This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree".
The branch, master has been updated via 7d55ca0da4ed4d491885b0ad15a6c80244543323 (commit) via d9ac41d55627c3b870e88ac9d9dff5f3820331f5 (commit) via acb305f590ce401aa69898761c761cd24a4c9d18 (commit) via ae9f613950e8b2dd81e19c76f59fb5f9fb23e818 (commit) via b3de08a247d23a83bdbf4cf477b74d801f64759d (commit) from eb3b93ccb5788ddf4388bbc559810980fcaca1d8 (commit)
Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below.
- Log ----------------------------------------------------------------- commit 7d55ca0da4ed4d491885b0ad15a6c80244543323 Author: Michael Tremer michael.tremer@ipfire.org Date: Thu Jul 19 13:14:52 2012 +0200
connections.cgi: Show name for "unknown" protocols.
commit d9ac41d55627c3b870e88ac9d9dff5f3820331f5 Author: Michael Tremer michael.tremer@ipfire.org Date: Thu Jul 19 12:42:35 2012 +0200
connections.cgi: Correctly colour OpenVPN n2n connections.
commit acb305f590ce401aa69898761c761cd24a4c9d18 Author: Michael Tremer michael.tremer@ipfire.org Date: Thu Jul 19 12:28:12 2012 +0200
index.cgi: Print OpenVPN N2N status in the same way as IPsec connections.
commit ae9f613950e8b2dd81e19c76f59fb5f9fb23e818 Author: Michael Tremer michael.tremer@ipfire.org Date: Thu Jul 19 12:08:37 2012 +0200
ovpnmain.cgi: Sort out issues with FRAGMENT and MSSFIX.
Both had no proper default values which has been fixed.
commit b3de08a247d23a83bdbf4cf477b74d801f64759d Author: Michael Tremer michael.tremer@ipfire.org Date: Thu Jul 19 11:17:09 2012 +0200
Add connections.cgi to core update 61.
-----------------------------------------------------------------------
Summary of changes: config/rootfiles/core/61/filelists/files | 1 + html/cgi-bin/connections.cgi | 58 +++++++++++++++++++---- html/cgi-bin/index.cgi | 76 ++++++++++++++++-------------- html/cgi-bin/ovpnmain.cgi | 24 ++++++--- 4 files changed, 106 insertions(+), 53 deletions(-)
Difference in files: diff --git a/config/rootfiles/core/61/filelists/files b/config/rootfiles/core/61/filelists/files index 9d4c2cc..396a27f 100644 --- a/config/rootfiles/core/61/filelists/files +++ b/config/rootfiles/core/61/filelists/files @@ -3,6 +3,7 @@ etc/issue etc/rc.d/init.d/collectd opt/pakfire/lib/functions.sh srv/web/ipfire/cgi-bin/index.cgi +srv/web/ipfire/cgi-bin/connections.cgi srv/web/ipfire/cgi-bin/ovpnmain.cgi srv/web/ipfire/cgi-bin/proxy.cgi var/ipfire/general-functions.pl diff --git a/html/cgi-bin/connections.cgi b/html/cgi-bin/connections.cgi index 54089d0..21f66d7 100644 --- a/html/cgi-bin/connections.cgi +++ b/html/cgi-bin/connections.cgi @@ -173,7 +173,7 @@ if (-e "${General::swroot}/ovpn/settings") { } }
-open(IPSEC, "/var/ipfire/vpn/config"); +open(IPSEC, "${General::swroot}/var/ipfire/vpn/config"); my @ipsec = <IPSEC>; close(IPSEC);
@@ -190,6 +190,26 @@ foreach my $line (@ipsec) { push(@colour, ${Header::colourvpn}); }
+if (-e "${General::swroot}/ovpn/n2nconf") { + open(OVPNN2N, "${General::swroot}/ovpn/ovpnconfig"); + my @ovpnn2n = <OVPNN2N>; + close(OVPNN2N); + + foreach my $line (@ovpnn2n) { + my @ovpn = split(',', $line); + next if ($ovpn[4] ne 'net'); + + my ($network, $mask) = split("/", $ovpn[12]); + if (!&General::validip($mask)) { + $mask = ipv4_cidr2msk($mask); + } + + push(@network, $network); + push(@masklen, $mask); + push(@colour, ${Header::colourovpn}); + } +} + # Show the page. &Header::openpage($Lang::tr{'connections'}, 1, ''); &Header::openbigbox('100%', 'left'); @@ -270,8 +290,28 @@ foreach my $line (@conntrack) { # L4 protocol (tcp, udp, ...). my $l4proto = $conn[2];
+ # Translate unknown protocols. if ($l4proto eq 'unknown') { - $l4proto = ''; + my $l4protonum = $conn[3]; + if ($l4protonum eq '2') { + $l4proto = 'IGMP'; + } elsif ($l4protonum eq '4') { + $l4proto = 'IPv4 Encap'; + } elsif ($l4protonum eq '33') { + $l4proto = 'DCCP'; + } elsif ($l4protonum eq '41') { + $l4proto = 'IPv6 Encap'; + } elsif ($l4protonum eq '50') { + $l4proto = 'ESP'; + } elsif ($l4protonum eq '51') { + $l4proto = 'AH'; + } elsif ($l4protonum eq '132') { + $l4proto = 'SCTP'; + } else { + $l4proto = $l4protonum; + } + } else { + $l4proto = uc($l4proto); }
# Source and destination. @@ -284,7 +324,7 @@ foreach my $line (@conntrack) {
my $ttl = $conn[4]; my $state; - if ($l4proto eq 'tcp') { + if ($l4proto eq 'TCP') { $state = $conn[5]; }
@@ -317,21 +357,21 @@ foreach my $line (@conntrack) { my $sip_colour = ipcolour($sip); my $dip_colour = ipcolour($dip);
- my $sserv = ''; - if ($sport < 1024) { + my $sserv = ''; + if ($sport < 1024) { $sserv = uc(getservbyport($sport, lc($l4proto))); if ($sserv ne '') { $sserv = " ($sserv)"; } - } + }
- my $dserv = ''; - if ($dport < 1024) { + my $dserv = ''; + if ($dport < 1024) { $dserv = uc(getservbyport($dport, lc($l4proto))); if ($dserv ne '') { $dserv = " ($dserv)"; } - } + }
my $bytes_in = format_bytes($bytes[0]); my $bytes_out = format_bytes($bytes[1]); diff --git a/html/cgi-bin/index.cgi b/html/cgi-bin/index.cgi index 01bb3d6..04a87cf 100644 --- a/html/cgi-bin/index.cgi +++ b/html/cgi-bin/index.cgi @@ -394,48 +394,52 @@ END }
### -# m.a.d n2n +# Print the OpenVPN N2N connection status. ### - if ( -d "${General::swroot}/ovpn/n2nconf") { -my %confighash=(); -my $display = ''; - -&General::readhasharray("${General::swroot}/ovpn/ovpnconfig", %confighash); -foreach my $dkey (keys %confighash) { -if ($confighash{$dkey}[3] eq 'net') { - - - if (-e "/var/run/$confighash{$dkey}[1]n2n.pid") { - my @output = ""; - my @tustate = ""; - my $tport = $confighash{$dkey}[22]; - my $tnet = new Net::Telnet ( Timeout=>5, Errmode=>'return', Port=>$tport); - if ($tport ne '') { - $tnet->open('127.0.0.1'); - @output = $tnet->cmd(String => 'state', Prompt => '/(END.*\n|ERROR:.*\n)/'); - @tustate = split(/,/, $output[1]); - if ( $tustate[1] eq 'CONNECTED') - { $display = "<font color=$Header::colourgreen>$Lang::tr{'capsopen'}</font>"; - } else { - $display = "<font color=$Header::colourred>$tustate[1]</font>"; } + my %confighash=(); + + &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", %confighash); + foreach my $dkey (keys %confighash) { + if (($confighash{$dkey}[3] eq 'net') && (-e "/var/run/$confighash{$dkey}[1]n2n.pid")) { + my $tport = $confighash{$dkey}[22]; + next if ($tport eq ''); + + my $tnet = new Net::Telnet ( Timeout=>5, Errmode=>'return', Port=>$tport); + $tnet->open('127.0.0.1'); + my @output = $tnet->cmd(String => 'state', Prompt => '/(END.