diff options
author | Scott Ullrich <sullrich@pfsense.org> | 2006-04-01 22:18:36 +0000 |
---|---|---|
committer | Scott Ullrich <sullrich@pfsense.org> | 2006-04-01 22:18:36 +0000 |
commit | 7c172009f69fdbb8fa168a05eb2caaa5eafe7b11 (patch) | |
tree | 9e60d5895302196978099d720cf875063c636dc5 /usr/local/pkg | |
parent | f0674f6766d804d4323c29d6e1f7fde91b2ca7a5 (diff) | |
download | pfsense-7c172009f69fdbb8fa168a05eb2caaa5eafe7b11.zip pfsense-7c172009f69fdbb8fa168a05eb2caaa5eafe7b11.tar.gz |
MFC Fernando's OpenVPN changes.
Diffstat (limited to 'usr/local/pkg')
-rw-r--r-- | usr/local/pkg/openvpn.xml | 221 | ||||
-rw-r--r-- | usr/local/pkg/openvpn_cli.xml | 216 |
2 files changed, 437 insertions, 0 deletions
diff --git a/usr/local/pkg/openvpn.xml b/usr/local/pkg/openvpn.xml new file mode 100644 index 0000000..471d729 --- /dev/null +++ b/usr/local/pkg/openvpn.xml @@ -0,0 +1,221 @@ +<packagegui> + <name>openvpnserver</name> + <title>OpenVPN: Server</title> + <include_file>openvpn.inc</include_file> + <delete_string>An OpenVPN server has been deleted.</delete_string> + <addedit_string>An OpenVPN server has been created/modified.</addedit_string> + <tabs> + <tab> + <text>Server</text> + <url>/pkg.php?xml=openvpn.xml</url> + <active/> + </tab> + <tab> + <text>Client</text> + <url>/pkg.php?xml=openvpn_cli.xml</url> + </tab> + </tabs> + <adddeleteeditpagefields> + <columnitem> + <fieldname>disable</fieldname> + <fielddescr>Disabled</fielddescr> + <type>checkbox</type> + </columnitem> + <columnitem> + <fieldname>protocol</fieldname> + <fielddescr>Protocol</fielddescr> + </columnitem> + <columnitem> + <fieldname>ipblock</fieldname> + <fielddescr>IP block</fielddescr> + </columnitem> + <columnitem> + <fieldname>description</fieldname> + <fielddescr>Description</fielddescr> + </columnitem> + </adddeleteeditpagefields> + <fields> + <field> + <fieldname>disable</fieldname> + <fielddescr>Disable this tunnel</fielddescr> + <description>This allows you to disable this tunnel without removing it from the list.</description> + <required>yes</required> + <type>checkbox</type> + </field> + <!--<field> + <fieldname>interface</fieldname> + <fielddescr>Interface</fielddescr> + <description>The interface to be used for the VPN. Choose TUN here unless you want bridging.</description> + <required>yes</required> + <type>select</type> + <options> + <option> + <value>tun</value> + <name>TUN</name> + </option> + <option> + <value>tap</value> + <name>TAP</name> + </option> + </options> + </field>--> + <field> + <fieldname>protocol</fieldname> + <fielddescr>Protocol</fielddescr> + <description>The protocol to be used for the VPN.</description> + <required>yes</required> + <type>select</type> + <options> + <option> + <value>UDP</value> + <name>UDP</name> + </option> + <option> + <value>TCP</value> + <name>TCP</name> + </option> + </options> + </field> + <field> + <fieldname>dynamic_ip</fieldname> + <fielddescr>Dynamic IP</fielddescr> + <description>Assume dynamic IPs, so that DHCP clients can connect.</description> + <type>checkbox</type> + </field> + <field> + <fieldname>port</fieldname> + <fielddescr>Local port</fielddescr> + <description>The port OpenVPN will use to connect to the remote endpoint. Should be set to 1194, unless this port is already in use.</description> + <required>yes</required> + <type>input</type> + <size>5</size> + </field> + <field> + <fieldname>local_ip</fieldname> + <fielddescr>Local IP</fielddescr> + <description>This is the local IP of the VPN.</description> + <required>yes</required> + <type>input</type> + </field> + <field> + <fieldname>remote_ip</fieldname> + <fielddescr>Remote IP</fielddescr> + <description>This is the remote IP of the VPN.</description> + <required>yes</required> + <type>input</type> + </field> + <field> + <fieldname>ipblock</fieldname> + <fielddescr>IP block</fielddescr> + <description>This is the remote IP block in (expressed as a CIDR range) that will be accessable from your endpoint, e.g.: '10.2.0.0/16'.</description> + <required>yes</required> + <type>input</type> + </field> + <field> + <fieldname>crypto</fieldname> + <fielddescr>Cryptography</fielddescr> + <description>Here you can choose the cryptography algorithm to be used.</description> + <required>yes</required> + <type>select</type> + </field> + <field> + <fieldname>auth_method</fieldname> + <fielddescr>Authentication method</fielddescr> + <description>The authentication method to be used.