From mboxrd@z Thu Jan 1 00:00:00 1970 From: git@ipfire.org To: ipfire-scm@lists.ipfire.org Subject: [git.ipfire.org] IPFire 2.x development tree branch, next, updated. 34096f965125067b262f04b4e25183533c95367c Date: Fri, 16 Nov 2012 17:04:30 +0100 Message-ID: <20121116160434.3C9D7200A3@argus.ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============2058664307505305011==" List-Id: --===============2058664307505305011== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree". The branch, next has been updated via 34096f965125067b262f04b4e25183533c95367c (commit) from ce819132f353a4ae2103fa752ffddb3fae6f01a1 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 34096f965125067b262f04b4e25183533c95367c Author: Alexander Marx Date: Fri Nov 16 17:02:15 2012 +0100 OpenVPN: Add CCD configuration GUI. ----------------------------------------------------------------------- Summary of changes: config/cfgroot/general-functions.pl | 204 ++++- config/wpa_supplicant/wpa_supplicant_conf.sh | 114 +++ config/wpa_supplicant/wpa_supplicant_settings | 6 + doc/language_issues.de | 3 + doc/language_issues.en | 2 + doc/language_issues.es | 39 + doc/language_issues.fr | 35 + doc/language_issues.pl | 39 + doc/language_issues.ru | 35 + doc/language_missings | 161 ++++ html/cgi-bin/ovpnmain.cgi | 1219 ++++++++++++++++++++---= -- langs/de/cgi-bin/de.pl | 38 + langs/en/cgi-bin/en.pl | 39 +- 13 files changed, 1705 insertions(+), 229 deletions(-) create mode 100644 config/wpa_supplicant/wpa_supplicant_conf.sh create mode 100644 config/wpa_supplicant/wpa_supplicant_settings mode change 100644 =3D> 100755 html/cgi-bin/ovpnmain.cgi Difference in files: diff --git a/config/cfgroot/general-functions.pl b/config/cfgroot/general-fun= ctions.pl index 567f2e1..c6a6a7c 100644 --- a/config/cfgroot/general-functions.pl +++ b/config/cfgroot/general-functions.pl @@ -18,8 +18,7 @@ use strict; use Socket; use IO::Socket; use Net::SSLeay; -use Net::IPv4Addr; - +use Net::IPv4Addr qw(:all); $|=3D1; # line buffering =20 $General::version =3D 'VERSION'; @@ -212,19 +211,175 @@ sub validipormask return &validmask($mask); } =20 -sub validipandmask +sub subtocidr { - my $ipandmask =3D $_[0]; + #gets: Subnet in decimal (255.255.255.0)=20 + #Gives: 24 (The cidr of network) + my ($byte1, $byte2, $byte3, $byte4) =3D split(/\./, $_[0].".0.0.0.0");=20 + my $num =3D ($byte1 * 16777216) + ($byte2 * 65536) + ($byte3 * 256) + $byte= 4;=20 + my $bin =3D unpack("B*", pack("N", $num));=20 + my $count =3D ($bin =3D~ tr/1/1/);=20 + return $count; +} =20 - # split it into number and mask. - if (!($ipandmask =3D~ /^(.*?)\/(.*?)$/)) { - return 0; } - my $ip =3D $1; - my $mask =3D $2; - # first part not a ip? - if (!(&validip($ip))) { - return 0; } - return &validmask($mask); +sub cidrtosub +{ + #gets: Cidr of network (20-30 for ccd)=20 + #Konverts 30 to 255.255.255.252 e.g + my $cidr=3D$_[0]; + my $netmask =3D &Net::IPv4Addr::ipv4_cidr2msk($cidr); + return "$netmask"; +} + =20 +sub iporsubtodec +{ + #Gets: Ip address or subnetmask in decimal oder CIDR + #Gives: What it gets only in CIDR format + my $subnet=3D$_[0]; + my $net; + my $mask; + my $full=3D0; + if ($subnet =3D~ /^(.*?)\/(.*?)$/) { + ($net,$mask) =3D split (/\//,$subnet); + $full=3D1; + return "$subnet"; + }else{ + $mask=3D$subnet; + } + #Subnet already in decimal and valid? + if ($mask=3D~/^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/ &&(($1<=3D255 = && $2<=3D$1 && $3<=3D$2 && $4<=3D$3 ))) { + for (my $i=3D8;$i<=3D32;$i++){ + if (&General::cidrtosub($i) eq $mask){ + if ($full =3D=3D 0){return $mask;}else{ + return $net."/".$mask; + } + } + }=09 + } + #Subnet in binary format? + if ($mask=3D~/^(\d{1,2})$/ && (($1<=3D32 && $1>=3D8))){ + if($full =3D=3D 0){ return &General::cidrtosub($mask);}else{ + return $net."/".&General::cidrtosub($mask); + } + }else{ + return 3; + } + return 3; +} + =20 + =20 +sub iporsubtocidr +{ + #gets: Ip Address or subnetmask in decimal oder CIDR + #Gives: What it gets only in CIDR format + my $subnet=3D$_[0]; + my $net; + my $mask; + my $full=3D0; + if ($subnet =3D~ /^(.*?)\/(.*?)$/) { + ($net,$mask) =3D split (/\//,$subnet); + $full=3D1; + }else{ + $mask=3D$subnet; + } + #Subnet in decimal and valid? + if ($mask=3D~/^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/ &&(($1<=3D255 = && $2<=3D$1 && $3<=3D$2 && $4<=3D$3 ))) { + for (my $i=3D8;$i<=3D32;$i++){ + if (&General::cidrtosub($i) eq $mask){ + if ($full =3D=3D 0){return &General::subtocidr($mask);}else{ + return $net."/".&General::subtocidr($mask); + } + } + }=09 + } + #Subnet already in binary format? + if ($mask=3D~/^(\d{1,2})$/ && (($1<=3D32 && $1>=3D8))){ + if($full =3D=3D 0){ return $mask;}else{ + return $net."/".$mask; + } + }else{ + return 3; + } + return 3; +} + +sub getnetworkip +{ + #Gets: IP, CIDR (10.10.10.0-255, 24) + #Gives: 10.10.10.0 + my ($ccdip,$ccdsubnet) =3D @_; + my $ip_address_binary =3D inet_aton( $ccdip ); + my $netmask_binary =3D ~pack("N", (2**(32-$ccdsubnet))-1); + my $network_address =3D inet_ntoa( $ip_address_binary & $netmask_binary = ); + return $network_address; +} + +sub getccdbc +{ + #Gets: IP in Form ("192.168.0.0/24") + #Gives: Broadcastaddress of network + my $ccdnet=3D$_; + my ($ccdip,$ccdsubnet) =3D split "/",$ccdnet; + my $ip_address_binary =3D inet_aton( $ccdip ); + my $netmask_binary =3D ~pack("N", (2**(32-$ccdsubnet))-1); + my $broadcast_address =3D inet_ntoa( $ip_address_binary | ~$netmask_binary= ); + return $broadcast_address; +} +sub getnextip +{ + my ($byte1,$byte2,$byte3,$byte4) =3D split (/\./,$_[0]); + my $step=3D$_[1]; + for (my $x=3D1;$x<=3D$step;$x++){ + $byte4++; + if($byte4=3D=3D255){ $byte4=3D0;$byte3++;} + if($byte3=3D=3D255){$byte3=3D0;$byte2++;} + if ($byte2=3D=3D255){$byte2=3D0;$byte1++} +=09 + } + return "$byte1.$byte2.$byte3.$byte4"; +} +sub getlastip +{ + my ($byte1,$byte2,$byte3,$byte4) =3D split (/\./,$_[0]); + my $step=3D$_[1]; + for (my $x=3D$step;$x>=3D1;$x--){ + $byte4--; + if($byte4=3D=3D0){ $byte4=3D255;$byte3--;} + if($byte3=3D=3D0){$byte3=3D255;$byte2--;} + if ($byte2=3D=3D0){$byte2=3D255;$byte1--} + } + return "$byte1.$byte2.$byte3.$byte4"; +} + +sub validipandmask +{ + #Gets: Ip address in 192.168.0.0/24 or 192.168.0.0/255.255.255.0 and checks= if subnet valid + #Gives: True bzw 0 if success or false=20 + my $ccdnet=3D$_[0]; + my $subcidr; +=09 + if (!($ccdnet =3D~ /^(.*?)\/(.*?)$/)) { + return 0; + } + my ($ccdip,$ccdsubnet)=3Dsplit (/\//, $ccdnet); + #IP valid? + if ($ccdip=3D~/^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/ &&(($1>0 && $1= <=3D255 && $2>=3D0 && $2<=3D255 && $3>=3D0 && $3<=3D255 && $4<=3D255 ))) { + #Subnet in decimal and valid? + if ($ccdsubnet=3D~/^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/ &&(($1<= =3D255 && $2<=3D$1 && $3<=3D$2 && $4<=3D$3 ))) { + for (my $i=3D8;$i<=3D30;$i++){ + if (&General::cidrtosub($i) eq $ccdsubnet){ + return 1; + } + }=09 + #Subnet already in binary format? + }elsif ($ccdsubnet=3D~/^(\d{1,2})$/ && (($1<=3D30 && $1>=3D8))){ + return 1; + }else{ + return 0; + } + =09 + } + return 0; } =20 sub validport @@ -276,7 +431,7 @@ sub validhostname if (length ($hostname) < 1 || length ($hostname) > 63) { return 0;} # Only valid characters are a-z, A-Z, 0-9 and - - if ($hostname !~ /^[a-zA-Z0-9-]*$/) { + if ($hostname !~ /^[a-zA-Z0-9-\s]*$/) { return 0;} # First character can only be a letter or a digit if (substr ($hostname, 0, 1) !~ /^[a-zA-Z0-9]*$/) { @@ -407,7 +562,12 @@ sub NextIP ) ); } - +sub NextIP2 +{ + return &Socket::inet_ntoa( pack("N", 4 + unpack('N', &Socket::inet_aton= (shift)) + ) + ); +} sub ipcidr { my ($ip,$cidr) =3D &Net::IPv4Addr::ipv4_parse(shift); @@ -465,13 +625,13 @@ sub writehasharray { open(FILE, ">$filename") or die "Unable to write to file $filename"; =20 foreach $key (keys %$hash) { - if ($key =3D~ /^[0-9]+$/) { - print FILE "$key"; - foreach $i (0 .. $#{$hash->{$key}}) { - print FILE ",$hash->{$key}[$i]"; - } - print FILE "\n"; - } + if ($key =3D~ /^[0-9]+$/) { + print FILE "$key"; + foreach $i (0 .. $#{$hash->{$key}}) { + print FILE ",$hash->{$key}[$i]"; + } + print FILE "\n"; + } } close FILE; return; diff --git a/config/wpa_supplicant/wpa_supplicant_conf.sh b/config/wpa_suppli= cant/wpa_supplicant_conf.sh new file mode 100644 index 0000000..06d928d --- /dev/null +++ b/config/wpa_supplicant/wpa_supplicant_conf.sh @@ -0,0 +1,114 @@ +#!/bin/bash + +config=3D"/tmp/wpa_supplicant.conf" + +# Read in the configuration files. +source /root/wpa_supplicant_settings + +# Exit, if wpa_supplicant is not enabled. +if [ "${ENABLED}" !=3D "on" ]; then + exit 0 +fi + +# Read the interface configuration. +eval $(readhash /var/ipfire/ethernet/settings) + +# Find the device, we are going to deal with. +device=3D${!DEVICE} + +if [ -z "${device}" ]; then + echo "No device configured. Exiting." >&2 + exit 1 +fi + +# Check, if the given device is a wireless device. +if [ -d "/sys/class/net/${device}/phy80211" ]; then + wireless=3D"true" +else + wireless=3D"false" +fi + +# Write a configuration file header. +( + echo "#" + echo "# THIS FILE IS AUTOMATICALLY GENERATED AND" + echo "# ANY CUSTOM CHANGES WILL BE OVERWRITTEN!" + echo +) > ${config} + +# Write the configuration file. +( + proto=3D"" + key_mgmt=3D"" + pairwise=3D"" + group=3D"" + + echo "network=3D{" + + case "${MODE}" in + 8021X) + key_mgmt=3D"IEEE8021X" + + echo "eap=3D${EAP_METHOD}" + echo "anonymous_identity=3D\"${ANONYMOUS_IDENTITY}\"" + echo "identity=3D\"${IDENTITY}\"" + echo "password=3D\"${PASSWORD}\"" + echo "phase2=3D\"${PHASE2}\"" + ;; + WPA) + proto=3D"WPA" + key_mgmt=3D"WPA-PSK" + ;; + WPA2) + proto=3D"RSN" + key_mgmt=3D"WPA-PSK" + ;; + WEP) + key_mgmt=3D"NONE" + echo " wep_tx_keyidx=3D0" + echo " wep_key0=3D\"${PSK}\"" + ;; + esac + + if [ -n "${SSID}" ]; then + echo " ssid=3D\"${SSID}\"" + fi + if [ "${wireless}" =3D "true" ]; then + echo " scan_ssid=3D1" + fi + if [ -n "${key_mgmt}" ]; then + echo " key_mgmt=3D${key_mgmt}" + fi + if [ -n "${PSK}" ]; then + echo " psk=3D\"${PSK}\"" + fi + if [ -n "${proto}" ]; then + echo " proto=3D${proto}" + fi + + case "${WPA_MODE}" in + CCMP-CCMP) + pairwise=3D"CCMP" + group=3D"CCMP" + ;; + CCMP-TKIP) + pairwise=3D"CCMP" + group=3D"TKIP" + ;; + TKIP-TKIP) + pairwise=3D"TKIP" + group=3D"TKIP" + ;; + *) + echo "Unknown WPA_MODE: ${WPA_MODE}" >&2 + ;; + esac + if [ -n "${pairwise}" -a -n "${group}" ]; then + echo " pairwise=3D${pairwise}" + echo " group=3D${group}" + fi + + echo "}" +) >> ${config} + +cat ${config} diff --git a/config/wpa_supplicant/wpa_supplicant_settings b/config/wpa_suppl= icant/wpa_supplicant_settings new file mode 100644 index 0000000..5984d83 --- /dev/null +++ b/config/wpa_supplicant/wpa_supplicant_settings @@ -0,0 +1,6 @@ +ENABLED=3Don +DEVICE=3DRED_DEV +MODE=3DWPA2 +#WPA_MODE=3DCCMP-CCMP +PSK=3D"ThisIsTheKey" +SSID=3D"Use This One Mum" diff --git a/doc/language_issues.de b/doc/language_issues.de index 5a42ae5..137217c 100644 --- a/doc/language_issues.de +++ b/doc/language_issues.de @@ -68,6 +68,9 @@ WARNING: translation string unused: cache size WARNING: translation string unused: calamaris report interval (in minutes) WARNING: translation string unused: calc traffic all x minutes WARNING: translation string unused: capsinactive +WARNING: translation string unused: ccd err iroute +WARNING: translation string unused: ccd err netadr +WARNING: translation string unused: ccd maxclients WARNING: translation string unused: cfg restart WARNING: translation string unused: check for net traffic update WARNING: translation string unused: choose config diff --git a/doc/language_issues.en b/doc/language_issues.en index 6d6a2a6..68fef77 100644 --- a/doc/language_issues.en +++ b/doc/language_issues.en @@ -87,6 +87,8 @@ WARNING: translation string unused: cache size WARNING: translation string unused: calamaris report interval (in minutes) WARNING: translation string unused: calc traffic all x minutes WARNING: translation string unused: capsinactive +WARNING: translation string unused: ccd err iroute +WARNING: translation string unused: ccd err netadr WARNING: translation string unused: cfg restart WARNING: translation string unused: check for net traffic update WARNING: translation string unused: choose config diff --git a/doc/language_issues.es b/doc/language_issues.es index 6bcbf86..968e321 100644 --- a/doc/language_issues.es +++ b/doc/language_issues.es @@ -500,7 +500,41 @@ WARNING: untranslated string: Async logging enabled WARNING: untranslated string: Scan for Songs WARNING: untranslated string: Set time on boot WARNING: untranslated string: advproxy errmsg invalid upstream proxy +WARNING: untranslated string: attention WARNING: untranslated string: bytes +WARNING: untranslated string: ccd add +WARNING: untranslated string: ccd choose net +WARNING: untranslated string: ccd client options +WARNING: untranslated string: ccd clientip +WARNING: untranslated string: ccd dynrange +WARNING: untranslated string: ccd err blue +WARNING: untranslated string: ccd err green +WARNING: untranslated string: ccd err hostinnet +WARNING: untranslated string: ccd err inuse +WARNING: untranslated string: ccd err invalidname +WARNING: untranslated string: ccd err invalidnet +WARNING: untranslated string: ccd err irouteexist +WARNING: untranslated string: ccd err isovpnnet +WARNING: untranslated string: ccd err issubnet +WARNING: untranslated string: ccd err name +WARNING: untranslated string: ccd err nameexist +WARNING: untranslated string: ccd err netadrexist +WARNING: untranslated string: ccd err orange +WARNING: untranslated string: ccd err red +WARNING: untranslated string: ccd err routeovpn +WARNING: untranslated string: ccd err routeovpn2 +WARNING: untranslated string: ccd hint +WARNING: untranslated string: ccd invalid +WARNING: untranslated string: ccd iroute +WARNING: untranslated string: ccd iroute2 +WARNING: untranslated string: ccd iroutehint +WARNING: untranslated string: ccd modify +WARNING: untranslated string: ccd name +WARNING: untranslated string: ccd net +WARNING: untranslated string: ccd none +WARNING: untranslated string: ccd routes +WARNING: untranslated string: ccd subnet +WARNING: untranslated string: ccd used WARNING: untranslated string: deprecated fs warn WARNING: untranslated string: fireinfo ipfire version WARNING: untranslated string: fireinfo is disabled @@ -546,11 +580,16 @@ WARNING: untranslated string: outgoing firewall p2p des= cription 2 WARNING: untranslated string: outgoing firewall p2p description 3 WARNING: untranslated string: outgoing firewall reserved groupname WARNING: untranslated string: outgoing firewall view group +WARNING: untranslated string: ovpn errmsg green already pushed +WARNING: untranslated string: ovpn errmsg invalid ip or mask +WARNING: untranslated string: ovpn routes push +WARNING: untranslated string: ovpn routes push options WARNING: untranslated string: pakfire ago WARNING: untranslated string: route config changed WARNING: untranslated string: routing config added WARNING: untranslated string: routing config changed WARNING: untranslated string: routing table +WARNING: untranslated string: server restart WARNING: untranslated string: static routes WARNING: untranslated string: system information WARNING: untranslated string: visit us at diff --git a/doc/language_issues.fr b/doc/language_issues.fr index 189932f..1c37b17 100644 --- a/doc/language_issues.fr +++ b/doc/language_issues.fr @@ -499,7 +499,41 @@ WARNING: translation string unused: year-graph WARNING: translation string unused: yearly firewallhits WARNING: untranslated string: Scan for Songs WARNING: untranslated string: advproxy errmsg invalid upstream proxy +WARNING: untranslated string: attention WARNING: untranslated string: bytes +WARNING: untranslated string: ccd add +WARNING: untranslated string: ccd choose net +WARNING: untranslated string: ccd client options +WARNING: untranslated string: ccd clientip +WARNING: untranslated string: ccd dynrange +WARNING: untranslated string: ccd err blue +WARNING: untranslated string: ccd err green +WARNING: untranslated string: ccd err hostinnet +WARNING: untranslated string: ccd err inuse +WARNING: untranslated string: ccd err invalidname +WARNING: untranslated string: ccd err invalidnet +WARNING: untranslated string: ccd err irouteexist +WARNING: untranslated string: ccd err isovpnnet +WARNING: untranslated string: ccd err issubnet +WARNING: untranslated string: ccd err name +WARNING: untranslated string: ccd err nameexist +WARNING: untranslated string: ccd err netadrexist +WARNING: untranslated string: ccd err orange +WARNING: untranslated string: ccd err red +WARNING: untranslated string: ccd err routeovpn +WARNING: untranslated string: ccd err routeovpn2 +WARNING: untranslated string: ccd hint +WARNING: untranslated string: ccd invalid +WARNING: untranslated string: ccd iroute +WARNING: untranslated string: ccd iroute2 +WARNING: untranslated string: ccd iroutehint +WARNING: untranslated string: ccd modify +WARNING: untranslated string: ccd name +WARNING: untranslated string: ccd net +WARNING: untranslated string: ccd none +WARNING: untranslated string: ccd routes +WARNING: untranslated string: ccd subnet +WARNING: untranslated string: ccd used WARNING: untranslated string: deprecated fs warn WARNING: untranslated string: dns address deleted txt WARNING: untranslated string: fireinfo ipfire version @@ -539,6 +573,7 @@ WARNING: untranslated string: route config changed WARNING: untranslated string: routing config added WARNING: untranslated string: routing config changed WARNING: untranslated string: routing table +WARNING: untranslated string: server restart WARNING: untranslated string: snort working WARNING: untranslated string: static routes WARNING: untranslated string: system information diff --git a/doc/language_issues.pl b/doc/language_issues.pl index 6bcbf86..968e321 100644 --- a/doc/language_issues.pl +++ b/doc/language_issues.pl @@ -500,7 +500,41 @@ WARNING: untranslated string: Async logging enabled WARNING: untranslated string: Scan for Songs WARNING: untranslated string: Set time on boot WARNING: untranslated string: advproxy errmsg invalid upstream proxy +WARNING: untranslated string: attention WARNING: untranslated string: bytes +WARNING: untranslated string: ccd add +WARNING: untranslated string: ccd choose net +WARNING: untranslated string: ccd client options +WARNING: untranslated string: ccd clientip +WARNING: untranslated string: ccd dynrange +WARNING: untranslated string: ccd err blue +WARNING: untranslated string: ccd err green +WARNING: untranslated string: ccd err hostinnet +WARNING: untranslated string: ccd err inuse +WARNING: untranslated string: ccd err invalidname +WARNING: untranslated string: ccd err invalidnet +WARNING: untranslated string: ccd err irouteexist +WARNING: untranslated string: ccd err isovpnnet +WARNING: untranslated string: ccd err issubnet +WARNING: untranslated string: ccd err name +WARNING: untranslated string: ccd err nameexist +WARNING: untranslated string: ccd err netadrexist +WARNING: untranslated string: ccd err orange +WARNING: untranslated string: ccd err red +WARNING: untranslated string: ccd err routeovpn +WARNING: untranslated string: ccd err routeovpn2 +WARNING: untranslated string: ccd hint +WARNING: untranslated string: ccd invalid +WARNING: untranslated string: ccd iroute +WARNING: untranslated string: ccd iroute2 +WARNING: untranslated string: ccd iroutehint +WARNING: untranslated string: ccd modify +WARNING: untranslated string: ccd name +WARNING: untranslated string: ccd net +WARNING: untranslated string: ccd none +WARNING: untranslated string: ccd routes +WARNING: untranslated string: ccd subnet +WARNING: untranslated string: ccd used WARNING: untranslated string: deprecated fs warn WARNING: untranslated string: fireinfo ipfire version WARNING: untranslated string: fireinfo is disabled @@ -546,11 +580,16 @@ WARNING: untranslated string: outgoing firewall p2p des= cription 2 WARNING: untranslated string: outgoing firewall p2p description 3 WARNING: untranslated string: outgoing firewall reserved groupname WARNING: untranslated string: outgoing firewall view group +WARNING: untranslated string: ovpn errmsg green already pushed +WARNING: untranslated string: ovpn errmsg invalid ip or mask +WARNING: untranslated string: ovpn routes push +WARNING: untranslated string: ovpn routes push options WARNING: untranslated string: pakfire ago WARNING: untranslated string: route config changed WARNING: untranslated string: routing config added WARNING: untranslated string: routing config changed WARNING: untranslated string: routing table +WARNING: untranslated string: server restart WARNING: untranslated string: static routes WARNING: untranslated string: system information WARNING: untranslated string: visit us at diff --git a/doc/language_issues.ru b/doc/language_issues.ru index e25d81d..c1c87ee 100644 --- a/doc/language_issues.ru +++ b/doc/language_issues.ru @@ -491,7 +491,41 @@ WARNING: untranslated string: Add a route WARNING: untranslated string: Edit an existing route WARNING: untranslated string: Scan for Songs WARNING: untranslated string: advproxy errmsg invalid upstream proxy +WARNING: untranslated string: attention WARNING: untranslated string: bytes +WARNING: untranslated string: ccd add +WARNING: untranslated string: ccd choose net +WARNING: untranslated string: ccd client options +WARNING: untranslated string: ccd clientip +WARNING: untranslated string: ccd dynrange +WARNING: untranslated string: ccd err blue +WARNING: untranslated string: ccd err green +WARNING: untranslated string: ccd err hostinnet +WARNING: untranslated string: ccd err inuse +WARNING: untranslated string: ccd err invalidname +WARNING: untranslated string: ccd err invalidnet +WARNING: untranslated string: ccd err irouteexist +WARNING: untranslated string: ccd err isovpnnet +WARNING: untranslated string: ccd err issubnet +WARNING: untranslated string: ccd err name +WARNING: untranslated string: ccd err nameexist +WARNING: untranslated string: ccd err netadrexist +WARNING: untranslated string: ccd err orange +WARNING: untranslated string: ccd err red +WARNING: untranslated string: ccd err routeovpn +WARNING: untranslated string: ccd err routeovpn2 +WARNING: untranslated string: ccd hint +WARNING: untranslated string: ccd invalid +WARNING: untranslated string: ccd iroute +WARNING: untranslated string: ccd iroute2 +WARNING: untranslated string: ccd iroutehint +WARNING: untranslated string: ccd modify +WARNING: untranslated string: ccd name +WARNING: untranslated string: ccd net +WARNING: untranslated string: ccd none +WARNING: untranslated string: ccd routes +WARNING: untranslated string: ccd subnet +WARNING: untranslated string: ccd used WARNING: untranslated string: deprecated fs warn WARNING: untranslated string: disk access per WARNING: untranslated string: extrahd because there is already a device moun= ted @@ -520,6 +554,7 @@ WARNING: untranslated string: route config changed WARNING: untranslated string: routing config added WARNING: untranslated string: routing config changed WARNING: untranslated string: routing table +WARNING: untranslated string: server restart WARNING: untranslated string: static routes WARNING: untranslated string: visit us at WARNING: untranslated string: vpn keyexchange diff --git a/doc/language_missings b/doc/language_missings index 55e0e40..a6a29fb 100644 --- a/doc/language_missings +++ b/doc/language_missings @@ -4,6 +4,7 @@ ############################################################################ # Checking cgi-bin translations for language: en # ############################################################################ +< ccd maxclients ############################################################################ # Checking install/setup translations for language: fr # ############################################################################ @@ -11,6 +12,43 @@ # Checking cgi-bin translations for language: fr # ############################################################################ < advproxy errmsg invalid upstream proxy +< attention +< ccd add +< ccd choose net +< ccd clientip +< ccd client options +< ccd dynrange +< ccd err blue +< ccd err green +< ccd err hostinnet +< ccd err inuse +< ccd err invalidname +< ccd err invalidnet +< ccd err iroute +< ccd err irouteexist +< ccd err isovpnnet +< ccd err issubnet +< ccd err name +< ccd err nameexist +< ccd err netadr +< ccd err netadrexist +< ccd err orange +< ccd err red +< ccd err routeovpn +< ccd err routeovpn2 +< ccd hint +< ccd invalid +< ccd iroute +< ccd iroute2 +< ccd iroutehint +< ccd maxclients +< ccd modify +< ccd name +< ccd net +< ccd none +< ccd routes +< ccd subnet +< ccd used < deprecated fs warn < dns address deleted txt < fireinfo ipfire version @@ -45,6 +83,7 @@ < openvpn subnet is used < other < our donors +< server restart < snort working < static routes < system information @@ -81,6 +120,43 @@ ############################################################################ < advproxy errmsg invalid upstream proxy < Async logging enabled +< attention +< ccd add +< ccd choose net +< ccd clientip +< ccd client options +< ccd dynrange +< ccd err blue +< ccd err green +< ccd err hostinnet +< ccd err inuse +< ccd err invalidname +< ccd err invalidnet +< ccd err iroute +< ccd err irouteexist +< ccd err isovpnnet +< ccd err issubnet +< ccd err name +< ccd err nameexist +< ccd err netadr +< ccd err netadrexist +< ccd err orange +< ccd err red +< ccd err routeovpn +< ccd err routeovpn2 +< ccd hint +< ccd invalid +< ccd iroute +< ccd iroute2 +< ccd iroutehint +< ccd maxclients +< ccd modify +< ccd name +< ccd net +< ccd none +< ccd routes +< ccd subnet +< ccd used < deprecated fs warn < fireinfo ipfire version < fireinfo is disabled @@ -126,6 +202,11 @@ < outgoing firewall p2p description 2 < outgoing firewall p2p description 3 < outgoing firewall view group +< ovpn errmsg green already pushed +< ovpn errmsg invalid ip or mask +< ovpn routes push +< ovpn routes push options +< server restart < Set time on boot < static routes < system information @@ -138,6 +219,43 @@ # Checking cgi-bin translations for language: pl # ############################################################################ < advproxy errmsg invalid upstream proxy +< attention +< ccd add +< ccd choose net +< ccd clientip +< ccd client options +< ccd dynrange +< ccd err blue +< ccd err green +< ccd err hostinnet +< ccd err inuse +< ccd err invalidname +< ccd err invalidnet +< ccd err iroute +< ccd err irouteexist +< ccd err isovpnnet +< ccd err issubnet +< ccd err name +< ccd err nameexist +< ccd err netadr +< ccd err netadrexist +< ccd err orange +< ccd err red +< ccd err routeovpn +< ccd err routeovpn2 +< ccd hint +< ccd invalid +< ccd iroute +< ccd iroute2 +< ccd iroutehint +< ccd maxclients +< ccd modify +< ccd name +< ccd net +< ccd none +< ccd routes +< ccd subnet +< ccd used < deprecated fs warn < extrahd because there is already a device mounted < extrahd cant umount @@ -161,6 +279,11 @@ < openvpn subnet is used < other < our donors +< ovpn errmsg green already pushed +< ovpn errmsg invalid ip or mask +< ovpn routes push +< ovpn routes push options +< server restart < static routes < visit us at < vpn keyexchange @@ -172,6 +295,43 @@ ############################################################################ < Add a route < advproxy errmsg invalid upstream proxy +< attention +< ccd add +< ccd choose net +< ccd clientip +< ccd client options +< ccd dynrange +< ccd err blue +< ccd err green +< ccd err hostinnet +< ccd err inuse +< ccd err invalidname +< ccd err invalidnet +< ccd err iroute +< ccd err irouteexist +< ccd err isovpnnet +< ccd err issubnet +< ccd err name +< ccd err nameexist +< ccd err netadr +< ccd err netadrexist +< ccd err orange +< ccd err red +< ccd err routeovpn +< ccd err routeovpn2 +< ccd hint +< ccd invalid +< ccd iroute +< ccd iroute2 +< ccd iroutehint +< ccd maxclients +< ccd modify +< ccd name +< ccd net +< ccd none +< ccd routes +< ccd subnet +< ccd used < day-graph < deprecated fs warn < disk access per @@ -203,6 +363,7 @@ < other < our donors < outgoing traffic in bytes per second +< server restart < static routes < visit us at < vpn keyexchange diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi old mode 100644 new mode 100755 index 990fe66..baabe8b --- a/html/cgi-bin/ovpnmain.cgi +++ b/html/cgi-bin/ovpnmain.cgi @@ -36,10 +36,10 @@ require "${General::swroot}/header.pl"; require "${General::swroot}/countries.pl"; =20 # enable only the following on debugging purpose -use warnings; -use CGI::Carp 'fatalsToBrowser'; +#use warnings; +#use CGI::Carp 'fatalsToBrowser'; #workaround to suppress a warning when a variable is used only once -my @dummy =3D ( ${Header::colourgreen} ); +my @dummy =3D ( ${Header::colourgreen}, ${Header::colourblue} ); undef (@dummy); =20 my %color =3D (); @@ -77,8 +77,12 @@ $cgiparams{'DHCP_WINS'} =3D ''; $cgiparams{'ROUTES_PUSH'} =3D ''; $cgiparams{'DCOMPLZO'} =3D 'off'; $cgiparams{'MSSFIX'} =3D ''; +$cgiparams{'number'} =3D ''; $routes_push_file =3D "${General::swroot}/ovpn/routes_push"; unless (-e $routes_push_file) { system("touch $routes_push_file"); } +unless (-e "${General::swroot}/ovpn/ccd.conf") { system("touch ${General:= :swroot}/ovpn/ccd.conf"); } +unless (-e "${General::swroot}/ovpn/ccdroute") { system("touch ${General:= :swroot}/ovpn/ccdroute"); } +unless (-e "${General::swroot}/ovpn/ccdroute2") { system("touch ${General= ::swroot}/ovpn/ccdroute2"); } =20 &Header::getcgihash(\%cgiparams, {'wantfile' =3D> 1, 'filevar' =3D> 'FH'}); =20 @@ -342,18 +346,35 @@ sub writeserverconf { print CONF "dh /var/ipfire/ovpn/ca/dh1024.pem\n"; my @tempovpnsubnet =3D split("\/",$sovpnsettings{'DOVPN_SUBNET'}); print CONF "server $tempovpnsubnet[0] $tempovpnsubnet[1]\n"; - print CONF "push \"route $netsettings{'GREEN_NETADDRESS'} $netsettings{'= GREEN_NETMASK'}\"\n"; + #print CONF "push \"route $netsettings{'GREEN_NETADDRESS'} $netsettings{= 'GREEN_NETMASK'}\"\n"; =20 if ($vpnsettings{'ROUTES_PUSH'} ne '') { - @temp =3D split(/\n/,$vpnsettings{'ROUTES_PUSH'}); - foreach (@temp) - { - @tempovpnsubnet =3D split("\/",&General::ipcidr2msk($_)); - print CONF "push \"route " . $tempovpnsubnet[0]. " " . $tempovpnsubnet[1]= . "\"\n"; + @temp =3D split(/\n/,$vpnsettings{'ROUTES_PUSH'}); + foreach (@temp) + { + @tempovpnsubnet =3D split("\/",&General::ipcidr2msk($_)); + print CONF "push \"route " . $tempovpnsubnet[0]. " " . $tempovpnsubnet[1= ] . "\"\n"; + } } - } +# a.marx ccd + my %ccdconfhash=3D(); + &General::readhasharray("${General::swroot}/ovpn/ccd.conf", \%ccdconfhash); + foreach my $key (keys %ccdconfhash) { + my $a=3D$ccdconfhash{$key}[1]; + my ($b,$c) =3D split (/\//, $a); + print CONF "route $b ".&General::cidrtosub($c)."\n"; + } + my %ccdroutehash=3D(); + &General::readhasharray("${General::swroot}/ovpn/ccdroute", \%ccdroutehash); + foreach my $key (keys %ccdroutehash) { + foreach my $i ( 1 .. $#{$ccdroutehash{$key}}){ + my ($a,$b)=3Dsplit (/\//,$ccdroutehash{$key}[$i]); + print CONF "route $a $b\n"; + } + } +# ccd end =20 - if ($sovpnsettings{CLIENT2CLIENT} eq 'on') { + if ($sovpnsettings{CLIENT2CLIENT} eq 'on') { print CONF "client-to-client\n"; } if ($sovpnsettings{MSSFIX} eq 'on') { @@ -407,7 +428,7 @@ sub writeserverconf { =20 close(CONF); } =20 -# + sub emptyserverlog{ if (open(FILE, ">/var/log/ovpnserver.log")) { flock FILE, 2; @@ -417,6 +438,281 @@ sub emptyserverlog{ =20 } =20 +sub delccdnet=20 +{ + my %ccdconfhash =3D (); + my %ccdhash =3D (); + my $ccdnetname=3D$_[0]; + if (-f "${General::swroot}/ovpn/ovpnconfig"){ + &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%ccdhash); + foreach my $key (keys %ccdhash) { + if ($ccdhash{$key}[32] eq $ccdnetname) { + $errormessage=3D$Lang::tr{'ccd err hostinnet'}; + return; + } + } + } + &General::readhasharray("${General::swroot}/ovpn/ccd.conf", \%ccdconfhash); + foreach my $key (keys %ccdconfhash) { + if ($ccdconfhash{$key}[0] eq $ccdnetname){ + delete $ccdconfhash{$key}; + } + } + &General::writehasharray("${General::swroot}/ovpn/ccd.conf", \%ccdconfhash); +=09 + &writeserverconf; + return 0; +} + +sub addccdnet +{ + my %ccdconfhash=3D(); + my @ccdconf=3D(); + my $ccdname=3D$_[0]; + my $ccdnet=3D$_[1]; + my $ovpnsubnet=3D$_[2]; + my $subcidr; + my @ip2=3D(); + my $checkup; + my $ccdip; + my $baseaddress; + if(!&General::validhostname($ccdname)){ + $errormessage=3D$Lang::tr{'ccd err invalidname'}; + return; + } + #check ip + if (&General::validipandmask($ccdnet)){ + $ccdnet=3D&General::iporsubtocidr($ccdnet);=09 + }else{ + $errormessage=3D$Lang::tr{'ccd err invalidnet'}; + return; + } + ($ccdip,$subcidr) =3D split (/\//,$ccdnet); + if ($ccdname eq '') { + $errormessage=3D$errormessage.$Lang::tr{'ccd err name'}."
"; + } + #check if we try to use same network as ovpn server + if (&General::iporsubtocidr($ccdnet) eq &General::iporsubtocidr($ovpnsubnet= )) { + $errormessage=3D$errormessage.$Lang::tr{'ccd err isovpnnet'}."
"; + } + =09 + #check if we use a name/subnet that already exists + &General::readhasharray("${General::swroot}/ovpn/ccd.conf", \%ccdconfhash); + foreach my $key (keys %ccdconfhash) { + @ccdconf=3Dsplit(/\//,$ccdconfhash{$key}[1]); + if ($ccdname eq $ccdconfhash{$key}[0]) {$errormessage=3D$errormessage.$La= ng::tr{'ccd err nameexist'}."
";} + my ($newip,$newsub) =3D split(/\//,$ccdnet); + if (&General::IpInSubnet($newip,$ccdconf[0],&General::iporsubtodec($ccdco= nf[1]))) {$errormessage=3D$errormessage.$Lang::tr{'ccd err issubnet'}."
