Update of /cvsroot/leaf/src/config/webconf/var/webconf/www
In directory ddv4jf1.ch3.sourceforge.com:/tmp/cvs-serv3537
Added Files:
ipsec_conn.cgi
Log Message:
Initial version
--- NEW FILE: ipsec_conn.cgi ---
#!/usr/bin/haserl --upload-dir=/tmp --upload-limit=10
#
# Copyleft 2009 Erich Titl ([email protected])
#
# This program is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by the
# Free Software Foundation; either version 2 of the License, or (at your
# option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
#
# This program is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
# for more details.
#
<% #
WEBCONF_DIR=/var/webconf
TEMPLATE_DIR=$WEBCONF_DIR/templates
FILTERDIR=$WEBCONF_DIR/lib/filter
IPSEC_CONN_TEMPLATE=$TEMPLATE_DIR/ipsec_conn
IPSEC_BLURB=$WEBCONF_DIR/www/blurb.ipsec_conn
NAME_BLURB=$WEBCONF_DIR/www/blurb.ipsec_name
TIMEOUT_BLURB=$WEBCONF_DIR/www/blurb.ipsec_timeout
DPD_BLURB=$WEBCONF_DIR/www/blurb.ipsec_dpd
RSA_BLURB=$WEBCONF_DIR/www/blurb.ipsec_rsa
PHASE1_BLURB=$WEBCONF_DIR/www/blurb.ipsec_phase1
PHASE2_BLURB=$WEBCONF_DIR/www/blurb.ipsec_phase2
. /var/webconf/lib/validator.sh # Sets colours CL0 to CL4
. /var/webconf/lib/ipsec.func
######################################################################
# this is for the calls to ifup/down and ip
######################################################################
PATH=$PATH:/sbin
export PATH
######################################################################
/var/webconf/lib/preamble.sh
######################################################################
# insert the javascript functions
######################################################################
cat <<-EOF
<script src="ipsec.js" type="text/javascript"></script>
EOF
######################################################################
######################################################################
# insert the ipsec css file
######################################################################
cat <<-EOF
<link rel="stylesheet" type="text/css" href="/ipsec.css">
EOF
######################################################################
TEMP=/tmp/$SCRIPT_NAME$$
TEMP=/tmp/$SCRIPT_NAME$$
cat <<-EOF
<form name="$SCRIPT_NAME_form" action="ipsec.cgi" method=post
enctype="multipart/form-data">
<!-- enctype="multipart/form-data" onSubmit="onSubmitForm()"> -->
<h1>Configure IPSEC channel $FORM_connectionname</h1>
<div class="think">
EOF
FORM_name="$( echo $FORM_name | to_html | sed 's-[^/a-zA-Z\.0-9\-_]--g'
)"
FORM_name_ok="$( ls -1 /var/log | grep "^$FORM_name\$" )"
CONNECTION_FILE=$CONNECTION_DIR/$FORM_connectionname
case "$FORM_cmd" in
Edit)
[ -s $CONNECTION_FILE ] && init_ipsec_values
$CONNECTION_FILE
parse_ike
;;
*)
FORM_connectionname="";
;;
esac
cat <<-EOF
<div id="ipsec" style=margin-left:10px>
<div style=margin-left:670px>
<img src=pix/admin24.png onclick=toggleVisibility("expertOptions")
style="cursor:pointer">
Expert Mode on/off
</div>
<table>
<tr><td width=200px>
<label for="connectionname" class=info>Connection Name</label>
</td><td>
<input class=ipsec_input name="connectionname" size="30"
value="$FORM_connectionname">
</td>
<td colspan= 2valign=top>
<div class=ipsec_conn_txt>
EOF
[ -s $NAME_BLURB ] && cat $NAME_BLURB
cat <<-EOF
</div>
</td>
</tr>
<tr><td>
<label for="left" class=info>Local Interface</label>
</td><td>
<input class=ipsec_input name="left" size="30" value="$CONFIG_left">
</td></tr>
<tr><td>
<label for="leftsubnet" class=info>Local Subnet</label>
</td><td>
<input class=ipsec_input name="leftsubnet" size="30"
value="$CONFIG_leftsubnet">
</td></tr>
<tr><td>
<label for="leftid" class=info>Local Identification</label>
</td><td colspan=3>
<input class=ipsec_input name="leftid" size="100"
value="$CONFIG_leftid">
</td></tr>
<tr><td>
<label for="right" class=info>Remote IP</label>
