* [git.ipfire.org] IPFire 2.x development tree branch, next, updated. dcb406cc675c42f9add4a41c8a1e07eea7c3ab08
@ 2017-02-15 10:19 git
0 siblings, 0 replies; only message in thread
From: git @ 2017-02-15 10:19 UTC (permalink / raw)
To: ipfire-scm
[-- Attachment #1: Type: text/plain, Size: 13946 bytes --]
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".
The branch, next has been updated
via dcb406cc675c42f9add4a41c8a1e07eea7c3ab08 (commit)
from ef784313d101fee621e3273cf14eb59cf43bbb10 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit dcb406cc675c42f9add4a41c8a1e07eea7c3ab08
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Wed Feb 15 10:11:58 2017 +0000
IPsec: Allow to create on-demand connections
This will create IPsec VPN connections with auto=route set
instead of auto=start which will cause the connection being
created, but not brought up yet.
As soon as the first packet is received, the connection will
be established and data will be passed through it.
This allows IPFire to handle more VPN connections on weaker
systems and avoids negotiating many connections which are
rarely used.
Suggested-by: Tom Rymes <tomvend(a)rymes.com>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
Fixes: #10733
-----------------------------------------------------------------------
Summary of changes:
doc/language_issues.es | 3 +++
doc/language_issues.fr | 3 +++
doc/language_issues.it | 3 +++
doc/language_issues.nl | 3 +++
doc/language_issues.pl | 3 +++
doc/language_issues.ru | 3 +++
doc/language_issues.tr | 3 +++
doc/language_missings | 12 ++++++++++++
html/cgi-bin/vpnmain.cgi | 43 +++++++++++++++++++++++++++++++------------
langs/de/cgi-bin/de.pl | 3 +++
langs/en/cgi-bin/en.pl | 3 +++
11 files changed, 70 insertions(+), 12 deletions(-)
Difference in files:
diff --git a/doc/language_issues.es b/doc/language_issues.es
index 60ba499..36d4a82 100644
--- a/doc/language_issues.es
+++ b/doc/language_issues.es
@@ -1144,6 +1144,9 @@ WARNING: untranslated string: vendor
WARNING: untranslated string: visit us at
WARNING: untranslated string: vpn force mobike
WARNING: untranslated string: vpn keyexchange
+WARNING: untranslated string: vpn start action
+WARNING: untranslated string: vpn start action route
+WARNING: untranslated string: vpn start action start
WARNING: untranslated string: vpn statistic n2n
WARNING: untranslated string: vpn statistic rw
WARNING: untranslated string: vpn statistics n2n
diff --git a/doc/language_issues.fr b/doc/language_issues.fr
index 863b529..b21c338 100644
--- a/doc/language_issues.fr
+++ b/doc/language_issues.fr
@@ -1161,6 +1161,9 @@ WARNING: untranslated string: vendor
WARNING: untranslated string: visit us at
WARNING: untranslated string: vpn force mobike
WARNING: untranslated string: vpn keyexchange
+WARNING: untranslated string: vpn start action
+WARNING: untranslated string: vpn start action route
+WARNING: untranslated string: vpn start action start
WARNING: untranslated string: vpn statistic n2n
WARNING: untranslated string: vpn statistic rw
WARNING: untranslated string: vpn statistics n2n
diff --git a/doc/language_issues.it b/doc/language_issues.it
index 6efef40..e723028 100644
--- a/doc/language_issues.it
+++ b/doc/language_issues.it
@@ -819,6 +819,9 @@ WARNING: untranslated string: unblock
WARNING: untranslated string: unblock all
WARNING: untranslated string: uncheck all
WARNING: untranslated string: vpn force mobike
+WARNING: untranslated string: vpn start action
+WARNING: untranslated string: vpn start action route
+WARNING: untranslated string: vpn start action start
WARNING: untranslated string: vpn statistic n2n
WARNING: untranslated string: vpn statistic rw
WARNING: untranslated string: vpn statistics n2n
diff --git a/doc/language_issues.nl b/doc/language_issues.nl
index c9b10dc..22a8934 100644
--- a/doc/language_issues.nl
+++ b/doc/language_issues.nl
@@ -867,6 +867,9 @@ WARNING: untranslated string: uncheck all
WARNING: untranslated string: upload dh key
WARNING: untranslated string: vendor
WARNING: untranslated string: vpn force mobike
+WARNING: untranslated string: vpn start action
+WARNING: untranslated string: vpn start action route
+WARNING: untranslated string: vpn start action start
WARNING: untranslated string: vpn statistic n2n
WARNING: untranslated string: vpn statistic rw
WARNING: untranslated string: vpn statistics n2n
diff --git a/doc/language_issues.pl b/doc/language_issues.pl
index 60ba499..36d4a82 100644
--- a/doc/language_issues.pl
+++ b/doc/language_issues.pl
@@ -1144,6 +1144,9 @@ WARNING: untranslated string: vendor
WARNING: untranslated string: visit us at
WARNING: untranslated string: vpn force mobike
WARNING: untranslated string: vpn keyexchange
+WARNING: untranslated string: vpn start action
+WARNING: untranslated string: vpn start action route
+WARNING: untranslated string: vpn start action start
WARNING: untranslated string: vpn statistic n2n
WARNING: untranslated string: vpn statistic rw
WARNING: untranslated string: vpn statistics n2n
diff --git a/doc/language_issues.ru b/doc/language_issues.ru
index 255df2f..fc727d6 100644
--- a/doc/language_issues.ru
+++ b/doc/language_issues.ru
@@ -1139,6 +1139,9 @@ WARNING: untranslated string: vendor
WARNING: untranslated string: visit us at
WARNING: untranslated string: vpn force mobike
WARNING: untranslated string: vpn keyexchange
+WARNING: untranslated string: vpn start action
+WARNING: untranslated string: vpn start action route
+WARNING: untranslated string: vpn start action start
WARNING: untranslated string: vpn statistic n2n
WARNING: untranslated string: vpn statistic rw
WARNING: untranslated string: vpn statistics n2n
diff --git a/doc/language_issues.tr b/doc/language_issues.tr
index 8cf2dfe..59c9046 100644
--- a/doc/language_issues.tr
+++ b/doc/language_issues.tr
@@ -752,4 +752,7 @@ WARNING: untranslated string: route config changed
WARNING: untranslated string: routing config added
WARNING: untranslated string: routing config changed
WARNING: untranslated string: routing table
+WARNING: untranslated string: vpn start action
+WARNING: untranslated string: vpn start action route
+WARNING: untranslated string: vpn start action start
WARNING: untranslated string: vpn statistics n2n
diff --git a/doc/language_missings b/doc/language_missings
index 32e1e48..49def61 100644
--- a/doc/language_missings
+++ b/doc/language_missings
@@ -561,6 +561,9 @@
< vendor
< visit us at
< vpn keyexchange
+< vpn start action
+< vpn start action route
+< vpn start action start
< vpn statistic n2n
< vpn statistic rw
< wlanap access point
@@ -1175,6 +1178,9 @@
< vendor
< visit us at
< vpn keyexchange
+< vpn start action
+< vpn start action route
+< vpn start action start
< vpn statistic n2n
< vpn statistic rw
< wlanap country
@@ -1754,6 +1760,9 @@
< vendor
< visit us at
< vpn keyexchange
+< vpn start action
+< vpn start action route
+< vpn start action start
< vpn statistic n2n
< vpn statistic rw
< wlanap country
@@ -2338,6 +2347,9 @@
< vendor
< visit us at
< vpn keyexchange
+< vpn start action
+< vpn start action route
+< vpn start action start
< vpn statistic n2n
< vpn statistic rw
< week-graph
diff --git a/html/cgi-bin/vpnmain.cgi b/html/cgi-bin/vpnmain.cgi
index f1cffb8..b6469c0 100644
--- a/html/cgi-bin/vpnmain.cgi
+++ b/html/cgi-bin/vpnmain.cgi
@@ -108,6 +108,7 @@ $cgiparams{'RW_NET'} = '';
$cgiparams{'DPD_DELAY'} = '30';
$cgiparams{'DPD_TIMEOUT'} = '120';
$cgiparams{'FORCE_MOBIKE'} = 'off';
+$cgiparams{'START_ACTION'} = 'start';
&Header::getcgihash(\%cgiparams, {'wantfile' => 1, 'filevar' => 'FH'});
###
@@ -401,12 +402,17 @@ sub writeipsecfiles {
print CONF "\trightrsasigkey=%cert\n";
}
+ my $start_action = $lconfighash{$key}[33];
+ if (!$start_action) {
+ $start_action = "start";
+ }
+
# Automatically start only if a net-to-net connection
if ($lconfighash{$key}[3] eq 'host') {
print CONF "\tauto=add\n";
print CONF "\trightsourceip=$lvpnsettings{'RW_NET'}\n";
} else {
- print CONF "\tauto=start\n";
+ print CONF "\tauto=$start_action\n";
}
# Fragmentation
@@ -1778,7 +1784,7 @@ END
my $key = $cgiparams{'KEY'};
if (! $key) {
$key = &General::findhasharraykey (\%confighash);
- foreach my $i (0 .. 32) { $confighash{$key}[$i] = "";}
+ foreach my $i (0 .. 33) { $confighash{$key}[$i] = "";}
}
$confighash{$key}[0] = $cgiparams{'ENABLED'};
$confighash{$key}[1] = $cgiparams{'NAME'};
@@ -2256,6 +2262,7 @@ if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) ||
$confighash{$cgiparams{'KEY'}}[30] = $cgiparams{'DPD_TIMEOUT'};
$confighash{$cgiparams{'KEY'}}[31] = $cgiparams{'DPD_DELAY'};
$confighash{$cgiparams{'KEY'}}[32] = $cgiparams{'FORCE_MOBIKE'};
+ $confighash{$cgiparams{'KEY'}}[33] = $cgiparams{'START_ACTION'};
&General::writehasharray("${General::swroot}/vpn/config", \%confighash);
&writeipsecfiles();
if (&vpnenabled) {
@@ -2283,6 +2290,7 @@ if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) ||
$cgiparams{'DPD_TIMEOUT'} = $confighash{$cgiparams{'KEY'}}[30];
$cgiparams{'DPD_DELAY'} = $confighash{$cgiparams{'KEY'}}[31];
$cgiparams{'FORCE_MOBIKE'} = $confighash{$cgiparams{'KEY'}}[32];
+ $cgiparams{'START_ACTION'} = $confighash{$cgiparams{'KEY'}}[33];
if (!$cgiparams{'DPD_DELAY'}) {
$cgiparams{'DPD_DELAY'} = 30;
@@ -2291,6 +2299,10 @@ if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) ||
if (!$cgiparams{'DPD_TIMEOUT'}) {
$cgiparams{'DPD_TIMEOUT'} = 120;
}
+
+ if (!$cgiparams{'START_ACTION'}) {
+ $cgiparams{'START_ACTION'} = "start";
+ }
}
ADVANCED_ERROR:
@@ -2387,6 +2399,10 @@ if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) ||
$selected{'DPD_ACTION'}{'none'} = '';
$selected{'DPD_ACTION'}{$cgiparams{'DPD_ACTION'}} = "selected='selected'";
+ $selected{'START_ACTION'}{'route'} = '';
+ $selected{'START_ACTION'}{'start'} = '';
+ $selected{'START_ACTION'}{$cgiparams{'START_ACTION'}} = "selected='selected'";
+
&Header::showhttpheaders();
&Header::openpage($Lang::tr{'ipsec'}, 1, '');
&Header::openbigbox('100%', 'left', '', $errormessage);
@@ -2406,7 +2422,7 @@ if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) ||
}
&Header::openbox('100%', 'left', "$Lang::tr{'advanced'}:");
- print <<EOF
+ print <<EOF;
<form method='post' enctype='multipart/form-data' action='$ENV{'SCRIPT_NAME'}'>
<input type='hidden' name='ADVANCED' value='yes' />
<input type='hidden' name='KEY' value='$cgiparams{'KEY'}' />
@@ -2599,9 +2615,16 @@ if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) ||
IKE+ESP: $Lang::tr{'use only proposed settings'}
</label>
</td>
+ <td>
+ <label>$Lang::tr{'vpn start action'}</label>
+ <select name="START_ACTION">
+ <option value="route" $selected{'START_ACTION'}{'route'}>$Lang::tr{'vpn start action route'}</option>
+ <option value="start" $selected{'START_ACTION'}{'start'}>$Lang::tr{'vpn start action start'}</option>
+ </select>
+ </td>
</tr>
<tr>
- <td>
+ <td colspan="2">
<label>
<input type='checkbox' name='PFS' $checked{'PFS'} />
$Lang::tr{'pfs yes no'}
@@ -2609,7 +2632,7 @@ if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) ||
</td>
</tr>
<tr>
- <td>
+ <td colspan="2">
<label>
<input type='checkbox' name='COMPRESSION' $checked{'COMPRESSION'} />
$Lang::tr{'vpn payload compression'}
@@ -2617,20 +2640,16 @@ if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) ||
</td>
</tr>
<tr>
- <td>
+ <td colspan="2">
<label>
<input type='checkbox' name='FORCE_MOBIKE' $checked{'FORCE_MOBIKE'} />
$Lang::tr{'vpn force mobike'}
</label>
</td>
</tr>
-EOF
-;
-
- print <<EOF;
<tr>
- <td align='left' colspan='1'><img src='/blob.gif' align='top' alt='*' /> $Lang::tr{'required field'}</td>
- <td align='right' colspan='2'>
+ <td align='left'><img src='/blob.gif' align='top' alt='*' /> $Lang::tr{'required field'}</td>
+ <td align='right'>
<input type='submit' name='ACTION' value='$Lang::tr{'save'}' />
<input type='submit' name='ACTION' value='$Lang::tr{'cancel'}' />
</td>
diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl
index 54f3ae1..867bff7 100644
--- a/langs/de/cgi-bin/de.pl
+++ b/langs/de/cgi-bin/de.pl
@@ -2618,6 +2618,9 @@
'vpn payload compression' => 'Datennutzlast-Kompression aushandeln',
'vpn red name' => 'Öffentliche IP oder FQDN für das rote Interface oder <%defaultroute>',
'vpn remote id' => 'Remote ID',
+'vpn start action' => 'Startaktion',
+'vpn start action route' => 'On Demand',
+'vpn start action start' => 'Immer An',
'vpn statistic n2n' => 'OpenVPN-Netz-zu-Netz-Statistik',
'vpn statistic rw' => 'OpenVPN-Roadwarrior-Statistik',
'vpn subjectaltname' => 'Subjekt Alternativer Name',
diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl
index a04d994..5333c13 100644
--- a/langs/en/cgi-bin/en.pl
+++ b/langs/en/cgi-bin/en.pl
@@ -2663,6 +2663,9 @@
'vpn payload compression' => 'Negotiate payload compression',
'vpn red name' => 'Public IP or FQDN for RED interface or <%defaultroute>',
'vpn remote id' => 'Remote ID',
+'vpn start action' => 'Start Action',
+'vpn start action route' => 'On Demand',
+'vpn start action start' => 'Always On',
'vpn statistic n2n' => 'OpenVPN Net-to-Net Statistics',
'vpn statistic rw' => 'OpenVPN Roadwarrior Statistics',
'vpn subjectaltname' => 'Subject Alt Name',
hooks/post-receive
--
IPFire 2.x development tree
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2017-02-15 10:19 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-02-15 10:19 [git.ipfire.org] IPFire 2.x development tree branch, next, updated. dcb406cc675c42f9add4a41c8a1e07eea7c3ab08 git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox