";
&Header::closebigbox();
@@ -3218,7 +3231,7 @@ if ($confighash{$cgiparams{'KEY'}}) {
$cgiparams{'ENABLED'} = $confighash{$cgiparams{'KEY'}}[0];
$cgiparams{'NAME'} = $confighash{$cgiparams{'KEY'}}[1];
$cgiparams{'TYPE'} = $confighash{$cgiparams{'KEY'}}[3];
- $cgiparams{'AUTH'} = $confighash{$cgiparams{'KEY'}}[4];
+ $cgiparams{'AUTH'} = $confighash{$cgiparams{'KEY'}}[4];
$cgiparams{'PSK'} = $confighash{$cgiparams{'KEY'}}[5];
$cgiparams{'SIDE'} = $confighash{$cgiparams{'KEY'}}[6];
$cgiparams{'LOCAL_SUBNET'} = $confighash{$cgiparams{'KEY'}}[8];
@@ -3226,27 +3239,27 @@ if ($confighash{$cgiparams{'KEY'}}) {
$cgiparams{'REMOTE_SUBNET'} = $confighash{$cgiparams{'KEY'}}[11];
$cgiparams{'OVPN_MGMT'} = $confighash{$cgiparams{'KEY'}}[22];
$cgiparams{'MSSFIX'} = $confighash{$cgiparams{'KEY'}}[23];
- $cgiparams{'FRAGMENT'} = $confighash{$cgiparams{'KEY'}}[24];
+ $cgiparams{'FRAGMENT'} = $confighash{$cgiparams{'KEY'}}[24];
$cgiparams{'REMARK'} = $confighash{$cgiparams{'KEY'}}[25];
- $cgiparams{'INTERFACE'} = $confighash{$cgiparams{'KEY'}}[26];
+ $cgiparams{'INTERFACE'} = $confighash{$cgiparams{'KEY'}}[26];
$cgiparams{'OVPN_SUBNET'} = $confighash{$cgiparams{'KEY'}}[27];
$cgiparams{'PROTOCOL'} = $confighash{$cgiparams{'KEY'}}[28];
- $cgiparams{'DEST_PORT'} = $confighash{$cgiparams{'KEY'}}[29];
+ $cgiparams{'DEST_PORT'} = $confighash{$cgiparams{'KEY'}}[29];
$cgiparams{'COMPLZO'} = $confighash{$cgiparams{'KEY'}}[30];
$cgiparams{'MTU'} = $confighash{$cgiparams{'KEY'}}[31];
- $cgiparams{'CHECK1'} = $confighash{$cgiparams{'KEY'}}[32];
+ $cgiparams{'CHECK1'} = $confighash{$cgiparams{'KEY'}}[32];
my $name=$cgiparams{'CHECK1'} ;
$cgiparams{$name} = $confighash{$cgiparams{'KEY'}}[33];
$cgiparams{'RG'} = $confighash{$cgiparams{'KEY'}}[34];
$cgiparams{'CCD_DNS1'} = $confighash{$cgiparams{'KEY'}}[35];
$cgiparams{'CCD_DNS2'} = $confighash{$cgiparams{'KEY'}}[36];
$cgiparams{'CCD_WINS'} = $confighash{$cgiparams{'KEY'}}[37];
- $cgiparams{'PMTU_DISCOVERY'} = $confighash{$cgiparams{'KEY'}}[38];
+ $cgiparams{'PMTU_DISCOVERY'} = $confighash{$cgiparams{'KEY'}}[38];
} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'save'}) {
$cgiparams{'REMARK'} = &Header::cleanhtml($cgiparams{'REMARK'});
#A.Marx CCD check iroute field and convert it to decimal
-
+if ($cgiparams{'TYPE'} eq 'host') {
my @temp=();
my %ccdroutehash=();
my $keypoint=0;
@@ -3269,6 +3282,7 @@ if ($confighash{$cgiparams{'KEY'}}) {
chomp($val);
$val=~s/\s*$//g;
my($ip,$cidr) = split(/\//,$val);
+ $ip=&General::getnetworkip($ip,&General::iporsubtocidr($cidr));
$cidr=&General::iporsubtodec($cidr);
#check if iroute exists in ccdroute
@@ -3282,16 +3296,24 @@ if ($confighash{$cgiparams{'KEY'}}) {
}
#check for existing network IP's
- if ((&General::IpInSubnet ($ip,$netsettings{GREEN_NETADDRESS},$netsettings{GREEN_NETMASK}) && $netsettings{GREEN_NETADDRESS} ne '0.0.0.0')||
- (&General::IpInSubnet ($ip,$netsettings{RED_NETADDRESS},$netsettings{RED_NETMASK}) && $netsettings{RED_NETADDRESS} ne '0.0.0.0')||
- (&General::IpInSubnet ($ip,$netsettings{BLUE_NETADDRESS},$netsettings{BLUE_NETMASK}) && $netsettings{BLUE_NETADDRESS} ne '0.0.0.0' && $netsettings{BLUE_NETADDRESS} gt '')||
- (&General::IpInSubnet ($ip,$netsettings{ORANGE_NETADDRESS},$netsettings{ORANGE_NETMASK}) && $netsettings{ORANGE_NETADDRESS} ne '0.0.0.0' && $netsettings{ORANGE_NETADDRESS} gt '' )){
- $errormessage="$ip USED FOR SYSTEM!";
+ if (&General::IpInSubnet ($ip,$netsettings{GREEN_NETADDRESS},$netsettings{GREEN_NETMASK}) && $netsettings{GREEN_NETADDRESS} ne '0.0.0.0')
+ {
+ $errormessage=$Lang::tr{'ccd err green'};
+ goto VPNCONF_ERROR;
+ }elsif(&General::IpInSubnet ($ip,$netsettings{RED_NETADDRESS},$netsettings{RED_NETMASK}) && $netsettings{RED_NETADDRESS} ne '0.0.0.0')
+ {
+ $errormessage=$Lang::tr{'ccd err red'};
+ goto VPNCONF_ERROR;
+ }elsif(&General::IpInSubnet ($ip,$netsettings{BLUE_NETADDRESS},$netsettings{BLUE_NETMASK}) && $netsettings{BLUE_NETADDRESS} ne '0.0.0.0' && $netsettings{BLUE_NETADDRESS} gt '')
+ {
+ $errormessage=$Lang::tr{'ccd err blue'};
+ goto VPNCONF_ERROR;
+ }elsif(&General::IpInSubnet ($ip,$netsettings{ORANGE_NETADDRESS},$netsettings{ORANGE_NETMASK}) && $netsettings{ORANGE_NETADDRESS} ne '0.0.0.0' && $netsettings{ORANGE_NETADDRESS} gt '' )
+ {
+ $errormessage=$Lang::tr{'ccd err orange'};
goto VPNCONF_ERROR;
}
-
-
-
+
if (&General::validipandmask($val)){
$ccdroutehash{$keypoint}[$i] = $ip."/".$cidr;
}else{
@@ -3314,51 +3336,44 @@ if ($confighash{$cgiparams{'KEY'}}) {
}
undef @temp;
#check route field and convert it to decimal
-
my $val=0;
my $i=1;
-
&General::readhasharray("${General::swroot}/ovpn/ccdroute2", \%ccdroute2hash);
- if($cgiparams{'IFROUTE'} eq $Lang::tr{'ccd none'} || $cgiparams{'IFROUTE'} eq '') {
- undef $cgiparams{'IFROUTE'};
- foreach my $key (keys %ccdroute2hash){
- if ($ccdroute2hash{$key}[0] eq $cgiparams{'NAME'}) {
- delete $ccdroute2hash{$key};
- }
- }
- &General::writehasharray("${General::swroot}/ovpn/ccdroute2", \%ccdroute2hash);
- }else{
- #find key to use
- foreach my $key (keys %ccdroute2hash) {
- if ($ccdroute2hash{$key}[0] eq $cgiparams{'NAME'}) {
- $keypoint=$key;
- delete $ccdroute2hash{$key};
- }else{
- $keypoint = &General::findhasharraykey (\%ccdroute2hash);
- &General::writehasharray("${General::swroot}/ovpn/ccdroute", \%ccdroutehash);
- &writeserverconf;
- }
+ #find key to use
+ foreach my $key (keys %ccdroute2hash) {
+ if ($ccdroute2hash{$key}[0] eq $cgiparams{'NAME'}) {
+ $keypoint=$key;
+ delete $ccdroute2hash{$key};
+ }else{
+ $keypoint = &General::findhasharraykey (\%ccdroute2hash);
+ &General::writehasharray("${General::swroot}/ovpn/ccdroute", \%ccdroutehash);
+ &writeserverconf;
}
- $ccdroute2hash{$keypoint}[0]=$cgiparams{'NAME'};
- @temp = split(/\|/,$cgiparams{'IFROUTE'});
- my %ownnet=();
- &General::readhash("${General::swroot}/ethernet/settings", \%ownnet);
- foreach $val (@temp){
- chomp($val);
- $val=~s/\s*$//g;
- if ($val eq $Lang::tr{'green'})
- {
- $val=$ownnet{GREEN_NETADDRESS}."/".$ownnet{GREEN_NETMASK};
- }
- if ($val eq $Lang::tr{'blue'})
- {
- $val=$ownnet{BLUE_NETADDRESS}."/".$ownnet{BLUE_NETMASK};
- }
- if ($val eq $Lang::tr{'orange'})
- {
- $val=$ownnet{ORANGE_NETADDRESS}."/".$ownnet{ORANGE_NETMASK};
- }
- my ($ip,$cidr) = split (/\//, $val);
+ }
+ $ccdroute2hash{$keypoint}[0]=$cgiparams{'NAME'};
+ if ($cgiparams{'IFROUTE'} eq ''){$cgiparams{'IFROUTE'} = $Lang::tr{'ccd none'};}
+ @temp = split(/\|/,$cgiparams{'IFROUTE'});
+ my %ownnet=();
+ &General::readhash("${General::swroot}/ethernet/settings", \%ownnet);
+ foreach $val (@temp){
+ chomp($val);
+ $val=~s/\s*$//g;
+ if ($val eq $Lang::tr{'green'})
+ {
+ $val=$ownnet{GREEN_NETADDRESS}."/".$ownnet{GREEN_NETMASK};
+ }
+ if ($val eq $Lang::tr{'blue'})
+ {
+ $val=$ownnet{BLUE_NETADDRESS}."/".$ownnet{BLUE_NETMASK};
+ }
+ if ($val eq $Lang::tr{'orange'})
+ {
+ $val=$ownnet{ORANGE_NETADDRESS}."/".$ownnet{ORANGE_NETMASK};
+ }
+ my ($ip,$cidr) = split (/\//, $val);
+
+ if ($val ne $Lang::tr{'ccd none'})
+ {
if (! &check_routes_push($val)){$errormessage=$errormessage."Route $val ".$Lang::tr{'ccd err routeovpn2'}." ($val)";goto VPNCONF_ERROR;}
if (! &check_ccdroute($val)){$errormessage=$errormessage." Route $val ".$Lang::tr{'ccd err inuse'}." ($val)" ;goto VPNCONF_ERROR;}
if (! &check_ccdconf($val)){$errormessage=$errormessage." Route $val ".$Lang::tr{'ccd err routeovpn'}." ($val)";goto VPNCONF_ERROR;}
@@ -3369,10 +3384,13 @@ if ($confighash{$cgiparams{'KEY'}}) {
$errormessage=$errormessage."Route ".$Lang::tr{'ccd invalid'}." ($val)";
goto VPNCONF_ERROR;
}
- $i++;
- }
- &General::writehasharray("${General::swroot}/ovpn/ccdroute2", \%ccdroute2hash);
- }
+ }else{
+ $ccdroute2hash{$keypoint}[$i]='';
+ }
+ $i++;
+ }
+ &General::writehasharray("${General::swroot}/ovpn/ccdroute2", \%ccdroute2hash);
+
#check dns1 ip
if ($cgiparams{'CCD_DNS1'} ne '' && ! &General::validip($cgiparams{'CCD_DNS1'})) {
$errormessage=$errormessage." ".$Lang::tr{'invalid input for dhcp dns'}." 1";
@@ -3388,10 +3406,10 @@ if ($confighash{$cgiparams{'KEY'}}) {
$errormessage=$errormessage." ".$Lang::tr{'invalid input for dhcp wins'};
goto VPNCONF_ERROR;
}
-
+}
#CCD End
-
+
if ($cgiparams{'TYPE'} !~ /^(host|net)$/) {
$errormessage = $Lang::tr{'connection type is invalid'};
@@ -3881,7 +3899,7 @@ if ($cgiparams{'TYPE'} eq 'net') {
$confighash{$key}[6] = $cgiparams{'SIDE'};
$confighash{$key}[11] = $cgiparams{'REMOTE_SUBNET'};
}
- $confighash{$key}[8] = $cgiparams{'LOCAL_SUBNET'};
+ $confighash{$key}[8] = $cgiparams{'LOCAL_SUBNET'};
$confighash{$key}[10] = $cgiparams{'REMOTE'};
if ($cgiparams{'OVPN_MGMT'} eq '') {
$confighash{$key}[22] = $confighash{$key}[29];
@@ -3905,7 +3923,7 @@ if ($cgiparams{'TYPE'} eq 'net') {
$confighash{$key}[35] = $cgiparams{'CCD_DNS1'};
$confighash{$key}[36] = $cgiparams{'CCD_DNS2'};
$confighash{$key}[37] = $cgiparams{'CCD_WINS'};
- $confighash{$key}[38] = $cgiparams{'PMTU_DISCOVERY'};
+ $confighash{$key}[38] = $cgiparams{'PMTU_DISCOVERY'};
&General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
@@ -3927,6 +3945,7 @@ if ($cgiparams{'TYPE'} eq 'net') {
print CCDRWCONF "\n#Redirect Gateway: \n#All IP traffic is redirected through the vpn \n";
print CCDRWCONF "push redirect-gateway\n";
}
+ &General::readhasharray("${General::swroot}/ovpn/ccdroute", \%ccdroutehash);
if ($cgiparams{'IR'} ne ''){
print CCDRWCONF "\n#Client routes these Networks (behind Client)\n";
foreach my $key (keys %ccdroutehash){
@@ -3938,6 +3957,7 @@ if ($cgiparams{'TYPE'} eq 'net') {
}
}
}
+ if ($cgiparams{'IFROUTE'} eq $Lang::tr{'ccd none'} ){$cgiparams{'IFROUTE'}='';}
if ($cgiparams{'IFROUTE'} ne ''){
print CCDRWCONF "\n#Client gets routes to these Networks (behind IPFIRE)\n";
foreach my $key (keys %ccdroute2hash){
@@ -3946,7 +3966,7 @@ if ($cgiparams{'TYPE'} eq 'net') {
if($ccdroute2hash{$key}[$i] eq $Lang::tr{'blue'}){
my %blue=();
&General::readhash("${General::swroot}/ethernet/settings", \%blue);
- print CCDRWCONF "push \"route $blue{BLUE_ADDRESS} $blue{BLUE_NETMASK}\n";
+ print CCDRWCONF "push \"route $blue{BLUE_ADDRESS} $blue{BLUE_NETMASK}\n";
}elsif($ccdroute2hash{$key}[$i] eq $Lang::tr{'orange'}){
my %orange=();
&General::readhash("${General::swroot}/ethernet/settings", \%orange);
@@ -4376,51 +4396,66 @@ END
$Lang::tr{'ccd iroute2'}
DNS1:
DNS2:
diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl
index 186e99e0f..7fe336c13 100644
--- a/langs/de/cgi-bin/de.pl
+++ b/langs/de/cgi-bin/de.pl
@@ -1612,7 +1612,7 @@
'september' => 'September',
'serial' => 'serielle',
'server reserved' => 'The connection name server is reserved and not allowed',
-'server restart' => 'Wenn hier etwas geändert wird, muss der openVPN Server neu gestartet werden, damit die Einstellungen übernommen werden!',
+'server restart' => 'Änderungen können nicht gespeichert werden, solange der OpenVPN-Server läuft.',
'server string' => 'Server String',
'service' => 'Dienst',
'service added' => 'Benutzerdefinierter Netzwerkdienst wurde hinzugefügt',
diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl
index 739dffa40..4a2f73eef 100644
--- a/langs/en/cgi-bin/en.pl
+++ b/langs/en/cgi-bin/en.pl
@@ -1641,7 +1641,7 @@
'september' => 'September',
'serial' => 'Serial',
'server reserved' => 'The connection name server is reserved and not allowed',
-'server restart' => 'If you change these settings you have to restart the OpenVPN server for the changes to take effect!',
+'server restart' => 'You are not able to save any changes while the OpenVPN server is running.',
'server string' => 'Server String',
'service' => 'Service',
'service added' => 'Custom network service added',
diff --git a/src/scripts/ovpn-ccd-convert b/src/scripts/ovpn-ccd-convert
index a4062117d..86b7c94a5 100644
--- a/src/scripts/ovpn-ccd-convert
+++ b/src/scripts/ovpn-ccd-convert
@@ -5,10 +5,11 @@ my %ovpnconfig=();
my @serverconf=();
my $greennet;
my $greensubnet;
-
+my $running='off';
require '/var/ipfire/general-functions.pl';
if ( -e "/var/run/openvpn.pid"){
+ $running='on';
system('/usr/local/bin/openvpnctrl', '-k');
}
@@ -41,5 +42,7 @@ foreach my $key (keys %ovpnconfig){
$ovpnconfig{$key}[32] = 'dynamic';
}
&General::writehasharray("/var/ipfire/ovpn/ovpnconfig", \%ovpnconfig);
-system('/usr/local/bin/openvpnctrl', '-s');
-
+if ($running eq 'on')
+{
+ system('/usr/local/bin/openvpnctrl', '-s');
+}