patchpack1

-Fix #3401 (Added tun option "Disable IPv6" -Added new options: route-nopull, route-noexec, verb;
author: Dmitriy K. <levantin@mail.nnov.ru> 2014-06-17 11:01:48 +0400
committer: Dmitriy K. <levantin@mail.nnov.ru> 2014-06-17 11:01:48 +0400
commit: b9e9903ddb21665023c9fcc241099476a42a9dbd (patch)
tree: 215266c4cd3f2e518dd8c7973d7941f1f4f2ad40 /usr/local/www/vpn_openvpn_client.php
parent: 7860191a10545a809673d4c8203c925156609da3 (diff)
download: pfsense-b9e9903ddb21665023c9fcc241099476a42a9dbd.zip
pfsense-b9e9903ddb21665023c9fcc241099476a42a9dbd.tar.gz
1 files changed, 108 insertions, 1 deletions
diff --git a/usr/local/www/vpn_openvpn_client.php b/usr/local/www/vpn_openvpn_client.php
index d5b479e..f80694b 100644
--- a/usr/local/www/vpn_openvpn_client.php
+++ b/usr/local/www/vpn_openvpn_client.php
@@ -93,6 +93,7 @@ if($_GET['act']=="new"){
 	$pconfig['autotls_enable'] = "yes";
 	$pconfig['interface'] = "wan";
 	$pconfig['server_port'] = 1194;
+	$pconfig['verbosity_level'] = 1; // Default verbosity is 1
 	// OpenVPN Defaults to SHA1
 	$pconfig['digest'] = "SHA1";
 }
@@ -152,6 +153,12 @@ if($_GET['act']=="edit"){
 		// just in case the modes switch
 		$pconfig['autokey_enable'] = "yes";
 		$pconfig['autotls_enable'] = "yes";
+		
+		// New features
+		$pconfig['no_tun_ipv6'] = $a_client[$id]['no_tun_ipv6'];
+		$pconfig['route_no_pull'] = $a_client[$id]['route_no_pull'];
+		$pconfig['route_no_exec'] = $a_client[$id]['route_no_exec'];
+		$pconfig['verbosity_level'] = $a_client[$id]['verbosity_level'];
 	}
 }
 
@@ -311,6 +318,12 @@ if ($_POST) {
 		$client['compression'] = $pconfig['compression'];
 		$client['passtos'] = $pconfig['passtos'];
 
+		// New features
+		$client['no_tun_ipv6'] = $pconfig['no_tun_ipv6'];
+		$client['route_no_pull'] = $pconfig['route_no_pull'];
+		$client['route_no_exec'] = $pconfig['route_no_exec'];
+		$client['verbosity_level'] = $pconfig['verbosity_level'];
+
 		if (isset($id) && $a_client[$id])
 			$a_client[$id] = $client;
 		else
@@ -352,6 +365,19 @@ function mode_change() {
 	}
 }
 
