From 65ff8497347f2f513a72d222bb869014e369518b Mon Sep 17 00:00:00 2001 From: jim-p Date: Wed, 28 Apr 2010 17:16:52 -0400 Subject: Add back Dynamic IP checkbox for OpenVPN Servers. --- usr/local/www/vpn_openvpn_server.php | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) (limited to 'usr') diff --git a/usr/local/www/vpn_openvpn_server.php b/usr/local/www/vpn_openvpn_server.php index fdf4af4..47fcf87 100644 --- a/usr/local/www/vpn_openvpn_server.php +++ b/usr/local/www/vpn_openvpn_server.php @@ -112,6 +112,7 @@ if($_GET['act']=="edit"){ $pconfig['passtos'] = $a_server[$id]['passtos']; $pconfig['client2client'] = $a_server[$id]['client2client']; + $pconfig['dynamic_ip'] = $a_server[$id]['dynamic_ip']; $pconfig['pool_enable'] = $a_server[$id]['pool_enable']; $pconfig['dns_domain'] = $a_server[$id]['dns_domain']; @@ -299,6 +300,7 @@ if ($_POST) { $server['passtos'] = $pconfig['passtos']; $server['client2client'] = $pconfig['client2client']; + $server['dynamic_ip'] = $pconfig['dynamic_ip']; $server['pool_enable'] = $pconfig['pool_enable']; if ($pconfig['dns_domain_enable']) @@ -906,6 +908,24 @@ function netbios_change() { Client Settings + Dynamic IP + + + + + + +
+ + "> + + + Provide a virtual adapter IP address to clients (see Tunnel Network)
+ +
+ + + Address Pool -- cgit v1.1 From 599d5c6298184905465aefbadb68a237f14b06da Mon Sep 17 00:00:00 2001 From: jim-p Date: Wed, 28 Apr 2010 17:19:33 -0400 Subject: Fix description --- usr/local/www/vpn_openvpn_server.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'usr') diff --git a/usr/local/www/vpn_openvpn_server.php b/usr/local/www/vpn_openvpn_server.php index 47fcf87..4f0d59d 100644 --- a/usr/local/www/vpn_openvpn_server.php +++ b/usr/local/www/vpn_openvpn_server.php @@ -918,7 +918,7 @@ function netbios_change() { -- cgit v1.1 From df6df70fd0aa2c39018b28e2f29a5dc01113237c Mon Sep 17 00:00:00 2001 From: jim-p Date: Wed, 28 Apr 2010 18:28:26 -0400 Subject: Add dynamic IP option to OpenVPN wizard. --- usr/local/www/wizards/openvpn_wizard.inc | 2 ++ usr/local/www/wizards/openvpn_wizard.xml | 8 ++++++++ 2 files changed, 10 insertions(+) (limited to 'usr') diff --git a/usr/local/www/wizards/openvpn_wizard.inc b/usr/local/www/wizards/openvpn_wizard.inc index eea1a85..9be787c 100644 --- a/usr/local/www/wizards/openvpn_wizard.inc +++ b/usr/local/www/wizards/openvpn_wizard.inc @@ -538,6 +538,8 @@ function step12_submitphpaction() { $server['passtos'] = $pconfig['step10']['tos']; if (isset($pconfig['step10']['interclient'])) $server['client2client'] = $pconfig['step10']['interclient']; + if (isset($pconfig['step10']['dynip'])) + $server['dynamic_ip'] = $pconfig['step10']['dynip']; if (isset($pconfig['step10']['addrpool'])) $server['pool_enable'] = $pconfig['step10']['addrpool']; if (isset($pconfig['step10']['defaultdomain'])) diff --git a/usr/local/www/wizards/openvpn_wizard.xml b/usr/local/www/wizards/openvpn_wizard.xml index 2bc6db1..bba38c8 100644 --- a/usr/local/www/wizards/openvpn_wizard.xml +++ b/usr/local/www/wizards/openvpn_wizard.xml @@ -757,6 +757,14 @@ Client Settings + Dynamic IP + dynip + checkbox + on + Allow connected clients to retain their connections if their IP address changes. + ovpnserver->step10->dynip + + Address Pool addrpool checkbox -- cgit v1.1 From a529acedfb8cb1407b5aee5c3d771c596a6662d5 Mon Sep 17 00:00:00 2001 From: Ermal Date: Wed, 28 Apr 2010 23:16:42 +0000 Subject: Ticket #507. Do not remove all static routes to readd them back. The change will never delete a rule but define the action to be taken on it, either add or change a present route. Be consinstent on gateways allowed to be selected as destinations for static routes, including dynamic gateways. --- usr/local/www/system_routes.php | 15 ++++----------- usr/local/www/system_routes_edit.php | 30 +++++++++++++++--------------- 2 files changed, 19 insertions(+), 26 deletions(-) (limited to 'usr') diff --git