From c4ec63fe3262d86391bb7b89d4ccf712f699c022 Mon Sep 17 00:00:00 2001 From: Davide Beatrici Date: Tue, 19 May 2020 04:24:05 +0200 Subject: [PATCH 1/7] Rename "OpenVPN_UdpPortList" to "PortsUDP", store ports in a LIST Now that Proto supports UDP, the server can handle multiple protocols on each UDP port. The UDP ports are specified by the "OpenVPN_UdpPortList" configuration setting, because: - OpenVPN is currently the only UDP protocol supported by SoftEther VPN to allow a custom port number. - Before Proto was introduced, a unified interface for the protocols didn't exist; each protocol implementation had to create its own listener. In preparation for the upcoming WireGuard implementation, this commit renames "OpenVPN_UdpPortList" to "PortsUDP", which should clarify that the setting is global. The change is reflected in the code. Also, the ports are now stored in a LIST rather than a string. The conversion between string and LIST only happens when loading/saving the configuration. The default UDP ports are now the same as the TCP ones (443, 992, 1194, 5555). --- src/Cedar/Admin.c | 6 +-- src/Cedar/Command.c | 6 --- src/Cedar/Server.c | 71 +++++++++++++++++++----------- src/Cedar/Server.h | 3 +- src/bin/hamcore/strtable_cn.stb | 5 +-- src/bin/hamcore/strtable_en.stb | 5 +-- src/bin/hamcore/strtable_ja.stb | 5 +-- src/bin/hamcore/strtable_ko.stb | 5 +-- src/bin/hamcore/strtable_pt_br.stb | 5 +-- src/bin/hamcore/strtable_ru.stb | 5 +-- src/bin/hamcore/strtable_tw.stb | 5 +-- 11 files changed, 54 insertions(+), 67 deletions(-) diff --git a/src/Cedar/Admin.c b/src/Cedar/Admin.c index d1ba7ecc..a0c8bd0d 100644 --- a/src/Cedar/Admin.c +++ b/src/Cedar/Admin.c @@ -2123,7 +2123,7 @@ UINT StMakeOpenVpnConfigFile(ADMIN *a, RPC_READ_LOG_FILE *t) return ERR_OPENVPN_IS_NOT_ENABLED; } - port_list = StrToIntList(config.OpenVPNPortList, true); + port_list = s->PortsUDP; FreeRpcReadLogFile(t); Zero(t, sizeof(RPC_READ_LOG_FILE)); @@ -2358,8 +2358,6 @@ UINT StMakeOpenVpnConfigFile(ADMIN *a, RPC_READ_LOG_FILE *t) Free(zero_buffer); } - FreeStrList(port_list); - FreeZipPacker(p); return ERR_NO_ERROR; @@ -10059,7 +10057,6 @@ void InOpenVpnSstpConfig(OPENVPN_SSTP_CONFIG *t, PACK *p) t->EnableOpenVPN = PackGetBool(p, "EnableOpenVPN"); t->EnableSSTP = PackGetBool(p, "EnableSSTP"); - PackGetStr(p, "OpenVPNPortList", t->OpenVPNPortList, sizeof(t->OpenVPNPortList)); t->OpenVPNObfuscation= PackGetBool(p, "OpenVPNObfuscation"); PackGetStr(p, "OpenVPNObfuscationMask", t->OpenVPNObfuscationMask, sizeof(t->OpenVPNObfuscationMask)); } @@ -10073,7 +10070,6 @@ void OutOpenVpnSstpConfig(PACK *p, OPENVPN_SSTP_CONFIG *t) PackAddBool(p, "EnableOpenVPN", t->EnableOpenVPN); PackAddBool(p, "EnableSSTP", t->EnableSSTP); - PackAddStr(p, "OpenVPNPortList", t->OpenVPNPortList); PackAddBool(p, "OpenVPNObfuscation", t->OpenVPNObfuscation); PackAddStr(p, "OpenVPNObfuscationMask", t->OpenVPNObfuscationMask); } diff --git a/src/Cedar/Command.c b/src/Cedar/Command.c index 78dbf300..ff5df3ed 100644 --- a/src/Cedar/Command.c +++ b/src/Cedar/Command.c @@ -21631,7 +21631,6 @@ UINT PsOpenVpnEnable(CONSOLE *c, char *cmd_name, wchar_t *str, void *param) { // "name", prompt_proc, prompt_param, eval_proc, eval_param {"[yes|no]", CmdPrompt, _UU("CMD_OpenVpnEnable_Prompt_[yes|no]"), CmdEvalNotEmpty, NULL}, - {"PORTS", CmdPrompt, _UU("CMD_OpenVpnEnable_Prompt_PORTS"), CmdEvalNotEmpty, NULL}, }; o = ParseCommandList(c, cmd_name, str, args, sizeof(args) / sizeof(args[0])); @@ -21654,7 +21653,6 @@ UINT PsOpenVpnEnable(CONSOLE *c, char *cmd_name, wchar_t *str, void *param) } t.EnableOpenVPN = GetParamYes(o, "[yes|no]"); - StrCpy(t.OpenVPNPortList, sizeof(t.OpenVPNPortList), GetParamStr(o, "PORTS")); // RPC call ret = ScSetOpenVpnSstpConfig(ps->Rpc, &t); @@ -21700,14 +21698,10 @@ UINT PsOpenVpnGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param) } else { - wchar_t tmp[MAX_PATH]; CT *ct = CtNewStandard(); CtInsert(ct, _UU("CMD_OpenVpnGet_PRINT_Enabled"), _UU(t.EnableOpenVPN ? "SEC_YES" : "SEC_NO")); - StrToUni(tmp, sizeof(tmp), t.OpenVPNPortList); - CtInsert(ct, _UU("CMD_OpenVpnGet_PRINT_Ports"), tmp); - CtFree(ct, c); } diff --git a/src/Cedar/Server.c b/src/Cedar/Server.c index 417a4480..8c892a9d 100644 --- a/src/Cedar/Server.c +++ b/src/Cedar/Server.c @@ -33,8 +33,6 @@ void SiSetOpenVPNAndSSTPConfig(SERVER *s, OPENVPN_SSTP_CONFIG *c) Lock(s->OpenVpnSstpConfigLock); { - LIST *ports; - // Save the settings if (s->Cedar->Bridge || s->ServerType != SERVER_TYPE_STANDALONE) { @@ -47,12 +45,6 @@ void SiSetOpenVPNAndSSTPConfig(SERVER *s, OPENVPN_SSTP_CONFIG *c) s->DisableOpenVPNServer = !c->EnableOpenVPN; } - // TODO: Now that we have a unified protocol interface (Proto), the setting's name should be changed. - NormalizeIntListStr(s->OpenVpnServerUdpPorts, sizeof(s->OpenVpnServerUdpPorts), c->OpenVPNPortList, true, ", "); - ports = StrToIntList(s->OpenVpnServerUdpPorts, true); - ProtoSetUdpPorts(s->Proto, ports); - ReleaseIntList(ports); - s->Cedar->OpenVPNObfuscation = c->OpenVPNObfuscation; StrCpy(s->Cedar->OpenVPNObfuscationMask, sizeof(s->Cedar->OpenVPNObfuscationMask), c->OpenVPNObfuscationMask); } @@ -82,8 +74,6 @@ void SiGetOpenVPNAndSSTPConfig(SERVER *s, OPENVPN_SSTP_CONFIG *c) c->EnableSSTP = true; } - StrCpy(c->OpenVPNPortList, sizeof(c->OpenVPNPortList), s->OpenVpnServerUdpPorts); - c->OpenVPNObfuscation = s->Cedar->OpenVPNObfuscation; StrCpy(c->OpenVPNObfuscationMask, sizeof(c->OpenVPNObfuscationMask), s->Cedar->OpenVPNObfuscationMask); } @@ -2494,25 +2484,30 @@ void SiLoadInitialConfiguration(SERVER *s) } else { - // Enable the SSTP and OpenVPN for default setting OPENVPN_SSTP_CONFIG c; - Zero(&c, sizeof(c)); - c.EnableOpenVPN = true; - c.EnableSSTP = true; - { - ToStr(c.OpenVPNPortList, OPENVPN_UDP_PORT); - } + // Enable SSTP and OpenVPN by default + c.EnableSSTP = true; + c.EnableOpenVPN = true; c.OpenVPNObfuscation = false; + // Disable VPN-over-ICMP and VPN-over-DNS by default + s->EnableVpnOverIcmp = false; + s->EnableVpnOverDns = false; + SiSetOpenVPNAndSSTPConfig(s, &c); { - // Enable VPN-over-ICMP" and VPN-over-DNS for default setting - s->EnableVpnOverIcmp = false; - s->EnableVpnOverDns = false; + LIST *ports = s->PortsUDP; + + AddInt(ports, SERVER_DEF_PORTS_1); + AddInt(ports, SERVER_DEF_PORTS_2); + AddInt(ports, SERVER_DEF_PORTS_3); + AddInt(ports, SERVER_DEF_PORTS_4); + + ProtoSetUdpPorts(s->Proto, ports); } } @@ -5946,19 +5941,36 @@ void SiLoadServerCfg(SERVER *s, FOLDER *f) s->DisableOpenVPNServer = true; } - // Read the OpenVPN Port List - if (CfgGetStr(f, "OpenVPN_UdpPortList", tmp, sizeof(tmp)) == false) + if (CfgGetStr(f, "PortsUDP", tmp, sizeof(tmp))) { + UINT i; + TOKEN_LIST *tokens; + LIST *ports = s->PortsUDP; + + for (i = 0; i < LIST_NUM(ports); ++i) { - ToStr(tmp, OPENVPN_UDP_PORT); + Free(LIST_DATA(ports, i)); } + DeleteAll(ports); + + NormalizeIntListStr(tmp, sizeof(tmp), tmp, true, ", "); + + tokens = ParseTokenWithoutNullStr(tmp, ", "); + for (i = 0; i < tokens->NumTokens; ++i) + { + char *str = tokens->Token[i]; + if (IsNum(str)) + { + InsertIntDistinct(ports, ToInt(str)); + } + } + FreeToken(tokens); } // Apply the configuration of SSTP and OpenVPN Zero(&config, sizeof(config)); config.EnableOpenVPN = !s->DisableOpenVPNServer; config.EnableSSTP = !s->DisableSSTPServer; - StrCpy(config.OpenVPNPortList, sizeof(config.OpenVPNPortList), tmp); config.OpenVPNObfuscation = CfgGetBool(f, "OpenVPNObfuscation"); @@ -6132,6 +6144,12 @@ void SiWriteServerCfg(FOLDER *f, SERVER *s) CfgAddIp(f, "ListenIP", &s->ListenIP); + { + char str[MAX_SIZE]; + IntListToStr(str, sizeof(str), s->PortsUDP, ", "); + CfgAddStr(f, "PortsUDP", str); + } + if (s->Logger != NULL) { CfgAddInt(f, "ServerLogSwitchType", s->Logger->SwitchType); @@ -6244,8 +6262,6 @@ void SiWriteServerCfg(FOLDER *f, SERVER *s) SiGetOpenVPNAndSSTPConfig(s, &config); - CfgAddStr(f, "OpenVPN_UdpPortList", config.OpenVPNPortList); - CfgAddBool(f, "OpenVPNObfuscation", config.OpenVPNObfuscation); CfgAddStr(f, "OpenVPNObfuscationMask", config.OpenVPNObfuscationMask); } @@ -6862,6 +6878,8 @@ void SiCleanupServer(SERVER *s) // Stop all listeners SiStopAllListener(s); + ReleaseIntList(s->PortsUDP); + if (s->ServerType == SERVER_TYPE_FARM_CONTROLLER) { // In the case of farm controller @@ -10712,6 +10730,7 @@ SERVER *SiNewServerEx(bool bridge, bool in_client_inner_server, bool relay_serve s->Cedar->CheckExpires = true; s->ServerListenerList = NewList(CompareServerListener); + s->PortsUDP = NewIntList(true); s->StartTime = SystemTime64(); s->TasksFromFarmControllerLock = NewLock(); diff --git a/src/Cedar/Server.h b/src/Cedar/Server.h index cd26634d..0e14c8fc 100644 --- a/src/Cedar/Server.h +++ b/src/Cedar/Server.h @@ -147,7 +147,6 @@ struct SYSLOG_SETTING struct OPENVPN_SSTP_CONFIG { bool EnableOpenVPN; // OpenVPN is enabled - char OpenVPNPortList[MAX_SIZE]; // OpenVPN UDP port number list bool OpenVPNObfuscation; // OpenVPN: Obfuscation mode char OpenVPNObfuscationMask[MAX_SIZE]; // OpenVPN: String (mask) for XOR obfuscation bool EnableSSTP; // SSTP is enabled @@ -159,6 +158,7 @@ struct SERVER UINT ServerType; // Type of server UINT UpdatedServerType; // Type of updated server LIST *ServerListenerList; // Server listener list + LIST *PortsUDP; // The ports used by Proto's UDP listener UCHAR HashedPassword[SHA1_SIZE]; // Password char ControllerName[MAX_HOST_NAME_LEN + 1]; // Controller name UINT ControllerPort; // Controller port @@ -244,7 +244,6 @@ struct SERVER PROTO *Proto; // Protocols handler IPSEC_SERVER *IPsecServer; // IPsec server function - char OpenVpnServerUdpPorts[MAX_SIZE]; // UDP port list string DDNS_CLIENT *DDnsClient; // DDNS client feature LOCK *OpenVpnSstpConfigLock; // Lock OpenVPN and SSTP configuration diff --git a/src/bin/hamcore/strtable_cn.stb b/src/bin/hamcore/strtable_cn.stb index b0f1eee0..5ce33b5f 100644 --- a/src/bin/hamcore/strtable_cn.stb +++ b/src/bin/hamcore/strtable_cn.stb @@ -6300,11 +6300,9 @@ CMD_EtherIpClientList_Args EtherIpClientList # OpenVpnEnable 命令 CMD_OpenVpnEnable 启用/禁用 OpenVPN 克隆服务器功能 CMD_OpenVpnEnable_Help 本 VPN Server 有 OpenVPN Technologies, Inc. 