search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
VPN GUI frontend
[tomato.git] / release / src / router / www / vpn-server.asp
blob6bb3cc806f3193c94265e4c289a1983913e98d49
1 <!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.0//EN'>
2 <!--
3 Tomato GUI
4 Copyright (C) 2006-2008 Jonathan Zarate
5 http://www.polarcloud.com/tomato/
6
7 Portions Copyright (C) 2008 Keith Moyer, tomato@keithmoyer.com
8
9 For use with Tomato Firmware only.
10 No part of this file may be used without permission.
11 -->
12 <html>
13 <head>
14 <meta http-equiv='content-type' content='text/html;charset=utf-8'>
15 <meta name='robots' content='noindex,nofollow'>
16 <title>[<% ident(); %>] VPN: Server</title>
17 <link rel='stylesheet' type='text/css' href='tomato.css'>
18 <link rel='stylesheet' type='text/css' href='color.css'>
19 <script type='text/javascript' src='tomato.js'></script>
20 <script type='text/javascript'>
21
22 // <% nvram("vpn_server1_if,vpn_server1_proto,vpn_server1_port,vpn_server1_sn,vpn_server1_nm,vpn_server1_local,vpn_server1_remote,vpn_server1_r1,vpn_server1_r2,vpn_server1_crypt,vpn_server1_comp,vpn_server1_cipher,vpn_server1_hmac,vpn_server1_custom,vpn_server1_static,vpn_server1_ca,vpn_server1_crt,vpn_server1_key,vpn_server1_dh,vpn_server2_if,vpn_server2_proto,vpn_server2_port,vpn_server2_sn,vpn_server2_nm,vpn_server2_local,vpn_server2_remote,vpn_server2_r1,vpn_server2_r2,vpn_server2_crypt,vpn_server2_comp,vpn_server2_cipher,vpn_server2_hmac,vpn_server2_custom,vpn_server2_static,vpn_server2_ca,vpn_server2_crt,vpn_server2_key,vpn_server2_dh"); %>
23
24 tabs = [['server1', 'Server 1'],['server2', 'Server 2']];
25 ciphers = [['default','Use Default'],['none','None']<% vpnciphers(); %>];
26
27 changed = 0;
28 vpn1up = parseInt('<% psup("vpnserver1"); %>');
29 vpn2up = parseInt('<% psup("vpnserver2"); %>');
30
31 function tabSelect(name)
32 {
33 tabHigh(name);
34
35 for (var i = 0; i < tabs.length; ++i)
36 {
37 var on = (name == tabs[i][0]);
38 elem.display(tabs[i][0] + '-tab', on);
39 }
40
41 cookie.set('vpn_server_tab', name);
42 }
43
44 function toggle(service, isup)
45 {
46 if (changed && !confirm("Unsaved changes will be lost. Continue anyway?")) return;
47
48 E('_' + service + '_button').disabled = true;
49 form.submitHidden('service.cgi', {
50 _redirect: 'vpn-server.asp',
51 _sleep: '3',
52 _service: service + (isup ? '-stop' : '-start')
53 });
54 }
55
56 function verifyFields(focused, quiet)
57 {
58 var ret = 1;
59
60 // When settings change, make sure we restart the right server
61 if (focused)
62 {
63 changed = 1;
64
65 var fom = E('_fom');
66 var serverindex = focused.name.indexOf("server");
67 if (serverindex >= 0)
68 {
69 var servernumber = focused.name.substring(serverindex+6,serverindex+7);
70 if (eval('vpn'+servernumber+'up') && fom._service.value.indexOf('server'+servernumber) < 0)
71 {
72 if ( fom._service.value != "" ) fom._service.value += ",";
73 fom._service.value += 'vpnserver'+servernumber+'-restart';
74 }
75 }
76 }
77
78 // Element varification
79 for (i = 0; i < tabs.length; ++i)
80 {
81 t = tabs[i][0];
82
83 if (!v_port('_vpn_'+t+'_port', quiet)) ret = 0;
84 if (!v_ip('_vpn_'+t+'_sn', quiet, 0)) ret = 0;
85 if (!v_netmask('_vpn_'+t+'_nm', quiet)) ret = 0;
86 if (!v_ip('_vpn_'+t+'_r1', quiet, 1)) ret = 0;
87 if (!v_ip('_vpn_'+t+'_r2', quiet, 1)) ret = 0;
88 if (!v_ip('_vpn_'+t+'_local', quiet, 1)) ret = 0;
89 if (!v_ip('_vpn_'+t+'_remote', quiet, 1)) ret = 0;
90 if (!v_length('_vpn_'+t+'_custom', quiet, 0, 1024)) ret = 0;
91 if (!v_length('_vpn_'+t+'_static', quiet, 0, 1024)) ret = 0;
92 if (!v_length('_vpn_'+t+'_ca', quiet, 0, 1648)) ret = 0;
93 if (!v_length('_vpn_'+t+'_crt', quiet, 0, 1392)) ret = 0;
94 if (!v_length('_vpn_'+t+'_key', quiet, 0, 1024)) ret = 0;
95 if (!v_length('_vpn_'+t+'_dh', quiet, 0, 256)) ret = 0;
96 }
97
98 // Visability changes
99 for (i = 0; i < tabs.length; ++i)
100 {
101 t = tabs[i][0];
102
103 auth = E('_vpn_'+t+'_crypt');
104 iface = E('_vpn_'+t+'_if');
105 hmac = E('_vpn_'+t+'_hmac');
106
107 elem.display(PR('_vpn_'+t+'_ca'), PR('_vpn_'+t+'_crt'), PR('_vpn_'+t+'_dh'), PR('_vpn_'+t+'_key'), PR('_vpn_'+t+'_hmac'), auth.value == "tls");
108 elem.display(PR('_vpn_'+t+'_static'), auth.value == "secret" || (auth.value == "tls" && hmac.value >= 0));
109 elem.display(E(t+'_custom_crypto_text'), auth.value == "custom");
110 elem.display(PR('_vpn_'+t+'_sn'), auth.value == "tls" && iface.value == "tun");
111 elem.display(PR('_vpn_'+t+'_r1'), auth.value == "tls" && iface.value == "tap");
112 elem.display(PR('_vpn_'+t+'_local'), auth.value == "secret" && iface.value == "tun");
113 }
114
115 return ret;
116 }
117
118 function save()
119 {
120 if (!verifyFields(null, false)) return;
121
122 var fom = E('_fom');
123
124 form.submit(fom, 1);
125
126 changed = 0;
127 }
128 </script>
129
130 <style type='text/css'>
131 textarea {
132 width: 98%;
133 height: 10em;
134 }
135 </style>
136
137 </head>
138 <body>
139 <form id='_fom' method='post' action='tomato.cgi'>
140 <table id='container' cellspacing=0>
141 <tr><td colspan=2 id='header'>
142 <div class='title'>Tomato</div>
143 <div class='version'>Version <% version(); %></div>
144 </td></tr>
145 <tr id='body'><td id='navi'><script type='text/javascript'>navi()</script></td>
146 <td id='content'>
147 <div id='ident'><% ident(); %></div>
148
149 <input type='hidden' name='_nextpage' value='vpn-server.asp'>
150 <input type='hidden' name='_nextwait' value='5'>
151 <input type='hidden' name='_service' value=''>
152
153 <div class='section-title'>VPN Server Configuration</div>
154 <div class='section'>
155 <script type='text/javascript'>
156 tabCreate.apply(this, tabs);
157
158 for (i = 0; i < tabs.length; ++i)
159 {
160 t = tabs[i][0];
161 W('<div id=\''+t+'-tab\'>');
162 createFieldTable('', [
163 { title: 'Interface Type', name: 'vpn_'+t+'_if', type: 'select', options: [ ['tap','TAP'], ['tun','TUN'] ], value: eval( 'nvram.vpn_'+t+'_if' ) },
164 { title: 'Protocol', name: 'vpn_'+t+'_proto', type: 'select', options: [ ['udp','UDP'], ['tcp-server','TCP'] ], value: eval( 'nvram.vpn_'+t+'_proto' ) },
165 { title: 'Port', name: 'vpn_'+t+'_port', type: 'text', value: eval( 'nvram.vpn_'+t+'_port' ) },
166 { title: 'Authorization Mode', name: 'vpn_'+t+'_crypt', type: 'select', options: [ ['tls', 'TLS'], ['secret', 'Static Key'], ['custom', 'Custom'] ], value: eval( 'nvram.vpn_'+t+'_crypt' ),
167 suffix: '<span id=\''+t+'_custom_crypto_text\'>&nbsp;<small>(configured below...)</small></span>' },
168 { title: 'Extra HMAC authorization (tls-auth)', name: 'vpn_'+t+'_hmac', type: 'select', options: [ [-1, 'Disabled'], [2, 'Bi-directional'], [0, 'Incoming (0)'], [1, 'Outgoing (1)'] ], value: eval( 'nvram.vpn_'+t+'_hmac' ) },
169 { title: 'VPN subnet/netmask', multi: [
170 { name: 'vpn_'+t+'_sn', type: 'text', maxlen: 15, size: 17, value: eval( 'nvram.vpn_'+t+'_sn' ) },
171 { name: 'vpn_'+t+'_nm', type: 'text', maxlen: 15, size: 17, value: eval( 'nvram.vpn_'+t+'_nm' ) } ] },
172 { title: 'Client address pool', multi: [
173 { name: 'vpn_'+t+'_r1', type: 'text', maxlen: 15, size: 17, value: eval( 'nvram.vpn_'+t+'_r1' ), suffix: '-' },
174 { name: 'vpn_'+t+'_r2', type: 'text', maxlen: 15, size: 17, value: eval( 'nvram.vpn_'+t+'_r2' ) } ] },
175 { title: 'Local/remote endpoint addresses', multi: [
176 { name: 'vpn_'+t+'_local', type: 'text', maxlen: 15, size: 17, value: eval( 'nvram.vpn_'+t+'_local' ) },
177 { name: 'vpn_'+t+'_remote', type: 'text', maxlen: 15, size: 17, value: eval( 'nvram.vpn_'+t+'_remote' ) } ] },
178 { title: 'Encryption cipher', name: 'vpn_'+t+'_cipher', type: 'select', options: ciphers, value: eval( 'nvram.vpn_'+t+'_cipher' ) },
179 { title: 'Compression', name: 'vpn_'+t+'_comp', type: 'select', options: [ ['yes', 'Enabled'], ['no', 'Disabled'], ['adaptive', 'Adaptive'] ], value: eval( 'nvram.vpn_'+t+'_comp' ) },
180 { title: 'Custom Configuration', name: 'vpn_'+t+'_custom', type: 'textarea', value: eval( 'nvram.vpn_'+t+'_custom' ) },
181 { title: 'Static Key', name: 'vpn_'+t+'_static', type: 'textarea', value: eval( 'nvram.vpn_'+t+'_static' ) },
182 { title: 'Certificate Authority', name: 'vpn_'+t+'_ca', type: 'textarea', value: eval( 'nvram.vpn_'+t+'_ca' ) },
183 { title: 'Server Certificate', name: 'vpn_'+t+'_crt', type: 'textarea', value: eval( 'nvram.vpn_'+t+'_crt' ) },
184 { title: 'Server Key', name: 'vpn_'+t+'_key', type: 'textarea', value: eval( 'nvram.vpn_'+t+'_key' ) },
185 { title: 'Diffie Hellman parameters', name: 'vpn_'+t+'_dh', type: 'textarea', value: eval( 'nvram.vpn_'+t+'_dh' ) }
186 ]);
187 W('<input type="button" value="' + (eval('vpn'+(i+1)+'up') ? 'Stop' : 'Start') + ' Now" onclick="toggle(\'vpn'+t+'\', vpn'+(i+1)+'up)" id="_vpn'+t+'_button">');
188 W('</div>');
189 }
190
191 </script>
192 </div>
193
194 </td></tr>
195 <tr><td id='footer' colspan=2>
196 <span id='footer-msg'></span>
197 <input type='button' value='Save' id='save-button' onclick='save()'>
198 <input type='button' value='Cancel' id='cancel-button' onclick='javascript:reloadPage();'>
199 </td></tr>
200 </table>
201 </form>
202 <script type='text/javascript'>tabSelect(cookie.get('vpn_server_tab') || tabs[0][0]); verifyFields(null, 1);</script>
203 </body>
204 </html>
205
Tomato firmware and modifications.