Révision b9e9903d
Ajouté par Dmitriy K. il y a presque 10 ans
etc/inc/openvpn.inc | ||
---|---|---|
55 | 55 |
global $openvpn_dev_mode; |
56 | 56 |
$openvpn_dev_mode = array("tun", "tap"); |
57 | 57 |
|
58 |
global $openvpn_verbosity_level; |
|
59 |
$openvpn_verbosity_level = array( |
|
60 |
0 => "none", |
|
61 |
1 => "default", |
|
62 |
2 => "2", |
|
63 |
3 => "3 (recommended)", |
|
64 |
4 => "4", |
|
65 |
5 => "5", |
|
66 |
6 => "6", |
|
67 |
7 => "7", |
|
68 |
8 => "8", |
|
69 |
9 => "9", |
|
70 |
10 => "10", |
|
71 |
11 => "11" |
|
72 |
); |
|
73 |
|
|
58 | 74 |
/* |
59 | 75 |
* The User Auth mode below is disabled because |
60 | 76 |
* OpenVPN erroneously requires that we provide |
... | ... | |
460 | 476 |
} |
461 | 477 |
} |
462 | 478 |
|
463 |
$conf = "dev {$devname}\n"; |
|
479 |
$conf = "verb {$settings['verbosity_level']}\n"; |
|
480 |
$conf .= "dev {$devname}\n"; |
|
464 | 481 |
$conf .= "dev-type {$settings['dev_mode']}\n"; |
465 | 482 |
switch($settings['dev_mode']) { |
466 | 483 |
case "tun": |
467 |
$conf .= "tun-ipv6\n"; |
|
484 |
if (!$settings['no_tun_ipv6']) { |
|
485 |
$conf .= "tun-ipv6\n"; |
|
486 |
} else { |
|
487 |
|
|
488 |
} |
|
468 | 489 |
break; |
469 | 490 |
} |
470 | 491 |
$conf .= "dev-node /dev/{$tunname}\n"; |
... | ... | |
768 | 789 |
$conf .= "topology subnet\n"; |
769 | 790 |
} |
770 | 791 |
|
792 |
// New client features |
|
793 |
if ($mode == "client") { |
|
794 |
// Dont pull routes checkbox |
|
795 |
if ($settings['route_no_pull']) { |
|
796 |
$conf .= "route-nopull\n"; |
|
797 |
} |
|
798 |
|
|
799 |
// Dont add/remove routes checkbox |
|
800 |
if ($settings['route_no_exec']) { |
|
801 |
$conf .= "route-noexec\n"; |
|
802 |
} |
|
803 |
} |
|
804 |
|
|
771 | 805 |
openvpn_add_custom($settings, $conf); |
772 | 806 |
|
773 | 807 |
openvpn_create_dirs(); |
usr/local/www/vpn_openvpn_client.php | ||
---|---|---|
93 | 93 |
$pconfig['autotls_enable'] = "yes"; |
94 | 94 |
$pconfig['interface'] = "wan"; |
95 | 95 |
$pconfig['server_port'] = 1194; |
96 |
$pconfig['verbosity_level'] = 1; // Default verbosity is 1 |
|
96 | 97 |
// OpenVPN Defaults to SHA1 |
97 | 98 |
$pconfig['digest'] = "SHA1"; |
98 | 99 |
} |
... | ... | |
152 | 153 |
// just in case the modes switch |
153 | 154 |
$pconfig['autokey_enable'] = "yes"; |
154 | 155 |
$pconfig['autotls_enable'] = "yes"; |
156 |
|
|
157 |
// New features |
|
158 |
$pconfig['no_tun_ipv6'] = $a_client[$id]['no_tun_ipv6']; |
|
159 |
$pconfig['route_no_pull'] = $a_client[$id]['route_no_pull']; |
|
160 |
$pconfig['route_no_exec'] = $a_client[$id]['route_no_exec']; |
|
161 |
$pconfig['verbosity_level'] = $a_client[$id]['verbosity_level']; |
|
155 | 162 |
} |
156 | 163 |
} |
157 | 164 |
|
... | ... | |
311 | 318 |
$client['compression'] = $pconfig['compression']; |
312 | 319 |
$client['passtos'] = $pconfig['passtos']; |
313 | 320 |
|
321 |
// New features |
|
322 |
$client['no_tun_ipv6'] = $pconfig['no_tun_ipv6']; |
|
323 |
$client['route_no_pull'] = $pconfig['route_no_pull']; |
|
324 |
$client['route_no_exec'] = $pconfig['route_no_exec']; |
|
325 |
$client['verbosity_level'] = $pconfig['verbosity_level']; |
|
326 |
|
|
314 | 327 |
if (isset($id) && $a_client[$id]) |
315 | 328 |
$a_client[$id] = $client; |
316 | 329 |
else |
... | ... | |
352 | 365 |
} |
353 | 366 |
} |
354 | 367 |
|
368 |
function dev_mode_change() { |
|
369 |
index = document.iform.dev_mode.selectedIndex; |
|
370 |
value = document.iform.dev_mode.options[index].value; |
|
371 |
switch(value) { |
|
372 |
case "tun": |
|
373 |
document.getElementById("chkboxNoTunIPv6").style.display=""; |
|
374 |
break; |
|
375 |
case "tap": |
|
376 |
document.getElementById("chkboxNoTunIPv6").style.display="none"; |
|
377 |
break; |
|
378 |
} |
|
379 |
} |
|
380 |
|
|
355 | 381 |
function autokey_change() { |
356 | 382 |
if (document.iform.autokey_enable.checked) |
357 | 383 |
document.getElementById("autokey_opts").style.display="none"; |
... | ... | |
482 | 508 |
<tr> |
483 | 509 |
<td width="22%" valign="top" class="vncellreq"><?=gettext("Device mode");?></td> |
484 | 510 |
<td width="78%" class="vtable"> |
485 |
<select name='dev_mode' class="formselect"> |
|
511 |
<select name='dev_mode' class="formselect" onchange="dev_mode_change()">
|
|
486 | 512 |
<?php |
487 | 513 |
foreach ($openvpn_dev_mode as $mode): |
488 | 514 |
$selected = ""; |
... | ... | |
954 | 980 |
</table> |
955 | 981 |
</td> |
956 | 982 |
</tr> |
983 |
|
|
984 |
|
|
985 |
<tr id="chkboxNoTunIPv6"> |
|
986 |
<td width="22%" valign="top" class="vncell"><?=gettext("Disable IPv6"); ?></td> |
|
987 |
<td width="78%" class="vtable"> |
|
988 |
<table border="0" cellpadding="2" cellspacing="0" summary="disable-ipv6"> |
|
989 |
<tr> |
|
990 |
<td> |
|
991 |
<?php set_checked($pconfig['no_tun_ipv6'],$chk); ?> |
|
992 |
<input name="no_tun_ipv6" type="checkbox" value="yes" <?=$chk;?> /> |
|
993 |
</td> |
|
994 |
<td> |
|
995 |
<span class="vexpl"> |
|
996 |
<?=gettext("Do not forward IPv6 traffic"); ?>. |
|
997 |
</span> |
|
998 |
</td> |
|
999 |
</tr> |
|
1000 |
</table> |
|
1001 |
</td> |
|
1002 |
</tr> |
|
1003 |
|
|
1004 |
<tr id="chkboxRouteNoPull"> |
|
1005 |
<td width="22%" valign="top" class="vncell"><?=gettext("Dont pull routes"); ?></td> |
|
1006 |
<td width="78%" class="vtable"> |
|
1007 |
<table border="0" cellpadding="2" cellspacing="0" summary="dont-pull-routes"> |
|
1008 |
<tr> |
|
1009 |
<td> |
|
1010 |
<?php set_checked($pconfig['route_no_pull'],$chk); ?> |
|
1011 |
<input name="route_no_pull" type="checkbox" value="yes" <?=$chk;?> /> |
|
1012 |
</td> |
|
1013 |
<td> |
|
1014 |
<span class="vexpl"> |
|
1015 |
<?=gettext("Don't add or remove routes automatically. Instead pass routes to "); ?> <strong>--route-up</strong> <?=gettext("script using environmental variables"); ?>. |
|
1016 |
</span> |
|
1017 |
</td> |
|
1018 |
</tr> |
|
1019 |
</table> |
|
1020 |
</td> |
|
1021 |
</tr> |
|
1022 |
|
|
1023 |
<tr id="chkboxRouteNoExec"> |
|
1024 |
<td width="22%" valign="top" class="vncell"><?=gettext("Dont add/remove routes"); ?></td> |
|
1025 |
<td width="78%" class="vtable"> |
|
1026 |
<table border="0" cellpadding="2" cellspacing="0" summary="dont-exec-routes"> |
|
1027 |
<tr> |
|
1028 |
<td> |
|
1029 |
<?php set_checked($pconfig['route_no_exec'],$chk); ?> |
|
1030 |
<input name="route_no_exec" type="checkbox" value="yes" <?=$chk;?> /> |
|
1031 |
</td> |
|
1032 |
<td> |
|
1033 |
<span class="vexpl"> |
|
1034 |
<?=gettext("This option effectively bars the server from adding routes to the client's routing table, however note that this option still allows the server to set the TCP/IP properties of the client's TUN/TAP interface"); ?>. |
|
1035 |
</span> |
|
1036 |
</td> |
|
1037 |
</tr> |
|
1038 |
</table> |
|
1039 |
</td> |
|
1040 |
</tr> |
|
957 | 1041 |
</table> |
958 | 1042 |
|
959 | 1043 |
<table width="100%" border="0" cellpadding="6" cellspacing="0" id="client_opts" summary="advance configuration"> |
... | ... | |
977 | 1061 |
</table> |
978 | 1062 |
</td> |
979 | 1063 |
</tr> |
1064 |
|
|
1065 |
<tr id="comboboxVerbosityLevel"> |
|
1066 |
<td width="22%" valign="top" class="vncell"><?=gettext("Verbosity level");?></td> |
|
1067 |
<td width="78%" class="vtable"> |
|
1068 |
<select name="verbosity_level" class="formselect"> |
|
1069 |
<?php |
|
1070 |
foreach ($openvpn_verbosity_level as $verb_value => $verb_desc): |
|
1071 |
$selected = ""; |
|
1072 |
if ($pconfig['verbosity_level'] == $verb_value) |