</td><td>
<input class=ipsec_input name="right" size="30" value="$CONFIG_right">
</td></tr>
<tr><td>
<label for="rightsubnet" class=info>Remote Subnet</label>
</td><td>
<input class=ipsec_input name="rightsubnet" size="30"
value="$CONFIG_rightsubnet">
</td></tr>
<tr><td>
<label for="rightid" class=info>Remote Identification</label>
</td><td colspan=3>
<input class=ipsec_input_wide name="rightid" size="100"
value="$CONFIG_rightid">
</td></tr>
</table>
<!--
########################################################################
# table for the expert fields
########################################################################
-->
<table id=expertOptions style=display:none>
<tr><td colspan=5 ><hr></td></tr>
<tr><td width=200px><label class=info>Phase 1 parameters</label></td>
<td><input type=hidden name=ike value=$CONFIG_ike></input></td>
</tr><tr><td width=200px><label for=ike_cipher class=info>Cipher</label>
</td><td>
<select class=ipsec_input name="ike_cipher" style=width:205>
EOF
for i in "" $CIPHERS
do
upper=`uppercase $CONFIG_ike_cipher`
[ "X$upper" = "X$i" ] && echo ' <option selected>';
[ "X$upper" != "X$i" ] && echo -n ' <option>';
echo "$i</option>"
done
cat <<-EOF
</select>
</td>
<td rowspan=4 colspan=2 valign=top>
<div class=ipsec_conn_txt>
EOF
[ -s $PHASE1_BLURB ] && cat $PHASE1_BLURB
cat <<-EOF
</div>
</td>
</tr><tr>
<td width=200px><label for=ike_hash class=info>Hash</label>
</td><td>
<select class=ipsec_input name="ike_hash"" style=width:205px>
EOF
for i in "" MD5 SHA1
do
upper=`uppercase $CONFIG_ike_hash`
[ "X$upper" = "X$i" ] && echo ' <option selected>';
[ "X$upper" != "X$i" ] && echo -n ' <option>';
echo "$i</option>"
done
cat <<-EOF
</select>
</tr><tr>
<td width=200px><label for=ike_dh class=info>Diffie Hellman
Group</label>
</td><td>
<select class=ipsec_input name="ike_dh"" style=width:205px>
EOF
for i in "" $DHGROUPS
do
[ "X$CONFIG_ike_dh" = "X$i" ] && echo ' <option selected>';
[ "X$CONFIG_ike_dh" != "X$i" ] && echo -n ' <option>';
echo "$i</option>"
done
cat <<-EOF
</select>
</td></tr>
<tr><td>
<label for="ikelifetime" class=info>IKE lifetime</label>
</td><td>
<input class=ipsec_input name="ikelifetime" size="30"
value="$CONFIG_ikelifetime">
</td>
<!--
<td rowspan=3 colspan=2 valign=top>
<div class=ipsec_conn_txt>
The IKE and SA lifetime parameters are expert options
which can usually be left empty
</div>
</td>
-->
</tr>
<tr><td colspan=5 ><hr></td></tr>
<tr><td width=200px><label class=info>Phase 2 parameters</label>
</td><td><input type=hidden name=esp value=$CONFIG_esp></input></td>
<tr><td width=200px><label for=esp_cipher class=info>Cipher</label>
</td><td>
<select class=ipsec_input name="esp_cipher" style=width:205>
EOF
for i in "" $CIPHERS
do
upper=`uppercase $CONFIG_esp_cipher`
[ "X$upper" = "X$i" ] && echo ' <option selected>';
[ "X$upper" != "X$i" ] && echo -n ' <option>';
echo "$i</option>"
done
cat <<-EOF
</select>
</td>
<td rowspan=6 colspan=2 valign=top>
<div class=ipsec_conn_txt>
EOF
[ -s $PHASE2_BLURB ] && cat $PHASE2_BLURB
cat <<-EOF
</div>
</td>
</tr><tr>
<td width=200px><label for=esp_hash class=info>Hash</label>
</td><td>
<select class=ipsec_input name="esp_hash"" style=width:205px>
EOF
for i in "" MD5 SHA1
do
upper=`uppercase $CONFIG_esp_hash`
[ "X$upper" = "X$i" ] && echo ' <option selected>';
[ "X$upper" != "X$i" ] && echo -n ' <option>';
echo "$i</option>"
done
cat <<-EOF
</select></td>
</tr><tr>
<td width=200px><label for=pfs_group class=info>PFS Group</label>
</td><td>
<select class=ipsec_input name="pfs_group"" style=width:205px>
EOF
for i in "" $DHGROUPS
do
upper=`transform_dh $CONFIG_pfsgroup`
[ "X$upper" = "X$i" ] && echo ' <option selected>';
[ "X$upper" != "X$i" ] && echo -n ' <option>';
echo "$i</option>"
done
cat <<-EOF
</select>
</td>
</td><td><input type=hidden name=pfsgroup value=""></input></td>
</tr>
</td></tr>
<tr><td>
<label for="keylife" class=info>SA lifetime</label>
</td><td>
<input class=ipsec_input name="keylife" size="30"
value="$CONFIG_keylife">
</td></tr>
<tr><td>
<label for="keyingtries" class=info>Keying retries</label>
</td><td>
<input class=ipsec_input name="keyingtries" size="30"
value="$CONFIG_keyingtries">
</td></tr>
<tr><td>
<label for="rekeyfuzz" class=info>SA/IKE timeout randomness</label>
</td><td>
<input class=ipsec_input name="rekeyfuzz" size="30"
value="$CONFIG_rekeyfuzz">
</td></tr>
<tr><td>
<label for="rekeymargin" class=info>Rekeying margin</label>
</td><td>
<input class=ipsec_input name="rekeymargin" size="30"
value="$CONFIG_rekeymargin">
</td></tr>
<tr><td colspan=5 ><hr></td></tr>
<tr><td>
<label for="dpdtimeout" class=info>Dead Peer Detection timeout</label>
</td><td>
<input class=ipsec_input name="dpdtimeout" size="30"
value="$CONFIG_dpdtimeout">
</td>
<td rowspan=3 colspan=2 valign=top>
<div class=ipsec_conn_txt>
EOF
[ -s $DPD_BLURB ] && cat $DPD_BLURB
cat <<-EOF
</div>
</td>
</tr>
<tr><td>
<label for="dpddelay" class=info>Dead Peer Detection delay</label>
</td><td>
<input class=ipsec_input name="dpddelay" size="30"
value="$CONFIG_dpddelay">
</td></tr>
<tr><td>
<label for="dpdaction" class=info>DPD action</label>
</td><td>
<select class=ipsec_input name="dpdaction" value="$CONFIG_dpdaction">
EOF
for i in hold clear restart
do
[ "X$CONFIG_dpdaction" = "X$i" ] && echo ' <option selected>';
[ "X$CONFIG_dpdaction" != "X$i" ] && echo -n ' <option>';
echo "$i</option>"
done
cat <<-EOF
</select>
</td></tr>
<!--
########################################################################
# check for perfect forward secrecy
########################################################################
-->
<tr><td>
<label for="pfs" class=info>Use Perfect Forward Secrecy</label>
</td><td width=100px>
<input name="pfs" type=checkbox value=$CONFIG_pfs
EOF
[ "X$CONFIG_pfs" = "Xyes" ] && echo -n ' checked=checked';
echo ">"
cat <<-EOF
</td></tr>
<tr><td>
<label for="compress" class=info>Enable compression</label>
</td><td width=100px>
<input name="compress" type=checkbox value=$CONFIG_compress
EOF
[ "X$CONFIG_compress" = "Xyes" ] && echo -n ' checked=checked';
echo ">"
cat <<-EOF
</td></tr>
<!--<tr><td colspan=5 ><hr></td></tr>-->
</table>
<table>
<tr><td width=200px>
<label for="auto" class=info>Start Mode</label>
</td><td colspan=2>
<input name="auto" type=radio value=add
EOF
[ "X$CONFIG_auto" = "Xadd" ] && echo -n ' checked=checked';
cat <<-EOF
>
<label for="auto" class=info>Listen for connection</label>
<input name="auto" type=radio value=start
EOF
[ "X$CONFIG_auto" = "Xstart" ] && echo -n ' checked=checked';
cat <<-EOF
>
<label for="auto" class=info>Start connection</label>
</td></tr>
<tr><td>
<label for="authby" class=info>Authentication Type</label>
</td><td colspan=2>
<input name="authby" type=radio value=secret
onclick="hideCertificateFields()"
EOF
[ "X$CONFIG_authby" = "Xsecret" ] && echo -n ' checked=checked';
cat <<-EOF
>
<label for="authby" class=info>Preshared Key</label>
<input name="authby" type=radio value=rsasig
onclick="showCertificateFields()"
EOF
[ "X$CONFIG_authby" != "Xsecret" ] && echo -n ' checked=checked';
cat <<-EOF
>
<label for="authby" class=info>X.509 Certificate</label>
</td></tr>
</table>
<!--
########################################################################
# build a new table for the secrets field
########################################################################
-->
<!-- "X$CONFIG_authby" -->
<table id="secrets_fields"
EOF
[ "X$CONFIG_authby" != "Xsecret" ] && echo " style=display:none"
cat <<-EOF
>
<tr><td width=200px>
<label for="secret" class=info>Preshared Key</label>
</td><td>
<input class=ipsec_input id=passwordField name="secret" type=password
size="32" value=`get_psk`>
<button type=button id=showSecret class=button name="showSecret"
onclick=togglePskVisibility("passwordField")>
Show PSK
</button>
</td></tr>
</table>
<!--
########################################################################
# build a new table for the certificate upload fields
########################################################################
-->
<table id=certificate_fields
EOF
[ "X$CONFIG_authby" != "Xsecret" ] && echo -n ' style=display:inline';
cat <<-EOF
>
<tr><td width=200px>
<label for="old_leftcert" class=info>Local certificate</label>
</td><td>
<input class=ipsec_input name="old_leftcert" size="30"
value="$CONFIG_leftcert">
</td></tr>
<!--
########################################################################
# invisible rows for the sigkeys
########################################################################
-->
<tr id=leftrsasigkey><td>
<label for="leftrsasigkey" class=info>Local RSA key</label>
</td><td>
<input class=ipsec_input name="leftrsasigkey" size="30"
value="$CONFIG_leftrsasigkey">
</td>
<td rowspan=3 colspan=2 valign=top>
<div class=ipsec_conn_txt>
EOF
[ -s $RSA_BLURB ] && cat $RSA_BLURB
cat <<-EOF
</div>
</td>
</tr>
<tr id=rightrsasigkey><td>
<label for="rightrsasigkey" class=info>Remote RSA key</label>
</td><td>
<input class=ipsec_input name="rightrsasigkey" size="30"
value="$CONFIG_rightrsasigkey">
</td></tr>
<!--
########################################################################
# specify the certificate file
########################################################################
-->
<tr><td idth=200px>
<label for="leftcert" class=info>Specify the certificate file</label>
</td><td>
<input name="leftcert" type="file" size="30" maxlength="100000"
class=ipsec_input>
</td></tr>
<!--
########################################################################
# specify the key file
########################################################################
-->
<tr><td>
<label for="key" class=info>Specify the key file</label>
</td><td>
<input name="key" type="file" size="30" maxlength="100000"
class=ipsec_input>
</td><td>
<label for="passphrase" class=info
style=margin-left:80px>Passphrase</label>
</td><td>
<input name="passphrase" type="password "size="30" class=ipsec_input>
</td></tr>
<!--
########################################################################
# specify the ca certificate file
########################################################################
-->
<tr><td>
<label for="cacert" class=info>Specify the CA certificate file</label>
</td><td>
<input name="cacert" type="file" size="30" maxlength="100000"
class=ipsec_input>
</td></tr>
<!--
########################################################################
# specify the crl file
########################################################################
-->
<tr><td>
<label for="crl" class=info>Specify the CRL file</label>
</td><td>
<input name="crl" type="file" size="30" maxlength="100000"
class=ipsec_input>
</td></tr>
</table> <!-- certificate fields -->
<div id=apply>
<input class=button type=submit name=cmd value=Save>
<input class=button type=submit name=cmd value=Apply>
<input class=button type=submit name=cmd value=Cancel
onclick=onSubmitForm("ipsec.cgi")>
</div> <!-- apply -->
</div> <!-- ipsec -->
</div> <!-- think -->
</form>
EOF
/var/webconf/lib/footer.sh
%>
------------------------------------------------------------------------------
Crystal Reports - New Free Runtime and 30 Day Trial
Check out the new simplified licensing option that enables unlimited
royalty-free distribution of the report engine for externally facing
server and web deployment.
http://p.sf.net/sfu/businessobjects
_______________________________________________
leaf-cvs-commits mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/leaf-cvs-commits