";} + =09 + } + #check if we use one of ipfire's networks (green,orange,blue) + my %ownnet=3D(); + &General::readhash("${General::swroot}/ethernet/settings", \%ownnet); + if (($ownnet{'GREEN_NETADDRESS'} ne '' && $ownnet{'GREEN_NETADDRESS'} ne= '0.0.0.0') && &General::IpInSubnet($ownnet{'GREEN_NETADDRESS'},$ccdip,&Gener= al::iporsubtodec($subcidr))){ $errormessage=3D$Lang::tr{'ccd err green'};} + if (($ownnet{'ORANGE_NETADDRESS'} ne '' && $ownnet{'ORANGE_NETADDRESS'} ne= '0.0.0.0') && &General::IpInSubnet($ownnet{'ORANGE_NETADDRESS'},$ccdip,&Gene= ral::iporsubtodec($subcidr))){ $errormessage=3D$Lang::tr{'ccd err orange'};} + if (($ownnet{'BLUE_NETADDRESS'} ne '' && $ownnet{'BLUE_NETADDRESS'} ne '0= .0.0.0') && &General::IpInSubnet($ownnet{'BLUE_NETADDRESS'},$ccdip,&General::= iporsubtodec($subcidr))){ $errormessage=3D$Lang::tr{'ccd err blue'};} + if (($ownnet{'RED_NETADDRESS'} ne '' && $ownnet{'RED_NETADDRESS'} ne '0.0= .0.0') && &General::IpInSubnet($ownnet{'RED_NETADDRESS'},$ccdip,&General::ipo= rsubtodec($subcidr))){ $errormessage=3D$Lang::tr{'ccd err red'};} + =09 + =09 + if (!$errormessage) { + my %ccdconfhash=3D(); + $baseaddress=3D&General::getnetworkip($ccdip,$subcidr); + &General::readhasharray("${General::swroot}/ovpn/ccd.conf", \%ccdconfhash); + my $key =3D &General::findhasharraykey (\%ccdconfhash); + foreach my $i (0 .. 1) { $ccdconfhash{$key}[$i] =3D "";} + $ccdconfhash{$key}[0] =3D $ccdname; + $ccdconfhash{$key}[1] =3D $baseaddress."/".$subcidr; + &General::writehasharray("${General::swroot}/ovpn/ccd.conf", \%ccdconfhash= ); + &writeserverconf; + $cgiparams{'ccdname'}=3D''; + $cgiparams{'ccdsubnet'}=3D''; + return 1; + } +} + +sub modccdnet +{ +=09 + my $newname=3D$_[0]; + my $oldname=3D$_[1]; + my %ccdconfhash=3D(); + my %ccdhash=3D(); + &General::readhasharray("${General::swroot}/ovpn/ccd.conf", \%ccdconfhash); + foreach my $key (keys %ccdconfhash) { + if ($ccdconfhash{$key}[0] eq $oldname) { + foreach my $key1 (keys %ccdconfhash) { + if ($ccdconfhash{$key1}[0] eq $newname){ + $errormessage=3D$errormessage.$Lang::tr{'ccd err netadrexist'}; + return; + }else{ + $ccdconfhash{$key}[0]=3D $newname; + &General::writehasharray("${General::swroot}/ovpn/ccd.conf", \%ccdconfh= ash); + last; + } + } + } + } +=09 + &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%ccdhash); + foreach my $key (keys %ccdhash) { + if ($ccdhash{$key}[32] eq $oldname) { + $ccdhash{$key}[32]=3D$newname; + &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%ccdhash= ); + last; + } + } +=09 + return 0; +} +sub ccdmaxclients +{ + my $ccdnetwork=3D$_[0]; + my @octets=3D(); + my @subnet=3D(); + @octets=3Dsplit("\/",$ccdnetwork); + @subnet=3D split /\./, &General::cidrtosub($octets[1]); + my ($a,$b,$c,$d,$e); + $a=3D256-$subnet[0]; + $b=3D256-$subnet[1]; + $c=3D256-$subnet[2]; + $d=3D256-$subnet[3]; + $e=3D($a*$b*$c*$d)/4; + return $e-1; +} + +sub getccdadresses=20 +{ + my $ipin=3D$_[0]; + my ($ip1,$ip2,$ip3,$ip4)=3Dsplit /\./, $ipin; + my $cidr=3D$_[1]; + chomp($cidr); + my $count=3D$_[2]; + my $hasip=3D$_[3]; + chomp($hasip); + my @iprange=3D(); + my %ccdhash=3D(); + &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%ccdhash); + $iprange[0]=3D$ip1.".".$ip2.".".$ip3.".".2; + for (my $i=3D0;$i<=3D$count-1;$i++) { + my $tmpip=3D$iprange[$i-1]; + my $stepper=3D$i*4; + $iprange[$i]=3D &General::getnextip($tmpip,4); + } + my $r=3D0; + foreach my $key (keys %ccdhash) { + $r=3D0; + foreach my $tmp (@iprange){ + my ($net,$sub) =3D split (/\//,$ccdhash{$key}[33]); + if ($net eq $tmp) { + if ( $hasip ne $ccdhash{$key}[33] ){ + splice (@iprange,$r,1); + } + } + $r++; + } + } + return @iprange; +} + +sub fillselectbox +{ + my $boxname=3D$_[1]; + my ($ccdip,$subcidr) =3D split("/",$_[0]);=20 + my $tz=3D$_[2]; + my @allccdips=3D&getccdadresses($ccdip,$subcidr,&ccdmaxclients($ccdip."/".$= subcidr),$tz); + print""; +} + +sub hostsinnet +{ + my $name=3D$_[0]; + my %ccdhash=3D(); + my $i=3D0; + &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%ccdhash); + foreach my $key (keys %ccdhash) { + if ($ccdhash{$key}[32] eq $name){ $i++;} + } + return $i; +} + +sub check_routes_push +{ + my $val=3D$_[0]; + my ($ip,$cidr) =3D split (/\//, $val); + ##check for existing routes in routes_push + if (-e "${General::swroot}/ovpn/routes_push") { + open(FILE,"${General::swroot}/ovpn/routes_push"); + while () { + $_=3D~s/\s*$//g; + =09 + my ($ip2,$cidr2) =3D split (/\//,"$_"); + my $val2=3D$ip2."/".&General::iporsubtodec($cidr2); + =09 + if($val eq $val2){ + return 0; + } + #subnetcheck + if (&General::IpInSubnet ($ip,$ip2,&General::iporsubtodec($cidr2))){ + return 0; + } + }; + close(FILE); + } + return 1; +} + +sub check_ccdroute +{ + my %ccdroutehash=3D(); + my $val=3D$_[0]; + my ($ip,$cidr) =3D split (/\//, $val); + #check for existing routes in ccdroute + &General::readhasharray("${General::swroot}/ovpn/ccdroute", \%ccdroutehash); + foreach my $key (keys %ccdroutehash) { + foreach my $i (1 .. $#{$ccdroutehash{$key}}) { + if (&General::iporsubtodec($val) eq $ccdroutehash{$key}[$i] && $ccdrouteh= ash{$key}[0] ne $cgiparams{'NAME'}){ + return 0; + } + my ($ip2,$cidr2) =3D split (/\//,$ccdroutehash{$key}[$i]); + #subnetcheck + if (&General::IpInSubnet ($ip,$ip2,$cidr2)&& $ccdroutehash{$key}[0] ne $c= giparams{'NAME'} ){ + return 0; + } + } + } + return 1; +} +sub check_ccdconf +{ + my %ccdconfhash=3D(); + my $val=3D$_[0]; + my ($ip,$cidr) =3D split (/\//, $val); + #check for existing routes in ccdroute + &General::readhasharray("${General::swroot}/ovpn/ccd.conf", \%ccdconfhash); + foreach my $key (keys %ccdconfhash) { + if (&General::iporsubtocidr($val) eq $ccdconfhash{$key}[1]){ + return 0; + } + my ($ip2,$cidr2) =3D split (/\//,$ccdconfhash{$key}[1]); + #subnetcheck + if (&General::IpInSubnet ($ip,$ip2,&General::cidrtosub($cidr2))){ + return 0; + } + =09 + } + return 1; +} + ### # m.a.d net2net ### @@ -451,6 +747,7 @@ sub read_routepushfile while () { $vpnsettings{'ROUTES_PUSH'} .=3D $_ }; close(FILE); $cgiparams{'ROUTES_PUSH'} =3D $vpnsettings{'ROUTES_PUSH'}; + =09 } } =20 @@ -490,11 +787,11 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'start ovpn serve= r'} || &emptyserverlog();=09 } =20 # #restart openvpn server - if ($cgiparams{'ACTION'} eq $Lang::tr{'restart ovpn server'}){ +# if ($cgiparams{'ACTION'} eq $Lang::tr{'restart ovpn server'}){ #workarund, till SIGHUP also works when running as nobody =20 - system('/usr/local/bin/openvpnctrl', '-r');=09 - &emptyserverlog();=09 - } =20 +# system('/usr/local/bin/openvpnctrl', '-r');=09 +# &emptyserverlog();=09 +# } =20 } =20 ### @@ -554,24 +851,47 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'save-adv-options= '}) { if ($cgiparams{'ROUTES_PUSH'} ne ''){ @temp =3D split(/\n/,$cgiparams{'ROUTES_PUSH'}); undef $vpnsettings{'ROUTES_PUSH'}; - foreach (@temp) + =09 + foreach my $tmpip (@temp) { s/^\s+//g; s/\s+$//g; - if ($_) + =09 + if ($tmpip) { - unless (&General::validipandmask($_)) { - $errormessage =3D $Lang::tr{'ovpn errmsg invalid ip or mask'}; - goto ADV_ERROR; + $tmpip=3D~s/\s*$//g;=20 + unless (&General::validipandmask($tmpip)) { + $errormessage =3D "$tmpip ".$Lang::tr{'ovpn errmsg invalid ip or mask'}; + goto ADV_ERROR; } - my ($ip, $cidr) =3D split("\/",&General::ipcidr2msk($_)); + my ($ip, $cidr) =3D split("\/",&General::ipcidr2msk($tmpip)); + =09 if ($ip eq $netsettings{'GREEN_NETADDRESS'} && $cidr eq $netsettings{'GRE= EN_NETMASK'}) { $errormessage =3D $Lang::tr{'ovpn errmsg green already pushed'}; - goto ADV_ERROR; + goto ADV_ERROR; + } +# a.marx ccd =09 + my %ccdroutehash=3D(); + &General::readhasharray("${General::swroot}/ovpn/ccdroute", \%ccdroutehas= h); + foreach my $key (keys %ccdroutehash) { + foreach my $i (1 .. $#{$ccdroutehash{$key}}) {=20 + if ( $ip."/".$cidr eq $ccdroutehash{$key}[$i] ){ + $errormessage=3D"Route $ip\/$cidr ".$Lang::tr{'ccd err inuse'}." $ccdr= outehash{$key}[0]" ; + goto ADV_ERROR; + } + my ($ip2,$cidr2) =3D split(/\//,$ccdroutehash{$key}[$i]); + if (&General::IpInSubnet ($ip,$ip2,$cidr2)){ + $errormessage=3D"Route $ip\/$cidr ".$Lang::tr{'ccd err inuse'}." $ccdr= outehash{$key}[0]" ; + goto ADV_ERROR; + } + } } - $vpnsettings{'ROUTES_PUSH'} .=3D $_."\n"; + =09 +# ccd end + =09 + $vpnsettings{'ROUTES_PUSH'} .=3D $tmpip."