</description> + <required>yes</required> + <type>select</type> + <options> + <option> + <value>shared_key</value> + <name>Shared key</name> + </option> + <option> + <value>pki</value> + <name>PKI (Public Key Infrastructure)</name> + </option> + </options> + <onchange>onAuthMethodChanged()</onchange> + </field> + <field> + <fieldname>shared_key</fieldname> + <fielddescr>Shared key</fielddescr> + <description>Paste your shared key here.</description> + <type>textarea</type> + <encoding>base64</encoding> + <rows>8</rows> + <cols>40</cols> + </field> + <field> + <fieldname>ca_cert</fieldname> + <fielddescr>CA certificate</fielddescr> + <description>Paste your CA certificate in X.509 format here.</description> + <type>textarea</type> + <encoding>base64</encoding> + <rows>8</rows> + <cols>40</cols> + </field> + <field> + <fieldname>server_cert</fieldname> + <fielddescr>Server certificate</fielddescr> + <description>Paste your server certificate in X.509 format here.</description> + <type>textarea</type> + <encoding>base64</encoding> + <rows>8</rows> + <cols>40</cols> + </field> + <field> + <fieldname>server_key</fieldname> + <fielddescr>Server key</fielddescr> + <description>Paste your server key in RSA format here.</description> + <type>textarea</type> + <encoding>base64</encoding> + <rows>8</rows> + <cols>40</cols> + </field> + <field> + <fieldname>dh_params</fieldname> + <fielddescr>DH parameters</fielddescr> + <description>Paste your Diffie Hellman parameters in PEM format here.</description> + <type>textarea</type> + <encoding>base64</encoding> + <rows>8</rows> + <cols>40</cols> + </field> + <field> + <fieldname>crl</fieldname> + <fielddescr>CRL</fielddescr> + <description>Paste your certificate revocation list (CRL) in PEM format here (optional).</description> + <type>textarea</type> + <encoding>base64</encoding> + <rows>8</rows> + <cols>40</cols> + </field> + <field> + <fieldname>use_lzo</fieldname> + <fielddescr>LZO compression</fielddescr> + <description>Checking this will compress the packets using the LZO algorithm before sending them.</description> + <type>checkbox</type> + </field> + <field> + <fieldname>description</fieldname> + <fielddescr>Description</fielddescr> + <description>You may enter a description here. This is optional and is not parsed.</description> + <type>input</type> + </field> + </fields> + <custom_php_command_before_form> + openvpn_get_ciphers(&$pkg); + </custom_php_command_before_form> + <custom_php_after_head_command> + openvpn_print_javascript('server'); + </custom_php_after_head_command> + <custom_php_after_form_command> + openvpn_print_javascript2(); + </custom_php_after_form_command> + <custom_php_validation_command> + openvpn_validate_input('server', $_POST, &$input_errors); + </custom_php_validation_command> + <custom_php_resync_config_command> + openvpn_resync('server', $_POST['id']); + </custom_php_resync_config_command> +</packagegui> diff --git a/usr/local/pkg/openvpn_cli.xml b/usr/local/pkg/openvpn_cli.xml new file mode 100644 index 0000000..ce9eabe --- /dev/null +++ b/usr/local/pkg/openvpn_cli.xml @@ -0,0 +1,216 @@ +<packagegui> + <name>openvpnclient</name> + <title>OpenVPN: Client</title> + <include_file>openvpn.inc</include_file> + <delete_string>An OpenVPN client has been deleted.</delete_string> + <addedit_string>An OpenVPN client has been created/modified.</addedit_string> + <tabs> + <tab> + <text>Server</text> + <url>/pkg.php?xml=openvpn.xml</url> + </tab> + <tab> + <text>Client</text> + <url>/pkg.php?xml=openvpn_cli.xml</url> + <active/> + </tab> + </tabs> + <adddeleteeditpagefields> + <columnitem> + <fieldname>disable</fieldname> + <fielddescr>Disabled</fielddescr> + <type>checkbox</type> + </columnitem> + <columnitem> + <fieldname>serveraddr</fieldname> + <fielddescr>Server</fielddescr> + </columnitem> + <columnitem> + <fieldname>protocol</fieldname> + <fielddescr>Protocol</fielddescr> + </columnitem> + <columnitem> + <fieldname>ipblock</fieldname> + <fielddescr>IP block</fielddescr> + </columnitem> + <columnitem> + <fieldname>description</fieldname> + <fielddescr>Description</fielddescr> + </columnitem> + </adddeleteeditpagefields> + <fields> + <field> + <fieldname>disable</fieldname> + <fielddescr>Disable this tunnel</fielddescr> + <description>This allows you to disable this tunnel without removing it from the list.</description> + <required>yes</required> + <type>checkbox</type> + </field> + <!--<field> + <fieldname>interface</fieldname> + <fielddescr>Interface</fielddescr> + <description>The interface to be used for the VPN. Choose TUN here unless you want bridging.</description> + <required>yes</required> + <type>select</type> + <options> + <option> + <value>tun</value> + <name>TUN</name> + </option> + <option> + <value>tap</value> + <name>TAP</name> + </option> + </options> + </field>--> + <field> + <fieldname>protocol</fieldname> + <fielddescr>Protocol</fielddescr> + <description>The protocol to be used for the VPN.