Project

General

Profile

Download (44.7 KB) Statistics
| Branch: | Tag: | Revision:

univnautes / usr / local / www / vpn_openvpn_client.php @ a1b66bec

1
<?php
2
/*
3
	vpn_openvpn_client.php
4

    
5
	Copyright (C) 2008 Shrew Soft Inc.
6
	All rights reserved.
7

    
8
	Redistribution and use in source and binary forms, with or without
9
	modification, are permitted provided that the following conditions are met:
10

    
11
	1. Redistributions of source code must retain the above copyright notice,
12
	   this list of conditions and the following disclaimer.
13

    
14
	2. Redistributions in binary form must reproduce the above copyright
15
	   notice, this list of conditions and the following disclaimer in the
16
	   documentation and/or other materials provided with the distribution.
17

    
18
	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
19
	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
20
	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
21
	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
22
	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23
	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
24
	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
25
	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
26
	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
27
	POSSIBILITY OF SUCH DAMAGE.
28
*/
29

    
30
##|+PRIV
31
##|*IDENT=page-openvpn-client
32
##|*NAME=OpenVPN: Client page
33
##|*DESCR=Allow access to the 'OpenVPN: Client' page.
34
##|*MATCH=vpn_openvpn_client.php*
35
##|-PRIV
36

    
37
require("guiconfig.inc");
38
require_once("openvpn.inc");
39

    
40
$pgtitle = array(gettext("OpenVPN"), gettext("Client"));
41
$shortcut_section = "openvpn";
42

    
43
if (!is_array($config['openvpn']['openvpn-client']))
44
	$config['openvpn']['openvpn-client'] = array();
45

    
46
$a_client = &$config['openvpn']['openvpn-client'];
47

    
48
if (!is_array($config['ca']))
49
	$config['ca'] = array();
50

    
51
$a_ca =& $config['ca'];
52

    
53
if (!is_array($config['cert']))
54
	$config['cert'] = array();
55

    
56
$a_cert =& $config['cert'];
57

    
58
if (!is_array($config['crl']))
59
	$config['crl'] = array();
60

    
61
$a_crl =& $config['crl'];
62

    
63
if (is_numericint($_GET['id']))
64
	$id = $_GET['id'];
65
if (isset($_POST['id']) && is_numericint($_POST['id']))
66
	$id = $_POST['id'];
67

    
68
$act = $_GET['act'];
69
if (isset($_POST['act']))
70
	$act = $_POST['act'];
71

    
72
if (isset($id) && $a_client[$id])
73
	$vpnid = $a_client[$id]['vpnid'];
74
else
75
	$vpnid = 0;
76

    
77
if ($_GET['act'] == "del") {
78

    
79
	if (!isset($a_client[$id])) {
80
		pfSenseHeader("vpn_openvpn_client.php");
81
		exit;
82
	}
83
	if (!empty($a_client[$id]))
84
		openvpn_delete('client', $a_client[$id]);
85
	unset($a_client[$id]);
86
	write_config();
87
	$savemsg = gettext("Client successfully deleted")."<br />";
88
}
89

    
90
if($_GET['act']=="new"){
91
	$pconfig['autokey_enable'] = "yes";
92
	$pconfig['tlsauth_enable'] = "yes";
93
	$pconfig['autotls_enable'] = "yes";
94
	$pconfig['interface'] = "wan";
95
	$pconfig['server_port'] = 1194;
96
	$pconfig['verbosity_level'] = 1; // Default verbosity is 1
97
	// OpenVPN Defaults to SHA1
98
	$pconfig['digest'] = "SHA1";
99
}
100

    
101
global $simplefields;
102
$simplefields = array('auth_user','auth_pass');
103

    
104
if($_GET['act']=="edit"){
105

    
106
	if (isset($id) && $a_client[$id]) {
107
		foreach($simplefields as $stat)
108
			$pconfig[$stat] = $a_client[$id][$stat];
109

    
110
		$pconfig['disable'] = isset($a_client[$id]['disable']);
111
		$pconfig['mode'] = $a_client[$id]['mode'];
112
		$pconfig['protocol'] = $a_client[$id]['protocol'];
113
		$pconfig['interface'] = $a_client[$id]['interface'];
114
		if (!empty($a_client[$id]['ipaddr'])) {
115
			$pconfig['interface'] = $pconfig['interface'] . '|' . $a_client[$id]['ipaddr'];
116
		}
117
		$pconfig['local_port'] = $a_client[$id]['local_port'];
118
		$pconfig['server_addr'] = $a_client[$id]['server_addr'];
119
		$pconfig['server_port'] = $a_client[$id]['server_port'];
120
		$pconfig['resolve_retry'] = $a_client[$id]['resolve_retry'];
121
		$pconfig['proxy_addr'] = $a_client[$id]['proxy_addr'];
122
		$pconfig['proxy_port'] = $a_client[$id]['proxy_port'];
123
		$pconfig['proxy_user'] = $a_client[$id]['proxy_user'];
124
		$pconfig['proxy_passwd'] = $a_client[$id]['proxy_passwd'];
125
		$pconfig['proxy_authtype'] = $a_client[$id]['proxy_authtype'];
126
		$pconfig['description'] = $a_client[$id]['description'];
127
		$pconfig['custom_options'] = $a_client[$id]['custom_options'];
128
		$pconfig['ns_cert_type'] = $a_client[$id]['ns_cert_type'];
129
		$pconfig['dev_mode'] = $a_client[$id]['dev_mode'];
130

    
131
		if ($pconfig['mode'] != "p2p_shared_key") {
132
			$pconfig['caref'] = $a_client[$id]['caref'];
133
			$pconfig['certref'] = $a_client[$id]['certref'];
134
			if ($a_client[$id]['tls']) {
135
				$pconfig['tlsauth_enable'] = "yes";
136
				$pconfig['tls'] = base64_decode($a_client[$id]['tls']);
137
			}
138
		} else
139
			$pconfig['shared_key'] = base64_decode($a_client[$id]['shared_key']);
140
		$pconfig['crypto'] = $a_client[$id]['crypto'];
141
		// OpenVPN Defaults to SHA1 if unset
142
		$pconfig['digest'] = !empty($a_client[$id]['digest']) ? $a_client[$id]['digest'] : "SHA1";
143
		$pconfig['engine'] = $a_client[$id]['engine'];
144

    
145
		$pconfig['tunnel_network'] = $a_client[$id]['tunnel_network'];
146
		$pconfig['tunnel_networkv6'] = $a_client[$id]['tunnel_networkv6'];
147
		$pconfig['remote_network'] = $a_client[$id]['remote_network'];
148
		$pconfig['remote_networkv6'] = $a_client[$id]['remote_networkv6'];
149
		$pconfig['use_shaper'] = $a_client[$id]['use_shaper'];
150
		$pconfig['compression'] = $a_client[$id]['compression'];
151
		$pconfig['passtos'] = $a_client[$id]['passtos'];
152

    
153
		// just in case the modes switch
154
		$pconfig['autokey_enable'] = "yes";
155
		$pconfig['autotls_enable'] = "yes";
156
		