公司生产的 OpenVPN 软件产品的克隆功能。任何 OpenVPN Client 都可以连接到本 VPN Server。\n\n指定用户名连接到虚拟 HUB 的的方式,使用本克隆服务器功能来为默认虚拟 HUB 的选择规则都与 IPsec 服务器功能相同。详情,请参见 IPsecEnable 命令的帮助。\n\n要执行此命令,您必须具有 VPN Server 管理员权限。\n该命令在 VPN Bridge 上不能运行。\n以集群成员运行的 VPN Server 的虚拟 HUB 不能执行此命令。 -CMD_OpenVpnEnable_Args OpenVpnEnable [yes|no] [/PORTS:udp_port_list] +CMD_OpenVpnEnable_Args OpenVpnEnable [yes|no] CMD_OpenVpnEnable_[yes|no] 指定 "yes",启用 OpenVPN 克隆服务器功能。指定 "no" 禁用该功能。 -CMD_OpenVpnEnable_PORTS 指定UDP端口监听 OpenVPN 。指定多个 UDP 端口可以用空格或者逗号分开来它们,例如: "1194, 2001, 2010, 2012"。OpenVPN 的默认端口是 UDP 1194。您也可以指定任一其他 UDP 端口。 CMD_OpenVpnEnable_Prompt_[yes|no] 启用 OpenVPN 克隆服务器功能 (yes / no): -CMD_OpenVpnEnable_Prompt_PORTS 监听 OpenVPN 的 UDP 端口(默认: 1194 /也可设置多端口): # OpenVpnGet 命令 @@ -6312,7 +6310,6 @@ CMD_OpenVpnGet 获取 OpenVPN 克隆服务器功能的当前设置 CMD_OpenVpnGet_Help 获取并显示 OpenVPN 克隆服务器功能的当前设置。\n\n要执行此命令,您必须具有 VPN Server 管理员权限。\n该命令在 VPN Bridge 上不能运行。\n以集群成员运行的 VPN Server 的虚拟 HUB 不能执行此命令。 CMD_OpenVpnGet_Args OpenVpnGet CMD_OpenVpnGet_PRINT_Enabled OpenVPN 克隆服务器已启用 -CMD_OpenVpnGet_PRINT_Ports UDP 端口列表 # OpenVpnMakeConfig 命令 CMD_OpenVpnMakeConfig 生成 OpenVPN Client 样本设置文件 diff --git a/src/bin/hamcore/strtable_en.stb b/src/bin/hamcore/strtable_en.stb index efe1fcfa..e60fb0fb 100644 --- a/src/bin/hamcore/strtable_en.stb +++ b/src/bin/hamcore/strtable_en.stb @@ -6284,11 +6284,9 @@ CMD_EtherIpClientList_Args EtherIpClientList # OpenVpnEnable command CMD_OpenVpnEnable Enable / Disable OpenVPN Clone Server Function CMD_OpenVpnEnable_Help This VPN Server has the clone functions of OpenVPN software products by OpenVPN Technologies, Inc. Any OpenVPN Clients can connect to this VPN Server.\n\nThe manner to specify a username to connect to the Virtual Hub, and the selection rule of default Hub by using this clone server functions are same to the IPsec Server functions. For details, please see the help of the IPsecEnable command.\n\nTo execute this command, you must have VPN Server administrator privileges. \nThis command cannot be run on VPN Bridge.\nYou cannot execute this command for Virtual Hubs of VPN Servers operating as a cluster. -CMD_OpenVpnEnable_Args OpenVpnEnable [yes|no] [/PORTS:udp_port_list] +CMD_OpenVpnEnable_Args OpenVpnEnable [yes|no] CMD_OpenVpnEnable_[yes|no] Specify yes to enable the OpenVPN Clone Server Function. Specify no to disable. -CMD_OpenVpnEnable_PORTS Specify UDP ports to listen for OpenVPN. Multiple UDP ports can be specified with splitting by space or comma letters, for example: "1194, 2001, 2010, 2012". The default port for OpenVPN is UDP 1194. You can specify any other UDP ports. CMD_OpenVpnEnable_Prompt_[yes|no] Enables OpenVPN Clone Server Function (yes / no): -CMD_OpenVpnEnable_Prompt_PORTS UDP Ports to Listen for OpenVPN (Default: 1194 / Multiple Accepted): # OpenVpnGet command @@ -6296,7 +6294,6 @@ CMD_OpenVpnGet Get the Current Settings of OpenVPN Clone Server Function CMD_OpenVpnGet_Help Get and show the current settings of OpenVPN Clone Server Function.\n\nTo execute this command, you must have VPN Server administrator privileges. \nThis command cannot be run on VPN Bridge.\nYou cannot execute this command for Virtual Hubs of VPN Servers operating as a cluster. CMD_OpenVpnGet_Args OpenVpnGet CMD_OpenVpnGet_PRINT_Enabled OpenVPN Clone Server Enabled -CMD_OpenVpnGet_PRINT_Ports UDP Port List # OpenVpnMakeConfig command CMD_OpenVpnMakeConfig Generate a Sample Setting File for OpenVPN Client diff --git a/src/bin/hamcore/strtable_ja.stb b/src/bin/hamcore/strtable_ja.stb index cfb18521..10b6b04b 100644 --- a/src/bin/hamcore/strtable_ja.stb +++ b/src/bin/hamcore/strtable_ja.stb @@ -6291,11 +6291,9 @@ CMD_EtherIpClientList_Args EtherIpClientList # OpenVpnEnable コマンド CMD_OpenVpnEnable OpenVPN 互換サーバー機能を有効化 / 無効化 CMD_OpenVpnEnable_Help SoftEther VPN Server には OpenVPN 社の OpenVPN ソフトウェア製品と同等の VPN サーバー機能が搭載されています。OpenVPN サーバー機能を有効にすると、OpenVPN クライアントから OpenVPN サーバーに接続できるようになります。\n\nOpenVPN 互換サーバー機能で仮想 HUB に接続する場合のユーザー名の指定方法、およびデフォルト仮想 HUB の選択規則は、IPsec サーバー機能と同様です。詳しくは IPsecEnable コマンドのヘルプを参照してください。\n\nこのコマンドを実行するには、VPN Server の管理者権限が必要です。\nこのコマンドは、VPN Bridge では実行できません。\nこのコマンドは、クラスタとして動作している VPN Server の仮想 HUB では実行できません。 -CMD_OpenVpnEnable_Args OpenVpnEnable [yes|no] [/PORTS:udp_port_list] +CMD_OpenVpnEnable_Args OpenVpnEnable [yes|no] CMD_OpenVpnEnable_[yes|no] OpenVPN 互換サーバー機能を有効にする場合は yes、無効にする場合は no を指定します。 -CMD_OpenVpnEnable_PORTS OpenVPN サービスを提供する UDP ポートの一覧を指定してください。UDP ポートは複数指定できます。複数指定する場合は 1194, 2001, 2010, 2012 のようにカンマ (,) で区切ってください。OpenVPN は標準では UDP 1194 ポートを使用しますが、その他の任意の UDP ポートを指定できます。 CMD_OpenVpnEnable_Prompt_[yes|no] OpenVPN 互換サーバー機能を有効化 (yes / no): -CMD_OpenVpnEnable_Prompt_PORTS UDP ポート番号の一覧 (標準は 1194 / 複数指定可): # OpenVpnGet コマンド @@ -6303,7 +6301,6 @@ CMD_OpenVpnGet OpenVPN 互換サーバー機能の現在の設定を取得 CMD_OpenVpnGet_Help 現在の OpenVPN 互換サーバー機能の設定を取得して表示します。\n\nこのコマンドを実行するには、VPN Server の管理者権限が必要です。\nこのコマンドは、VPN Bridge では実行できません。\nこのコマンドは、クラスタとして動作している VPN Server の仮想 HUB では実行できません。 CMD_OpenVpnGet_Args OpenVpnGet CMD_OpenVpnGet_PRINT_Enabled OpenVPN 互換サーバー機能が有効 -CMD_OpenVpnGet_PRINT_Ports UDP ポート番号一覧 # OpenVpnMakeConfig コマンド CMD_OpenVpnMakeConfig OpenVPN 互換サーバー機能に接続可能なサンプルの OpenVPN 設定ファイルの生成 diff --git a/src/bin/hamcore/strtable_ko.stb b/src/bin/hamcore/strtable_ko.stb index 4b561aa2..a6709a84 100644 --- a/src/bin/hamcore/strtable_ko.stb +++ b/src/bin/hamcore/strtable_ko.stb @@ -6267,11 +6267,9 @@ CMD_EtherIpClientList_Args EtherIpClientList # OpenVpnEnable 명령 CMD_OpenVpnEnable OpenVPN 호환 서버 기능을 활성화/비활성화 CMD_OpenVpnEnable_Help SoftEther VPN Server는 OpenVPN 사의 OpenVPN 소프트웨어 제품과 동일한 VPN 서버 기능이 탑재되어 있습니다. OpenVPN 서버 기능을 활성화하면 OpenVPN 클라이언트에서 OpenVPN 서버에 연결 할 수 있습니다. \n \nOpenVPN 호환 서버 기능으로 가상 HUB에 연결하는 경우 사용자 이름 지정 방법 및 기본 가상 HUB 선택 규칙은 IPsec 서버 기능과 유사합니다. 자세한 내용은 IPsecEnable 명령의 도움말을 참조하십시오. \n \n이 명령을 실행하려면 VPN Server 관리자 권한이 있어야합니다. \n이 명령은 VPN Bridge에서는 실행되지 않습니다. \n이 명령은 클러스터로 작동하는 VPN Server의 가상 HUB에서는 실행되지 않습니다. -CMD_OpenVpnEnable_Args OpenVpnEnable [yes|no] [/PORTS:udp_port_list] +CMD_OpenVpnEnable_Args OpenVpnEnable [yes|no] CMD_OpenVpnEnable_[yes|no] OpenVPN 호환 서버 기능을 활성화하려면 yes, 무효로하는 경우 no를 지정합니다. -CMD_OpenVpnEnable_PORTS OpenVPN 서비스를 제공하는 UDP 포트 목록을 지정하십시오. UDP 포트는 여러 지정할 수 있습니다. 복수 지정하는 경우는 1194, 2001, 2010, 2012와 같이 콤마 (,)로 구분하십시오. OpenVPN은 표준에서 UDP 1194 포트를 사용하지만 다른 임의의 UDP 포트를 지정할 수 있습니다. CMD_OpenVpnEnable_Prompt_[yes|no] OpenVPN 호환 서버 기능을 활성화 (yes/no): -CMD_OpenVpnEnable_Prompt_PORTS UDP 포트 번호 목록 (표준 1194/복수 지정 가능): # OpenVpnGet 명령 @@ -6279,7 +6277,6 @@ CMD_OpenVpnGet OpenVPN 호환 서버 기능의 현재 설정을 가져 CMD_OpenVpnGet_Help 현재 OpenVPN 호환 서버 기능의 설정을 검색하고 표시합니다. \n \n이 명령을 실행하려면 VPN Server 관리자 권한이 있어야합니다. \n이 명령은 VPN Bridge에서는 실행되지 않습니다. \n이 명령은 클러스터로 작동하는 VPN Server의 가상 HUB에서는 실행되지 않습니다. CMD_OpenVpnGet_Args OpenVpnGet CMD_OpenVpnGet_PRINT_Enabled OpenVPN 호환 서버 기능이 활성화 -CMD_OpenVpnGet_PRINT_Ports UDP 포트 번호 목록 # OpenVpnMakeConfig 명령 CMD_OpenVpnMakeConfig OpenVPN 호환 서버 기능에 연결 가능한 샘플의 OpenVPN 설정 파일 생성 diff --git a/src/bin/hamcore/strtable_pt_br.stb b/src/bin/hamcore/strtable_pt_br.stb index 073a6fed..528ca1f7 100644 --- a/src/bin/hamcore/strtable_pt_br.stb +++ b/src/bin/hamcore/strtable_pt_br.stb @@ -6015,11 +6015,9 @@ CMD_EtherIpClientList_Args EtherIpClientList # OpenVpnEnable command CMD_OpenVpnEnable Enable / Disable OpenVPN Clone Server Function CMD_OpenVpnEnable_Help This VPN Server has the clone functions of OpenVPN software products by OpenVPN Technologies, Inc. Any OpenVPN Clients can connect to this VPN Server.\n\nThe manner to specify a username to connect to the Virtual Hub, and the selection rule of default Hub by using this clone server functions are same to the IPsec Server functions. For details, please see the help of the IPsecEnable command.\n\nTo execute this command, you must have VPN Server administrator privileges. \nThis command cannot be run on VPN Bridge.\nYou cannot execute this command for Virtual Hubs of VPN Servers operating as a cluster. -CMD_OpenVpnEnable_Args OpenVpnEnable [yes|no] [/PORTS:udp_port_list] +CMD_OpenVpnEnable_Args OpenVpnEnable [yes|no] CMD_OpenVpnEnable_[yes|no] Specify yes to enable the OpenVPN Clone Server Function. Specify no to disable. -CMD_OpenVpnEnable_PORTS Specify UDP ports to listen for OpenVPN. Multiple UDP ports can be specified with splitting by space or comma letters, for example: "1194, 2001, 2010, 2012". The default port for OpenVPN is UDP 1194. You can specify any other UDP ports. CMD_OpenVpnEnable_Prompt_[yes|no] Enables OpenVPN Clone Server Function (yes / no): -CMD_OpenVpnEnable_Prompt_PORTS UDP Ports to Listen for OpenVPN (Default: 1194 / Multiple Accepted): # OpenVpnGet command @@ -6027,7 +6025,6 @@ CMD_OpenVpnGet Get the Current Settings of OpenVPN Clone Server Function CMD_OpenVpnGet_Help Get and show the current settings of OpenVPN Clone Server Function.\n\nTo execute this command, you must have VPN Server administrator privileges. \nThis command cannot be run on VPN Bridge.