addInput(new Form_Checkbox( 'disable', 'Disabled', 'Disable this client', $pconfig['disable'] ))->setHelp('Set this option to disable this client without removing it from the list'); $section->addInput(new Form_Select( 'mode', 'Server mode', $pconfig['mode'], $openvpn_client_modes )); $section->addInput(new Form_Select( 'protocol', 'Protocol', $pconfig['protocol'], array_combine($openvpn_prots, $openvpn_prots) )); $section->addInput(new Form_Select( 'dev_mode', 'Device mode', empty($pconfig['dev_mode']) ? 'tun':$pconfig['dev_mode'], array_combine($openvpn_dev_mode, $openvpn_dev_mode) )); $section->addInput(new Form_Select( 'interface', 'Interface', $pconfig['interface'], openvpn_build_if_list() )); $section->addInput(new Form_Input( 'local_port', 'Local port', 'number', $pconfig['local_port'] ))->setHelp('Set this option if you would like to bind to a specific port. Leave this blank or enter 0 for a random dynamic port.'); $section->addInput(new Form_Input( 'server_addr', 'Server host or address', 'text', $pconfig['server_addr'] )); $section->addInput(new Form_Input( 'server_port', 'Server port', 'number', $pconfig['server_port'] )); $section->addInput(new Form_Input( 'proxy_addr', 'Proxy host or address', 'text', $pconfig['proxy_addr'] )); $section->addInput(new Form_Select( 'proxy_authtype', 'Proxy Auth. - Extra options', $pconfig['proxy_authtype'], array('none' => gettext('none'), 'basic' => gettext('basic'), 'ntlm' => gettext('ntlm')) )); $section->addInput(new Form_Input( 'proxy_user', 'Username', 'text', $pconfig['proxy_user'] )); $section->addPassword(new Form_Input( 'proxy_passwd', 'Password', 'password', $pconfig['proxy_passwd'] )); $section->addInput(new Form_Checkbox( 'resolve_retry', 'Server hostname resolution', 'Infinitely resolve server ', $pconfig['resolve_retry'] ))->setHelp('Continuously attempt to resolve the server host name. ' . 'Useful when communicating with a server that is not permanently connected to the Internet.'); $section->addInput(new Form_Input( 'description', 'Description', 'text', $pconfig['description'] ))->setHelp('You may enter a description here for your reference (not parsed).'); $form->add($section); $section = new Form_Section('User Authentication Settings'); $section->addClass('authentication'); $section->addInput(new Form_Input( 'auth_user', 'Username', 'text', $pconfig['auth_user'] ))->setHelp('Leave empty when no user name is needed'); $section->addPassword(new Form_Input( 'auth_pass', 'Password', 'password', $pconfig['auth_pass'] ))->setHelp('Leave empty when no password is needed'); $form->add($section); $section = new Form_Section('Cryptographic Settings'); $section->addInput(new Form_Checkbox( 'tlsauth_enable', 'TLS authentication', 'Enable authentication of TLS packets.', $pconfig['tlsauth_enable'] )); if (!$pconfig['tls']) { $section->addInput(new Form_Checkbox( 'autotls_enable', null, 'Automatically generate a shared TLS authentication key.', $pconfig['autotls_enable'] )); } $section->addInput(new Form_Textarea( 'tls', 'Key', $pconfig['tls'] ))->setHelp('Paste your shared key here'); if (count($a_ca)) { $list = array(); foreach ($a_ca as $ca) { $list[$ca['refid']] = $ca['descr']; } $section->addInput(new Form_Select( 'caref', 'Peer Certificate Authority', $pconfig['caref'], $list )); } else { $section->addInput(new Form_StaticText( 'Peer Certificate Authority', sprintf('No Certificate Authorities defined. You may create one here: %s', 'System > Cert Manager') )); } if (count($a_crl)) { $section->addInput(new Form_Select( 'crlref', 'Peer Certificate Revocation list', $pconfig['crlref'], openvpn_build_crl_list() )); } else { $section->addInput(new Form_StaticText( 'Peer Certificate Revocation list', sprintf('No Certificate Revocation Lists defined. You may create one here: %s', 'System > Cert Manager > Certificate Revocation') )); } $section->addInput(new Form_Checkbox( 'autokey_enable', 'Auto generate', 'Automatically generate a shared key', $pconfig['autokey_enable'] && empty($pconfig['shared_key']) )); $section->addInput(new Form_Textarea( 'shared_key', 'Shared Key', $pconfig['shared_key'] ))->setHelp('Paste your shared key here'); $cl = openvpn_build_cert_list(true); $section->addInput(new Form_Select( 'certref', 'Client Certificate', $pconfig['certref'], $cl['server'] )); $section->addInput(new Form_Select( 'crypto', 'Encryption Algorithm', $pconfig['crypto'], openvpn_get_cipherlist() )); $section->addInput(new Form_Select( 'digest', 'Auth digest algorithm', $pconfig['digest'], openvpn_get_digestlist() ))->setHelp('Leave this set to SHA1 unless all clients are set to match. SHA1 is the default for OpenVPN. '); $section->addInput(new Form_Select( 'engine', 'Hardware Crypto', $pconfig['engine'], openvpn_get_engines() )); $form->add($section); $section = new Form_Section('Tunnel Settings'); $section->addInput(new Form_Input( 'tunnel_network', 'IPv4 Tunnel Network', 'text', $pconfig['tunnel_network'] ))->setHelp('This is the IPv4 virtual network used for private communications between this client and the server ' . 'expressed using CIDR (eg. 10.0.8.0/24). The first network address will be assigned to ' . 'the client virtual interface.'); $section->addInput(new Form_Input( 'tunnel_networkv6', 'IPv6 Tunnel Network', 'text', $pconfig['tunnel_networkv6'] ))->setHelp('This is the IPv6 virtual network used for private ' . 'communications between this client and the server expressed using CIDR (eg. fe80::/64). ' . 'The first network address will be assigned to the server virtual interface.'); $section->addInput(new Form_Input( 'remote_network', 'IPv4 Remote network(s)', 'text', $pconfig['remote_network'] ))->setHelp('IPv4 networks that will be routed through the tunnel, so that a site-to-site VPN can be established without manually ' . 'changing the routing tables. Expressed as a comma-separated list of one or more CIDR ranges. ' . 'If this is a site-to-site VPN, enter the remote LAN/s here. You may leave this blank if you don\'t want a site-to-site VPN.'); $section->addInput(new Form_Input( 'remote_networkv6', 'IPv6 Remote network(s)', 'text', $pconfig['remote_networkv6'] ))->setHelp('These are the IPv6 networks that will be routed through the tunnel, so that a site-to-site VPN can be established without manually ' . 'changing the routing tables. Expressed as a comma-separated list of one or more IP/PREFIX. ' . 'If this is a site-to-site VPN, enter the remote LAN/s here. You may leave this blank if you don\'t want a site-to-site VPN.'); $section->addInput(new Form_Input( 'use_shaper', 'Limit outgoing bandwidth', 'number', $pconfig['use_shaper'], ['min' => 100, 'max' => 100000000, 'placeholder' => 'Between 100 and 100,000,000 bytes/sec'] ))->setHelp('Maximum outgoing bandwidth for this tunnel. Leave empty for no limit. The input value has to be something between 100 bytes/sec and 100 Mbytes/sec (entered as bytes per second).'); $section->addInput(new Form_Select( 'compression', 'Compression', $pconfig['compression'], $openvpn_compression_modes ))->setHelp('Compress tunnel packets using the LZO algorithm. Adaptive compression will dynamically disable compression for a period of time if OpenVPN detects that the data in the packets is not being compressed efficiently.'); $section->addInput(new Form_Select( 'topology', 'Topology', $pconfig['topology'], $openvpn_topologies ))->setHelp('Specifies the method used to configure a virtual adapter IP address.'); $section->addInput(new Form_Checkbox( 'passtos', 'Type-of-Service', 'Set the TOS IP header value of tunnel packets to match the encapsulated packet value.', $pconfig['passtos'] )); $section->addInput(new Form_Checkbox( 'no_tun_ipv6', 'Disable IPv6', 'Don\'t forward IPv6 traffic. ', $pconfig['no_tun_ipv6'] )); $section->addInput(new Form_Checkbox( 'route_no_pull', 'Don\'t pull routes', 'Bars the server from adding routes to the client\'s routing table', $pconfig['route_no_pull'] ))->setHelp('This option still allows the server to set the TCP/IP properties of the client\'s TUN/TAP interface. '); $section->addInput(new Form_Checkbox( 'route_no_exec', 'Don\'t add/remove routes', 'Don\'t add or remove routes automatically', $pconfig['route_no_exec'] ))->setHelp('Pass routes to --route-upscript using environmental variables'); $form->add($section); $section = new Form_Section('Advanced Configuration'); $section->addClass('advanced'); $section->addInput(new Form_Textarea( 'custom_options', 'Custom options', $pconfig['custom_options'] ))->setHelp('Enter any additional options you would like to add to the OpenVPN server configuration here, separated by semicolon' . '
' . 'EXAMPLE: push "route 10.0.0.0 255.255.255.0"'); $section->addInput(new Form_Select( 'verbosity_level', 'Verbosity level', $pconfig['verbosity_level'], $openvpn_verbosity_level ))->setHelp('Each level shows all info from the previous levels. Level 3 is recommended if you want a good summary of what\'s happening without being swamped by output' . '

' . 'None: Only fatal errors' . '
' . 'Default: Normal usage range' . '
' . '5: Output R and W characters to the console for each packet read and write, uppercase is used for TCP/UDP packets and lowercase is used for TUN/TAP packets' .'
' . '6: Debug info range'); $section->addInput(new Form_Input( 'act', null, 'hidden', $act )); if (isset($id) && $a_server[$id]) { $section->addInput(new Form_Input( 'id', null, 'hidden', $id )); } $form->add($section); print($form); else: ?>

>