157
		$pconfig['no_tun_ipv6'] = $a_client[$id]['no_tun_ipv6'];
158
		$pconfig['route_no_pull'] = $a_client[$id]['route_no_pull'];
159
		$pconfig['route_no_exec'] = $a_client[$id]['route_no_exec'];
160
		if (isset($a_client[$id]['verbosity_level']))
161
			$pconfig['verbosity_level'] = $a_client[$id]['verbosity_level'];
162
		else
163
			$pconfig['verbosity_level'] = 1; // Default verbosity is 1
164
	}
165
}
166

    
167
if ($_POST) {
168

    
169
	unset($input_errors);
170
	$pconfig = $_POST;
171

    
172
	if (isset($id) && $a_client[$id])
173
		$vpnid = $a_client[$id]['vpnid'];
174
	else
175
		$vpnid = 0;
176

    
177
	list($iv_iface, $iv_ip) = explode ("|",$pconfig['interface']);
178
	if (is_ipaddrv4($iv_ip) && (stristr($pconfig['protocol'], "6") !== false)) {
179
		$input_errors[] = gettext("Protocol and IP address families do not match. You cannot select an IPv6 protocol and an IPv4 IP address.");
180
	} elseif (is_ipaddrv6($iv_ip) && (stristr($pconfig['protocol'], "6") === false)) {
181
		$input_errors[] = gettext("Protocol and IP address families do not match. You cannot select an IPv4 protocol and an IPv6 IP address.");
182
	} elseif ((stristr($pconfig['protocol'], "6") === false) && !get_interface_ip($iv_iface) && ($pconfig['interface'] != "any")) {
183
		$input_errors[] = gettext("An IPv4 protocol was selected, but the selected interface has no IPv4 address.");
184
	} elseif ((stristr($pconfig['protocol'], "6") !== false) && !get_interface_ipv6($iv_iface) && ($pconfig['interface'] != "any")) {
185
		$input_errors[] = gettext("An IPv6 protocol was selected, but the selected interface has no IPv6 address.");
186
	}
187

    
188
	if ($pconfig['mode'] != "p2p_shared_key")
189
		$tls_mode = true;
190
	else
191
		$tls_mode = false;
192

    
193
	/* input validation */
194
	if ($pconfig['local_port']) {
195

    
196
		if ($result = openvpn_validate_port($pconfig['local_port'], 'Local port'))
197
			$input_errors[] = $result;
198

    
199
		$portused = openvpn_port_used($pconfig['protocol'], $pconfig['interface'], $pconfig['local_port'], $vpnid);
200
		if (($portused != $vpnid) && ($portused != 0))
201
			$input_errors[] = gettext("The specified 'Local port' is in use. Please select another value");
202
	}
203

    
204
	if ($result = openvpn_validate_host($pconfig['server_addr'], 'Server host or address'))
205
		$input_errors[] = $result;
206

    
207
	if ($result = openvpn_validate_port($pconfig['server_port'], 'Server port'))
208
		$input_errors[] = $result;
209

    
210
	if ($pconfig['proxy_addr']) {
211

    
212
		if ($result = openvpn_validate_host($pconfig['proxy_addr'], 'Proxy host or address'))
213
			$input_errors[] = $result;
214

    
215
		if ($result = openvpn_validate_port($pconfig['proxy_port'], 'Proxy port'))
216
			$input_errors[] = $result;
217

    
218
		if ($pconfig['proxy_authtype'] != "none") {
219
			if (empty($pconfig['proxy_user']) || empty($pconfig['proxy_passwd']))
220
				$input_errors[] = gettext("User name and password are required for proxy with authentication.");
221
		}
222
	}
223

    
224
	if($pconfig['tunnel_network'])
225
		if ($result = openvpn_validate_cidr($pconfig['tunnel_network'], 'IPv4 Tunnel Network', false, "ipv4"))
226
			$input_errors[] = $result;
227

    
228
	if($pconfig['tunnel_networkv6'])
229
		if ($result = openvpn_validate_cidr($pconfig['tunnel_networkv6'], 'IPv6 Tunnel Network', false, "ipv6"))
230
			$input_errors[] = $result;
231

    
232
	if ($result = openvpn_validate_cidr($pconfig['remote_network'], 'IPv4 Remote Network', true, "ipv4"))
233
		$input_errors[] = $result;
234

    
235
	if ($result = openvpn_validate_cidr($pconfig['remote_networkv6'], 'IPv6 Remote Network', true, "ipv6"))
236
		$input_errors[] = $result;
237

    
238
	if (!empty($pconfig['use_shaper']) && (!is_numeric($pconfig['use_shaper']) || ($pconfig['use_shaper'] <= 0)))
239
		$input_errors[] = gettext("The bandwidth limit must be a positive numeric value.");
240

    
241
	if ($pconfig['autokey_enable'])
242
		$pconfig['shared_key'] = openvpn_create_key();
243

    
244
	if (!$tls_mode && !$pconfig['autokey_enable'])
245
		if (!strstr($pconfig['shared_key'], "-----BEGIN OpenVPN Static key V1-----") ||
246
			!strstr($pconfig['shared_key'], "-----END OpenVPN Static key V1-----"))
247
			$input_errors[] = gettext("The field 'Shared Key' does not appear to be valid");
248

    
249
	if ($tls_mode && $pconfig['tlsauth_enable'] && !$pconfig['autotls_enable'])
250
		if (!strstr($pconfig['tls'], "-----BEGIN OpenVPN Static key V1-----") ||
251
			!strstr($pconfig['tls'], "-----END OpenVPN Static key V1-----"))
252
			$input_errors[] = gettext("The field 'TLS Authentication Key' does not appear to be valid");
253

    
254
	/* If we are not in shared key mode, then we need the CA/Cert. */
255
	if ($pconfig['mode'] != "p2p_shared_key") {
256
		$reqdfields = explode(" ", "caref");
257
		$reqdfieldsn = array(gettext("Certificate Authority"));
258
	} elseif (!$pconfig['autokey_enable']) {
259
		/* We only need the shared key filled in if we are in shared key mode and autokey is not selected. */
260
		$reqdfields = array('shared_key');
261
		$reqdfieldsn = array(gettext('Shared key'));
262
	}
263

    
264
	do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
265

    
266
	if (($pconfig['mode'] != "p2p_shared_key") && empty($pconfig['certref']) && empty($pconfig['auth_user']) && empty($pconfig['auth_pass'])) {
267
		$input_errors[] = gettext("If no Client Certificate is selected, a username and password must be entered.");
268
	}
269

    
270
	if (!$input_errors) {
271

    
272
		$client = array();
273

    
274
		foreach($simplefields as $stat)
275
			update_if_changed($stat, $client[$stat], $_POST[$stat]);
276

    
277
		if ($vpnid)
278
			$client['vpnid'] = $vpnid;
279
		else
280
			$client['vpnid'] = openvpn_vpnid_next();
281

    
282
		if ($_POST['disable'] == "yes")
283
			$client['disable'] = true;
284
		$client['protocol'] = $pconfig['protocol'];
285
		$client['dev_mode'] = $pconfig['dev_mode'];
286
		list($client['interface'], $client['ipaddr']) = explode ("|",$pconfig['interface']);
287
		$client['local_port'] = $pconfig['local_port'];
288
		$client['server_addr'] = $pconfig['server_addr'];
289
		$client['server_port'] = $pconfig['server_port'];
290
		$client['resolve_retry'] = $pconfig['resolve_retry'];
291
		$client['proxy_addr'] = $pconfig['proxy_addr'];
292
		$client['proxy_port'] = $pconfig['proxy_port'];
293
		$client['proxy_authtype'] = $pconfig['proxy_authtype'];
294
		$client['proxy_user'] = $pconfig['proxy_user'];
295
		$client['proxy_passwd'] = $pconfig['proxy_passwd'];
296
		$client['description'] = $pconfig['description'];
297
		$client['mode'] = $pconfig['mode'];
298
		$client['custom_options'] = str_replace("\r\n", "\n", $pconfig['custom_options']);
299

    
300
		if ($tls_mode) {
301
			$client['caref'] = $pconfig['caref'];
302
			$client['certref'] = $pconfig['certref'];
303
			if ($pconfig['tlsauth_enable']) {
304
				if ($pconfig['autotls_enable'])
305
					$pconfig['tls'] = openvpn_create_key();
306
				$client['tls'] = base64_encode($pconfig['tls']);
307
			}
308
		} else {
309
			$client['shared_key'] = base64_encode($pconfig['shared_key']);
310
		}
311
		$client['crypto'] = $pconfig['crypto'];
312
		$client['digest'] = $pconfig['digest'];
313
		$client['engine'] = $pconfig['engine'];
314

    
315
		$client['tunnel_network'] = $pconfig['tunnel_network'];
316
		$client['tunnel_networkv6'] = $pconfig['tunnel_networkv6'];
317
		$client['remote_network'] = $pconfig['remote_network'];
318
		$client['remote_networkv6'] = $pconfig['remote_networkv6'];
319
		$client['use_shaper'] = $pconfig['use_shaper'];
320
		$client['compression'] = $pconfig['compression'];
321
		$client['passtos'] = $pconfig['passtos'];
322

    
323
		$client['no_tun_ipv6'] = $pconfig['no_tun_ipv6'];
324
		$client['route_no_pull'] = $pconfig['route_no_pull'];
325
		$client['route_no_exec'] = $pconfig['route_no_exec'];
326
		$client['verbosity_level'] = $pconfig['verbosity_level'];
327

    
328
		if (isset($id) && $a_client[$id])
329
			$a_client[$id] = $client;
330
		else
331
			$a_client[] = $client;
332

    
333
		openvpn_resync('client', $client);
334
		write_config();
335

    
336
		header("Location: vpn_openvpn_client.php");
337
		exit;
338
	}
339
}
340

    
341
include("head.inc");
342

    
343
?>
344

    
345
<body link="#000000" vlink="#000000" alink="#000000" onload="<?= $jsevents["body"]["onload"] ?>">
346
<?php include("fbegin.inc"); ?>
347
<script type="text/javascript">
348
//<![CDATA[
349

    
350
function mode_change() {
351
	index = document.iform.mode.selectedIndex;
352
	value = document.iform.mode.options[index].value;
353
	switch(value) {
354
		case "p2p_tls":
355
			document.getElementById("tls").style.display="";
356
			document.getElementById("tls_ca").style.display="";
357
			document.getElementById("tls_cert").style.display="";
358
			document.getElementById("psk").style.display="none";
359
			break;
360
		case "p2p_shared_key":
361
			document.getElementById("tls").style.display="none";
362
			document.getElementById("tls_ca").style.display="none";
363
			document.getElementById("tls_cert").style.display="none";
364
			document.getElementById("psk").style.display="";
365
			break;
366
	}
367
}
368

    
369
function dev_mode_change() {
370
	index = document.iform.dev_mode.selectedIndex;
371
	value = document.iform.dev_mode.options[index].value;
372
	switch(value) {
373
		case "tun":
374
			document.getElementById("chkboxNoTunIPv6").style.display="";
375
			break;
376
		case "tap":
377
			document.getElementById("chkboxNoTunIPv6").style.display="none";
378
			break;
379
	}
380
}
381

    
382
function autokey_change() {
383
	if (document.iform.autokey_enable.checked)
384
		document.getElementById("autokey_opts").style.display="none";
385
	else
386
		document.getElementById("autokey_opts").style.display="";
387
}
388

    
389
function useproxy_changed() {
390

    
391
	if (jQuery('#proxy_authtype').val() != 'none') {
392
		jQuery('#proxy_authtype_opts').show();
393
	} else {
394
		jQuery('#proxy_authtype_opts').hide();
395
	}
396
}
397

    
398
function tlsauth_change() {
399

    
400
<?php if (!$pconfig['tls']): ?>
401
	if (document.iform.tlsauth_enable.checked)
402
		document.getElementById("tlsauth_opts").style.display="";
403
	else
404
		document.getElementById("tlsauth_opts").style.display="none";
405
<?php endif; ?>
406

    
407
	autotls_change();
408
}
409

    
410
function autotls_change() {
411

    
412
<?php if (!$pconfig['tls']): ?>
413
	autocheck = document.iform.autotls_enable.checked;
414
<?php else: ?>
415
	autocheck = false;
416
<?php endif; ?>
417

    
418
	if (document.iform.tlsauth_enable.checked && !autocheck)
419
		document.getElementById("autotls_opts").style.display="";
420
	else
421
		document.getElementById("autotls_opts").style.display="none";
422
}
423

    
424
//]]>
425
</script>
426
<?php
427
if (!$savemsg)
428
	$savemsg = "";
429

    
430
if ($input_errors)
431
	print_input_errors($input_errors);
432
if ($savemsg)
433
	print_info_box($savemsg);
434
?>
435
<table width="100%" border="0" cellpadding="0" cellspacing="0" summary="vpn openvpn client">
436
	<tr>
437
		<td class="tabnavtbl">
438
			<?php
439
				$tab_array = array();
440
				$tab_array[] = array(gettext("Server"), false, "vpn_openvpn_server.php");
441
				$tab_array[] = array(gettext("Client"), true, "vpn_openvpn_client.php");
442
				$tab_array[] = array(gettext("Client Specific Overrides"), false, "vpn_openvpn_csc.php");
443
				$tab_array[] = array(gettext("Wizards"), false, "wizard.php?xml=openvpn_wizard.xml");
444
				add_package_tabs("OpenVPN", $tab_array);
445
				display_top_tabs($tab_array);
446
			?>
447
		</td>
448
	</tr>
449
	<tr>
450
		<td class="tabcont">
451