\nYou cannot execute this command for Virtual Hubs of VPN Servers operating as a cluster. CMD_OpenVpnGet_Args OpenVpnGet CMD_OpenVpnGet_PRINT_Enabled OpenVPN Clone Server Enabled -CMD_OpenVpnGet_PRINT_Ports Lista de portas UDP # OpenVpnMakeConfig command diff --git a/src/bin/hamcore/strtable_ru.stb b/src/bin/hamcore/strtable_ru.stb index 38a56c4b..6849c398 100644 --- a/src/bin/hamcore/strtable_ru.stb +++ b/src/bin/hamcore/strtable_ru.stb @@ -6269,11 +6269,9 @@ CMD_EtherIpClientList_Args EtherIpClientList # OpenVpnEnable command CMD_OpenVpnEnable Enable / Disable OpenVPN Clone Server Function CMD_OpenVpnEnable_Help This VPN Server has the clone functions of OpenVPN software products by OpenVPN Technologies, Inc. Any OpenVPN Clients can connect to this VPN Server.\n\nThe manner to specify a username to connect to the Virtual Hub, and the selection rule of default Hub by using this clone server functions are same to the IPsec Server functions. For details, please see the help of the IPsecEnable command.\n\nTo execute this command, you must have VPN Server administrator privileges. \nThis command cannot be run on VPN Bridge.\nYou cannot execute this command for Virtual Hubs of VPN Servers operating as a cluster. -CMD_OpenVpnEnable_Args OpenVpnEnable [yes|no] [/PORTS:udp_port_list] +CMD_OpenVpnEnable_Args OpenVpnEnable [yes|no] CMD_OpenVpnEnable_[yes|no] Specify yes to enable the OpenVPN Clone Server Function. Specify no to disable. -CMD_OpenVpnEnable_PORTS Specify UDP ports to listen for OpenVPN. Multiple UDP ports can be specified with splitting by space or comma letters, for example: "1194, 2001, 2010, 2012". The default port for OpenVPN is UDP 1194. You can specify any other UDP ports. CMD_OpenVpnEnable_Prompt_[yes|no] Enables OpenVPN Clone Server Function (yes / no): -CMD_OpenVpnEnable_Prompt_PORTS UDP Ports to Listen for OpenVPN (Default: 1194 / Multiple Accepted): # OpenVpnGet command @@ -6281,7 +6279,6 @@ CMD_OpenVpnGet Get the Current Settings of OpenVPN Clone Server Function CMD_OpenVpnGet_Help Get and show the current settings of OpenVPN Clone Server Function.\n\nTo execute this command, you must have VPN Server administrator privileges. \nThis command cannot be run on VPN Bridge.\nYou cannot execute this command for Virtual Hubs of VPN Servers operating as a cluster. CMD_OpenVpnGet_Args OpenVpnGet CMD_OpenVpnGet_PRINT_Enabled OpenVPN Clone Server Enabled -CMD_OpenVpnGet_PRINT_Ports UDP Port List # OpenVpnMakeConfig command CMD_OpenVpnMakeConfig Generate a Sample Setting File for OpenVPN Client diff --git a/src/bin/hamcore/strtable_tw.stb b/src/bin/hamcore/strtable_tw.stb index a172ecd8..aa4df1f5 100644 --- a/src/bin/hamcore/strtable_tw.stb +++ b/src/bin/hamcore/strtable_tw.stb @@ -6302,11 +6302,9 @@ CMD_EtherIpClientList_Args EtherIpClientList # OpenVpnEnable 命令 CMD_OpenVpnEnable 啟用/禁用 OpenVPN 克隆伺服器功能 CMD_OpenVpnEnable_Help 本 VPN Server 有 OpenVPN Technologies, Inc. 公司生產的 OpenVPN 軟體產品的克隆功能。任何 OpenVPN Client 都可以連接到本 VPN Server。\n\n指定用戶名連接到虛擬 HUB 的的方式,使用本克隆伺服器功能來為預設虛擬 HUB 的選擇規則都與 IPsec 伺服器功能相同。詳情,請參見 IPsecEnable 命令的幫助。\n\n要執行此命令,您必須具有 VPN Server 管理員許可權。\n該命令在 VPN Bridge 上不能運行。\n以集群成員運行的 VPN Server 的虛擬 HUB 不能執行此命令。 -CMD_OpenVpnEnable_Args OpenVpnEnable [yes|no] [/PORTS:udp_port_list] +CMD_OpenVpnEnable_Args OpenVpnEnable [yes|no] CMD_OpenVpnEnable_[yes|no] 指定 "yes",啟用 OpenVPN 克隆伺服器功能。指定 "no" 禁用該功能。 -CMD_OpenVpnEnable_PORTS 指定UDP埠監聽 OpenVPN 。指定多個 UDP 埠可以用空格或者逗號分開來它們,例如: "1194, 2001, 2010, 2012"。OpenVPN 的默認埠是 UDP 1194。您也可以指定任一其他 UDP 埠。 CMD_OpenVpnEnable_Prompt_[yes|no] 啟用 OpenVPN 克隆伺服器功能 (yes / no): -CMD_OpenVpnEnable_Prompt_PORTS 監聽 OpenVPN 的 UDP 埠(默認: 1194 /也可設置多埠): # OpenVpnGet 命令 @@ -6314,7 +6312,6 @@ CMD_OpenVpnGet 獲取 OpenVPN 克隆伺服器功能的當前設置 CMD_OpenVpnGet_Help 獲取並顯示 OpenVPN 克隆伺服器功能的當前設置。\n\n要執行此命令,您必須具有 VPN Server 管理員許可權。\n該命令在 VPN Bridge 上不能運行。\n以集群成員運行的 VPN Server 的虛擬 HUB 不能執行此命令。 CMD_OpenVpnGet_Args OpenVpnGet CMD_OpenVpnGet_PRINT_Enabled OpenVPN 克隆伺服器已啟用 -CMD_OpenVpnGet_PRINT_Ports UDP 埠列表 # OpenVpnMakeConfig 命令 CMD_OpenVpnMakeConfig 生成 OpenVPN Client 樣本設置檔案 From f1cb86d979231fd5c8704b61a962acd55ed643a3 Mon Sep 17 00:00:00 2001 From: Davide Beatrici Date: Wed, 20 May 2020 04:40:30 +0200 Subject: [PATCH 2/7] Cedar/Admin: implement new RPC methods to get/set the UDP ports --- src/Cedar/Admin.c | 129 +++++++++++++++++++++++++++++ src/Cedar/Admin.h | 14 ++++ src/Cedar/CedarType.h | 1 + src/bin/hamcore/strtable_cn.stb | 1 + src/bin/hamcore/strtable_en.stb | 1 + src/bin/hamcore/strtable_ja.stb | 1 + src/bin/hamcore/strtable_ko.stb | 1 + src/bin/hamcore/strtable_pt_br.stb | 1 + src/bin/hamcore/strtable_ru.stb | 1 + src/bin/hamcore/strtable_tw.stb | 1 + 10 files changed, 151 insertions(+) diff --git a/src/Cedar/Admin.c b/src/Cedar/Admin.c index a0c8bd0d..137ae55e 100644 --- a/src/Cedar/Admin.c +++ b/src/Cedar/Admin.c @@ -1494,6 +1494,8 @@ PACK *AdminDispatch(RPC *rpc, char *name, PACK *p) DECLARE_RPC_EX("EnumListener", RPC_LISTENER_LIST, StEnumListener, InRpcListenerList, OutRpcListenerList, FreeRpcListenerList) DECLARE_RPC("DeleteListener", RPC_LISTENER, StDeleteListener, InRpcListener, OutRpcListener) DECLARE_RPC("EnableListener", RPC_LISTENER, StEnableListener, InRpcListener, OutRpcListener) + DECLARE_RPC_EX("SetPortsUDP", RPC_PORTS, StSetPortsUDP, InRpcPorts, OutRpcPorts, FreeRpcPorts) + DECLARE_RPC_EX("GetPortsUDP", RPC_PORTS, StGetPortsUDP, InRpcPorts, OutRpcPorts, FreeRpcPorts) DECLARE_RPC("SetServerPassword", RPC_SET_PASSWORD, StSetServerPassword, InRpcSetPassword, OutRpcSetPassword) DECLARE_RPC_EX("SetFarmSetting", RPC_FARM, StSetFarmSetting, InRpcFarm, OutRpcFarm, FreeRpcFarm) DECLARE_RPC_EX("GetFarmSetting", RPC_FARM, StGetFarmSetting, InRpcFarm, OutRpcFarm, FreeRpcFarm) @@ -1674,6 +1676,8 @@ DECLARE_SC("CreateListener", RPC_LISTENER, ScCreateListener, InRpcListener, OutR DECLARE_SC_EX("EnumListener", RPC_LISTENER_LIST, ScEnumListener, InRpcListenerList, OutRpcListenerList, FreeRpcListenerList) DECLARE_SC("DeleteListener", RPC_LISTENER, ScDeleteListener, InRpcListener, OutRpcListener) DECLARE_SC("EnableListener", RPC_LISTENER, ScEnableListener, InRpcListener, OutRpcListener) +DECLARE_SC_EX("SetPortsUDP", RPC_PORTS, ScSetPortsUDP, InRpcPorts, OutRpcPorts, FreeRpcPorts) +DECLARE_SC_EX("GetPortsUDP", RPC_PORTS, ScGetPortsUDP, InRpcPorts, OutRpcPorts, FreeRpcPorts) DECLARE_SC("SetServerPassword", RPC_SET_PASSWORD, ScSetServerPassword, InRpcSetPassword, OutRpcSetPassword) DECLARE_SC_EX("SetFarmSetting", RPC_FARM, ScSetFarmSetting, InRpcFarm, OutRpcFarm, FreeRpcFarm) DECLARE_SC_EX("GetFarmSetting", RPC_FARM, ScGetFarmSetting, InRpcFarm, OutRpcFarm, FreeRpcFarm) @@ -9873,6 +9877,88 @@ UINT StCreateListener(ADMIN *a, RPC_LISTENER *t) return ret; } +// Set UDP ports the server should listen on +UINT StSetPortsUDP(ADMIN *a, RPC_PORTS *t) +{ + UINT i; + LIST *ports, *server_ports; + + SERVER_ADMIN_ONLY; + + ports = NewIntList(true); + + for (i = 0; i < t->Num; ++i) + { + const UINT port = t->Ports[i]; + if (port < 1 || port > 65535) + { + ReleaseIntList(ports); + return ERR_INVALID_PARAMETER; + } + + AddIntDistinct(ports, port); + } + + server_ports = a->Server->PortsUDP; + + LockList(server_ports); + { + char tmp[MAX_SIZE]; + wchar_t str[MAX_SIZE]; + + for (i = 0; i < LIST_NUM(server_ports); ++i) + { + Free(LIST_DATA(server_ports, i)); + } + DeleteAll(server_ports); + + for (i = 0; i < LIST_NUM(ports); ++i) + { + const UINT port = *(UINT *)LIST_DATA(ports, i); + AddInt(server_ports, port); + } + + ProtoSetUdpPorts(a->Server->Proto, server_ports); + + IntListToStr(tmp, sizeof(tmp), server_ports, ", "); + StrToUni(str, sizeof(str), tmp); + ALog(a, NULL, "LA_SET_PORTS_UDP", str); + } + UnlockList(server_ports); + + ReleaseIntList(ports); + + IncrementServerConfigRevision(a->Server); + + return ERR_NO_ERROR; +} + +// List UDP ports the server is listening on +UINT StGetPortsUDP(ADMIN *a, RPC_PORTS *t) +{ + LIST *ports = a->Server->PortsUDP; + + FreeRpcPorts(t); + + LockList(ports); + { + t->Num = LIST_NUM(ports); + t->Ports = t->Num > 0 ? Malloc(sizeof(UINT) * t->Num) : NULL; + if (t->Ports != NULL) + { + UINT i; + for (i = 0; i < t->Num; ++i) + { + const UINT port = *(UINT *)LIST_DATA(ports, i); + t->Ports[i] = port; + } + } + } + UnlockList(ports); + + return ERR_NO_ERROR; +} + // Get server status UINT StGetServerStatus(ADMIN *a, RPC_SERVER_STATUS *t) { @@ -12094,6 +12180,49 @@ void FreeRpcListenerList(RPC_LISTENER_LIST *t) Free(t->Errors); } +// RPC_PORTS +void InRpcPorts(RPC_PORTS *t, PACK *p) +{ + UINT i; + // Validate arguments + if (t == NULL || p == NULL) + { + return; + } + + t->Num = PackGetIndexCount(p, "Ports"); + t->Ports = ZeroMalloc(sizeof(UINT) * t->Num); + + for (i = 0; i < t->Num; ++i) + { + t->Ports[i] = PackGetIntEx(p, "Ports", i); + } +} +void OutRpcPorts(PACK *p, RPC_PORTS *t) +{ + UINT i; + // Validate arguments + if (t == NULL || p == NULL) + { + return; + } + + for (i = 0; i < t->Num; ++i) + { + PackAddIntEx(p, "Ports", t->Ports[i], i, t->Num); + } +} +void FreeRpcPorts(RPC_PORTS *t) +{ + // Validate arguments + if (t == NULL) + { + return; + } + + Free(t->Ports); +} + // RPC_STR void InRpcStr(RPC_STR *t, PACK *p) { diff --git a/src/Cedar/Admin.h b/src/Cedar/Admin.h index 0d58e8d6..220d7e5a 100644 --- a/src/Cedar/Admin.h +++ b/src/Cedar/Admin.h @@ -105,6 +105,13 @@ struct RPC_LISTENER_LIST bool *Errors; // An error occurred }; +// List of ports +struct RPC_PORTS +{ + UINT Num; // Number of ports + UINT *Ports; // Ports +}; + // String * struct RPC_STR { @@ -957,6 +964,8 @@ UINT StCreateListener(ADMIN *a, RPC_LISTENER *t); UINT StEnumListener(ADMIN *a, RPC_LISTENER_LIST *t); UINT StDeleteListener(ADMIN *a, RPC_LISTENER *t); UINT StEnableListener(ADMIN *a, RPC_LISTENER *t); +UINT StSetPortsUDP(ADMIN *a, RPC_PORTS *t); +UINT StGetPortsUDP(ADMIN *a, RPC_PORTS *t); UINT StSetServerPassword(ADMIN *a, RPC_SET_PASSWORD *t); UINT StSetFarmSetting(ADMIN *a, RPC_FARM *t); UINT StGetFarmSetting(ADMIN *a, RPC_FARM *t); @@ -1101,6 +1110,8 @@ UINT ScCreateListener(RPC *r, RPC_LISTENER *t); UINT ScEnumListener(RPC *r, RPC_LISTENER_LIST *t); UINT ScDeleteListener(RPC *r, RPC_LISTENER *t); UINT ScEnableListener(RPC *r, RPC_LISTENER *t); +UINT ScSetPortsUDP(RPC *r, RPC_PORTS *t); +UINT ScGetPortsUDP(RPC *r, RPC_PORTS *t); UINT ScSetServerPassword(RPC *r, RPC_SET_PASSWORD *t); UINT ScSetFarmSetting(RPC *r, RPC_FARM *t); UINT ScGetFarmSetting(RPC *r, RPC_FARM *t); @@ -1251,6 +1262,9 @@ void OutRpcListener(PACK *p, RPC_LISTENER *t); void InRpcListenerList(RPC_LISTENER_LIST *t, PACK *p); void OutRpcListenerList(PACK *p, RPC_LISTENER_LIST *t); void FreeRpcListenerList(RPC_LISTENER_LIST *t); +void InRpcPorts(RPC_PORTS *t, PACK *p); +void OutRpcPorts(PACK *p, RPC_PORTS *t); +void FreeRpcPorts(RPC_PORTS *t); void InRpcStr(RPC_STR *t, PACK *p); void OutRpcStr(PACK *p, RPC_STR *t); void FreeRpcStr(RPC_STR *t); diff --git a/src/Cedar/CedarType.h b/src/Cedar/CedarType.h index 620d0291..9dfb8879 100644 --- a/src/Cedar/CedarType.h +++ b/src/Cedar/CedarType.h @@ -288,6 +288,7 @@ typedef struct RPC_SERVER_INFO RPC_SERVER_INFO; typedef struct RPC_SERVER_STATUS RPC_SERVER_STATUS; typedef struct RPC_LISTENER RPC_LISTENER; typedef struct RPC_LISTENER_LIST RPC_LISTENER_LIST; +typedef struct RPC_PORTS RPC_PORTS; typedef struct RPC_STR RPC_STR; typedef struct RPC_SET_PASSWORD RPC_SET_PASSWORD; typedef struct RPC_FARM RPC_FARM; diff --git a/src/bin/hamcore/strtable_cn.stb b/src/bin/hamcore/strtable_cn.stb index 5ce33b5f..fec68e3a 100644 --- a/src/bin/hamcore/strtable_cn.stb +++ b/src/bin/hamcore/strtable_cn.stb @@ -2006,6 +2006,7 @@ LA_CREATE_LISTENER 已建立新 TCP 监听器 (端口号 %u)。 LA_DELETE_LISTENER 已删除 TCP 监听器 (端口号 %u)。 LA_ENABLE_LISTENER 已启用 TCP 监听器 (端口号 %u)。 LA_DISABLE_LISTENER 已禁用 TCP 监听器 (端口号 %u)。 +LA_SET_PORTS_UDP UDP ports have been set: %s. LA_SET_SERVER_PASSWORD 服务端管理员密码设置完成。 LA_SET_FARM_SETTING 群集设置变更完成。 LA_SET_SERVER_CERT 服务端证书设定完成。 diff --git a/src/bin/hamcore/strtable_en.stb b/src/bin/hamcore/strtable_en.stb index e60fb0fb..2edc6d7b 100644 --- a/src/bin/hamcore/strtable_en.stb +++ b/src/bin/hamcore/strtable_en.stb @@ -1988,6 +1988,7 @@ LA_CREATE_LISTENER A new TCP listener (port number %u) has been created. LA_DELETE_LISTENER TCP listener (port number %u) has been deleted. LA_ENABLE_LISTENER TCP listener (port number %u) has been enabled. LA_DISABLE_LISTENER TCP listener (port number %u) has been disabled. +LA_SET_PORTS_UDP UDP ports have been set: %s. LA_SET_SERVER_PASSWORD The server administrator password has been set. LA_SET_FARM_SETTING The clustering setting has been changed. LA_SET_SERVER_CERT The server certificates have been set. diff --git a/src/bin/hamcore/strtable_ja.stb b/src/bin/hamcore/strtable_ja.stb index 10b6b04b..fd78c9e7 100644 --- a/src/bin/hamcore/strtable_ja.stb +++ b/src/bin/hamcore/strtable_ja.stb @@ -1992,6 +1992,7 @@ LA_CREATE_LISTENER 新しい TCP リスナー (ポート番号 %u) を作成し LA_DELETE_LISTENER TCP リスナー (ポート番号 %u) を削除しました。 LA_ENABLE_LISTENER TCP リスナー (ポート番号 %u) を有効化しました。 LA_DISABLE_LISTENER TCP リスナー (ポート番号 %u) を無効化しました。 +LA_SET_PORTS_UDP UDP ポートの一覧が設定されました: %s. LA_SET_SERVER_PASSWORD サーバー管理者パスワードを設定しました。 LA_SET_FARM_SETTING クラスタリング設定を変更しました。 LA_SET_SERVER_CERT サーバー証明書を設定しました。 diff --git a/src/bin/hamcore/strtable_ko.stb b/src/bin/hamcore/strtable_ko.stb index a6709a84..a03384c8 100644 --- a/src/bin/hamcore/strtable_ko.stb +++ b/src/bin/hamcore/strtable_ko.stb @@ -1970,6 +1970,7 @@ LA_CREATE_LISTENER 새로운 TCP 리스너 (포트 번호 %u)를 만들었습니 LA_DELETE_LISTENER TCP 리스너 (포트 번호 %u)을 삭제했습니다. LA_ENABLE_LISTENER TCP 리스너 (포트 번호 %u)를 활성화했습니다. LA_DISABLE_LISTENER TCP 리스너 (포트 번호 %u)를 비활성화했습니다. +LA_SET_PORTS_UDP UDP ports have been set: %s. LA_SET_SERVER_PASSWORD 서버 관리자 암호를 설정했습니다. LA_SET_FARM_SETTING 클러스터링 설정을 변경했습니다. LA_SET_SERVER_CERT 서버 인증서를 설정했습니다. diff --git a/src/bin/hamcore/strtable_pt_br.stb b/src/bin/hamcore/strtable_pt_br.stb index 528ca1f7..adee21aa 100644 --- a/src/bin/hamcore/strtable_pt_br.stb +++ b/src/bin/hamcore/strtable_pt_br.stb @@ -1989,6 +1989,7 @@ LA_CREATE_LISTENER A new TCP listener (port number %u) has been created. LA_DELETE_LISTENER TCP listener (port number %u) has been deleted. LA_ENABLE_LISTENER TCP listener (port number %u) has been enabled. LA_DISABLE_LISTENER TCP listener (port number %u) has been disabled. +LA_SET_PORTS_UDP UDP ports have been set: %s. LA_SET_SERVER_PASSWORD The server administrator password has been set. LA_SET_FARM_SETTING The clustering setting has been changed. LA_SET_SERVER_CERT The server certificates have been set. diff --git a/src/bin/hamcore/strtable_ru.stb b/src/bin/hamcore/strtable_ru.stb index 6849c398..f493829b 100644 --- a/src/bin/hamcore/strtable_ru.stb +++ b/src/bin/hamcore/strtable_ru.stb @@ -1989,6 +1989,7 @@ LA_CREATE_LISTENER A new TCP listener (port number %u) has been created. LA_DELETE_LISTENER TCP listener (port number %u) has been deleted. LA_ENABLE_LISTENER TCP listener (port number %u) has been enabled. LA_DISABLE_LISTENER TCP listener (port number %u) has been disabled. +LA_SET_PORTS_UDP UDP ports have been set: %s. LA_SET_SERVER_PASSWORD The server administrator password has been set. LA_SET_FARM_SETTING The clustering setting has been changed. LA_SET_SERVER_CERT The server certificates have been set. diff --git a/src/bin/hamcore/strtable_tw.stb b/src/bin/hamcore/strtable_tw.stb index aa4df1f5..74a5f72f 100644 --- a/src/bin/hamcore/strtable_tw.stb +++ b/src/bin/hamcore/strtable_tw.stb @@ -2009,6 +2009,7 @@ LA_CREATE_LISTENER 已建立新 TCP 監聽器 (埠號 %u)。 LA_DELETE_LISTENER 已刪除 TCP 監聽器 (埠號 %u)。 LA_ENABLE_LISTENER 已啟用 TCP 監聽器 (埠號 %u)。 LA_DISABLE_LISTENER 已禁用 TCP 監聽器 (埠號 %u)。 +LA_SET_PORTS_UDP UDP ports have been set: %s. LA_SET_SERVER_PASSWORD 服務端管理員密碼設置完成。 LA_SET_FARM_SETTING 群集設置變更完成。 LA_SET_SERVER_CERT 服務端證書設定完成。 From 37f28b411937eb6ab13b787beb2ebcb3fe8e3f00 Mon Sep 17 00:00:00 2001 From: Davide Beatrici Date: Tue, 19 May 2020 04:53:38 +0200 Subject: [PATCH 3/7] Cedar/Command: add "limit_range" parameter to StrToPortList() Originally, StrToPortList() returned NULL when it encountered a number equal to 0 or higher than 65535. This commit adds a new parameter to the function called "limit_range": - When its value is true, the function retains the original behavior. - When its value is false, the function doesn't check whether the number is in the network port number range (1-65535). The change is required because the command to set the UDP ports will allow to remove all ports by specifying "0" as the port number. --- src/Cedar/Command.c | 10 +++++----- src/Cedar/Command.h | 2 +- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/src/Cedar/Command.c b/src/Cedar/Command.c index ff5df3ed..d033339a 100644 --- a/src/Cedar/Command.c +++ b/src/Cedar/Command.c @@ -7880,7 +7880,7 @@ bool CmdEvalIp(CONSOLE *c, wchar_t *str, void *param) } // Convert a string to port list -LIST *StrToPortList(char *str) +LIST *StrToPortList(char *str, bool limit_range) { LIST *o; TOKEN_LIST *t; @@ -7915,7 +7915,7 @@ LIST *StrToPortList(char *str) return NULL; } n = ToInt(s); - if (n == 0 || n >= 65536) + if (limit_range && (n == 0 || n >= 65536)) { ReleaseList(o); FreeToken(t); @@ -7958,7 +7958,7 @@ UINT PsClusterSettingMember(CONSOLE *c, char *cmd_name, wchar_t *str, void *para // "name", prompt_proc, prompt_param, eval_proc, eval_param {"[server:port]", CmdPrompt, _UU("CMD_ClusterSettingMember_Prompt_HOST_1"), CmdEvalHostAndPort, NULL}, {"IP", PsClusterSettingMemberPromptIp, NULL, CmdEvalIp, NULL}, - {"PORTS", PsClusterSettingMemberPromptPorts, NULL, CmdEvalPortList, NULL}, + {"PORTS", PsClusterSettingMemberPromptPorts, NULL, CmdEvalPortList, (void *)true}, {"PASSWORD", CmdPromptChoosePassword, NULL, NULL, NULL}, {"WEIGHT", NULL, NULL, NULL, NULL}, }; @@ -7997,7 +7997,7 @@ UINT PsClusterSettingMember(CONSOLE *c, char *cmd_name, wchar_t *str, void *para ports_str = GetParamStr(o, "PORTS"); - ports = StrToPortList(ports_str); + ports = StrToPortList(ports_str, true); t.NumPort = LIST_NUM(ports); t.Ports = ZeroMalloc(sizeof(UINT) * t.NumPort); @@ -8044,7 +8044,7 @@ bool CmdEvalPortList(CONSOLE *c, wchar_t *str, void *param) s = CopyUniToStr(str); - o = StrToPortList(s); + o = StrToPortList(s, (bool)param); if (o != NULL) { diff --git a/src/Cedar/Command.h b/src/Cedar/Command.h index 94345670..55a71718 100644 --- a/src/Cedar/Command.h +++ b/src/Cedar/Command.h @@ -227,7 +227,7 @@ char *CmdPasswordPrompt(CONSOLE *c); bool CmdEvalIp(CONSOLE *c, wchar_t *str, void *param); wchar_t *PsClusterSettingMemberPromptIp(CONSOLE *c, void *param); bool CmdEvalHostAndPort(CONSOLE *c, wchar_t *str, void *param); -LIST *StrToPortList(char *str); +LIST *StrToPortList(char *str, bool limit_range); bool CmdEvalPortList(CONSOLE *c, wchar_t *str, void *param); wchar_t *PsClusterSettingMemberPromptPorts(CONSOLE *c, void *param); K *CmdLoadKey(CONSOLE *c, wchar_t *filename); From 9e6476c7b2da586e121a3abc39863d31ab311443 Mon Sep 17 00:00:00 2001 From: Davide Beatrici Date: Wed, 20 May 2020 03:11:22 +0200 Subject: [PATCH 