Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next

2026-04-12 12:15:52 +02:00 · 2014-01-14 22:35:11 +01:00
parent 2a127986dc bfaa69562a
commit d99f0ff8c6
14 changed files with 323 additions and 202 deletions
--- a/doc/language_issues.de
+++ b/doc/language_issues.de
@@ -140,7 +140,6 @@ WARNING: translation string unused: dmz pinhole configuration
 WARNING: translation string unused: dmz pinhole rule added
 WARNING: translation string unused: dmz pinhole rule removed
 WARNING: translation string unused: dmzpinholes for same net not necessary
-WARNING: translation string unused: dns server
 WARNING: translation string unused: do not log this port list
 WARNING: translation string unused: donation-link
 WARNING: translation string unused: driver
@@ -275,6 +274,7 @@ WARNING: translation string unused: invalid upstream proxy username or password
 WARNING: translation string unused: invert
 WARNING: translation string unused: ip address in use
 WARNING: translation string unused: ipfire side
+WARNING: translation string unused: ipsec no connections
 WARNING: translation string unused: iptable rules
 WARNING: translation string unused: isdn
 WARNING: translation string unused: isdn settings
--- a/doc/language_issues.en
+++ b/doc/language_issues.en
@@ -161,7 +161,6 @@ WARNING: translation string unused: dmz pinhole configuration
 WARNING: translation string unused: dmz pinhole rule added
 WARNING: translation string unused: dmz pinhole rule removed
 WARNING: translation string unused: dmzpinholes for same net not necessary
-WARNING: translation string unused: dns server
 WARNING: translation string unused: do not log this port list
 WARNING: translation string unused: donation-link
 WARNING: translation string unused: done
@@ -300,6 +299,7 @@ WARNING: translation string unused: invalid upstream proxy username or password
 WARNING: translation string unused: invert
 WARNING: translation string unused: ip address in use
 WARNING: translation string unused: ipfire side
+WARNING: translation string unused: ipsec no connections
 WARNING: translation string unused: iptable rules
 WARNING: translation string unused: isdn
 WARNING: translation string unused: isdn settings
--- a/doc/language_issues.es
+++ b/doc/language_issues.es
@@ -154,7 +154,6 @@ WARNING: translation string unused: dmz pinhole configuration
 WARNING: translation string unused: dmz pinhole rule added
 WARNING: translation string unused: dmz pinhole rule removed
 WARNING: translation string unused: dmzpinholes for same net not necessary
-WARNING: translation string unused: dns server
 WARNING: translation string unused: do not log this port list
 WARNING: translation string unused: donation-link
 WARNING: translation string unused: done
@@ -791,6 +790,7 @@ WARNING: untranslated string: grouptype
 WARNING: untranslated string: integrity
 WARNING: untranslated string: invalid input for dpd delay
 WARNING: untranslated string: invalid input for dpd timeout
+WARNING: untranslated string: ipsec
 WARNING: untranslated string: ipsec network
 WARNING: untranslated string: least preferred
 WARNING: untranslated string: lifetime
@@ -811,6 +811,7 @@ WARNING: untranslated string: outgoing firewall p2p allow
 WARNING: untranslated string: outgoing firewall p2p deny
 WARNING: untranslated string: ovpn errmsg green already pushed
 WARNING: untranslated string: ovpn errmsg invalid ip or mask
+WARNING: untranslated string: ovpn mgmt in root range
 WARNING: untranslated string: ovpn mtu-disc
 WARNING: untranslated string: ovpn mtu-disc and mtu not 1500
 WARNING: untranslated string: ovpn mtu-disc maybe
@@ -818,6 +819,8 @@ WARNING: untranslated string: ovpn mtu-disc no
 WARNING: untranslated string: ovpn mtu-disc off
 WARNING: untranslated string: ovpn mtu-disc with mssfix or fragment
 WARNING: untranslated string: ovpn mtu-disc yes
+WARNING: untranslated string: ovpn no connections
+WARNING: untranslated string: ovpn port in root range
 WARNING: untranslated string: ovpn routes push
 WARNING: untranslated string: ovpn routes push options
 WARNING: untranslated string: p2p block
--- a/doc/language_issues.fr
+++ b/doc/language_issues.fr
@@ -154,7 +154,6 @@ WARNING: translation string unused: dmz pinhole configuration
 WARNING: translation string unused: dmz pinhole rule added
 WARNING: translation string unused: dmz pinhole rule removed
 WARNING: translation string unused: dmzpinholes for same net not necessary
-WARNING: translation string unused: dns server
 WARNING: translation string unused: do not log this port list
 WARNING: translation string unused: donation-link
 WARNING: translation string unused: done
@@ -803,6 +802,7 @@ WARNING: untranslated string: grouptype
 WARNING: untranslated string: integrity
 WARNING: untranslated string: invalid input for dpd delay
 WARNING: untranslated string: invalid input for dpd timeout
+WARNING: untranslated string: ipsec
 WARNING: untranslated string: ipsec network
 WARNING: untranslated string: least preferred
 WARNING: untranslated string: lifetime
@@ -821,6 +821,7 @@ WARNING: untranslated string: openvpn prefix openvpn subnet
 WARNING: untranslated string: openvpn prefix remote subnet
 WARNING: untranslated string: openvpn subnet is used
 WARNING: untranslated string: other
+WARNING: untranslated string: ovpn mgmt in root range
 WARNING: untranslated string: ovpn mtu-disc
 WARNING: untranslated string: ovpn mtu-disc and mtu not 1500
 WARNING: untranslated string: ovpn mtu-disc maybe
@@ -828,6 +829,8 @@ WARNING: untranslated string: ovpn mtu-disc no
 WARNING: untranslated string: ovpn mtu-disc off
 WARNING: untranslated string: ovpn mtu-disc with mssfix or fragment
 WARNING: untranslated string: ovpn mtu-disc yes
+WARNING: untranslated string: ovpn no connections
+WARNING: untranslated string: ovpn port in root range
 WARNING: untranslated string: p2p block
 WARNING: untranslated string: p2p block save notice
 WARNING: untranslated string: pakfire ago
--- a/doc/language_issues.nl
+++ b/doc/language_issues.nl
@@ -156,7 +156,6 @@ WARNING: translation string unused: dmz pinhole configuration
 WARNING: translation string unused: dmz pinhole rule added
 WARNING: translation string unused: dmz pinhole rule removed
 WARNING: translation string unused: dmzpinholes for same net not necessary
-WARNING: translation string unused: dns server
 WARNING: translation string unused: do not log this port list
 WARNING: translation string unused: donation-link
 WARNING: translation string unused: done
@@ -749,12 +748,16 @@ WARNING: untranslated string: grouptype
 WARNING: untranslated string: integrity
 WARNING: untranslated string: invalid input for dpd delay
 WARNING: untranslated string: invalid input for dpd timeout
+WARNING: untranslated string: ipsec
 WARNING: untranslated string: ipsec network
 WARNING: untranslated string: least preferred
 WARNING: untranslated string: lifetime
 WARNING: untranslated string: most preferred
 WARNING: untranslated string: notice
 WARNING: untranslated string: openvpn network
+WARNING: untranslated string: ovpn mgmt in root range
+WARNING: untranslated string: ovpn no connections
+WARNING: untranslated string: ovpn port in root range
 WARNING: untranslated string: p2p block
 WARNING: untranslated string: p2p block save notice
 WARNING: untranslated string: qos enter bandwidths
--- a/doc/language_issues.pl
+++ b/doc/language_issues.pl
@@ -154,7 +154,6 @@ WARNING: translation string unused: dmz pinhole configuration
 WARNING: translation string unused: dmz pinhole rule added
