function CalculCDR()
{
$ip = new IP();
$ipfrom = $_GET["mynet_ipfrom"];
$ipto = $_GET["mynet_ipto"];
$SIP = $ip->ip2cidr($ipfrom, $ipto);
echo trim($SIP);
}
function ROUTE_SHOULD_BE()
{
$ip = $_POST["ROUTE_SHOULD_BE"];
if (preg_match("#([0-9]+)\$#", $ip, $re)) {
$calc_ip = $re[1] . ".0.0.0";
$calc_ip_end = $re[1] . ".255.255.255";
}
if (preg_match("#([0-9]+)\\.([0-9]+)\$#", $ip, $re)) {
$calc_ip = $re[1] . ".{$re[2]}.0.0";
$calc_ip_end = $re[1] . ".{$re[2]}.255.255";
}
if (preg_match("#([0-9]+)\\.([0-9]+)\\.([0-9]+)\$#", $ip, $re)) {
$calc_ip = $re[1] . ".{$re[2]}.{$re[3]}.0";
$calc_ip_end = $re[1] . ".{$re[2]}.{$re[3]}.255";
}
$ip = new IP();
$cdir = $ip->ip2cidr($calc_ip, $calc_ip_end);
$arr = $ip->parseCIDR($cdir);
$rang = $arr[0];
$netbit = $arr[1];
$ipv = new ipv4($calc_ip, $netbit);
echo "<strong>{$cdir} {$ipv->address()} - {$ipv->netmask()}</strong>";
}
function BuildTunServer(){
LoadArgvs();
$unix=new unix();
if(isset($GLOBALS["CLASS_SOCKETS"])){$sock=$GLOBALS["CLASS_SOCKETS"];}else{$GLOBALS["CLASS_SOCKETS"]=new sockets();$sock=$GLOBALS["CLASS_SOCKETS"];}
$servername=$unix->hostname_g();
$routess=array();
$duplicate_cn=null;
if(preg_match("#^(.+?)\.#",$servername,$re)){$servername=$re[1];}
$servername=strtoupper($servername);
echo "Starting......: OpenVPN building settings for $servername...\n";
$ini=new Bs_IniHandler();
$ini->loadString($sock->GET_INFO("ArticaOpenVPNSettings"));
if(!isset($ini->_params["GLOBAL"]["ENABLE_BRIDGE_MODE"])){$ini->_params["GLOBAL"]["ENABLE_BRIDGE_MODE"]=0;}
if(!isset($ini->_params["GLOBAL"]["IP_START"])){$ini->_params["GLOBAL"]["IP_START"]="10.8.0.0";}
if(!isset($ini->_params["GLOBAL"]["NETMASK"])){$ini->_params["GLOBAL"]["NETMASK"]="255.255.255.0";}
if($ini->_params["GLOBAL"]["ENABLE_BRIDGE_MODE"]==1){
echo "Starting......: OpenVPN building settings mode bridge enabled...\n";
BuildBridgeServer();
return;
}
$IPTABLES_ETH=$GLOBALS["IPTABLES_ETH"];
$DEV_TYPE=$ini->_params["GLOBAL"]["DEV_TYPE"];
$port=$ini->_params["GLOBAL"]["LISTEN_PORT"];
$IP_START=$ini->_params["GLOBAL"]["IP_START"];
$NETMASK=$ini->_params["GLOBAL"]["NETMASK"];
$bind_addr=$ini->_params["GLOBAL"]["LOCAL_BIND"];
$LISTEN_PROTO=$ini->_params["GLOBAL"]["LISTEN_PROTO"];
if($LISTEN_PROTO==null){$LISTEN_PROTO="udp";}
if($LISTEN_PROTO=="udp"){$proto="--proto udp";}else{$proto="--proto tcp-server";}
if(trim($port)==null){$port=1194;}
if(trim($IP_START)==null){$IP_START="10.8.0.0";}
if(trim($NETMASK)==null){$NETMASK="255.255.255.0";}
$nic=new networking();
while (list ($num, $ligne) = each ($nic->array_TCP) ){
if($ligne==null){continue;}
$eths[][$num]=$num;
$ethi[$num]=$ligne;
}
if($IPTABLES_ETH<>null){
echo "Starting......: OpenVPN linked to $IPTABLES_ETH ({$ethi[$IPTABLES_ETH]})...\n";
$IPTABLES_ETH_ROUTE=IpCalcRoute($ethi[$IPTABLES_ETH]);
}else{
echo "Starting......: OpenVPN no local NIC linked...\n";