a/usr/local/www/system_routes.php b/usr/local/www/system_routes.php index a9160c5..fc24962 100755 --- a/usr/local/www/system_routes.php +++ b/usr/local/www/system_routes.php @@ -47,11 +47,8 @@ require_once("shaper.inc"); if (!is_array($config['staticroutes']['route'])) $config['staticroutes']['route'] = array(); -if (!is_array($config['gateways']['gateway_item'])) - $config['gateways']['gateway_item'] = array(); - $a_routes = &$config['staticroutes']['route']; -$a_gateways = &$config['gateways']['gateway_item']; +$a_gateways = return_gateways_array(true); $changedesc = "Static Routes: "; if ($_POST) { @@ -92,6 +89,7 @@ if ($_POST) { if ($_GET['act'] == "del") { if ($a_routes[$_GET['id']]) { $changedesc .= "removed route to " . $a_routes[$_GET['id']['route']]; + mwexec("/sbin/route delete " . escapeshellarg($a_routes[$_GET['id']]['network'])); unset($a_routes[$_GET['id']]); write_config($changedesc); mark_subsystem_dirty('staticroutes'); @@ -160,17 +158,12 @@ include("head.inc"); -- cgit v1.1 From 01dcf2b396fdf374e7cc466f4619b1ff14a1bec6 Mon Sep 17 00:00:00 2001 From: Chris Buechler Date: Wed, 28 Apr 2010 22:35:22 -0400 Subject: properly show TFTP enabled interfaces --- usr/local/www/system_advanced_firewall.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'usr') diff --git a/usr/local/www/system_advanced_firewall.php b/usr/local/www/system_advanced_firewall.php index c6fcd1d..e3d2e1e 100644 --- a/usr/local/www/system_advanced_firewall.php +++ b/usr/local/www/system_advanced_firewall.php @@ -59,6 +59,7 @@ $pconfig['disablenatreflection'] = $config['system']['disablenatreflection']; $pconfig['reflectiontimeout'] = $config['system']['reflectiontimeout']; $pconfig['bypassstaticroutes'] = isset($config['filter']['bypassstaticroutes']); $pconfig['disablescrub'] = isset($config['system']['disablescrub']); +$pconfig['tftpinterface'] = $config['system']['tftpinterface']; if ($_POST) { @@ -321,7 +322,7 @@ function update_description(itemnum) { - Choose the interfaces where you want TFTP proxy help to be enabled. + Choose the interfaces where you want TFTP proxy helper to be enabled. -- cgit v1.1 From 7d35ed789061a755127ac4b2dde533c30e4bdee1 Mon Sep 17 00:00:00 2001 From: Ermal Date: Thu, 29 Apr 2010 10:34:36 +0000 Subject: Create rules for openvpn/l2tp/pppoe/pptp when switching to manual outbound nat so the user can do less work. --- usr/local/www/firewall_nat_out.php | 71 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 71 insertions(+) (limited to 'usr') diff --git a/usr/local/www/firewall_nat_out.php b/usr/local/www/firewall_nat_out.php index 90ffe43..07d696e 100755 --- a/usr/local/www/firewall_nat_out.php +++ b/usr/local/www/firewall_nat_out.php @@ -136,6 +136,77 @@ if (isset($_POST['save']) && $_POST['save'] == "Save") { $a_out[] = $natent; } } + /* PPTP subnet */ + if($config['pptpd']['mode'] == "server") { + if (is_ipaddr($config['pptpd']['localip'])) { + if($config['pptpd']['pptp_subnet'] <> "") + $ossubnet = $config['pptpd']['pptp_subnet']; + else + $ossubnet = "32"; + $osn = gen_subnet($config['pptpd']['localip'], $osn); + $natent = array(); + $natent['source']['network'] = "{$osn}/{$ossubnet}"; + $natent['sourceport'] = ""; + $natent['descr'] = "Auto created rule for PPTP server"; + $natent['target'] = ""; + $natent['interface'] = "pptp"; + $natent['destination']['any'] = true; + $natent['natport'] = ""; + $a_out[] = $natent; + } + } + /* PPPoE subnet */ + if($config['pppoe']['mode'] == "server") { + if (is_ipaddr($config['pppoe']['localip'])) { + if($config['pppoe']['pppoe_subnet'] <> "") + $ossubnet = $config['pppoe']['pptp_subnet']; + else + $ossubnet = "32"; + $osn = gen_subnet($config['pppoe']['localip'], $osn); + $natent = array(); + $natent['source']['network'] = "{$osn}/{$ossubnet}"; + $natent['sourceport'] = ""; + $natent['descr'] = "Auto created rule for PPPoE