Skip to content

O
OpnSense
Commit 65c3270c authored by Franco Fichtner's avatar Franco Fichtner
Browse files
Options

vpn: apply sytle

parent a8006f27
Show whitespace changes
Inline Side-by-side
Showing with 379 additions and 364 deletions
src/etc/inc/plugins.inc.d/vpn.inc
View file @ 65c3270c
...@@ -134,7 +134,7 @@ function vpn_pptpd_configure() ...@@ -134,7 +134,7 @@ function vpn_pptpd_configure()
@mkdir('/var/etc/pptp-vpn'); @mkdir('/var/etc/pptp-vpn');
switch ($pptpdcfg['mode']) { switch ($pptpdcfg['mode']) {
case 'server' : case 'server':
/* write mpd.conf */ /* write mpd.conf */
$fd = fopen('/var/etc/pptp-vpn/mpd.conf', 'w'); $fd = fopen('/var/etc/pptp-vpn/mpd.conf', 'w');
if (!$fd) { if (!$fd) {
...@@ -189,7 +189,7 @@ pts: ...@@ -189,7 +189,7 @@ pts:
EOD; EOD;
if (!isset ($pptpdcfg['req128'])) { if (!isset($pptpdcfg['req128'])) {
$mpdconf .=<<<EOD $mpdconf .=<<<EOD
set ccp yes mpp-e40 set ccp yes mpp-e40
set ccp yes mpp-e56 set ccp yes mpp-e56
...@@ -197,36 +197,40 @@ EOD; ...@@ -197,36 +197,40 @@ EOD;
EOD; EOD;
} }
if (isset($pptpdcfg["wins"]) && $pptpdcfg['wins'] != "") if (isset($pptpdcfg["wins"]) && $pptpdcfg['wins'] != "") {
$mpdconf .= " set ipcp nbns {$pptpdcfg['wins']}\n"; $mpdconf .= " set ipcp nbns {$pptpdcfg['wins']}\n";
}
if (!empty($pptpdcfg['dns1'])) { if (!empty($pptpdcfg['dns1'])) {
$mpdconf .= " set ipcp dns " . $pptpdcfg['dns1']; $mpdconf .= " set ipcp dns " . $pptpdcfg['dns1'];
if (!empty($pptpdcfg['dns2'])) if (!empty($pptpdcfg['dns2'])) {
$mpdconf .= " " . $pptpdcfg['dns2']; $mpdconf .= " " . $pptpdcfg['dns2'];
}
$mpdconf .= "\n"; $mpdconf .= "\n";
} elseif (isset ($config['dnsmasq']['enable'])) { } elseif (isset($config['dnsmasq']['enable'])) {
$mpdconf .= " set ipcp dns " . get_interface_ip("lan"); $mpdconf .= " set ipcp dns " . get_interface_ip("lan");
if ($syscfg['dnsserver'][0]) if ($syscfg['dnsserver'][0]) {
$mpdconf .= " " . $syscfg['dnsserver'][0]; $mpdconf .= " " . $syscfg['dnsserver'][0];
}
$mpdconf .= "\n"; $mpdconf .= "\n";
} elseif (isset($config['unbound']['enable'])) { } elseif (isset($config['unbound']['enable'])) {
$mpdconf .= " set ipcp dns " . get_interface_ip("lan"); $mpdconf .= " set ipcp dns " . get_interface_ip("lan");
if ($syscfg['dnsserver'][0]) if ($syscfg['dnsserver'][0]) {
$mpdconf .= " " . $syscfg['dnsserver'][0]; $mpdconf .= " " . $syscfg['dnsserver'][0];
}
$mpdconf .= "\n"; $mpdconf .= "\n";
} elseif (is_array($syscfg['dnsserver']) && ($syscfg['dnsserver'][0])) { } elseif (is_array($syscfg['dnsserver']) && ($syscfg['dnsserver'][0])) {
$mpdconf .= " set ipcp dns " . join(" ", $syscfg['dnsserver']) . "\n"; $mpdconf .= " set ipcp dns " . join(" ", $syscfg['dnsserver']) . "\n";
} }
if (isset ($pptpdcfg['radius']['server']['enable'])) { if (isset($pptpdcfg['radius']['server']['enable'])) {
$authport = (isset($pptpdcfg['radius']['server']['port']) && strlen($pptpdcfg['radius']['server']['port']) > 1) ? $pptpdcfg['radius']['server']['port'] : 1812; $authport = (isset($pptpdcfg['radius']['server']['port']) && strlen($pptpdcfg['radius']['server']['port']) > 1) ? $pptpdcfg['radius']['server']['port'] : 1812;
$acctport = $authport + 1; $acctport = $authport + 1;
$mpdconf .=<<<EOD $mpdconf .=<<<EOD