}
$ca='/etc/artica-postfix/openvpn/keys/allca.crt';
$dh='/etc/artica-postfix/openvpn/keys/dh1024.pem';
$key="/etc/artica-postfix/openvpn/keys/vpn-server.key";
$crt="/etc/artica-postfix/openvpn/keys/vpn-server.crt";
$route='';
//$IPTABLES_ETH_IP=
if (is_file('/etc/artica-postfix/settings/Daemons/OpenVPNRoutes')){
$routes=(explode("\n",@file_get_contents("/etc/artica-postfix/settings/Daemons/OpenVPNRoutes")));
while (list ($num, $ligne) = each ($routes) ){
if(!preg_match("#(.+?)\s+(.+)#",$ligne,$re)){continue;}
$routess[]="--push \"route {$re[1]} {$re[2]}\"";
}
}
$GetRoutes=GetRoutes();
$routess=$routess+$GetRoutes;
if(count($routess)==0){
if($IPTABLES_ETH_ROUTE<>null){
echo "Starting......: OpenVPN IP adding default route \"$IPTABLES_ETH_ROUTE\"\n";
$routess[]="--push \"route $IPTABLES_ETH_ROUTE\"";
}
}else{
echo "Starting......: OpenVPN IP adding ".count($routess)." routes\n";
}
if(trim($bind_addr)<>null){
$local=" --local $bind_addr";
echo "Starting......: OpenVPN IP bind $bind_addr\n";
}
$IP_START=FIX_IP_START($IP_START,$local);
$ini->set("GLOBAL","IP_START",$IP_START);
if(preg_match("#(.+?)\.([0-9]+)$#",$IP_START,$re)){
$calc_ip=" {$re[1]}.0";
$calc_ip_end="{$re[1]}.254";
echo "Starting......: OpenVPN IP pool from {$re[1]}.2 to {$re[1]}.254 mask:$NETMASK\n";
$server_ip="{$re[1]}.1";
$IP_START_PREFIX=$re[1];
}
if($NETMASK==null){
$ip=new IP();
$cdir=$ip->ip2cidr($calc_ip,$calc_ip_end);
$arr=$ip->parseCIDR($cdir);
$rang=$arr[0];
$netbit=$arr[1];
$ipv=new ipv4($calc_ip,$netbit);
$NETMASK=$ipv->netmask();
if($NETMASK=="255.255.255.255"){$NETMASK="255.255.255.0";}
echo "Starting......: OpenVPN Netmask is null for the range $calc_ip, assume $NETMASK\n";
$ini->set("GLOBAL","NETMASK",$NETMASK);
}
$OpenVpnPasswordCert=$sock->GET_INFO("OpenVpnPasswordCert");
if($OpenVpnPasswordCert==null){$OpenVpnPasswordCert="MyKey";}
$askpass=null;
if(is_file("/etc/artica-postfix/openvpn/keys/password")){
$askpass="******";
}
$ifconfig_pool_persist=" --ifconfig-pool-persist /etc/artica-postfix/openvpn/ipp.txt ";
if(isset($GLOBALS["OPENVPNPARAMS"]["duplicate-cn"])){
echo "Starting......: OpenVPN duplicate-cn is enabled\n";
$duplicate_cn=" --duplicate-cn ";
$ifconfig_pool_persist=null;
}
if(isset($GLOBALS["OPENVPNPARAMS"]["script-security"])){
echo "Starting......: OpenVPN script-security is enabled\n";
$script_security=" --script-security 2";
}
if(!is_dir("/etc/openvpn/cdd")){@mkdir("/etc/openvpn/cdd");}
$already=array();
echo "Starting......: OpenVPN get remote sites routes...\n";
$sql="SELECT sitename,IP_START,netmask,remote_site_routes,FixedIPAddr FROM vpnclient WHERE connexion_type=1";
$q=new mysql();
$results=$q->QUERY_SQL($sql,"artica_backup");
if(!$q->ok){echo2("Starting......: OpenVPN : $q->mysql_error");}
while($ligne=mysql_fetch_array($results,MYSQL_ASSOC)){
