Add VPN routing changes added in latest Shibby's update 130

Jackysi · Jun 16, 2015 · 3e4b078 · 3e4b078
1 parent b77faa9
commit 3e4b078
Show file tree

Hide file tree

Showing 3 changed files with 111 additions and 16 deletions.
diff --git a/admin-bwm.asp b/admin-bwm.asp
@@ -236,6 +236,9 @@ No part of this file may be used without permission.
 					</form>
 				</div>
 
+			</div>
+
+			<div class="col-sm-12">
 				<h4>Restore</h4>
 				<div class="section" id="restore-section">
 					<form id="restore-form" method="post" action="bwm/restore.cgi?_http_id=<% nv(http_id); %>" encType="multipart/form-data">

diff --git a/admin-tomatoanon.asp b/admin-tomatoanon.asp
@@ -39,9 +39,9 @@ No part of this file may be used without permission.
 		<input type="hidden" name="_nextpage" value="/#admin-tomatoanon.asp">
 		<input type="hidden" name="_service" value="tomatoanon-restart">
 
-		<div class="box"><div class="content">
-				<h3>TomatoAnon Project</h3>
-
+		<div class="box">
+			<div class="heading">TomatoAnon Project</div>
+			<div class="content">
 				<p>I would like to present you with a new project I've been working on, called TomatoAnon.
 					The TomatoAnon script will send information to an online database about your router's model and installed version of Tomato.
 					The information submitted is 100% anonymous and will ONLY be used for statistical purposes.

diff --git a/vpn-client.asp b/vpn-client.asp
@@ -14,10 +14,18 @@ No part of this file may be used without permission.
 	<script type="text/javascript">
 		//	<% nvram("vpn_client_eas,vpn_client1_poll,vpn_client1_if,vpn_client1_bridge,vpn_client1_nat,vpn_client1_proto,vpn_client1_addr,vpn_client1_port,vpn_client1_retry,vpn_client1_firewall,vpn_client1_crypt,vpn_client1_comp,vpn_client1_cipher,vpn_client1_local,vpn_client1_remote,vpn_client1_nm,vpn_client1_reneg,vpn_client1_hmac,vpn_client1_adns,vpn_client1_rgw,vpn_client1_gw,vpn_client1_custom,vpn_client1_static,vpn_client1_ca,vpn_client1_crt,vpn_client1_key,vpn_client1_userauth,vpn_client1_username,vpn_client1_password,vpn_client1_useronly,vpn_client1_tlsremote,vpn_client1_cn,vpn_client1_br,vpn_client1_nopull,vpn_client1_route,vpn_client1_routing_val,vpn_client2_poll,vpn_client2_if,vpn_client2_bridge,vpn_client2_nat,vpn_client2_proto,vpn_client2_addr,vpn_client2_port,vpn_client2_retry,vpn_client2_firewall,vpn_client2_crypt,vpn_client2_comp,vpn_client2_cipher,vpn_client2_local,vpn_client2_remote,vpn_client2_nm,vpn_client2_reneg,vpn_client2_hmac,vpn_client2_adns,vpn_client2_rgw,vpn_client2_gw,vpn_client2_custom,vpn_client2_static,vpn_client2_ca,vpn_client2_crt,vpn_client2_key,vpn_client2_userauth,vpn_client2_username,vpn_client2_password,vpn_client2_useronly,vpn_client2_tlsremote,vpn_client2_cn,vpn_client2_br,vpn_client2_nopull,vpn_client2_route,vpn_client2_routing_val,lan_ifname,lan1_ifname,lan2_ifname,lan3_ifname"); %>
 
-		tabs = [['client1', 'VPN Client 1 <i class="icon-tools"></i>'],['client2', 'VPN Client 2 <i class="icon-tools"></i>']];
-		sections = [['basic', 'Basic'],['advanced', 'Advanced'],['keys','Keys'],['status','Status']];
+		function RouteGrid() {return this;}
+		RouteGrid.prototype = new TomatoGrid;
+
+		tabs = [['client1', 'Client 1 <i class="icon-tools"></i>'],['client2', 'Client 2 <i class="icon-tools"></i>']];
+		sections = [['basic', 'Basic'],['advanced', 'Advanced'],['keys','Keys'],['policy','Routing Policy'],['status','Status']];
+		routingTables = [];
 		statusUpdaters = [];
-		for (i = 0; i < tabs.length; ++i) statusUpdaters.push(new StatusUpdater());
+		for (i = 0; i < tabs.length; ++i)
+		{
+			statusUpdaters.push(new StatusUpdater());
+			routingTables.push(new RouteGrid());
+		}
 		ciphers = [['default','Use Default'],['none','None']];
 		for (i = 0; i < vpnciphers.length; ++i) ciphers.push([vpnciphers[i],vpnciphers[i]]);
 
@@ -51,13 +59,7 @@ No part of this file may be used without permission.
 			for (var i = 0; i < tabs.length; ++i)
 			{
 				var on = (name == tabs[i][0]);
-
-				if (on) {
-					$('#' + tabs[i][0] + '-tab').fadeIn();
-				} else {
-					$('#' + tabs[i][0] + '-tab').hide();
-				}
-
+				elem.display(tabs[i][0] + '-tab', on);
 			}
 
 			cookie.set('vpn_client_tab', name);
@@ -90,7 +92,7 @@ No part of this file may be used without permission.
 
 			E('_' + service + '_button').disabled = true;
 			form.submitHidden('service.cgi', {
-				_redirect: '/#vpn-client.asp',
+				_redirect: 'vpn-client.asp',
 				_sleep: '3',
 				_service: service + (isup ? '-stop' : '-start')
 			});
@@ -170,19 +172,23 @@ No part of this file may be used without permission.
 				elem.display(PR('_vpn_'+t+'_hmac'), auth == "tls");
 				elem.display(E(t+'_custom_crypto_text'), auth == "custom");
 				elem.display(PR('_f_vpn_'+t+'_bridge'), iface == "tap");
-				elem.display(PR('_vpn_'+t+'_br'), iface == "tap");
+				elem.display(PR('_vpn_'+t+'_br'), iface == "tap" && bridge > 0);
 				elem.display(E(t+'_bridge_warn_text'), !bridge);
 				elem.display(PR('_f_vpn_'+t+'_nat'), fw != "custom" && (iface == "tun" || !bridge));
 				elem.display(E(t+'_nat_warn_text'), fw != "custom" && (!nat || (auth == "secret" && iface == "tun")));
 				elem.display(PR('_vpn_'+t+'_local'), iface == "tun" && auth == "secret");
-				elem.display(PR('_f_vpn_'+t+'_local'), iface == "tap" && !bridge && auth == "custom");
+				elem.display(PR('_f_vpn_'+t+'_local'), iface == "tap" && !bridge && auth != "custom");
 
 				// Page Advanced
 				elem.display(PR('_vpn_'+t+'_adns'), PR('_vpn_'+t+'_reneg'), auth == "tls");
 				elem.display(E(t+'_gateway'), iface == "tap" && rgw > 0);
 				elem.display(PR('_f_vpn_'+t+'_nopull'), rgw == 0);
 				elem.display(PR('_f_vpn_'+t+'_rgw'),nopull == 0);
 
+				// Page Routing Policy
+				elem.display(PR('_f_vpn_'+t+'_route'), iface == "tun");
+				elem.display(PR('table_'+t+'_routing'), route.checked);
+
 				// Page Key
 				elem.display(PR('_vpn_'+t+'_static'), auth == "secret" || (auth == "tls" && hmac >= 0));
 				elem.display(PR('_vpn_'+t+'_ca'), auth == "tls");
@@ -228,6 +234,54 @@ No part of this file may be used without permission.
 			return ret;
 		}
 
+		RouteGrid.prototype.verifyFields = function(row, quiet)
+		{
+			var ret = 1;
+			var fom = E('_fom');
+			var clientnum = 1;
+			for (i = 0; i < tabs.length; ++i)
+			{
+				if (routingTables[i] == this)
+				{
+					clientnum = i+1;
+					if (eval('vpn'+(i+1)+'up') && fom._service.value.indexOf('client'+(i+1)) < 0)
+					{
+						if ( fom._service.value != "" )
+							fom._service.value += ",";
+						fom._service.value += 'vpnclient'+(i+1)+'-restart';
+					}
+				}
+			}
+			var f = fields.getAll(row);
+
+			// Verify fields in this row of the table
+			if (f[2].value == "" ) { ferror.set(f[2], "Value is mandatory.", quiet); ret = 0; }
+			if (f[2].value.indexOf('>') >= 0 || f[2].value.indexOf('<') >= 0) { ferror.set(f[2], "Value cannot contain '<' or '>' characters.", quiet); ret = 0; }
+			if (f[2].value.indexOf(' ') >= 0 || f[2].value.indexOf(',') >= 0) { ferror.set(f[2], "Value cannot contain 'space' or ',' characters. Only one IP or Domain per entry.", quiet); ret = 0; }
+			if (f[2].value.indexOf(' ') >= 0) { ferror.set(f[2], "Value cannot contain '-' character. IP range is not supported.", quiet); ret = 0; }
+			return ret;
+		}
+		RouteGrid.prototype.fieldValuesToData = function(row)
+		{
+			var f = fields.getAll(row);
+			return [f[0].checked?1:0, f[1].value, f[2].value];
+		}
+		RouteGrid.prototype.dataToView = function(data){
+			var temp = ['<div class="checkbox c-checkbox"><label><input type=\'checkbox\' style="opacity:1" disabled'+(data[0]!=0?' checked':'')+'> <span></span></label></div>',
+				['From Source IP', 'To Destination IP', 'To Domain'][data[1] - 1],
+				data[2]
+			];
+			var v = [];
+			for (var i = 0; i < temp.length; ++i){
+				v.push(i==0?temp[i]:escapeHTML('' + temp[i]));
+			}
+			return v;
+		}
+		RouteGrid.prototype.dataToFieldValues = function(data)
+		{
+			return [data[0] == 1, data[1], data[2]];
+		}
+
 		function save()
 		{
 			if (!verifyFields(null, false)) return;
@@ -238,11 +292,18 @@ No part of this file may be used without permission.
 
 			for (i = 0; i < tabs.length; ++i)
 			{
+
+				if (routingTables[i].isEditing()) return;
 				t = tabs[i][0];
 
 				if ( E('_f_vpn_'+t+'_eas').checked )
 					E('vpn_client_eas').value += ''+(i+1)+',';
 
+				var routedata = routingTables[i].getAllData();
+				var routing = '';
+				for (j = 0; j < routedata.length; ++j)
+					routing += routedata[j].join('<') + '>';
+
 				E('vpn_'+t+'_bridge').value = E('_f_vpn_'+t+'_bridge').checked ? 1 : 0;
 				E('vpn_'+t+'_nat').value = E('_f_vpn_'+t+'_nat').checked ? 1 : 0;
 				E('vpn_'+t+'_rgw').value = E('_f_vpn_'+t+'_rgw').checked ? 1 : 0;
@@ -269,6 +330,25 @@ No part of this file may be used without permission.
 
 				t = tabs[i][0];
 
+				routingTables[i].init('table_' + t + '_routing','sort', 0,[
+					{ type: 'checkbox' },
+					{ type: 'select', options: [[1, 'From Source IP'],[2, 'To Destination IP'],[3,'To Domain']] },
+					{ type: 'text' }]);
+				routingTables[i].headerSet(['Enable', 'Type', 'Value']);
+				var routingVal = eval('nvram.vpn_' + t + '_routing_val');
+				if(routingVal.length) {
+					var s = routingVal.split('>');
+					for (var j = 0; j < s.length; ++j)
+					{
+						if (!s[j].length) continue;
+						var row = s[j].split('<');
+						if (row.length == 3)
+							routingTables[i].insertData(-1, row);
+					}
+				}
+				routingTables[i].showNewEditor();
+				routingTables[i].resetNewEditor();
+
 				statusUpdaters[i].init(null,null,t+'-status-stats-table',t+'-status-time',t+'-status-content',t+'-no-status',t+'-status-errors');
 				updateStatus(i);
 			}
@@ -298,6 +378,8 @@ No part of this file may be used without permission.
 				htmlOut += '<input type=\'hidden\' id=\'vpn_'+t+'_useronly\' name=\'vpn_'+t+'_useronly\'>';
 				htmlOut += '<input type=\'hidden\' id=\'vpn_'+t+'_tlsremote\' name=\'vpn_'+t+'_tlsremote\'>';
 				htmlOut += '<input type=\'hidden\' id=\'vpn_'+t+'_nopull\' name=\'vpn_'+t+'_nopull\'>';
+				htmlOut += '<input type=\'hidden\' id=\'vpn_'+t+'_route\' name=\'vpn_'+t+'_route\'>';
+				htmlOut += '<input type=\'hidden\' id=\'vpn_'+t+'_routing_val\' name=\'vpn_'+t+'_routing_val\'>';
 
 				htmlOut += ('<br /><ul class="nav nav-tabs">');
 				for (j = 0; j < sections.length; j++)
@@ -369,6 +451,16 @@ No part of this file may be used without permission.
 				]);
 				htmlOut += ('</div>');
 
+				htmlOut += '<div id=\''+t+'-policy\'>';
+				htmlOut += createFormFields([
+					{ title: 'Redirect through VPN', name: 'f_vpn_'+t+'_route', type: 'checkbox', value: eval( 'nvram.vpn_'+t+'_route' ) != 0 },
+					{ title: '', suffix: '</span><table class=\'tomato-grid line-table\' id=\'table_'+t+'_routing\'></table><span>' }
+				]);
+				htmlOut += '<div><ul><li><b>Type -> From Source IP</b> - Ex: "1.2.3.4" or "1.2.3.0/24".'
+				htmlOut += '<li><b>Type -> To Destination IP</b> - Ex: "1.2.3.4" or "1.2.3.0/24".';
+				htmlOut += '<li><b>Type -> To Domain</b> - Ex: "domain.com". Please enter one domain per line';
+				htmlOut += '</ul></div></div>';
+
 				htmlOut += ('<div id=\''+t+'-keys\' class="langrid">');
 				htmlOut += ('<p class=\'keyhelp\'>For help generating keys, refer to the OpenVPN <a id=\''+t+'-keyhelp\'>HOWTO</a>.</p>');
 				htmlOut += createFormFields([