function rule_form() { $page = CurrentPageName(); $tpl = new templates(); $id = $_GET["rule-id"]; $button = "{add}"; if ($id > 0) { $button = "{apply}"; $q = new mysql(); $sql = "SELECT * FROM tcp_account_rules WHERE ID='{$id}'"; $ligne = @mysql_fetch_array($q->QUERY_SQL($sql, 'artica_backup')); if (preg_match("#([0-9\\.]+)\\/([0-9]+)#", $ligne["ipaddr"], $re)) { $ip = new ipv4($re[1], $re[2]); $ipaddr = $re[1]; $netmask = $ip->netmask(); } else { $ipaddr = $ligne["ipaddr"]; } } $arrayMODE["INPUT"] = "INPUT"; $arrayMODE["OUTPUT"] = "OUTPUT"; $arrayMODE["FORWARD"] = "FORWARD"; $time = time(); $q = new mysql(); $sql = "SELECT * FROM tcp_account_rules WHERE ID='{$id}'"; $results = $q->QUERY_SQL($sql, "artica_backup"); $html = "\n\t<span id='iptrleid'></span>\n\t<div class=text-info >{ipatccount_rule_explain}</div>\n\t<table style='width:99%' class=form>\n\t<tr>\n\t<td class=legend>{rule_name}:</td>\n\t<td>" . Field_text("ipt_rname", $ligne["rulename"], "font-size:14px;padding:3px'") . "</td>\n\t<td> </td>\n\t</tr>\n\t<tr>\n\t<td class=legend>{mode}:</td>\n\t<td>" . Field_array_Hash($arrayMODE, "ipt_mode", $ligne["mode"], "style:font-size:14px;padding:3px") . "</td>\n\t<td> </td>\n\t</tr>\t\n\t\n\t<tr>\n\t<td class=legend>{ipaddr}:</td>\n\t<td>" . field_ipv4("ipt_ipaddr", $ipaddr, "font-size:14px;padding:3px'") . "</td>\n\t<td> </td>\n\t</tr>\n\t<tr>\n\t<td class=legend>{mask}:</td>\n\t<td>" . field_ipv4("ipt_netmask", $netmask, "font-size:14px;padding:3px'") . "</td>\n\t<td> </td>\n\t</tr>\t\t\n\t<tr>\n\t\t<td colspan=3 align='right'><hr>" . button("{$button}", "SaveiptAccountRule()") . "</td>\n\t</tr>\n\t\n\t</table>\n\t\n\t<script>\n\t\tvar x_SaveiptAccountRule=function (obj) {\n\t\t\tvar results=obj.responseText;\n\t\t\tif(results.length>2){\n\t\t\t\talert(results);\n\t\t\t\tdocument.getElementById('iptrleid').innerHTML='';\n\t\t\t\treturn;\n\n\t\t\t}\t\t\t\n\t\t\tYahooWin3Hide();\n\t\t\tBrowseRulesSearch();\n\t\t}\n\t\n\t\n\t\tfunction SaveiptAccountRule(){\n\t\t\tvar XHR = new XHRConnection();\n\t\t\tXHR.appendData('rulename',document.getElementById('ipt_rname').value);\n\t\t\tXHR.appendData('rule-id','{$id}');\n\t\t\tXHR.appendData('ipaddr',document.getElementById('ipt_ipaddr').value);\n\t\t\tXHR.appendData('mask',document.getElementById('ipt_netmask').value);\n\t\t\tXHR.appendData('mode',document.getElementById('ipt_mode').value);\n\t\t\tAnimateDiv('iptrleid');\n \t\tXHR.sendAndLoad('{$page}', 'POST',x_SaveiptAccountRule);\n\t\t\t\n\t\t}\n\n\t</script>"; echo $tpl->_ENGINE_parse_body($html); }