$iroute=array();
$sitename=$ligne["sitename"];
$FixedIPAddr=$ligne["FixedIPAddr"];
if(!is_numeric($FixedIPAddr)){$FixedIPAddr=0;}
if($IP_START_PREFIX<>null){
if($FixedIPAddr>2){
if($FixedIPAddr<255){
echo "Starting......: OpenVPN $sitename $IP_START_PREFIX.$FixedIPAddr fixed IP address\n";
$iroute[]="ifconfig-push $IP_START_PREFIX.$FixedIPAddr $IP_START_PREFIX.2";
}
}
}
if(!isset($already[$ligne["IP_START"]])){
echo "Starting......: OpenVPN $sitename ({$ligne["IP_START"]} {$ligne["netmask"]})\n";
$rou[]=" --route {$ligne["IP_START"]} {$ligne["netmask"]}";
$iroute[]="iroute {$ligne["IP_START"]} {$ligne["netmask"]}";
$already[$ligne["IP_START"]]=true;
}
$remote_site_routes=unserialize(base64_decode($ligne["remote_site_routes"]));
while (list ($num, $site_mask) = each ($remote_site_routes) ){
if(!isset($already[$num])){
echo "Starting......: OpenVPN $sitename ($num $site_mask)\n";
$rou[]=" --route $num $site_mask";
$iroute[]="iroute $num $site_mask";
$already[$num]=true;
}
}
echo "Starting......: OpenVPN cdd $sitename\n";
@file_put_contents("/etc/openvpn/cdd/$sitename",@implode("\n", $iroute) );
}
if(count($rou)>0){
$localroutes=@implode(" ", $rou);
$client_config_dir=" --client-config-dir /etc/openvpn/cdd";
}
$LDAP_AUTH=$ini->_params["GLOBAL"]["LDAP_AUTH"];
if($LDAP_AUTH==1){
if(is_file("/usr/lib/openvpn/openvpn-auth-pam.so")){
$plugin=" --plugin /usr/lib/openvpn/openvpn-auth-pam.so common-auth";
echo "Starting......: OpenVPN auth is enabled\n";
shell_exec("/usr/share/artica-postfix/bin/artica-install --nsswitch");
}
}
@mkdir("/etc/openvpn/ccd",0666,true);
$php5=$unix->LOCATE_PHP5_BIN();
$me=__FILE__;
$cmd=" --port $port --dev tun $proto --server $IP_START $NETMASK$localroutes$client_config_dir --comp-lzo $local --ca $ca --dh $dh --key $key --cert $crt";
$cmd=$cmd. "$ifconfig_pool_persist " . implode(" ",$routess);
$cmd=$cmd. " $askpass$duplicate_cn--client-to-client$script_security$plugin --learn-address \"$php5 $me --client-connect\" --keepalive 10 60 --persist-tun --verb 5 --daemon --writepid /var/run/openvpn/openvpn-server.pid --log \"/var/log/openvpn/openvpn.log\"";
$cmd=$cmd. " --status /var/log/openvpn/openvpn-status.log 10";
echo "Starting......: OpenVPN building /etc/openvpn/cmdline.conf done\n";
@file_put_contents("/etc/openvpn/cmdline.conf",$cmd);
$sock->SaveConfigFile($ini->toString(),"ArticaOpenVPNSettings");
send_email_events("OpenVPN was successfully reconfigured",$cmd,"VPN");
echo "Starting......: OpenVPN building settings done.\n";
if($GLOBALS["VERBOSE"]){writelogs("$cmd",__FUNCTION__,__FILE__,__LINE__);}
}
function GetRange($net)
{
if (preg_match("#(.+?)-(.+)#", $net, $re)) {
$ip = new IP();
return $ip->ip2cidr($re[1], $re[2]);
}
}
function popup_networks_masks()
{
include_once dirname(__FILE__) . "/ressources/class.tcpip.inc";
