diff options
author | Renato Botelho <garga@FreeBSD.org> | 2014-06-25 12:18:25 -0300 |
---|---|---|
committer | Renato Botelho <garga@FreeBSD.org> | 2014-06-25 12:18:25 -0300 |
commit | 4b167dcd1130f99b7a707df817999ebf64b40311 (patch) | |
tree | a41ad83e44edc07ed510e5228e6cfe45e7a36e9e /usr/local | |
parent | b0cbebeb351fbfe50cd164a87f466f91e7aea4f3 (diff) | |
parent | b176474b55fb61e071dbf73f8e17c8382223f976 (diff) | |
download | pfsense-4b167dcd1130f99b7a707df817999ebf64b40311.zip pfsense-4b167dcd1130f99b7a707df817999ebf64b40311.tar.gz |
Merge pull request #1238 from DasTestament/master
Diffstat (limited to 'usr/local')
-rw-r--r-- | usr/local/www/vpn_openvpn_client.php | 109 | ||||
-rw-r--r-- | usr/local/www/vpn_openvpn_server.php | 57 |
2 files changed, 164 insertions, 2 deletions
diff --git a/usr/local/www/vpn_openvpn_client.php b/usr/local/www/vpn_openvpn_client.php index d5b479e..3be3a5e 100644 --- a/usr/local/www/vpn_openvpn_client.php +++ b/usr/local/www/vpn_openvpn_client.php @@ -93,6 +93,7 @@ if($_GET['act']=="new"){ $pconfig['autotls_enable'] = "yes"; $pconfig['interface'] = "wan"; $pconfig['server_port'] = 1194; + $pconfig['verbosity_level'] = 1; // Default verbosity is 1 // OpenVPN Defaults to SHA1 $pconfig['digest'] = "SHA1"; } @@ -152,6 +153,14 @@ if($_GET['act']=="edit"){ // just in case the modes switch $pconfig['autokey_enable'] = "yes"; $pconfig['autotls_enable'] = "yes"; + + $pconfig['no_tun_ipv6'] = $a_client[$id]['no_tun_ipv6']; + $pconfig['route_no_pull'] = $a_client[$id]['route_no_pull']; + $pconfig['route_no_exec'] = $a_client[$id]['route_no_exec']; + if (isset($a_client[$id]['verbosity_level'])) + $pconfig['verbosity_level'] = $a_client[$id]['verbosity_level']; + else + $pconfig['verbosity_level'] = 1; // Default verbosity is 1 } } @@ -311,6 +320,11 @@ if ($_POST) { $client['compression'] = $pconfig['compression']; $client['passtos'] = $pconfig['passtos']; + $client['no_tun_ipv6'] = $pconfig['no_tun_ipv6']; + $client['route_no_pull'] = $pconfig['route_no_pull']; + $client['route_no_exec'] = $pconfig['route_no_exec']; + $client['verbosity_level'] = $pconfig['verbosity_level']; + if (isset($id) && $a_client[$id]) $a_client[$id] = $client; else @@ -352,6 +366,19 @@ function mode_change() { } } +function dev_mode_change() { + index = document.iform.dev_mode.selectedIndex; + value = document.iform.dev_mode.options[index].value; + switch(value) { + case "tun": + document.getElementById("chkboxNoTunIPv6").style.display=""; + break; + case "tap": + document.getElementById("chkboxNoTunIPv6").style.display="none"; + break; + } +} + function autokey_change() { if (document.iform.autokey_enable.checked) document.getElementById("autokey_opts").style.display="none"; @@ -482,7 +509,7 @@ if ($savemsg) <tr> <td width="22%" valign="top" class="vncellreq"><?=gettext("Device mode");?></td> <td width="78%" class="vtable"> - <select name='dev_mode' class="formselect"> + <select name='dev_mode' class="formselect" onchange="dev_mode_change()"> <?php foreach ($openvpn_dev_mode as $mode): $selected = ""; @@ -954,6 +981,63 @@ if ($savemsg) </table> </td> </tr> + + <tr id="chkboxNoTunIPv6"> + <td width="22%" valign="top" class="vncell"><?=gettext("Disable IPv6"); ?></td> + <td width="78%" class="vtable"> + <table border="0" cellpadding="2" cellspacing="0" summary="disable-ipv6"> + <tr> + <td> + <?php set_checked($pconfig['no_tun_ipv6'],$chk); ?> + <input name="no_tun_ipv6" type="checkbox" value="yes" <?=$chk;?> /> + </td> + <td> + <span class="vexpl"> + <?=gettext("Don't forward IPv6 traffic"); ?