    
452
			<?php if($act=="new" || $act=="edit"): ?>
453

    
454
			<form action="vpn_openvpn_client.php" method="post" name="iform" id="iform" onsubmit="presubmit()">
455
				<table width="100%" border="0" cellpadding="6" cellspacing="0" summary="general information">
456
					<tr>
457
						<td colspan="2" valign="top" class="listtopic"><?=gettext("General information"); ?></td>
458
					</tr>
459
					<tr>
460
						<td width="22%" valign="top" class="vncellreq"><?=gettext("Disabled"); ?></td>
461
						<td width="78%" class="vtable">
462
							<table border="0" cellpadding="0" cellspacing="0" summary="enable disable client">
463
								<tr>
464
									<td>
465
										<?php set_checked($pconfig['disable'],$chk); ?>
466
										<input name="disable" type="checkbox" value="yes" <?=$chk;?> />
467
									</td>
468
									<td>
469
										&nbsp;
470
										<span class="vexpl">
471
											<strong><?=gettext("Disable this client"); ?></strong><br />
472
										</span>
473
									</td>
474
								</tr>
475
							</table>
476
							<?=gettext("Set this option to disable this client without removing it from the list"); ?>.
477
						</td>
478
					</tr>
479
					<tr>
480
						<td width="22%" valign="top" class="vncellreq"><?=gettext("Server Mode");?></td>
481
						<td width="78%" class="vtable">
482
							<select name="mode" id="mode" class="formselect" onchange="mode_change()">
483
							<?php
484
								foreach ($openvpn_client_modes as $name => $desc):
485
									$selected = "";
486
									if ($pconfig['mode'] == $name)
487
										$selected = "selected=\"selected\"";
488
							?>
489
								<option value="<?=$name;?>" <?=$selected;?>><?=$desc;?></option>
490
							<?php endforeach; ?>
491
							</select>
492
						</td>
493
					</tr>
494
					<tr>
495
						<td width="22%" valign="top" class="vncellreq"><?=gettext("Protocol");?></td>
496
							<td width="78%" class="vtable">
497
							<select name='protocol' class="formselect">
498
							<?php
499
								foreach ($openvpn_prots as $prot):
500
									$selected = "";
501
									if ($pconfig['protocol'] == $prot)
502
										$selected = "selected=\"selected\"";
503
							?>
504
								<option value="<?=$prot;?>" <?=$selected;?>><?=$prot;?></option>
505
							<?php endforeach; ?>
506
							</select>
507
							</td>
508
					</tr>
509
					<tr>
510
						<td width="22%" valign="top" class="vncellreq"><?=gettext("Device mode");?></td>
511
							<td width="78%" class="vtable">
512
							<select name='dev_mode' class="formselect" onchange="dev_mode_change()">
513
							<?php
514
								foreach ($openvpn_dev_mode as $mode):
515
									$selected = "";
516
									if ($pconfig['dev_mode'] == $mode)
517
										$selected = "selected=\"selected\"";
518
							?>
519
								<option value="<?=$mode;?>" <?=$selected;?>><?=$mode;?></option>
520
							<?php endforeach; ?>
521
							</select>
522
							</td>
523
					</tr>
524
					<tr>
525
						<td width="22%" valign="top" class="vncellreq"><?=gettext("Interface"); ?></td>
526
						<td width="78%" class="vtable">
527
							<select name="interface" class="formselect">
528
								<?php
529
									$interfaces = get_configured_interface_with_descr();
530
									$carplist = get_configured_carp_interface_list();
531
									foreach ($carplist as $cif => $carpip)
532
										$interfaces[$cif.'|'.$carpip] = $carpip." (".get_vip_descr($carpip).")";
533
									$aliaslist = get_configured_ip_aliases_list();
534
									foreach ($aliaslist as $aliasip => $aliasif)
535
										$interfaces[$aliasif.'|'.$aliasip] = $aliasip." (".get_vip_descr($aliasip).")";
536
									$grouplist = return_gateway_groups_array();
537
									foreach ($grouplist as $name => $group) {
538
										if($group['ipprotocol'] != inet)
539
											continue;
540
										if($group[0]['vip'] <> "")
541
											$vipif = $group[0]['vip'];
542
										else
543
											$vipif = $group[0]['int'];
544
										$interfaces[$name] = "GW Group {$name}";
545
									}
546
									$interfaces['lo0'] = "Localhost";
547
									$interfaces['any'] = "any";
548
									foreach ($interfaces as $iface => $ifacename):
549
										$selected = "";
550
										if ($iface == $pconfig['interface'])
551
											$selected = "selected=\"selected\"";
552
								?>
553
									<option value="<?=$iface;?>" <?=$selected;?>>
554
										<?=htmlspecialchars($ifacename);?>
555
									</option>
556
								<?php endforeach; ?>
557
							</select> <br />
558
						</td>
559
					</tr>
560
					<tr>
561
						<td width="22%" valign="top" class="vncell"><?=gettext("Local port");?></td>
562
						<td width="78%" class="vtable">
563
							<input name="local_port" type="text" class="formfld unknown" size="5" value="<?=htmlspecialchars($pconfig['local_port']);?>" />
564
							<br />
565
							<?=gettext("Set this option if you would like to bind to a specific port. Leave this blank or enter 0 for a random dynamic port."); ?>
566
						</td>
567
					</tr>
568
					<tr>
569
						<td width="22%" valign="top" class="vncellreq"><?=gettext("Server host or address");?></td>
570
						<td width="78%" class="vtable">
571
							<input name="server_addr" type="text" class="formfld unknown" size="30" value="<?=htmlspecialchars($pconfig['server_addr']);?>" />
572
						</td>
573
					</tr>
574
					<tr>
575
						<td width="22%" valign="top" class="vncellreq"><?=gettext("Server port");?></td>
576
						<td width="78%" class="vtable">
577
							<input name="server_port" type="text" class="formfld unknown" size="5" value="<?=htmlspecialchars($pconfig['server_port']);?>" />
578
						</td>
579
					</tr>
580
					<tr>
581
						<td width="22%" valign="top" class="vncell"><?=gettext("Proxy host or address");?></td>
582
						<td width="78%" class="vtable">
583
							<input name="proxy_addr" type="text" class="formfld unknown" size="30" value="<?=htmlspecialchars($pconfig['proxy_addr']);?>" />
584
						</td>
585
					</tr>
586
					<tr>
587
						<td width="22%" valign="top" class="vncell"><?=gettext("Proxy port");?></td>
588
						<td width="78%" class="vtable">
589
							<input name="proxy_port" type="text" class="formfld unknown" size="5" value="<?=htmlspecialchars($pconfig['proxy_port']);?>" />
590
						</td>
591
					</tr>
592
					<tr>
593
						<td width="22%" valign="top" class="vncell"><?=gettext("Proxy authentication extra options");?></td>
594
						<td width="78%" class="vtable">
595
							<table border="0" cellpadding="2" cellspacing="0" summary="proxy authentication">
596
								<tr>
597
									<td align="right" width="25%">
598
										<span class="vexpl">
599
											 &nbsp;<?=gettext("Authentication method"); ?> :&nbsp;
600
										</span>
601
									</td>
602
									<td>
603
										<select name="proxy_authtype" id="proxy_authtype" class="formfld select" onchange="useproxy_changed()">
604
											<option value="none" <?php if ($pconfig['proxy_authtype'] == "none") echo "selected=\"selected\""; ?>><?=gettext("none"); ?></option>
605
											<option value="basic" <?php if ($pconfig['proxy_authtype'] == "basic") echo "selected=\"selected\""; ?>><?=gettext("basic"); ?></option>
606
											<option value="ntlm" <?php if ($pconfig['proxy_authtype'] == "ntlm") echo "selected=\"selected\""; ?>><?=gettext("ntlm"); ?></option>
607
										</select>
608
									</td>
609
								</tr>
610
							</table>
611
							<br />
612
							 <table border="0" cellpadding="2" cellspacing="0" id="proxy_authtype_opts" style="display:none" summary="proxy authentication options">
613
								<tr>
614
									<td align="right" width="25%">
615
										<span class="vexpl">
616
											 &nbsp;<?=gettext("Username"); ?> :&nbsp;
617
										</span>
618
									</td>
619
									<td>
620
										<input name="proxy_user" id="proxy_user" class="formfld unknown" size="20" value="<?=htmlspecialchars($pconfig['proxy_user']);?>" />
621
									</td>
622
								</tr>
623
								<tr>
624
									<td align="right" width="25%">