include_once dirname(__FILE__) . "/ressources/class.system.network.inc";
$net = new networking();
$class_ip = new IP();
$array = $net->ALL_IPS_GET_ARRAY();
while (list($index, $line) = each($array)) {
$ip = $index;
if (preg_match('#(.+?)\\.([0-9]+)$#', $ip, $re)) {
$ip_start = $re[1] . ".0";
$ip_end = $re[1] . ".255";
$cdir = $class_ip->ip2cidr($ip_start, $ip_end);
if (preg_match("#(.+)\\/([0-9]+)#", $cdir, $ri)) {
$ipv4 = new ipv4($ri[1], $ri[2]);
$netmask = $ipv4->netmask();
$hosts = $class_ip->HostsNumber($index, $netmask);
$html = $html . "\n\t\t\t\t<tr>\n\t\t\t\t\t<td style='font-size:16px;font-weight:bold'>{$ip_start}</td>\n\t\t\t\t\t<td style='font-size:16px;font-weight:bold'>{$netmask}</td>\n\t\t\t\t\t<td style='font-size:16px;font-weight:bold'>{$hosts}</td>\n\t\t\t\t\t\n\t\t\t\t</tr>";
}
}
}
$html = "<H1>{newtork_help_me}</H1>\n\t<p class=caption>{you_should_use_one_of_these_network}</p>\n\t<table style='width:99%' class=form>\n\t<tr>\n\t\t<th>{from_ip_address}</th>\n\t\t<th>{netmask}</th>\n\t\t<th>{hosts_number}</th>\n\t</tr>\n\t{$html}\n\t</table>\n\t";
$tpl = new templates();
echo $tpl->_ENGINE_parse_body($html);
}
function postfix_add_network_v2_save()
{
$tpl = new templates();
if ($_GET["ip_addr"] == null) {
echo $tpl->_ENGINE_parse_body('{error} :{address} -> Null! ');
return null;
}
if ($_GET["ip_addr2"] == null) {
echo $tpl->_ENGINE_parse_body('{error} :{address} -> Null! ');
return null;
}
include_once 'ressources/class.tcpip.inc';
$ip = new IP();
if (!$ip->isValid($_GET["ip_addr"])) {
echo $tpl->_ENGINE_parse_body('{error} :{address} {bad_format} -> ' . $_GET["ip_addr"]);
return null;
}
$cdir = $ip->ip2cidr($_GET["ip_addr"], $_GET["ip_addr2"]);
if ($cdir == null) {
echo $tpl->_ENGINE_parse_body('{error} :{address} {bad_format} -> ' . $_GET["ip_addr"] . "/" . $_GET["ip_addr2"]);
return null;
}
$main = new main_cf();
writelogs("save new {$cdir} for mynetwork settings", __FUNCTION__, __FILE__);
$response = $main->add_my_networks($cdir);
if ($response != null) {
echo $tpl->_ENGINE_parse_body("{error} :{$response}");
return null;
}
writelogs("save postfix configuration", __FUNCTION__, __FILE__);
$main->save_conf();
writelogs("save postfix configuration done", __FUNCTION__, __FILE__);
echo $tpl->_ENGINE_parse_body('{success}');
}
function ncc()
{
$net = new networking();
$ip = new IP();
$vpn = new openvpn();
$nic = new networking();
while (list($num, $ligne) = each($nic->array_TCP)) {
if ($ligne == null) {
continue;
}
$ethi[$num] = $ligne;
}
// LOCAL_NETWORK IP_START NETMASK
$listen_eth = $vpn->main_array["GLOBAL"]["BRIDGE_ETH"];
$local_ip = $net->array_TCP[$listen_eth];
$listen_eth_ip = $local_ip;
$public_ip = $vpn->main_array["GLOBAL"]["PUBLIC_IP"];
$LISTEN_PORT = $vpn->main_array["GLOBAL"]["LISTEN_PORT"];
$LISTEN_PROTO = $vpn->main_array["GLOBAL"]["LISTEN_PROTO"];