set radius server {$pptpdcfg['radius']['server']['ip']} "{$pptpdcfg['radius']['server']['secret']}" {$authport} {$acctport} set radius server {$pptpdcfg['radius']['server']['ip']} "{$pptpdcfg['radius']['server']['secret']}" {$authport} {$acctport}
EOD; EOD;
if (isset ($pptpdcfg['radius']['server2']['enable'])) { if (isset($pptpdcfg['radius']['server2']['enable'])) {
$authport = (isset($pptpdcfg['radius']['server2']['port']) && strlen($pptpdcfg['radius']['server2']['port']) > 1) ? $pptpdcfg['radius']['server2']['port'] : 1812; $authport = (isset($pptpdcfg['radius']['server2']['port']) && strlen($pptpdcfg['radius']['server2']['port']) > 1) ? $pptpdcfg['radius']['server2']['port'] : 1812;
$acctport = $authport + 1; $acctport = $authport + 1;
$mpdconf .=<<<EOD $mpdconf .=<<<EOD
...@@ -241,7 +245,7 @@ EOD; ...@@ -241,7 +245,7 @@ EOD;
EOD; EOD;
if (isset ($pptpdcfg['radius']['accounting'])) { if (isset($pptpdcfg['radius']['accounting'])) {
$mpdconf .=<<<EOD $mpdconf .=<<<EOD
set auth enable radius-acct set auth enable radius-acct
set radius acct-update 300 set radius acct-update 300
...@@ -308,7 +312,7 @@ EOD; ...@@ -308,7 +312,7 @@ EOD;
break; break;
case 'redir' : case 'redir':
break; break;
} }
...@@ -370,17 +374,17 @@ function vpn_pppoe_configure(&$pppoecfg) ...@@ -370,17 +374,17 @@ function vpn_pppoe_configure(&$pppoecfg)
switch ($pppoecfg['mode']) { switch ($pppoecfg['mode']) {
case 'server' : case 'server':
/* create directory if it does not exist */ /* create directory if it does not exist */
@mkdir("/var/etc/pppoe{$pppoecfg['pppoeid']}-vpn"); @mkdir("/var/etc/pppoe{$pppoecfg['pppoeid']}-vpn");
$pppoe_interface = get_real_interface($pppoecfg['interface']); $pppoe_interface = get_real_interface($pppoecfg['interface']);
if ($pppoecfg['paporchap'] == "chap") if ($pppoecfg['paporchap'] == "chap") {
$paporchap = "set link enable chap"; $paporchap = "set link enable chap";
else } else {
$paporchap = "set link enable pap"; $paporchap = "set link enable pap";
}
/* write mpd.conf */ /* write mpd.conf */
$fd = fopen("/var/etc/pppoe{$pppoecfg['pppoeid']}-vpn/mpd.conf", "w"); $fd = fopen("/var/etc/pppoe{$pppoecfg['pppoeid']}-vpn/mpd.conf", "w");
...@@ -447,30 +451,35 @@ EOD; ...@@ -447,30 +451,35 @@ EOD;
if (!empty($pppoecfg['dns1'])) { if (!empty($pppoecfg['dns1'])) {
$mpdconf .= " set ipcp dns " . $pppoecfg['dns1']; $mpdconf .= " set ipcp dns " . $pppoecfg['dns1'];
if (!empty($pppoecfg['dns2'])) if (!empty($pppoecfg['dns2'])) {
$mpdconf .= " " . $pppoecfg['dns2']; $mpdconf .= " " . $pppoecfg['dns2'];
}
$mpdconf .= "\n"; $mpdconf .= "\n";
} elseif (isset ($config['dnsmasq']['enable'])) { } elseif (isset($config['dnsmasq']['enable'])) {
$mpdconf .= " set ipcp dns " . get_interface_ip("lan"); $mpdconf .= " set ipcp dns " . get_interface_ip("lan");
if ($syscfg['dnsserver'][0]) if ($syscfg['dnsserver'][0]) {
$mpdconf .= " " . $syscfg['dnsserver'][0]; $mpdconf .= " " . $syscfg['dnsserver'][0];
}
$mpdconf .= "\n"; $mpdconf .= "\n";
} elseif (isset ($config['unbound']['enable'])) { } elseif (isset($config['unbound']['enable'])) {
$mpdconf .= " set ipcp dns " . get_interface_ip("lan"); $mpdconf .= " set ipcp dns " . get_interface_ip("lan");
if ($syscfg['dnsserver'][0]) if ($syscfg['dnsserver'][0]) {
$mpdconf .= " " . $syscfg['dnsserver'][0]; $mpdconf .= " " . $syscfg['dnsserver'][0];
}
$mpdconf .= "\n"; $mpdconf .= "\n";
} elseif (is_array($syscfg['dnsserver']) && ($syscfg['dnsserver'][0])) { } elseif (is_array($syscfg['dnsserver']) && ($syscfg['dnsserver'][0])) {
$mpdconf .= " set ipcp dns " . join(" ", $syscfg['dnsserver']) . "\n"; $mpdconf .= " set ipcp dns " . join(" ", $syscfg['dnsserver']) . "\n";
} }
if (isset ($pppoecfg['radius']['server']['enable'])) { if (isset($pppoecfg['radius']['server']['enable'])) {
$radiusport = ""; $radiusport = "";
$radiusacctport = ""; $radiusacctport = "";
if (isset($pppoecfg['radius']['server']['port'])) if (isset($pppoecfg['radius']['server']['port'])) {
$radiusport = $pppoecfg['radius']['server']['port']; $radiusport = $pppoecfg['radius']['server']['port'];
if (isset($pppoecfg['radius']['server']['acctport'])) }
if (isset($pppoecfg['radius']['server']['acctport'])) {
$radiusacctport = $pppoecfg['radius']['server']['acctport']; $radiusacctport = $pppoecfg['radius']['server']['acctport'];
}
$mpdconf .=<<<EOD $mpdconf .=<<<EOD
set radius server {$pppoecfg['radius']['server']['ip']} "{$pppoecfg['radius']['server']['secret']}" {$radiusport} {$radiusacctport} set radius server {$pppoecfg['radius']['server']['ip']} "{$pppoecfg['radius']['server']['secret']}" {$radiusport} {$radiusacctport}
set radius retries 3 set radius retries 3
...@@ -479,7 +488,7 @@ EOD; ...@@ -479,7 +488,7 @@ EOD;
EOD; EOD;
if (isset ($pppoecfg['radius']['accounting'])) { if (isset($pppoecfg['radius']['accounting'])) {
$mpdconf .=<<<EOD $mpdconf .=<<<EOD
set auth enable radius-acct set auth enable radius-acct
...@@ -529,7 +538,7 @@ EOD; ...@@ -529,7 +538,7 @@ EOD;
if (!empty($pppoecfg['username'])) { if (!empty($pppoecfg['username'])) {
$item = explode(" ", $pppoecfg['username']); $item = explode(" ", $pppoecfg['username']);
foreach($item as $userdata) { foreach ($item as $userdata) {
$data = explode(":", $userdata); $data = explode(":", $userdata);
$mpdsecret .= "{$data[0]} \"" . base64_decode($data[1]) . "\" {$data[2]}\n"; $mpdsecret .= "{$data[0]} \"" . base64_decode($data[1]) . "\" {$data[2]}\n";
} }
...@@ -580,11 +589,12 @@ function vpn_l2tp_configure() ...@@ -580,11 +589,12 @@ function vpn_l2tp_configure()
switch (isset($l2tpcfg['mode'])?$l2tpcfg['mode']:null) { switch (isset($l2tpcfg['mode'])?$l2tpcfg['mode']:null) {
case 'server' : case 'server':
if ($l2tpcfg['paporchap'] == "chap") if ($l2tpcfg['paporchap'] == "chap") {
$paporchap = "set link enable chap"; $paporchap = "set link enable chap";
else } else {
$paporchap = "set link enable pap"; $paporchap = "set link enable pap";
}
/* write mpd.conf */ /* write mpd.conf */
$fd = fopen("/var/etc/l2tp-vpn/mpd.conf", "w"); $fd = fopen("/var/etc/l2tp-vpn/mpd.conf", "w");
...@@ -606,7 +616,7 @@ EOD; ...@@ -606,7 +616,7 @@ EOD;
$clientip = long2ip32(ip2long($l2tpcfg['remoteip']) + $i); $clientip = long2ip32(ip2long($l2tpcfg['remoteip']) + $i);
if (isset ($l2tpcfg['radius']['radiusissueips']) && isset ($l2tpcfg['radius']['enable'])) { if (isset($l2tpcfg['radius']['radiusissueips']) && isset($l2tpcfg['radius']['enable'])) {
$isssue_ip_type = "set ipcp ranges {$l2tpcfg['localip']}/32 0.0.0.0/0"; $isssue_ip_type = "set ipcp ranges {$l2tpcfg['localip']}/32 0.0.0.0/0";
} else { } else {
