</option>
<?php
}
?>
</select>
</td>
</tr>
<tr>
<td><a id="help_for_digest" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?php
echo gettext("Auth Digest Algorithm");
?>
</td>
<td>
<select name="digest" class="form-control">
<?php
$digestlist = openvpn_get_digestlist();
foreach ($digestlist as $name => $desc) {
$selected = "";
if ($name == $pconfig['digest']) {
$selected = " selected=\"selected\"";
}
?>
<option value="<?php
echo $name;
?>
"<?php
echo $selected;
?>
>
<?php
echo htmlspecialchars($desc);
$section->addInput(new Form_Select('caref', 'Peer Certificate Authority', $pconfig['caref'], $list));
} else {
$section->addInput(new Form_StaticText('Peer Certificate Authority', sprintf('No Certificate Authorities defined. You may create one here: %s', '<a href="system_camanager.php">System > Cert Manager</a>')));
}
if (count($a_crl)) {
$section->addInput(new Form_Select('crlref', 'Peer Certificate Revocation list', $pconfig['crlref'], build_crl_list()));
} else {
$section->addInput(new Form_StaticText('Peer Certificate Revocation list', sprintf('No Certificate Revocation Lists defined. You may create one here: %s', '<a href="system_camanager.php">System > Cert Manager</a>')));
}
if (!$pconfig['shared_key']) {
$section->addInput(new Form_checkbox('autokey_enable', 'Auto generate', 'Automatically generate a shared key', $pconfig['autokey_enable']));
$section->addInput(new Form_TextArea('shared_key', 'Shared Key', $pconfig['shared_key']))->setHelp('Paste your shared key here');
}
$section->addInput(new Form_Select('certref', 'Client Certificate', $pconfig['certref'], build_cert_list()));
$section->addInput(new Form_Select('crypto', 'Encryption Algorithm', $pconfig['crypto'], openvpn_get_cipherlist()));
$section->addInput(new Form_Select('digest', 'Auth digest algorithm', $pconfig['digest'], openvpn_get_digestlist()))->setHelp('Leave this set to SHA1 unless all clients are set to match. SHA1 is the default for OpenVPN. ');
$section->addInput(new Form_Select('engine', 'Hardware Crypto', $pconfig['engine'], openvpn_get_engines()));
$form->add($section);
$section = new Form_Section('Tunnel settings');
$section->addInput(new Form_Input('tunnel_network', 'IPv4 Tunnel Network', 'text', $pconfig['tunnel_network']))->setHelp('This is the IPv4 virtual network used for private communications between this client and the sercer ' . 'expressed using CIDR (eg. 10.0.8.0/24). The first network address will be assigned to ' . 'the client virtual interface.');
$section->addInput(new Form_Input('tunnel_networkv6', 'IPv6 Tunnel Network', 'text', $pconfig['tunnel_networkv6']))->setHelp('This is the IPv6 virtual network used for private ' . 'communications between this client and the server expressed using CIDR (eg. fe80::/64). ' . 'The first network address will be assigned to the server virtual interface.');
$section->addInput(new Form_Input('remote_network', 'IPv4 Remote network(s)', 'text', $pconfig['remote_network']))->setHelp('IPv4 networks that will be routed through the tunnel, so that a site-to-site VPN can be established without manually ' . 'changing the routing tables. Expressed as a comma-separated list of one or more CIDR ranges. ' . 'If this is a site-to-site VPN, enter the remote LAN/s here. You may leave this blank if you don\'t want a site-to-site VPN.');
$section->addInput(new Form_Input('remote_networkv6', 'IPv6 Remote network(s)', 'text', $pconfig['remote_networkv6']))->setHelp('These are the IPv6 networks that will be routed through the tunnel, so that a site-to-site VPN can be established without manually ' . 'changing the routing tables. Expressed as a comma-separated list of one or more IP/PREFIX. ' . 'If this is a site-to-site VPN, enter the remote LAN/s here. You may leave this blank if you don\'t want a site-to-site VPN.');
$section->addInput(new Form_Input('use_shaper', 'Limit outgoing bandwidth', 'number', $pconfig['use_shaper'], ['min' => 100, 'max' => 100000000, 'placeholder' => 'Between 100 and 100,000,000 bytes/sec']))->setHelp('Maximum outgoing bandwidth for this tunnel. Leave empty for no limit. The input value has to be something between 100 bytes/sec and 100 Mbytes/sec (entered as bytes per second).');
$section->addInput(new Form_Select('compression', 'Compression', $pconfig['compression'], $openvpn_compression_modes))->setHelp('Compress tunnel packets using the LZO algorithm. Adaptive compression will dynamically disable compression for a period of time if OpenVPN detects that the data in the packets is not being compressed efficiently.');
$section->addInput(new Form_checkbox('passtos', 'Type-of-Service', 'Set the TOS IP header value of tunnel packets to match the encapsulated packet value.', $pconfig['passtos']));
$section->addInput(new Form_checkbox('no_tun_ipv6', 'Disable IPv6', 'Don\'t forward IPv6 traffic. ', $pconfig['no_tun_ipv6']));
$section->addInput(new Form_checkbox('route_no_pull', 'Don\'t pull routes', 'Bars the server from adding routes to the client\'s routing table', $pconfig['route_no_pull']))->setHelp('This option still allows the server to set the TCP/IP properties of the client\'s TUN/TAP interface. ');
$section->addInput(new Form_checkbox('route_no_exec', 'Don\'t add/remove routes', 'Don\'t add or remove routes automatically', $pconfig['route_no_exec']))->setHelp('Pass routes to --route-upscript using environmental variables');
$form->add($section);
$section = new Form_Section('Advanced Configuration');
