Signed-off-by: Michael Tremer michael.tremer@ipfire.org --- doc/language_issues.de | 2 +- doc/language_issues.en | 2 ++ doc/language_issues.es | 2 ++ doc/language_issues.fr | 2 +- doc/language_issues.it | 2 +- doc/language_issues.nl | 2 ++ doc/language_issues.pl | 2 ++ doc/language_issues.ru | 2 ++ doc/language_issues.tr | 2 +- doc/language_missings | 8 ++++++ html/cgi-bin/vpnmain.cgi | 54 ++++++++++++++++++++++++++++++++++------ langs/en/cgi-bin/en.pl | 1 + 12 files changed, 69 insertions(+), 12 deletions(-)
diff --git a/doc/language_issues.de b/doc/language_issues.de index 4c4a37742..ab074d94d 100644 --- a/doc/language_issues.de +++ b/doc/language_issues.de @@ -219,7 +219,6 @@ WARNING: translation string unused: dns new 1 WARNING: translation string unused: dns saved WARNING: translation string unused: dns saved txt WARNING: translation string unused: dns server -WARNING: translation string unused: dns servers WARNING: translation string unused: dnssec information WARNING: translation string unused: do not log this port list WARNING: translation string unused: domain not set @@ -800,6 +799,7 @@ WARNING: untranslated string: guardian logtarget_file = unknown string WARNING: untranslated string: guardian logtarget_syslog = unknown string WARNING: untranslated string: guardian no entries = unknown string WARNING: untranslated string: guardian service = unknown string +WARNING: untranslated string: ipsec dns server address is invalid = Invalid DNS server IP address(es) WARNING: untranslated string: ipsec invalid ip address or fqdn for rw endpoint = Invalid IP address or FQDN for Host-to-Net Endpoint WARNING: untranslated string: ipsec roadwarrior endpoint = Host-to-Net Endpoint WARNING: untranslated string: no entries = No entries at the moment. diff --git a/doc/language_issues.en b/doc/language_issues.en index 9bef2930c..c05fc0800 100644 --- a/doc/language_issues.en +++ b/doc/language_issues.en @@ -624,6 +624,7 @@ WARNING: untranslated string: dns no address given = No IP Address given. WARNING: untranslated string: dns no tls hostname given = No TLS hostname given. WARNING: untranslated string: dns proxy server = DNS Proxy Server WARNING: untranslated string: dns recursor mode = Recursor Mode +WARNING: untranslated string: dns servers = DNS Servers WARNING: untranslated string: dns title = Domain Name System WARNING: untranslated string: dns tls hostname = TLS Hostname WARNING: untranslated string: dns use isp assigned nameservers = Use ISP-assigned DNS servers @@ -1166,6 +1167,7 @@ WARNING: untranslated string: ipfires hostname = IPFire's Hostname WARNING: untranslated string: ipinfo = IP info WARNING: untranslated string: ipsec = IPsec WARNING: untranslated string: ipsec connection = IPsec Connection +WARNING: untranslated string: ipsec dns server address is invalid = Invalid DNS server IP address(es) WARNING: untranslated string: ipsec interface mode gre = GRE WARNING: untranslated string: ipsec interface mode none = - None (Default) - WARNING: untranslated string: ipsec interface mode vti = VTI diff --git a/doc/language_issues.es b/doc/language_issues.es index 57a20d214..376af0dc4 100644 --- a/doc/language_issues.es +++ b/doc/language_issues.es @@ -833,6 +833,7 @@ WARNING: untranslated string: dns mode for qname minimisation = QNAME Minimisati WARNING: untranslated string: dns no address given = No IP Address given. WARNING: untranslated string: dns no tls hostname given = No TLS hostname given. WARNING: untranslated string: dns recursor mode = Recursor Mode +WARNING: untranslated string: dns servers = DNS Servers WARNING: untranslated string: dns tls hostname = TLS Hostname WARNING: untranslated string: dns use isp assigned nameservers = Use ISP-assigned DNS servers WARNING: untranslated string: dns use protocol for dns queries = Protocol for DNS queries @@ -1147,6 +1148,7 @@ WARNING: untranslated string: invalid ip or hostname = Invalid IP Address or Hos WARNING: untranslated string: invalid logserver protocol = Invalid syslogd server protocol WARNING: untranslated string: ipsec = IPsec WARNING: untranslated string: ipsec connection = IPsec Connection +WARNING: untranslated string: ipsec dns server address is invalid = Invalid DNS server IP address(es) WARNING: untranslated string: ipsec interface mode gre = GRE WARNING: untranslated string: ipsec interface mode none = - None (Default) - WARNING: untranslated string: ipsec interface mode vti = VTI diff --git a/doc/language_issues.fr b/doc/language_issues.fr index 3fe75fd07..c52ef3972 100644 --- a/doc/language_issues.fr +++ b/doc/language_issues.fr @@ -246,7 +246,6 @@ WARNING: translation string unused: dns new 1 WARNING: translation string unused: dns saved WARNING: translation string unused: dns saved txt WARNING: translation string unused: dns server -WARNING: translation string unused: dns servers WARNING: translation string unused: dnssec information WARNING: translation string unused: do not log this port list WARNING: translation string unused: domain not set @@ -839,6 +838,7 @@ WARNING: untranslated string: guardian logtarget_file = unknown string WARNING: untranslated string: guardian logtarget_syslog = unknown string WARNING: untranslated string: guardian no entries = unknown string WARNING: untranslated string: guardian service = unknown string +WARNING: untranslated string: ipsec dns server address is invalid = Invalid DNS server IP address(es) WARNING: untranslated string: ipsec invalid ip address or fqdn for rw endpoint = Invalid IP address or FQDN for Host-to-Net Endpoint WARNING: untranslated string: ipsec roadwarrior endpoint = Host-to-Net Endpoint WARNING: untranslated string: pakfire ago = ago. diff --git a/doc/language_issues.it b/doc/language_issues.it index 53cd94b90..be1f9c351 100644 --- a/doc/language_issues.it +++ b/doc/language_issues.it @@ -220,7 +220,6 @@ WARNING: translation string unused: dns new 1 WARNING: translation string unused: dns saved WARNING: translation string unused: dns saved txt WARNING: translation string unused: dns server -WARNING: translation string unused: dns servers WARNING: translation string unused: dnsforward forward_server WARNING: translation string unused: dnssec information WARNING: translation string unused: do not log this port list @@ -983,6 +982,7 @@ WARNING: untranslated string: invalid input for valid till days = Invalid input WARNING: untranslated string: invalid ip or hostname = Invalid IP Address or Hostname WARNING: untranslated string: invalid logserver protocol = Invalid syslogd server protocol WARNING: untranslated string: ipsec connection = IPsec Connection +WARNING: untranslated string: ipsec dns server address is invalid = Invalid DNS server IP address(es) WARNING: untranslated string: ipsec interface mode gre = GRE WARNING: untranslated string: ipsec interface mode none = - None (Default) - WARNING: untranslated string: ipsec interface mode vti = VTI diff --git a/doc/language_issues.nl b/doc/language_issues.nl index 85a9cd587..21e1e8daa 100644 --- a/doc/language_issues.nl +++ b/doc/language_issues.nl @@ -856,6 +856,7 @@ WARNING: untranslated string: dns mode for qname minimisation = QNAME Minimisati WARNING: untranslated string: dns no address given = No IP Address given. WARNING: untranslated string: dns no tls hostname given = No TLS hostname given. WARNING: untranslated string: dns recursor mode = Recursor Mode +WARNING: untranslated string: dns servers = DNS Servers WARNING: untranslated string: dns tls hostname = TLS Hostname WARNING: untranslated string: dns