$VPN_SERVER_IP = $vpn->main_array["GLOBAL"]["VPN_SERVER_IP"];
$VPN_DHCP_FROM = $vpn->main_array["GLOBAL"]["VPN_DHCP_FROM"];
$VPN_DHCP_TO = $vpn->main_array["GLOBAL"]["VPN_DHCP_TO"];
$VPN_DNS_DHCP_1 = $vpn->main_array["GLOBAL"]["VPN_DNS_DHCP_1"];
$VPN_DNS_DHCP_2 = $vpn->main_array["GLOBAL"]["VPN_DNS_DHCP_2"];
$PUBLIC_IP = $vpn->main_array["GLOBAL"]["PUBLIC_IP"];
$IPTABLES_ETH = $vpn->main_array["GLOBAL"]["IPTABLES_ETH"];
$DEV_TYPE = $vpn->main_array["GLOBAL"]["DEV_TYPE"];
$IP_START = $vpn->main_array["GLOBAL"]["IP_START"];
$CLIENT_NAT_PORT = $vpn->main_array["GLOBAL"]["CLIENT_NAT_PORT"];
$VPN_SERVER_DHCP_MASK = $vpn->main_array["GLOBAL"]["VPN_SERVER_DHCP_MASK"];
if ($local_ip == null) {
$listen_eth_ip = "<span style='color:#d32d2d'>{error}</span>";
}
if ($public_ip == null) {
$public_ip = "<span style='color:white'>{error}</span>";
}
if ($VPN_SERVER_IP == null) {
$VPN_SERVER_IP = "<span style='color:#d32d2d'>{error}</span>";
}
if ($VPN_DHCP_FROM == null) {
$VPN_DHCP_FROM = "<span style='color:#d32d2d'>{error}</span>";
}
if ($VPN_DHCP_TO == null) {
$VPN_DHCP_TO = "<span style='color:#d32d2d'>{error}</span>";
}
if ($VPN_SERVER_DHCP_MASK == null) {
$VPN_SERVER_DHCP_MASK = "<span style='color:#d32d2d'>{error}</span>";
}
if ($CLIENT_NAT_PORT == null) {
$CLIENT_NAT_PORT = $LISTEN_PORT;
}
if ($IPTABLES_ETH != null) {
$VPN_SERVER_IP = $ethi[$IPTABLES_ETH];
}
if ($LISTEN_PORT == null) {
$LISTEN_PORT = "<span style='color:#d32d2d'>{error}</span>";
}
$listen_eth = "{$listen_eth} (br0)<br>{$listen_eth_ip}";
if ($listen_eth == null) {
$listen_eth = "<span style='color:#d32d2d'>{error}</span>";
}
if ($DEV_TYPE == 'tun') {
$listen_eth = " {$VPN_SERVER_IP} <-> tun0 iptables";
$VPN_DHCP_FROM = $IP_START;
if (!preg_match('#([0-9]+)\\.([0-9]+)\\.([0-9]+)\\.([0-9]+)#', $VPN_DHCP_FROM, $re)) {
$VPN_DHCP_FROM = "<span style='color:#d32d2d'>{error}</span>";
} else {
$cdir = $ip->ip2cidr("{$re[1]}.{$re[2]}.{$re[3]}.0", "{$re[1]}.{$re[2]}.{$re[3]}.255");
$tb = explode("/", $cdir);
$v4 = new ipv4($tb[0], $tb[1]);
$VPN_DHCP_FROM = "{$re[1]}.{$re[2]}.{$re[3]}.2";
$VPN_DHCP_TO = "{$re[1]}.{$re[2]}.{$re[3]}.254";
$VPN_SERVER_DHCP_MASK = "{$tb[0]} - " . $v4->netmask();
}
}
if ($VPN_SERVER_IP == null) {
$VPN_SERVER_IP = "<span style='color:#d32d2d'>{error}</span>";
}
if ($VPN_DHCP_FROM == null) {
$VPN_DHCP_FROM = "<span style='color:#d32d2d'>{error}</span>";
}
if ($VPN_DHCP_TO == null) {
$VPN_DHCP_TO = "<span style='color:#d32d2d'>{error}</span>";
}
if ($VPN_SERVER_DHCP_MASK == null) {
$VPN_SERVER_DHCP_MASK = "<span style='color:#d32d2d'>{error}</span>";
}
if (!preg_match('#([0-9]+)\\.([0-9]+)\\.([0-9]+)\\.([0-9]+)#', $local_ip, $re)) {
$local_network = "<span style='color:#d32d2d'>{error}</span>";
} else {
$cdir = $ip->ip2cidr("{$re[1]}.{$re[2]}.{$re[3]}.0", "{$re[1]}.{$re[2]}.{$re[3]}.255");
$tb = explode("/", $cdir);
