diff options
| author | Scott Ullrich <sullrich@pfsense.org> | 2007-05-07 17:02:23 +0000 |
|---|---|---|
| committer | Scott Ullrich <sullrich@pfsense.org> | 2007-05-07 17:02:23 +0000 |
| commit | f9927473c4000fdbc3e586d313b49d7a6e2c2038 (patch) | |
| tree | f736b35d575481164ca89f3cb4346a8391d2c307 | |
| parent | c736881cab925fcc1acf94b48846000d33efcff3 (diff) | |
| download | pfsense-f9927473c4000fdbc3e586d313b49d7a6e2c2038.zip pfsense-f9927473c4000fdbc3e586d313b49d7a6e2c2038.tar.gz | |
Add openvpn server tos and dhcp server options.
Submitted-by: Martin Fuchs
| -rw-r--r-- | etc/inc/openvpn.inc | 66 | ||||
| -rw-r--r-- | usr/local/pkg/openvpn.xml | 71 |
2 files changed, 137 insertions, 0 deletions
diff --git a/etc/inc/openvpn.inc b/etc/inc/openvpn.inc index a4f9dbc..a388335 100644 --- a/etc/inc/openvpn.inc +++ b/etc/inc/openvpn.inc @@ -87,6 +87,25 @@ function openvpn_validate_input($mode, $post, $input_errors) { if ($result = openvpn_validate_cidr($post['local_network'], 'Local network')) $input_errors[] = $result; + +// DHCP-Options logic-check + $servers = explode(';', $post['dhcp_dns']); + foreach ($servers as $server) if (!is_ipaddr($server)) + {$input_errors[] = 'The field \'DHCP-Opt.: DNS-Server\' must contain a valid IP address and no whitespaces.'; + break;} + $servers = explode(';', $post['dhcp_wins']); + foreach ($servers as $server) if (!is_ipaddr($server)) + {$input_errors[] = 'The field \'DHCP-Opt.: WINS-Server\' must contain a valid IP address and no whitespaces.'; + break;} + $servers = explode(';', $post['dhcp_nbdd']); + foreach ($servers as $server) if (!is_ipaddr($server)) + {$input_errors[] = 'The field \'DHCP-Opt.: NBDD-Server\' must contain a valid IP address and no whitespaces.'; + break;} + $servers = explode(';', $post['dhcp_ntp']); + foreach ($servers as $server) if (!is_ipaddr($server)) + {$input_errors[] = 'The field \'DHCP-Opt.: NTP-Server\' must contain a valid IP address and no whitespaces.'; + break;} + } else { // Client mode @@ -264,6 +283,53 @@ EOD; // The port we'll listen at $openvpn_conf .= "lport {$settings['local_port']}\n"; + // DHCP-Options + if (!empty($settings['dhcp_domainname'])) $openvpn_conf .= "push \"dhcp-option DOMAIN {$settings['dhcp_domainname']}\"\n"; + + if (!empty($settings['dhcp_dns'])) { + $servers = explode(';', $settings['dhcp_dns']); + if (is_array($servers)) { + foreach ($servers as $server) $openvpn_conf .= "push \"dhcp-option DNS {$server}\"\n"; + } + else { + $openvpn_conf .= "push \"dhcp-option DNS {$settings['dhcp_dns']}\"\n"; + } + } + + if (!empty($settings['dhcp_wins'])) { + $servers = explode(';', $settings['dhcp_wins']); + if (is_array($servers)) { + foreach ($servers as $server) $openvpn_conf .= "push \"dhcp-option WINS {$server}\"\n"; + } + else { + $openvpn_conf .= "push \"dhcp-option WINS {$settings['dhcp_wins']}\"\n"; + } + } + + if (!empty($settings['dhcp_nbdd'])) { + $servers = explode(';', $settings['dhcp_nbdd']); + if (is_array($servers)) { + foreach ($servers as $server) $openvpn_conf .= "push \"dhcp-option NBDD {$server}\"\n"; + } + else { + $openvpn_conf .= "push \"dhcp-option NBDD {$settings['dhcp_nbdd']}\"\n"; + } + } + + if (!empty($settings['dhcp_ntp'])) { + $servers = explode(';', $settings['dhcp_ntp']); + if (is_array($servers)) { + foreach ($servers as $server) $openvpn_conf .= "push \"dhcp-option NTP {$server}\"\n"; + } + else { + $openvpn_conf .= "push \"dhcp-option NTP {$settings['dhcp_ntp']}\"\n"; + } + } + + if (!empty($settings['dhcp_nbttype']) && $settings['dhcp_nbttype'] !=0) $openvpn_conf .= "push \"dhcp-option NBT {$settings['dhcp_nbttype']}\"\n"; + if (!empty($settings['dhcp_nbtscope'])) $openvpn_conf .= "push \"dhcp-option NBS {$settings['dhcp_nbtscope']}\"\n"; + if ($settings['dhcp_nbtdisable']) $openvpn_conf .= "push \"dhcp-option DISABLE-NBT\"\n"; + } else { // $mode == client diff --git a/usr/local/pkg/openvpn.xml b/usr/local/pkg/openvpn.xml index dc3a0e1..23bfad0 100644 --- a/usr/local/pkg/openvpn.xml +++ b/usr/local/pkg/openvpn.xml @@ -193,6 +193,77 @@ <cols>40</cols> </field> <field> + <fieldname>dhcp_domainname</fieldname> + <fielddescr>DHCP-Opt.: DNS-Domainname</fielddescr> + <description>Set connection-specific DNS Suffix.</description> + <type>input</type> + </field> + <field> + <fieldname>dhcp_dns</fieldname> + <fielddescr>DHCP-Opt.: DNS-Server</fielddescr> + <description>Set domain name server addressses, separated by semi-colons (;).</description> + <type>input</type> + </field> + <field> + <fieldname>dhcp_wins</fieldname> + <fielddescr>DHCP-Opt.: WINS-Server</fielddescr> + <description>Set WINS server addressses (NetBIOS over TCP/IP Name Server), separated by semi-colons (;).</description> + <type>input</type> + </field> + <field> + <fieldname>dhcp_nbdd</fieldname> + <fielddescr>DHCP-Opt.: NBDD-Server</fielddescr> + <description>Set NBDD server addresses (NetBIOS over TCP/IP Datagram Distribution Server), separated by semi-colons (;).</description> + <type>input</type> + </field> + <field> + <fieldname>dhcp_ntp</fieldname> + <fielddescr>DHCP-Opt.: NTP-Server</fielddescr> + <description>Set NTP server addresses (Network Time Protocol), separated by semi-colons (;).</description> + <type>input</type> + </field> + <field> + <fieldname>dhcp_nbttype</fieldname> + <fielddescr>DHCP-Opt.: NetBIOS node type</fielddescr> + <description>Set NetBIOS over TCP/IP Node type. Possible options: b-node (broadcasts), p-node (point-to-point name queries to a WINS server), m-node (broadcast then query name server), and h-node (query name server, then broadcast).</description> + <type>select</type> + <options> + <option> + <value>0</value> + <name>none</name> + </option> + <option> + <value>1</value> + <name>b-node</name> + </option> + <option> + <value>2</value> + <name>p-node</name> + </option> + <option> + <value>4</value> + <name>m-node</name> + </option> + <option> + <value>8</value> + <name>h-node</name> + </option> + </options> + <default_value>0</default_value> + </field> + <field> + <fieldname>dhcp_nbtscope</fieldname> + <fielddescr>DHCP-Opt.: NetBIOS Scope</fielddescr> + <description>Set NetBIOS over TCP/IP Scope. A NetBIOS Scope ID provides an extended naming service for NetBIOS over TCP/IP. The NetBIOS scope ID isolates NetBIOS traffic on a single network to only those nodes with the same NetBIOS scope ID.</description> + <type>input</type> + </field> + <field> + <fieldname>dhcp_nbtdisable</fieldname> + <fielddescr>DHCP-Opt.: Disable NetBIOS</fielddescr> + <description>If this option is set, Netbios-over-TCP/IP will be disabled.</description> + <type>checkbox</type> + </field> + <field> <fieldname>use_lzo</fieldname> <fielddescr>LZO compression</fielddescr> <description>Checking this will compress the packets using the LZO algorithm before sending them.</description> |