*\n|ERROR:.*\n)/'); + my @tustate = split(/,/, $output[1]); + + my $display; + my $display_colour = $Header::colourred; + if ( $tustate[1] eq 'CONNECTED') { + $display_colour = $Header::colourgreen; + $display = $Lang::tr{'capsopen'}; + } else { + $display = $tustate[1]; + }
- print <<END; - <tr><td align='center' bgcolor='$Header::colourovpn' width='25%'><a href="/cgi-bin/ovpnmain.cgi"><font size='2' color='white'><b>OpenVPN n2n</b></font></a><br> - <td width='30%' align='center'> $confighash{$dkey}[10]<td width='45%' align='center'> $display - + print <<END; + <tr> + <td align='left' nowrap='nowrap' bgcolor='$color{'color22'}'> + $confighash{$dkey}[1] + </td> + <td align='center'> + $confighash{$dkey}[11] + </td> + <td align='center' bgcolor='$display_colour'> + <b> + <font color='#FFFFFF'> + $display + </font> + </b> + </td> + </tr> END -; -} -} -} -} + } + } }
-### -# m.a.d n2n end -### - # Fireinfo if ( ! -e "/var/ipfire/main/send_profile") { $warnmessage .= "<li><a style='color: white;' href='fireinfo.cgi'>$Lang::tr{'fireinfo please enable'}</a></li>"; diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi index 92bab47..f91adf1 100644 --- a/html/cgi-bin/ovpnmain.cgi +++ b/html/cgi-bin/ovpnmain.cgi @@ -356,11 +356,14 @@ sub writeserverconf { if ($sovpnsettings{CLIENT2CLIENT} eq 'on') { print CONF "client-to-client\n"; } - if ($sovpnsettings{MSSFIX} eq 'on') { - print CONF "mssfix\n"; - } - if (($sovpnsettings{FRAGMENT} ne '' && $sovpnsettings{FRAGMENT} ne 0) && $sovpnsettings{'DPROTOCOL'} ne 'tcp') { - print CONF "fragment $sovpnsettings{'FRAGMENT'}\n"; + if ($sovpnsettings{'DPROTOCOL'} eq 'udp') { + if ($sovpnsettings{MSSFIX} eq 'on') { + print CONF "mssfix\n"; + } + if ($sovpnsettings{'FRAGMENT'} eq '' || $sovpnsettings{'FRAGMENT'} eq 0) { + $sovpnsettings{'FRAGMENT'} = '1300'; + } + print CONF "fragment $sovpnsettings{'FRAGMENT'}\n"; } if ($sovpnsettings{KEEPALIVE_1} > 0 && $sovpnsettings{KEEPALIVE_2} > 0) { print CONF "keepalive $sovpnsettings{'KEEPALIVE_1'} $sovpnsettings{'KEEPALIVE_2'}\n"; @@ -529,7 +532,7 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'save-adv-options'}) { } } if ($cgiparams{'MSSFIX'} ne 'on') { - delete $vpnsettings{'MSSFIX'}; + $vpnsettings{'MSSFIX'} = 'off'; } else { $vpnsettings{'MSSFIX'} = $cgiparams{'MSSFIX'}; } @@ -1894,7 +1897,6 @@ ADV_ERROR: if ($cgiparams{'MAX_CLIENTS'} eq '') { $cgiparams{'MAX_CLIENTS'} = '100'; } - if ($cgiparams{'KEEPALIVE_1'} eq '') { $cgiparams{'KEEPALIVE_1'} = '10'; } @@ -1902,7 +1904,13 @@ ADV_ERROR: $cgiparams{'KEEPALIVE_2'} = '60'; } if ($cgiparams{'LOG_VERB'} eq '') { - $cgiparams{'LOG_VERB'} = '3'; + $cgiparams{'LOG_VERB'} = '3'; + } + if ($cgiparams{'MSSFIX'} eq '') { + $cgiparams{'MSSFIX'} = 'on'; + } + if ($cgiparams{'FRAGMENT'} eq '') { + $cgiparams{'FRAGMENT'} = '1300'; } $checked{'CLIENT2CLIENT'}{'off'} = ''; $checked{'CLIENT2CLIENT'}{'on'} = '';
hooks/post-receive -- IPFire 2.x development tree