\n"; } - } - &write_routepushfile; + } + &write_routepushfile; undef $vpnsettings{'ROUTES_PUSH'}; } else { @@ -1571,29 +1891,26 @@ END my $n2nactive =3D `/bin/ps ax|grep $confighash{$cgiparams{'KEY'}}[1]|gre= p -v grep|awk \'{print \$1}\'`; =20 if ($confighash{$cgiparams{'KEY'}}) { + if ($confighash{$cgiparams{'KEY'}}[0] eq 'off') { + $confighash{$cgiparams{'KEY'}}[0] =3D 'on'; + &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%configha= sh); =20 - - if ($confighash{$cgiparams{'KEY'}}[0] eq 'off') { - $confighash{$cgiparams{'KEY'}}[0] =3D 'on'; - &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%config= hash); - - if ($confighash{$cgiparams{'KEY'}}[3] eq 'net'){ + if ($confighash{$cgiparams{'KEY'}}[3] eq 'net'){ system('/usr/local/bin/openvpnctrl', '-sn2n', $confighash{$= cgiparams{'KEY'}}[1]); - } -=20 - } else { + } + } else { =20 - $confighash{$cgiparams{'KEY'}}[0] =3D 'off'; - &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confi= ghash); + $confighash{$cgiparams{'KEY'}}[0] =3D 'off'; + &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%configha= sh); =20 - if ($confighash{$cgiparams{'KEY'}}[3] eq 'net'){ + if ($confighash{$cgiparams{'KEY'}}[3] eq 'net'){ if ($n2nactive ne ''){ =09 - system('/usr/local/bin/openvpnctrl', '-kn2n', $confighas= h{$cgiparams{'KEY'}}[1]); - } + system('/usr/local/bin/openvpnctrl', '-kn2n', $confighash{$cgiparams{'= KEY'}}[1]); + } =20 - } else { + } else { $errormessage =3D $Lang::tr{'invalid key'}; - } + } } } =20 @@ -1718,9 +2035,10 @@ else =20 my $zip =3D Archive::Zip->new(); =20 - print CLIENTCONF "#OpenVPN Server conf\r\n"; + print CLIENTCONF "#OpenVPN Client conf\r\n"; print CLIENTCONF "tls-client\r\n"; print CLIENTCONF "client\r\n"; + print CLIENTCONF "nobind\n"; print CLIENTCONF "dev $vpnsettings{'DDEVICE'}\r\n"; print CLIENTCONF "proto $vpnsettings{'DPROTOCOL'}\r\n"; print CLIENTCONF "$vpnsettings{'DDEVICE'}-mtu $vpnsettings{'DMTU'}\r\n"; @@ -1814,10 +2132,41 @@ else } =20 unlink ("${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]ce= rt.pem"); - unlink ("${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p1= 2"); + unlink ("${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p= 12"); + +# A.Marx CCD delete ccd files and routes + +=09 + if (-f "${General::swroot}/ovpn/ccd/$confighash{$cgiparams{'KEY'}}[2]") + { + unlink "${General::swroot}/ovpn/ccd/$confighash{$cgiparams{'KEY'}}[2]"; + } + my %ccdroutehash=3D(); + &General::readhasharray("${General::swroot}/ovpn/ccdroute", \%ccdroutehash); + foreach my $key (keys %ccdroutehash) { + if ($ccdroutehash{$key}[0] eq $confighash{$cgiparams{'KEY'}}[1]){ + delete $ccdroutehash{$key}; + } + } + &General::writehasharray("${General::swroot}/ovpn/ccdroute", \%ccdroutehash= ); + my %ccdroute2hash=3D(); + &General::readhasharray("${General::swroot}/ovpn/ccdroute2", \%ccdroute2has= h); + foreach my $key (keys %ccdroute2hash) { + if ($ccdroute2hash{$key}[0] eq $confighash{$cgiparams{'KEY'}}[1]){ + delete $ccdroute2hash{$key}; + } + } + &General::writehasharray("${General::swroot}/ovpn/ccdroute2", \%ccdroute2ha= sh); +=09 +=09 +=09 +# CCD end=20 + +=09 delete $confighash{$cgiparams{'KEY'}}; my $temp2 =3D `/usr/bin/openssl ca -gencrl -out ${General::swroot}/ovpn/crl= s/cacrl.pem -config ${General::swroot}/ovpn/openssl/ovpn.cnf`; &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash= ); + #&writeserverconf(); } else { $errormessage =3D $Lang::tr{'invalid key'}; @@ -1884,9 +2233,11 @@ else %cgiparams =3D (); %cahash =3D (); %confighash =3D (); + my $disabled; &General::readhash("${General::swroot}/ovpn/settings", \%cgiparams); read_routepushfile; - +=09 +=09 # if ($cgiparams{'CLIENT2CLIENT'} eq '') { # $cgiparams{'CLIENT2CLIENT'} =3D 'on'; =20 # } @@ -1926,9 +2277,7 @@ ADV_ERROR: $selected{'LOG_VERB'}{'11'} =3D ''; $selected{'LOG_VERB'}{'0'} =3D ''; $selected{'LOG_VERB'}{$cgiparams{'LOG_VERB'}} =3D 'SELECTED'; - - - =20 + =20 &Header::showhttpheaders(); &Header::openpage($Lang::tr{'status ovpn'}, 1, ''); &Header::openbigbox('100%', 'LEFT', '', $errormessage); =20 @@ -1940,8 +2289,8 @@ ADV_ERROR: } &Header::openbox('100%', 'LEFT', $Lang::tr{'advanced server'}); print < - + +
@@ -1950,7 +2299,7 @@ ADV_ERROR: =09 =09 - + =09 @@ -1975,7 +2324,7 @@ if ($cgiparams{'ROUTES_PUSH'} ne '') print $cgiparams{'ROUTES_PUSH'}; } =20 -print < @@ -2057,8 +2406,16 @@ print <10 <= /td>=09 -
$Lang::tr{'dhcp-options'}
Domain
DNS
-
+
+END + +if ( -e "/var/run/openvpn.pid"){ +print"
$Lang::tr{'attention'}:
+ $Lang::tr{'server restart'}

+
"; +} + +print<   @@ -2077,6 +2434,121 @@ END &Header::closepage(); exit(0); =09 + +# A.Marx CCD Add,delete or edit CCD net + +} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'ccd net'} ||=20 + $cgiparams{'ACTION'} eq $Lang::tr{'ccd add'} || =20 + $cgiparams{'ACTION'} eq "kill" ||=20 + $cgiparams{'ACTION'} eq "edit" || + $cgiparams{'ACTION'} eq 'editsave'){ + &Header::showhttpheaders(); + &Header::openpage($Lang::tr{'ccd net'}, 1, ''); + &Header::openbigbox('100%', 'LEFT', '', ''); + + if ($cgiparams{'ACTION'} eq "kill"){ + &delccdnet($cgiparams{'net'}); + } +=09 + if ($cgiparams{'ACTION'} eq 'editsave'){ + my ($a,$b) =3Dsplit (/\|/,$cgiparams{'ccdname'}); + if ( $a ne $b){ &modccdnet($a,$b);} + } +=09 + if ($cgiparams{'ACTION'} eq $Lang::tr{'ccd add'}) { + &addccdnet($cgiparams{'ccdname'},$cgiparams{'ccdsubnet'},$cgiparams{'DOVPN= _SUBNET'}); + } + if ($errormessage) { + &Header::openbox('100%', 'LEFT', $Lang::tr{'error messages'}); + print "$errormessage"; + print " "; + &Header::closebox(); =09 + } +if ($cgiparams{'ACTION'} eq "edit"){ +=09 + &Header::openbox('100%', 'LEFT', $Lang::tr{'ccd modify'}); + + print < + + $Lang::tr{'ccd name'}: + $Lang::tr{'ccd subnet'}: +
+ + + +END +; + &Header::closebox(); + + &Header::openbox('100%', 'LEFT',$Lang::tr{'ccd net'} ); + print < + + $Lang::tr{'ccd name'}$Lang::tr{'network'}$Lang::tr{'ccd used'} +END +; +} +else{ + if (! -e "/var/run/openvpn.pid"){ + &Header::openbox('100%', 'LEFT', $Lang::tr{'ccd add'}); + print < +
+ $Lang::tr{'ccd hint'}

+ + $Lang::tr{'ccd name'}: + $Lang::tr{'ccd subnet'}: +
+ +
+END +=09 + &Header::closebox(); +} + &Header::openbox('100%', 'LEFT',$Lang::tr{'ccd net'} ); + print < + + = $Lang::tr{'ccd name'}$Lang::tr{'network'}$Lang::tr{'ccd used'} +END +; +} + my %ccdconfhash=3D();=09 + &General::readhasharray("${General::swroot}/ovpn/ccd.conf", \%ccdconfhash);= =09 + my @ccdconf=3D(); + my $count=3D0; + foreach my $key (keys %ccdconfhash) { + @ccdconf=3D($ccdconfhash{$key}[0],$ccdconfhash{$key}[1]); + $count++; + my $ccdhosts =3D &hostsinnet($ccdconf[0]); + if ($count % 2){ print" ";} + else{ print" ";} + print"$ccdconf[0]$ccdconf[1]$ccdhosts/".(&ccdmaxclients($ccdconf[1])+1).""; +print < + + + + + +
+ + + +
+END +; + }=09 + print ""; + &Header::closebox(); + print ""; + &Header::closebigbox(); + &Header::closepage(); + exit(0); +=09 +#END CCD + ### ### Openvpn Connections Statistics ### @@ -2284,7 +2756,7 @@ if ( -s "${General::swroot}/ovpn/settings") { =20 print <$Lang::tr{'connection type'}:
- +
@@ -2293,21 +2765,21 @@ if ( -s "${General::swroot}/ovpn/settings") { - + - - +
$Lang::tr{'host to net vpn'}
$Lang::tr{'net to net vpn'} (Upload Client Package)
 
 Import Connection Name
 Default : Client Packagename
 Default : Client Packagename
 
3D'*' $Lang::tr{'this field may be blank'}
END ; +=09 =20 } else { print <$Lang::tr{'connection type'}:
- +
- +
$Lang::tr{'host to net vpn'}
END ; @@ -2537,26 +3009,26 @@ foreach my $dkey (keys %confighash) { =09 $key =3D &General::findhasharraykey (\%confighash); =20 - foreach my $i (0 .. 31) { $confighash{$key}[$i] =3D "";} + foreach my $i (0 .. 38) { $confighash{$key}[$i] =3D "";} $confighash{$key}[0] =3D 'off'; $confighash{$key}[1] =3D $n2nname[0]; - $confighash{$key}[2] =3D $n2nname[0];=09 + $confighash{$key}[2] =3D $n2nname[0];=09 $confighash{$key}[3] =3D 'net'; $confighash{$key}[4] =3D 'cert';=09 $confighash{$key}[6] =3D 'client'; =09 $confighash{$key}[8] =3D $n2nlocalsub[2]; - $confighash{$key}[10] =3D $n2nremote[1]; - $confighash{$key}[11] =3D "$n2nremsub[1]/$n2nremsub[2]"; =09 + $confighash{$key}[10] =3D $n2nremote[1]; + $confighash{$key}[11] =3D "$n2nremsub[1]/$n2nremsub[2]"; =09 $confighash{$key}[22] =3D $n2nmgmt[2]; - $confighash{$key}[23] =3D $mssfixactive; + $confighash{$key}[23] =3D $mssfixactive; $confighash{$key}[24] =3D $n2nfragment[1]; - $confighash{$key}[25] =3D 'IPFire n2n Client'; + $confighash{$key}[25] =3D 'IPFire n2n Client'; $confighash{$key}[26] =3D 'red'; - $confighash{$key}[27] =3D "$n2novpnsub[0].$n2novpnsub[1].$n2novpnsub[2].0/= 255.255.255.0"; - $confighash{$key}[28] =3D $n2nproto[0]; - $confighash{$key}[29] =3D $n2nport[1]; - $confighash{$key}[30] =3D $complzoactive; - $confighash{$key}[31] =3D $n2ntunmtu[1]; + $confighash{$key}[27] =3D "$n2novpnsub[0].$n2novpnsub[1].$n2novpnsub[2].= 0/255.255.255.0"; + $confighash{$key}[28] =3D $n2nproto[0]; + $confighash{$key}[29] =3D $n2nport[1]; + $confighash{$key}[30] =3D $complzoactive; + $confighash{$key}[31] =3D $n2ntunmtu[1]; =20 =20 &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighas= h); @@ -2655,45 +3127,194 @@ if ($confighash{$cgiparams{'KEY'}}) { } elsif (($cgiparams{'ACTION'} eq $Lang::tr{'add'}) || ($cgiparams{'ACTION'} eq $Lang::tr{'edit'}) || ($cgiparams{'ACTION'} eq $Lang::tr{'save'} && $cgiparams{'ADVANCED'} eq ''= )) { - + =20 &General::readhash("${General::swroot}/ovpn/settings", \%vpnsettings); &General::readhasharray("${General::swroot}/ovpn/caconfig", \%cahash); &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%configha= sh); =20 if ($cgiparams{'ACTION'} eq $Lang::tr{'edit'}) { - if (! $confighash{$cgiparams{'KEY'}}[0]) { - $errormessage =3D $Lang::tr{'invalid key'}; - goto VPNCONF_END; - } - $cgiparams{'ENABLED'} =3D $confighash{$cgiparams{'KEY'}}[0]; - $cgiparams{'NAME'} =3D $confighash{$cgiparams{'KEY'}}[1]; - $cgiparams{'TYPE'} =3D $confighash{$cgiparams{'KEY'}}[3]; - $cgiparams{'AUTH'} =3D $confighash{$cgiparams{'KEY'}}[4]; - $cgiparams{'PSK'} =3D $confighash{$cgiparams{'KEY'}}[5]; - $cgiparams{'SIDE'} =3D $confighash{$cgiparams{'KEY'}}[6]; - $cgiparams{'LOCAL_SUBNET'} =3D $confighash{$cgiparams{'KEY'}}[8]; - $cgiparams{'REMOTE'} =3D $confighash{$cgiparams{'KEY'}}[10]; - $cgiparams{'REMOTE_SUBNET'} =3D $confighash{$cgiparams{'KEY'}}[11]; -# n2n m.a.d new fields - $cgiparams{'OVPN_MGMT'} =3D $confighash{$cgiparams{'KEY'}}[22]; - $cgiparams{'MSSFIX'} =3D $confighash{$cgiparams{'KEY'}}[23]; - $cgiparams{'FRAGMENT'} =3D $confighash{$cgiparams{'KEY'}}[24]; - $cgiparams{'REMARK'} =3D $confighash{$cgiparams{'KEY'}}[25]; - $cgiparams{'INTERFACE'} =3D $confighash{$cgiparams{'KEY'}}[26]; -#new fields=09 - $cgiparams{'OVPN_SUBNET'} =3D $confighash{$cgiparams{'KEY'}}[27]; - $cgiparams{'PROTOCOL'} =3D $confighash{$cgiparams{'KEY'}}[28]; - $cgiparams{'DEST_PORT'} =3D $confighash{$cgiparams{'KEY'}}[29]; - $cgiparams{'COMPLZO'} =3D $confighash{$cgiparams{'KEY'}}[30]; - $cgiparams{'MTU'} =3D $confighash{$cgiparams{'KEY'}}[31]; - -#new fields -#ab hiere error uebernehmen - - } elsif ($cgiparams{'ACTION'} eq $Lang::tr{'save'}) { + if (! $confighash{$cgiparams{'KEY'}}[0]) { + $errormessage =3D $Lang::tr{'invalid key'}; + goto VPNCONF_END; + } + $cgiparams{'ENABLED'} =3D $confighash{$cgiparams{'KEY'}}[0]; + $cgiparams{'NAME'} =3D $confighash{$cgiparams{'KEY'}}[1]; + $cgiparams{'TYPE'} =3D $confighash{$cgiparams{'KEY'}}[3]; + $cgiparams{'AUTH'} =3D $confighash{$cgiparams{'KEY'}}[4]; + $cgiparams{'PSK'} =3D $confighash{$cgiparams{'KEY'}}[5]; + $cgiparams{'SIDE'} =3D $confighash{$cgiparams{'KEY'}}[6]; + $cgiparams{'LOCAL_SUBNET'} =3D $confighash{$cgiparams{'KEY'}}[8]; + $cgiparams{'REMOTE'} =3D $confighash{$cgiparams{'KEY'}}[10]; + $cgiparams{'REMOTE_SUBNET'} =3D $confighash{$cgiparams{'KEY'}}[11]; + $cgiparams{'OVPN_MGMT'} =3D $confighash{$cgiparams{'KEY'}}[22]; + $cgiparams{'MSSFIX'} =3D $confighash{$cgiparams{'KEY'}}[23]; + $cgiparams{'FRAGMENT'} =3D $confighash{$cgiparams{'KEY'}}[24]; + $cgiparams{'REMARK'} =3D $confighash{$cgiparams{'KEY'}}[25]; + $cgiparams{'INTERFACE'} =3D $confighash{$cgiparams{'KEY'}}[26]; + $cgiparams{'OVPN_SUBNET'} =3D $confighash{$cgiparams{'KEY'}}[27]; + $cgiparams{'PROTOCOL'} =3D $confighash{$cgiparams{'KEY'}}[28]; + $cgiparams{'DEST_PORT'} =3D $confighash{$cgiparams{'KEY'}}[29]; + $cgiparams{'COMPLZO'} =3D $confighash{$cgiparams{'KEY'}}[30]; + $cgiparams{'MTU'} =3D $confighash{$cgiparams{'KEY'}}[31]; + $cgiparams{'CHECK1'} =3D $confighash{$cgiparams{'KEY'}}[32]; + my $name=3D$cgiparams{'CHECK1'} ; + $cgiparams{$name} =3D $confighash{$cgiparams{'KEY'}}[33]; + $cgiparams{'RG'} =3D $confighash{$cgiparams{'KEY'}}[34]; + $cgiparams{'CCD_DNS1'} =3D $confighash{$cgiparams{'KEY'}}[35]; + $cgiparams{'CCD_DNS2'} =3D $confighash{$cgiparams{'KEY'}}[36]; + $cgiparams{'CCD_WINS'} =3D $confighash{$cgiparams{'KEY'}}[37]; + } elsif ($cgiparams{'ACTION'} eq $Lang::tr{'save'}) { $cgiparams{'REMARK'} =3D &Header::cleanhtml($cgiparams{'REMARK'}); =09 - if ($cgiparams{'TYPE'} !~ /^(host|net)$/) { +#A.Marx CCD check iroute field and convert it to decimal + + my @temp=3D(); + my %ccdroutehash=3D(); + my $keypoint=3D0; + if ($cgiparams{'IR'} ne ''){ + @temp =3D split("\n",$cgiparams{'IR'}); + &General::readhasharray("${General::swroot}/ovpn/ccdroute", \%ccdroutehash= ); + #find key to use + foreach my $key (keys %ccdroutehash) { + if ($ccdroutehash{$key}[0] eq $cgiparams{'NAME'}) { + $keypoint=3D$key; + delete $ccdroutehash{$key}; + }else{ + $keypoint =3D &General::findhasharraykey (\%ccdroutehash); + } + } + $ccdroutehash{$keypoint}[0]=3D$cgiparams{'NAME'}; + my $i=3D1; + my $val=3D0; + foreach $val (@temp){ + chomp($val); + $val=3D~s/\s*$//g;=20 + my($ip,$cidr) =3D split(/\//,$val); + $cidr=3D&General::iporsubtodec($cidr); + =09 + #check if iroute exists in ccdroute + foreach my $key (keys %ccdroutehash) { + foreach my $oldiroute ( 1 .. $#{$ccdroutehash{$key}}){ + if ($ccdroutehash{$key}[$oldiroute] eq "$ip/$cidr") { + $errormessage=3D$Lang::tr{'ccd err irouteexist'}; + goto VPNCONF_ERROR; + } + } + } + =09 + #check for existing network IP's + if ((&General::IpInSubnet ($ip,$netsettings{GREEN_NETADDRESS},$netsetting= s{GREEN_NETMASK}) && $netsettings{GREEN_NETADDRESS} ne '0.0.0.0')||=20 + (&General::IpInSubnet ($ip,$netsettings{RED_NETADDRESS},$netsettings{RED= _NETMASK}) && $netsettings{RED_NETADDRESS} ne '0.0.0.0')|| + (&General::IpInSubnet ($ip,$netsettings{BLUE_NETADDRESS},$netsettings{BL= UE_NETMASK}) && $netsettings{BLUE_NETADDRESS} ne '0.0.0.0' && $netsettings{BL= UE_NETADDRESS} gt '')|| + (&General::IpInSubnet ($ip,$netsettings{ORANGE_NETADDRESS},$netsettings{= ORANGE_NETMASK}) && $netsettings{ORANGE_NETADDRESS} ne '0.0.0.0' && $netsetti= ngs{ORANGE_NETADDRESS} gt '' )){ + $errormessage=3D"$ip USED FOR SYSTEM!"; + goto VPNCONF_ERROR; + } + =09 + =09 + =09 + if (&General::validipandmask($val)){ + $ccdroutehash{$keypoint}[$i] =3D $ip."/".$cidr; + }else{ + $errormessage=3D$errormessage."Route ".$Lang::tr{'ccd invalid'}." ($ip/$= cidr)"; + goto VPNCONF_ERROR; + } + $i++; + } + &General::writehasharray("${General::swroot}/ovpn/ccdroute", \%ccdroutehas= h); + &writeserverconf; + }else{ + &General::readhasharray("${General::swroot}/ovpn/ccdroute", \%ccdroutehash= ); + foreach my $key (keys %ccdroutehash) { + if ($ccdroutehash{$key}[0] eq $cgiparams{'NAME'}) { + delete $ccdroutehash{$key}; + &General::writehasharray("${General::swroot}/ovpn/ccdroute", \%ccdrouteh= ash); + &writeserverconf; + } + }=09 + } + undef @temp; + #check route field and convert it to decimal + my %ccdroute2hash=3D(); + my $val=3D0; + my $i=3D1; +=09 + &General::readhasharray("${General::swroot}/ovpn/ccdroute2", \%ccdroute2has= h); + if($cgiparams{'IFROUTE'} eq $Lang::tr{'ccd none'} || $cgiparams{'IFROUTE'} = eq '') {=20 + undef $cgiparams{'IFROUTE'}; + foreach my $key (keys %ccdroute2hash){ + if ($ccdroute2hash{$key}[0] eq $cgiparams{'NAME'}) { + delete $ccdroute2hash{$key}; + } + } + &General::writehasharray("${General::swroot}/ovpn/ccdroute2", \%ccdroute2= hash); + }else{ + #find key to use + foreach my $key (keys %ccdroute2hash) { + if ($ccdroute2hash{$key}[0] eq $cgiparams{'NAME'}) { + $keypoint=3D$key; + delete $ccdroute2hash{$key}; + }else{ + $keypoint =3D &General::findhasharraykey (\%ccdroute2hash); + &General::writehasharray("${General::swroot}/ovpn/ccdroute", \%ccdrouteh= ash); + &writeserverconf; + } + } + $ccdroute2hash{$keypoint}[0]=3D$cgiparams{'NAME'}; + @temp =3D split(/\|/,$cgiparams{'IFROUTE'}); + my %ownnet=3D(); + &General::readhash("${General::swroot}/ethernet/settings", \%ownnet); + foreach $val (@temp){ + chomp($val); + $val=3D~s/\s*$//g;=20 + if ($val eq $Lang::tr{'green'}) + { + $val=3D$ownnet{GREEN_NETADDRESS}."/".$ownnet{GREEN_NETMASK}; + } + if ($val eq $Lang::tr{'blue'}) + { + $val=3D$ownnet{BLUE_NETADDRESS}."/".$ownnet{BLUE_NETMASK}; + } + if ($val eq $Lang::tr{'orange'}) + { + $val=3D$ownnet{ORANGE_NETADDRESS}."/".$ownnet{ORANGE_NETMASK}; + } + my ($ip,$cidr) =3D split (/\//, $val); + if (! &check_routes_push($val)){$errormessage=3D$errormessage."Route $val= ".$Lang::tr{'ccd err routeovpn2'}." ($val)";goto VPNCONF_ERROR;} + if (! &check_ccdroute($val)){$errormessage=3D$errormessage."
Route $va= l ".$Lang::tr{'ccd err inuse'}." ($val)" ;goto VPNCONF_ERROR;} + if (! &check_ccdconf($val)){$errormessage=3D$errormessage."
Route $val= ".$Lang::tr{'ccd err routeovpn'}." ($val)";goto VPNCONF_ERROR;} + if (&General::validipandmask($val)){ + $val=3D$ip."/".&General::iporsubtodec($cidr); + $ccdroute2hash{$keypoint}[$i] =3D $val; + }else{ + $errormessage=3D$errormessage."Route ".$Lang::tr{'ccd invalid'}." ($val)= "; + goto VPNCONF_ERROR; + } + $i++; + }=09 + &General::writehasharray("${General::swroot}/ovpn/ccdroute2", \%ccdroute2h= ash); + } + #check dns1 ip + if ($cgiparams{'CCD_DNS1'} ne '' && ! &General::validip($cgiparams{'CCD_DN= S1'})) { + $errormessage=3D$errormessage."
".$Lang::tr{'invalid input for dhcp dn= s'}." 1"; + goto VPNCONF_ERROR; + } + #check dns2 ip + if ($cgiparams{'CCD_DNS2'} ne '' && ! &General::validip($cgiparams{'CCD_DN= S2'})) { + $errormessage=3D$errormessage."
".$Lang::tr{'invalid input for dhcp dn= s'}." 2"; + goto VPNCONF_ERROR; + } + #check wins ip + if ($cgiparams{'CCD_WINS'} ne '' && ! &General::validip($cgiparams{'CCD_WI= NS'})) { + $errormessage=3D$errormessage."
".$Lang::tr{'invalid input for dhcp wi= ns'}; + goto VPNCONF_ERROR; + } +=09 + +#CCD End +=09 +=09 + if ($cgiparams{'TYPE'} !~ /^(host|net)$/) { $errormessage =3D $Lang::tr{'connection type is invalid'}; if ($cgiparams{'TYPE'} eq 'net') { unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams= {'NAME'}.conf") or die "Removing Configfile fail: $!"; @@ -3143,45 +3764,119 @@ if ($cgiparams{'TYPE'} eq 'net') { =20 # Save the config my $key =3D $cgiparams{'KEY'}; +=09 if (! $key) { $key =3D &General::findhasharraykey (\%confighash); - foreach my $i (0 .. 31) { $confighash{$key}[$i] =3D "";} + foreach my $i (0 .. 38) { $confighash{$key}[$i] =3D "";} } - $confighash{$key}[0] =3D $cgiparams{'ENABLED'}; - $confighash{$key}[1] =3D $cgiparams{'NAME'}; + $confighash{$key}[0] =3D $cgiparams{'ENABLED'}; + $confighash{$key}[1] =3D $cgiparams{'NAME'}; if ((! $cgiparams{'KEY'}) && $cgiparams{'AUTH'} ne 'psk') { - $confighash{$key}[2] =3D $cgiparams{'CERT_NAME'}; + $confighash{$key}[2] =3D $cgiparams{'CERT_NAME'}; } - $confighash{$key}[3] =3D $cgiparams{'TYPE'}; +=09 + $confighash{$key}[3] =3D $cgiparams{'TYPE'}; if ($cgiparams{'AUTH'} eq 'psk') { - $confighash{$key}[4] =3D 'psk'; - $confighash{$key}[5] =3D $cgiparams{'PSK'}; + $confighash{$key}[4] =3D 'psk'; + $confighash{$key}[5] =3D $cgiparams{'PSK'}; } else { - $confighash{$key}[4] =3D 'cert'; + $confighash{$key}[4] =3D 'cert'; } if ($cgiparams{'TYPE'} eq 'net') { - $confighash{$key}[6] =3D $cgiparams{'SIDE'}; - $confighash{$key}[11] =3D $cgiparams{'REMOTE_SUBNET'}; + $confighash{$key}[6] =3D $cgiparams{'SIDE'}; + $confighash{$key}[11] =3D $cgiparams{'REMOTE_SUBNET'}; } - $confighash{$key}[8] =3D $cgiparams{'LOCAL_SUBNET'}; - $confighash{$key}[10] =3D $cgiparams{'REMOTE'}; + $confighash{$key}[8] =3D $cgiparams{'LOCAL_SUBNET'}; + $confighash{$key}[10] =3D $cgiparams{'REMOTE'}; if ($cgiparams{'OVPN_MGMT'} eq '') { - $confighash{$key}[22] =3D $confighash{$key}[29]; + $confighash{$key}[22] =3D $confighash{$key}[29]; } else { - $confighash{$key}[22] =3D $cgiparams{'OVPN_MGMT'}; + $confighash{$key}[22] =3D $cgiparams{'OVPN_MGMT'}; } - $confighash{$key}[23] =3D $cgiparams{'MSSFIX'}; - $confighash{$key}[24] =3D $cgiparams{'FRAGMENT'}; - $confighash{$key}[25] =3D $cgiparams{'REMARK'}; - $confighash{$key}[26] =3D $cgiparams{'INTERFACE'}; + $confighash{$key}[23] =3D $cgiparams{'MSSFIX'}; + $confighash{$key}[24] =3D $cgiparams{'FRAGMENT'}; + $confighash{$key}[25] =3D $cgiparams{'REMARK'}; + $confighash{$key}[26] =3D $cgiparams{'INTERFACE'}; # new fields=09 - $confighash{$key}[27] =3D $cgiparams{'OVPN_SUBNET'}; - $confighash{$key}[28] =3D $cgiparams{'PROTOCOL'}; - $confighash{$key}[29] =3D $cgiparams{'DEST_PORT'}; - $confighash{$key}[30] =3D $cgiparams{'COMPLZO'}; - $confighash{$key}[31] =3D $cgiparams{'MTU'}; -# new fileds=09 + $confighash{$key}[27] =3D $cgiparams{'OVPN_SUBNET'}; + $confighash{$key}[28] =3D $cgiparams{'PROTOCOL'}; + $confighash{$key}[29] =3D $cgiparams{'DEST_PORT'}; + $confighash{$key}[30] =3D $cgiparams{'COMPLZO'}; + $confighash{$key}[31] =3D $cgiparams{'MTU'}; + $confighash{$key}[32] =3D $cgiparams{'CHECK1'}; + my $name=3D$cgiparams{'CHECK1'}; + $confighash{$key}[33] =3D $cgiparams{$name}; + $confighash{$key}[34] =3D $cgiparams{'RG'}; + $confighash{$key}[35] =3D $cgiparams{'CCD_DNS1'}; + $confighash{$key}[36] =3D $cgiparams{'CCD_DNS2'}; + $confighash{$key}[37] =3D $cgiparams{'CCD_WINS'}; + =09 + =09 &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash= ); +=09 + if ($cgiparams{'CHECK1'} ){ + =09 + my ($ccdip,$ccdsub)=3Dsplit "/",$cgiparams{$name}; + my ($a,$b,$c,$d) =3D split (/\./,$ccdip); + if ( -e "${General::swroot}/ovpn/ccd/$confighash{$key}[2]"){unlink "${Gen= eral::swroot}/ovpn/ccd/$cgiparams{'CERT_NAME'}";} + open ( CCDRWCONF,'>',"${General::swroot}/ovpn/ccd/$confighash{$key}[2]") = or die "Unable to create clientconfigfile $!"; + print CCDRWCONF "# OpenVPN Clientconfig from CCD extension by Copymaster#= \n\n"; + if($cgiparams{'CHECK1'} eq 'dynamic'){ + print CCDRWCONF "#This client uses the dynamic pool\n"; + }else{ + print CCDRWCONF "#Ip address client and Server\n"; + print CCDRWCONF "ifconfig-push $ccdip ".&General::getlastip($ccdip,1)."\= n"; + } + if ($confighash{$key}[34] eq 'on'){ + print CCDRWCONF "\n#Redirect Gateway: \n#All IP traffic is redirected th= rough the vpn \n"; + print CCDRWCONF "push redirect-gateway\n"; + } + if ($cgiparams{'IR'} ne ''){ + print CCDRWCONF "\n#Client routes these Networks (behind Client)\n"; + foreach my $key (keys %ccdroutehash){ + if ($ccdroutehash{$key}[0] eq $cgiparams{'NAME'}){ + foreach my $i ( 1 .. $#{$ccdroutehash{$key}}){ + my ($a,$b)=3Dsplit (/\//,$ccdroutehash{$key}[$i]); + print CCDRWCONF "iroute $a $b\n"; + } + } + } + } + if ($cgiparams{'IFROUTE'} ne ''){ + print CCDRWCONF "\n#Client gets routes to these Networks (behind IPFIRE)= \n"; + foreach my $key (keys %ccdroute2hash){ + if ($ccdroute2hash{$key}[0] eq $cgiparams{'NAME'}){ + foreach my $i ( 1 .. $#{$ccdroute2hash{$key}}){ + if($ccdroute2hash{$key}[$i] eq $Lang::tr{'blue'}){ + my %blue=3D(); + &General::readhash("${General::swroot}/ethernet/settings", \%blue); + print CCDRWCONF "push \"route $blue{BLUE_ADDRESS} $blue{BLUE_NETMAS= K}\n"; + }elsif($ccdroute2hash{$key}[$i] eq $Lang::tr{'orange'}){ + my %orange=3D(); + &General::readhash("${General::swroot}/ethernet/settings", \%orange); + print CCDRWCONF "push \"route $orange{ORANGE_ADDRESS} $orange{ORANG= E_NETMASK}\n"; + }else{ + my ($a,$b)=3Dsplit (/\//,$ccdroute2hash{$key}[$i]); + print CCDRWCONF "push \"route $a $b\"\n"; + } + } + } + } + } + if(($cgiparams{'CCD_DNS1'} eq '') && ($cgiparams{'CCD_DNS1'} ne '')){ $cg= iparams{'CCD_DNS1'} =3D $cgiparams{'CCD_DNS2'};$cgiparams{'CCD_DNS2'}=3D'';} + if($cgiparams{'CCD_DNS1'} ne ''){ + print CCDRWCONF "\n#Client gets these Nameservers\n"; + print CCDRWCONF "push \"dhcp-option DNS $cgiparams{'CCD_DNS1'}\" \n"; + } + if($cgiparams{'CCD_DNS2'} ne ''){ + print CCDRWCONF "push \"dhcp-option DNS $cgiparams{'CCD_DNS2'}\" \n"; + } + if($cgiparams{'CCD_WINS'} ne ''){ + print CCDRWCONF "\n#Client gets this WINS server\n"; + print CCDRWCONF "push \"dhcp-option WINS $cgiparams{'CCD_WINS'}\" \n"; + } + close CCDRWCONF; + } =20 ### # m.a.d n2n begin @@ -3308,12 +4003,17 @@ if ($cgiparams{'TYPE'} eq 'net') { } =20 &Header::openbox('100%', 'LEFT', "$Lang::tr{'connection'}:"); - print "\n"; - print ""; + print "
$Lang::tr{'name'}:
\n"; +=09 +=09 +=09 + print ""; +=09 if ($cgiparams{'TYPE'} eq 'host') { if ($cgiparams{'KEY'}) { - print "\n"; + print ""; } else { + =09 print ""; } # print ""; @@ -3333,6 +4033,9 @@ if ($cgiparams{'TYPE'} eq 'net') { } else { print ""; } + =20 + =20 + =20 print <  @@ -3374,46 +4077,64 @@ if ($cgiparams{'TYPE'} eq 'net') { =20 END - ; +; } =20 print ""; - print ""; + print "
$Lang::tr{'name'}: $cgiparams{'NAME'}$cgiparams{'NAME'}
$Lang::tr{'interface'} 
$Lang::tr{'openvpn default'}: $Lang::tr{'destination port'}
$Lang::tr{'remark title'} 
"; =09 if ($cgiparams{'TYPE'} eq 'host') { + print "$Lang::tr{'enabled'} "; + }=09 =20 - print "$Lang::tr{'enabled'} \n"; - }=09 - -# if ($cgiparams{'KEY'}) { -# print " "; -# } else { -# print " $Lang::tr{'edit advanced settings when don= e'}"; -# } -# }else{ - print " "; -# } =20 - =20 + print"

"; +#A.Marx CCD new client =09 =09 - + print "= "; + my %ccdconfhash=3D(); + my %ccdroutehash=3D(); + my %ccdroute2hash=3D(); + my %vpnnet=3D(); + my $vpnip; + &General::readhash("${General::swroot}/ovpn/settings", \%vpnnet); + $vpnip=3D$vpnnet{'DOVPN_SUBNET'}; + &General::readhasharray("${General::swroot}/ovpn/ccd.conf", \%ccdconfha= sh); + my @ccdconf=3D(); + my $count=3D0; + my $checked; + $checked{'check1'}{'off'} =3D ''; + $checked{'check1'}{'on'} =3D ''; + $checked{'check1'}{$cgiparams{'CHECK1'}} =3D 'CHECKED'; + print"

$Lang::tr{'ccd choose net'}
$Lang::tr{'ccd dynrange'} ($vpnip)"; + print"


"; + my $name=3D$cgiparams{'CHECK1'}; + $checked{'RG'}{$cgiparams{'RG'}} =3D 'CHECKED'; + =09 + if (! -z "${General::swroot}/ovpn/ccd.conf"){=09 + print""; + foreach my $key (keys %ccdconfhash) { + $count++; + @ccdconf=3D($ccdconfhash{$key}[0],$ccdconfhash{$key}[1]); + if ($count % 2){print"";}else{print"";} + print""; + } + print "
$Lang::tr{'ccd name'}$Lang::tr{'network'}$Lang::tr{'ccd clientip'}
$ccdconf= [0]$ccdconf[1]"; + &fillselectbox($ccdconf[1],$ccdconf[0],$cgiparams{$name}); + print"




"; + } +# ccd end &Header::closebox(); -=09 if ($cgiparams{'KEY'} && $cgiparams{'AUTH'} eq 'psk') { - # &Header::openbox('100%', 'LEFT', $Lang::tr{'authentication'}); - # print < - # $Lang::tr{'use a pre-shared key'}= - # - # -END - # ; - # &Header::closebox(); - } elsif (! $cgiparams{'KEY'}) { + =09 + } elsif (! $cgiparams{'KEY'}) { + =09 + =09 my $disabled=3D''; my $cakeydisabled=3D''; my $cacrtdisabled=3D''; if ( ! -f "${General::swroot}/ovpn/ca/cakey.pem" ) { $cakeydisabled =3D= "disabled=3D'disabled'" } else { $cakeydisabled =3D "" }; if ( ! -f "${General::swroot}/ovpn/ca/cacert.pem" ) { $cacrtdisabled = =3D "disabled=3D'disabled'" } else { $cacrtdisabled =3D "" }; + =20 &Header::openbox('100%', 'LEFT', $Lang::tr{'authentication'}); =20 =20 @@ -3510,8 +4231,96 @@ END ### ; &Header::closebox(); + =20 + } + print"

"; + &Header::openbox('100%', 'LEFT', "$Lang::tr{'ccd client options'}:"); + +#A.Marx CCD new client +=09 + print < + Redirect Gateway: +
$Lang::tr{'ccd routes'} +   + $Lang::tr{'ccd iroute'}$Lang::tr{'ccd iroutehint'}= +
+ $Lang::tr{'ccd iroute2'} + DNS2: + WINS:
+=09 +END +; + &Header::closebox(); +=09 print "