625
										<span class="vexpl">
626
											 &nbsp;<?=gettext("Password"); ?> :&nbsp;
627
										</span>
628
									</td>
629
									<td>
630
										<input name="proxy_passwd" id="proxy_passwd" type="password" class="formfld pwd" size="20" value="<?=htmlspecialchars($pconfig['proxy_passwd']);?>" />
631
									</td>
632
								</tr>
633
							</table>
634
						</td>
635
					</tr>
636
					<tr>
637
						<td width="22%" valign="top" class="vncell"><?=gettext("Server host name resolution"); ?></td>
638
						<td width="78%" class="vtable">
639
							<table border="0" cellpadding="2" cellspacing="0" summary="server host name resolution">
640
								<tr>
641
									<td>
642
										<?php set_checked($pconfig['resolve_retry'],$chk); ?>
643
										<input name="resolve_retry" type="checkbox" value="yes" <?=$chk;?> />
644
									</td>
645
									<td>
646
										<span class="vexpl">
647
											<?=gettext("Infinitely resolve server"); ?>
648
										</span>
649
									</td>
650
								</tr>
651
							</table>
652
							<?=gettext("Continuously attempt to resolve the server host " .
653
							"name. Useful when communicating with a server " .
654
							"that is not permanently connected to the Internet"); ?>.
655
						</td>
656
					</tr>
657
					<tr>
658
						<td width="22%" valign="top" class="vncell"><?=gettext("Description"); ?></td>
659
						<td width="78%" class="vtable">
660
							<input name="description" type="text" class="formfld unknown" size="30" value="<?=htmlspecialchars($pconfig['description']);?>" />
661
							<br />
662
							<?=gettext("You may enter a description here for your reference (not parsed)"); ?>.
663
						</td>
664
					</tr>
665
					<tr>
666
						<td colspan="2" class="list" height="12"></td>
667
					</tr>
668
					<tr>
669
						<td colspan="2" valign="top" class="listtopic"><?=gettext("User Authentication Settings"); ?></td>
670
					</tr>
671
					<tr>
672
						<td width="22%" valign="top" class="vncell"><?=gettext("User name/pass"); ?></td>
673
						<td width="78%" class="vtable">
674
							<?=gettext("Leave empty when no user name and password are needed."); ?>
675
							<br/>
676
							<table border="0" cellpadding="2" cellspacing="0" summary="user name password">
677
								<tr>
678
									<td align="right" width="25%">
679
									<span class="vexpl">
680
									&nbsp;<?=gettext("Username"); ?> :&nbsp;
681
									</span>
682
									</td>
683
									<td>
684
									<input name="auth_user" id="auth_user" class="formfld unknown" size="20" value="<?=htmlspecialchars($pconfig['auth_user']);?>" />
685
									</td>
686
								</tr>
687
								<tr>
688
									<td align="right" width="25%">
689
									<span class="vexpl">
690
									&nbsp;<?=gettext("Password"); ?> :&nbsp;
691
									</span>
692
									</td>
693
									<td>
694
									<input name="auth_pass" id="auth_pass" type="password" class="formfld pwd" size="20" value="<?=htmlspecialchars($pconfig['auth_pass']);?>" />
695
									</td>
696
								</tr>
697
							</table>
698
						</td>
699
					</tr>
700
					<tr>
701
						<td colspan="2" valign="top" class="listtopic"><?=gettext("Cryptographic Settings"); ?></td>
702
					</tr>
703
					<tr id="tls">
704
						<td width="22%" valign="top" class="vncellreq"><?=gettext("TLS Authentication"); ?></td>
705
						<td width="78%" class="vtable">
706
							<table border="0" cellpadding="2" cellspacing="0" summary="tls authentication">
707
								<tr>
708
									<td>
709
										<?php set_checked($pconfig['tlsauth_enable'],$chk); ?>
710
										<input name="tlsauth_enable" id="tlsauth_enable" type="checkbox" value="yes" <?=$chk;?> onclick="tlsauth_change()" />
711
									</td>
712
									<td>
713
										<span class="vexpl">
714
											<?=gettext("Enable authentication of TLS packets"); ?>.
715
										</span>
716
									</td>
717
								</tr>
718
							</table>
719
							<?php if (!$pconfig['tls']): ?>
720
							<table border="0" cellpadding="2" cellspacing="0" id="tlsauth_opts" summary="tls authentication options">
721
								<tr>
722
									<td>
723
										<?php set_checked($pconfig['autotls_enable'],$chk); ?>
724
										<input name="autotls_enable" id="autotls_enable" type="checkbox" value="yes" <?=$chk;?> onclick="autotls_change()" />
725
									</td>
726
									<td>
727
										<span class="vexpl">
728
											<?=gettext("Automatically generate a shared TLS authentication key"); ?>.
729
										</span>
730
									</td>
731
								</tr>
732
							</table>
733
							<?php endif; ?>
734
							<table border="0" cellpadding="2" cellspacing="0" id="autotls_opts" summary="tls authentication options">
735
								<tr>
736
									<td>
737
										<textarea name="tls" cols="65" rows="7" class="formpre"><?=htmlspecialchars($pconfig['tls']);?></textarea>
738
										<br />
739
										<?=gettext("Paste your shared key here"); ?>.
740
									</td>
741
								</tr>
742
							</table>
743
						</td>
744
					</tr>
745
					<tr id="tls_ca">
746
						<td width="22%" valign="top" class="vncellreq"><?=gettext("Peer Certificate Authority"); ?></td>
747
							<td width="78%" class="vtable">
748
							<?php if (count($a_ca)): ?>
749
							<select name='caref' class="formselect">
750
							<?php
751
								foreach ($a_ca as $ca):
752
									$selected = "";
753
									if ($pconfig['caref'] == $ca['refid'])
754
										$selected = "selected=\"selected\"";
755
							?>
756
								<option value="<?=$ca['refid'];?>" <?=$selected;?>><?=$ca['descr'];?></option>
757
							<?php endforeach; ?>
758
							</select>
759
							<?php else: ?>
760
								<b>No Certificate Authorities defined.</b> <br />Create one under <a href="system_camanager.php">System &gt; Cert Manager</a>.
761
							<?php endif; ?>
762
							</td>
763
					</tr>
764
					<tr id="tls_cert">
765
						<td width="22%" valign="top" class="vncellreq"><?=gettext("Client Certificate"); ?></td>
766
							<td width="78%" class="vtable">
767
							<select name='certref' class="formselect">
768
							<?php
769
							foreach ($a_cert as $cert):
770
								$selected = "";
771
								$caname = "";
772
								$inuse = "";
773
								$revoked = "";
774
								$ca = lookup_ca($cert['caref']);
775
								if ($ca)
776
									$caname = " (CA: {$ca['descr']})";
777
								if ($pconfig['certref'] == $cert['refid'])
778
									$selected = "selected=\"selected\"";
779
								if (cert_in_use($cert['refid']))
780
									$inuse = " *In Use";
781
								if (is_cert_revoked($cert))
782
									$revoked = " *Revoked";
783
							?>
784
								<option value="<?=$cert['refid'];?>" <?=$selected;?>><?=$cert['descr'] . $caname . $inuse . $revoked;?></option>
785
							<?php endforeach; ?>
786
								<option value="" <?PHP if (empty($pconfig['certref'])) echo "selected=\"selected\""; ?>>None (Username and Password required)</option>
787
							</select>
788
							<?php if (!count($a_cert)): ?>
789
								<b>No Certificates defined.</b> <br />Create one under <a href="system_certmanager.php">System &gt; Cert Manager</a> if one is required for this connection.
790
							<?php endif; ?>
791
						</td>
792
					</tr>
793
					<tr id="psk">
794
						<td width="22%" valign="top" class="vncellreq"><?=gettext("Shared Key"); ?></td>
795
						<td width="78%" class="vtable">
796
							<?php if (!$pconfig['shared_key']): ?>
797
							<table border="0" cellpadding="2" cellspacing="0" summary="shared key">
798
								<tr>
799
									<td>
800
										<?php set_checked($pconfig['autokey_enable'],$chk); ?>
801
										<input name="autokey_enable" type="checkbox" value="yes" <?=$chk;?> onclick="autokey_change()" />
802
									</td>
803
									<td>
804
										<span class="vexpl">
805
											<?=gettext("Automatically generate a shared key"); ?>.
806
										</span>
807
									</td>
808
								</tr>
809
							</table>
810
							<?php endif; ?>
811
							<table border="0" cellpadding="2" cellspacing="0" id="autokey_opts" summary="shared key options">
