1 <!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML
4.0//EN'
>
4 Copyright (C) 2006-2008 Jonathan Zarate
5 http://www.polarcloud.com/tomato/
7 Portions Copyright (C) 2008 Keith Moyer, tomato@keithmoyer.com
9 For use with Tomato Firmware only.
10 No part of this file may be used without permission.
14 <meta http-equiv='content-type' content='text/html;charset=utf-
8'
>
15 <meta name='robots' content='noindex,nofollow'
>
16 <title>[<%
ident(); %>] VPN: Server
</title>
17 <link rel='stylesheet' type='text/css' href='tomato.css'
>
18 <link rel='stylesheet' type='text/css' href='color.css'
>
19 <script type='text/javascript' src='tomato.js'
></script>
20 <script type='text/javascript'
>
22 // <% nvram("vpn_server1_if,vpn_server1_proto,vpn_server1_port,vpn_server1_sn,vpn_server1_nm,vpn_server1_local,vpn_server1_remote,vpn_server1_r1,vpn_server1_r2,vpn_server1_crypt,vpn_server1_comp,vpn_server1_cipher,vpn_server1_hmac,vpn_server1_custom,vpn_server1_static,vpn_server1_ca,vpn_server1_crt,vpn_server1_key,vpn_server1_dh,vpn_server2_if,vpn_server2_proto,vpn_server2_port,vpn_server2_sn,vpn_server2_nm,vpn_server2_local,vpn_server2_remote,vpn_server2_r1,vpn_server2_r2,vpn_server2_crypt,vpn_server2_comp,vpn_server2_cipher,vpn_server2_hmac,vpn_server2_custom,vpn_server2_static,vpn_server2_ca,vpn_server2_crt,vpn_server2_key,vpn_server2_dh"); %>
24 tabs
= [['server1', 'Server 1'],['server2', 'Server 2']];
25 ciphers
= [['default','Use Default'],['none','None']<% vpnciphers(); %>];
28 vpn1up
= parseInt('<% psup("vpnserver1"); %>');
29 vpn2up
= parseInt('<% psup("vpnserver2"); %>');
31 function tabSelect(name
)
35 for (var i
= 0; i
< tabs
.length
; ++i
)
37 var on
= (name
== tabs
[i
][0]);
38 elem
.display(tabs
[i
][0] + '-tab', on
);
41 cookie
.set('vpn_server_tab', name
);
44 function toggle(service
, isup
)
46 if (changed
&& !confirm("Unsaved changes will be lost. Continue anyway?")) return;
48 E('_' + service
+ '_button').disabled
= true;
49 form
.submitHidden('service.cgi', {
50 _redirect
: 'vpn-server.asp',
52 _service
: service
+ (isup
? '-stop' : '-start')
56 function verifyFields(focused
, quiet
)
60 // When settings change, make sure we restart the right server
66 var serverindex
= focused
.name
.indexOf("server");
69 var servernumber
= focused
.name
.substring(serverindex
+6,serverindex
+7);
70 if (eval('vpn'+servernumber
+'up') && fom
._service
.value
.indexOf('server'+servernumber
) < 0)
72 if ( fom
._service
.value
!= "" ) fom
._service
.value
+= ",";
73 fom
._service
.value
+= 'vpnserver'+servernumber
+'-restart';
78 // Element varification
79 for (i
= 0; i
< tabs
.length
; ++i
)
83 if (!v_port('_vpn_'+t
+'_port', quiet
)) ret
= 0;
84 if (!v_ip('_vpn_'+t
+'_sn', quiet
, 0)) ret
= 0;
85 if (!v_netmask('_vpn_'+t
+'_nm', quiet
)) ret
= 0;
86 if (!v_ip('_vpn_'+t
+'_r1', quiet
, 1)) ret
= 0;
87 if (!v_ip('_vpn_'+t
+'_r2', quiet
, 1)) ret
= 0;
88 if (!v_ip('_vpn_'+t
+'_local', quiet
, 1)) ret
= 0;
89 if (!v_ip('_vpn_'+t
+'_remote', quiet
, 1)) ret
= 0;
90 if (!v_length('_vpn_'+t
+'_custom', quiet
, 0, 1024)) ret
= 0;
91 if (!v_length('_vpn_'+t
+'_static', quiet
, 0, 1024)) ret
= 0;
92 if (!v_length('_vpn_'+t
+'_ca', quiet
, 0, 1648)) ret
= 0;
93 if (!v_length('_vpn_'+t
+'_crt', quiet
, 0, 1392)) ret
= 0;
94 if (!v_length('_vpn_'+t
+'_key', quiet
, 0, 1024)) ret
= 0;
95 if (!v_length('_vpn_'+t
+'_dh', quiet
, 0, 256)) ret
= 0;
99 for (i
= 0; i
< tabs
.length
; ++i
)
103 auth
= E('_vpn_'+t
+'_crypt');
104 iface
= E('_vpn_'+t
+'_if');
105 hmac
= E('_vpn_'+t
+'_hmac');
107 elem
.display(PR('_vpn_'+t
+'_ca'), PR('_vpn_'+t
+'_crt'), PR('_vpn_'+t
+'_dh'), PR('_vpn_'+t
+'_key'), PR('_vpn_'+t
+'_hmac'), auth
.value
== "tls");
108 elem
.display(PR('_vpn_'+t
+'_static'), auth
.value
== "secret" || (auth
.value
== "tls" && hmac
.value
>= 0));
109 elem
.display(E(t
+'_custom_crypto_text'), auth
.value
== "custom");
110 elem
.display(PR('_vpn_'+t
+'_sn'), auth
.value
== "tls" && iface
.value
== "tun");
111 elem
.display(PR('_vpn_'+t
+'_r1'), auth
.value
== "tls" && iface
.value
== "tap");
112 elem
.display(PR('_vpn_'+t
+'_local'), auth
.value
== "secret" && iface
.value
== "tun");
120 if (!verifyFields(null, false)) return;
130 <style type='text/css'
>
139 <form id='_fom' method='post' action='tomato.cgi'
>
140 <table id='container' cellspacing=
0>
141 <tr><td colspan=
2 id='header'
>
142 <div class='title'
>Tomato
</div>
143 <div class='version'
>Version <%
version(); %></div>
145 <tr id='body'
><td id='navi'
><script type='text/javascript'
>navi()</script></td>
147 <div id='ident'
><%
ident(); %></div>
149 <input type='hidden' name='_nextpage' value='vpn-server.asp'
>
150 <input type='hidden' name='_nextwait' value='
5'
>
151 <input type='hidden' name='_service' value=''
>
153 <div class='section-title'
>VPN Server Configuration
</div>
154 <div class='section'
>
155 <script type='text/javascript'
>
156 tabCreate
.apply(this, tabs
);
158 for (i
= 0; i
< tabs
.length
; ++i
)
161 W('<div id=\''+t
+'-tab\'>');
162 createFieldTable('', [
163 { title
: 'Interface Type', name
: 'vpn_'+t
+'_if', type
: 'select', options
: [ ['tap','TAP'], ['tun','TUN'] ], value
: eval( 'nvram.vpn_'+t
+'_if' ) },
164 { title
: 'Protocol', name
: 'vpn_'+t
+'_proto', type
: 'select', options
: [ ['udp','UDP'], ['tcp-server','TCP'] ], value
: eval( 'nvram.vpn_'+t
+'_proto' ) },
165 { title
: 'Port', name
: 'vpn_'+t
+'_port', type
: 'text', value
: eval( 'nvram.vpn_'+t
+'_port' ) },
166 { title
: 'Authorization Mode', name
: 'vpn_'+t
+'_crypt', type
: 'select', options
: [ ['tls', 'TLS'], ['secret', 'Static Key'], ['custom', 'Custom'] ], value
: eval( 'nvram.vpn_'+t