+function dev_mode_change() {
+	index = document.iform.dev_mode.selectedIndex;
+	value = document.iform.dev_mode.options[index].value;
+	switch(value) {
+		case "tun":
+			document.getElementById("chkboxNoTunIPv6").style.display="";
+			break;
+		case "tap":
+			document.getElementById("chkboxNoTunIPv6").style.display="none";
+			break;
+	}
+}
+
 function autokey_change() {
 	if (document.iform.autokey_enable.checked)
 		document.getElementById("autokey_opts").style.display="none";
@@ -482,7 +508,7 @@ if ($savemsg)
 					<tr>
 						<td width="22%" valign="top" class="vncellreq"><?=gettext("Device mode");?></td>
 							<td width="78%" class="vtable">
-							<select name='dev_mode' class="formselect">
+							<select name='dev_mode' class="formselect" onchange="dev_mode_change()">
 							<?php
 								foreach ($openvpn_dev_mode as $mode):
 									$selected = "";
@@ -954,6 +980,64 @@ if ($savemsg)
 							</table>
 						</td>
 					</tr>
+
+
+					<tr id="chkboxNoTunIPv6">
+						<td width="22%" valign="top" class="vncell"><?=gettext("Disable IPv6"); ?></td>
+						<td width="78%" class="vtable">
+							<table border="0" cellpadding="2" cellspacing="0" summary="disable-ipv6">
+								<tr>
+									<td>
+										<?php set_checked($pconfig['no_tun_ipv6'],$chk); ?>
+										<input name="no_tun_ipv6" type="checkbox" value="yes" <?=$chk;?> />
+									</td>
+									<td>
+										<span class="vexpl">
+											<?=gettext("Do not forward IPv6 traffic"); ?>.
+										</span>
+									</td>
+								</tr>
+							</table>
+						</td>
+					</tr>
+
+					<tr id="chkboxRouteNoPull">
+						<td width="22%" valign="top" class="vncell"><?=gettext("Dont pull routes"); ?></td>
+						<td width="78%" class="vtable">
+							<table border="0" cellpadding="2" cellspacing="0" summary="dont-pull-routes">
+								<tr>
+									<td>
+										<?php set_checked($pconfig['route_no_pull'],$chk); ?>
+										<input name="route_no_pull" type="checkbox" value="yes" <?=$chk;?> />
+									</td>
+									<td>
+										<span class="vexpl">
+											<?=gettext("Don't add or remove routes automatically. Instead pass routes to "); ?> <strong>--route-up</strong> <?=gettext("script using environmental variables"); ?>.
+										</span>
+									</td>
+								</tr>
+							</table>
+						</td>
+					</tr>
+
+					<tr id="chkboxRouteNoExec">
+						<td width="22%" valign="top" class="vncell"><?=gettext("Dont add/remove routes"); ?></td>
+						<td width="78%" class="vtable">
+							<table border="0" cellpadding="2" cellspacing="0" summary="dont-exec-routes">
+								<tr>
+									<td>
+										<?php set_checked($pconfig['route_no_exec'],$chk); ?>
+										<input name="route_no_exec" type="checkbox" value="yes" <?=$chk;?> />
+									</td>
+									<td>
+										<span class="vexpl">
+											<?=gettext("This option effectively bars the server from adding routes to the client's routing table, however note that this option still allows the server to set the TCP/IP properties of the client's TUN/TAP interface"); ?>.
+										</span>
+									</td>
+								</tr>
+							</table>
+						</td>
+					</tr>
 				</table>
 
 				<table width="100%" border="0" cellpadding="6" cellspacing="0" id="client_opts" summary="advance configuration">
@@ -977,6 +1061,29 @@ if ($savemsg)
 							</table>
 						</td>
 					</tr>
+
+					<tr id="comboboxVerbosityLevel">
+							<td width="22%" valign="top" class="vncell"><?=gettext("Verbosity level");?></td>
+							<td width="78%" class="vtable">
+							<select name="verbosity_level" class="formselect">
+							<?php
+								foreach ($openvpn_verbosity_level as $verb_value => $verb_desc):
+									$selected = "";
+									if ($pconfig['verbosity_level'] == $verb_value)
+										$selected = "selected=\"selected\"";
+							?>
+								<option value="<?=$verb_value;?>" <?=$selected;?>><?=$verb_desc;?></option>
+							<?php endforeach; ?>
+							</select>
+							<br />
+							<?=gettext("Each level shows all info from the previous levels. Level 3 is recommended if you want a good summary of what's happening without being swamped by output"); ?>.<br /> <br />
+							<strong>none</strong> -- <?=gettext("No output except fatal errors"); ?>. <br />
+							<strong>default</strong>-<strong>4</strong> -- <?=gettext("Normal usage range"); ?>. <br />
+							<strong>5</strong> -- <?=gettext("Output R and W characters to the console for each packet read and write, uppercase is used for TCP/UDP packets and lowercase is used for TUN/TAP packets"); ?>. <br />
+							<strong>6</strong>-<strong>11</strong> -- <?=gettext("Debug info range"); ?>.
+							</td>
+					</tr>
+
 				</table>
 
 				<br />
author	Dmitriy K. <levantin@mail.nnov.ru>	2014-06-17 11:01:48 +0400
committer	Dmitriy K. <levantin@mail.nnov.ru>	2014-06-17 11:01:48 +0400
commit	b9e9903ddb21665023c9fcc241099476a42a9dbd (patch)
tree	215266c4cd3f2e518dd8c7973d7941f1f4f2ad40 /usr/local/www/vpn_openvpn_client.php
parent	7860191a10545a809673d4c8203c925156609da3 (diff)
download	pfsense-b9e9903ddb21665023c9fcc241099476a42a9dbd.zip pfsense-b9e9903ddb21665023c9fcc241099476a42a9dbd.tar.gz