 WARNING: translation string unused: dmz pinhole rule removed
 WARNING: translation string unused: dmzpinholes for same net not necessary
-WARNING: translation string unused: dns server
 WARNING: translation string unused: do not log this port list
 WARNING: translation string unused: donation-link
 WARNING: translation string unused: done
@@ -791,6 +790,7 @@ WARNING: untranslated string: grouptype
 WARNING: untranslated string: integrity
 WARNING: untranslated string: invalid input for dpd delay
 WARNING: untranslated string: invalid input for dpd timeout
+WARNING: untranslated string: ipsec
 WARNING: untranslated string: ipsec network
 WARNING: untranslated string: least preferred
 WARNING: untranslated string: lifetime
@@ -811,6 +811,7 @@ WARNING: untranslated string: outgoing firewall p2p allow
 WARNING: untranslated string: outgoing firewall p2p deny
 WARNING: untranslated string: ovpn errmsg green already pushed
 WARNING: untranslated string: ovpn errmsg invalid ip or mask
+WARNING: untranslated string: ovpn mgmt in root range
 WARNING: untranslated string: ovpn mtu-disc
 WARNING: untranslated string: ovpn mtu-disc and mtu not 1500
 WARNING: untranslated string: ovpn mtu-disc maybe
@@ -818,6 +819,8 @@ WARNING: untranslated string: ovpn mtu-disc no
 WARNING: untranslated string: ovpn mtu-disc off
 WARNING: untranslated string: ovpn mtu-disc with mssfix or fragment
 WARNING: untranslated string: ovpn mtu-disc yes
+WARNING: untranslated string: ovpn no connections
+WARNING: untranslated string: ovpn port in root range
 WARNING: untranslated string: ovpn routes push
 WARNING: untranslated string: ovpn routes push options
 WARNING: untranslated string: p2p block
--- a/doc/language_issues.ru
+++ b/doc/language_issues.ru
@@ -153,7 +153,6 @@ WARNING: translation string unused: dmz pinhole configuration
 WARNING: translation string unused: dmz pinhole rule added
 WARNING: translation string unused: dmz pinhole rule removed
 WARNING: translation string unused: dmzpinholes for same net not necessary
-WARNING: translation string unused: dns server
 WARNING: translation string unused: do not log this port list
 WARNING: translation string unused: donation-link
 WARNING: translation string unused: done
@@ -787,6 +786,7 @@ WARNING: untranslated string: incoming traffic in bytes per second
 WARNING: untranslated string: integrity
 WARNING: untranslated string: invalid input for dpd delay
 WARNING: untranslated string: invalid input for dpd timeout
+WARNING: untranslated string: ipsec
 WARNING: untranslated string: ipsec network
 WARNING: untranslated string: least preferred
 WARNING: untranslated string: lifetime
@@ -804,6 +804,7 @@ WARNING: untranslated string: openvpn prefix remote subnet
 WARNING: untranslated string: openvpn subnet is used
 WARNING: untranslated string: other
 WARNING: untranslated string: outgoing traffic in bytes per second
+WARNING: untranslated string: ovpn mgmt in root range
 WARNING: untranslated string: ovpn mtu-disc
 WARNING: untranslated string: ovpn mtu-disc and mtu not 1500
 WARNING: untranslated string: ovpn mtu-disc maybe
@@ -811,6 +812,8 @@ WARNING: untranslated string: ovpn mtu-disc no
 WARNING: untranslated string: ovpn mtu-disc off
 WARNING: untranslated string: ovpn mtu-disc with mssfix or fragment
 WARNING: untranslated string: ovpn mtu-disc yes
+WARNING: untranslated string: ovpn no connections
+WARNING: untranslated string: ovpn port in root range
 WARNING: untranslated string: p2p block
 WARNING: untranslated string: p2p block save notice
 WARNING: untranslated string: proxy reports
--- a/doc/language_issues.tr
+++ b/doc/language_issues.tr
@@ -161,7 +161,6 @@ WARNING: translation string unused: dmz pinhole configuration
 WARNING: translation string unused: dmz pinhole rule added
 WARNING: translation string unused: dmz pinhole rule removed
 WARNING: translation string unused: dmzpinholes for same net not necessary
-WARNING: translation string unused: dns server
 WARNING: translation string unused: do not log this port list
 WARNING: translation string unused: donation-link
 WARNING: translation string unused: done
@@ -755,12 +754,16 @@ WARNING: untranslated string: grouptype
 WARNING: untranslated string: integrity
 WARNING: untranslated string: invalid input for dpd delay
 WARNING: untranslated string: invalid input for dpd timeout
+WARNING: untranslated string: ipsec
 WARNING: untranslated string: ipsec network
 WARNING: untranslated string: least preferred
 WARNING: untranslated string: lifetime
 WARNING: untranslated string: most preferred
 WARNING: untranslated string: notice
 WARNING: untranslated string: openvpn network
+WARNING: untranslated string: ovpn mgmt in root range
+WARNING: untranslated string: ovpn no connections
+WARNING: untranslated string: ovpn port in root range
 WARNING: untranslated string: p2p block
 WARNING: untranslated string: p2p block save notice
 WARNING: untranslated string: red1
--- a/doc/language_missings
+++ b/doc/language_missings
@@ -273,7 +273,9 @@
 < integrity
 < invalid input for dpd delay
 < invalid input for dpd timeout
+< ipsec
 < ipsec network
+< ipsec no connections
 < least preferred
 < lifetime
 < minute
@@ -294,6 +296,7 @@
 < openvpn subnet is used
 < other
 < our donors
+< ovpn mgmt in root range
 < ovpn mtu-disc
 < ovpn mtu-disc and mtu not 1500
 < ovpn mtu-disc maybe
@@ -301,6 +304,8 @@
 < ovpn mtu-disc off
 < ovpn mtu-disc with mssfix or fragment
 < ovpn mtu-disc yes
+< ovpn no connections
+< ovpn port in root range
 < p2p block
 < p2p block save notice
 < proxy reports
@@ -698,7 +703,9 @@
 < integrity
 < invalid input for dpd delay
 < invalid input for dpd timeout
+< ipsec
 < ipsec network
+< ipsec no connections
 < least preferred
 < lifetime
 < minute
@@ -733,6 +740,7 @@
 < outgoing firewall view group
 < ovpn errmsg green already pushed
 < ovpn errmsg invalid ip or mask
+< ovpn mgmt in root range
 < ovpn mtu-disc
 < ovpn mtu-disc and mtu not 1500
 < ovpn mtu-disc maybe
@@ -740,6 +748,8 @@
 < ovpn mtu-disc off
 < ovpn mtu-disc with mssfix or fragment
 < ovpn mtu-disc yes
+< ovpn no connections
+< ovpn port in root range
 < ovpn routes push
 < ovpn routes push options
 < p2p block
@@ -1107,7 +1117,9 @@
 < integrity
 < invalid input for dpd delay
 < invalid input for dpd timeout
+< ipsec
 < ipsec network
+< ipsec no connections
 < least preferred
 < lifetime
 < minute
@@ -1128,6 +1140,7 @@
 < our donors
 < ovpn errmsg green already pushed
 < ovpn errmsg invalid ip or mask
+< ovpn mgmt in root range
 < ovpn mtu-disc
 < ovpn mtu-disc and mtu not 1500
 < ovpn mtu-disc maybe
@@ -1135,6 +1148,8 @@
 < ovpn mtu-disc off
 < ovpn mtu-disc with mssfix or fragment
 < ovpn mtu-disc yes
+< ovpn no connections
+< ovpn port in root range
 < ovpn routes push
 < ovpn routes push options
 < p2p block
@@ -1507,7 +1522,9 @@
 < integrity
 < invalid input for dpd delay
 < invalid input for dpd timeout
+< ipsec
 < ipsec network
+< ipsec no connections
 < least preferred
 < lifetime
 < minute
@@ -1528,6 +1545,7 @@
 < other
 < our donors
 < outgoing traffic in bytes per second
+< ovpn mgmt in root range
 < ovpn mtu-disc
 < ovpn mtu-disc and mtu not 1500
 < ovpn mtu-disc maybe
@@ -1535,6 +1553,8 @@
 < ovpn mtu-disc off
 < ovpn mtu-disc with mssfix or fragment
 < ovpn mtu-disc yes
+< ovpn no connections
+< ovpn port in root range
 < p2p block
 < p2p block save notice
 < proxy reports
--- a/html/cgi-bin/firewall.cgi
+++ b/html/cgi-bin/firewall.cgi
@@ -136,14 +136,17 @@ print<<END;
 		\$("#protocol").change(update_protocol);
 		update_protocol();

-		// When nat not used, hide it
-		if (! \$("#USE_NAT").attr("checked")) {
+		// Show/Hide elements when NAT checkbox is checked.
+		if (\$("#USE_NAT").attr("checked")) {
+			\$("#actions").hide();
+		} else {
 			\$(".NAT").hide();
 		}

 		// Show NAT area when "use nat" checkbox is clicked
 		\$("#USE_NAT").change(function() {
 			\$(".NAT").toggle();
+			\$("#actions").toggle();
 		});

 		// Time constraints
@@ -726,6 +729,9 @@ sub checkrule
 {
 	#check valid port for NAT
 	if($fwdfwsettings{'USE_NAT'} eq 'ON'){
+		#RULE_ACTION must be on if we use NAT
+		$fwdfwsettings{'RULE_ACTION'} = 'ACCEPT';
+
 		#if no dest port is given in nat area, take target host port
 		if($fwdfwsettings{'nat'} eq 'dnat' && $fwdfwsettings{'grp3'} eq 'TGT_PORT' && $fwdfwsettings{'dnatport'} eq ''){$fwdfwsettings{'dnatport'}=$fwdfwsettings{'TGT_PORT'};}
 		if($fwdfwsettings{'TGT_PORT'} eq '' && $fwdfwsettings{'dnatport'} ne '' && ($fwdfwsettings{'PROT'} eq 'TCP' || $fwdfwsettings{'PROT'} eq 'UDP')){
@@ -1847,7 +1853,7 @@ END
 		print <<END;
 			<br>
 			<center>
-				<table width="80%" class='tbl'>
+				<table width="80%" class='tbl' id='actions'>
 					<tr>
 						<td width="33%" align="center" bgcolor="$color{'color17'}">
 							&nbsp;<br>&nbsp;
--- a/html/cgi-bin/gpl.cgi
+++ b/html/cgi-bin/gpl.cgi
@@ -0,0 +1,82 @@
+#!/usr/bin/perl
+###############################################################################
+#                                                                             #
+# IPFire.org - A linux based firewall                                         #
+# Copyright (C) 2007-2012  IPFire Team  <info@ipfire.org>                     #
+#                                                                             #
+# This program is free software: you can redistribute it and/or modify        #
+# it under the terms of the GNU General Public License as published by        #
+# the Free Software Foundation, either version 3 of the License, or           #
+# (at your option) any later version.                                         #
+#                                                                             #
+# This program is distributed in the hope that it will be useful,             #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
+# GNU General Public License for more details.                                #
+#                                                                             #
+# You should have received a copy of the GNU General Public License           #
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
+#                                                                             #
+###############################################################################
+
+use strict;
+# enable only the following on debugging purpose
+#use warnings;
+#use CGI::Carp 'fatalsToBrowser';
+
+require '/var/ipfire/general-functions.pl';
+require "${General::swroot}/lang.pl";
+require "${General::swroot}/header.pl";
+require "/opt/pakfire/lib/functions.pl";
+
+
+my %cgiparams;
+my $refresh;
+
+if ( -e "/var/ipfire/main/gpl_accepted" ) {
+	print "Status: 302 Moved Temporarily\n";
+	print "Location: index.cgi\n\n";
+	exit (0);
+}
+&Header::showhttpheaders();
+
+$cgiparams{'ACTION'} = '';
+&Header::getcgihash(\%cgiparams);
+
+&Header::openpage($Lang::tr{'main page'}, 1, $refresh);
+&Header::openbigbox('', 'center');
+
+# licence agreement
+if ($cgiparams{'ACTION'} eq $Lang::tr{'yes'} && $cgiparams{'gpl_accepted'} eq '1') {
+	system('touch /var/ipfire/main/gpl_accepted');
+}
+
+&Header::openbox('100%', 'left', $Lang::tr{'gpl license agreement'});
+print <<END;
+	$Lang::tr{'gpl please read carefully the general public license and accept it below'}.
+	<br /><br />
+END
+;	
+if ( -e "/usr/share/doc/licenses/GPLv3" ) {
+	print '<textarea rows=\'25\' cols=\'75\' readonly=\'true\'>';
+	print `cat /usr/share/doc/licenses/GPLv3`;
+	print '</textarea>';
+}
+else {
+	print '<br /><a href=\'http://www.gnu.org/licenses/gpl-3.0.txt\' target=\'_blank\'>GNU GENERAL PUBLIC LICENSE</a><br />';
+}
+print <<END;
+	<p>
+		<form method='post' action='$ENV{'SCRIPT_NAME'}'>
+			<input type='checkbox' name='gpl_accepted' value='1'/> $Lang::tr{'gpl i accept these terms and conditions'}.
+			<br/ >
+			<input type='submit' name='ACTION' value=$Lang::tr{'yes'} />
+		</form>
+	</p>
+	<a href='http://www.gnu.org/licenses/translations.html' target='_blank'>$Lang::tr{'gpl unofficial translation of the general public license v3'}</a>
+
+END
+
+&Header::closebox();
+&Header::closebigbox();
+&Header::closepage();
--- a/html/cgi-bin/index.cgi
+++ b/html/cgi-bin/index.cgi
@@ -21,6 +21,7 @@

 use strict;
 use Net::Telnet;
+use Sort::Naturally;

 # enable only the following on debugging purpose
 #use warnings;
@@ -36,12 +37,22 @@ my %pppsettings=();
 my %modemsettings=();
 my %netsettings=();
 my %ddnssettings=();
+my %proxysettings=();
+my %vpnsettings=();
+my %vpnconfig=();
+my %ovpnconfig=();
 my $warnmessage = '';
 my $refresh = "";
 my $ipaddr='';
+my $showbox=0;
+my $showipsec=0;
+my $showovpn=0;

-my $haveipsec=0;
-my $haveovpn=0;
+if ( ! -e "/var/ipfire/main/gpl_accepted" ) {
+	print "Status: 302 Moved Temporarily\n";
+	print "Location: gpl.cgi\n\n";
+	exit (0);
+}

 &Header::showhttpheaders();

@@ -53,6 +64,8 @@ $pppsettings{'PROFILENAME'} = 'None';
 &General::readhash("${General::swroot}/modem/settings", \%modemsettings);
 &General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
 &General::readhash("${General::swroot}/ddns/settings", \%ddnssettings);
+&General::readhash("${General::swroot}/proxy/advanced/settings", \%proxysettings);
+&General::readhash("${General::swroot}/vpn/settings", \%vpnsettings);

 my %color = ();
 my %mainsettings = ();
@@ -61,12 +74,12 @@ my %mainsettings = ();

 my $connstate = &Header::connectionstatus();

-	if ( -e "/var/ipfire/main/gpl-accepted" ) {
-if ($connstate =~ /$Lang::tr{'connecting'}/ || /$Lang::tr{'connection closed'}/ ){
-	$refresh = "<meta http-equiv='refresh' content='5;'>";
-} elsif ($connstate =~ /$Lang::tr{'dod waiting'}/ || -e "${General::swroot}/main/refreshindex") {
-	$refresh = "<meta http-equiv='refresh' content='30;'>";
-}
+if ( -e "/var/ipfire/main/gpl-accepted" ) {
+	if ($connstate =~ /$Lang::tr{'connecting'}/ || /$Lang::tr{'connection closed'}/ ){
+		$refresh = "<meta http-equiv='refresh' content='5;'>";
+	}elsif ($connstate =~ /$Lang::tr{'dod waiting'}/ || -e "${General::swroot}/main/refreshindex") {
+		$refresh = "<meta http-equiv='refresh' content='30;'>";
+	}
 }

 if ($cgiparams{'ACTION'} eq $Lang::tr{'dial profile'})
@@ -81,8 +94,8 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'dial profile'})
 	unlink("${General::swroot}/ppp/settings");
 	link("${General::swroot}/ppp/settings-$cgiparams{'PROFILE'}",
 		"${General::swroot}/ppp/settings");
-	system ("/usr/bin/touch", "${General::swroot}/ppp/updatesettings");
-
+	open (TMP, ">${General::swroot}/ppp/updatesettings");
+	close TMP;
 	# read in the new params "early" so we can write secrets.
 	%cgiparams = ();
 	&General::readhash("${General::swroot}/ppp/settings", \%cgiparams);
@@ -106,10 +119,11 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'dial profile'})

 if ($cgiparams{'ACTION'} eq $Lang::tr{'dial'}) {
 	system('/usr/local/bin/redctrl start > /dev/null') == 0
-	or &General::log("Dial failed: $?"); sleep 1;}
-elsif ($cgiparams{'ACTION'} eq $Lang::tr{'hangup'}) {
+	or &General::log("Dial failed: $?"); sleep 1;
+}elsif ($cgiparams{'ACTION'} eq $Lang::tr{'hangup'}) {
 	system('/usr/local/bin/redctrl stop > /dev/null') == 0
-	or &General::log("Hangup failed: $?"); sleep 1;}
+	or &General::log("Hangup failed: $?"); sleep 1;
+}

 my $c;
 my $maxprofiles = 5;
@@ -129,29 +143,21 @@ for ($c = 1; $c <= $maxprofiles; $c++) {
 $selected{'PROFILE'}{$pppsettings{'PROFILE'}} = "selected='selected'";
 my $dialButtonDisabled = "disabled='disabled'";

-
 &Header::openpage($Lang::tr{'main page'}, 1, $refresh);
 &Header::openbigbox('', 'center');
+if (open(IPADDR,"${General::swroot}/red/local-ipaddress")) {
+	    $ipaddr = <IPADDR>;
+	    close IPADDR;
+	    chomp ($ipaddr);
+	}

-# licence agreement
-if ($cgiparams{'ACTION'} eq $Lang::tr{'yes'} && $cgiparams{'gpl_accepted'} eq '1') {
-	system('touch /var/ipfire/main/gpl_accepted')
-}
-if ( -e "/var/ipfire/main/gpl_accepted" ) {
 &Header::openbox('100%', 'center', '');
-
-
 if ( ( $pppsettings{'VALID'} eq 'yes' && $modemsettings{'VALID'} eq 'yes' ) || ( $netsettings{'CONFIG_TYPE'} =~ /^(1|2|3|4)$/ && $netsettings{'RED_TYPE'} =~ /^(DHCP|STATIC)$/ )) {
 	if (open(IPADDR,"${General::swroot}/ddns/ipcache")) {
   	    $ipaddr = <IPADDR>;
    	    close IPADDR;
    	    chomp ($ipaddr);
 	}
-	if (open(IPADDR,"${General::swroot}/red/local-ipaddress")) {
-	    $ipaddr = <IPADDR>;
-	    close IPADDR;
-	    chomp ($ipaddr);
-	}
 } elsif ($modemsettings{'VALID'} eq 'no') {
 	print "$Lang::tr{'modem settings have errors'}\n </b></font>\n";
 } else {
@@ -160,45 +166,54 @@ if ( ( $pppsettings{'VALID'} eq 'yes' && $modemsettings{'VALID'} eq 'yes' ) || (

 print <<END;
 <!-- Table of networks -->
-<table width=80% class='tbl'>
+<table width=80% class='tbl' >
  <tr>  <th bgcolor='$color{'color20'}'>$Lang::tr{'network'}</th>
        <th bgcolor='$color{'color20'}'>$Lang::tr{'ip address'}</th>
        <th bgcolor='$color{'color20'}'>$Lang::tr{'status'}</th></tr>
  <tr>  <td align='center' bgcolor='$Header::colourred' width='25%'><a href="/cgi-bin/pppsetup.cgi"><font size='2' color='white'><b>$Lang::tr{'internet'}</b></font></a><br></td>
        <td width='30%' align='center'>$ipaddr </td>
-        <td width='45%' align='center'>$connstate 
+        <td width='45%' align='center'>$connstate </td></tr>
 END
 	my $HOSTNAME = (gethostbyaddr(pack("C4", split(/\./, $ipaddr)), 2))[0];
 	if ( "$HOSTNAME" ne "" ) {
 		print <<END;
-	<tr><td><b>Hostname:</b><td align='center'>$HOSTNAME<td>&nbsp;
+	<tr><td><b>Hostname:</b><td align='center'>$HOSTNAME</td><td></td>
 END
 	}

-	if ( -e "/var/ipfire/red/remote-ipaddress" ) {
-		my $GATEWAY = `cat /var/ipfire/red/remote-ipaddress`;
+	if ( -e "${General::swroot}/red/remote-ipaddress" ) {
+		open (TMP, "<${General::swroot}/red/remote-ipaddress");
+		my $GATEWAY = <TMP>;
 		chomp($GATEWAY);
+		close TMP;
 		print <<END;
-	<tr><td><b>Gateway:</b><td align='center'>$GATEWAY<td>&nbsp;
+	<tr><td><b>Gateway:</b><td align='center'>$GATEWAY</td><td></td></tr>
 END
 	}
-
-	my $DNS1 = `cat /var/ipfire/red/dns1`;
-	my $DNS2 = `cat /var/ipfire/red/dns2`;
-	chomp($DNS1);
+	#Read DNS server 1
+	open (DNS1, "<${General::swroot}/red/dns1");
+	my $DNS1 = <DNS1>;
 	chomp($DNS1);
+	close DNS1;
+	#Read DNS server 2
+	open (DNS2, "<${General::swroot}/red/dns2");
+	my $DNS2 = <DNS2>;
+	chomp($DNS2);
+	close DNS2;

 	if ( $DNS1 ) { print <<END;
-	<tr><td><b>DNS-Server:</b><td align='center'>$DNS1
+	<tr><td><b>$Lang::tr{'dns server'}1:</b></td><td align='center'>$DNS1</td><td></td></tr>
 END
 	}
 	if ( $DNS2 ) { print <<END;
-	<td align='center'>$DNS2
+	<tr><td><b>$Lang::tr{'dns server'}2:</b></td><td align='center'>$DNS2</td><td></td></tr>
+	</table>
 END
 	} else { print <<END;
-	<td>&nbsp;</td>
+	<td></td>
 	</tr>
 	</table>
+
 END
 	}

@@ -255,9 +270,9 @@ END
 		<td width='30%' align='center'>$netsettings{'GREEN_ADDRESS'}/$sub
 		<td width='45%' align='center'>
 END
-		if ( `cat /var/ipfire/proxy/advanced/settings | grep ^ENABLE=on` ) { 
-			print $Lang::tr{'advproxy on'}; 
-			if ( `cat /var/ipfire/proxy/advanced/settings | grep ^TRANSPARENT=on` ) { print " (transparent)"; }
+		if ( $proxysettings{'ENABLE'} eq 'on' ) {
+			print $Lang::tr{'advproxy on'};
+			if ( $proxysettings{'TRANSPARENT'} eq 'on' ) { print " (transparent)"; }
 		}	else { print $Lang::tr{'advproxy off'};  }
 	}
 	if ( $netsettings{'BLUE_DEV'} ) {
@@ -267,9 +282,9 @@ END
 		<td width='30%' align='center'>$netsettings{'BLUE_ADDRESS'}/$sub
 		<td width='45%' align='center'>
 END
-		if ( `cat /var/ipfire/proxy/advanced/settings | grep ^ENABLE_BLUE=on` ) { 
-			print $Lang::tr{'advproxy on'};  
-			if ( `cat /var/ipfire/proxy/advanced/settings | grep ^TRANSPARENT_BLUE=on` ) { print " (transparent)"; }
+		if ( $proxysettings{'ENABLE_BLUE'} eq 'on' ) {
+			print $Lang::tr{'advproxy on'};
+			if ( $proxysettings{'TRANSPARENT_BLUE'} eq 'on' ) { print " (transparent)"; }
 		}	else { print $Lang::tr{'advproxy off'};  }
 	}
 	if ( $netsettings{'ORANGE_DEV'} ) {
@@ -281,10 +296,8 @@ END
 END
 	}
 #check if IPSEC is running
-if ( `cat /var/ipfire/vpn/settings | grep ^ENABLED=on` ||
-	`cat /var/ipfire/vpn/settings | grep ^ENABLED_BLUE=on` ) {
-	$haveipsec=1;
-	my $ipsecip = `cat /var/ipfire/vpn/settings | grep ^VPN_IP= | cut -c 8-`;
+if ( $vpnsettings{'ENABLED'} eq 'on' || $vpnsettings{'ENABLED_BLUE'} eq 'on' ) {
+	my $ipsecip = $vpnsettings{'VPN_IP'};
 print<<END;
 		<tr><td align='center' bgcolor='$Header::colourvpn' width='25%'><a href="/cgi-bin/vpnmain.cgi"><font size='2' color='white'><b>$Lang::tr{'ipsec'}</b></font></a><br>
 		<td width='30%' align='center'>$ipsecip
@@ -302,7 +315,6 @@ if (($confighash{'ENABLED'} eq "on") ||
 	my ($ovpnip,$sub) = split("/",$confighash{'DOVPN_SUBNET'});
 	$sub=&General::iporsubtocidr($sub);
 	$ovpnip="$ovpnip/$sub";
-	$haveovpn=1;
 print <<END;
 	<tr>
 		<td align='center' bgcolor='$Header::colourovpn' width='25%'>
@@ -315,53 +327,73 @@ END
 print"</td></tr></table>";
 &Header::closebox();