use isp assigned nameservers = Use ISP-assigned DNS servers WARNING: untranslated string: dns use protocol for dns queries = Protocol for DNS queries @@ -992,6 +993,7 @@ WARNING: untranslated string: invalid input for valid till days = Invalid input WARNING: untranslated string: invalid ip or hostname = Invalid IP Address or Hostname WARNING: untranslated string: invalid logserver protocol = Invalid syslogd server protocol WARNING: untranslated string: ipsec connection = IPsec Connection +WARNING: untranslated string: ipsec dns server address is invalid = Invalid DNS server IP address(es) WARNING: untranslated string: ipsec interface mode gre = GRE WARNING: untranslated string: ipsec interface mode none = - None (Default) - WARNING: untranslated string: ipsec interface mode vti = VTI diff --git a/doc/language_issues.pl b/doc/language_issues.pl index 57a20d214..376af0dc4 100644 --- a/doc/language_issues.pl +++ b/doc/language_issues.pl @@ -833,6 +833,7 @@ WARNING: untranslated string: dns mode for qname minimisation = QNAME Minimisati WARNING: untranslated string: dns no address given = No IP Address given. WARNING: untranslated string: dns no tls hostname given = No TLS hostname given. WARNING: untranslated string: dns recursor mode = Recursor Mode +WARNING: untranslated string: dns servers = DNS Servers WARNING: untranslated string: dns tls hostname = TLS Hostname WARNING: untranslated string: dns use isp assigned nameservers = Use ISP-assigned DNS servers WARNING: untranslated string: dns use protocol for dns queries = Protocol for DNS queries @@ -1147,6 +1148,7 @@ WARNING: untranslated string: invalid ip or hostname = Invalid IP Address or Hos WARNING: untranslated string: invalid logserver protocol = Invalid syslogd server protocol WARNING: untranslated string: ipsec = IPsec WARNING: untranslated string: ipsec connection = IPsec Connection +WARNING: untranslated string: ipsec dns server address is invalid = Invalid DNS server IP address(es) WARNING: untranslated string: ipsec interface mode gre = GRE WARNING: untranslated string: ipsec interface mode none = - None (Default) - WARNING: untranslated string: ipsec interface mode vti = VTI diff --git a/doc/language_issues.ru b/doc/language_issues.ru index 6ed13933a..dc8d83beb 100644 --- a/doc/language_issues.ru +++ b/doc/language_issues.ru @@ -837,6 +837,7 @@ WARNING: untranslated string: dns mode for qname minimisation = QNAME Minimisati WARNING: untranslated string: dns no address given = No IP Address given. WARNING: untranslated string: dns no tls hostname given = No TLS hostname given. WARNING: untranslated string: dns recursor mode = Recursor Mode +WARNING: untranslated string: dns servers = DNS Servers WARNING: untranslated string: dns tls hostname = TLS Hostname WARNING: untranslated string: dns use isp assigned nameservers = Use ISP-assigned DNS servers WARNING: untranslated string: dns use protocol for dns queries = Protocol for DNS queries @@ -1149,6 +1150,7 @@ WARNING: untranslated string: invalid ip or hostname = Invalid IP Address or Hos WARNING: untranslated string: invalid logserver protocol = Invalid syslogd server protocol WARNING: untranslated string: ipsec = IPsec WARNING: untranslated string: ipsec connection = IPsec Connection +WARNING: untranslated string: ipsec dns server address is invalid = Invalid DNS server IP address(es) WARNING: untranslated string: ipsec interface mode gre = GRE WARNING: untranslated string: ipsec interface mode none = - None (Default) - WARNING: untranslated string: ipsec interface mode vti = VTI diff --git a/doc/language_issues.tr b/doc/language_issues.tr index 8821371f7..dd4d24ae3 100644 --- a/doc/language_issues.tr +++ b/doc/language_issues.tr @@ -242,7 +242,6 @@ WARNING: translation string unused: dns new 1 WARNING: translation string unused: dns saved WARNING: translation string unused: dns saved txt WARNING: translation string unused: dns server -WARNING: translation string unused: dns servers WARNING: translation string unused: dnsforward forward_server WARNING: translation string unused: dnssec information WARNING: translation string unused: do not log this port list @@ -909,6 +908,7 @@ WARNING: untranslated string: invalid input for local ip address = Invalid input WARNING: untranslated string: invalid input for mode = Invalid input for mode WARNING: untranslated string: invalid ip or hostname = Invalid IP Address or Hostname WARNING: untranslated string: ipsec connection = IPsec Connection +WARNING: untranslated string: ipsec dns server address is invalid = Invalid DNS server IP address(es) WARNING: untranslated string: ipsec interface mode gre = GRE WARNING: untranslated string: ipsec interface mode none = - None (Default) - WARNING: untranslated string: ipsec interface mode vti = VTI diff --git a/doc/language_missings b/doc/language_missings index 3034db5ba..fe0713fdf 100644 --- a/doc/language_missings +++ b/doc/language_missings @@ -37,6 +37,7 @@ < g.dtm < g.lite < insert removable device +< ipsec dns server address is invalid < ipsec invalid ip address or fqdn for rw endpoint < ipsec roadwarrior endpoint < no entries @@ -567,6 +568,7 @@ < invalid logserver protocol < ipsec < ipsec connection +< ipsec dns server address is invalid < ipsec interface mode gre < ipsec interface mode none < ipsec interface mode vti @@ -927,6 +929,7 @@ < download apple profile < g.dtm < g.lite +< ipsec dns server address is invalid < ipsec invalid ip address or fqdn for rw endpoint < ipsec roadwarrior endpoint < upload fcdsl.o @@ -1138,6 +1141,7 @@ < invalid ip or hostname < invalid logserver protocol < ipsec connection +< ipsec dns server address is invalid < ipsec interface mode gre < ipsec interface mode none < ipsec interface mode vti @@ -1514,6 +1518,7 @@ < invalid ip or hostname < invalid logserver protocol < ipsec connection +< ipsec dns server address is invalid < ipsec interface mode gre < ipsec interface mode none < ipsec interface mode vti @@ -2211,6 +2216,7 @@ < invalid logserver protocol < ipsec < ipsec connection +< ipsec dns server address is invalid < ipsec interface mode gre < ipsec interface mode none < ipsec interface mode vti @@ -3069,6 +3075,7 @@ < invalid logserver protocol < ipsec < ipsec connection +< ipsec dns server address is invalid < ipsec interface mode gre < ipsec interface mode none < ipsec interface mode vti @@ -3483,6 +3490,7 @@ < invalid input for mode < invalid ip or hostname < ipsec connection +< ipsec dns server address is invalid < ipsec interface mode gre < ipsec interface mode none < ipsec interface mode vti diff --git a/html/cgi-bin/vpnmain.cgi b/html/cgi-bin/vpnmain.cgi index 0d141cb88..93120ea44 100644 --- a/html/cgi-bin/vpnmain.cgi +++ b/html/cgi-bin/vpnmain.cgi @@ -124,6 +124,7 @@ $cgiparams{'MODE'} = "tunnel"; $cgiparams{'INTERFACE_MODE'} = ""; $cgiparams{'INTERFACE_ADDRESS'} = ""; $cgiparams{'INTERFACE_MTU'} = 1500; +$cgiparams{'DNS_SERVERS'} = ""; &Header::getcgihash(%cgiparams, {'wantfile' => 1, 'filevar' => 'FH'});
my %APPLE_CIPHERS = ( @@ -511,6 +512,13 @@ sub writeipsecfiles { # Fragmentation print CONF "\tfragmentation=yes\n";
+ # DNS Servers for RW + if ($lconfighash{$key}[3] eq 'host') { + my @servers = split(/|/, $lconfighash{$key}[39]); + + print CONF "\trightdns=" . join(",", @servers) . "\n"; + } + print CONF "\n"; } #foreach key
@@ -1612,6 +1620,7 @@ END $cgiparams{'INTERFACE_MODE'} = $confighash{$cgiparams{'KEY'}}[36]; $cgiparams{'INTERFACE_ADDRESS'} = $confighash{$cgiparams{'KEY'}}[37]; $cgiparams{'INTERFACE_MTU'} = $confighash{$cgiparams{'KEY'}}[38]; + $cgiparams{'DNS_SERVERS'} = $confighash{$cgiparams{'KEY'}}[39];
