luci-app-openvpn: remove obsolete config options
* remove obsolete config options according to openwrt/openwrt@89b8ba9, fix for #2135 * whitespace/intendation fixes * replace fieldset leftover with div * fix finally recipe options transfer to regular config with "Add" Signed-off-by: Dirk Brenken <dev@brenken.org>
This commit is contained in:
Dirk Brenken
parent
5cb6c1c698
commit
c2656a7220
5 changed files with 83 additions and 124 deletions
|
|
@ -204,10 +204,6 @@ local knownParams = {
|
|||
"dev_node",
|
||||
"/dev/net/tun",
|
||||
translate("Use tun/tap device node") },
|
||||
{ Flag,
|
||||
"tun_ipv6",
|
||||
0,
|
||||
translate("Make tun device IPv6 capable") },
|
||||
{ Value,
|
||||
"ifconfig",
|
||||
"10.200.200.3 10.200.200.1",
|
||||
|
|
@ -248,15 +244,6 @@ local knownParams = {
|
|||
"mtu_test",
|
||||
0,
|
||||
translate("Empirically measure MTU") },
|
||||
{ ListValue,
|
||||
"comp_lzo",
|
||||
{ "yes", "no", "adaptive" },
|
||||
translate("Use fast LZO compression") },
|
||||
{ Flag,
|
||||
"comp_noadapt",
|
||||
0,
|
||||
translate("Don't use adaptive lzo compression"),
|
||||
{ comp_lzo=1 } },
|
||||
{ Value,
|
||||
"link_mtu",
|
||||
1500,
|
||||
|
|
@ -375,7 +362,7 @@ local knownParams = {
|
|||
{ client="0" }, { client="" } },
|
||||
{ DynamicList,
|
||||
"push",
|
||||
{ "redirect-gateway", "comp-lzo" },
|
||||
{ "redirect-gateway" },
|
||||
translate("Push options to peer"),
|
||||
{ client="0" }, { client="" } },
|
||||
{ Flag,
|
||||
|
|
@ -398,12 +385,6 @@ local knownParams = {
|
|||
"/etc/openvpn/ipp.txt 600",
|
||||
translate("Persist/unpersist ifconfig-pool"),
|
||||
{ client="0" }, { client="" } },
|
||||
-- deprecated and replaced by --topology p2p
|
||||
-- { Flag,
|
||||
-- "ifconfig_pool_linear",
|
||||
-- 0,
|
||||
-- translate("Use individual addresses rather than /30 subnets"),
|
||||
-- { client="0" }, { client="" } },
|
||||
{ Value,
|
||||
"ifconfig_push",
|
||||
"10.200.200.1 255.255.255.255",
|
||||
|
|
@ -469,11 +450,6 @@ local knownParams = {
|
|||
"3 10",
|
||||
translate("Allowed maximum of new connections"),
|
||||
{ client="0" }, { client="" } },
|
||||
{ Flag,
|
||||
"client_cert_not_required",
|
||||
0,
|
||||
translate("Don't require client certificate"),
|
||||
{ client="0" }, { client="" } },
|
||||
{ Flag,
|
||||
"username_as_common_name",
|
||||
0,
|
||||
|
|
@ -591,10 +567,6 @@ local knownParams = {
|
|||
"engine",
|
||||
"dynamic",
|
||||
translate("Enable OpenSSL hardware crypto engines") },
|
||||
{ Flag,
|
||||
"no_replay",
|
||||
0,
|
||||
translate("Disable replay protection") },
|
||||
{ Value,
|
||||
"replay_window",
|
||||
"64 15",
|
||||
|
|
@ -607,10 +579,6 @@ local knownParams = {
|
|||
"replay_persist",
|
||||
"/var/run/openvpn-replay-state",
|
||||
translate("Persist replay-protection state") },
|
||||
{ Flag,
|
||||
"no_iv",
|
||||
0,
|
||||
translate("Disable cipher initialisation vector") },
|
||||
{ Flag,
|
||||
"tls_server",
|
||||
0,
|
||||
|
|
|
|||
|
|
@ -4,7 +4,6 @@
|
|||
require("luci.ip")
|
||||
require("luci.model.uci")
|
||||
|
||||
|
||||
local basicParams = {
|
||||
--
|
||||
-- Widget, Name, Default(s), Description
|
||||
|
|
@ -14,14 +13,12 @@ local basicParams = {
|
|||
{ Value, "nice",0, translate("Change process priority") },
|
||||
{ Value,"port",1194, translate("TCP/UDP port # for both local and remote") },
|
||||
{ ListValue,"dev_type",{ "tun", "tap" }, translate("Type of used device") },
|
||||
{ Flag,"tun_ipv6",0, translate("Make tun device IPv6 capable") },
|
||||
|
||||
{ Value,"ifconfig","10.200.200.3 10.200.200.1", translate("Set tun/tap adapter parameters") },
|
||||
{ Value,"server","10.200.200.0 255.255.255.0", translate("Configure server mode") },
|
||||
{ Value,"server_bridge","192.168.1.1 255.255.255.0 192.168.1.128 192.168.1.254", translate("Configure server bridge") },
|
||||
{ Flag,"nobind",0, translate("Do not bind to local address and port") },
|
||||
|
||||
{ ListValue,"comp_lzo",{"yes","no","adaptive"}, translate("Use fast LZO compression") },
|
||||
{ Value,"keepalive","10 60", translate("Helper directive to simplify the expression of --ping and --ping-restart in server mode configurations") },
|
||||
|
||||
{ ListValue,"proto",{ "udp", "tcp-client", "tcp-server" }, translate("Use protocol") },
|
||||
|
|
|
|||
|
|
@ -52,21 +52,22 @@ function s.create(self, name)
|
|||
luci.cbi.CREATE_PREFIX .. self.config .. "." ..
|
||||
self.sectiontype .. ".select"
|
||||
)
|
||||
name = luci.http.formvalue(
|
||||
local name = luci.http.formvalue(
|
||||
luci.cbi.CREATE_PREFIX .. self.config .. "." ..
|
||||
self.sectiontype .. ".text"
|
||||
)
|
||||
if #name > 3 and not name:match("[^a-zA-Z0-9_]") then
|
||||
uci:section(
|
||||
"openvpn", "openvpn", name,
|
||||
{ uci:get_all( "openvpn_recipes", recipe ) }
|
||||
)
|
||||
|
||||
uci:delete("openvpn", name, "_role")
|
||||
uci:delete("openvpn", name, "_description")
|
||||
uci:save("openvpn")
|
||||
|
||||
luci.http.redirect( self.extedit:format(name) )
|
||||
local s = uci:section("openvpn", "openvpn", name)
|
||||
if s then
|
||||
local options = uci:get_all("openvpn_recipes", recipe)
|
||||
for k, v in pairs(options) do
|
||||
uci:set("openvpn", name, k, v)
|
||||
end
|
||||
uci:delete("openvpn", name, "_role")
|
||||
uci:delete("openvpn", name, "_description")
|
||||
uci:save("openvpn")
|
||||
luci.http.redirect( self.extedit:format(name) )
|
||||
end
|
||||
elseif #name > 0 then
|
||||
self.invalid_cts = true
|
||||
end
|
||||
|
|
|
|||
|
|
@ -4,11 +4,11 @@
|
|||
Licensed to the public under the Apache License 2.0.
|
||||
-%>
|
||||
|
||||
<fieldset class="cbi-section">
|
||||
<legend>
|
||||
<div class="cbi-section">
|
||||
<h3>
|
||||
<a href="<%=url('admin/services/openvpn')%>"><%:Overview%></a> »
|
||||
<%=luci.i18n.translatef("Instance \"%s\"", self.instance)%>
|
||||
</legend>
|
||||
</h3>
|
||||
|
||||
<% if self.mode == "basic" then %>
|
||||
<a href="<%=url('admin/services/openvpn/advanced', self.instance, "Service")%>"><%:Switch to advanced configuration »%></a>
|
||||
|
|
@ -27,4 +27,4 @@
|
|||
<% if next(self.categories, i) then %>|<% end %>
|
||||
<% end %>
|
||||
<% end %>
|
||||
</fieldset>
|
||||
</div>
|
||||
|
|
|
|||
|
|
@ -2,101 +2,94 @@
|
|||
# Routed point-to-point server
|
||||
#
|
||||
config openvpn_recipe server_tun_ptp
|
||||
option _description "Simple server configuration for a routed point-to-point VPN"
|
||||
option _role "server"
|
||||
option dev "tun"
|
||||
option ifconfig "10.0.0.1 10.0.0.2"
|
||||
option secret "shared-secret.key"
|
||||
option keepalive "10 60"
|
||||
option comp_lzo "yes"
|
||||
option verb "3"
|
||||
option mssfix "1420"
|
||||
option _description 'Simple server configuration for a routed point-to-point VPN'
|
||||
option _role 'server'
|
||||
option dev 'tun'
|
||||
option ifconfig '10.0.0.1 10.0.0.2'
|
||||
option secret 'shared-secret.key'
|
||||
option keepalive '10 60'
|
||||
option verb '3'
|
||||
option mssfix '1420'
|
||||
|
||||
#
|
||||
# Routed point-to-point client
|
||||
#
|
||||
config openvpn_recipe client_tun_ptp
|
||||
option _description "Simple client configuration for a routed point-to-point VPN"
|
||||
option _role "client"
|
||||
option dev "tun"
|
||||
list remote "vpnserver.example.org"
|
||||
option ifconfig "10.0.0.2 10.0.0.1"
|
||||
option secret "shared-secret.key"
|
||||
option nobind "1"
|
||||
option comp_lzo "yes"
|
||||
option verb "3"
|
||||
option _description 'Simple client configuration for a routed point-to-point VPN'
|
||||
option _role 'client'
|
||||
option dev 'tun'
|
||||
list remote 'vpnserver.example.org'
|
||||
option ifconfig '10.0.0.2 10.0.0.1'
|
||||
option secret 'shared-secret.key'
|
||||
option nobind '1'
|
||||
option verb '3'
|
||||
|
||||
#
|
||||
# Routed multi-client server
|
||||
#
|
||||
config openvpn_recipe server_tun
|
||||
option _description "Server configuration for a routed multi-client VPN"
|
||||
option _role "server"
|
||||
option dev "tun"
|
||||
option server "10.0.100.0 255.255.255.0"
|
||||
option ca "ca.crt"
|
||||
option cert "server.crt"
|
||||
