diff options
author | jim-p <jimp@pfsense.org> | 2017-01-02 21:24:07 -0500 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2017-01-02 21:24:07 -0500 |
commit | a4b3624650aa46c9dc4a20afc5b522c6b9191904 (patch) | |
tree | b4c0d4c28c965c5978c611f6b60894f69792eac9 /src | |
parent | c66990a8b0f1b8f2246946a6fe7445d6696e13c5 (diff) | |
download | pfsense-a4b3624650aa46c9dc4a20afc5b522c6b9191904.zip pfsense-a4b3624650aa46c9dc4a20afc5b522c6b9191904.tar.gz |
Bring compression options in line with OpenVPN 2.4. Note that the old style options are deprecated/legacy but don't remove yet, for compatibility. Implements #7064
Diffstat (limited to 'src')
-rw-r--r-- | src/etc/inc/openvpn.inc | 45 | ||||
-rw-r--r-- | src/usr/local/www/vpn_openvpn_server.php | 12 |
2 files changed, 47 insertions, 10 deletions
diff --git a/src/etc/inc/openvpn.inc b/src/etc/inc/openvpn.inc index 35be079..9a8289a 100644 --- a/src/etc/inc/openvpn.inc +++ b/src/etc/inc/openvpn.inc @@ -119,11 +119,16 @@ $openvpn_client_modes = array( global $openvpn_compression_modes; $openvpn_compression_modes = array( - '' => gettext("No Preference"), - 'noadapt' => gettext("No Preference and Adaptive Compression Disabled"), - 'no' => gettext("Disabled - No Compression"), - 'adaptive' => gettext("Enabled with Adaptive Compression"), - 'yes' => gettext("Enabled without Adaptive Compression")); + '' => gettext("Omit Preference (Use OpenVPN Default)"), + 'lz4' => gettext("LZ4 Compression [compress lz4]"), + 'lz4-v2' => gettext("LZ4 Comression v2 [compress lz4-v2]"), + 'lzo' => gettext("LZO Compression [compress lzo, equivalent to comp-lzo yes for compatibility]"), + 'stub' => gettext("Enable Compression (stub) [compress]"), + 'noadapt' => gettext("Omit Preference, + Disable Adaptive LZO Compression [Legacy style, comp-noadapt]"), + 'adaptive' => gettext("Adaptive LZO Compression [Legacy style, comp-lzo adaptive]"), + 'yes' => gettext("LZO Compression [Legacy style, comp-lzo yes]"), + 'no' => gettext("No LZO Compression [Legacy style, comp-lzo no]"), +); global $openvpn_topologies; $openvpn_topologies = array( @@ -1082,11 +1087,31 @@ function openvpn_reconfigure($mode, $settings) { break; } - if (!empty($settings['compression'])) { - if ($settings['compression'] == "noadapt") { - $conf .= "comp-noadapt\n"; - } else { - $conf .= "comp-lzo {$settings['compression']}\n"; + $compression = ""; + switch ($settings['compression']) { + case 'lz4': + case 'lz4-v2': + case 'lzo': + case 'stub': + $compression .= "compress {$settings['compression']}"; + break; + case 'noadapt': + $compression .= "comp-noadapt"; + break; + case 'adaptive': + case 'yes': + case 'no': + $compression .= "comp-lzo {$settings['compression']}"; + break; + default: + /* Add nothing to the configuration */ + break; + } + + if (!empty($compression)) { + $conf .= "{$compression}\n"; + if ($settings['compression_push']) { + $conf .= "push \"{$compression}\"\n"; } } diff --git a/src/usr/local/www/vpn_openvpn_server.php b/src/usr/local/www/vpn_openvpn_server.php index 8da8fee..452826d 100644 --- a/src/usr/local/www/vpn_openvpn_server.php +++ b/src/usr/local/www/vpn_openvpn_server.php @@ -165,6 +165,7 @@ if ($_GET['act'] == "edit") { $pconfig['local_networkv6'] = $a_server[$id]['local_networkv6']; $pconfig['maxclients'] = $a_server[$id]['maxclients']; $pconfig['compression'] = $a_server[$id]['compression']; + $pconfig['compression_push'] = $a_server[$id]['compression_push']; $pconfig['passtos'] = $a_server[$id]['passtos']; $pconfig['client2client'] = $a_server[$id]['client2client']; @@ -498,6 +499,7 @@ if ($_POST) { $server['local_networkv6'] = $pconfig['local_networkv6']; $server['maxclients'] = $pconfig['maxclients']; $server['compression'] = $pconfig['compression']; + $server['compression_push'] = $pconfig['compression_push']; $server['passtos'] = $pconfig['passtos']; $server['client2client'] = $pconfig['client2client']; @@ -962,6 +964,13 @@ if ($act=="new" || $act=="edit"): 'packets is not being compressed efficiently.'); $section->addInput(new Form_Checkbox( + 'compression_push', + 'Push Compression', + 'Push the selected Compression setting to connecting clients.', + $pconfig['compression_push'] + )); + + $section->addInput(new Form_Checkbox( 'passtos', 'Type-of-Service', 'Set the TOS IP header value of tunnel packets to match the encapsulated packet value.', @@ -1308,6 +1317,7 @@ events.push(function() { hideCheckbox('autokey_enable', true); hideInput('shared_key', false); hideInput('topology', false); + hideCheckbox('compression_push', false); break; case "server_tls_user": hideInput('tls', false); @@ -1319,6 +1329,7 @@ events.push(function() { hideCheckbox('autokey_enable', true); hideInput('shared_key', true); hideInput('topology', false); + hideCheckbox('compression_push', false); break; case "p2p_shared_key": hideInput('tls', true); @@ -1335,6 +1346,7 @@ events.push(function() { hideCheckbox('autokey_enable', true); hideInput('shared_key', false); hideInput('topology', true); + hideCheckbox('compression_push', true); break; } |