$v4 = new ipv4($tb[0], $tb[1]);
$local_network = "{$tb[0]} - " . $v4->netmask();
}
$sql = "SELECT * FROM vpnclient WHERE connexion_type=1 ORDER BY sitename DESC";
$q = new mysql();
$results = $q->QUERY_SQL($sql, "artica_backup");
while ($ligne = mysql_fetch_array($results, MYSQL_ASSOC)) {
$ip = $ligne["IP_START"];
$mask = $ligne["netmask"];
if (!preg_match('#([0-9]+)\\.([0-9]+)\\.([0-9]+)\\.([0-9]+)#', $ip, $re)) {
continue;
}
$route[] = "<span style='font-size:10px'>route {$re[1]}.{$re[2]}.{$re[3]}.0 {$mask} GW {$VPN_SERVER_IP}</span>";
}
if (is_array($route)) {
$routes = implode("<br>", $route);
}
$html = "\n\t<H1>{NETWORK_CONTROL_CENTER}</H1>\n\t<div style='background-image:url(img/bg_vpn1.png);width:750px;height:420px;background-repeat:no-repeat;font-size:16px'></div>\n\t<div style='position:absolute;top:30px;left:700px;'><input type='button' OnClick=\"javascript:OpenVPNNCC()\" value='{refresh}'></div>\n\t<div style='position:absolute;top:240px;left:210px;font-size:14px;text-align:center'>{BRIDGE_ETH}<br>{$listen_eth}</div>\n\t<div style='position:absolute;top:450px;left:80px;font-size:14px;text-align:center'>{local_network}<br>{$local_network}<br>{$routes}</div>\n\t<div style='position:absolute;top:125px;left:410px;font-size:14px;text-align:center;color:black;background-color:#D7E4FB;padding:3px;border:1px solid black'>\n\t\t{public_ip_addr}<br>{$public_ip}<br>{listen_port}:{$LISTEN_PORT}:{$CLIENT_NAT_PORT} ({$LISTEN_PROTO})\n\t</div>\n\t<div style='position:absolute;top:125px;left:230px;font-size:14px;text-align:center;'>{VPN_SERVER_IP}<br>{$VPN_SERVER_IP}</div>\n\t<div style='position:absolute;top:190px;left:580px;font-size:12px;text-align:center;;background-color:#FFFF99;border:1px solid black;padding:3px'>\n\t\tDHCP<br>{$VPN_DHCP_FROM} - {$VPN_DHCP_TO}\n\t\t<br>{netmask} {$VPN_SERVER_DHCP_MASK}<br>\n\t\t{dns_servers}:{$VPN_DNS_DHCP_1} {$VPN_DNS_DHCP_2}\n\t</div>\n\t\n\t";
$tpl = new templates();
echo $tpl->_ENGINE_parse_body($html);
}
function localnetwork_save()
{
include_once "ressources/class.tcpip.inc";
$ip = new IP();
$net = $ip->ip2cidr($_GET["ip_from"], $_GET["ip_to"]);
if (trim($net) == null) {
$tpl = new templates();
echo $tpl->_ENGINE_parse_body("{$_GET["ip_from"]}=>{$_GET["ip_to"]}=>{failed}\n");
} else {
$amavis = new amavis();
$amavis->AddNetwork($net);
}
}
function builddefault()
{
$net = new networking();
$cip = new IP();
while (list($num, $ip) = each($net->array_TCP)) {
if (preg_match('#([0-9]+)\\.([0-9]+)\\.([0-9]+)\\.([0-9]+)#', $ip, $re)) {
$ip_start = "{$re[1]}.{$re[2]}.{$re[3]}.0";
$ip_end = "{$re[1]}.{$re[2]}.{$re[3]}.255";
$cdir = $cip->ip2cidr($ip_start, $ip_end);
if (trim($cdir) != null) {
$this->DefaultNetworkList[trim($cdir)] = true;
$this->networklist[] = $cdir;
}
}
}
}
function CalculCDR()
{
$ip = new IP();
$ipfrom = $_GET["addipfrom"];