option key "server.key"
|
||||
option dh "dh1024.pem"
|
||||
option keepalive "10 60"
|
||||
option comp_lzo "yes"
|
||||
option verb "3"
|
||||
option mssfix "1420"
|
||||
option _description 'Server configuration for a routed multi-client VPN'
|
||||
option _role 'server'
|
||||
option dev 'tun'
|
||||
option server '10.0.100.0 255.255.255.0'
|
||||
option ca 'ca.crt'
|
||||
option cert 'server.crt'
|
||||
option key 'server.key'
|
||||
option dh 'dh1024.pem'
|
||||
option keepalive '10 60'
|
||||
option verb '3'
|
||||
option mssfix '1420'
|
||||
|
||||
#
|
||||
# Routed client
|
||||
#
|
||||
config openvpn_recipe client_tun
|
||||
option _description "Client configuration for a routed multi-client VPN"
|
||||
option _role "client"
|
||||
option client "1"
|
||||
option dev "tun"
|
||||
list remote "vpnserver.example.org"
|
||||
option pkcs12 "my_client.p12"
|
||||
option remote_cert_tls "server"
|
||||
option comp_lzo "yes"
|
||||
option nobind "1"
|
||||
option persist_key "1"
|
||||
option persist_tun "1"
|
||||
option verb "3"
|
||||
option reneg_sec "0"
|
||||
option float "1"
|
||||
option _description 'Client configuration for a routed multi-client VPN'
|
||||
option _role 'client'
|
||||
option client '1'
|
||||
option dev 'tun'
|
||||
list remote 'vpnserver.example.org'
|
||||
option pkcs12 'my_client.p12'
|
||||
option remote_cert_tls 'server'
|
||||
option nobind '1'
|
||||
option persist_key '1'
|
||||
option persist_tun '1'
|
||||
option verb '3'
|
||||
option reneg_sec '0'
|
||||
option float '1'
|
||||
|
||||
#
|
||||
# Multi-client ethernet bridge server
|
||||
#
|
||||
config openvpn_recipe server_tap_bridge
|
||||
option _description "Server configuration for an ethernet bridge VPN"
|
||||
option _role "server"
|
||||
option dev "tap"
|
||||
option server_bridge "192.168.1.1 255.255.255.0 192.168.1.128 192.168.1.254"
|
||||
option ca "ca.crt"
|
||||
option cert "server.crt"
|
||||
option key "server.key"
|
||||
option dh "dh1024.pem"
|
||||
option keepalive "10 60"
|
||||
option comp_lzo "yes"
|
||||
option verb "3"
|
||||
option mssfix "1420"
|
||||
option _description 'Server configuration for an ethernet bridge VPN'
|
||||
option _role 'server'
|
||||
option dev 'tap'
|
||||
option server_bridge '192.168.1.1 255.255.255.0 192.168.1.128 192.168.1.254'
|
||||
option ca 'ca.crt'
|
||||
option cert 'server.crt'
|
||||
option key 'server.key'
|
||||
option dh 'dh1024.pem'
|
||||
option keepalive '10 60'
|
||||
option verb '3'
|
||||
option mssfix '1420'
|
||||
|
||||
#
|
||||
# Ethernet bridge client
|
||||
#
|
||||
config openvpn_recipe client_tap_bridge
|
||||
option _description "Client configuration for an ethernet bridge VPN"
|
||||
option _role "client"
|
||||
option client "1"
|
||||
option dev "tap"
|
||||
list remote "vpnserver.example.org"
|
||||
option ca "ca.crt"
|
||||
option cert "my_client.crt"
|
||||
option key "my_client.key"
|
||||
option dh "dh1024.pem"
|
||||
option remote_cert_tls "server"
|
||||
option comp_lzo "yes"
|
||||
option nobind "1"
|
||||
option persist_key "1"
|
||||
option verb "3"
|
||||
option reneg_sec "0"
|
||||
option float "1"
|
||||
|
||||
option _description 'Client configuration for an ethernet bridge VPN'
|
||||
option _role 'client'
|
||||
option client '1'
|
||||
option dev 'tap'
|
||||
list remote 'vpnserver.example.org'
|
||||
option ca 'ca.crt'
|
||||
option cert 'my_client.crt'
|
||||
option key 'my_client.key'
|
||||
option dh 'dh1024.pem'
|
||||
option remote_cert_tls 'server'
|
||||
option nobind '1'
|
||||
option persist_key '1'
|
||||
option verb '3'
|
||||
option reneg_sec '0'
|
||||
option float '1'
|
||||
|
|
|
|||
Loading…
Reference in a new issue