function ROUTE_SHOULD_BE() { $ip = $_POST["ROUTE_SHOULD_BE"]; if (preg_match("#([0-9]+)\$#", $ip, $re)) { $calc_ip = $re[1] . ".0.0.0"; $calc_ip_end = $re[1] . ".255.255.255"; } if (preg_match("#([0-9]+)\\.([0-9]+)\$#", $ip, $re)) { $calc_ip = $re[1] . ".{$re[2]}.0.0"; $calc_ip_end = $re[1] . ".{$re[2]}.255.255"; } if (preg_match("#([0-9]+)\\.([0-9]+)\\.([0-9]+)\$#", $ip, $re)) { $calc_ip = $re[1] . ".{$re[2]}.{$re[3]}.0"; $calc_ip_end = $re[1] . ".{$re[2]}.{$re[3]}.255"; } $ip = new IP(); $cdir = $ip->ip2cidr($calc_ip, $calc_ip_end); $arr = $ip->parseCIDR($cdir); $rang = $arr[0]; $netbit = $arr[1]; $ipv = new ipv4($calc_ip, $netbit); echo "<strong>{$cdir} {$ipv->address()} - {$ipv->netmask()}</strong>"; }
function BuildTunServer(){ LoadArgvs(); $unix=new unix(); if(isset($GLOBALS["CLASS_SOCKETS"])){$sock=$GLOBALS["CLASS_SOCKETS"];}else{$GLOBALS["CLASS_SOCKETS"]=new sockets();$sock=$GLOBALS["CLASS_SOCKETS"];} $servername=$unix->hostname_g(); $routess=array(); $duplicate_cn=null; if(preg_match("#^(.+?)\.#",$servername,$re)){$servername=$re[1];} $servername=strtoupper($servername); echo "Starting......: OpenVPN building settings for $servername...\n"; $ini=new Bs_IniHandler(); $ini->loadString($sock->GET_INFO("ArticaOpenVPNSettings")); if(!isset($ini->_params["GLOBAL"]["ENABLE_BRIDGE_MODE"])){$ini->_params["GLOBAL"]["ENABLE_BRIDGE_MODE"]=0;} if(!isset($ini->_params["GLOBAL"]["IP_START"])){$ini->_params["GLOBAL"]["IP_START"]="10.8.0.0";} if(!isset($ini->_params["GLOBAL"]["NETMASK"])){$ini->_params["GLOBAL"]["NETMASK"]="255.255.255.0";} if($ini->_params["GLOBAL"]["ENABLE_BRIDGE_MODE"]==1){ echo "Starting......: OpenVPN building settings mode bridge enabled...\n"; BuildBridgeServer(); return; } $IPTABLES_ETH=$GLOBALS["IPTABLES_ETH"]; $DEV_TYPE=$ini->_params["GLOBAL"]["DEV_TYPE"]; $port=$ini->_params["GLOBAL"]["LISTEN_PORT"]; $IP_START=$ini->_params["GLOBAL"]["IP_START"]; $NETMASK=$ini->_params["GLOBAL"]["NETMASK"]; $bind_addr=$ini->_params["GLOBAL"]["LOCAL_BIND"]; $LISTEN_PROTO=$ini->_params["GLOBAL"]["LISTEN_PROTO"]; if($LISTEN_PROTO==null){$LISTEN_PROTO="udp";} if($LISTEN_PROTO=="udp"){$proto="--proto udp";}else{$proto="--proto tcp-server";} if(trim($port)==null){$port=1194;} if(trim($IP_START)==null){$IP_START="10.8.0.0";} if(trim($NETMASK)==null){$NETMASK="255.255.255.0";} $nic=new networking(); while (list ($num, $ligne) = each ($nic->array_TCP) ){ if($ligne==null){continue;} $eths[][$num]=$num; $ethi[$num]=$ligne; } if($IPTABLES_ETH<>null){ echo "Starting......: OpenVPN linked to $IPTABLES_ETH ({$ethi[$IPTABLES_ETH]})...\n"; $IPTABLES_ETH_ROUTE=IpCalcRoute($ethi[$IPTABLES_ETH]); }else{ echo "Starting......: OpenVPN no local NIC linked...\n"; } $ca='/etc/artica-postfix/openvpn/keys/allca.crt'; $dh='/etc/artica-postfix/openvpn/keys/dh1024.pem'; $key="/etc/artica-postfix/openvpn/keys/vpn-server.key"; $crt="/etc/artica-postfix/openvpn/keys/vpn-server.crt"; $route=''; //$IPTABLES_ETH_IP= if (is_file('/etc/artica-postfix/settings/Daemons/OpenVPNRoutes')){ $routes=(explode("\n",@file_get_contents("/etc/artica-postfix/settings/Daemons/OpenVPNRoutes"))); while (list ($num, $ligne) = each ($routes) ){ if(!preg_match("#(.+?)\s+(.+)#",$ligne,$re)){continue;} $routess[]="--push \"route {$re[1]} {$re[2]}\""; } } $GetRoutes=GetRoutes(); $routess=$routess+$GetRoutes; if(count($routess)==0){ if($IPTABLES_ETH_ROUTE<>null){ echo "Starting......: OpenVPN IP adding default route \"$IPTABLES_ETH_ROUTE\"\n"; $routess[]="--push \"route $IPTABLES_ETH_ROUTE\""; } }else{ echo "Starting......: OpenVPN IP adding ".count($routess)." routes\n"; } if(trim($bind_addr)<>null){ $local=" --local $bind_addr"; echo "Starting......: OpenVPN IP bind $bind_addr\n"; } $IP_START=FIX_IP_START($IP_START,$local); $ini->set("GLOBAL","IP_START",$IP_START); if(preg_match("#(.+?)\.([0-9]+)$#",$IP_START,$re)){ $calc_ip=" {$re[1]}.0"; $calc_ip_end="{$re[1]}.254"; echo "Starting......: OpenVPN IP pool from {$re[1]}.2 to {$re[1]}.254 mask:$NETMASK\n"; $server_ip="{$re[1]}.1"; $IP_START_PREFIX=$re[1]; } if($NETMASK==null){ $ip=new IP(); $cdir=$ip->ip2cidr($calc_ip,$calc_ip_end); $arr=$ip->parseCIDR($cdir); $rang=$arr[0]; $netbit=$arr[1]; $ipv=new ipv4($calc_ip,$netbit); $NETMASK=$ipv->netmask(); if($NETMASK=="255.255.255.255"){$NETMASK="255.255.255.0";} echo "Starting......: OpenVPN Netmask is null for the range $calc_ip, assume $NETMASK\n"; $ini->set("GLOBAL","NETMASK",$NETMASK); } $OpenVpnPasswordCert=$sock->GET_INFO("OpenVpnPasswordCert"); if($OpenVpnPasswordCert==null){$OpenVpnPasswordCert="MyKey";} $askpass=null; if(is_file("/etc/artica-postfix/openvpn/keys/password")){ $askpass="******"; } $ifconfig_pool_persist=" --ifconfig-pool-persist /etc/artica-postfix/openvpn/ipp.txt "; if(isset($GLOBALS["OPENVPNPARAMS"]["duplicate-cn"])){ echo "Starting......: OpenVPN duplicate-cn is enabled\n"; $duplicate_cn=" --duplicate-cn "; $ifconfig_pool_persist=null; } if(isset($GLOBALS["OPENVPNPARAMS"]["script-security"])){ echo "Starting......: OpenVPN script-security is enabled\n"; $script_security=" --script-security 2"; } if(!is_dir("/etc/openvpn/cdd")){@mkdir("/etc/openvpn/cdd");} $already=array(); echo "Starting......: OpenVPN get remote sites routes...\n"; $sql="SELECT sitename,IP_START,netmask,remote_site_routes,FixedIPAddr FROM vpnclient WHERE connexion_type=1"; $q=new mysql(); $results=$q->QUERY_SQL($sql,"artica_backup"); if(!$q->ok){echo2("Starting......: OpenVPN : $q->mysql_error");} while($ligne=mysql_fetch_array($results,MYSQL_ASSOC)){ $iroute=array(); $sitename=$ligne["sitename"]; $FixedIPAddr=$ligne["FixedIPAddr"]; if(!is_numeric($FixedIPAddr)){$FixedIPAddr=0;} if($IP_START_PREFIX<>null){ if($FixedIPAddr>2){ if($FixedIPAddr<255){ echo "Starting......: OpenVPN $sitename $IP_START_PREFIX.$FixedIPAddr fixed IP address\n"; $iroute[]="ifconfig-push $IP_START_PREFIX.$FixedIPAddr $IP_START_PREFIX.2"; } } } if(!isset($already[$ligne["IP_START"]])){ echo "Starting......: OpenVPN $sitename ({$ligne["IP_START"]} {$ligne["netmask"]})\n"; $rou[]=" --route {$ligne["IP_START"]} {$ligne["netmask"]}"; $iroute[]="iroute {$ligne["IP_START"]} {$ligne["netmask"]}"; $already[$ligne["IP_START"]]=true; } $remote_site_routes=unserialize(base64_decode($ligne["remote_site_routes"])); while (list ($num, $site_mask) = each ($remote_site_routes) ){ if(!isset($already[$num])){ echo "Starting......: OpenVPN $sitename ($num $site_mask)\n"; $rou[]=" --route $num $site_mask"; $iroute[]="iroute $num $site_mask"; $already[$num]=true; } } echo "Starting......: OpenVPN cdd $sitename\n"; @file_put_contents("/etc/openvpn/cdd/$sitename",@implode("\n", $iroute) ); } if(count($rou)>0){ $localroutes=@implode(" ", $rou); $client_config_dir=" --client-config-dir /etc/openvpn/cdd"; } $LDAP_AUTH=$ini->_params["GLOBAL"]["LDAP_AUTH"]; if($LDAP_AUTH==1){ if(is_file("/usr/lib/openvpn/openvpn-auth-pam.so")){ $plugin=" --plugin /usr/lib/openvpn/openvpn-auth-pam.so common-auth"; echo "Starting......: OpenVPN auth is enabled\n"; shell_exec("/usr/share/artica-postfix/bin/artica-install --nsswitch"); } } @mkdir("/etc/openvpn/ccd",0666,true); $php5=$unix->LOCATE_PHP5_BIN(); $me=__FILE__; $cmd=" --port $port --dev tun $proto --server $IP_START $NETMASK$localroutes$client_config_dir --comp-lzo $local --ca $ca --dh $dh --key $key --cert $crt"; $cmd=$cmd. "$ifconfig_pool_persist " . implode(" ",$routess); $cmd=$cmd. " $askpass$duplicate_cn--client-to-client$script_security$plugin --learn-address \"$php5 $me --client-connect\" --keepalive 10 60 --persist-tun --verb 5 --daemon --writepid /var/run/openvpn/openvpn-server.pid --log \"/var/log/openvpn/openvpn.log\""; $cmd=$cmd. " --status /var/log/openvpn/openvpn-status.log 10"; echo "Starting......: OpenVPN building /etc/openvpn/cmdline.conf done\n"; @file_put_contents("/etc/openvpn/cmdline.conf",$cmd); $sock->SaveConfigFile($ini->toString(),"ArticaOpenVPNSettings"); send_email_events("OpenVPN was successfully reconfigured",$cmd,"VPN"); echo "Starting......: OpenVPN building settings done.\n"; if($GLOBALS["VERBOSE"]){writelogs("$cmd",__FUNCTION__,__FILE__,__LINE__);} }
function cdirToNetmask($net) { $results2 = array(); if (preg_match("#(.+?)\\/(.+)#", $net, $re)) { $ip = new ipv4($re[1], $re[2]); $netmask = $ip->netmask(); $ipaddr = $ip->address(); if (preg_match("#[0-9\\.]+#", $netmask)) { return $netmask; } pack_debug("{$net} -> {$ipaddr} - {$netmask} ", __FILE__, __LINE__); } exec("/usr/share/artica-postfix/bin/ipcalc {$net} 2>&1"); pack_debug("/usr/share/artica-postfix/bin/ipcalc {$net} 2>&1", __FILE__, __LINE__); while (list($index, $line) = each($results2)) { if (preg_match("#Netmask:\\s+([0-9\\.]+)#", $line, $re)) { return $re[1]; break; } } }
function popup_networks_masks() { include_once dirname(__FILE__) . "/ressources/class.tcpip.inc"; include_once dirname(__FILE__) . "/ressources/class.system.network.inc"; $net = new networking(); $class_ip = new IP(); $array = $net->ALL_IPS_GET_ARRAY(); while (list($index, $line) = each($array)) { $ip = $index; if (preg_match('#(.+?)\\.([0-9]+)$#', $ip, $re)) { $ip_start = $re[1] . ".0"; $ip_end = $re[1] . ".255"; $cdir = $class_ip->ip2cidr($ip_start, $ip_end); if (preg_match("#(.+)\\/([0-9]+)#", $cdir, $ri)) { $ipv4 = new ipv4($ri[1], $ri[2]); $netmask = $ipv4->netmask(); $hosts = $class_ip->HostsNumber($index, $netmask); $html = $html . "\n\t\t\t\t<tr>\n\t\t\t\t\t<td style='font-size:16px;font-weight:bold'>{$ip_start}</td>\n\t\t\t\t\t<td style='font-size:16px;font-weight:bold'>{$netmask}</td>\n\t\t\t\t\t<td style='font-size:16px;font-weight:bold'>{$hosts}</td>\n\t\t\t\t\t\n\t\t\t\t</tr>"; } } } $html = "<H1>{newtork_help_me}</H1>\n\t<p class=caption>{you_should_use_one_of_these_network}</p>\n\t<table style='width:99%' class=form>\n\t<tr>\n\t\t<th>{from_ip_address}</th>\n\t\t<th>{netmask}</th>\n\t\t<th>{hosts_number}</th>\n\t</tr>\n\t{$html}\n\t</table>\n\t"; $tpl = new templates(); echo $tpl->_ENGINE_parse_body($html); }
function ncc() { $net = new networking(); $ip = new IP(); $vpn = new openvpn(); $nic = new networking(); while (list($num, $ligne) = each($nic->array_TCP)) { if ($ligne == null) { continue; } $ethi[$num] = $ligne; } // LOCAL_NETWORK IP_START NETMASK $listen_eth = $vpn->main_array["GLOBAL"]["BRIDGE_ETH"]; $local_ip = $net->array_TCP[$listen_eth]; $listen_eth_ip = $local_ip; $public_ip = $vpn->main_array["GLOBAL"]["PUBLIC_IP"]; $LISTEN_PORT = $vpn->main_array["GLOBAL"]["LISTEN_PORT"]; $LISTEN_PROTO = $vpn->main_array["GLOBAL"]["LISTEN_PROTO"]; $VPN_SERVER_IP = $vpn->main_array["GLOBAL"]["VPN_SERVER_IP"]; $VPN_DHCP_FROM = $vpn->main_array["GLOBAL"]["VPN_DHCP_FROM"]; $VPN_DHCP_TO = $vpn->main_array["GLOBAL"]["VPN_DHCP_TO"]; $VPN_DNS_DHCP_1 = $vpn->main_array["GLOBAL"]["VPN_DNS_DHCP_1"]; $VPN_DNS_DHCP_2 = $vpn->main_array["GLOBAL"]["VPN_DNS_DHCP_2"]; $PUBLIC_IP = $vpn->main_array["GLOBAL"]["PUBLIC_IP"]; $IPTABLES_ETH = $vpn->main_array["GLOBAL"]["IPTABLES_ETH"]; $DEV_TYPE = $vpn->main_array["GLOBAL"]["DEV_TYPE"]; $IP_START = $vpn->main_array["GLOBAL"]["IP_START"]; $CLIENT_NAT_PORT = $vpn->main_array["GLOBAL"]["CLIENT_NAT_PORT"]; $VPN_SERVER_DHCP_MASK = $vpn->main_array["GLOBAL"]["VPN_SERVER_DHCP_MASK"]; if ($local_ip == null) { $listen_eth_ip = "<span style='color:#d32d2d'>{error}</span>"; } if ($public_ip == null) { $public_ip = "<span style='color:white'>{error}</span>"; } if ($VPN_SERVER_IP == null) { $VPN_SERVER_IP = "<span style='color:#d32d2d'>{error}</span>"; } if ($VPN_DHCP_FROM == null) { $VPN_DHCP_FROM = "<span style='color:#d32d2d'>{error}</span>"; } if ($VPN_DHCP_TO == null) { $VPN_DHCP_TO = "<span style='color:#d32d2d'>{error}</span>"; } if ($VPN_SERVER_DHCP_MASK == null) { $VPN_SERVER_DHCP_MASK = "<span style='color:#d32d2d'>{error}</span>"; } if ($CLIENT_NAT_PORT == null) { $CLIENT_NAT_PORT = $LISTEN_PORT; } if ($IPTABLES_ETH != null) { $VPN_SERVER_IP = $ethi[$IPTABLES_ETH]; } if ($LISTEN_PORT == null) { $LISTEN_PORT = "<span style='color:#d32d2d'>{error}</span>"; } $listen_eth = "{$listen_eth} (br0)<br>{$listen_eth_ip}"; if ($listen_eth == null) { $listen_eth = "<span style='color:#d32d2d'>{error}</span>"; } if ($DEV_TYPE == 'tun') { $listen_eth = " {$VPN_SERVER_IP} <-> tun0 iptables"; $VPN_DHCP_FROM = $IP_START; if (!preg_match('#([0-9]+)\\.([0-9]+)\\.([0-9]+)\\.([0-9]+)#', $VPN_DHCP_FROM, $re)) { $VPN_DHCP_FROM = "<span style='color:#d32d2d'>{error}</span>"; } else { $cdir = $ip->ip2cidr("{$re[1]}.{$re[2]}.{$re[3]}.0", "{$re[1]}.{$re[2]}.{$re[3]}.255"); $tb = explode("/", $cdir); $v4 = new ipv4($tb[0], $tb[1]); $VPN_DHCP_FROM = "{$re[1]}.{$re[2]}.{$re[3]}.2"; $VPN_DHCP_TO = "{$re[1]}.{$re[2]}.{$re[3]}.254"; $VPN_SERVER_DHCP_MASK = "{$tb[0]} - " . $v4->netmask(); } } if ($VPN_SERVER_IP == null) { $VPN_SERVER_IP = "<span style='color:#d32d2d'>{error}</span>"; } if ($VPN_DHCP_FROM == null) { $VPN_DHCP_FROM = "<span style='color:#d32d2d'>{error}</span>"; } if ($VPN_DHCP_TO == null) { $VPN_DHCP_TO = "<span style='color:#d32d2d'>{error}</span>"; } if ($VPN_SERVER_DHCP_MASK == null) { $VPN_SERVER_DHCP_MASK = "<span style='color:#d32d2d'>{error}</span>"; } if (!preg_match('#([0-9]+)\\.([0-9]+)\\.([0-9]+)\\.([0-9]+)#', $local_ip, $re)) { $local_network = "<span style='color:#d32d2d'>{error}</span>"; } else { $cdir = $ip->ip2cidr("{$re[1]}.{$re[2]}.{$re[3]}.0", "{$re[1]}.{$re[2]}.{$re[3]}.255"); $tb = explode("/", $cdir); $v4 = new ipv4($tb[0], $tb[1]); $local_network = "{$tb[0]} - " . $v4->netmask(); } $sql = "SELECT * FROM vpnclient WHERE connexion_type=1 ORDER BY sitename DESC"; $q = new mysql(); $results = $q->QUERY_SQL($sql, "artica_backup"); while ($ligne = mysql_fetch_array($results, MYSQL_ASSOC)) { $ip = $ligne["IP_START"]; $mask = $ligne["netmask"]; if (!preg_match('#([0-9]+)\\.([0-9]+)\\.([0-9]+)\\.([0-9]+)#', $ip, $re)) { continue; } $route[] = "<span style='font-size:10px'>route {$re[1]}.{$re[2]}.{$re[3]}.0 {$mask} GW {$VPN_SERVER_IP}</span>"; } if (is_array($route)) { $routes = implode("<br>", $route); } $html = "\n\t<H1>{NETWORK_CONTROL_CENTER}</H1>\n\t<div style='background-image:url(img/bg_vpn1.png);width:750px;height:420px;background-repeat:no-repeat;font-size:16px'></div>\n\t<div style='position:absolute;top:30px;left:700px;'><input type='button' OnClick=\"javascript:OpenVPNNCC()\" value='{refresh}'></div>\n\t<div style='position:absolute;top:240px;left:210px;font-size:14px;text-align:center'>{BRIDGE_ETH}<br>{$listen_eth}</div>\n\t<div style='position:absolute;top:450px;left:80px;font-size:14px;text-align:center'>{local_network}<br>{$local_network}<br>{$routes}</div>\n\t<div style='position:absolute;top:125px;left:410px;font-size:14px;text-align:center;color:black;background-color:#D7E4FB;padding:3px;border:1px solid black'>\n\t\t{public_ip_addr}<br>{$public_ip}<br>{listen_port}:{$LISTEN_PORT}:{$CLIENT_NAT_PORT} ({$LISTEN_PROTO})\n\t</div>\n\t<div style='position:absolute;top:125px;left:230px;font-size:14px;text-align:center;'>{VPN_SERVER_IP}<br>{$VPN_SERVER_IP}</div>\n\t<div style='position:absolute;top:190px;left:580px;font-size:12px;text-align:center;;background-color:#FFFF99;border:1px solid black;padding:3px'>\n\t\tDHCP<br>{$VPN_DHCP_FROM} - {$VPN_DHCP_TO}\n\t\t<br>{netmask} {$VPN_SERVER_DHCP_MASK}<br>\n\t\t{dns_servers}:{$VPN_DNS_DHCP_1} {$VPN_DNS_DHCP_2}\n\t</div>\n\t\n\t"; $tpl = new templates(); echo $tpl->_ENGINE_parse_body($html); }
function BuildTunServer() { $unix = new unix(); $sock = new sockets(); $servername = $unix->hostname_g(); if (preg_match("#^(.+?)\\.#", $servername, $re)) { $servername = $re[1]; } $servername = strtoupper($servername); echo "Starting......: OpenVPN building settings for {$servername}...\n"; $ini = new Bs_IniHandler(); $sock = new sockets(); $ini->loadString($sock->GET_INFO("ArticaOpenVPNSettings")); if ($ini->_params["GLOBAL"]["ENABLE_BRIDGE_MODE"] == 1) { echo "Starting......: OpenVPN building settings mode bridge enabled...\n"; BuildBridgeServer(); return; } $IPTABLES_ETH = $GLOBALS["IPTABLES_ETH"]; $DEV_TYPE = $ini->_params["GLOBAL"]["DEV_TYPE"]; $port = $ini->_params["GLOBAL"]["LISTEN_PORT"]; $IP_START = $ini->_params["GLOBAL"]["IP_START"]; $NETMASK = $ini->_params["GLOBAL"]["NETMASK"]; $bind_addr = $ini->_params["GLOBAL"]["LOCAL_BIND"]; if (trim($port) == null) { $port = 1194; } if (trim($IP_START) == null) { $IP_START = "10.8.0.0"; } if (trim($NETMASK) == null) { $IP_START = "255.255.255.0"; } $nic = new networking(); while (list($num, $ligne) = each($nic->array_TCP)) { if ($ligne == null) { continue; } $eths[][$num] = $num; $ethi[$num] = $ligne; } if ($IPTABLES_ETH != null) { echo "Starting......: OpenVPN linked to {$IPTABLES_ETH} ({$ethi[$IPTABLES_ETH]})...\n"; $IPTABLES_ETH_ROUTE = IpCalcRoute($ethi[$IPTABLES_ETH]); } else { echo "Starting......: OpenVPN no local NIC linked...\n"; } $ca = '/etc/artica-postfix/openvpn/keys/allca.crt'; $dh = '/etc/artica-postfix/openvpn/keys/dh1024.pem'; $key = "/etc/artica-postfix/openvpn/keys/vpn-server.key"; $crt = "/etc/artica-postfix/openvpn/keys/vpn-server.crt"; $route = ''; //$IPTABLES_ETH_IP= if (is_file('/etc/artica-postfix/settings/Daemons/OpenVPNRoutes')) { $routes = explode("\n", @file_get_contents("/etc/artica-postfix/settings/Daemons/OpenVPNRoutes")); while (list($num, $ligne) = each($routes)) { if (!preg_match("#(.+?)\\s+(.+)#", $ligne, $re)) { continue; } $routess[] = "--push \"route {$re[1]} {$re[2]}\""; } } $routess[] = GetRoutes(); if (count($routess) == 0) { if ($IPTABLES_ETH_ROUTE != null) { echo "Starting......: OpenVPN IP adding default route \"{$IPTABLES_ETH_ROUTE}\"\n"; $routess[] = "--push \"route {$IPTABLES_ETH_ROUTE}\""; } } else { echo "Starting......: OpenVPN IP adding " . count($routess) . " routes\n"; } if (trim($bind_addr) != null) { $local = " --local {$bind_addr}"; echo "Starting......: OpenVPN IP bind {$bind_addr}\n"; } $IP_START = FIX_IP_START($IP_START, $local); $ini->set("GLOBAL", "IP_START", $IP_START); if (preg_match("#(.+?)\\.([0-9]+)\$#", $IP_START, $re)) { $calc_ip = " {$re[1]}.0"; $calc_ip_end = "{$re[1]}.254"; echo "Starting......: OpenVPN IP pool from {$re[1]}.2 to {$re[1]}.254 mask:{$NETMASK}\n"; $server_ip = "{$re[1]}.1"; } if ($NETMASK == null) { $ip = new IP(); $cdir = $ip->ip2cidr($calc_ip, $calc_ip_end); $arr = $ip->parseCIDR($cdir); $rang = $arr[0]; $netbit = $arr[1]; $ipv = new ipv4($calc_ip, $netbit); $NETMASK = $ipv->netmask(); if ($NETMASK == "255.255.255.255") { $NETMASK = "255.255.255.0"; } echo "Starting......: OpenVPN Netmask is null for the range {$calc_ip}, assume {$NETMASK}\n"; $ini->set("GLOBAL", "NETMASK", $NETMASK); } $OpenVpnPasswordCert = $sock->GET_INFO("OpenVpnPasswordCert"); if ($OpenVpnPasswordCert == null) { $OpenVpnPasswordCert = "MyKey"; } if (is_file("/etc/artica-postfix/openvpn/keys/password")) { $askpass = "******"; } $cmd = " --port {$port} --dev tun --server {$IP_START} {$NETMASK} --comp-lzo {$local} --ca {$ca} --dh {$dh} --key {$key} --cert {$crt}"; $cmd = $cmd . " --ifconfig-pool-persist /etc/artica-postfix/openvpn/ipp.txt " . implode(" ", $routess); $cmd = $cmd . " {$askpass}--client-to-client --persist-tun --verb 5 --daemon --writepid /var/run/openvpn/openvpn-server.pid --log \"/var/log/openvpn/openvpn.log\""; $cmd = $cmd . " --status /var/log/openvpn/openvpn-status.log 10"; @file_put_contents("/etc/openvpn/cmdline.conf", $cmd); $sock->SaveConfigFile($ini->toString(), "ArticaOpenVPNSettings"); echo "Starting......: OpenVPN building settings done.\n"; if ($GLOBALS["VERBOSE"]) { writelogs("{$cmd}", __FUNCTION__, __FILE__, __LINE__); } }