Hey Alex,
I just installed the files on my system. This is my first impression:
Over the entire application, the wording is very poor. It is hard to understand what is going on - even for someone who is experienced with what the GUI does. Buttons say "static net", headlines are "add net". What kind of net? What is a static net?
Quote: A static net can be used to give OVPN roadwarrior a fixed IP. There can be more networks (for Manager, Admins,...). With the fixed addresses you are able to define your own firewallrules for specific static networks or even single roadwarrior.
Much better is for example: You are able to define static networks on this page, from which roadwarrior clients can get static address assignments.
Short and sweet. Instructions about why this is useful should go on the wiki.
The listing of the networks is pretty nice. I like it, but it does not use the entire width of the WUI. There is no edit button in case I want to edit the description. The network should not be editable, I think. The descriptions of the columns are also a bit too short. "net" -> "network", "Max. clients" is not very understandable as well as "used". I would put it as "Used addresses" and "4/32".
The form above the listing where you create a new network does not look like the forms on top of other pages like the port forwarding.
When creating/editing a roadwarrior connection, it is again hard to tell what all the options do. There is no thing such as "OpenVPN DHCP". Put it as a choice between "Use dynamic address pool 1.2.3.0/24" and the static address assignment.
Why is the max. number of fixed leases shown in that table? I cannot see any use for that over here.
The list of host addresses where to pick from is cool, but the subnet mask is _always_ /30. No matter what the actual network size is.
What does checking the redirect gw option change? Can I check it for multiple networks? Is it bound to a network or is it just an option to enable the gateway redirection for this client in general?
What does "net to route" do?
I had to create /var/ipfire/ovpn/ccd (nobody:nobody) manually.
I rather don't like the header of the configuration files in the ccd directory.
Is there a reason why the parameters are separated by "=" than "," in ccd.conf?
The source code has got very many comments in German which is not very convenient, because not all developers do speak German.
I hope this feedback helps you a little bit. I have not reviewed the implementation (i.e. CGI scripts), yet. Will do that when things above are fixed. It would be nice if you could provide diffs.
Michael