>. + </span> + </td> + </tr> + </table> + </td> + </tr> + + <tr id="chkboxRouteNoPull"> + <td width="22%" valign="top" class="vncell"><?=gettext("Don't pull routes"); ?></td> + <td width="78%" class="vtable"> + <table border="0" cellpadding="2" cellspacing="0" summary="dont-pull-routes"> + <tr> + <td> + <?php set_checked($pconfig['route_no_pull'],$chk); ?> + <input name="route_no_pull" type="checkbox" value="yes" <?=$chk;?> /> + </td> + <td> + <span class="vexpl"> + <?=gettext("Don't add or remove routes automatically. Instead pass routes to "); ?> <strong>--route-up</strong> <?=gettext("script using environmental variables"); ?>. + </span> + </td> + </tr> + </table> + </td> + </tr> + + <tr id="chkboxRouteNoExec"> + <td width="22%" valign="top" class="vncell"><?=gettext("Don't add/remove routes"); ?></td> + <td width="78%" class="vtable"> + <table border="0" cellpadding="2" cellspacing="0" summary="dont-exec-routes"> + <tr> + <td> + <?php set_checked($pconfig['route_no_exec'],$chk); ?> + <input name="route_no_exec" type="checkbox" value="yes" <?=$chk;?> /> + </td> + <td> + <span class="vexpl"> + <?=gettext("This option effectively bars the server from adding routes to the client's routing table, however note that this option still allows the server to set the TCP/IP properties of the client's TUN/TAP interface"); ?>. + </span> + </td> + </tr> + </table> + </td> + </tr> </table> <table width="100%" border="0" cellpadding="6" cellspacing="0" id="client_opts" summary="advance configuration"> @@ -977,6 +1061,29 @@ if ($savemsg) </table> </td> </tr> + + <tr id="comboboxVerbosityLevel"> + <td width="22%" valign="top" class="vncell"><?=gettext("Verbosity level");?></td> + <td width="78%" class="vtable"> + <select name="verbosity_level" class="formselect"> + <?php + foreach ($openvpn_verbosity_level as $verb_value => $verb_desc): + $selected = ""; + if ($pconfig['verbosity_level'] == $verb_value) + $selected = "selected=\"selected\""; + ?> + <option value="<?=$verb_value;?>" <?=$selected;?>><?=$verb_desc;?></option> + <?php endforeach; ?> + </select> + <br /> + <?=gettext("Each level shows all info from the previous levels. Level 3 is recommended if you want a good summary of what's happening without being swamped by output"); ?>.<br /> <br /> + <strong>none</strong> -- <?=gettext("No output except fatal errors"); ?>. <br /> + <strong>default</strong>-<strong>4</strong> -- <?=gettext("Normal usage range"); ?>. <br /> + <strong>5</strong> -- <?=gettext("Output R and W characters to the console for each packet read and write, uppercase is used for TCP/UDP packets and lowercase is used for TUN/TAP packets"); ?>. <br /> + <strong>6</strong>-<strong>11</strong> -- <?=gettext("Debug info range"); ?>. + </td> + </tr> + </table> <br /> diff --git a/usr/local/www/vpn_openvpn_server.php b/usr/local/www/vpn_openvpn_server.php index e840911..9c74992 100644 --- a/usr/local/www/vpn_openvpn_server.php +++ b/usr/local/www/vpn_openvpn_server.php @@ -98,6 +98,7 @@ if($_GET['act']=="new"){ $pconfig['local_port'] = openvpn_port_next('UDP'); $pconfig['pool_enable'] = "yes"; $pconfig['cert_depth'] = 1; + $pconfig['verbosity_level'] = 1; // Default verbosity is 1 // OpenVPN Defaults to SHA1 $pconfig['digest'] = "SHA1"; } @@ -205,6 +206,12 @@ if($_GET['act']=="edit"){ $pconfig['autotls_enable'] = "yes"; $pconfig['duplicate_cn'] = isset($a_server[$id]['duplicate_cn']); + + $pconfig['no_tun_ipv6'] = $a_server[$id]['no_tun_ipv6']; + if (isset($a_server[$id]['verbosity_level'])) + $pconfig['verbosity_level'] = $a_server[$id]['verbosity_level']; + else + $pconfig['verbosity_level'] = 1; // Default verbosity is 