'help' => 'Help',
'high' => 'High',
'lan' => 'LAN',
'lang' => 'en',
'languagepurpose' => 'Select the language you wish IPFire to display in:',
-'last' => 'Last',
'last activity' => 'Last Activity',
'lateprompting' => 'Lateprompting',
'lease expires' => 'Lease expires',
'local hard disk' => 'Hard disk',
'local master' => 'Local Master',
'local ntp server specified but not enabled' => 'Local NTP server specified but not enabled',
-'local subnet' => 'Local Subnet:',
+'local subnet' => 'Local subnet:',
'local subnet is invalid' => 'Local subnet is invalid.',
'local vpn hostname/ip' => 'Local VPN Hostname/IP',
'localkey' => 'Localkey',
'network traffic graphs others' => 'Network (others)',
'network updated' => 'Custom Network updated',
'networks settings' => 'Firewall - Network settings',
+'never' => 'Never',
'new optionsfw later' => 'Some options need a reboot to take effect',
'new optionsfw must boot' => 'You must reboot your IPFire',
'newer' => 'Newer',
'no eciadsl synch.bin file' => 'No ECI ADSL synch.bin file. Please upload.',
'no filter pass' => 'Enter the standard class for non-filtered packets.',
'no fritzdsl driver' => 'No Fritz!DSL driver. Please upload.',
+ 'no hardware random number generator' => 'This system has no source for entropy.',
'no information available' => 'No information available.',
'no log selected' => 'No log selected',
'no modem selected' => 'No modem selected',
'nonetworkname' => 'No Network Name entered',
'noservicename' => 'No Service Name entered',
'not a valid ca certificate' => 'Not a valid CA certificate.',
+'not a valid dh key' => 'Not a valid Diffie-Hellman key. Please use 1024, 2048, 3072 or 4096 bit in PKCS#3 format.',
'not enough disk space' => 'Not enough disk space',
'not present' => '<b>Not</b> present',
'not running' => 'not running',
'ovpn' => 'OpenVPN',
'ovpn con stat' => 'OpenVPN Connection Statistics',
'ovpn config' => 'OVPN-Config',
+'ovpn crypt options' => 'Cryptographic options',
'ovpn device' => 'OpenVPN device:',
+'ovpn dh' => 'Diffie-Hellman key lenght',
+'ovpn dh name' => 'Diffie-Hellman key name',
'ovpn dl' => 'OVPN-Config Download',
+'ovpn engines' => 'Crypto engine',
'ovpn errmsg green already pushed' => 'Route for green network is always set',
'ovpn errmsg invalid ip or mask' => 'Invalid network-address or subnetmask',
+'ovpn generating the root and host certificates' => 'Generating the root and host certifictae can take a long time.',
+'ovpn ha' => 'Hash algorithm',
+'ovpn hmac' => 'HMAC options',
'ovpn log' => 'OVPN-Log',
'ovpn mgmt in root range' => 'A port number of 1024 or higher is required.',
'ovpn mtu-disc' => 'Path MTU Discovery',
'ovpn mtu-disc with mssfix or fragment' => 'Path MTU Discovery cannot be used with mssfix or fragment.',
'ovpn mtu-disc yes' => 'Forced',
'ovpn no connections' => 'No active OpenVPN connections',
-'ovpn on blue' => 'OpenVPN on BLUE',
-'ovpn on orange' => 'OpenVPN on ORANGE',
-'ovpn on red' => 'OpenVPN on RED',
+'ovpn on blue' => 'OpenVPN on BLUE:',
+'ovpn on orange' => 'OpenVPN on ORANGE:',
+'ovpn on red' => 'OpenVPN on RED:',
'ovpn port in root range' => 'A port number of 1024 or higher is required.',
+'ovpn reneg sec' => 'Session key lifetime:',
'ovpn routes push' => 'Routes (one per line) e.g. 192.168.10.0/255.255.255.0 192.168.20.0/24',
'ovpn routes push options' => 'Route push options',
'ovpn server status' => 'Current OpenVPN server status:',
-'ovpn subnet' => 'OpenVPN subnet (e.g. 10.0.10.0/255.255.255.0)',
+'ovpn subnet' => 'OpenVPN subnet:',