</description> + <required>yes</required> + <type>select</type> + <options> + <option> + <value>UDP</value> + <name>UDP</name> + </option> + <option> + <value>TCP</value> + <name>TCP</name> + </option> + </options> + </field> + <field> + <fieldname>port</fieldname> + <fielddescr>Local port</fielddescr> + <description>The port OpenVPN will use to connect to the remote endpoint. Should be set to 1194, unless this port is already in use.</description> + <required>yes</required> + <type>input</type> + <size>5</size> + </field> + <field> + <fieldname>serveraddr</fieldname> + <fielddescr>Server address</fielddescr> + <description>This is the address OpenVPN will try to connect to in order to establish the tunnel. Set it to the remote endpoint's address.</description> + <required>yes</required> + <type>input</type> + </field> + <field> + <fieldname>serverport</fieldname> + <fielddescr>Server port</fielddescr> + <description>The port OpenVPN will use to connect to the server. Most people would want to use 1194 here.</description> + <required>yes</required> + <type>input</type> + <size>5</size> + </field> + <field> + <fieldname>local_ip</fieldname> + <fielddescr>Local IP</fielddescr> + <description>This is the local IP of the VPN.</description> + <required>yes</required> + <type>input</type> + </field> + <field> + <fieldname>remote_ip</fieldname> + <fielddescr>Remote IP</fielddescr> + <description>This is the remote IP of the VPN.</description> + <required>yes</required> + <type>input</type> + </field> + <field> + <fieldname>ipblock</fieldname> + <fielddescr>IP block</fielddescr> + <description>This is the remote IP block in (expressed as a CIDR range) that will be accessable from your endpoint, e.g.: '10.2.0.0/16'.</description> + <required>yes</required> + <type>input</type> + </field> + <field> + <fieldname>crypto</fieldname> + <fielddescr>Cryptography</fielddescr> + <description>Here you can choose the cryptography algorithm to be used.</description> + <required>yes</required> + <type>select</type> + </field> + <field> + <fieldname>auth_method</fieldname> + <fielddescr>Authentication method</fielddescr> + <description>The authentication method to be used.</description> + <required>yes</required> + <type>select</type> + <options> + <option> + <value>shared_key</value> + <name>Shared key</name> + </option> + <option> + <value>pki</value> + <name>PKI (Public Key Infrastructure)</name> + </option> + </options> + <onchange>onAuthMethodChanged()</onchange> + </field> + <field> + <fieldname>shared_key</fieldname> + <fielddescr>Shared key</fielddescr> + <description>Paste your shared key here.</description> + <type>textarea</type> + <encoding>base64</encoding> + <rows>8</rows> + <cols>40</cols> + </field> + <field> + <fieldname>ca_cert</fieldname> + <fielddescr>CA certificate</fielddescr> + <description>Paste the server's CA certificate in X.509 format here.</description> + <type>textarea</type> + <encoding>base64</encoding> + <rows>8</rows> + <cols>40</cols> + </field> + <field> + <fieldname>client_cert</fieldname> + <fielddescr>Client certificate</fielddescr> + <description>Paste your client certificate in X.509 format here.</description> + <type>textarea</type> + <encoding>base64</encoding> + <rows>8</rows> + <cols>40</cols> + </field> + <field> + <fieldname>client_key</fieldname> + <fielddescr>Client key</fielddescr> + <description>Paste your client key in RSA format here.</description> + <type>textarea</type> + <encoding>base64</encoding> + <rows>8</rows> + <cols>40</cols> + </field> + <field> + <fieldname>use_lzo</fieldname> + <fielddescr>LZO compression</fielddescr> + <description>Checking this will compress the packets using the LZO algorithm before sending them.</description> + <type>checkbox</type> + </field> + <field> + <fieldname>description</fieldname> + <fielddescr>Description</fielddescr> + <description>You may enter a description here. This is optional and is not parsed.</description> + <type>input</type> + </field> + </fields> + <custom_php_command_before_form> + openvpn_get_ciphers(&$pkg); + </custom_php_command_before_form> + <custom_php_after_head_command> + openvpn_print_javascript('client'); + </custom_php_after_head_command> + <custom_php_after_form_command> + openvpn_print_javascript2(); + </custom_php_after_form_command> + <custom_php_validation_command> + openvpn_validate_input('client', $_POST, &$input_errors); + </custom_php_validation_command> + <custom_php_resync_config_command> + openvpn_resync('client', $_POST['id']); + </custom_php_resync_config_command> +</packagegui> |