1 } } if ($_POST) { @@ -428,6 +435,9 @@ if ($_POST) { $server['netbios_enable'] = $pconfig['netbios_enable']; $server['netbios_ntype'] = $pconfig['netbios_ntype']; $server['netbios_scope'] = $pconfig['netbios_scope']; + + $server['no_tun_ipv6'] = $pconfig['no_tun_ipv6']; + $server['verbosity_level'] = $pconfig['verbosity_level']; if ($pconfig['netbios_enable']) { @@ -671,6 +681,7 @@ function tuntap_change() { value = document.iform.dev_mode.options[index].value; switch(value) { case "tun": + document.getElementById("chkboxNoTunIPv6").style.display=""; document.getElementById("ipv4_tunnel_network").className="vncellreq"; document.getElementById("serverbridge_dhcp").style.display="none"; document.getElementById("serverbridge_interface").style.display="none"; @@ -679,6 +690,7 @@ function tuntap_change() { document.getElementById("topology_subnet_opt").style.display=""; break; case "tap": + document.getElementById("chkboxNoTunIPv6").style.display="none"; document.getElementById("ipv4_tunnel_network").className="vncell"; if (!p2p) { document.getElementById("serverbridge_dhcp").style.display=""; @@ -1340,7 +1352,7 @@ if ($savemsg) <?php endforeach; ?> </select> <br /> - <?=gettext("Compress tunnel packets using the LZO algorithm. Adaptive compression will dynamically disable compression for a period of time if OpenVPN detects that the data in the packets is not being compressed efficiently."); ?> + <?=gettext("Compress tunnel packets using the LZO algorithm. Adaptive compression will dynamically disable compression for a period of time if OpenVPN detects that the data in the packets is not being compressed efficiently"); ?>. </td> </tr> <tr> @@ -1397,6 +1409,26 @@ if ($savemsg) </table> </td> </tr> + + <tr id="chkboxNoTunIPv6"> + <td width="22%" valign="top" class="vncell"><?=gettext("Disable IPv6"); ?></td> + <td width="78%" class="vtable"> + <table border="0" cellpadding="2" cellspacing="0" summary="disable-ipv6-srv"> + <tr> + <td> + <?php set_checked($pconfig['no_tun_ipv6'],$chk); ?> + <input name="no_tun_ipv6" type="checkbox" value="yes" <?=$chk;?> /> + </td> + <td> + <span class="vexpl"> + <?=gettext("Don't forward IPv6 traffic"); ?>. + </span> + </td> + </tr> + </table> + </td> + </tr> + </table> <table width="100%" border="0" cellpadding="6" cellspacing="0" id="client_opts" summary="client settings"> @@ -1724,6 +1756,29 @@ if ($savemsg) </table> </td> </tr> + + <tr id="comboboxVerbosityLevel"> + <td width="22%" valign="top" class="vncell"><?=gettext("Verbosity level");?></td> + <td width="78%" class="vtable"> + <select name="verbosity_level" class="formselect"> + <?php + foreach ($openvpn_verbosity_level as $verb_value => $verb_desc): + $selected = ""; + if ($pconfig['verbosity_level'] == $verb_value) + $selected = "selected=\"selected\""; + ?> + <option value="<?=$verb_value;?>" <?=$selected;?>><?=$verb_desc;?></option> + <?php endforeach; ?> + </select> + <br /> + <?=gettext("Each level shows all info from the previous levels. Level 3 is recommended if you want a good summary of what's happening without being swamped by output"); ?>.<br /> <br /> + <strong>none</strong> -- <?=gettext("No output except fatal errors"); ?>. <br /> + <strong>default</strong>-<strong>4</strong> -- <?=gettext("Normal usage range"); ?>. <br /> + <strong>5</strong> -- <?=gettext("Output R and W characters to the console for each packet read and write, uppercase is used for TCP/UDP packets and lowercase is used for TUN/TAP packets"); ?>. <br /> + <strong>6</strong>-<strong>11</strong> -- <?=gettext("Debug info range"); ?>. + </td> + </tr> + </table> <br /> |