@@ -75,6 +75,7 @@ my $name;
my $col="";
my $local_serverconf = "${General::swroot}/ovpn/scripts/server.conf.local";
my $local_clientconf = "${General::swroot}/ovpn/scripts/client.conf.local";
+my @advcipherchar=();
&General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
$cgiparams{'ENABLED'} = 'off';
@@ -98,6 +99,7 @@ $cgiparams{'number'} = '';
$cgiparams{'DCIPHER'} = '';
$cgiparams{'DAUTH'} = '';
$cgiparams{'TLSAUTH'} = '';
+$cgiparams{'DATACIPHERS'} = '';
$routes_push_file = "${General::swroot}/ovpn/routes_push";
# Perform crypto and configration test
&pkiconfigcheck;
@@ -325,8 +327,16 @@ sub writeserverconf {
}
print CONF "status-version 1\n";
print CONF "status /var/run/ovpnserver.log 30\n";
- print CONF "ncp-disable\n";
print CONF "cipher $sovpnsettings{DCIPHER}\n";
+
+ # Data channel encryption
+ # Set seperator for data ciphers
+ @advcipherchar = ($sovpnsettings{'DATACIPHERS'} =~ s/\|/:/g);
+ # Add also algorithm from --cipher directive
+ if ($sovpnsettings{'DATACIPHERS'} ne '') {
+ print CONF "data-ciphers $sovpnsettings{'DATACIPHERS'}\n";
+ }
+
print CONF "auth $sovpnsettings{'DAUTH'}\n";
# Set TLSv2 as minimum
print CONF "tls-version-min 1.2\n";
@@ -911,6 +921,27 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'save-adv-options'}) {
&writeserverconf();#hier ok
}
+###
+### Save Advanced encryption
+###
+
+if ($cgiparams{'ACTION'} eq $Lang::tr{'save-enc-options'}) {
+ &General::readhash("${General::swroot}/ovpn/settings", \%vpnsettings);
+
+ $vpnsettings{'DATACIPHERS'} = $cgiparams{'DATACIPHERS'};
+
+ # --data-ciphers needs at least one cipher
+ if ($cgiparams{'DATACIPHERS'} eq '') {
+ $errormessage = $Lang::tr{'ovpn errmsg invalid data cipher input'};
+ goto ADV_ENC_ERROR;
+ }
+
+ &General::writehash("${General::swroot}/ovpn/settings", \%vpnsettings);
+ &writeserverconf();
+}
+
+### End Save advanced encryption
+
###
# m.a.d net2net
###
@@ -2344,7 +2375,16 @@ else
$zip->addFile( "${General::swroot}/ovpn/ca/cacert.pem", "cacert.pem") or die "Can't add file cacert.pem\n";
$zip->addFile( "${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem", "$confighash{$cgiparams{'KEY'}}[1]cert.pem") or die "Can't add file $confighash{$cgiparams{'KEY'}}[1]cert.pem\n";
}
- print CLIENTCONF "cipher $vpnsettings{DCIPHER}\r\n";
+
+ # Set --data-ciphers for client >=2.5.0 or --cipher for <2.5.0 in client.ovpn
+ if ($confighash{$cgiparams{'KEY'}}[45] eq 'on') {
+ # Set seperator for --data-ciphers algorithms
+ @advcipherchar = ($vpnsettings{'DATACIPHERS'} =~ s/\|/:/g);
+ print CLIENTCONF "data-ciphers $vpnsettings{'DATACIPHERS'}\r\n";
+ } else {
+ print CLIENTCONF "cipher $vpnsettings{'DCIPHER'}\r\n";
+ }
+
print CLIENTCONF "auth $vpnsettings{'DAUTH'}\r\n";
if ($vpnsettings{'TLSAUTH'} eq 'on') {
@@ -2859,7 +2899,132 @@ END
&Header::closebigbox();
&Header::closepage();
exit(0);
-
+
+###
+### Advanced encryption settings
+###
+} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'ovpn advanced encryption'}) {
+ %cgiparams = ();
+ %confighash = ();
+ my @temp=();
+ my $disabled;
+ &General::readhash("${General::swroot}/ovpn/settings", \%cgiparams);
+
+ my $key = $cgiparams{'KEY'};
+ if (! $key) {
+ $key = &General::findhasharraykey (\%confighash);
+ foreach my $i (39.. 45) { $confighash{$key}[$i] = ""; }
+ }
+ $confighash{$key}[42] = $cgiparams{'DATACIPHERS'};
+
+ADV_ENC_ERROR:
+
+ # Set default data channel ciphers
+ if ($cgiparams{'DATACIPHERS'} eq '') {
+ $cgiparams{'DATACIPHERS'} = 'ChaCha20-Poly1305|AES-256-GCM'; #[42];
+ }
+ $checked{'DATACIPHERS'}{'ChaCha20-Poly1305'} = '';
+ $checked{'DATACIPHERS'}{'AES-256-GCM'} = '';
+ $checked{'DATACIPHERS'}{'AES-192-GCM'} = '';
+ $checked{'DATACIPHERS'}{'AES-128-GCM'} = '';
+ @temp = split('\|', $cgiparams{'DATACIPHERS'});
+ foreach my $key (@temp) {$checked{'DATACIPHERS'}{$key} = "selected='selected'"; }
+
+ # Save settings and display default if not configured
+ if ($cgiparams{'ACTION'} eq $Lang::tr{'save-enc-options'}) {
+ $confighash{$cgiparams{'KEY'}}[42] = $cgiparams{'DATACIPHERS'};
+ } else {
+ $cgiparams{'DATACIPHERS'} = $vpnsettings{'DATACIPHERS'};
+ }
+
+ADV_ENC_ERROR:
+
+ &Header::showhttpheaders();
+ &Header::openpage($Lang::tr{'ovpn'}, 1, '');
+ &Header::openbigbox('100%', 'left', '', $errormessage);
+ if ($errormessage) {
+ &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
+ print "<class name='base'>$errormessage";
+ print " </class>";
+ &Header::closebox();
+ }
+
+ if ($warnmessage) {
+ &Header::openbox('100%', 'left', "$Lang::tr{'warning messages'}:");
+ print "<class name='base'>$warnmessage";
+ print " </class>";
+ &Header::closebox();
+ }
+
+ print "<form method='post' enctype='multipart/form-data' action='$ENV{'SCRIPT_NAME'}'>";
+ &Header::openbox('100%', 'left', "$Lang::tr{'ovpn advanced encryption'}:");
+ print<<END
+
+ <form method='post' enctype='multipart/form-data' action='$ENV{'SCRIPT_NAME'}'>
+ <input type='hidden' name='KEY' value='$cgiparams{'KEY'}' />
+
+ <table width='100%'>
+ <thead>
+ <tr>
+ <th width="15%"></th>
+ <th>$Lang::tr{'ovpn data channel'}</th>
+ </tr>
+ </thead>
+ <tbody>
+ <tr>
+ <td class='boldbase' width="27%">$Lang::tr{'ovpn data encryption'}</td>
+ <td class='boldbase'>
+ <select name='DATACIPHERS' multiple='multiple' size='6' style='width: 100%'>
+ <option value='ChaCha20-Poly1305' $checked{'DATACIPHERS'}{'ChaCha20-Poly1305'}>256 bit ChaCha20-Poly1305</option>
+ <option value='AES-256-GCM' $checked{'DATACIPHERS'}{'AES-256-GCM'}>256 $Lang::tr{'bit'} AES-GCM</option>
+ <option value='AES-192-GCM' $checked{'DATACIPHERS'}{'AES-192-GCM'}>192 $Lang::tr{'bit'} AES-GCM</option>
+ <option value='AES-128-GCM' $checked{'DATACIPHERS'}{'AES-128-GCM'}>128 $Lang::tr{'bit'} AES-GCM</option>
+ </select>
+ </td>
+ </tr>
+ </tbody>
+ </table>
+ <hr>
+END
+;
+
+ if ( -e "/var/run/openvpn.pid") {
+ print" <br><b><font color='#990000'>$Lang::tr{'attention'}:</b></font><br>$Lang::tr{'server restart'}<br><br><hr>";
+ print<<END;
+ <table width='100%'>
+ <tr>
+ <td> </td>
+ <td allign='center'><input type='submit' name='ACTION' value='$Lang::tr{'save-enc-options'}' disabled='disabled' /></td>
+ <td allign='center'><input type='submit' name='ACTION' value='$Lang::tr{'cancel-adv-options'}' /></td>
+ <td> </td>
+ </tr>
+ </table>
+ </form>
+END
+;
+
+ } else {
+ print<<END;
+ <table width='100%'>
+ <tr>
+ <td> </td>