812
								<tr>
813
									<td>
814
										<textarea name="shared_key" cols="65" rows="7" class="formpre"><?=htmlspecialchars($pconfig['shared_key']);?></textarea>
815
										<br />
816
										<?=gettext("Paste your shared key here"); ?>.
817
									</td>
818
								</tr>
819
							</table>
820
						</td>
821
					</tr>
822
					<tr>
823
						<td width="22%" valign="top" class="vncellreq"><?=gettext("Encryption algorithm"); ?></td>
824
						<td width="78%" class="vtable">
825
							<select name="crypto" class="formselect">
826
								<?php
827
									$cipherlist = openvpn_get_cipherlist();
828
									foreach ($cipherlist as $name => $desc):
829
									$selected = "";
830
									if ($name == $pconfig['crypto'])
831
										$selected = " selected=\"selected\"";
832
								?>
833
								<option value="<?=$name;?>"<?=$selected?>>
834
									<?=htmlspecialchars($desc);?>
835
								</option>
836
								<?php endforeach; ?>
837
							</select>
838
						</td>
839
					</tr>
840
					<tr>
841
						<td width="22%" valign="top" class="vncellreq"><?=gettext("Auth Digest Algorithm"); ?></td>
842
						<td width="78%" class="vtable">
843
							<select name="digest" class="formselect">
844
								<?php
845
									$digestlist = openvpn_get_digestlist();
846
									foreach ($digestlist as $name => $desc):
847
									$selected = "";
848
									if ($name == $pconfig['digest'])
849
										$selected = " selected=\"selected\"";
850
								?>
851
								<option value="<?=$name;?>"<?=$selected?>>
852
									<?=htmlspecialchars($desc);?>
853
								</option>
854
								<?php endforeach; ?>
855
							</select>
856
							<br /><?PHP echo gettext("NOTE: Leave this set to SHA1 unless the server is set to match. SHA1 is the default for OpenVPN."); ?>
857
						</td>
858
					</tr>
859
					<tr id="engine">
860
						<td width="22%" valign="top" class="vncellreq"><?=gettext("Hardware Crypto"); ?></td>
861
						<td width="78%" class="vtable">
862
							<select name="engine" class="formselect">
863
								<?php
864
									$engines = openvpn_get_engines();
865
									foreach ($engines as $name => $desc):
866
									$selected = "";
867
									if ($name == $pconfig['engine'])
868
										$selected = " selected=\"selected\"";
869
								?>
870
								<option value="<?=$name;?>"<?=$selected?>>
871
									<?=htmlspecialchars($desc);?>
872
								</option>
873
								<?php endforeach; ?>
874
							</select>
875
						</td>
876
					</tr>
877
					<tr>
878
						<td colspan="2" class="list" height="12"></td>
879
					</tr>
880
					<tr>
881
						<td colspan="2" valign="top" class="listtopic"><?=gettext("Tunnel Settings"); ?></td>
882
					</tr>
883
					<tr>
884
						<td width="22%" valign="top" class="vncell"><?=gettext("IPv4 Tunnel Network"); ?></td>
885
						<td width="78%" class="vtable">
886
							<input name="tunnel_network" type="text" class="formfld unknown" size="20" value="<?=htmlspecialchars($pconfig['tunnel_network']);?>" />
887
							<br />
888
							<?=gettext("This is the virtual network used for private " .
889
							"communications between this client and the " .
890
							"server expressed using CIDR (eg. 10.0.8.0/24). " .
891
							"The first network address is assumed to be the " .
892
							"server address and the second network address " .
893
							"will be assigned to the client virtual " .
894
							"interface"); ?>.
895
						</td>
896
					</tr>
897
					<tr>
898
						<td width="22%" valign="top" class="vncell"><?=gettext("IPv6 Tunnel Network"); ?></td>
899
						<td width="78%" class="vtable">
900
							<input name="tunnel_networkv6" type="text" class="formfld unknown" size="20" value="<?=htmlspecialchars($pconfig['tunnel_networkv6']);?>" />
901
							<br />
902
							<?=gettext("This is the IPv6 virtual network used for private " .
903
							"communications between this client and the " .
904
							"server expressed using CIDR (eg. fe80::/64). " .
905
							"The first network address is assumed to be the " .
906
							"server address and the second network address " .
907
							"will be assigned to the client virtual " .
908
							"interface"); ?>.
909
						</td>
910
					</tr>
911
					<tr>
912
						<td width="22%" valign="top" class="vncell"><?=gettext("IPv4 Remote Network/s"); ?></td>
913
						<td width="78%" class="vtable">
914
							<input name="remote_network" type="text" class="formfld unknown" size="40" value="<?=htmlspecialchars($pconfig['remote_network']);?>" />
915
							<br />
916
							<?=gettext("These are the IPv4 networks that will be routed through " .
917
							"the tunnel, so that a site-to-site VPN can be " .
918
							"established without manually changing the routing tables. " .
919
							"Expressed as a comma-separated list of one or more CIDR ranges. " .
920
							"If this is a site-to-site VPN, enter the " .
921
							"remote LAN/s here. You may leave this blank to " .
922
							"only communicate with other clients"); ?>.
923
						</td>
924
					</tr>
925
					<tr>
926
						<td width="22%" valign="top" class="vncell"><?=gettext("IPv6 Remote Network/s"); ?></td>
927
						<td width="78%" class="vtable">
928
							<input name="remote_networkv6" type="text" class="formfld unknown" size="40" value="<?=htmlspecialchars($pconfig['remote_networkv6']);?>" />
929
							<br />
930
							<?=gettext("These are the IPv6 networks that will be routed through " .
931
							"the tunnel, so that a site-to-site VPN can be " .
932
							"established without manually changing the routing tables. " .
933
							"Expressed as a comma-separated list of one or more IP/PREFIX. " .
934
							"If this is a site-to-site VPN, enter the " .
935
							"remote LAN/s here. You may leave this blank to " .
936
							"only communicate with other clients"); ?>.
937
						</td>
938
					</tr>
939
					<tr>
940
						<td width="22%" valign="top" class="vncell"><?=gettext("Limit outgoing bandwidth");?></td>
941
						<td width="78%" class="vtable">
942
							<input name="use_shaper" type="text" class="formfld unknown" size="5" value="<?=htmlspecialchars($pconfig['use_shaper']);?>" />
943
							<br />
944
							<?=gettext("Maximum outgoing bandwidth for this tunnel. " .
945
							"Leave empty for no limit. The input value has " .
946
							"to be something between 100 bytes/sec and 100 " .
947
							"Mbytes/sec (entered as bytes per second)"); ?>.
948
						</td>
949
					</tr>
950
					<tr>
951
						<td width="22%" valign="top" class="vncell"><?=gettext("Compression"); ?></td>
952
						<td width="78%" class="vtable">
953
							<select name="compression" class="formselect">
954
								<?php
955
									foreach ($openvpn_compression_modes as $cmode => $cmodedesc):
956
									$selected = "";
957
									if ($cmode == $pconfig['compression'])
958
										$selected = " selected=\"selected\"";
959
								?>
960
								<option value="<?= $cmode ?>" <?= $selected ?>><?= $cmodedesc ?></option>
961
								<?php endforeach; ?>
962
							</select>
963
							<br />
964
							<?=gettext("Compress tunnel packets using the LZO algorithm. Adaptive compression will dynamically disable compression for a period of time if OpenVPN detects that the data in the packets is not being compressed efficiently."); ?>.
965
						</td>
966
					</tr>
967
					<tr>
968
						<td width="22%" valign="top" class="vncell"><?=gettext("Type-of-Service"); ?></td>
969
						<td width="78%" class="vtable">
970
							<table border="0" cellpadding="2" cellspacing="0" summary="type-of-service">
971
								<tr>
972
									<td>
973
										<?php set_checked($pconfig['passtos'],$chk); ?>
974
										<input name="passtos" type="checkbox" value="yes" <?=$chk;?> />
975
									</td>
976
									<td>
977
										<span class="vexpl">
978
											<?=gettext("Set the TOS IP header value of tunnel packets to match the encapsulated packet value"); ?>.
979
										</span>
980
									</td>
981
								</tr>
982
							</table>
983
						</td>
984
					</tr>
985