if (!$cgiparams{'DPD_DELAY'}) { $cgiparams{'DPD_DELAY'} = 30; @@ -1745,6 +1754,16 @@ END } }
+ if ($cgiparams{'TYPE'} eq 'host') { + my @servers = split(",", $cgiparams{'DNS_SERVERS'}); + foreach my $server (@servers) { + unless (&Network::check_ip_address($server)) { + $errormessage = $Lang::tr{'ipsec dns server address is invalid'}; + goto VPNCONF_ERROR; + } + } + } + if ($cgiparams{'ENABLED'} !~ /^(on|off)$/) { $errormessage = $Lang::tr{'invalid input'}; goto VPNCONF_ERROR; @@ -2147,7 +2166,7 @@ END my $key = $cgiparams{'KEY'}; if (! $key) { $key = &General::findhasharraykey (%confighash); - foreach my $i (0 .. 38) { $confighash{$key}[$i] = "";} + foreach my $i (0 .. 39) { $confighash{$key}[$i] = "";} } $confighash{$key}[0] = $cgiparams{'ENABLED'}; $confighash{$key}[1] = $cgiparams{'NAME'}; @@ -2198,6 +2217,7 @@ END $confighash{$key}[36] = $cgiparams{'INTERFACE_MODE'}; $confighash{$key}[37] = $cgiparams{'INTERFACE_ADDRESS'}; $confighash{$key}[38] = $cgiparams{'INTERFACE_MTU'}; + $confighash{$key}[39] = join("|", split(",", $cgiparams{'DNS_SERVERS'}));
# free unused fields! $confighash{$key}[15] = 'off'; @@ -2280,6 +2300,7 @@ END $cgiparams{'INTERFACE_MODE'} = ""; $cgiparams{'INTERFACE_ADDRESS'} = ""; $cgiparams{'INTERFACE_MTU'} = 1500; + $cgiparams{'DNS_SERVERS'} = ""; }
VPNCONF_ERROR: @@ -2376,11 +2397,8 @@ END EOF }
- my $disabled; - my $blob; - if ($cgiparams{'TYPE'} eq 'host') { - $disabled = "disabled='disabled'"; - } elsif ($cgiparams{'TYPE'} eq 'net') { + my $blob = ""; + if ($cgiparams{'TYPE'} eq 'net') { $blob = "<img src='/blob.gif' alt='*' />"; };
@@ -2390,6 +2408,9 @@ EOF my @remote_subnets = split(/|/, $cgiparams{'REMOTE_SUBNET'}); my $remote_subnets = join(",", @remote_subnets);
+ my @dns_servers = split(/|/, $cgiparams{'DNS_SERVERS'}); + my $dns_servers = join(",", @dns_servers); + print <<END; <tr> <td width='20%'>$Lang::tr{'enabled'}</td> @@ -2425,10 +2446,26 @@ END <td width='30%'> <input type='text' name='LOCAL_SUBNET' value='$local_subnets' size="25" /> </td> - <td class='boldbase' nowrap='nowrap' width='20%'>$Lang::tr{'remote subnet'} $blob</td> +END + + if ($cgiparams{'TYPE'} eq "net") { + print <<END; + <td class='boldbase' nowrap='nowrap' width='20%'>$Lang::tr{'remote subnet'} <img src='/blob.gif' alt='*' /></td> + <td width='30%'> + <input type='text' name='REMOTE_SUBNET' value='$remote_subnets' size="25" /> + </td> +END + + } elsif ($cgiparams{'TYPE'} eq "host") { + print <<END; + <td class='boldbase' nowrap='nowrap' width='20%'>$Lang::tr{'dns servers'}:</td> <td width='30%'> - <input $disabled type='text' name='REMOTE_SUBNET' value='$remote_subnets' size="25" /> + <input type='text' name='DNS_SERVERS' value='$dns_servers' size="25" /> </td> +END + } + + print <<END; </tr> <tr> <td class='boldbase' width='20%'>$Lang::tr{'vpn local id'}:</td> @@ -2764,6 +2801,7 @@ if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) || $cgiparams{'INTERFACE_MODE'} = $confighash{$cgiparams{'KEY'}}[36]; $cgiparams{'INTERFACE_ADDRESS'} = $confighash{$cgiparams{'KEY'}}[37]; $cgiparams{'INTERFACE_MTU'} = $confighash{$cgiparams{'KEY'}}[38]; + $cgiparams{'DNS_SERVERS'} = $confighash{$cgiparams{'KEY'}}[39];
if (!$cgiparams{'DPD_DELAY'}) { $cgiparams{'DPD_DELAY'} = 30; diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl index 54e8c404a..adc04f6b3 100644 --- a/langs/en/cgi-bin/en.pl +++ b/langs/en/cgi-bin/en.pl @@ -1547,6 +1547,7 @@ 'ipinfo' => 'IP info', 'ipsec' => 'IPsec', 'ipsec connection' => 'IPsec Connection', +'ipsec dns server address is invalid' => 'Invalid DNS server IP address(es)', 'ipsec interface mode gre' => 'GRE', 'ipsec interface mode none' => '- None (Default) -', 'ipsec interface mode vti' => 'VTI',