4/7] Cedar/Command: Implement PortsUDPGet and PortsUDPSet commands PortsUDPSet: This command can be used to specify a single or multiple UDP ports the server should listen on. "0" can be specified to disable the UDP listener. Administrator privileges are required to execute the command. PortsUDPGet: This command can be used to retrieve the UDP ports the server is listening on. The two commands replace the functionality that was previously provided by OpenVpnEnable and OpenVpnGet, respectively. --- src/Cedar/Command.c | 107 +++++++++++++++++++++++++++++ src/Cedar/Command.h | 2 + src/bin/hamcore/strtable_cn.stb | 14 ++++ src/bin/hamcore/strtable_en.stb | 14 ++++ src/bin/hamcore/strtable_ja.stb | 14 ++++ src/bin/hamcore/strtable_ko.stb | 14 ++++ src/bin/hamcore/strtable_pt_br.stb | 14 ++++ src/bin/hamcore/strtable_ru.stb | 14 ++++ src/bin/hamcore/strtable_tw.stb | 14 ++++ 9 files changed, 207 insertions(+) diff --git a/src/Cedar/Command.c b/src/Cedar/Command.c index d033339a..490a1d5d 100644 --- a/src/Cedar/Command.c +++ b/src/Cedar/Command.c @@ -7505,6 +7505,8 @@ void PsMain(PS *ps) {"ListenerList", PsListenerList}, {"ListenerEnable", PsListenerEnable}, {"ListenerDisable", PsListenerDisable}, + {"PortsUDPGet", PsPortsUDPGet}, + {"PortsUDPSet", PsPortsUDPSet}, {"ServerPasswordSet", PsServerPasswordSet}, {"ClusterSettingGet", PsClusterSettingGet}, {"ClusterSettingStandalone", PsClusterSettingStandalone}, @@ -22888,6 +22890,111 @@ UINT PsListenerEnable(CONSOLE *c, char *cmd_name, wchar_t *str, void *param) return 0; } +// Set UDP ports the server should listen on +UINT PsPortsUDPSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param) +{ + LIST *o, *ports; + PS *ps = (PS *)param; + UINT ret; + RPC_PORTS t; + PARAM args[] = + { + {"[ports]", CmdPrompt, _UU("CMD_PortsUDPSet_[ports]"), CmdEvalPortList, (void *)false} + }; + + o = ParseCommandList(c, cmd_name, str, args, sizeof(args) / sizeof(args[0])); + if (o == NULL) + { + return ERR_INVALID_PARAMETER; + } + + ports = StrToPortList(GetParamStr(o, "[ports]"), false); + + FreeParamValueList(o); + + t.Num = LIST_NUM(ports); + if (t.Num > 0) + { + UINT i; + t.Ports = Malloc(sizeof(UINT) * t.Num); + + for (i = 0; i < t.Num; ++i) + { + t.Ports[i] = (UINT)LIST_DATA(ports, i); + } + } + else + { + t.Ports = NULL; + } + + ReleaseList(ports); + + ret = ScSetPortsUDP(ps->Rpc, &t); + if (ret != ERR_NO_ERROR) + { + CmdPrintError(c, ret); + } + + Free(t.Ports); + + return ret; +} + +// List UDP ports the server is listening on +UINT PsPortsUDPGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param) +{ + LIST *o; + PS *ps = (PS *)param; + UINT ret; + RPC_PORTS t; + + o = ParseCommandList(c, cmd_name, str, NULL, 0); + if (o == NULL) + { + return ERR_INVALID_PARAMETER; + } + + FreeParamValueList(o); + + Zero(&t, sizeof(t)); + + ret = ScGetPortsUDP(ps->Rpc, &t); + if (ret == ERR_NO_ERROR) + { + wchar_t str[MAX_SIZE]; + CT *ct = CtNewStandard(); + + Zero(str, sizeof(str)); + + if (t.Num > 0) + { + UINT i; + wchar_t buf[MAX_SIZE]; + + UniFormat(buf, sizeof(buf), L"%u", t.Ports[0]); + UniStrCat(str, sizeof(str), buf); + + for (i = 1; i < t.Num; ++i) + { + UniFormat(buf, sizeof(buf), L", %u", t.Ports[i]); + UniStrCat(str, sizeof(str), buf); + } + } + + CtInsert(ct, _UU("CMD_PortsUDPGet_Ports"), str); + CtFree(ct, c); + } + else + { + CmdPrintError(c, ret); + } + + FreeRpcPorts(&t); + + return ret; +} + // Draw a row of console table void CtPrintRow(CONSOLE *c, UINT num, UINT *widths, wchar_t **strings, bool *rights, char separate_char) { diff --git a/src/Cedar/Command.h b/src/Cedar/Command.h index 55a71718..a0deaebc 100644 --- a/src/Cedar/Command.h +++ b/src/Cedar/Command.h @@ -398,6 +398,8 @@ UINT PsListenerDelete(CONSOLE *c, char *cmd_name, wchar_t *str, void *param); UINT PsListenerList(CONSOLE *c, char *cmd_name, wchar_t *str, void *param); UINT PsListenerEnable(CONSOLE *c, char *cmd_name, wchar_t *str, void *param); UINT PsListenerDisable(CONSOLE *c, char *cmd_name, wchar_t *str, void *param); +UINT PsPortsUDPSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param); +UINT PsPortsUDPGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param); UINT PsServerPasswordSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param); UINT PsClusterSettingGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param); UINT PsClusterSettingStandalone(CONSOLE *c, char *cmd_name, wchar_t *str, void *param); diff --git a/src/bin/hamcore/strtable_cn.stb b/src/bin/hamcore/strtable_cn.stb index fec68e3a..7fc24942 100644 --- a/src/bin/hamcore/strtable_cn.stb +++ b/src/bin/hamcore/strtable_cn.stb @@ -4567,6 +4567,20 @@ CMD_ListenerDisable_[port] 使用一个整数,指定要停止的 TCP/IP 监 CMD_ListenerDisable_PortPrompt 启动 TCP/IP 监听器端口号: +# PortsUDPSet command +CMD_PortsUDPSet Sets the UDP ports that the server should listen on +CMD_PortsUDPSet_Help This command can be used to specify a single or multiple UDP ports the server should listen on. \nYou can specify a port that is used by another process, however the server will not be able to use it until the port becomes free. \nSpecify a port number that is within the range of 1 to 65535. \nYou can list the ports that are currently set with the PortsUDPGet command. \nTo execute this command, you must have VPN Server administrator privileges. +CMD_PortsUDPSet_Args PortsUDPSet [ports] +CMD_PortsUDPSet_[ports] Multiple UDP ports can be specified by splitting them with a space or a comma, for example: "443, 992, 1194, 5555". \nSpecify "0" to disable the UDP listener. \n\nPorts: + + +# PortsUDPGet command +CMD_PortsUDPGet Lists the UDP ports that the server is listening on +CMD_PortsUDPGet_Help This command can be used to retrieve the UDP ports the server is listening on. \nYou can set the ports with the PortsUDPSet command. +CMD_PortsUDPGet_Args PortsUDPGet +CMD_PortsUDPGet_Ports UDP ports + + # ServerPasswordSet 命令 CMD_ServerPasswordSet 设置 VPN Server 管理员密码 CMD_ServerPasswordSet_Help 这将设置 VPN Server 管理员密码。您可以指定密码为一个参数。如果密码没有指定,将显示提示输入密码和密码确认。如果指定密码为一个参数,这个密码将在屏幕上显示瞬间,这构成了风险。我们建议尽可能避免指定这个参数,使用密码提示输入密码。\n为了执行这个命令,您必须有 VPN Server 管理员权限。 diff --git a/src/bin/hamcore/strtable_en.stb b/src/bin/hamcore/strtable_en.stb index 2edc6d7b..2e19c4e7 100644 --- a/src/bin/hamcore/strtable_en.stb +++ b/src/bin/hamcore/strtable_en.stb @@ -4549,6 +4549,20 @@ CMD_ListenerDisable_[port] Using an integer, specify the port number of the TCP/ CMD_ListenerDisable_PortPrompt Port number of TCP/IP Listener to start: +# PortsUDPSet command +CMD_PortsUDPSet Sets the UDP ports that the server should listen on +CMD_PortsUDPSet_Help This command can be used to specify a single or multiple UDP ports the server should listen on. \nYou can specify a port that is used by another process, however the server will not be able to use it until the port becomes free. \nSpecify a port number that is within the range of 1 to 65535. \nYou can list the ports that are currently set with the PortsUDPGet command. \nTo execute this command, you must have VPN Server administrator privileges. +CMD_PortsUDPSet_Args PortsUDPSet [ports] +CMD_PortsUDPSet_[ports] Multiple UDP ports can be specified by splitting them with a space or a comma, for example: "443, 992, 1194, 5555". \nSpecify "0" to disable the UDP listener. \n\nPorts: + + +# PortsUDPGet command +CMD_PortsUDPGet Lists the UDP ports that the server is listening on +CMD_PortsUDPGet_Help This command can be used to retrieve the UDP ports the server is listening on. \nYou can set the ports with the PortsUDPSet command. +CMD_PortsUDPGet_Args PortsUDPGet +CMD_PortsUDPGet_Ports UDP ports + + # ServerPasswordSet command CMD_ServerPasswordSet Set VPN Server Administrator Password CMD_ServerPasswordSet_Help This sets the VPN Server administrator password. You can specify the password as a parameter. If the password is not specified, a prompt will be displayed to input the password and password confirmation. If you include the password as a parameter, this password will be displayed momentarily on the screen, which poses a risk. We recommend that whenever possible, avoid specifying this parameter and input the password using the password prompt. \nTo execute this command, you must have VPN Server administrator privileges. diff --git a/src/bin/hamcore/strtable_ja.stb b/src/bin/hamcore/strtable_ja.stb index fd78c9e7..df5005f5 100644 --- a/src/bin/hamcore/strtable_ja.stb +++ b/src/bin/hamcore/strtable_ja.stb @@ -4552,6 +4552,20 @@ CMD_ListenerDisable_[port] 停止する TCP/IP リスナーのポート番号を CMD_ListenerDisable_PortPrompt 開始する TCP/IP リスナーのポート番号: +# PortsUDPSet command +CMD_PortsUDPSet サーバーが着信を受付ける UDP ポート番号の一覧を設定します。 +CMD_PortsUDPSet_Help このコマンドを使用すると、このサーバーが着信を受付ける単一または複数の UDP ポートの一覧を設定することができます。\n他のプロセスによって使用されている UDP ポートを設定することも可能ですが、そのポートが解放されるまでは機能しません。\nポート番号は、1 から 65535 の間で指定します。\n現在設定されているポートの一覧は、PortsUDPGet コマンドを使用して確認することができます。\nこのコマンドを実行するには、VPN Server の管理者権限が必要です。 +CMD_PortsUDPSet_Args PortsUDPSet [ports] +CMD_PortsUDPSet_[ports] 複数のポート番号を指定する場合は、スペース文字またはカンマ文字で区切ってください。例: "443, 992, 1194, 5555". \n"0" を指定すると、UDP リスナーを無効化することができます。\n\nポート一覧: + + +# PortsUDPGet command +CMD_PortsUDPGet サーバーにおける着信 UDP ポートの一覧を表示します。 +CMD_PortsUDPGet_Help このコマンドを使用すると、サーバーで待受け状態になっている UDP ポートの一覧を表示することができます。\nポートの設定を変更するには、PortsUDPSet コマンドを使用してください。 +CMD_PortsUDPGet_Args PortsUDPGet +CMD_PortsUDPGet_Ports UDP ポート一覧 + + # ServerPasswordSet コマンド CMD_ServerPasswordSet VPN Server の管理者パスワードの設定 CMD_ServerPasswordSet_Help VPN Server の管理者パスワードを設定します。パラメータとしてパスワードを指定することができます。