    
986
					<tr id="chkboxNoTunIPv6">
987
						<td width="22%" valign="top" class="vncell"><?=gettext("Disable IPv6"); ?></td>
988
						<td width="78%" class="vtable">
989
							<table border="0" cellpadding="2" cellspacing="0" summary="disable-ipv6">
990
								<tr>
991
									<td>
992
										<?php set_checked($pconfig['no_tun_ipv6'],$chk); ?>
993
										<input name="no_tun_ipv6" type="checkbox" value="yes" <?=$chk;?> />
994
									</td>
995
									<td>
996
										<span class="vexpl">
997
											<?=gettext("Don't forward IPv6 traffic"); ?>.
998
										</span>
999
									</td>
1000
								</tr>
1001
							</table>
1002
						</td>
1003
					</tr>
1004

    
1005
					<tr id="chkboxRouteNoPull">
1006
						<td width="22%" valign="top" class="vncell"><?=gettext("Don't pull routes"); ?></td>
1007
						<td width="78%" class="vtable">
1008
							<table border="0" cellpadding="2" cellspacing="0" summary="dont-pull-routes">
1009
								<tr>
1010
									<td>
1011
										<?php set_checked($pconfig['route_no_pull'],$chk); ?>
1012
										<input name="route_no_pull" type="checkbox" value="yes" <?=$chk;?> />
1013
									</td>
1014
									<td>
1015
										<span class="vexpl">
1016
											<?=gettext("Don't add or remove routes automatically. Instead pass routes to "); ?> <strong>--route-up</strong> <?=gettext("script using environmental variables"); ?>.
1017
										</span>
1018
									</td>
1019
								</tr>
1020
							</table>
1021
						</td>
1022
					</tr>
1023

    
1024
					<tr id="chkboxRouteNoExec">
1025
						<td width="22%" valign="top" class="vncell"><?=gettext("Don't add/remove routes"); ?></td>
1026
						<td width="78%" class="vtable">
1027
							<table border="0" cellpadding="2" cellspacing="0" summary="dont-exec-routes">
1028
								<tr>
1029
									<td>
1030
										<?php set_checked($pconfig['route_no_exec'],$chk); ?>
1031
										<input name="route_no_exec" type="checkbox" value="yes" <?=$chk;?> />
1032
									</td>
1033
									<td>
1034
										<span class="vexpl">
1035
											<?=gettext("This option effectively bars the server from adding routes to the client's routing table, however note that this option still allows the server to set the TCP/IP properties of the client's TUN/TAP interface"); ?>.
1036
										</span>
1037
									</td>
1038
								</tr>
1039
							</table>
1040
						</td>
1041
					</tr>
1042
				</table>
1043

