"dev_node",
"/dev/net/tun",
translate("Use tun/tap device node") },
- { Flag,
- "tun_ipv6",
- 0,
- translate("Make tun device IPv6 capable") },
{ Value,
"ifconfig",
"10.200.200.3 10.200.200.1",
"mtu_test",
0,
translate("Empirically measure MTU") },
- { ListValue,
- "comp_lzo",
- { "yes", "no", "adaptive" },
- translate("Use fast LZO compression") },
- { Flag,
- "comp_noadapt",
- 0,
- translate("Don't use adaptive lzo compression"),
- { comp_lzo=1 } },
{ Value,
"link_mtu",
1500,
{ client="0" }, { client="" } },
{ DynamicList,
"push",
- { "redirect-gateway", "comp-lzo" },
+ { "redirect-gateway" },
translate("Push options to peer"),
{ client="0" }, { client="" } },
{ Flag,
"/etc/openvpn/ipp.txt 600",
translate("Persist/unpersist ifconfig-pool"),
{ client="0" }, { client="" } },
- -- deprecated and replaced by --topology p2p
- -- { Flag,
- -- "ifconfig_pool_linear",
- -- 0,
- -- translate("Use individual addresses rather than /30 subnets"),
- -- { client="0" }, { client="" } },
{ Value,
"ifconfig_push",
"10.200.200.1 255.255.255.255",
"3 10",
translate("Allowed maximum of new connections"),
{ client="0" }, { client="" } },
- { Flag,
- "client_cert_not_required",
- 0,
- translate("Don't require client certificate"),
- { client="0" }, { client="" } },
{ Flag,
"username_as_common_name",
0,
"engine",
"dynamic",
translate("Enable OpenSSL hardware crypto engines") },
- { Flag,
- "no_replay",
- 0,
- translate("Disable replay protection") },
{ Value,
"replay_window",
"64 15",
"replay_persist",
"/var/run/openvpn-replay-state",
translate("Persist replay-protection state") },
- { Flag,
- "no_iv",
- 0,
- translate("Disable cipher initialisation vector") },
{ Flag,
"tls_server",
0,
require("luci.ip")
require("luci.model.uci")
-
local basicParams = {
--
-- Widget, Name, Default(s), Description
{ Value, "nice",0, translate("Change process priority") },
{ Value,"port",1194, translate("TCP/UDP port # for both local and remote") },
{ ListValue,"dev_type",{ "tun", "tap" }, translate("Type of used device") },
- { Flag,"tun_ipv6",0, translate("Make tun device IPv6 capable") },
{ Value,"ifconfig","10.200.200.3 10.200.200.1", translate("Set tun/tap adapter parameters") },
{ Value,"server","10.200.200.0 255.255.255.0", translate("Configure server mode") },
{ Value,"server_bridge","192.168.1.1 255.255.255.0 192.168.1.128 192.168.1.254", translate("Configure server bridge") },
{ Flag,"nobind",0, translate("Do not bind to local address and port") },
- { ListValue,"comp_lzo",{"yes","no","adaptive"}, translate("Use fast LZO compression") },
{ Value,"keepalive","10 60", translate("Helper directive to simplify the expression of --ping and --ping-restart in server mode configurations") },
{ ListValue,"proto",{ "udp", "tcp-client", "tcp-server" }, translate("Use protocol") },
luci.cbi.CREATE_PREFIX .. self.config .. "." ..
self.sectiontype .. ".select"
)
- name = luci.http.formvalue(
+ local name = luci.http.formvalue(
luci.cbi.CREATE_PREFIX .. self.config .. "." ..
self.sectiontype .. ".text"
)
if #name > 3 and not name:match("[^a-zA-Z0-9_]") then
- uci:section(
- "openvpn", "openvpn", name,
- { uci:get_all( "openvpn_recipes", recipe ) }
- )
-
- uci:delete("openvpn", name, "_role")
- uci:delete("openvpn", name, "_description")
- uci:save("openvpn")
-
- luci.http.redirect( self.extedit:format(name) )
+ local s = uci:section("openvpn", "openvpn", name)
+ if s then
+ local options = uci:get_all("openvpn_recipes", recipe)
+ for k, v in pairs(options) do
+ uci:set("openvpn", name, k, v)
+ end
+ uci:delete("openvpn", name, "_role")
+ uci:delete("openvpn", name, "_description")
+ uci:save("openvpn")
+ luci.http.redirect( self.extedit:format(name) )
+ end
elseif #name > 0 then
self.invalid_cts = true
end
Licensed to the public under the Apache License 2.0.