パラメータを指定しない場合は、パスワードと、その確認入力を行なうためのプロンプトが表示されます。パスワードをパラメータに与えた場合、そのパスワードが一時的に画面に表示されるため危険です。できる限り、パラメータを指定せずに、パスワードプロンプトを用いてパスワードを入力することを推奨します。\nこのコマンドを実行するには、VPN Server の管理者権限が必要です。 diff --git a/src/bin/hamcore/strtable_ko.stb b/src/bin/hamcore/strtable_ko.stb index a03384c8..2aa883b7 100644 --- a/src/bin/hamcore/strtable_ko.stb +++ b/src/bin/hamcore/strtable_ko.stb @@ -4530,6 +4530,20 @@ CMD_ListenerDisable_[port] 중지 TCP/IP 리스너의 포트 번호를 정수로 CMD_ListenerDisable_PortPrompt 시작하는 TCP/IP 리스너 포트 번호: +# PortsUDPSet command +CMD_PortsUDPSet Sets the UDP ports that the server should listen on +CMD_PortsUDPSet_Help This command can be used to specify a single or multiple UDP ports the server should listen on. \nYou can specify a port that is used by another process, however the server will not be able to use it until the port becomes free. \nSpecify a port number that is within the range of 1 to 65535. \nYou can list the ports that are currently set with the PortsUDPGet command. \nTo execute this command, you must have VPN Server administrator privileges. +CMD_PortsUDPSet_Args PortsUDPSet [ports] +CMD_PortsUDPSet_[ports] Multiple UDP ports can be specified by splitting them with a space or a comma, for example: "443, 992, 1194, 5555". \nSpecify "0" to disable the UDP listener. \n\nPorts: + + +# PortsUDPGet command +CMD_PortsUDPGet Lists the UDP ports that the server is listening on +CMD_PortsUDPGet_Help This command can be used to retrieve the UDP ports the server is listening on. \nYou can set the ports with the PortsUDPSet command. +CMD_PortsUDPGet_Args PortsUDPGet +CMD_PortsUDPGet_Ports UDP ports + + # ServerPasswordSet 명령 CMD_ServerPasswordSet VPN Server 관리자 암호 설정 CMD_ServerPasswordSet_Help VPN Server 관리자 암호를 설정합니다. 매개 변수로 암호를 지정 할 수 있습니다. 매개 변수를 지정하지 않으면, 패스워드와 그 확인 입력을위한 프롬프트가 표시됩니다. 비밀번호를 매개 변수로 주었을 경우, 암호가 일시적으로 화면에 표시되기 때문에 위험합니다. 가능한 매개 변수를 지정하지 않고 암호 프롬프트를 사용하여 암호를 입력 할 것을 권장합니다. \n이 명령을 실행하려면 VPN Server 관리자 권한이 있어야합니다. diff --git a/src/bin/hamcore/strtable_pt_br.stb b/src/bin/hamcore/strtable_pt_br.stb index adee21aa..0e3c35be 100644 --- a/src/bin/hamcore/strtable_pt_br.stb +++ b/src/bin/hamcore/strtable_pt_br.stb @@ -4271,6 +4271,20 @@ CMD_ListenerDisable_[port] Using an integer, specify the port number of the TCP/ CMD_ListenerDisable_PortPrompt Port number of TCP/IP Listener to start: +# PortsUDPSet command +CMD_PortsUDPSet Sets the UDP ports that the server should listen on +CMD_PortsUDPSet_Help This command can be used to specify a single or multiple UDP ports the server should listen on. \nYou can specify a port that is used by another process, however the server will not be able to use it until the port becomes free. \nSpecify a port number that is within the range of 1 to 65535. \nYou can list the ports that are currently set with the PortsUDPGet command. \nTo execute this command, you must have VPN Server administrator privileges. +CMD_PortsUDPSet_Args PortsUDPSet [ports] +CMD_PortsUDPSet_[ports] Multiple UDP ports can be specified by splitting them with a space or a comma, for example: "443, 992, 1194, 5555". \nSpecify "0" to disable the UDP listener. \n\nPorts: + + +# PortsUDPGet command +CMD_PortsUDPGet Lists the UDP ports that the server is listening on +CMD_PortsUDPGet_Help This command can be used to retrieve the UDP ports the server is listening on. \nYou can set the ports with the PortsUDPSet command. +CMD_PortsUDPGet_Args PortsUDPGet +CMD_PortsUDPGet_Ports UDP ports + + # ServerPasswordSet command CMD_ServerPasswordSet Set VPN Server Administrator Password CMD_ServerPasswordSet_Help This sets the VPN Server administrator password. You can specify the password as a parameter. If the password is not specified, a prompt will be displayed to input the password and password confirmation. If you include the password as a parameter, this password will be displayed momentarily on the screen, which poses a risk. We recommend that whenever possible, avoid specifying this parameter and input the password using the password prompt. \nTo execute this command, you must have VPN Server administrator privileges. diff --git a/src/bin/hamcore/strtable_ru.stb b/src/bin/hamcore/strtable_ru.stb index f493829b..b66382f3 100644 --- a/src/bin/hamcore/strtable_ru.stb +++ b/src/bin/hamcore/strtable_ru.stb @@ -4549,6 +4549,20 @@ CMD_ListenerDisable_[port] Using an integer, specify the port number of the TCP/ CMD_ListenerDisable_PortPrompt Port number of TCP/IP Listener to start: +# PortsUDPSet command +CMD_PortsUDPSet Sets the UDP ports that the server should listen on +CMD_PortsUDPSet_Help This command can be used to specify a single or multiple UDP ports the server should listen on. \nYou can specify a port that is used by another process, however the server will not be able to use it until the port becomes free. \nSpecify a port number that is within the range of 1 to 65535. \nYou can list the ports that are currently set with the PortsUDPGet command. \nTo execute this command, you must have VPN Server administrator privileges. +CMD_PortsUDPSet_Args PortsUDPSet [ports] +CMD_PortsUDPSet_[ports] Multiple UDP ports can be specified by splitting them with a space or a comma, for example: "443, 992, 1194, 5555". \nSpecify "0" to disable the UDP listener. \n\nPorts: + + +# PortsUDPGet command +CMD_PortsUDPGet Lists the UDP ports that the server is listening on +CMD_PortsUDPGet_Help This command can be used to retrieve the UDP ports the server is listening on. \nYou can set the ports with the PortsUDPSet command. +CMD_PortsUDPGet_Args PortsUDPGet +CMD_PortsUDPGet_Ports UDP ports + + # ServerPasswordSet command CMD_ServerPasswordSet Set VPN Server Administrator Password CMD_ServerPasswordSet_Help This sets the VPN Server administrator password. You can specify the password as a parameter. If the password is not specified, a prompt will be displayed to input the password and password confirmation. If you include the password as a parameter, this password will be displayed momentarily on the screen, which poses a risk. We recommend that whenever possible, avoid specifying this parameter and input the password using the password prompt. \nTo execute this command, you must have VPN Server administrator privileges. diff --git a/src/bin/hamcore/strtable_tw.stb b/src/bin/hamcore/strtable_tw.stb index 74a5f72f..5e32ed27 100644 --- a/src/bin/hamcore/strtable_tw.stb +++ b/src/bin/hamcore/strtable_tw.stb @@ -4568,6 +4568,20 @@ CMD_ListenerDisable_[port] 使用一個整數,指定要停止的 TCP/IP 監聽 CMD_ListenerDisable_PortPrompt 啟動 TCP/IP 監聽器埠號: +# PortsUDPSet command +CMD_PortsUDPSet Sets the UDP ports that the server should listen on +CMD_PortsUDPSet_Help This command can be used to specify a single or multiple UDP ports the server should listen on. \nYou can specify a port that is used by another process, however the server will not be able to use it until the port becomes free. \nSpecify a port number that is within the range of 1 to 65535. \nYou can list the ports that are currently set with the PortsUDPGet command. \nTo execute this command, you must have VPN Server administrator privileges. +CMD_PortsUDPSet_Args PortsUDPSet [ports] +CMD_PortsUDPSet_[ports] Multiple UDP ports can be specified by splitting them with a space or a comma, for example: "443, 992, 1194, 5555". \nSpecify "0" to disable the UDP listener. \n\nPorts: + + +# PortsUDPGet command +CMD_PortsUDPGet Lists the UDP ports that the server is listening on +CMD_PortsUDPGet_Help This command can be used to retrieve the UDP ports the server is listening on. \nYou can set the ports with the PortsUDPSet command. +CMD_PortsUDPGet_Args PortsUDPGet +CMD_PortsUDPGet_Ports UDP ports + + # ServerPasswordSet 命令 CMD_ServerPasswordSet 設置 VPN Server 管理員密碼 CMD_ServerPasswordSet_Help 這將設置 VPN Server 管理員密碼。您可以指定密碼為一個參數。如果密碼沒有指定,將顯示提示輸入密碼和密碼確認。如果指定密碼為一個參數,這個密碼將在螢幕上顯示瞬間,這構成了風險。我們建議盡可能避免指定這個參數,使用密碼提示輸入密碼。\n為了執行這個命令,您必須有 VPN Server 管理員許可權。 From c52e49de2d23ed50c19cfb089dcb418cf77a490c Mon Sep 17 00:00:00 2001 From: Davide Beatrici Date: Wed, 20 May 2020 01:47:13 +0200 Subject: [PATCH 5/7] Cedar/SM: replace SmStrToPortList() with StrToPortList() The function only called StrToPortList(), thus it can safely be replaced with the upstream function. --- src/Cedar/SM.c | 10 ++-------- src/Cedar/SMInner.h | 1 - 2 files changed, 2 insertions(+), 9 deletions(-) diff --git a/src/Cedar/SM.c b/src/Cedar/SM.c index 7276f289..f4fe5baf 100644 --- a/src/Cedar/SM.c +++ b/src/Cedar/SM.c @@ -15542,12 +15542,6 @@ UINT SmFarmMemberDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void return 0; } -// Convert the string to port list -LIST *SmStrToPortList(char *str) -{ - return StrToPortList(str); -} - // Initialize the dialog void SmFarmDlgInit(HWND hWnd, SM_SERVER *p) { @@ -15680,7 +15674,7 @@ void SmFarmDlgUpdate(HWND hWnd, SM_SERVER *p) } s = GetTextA(hWnd, E_PORT); - o = SmStrToPortList(s); + o = StrToPortList(s, true); if (o == NULL) { ok = false; @@ -15787,7 +15781,7 @@ void SmFarmDlgOnOk(HWND hWnd, SM_SERVER *p) s = GetTextA(hWnd, E_PORT); if (s != NULL) { - LIST *o = SmStrToPortList(s); + LIST *o = StrToPortList(s, true); if (o != NULL) { UINT i; diff --git a/src/Cedar/SMInner.h b/src/Cedar/SMInner.h index 03372889..b41d2b34 100644 --- a/src/Cedar/SMInner.h +++ b/src/Cedar/SMInner.h @@ -440,7 +440,6 @@ UINT SmFarmDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *para void SmFarmDlgInit(HWND hWnd, SM_SERVER *p); void SmFarmDlgUpdate(HWND hWnd, SM_SERVER *p); void SmFarmDlgOnOk(HWND