LILiK
/
openwrt-packages-dist
5
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1305 Commits
1 Branch
46 MiB
Tree: d4042ec35e
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'd4042ec35e'
${ noResults }
openwrt-packages-dist/net/luci-app-ocserv/files/usr/lib/lua/luci/model/cbi/ocserv/main.lua

146 lines
4.9 KiB
Raw Normal View History

Added luci app for ocserv. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
10 years ago
 
  1. --[[
  2. LuCI - Lua Configuration Interface
  3. 

  4. Copyright 2014 Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
  5. 

  6. Licensed under the Apache License, Version 2.0 (the "License");
  7. you may not use this file except in compliance with the License.
  8. You may obtain a copy of the License at
  9. 

  10. 	http://www.apache.org/licenses/LICENSE-2.0
  11. 

  12. $Id$
  13. local niulib = require "luci.niulib"
  14. ]]--
  15. 

  16. local fs = require "nixio.fs"
  17. local has_ipv6 = fs.access("/proc/net/ipv6_route")
  18. 

  19. m = Map("ocserv", translate("OpenConnect VPN"))
  20. 

  21. s = m:section(TypedSection, "ocserv", "OpenConnect")
  22. s.anonymous = true
  23. 

  24. s:tab("general",  translate("General Settings"))
  25. s:tab("ca", translate("CA certificate"))
  26. s:tab("template", translate("Edit Template"))
  27. 

  28. local e = s:taboption("general", Flag, "enable", translate("Enable server"))
  29. e.rmempty = false
  30. e.default = "1"
  31. 

  32. function m.on_commit(map)
  33. 	luci.sys.call("/usr/bin/occtl reload  >/dev/null 2>&1")
  34. end
  35. 

  36. function e.write(self, section, value)
  37. 	if value == "0" then
  38. 		luci.sys.call("/etc/init.d/ocserv stop >/dev/null 2>&1")
  39. 		luci.sys.call("/etc/init.d/ocserv disable  >/dev/null 2>&1")
  40. 	else
  41. 		luci.sys.call("/etc/init.d/ocserv enable  >/dev/null 2>&1")
  42. 		luci.sys.call("/etc/init.d/ocserv restart  >/dev/null 2>&1")
  43. 	end
  44. 	Flag.write(self, section, value)
  45. end
  46. 

  47. local o
  48. 

  49. o = s:taboption("general", ListValue, "auth", translate("User Authentication"),
  50. 	translate("The authentication method for the users. The simplest is plain with a single username-password pair. Use PAM modules to authenticate using another server (e.g., LDAP, Radius)."))
  51. o.rmempty = false
  52. o.default = "plain"
  53. o:value("plain")
  54. o:value("PAM")
  55. 

  56. o = s:taboption("general", Value, "zone", translate("Firewall Zone"),
  57. 	translate("The firewall zone that the VPN clients will be set to"))
  58. o.nocreate = true
  59. o.default = "lan"
  60. o.template = "cbi/firewall_zonelist"
  61. 

  62. s:taboption("general", Value, "port", translate("Port"),
  63. 	translate("The same UDP and TCP ports will be used"))
  64. s:taboption("general", Value, "max_clients", translate("Max clients"))
  65. s:taboption("general", Value, "max_same", translate("Max same clients"))
  66. s:taboption("general", Value, "dpd", translate("Dead peer detection time (secs)"))
  67. 

  68. local pip = s:taboption("general", Flag, "predictable_ips", translate("Predictable IPs"),
  69. 	translate("The assigned IPs will be selected deterministically"))
  70. pip.default = "1"
  71. 

  72. local udp = s:taboption("general", Flag, "udp", translate("Enable UDP"),
  73. 	translate("Enable UDP channel support; this must be enabled unless you know what you are doing"))
  74. udp.default = "1"
  75. 

  76. local cisco = s:taboption("general", Flag, "cisco_compat", translate("AnyConnect client compatibility"),
  77. 	translate("Enable support for CISCO AnyConnect clients"))
  78. cisco.default = "1"
  79. 

  80. ipaddr = s:taboption("general", Value, "ipaddr", translate("VPN <abbr title=\"Internet Protocol Version 4\">IPv4</abbr>-Network-Address"))
  81. ipaddr.default = "192.168.100.1"
  82. 

  83. nm = s:taboption("general", Value, "netmask", translate("VPN <abbr title=\"Internet Protocol Version 4\">IPv4</abbr>-Netmask"))
  84. nm.default = "255.255.255.0"
  85. nm:value("255.255.255.0")
  86. nm:value("255.255.0.0")
  87. nm:value("255.0.0.0")
  88. 

  89. if has_ipv6 then
  90. 	ip6addr = s:taboption("general", Value, "ip6addr", translate("VPN <abbr title=\"Internet Protocol Version 6\">IPv6</abbr>-Network-Address"), translate("<abbr title=\"Classless Inter-Domain Routing\">CIDR</abbr>-Notation: address/prefix"))
  91. end
  92. 

  93. 

  94. tmpl = s:taboption("template", Value, "_tmpl",
  95. 	translate("Edit the template that is used for generating the ocserv configuration."))
  96. 

  97. tmpl.template = "cbi/tvalue"
  98. tmpl.rows = 20
  99. 

  100. function tmpl.cfgvalue(self, section)
  101. 	return nixio.fs.readfile("/etc/ocserv/ocserv.conf.template")
  102. end
  103. 

  104. function tmpl.write(self, section, value)
  105. 	value = value:gsub("\r\n?", "\n")
  106. 	nixio.fs.writefile("/etc/ocserv/ocserv.conf.template", value)
  107. end
  108. 

  109. ca = s:taboption("ca", Value, "_ca",
  110. 	translate("View the CA certificate used by this server. You will need to save it as 'ca.pem' and import it into the clients."))
  111. 

  112. ca.template = "cbi/tvalue"
  113. ca.rows = 20
  114. 

  115. function ca.cfgvalue(self, section)
  116. 	return nixio.fs.readfile("/etc/ocserv/ca.pem")
  117. end
  118. 

  119. --[[DNS]]--
  120. 

  121. s = m:section(TypedSection, "dns", translate("DNS servers"),
  122. 	translate("The DNS servers to be provided to clients; can be either IPv6 or IPv4"))
  123. s.anonymous = true
  124. s.addremove = true
  125. s.template = "cbi/tblsection"
  126. 

  127. s:option(Value, "ip", translate("IP Address")).rmempty = true
  128. 

  129. --[[Routes]]--
  130. 

  131. s = m:section(TypedSection, "routes", translate("Routing table"),
  132. 	translate("The routing table to be provided to clients; you can mix IPv4 and IPv6 routes, the server will send only the appropriate. Leave empty to set a default route"))
  133. s.anonymous = true
  134. s.addremove = true
  135. s.template = "cbi/tblsection"
  136. 

  137. s:option(Value, "ip", translate("IP Address")).rmempty = true
  138. 

  139. o = s:option(Value, "netmask", translate("Netmask (or IPv6-prefix)"))
  140. o.default = "255.255.255.0"
  141. o:value("255.255.255.0")
  142. o:value("255.255.0.0")
  143. o:value("255.0.0.0")
  144. 

  145. 

  146. return m