-%>
-<fieldset class="cbi-section">
- <legend>
+<div class="cbi-section">
+ <h3>
<a href="<%=url('admin/services/openvpn')%>"><%:Overview%></a> »
<%=luci.i18n.translatef("Instance \"%s\"", self.instance)%>
- </legend>
+ </h3>
<% if self.mode == "basic" then %>
<a href="<%=url('admin/services/openvpn/advanced', self.instance, "Service")%>"><%:Switch to advanced configuration ยป%></a>
<% if next(self.categories, i) then %>|<% end %>
<% end %>
<% end %>
-</fieldset>
+</div>
# Routed point-to-point server
#
config openvpn_recipe server_tun_ptp
- option _description "Simple server configuration for a routed point-to-point VPN"
- option _role "server"
- option dev "tun"
- option ifconfig "10.0.0.1 10.0.0.2"
- option secret "shared-secret.key"
- option keepalive "10 60"
- option comp_lzo "yes"
- option verb "3"
- option mssfix "1420"
+ option _description 'Simple server configuration for a routed point-to-point VPN'
+ option _role 'server'
+ option dev 'tun'
+ option ifconfig '10.0.0.1 10.0.0.2'
+ option secret 'shared-secret.key'
+ option keepalive '10 60'
+ option verb '3'
+ option mssfix '1420'
#
# Routed point-to-point client
#
config openvpn_recipe client_tun_ptp
- option _description "Simple client configuration for a routed point-to-point VPN"
- option _role "client"
- option dev "tun"
- list remote "vpnserver.example.org"
- option ifconfig "10.0.0.2 10.0.0.1"
- option secret "shared-secret.key"
- option nobind "1"
- option comp_lzo "yes"
- option verb "3"
+ option _description 'Simple client configuration for a routed point-to-point VPN'
+ option _role 'client'
+ option dev 'tun'
+ list remote 'vpnserver.example.org'
+ option ifconfig '10.0.0.2 10.0.0.1'
+ option secret 'shared-secret.key'
+ option nobind '1'
+ option verb '3'
#
# Routed multi-client server
#
config openvpn_recipe server_tun
- option _description "Server configuration for a routed multi-client VPN"
- option _role "server"
- option dev "tun"
- option server "10.0.100.0 255.255.255.0"
- option ca "ca.crt"
- option cert "server.crt"
- option key "server.key"
- option dh "dh1024.pem"
- option keepalive "10 60"
- option comp_lzo "yes"
- option verb "3"
- option mssfix "1420"
+ option _description 'Server configuration for a routed multi-client VPN'
+ option _role 'server'
+ option dev 'tun'
+ option server '10.0.100.0 255.255.255.0'
+ option ca 'ca.crt'
+ option cert 'server.crt'
+ option key 'server.key'
+ option dh 'dh1024.pem'
+ option keepalive '10 60'
+ option verb '3'
+ option mssfix '1420'
#
# Routed client
#
config openvpn_recipe client_tun
- option _description "Client configuration for a routed multi-client VPN"
- option _role "client"
- option client "1"
- option dev "tun"
- list remote "vpnserver.example.org"
- option pkcs12 "my_client.p12"
- option remote_cert_tls "server"
- option comp_lzo "yes"
- option nobind "1"
- option persist_key "1"
- option persist_tun "1"
- option verb "3"
- option reneg_sec "0"
- option float "1"
+ option _description 'Client configuration for a routed multi-client VPN'
+ option _role 'client'
+ option client '1'
+ option dev 'tun'
+ list remote 'vpnserver.example.org'
+ option pkcs12 'my_client.p12'
+ option remote_cert_tls 'server'
+ option nobind '1'
+ option persist_key '1'
+ option persist_tun '1'
+ option verb '3'
+ option reneg_sec '0'
+ option float '1'
#
# Multi-client ethernet bridge server
#
config openvpn_recipe server_tap_bridge
- option _description "Server configuration for an ethernet bridge VPN"
- option _role "server"
- option dev "tap"
- option server_bridge "192.168.1.1 255.255.255.0 192.168.1.128 192.168.1.254"
- option ca "ca.crt"
- option cert "server.crt"
- option key "server.key"
- option dh "dh1024.pem"
- option keepalive "10 60"
- option comp_lzo "yes"
- option verb "3"
- option mssfix "1420"
+ option _description 'Server configuration for an ethernet bridge VPN'
+ option _role 'server'
+ option dev 'tap'
+ option server_bridge '192.168.1.1 255.255.255.0 192.168.1.128 192.168.1.254'
+ option ca 'ca.crt'
+ option cert 'server.crt'
+ option key 'server.key'
+ option dh 'dh1024.pem'
+ option keepalive '10 60'
+ option verb '3'
+ option mssfix '1420'
#
# Ethernet bridge client
#
config openvpn_recipe client_tap_bridge
- option _description "Client configuration for an ethernet bridge VPN"
- option _role "client"
- option client "1"
- option dev "tap"
- list remote "vpnserver.example.org"
- option ca "ca.crt"
- option cert "my_client.crt"
- option key "my_client.key"
- option dh "dh1024.pem"
- option remote_cert_tls "server"
- option comp_lzo "yes"
- option nobind "1"
- option persist_key "1"
- option verb "3"
- option reneg_sec "0"
- option float "1"
-
+ option _description 'Client configuration for an ethernet bridge VPN'
+ option _role 'client'
+ option client '1'
+ option dev 'tap'
+ list remote 'vpnserver.example.org'
+ option ca 'ca.crt'
+ option cert 'my_client.crt'
+ option key 'my_client.key'
+ option dh 'dh1024.pem'
+ option remote_cert_tls 'server'
+ option nobind '1'
+ option persist_key '1'
+ option verb '3'
+ option reneg_sec '0'
+ option float '1'
projects / project / luci.git / commitdiff