$ipto = $_GET["addipto"];
if (preg_match('#([0-9]+)\\.([0-9]+)\\.([0-9]+)\\.([0-9]+)#', $ipfrom, $re)) {
$ipfrom = "{$re[1]}.{$re[2]}.{$re[3]}.0";
}
if (preg_match('#([0-9]+)\\.([0-9]+)\\.([0-9]+)\\.([0-9]+)#', $ipto, $re)) {
$ipto = "{$re[1]}.{$re[2]}.{$re[3]}.255";
}
$SIP = $ip->ip2cidr($ipfrom, $ipto);
writelogs("Adding new CDIR {$ipfrom} -> {$ipto}\"{$SIP}\"", __FUNCTION__, __FILE__);
if (trim($SIP) == null) {
$tpl = new templates();
echo $tpl->_ENGINE_parse_body("Network:{failed}\n{$ipfrom} -> {$ipto}");
exit;
}
$squid = new squidbee();
$squid->network_array[] = $SIP;
if (!$squid->SaveToLdap()) {
echo $squid->ldap_error;
exit;
}
}
function CalculCDR()
{
$ip = new IP();
$ipfrom = $_GET["mynet_ipfrom"];
$ipfrom2 = explode(".", $ipfrom);
$ipfrom2[3] = 0;
$ipfrom = @implode(".", $ipfrom2);
$ipto = $_GET["mynet_ipto"];
$ipto2 = explode(".", $ipto);
$ipto2[3] = 255;
$ipto = @implode(".", $ipto2);
$SIP = $ip->ip2cidr($ipfrom, $ipto);
echo trim($SIP);
}
function SaveSettings()
{
$AutoUsers = new AutoUsers();
if ($_GET["ipfrom"] != null) {
$ip = new IP();
if (preg_match("#([0-9\\.]+)\\.([0-9]+)\$#", $_GET["ipfrom"], $re)) {
$secondip = $re[1] . ".255";
}
$cdir = $ip->ip2cidr($_GET["ipfrom"], $secondip);
if ($cdir != null) {
echo "CDIR:{$cdir}\n{$_GET["ipfrom"]}-{$secondip}\n";
$AutoUsers->AutoCreateAccountIPArray[] = $cdir;
} else {
echo "CDIR:{$_GET["ipfrom"]}-{$secondip}=false\n";
}
}
$AutoUsers->AutoCreateAccountEnabled = $_GET["AutoCreateAccountEnabled"];
$AutoUsers->Save();
}
function BuildTunServer()
{
$unix = new unix();
$sock = new sockets();
$servername = $unix->hostname_g();
if (preg_match("#^(.+?)\\.#", $servername, $re)) {
$servername = $re[1];
}
$servername = strtoupper($servername);
echo "Starting......: OpenVPN building settings for {$servername}...\n";
$ini = new Bs_IniHandler();
$sock = new sockets();
$ini->loadString($sock->GET_INFO("ArticaOpenVPNSettings"));
if ($ini->_params["GLOBAL"]["ENABLE_BRIDGE_MODE"] == 1) {
echo "Starting......: OpenVPN building settings mode bridge enabled...\n";
BuildBridgeServer();
return;
}
$IPTABLES_ETH = $GLOBALS["IPTABLES_ETH"];
$DEV_TYPE = $ini->_params["GLOBAL"]["DEV_TYPE"];
$port = $ini->_params["GLOBAL"]["LISTEN_PORT"];
$IP_START = $ini->_params["GLOBAL"]["IP_START"];
$NETMASK = $ini->_params["GLOBAL"]["NETMASK"];
$bind_addr = $ini->_params["GLOBAL"]["LOCAL_BIND"];
if (trim($port) == null) {
$port = 1194;
}
if (trim($IP_START) == null) {
$IP_START = "10.8.0.0";
}
if (trim($NETMASK) == null) {
$IP_START = "255.255.255.0";
}
$nic = new networking();
while (list($num, $ligne) = each($nic->array_TCP)) {
if ($ligne == null) {
continue;
}
$eths[][$num] = $num;
$ethi[$num] = $ligne;
}
if ($IPTABLES_ETH != null) {
echo "Starting......: OpenVPN linked to {$IPTABLES_ETH} ({$ethi[$IPTABLES_ETH]})...\n";