hWnd, SM_SERVER *p); -LIST *SmStrToPortList(char *str); UINT SmFarmMemberDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param); void SmFarmMemberDlgInit(HWND hWnd, SM_SERVER *p); void SmFarmMemberDlgUpdate(HWND hWnd, SM_SERVER *p); From c4838006b1be46f9788ca0c37396e7f1dc953d87 Mon Sep 17 00:00:00 2001 From: Davide Beatrici Date: Wed, 20 May 2020 04:41:18 +0200 Subject: [PATCH 6/7] Cedar/SM.c: move UDP ports setting outside of the OpenVPN/SSTP dialog This commit moves the UDP ports setting right below the TCP listeners and uses the new RPC methods to get and set them. --- src/Cedar/SM.c | 80 ++++++++++++++++++++++++------ src/PenCore/PenCore.rc | 49 +++++++++--------- src/PenCore/resource.h | 3 +- src/bin/hamcore/strtable_cn.stb | 5 +- src/bin/hamcore/strtable_en.stb | 5 +- src/bin/hamcore/strtable_ja.stb | 5 +- src/bin/hamcore/strtable_ko.stb | 5 +- src/bin/hamcore/strtable_pt_br.stb | 5 +- src/bin/hamcore/strtable_ru.stb | 5 +- src/bin/hamcore/strtable_tw.stb | 5 +- 10 files changed, 105 insertions(+), 62 deletions(-) diff --git a/src/Cedar/SM.c b/src/Cedar/SM.c index f4fe5baf..bd649c00 100644 --- a/src/Cedar/SM.c +++ b/src/Cedar/SM.c @@ -1072,7 +1072,6 @@ UINT SmOpenVpnDlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param switch (LOWORD(wParam)) { case R_OPENVPN: - case E_UDP: case R_SSTP: SmOpenVpnDlgUpdate(hWnd, s); break; @@ -1084,12 +1083,6 @@ UINT SmOpenVpnDlg(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param SmOpenVpnDlgOnOk(hWnd, s, false); break; - case B_DEFAULT: - ToStr(tmp, OPENVPN_UDP_PORT); - SetTextA(hWnd, E_UDP, tmp); - FocusEx(hWnd, E_UDP); - break; - case B_CONFIG: // Create an OpenVPN configuration { @@ -1198,13 +1191,11 @@ void SmOpenVpnDlgInit(HWND hWnd, SM_SERVER *s) } Check(hWnd, R_OPENVPN, t.EnableOpenVPN); - SetTextA(hWnd, E_UDP, t.OpenVPNPortList); Check(hWnd, R_SSTP, t.EnableSSTP); SetIcon(hWnd, 0, ICO_OPENVPN); DlgFont(hWnd, S_TITLE, 14, true); - SetFont(hWnd, E_UDP, GetFont("Verdana", 10, false, false, false, false)); DlgFont(hWnd, R_OPENVPN, 0, true); DlgFont(hWnd, S_TOOL, 11, true); @@ -1224,10 +1215,6 @@ void SmOpenVpnDlgUpdate(HWND hWnd, SM_SERVER *s) b1 = IsChecked(hWnd, R_OPENVPN); b2 = IsChecked(hWnd, R_SSTP); - SetEnable(hWnd, S_UDP, b1); - SetEnable(hWnd, E_UDP, b1); - SetEnable(hWnd, B_DEFAULT, b1); - SetEnable(hWnd, S_UDP2, b1); SetEnable(hWnd, S_TOOL, b1); SetEnable(hWnd, S_TOOL2, b1); SetEnable(hWnd, B_CONFIG, b1); @@ -1246,7 +1233,6 @@ void SmOpenVpnDlgOnOk(HWND hWnd, SM_SERVER *s, bool no_close) Zero(&t, sizeof(t)); t.EnableOpenVPN = IsChecked(hWnd, R_OPENVPN); - GetTxtA(hWnd, E_UDP, t.OpenVPNPortList, sizeof(t.OpenVPNPortList)); t.EnableSSTP = IsChecked(hWnd, R_SSTP); if (CALL(hWnd, ScSetOpenVpnSstpConfig(s->Rpc, &t)) == false) @@ -18272,6 +18258,7 @@ void SmServerDlgRefresh(HWND hWnd, SM_SERVER *p) { RPC_ENUM_HUB t; RPC_LISTENER_LIST t2; + RPC_PORTS t3; DDNS_CLIENT_STATUS st; RPC_AZURE_STATUS sta; UINT i; @@ -18389,6 +18376,32 @@ void SmServerDlgRefresh(HWND hWnd, SM_SERVER *p) FreeRpcListenerList(&t2); } + // Get the UDP ports + Zero(&t3, sizeof(RPC_PORTS)); + if (CALL(hWnd, ScGetPortsUDP(p->Rpc, &t3))) + { + char str[MAX_SIZE]; + + Zero(str, sizeof(str)); + + if (t3.Num > 0) + { + UINT i; + + Format(str, sizeof(str), "%u", t3.Ports[0]); + + for (i = 1; i < t3.Num; ++i) + { + char tmp[MAX_SIZE]; + Format(tmp, sizeof(tmp), ", %u", t3.Ports[i]); + StrCat(str, sizeof(str), tmp); + } + } + + SetTextA(hWnd, E_UDP, str); + FreeRpcPorts(&t3); + } + // Get the DDNS client state Zero(&st, sizeof(st)); if (ScGetDDnsClientStatus(p->Rpc, &st) == ERR_NO_ERROR && IsEmptyStr(st.CurrentFqdn) == false) @@ -18664,6 +18677,45 @@ UINT SmServerDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *pa } break; + case B_APPLY: + { + // Apply UDP ports + bool ret; + LIST* ports; + RPC_PORTS t; + char tmp[MAX_SIZE]; + + GetTxtA(hWnd, E_UDP, tmp, sizeof(tmp)); + ports = StrToPortList(tmp, false); + + t.Num = LIST_NUM(ports); + if (t.Num > 0) + { + UINT i; + t.Ports = Malloc(sizeof(UINT) * t.Num); + + for (i = 0; i < t.Num; ++i) + { + t.Ports[i] = (UINT)LIST_DATA(ports, i); + } + } + else + { + t.Ports = NULL; + } + + ReleaseList(ports); + + if (CALL(hWnd, ScSetPortsUDP(p->Rpc, &t))) + { + SmServerDlgRefresh(hWnd, p); + } + + Free(t.Ports); + + break; + } + case B_SSL: // SSL related SmSslDlg(hWnd, p); diff --git a/src/PenCore/PenCore.rc b/src/PenCore/PenCore.rc index 392a1ed8..6023da7f 100644 --- a/src/PenCore/PenCore.rc +++ b/src/PenCore/PenCore.rc @@ -995,7 +995,7 @@ BEGIN LEFTMARGIN, 7 RIGHTMARGIN, 420 TOPMARGIN, 5 - BOTTOMMARGIN, 326 + BOTTOMMARGIN, 303 END D_SM_DDNS, DIALOG @@ -1908,11 +1908,11 @@ BEGIN PUSHBUTTON "@B_DELETE",B_DELETE,385,129,39,16 GROUPBOX "@STATIC1",IDC_STATIC,7,149,176,106 LTEXT "@STATIC2",IDC_STATIC,14,160,108,9 - CONTROL "",L_LISTENER,"SysListView32",LVS_REPORT | LVS_SHOWSELALWAYS | LVS_SHAREIMAGELISTS | LVS_AUTOARRANGE | WS_BORDER | WS_TABSTOP,14,173,109,76 - PUSHBUTTON "@B_CREATE_LISTENER",B_CREATE_LISTENER,128,170,48,16 - PUSHBUTTON "@B_DELETE_LISTENER",B_DELETE_LISTENER,128,191,48,16 - PUSHBUTTON "@B_START",B_START,128,211,48,16 - PUSHBUTTON "@B_STOP",B_STOP,128,232,48,16 + CONTROL "",L_LISTENER,"SysListView32",LVS_REPORT | LVS_SHOWSELALWAYS | LVS_SHAREIMAGELISTS | LVS_AUTOARRANGE | WS_BORDER | WS_TABSTOP,14,172,109,48 + PUSHBUTTON "@B_CREATE_LISTENER",B_CREATE_LISTENER,128,172,48,12 + PUSHBUTTON "@B_DELETE_LISTENER",B_DELETE_LISTENER,128,184,48,12 + PUSHBUTTON "@B_START",B_START,128,196,48,12 + PUSHBUTTON "@B_STOP",B_STOP,128,208,48,12 GROUPBOX "@STATIC3",IDC_STATIC,187,149,245,106 ICON ICO_KEY,IDC_STATIC,194,161,20,18 PUSHBUTTON "@B_SSL",B_SSL,218,163,100,16 @@ -1951,6 +1951,9 @@ BEGIN PUSHBUTTON "@B_REFRESH",B_REFRESH,307,281,71,16 PUSHBUTTON "@IDCANCEL",IDCANCEL,381,281,50,16 ICON ICO_AZURE,IDC_STATIC,108,281,20,18 + EDITTEXT E_UDP,14,224,109,12,ES_AUTOHSCROLL + LTEXT "@S_UDP",S_UDP,14,238,162,16 + PUSHBUTTON "@B_APPLY",B_APPLY,128,224,48,12 END D_SM_STATUS DIALOGEX 0, 0, 335, 250 @@ -4066,34 +4069,30 @@ BEGIN LTEXT "@S07",IDC_STATIC,88,51,154,55 END -D_SM_OPENVPN DIALOGEX 0, 0, 427, 331 +D_SM_OPENVPN DIALOGEX 0, 0, 427, 308 STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | WS_POPUP | WS_CAPTION | WS_SYSMENU CAPTION "@D_SM_OPENVPN" FONT 9, "MS Shell Dlg", 400, 0, 0x80 BEGIN ICON ICO_OPENVPN,IDC_STATIC,7,5,20,18 LTEXT "@S_TITLE",S_TITLE,32,6,385,16 - GROUPBOX "@S_13",IDC_STATIC,8,26,409,173 + GROUPBOX "@S_13",IDC_STATIC,7,26,409,142 LTEXT "@S_1",IDC_STATIC,15,36,195,37 CONTROL 205,IDC_STATIC,"Static",SS_BITMAP,217,35,194,75 CONTROL "@R_OPENVPN",R_OPENVPN,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,17,75,194,9 - LTEXT "@S_UDP",S_UDP,25,87,186,9 - EDITTEXT E_UDP,25,96,127,13,ES_AUTOHSCROLL - PUSHBUTTON "@B_DEFAULT",B_DEFAULT,159,95,52,15 - LTEXT "@S_UDP2",S_UDP2,26,113,383,24 - CONTROL "",IDC_STATIC,"Static",SS_ETCHEDHORZ,14,138,395,1 - LTEXT "@S_TOOL",S_TOOL,15,143,392,12 - LTEXT "@S_TOOL2",S_TOOL2,24,157,385,22 - PUSHBUTTON "@B_CONFIG",B_CONFIG,120,177,189,15 - GROUPBOX "@S_2",IDC_STATIC,7,202,409,98 - LTEXT "@S_3",IDC_STATIC,14,212,195,37 - CONTROL 206,IDC_STATIC,"Static",SS_BITMAP,215,209,194,85 - CONTROL "@R_SSTP",R_SSTP,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,14,252,194,9 - LTEXT "@S_SSTP",S_SSTP,21,265,188,33 - LTEXT "@S_4",IDC_STATIC,7,302,186,24 - PUSHBUTTON "@B_IPSEC",B_IPSEC,195,311,93,15 - DEFPUSHBUTTON "@IDOK",IDOK,311,311,52,14 - PUSHBUTTON "@IDCANCEL",IDCANCEL,368,311,52,14 + CONTROL "",IDC_STATIC,"Static",SS_ETCHEDHORZ,14,107,395,1 + LTEXT "@S_TOOL",S_TOOL,15,112,392,12 + LTEXT "@S_TOOL2",S_TOOL2,24,126,385,22 + PUSHBUTTON "@B_CONFIG",B_CONFIG,120,146,189,15 + GROUPBOX "@S_2",IDC_STATIC,7,175,409,98 + LTEXT "@S_3",IDC_STATIC,14,185,195,37 + CONTROL 206,IDC_STATIC,"Static",SS_BITMAP,215,182,194,85 + CONTROL "@R_SSTP",R_SSTP,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,14,225,194,9 + LTEXT "@S_SSTP",S_SSTP,21,238,188,33 + LTEXT "@S_4",IDC_STATIC,7,279,186,24 + PUSHBUTTON "@B_IPSEC",B_IPSEC,195,288,93,15 + DEFPUSHBUTTON "@IDOK",IDOK,311,288,52,14 + PUSHBUTTON "@IDCANCEL",IDCANCEL,368,288,52,14 END D_SM_DDNS DIALOGEX 0, 0, 415, 287 diff --git a/src/PenCore/resource.h b/src/PenCore/resource.h index bb4eca31..2f50d0e6 100644 --- a/src/PenCore/resource.h +++ b/src/PenCore/resource.h @@ -396,7 +396,6 @@ #define B_IPSEC 1096 #define S_INFO 1097 #define B_OPENVPN 1097 -#define B_DEFAULT 1097 #define S_PORT 1098 #define B_BRIDGE2 1098 #define B_DDNS 1098 @@ -960,7 +959,7 @@ #define S_WIN8 1457 #define R_OPENVPN 1458 #define S_UDP 1459 -#define S_UDP2 1460 +#define B_APPLY 1460 #define S_TOOL 1461 #define S_TOOL2 1462 #define R_SSTP 1463 diff --git a/src/bin/hamcore/strtable_cn.stb b/src/bin/hamcore/strtable_cn.stb index 7fc24942..e6eb71da 100644 --- a/src/bin/hamcore/strtable_cn.stb +++ b/src/bin/hamcore/strtable_cn.stb @@ -2576,6 +2576,8 @@ B_CREATE_LISTENER 创建(&R) B_DELETE_LISTENER 删除(&T) B_START 开始(&G) B_STOP 停止(&P) +S_UDP Multiple UDP ports can be specified by splitting them with a space or a comma. Leave empty to disable the UDP listener. +B_APPLY Apply STATIC3 VPN Server 和网络信息和设置(&N) B_SSL 加密与网络(&E) B_STATUS 查看服务器状态(&V) @@ -3883,9 +3885,6 @@ CAPTION OpenVPN / MS-SSTP 设置 S_TITLE OpenVPN / MS-SSTP VPN 克隆 Server 功能设置 S_1 本 VPN Server 具有 OpenVPN 技术责任有限公司的 OpenVPN 软件产品的克隆功能。\r\n\r\n任何 OpenVPN Client 都可以连接到此 VPN Server。 R_OPENVPN 启用 OpenVPN 克隆 Server 功能(&O) -S_UDP 监听 OpenVPN 的 UDP 端口: -B_DEFAULT 恢复默认值(&D) -S_UDP2 多重 UDP 端口可以用空格或者逗号隔开的字母来指定。 \r\nOpenVPN Server 功能也可以在 TCP 端口上运行。任何在 VPN Server 上被定义为监听端的 TCP 端口都可以平等的、分别的接受 OpenVPN 协议。 S_TOOL OpenVPN Client 的示例文件生成工具 S_TOOL2 创建一个 OpenVPN Client 配置是一项艰难的工作。您可以使用此工具来生成一个合适的 OpenVPN Client 配置文件。生成的配置示例文件可马上应用。本来,OpenVPN Client 会要求客户手写一个很难的配置文件。这个工具就可以帮助您创建一个有用的配置样本。您所需要为 OpenVPN Client 生成的配置文件就是点击以下按钮。 B_CONFIG 为 OpenVPN Client 生成配置样本文件(&C) diff --git a/src/bin/hamcore/strtable_en.stb b/src/bin/hamcore/strtable_en.stb index 2e19c4e7..3a6d06d6 100644 --- a/src/bin/hamcore/strtable_en.stb +++ b/src/bin/hamcore/strtable_en.stb @@ -2555,6 +2555,8 @@ B_CREATE_LISTENER C&reate B_DELETE_LISTENER Dele&te B_START Start B_STOP Sto&p +S_UDP Multiple UDP ports can be specified by splitting them with a space or a comma. Leave empty to disable the UDP listener. +B_APPLY Apply STATIC3 VPN Server and &Network Information and Settings: B_SSL &Encryption and Network B_STATUS &View Server Status @@ -3866,9 +3868,6 @@ CAPTION OpenVPN / MS-SSTP Settings S_TITLE OpenVPN / MS-SSTP VPN Clone Server Function Settings S_1 This VPN Server has the clone functions of OpenVPN software products by OpenVPN Technologies, Inc.\r\n\r\nAny OpenVPN Clients can connect to this VPN Server. R_OPENVPN Enable &OpenVPN Clone Server Function -S_UDP UDP Ports to Listen for OpenVPN: -B_DEFAULT Restore &Default -S_UDP2 Multiple UDP ports can be specified with splitting by space or comma letters.\r\nOpenVPN Server Function also runs on TCP ports. Any TCP ports which are defined as listeners on the VPN Server accepts OpenVPN Protocol respectively and equally. S_TOOL Sample File Generating Tool for OpenVPN Clients S_TOOL2 Making a OpenVPN Client configuration file is a very difficult job. You can use this tool to generate an appropriate OpenVPN Client configuration file. The generated configuration sample can be used immediately. B_CONFIG Generate a Sample &Configuration File for OpenVPN Clients diff --git a/src/bin/hamcore/strtable_ja.stb b/src/bin/hamcore/strtable_ja.stb index df5005f5..a15a897c 100644 --- a/src/bin/hamcore/strtable_ja.stb +++ b/src/bin/hamcore/strtable_ja.stb @@ -2560,6 +2560,8 @@ B_CREATE_LISTENER 新規作成(&R) B_DELETE_LISTENER 削除(&T) B_START 開始(&G) B_STOP 停止(&P) +S_UDP 複数の UDP ポートを指定するには、スペースかカンマで区切ってください。空欄にすると UDP リスナーを停止します。 +B_APPLY 適用 STATIC3 サーバー情報の参照および設定(&N) B_SSL 暗号化と通信関係の設定(&W) B_STATUS サーバー状態の表示(&V) @@ -3871,9 +3873,6 @@ CAPTION OpenVPN / MS-SSTP 設定 S_TITLE OpenVPN / MS-SSTP VPN サーバー機能設定 S_1 OpenVPN 社の OpenVPN ソフトウェア製品と同等の VPN サーバー機能を搭載しています。\r\n\r\nOpenVPN クライアントからこの VPN Server に接続できます。 R_OPENVPN &OpenVPN サーバー機能を有効にする -S_UDP OpenVPN サービスを提供する &UDP ポート: -B_DEFAULT 標準に戻す(&D) -S_UDP2 UDP ポートは複数指定できます。複数指定する場合はスペースまたはカンマで区切ってください。\r\nOpenVPN サーバー機能は TCP ポートでも有効になります。この場合、この VPN Server に現在作成されているすべての TCP リスナポートで OpenVPN プロトコルがサポートされます。 S_TOOL OpenVPN クライアント用サンプル設定ファイル自動作成ツール S_TOOL2 本来、OpenVPN クライアントを使うためには設定ファイルを手動で記述する必要があり、これは難易度が高い作業です。しかし、以下のボタンをクリックするだけでこの VPN Server に接続することができる基本的な OpenVPN クライアント用の設定ファイルを自動的に生成することができます。 B_CONFIG OpenVPN クライアント用のサンプル設定ファイルを生成(&C) diff --git a/src/bin/hamcore/strtable_ko.stb b/src/bin/hamcore/strtable_ko.stb index 2aa883b7..348e4db6 100644 --- a/src/bin/hamcore/strtable_ko.stb +++ b/src/bin/hamcore/strtable_ko.stb @@ -2538,6 +2538,8 @@ B_CREATE_LISTENER 새로 만들기 (&R) B_DELETE_LISTENER 삭제 (&T) B_START 시작 (&G) B_STOP 정지 (&P) +S_UDP Multiple UDP ports can be specified by splitting them with a space or a comma. Leave empty to disable the UDP listener. +B_APPLY Apply STATIC3 서버 정보의 확인 및 설정 (&N) B_SSL 암호화 및 통신 관계의 설정 (&W) B_STATUS 서버 상태보기 (&V) @@ -3849,9 +3851,6 @@ CAPTION OpenVPN/MS-SSTP 설정 S_TITLE OpenVPN/MS-SSTP VPN 서버 기능 설정 S_1 OpenVPN 사의 OpenVPN 소프트웨어 제품과 동일한 VPN 서버 기능을 탑재하고 있습니다. \r\n\r\nOpenVPN 클라이언트에서이 VPN Server에 연결할 수 있습니다. R_OPENVPN & OpenVPN 서버 기능을 활성화하려면 -S_UDP OpenVPN 서비스를 제공 및 UDP 포트: -B_DEFAULT 기본값 복원 (&D) -S_UDP2 UDP 포트는 여러 지정할 수 있습니다. 복수 지정하려면 공백 또는 쉼표로 구분하십시오. \r\nOpenVPN 서버 기능은 TCP 포트에서도 사용할 수 있습니다. 이 경우 VPN Server에 현재 생성되어있는 모든 TCP 리스너 포트에서 OpenVPN 프로토콜이 지원됩니다. S_TOOL OpenVPN 클라이언트 샘플 설정 파일 자동 생성 도구 S_TOOL2 원래 OpenVPN 클라이언트를 사용하기 위해서는 설정 파일을 수동으로 작성해야하며 이것은 난이도가 높은 작업입니다. 그러나 다음 버튼을 클릭하면이 VPN Server에 연결할 수있는 기본적인 OpenVPN 클라이언트의 설정 파일을 자동으로 생성 할 수 있습니다. B_CONFIG OpenVPN 클라이언트의 샘플 구성 파일을 생성 (&C) diff --git a/src/bin/hamcore/strtable_pt_br.stb b/src/bin/hamcore/strtable_pt_br.stb index 0e3c35be..b6775309 100644 --- a/src/bin/hamcore/strtable_pt_br.stb +++ b/src/bin/hamcore/strtable_pt_br.stb @@ -2504,6 +2504,8 @@ B_CREATE_LISTENER C&riar B_DELETE_LISTENER Exclui&r B_START Iniciar B_STOP Para&r +S_UDP Multiple UDP ports can be specified by splitting them with a space or a comma. Leave empty to disable the UDP listener. +B_APPLY Apply STATIC3 Informações e configurações do servidor VPN e da rede: B_SSL Criptografia e &rede B_STATUS &Ver status do servidor @@ -3641,9 +3643,6 @@ CAPTION OpenVPN / MS-SSTP Settings S_TITLE OpenVPN / MS-SSTP VPN Clone Server Function Settings S_1 This VPN Server has the clone functions of OpenVPN software products by OpenVPN Technologies, Inc.\r\n\r\nAny OpenVPN Clients can connect to this VPN Server. R_OPENVPN Ativar função OpenVPN Clone Server -S_UDP UDP Ports to Listen for OpenVPN: -B_DEFAULT Restore &Default -S_UDP2 Multiple UDP ports can be specified with splitting by space or comma letters.\r\nOpenVPN Server Function also runs on TCP ports. Any TCP ports which are defined as listeners on the VPN Server accepts OpenVPN Protocol respectively and equally. S_TOOL Sample File Generating Tool for OpenVPN Clients S_TOOL2 Making a OpenVPN Client configuration file is a very difficult job. You can use this tool to generate an appropriate OpenVPN Client configuration file. The generated configuration sample can be used immediately. B_CONFIG Generate a Sample &Configuration File for OpenVPN Clients diff --git a/src/bin/hamcore/strtable_ru.stb b/src/bin/hamcore/strtable_ru.stb index b66382f3..510de4b7 100644 --- a/src/bin/hamcore/strtable_ru.stb +++ b/src/bin/hamcore/strtable_ru.stb @@ -2556,6 +2556,8 @@ B_CREATE_LISTENER C&reate B_DELETE_LISTENER Dele&te B_START Start B_STOP Sto&p +S_UDP Multiple UDP ports can be specified by splitting them with a space or a comma. Leave empty to disable the UDP listener. +B_APPLY Apply STATIC3 VPN Server and &Network Information and Settings: B_SSL &Encryption and Network B_STATUS &View Server Status @@ -3867,9 +3869,6 @@ CAPTION OpenVPN / MS-SSTP Settings S_TITLE OpenVPN / MS-SSTP VPN Clone Server Function Settings S_1 This VPN Server has the clone functions of OpenVPN software products by OpenVPN Technologies, Inc.\r\n\r\nAny OpenVPN Clients can connect to this VPN Server. R_OPENVPN Enable &OpenVPN Clone Server Function -S_UDP UDP Ports to Listen for OpenVPN: -B_DEFAULT Restore &Default -S_UDP2 Multiple UDP ports can be specified with splitting by space or comma letters.\r\nOpenVPN Server Function also runs on TCP ports. Any TCP ports which are defined as listeners on the VPN Server accepts OpenVPN Protocol respectively and equally. S_TOOL Sample File Generating Tool for OpenVPN Clients S_TOOL2 Making a OpenVPN Client configuration file is a very difficult job. You can use this tool to generate an appropriate OpenVPN Client configuration file. The generated configuration sample can be used immediately. B_CONFIG Generate a Sample &Configuration File for OpenVPN Clients diff --git a/src/bin/hamcore/strtable_tw.stb b/src/bin/hamcore/strtable_tw.stb index 5e32ed27..03c2a470 100644 --- a/src/bin/hamcore/strtable_tw.stb +++ b/src/bin/hamcore/strtable_tw.stb @@ -2578,6 +2578,8 @@ B_CREATE_LISTENER 創建(&R) B_DELETE_LISTENER 刪除(&T) B_START 開始(&G) B_STOP 停止(&P) +S_UDP Multiple UDP ports can be specified by splitting them with a space or a comma. Leave empty to disable the UDP listener. +B_APPLY Apply STATIC3 VPN Server 和網路資訊和設置(&N) B_SSL 加密與網路(&E) B_STATUS 查看伺服器狀態(&V) @@ -3884,9 +3886,6 @@ CAPTION OpenVPN / MS-SSTP 設置 S_TITLE OpenVPN / MS-SSTP VPN 克隆 Server 功能設置 S_1 本 VPN Server 具有 OpenVPN 技術責任有限公司的 OpenVPN 軟體產品的克隆功能。\r\n\r\n任何 OpenVPN Client 都可以連接到此 VPN Server。 R_OPENVPN 啟用 OpenVPN 克隆 Server 功能(&O) -S_UDP 監聽 OpenVPN 的 UDP 埠: -B_DEFAULT 恢復預設值(&D) -S_UDP2 多重 UDP 埠可以用空格或者逗號隔開的字母來指定。 \r\nOpenVPN Server 功能也可以在 TCP 埠上運行。任何在 VPN Server 上被定義為監聽端的 TCP 埠都可以平等的、分別的接受 OpenVPN 協議。 S_TOOL OpenVPN Client 的示例文件生成工具 S_TOOL2 創建一個 OpenVPN Client 配置是一項艱難的工作。您可以使用此工具來生成一個合適的 OpenVPN Client 設定檔。生成的配置示例檔可馬上應用。本來,OpenVPN Client 會要求客戶手寫一個很難的設定檔。這個工具就可以説明您創建一個有用的配置樣本。您所需要為 OpenVPN Client 生成的設定檔就是點擊以下按鈕。 B_CONFIG 為 OpenVPN Client 生成配置樣本檔(&C) From f7f6eeec44db030ff8ff30b950e998f91c625800 Mon Sep 17 00:00:00 2001 From: Davide Beatrici Date: Wed, 20 May 2020 03:51:32 +0200 Subject: [PATCH 7/7] .ci/start-se-openvpn.sh: use new vpncmd command to set the UDP port --- .ci/start-se-openvpn.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.ci/start-se-openvpn.sh b/.ci/start-se-openvpn.sh index afd32939..a000a3d5 100755 --- a/.ci/start-se-openvpn.sh +++ b/.ci/start-se-openvpn.sh @@ -5,7 +5,8 @@ set -eux build/vpnserver start build/vpncmd 127.0.0.1:443 /SERVER /HUB:DEFAULT /CMD:SecureNatEnable -build/vpncmd 127.0.0.1:443 /SERVER /CMD:"OpenVpnEnable yes /PORTS:1194" +build/vpncmd 127.0.0.1:443 /SERVER /CMD:"OpenVpnEnable yes" +build/vpncmd 127.0.0.1:443 /SERVER /CMD:"PortsUDPSet 1194" build/vpncmd 127.0.0.1:443 /SERVER /HUB:DEFAULT /CMD:"UserCreate test /GROUP:none /REALNAME:none /NOTE:none" build/vpncmd 127.0.0.1:443 /SERVER /HUB:DEFAULT /CMD:"UserPasswordSet test /PASSWORD:test" build/vpncmd 127.0.0.1:443 /SERVER /CMD:"OpenVpnMakeConfig ~/my_openvpn_config.zip"