|
1073 |
$selected = "selected=\"selected\""; |
|
1074 |
?> |
|
1075 |
<option value="<?=$verb_value;?>" <?=$selected;?>><?=$verb_desc;?></option> |
|
1076 |
<?php endforeach; ?> |
|
1077 |
</select> |
|
1078 |
<br /> |
|
1079 |
<?=gettext("Each level shows all info from the previous levels. Level 3 is recommended if you want a good summary of what's happening without being swamped by output"); ?>.<br /> <br /> |
|
1080 |
<strong>none</strong> -- <?=gettext("No output except fatal errors"); ?>. <br /> |
|
1081 |
<strong>default</strong>-<strong>4</strong> -- <?=gettext("Normal usage range"); ?>. <br /> |
|
1082 |
<strong>5</strong> -- <?=gettext("Output R and W characters to the console for each packet read and write, uppercase is used for TCP/UDP packets and lowercase is used for TUN/TAP packets"); ?>. <br /> |
|
1083 |
<strong>6</strong>-<strong>11</strong> -- <?=gettext("Debug info range"); ?>. |
|
1084 |
</td> |
|
1085 |
</tr> |
|
1086 |
|
|
980 | 1087 |
</table> |
981 | 1088 |
|
982 | 1089 |
<br /> |
usr/local/www/vpn_openvpn_server.php | ||
---|---|---|
98 | 98 |
$pconfig['local_port'] = openvpn_port_next('UDP'); |
99 | 99 |
$pconfig['pool_enable'] = "yes"; |
100 | 100 |
$pconfig['cert_depth'] = 1; |
101 |
$pconfig['verbosity_level'] = 1; // Default verbosity is 1 |
|
101 | 102 |
// OpenVPN Defaults to SHA1 |
102 | 103 |
$pconfig['digest'] = "SHA1"; |
103 | 104 |
} |
... | ... | |
205 | 206 |
$pconfig['autotls_enable'] = "yes"; |
206 | 207 |
|
207 | 208 |
$pconfig['duplicate_cn'] = isset($a_server[$id]['duplicate_cn']); |
209 |
|
|
210 |
// New features |
|
211 |
$pconfig['no_tun_ipv6'] = $a_server[$id]['no_tun_ipv6']; |
|
212 |
$pconfig['verbosity_level'] = $a_server[$id]['verbosity_level']; |
|
208 | 213 |
} |
209 | 214 |
} |
210 | 215 |
if ($_POST) { |
... | ... | |
428 | 433 |
$server['netbios_enable'] = $pconfig['netbios_enable']; |
429 | 434 |
$server['netbios_ntype'] = $pconfig['netbios_ntype']; |
430 | 435 |
$server['netbios_scope'] = $pconfig['netbios_scope']; |
436 |
|
|
437 |
// New features |
|
438 |
$server['no_tun_ipv6'] = $pconfig['no_tun_ipv6']; |
|
439 |
$server['verbosity_level'] = $pconfig['verbosity_level']; |
|
431 | 440 |
|
432 | 441 |
if ($pconfig['netbios_enable']) { |
433 | 442 |
|
... | ... | |
671 | 680 |
value = document.iform.dev_mode.options[index].value; |
672 | 681 |
switch(value) { |
673 | 682 |
case "tun": |
683 |
document.getElementById("cbNoTunIPv6").style.display=""; |
|
674 | 684 |
document.getElementById("ipv4_tunnel_network").className="vncellreq"; |
675 | 685 |
document.getElementById("serverbridge_dhcp").style.display="none"; |
676 | 686 |
document.getElementById("serverbridge_interface").style.display="none"; |
... | ... | |
679 | 689 |
document.getElementById("topology_subnet_opt").style.display=""; |
680 | 690 |
break; |
681 | 691 |
case "tap": |
692 |
document.getElementById("cbNoTunIPv6").style.display="none"; |
|
682 | 693 |
document.getElementById("ipv4_tunnel_network").className="vncell"; |
683 | 694 |
if (!p2p) { |
684 | 695 |
document.getElementById("serverbridge_dhcp").style.display=""; |
... | ... | |
1340 | 1351 |
<?php endforeach; ?> |
1341 | 1352 |
</select> |
1342 | 1353 |
<br /> |
1343 |
<?=gettext("Compress tunnel packets using the LZO algorithm. Adaptive compression will dynamically disable compression for a period of time if OpenVPN detects that the data in the packets is not being compressed efficiently."); ?> |
|
1354 |
<?=gettext("Compress tunnel packets using the LZO algorithm. Adaptive compression will dynamically disable compression for a period of time if OpenVPN detects that the data in the packets is not being compressed efficiently."); ?>.