-# Start of Box wich contains all vpn connections
-	&Header::openbox('100%', 'center', $Lang::tr{'vpn'}) if ($haveipsec || $haveovpn);
+#Check if there are any vpns configured (ipsec and openvpn)
+&General::readhasharray("${General::swroot}/vpn/config", \%vpnconfig);
+foreach my $key (sort { ncmp($vpnconfig{$a}[1],$vpnconfig{$b}[1]) } keys %vpnconfig) {
+	if ($vpnconfig{$key}[0] eq 'on'){
+		$showipsec=1;
+		$showbox=1;
+		last;
+	}
+}
+&General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%ovpnconfig);
+foreach my $dkey (sort { ncmp($ovpnconfig{$a}[1],$ovpnconfig{$b}[1])} keys %ovpnconfig) {
+	if (($ovpnconfig{$dkey}[3] eq 'net') && (-e "/var/run/$ovpnconfig{$dkey}[1]n2n.pid")){
+		$showbox=1;
+		$showovpn=1;
+		last;
+	}
+}

+if ($showbox){
+# Start of Box wich contains all vpn connections
+	&Header::openbox('100%', 'center', $Lang::tr{'vpn'});
 #show ipsec connectiontable
-	if ( $haveipsec ) {
-		my $ipsecip = `cat /var/ipfire/vpn/settings | grep ^VPN_IP= | cut -c 8-`;
+	if ( $showipsec ) {
+		my $ipsecip = $vpnsettings{'VPN_IP'};
 		my @status = `/usr/local/bin/ipsecctrl I`;
 		my %confighash = ();
-		&General::readhasharray("${General::swroot}/vpn/config", \%confighash);
+		my $id = 0;
+		my $gif;
+		my $col="";
+		my $count=0;
 		print <<END;
 		<br>
 		<table width='80%' class='tbl'>
 		<tr>
-			<th>$Lang::tr{'ipsec network'}</th>
-			<th>$Lang::tr{'ip address'}</th>
-			<th>$Lang::tr{'status'}</th>
+			<th width='40%'>$Lang::tr{'ipsec network'}</th>
+			<th width='30%'>$Lang::tr{'ip address'}</th>
+			<th width='30%'>$Lang::tr{'status'}</th>
 		</tr>
 END
-		my $id = 0;
-		my $gif;
-		my $col="";
-		foreach my $key (sort { uc($confighash{$a}[1]) cmp uc($confighash{$b}[1]) } keys %confighash) {
-			if ($confighash{$key}[0] eq 'on') { $gif = 'on.gif'; } else { $gif = 'off.gif'; }
-			my ($vpnip,$vpnsub) = split("/",$confighash{$key}[11]);
-			$vpnsub=&General::iporsubtocidr($vpnsub);
-			$vpnip="$vpnip/$vpnsub";
-			if ($id % 2) {
-				$col="bgcolor='$color{'color20'}'";
-				print "<tr><td align='left' nowrap='nowrap' bgcolor='$Header::colourvpn' width='50%'><font color=white>$confighash{$key}[1] / " . $Lang::tr{"$confighash{$key}[3]"} . " (" . $Lang::tr{"$confighash{$key}[4]"} . ")</td><td align='center' $col>$vpnip</td>";
-			} else {
-				$col="bgcolor='$color{'color22'}'";
-				print "<tr></td><td align='left' nowrap='nowrap' bgcolor='$Header::colourvpn' width='50%'><font color=white>$confighash{$key}[1] / " . $Lang::tr{"$confighash{$key}[3]"} . " (" . $Lang::tr{"$confighash{$key}[4]"} . ")</td><td align='center' $col>$vpnip</td>";
-			}
-			
-			my $active = "<td bgcolor='${Header::colourred}' width='15%' align='center'><b><font color='#FFFFFF'>$Lang::tr{'capsclosed'}</font></b></td>";
-			if ($confighash{$key}[0] eq 'off') {
-			    $active = "<td bgcolor='${Header::colourblue}' width='15%' align='center'><b><font color='#FFFFFF'>$Lang::tr{'capsclosed'}</font></b></td>";
-			} else {
-			    foreach my $line (@status) {
-				if (($line =~ /\"$confighash{$key}[1]\".*IPsec SA established/) ||
-				    ($line =~/$confighash{$key}[1]\{.*INSTALLED/ ))
-				    {
-				    $active = "<table cellpadding='2' cellspacing='0' bgcolor='${Header::colourgreen}' width='100%'><tr><td align='center'><b><font color='#FFFFFF'>$Lang::tr{'capsopen'}</font></b></td></tr></table>";
+		foreach my $key (sort { uc($vpnconfig{$a}[1]) cmp uc($vpnconfig{$b}[1]) } keys %vpnconfig) {
+			if ($vpnconfig{$key}[0] eq 'on') {
+				$count++;
+				my ($vpnip,$vpnsub) = split("/",$vpnconfig{$key}[11]);
+				$vpnsub=&General::iporsubtocidr($vpnsub);
+				$vpnip="$vpnip/$vpnsub";
+				if ($count % 2){
+					$col="bgcolor='$color{'color22'}'";
+				}else{
+					$col="bgcolor='$color{'color20'}'";
 				}
-			   }
+				if ($id % 2) {
+					print "<tr><td align='left' nowrap='nowrap' bgcolor='$Header::colourvpn'><font color=white>$vpnconfig{$key}[1]</td><td align='center' $col>$vpnip</td>";
+				} else {
+					print "<tr></td><td align='left' nowrap='nowrap' bgcolor='$Header::colourvpn'><font color=white>$vpnconfig{$key}[1]</td><td align='center' $col>$vpnip</td>";
+				}
+				my $active = "<td bgcolor='${Header::colourred}' align='center'><b><font color='#FFFFFF'>$Lang::tr{'capsclosed'}</font></b></td>";
+				if ($vpnconfig{$key}[0] eq 'off') {
+					$active = "<td bgcolor='${Header::colourblue}' align='center'><b><font color='#FFFFFF'>$Lang::tr{'capsclosed'}</font></b></td>";
+				} else {
+					foreach my $line (@status) {
+						if (($line =~ /\"$vpnconfig{$key}[1]\".*IPsec SA established/) || ($line =~/$vpnconfig{$key}[1]\{.*INSTALLED/ )){
+							$active = "<td align='center' bgcolor='${Header::colourgreen}'><b><font color='#FFFFFF'>$Lang::tr{'capsopen'}</font></b></td>";
+						}
+					}
+				}
+				print "$active</td>";
 			}
-			print "$active</td>";
 		}
 		print "</tr></table>";
 	}
@@ -370,77 +402,67 @@ END
 # Check if there is any OpenVPN connection configured.
 ###