'ovpn subnet is invalid' => 'OpenVPN subnet is invalid.',
'ovpn subnet overlap' => 'OpenVPN Subnet overlaps with : ',
'ovpn_fastio' => 'Fast-IO',
'profile saved' => 'Profile saved: ',
'profiles' => 'Profiles:',
'proto' => 'Proto',
-'protocol' => 'Protocol',
+'protocol' => 'Protocol:',
'proxy' => 'Proxy',
'proxy access graphs' => 'Proxy access graphs',
'proxy admin password' => 'Cache administrator password',
'resetglobals' => 'Reset global settings',
'resetpolicy' => 'Reset policy to default',
'resetshares' => 'Reset shares?',
-'resetting the vpn configuration will remove the root ca, the host certificate and all certificate based connections' => 'Resetting the VPN configuration will remove the root CA, the host certificate and all certificate based connections',
+'resetting the vpn configuration will remove the root ca, the host certificate and all certificate based connections' => 'Resetting the X509 remove the root CA, the host certificate and all certificate based connections.',
'restart' => 'Restart',
'restart ovpn server' => 'Restart OpenVPN server',
'restore' => 'Restore',
'show ca certificate' => 'Show CA certificate',
'show certificate' => 'Show certificate',
'show crl' => 'Show certificate revocation list',
+'show dh' => 'Show Diffie-Hellman key',
'show host certificate' => 'Show host certificate',
'show last x lines' => 'Show last x lines',
'show lines' => 'Show lines',
'swap usage per' => 'Swap usage per',
'system' => 'System',
'system graphs' => 'System Graphs',
+ 'system has hwrng' => 'This system has got a hardware random number generator.',
+ 'system has rdrand' => 'This system has got support for Intel(R) RDRAND.',
'system information' => 'System Information',
'system log viewer' => 'System Log Viewer',
'system logs' => 'System Logs',
'updxlrtr weekly' => 'weekly',
'updxlrtr year' => 'one year',
'upgrade' => 'upgrade',
-'uplink' => 'Uplink',
'uplink speed' => 'Uplink speed (kbit/sec)',
'uplink std class' => 'uplink standard class',
'upload' => 'Upload',
'upload a certificate' => 'Upload a certificate:',
'upload a certificate request' => 'Upload a certificate request:',
'upload ca certificate' => 'Upload CA certificate',
+'upload dh key' => 'Upload Diffie-Hellman key',
'upload fcdsl.o' => 'TO BE REMOVED',
'upload file' => 'Upload file',
'upload new ruleset' => 'Upload new ruleset',
'vpn aggrmode' => 'IKE aggressive mode allowed. Avoid if possible (preshared key is transmitted in clear text)!',
'vpn altname syntax' => 'SubjectAltName is a comma separated list of e-mail, dns, uri, rid and ip objects.<br />email:an email address. Syntax email:copy takes the email field from the cert to be used.<br />DNS:a valid domain name.<br />URI:any valid uri.<br />RID:registered object identifier.<br />IP:an IP address.<br />Note:charset is limited and case is significant.<br />Example:<br /><b>e-mail:</b>ipfire@foo.org<b>,email:</b>copy<b>,DNS:</b>www.ipfire.org<b>,IP:</b>127.0.0.1<b>,URI:</b>http://url/to/something',
'vpn auth-dn' => 'Peer is identified by either IPV4_ADDR, FQDN, USER_FQDN or DER_ASN1_DN string in remote ID field',
-'vpn configuration main' => 'VPN Configuration',
'vpn delayed start' => 'Delay before launching VPN (seconds)',
'vpn delayed start help' => 'If required, this delay can be used to allow dynamic DNS updates to propagate properly. 60 is a common value when RED is a dynamic IP.',
'vpn incompatible use of defaultroute' => 'hostname=%defaultroute not allowed',
projects / people / teissler / ipfire-2.x.git / commitdiff
