2 LuCI - Lua Configuration Interface
4 Copyright 2008 Steven Barth <steven@midlink.org>
6 Licensed under the Apache License, Version 2.0 (the "License");
7 you may not use this file except in compliance with the License.
8 You may obtain a copy of the License at
10 http://www.apache.org/licenses/LICENSE-2.0
12 $Id: olsrdplugins.lua 3288 2008-09-14 20:57:00Z jow $
21 -- Widget Name Optn. Default(s)
25 -- initialisation and daemon options
27 { ListValue, "verb", false, { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11 } },
28 { Flag, "mlock", false, 0 },
29 { Flag, "disable_occ", false, 0 },
30 -- { Value, "user", true, "root" },
31 -- { Value, "group", true, "root" },
32 { Value, "cd", true, "/etc/openvpn" },
33 { Value, "chroot", true, "/var/run" },
34 -- { Value, "daemon", true, "Instance-Name" },
35 -- { Value, "syslog", true, "Instance-Name" },
36 { Flag, "passtos", false, 0 },
37 -- { Value, "inetd", true, "nowait Instance-Name" },
38 { Value, "log", true, "/var/log/openvpn.log" },
39 { Value, "log_append", true, "/var/log/openvpn.log" },
40 { Flag, "suppress_timestamps", false, 0 },
41 -- { Value, "writepid", true, "/var/run/openvpn.pid" },
42 { Value, "nice", true, 0 },
43 { Flag, "fast_io", false, 0 },
44 { Value, "echo", true, "some params echoed to log" },
45 { ListValue, "remap_usr1", true, { "SIGHUP", "SIGTERM" } },
46 { Value, "status", true, "/var/run/openvpn.status 5" },
47 { Value, "status_version", true, { 1, 2 } }, -- status
48 { Value, "mute", true, 5 },
53 { Value, "up", true, "/usr/bin/ovpn-up" },
54 { Value, "up_delay", true, 5 },
55 { Value, "down", true, "/usr/bin/ovpn-down" },
56 { Flag, "down_pre", false, 0 },
57 { Flag, "up_restart", false, 0 },
58 { Value, "route_up", true, "/usr/bin/ovpn-routeup" },
59 { Value, "ipchange", true, "/usr/bin/ovpn-ipchange", { mode="p2p" } },
60 { DynamicList, "setenv", true, { "VAR1 value1", "VAR2 value2" } },
61 { Value, "tls_verify", true, "/usr/bin/ovpn-tlsverify" },
62 { Value, "client_connect", true, "/usr/bin/ovpn-clientconnect" },
63 { Flag, "client_disconnect", false, 0 },
64 { Value, "learn_address", true, "/usr/bin/ovpn-learnaddress" },
65 { Value, "auth_user_pass_verify", true, "/usr/bin/ovpn-userpass via-env" },
72 { ListValue, "mode", false, { "p2p", "server" } },
73 { Value, "local", false, "0.0.0.0" },
74 { Value, "port", false, 1194 },
75 { Value, "lport", true, 1194 },
76 { Value, "rport", true, 1194 },
77 { Flag, "float", true, 0 },
78 { Flag, "nobind", true, 0 },
80 { Value, "dev", true, "tun0" },
81 { ListValue, "dev_type", false, { "tun", "tap" } },
82 { Value, "dev_node", true, "/dev/net/tun" },
83 { Flag, "tun_ipv6", false, 0 },
85 { Value, "ifconfig", true, "10.200.200.3 10.200.200.1" },
86 { Flag, "ifconfig_noexec", false, 0 },
87 { Flag, "ifconfig_nowarn", false, 0 },
89 { DynamicList, "route", true, "10.123.0.0 255.255.0.0" },
90 { Value, "route_gateway", true, "10.234.1.1" },
91 { Value, "route_delay", true, 0 },
92 { Flag, "route_noexec", false, 0 },
94 { ListValue, "redirect_gateway", false, { "", "local", "def1", "local def1" } }, -- client
99 { ListValue, "mtu_disc", false, { "yes", "maybe", "no" } },
100 { Flag, "mtu_test", false, 0 },
101 { Flag, "comp_lzo", false, 0 },
102 { Flag, "comp_noadept", false, 0, { comp_lzo=1 } },
103 { Value, "link_mtu", true, 1500 },
104 { Value, "tun_mtu", true, 1500 },
105 { Value, "tun_mtu_extra", true, 1500 },
106 { Value, "fragment", true, 1500, { proto="udp" } },
107 { Value, "mssfix", true, 1500, { proto="udp" } },
108 { Value, "sndbuf", true, 65536 },
109 { Value, "rcvbuf", true, 65536 },
110 { Value, "txqueuelen", true, 100 },
111 { Value, "shaper", true, 10240 },
114 -- idle timeouts & persistence
116 { Value, "inactive", true, 240 },
117 { Value, "keepalive", true, "10 60" },
118 { Value, "ping", true, 30 },
119 { Value, "ping_exit", true, 120 },
120 { Value, "ping_restart", true, 60 },
121 { Flag, "ping_timer_rem", false, 0 },
123 { Flag, "persist_tun", false, 0 },
124 { Flag, "persist_key", false, 0 },
125 { Flag, "persist_local_ip", false, 0 },
126 { Flag, "persist_remote_ip", false, 0 },
129 -- management channel
131 { Value, "management", false, "127.0.0.1 31194 /etc/openvpn/mngmt-pwds" },
132 { Flag, "management_query_passwords",
133 true, 0 }, -- management
134 { Flag, "management_hold", true, 0 }, -- management
135 { Flag, "management_log_cache", true, 100 }, -- management
141 { Value, "server", true, "10.200.200.0 255.255.255.0" },
142 { Value, "server_bridge", true, "10.200.200.1 255.255.255.0 10.200.200.200 10.200.200.250" },
143 { DynamicList, "push", true, { "redirect-gateway", "comp-lzo" } },
144 { Flag, "push_reset", false, 0 },
145 { Flag, "disable", false, 0 },
146 { Value, "ifconfig_pool", true, "10.200.200.100 10.200.200.150 255.255.255.0" },
147 { Value, "ifconfig_pool_persist", true, "/etc/openvpn/ipp.txt 600" },
148 { Flag, "ifconfig_pool_linear", false, 0 },
149 { Value, "ifconfig_push", true, "10.200.200.1 255.255.255.255" },
150 { Value, "iroute", true, "10.200.200.0 255.255.255.0" },
151 { Flag, "client_to_client", false, 0 },
152 { Flag, "duplicate_cn", false, 0 },
153 { Value, "client_config_dir", true, "/etc/openvpn/ccd" },
154 { Flag, "ccd_exclusive", false, 0 },
155 { Value, "tmp_dir", true, "/var/run/openvpn" },
156 { Value, "hash_size", true, "256 256" },
157 { Value, "bcast_buffers", true, 256 },
158 { Value, "tcp_queue_limit", true, 64 },
159 { Value, "max_clients", true, 10 },
160 { Value, "max_routes_per_client", true, 256 },
161 { Value, "connect_freq", true, "3 10" },
162 { Flag, "client_cert_not_required", false, 0 },
163 { Flag, "username_as_common_name", false, 0 },
167 { Flag, "client", false, 0 },
168 { Flag, "pull", false, 0 },
169 { Value, "auth_user_pass", true, "/etc/openvpn/userpass.txt" },
170 { ListValue, "auth_retry", true, { "none", "nointeract", "interact" } },
171 { Value, "explicit_exit_notify", true, 1 },
172 { DynamicList, "remote", false, "1.2.3.4" }, -- client
173 { Flag, "remote_random", false, 1 }, -- client
174 { ListValue, "proto", false, { "udp", "tcp-client", "tcp-server" } },
175 { Value, "connect_retry", true, 5, { proto="tcp-client" } }, -- client && proto=tcp-client
176 { Value, "http_proxy_server", true, "192.168.1.100 8080" }, -- client
177 { Flag, "http_proxy_retry", false, 0 }, -- client && http_proxy_server
178 { Value, "http_proxy_timeout", true, 5 }, -- client && http_proxy_server
179 { DynamicList, "http_proxy_option", true, { "VERSION 1.0", "AGENT OpenVPN/2.0.9" } }, -- client && http_proxy_server
180 { Value, "socks_proxy_server", true, "192.168.1.200 1080" }, -- client
181 { Value, "socks_proxy_retry", true, 5 }, -- client && socks_proxy_server
182 { Value, "resolv_retry", true, "infinite" }, -- client
188 { Value, "secret", true, "/etc/openvpn/secret.key 1" },
189 { Value, "auth", true, "SHA1" }, -- parse
190 { Value, "cipher", true, "BF-CBC" }, -- parse
191 { Value, "keysize", true, 1024 }, -- parse
192 { Value, "engine", true, "dynamic" }, -- parse
193 { Flag, "no_replay", false, 0 },
194 { Value, "replay_window", true, "64 15" },
195 { Flag, "mute_replay_warnings", false, 0 },
196 { Value, "replay_persist", true, "/var/run/openvpn-replay-state" },
197 { Flag, "no_iv", false, 0 },
201 { Flag, "tls_server", false, 0 },
202 { Flag, "tls_client", false, 0 },
203 { Value, "ca", true, "/etc/easy-rsa/keys/ca.crt" },
204 { Value, "dh", true, "/etc/easy-rsa/keys/dh1024.pem" },
205 { Value, "cert", true, "/etc/easy-rsa/keys/some-client.crt" },
206 { Value, "key", true, "/etc/easy-rsa/keys/some-client.key" },
207 { Value, "pkcs12", true, "/etc/easy-rsa/keys/some-client.pk12" },
208 { ListValue, "key_method", true, { 1, 2 } },
209 { Value, "tls_cipher", true, "DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:DES-CBC3-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:AES128-SHA:RC4-SHA:RC4-MD5:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:DES-CBC-SHA:EXP-EDH-RSA-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA:EXP-DES-CBC-SHA:EXP-RC2-CBC-MD5:EXP-RC4-MD5" },
210 { Value, "tls_timeout", true, 2 },
211 { Value, "reneg_bytes", true, 1024 },
212 { Value, "reneg_pkts", true, 100 },
213 { Value, "reneg_sec", true, 3600 },
214 { Value, "hand_window", true, 60 },
215 { Value, "tran_window", true, 3600 },
216 { Flag, "single_session", false, 0 },
217 { Flag, "tls_exit", false, 0 },
218 { Value, "tls_auth", true, "/etc/openvpn/tlsauth.key 1" },
219 --{ Value, "askpass", true, "[file]" },
220 { Flag, "auth_nocache", false, 0 },
221 { Value, "tls_remote", true, "remote_x509_name" },
222 { ListValue, "ns_cert_type", true, { "client", "server" } },
223 { Value, "crl_verify", true, "/etc/easy-rsa/keys/crl.pem" },
232 local m = Map("openvpn")
233 local p = m:section( SimpleSection )
235 p.template = "openvpn/pageswitch"
240 for _, c in ipairs(knownParams) do
241 cts[#cts+1] = { c[1], { } }
242 for _, o in ipairs(c[2]) do
243 cts[#cts][2][#cts[#cts][2]+1] = o[1]
244 if c[1] == p.category and o[1] == p.csection then
254 NamedSection, arg[3], "openvpn",
255 translate("openvpn_%s" % arg[2]),
256 translate("openvpn_%s_desc" % arg[2])
259 s.title = translate("openvpn_%s" % arg[2])
264 for _, option in ipairs(params) do
265 local o = s:option(option[1], option[2])
267 o.optional = option[3]
269 if type(option[4]) == "table" then
270 if o.optional then o:value("", "-- remove --") end
271 for _, v in ipairs(option[4]) do
275 o.default = tostring(option[4][1])
277 o.default = tostring(option[4])
281 if type(option[i]) == "table" then