Context Navigation

← Previous Changeset
Next Changeset →

Changeset 4434

Timestamp:

04/16/09 16:18:24 (4 years ago)

Author:

markus

Message:

- removed init- and config-files shipped with the openvpn package
- changed the description for the management port option
- changed PKI options from "Value" to "FileUpload?"
- added "pkcs12" option to basic theme
- cleaned the recipes by removing defaults and adding

approved config options we use for some years now.

- ... more to come.

Location:

luci/trunk/applications/luci-openvpn

Files:

: 2 removed
: 5 modified

luasrc/i18n/openvpn.en.lua (modified) (1 diff)
luasrc/model/cbi/openvpn-advanced.lua (modified) (5 diffs)
luasrc/model/cbi/openvpn-basic.lua (modified) (1 diff)
root/etc/config/openvpn (deleted)
root/etc/config/openvpn_recipes (modified) (6 diffs)
root/etc/init.d (deleted)
root/lib/uci/schema/default/openvpn (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed

luci/trunk/applications/luci-openvpn/luasrc/i18n/openvpn.en.lua

r3551	r4434
115	115	openvpn_param_comp_lzo="Use fast LZO compression"
116	116	openvpn_param_comp_noadapt="Don't use adaptive lzo compression"
117		openvpn_param_management="Enable ~~TCP server on ip:port~~"
	117	openvpn_param_management="Enable management interface on <IP> <port>"
118	118	openvpn_param_management_client="Management interface will connect as a TCP client"
119	119	openvpn_param_management_query_passwords="Query management channel for private key"

luci/trunk/applications/luci-openvpn/luasrc/model/cbi/openvpn-advanced.lua

r3551	r4434
24	24	{ "service", {
25	25	-- initialisation and daemon options
26		{ ListValue, "verb", { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11 } },
27		{ Flag, "mlock", 0 },
28		{ Flag, "disable_occ", 0 },
29		-- { Value, "user", "root" },
30		-- { Value, "group", "root" },
31		{ Value, "cd", "/etc/openvpn" },
32		{ Value, "chroot", "/var/run" },
33		-- { Value, "daemon", "Instance-Name" },
34		-- { Value, "syslog", "Instance-Name" },
35		{ Flag, "passtos", 0 },
36		-- { Value, "inetd", "nowait Instance-Name" },
37		{ Value, "log", "/var/log/openvpn.log" },
38		{ Value, "log_append", "/var/log/openvpn.log" },
39		{ Flag, "suppress_timestamps", 0 },
40		-- { Value, "writepid", "/var/run/openvpn.pid" },
41		{ Value, "nice", 0 },
42		{ Flag, "fast_io", 0 },
43		{ Value, "echo", "some params echoed to log" },
44		{ ListValue, "remap_usr1", { "SIGHUP", "SIGTERM" } },
45		{ Value, "status", "/var/run/openvpn.status 5" },
46		{ Value, "status_version", { 1, 2 } }, -- status
47		{ Value, "mute", 5 },
48
49		{ Value, "up", "/usr/bin/ovpn-up" },
50		{ Value, "up_delay", 5 },
51		{ Value, "down", "/usr/bin/ovpn-down" },
52		{ Flag, "down_pre", 0 },
53		{ Flag, "up_restart", 0 },
54		{ Value, "route_up", "/usr/bin/ovpn-routeup" },
55		{ Value, "ipchange", "/usr/bin/ovpn-ipchange", { mode="p2p" } },
56		{ DynamicList, "setenv", { "VAR1 value1", "VAR2 value2" } },
57		{ Value, "tls_verify", "/usr/bin/ovpn-tlsverify" },
58		{ Value, "client_connect", "/usr/bin/ovpn-clientconnect" },
59		{ Flag, "client_disconnect", 0 },
60		{ Value, "learn_address", "/usr/bin/ovpn-learnaddress" },
	26	{ ListValue, "verb", { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11 } },
	27	{ Flag, "mlock", 0 },
	28	{ Flag, "disable_occ", 0 },
	29	-- { Value, "user", "root" },
	30	-- { Value, "group", "root" },
	31	{ Value, "cd", "/etc/openvpn" },
	32	{ Value, "chroot", "/var/run" },
	33	-- { Value, "daemon", "Instance-Name" },
	34	-- { Value, "syslog", "Instance-Name" },
	35	{ Flag, "passtos", 0 },
	36	-- { Value, "inetd", "nowait Instance-Name" },
	37	{ Value, "log", "/var/log/openvpn.log" },
	38	{ Value, "log_append", "/var/log/openvpn.log" },
	39	{ Flag, "suppress_timestamps", 0 },
	40	-- { Value, "writepid", "/var/run/openvpn.pid" },
	41	{ Value, "nice", 0 },
	42	{ Flag, "fast_io", 0 },
	43	{ Value, "echo", "some params echoed to log" },
	44	{ ListValue, "remap_usr1", { "SIGHUP", "SIGTERM" } },
	45	{ Value, "status", "/var/run/openvpn.status 5" },
	46	{ Value, "status_version", { 1, 2 } }, -- status
	47	{ Value, "mute", 5 },
	48
	49	{ Value, "up", "/usr/bin/ovpn-up" },
	50	{ Value, "up_delay", 5 },
	51	{ Value, "down", "/usr/bin/ovpn-down" },
	52	{ Flag, "down_pre", 0 },
	53	{ Flag, "up_restart", 0 },
	54	{ Value, "route_up", "/usr/bin/ovpn-routeup" },
	55	{ Value, "ipchange", "/usr/bin/ovpn-ipchange", { mode="p2p" } },
	56	{ DynamicList, "setenv", { "VAR1 value1", "VAR2 value2" } },
	57	{ Value, "tls_verify", "/usr/bin/ovpn-tlsverify" },
	58	{ Value, "client_connect", "/usr/bin/ovpn-clientconnect" },
	59	{ Flag, "client_disconnect", 0 },
	60	{ Value, "learn_address", "/usr/bin/ovpn-learnaddress" },
61	61	{ Value, "auth_user_pass_verify", "/usr/bin/ovpn-userpass via-env" },
62	62	} },
…	…
64	64	{ "networking", {
65	65	-- socket config
66		{ ListValue, "mode", { "p2p", "server" } },
67		{ Value, "local", "0.0.0.0" },
68		{ Value, "port", 1194 },
69		{ Value, "lport", 1194 },
70		{ Value, "rport", 1194 },
71		{ Flag, "float", 0 },
72		{ Flag, "nobind", 0 },
73
74		{ Value, "dev", "tun0" },
75		{ ListValue, "dev_type", { "tun", "tap" } },
76		{ Value, "dev_node", "/dev/net/tun" },
77		{ Flag, "tun_ipv6", 0 },
78
79		{ Value, "ifconfig", "10.200.200.3 10.200.200.1" },
	66	{ ListValue, "mode", { "p2p", "server" } },
	67	{ Value, "local", "0.0.0.0" },
	68	{ Value, "port", 1194 },
	69	{ Value, "lport", 1194 },
	70	{ Value, "rport", 1194 },
	71	{ Flag, "float", 0 },
	72	{ Flag, "nobind", 0 },
	73
	74	{ Value, "dev", "tun0" },
	75	{ ListValue, "dev_type", { "tun", "tap" } },
	76	{ Value, "dev_node", "/dev/net/tun" },
	77	{ Flag, "tun_ipv6", 0 },
	78
	79	{ Value, "ifconfig", "10.200.200.3 10.200.200.1" },
80	80	{ Flag, "ifconfig_noexec", 0 },
81	81	{ Flag, "ifconfig_nowarn", 0 },
82	82
83		{ DynamicList, "route", "10.123.0.0 255.255.0.0" },
	83	{ DynamicList, "route", "10.123.0.0 255.255.0.0" },
84	84	{ Value, "route_gateway", "10.234.1.1" },
85	85	{ Value, "route_delay", 0 },
86	86	{ Flag, "route_noexec", 0 },
87	87
88		{ ListValue, "mtu_disc", { "yes", "maybe", "no" } },
89		{ Flag, "mtu_test", 0 },
90		{ Flag, "comp_lzo", 0 },
	88	{ ListValue, "mtu_disc", { "yes", "maybe", "no" } },
	89	{ Flag, "mtu_test", 0 },
	90	{ Flag, "comp_lzo", 0 },
91	91	{ Flag, "comp_noadept", 0, { comp_lzo=1 } },
92		{ Value, "link_mtu", 1500 },
93		{ Value, "tun_mtu", 1500 },
	92	{ Value, "link_mtu", 1500 },
	93	{ Value, "tun_mtu", 1500 },
94	94	{ Value, "tun_mtu_extra", 1500 },
95		{ Value, "fragment", 1500, { proto="udp" } },
96		{ Value, "mssfix", 1500, { proto="udp" } },
97		{ Value, "sndbuf", 65536 },
98		{ Value, "rcvbuf", 65536 },
	95	{ Value, "fragment", 1500, { proto="udp" } },
	96	{ Value, "mssfix", 1500, { proto="udp" } },
	97	{ Value, "sndbuf", 65536 },
	98	{ Value, "rcvbuf", 65536 },
99	99	{ Value, "txqueuelen", 100 },
100		{ Value, "shaper", 10240 },
101
102		{ Value, "inactive", 240 },
	100	{ Value, "shaper", 10240 },
	101
	102	{ Value, "inactive", 240 },
103	103	{ Value, "keepalive", "10 60" },
104		{ Value, "ping", 30 },
	104	{ Value, "ping", 30 },
105	105	{ Value, "ping_exit", 120 },
106	106	{ Value, "ping_restart", 60 },
…	…
110	110	{ Flag, "persist_key", 0 },
111	111	{ Flag, "persist_local_ip", 0 },
112		{ Flag, "persist_remote_ip", 0 },
	112	{ Flag, "persist_remote_ip", 0 },
113	113
114	114	-- management channel
115	115	{ Value, "management", "127.0.0.1 31194 /etc/openvpn/mngmt-pwds" },
116		{ Flag, "management_query_passwords", 0 }, -- management
	116	{ Flag, "management_query_passwords", 0 }, -- management
117	117	{ Flag, "management_hold", 0 }, -- management
118		{ Flag, "management_log_cache", 100 }, -- management
	118	{ Flag, "management_log_cache", 100 }, -- management
119	119	} },
120	120
121	121	{ "vpn", {
122		{ Value, "server", "10.200.200.0 255.255.255.0", { server_mode="1" } },
123		{ Value, "server_bridge", "10.200.200.1 255.255.255.0 10.200.200.200 10.200.200.250", { server_mode="1" } },
124		{ DynamicList, "push", { "redirect-gateway", "comp-lzo" }, { server_mode="1" } },
125		{ Flag, "push_reset", 0, { server_mode="1" } },
126		{ Flag, "disable", 0, { server_mode="1" } },
127		{ Value, "ifconfig_pool", "10.200.200.100 10.200.200.150 255.255.255.0", { server_mode="1" } },
	122	{ Value, "server", "10.200.200.0 255.255.255.0", { server_mode="1" } },
	123	{ Value, "server_bridge", "10.200.200.1 255.255.255.0 10.200.200.200 10.200.200.250", { server_mode="1" } },
	124	{ DynamicList, "push", { "redirect-gateway", "comp-lzo" }, { server_mode="1" } },
	125	{ Flag, "push_reset", 0, { server_mode="1" } },
	126	{ Flag, "disable", 0, { server_mode="1" } },
	127	{ Value, "ifconfig_pool", "10.200.200.100 10.200.200.150 255.255.255.0", { server_mode="1" } },
128	128	{ Value, "ifconfig_pool_persist", "/etc/openvpn/ipp.txt 600", { server_mode="1" } },
129		{ Flag, "ifconfig_pool_linear", 0, { server_mode="1" } },
130		{ Value, "ifconfig_push", "10.200.200.1 255.255.255.255", { server_mode="1" } },
131		{ Value, "iroute", "10.200.200.0 255.255.255.0", { server_mode="1" } },
132		{ Flag, "client_to_client", 0, { server_mode="1" } },
133		{ Flag, "duplicate_cn", 0, { server_mode="1" } },
134		{ Value, "client_config_dir", "/etc/openvpn/ccd", { server_mode="1" } },
135		{ Flag, "ccd_exclusive", 0, { server_mode="1" } },
136		{ Value, "tmp_dir", "/var/run/openvpn", { server_mode="1" } },
137		{ Value, "hash_size", "256 256", { server_mode="1" } },
138		{ Value, "bcast_buffers", 256, { server_mode="1" } },
139		{ Value, "tcp_queue_limit", 64, { server_mode="1" } },
140		{ Value, "max_clients", 10, { server_mode="1" } },
	129	{ Flag, "ifconfig_pool_linear", 0, { server_mode="1" } },
	130	{ Value, "ifconfig_push", "10.200.200.1 255.255.255.255", { server_mode="1" } },
	131	{ Value, "iroute", "10.200.200.0 255.255.255.0", { server_mode="1" } },
	132	{ Flag, "client_to_client", 0, { server_mode="1" } },
	133	{ Flag, "duplicate_cn", 0, { server_mode="1" } },
	134	{ Value, "client_config_dir", "/etc/openvpn/ccd", { server_mode="1" } },
	135	{ Flag, "ccd_exclusive", 0, { server_mode="1" } },
	136	{ Value, "tmp_dir", "/var/run/openvpn", { server_mode="1" } },
	137	{ Value, "hash_size", "256 256", { server_mode="1" } },
	138	{ Value, "bcast_buffers", 256, { server_mode="1" } },
	139	{ Value, "tcp_queue_limit", 64, { server_mode="1" } },
	140	{ Value, "max_clients", 10, { server_mode="1" } },
141	141	{ Value, "max_routes_per_client", 256, { server_mode="1" } },
142		{ Value, "connect_freq", "3 10", { server_mode="1" } },
	142	{ Value, "connect_freq", "3 10", { server_mode="1" } },
143	143	{ Flag, "client_cert_not_required", 0, { server_mode="1" } },
144	144	{ Flag, "username_as_common_name", 0, { server_mode="1" } },
145		{ Flag, "client", 0, { server_mode="0" }, { server_mode="" } },
146		{ Flag, "pull", 0, { client="1" } },
147		{ Value, "auth_user_pass", "/etc/openvpn/userpass.txt", { client="1" } },
148		{ ListValue, "auth_retry", { "none", "nointeract", "interact" }, { client="1" } },
149		{ Value, "explicit_exit_notify", 1, { client="1" } },
150		{ DynamicList, "remote", "1.2.3.4", { client="1" } }, -- client
151		{ Flag, "remote_random", 1, { client="1" } }, -- client
152		{ ListValue, "proto", { "udp", "tcp-client", "tcp-server" }, { client="1" } },
153		{ Value, "connect_retry", 5, { proto="tcp-client" }, { client="1" } }, -- client && proto=tcp-client
154		{ Value, "http_proxy_server", "192.168.1.100 8080", { client="1" } }, -- client
155		{ Flag, "http_proxy_retry", 0, { client="1" } }, -- client && http_proxy_server
156		{ Value, "http_proxy_timeout", 5, { client="1" } }, -- client && http_proxy_server
157		{ DynamicList, "http_proxy_option", { "VERSION 1.0", "AGENT OpenVPN/2.0.9" }, { client="1" } }, -- client && http_proxy_server
158		{ Value, "socks_proxy_server", "192.168.1.200 1080", { client="1" } }, -- client
159		{ Value, "socks_proxy_retry", 5, { client="1" } }, -- client && socks_proxy_server
160		{ Value, "resolv_retry", "infinite", { client="1" } }, -- client
161		{ ListValue, "redirect_gateway", { "", "local", "def1", "local def1" }, { client="1" } }, -- client
	145	{ Flag, "client", 0, { server_mode="0" }, { server_mode="" } },
	146	{ Flag, "pull", 0, { client="1" } },
	147	{ Value, "auth_user_pass", "/etc/openvpn/userpass.txt", { client="1" } },
	148	{ ListValue, "auth_retry", { "none", "nointeract", "interact" }, { client="1" } },
	149	{ Value, "explicit_exit_notify", 1, { client="1" } },
	150	{ DynamicList, "remote", "1.2.3.4", { client="1" } }, -- client
	151	{ Flag, "remote_random", 1, { client="1" } }, -- client
	152	{ ListValue, "proto", { "udp", "tcp-client", "tcp-server" }, { client="1" } },
	153	{ Value, "connect_retry", 5, { proto="tcp-client" }, { client="1" } }, -- client && proto=tcp-client
	154	{ Value, "http_proxy_server", "192.168.1.100 8080", { client="1" } }, -- client
	155	{ Flag, "http_proxy_retry", 0, { client="1" } }, -- client && http_proxy_server
	156	{ Value, "http_proxy_timeout", 5, { client="1" } }, -- client && http_proxy_server
	157	{ DynamicList, "http_proxy_option", { "VERSION 1.0", "AGENT OpenVPN/2.0.9" }, { client="1" } }, -- client && http_proxy_server
	158	{ Value, "socks_proxy_server", "192.168.1.200 1080", { client="1" } }, -- client
	159	{ Value, "socks_proxy_retry", 5, { client="1" } }, -- client && socks_proxy_server
	160	{ Value, "resolv_retry", "infinite", { client="1" } }, -- client
	161	{ ListValue, "redirect_gateway", { "", "local", "def1", "local def1" }, { client="1" } }, -- client
162	162	} },
163	163
…	…
175	175	{ Flag, "tls_server", 0, { tls_client="" }, { tls_client="0" } },
176	176	{ Flag, "tls_client", 0, { tls_server="" }, { tls_server="0" } },
177		{ ~~Value,~~ "ca", "/etc/easy-rsa/keys/ca.crt" },
178		{ ~~Value,~~ "dh", "/etc/easy-rsa/keys/dh1024.pem" },
179		{ ~~Value,~~ "cert", "/etc/easy-rsa/keys/some-client.crt" },
180		{ ~~Value,~~ "key", "/etc/easy-rsa/keys/some-client.key" },
181		{ ~~Value,~~ "pkcs12", "/etc/easy-rsa/keys/some-client.pk12" },
	177	{ FileUpload, "ca", "/etc/easy-rsa/keys/ca.crt" },
	178	{ FileUpload, "dh", "/etc/easy-rsa/keys/dh1024.pem" },
	179	{ FileUpload, "cert", "/etc/easy-rsa/keys/some-client.crt" },
	180	{ FileUpload, "key", "/etc/easy-rsa/keys/some-client.key" },
	181	{ FileUpload, "pkcs12", "/etc/easy-rsa/keys/some-client.pk12" },
182	182	{ ListValue, "key_method", { 1, 2 } },
183	183	{ Value, "tls_cipher", "DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:DES-CBC3-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:AES128-SHA:RC4-SHA:RC4-MD5:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:DES-CBC-SHA:EXP-EDH-RSA-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA:EXP-DES-CBC-SHA:EXP-RC2-CBC-MD5:EXP-RC4-MD5" },
…	…
195	195	{ Value, "tls_remote", "remote_x509_name" },
196	196	{ ListValue, "ns_cert_type", { "client", "server" } },
	197	{ ListValue, "remote_cert_tls", { "client", "server" } },
197	198	{ Value, "crl_verify", "/etc/easy-rsa/keys/crl.pem" },
198	199	} }

luci/trunk/applications/luci-openvpn/luasrc/model/cbi/openvpn-basic.lua

r3551	r4434
43	43	{ DynamicList, "remote", "vpnserver.example.org" },
44	44
45		{ Value, "secret", "/etc/openvpn/secret.key 1" },
46		{ Value, "ca", "/etc/easy-rsa/keys/ca.crt" },
47		{ Value, "dh", "/etc/easy-rsa/keys/dh1024.pem" },
48		{ Value, "cert", "/etc/easy-rsa/keys/some-client.crt" },
49		{ Value, "key", "/etc/easy-rsa/keys/some-client.key" },
	45	{ FileUpload, "secret", "/etc/openvpn/secret.key 1" },
	46	{ FileUpload, "pkcs12", "/etc/easy-rsa/keys/some-client.pk12" },
	47	{ FileUpload, "ca", "/etc/easy-rsa/keys/ca.crt" },
	48	{ FileUpload, "dh", "/etc/easy-rsa/keys/dh1024.pem" },
	49	{ FileUpload, "cert", "/etc/easy-rsa/keys/some-client.crt" },
	50	{ FileUpload, "key", "/etc/easy-rsa/keys/some-client.key" },
50	51	}
51	52

luci/trunk/applications/luci-openvpn/root/etc/config/openvpn_recipes

r3549	r4434
3	3	#
4	4	config openvpn_recipe server_tun_ptp
5		option _description "Simple server configuration for a routed point-to-point VPN"
6		option _role "server"
	5	option _description "Simple server configuration for a routed point-to-point VPN"
	6	option _role "server"
7	7	option dev "tun"
8		option port "1194"
9		option ifconfig "10.0.0.1 10.0.0.2"
10		option secret "shared-secret.key"
	8	option ifconfig "10.0.0.1 10.0.0.2"
	9	option secret "shared-secret.key"
	10	option keepalive "10 60"
	11	option comp_lzo "1"
	12	option verb "3"
	13	option mssfix "1420"
	14	option management "127.0.0.1 31194"
11	15
12	16	#
…	…
14	18	#
15	19	config openvpn_recipe client_tun_ptp
16		option _description "Simple client configuration for a routed point-to-point VPN"
17		option _role "client"
	20	option _description "Simple client configuration for a routed point-to-point VPN"
	21	option _role "client"
18	22	option dev "tun"
19		list remote "mypeer.dyndns.org"
20		option port "1194"
21		option ifconfig "10.0.0.2 10.0.0.1"
22		option secret "shared-secret.key"
23		option nobind "1"
24
	23	list remote "vpnserver.example.org"
	24	option ifconfig "10.0.0.2 10.0.0.1"
	25	option secret "shared-secret.key"
	26	option nobind "1"
	27	option comp_lzo "1"
	28	option verb "3"
	29	option management "127.0.0.1 31194"
25	30
26	31	#
…	…
28	33	#
29	34	config openvpn_recipe server_tun
30		option _description "Server configuration for a routed multi-client VPN"
31		option _role "server"
	35	option _description "Server configuration for a routed multi-client VPN"
	36	option _role "server"
32	37	option dev "tun"
33		option port "1194"
34		option server "10.0.100.0 255.255.255.0"
	38	option server "10.0.100.0 255.255.255.0"
35	39	option ca "ca.crt"
36		option cert "server.crt"
	40	option cert "server.crt"
37	41	option key "server.key"
38	42	option dh "dh1024.pem"
39		option client_to_client "1"
40		option keepalive "10 120"
41		option comp_lzo "1"
	43	option keepalive "10 60"
	44	option comp_lzo "1"
	45	option verb "3"
	46	option mssfix "1420"
	47	option management "127.0.0.1 31194"
42	48
43	49	#
…	…
45	51	#
46	52	config openvpn_recipe client_tun
47		option _description "Client configuration for a routed multi-client VPN"
48		option _role "client"
49		option client "1"
50		option dev "tun"
51		list remote "vpnserver.example.org 1194"
52		option ca "ca.crt"
53		option cert "my_client.crt"
54		option key "my_client.key"
55		option dh "dh1024.pem"
56		option ns_cert_type "server"
57		option keepalive "10 120"
58		option comp_lzo "1"
59		option nobind "1"
60
	53	option _description "Client configuration for a routed multi-client VPN"
	54	option _role "client"
	55	option client "1"
	56	option dev "tun"
	57	list remote "vpnserver.example.org"
	58	option pkcs12 "my_client.p12"
	59	option remote_cert_tls "server"
	60	option comp_lzo "1"
	61	option nobind "1"
	62	option persist_key "1"
	63	option persist_tun "1"
	64	option verb "3"
	65	option reneg_sec "0"
	66	option explicit_exit_notify "1"
	67	option float "1"
	68	option management "127.0.0.1 31194"
61	69
62	70	#
…	…
64	72	#
65	73	config openvpn_recipe server_tap_bridge
66		option _description "Server configuration for an ethernet bridge VPN"
67		option _role "server"
	74	option _description "Server configuration for an ethernet bridge VPN"
	75	option _role "server"
68	76	option dev "tap"
69		option port "1194"
70		option server_bridge "192.168.1.1 255.255.255.0 192.168.1.128 192.168.1.254"
	77	option server_bridge "192.168.1.1 255.255.255.0 192.168.1.128 192.168.1.254"
71	78	option ca "ca.crt"
72		option cert "server.crt"
	79	option cert "server.crt"
73	80	option key "server.key"
74	81	option dh "dh1024.pem"
75		option client_to_client "1"
76		option keepalive "10 120"
77		option comp_lzo "1"
	82	option keepalive "10 60"
	83	option comp_lzo "1"
	84	option verb "3"
	85	option mssfix "1420"
	86	option management "127.0.0.1 31194"
78	87
79	88	#
…	…
81	90	#
82	91	config openvpn_recipe client_tap_bridge
83		option _description "Client configuration for an ethernet bridge VPN"
84		option _role "client"
85		option client "1"
	92	option _description "Client configuration for an ethernet bridge VPN"
	93	option _role "client"
	94	option client "1"
86	95	option dev "tap"
87		list remote ~~"vpnserver.example.org 1194~~"
	96	list remote "vpnserver.example.org"
88	97	option ca "ca.crt"
89	98	option cert "my_client.crt"
90	99	option key "my_client.key"
91	100	option dh "dh1024.pem"
92		option ns_cert_type "server"
93		option keepalive "10 120"
94		option comp_lzo "1"
95		option nobind "1"
	101	option remote_cert_tls "server"
	102	option comp_lzo "1"
	103	option nobind "1"
	104	option persist_key "1"
	105	option verb "3"
	106	option reneg_sec "0"
	107	option explicit_exit_notify "1"
	108	option float "1"
	109	option management "127.0.0.1 31194"

luci/trunk/applications/luci-openvpn/root/lib/uci/schema/default/openvpn

r3520	r4434
279	279
280	280	management IP port [pw-file]
281		Enable ~~a TCP server on IP:port~~ to handle daemon management functions
	281	Enable management interface on <IP> <port> to handle daemon management functions
282	282
283	283	management-query-passwords

Download in other formats: