addInput(new Form_Select( 'server_list', 'Server List', $pconfig['server_list'], $serveroptionlist, true ))->setHelp('Select the servers for which the override will apply. Selecting no servers will also apply the override to all servers.'); $section->addInput(new Form_Checkbox( 'disable', 'Disable', 'Disable this override', $pconfig['disable'] ))->setHelp('Set this option to disable this client-specific override without removing it from the list.'); $section->addInput(new Form_Input( 'common_name', 'Common name', 'text', $pconfig['common_name'] ))->setHelp('Enter the client\'s X.509 common name.'); $section->addInput(new Form_Input( 'description', 'Description', 'text', $pconfig['description'] ))->setHelp('A description may be entered here for administrative reference (not parsed). '); $section->addInput(new Form_Checkbox( 'block', 'Connection blocking', 'Block this client connection based on its common name. ', $pconfig['block'] ))->setHelp('Don\'t use this option to permanently disable a client due to a compromised key or password. Use a CRL (certificate revocation list) instead. '); $form->add($section); $section = new Form_Section('Tunnel Settings'); $section->addInput(new Form_Input( 'tunnel_network', 'Tunnel Network', 'text', $pconfig['tunnel_network'] ))->setHelp('This is the virtual network used for private communications between this client and the server expressed using CIDR (e.g. 10.0.8.0/24). ' . 'The first network address is assumed to be the server address and the second network address will be assigned to the client virtual interface. '); $section->addInput(new Form_Input( 'local_network', 'IPv4 Local Network/s', 'text', $pconfig['local_network'] ))->setHelp('These are the IPv4 networks that will be accessible from this particular client. Expressed as a comma-separated list of one or more CIDR ranges. ' . '
' . 'NOTE: Networks do not need to be specified here if they have already been defined on the main server configuration.'); $section->addInput(new Form_Input( 'local_networkv6', 'IPv6 Local Network/s', 'text', $pconfig['local_networkv6'] ))->setHelp('These are the IPv4 networks that will be accessible from this particular client. Expressed as a comma-separated list of one or more IP/PREFIX networks.' . '
' . 'NOTE: Networks do not need to be specified here if they have already been defined on the main server configuration.'); $section->addInput(new Form_Input( 'remote_network', 'IPv4 Remote Network/s', 'text', $pconfig['remote_network'] ))->setHelp('These are the IPv4 networks that will be routed to this client specifically using iroute, so that a site-to-site VPN can be established. ' . 'Expressed as a comma-separated list of one or more CIDR ranges. May be left blank if there are no client-side networks to be routed.' . '
' . 'NOTE: Remember to add these subnets to the IPv4 Remote Networks list on the corresponding OpenVPN server settings.'); $section->addInput(new Form_Input( 'remote_networkv6', 'IPv6 Remote Network/s', 'text', $pconfig['remote_networkv6'] ))->setHelp('These are the IPv4 networks that will be routed to this client specifically using iroute, so that a site-to-site VPN can be established. ' . 'Expressed as a comma-separated list of one or more IP/PREFIX networks. May be left blank if there are no client-side networks to be routed.' . '
' . 'NOTE: Remember to add these subnets to the IPv6 Remote Networks list on the corresponding OpenVPN server settings.'); $section->addInput(new Form_Checkbox( 'gwredir', 'Redirect Gateway', 'Force all client generated traffic through the tunnel.', $pconfig['gwredir'] )); $form->add($section); $section = new Form_Section('Client Settings'); // Default domain name $section->addInput(new Form_Checkbox( 'push_reset', 'Server Definitions', 'Prevent this client from receiving any server-defined client settings. ', $pconfig['push_reset'] )); $section->addInput(new Form_Checkbox( 'dns_domain_enable', 'DNS Default Domain', 'Provide a default domain name to clients', $pconfig['dns_domain_enable'] ))->toggles('.dnsdomain'); $group = new Form_Group('DNS Domain'); $group->addClass('dnsdomain'); $group->add(new Form_Input( 'dns_domain', 'DNS Domain', 'text', $pconfig['dns_domain'] )); $section->add($group); // DNS servers $section->addInput(new Form_Checkbox( 'dns_server_enable', 'DNS Servers', 'Provide a DNS server list to clients', $pconfig['dns_server_enable'] ))->toggles('.dnsservers'); $group = new Form_Group(null); $group->addClass('dnsservers'); $group->add(new Form_Input( 'dns_server1', null, 'text', $pconfig['dns_server1'] ))->setHelp('Server 1'); $group->add(new Form_Input( 'dns_server2', null, 'text', $pconfig['dns_server2'] ))->setHelp('Server 2'); $group->add(new Form_Input( 'dns_server3', null, 'text', $pconfig['dns_server3'] ))->setHelp('Server 3'); $group->add(new Form_Input( 'dns_server4', null, 'text', $pconfig['dns_server4'] ))->setHelp('Server 4'); $section->add($group); // NTP servers $section->addInput(new Form_Checkbox( 'ntp_server_enable', 'NTP Servers', 'Provide an NTP server list to clients', $pconfig['ntp_server_enable'] ))->toggles('.ntpservers'); $group = new Form_Group(null); $group->addClass('ntpservers'); $group->add(new Form_Input( 'ntp_server1', null, 'text', $pconfig['ntp_server1'] ))->setHelp('Server 1'); $group->add(new Form_Input( 'ntp_server2', null, 'text', $pconfig['ntp_server2'] ))->setHelp('Server 2'); $section->add($group); // NTP servers - For this section we need to use Javascript hiding since there // are nested toggles $section->addInput(new Form_Checkbox( 'netbios_enable', 'NetBIOS Options', 'Enable NetBIOS over TCP/IP', $pconfig['netbios_enable'] ))->setHelp('If this option is not set, all NetBIOS-over-TCP/IP options (including WINS) will be disabled. '); $section->addInput(new Form_Select( 'netbios_ntype', 'Node Type', $pconfig['netbios_ntype'], $netbios_nodetypes ))->setHelp('Possible options: b-node (broadcasts), p-node (point-to-point name queries to a WINS server), m-node (broadcast then query name server), ' . 'and h-node (query name server, then broadcast). '); $section->addInput(new Form_Input( 'netbios_scope', null, 'text', $pconfig['netbios_scope'] ))->setHelp('A NetBIOS Scope ID provides an extended naming service for NetBIOS over TCP/IP. ' . 'The NetBIOS scope ID isolates NetBIOS traffic on a single network to only those nodes with the same NetBIOS scope ID. '); $section->addInput(new Form_Checkbox( 'wins_server_enable', 'WINS servers', 'Provide a WINS server list to clients', $pconfig['wins_server_enable'] )); $group = new Form_Group(null); $group->add(new Form_Input( 'wins_server1', null, 'text', $pconfig['wins_server1'] ))->setHelp('Server 1'); $group->add(new Form_Input( 'wins_server2', null, 'text', $pconfig['wins_server2'] ))->setHelp('Server 2'); $group->addClass('winsservers'); $section->add($group); $section->addInput(new Form_Textarea( 'custom_options', 'Advanced', $pconfig['custom_options'] ))->setHelp('Enter any additional options to add for this client specific override, separated by a semicolon. ' . '
' . 'EXAMPLE: push "route 10.0.0.0 255.255.255.0"; '); // The hidden fields $section->addInput(new Form_Input( 'act', null, 'hidden', $act )); if (isset($id) && $a_csc[$id]) { $section->addInput(new Form_Input( 'id', null, 'hidden', $id )); } $form->add($section); print($form); ?>