-if ( $haveovpn )
-{
-	print <<END;
-	<br>
-	<table width='80%' class='tbl'>
-	<tr>
-		<th>$Lang::tr{'openvpn network'}</th>
-		<th>$Lang::tr{'ip address'}</th>
-		<th>$Lang::tr{'status'}</th>
+	if ( $showovpn ){
+		print <<END;
+		<br>
+		<table width='80%' class='tbl'>
+		<tr>
+			<th width='40%'>$Lang::tr{'openvpn network'}</th>
+			<th width='30%'>$Lang::tr{'ip address'}</th>
+			<th width='30%'>$Lang::tr{'status'}</th>
 END
-	# Check if the OpenVPN server for Road Warrior Connections is running and display status information.
-	my %confighash=();

-	&General::readhash("${General::swroot}/ovpn/settings", \%confighash);
-	# Print the OpenVPN N2N connection status.
-	if ( -d "${General::swroot}/ovpn/n2nconf") {
-		my %confighash=();
-
-		&General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
-		my $lines;
-		my $col="";
-		foreach my $dkey (keys %confighash) {
-			$lines++;
-			if (($confighash{$dkey}[3] eq 'net') && (-e "/var/run/$confighash{$dkey}[1]n2n.pid")) {
-				my $tport = $confighash{$dkey}[22];
-				next if ($tport eq '');
-
-				my $tnet = new Net::Telnet ( Timeout=>5, Errmode=>'return', Port=>$tport); 
-				$tnet->open('127.0.0.1');
-				my @output = $tnet->cmd(String => 'state', Prompt => '/(END.*\n|ERROR:.*\n)/');
-				my @tustate = split(/\,/, $output[1]);
-
-				my $display;
-				my $display_colour = $Header::colourred;
-				if (($tustate[1] eq 'CONNECTED') || ($tustate[1] eq 'WAIT')) {
-					$display_colour = $Header::colourgreen;
-					$display = $Lang::tr{'capsopen'};
-				} else {
-					$display = $tustate[1];
-				}
-				if ($lines %2){
-					$col="bgcolor='$color{'color20'}'";
-				}else{
-					$col="bgcolor='$color{'color22'}'";
-				}
-				#make cidr from ip
-				my ($vpnip,$vpnsub) = split("/",$confighash{$dkey}[11]);
-				my $vpnsub=&General::iporsubtocidr($vpnsub);
-				my $vpnip="$vpnip/$vpnsub";
-				print <<END;
-				<tr>
-					<td align='left' nowrap='nowrap' bgcolor='$Header::colourovpn' width='50%'><font color=white>
-						$confighash{$dkey}[1]
-					</td>
-					<td align='center' $col>
-						$vpnip
-					</td>
-					<td align='center' bgcolor='$display_colour' width='15%'>
-						<b>
-							<font color='#FFFFFF'>
-								$display
-							</font>
-						</b>
-					</td>
-				</tr>
+		# Check if the OpenVPN server for Road Warrior Connections is running and display status information.
+		my $active;
+		my $count=0;
+		# Print the OpenVPN N2N connection status.
+		if ( -d "${General::swroot}/ovpn/n2nconf") {
+			my $col="";
+			foreach my $dkey (sort { ncmp ($ovpnconfig{$a}[1],$ovpnconfig{$b}[1])} keys %ovpnconfig) {
+				if (($ovpnconfig{$dkey}[3] eq 'net') && (-e "/var/run/$ovpnconfig{$dkey}[1]n2n.pid")){
+					$count++;
+					my $tport = $ovpnconfig{$dkey}[22];
+					next if ($tport eq '');
+					my $tnet = new Net::Telnet ( Timeout=>5, Errmode=>'return', Port=>$tport);
+					$tnet->open('127.0.0.1');
+					my @output = $tnet->cmd(String => 'state', Prompt => '/(END.*\n|ERROR:.*\n)/');
+					my @tustate = split(/\,/, $output[1]);
+					my $display;
+					my $display_colour = $Header::colourred;
+					if ( $tustate[1] eq 'CONNECTED' || ($tustate[1] eq 'WAIT')) {
+						$display_colour = $Header::colourgreen;
+						$display = $Lang::tr{'capsopen'};
+					} else {
+						$display = $tustate[1];
+					}
+					if ($count %2){
+						$col="bgcolor='$color{'color22'}'";
+					}else{
+						$col="bgcolor='$color{'color20'}'";
+					}
+					$active='off';
+					#make cidr from ip
+					my ($vpnip,$vpnsub) = split("/",$ovpnconfig{$dkey}[11]);
+					my $vpnsub=&General::iporsubtocidr($vpnsub);
+					my $vpnip="$vpnip/$vpnsub";
+					print <<END;
+					<tr>
+						<td align='left' nowrap='nowrap' bgcolor='$Header::colourovpn'><font color='white'>$ovpnconfig{$dkey}[1]</font></td>
+						<td align='center' $col>$vpnip</td>
+						<td align='center' bgcolor='$display_colour' ><b><font color='#FFFFFF'>$display</font></b></td>
+					</tr>
 END
+				}
 			}
 		}
+		if ($active ne 'off'){
+			print "<tr><td colspan='3' align='center'>$Lang::tr{'ovpn no connections'}</td></tr>";
+		}
+		print"</table>";
 	}
-}
 &Header::closebox();
+}
+
 # Fireinfo
 if ( ! -e "/var/ipfire/main/send_profile") {
 	$warnmessage .= "<li><a style='color: white;' href='fireinfo.cgi'>$Lang::tr{'fireinfo please enable'}</a></li>";
@@ -501,52 +523,21 @@ foreach my $disk (@files) {
 	$warnmessage .= "<li>$disk - $Lang::tr{'deprecated fs warn'}</li>\n\n";
 }

-
 if ($warnmessage) {
+	&Header::openbox('100%','center', );
+	print "<table width='80%' class='tbl'>";
+	print "<tr><th>$Lang::tr{'fwhost hint'}</th></tr>";
 	print "<tr><td align='center' bgcolor=$Header::colourred colspan='3'><font color='white'>$warnmessage</font></table>";
+	&Header::closebox();
 }
-print <<END;
-</table>
-END
-;
+
+print "<div align='center'>";
 &Pakfire::dblist("upgrade", "notice");
-print <<END;
-END
 if ( -e "/var/run/need_reboot" ) {
 	print "<br /><br /><font color='red'>$Lang::tr{'needreboot'}!</font>";
 }
-&Header::closebox();
-}

-else {
-&Header::openbox('100%', 'left', $Lang::tr{'gpl license agreement'});
-print <<END;
-	$Lang::tr{'gpl please read carefully the general public license and accept it below'}.
-	<br /><br />
-END
-;	
-if ( -e "/usr/share/doc/licenses/GPLv3" ) {
-	print '<textarea rows=\'25\' cols=\'75\' readonly=\'true\'>';
-	print `cat /usr/share/doc/licenses/GPLv3`;
-	print '</textarea>';
-}
-else {
-	print '<br /><a href=\'http://www.gnu.org/licenses/gpl-3.0.txt\' target=\'_blank\'>GNU GENERAL PUBLIC LICENSE</a><br />';
-}
-print <<END;
-	<p>
-		<form method='post' action='$ENV{'SCRIPT_NAME'}'>
-			<input type='checkbox' name='gpl_accepted' value='1'/> $Lang::tr{'gpl i accept these terms and conditions'}.
-			<br/ >
-			<input type='submit' name='ACTION' value=$Lang::tr{'yes'} />
-		</form>
-	</p>
-	<a href='http://www.gnu.org/licenses/translations.html' target='_blank'>$Lang::tr{'gpl unofficial translation of the general public license v3'}</a>
-
-END
-
-&Header::closebox();
-}
+print "</div>";

 &Header::closebigbox();
 &Header::closepage();
--- a/langs/de/cgi-bin/de.pl
+++ b/langs/de/cgi-bin/de.pl
@@ -1269,10 +1269,11 @@
 'ipfire side is invalid' => 'IPFire Seite ist ungültig.',
 'ipfires hostname' => 'IPFire\'s Hostname',
 'ipinfo' => 'IP-Info',
-'iptable rules' => 'IPTable-Regeln',
-'iptmangles' => 'IPTable Mangles',
 'ipsec' => 'IPsec',
 'ipsec network' => 'IPsec-Netzwerke',
+'ipsec no connections' => 'Keine aktiven IPsec Verbindungen',
+'iptable rules' => 'IPTable-Regeln',
+'iptmangles' => 'IPTable Mangles',
 'iptnats' => 'IPTable Network Address Translation',
 'ipts' => 'iptables',
 'isdn' => 'ISDN',
@@ -1596,6 +1597,7 @@
 'ovpn errmsg green already pushed' => 'Route für grünes Netzwerk wird immer gesetzt',
 'ovpn errmsg invalid ip or mask' => 'Ungültige Netzwerk-Adresse oder Subnetzmaske',
 'ovpn log' => 'OVPN-Log',
+'ovpn mgmt in root range' => 'Ein Port von 1024 oder höher ist erforderlich.',
 'ovpn mtu-disc' => 'Path MTU Discovery',
 'ovpn mtu-disc and mtu not 1500' => 'Path MTU Discovery benötigt eine MTU von 1500.',
 'ovpn mtu-disc maybe' => 'Optional',
@@ -1603,10 +1605,10 @@
 'ovpn mtu-disc off' => 'Deaktiviert',
 'ovpn mtu-disc with mssfix or fragment' => 'Path MTU Discovery kann nicht gemeinsam mit mssfix oder fragment verwendet werden.',
 'ovpn mtu-disc yes' => 'Forciert',
+'ovpn no connections' => 'Keine aktiven OpenVPN Verbindungen',
 'ovpn on blue' => 'OpenVPN auf BLAU',
 'ovpn on orange' => 'OpenVPN auf ORANGE',
 'ovpn on red' => 'OpenVPN auf ROT',
-'ovpn mgmt in root range' => 'Ein Port von 1024 oder höher ist erforderlich.',
 'ovpn port in root range' => 'Ein Port von 1024 oder höher ist erforderlich.',
 'ovpn routes push' => 'Routen (eine pro Zeile) z.b. 192.168.10.0/255.255.255.0 192.168.20.0/24',
 'ovpn routes push options' => 'Route push Optionen',
--- a/langs/en/cgi-bin/en.pl
+++ b/langs/en/cgi-bin/en.pl
@@ -1300,6 +1300,7 @@
 'ipinfo' => 'IP info',
 'ipsec' => 'IPsec',
 'ipsec network' => 'IPsec network',
+'ipsec no connections' => 'No active IPsec connections',
 'iptable rules' => 'IPTable rules',
 'iptmangles' => 'IPTable Mangles',
 'iptnats' => 'IPTable Network Address Translation',
@@ -1626,6 +1627,7 @@
 'ovpn errmsg green already pushed' => 'Route for green network is always set',
 'ovpn errmsg invalid ip or mask' => 'Invalid network-address or subnetmask',
 'ovpn log' => 'OVPN-Log',
+'ovpn mgmt in root range' => 'A port number of 1024 or higher is required.',
 'ovpn mtu-disc' => 'Path MTU Discovery',
 'ovpn mtu-disc and mtu not 1500' => 'Path MTU Discovery requires a MTU of 1500.',
 'ovpn mtu-disc maybe' => 'Optionally',
@@ -1633,10 +1635,10 @@
 'ovpn mtu-disc off' => 'Disabled',
 'ovpn mtu-disc with mssfix or fragment' => 'Path MTU Discovery cannot be used with mssfix or fragment.',
 'ovpn mtu-disc yes' => 'Forced',
+'ovpn no connections' => 'No active OpenVPN connections',
 'ovpn on blue' => 'OpenVPN on BLUE',
 'ovpn on orange' => 'OpenVPN on ORANGE',
 'ovpn on red' => 'OpenVPN on RED',
-'ovpn mgmt in root range' => 'A port number of 1024 or higher is required.',
 'ovpn port in root range' => 'A port number of 1024 or higher is required.',
 'ovpn routes push' => 'Routes (one per line) e.g. 192.168.10.0/255.255.255.0 192.168.20.0/24',
 'ovpn routes push options' => 'Route push options',