$isssue_ip_type = "set ipcp ranges {$l2tpcfg['localip']}/32 {$clientip}/32"; $isssue_ip_type = "set ipcp ranges {$l2tpcfg['localip']}/32 {$clientip}/32";
...@@ -647,24 +657,27 @@ EOD; ...@@ -647,24 +657,27 @@ EOD;
} }
if (is_ipaddr($l2tpcfg['dns1'])) { if (is_ipaddr($l2tpcfg['dns1'])) {
$mpdconf .= " set ipcp dns " . $l2tpcfg['dns1']; $mpdconf .= " set ipcp dns " . $l2tpcfg['dns1'];
if (is_ipaddr($l2tpcfg['dns2'])) if (is_ipaddr($l2tpcfg['dns2'])) {
$mpdconf .= " " . $l2tpcfg['dns2']; $mpdconf .= " " . $l2tpcfg['dns2'];
}
$mpdconf .= "\n"; $mpdconf .= "\n";
} elseif (isset ($config['dnsmasq']['enable'])) { } elseif (isset($config['dnsmasq']['enable'])) {
$mpdconf .= " set ipcp dns " . get_interface_ip("lan"); $mpdconf .= " set ipcp dns " . get_interface_ip("lan");
if ($syscfg['dnsserver'][0]) if ($syscfg['dnsserver'][0]) {
$mpdconf .= " " . $syscfg['dnsserver'][0]; $mpdconf .= " " . $syscfg['dnsserver'][0];
}
$mpdconf .= "\n"; $mpdconf .= "\n";
} elseif (isset ($config['unbound']['enable'])) { } elseif (isset($config['unbound']['enable'])) {
$mpdconf .= " set ipcp dns " . get_interface_ip("lan"); $mpdconf .= " set ipcp dns " . get_interface_ip("lan");
if ($syscfg['dnsserver'][0]) if ($syscfg['dnsserver'][0]) {
$mpdconf .= " " . $syscfg['dnsserver'][0]; $mpdconf .= " " . $syscfg['dnsserver'][0];
}
$mpdconf .= "\n"; $mpdconf .= "\n";
} elseif (is_array($syscfg['dnsserver']) && ($syscfg['dnsserver'][0])) { } elseif (is_array($syscfg['dnsserver']) && ($syscfg['dnsserver'][0])) {
$mpdconf .= " set ipcp dns " . join(" ", $syscfg['dnsserver']) . "\n"; $mpdconf .= " set ipcp dns " . join(" ", $syscfg['dnsserver']) . "\n";
} }
if (isset ($l2tpcfg['radius']['enable'])) { if (isset($l2tpcfg['radius']['enable'])) {
$mpdconf .=<<<EOD $mpdconf .=<<<EOD
set radius server {$l2tpcfg['radius']['server']} "{$l2tpcfg['radius']['secret']}" set radius server {$l2tpcfg['radius']['server']} "{$l2tpcfg['radius']['secret']}"
set radius retries 3 set radius retries 3
...@@ -673,7 +686,7 @@ EOD; ...@@ -673,7 +686,7 @@ EOD;
EOD; EOD;
if (isset ($l2tpcfg['radius']['accounting'])) { if (isset($l2tpcfg['radius']['accounting'])) {
$mpdconf .=<<<EOD $mpdconf .=<<<EOD
set auth enable radius-acct set auth enable radius-acct
...@@ -703,9 +716,10 @@ l2tp{$i}: ...@@ -703,9 +716,10 @@ l2tp{$i}:
set l2tp disable originate set l2tp disable originate
EOD; EOD;
if (!empty($l2tpcfg['secret'])) if (!empty($l2tpcfg['secret'])) {
$mpdlinks .= "set l2tp secret {$l2tpcfg['secret']}\n"; $mpdlinks .= "set l2tp secret {$l2tpcfg['secret']}\n";
} }
}
fwrite($fd, $mpdlinks); fwrite($fd, $mpdlinks);
fclose($fd); fclose($fd);
...@@ -721,9 +735,10 @@ EOD; ...@@ -721,9 +735,10 @@ EOD;
$mpdsecret = "\n\n"; $mpdsecret = "\n\n";
if (is_array($l2tpcfg['user'])) { if (is_array($l2tpcfg['user'])) {
foreach ($l2tpcfg['user'] as $user) foreach ($l2tpcfg['user'] as $user) {
$mpdsecret .= "{$user['name']} \"{$user['password']}\" {$user['ip']}\n"; $mpdsecret .= "{$user['name']} \"{$user['password']}\" {$user['ip']}\n";
} }
}
fwrite($fd, $mpdsecret); fwrite($fd, $mpdsecret);
fclose($fd); fclose($fd);
...@@ -736,7 +751,7 @@ EOD; ...@@ -736,7 +751,7 @@ EOD;
break; break;
case 'redir' : case 'redir':
break; break;
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Technounit-GROUP 2023