diff options
author | Matthew Grooms <mgrooms@pfsense.org> | 2008-08-26 23:49:04 +0000 |
---|---|---|
committer | Matthew Grooms <mgrooms@pfsense.org> | 2008-08-26 23:49:04 +0000 |
commit | f432e364b2acdf561eaaef02d110c821ab4cb451 (patch) | |
tree | d2af0f174f0c1689b275fa5ee9149ba652d4ae6c | |
parent | c3d42a86c90be574a2b6aa4f629a7afa4a1fa7a1 (diff) | |
download | pfsense-f432e364b2acdf561eaaef02d110c821ab4cb451.zip pfsense-f432e364b2acdf561eaaef02d110c821ab4cb451.tar.gz |
Set some important default values for the new OpenVPN interface screens.
Add functions and interface code to handle local port conflict detection
and resolution.
-rw-r--r-- | etc/inc/openvpn.inc | 32 | ||||
-rw-r--r-- | usr/local/www/vpn_openvpn_client.php | 23 | ||||
-rw-r--r-- | usr/local/www/vpn_openvpn_server.php | 18 |
3 files changed, 67 insertions, 6 deletions
diff --git a/etc/inc/openvpn.inc b/etc/inc/openvpn.inc index 1225f40..f7c8d7f 100644 --- a/etc/inc/openvpn.inc +++ b/etc/inc/openvpn.inc @@ -40,6 +40,7 @@ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ +/* DISABLE_PHP_LINT_CHECKING */ require_once('config.inc'); require_once('pfsense-utils.inc'); @@ -56,12 +57,12 @@ function openvpn_vpnid_used($vpnid) { if (is_array($config['openvpn']['openvpn-server'])) foreach ($config['openvpn']['openvpn-server'] as $id => & $settings) - if( $vpnid == $settings['vpnid'] ) + if ($vpnid == $settings['vpnid']) return true; if (is_array($config['openvpn']['openvpn-client'])) foreach ($config['openvpn']['openvpn-client'] as $id => & $settings) - if( $vpnid == $settings['vpnid'] ) + if ($vpnid == $settings['vpnid']) return true; return false; @@ -76,6 +77,33 @@ function openvpn_vpnid_next() { return $vpnid; } +function openvpn_port_used($prot, $port) { + global $config; + + if (is_array($config['openvpn']['openvpn-server'])) + foreach ($config['openvpn']['openvpn-server'] as $id => & $settings) + if ($port == $settings['local_port'] && + $prot == $settings['protocol']) + return $settings['vpnid']; + + if (is_array($config['openvpn']['openvpn-client'])) + foreach ($config['openvpn']['openvpn-client'] as $id => & $settings) + if ($port == $settings['local_port'] && + $prot == $settings['protocol']) + return $settings['vpnid']; + + return 0; +} + +function openvpn_port_next($prot) { + + $port = 1194; + while(openvpn_port_used($prot, $port)) + $port++; + + return $port; +} + function openvpn_get_cipherlist() { $ciphers = array(); diff --git a/usr/local/www/vpn_openvpn_client.php b/usr/local/www/vpn_openvpn_client.php index 4f42e40..107edf3 100644 --- a/usr/local/www/vpn_openvpn_client.php +++ b/usr/local/www/vpn_openvpn_client.php @@ -65,6 +65,11 @@ if ($_GET['act'] == "del") { $savemsg = gettext("Client successfully deleted")."<br/>"; } +if($_GET['act']=="new"){ + $pconfig['interface'] = "wan"; + $pconfig['server_port'] = 1194; +} + if($_GET['act']=="edit"){ if (isset($id) && $a_client[$id]) { @@ -101,7 +106,21 @@ if ($_POST) { unset($input_errors); $pconfig = $_POST; + if (isset($id) && $a_server[$id]) + $vpnid = $a_server[$id]['vpnid']; + else + $vpnid = 0; + /* input validation */ + if ($pconfig['local_port']) { + + if ($result = openvpn_validate_port($pconfig['local_port'], 'Local port')) + $input_errors[] = $result; + + if (openvpn_port_used($pconfig['protocol'], $pconfig['local_port']) != $vpnid) + $input_errors[] = "The specified 'Local port' is in use. Please select another value"; + } + if ($result = openvpn_validate_host($pconfig['server_addr'], 'Server host or address')) $input_errors[] = $result; @@ -142,8 +161,8 @@ if ($_POST) { $client = array(); - if (isset($id) && $a_client[$id]) - $client['vpnid'] = $a_client[$id]['vpnid']; + if ($vpnid) + $client['vpnid'] = $vpnid; else $client['vpnid'] = openvpn_vpnid_next(); diff --git a/usr/local/www/vpn_openvpn_server.php b/usr/local/www/vpn_openvpn_server.php index e2b2b84..b4db40c 100644 --- a/usr/local/www/vpn_openvpn_server.php +++ b/usr/local/www/vpn_openvpn_server.php @@ -65,6 +65,12 @@ if ($_GET['act'] == "del") { $savemsg = gettext("Server successfully deleted")."<br/>"; } +if($_GET['act']=="new"){ + $pconfig['interface'] = "wan"; + $pconfig['local_port'] = openvpn_port_next('UDP'); + $pconfig['pool_enable'] = "yes"; +} + if($_GET['act']=="edit"){ if (isset($id) && $a_server[$id]) { @@ -136,6 +142,11 @@ if ($_POST) { unset($input_errors); $pconfig = $_POST; + if (isset($id) && $a_server[$id]) + $vpnid = $a_server[$id]['vpnid']; + else + $vpnid = 0; + /* input validation */ if ($result = openvpn_validate_port($pconfig['local_port'], 'Local port')) $input_errors[] = $result; @@ -149,6 +160,9 @@ if ($_POST) { if ($result = openvpn_validate_cidr($pconfig['local_network'], 'Local network')) $input_errors[] = $result; + if (openvpn_port_used($pconfig['protocol'], $pconfig['local_port']) != $vpnid) + $input_errors[] = "The specified 'Local port' is in use. Please select another value"; + if ($pconfig['auth_method'] == 'shared_key') if (!strstr($pconfig['shared_key'], "-----BEGIN OpenVPN Static key V1-----") || !strstr($pconfig['shared_key'], "-----END OpenVPN Static key V1-----")) @@ -205,8 +219,8 @@ if ($_POST) { $server = array(); - if (isset($id) && $a_server[$id]) - $server['vpnid'] = $a_server[$id]['vpnid']; + if ($vpnid) + $server['vpnid'] = $vpnid; else $server['vpnid'] = openvpn_vpnid_next(); |