+'_crypt' ),
167 suffix
: '<span id=\''+t
+'_custom_crypto_text\'> <small>(configured below...)</small></span>' },
168 { title
: 'Extra HMAC authorization (tls-auth)', name
: 'vpn_'+t
+'_hmac', type
: 'select', options
: [ [-1, 'Disabled'], [2, 'Bi-directional'], [0, 'Incoming (0)'], [1, 'Outgoing (1)'] ], value
: eval( 'nvram.vpn_'+t
+'_hmac' ) },
169 { title
: 'VPN subnet/netmask', multi
: [
170 { name
: 'vpn_'+t
+'_sn', type
: 'text', maxlen
: 15, size
: 17, value
: eval( 'nvram.vpn_'+t
+'_sn' ) },
171 { name
: 'vpn_'+t
+'_nm', type
: 'text', maxlen
: 15, size
: 17, value
: eval( 'nvram.vpn_'+t
+'_nm' ) } ] },
172 { title
: 'Client address pool', multi
: [
173 { name
: 'vpn_'+t
+'_r1', type
: 'text', maxlen
: 15, size
: 17, value
: eval( 'nvram.vpn_'+t
+'_r1' ), suffix
: '-' },
174 { name
: 'vpn_'+t
+'_r2', type
: 'text', maxlen
: 15, size
: 17, value
: eval( 'nvram.vpn_'+t
+'_r2' ) } ] },
175 { title
: 'Local/remote endpoint addresses', multi
: [
176 { name
: 'vpn_'+t
+'_local', type
: 'text', maxlen
: 15, size
: 17, value
: eval( 'nvram.vpn_'+t
+'_local' ) },
177 { name
: 'vpn_'+t
+'_remote', type
: 'text', maxlen
: 15, size
: 17, value
: eval( 'nvram.vpn_'+t
+'_remote' ) } ] },
178 { title
: 'Encryption cipher', name
: 'vpn_'+t
+'_cipher', type
: 'select', options
: ciphers
, value
: eval( 'nvram.vpn_'+t
+'_cipher' ) },
179 { title
: 'Compression', name
: 'vpn_'+t
+'_comp', type
: 'select', options
: [ ['yes', 'Enabled'], ['no', 'Disabled'], ['adaptive', 'Adaptive'] ], value
: eval( 'nvram.vpn_'+t
+'_comp' ) },
180 { title
: 'Custom Configuration', name
: 'vpn_'+t
+'_custom', type
: 'textarea', value
: eval( 'nvram.vpn_'+t
+'_custom' ) },
181 { title
: 'Static Key', name
: 'vpn_'+t
+'_static', type
: 'textarea', value
: eval( 'nvram.vpn_'+t
+'_static' ) },
182 { title
: 'Certificate Authority', name
: 'vpn_'+t
+'_ca', type
: 'textarea', value
: eval( 'nvram.vpn_'+t
+'_ca' ) },
183 { title
: 'Server Certificate', name
: 'vpn_'+t
+'_crt', type
: 'textarea', value
: eval( 'nvram.vpn_'+t
+'_crt' ) },
184 { title
: 'Server Key', name
: 'vpn_'+t
+'_key', type
: 'textarea', value
: eval( 'nvram.vpn_'+t
+'_key' ) },
185 { title
: 'Diffie Hellman parameters', name
: 'vpn_'+t
+'_dh', type
: 'textarea', value
: eval( 'nvram.vpn_'+t
+'_dh' ) }
187 W('<input type="button" value="' + (eval('vpn'+(i
+1)+'up') ? 'Stop' : 'Start') + ' Now" onclick="toggle(\'vpn'+t
+'\', vpn'+(i
+1)+'up)" id="_vpn'+t
+'_button">');
195 <tr><td id='footer' colspan=
2>
196 <span id='footer-msg'
></span>
197 <input type='button' value='Save' id='save-button' onclick='save()'
>
198 <input type='button' value='Cancel' id='cancel-button' onclick='javascript:reloadPage();'
>
202 <script type='text/javascript'
>tabSelect(cookie
.get('vpn_server_tab') || tabs
[0][0]); verifyFields(null, 1);</script>