+ <td allign='center'><input type='submit' name='ACTION' value='$Lang::tr{'save-enc-options'}' /></td>
+ <td allign='center'><input type='submit' name='ACTION' value='$Lang::tr{'cancel-adv-options'}' /></td>
+ <td> </td>
+ </tr>
+ </table>
+ </form>
+END
+;
+
+ }
+
+ &Header::closebox();
+ &Header::closebigbox();
+ &Header::closepage();
+ exit(0);
+
+### END advanced encryption
# A.Marx CCD Add,delete or edit CCD net
@@ -3595,6 +3760,8 @@ if ($confighash{$cgiparams{'KEY'}}) {
$cgiparams{'DAUTH'} = $confighash{$cgiparams{'KEY'}}[39];
$cgiparams{'DCIPHER'} = $confighash{$cgiparams{'KEY'}}[40];
$cgiparams{'TLSAUTH'} = $confighash{$cgiparams{'KEY'}}[41];
+ # Index from [39] to [44] has been reserved by advanced encryption
+ $cgiparams{'CLIENTVERSION'} = $confighash{$cgiparams{'KEY'}}[45];
} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'save'}) {
$cgiparams{'REMARK'} = &Header::cleanhtml($cgiparams{'REMARK'});
@@ -4338,6 +4505,8 @@ if ($cgiparams{'TYPE'} eq 'net') {
if (($cgiparams{'TYPE'} eq 'host') && ($cgiparams{'CERT_PASS1'} eq "")) {
$confighash{$key}[41] = "no-pass";
}
+ # Index from [39] to [44] has been reserved by advanced encryption
+ $confighash{$key}[45] = $cgiparams{'CLIENTVERSION'};
&General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
@@ -4749,6 +4918,7 @@ if ($cgiparams{'TYPE'} eq 'host') {
print"</td></tr></table><br><br>";
my $name=$cgiparams{'CHECK1'};
$checked{'RG'}{$cgiparams{'RG'}} = 'CHECKED';
+ $checked{'CLIENTVERSION'}{$cgiparams{'CLIENTVERSION'}} = 'CHECKED';
if (! -z "${General::swroot}/ovpn/ccd.conf"){
print"<table border='0' width='100%' cellspacing='1' cellpadding='0'><tr><td width='1%'></td><td width='30%' class='boldbase' align='center'><b>$Lang::tr{'ccd name'}</td><td width='15%' class='boldbase' align='center'><b>$Lang::tr{'network'}</td><td class='boldbase' align='center' width='18%'><b>$Lang::tr{'ccd clientip'}</td></tr>";
@@ -4884,7 +5054,12 @@ if ($cgiparams{'TYPE'} eq 'host') {
print <<END;
<table border='0' width='100%'>
- <tr><td width='20%'>Redirect Gateway:</td><td colspan='3'><input type='checkbox' name='RG' $checked{'RG'}{'on'} /></td></tr>
+ <tr><td width='30%'>Redirect Gateway:</td><td colspan='3'><input type='checkbox' name='RG' $checked{'RG'}{'on'} /></td></tr>
+ <tr>
+ <td width='30%'>$Lang::tr{'ovpn client version 25 cipher negotiation'}:</td>
+ <td colspan='3'><input type='checkbox' name='CLIENTVERSION' $checked{'CLIENTVERSION'}{'on'} />
+ <font color='red'> $Lang::tr{'ovpn client version 25 warning'}</font></td>
+ </tr>
<tr><td colspan='4'><b><br>$Lang::tr{'ccd routes'}</b></td></tr>
<tr><td colspan='4'> </td></tr>
<tr><td valign='top'>$Lang::tr{'ccd iroute'}</td><td align='left' width='30%'><textarea name='IR' cols='26' rows='6' wrap='off'>
@@ -5138,6 +5313,13 @@ END
$checked{'DCOMPLZO'}{'on'} = '';
$checked{'DCOMPLZO'}{$cgiparams{'DCOMPLZO'}} = 'CHECKED';
+ if ($cgiparams{'CLIENTVERSION'} = '' ) {
+ $cgiparams{'CLIENTVERSION'} = 'off';
+ }
+ $checked{'CLIENTVERSION'}{'off'} = '';
+ $checked{'CLIENTVERSION'}{'on'} = '';
+ $checked{'CLIENTVERSION'}{$cgiparams{'CLIENTVERSION'}} = 'CHECKED';
+
# m.a.d
$checked{'MSSFIX'}{'off'} = '';
$checked{'MSSFIX'}{'on'} = '';
@@ -5281,11 +5463,13 @@ END
print "<tr><td align='right' colspan='4'><input type='submit' name='ACTION' value='$Lang::tr{'save'}' disabled='disabled' />";
print "<input type='submit' name='ACTION' value='$Lang::tr{'ccd net'}' />";
print "<input type='submit' name='ACTION' value='$Lang::tr{'advanced server'}' />";
+ print "<input type='submit' name='ACTION' value='$Lang::tr{'ovpn advanced encryption'}' />";
print "<input type='submit' name='ACTION' value='$Lang::tr{'stop ovpn server'}' /></td></tr>";
} else{
print "<tr><td align='right' colspan='4'><input type='submit' name='ACTION' value='$Lang::tr{'save'}' />";
print "<input type='submit' name='ACTION' value='$Lang::tr{'ccd net'}' />";
print "<input type='submit' name='ACTION' value='$Lang::tr{'advanced server'}' />";
+ print "<input type='submit' name='ACTION' value='$Lang::tr{'ovpn advanced encryption'}' />";
if (( -e "${General::swroot}/ovpn/ca/cacert.pem" &&
-e "${General::swroot}/ovpn/ca/dh1024.pem" &&
-e "${General::swroot}/ovpn/certs/servercert.pem" &&
@@ -1901,10 +1901,15 @@
'override mtu' => 'Überschreibe Standard-MTU',
'ovpn' => 'OpenVPN',
'ovpn add conf' => 'Erweiterte Konfiguration',
+'ovpn advanced encryption' => 'Erweiterte Kryptografie Einstellung',
+'ovpn client version 25 cipher negotiation' => 'Verschlüsselung aushandeln',
+'ovpn client version 25 warning' => 'Erst ab Client Version 2.5.0 verfügbar',
'ovpn con stat' => 'OpenVPN Verbindungs-Statistik',
'ovpn config' => 'OVPN-Konfiguration',
'ovpn connection name' => 'Verbindungs-Name',
'ovpn crypt options' => 'Kryptografieoptionen',
+'ovpn data encryption' => 'Daten-Kanal Verschlüsselung',
+'ovpn data channel' => 'Daten-Kanal',
'ovpn device' => 'OpenVPN-Gerät',
'ovpn dh' => 'Diffie-Hellman-Parameter-Länge',
'ovpn dh new key' => 'Neuen Diffie-Hellman Parameter erstellen',
@@ -1913,6 +1918,7 @@
'ovpn dl' => 'OVPN-Konfiguration downloaden',
'ovpn engines' => 'Krypto Engine',
'ovpn errmsg green already pushed' => 'Route für grünes Netzwerk wird immer gesetzt',
+'ovpn errmsg invalid data cipher input' => 'Der Daten-Kanal benötigt mindestens einen Algorithmus',
'ovpn errmsg invalid ip or mask' => 'Ungültige Netzwerk-Adresse oder Subnetzmaske',
'ovpn error dh' => 'Der Diffie-Hellman Parameter muss mindestens 2048 bit lang sein! <br>Bitte einen neuen Diffie-Hellman Parameter erzeugen oder hochladen, dies kann unten über den Bereich "Diffie-Hellman-Parameter Optionen" gemacht werden.</br>',
'ovpn error md5' => 'Das Host Zertifikat nutzt einen MD5 Algorithmus welcher nicht mehr akzeptiert wird. <br>Bitte IPFire auf die neueste Version updaten und generieren sie ein neues Root und Host Zertifikate.</br><br>Es müssen dann alle OpenVPN clients erneuert werden!</br>',
@@ -2163,6 +2169,7 @@
'save error' => 'Konfigurationsarchiv-Datei konnte nicht gespeichert werden',
'save settings' => 'Einstellungen speichern',
'save-adv-options' => 'Erweiterte Optionen speichern',
+'save-enc-options' => 'Kryptografie Optionen speichern',
'script name' => 'Skriptname:',
'search' => 'Suchen',
'secondary dns' => 'Sekundärer DNS-Server:',
@@ -1933,10 +1933,15 @@
'override mtu' => 'Override default MTU',
'ovpn' => 'OpenVPN',
'ovpn add conf' => 'Additional configuration',
+'ovpn advanced encryption' => 'Advanced encryption settings',
+'ovpn client version 25 cipher negotiation' => 'Negotiate encryption',
+'ovpn client version 25 warning' => 'Available with client version 2.5.0 and higher',
'ovpn con stat' => 'OpenVPN Connection Statistics',
'ovpn config' => 'OVPN-Config',
'ovpn connection name' => 'Connection Name',
'ovpn crypt options' => 'Cryptographic options',
+'ovpn data encryption' => 'Data-Channel encryption',
+'ovpn data channel' => 'Data-Channel',
'ovpn device' => 'OpenVPN device:',
'ovpn dh' => 'Diffie-Hellman parameters length',
'ovpn dh new key' => 'Generate new Diffie-Hellman parameters',
@@ -1945,6 +1950,7 @@
'ovpn dl' => 'OVPN-Config Download',
'ovpn engines' => 'Crypto engine',
'ovpn errmsg green already pushed' => 'Route for green network is always set',
+'ovpn errmsg invalid data cipher input' => 'The data cipher needs at least one cipher',
'ovpn errmsg invalid ip or mask' => 'Invalid network-address or subnetmask',
'ovpn error dh' => 'The Diffie-Hellman parameter needs to be in minimum 2048 bit! <br>Please generate or upload a new Diffie-Hellman parameter, this can be made below in the section "Diffie-Hellman parameters options".</br>',
'ovpn error md5' => 'You host certificate uses MD5 for the signature which is not accepted anymore. <br>Please update to the latest IPFire version and generate a new root and host certificate.</br><br>All OpenVPN clients needs then to be renewed!</br>',
@@ -2196,6 +2202,7 @@
'save error' => 'Unable to save configuration archive file',
'save settings' => 'Save settings',
'save-adv-options' => 'Save advanced options',
+'save-enc-options' => 'Save encryption options',
'script name' => 'Script name:',
'search' => 'Search',
'secondary dns' => 'Secondary DNS:',
@@ -36,6 +36,9 @@
'Number of IPs for the pie chart' => 'Número de IPS para la gráfica circular',
'Number of Ports for the pie chart' => 'Número de puerto para la gráfica circular',
'OVPN' => 'OpenVPN',
+'ovpn advanced encryption' => 'Configuración avanzada de encriptación',
+'ovpn client version 25 cipher negotiation' => 'Negociar encriptación',
+'ovpn client version 25 warning' => 'Disponible con la versión de Cliente 2.5.0 y superior',
'OpenVPN' => 'OpenVPN',
'Pages' => 'Páginas',
'Ping' => 'Ping:',
@@ -1328,7 +1331,10 @@
'ovpn' => 'OpenVPN',
'ovpn con stat' => 'Estadisticas de conexión OpenVPN',
'ovpn config' => 'Configruación de OVPN',
+'ovpn data encryption' => 'Encriptación Data-Channel',
+'ovpn data channel' => 'Canal-Datos',
'ovpn device' => 'Dispositivo OpenVPN',
+'ovpn errmsg invalid data cipher input' => 'El cifrado de datos necesita al menos de un cifrado',
'ovpn dl' => 'Configuración de descargas OVPN',
'ovpn log' => 'Registro de log de OVPN',
'ovpn on blue' => 'OpenVPN en BLUE',
@@ -1531,6 +1537,7 @@
'save error' => 'Imposible grabar archivo de configuración',
'save settings' => 'Guardar configuraciones',
'save-adv-options' => 'Guardar configuraciones avanzadas',
+'save-enc-options' => 'Guardar opciones de encriptado',
'script name' => 'Nombre de Script:',
'secondary dns' => 'DNS Secundario:',
'secondary ntp server' => 'Servidor NTP Secundario',
@@ -1934,10 +1934,15 @@
'override mtu' => 'Remplacer le MTU par défaut',
'ovpn' => 'OpenVPN',
'ovpn add conf' => 'Configuration additionnelle',
+'ovpn advanced encryption' => 'Paramètres de cryptage avancés',
+'ovpn client version 25 cipher negotiation' => 'Négocier le cryptage',
+'ovpn client version 25 warning' => 'Disponible avec le client version 2.5.0 et supérieur',
'ovpn con stat' => 'Statistiques de connexions OpenVPN',
'ovpn config' => 'Config OVPN',
'ovpn connection name' => 'Nom de la connexion ',
'ovpn crypt options' => 'Options cryptographiques',
+'ovpn data encryption' => 'Chiffrage du canal de données',
+'ovpn data channel' => 'Canal de données',
'ovpn device' => 'Périphérique OpenVPN :',
'ovpn dh' => 'Longueur de paramètres Diffie-Hellman ',
'ovpn dh new key' => 'Générer de nouveaux paramètres Diffie-Hellman ',
@@ -1946,6 +1951,7 @@
'ovpn dl' => 'Télécharger Config OVPN',
'ovpn engines' => 'Moteur Crypto',
'ovpn errmsg green already pushed' => 'La route pour le réseau VERT est toujours activée',
+'ovpn errmsg invalid data cipher input' => 'Le chiffrage de données nécessite au moins un cryptogramme',
'ovpn errmsg invalid ip or mask' => 'Adresse ou masque de sous-réseau invalide',
'ovpn error dh' => 'Le paramètre Diffie-Hellman doit être au minimum à 2048 bits ! <br>Veuillez générer ou télécharger un nouveau paramètre Diffie-Hellman, cela peut être fait ci-dessous dans la section "Options de paramètres Diffie-Hellman".</br>',
'ovpn error md5' => 'Votre certificat hôte utilise MD5 pour la signature qui n\'est plus acceptée. <br>Veuillez mettre à jour la dernière version d\'IPFire et générez un nouveau certificat racine et hôte..</br><br>Tous les clients OpenVPN doivent ensuite être renouvelés!</br>',
@@ -2200,6 +2206,7 @@
'save error' => 'Impossible de sauvegarder le fichier archive de configuration',
'save settings' => 'Sauvegarder les paramètres',
'save-adv-options' => 'Sauvegarder les options avancées',
+'save-enc-options' => 'Enregistrer les options de chiffrage',
'script name' => 'Nom du script :',
'search' => 'Recherche',
'secondary dns' => 'DNS secondaire :',
@@ -43,6 +43,11 @@
'Number of IPs for the pie chart' => 'Numero di IP per il grafico a torta',
'Number of Ports for the pie chart' => 'Numero di porte per il grafico a torta',
'OVPN' => 'OpenVPN',
+'ovpn data encryption' => 'Crittografia del canale dati',
+'ovpn data channel' => 'Canale-Dati',
+'ovpn advanced encryption' => 'Impostazioni avanzate di crittografia',
+'ovpn client version 25 cipher negotiation' => 'Negozazione cirttografia',
+'ovpn client version 25 warning' => 'Disponibile con client 2.5.0 o più recente',
'OpenVPN' => 'OpenVPN',
'Pages' => 'Pagine',
'Ping' => 'Ping :',
@@ -1701,6 +1706,7 @@
'ovpn dl' => 'OVPN-Config Download',
'ovpn engines' => 'Crypto engine',
'ovpn errmsg green already pushed' => 'Route for Verde network is always set',
+'ovpn errmsg invalid data cipher input' => 'La crittografia dati necessita almeno un cifrario',
'ovpn errmsg invalid ip or mask' => 'Invalid network-address or subnetmask',
'ovpn generating the root and host certificates' => 'Generating the root and host certifictae can take a long time.',
'ovpn ha' => 'Hash algorithm',
@@ -1928,6 +1934,7 @@
'save error' => 'Unable to save configuration archive file',
'save settings' => 'Save settings',
'save-adv-options' => 'Save advanced options',
+'save-enc-options' => 'Salva impostazioni di crittografia',
'script name' => 'Script name:',
'secondary dns' => 'DNS Secondario:',
'secondary ntp server' => 'NTP server secondario',
@@ -43,6 +43,9 @@
'Number of IPs for the pie chart' => 'Aantal IPs voor de taartdiagram',
'Number of Ports for the pie chart' => 'Aantal poorten voor de taartdiagram',
'OVPN' => 'OpenVPN',
+'ovpn advanced encryption' => 'Geavanceerde versleuteling instellingen',
+'ovpn client version 25 cipher negotiation' => 'Onderhandel over versleuteling',
+'ovpn client version 25 warning' => 'Beschikbaar met clientversie 2.5.0 en hoger',
'OpenVPN' => 'OpenVPN',
'Pages' => 'Pagina\'s',
'Ping' => 'Ping :',
@@ -1655,9 +1658,12 @@
'ovpn' => 'OpenVPN',
'ovpn con stat' => 'OpenVPN connectiestatistieken',
'ovpn config' => 'OVPN-Configuratie',
+'ovpn data encryption' => 'Datakanaalversleuteling',
+'ovpn data channel' => 'Data-kanaal',
'ovpn device' => 'OpenVPN apparaat:',
'ovpn dl' => 'OVPN-Configuratie download',
'ovpn errmsg green already pushed' => 'Route voor het groene netwerk is altijd aangezet',
+'ovpn errmsg invalid data cipher input' => 'De gegevens codering heeft ten minste één codering nodig',
'ovpn errmsg invalid ip or mask' => 'Ongeldig netwerkadres of subnetmasker',
'ovpn log' => 'OVPN-Log',
'ovpn mgmt in root range' => 'Een poortnummer hoger dan 1024 is vereist.',
@@ -1881,6 +1887,7 @@
'save error' => 'Kan configuratie-archief niet opslaan',
'save settings' => 'Opslaan instellingen',
'save-adv-options' => 'Opslaan geavanceerde opties',
+'save-enc-options' => 'Bewaar encryptie opties',
'script name' => 'Scriptnaam:',
'secondary dns' => 'Secondaire DNS:',
'secondary ntp server' => 'Secondaire NTP server',
@@ -37,6 +37,9 @@
'Number of IPs for the pie chart' => 'Liczba numerów IP na wykresie kołowym',
'Number of Ports for the pie chart' => 'Liczba portów na wykresie kołowym',
'OVPN' => 'OpenVPN',
+'ovpn advanced encryption' => 'Zaawansowane ustawienia szyfrowania',
+'ovpn client version 25 cipher negotiation' => 'Negocjowanie szyfrowania',
+'ovpn client version 25 warning' => 'Dostępny z klientem w wersji 2.5.0 i wyższej',
'OpenVPN' => 'OpenVPN',
'Pages' => 'Stron',
'Ping' => 'Ping :',
@@ -1340,8 +1343,11 @@
'ovpn' => 'OpenVPN',
'ovpn con stat' => 'Statystyki połączeń OpenVPN',
'ovpn config' => 'OVPN-Konfig',
+'ovpn data encryption' => 'Szyfrowanie Kanału-Danych',
+'ovpn data channel' => 'Kanał-Danych',
'ovpn device' => 'Urządzenie OpenVPN:',
'ovpn dl' => 'Pobierz konfig OVPN',
+'ovpn errmsg invalid data cipher input' => 'Szyfr danych wymaga co najmniej jednego szyfru',
'ovpn log' => 'Log OVPN',
'ovpn on blue' => 'OpenVPN na int. BLUE',
'ovpn on orange' => 'OpenVPN na int. ORANGE',
@@ -1543,6 +1549,7 @@
'save error' => 'Nie można zapisać konfiguracji do pliku archiwum',
'save settings' => 'Zapisz ustawienia',
'save-adv-options' => 'Zapisz zaawansowane ustawienia',
+'save-enc-options' => 'Zapisywanie opcji szyfrowania',
'script name' => 'Nazwa skryptu:',
'secondary dns' => 'Zapasowy DNS:',
'secondary ntp server' => 'Zapasowy serwer NTP',
@@ -35,6 +35,9 @@
'Number of IPs for the pie chart' => 'Число IP для круглых графиков',
'Number of Ports for the pie chart' => 'Число портов для круглых графиков',
'OVPN' => 'OpenVPN',
+'ovpn advanced encryption' => 'Расширенные настройки шифрования',
+'ovpn client version 25 cipher negotiation' => 'Обсудить шифрование',
+'ovpn client version 25 warning' => 'Доступно с клиентской версией 2.5.0 и выше',
'OpenVPN' => 'OpenVPN',
'Pages' => 'Страницы',
'Ping' => 'Пинг :',
@@ -1331,9 +1334,12 @@
'ovpn' => 'OpenVPN',
'ovpn con stat' => 'Статистика подключений OpenVPN',
'ovpn config' => 'Настройки OVPN',
+'ovpn data encryption' => 'шифрование-каналов данных',
+'ovpn data channel' => 'Информационный-канал',
'ovpn device' => 'Устройство OpenVPN:',
'ovpn dl' => 'Загрузка настроек OVPN',
'ovpn errmsg green already pushed' => 'Маршрут для зелёной сети всегда включён',
+'ovpn errmsg invalid data cipher input' => 'Для шифра данных нужен хотя бы один шифр',
'ovpn errmsg invalid ip or mask' => 'Неправильный адрес или маска подсти',
'ovpn log' => 'Журнал OVPN',
'ovpn on blue' => 'OpenVPN на BLUE',
@@ -1538,6 +1544,7 @@
'save error' => 'Не получилось сохранить архив настроек',
'save settings' => 'Сохранить настройки',
'save-adv-options' => 'Сохранить дополнительные настройки',
+'save-enc-options' => 'Сохранить параметры шифрования',
'script name' => 'Имя скрипта:',
'secondary dns' => 'Второй DNS:',
'secondary ntp server' => 'Второй NTP сервер',
@@ -1835,9 +1835,14 @@
'override mtu' => 'Varsayılan MTU seçeneğini geçersiz kıl',
'ovpn' => 'OpenVPN',
'ovpn add conf' => 'Ek yapılandırma',
+'ovpn advanced encryption' => 'Gelişmiş şifreleme ayarları',
+'ovpn client version 25 cipher negotiation' => 'Şifrelemeyi görüşün',
+'ovpn client version 25 warning' => 'İstemci sürümü 2.5.0 ve üstü ile mevcuttur',
'ovpn con stat' => 'OpenVPN Bağlantı İstatistiği',
'ovpn config' => 'OVPN-Yapılandırması',
'ovpn crypt options' => 'Şifreleme seçenekleri',
+'ovpn data channel' => 'Veri-Kanalı',
+'ovpn data encryption' => 'Veri-Kanalı şifreleme',
'ovpn device' => 'OpenVPN aygıtı:',
'ovpn dh' => 'Diffie-Hellman parametre uzunluğu',
'ovpn dh new key' => 'Yeni Diffie-Hellman parametrelerini oluşturun',
@@ -1846,6 +1851,7 @@
'ovpn dl' => 'OVPN-Yapılandırması İndir',
'ovpn engines' => 'Şifreleme motoru',
'ovpn errmsg green already pushed' => 'Yeşil ağ için her zaman bir yol ayarla',
+'ovpn errmsg invalid data cipher input' => 'Veri şifresinin en az bir şifreye ihtiyacı var',
'ovpn errmsg invalid ip or mask' => 'Geçersiz ağ adresi veya alt ağ maskesi',
'ovpn generating the root and host certificates' => 'Root ve ana bilgisayar sertifika üretimi uzun zaman alabilir.',
'ovpn ha' => 'Hash algorithması',
@@ -2080,6 +2086,7 @@
'save error' => 'Yapılandırma arşiv dosyası kaydedilemiyor.',
'save settings' => 'Ayarları kaydet',
'save-adv-options' => 'Gelişmiş Seçenekleri Kaydet',
+'save-enc-options' => 'Şifreleme Seçeneklerini Kaydedin',
'script name' => 'Komut adı:',
'search' => 'Ara',
'secondary dns' => 'İkincil DNS:',