    
1044
				<table width="100%" border="0" cellpadding="6" cellspacing="0" id="client_opts" summary="advance configuration">
1045
					<tr>
1046
						<td colspan="2" class="list" height="12"></td>
1047
					</tr>
1048
					<tr>
1049
						<td colspan="2" valign="top" class="listtopic"><?=gettext("Advanced configuration"); ?></td>
1050
					</tr>
1051
					<tr>
1052
						<td width="22%" valign="top" class="vncell"><?=gettext("Advanced"); ?></td>
1053
						<td width="78%" class="vtable">
1054
							<table border="0" cellpadding="2" cellspacing="0" summary="advance configuration">
1055
								<tr>
1056
									<td>
1057
										<textarea rows="6" cols="78" name="custom_options" id="custom_options"><?=htmlspecialchars($pconfig['custom_options']);?></textarea><br />
1058
										<?=gettext("Enter any additional options you would like to add to the OpenVPN client configuration here, separated by a semicolon"); ?><br />
1059
										<?=gettext("EXAMPLE:"); ?> <strong>remote server.mysite.com 1194;</strong> or <strong>remote 1.2.3.4 1194;</strong>
1060
									</td>
1061
								</tr>
1062
							</table>
1063
						</td>
1064
					</tr>
1065

    
1066
					<tr id="comboboxVerbosityLevel">
1067
							<td width="22%" valign="top" class="vncell"><?=gettext("Verbosity level");?></td>
1068
							<td width="78%" class="vtable">
1069
							<select name="verbosity_level" class="formselect">
1070
							<?php
1071
								foreach ($openvpn_verbosity_level as $verb_value => $verb_desc):
1072
									$selected = "";
1073
									if ($pconfig['verbosity_level'] == $verb_value)
1074
										$selected = "selected=\"selected\"";
1075
							?>
1076
								<option value="<?=$verb_value;?>" <?=$selected;?>><?=$verb_desc;?></option>
1077
							<?php endforeach; ?>
1078
							</select>
1079
							<br />
1080
							<?=gettext("Each level shows all info from the previous levels. Level 3 is recommended if you want a good summary of what's happening without being swamped by output"); ?>.<br /> <br />
1081
							<strong>none</strong> -- <?=gettext("No output except fatal errors"); ?>. <br />
1082
							<strong>default</strong>-<strong>4</strong> -- <?=gettext("Normal usage range"); ?>. <br />
1083
							<strong>5</strong> -- <?=gettext("Output R and W characters to the console for each packet read and write, uppercase is used for TCP/UDP packets and lowercase is used for TUN/TAP packets"); ?>. <br />
1084
							<strong>6</strong>-<strong>11</strong> -- <?=gettext("Debug info range"); ?>.
1085
							</td>
1086
					</tr>
1087

    
1088
				</table>
1089

    
1090
				<br />
1091
				<table width="100%" border="0" cellpadding="6" cellspacing="0" summary="icons">
1092
					<tr>
1093
						<td width="22%" valign="top">&nbsp;</td>
1094
						<td width="78%">
1095
							<input name="save" type="submit" class="formbtn" value="<?=gettext("Save"); ?>" />
1096
							<input name="act" type="hidden" value="<?=$act;?>" />
1097
							<?php if (isset($id) && $a_client[$id]): ?>
1098
							<input name="id" type="hidden" value="<?=htmlspecialchars($id);?>" />
1099
							<?php endif; ?>
1100
						</td>
1101
					</tr>
1102
				</table>
1103
			</form>
1104

    
1105
			<?php else: ?>
1106

    
1107
			<table class="sortable" width="100%" border="0" cellpadding="0" cellspacing="0" summary="list of openvpn clients">
1108
				<thead>
1109
				<tr>
1110
					<td width="10%" class="listhdrr"><?=gettext("Disabled"); ?></td>
1111
					<td width="10%" class="listhdrr"><?=gettext("Protocol"); ?></td>
1112
					<td width="30%" class="listhdrr"><?=gettext("Server"); ?></td>
1113
					<td width="40%" class="listhdrr"><?=gettext("Description"); ?></td>
1114
					<td width="10%" class="list"></td>
1115
				</tr>
1116
				</thead>
1117
				<tfoot>
1118
				<tr>
1119
					<td class="list" colspan="4"></td>
1120
					<td class="list">
1121
						<a href="vpn_openvpn_client.php?act=new"><img src="./themes/<?=$g['theme'];?>/images/icons/icon_plus.gif" title="<?=gettext("add client"); ?>" width="17" height="17" border="0" alt="add" />
1122
						</a>
1123
					</td>
1124
				</tr>
1125
				<tr>
1126
					<td colspan="4">
1127
						<p>
1128
							<?=gettext("Additional OpenVPN clients can be added here.");?>
1129
						</p>
1130
					</td>
1131
				</tr>
1132
				</tfoot>
1133
				<tbody>
1134
				<?php
1135
					$i = 0;
1136
					foreach($a_client as $client):
1137
						$disabled = "NO";
1138
						if (isset($client['disable']))
1139
							$disabled = "YES";
1140
						$server = "{$client['server_addr']}:{$client['server_port']}";
1141
				?>
1142
				<tr ondblclick="document.location='vpn_openvpn_client.php?act=edit&amp;id=<?=$i;?>'">
1143
					<td class="listlr">
1144
						<?=$disabled;?>
1145
					</td>
1146
					<td class="listr">
1147
						<?=htmlspecialchars($client['protocol']);?>
1148
					</td>
1149
					<td class="listr">
1150
						<?=htmlspecialchars($server);?>
1151
					</td>
1152
					<td class="listbg">
1153
						<?=htmlspecialchars($client['description']);?>
1154
					</td>
1155
					<td valign="middle" class="list nowrap">
1156
						<a href="vpn_openvpn_client.php?act=edit&amp;id=<?=$i;?>">
1157
							<img src="./themes/<?=$g['theme'];?>/images/icons/icon_e.gif" title="<?=gettext("edit client"); ?>" width="17" height="17" border="0" alt="edit" />
1158
						</a>
1159
						&nbsp;
1160
						<a href="vpn_openvpn_client.php?act=del&amp;id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this client?"); ?>')">
1161
							<img src="/themes/<?=$g['theme'];?>/images/icons/icon_x.gif" title="<?=gettext("delete client"); ?>" width="17" height="17" border="0" alt="delete" />
1162
						</a>
1163
					</td>
1164
				</tr>
1165
				<?php
1166
					$i++;
1167
					endforeach;
1168
				?>
1169
				<tr style="dispaly:none;"><td></td></tr>
1170
				</tbody>
1171
			</table>
1172

    
1173
			<?php endif; ?>
1174

    
1175
		</td>
1176
	</tr>
1177
</table>
1178
<script type="text/javascript">
1179
//<![CDATA[
1180
mode_change();
1181
autokey_change();
1182
tlsauth_change();
1183
useproxy_changed();
1184
//]]>
1185
</script>
1186
<?php include("fend.inc"); ?>
1187
</body>
1188
</html>
1189

    
1190
<?php
1191

    
1192
/* local utility functions */
1193

    
1194
function set_checked($var,& $chk) {
1195
	if($var)
1196
		$chk = "checked=\"checked\"";
1197
	else
1198
		$chk = "";
1199
}
1200

    
1201
?>
(247-247/256)