|
|
1344 | 1355 |
</td> |
1345 | 1356 |
</tr> |
1346 | 1357 |
<tr> |
... | ... | |
1397 | 1408 |
</table> |
1398 | 1409 |
</td> |
1399 | 1410 |
</tr> |
1411 |
|
|
1412 |
<tr id="cbNoTunIPv6"> |
|
1413 |
<td width="22%" valign="top" class="vncell"><?=gettext("Disable IPv6"); ?></td> |
|
1414 |
<td width="78%" class="vtable"> |
|
1415 |
<table border="0" cellpadding="2" cellspacing="0" summary="disable-ipv6-srv"> |
|
1416 |
<tr> |
|
1417 |
<td> |
|
1418 |
<?php set_checked($pconfig['no_tun_ipv6'],$chk); ?> |
|
1419 |
<input name="no_tun_ipv6" type="checkbox" value="yes" <?=$chk;?> /> |
|
1420 |
</td> |
|
1421 |
<td> |
|
1422 |
<span class="vexpl"> |
|
1423 |
<?=gettext("Do not forward IPv6 traffic"); ?>. |
|
1424 |
</span> |
|
1425 |
</td> |
|
1426 |
</tr> |
|
1427 |
</table> |
|
1428 |
</td> |
|
1429 |
</tr> |
|
1430 |
|
|
1400 | 1431 |
</table> |
1401 | 1432 |
|
1402 | 1433 |
<table width="100%" border="0" cellpadding="6" cellspacing="0" id="client_opts" summary="client settings"> |
... | ... | |
1724 | 1755 |
</table> |
1725 | 1756 |
</td> |
1726 | 1757 |
</tr> |
1758 |
|
|
1759 |
<tr id="comboboxVerbosityLevel"> |
|
1760 |
<td width="22%" valign="top" class="vncell"><?=gettext("Verbosity level");?></td> |
|
1761 |
<td width="78%" class="vtable"> |
|
1762 |
<select name="verbosity_level" class="formselect"> |
|
1763 |
<?php |
|
1764 |
foreach ($openvpn_verbosity_level as $verb_value => $verb_desc): |
|
1765 |
$selected = ""; |
|
1766 |
if ($pconfig['verbosity_level'] == $verb_value) |
|
1767 |
$selected = "selected=\"selected\""; |
|
1768 |
?> |
|
1769 |
<option value="<?=$verb_value;?>" <?=$selected;?>><?=$verb_desc;?></option> |
|
1770 |
<?php endforeach; ?> |
|
1771 |
</select> |
|
1772 |
<br /> |
|
1773 |
<?=gettext("Each level shows all info from the previous levels. Level 3 is recommended if you want a good summary of what's happening without being swamped by output"); ?>.<br /> <br /> |
|
1774 |
<strong>none</strong> -- <?=gettext("No output except fatal errors"); ?>. <br /> |
|
1775 |
<strong>default</strong>-<strong>4</strong> -- <?=gettext("Normal usage range"); ?>. <br /> |
|
1776 |
<strong>5</strong> -- <?=gettext("Output R and W characters to the console for each packet read and write, uppercase is used for TCP/UDP packets and lowercase is used for TUN/TAP packets"); ?>. <br /> |
|
1777 |
<strong>6</strong>-<strong>11</strong> -- <?=gettext("Debug info range"); ?>. |
|
1778 |
</td> |
|
1779 |
</tr> |
|
1780 |
|
|
1727 | 1781 |
</table> |
1728 | 1782 |
|
1729 | 1783 |
<br /> |
Formats disponibles : Unified diff
patchpack1
-Fix #3401 (Added tun option "Disable IPv6"
-Added new options: route-nopull, route-noexec, verb;