server"; + $natent['target'] = ""; + $natent['interface'] = "pppoe"; + $natent['destination']['any'] = true; + $natent['natport'] = ""; + $a_out[] = $natent; + } + } + /* L2TP subnet */ + if($config['l2tp']['mode'] == "server") { + if (is_ipaddr($config['l2tp']['localip'])) { + if($config['l2tp']['l2tp_subnet'] <> "") + $ossubnet = $config['l2tp']['pptp_subnet']; + else + $ossubnet = "32"; + $osn = gen_subnet($config['l2tp']['localip'], $osn); + $natent = array(); + $natent['source']['network'] = "{$osn}/{$ossubnet}"; + $natent['sourceport'] = ""; + $natent['descr'] = "Auto created rule for L2TP server"; + $natent['target'] = ""; + $natent['interface'] = "l2tp"; + $natent['destination']['any'] = true; + $natent['natport'] = ""; + $a_out[] = $natent; + } + } + /* add openvpn interfaces */ + if($config['openvpn']['openvpn-server']) { + foreach ($config['openvpn']['openvpn-server'] as $ovpnsrv) { + $natent = array(); + $natent['source']['network'] = $ovpnsrv['tunnel_network']; + $natent['sourceport'] = ""; + $natent['descr'] = "Auto created rule for OpenVPN server"; + $natent['target'] = ""; + $natent['interface'] = "openvpn"; + $natent['destination']['any'] = true; + $natent['natport'] = ""; + $a_out[] = $natent; + } + } $savemsg = "Default rules for each interface have been created."; } break; -- cgit v1.1
- Provide a virtual adapter IP address to clients (see Tunnel Network)
+ Allow connected clients to retain their connections if their IP address changes.
diff --git a/usr/local/www/system_routes_edit.php b/usr/local/www/system_routes_edit.php index 434bbbc..7a46e5a 100755 --- a/usr/local/www/system_routes_edit.php +++ b/usr/local/www/system_routes_edit.php @@ -57,11 +57,9 @@ require("guiconfig.inc"); if (!is_array($config['staticroutes']['route'])) $config['staticroutes']['route'] = array(); -if (!is_array($config['gateways']['gateway_item'])) - $config['gateways']['gateway_item'] = array(); $a_routes = &$config['staticroutes']['route']; -$a_gateways = &$config['gateways']['gateway_item']; +$a_gateways = return_gateways_array(true); $id = $_GET['id']; if (isset($_POST['id'])) @@ -99,13 +97,7 @@ if ($_POST) { $input_errors[] = "A valid destination network bit count must be specified."; } if ($_POST['gateway']) { - $match = false; - foreach($a_gateways as $gateway) { - if(in_array($_POST['gateway'], $gateway)) { - $match = true; - } - } - if(!$match) + if (!isset($a_gateways[$_POST['gateway']])) $input_errors[] = "A valid gateway must be specified."; } @@ -174,11 +166,19 @@ include("head.inc");
Choose which gateway this route applies to or add a new one. -- cgit v1.1 From 9605d06f63c8bd830cfc0f60bd0e075fe67143aa Mon Sep 17 00:00:00 2001 From: Scott Ullrich Date: Wed, 28 Apr 2010 20:48:38 -0400 Subject: Restore select_source value correctly --- usr/local/www/pkg_edit.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'usr') diff --git a/usr/local/www/pkg_edit.php b/usr/local/www/pkg_edit.php index 0ad4d4f..65e1e41 100755 --- a/usr/local/www/pkg_edit.php +++ b/usr/local/www/pkg_edit.php @@ -728,7 +728,7 @@ function display_row($trc, $value, $fieldname, $type, $rowhelper, $size) { } else { $source_value = $opt[$rowhelper['value']]; } - if($opt['value'] == $value) + if($source_value == $value) $selected = " SELECTED"; $text .= ""; echo "\n"; -- cgit v1.1 From 93c745f6692065767b76a3d34d79d6f995d58cd4 Mon Sep 17 00:00:00 2001 From: Chris Buechler Date: Wed, 28 Apr 2010 21:17:11 -0400 Subject: touch up text --- usr/local/www/system_usermanager_settings.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'usr') diff --git a/usr/local/www/system_usermanager_settings.php b/usr/local/www/system_usermanager_settings.php index 8fa652c..c961dd4 100755 --- a/usr/local/www/system_usermanager_settings.php +++ b/usr/local/www/system_usermanager_settings.php @@ -125,7 +125,7 @@ if(!$pconfig['backend'])

- 0 means to never expire sessions. NOTE: This is a security risk!");?>
+ Enter 0 to never expire sessions. NOTE: This is a security risk!");?>