"; if ($cgiparams{'KEY'}) { # print ""; @@ -3538,24 +4347,21 @@ END my @status =3D `/bin/cat /var/log/ovpnserver.log`; =20 if ($cgiparams{'VPN_IP'} eq '' && -e "${General::swroot}/red/active") { - if (open(IPADDR, "${General::swroot}/red/local-ipaddress")) { - my $ipaddr =3D ; - close IPADDR; - chomp ($ipaddr); - $cgiparams{'VPN_IP'} =3D (gethostbyaddr(pack("C4", split(/\./, $ipaddr)= ), 2))[0]; - if ($cgiparams{'VPN_IP'} eq '') { - $cgiparams{'VPN_IP'} =3D $ipaddr; - } - } + if (open(IPADDR, "${General::swroot}/red/local-ipaddress")) { + my $ipaddr =3D ; + close IPADDR; + chomp ($ipaddr); + $cgiparams{'VPN_IP'} =3D (gethostbyaddr(pack("C4", split(/\./, $ipaddr= )), 2))[0]; + if ($cgiparams{'VPN_IP'} eq '') { + $cgiparams{'VPN_IP'} =3D $ipaddr; + } + } } =20 #default setzen if ($cgiparams{'DCIPHER'} eq '') { $cgiparams{'DCIPHER'} =3D 'BF-CBC'; =20 } -# if ($cgiparams{'DCOMPLZO'} eq '') { -# $cgiparams{'DCOMPLZO'} =3D 'on'; =20 -# } if ($cgiparams{'DDEST_PORT'} eq '') { $cgiparams{'DDEST_PORT'} =3D '1194'; =20 } @@ -3565,8 +4371,7 @@ END if ($cgiparams{'DOVPN_SUBNET'} eq '') { $cgiparams{'DOVPN_SUBNET'} =3D '10.' . int(rand(256)) . '.' . int(rand(256)= ) . '.0/255.255.255.0'; } - - $checked{'ENABLED'}{'off'} =3D ''; + $checked{'ENABLED'}{'off'} =3D ''; $checked{'ENABLED'}{'on'} =3D ''; $checked{'ENABLED'}{$cgiparams{'ENABLED'}} =3D 'CHECKED'; $checked{'ENABLED_BLUE'}{'off'} =3D ''; @@ -3626,8 +4431,8 @@ END $activeonrun =3D "disabled=3D'disabled'"; }=09 &Header::openbox('100%', 'LEFT', $Lang::tr{'global settings'});=09 - print < + print <
    @@ -3635,7 +4440,7 @@ END $Lang::tr{'ovpn server status'} $sactive $Lang::tr{'ovpn on red'} - + END ; if (&haveBlueNet()) { @@ -3674,18 +4479,20 @@ END - + +
END ; =20 =20 if ( $srunning eq "yes" ) { - print ""; - print "";=09 - print ""; - print "";=09 + print ""; + print "";=09 + print ""; } else{ - print ""; - print ""; + print ""; + print ""; if (( -e "${General::swroot}/ovpn/ca/cacert.pem" && -e "${General::swroot}/ovpn/ca/dh1024.pem" && -e "${General::swroot}/ovpn/certs/servercert.pem" && @@ -3693,11 +4500,9 @@ END (( $cgiparams{'ENABLED'} eq 'on') ||=20 ( $cgiparams{'ENABLED_BLUE'} eq 'on') || ( $cgiparams{'ENABLED_ORANGE'} eq 'on'))){ - print ""; - print "";=09 + print ""; } else { - print ""; =20 - print ""; =20 + print ""; =20 } =20 } print "
"; @@ -3829,18 +4634,19 @@ END END - ; +; } - print < - - - =20 -
$Lang::tr{'ca name'}: - -
+ =20 +print < + + + + +
$Lang::tr{'ca name'}:
END - ; +; +=20 =20 &Header::closebox(); if ( $srunning eq "yes" ) { =20 @@ -3863,8 +4669,7 @@ END $Lang::tr{'name= '} $Lang::tr{'type= '} - $Lang::tr{'comm= on name'} - $Lang::tr{'vali= d till'} + $Lang::tr{'netw= ork'} $Lang::tr{'rema= rk'} $Lang::tr{'stat= us'} $L= ang::tr{'action'} @@ -3883,15 +4688,17 @@ END } print "$confighash{$key}[1]"; print "" . $Lang::tr{"$confighash{$k= ey}[3]"} . " (" . $Lang::tr{"$confighash{$key}[4]"} . ")"; - if ($confighash{$key}[4] eq 'cert') { - print "$confighash{$key}[2]"; - } else { - print " "; - } + #if ($confighash{$key}[4] eq 'cert') { + #print "$confighash{$key}[2]"; + #} else { + #print " "; + #} my $cavalid =3D `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/ce= rts/$confighash{$key}[1]cert.pem`; $cavalid =3D~ /Not After : (.*)[\n]/; $cavalid =3D $1; - print "$cavalid"; + if ($confighash{$key}[32] eq "" && $confighash{$key}[3] eq 'net' ){$configh= ash{$key}[32]=3D"net-2-net";} + if ($confighash{$key}[32] eq "" && $confighash{$key}[3] eq 'host' ){$config= hash{$key}[32]=3D"dynamic";} + print "$confighash{$key}[32]"; print "$confighash{$key}[25]"; =20 my $active =3D "
$Lang::tr{'capsclosed'}
"; @@ -4029,7 +4836,7 @@ END # If the config file contains entries, print Key to action icons if ( $id ) { print < + -
  $Lang::tr{'legend'}:   3D'$Lang::tr{'click $Lang::tr{'dl client arch'}
+
END ; } @@ -4058,8 +4865,8 @@ END print <
- - + +
END diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl index f686c30..cb29cf1 100644 --- a/langs/de/cgi-bin/de.pl +++ b/langs/de/cgi-bin/de.pl @@ -351,6 +351,7 @@ 'arp table entries' =3D> 'Eintr=C3=A4ge der ARP-Tabelle:', 'artist' =3D> 'K=C3=BCnstler', 'attemps' =3D> 'Versuche', +'attention' =3D> 'ACHTUNG', 'august' =3D> 'August', 'authentication' =3D> 'Authentifizierung:', 'automatic' =3D> 'Automatisch', @@ -455,6 +456,42 @@ 'capsopen' =3D> 'VERBUNDEN', 'capswarning' =3D> 'WARNUNG', 'caption' =3D> 'Legende', +'ccd add' =3D> 'Netzwerk hinzuf=C3=BCgen', +'ccd choose net' =3D> 'Netzwerk ausw=C3=A4hlen', +'ccd client options' =3D> 'Erweiterte Client-Optionen', +'ccd clientip' =3D> 'Hostadresse', +'ccd dynrange' =3D> 'Dynamischer OpenVPN IP-Addressen-Pool', +'ccd err blue' =3D> 'Das ist das BLAUE Subnetz.', +'ccd err green' =3D> 'Das ist das GR=C3=9CNE Subnetz.', +'ccd err hostinnet' =3D> 'Das Netzwerk kann nicht gel=C3=B6scht werden, da s= ich in ihm noch Clients befinden.', +'ccd err inuse' =3D> 'Wird bereits von einem anderen Client genutzt.', +'ccd err invalidname' =3D> 'Ung=C3=BCltiger Name. Erlaubte Zeichen: A-Z, a-z= , Bindestrich und Leerzeichen.', +'ccd err invalidnet' =3D> 'Ung=C3=BCltige IP-Addresse. Format: 192.168.0.0/2= 4 oder 192.168.0.0/255.255.255.0.', +'ccd err iroute' =3D> 'Netzadresse f=C3=BCr Route ung=C3=BCltig.', +'ccd err irouteexist' =3D> 'Diese Route wird bereits verwendet.', +'ccd err isovpnnet' =3D> 'Subnetzadresse wird f=C3=BCr bereits f=C3=BCr den = OpenVPN-Server verwendet!', +'ccd err issubnet' =3D> 'Subnetzadresse wird bereits verwendet.', +'ccd err name' =3D> 'Es muss ein Name angegeben werden.', +'ccd err nameexist' =3D> 'Name existiert bereits.', +'ccd err netadr' =3D> 'Subnetzadresse ist ung=C3=BCltig oder Bereich zu gro= =C3=9F.', +'ccd err netadrexist' =3D> 'Netwerk existiert bereits.', +'ccd err orange' =3D> 'Das ist das ORANGE Subnetz.', +'ccd err red' =3D> 'Das ist das ROTE Subnetz.', +'ccd err routeovpn' =3D> 'Wird vom OpenVPN-Server genutzt.', +'ccd err routeovpn2' =3D> 'Wird bereits vom OpenVPN-Server verteilt.', +'ccd hint' =3D> 'Auf dieser Seite k=C3=B6nnen statische Netzwerke definiert = werden, von denen Roadwarrior-Clients feste Adressen zugewiesen bekommen k=C3= =B6nnen.', +'ccd invalid' =3D> 'ist ung=C3=BCltig.', +'ccd iroute' =3D> 'IPFire hat Zugriff auf diese Netzwerke auf Clientseite: ', +'ccd iroute2' =3D> 'Client hat Zugriff auf diese Netzwerke auf IPFire-Seite:= ', +'ccd iroutehint' =3D> 'Achtung! Wenn Sie diese Einstellungen =C3=A4ndern, mu= ss der OpenVPN Server neu gestartet werden!', +'ccd maxclients' =3D> 'M=C3=B6gliche Adressen', +'ccd modify' =3D> 'Netzwerk =C3=A4ndern', +'ccd name' =3D> 'Name', +'ccd net' =3D> 'Statische IP-Adressen-Pools', +'ccd none' =3D> 'Keine', +'ccd routes' =3D> 'Routen:', +'ccd subnet' =3D> 'Subnetz', +'ccd used' =3D> 'Genutzte Adressen', 'cert' =3D> 'Zertifikat', 'certificate' =3D> 'Zertifikat', 'certificate authorities' =3D> 'Zertifizierungsstellen (CAs)', @@ -1568,6 +1605,7 @@ 'september' =3D> 'September', 'serial' =3D> 'serielle', 'server reserved' =3D> 'The connection name server is reserved and not allow= ed', +'server restart' =3D> 'Wenn hier etwas ge=C3=A4ndert wird, muss der openVPN = Server neu gestartet werden, damit die Einstellungen =C3=BCbernommen werden!', 'server string' =3D> 'Server String', 'service' =3D> 'Dienst', 'service added' =3D> 'Benutzerdefinierter Netzwerkdienst wurde hinzugef=C3= =BCgt', diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl index 5fe2391..d92fadc 100644 --- a/langs/en/cgi-bin/en.pl +++ b/langs/en/cgi-bin/en.pl @@ -353,6 +353,7 @@ 'arp table entries' =3D> 'ARP Table Entries:', 'artist' =3D> 'Artist', 'attemps' =3D> 'Attempts', +'attention' =3D> 'ATTENTION', 'august' =3D> 'August', 'authentication' =3D> 'Authentication:', 'automatic' =3D> 'Automatic', @@ -474,6 +475,41 @@ 'capsopen' =3D> 'CONNECTED', 'capswarning' =3D> 'WARNING', 'caption' =3D> 'Caption', +'ccd add' =3D> 'Add network', +'ccd choose net' =3D> 'Choose network', +'ccd client options' =3D> 'Advanced client options', +'ccd clientip' =3D> 'Host address', +'ccd dynrange' =3D> 'Dynamic OpenVPN IP address pool', +'ccd err blue' =3D> 'This is the BLUE subnet.', +'ccd err green' =3D> 'This is the GREEN subnet.', +'ccd err hostinnet' =3D> 'You are not able to delete this network, while it = still contains clients.', +'ccd err inuse' =3D> 'Already used by another client.', +'ccd err invalidname' =3D> 'Invalid name. Allowed characters are A-Z, a-z, d= ash and space.', +'ccd err invalidnet' =3D> 'Invalid IP address. Format: 192.168.0.0/24 or 192= .168.0.0/255.255.255.0.', +'ccd err iroute' =3D> 'Network address for route is invalid.', +'ccd err irouteexist' =3D> 'This route is already in use.', +'ccd err isovpnnet' =3D> 'Subnet address already in use for OpenVPN Server.', +'ccd err issubnet' =3D> 'Subnet address already in use.', +'ccd err name' =3D> 'Please choose a name.', +'ccd err nameexist' =3D> 'Name already exists.', +'ccd err netadr' =3D> 'Subnet address is invalid or range is too large.', +'ccd err netadrexist' =3D> 'Network already exists.', +'ccd err orange' =3D> 'This is the ORANGE subnet.', +'ccd err red' =3D> 'This is the RED subnet.', +'ccd err routeovpn' =3D> 'Already used by OpenVPN server.', +'ccd err routeovpn2' =3D> 'Already pushed from OpenVPN server.', +'ccd hint' =3D> 'On this page you are able to define static networks from wh= ich the roadwarrior clients can get fixed IP address assignments.', +'ccd invalid' =3D> 'Invalid.', +'ccd iroute' =3D> 'IPFire has access to these networks on the client\'s site= ', +'ccd iroute2' =3D> 'Client has access to these networks on IPFire\'s site', +'ccd iroutehint' =3D> 'Attention! If you change these settings, you have to = restart the OpenVPN server that the changes take effect!', +'ccd modify' =3D> 'Change network', +'ccd name' =3D> 'Name', +'ccd net' =3D> 'Static IP address pools', +'ccd none' =3D> 'None', +'ccd routes' =3D> 'Routing:', +'ccd subnet' =3D> 'Subnet', +'ccd used' =3D> 'Used addresses', 'cert' =3D> 'Certificate', 'certificate' =3D> 'Certificate', 'certificate authorities' =3D> 'Certificate Authorities', @@ -895,7 +931,7 @@ 'gpl unofficial translation of the general public license v3' =3D> 'Unoffici= al translation of the General Public License v3', 'graph' =3D> 'Graph', 'graph per' =3D> 'per', -'green' =3D> 'Green', +'green' =3D> 'GREEN', 'green interface' =3D> 'Green Interface', 'guaranteed bandwith' =3D> 'Guaranteed bandwith', 'guardian alertfile' =3D> 'Alertfile', @@ -1598,6 +1634,7 @@ 'september' =3D> 'September', 'serial' =3D> 'Serial', 'server reserved' =3D> 'The connection name server is reserved and not allow= ed', +'server restart' =3D> 'If you change these settings you have to restart the = OpenVPN server for the changes to take effect!', 'server string' =3D> 'Server String', 'service' =3D> 'Service', 'service added' =3D> 'Custom network service added', hooks/post-receive -- IPFire 2.x development tree --===============2058664307505305011==--