$IPTABLES_ETH_ROUTE = IpCalcRoute($ethi[$IPTABLES_ETH]);
} else {
echo "Starting......: OpenVPN no local NIC linked...\n";
}
$ca = '/etc/artica-postfix/openvpn/keys/allca.crt';
$dh = '/etc/artica-postfix/openvpn/keys/dh1024.pem';
$key = "/etc/artica-postfix/openvpn/keys/vpn-server.key";
$crt = "/etc/artica-postfix/openvpn/keys/vpn-server.crt";
$route = '';
//$IPTABLES_ETH_IP=
if (is_file('/etc/artica-postfix/settings/Daemons/OpenVPNRoutes')) {
$routes = explode("\n", @file_get_contents("/etc/artica-postfix/settings/Daemons/OpenVPNRoutes"));
while (list($num, $ligne) = each($routes)) {
if (!preg_match("#(.+?)\\s+(.+)#", $ligne, $re)) {
continue;
}
$routess[] = "--push \"route {$re[1]} {$re[2]}\"";
}
}
$routess[] = GetRoutes();
if (count($routess) == 0) {
if ($IPTABLES_ETH_ROUTE != null) {
echo "Starting......: OpenVPN IP adding default route \"{$IPTABLES_ETH_ROUTE}\"\n";
$routess[] = "--push \"route {$IPTABLES_ETH_ROUTE}\"";
}
} else {
echo "Starting......: OpenVPN IP adding " . count($routess) . " routes\n";
}
if (trim($bind_addr) != null) {
$local = " --local {$bind_addr}";
echo "Starting......: OpenVPN IP bind {$bind_addr}\n";
}
$IP_START = FIX_IP_START($IP_START, $local);
$ini->set("GLOBAL", "IP_START", $IP_START);
if (preg_match("#(.+?)\\.([0-9]+)\$#", $IP_START, $re)) {
$calc_ip = " {$re[1]}.0";
$calc_ip_end = "{$re[1]}.254";
echo "Starting......: OpenVPN IP pool from {$re[1]}.2 to {$re[1]}.254 mask:{$NETMASK}\n";
$server_ip = "{$re[1]}.1";
}
if ($NETMASK == null) {
$ip = new IP();
$cdir = $ip->ip2cidr($calc_ip, $calc_ip_end);
$arr = $ip->parseCIDR($cdir);
$rang = $arr[0];
$netbit = $arr[1];
$ipv = new ipv4($calc_ip, $netbit);
$NETMASK = $ipv->netmask();
if ($NETMASK == "255.255.255.255") {
$NETMASK = "255.255.255.0";
}
echo "Starting......: OpenVPN Netmask is null for the range {$calc_ip}, assume {$NETMASK}\n";
$ini->set("GLOBAL", "NETMASK", $NETMASK);
}
$OpenVpnPasswordCert = $sock->GET_INFO("OpenVpnPasswordCert");
if ($OpenVpnPasswordCert == null) {
$OpenVpnPasswordCert = "MyKey";
}
if (is_file("/etc/artica-postfix/openvpn/keys/password")) {
$askpass = "******";
}
$cmd = " --port {$port} --dev tun --server {$IP_START} {$NETMASK} --comp-lzo {$local} --ca {$ca} --dh {$dh} --key {$key} --cert {$crt}";
$cmd = $cmd . " --ifconfig-pool-persist /etc/artica-postfix/openvpn/ipp.txt " . implode(" ", $routess);
$cmd = $cmd . " {$askpass}--client-to-client --persist-tun --verb 5 --daemon --writepid /var/run/openvpn/openvpn-server.pid --log \"/var/log/openvpn/openvpn.log\"";
$cmd = $cmd . " --status /var/log/openvpn/openvpn-status.log 10";
@file_put_contents("/etc/openvpn/cmdline.conf", $cmd);
$sock->SaveConfigFile($ini->toString(), "ArticaOpenVPNSettings");
echo "Starting......: OpenVPN building settings done.\n";
if ($GLOBALS["VERBOSE"]) {
writelogs("{$cmd}", __FUNCTION__, __FILE__, __LINE__);
}
}
