Add OpenVPN GUI Option for "sndbuf" and "rcvbuf", using the same value for both. Fixes #7507

3 files changed, 53 insertions, 0 deletions

diff --git a/src/etc/inc/openvpn.inc b/src/etc/inc/openvpn.inc
index 3f1c85a..1b8c8e4 100644
--- a/src/etc/inc/openvpn.inc
+++ b/src/etc/inc/openvpn.inc
@@ -484,6 +484,18 @@ function openvpn_get_engines() {
 	return $openssl_engines;
 }
 
+function openvpn_get_buffer_values() {
+	$sendbuf_max = get_single_sysctl('net.inet.tcp.sendbuf_max');
+	$recvbuf_max = get_single_sysctl('net.inet.tcp.recvbuf_max');
+	/* Usually these two are equal, but if they are not, take whichever one is lower. */
+	$buffer_max = ($sendbuf_max <= $recvbuf_max) ? $sendbuf_max : $recvbuf_max;
+	$buffer_values = array('' => gettext('Default'));
+	for ($bs = 32; $bs >= 1; $bs /= 2) {
+		$buffer_values[$buffer_max/$bs] = format_bytes($buffer_max/$bs);
+	}
+	return $buffer_values;
+}
+
 function openvpn_validate_engine($engine) {
 	$engines = openvpn_get_engines();
 	return array_key_exists($engine, $engines);
@@ -1187,6 +1199,15 @@ function openvpn_reconfigure($mode, $settings) {
 		$conf .= "fast-io\n";
 	}
 
+	/* Send and Receive Buffer Settings */
+	if (is_numericint($settings['sndrcvbuf'])
+	    && ($settings['sndrcvbuf'] > 0)
+	    && ($settings['sndrcvbuf'] <= get_single_sysctl('net.inet.tcp.sendbuf_max'))
+	    && ($settings['sndrcvbuf'] <= get_single_sysctl('net.inet.tcp.recvbuf_max'))) {
+		$conf .= "sndbuf {$settings['sndrcvbuf']}\n";
+		$conf .= "rcvbuf {$settings['sndrcvbuf']}\n";
+	}
+
 	openvpn_add_custom($settings, $conf);
 
 	openvpn_create_dirs();
diff --git a/src/usr/local/www/vpn_openvpn_client.php b/src/usr/local/www/vpn_openvpn_client.php
index 4b566a9..f0c612c 100644
--- a/src/usr/local/www/vpn_openvpn_client.php
+++ b/src/usr/local/www/vpn_openvpn_client.php
@@ -164,6 +164,7 @@ if ($act == "edit") {
 		$pconfig['compression'] = $a_client[$id]['compression'];
 		$pconfig['passtos'] = $a_client[$id]['passtos'];
 		$pconfig['udp_fast_io'] = $a_client[$id]['udp_fast_io'];
+		$pconfig['sndrcvbuf'] = $a_client[$id]['sndrcvbuf'];
 		$pconfig['topology'] = $a_client[$id]['topology'];
 
 		// just in case the modes switch
@@ -360,6 +361,10 @@ if ($_POST['save']) {
 		}
 	}
 
+	if (!empty($pconfig['sndrcvbuf']) && !array_key_exists($pconfig['sndrcvbuf'], openvpn_get_buffer_values())) {
+		$input_errors[] = gettext("The supplied Send/Receive Buffer size is invalid.");
+	}
+
 	if (!$input_errors) {
 
 		$client = array();
@@ -434,6 +439,7 @@ if ($_POST['save']) {
 		$client['compression'] = $pconfig['compression'];
 		$client['passtos'] = $pconfig['passtos'];
 		$client['udp_fast_io'] = $pconfig['udp_fast_io'];
+		$client['sndrcvbuf'] = $pconfig['sndrcvbuf'];
 
 		$client['route_no_pull'] = $pconfig['route_no_pull'];
 		$client['route_no_exec'] = $pconfig['route_no_exec'];
@@ -893,6 +899,16 @@ if ($act=="new" || $act=="edit"):
 		'Not compatible with all platforms, and not compatible with OpenVPN bandwidth limiting.');
 
 	$section->addInput(new Form_Select(
+		'sndrcvbuf',
+		'Send/Receive Buffer',
+		$pconfig['sndrcvbuf'],
+		openvpn_get_buffer_values()
+		))->setHelp('Configure a Send and Receive Buffer size for OpenVPN. ' .
+				'The default buffer size can be too small in many cases, depending on hardware and network uplink speeds. ' .
+				'Finding the best buffer size can take some experimentation. To test the best value for a site, start at ' .
+				'512KiB and test higher and lower values.');
+
+	$section->addInput(new Form_Select(
 		'verbosity_level',
 		'Verbosity level',
 		$pconfig['verbosity_level'],
diff --git a/src/usr/local/www/vpn_openvpn_server.php b/src/usr/local/www/vpn_openvpn_server.php
index 3e7ad29..75bd2dc 100644
--- a/src/usr/local/www/vpn_openvpn_server.php
+++ b/src/usr/local/www/vpn_openvpn_server.php
@@ -252,6 +252,7 @@ if ($act == "edit") {
 
 		$pconfig['push_blockoutsidedns'] = $a_server[$id]['push_blockoutsidedns'];
 		$pconfig['udp_fast_io'] = $a_server[$id]['udp_fast_io'];
+		$pconfig['sndrcvbuf'] = $a_server[$id]['sndrcvbuf'];
 		$pconfig['push_register_dns'] = $a_server[$id]['push_register_dns'];
 	}
 }
@@ -479,6 +480,10 @@ if ($_POST['save']) {
 		unset($pconfig['udp_fast_io']);
 	}
 
+	if (!empty($pconfig['sndrcvbuf']) && !array_key_exists($pconfig['sndrcvbuf'], openvpn_get_buffer_values())) {
+		$input_errors[] = gettext("The supplied Send/Receive Buffer size is invalid.");
+	}
+
 	do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
 
 	if (!$input_errors) {
@@ -578,6 +583,7 @@ if ($_POST['save']) {
 		if ($pconfig['udp_fast_io']) {
 			$server['udp_fast_io'] = $pconfig['udp_fast_io'];
 		}
+		$server['sndrcvbuf'] = $pconfig['sndrcvbuf'];
 		if ($pconfig['push_register_dns']) {
 			$server['push_register_dns'] = $pconfig['push_register_dns'];
 		}
@@ -1321,6 +1327,16 @@ if ($act=="new" || $act=="edit"):
 		'Not compatible with all platforms, and not compatible with OpenVPN bandwidth limiting.');
 
 	$section->addInput(new Form_Select(
+		'sndrcvbuf',
+		'Send/Receive Buffer',
+		$pconfig['sndrcvbuf'],
+		openvpn_get_buffer_values()
+		))->setHelp('Configure a Send and Receive Buffer size for OpenVPN. ' .
+				'The default buffer size can be too small in many cases, depending on hardware and network uplink speeds. ' .
+				'Finding the best buffer size can take some experimentation. To test the best value for a site, start at ' .
+				'512KiB and test higher and lower values.');
+
+	$section->addInput(new Form_Select(
 		'verbosity_level',
 		'Verbosity level',
 		$pconfig['verbosity_level'],