From 5209b310e3375d9673805aeb04551480d0b04bb0 Mon Sep 17 00:00:00 2001 From: Davide Beatrici Date: Tue, 21 Jul 2020 03:24:53 +0200 Subject: [PATCH] Cedar/Command: add ProtoOptionsGet and ProtoOptionsSet commands ProtoOptionsGet command - Lists the options for the specified protocol Help for command "ProtoOptionsGet" Purpose: Lists the options for the specified protocol Description: This command can be used to retrieve the options for a specific protocol. Detailed info (e.g. value type) will be shown. You can change an option's value with the ProtoOptionsSet command. Usage: ProtoOptionsGet [protocol] Parameters: protocol - Protocol name. ProtoOptionsSet command - Sets an option's value for the specified protocol Help for command "ProtoOptionsSet" Purpose: Sets an option's value for the specified protocol Description: This command can be used to change an option's value for a specific protocol. You can retrieve the options using the ProtoOptionsGet command. To execute this command, you must have VPN Server administrator privileges. Usage: ProtoOptionsSet [protocol] [/NAME:option_name] [/VALUE:string/true/false] Parameters: protocol - Protocol name. /NAME - Option name. /VALUE - Option value. Make sure to write a value that is accepted by the specified protocol! --- src/Cedar/Command.c | 159 +++++++++++++++++++++++++++++ src/Cedar/Command.h | 2 + src/bin/hamcore/strtable_cn.stb | 31 ++++++ src/bin/hamcore/strtable_en.stb | 29 ++++++ src/bin/hamcore/strtable_ja.stb | 31 ++++++ src/bin/hamcore/strtable_ko.stb | 30 ++++++ src/bin/hamcore/strtable_pt_br.stb | 30 ++++++ src/bin/hamcore/strtable_ru.stb | 30 ++++++ src/bin/hamcore/strtable_tw.stb | 30 ++++++ 9 files changed, 372 insertions(+) diff --git a/src/Cedar/Command.c b/src/Cedar/Command.c index 5d6fc140..17ef75f1 100644 --- a/src/Cedar/Command.c +++ b/src/Cedar/Command.c @@ -7352,6 +7352,8 @@ void PsMain(PS *ps) {"ListenerDisable", PsListenerDisable}, {"PortsUDPGet", PsPortsUDPGet}, {"PortsUDPSet", PsPortsUDPSet}, + {"ProtoOptionsGet", PsProtoOptionsGet}, + {"ProtoOptionsSet", PsProtoOptionsSet}, {"ServerPasswordSet", PsServerPasswordSet}, {"ClusterSettingGet", PsClusterSettingGet}, {"ClusterSettingStandalone", PsClusterSettingStandalone}, @@ -22840,6 +22842,163 @@ UINT PsPortsUDPGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param) return ret; } +// Configure an option for the specified protocol (TODO: ability to set multiple options in a single call) +UINT PsProtoOptionsSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param) +{ + LIST *o; + PS *ps = (PS *)param; + UINT ret; + RPC_PROTO_OPTIONS t; + PARAM args[] = + { + {"[protocol]", CmdPrompt, _UU("CMD_ProtoOptionsSet_Prompt_[protocol]"), CmdEvalNotEmpty, NULL}, + {"NAME", CmdPrompt, _UU("CMD_ProtoOptionsSet_Prompt_NAME"), CmdEvalNotEmpty, NULL}, + {"VALUE", CmdPrompt, _UU("CMD_ProtoOptionsSet_Prompt_VALUE"), NULL, NULL} + }; + + o = ParseCommandList(c, cmd_name, str, args, sizeof(args) / sizeof(args[0])); + if (o == NULL) + { + return ERR_INVALID_PARAMETER; + } + + Zero(&t, sizeof(t)); + t.Protocol = CopyStr(GetParamStr(o, "[protocol]")); + + ret = ScGetProtoOptions(ps->Rpc, &t); + + if (ret == ERR_NO_ERROR) + { + UINT i; + bool found = false; + + for (i = 0; i < t.Num; ++i) + { + PROTO_OPTION *option = &t.Options[i]; + if (StrCmpi(option->Name, GetParamStr(o, "NAME")) != 0) + { + continue; + } + + found = true; + + switch (option->Type) + { + case PROTO_OPTION_STRING: + Free(option->String); + option->String = CopyStr(GetParamStr(o, "VALUE")); + break; + case PROTO_OPTION_BOOL: + option->Bool = GetParamYes(o, "VALUE"); + break; + default: + ret = ERR_INTERNAL_ERROR; + } + + if (ret == ERR_NO_ERROR) + { + ret = ScSetProtoOptions(ps->Rpc, &t); + } + + break; + } + + if (found == false) + { + ret = ERR_OBJECT_NOT_FOUND; + } + } + + if (ret != ERR_NO_ERROR) + { + CmdPrintError(c, ret); + } + + FreeRpcProtoOptions(&t); + FreeParamValueList(o); + + return ret; +} + +// List available options for the specified protocol +UINT PsProtoOptionsGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param) +{ + LIST *o; + PS *ps = (PS *)param; + UINT ret; + RPC_PROTO_OPTIONS t; + PARAM args[] = + { + {"[protocol]", CmdPrompt, _UU("CMD_ProtoOptionsGet_Prompt_[protocol]"), CmdEvalNotEmpty, NULL} + }; + + o = ParseCommandList(c, cmd_name, str, args, sizeof(args) / sizeof(args[0])); + if (o == NULL) + { + return ERR_INVALID_PARAMETER; + } + + Zero(&t, sizeof(t)); + t.Protocol = CopyStr(GetParamStr(o, "[protocol]")); + + FreeParamValueList(o); + + ret = ScGetProtoOptions(ps->Rpc, &t); + if (ret == ERR_NO_ERROR) + { + UINT i; + CT *ct = CtNew(); + CtInsertColumn(ct, _UU("CMD_ProtoOptionsGet_Column_Name"), false); + CtInsertColumn(ct, _UU("CMD_ProtoOptionsGet_Column_Type"), false); + CtInsertColumn(ct, _UU("CMD_ProtoOptionsGet_Column_Value"), false); + CtInsertColumn(ct, _UU("CMD_ProtoOptionsGet_Column_Description"), false); + + for (i = 0; i < t.Num; ++i) + { + char description_str_key[MAX_SIZE]; + const PROTO_OPTION *option = &t.Options[i]; + wchar_t *value, *type, *name = CopyStrToUni(option->Name); + + switch (option->Type) + { + case PROTO_OPTION_BOOL: + type = L"Boolean"; + value = option->Bool ? L"True" : L"False"; + break; + case PROTO_OPTION_STRING: + type = L"String"; + value = CopyStrToUni(option->String); + break; + default: + Debug("StGetProtoOptions(): unhandled option type %u!\n", option->Type); + Free(name); + continue; + } + + Format(description_str_key, sizeof(description_str_key), "CMD_ProtoOptions_Description_%s_%s", t.Protocol, option->Name); + + CtInsert(ct, name, type, value, _UU(description_str_key)); + + if (option->Type == PROTO_OPTION_STRING) + { + Free(value); + } + + Free(name); + } + + CtFree(ct, c); + } + else + { + CmdPrintError(c, ret); + } + + FreeRpcProtoOptions(&t); + + return ret; +} + // Draw a row of console table void CtPrintRow(CONSOLE *c, UINT num, UINT *widths, wchar_t **strings, bool *rights, char separate_char) { diff --git a/src/Cedar/Command.h b/src/Cedar/Command.h index 3fd66331..75081370 100644 --- a/src/Cedar/Command.h +++ b/src/Cedar/Command.h @@ -395,6 +395,8 @@ UINT PsListenerEnable(CONSOLE *c, char *cmd_name, wchar_t *str, void *param); UINT PsListenerDisable(CONSOLE *c, char *cmd_name, wchar_t *str, void *param); UINT PsPortsUDPSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param); UINT PsPortsUDPGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param); +UINT PsProtoOptionsSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param); +UINT PsProtoOptionsGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param); UINT PsServerPasswordSet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param); UINT PsClusterSettingGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param); UINT PsClusterSettingStandalone(CONSOLE *c, char *cmd_name, wchar_t *str, void *param); diff --git a/src/bin/hamcore/strtable_cn.stb b/src/bin/hamcore/strtable_cn.stb index 226bc034..3f38bf71 100644 --- a/src/bin/hamcore/strtable_cn.stb +++ b/src/bin/hamcore/strtable_cn.stb @@ -4581,6 +4581,37 @@ CMD_PortsUDPGet_Args PortsUDPGet CMD_PortsUDPGet_Ports UDP ports +# ProtoOptionsSet 命令 +CMD_ProtoOptionsSet Sets an option's value for the specified protocol +CMD_ProtoOptionsSet_Help This command can be used to change an option's value for a specific protocol. \nYou can retrieve the options using the ProtoOptionsGet command. \nTo execute this command, you must have VPN Server administrator privileges. +CMD_ProtoOptionsSet_Args ProtoOptionsSet [protocol] [/NAME:option_name] [/VALUE:string/true/false] +CMD_ProtoOptionsSet_[protocol] Protocol name. +CMD_ProtoOptionsSet_NAME Option name. +CMD_ProtoOptionsSet_VALUE Option value. Make sure to write a value that is accepted by the specified protocol! +CMD_ProtoOptionsSet_Prompt_[protocol] Protocol: +CMD_ProtoOptionsSet_Prompt_NAME Option: +CMD_ProtoOptionsSet_Prompt_VALUE Value: + + +# ProtoOptionsGet 命令 +CMD_ProtoOptionsGet Lists the options for the specified protocol +CMD_ProtoOptionsGet_Help This command can be used to retrieve the options for a specific protocol. \nDetailed info (e.g. value type) will be shown. \nYou can change an option's value with the ProtoOptionsSet command. +CMD_ProtoOptionsGet_Args ProtoOptionsGet [protocol] +CMD_ProtoOptionsGet_[protocol] Protocol name. +CMD_ProtoOptionsGet_Prompt_[protocol] Protocol: +CMD_ProtoOptionsGet_Column_Name Name +CMD_ProtoOptionsGet_Column_Type Type +CMD_ProtoOptionsGet_Column_Value Value +CMD_ProtoOptionsGet_Column_Description Description + + +# ProtoOptions +CMD_ProtoOptions_Description_OpenVPN_DefaultClientOption When OpenVPN is compiled without OCC code, it doesn't send the options string to the server. The original OpenVPN server still works, because the configuration is static. SoftEther VPN is heuristic and wants to support as many different configurations as possible. This option allows to define the string that is sent to clients built without OCC code, so that they can successfully connect. +CMD_ProtoOptions_Description_OpenVPN_Obfuscation This may help an OpenVPN client bypass firewalls that are aware of the protocol and block it. The same XOR mask has to be applied client-side, otherwise it will not be able to connect with certain obfuscation methods! +CMD_ProtoOptions_Description_OpenVPN_ObfuscationMask Mask used to XOR the bytes in the packet (used for certain obfuscation modes). +CMD_ProtoOptions_Description_OpenVPN_PushDummyIPv4AddressOnL2Mode There's a bug that manifests under certain circumstances on Linux. It causes the OpenVPN client to disconnect unless the TAP device is UP. This option tells the server to push a dummy IPv4 address (RFC7600) to the client, so that the TAP adapter is forced to be UP. + + # ServerPasswordSet 命令 CMD_ServerPasswordSet 设置 VPN Server 管理员密码 CMD_ServerPasswordSet_Help 这将设置 VPN Server 管理员密码。您可以指定密码为一个参数。如果密码没有指定,将显示提示输入密码和密码确认。如果指定密码为一个参数,这个密码将在屏幕上显示瞬间,这构成了风险。我们建议尽可能避免指定这个参数,使用密码提示输入密码。\n为了执行这个命令,您必须有 VPN Server 管理员权限。 diff --git a/src/bin/hamcore/strtable_en.stb b/src/bin/hamcore/strtable_en.stb index 156e2d10..29b9fdf3 100644 --- a/src/bin/hamcore/strtable_en.stb +++ b/src/bin/hamcore/strtable_en.stb @@ -4563,6 +4563,35 @@ CMD_PortsUDPGet_Args PortsUDPGet CMD_PortsUDPGet_Ports UDP ports +# ProtoOptionsSet command +CMD_ProtoOptionsSet Sets an option's value for the specified protocol +CMD_ProtoOptionsSet_Help This command can be used to change an option's value for a specific protocol. \nYou can retrieve the options using the ProtoOptionsGet command. \nTo execute this command, you must have VPN Server administrator privileges. +CMD_ProtoOptionsSet_Args ProtoOptionsSet [protocol] [/NAME:option_name] [/VALUE:string/true/false] +CMD_ProtoOptionsSet_[protocol] Protocol name. +CMD_ProtoOptionsSet_NAME Option name. +CMD_ProtoOptionsSet_VALUE Option value. Make sure to write a value that is accepted by the specified protocol! +CMD_ProtoOptionsSet_Prompt_[protocol] Protocol: +CMD_ProtoOptionsSet_Prompt_NAME Option: +CMD_ProtoOptionsSet_Prompt_VALUE Value: + + +# ProtoOptionsGet command +CMD_ProtoOptionsGet Lists the options for the specified protocol +CMD_ProtoOptionsGet_Help This command can be used to retrieve the options for a specific protocol. \nDetailed info (e.g. value type) will be shown. \nYou can change an option's value with the ProtoOptionsSet command. +CMD_ProtoOptionsGet_Args ProtoOptionsGet [protocol] +CMD_ProtoOptionsGet_[protocol] Protocol name. +CMD_ProtoOptionsGet_Prompt_[protocol] Protocol: +CMD_ProtoOptionsGet_Column_Name Name +CMD_ProtoOptionsGet_Column_Type Type +CMD_ProtoOptionsGet_Column_Value Value +CMD_ProtoOptionsGet_Column_Description Description + +# ProtoOptions +CMD_ProtoOptions_Description_OpenVPN_DefaultClientOption When OpenVPN is compiled without OCC code, it doesn't send the options string to the server. The original OpenVPN server still works, because the configuration is static. SoftEther VPN is heuristic and wants to support as many different configurations as possible. This option allows to define the string that is sent to clients built without OCC code, so that they can successfully connect. +CMD_ProtoOptions_Description_OpenVPN_Obfuscation This may help an OpenVPN client bypass firewalls that are aware of the protocol and block it. The same XOR mask has to be applied client-side, otherwise it will not be able to connect with certain obfuscation methods! +CMD_ProtoOptions_Description_OpenVPN_ObfuscationMask Mask used to XOR the bytes in the packet (used for certain obfuscation modes). +CMD_ProtoOptions_Description_OpenVPN_PushDummyIPv4AddressOnL2Mode There's a bug that manifests under certain circumstances on Linux. It causes the OpenVPN client to disconnect unless the TAP device is UP. This option tells the server to push a dummy IPv4 address (RFC7600) to the client, so that the TAP adapter is forced to be UP. + # ServerPasswordSet command CMD_ServerPasswordSet Set VPN Server Administrator Password CMD_ServerPasswordSet_Help This sets the VPN Server administrator password. You can specify the password as a parameter. If the password is not specified, a prompt will be displayed to input the password and password confirmation. If you include the password as a parameter, this password will be displayed momentarily on the screen, which poses a risk. We recommend that whenever possible, avoid specifying this parameter and input the password using the password prompt. \nTo execute this command, you must have VPN Server administrator privileges. diff --git a/src/bin/hamcore/strtable_ja.stb b/src/bin/hamcore/strtable_ja.stb index 91b05325..b6c08957 100644 --- a/src/bin/hamcore/strtable_ja.stb +++ b/src/bin/hamcore/strtable_ja.stb @@ -4566,6 +4566,37 @@ CMD_PortsUDPGet_Args PortsUDPGet CMD_PortsUDPGet_Ports UDP ポート一覧 +# ProtoOptionsSet コマンド +CMD_ProtoOptionsSet 特定のプロトコル固有のオプション値を設定します。 +CMD_ProtoOptionsSet_Help このコマンドを使用することにより、特定のプロトコル固有のオプション値を設定することができます。 \nProtoOptionsGet コマンドを使用することにより、オプション値を取得することもできます。 \nこのコマンドを実行するには、VPN Server の管理者権限が必要です。 +CMD_ProtoOptionsSet_Args ProtoOptionsSet [protocol] [/NAME:option_name] [/VALUE:string/true/false] +CMD_ProtoOptionsSet_[protocol] プロトコル名 +CMD_ProtoOptionsSet_NAME オプション名 +CMD_ProtoOptionsSet_VALUE オプション値 (対象のプロトコルで対応している値を指定してください) +CMD_ProtoOptionsSet_Prompt_[protocol] プロトコル: +CMD_ProtoOptionsSet_Prompt_NAME オプション: +CMD_ProtoOptionsSet_Prompt_VALUE 値: + + +# ProtoOptionsGet コマンド +CMD_ProtoOptionsGet 指定されたプロトコル固有のオプション値を表示します。 +CMD_ProtoOptionsGet_Help このコマンドを使用することにより、特定のプロトコル固有のオプション値を取得することができます。 \n詳細な情報 (例: 値の型) が表示されます。オプション値を設定するには、ProtoOptionsSet コマンドを使用してください。 +CMD_ProtoOptionsGet_Args ProtoOptionsGet [protocol] +CMD_ProtoOptionsGet_[protocol] プロトコル名 +CMD_ProtoOptionsGet_Prompt_[protocol] プロトコル: +CMD_ProtoOptionsGet_Column_Name 名前 +CMD_ProtoOptionsGet_Column_Type 型 +CMD_ProtoOptionsGet_Column_Value 値 +CMD_ProtoOptionsGet_Column_Description 説明 + + +# ProtoOptions +CMD_ProtoOptions_Description_OpenVPN_DefaultClientOption OpenVPN の OCC codeRT 版以外の場合は、OpenVPN はサーバーに対してオプション文字列を送信しません。OpenVPN サーバーのオリジナル版は、オプションを固定で指定する仕組みになっているため、その場合でも動作します。一方、SoftEther VPN は、様々なオプションを動的に設定することができる機能を有しております。そこで、このオプションを使用することにより、OCC code なしでビルドされた OpenVPN に対してデフォルトの静的オプション文字列を送付することができるようになります。これにより、OCC code なしでビルドされた OpenVPN からの接続が成功するようになります。 +CMD_ProtoOptions_Description_OpenVPN_Obfuscation OpenVPN クライアントが検閲用ファイアウォールを回避するための難読化コードを設定します。クライアント側とサーバー側では、同一の XOR マスクを設定する必要があります。コードが異なると、接続ができません。 +CMD_ProtoOptions_Description_OpenVPN_ObfuscationMask パケットで使用される XOR マスクを指定します。OpenVPN クライアントが検閲用ファイアウォールを回避するための難読化コードとして使用されます。 +CMD_ProtoOptions_Description_OpenVPN_PushDummyIPv4AddressOnL2Mode Linux における特定の状況下では manifests に不具合があります。この不具合により、OpenVPN クライアントは TAP デバイスが UP 状態であるにもかかわらず、切断状態となります。このオプションを使用することにより、VPN サーバーは、ダミーの IPv4 アドレス (RFC7600 で規定) をクライアントに対してプッシュ送信することができるようになります。これにより、TAP アダプタが常に UP 状態になります。 + + # ServerPasswordSet コマンド CMD_ServerPasswordSet VPN Server の管理者パスワードの設定 CMD_ServerPasswordSet_Help VPN Server の管理者パスワードを設定します。パラメータとしてパスワードを指定することができます。パラメータを指定しない場合は、パスワードと、その確認入力を行なうためのプロンプトが表示されます。パスワードをパラメータに与えた場合、そのパスワードが一時的に画面に表示されるため危険です。できる限り、パラメータを指定せずに、パスワードプロンプトを用いてパスワードを入力することを推奨します。\nこのコマンドを実行するには、VPN Server の管理者権限が必要です。 diff --git a/src/bin/hamcore/strtable_ko.stb b/src/bin/hamcore/strtable_ko.stb index 18436b92..221f668e 100644 --- a/src/bin/hamcore/strtable_ko.stb +++ b/src/bin/hamcore/strtable_ko.stb @@ -4544,6 +4544,36 @@ CMD_PortsUDPGet_Args PortsUDPGet CMD_PortsUDPGet_Ports UDP ports +# ProtoOptionsSet 명령 +CMD_ProtoOptionsSet Sets an option's value for the specified protocol +CMD_ProtoOptionsSet_Help This command can be used to change an option's value for a specific protocol. \nYou can retrieve the options using the ProtoOptionsGet command. \nTo execute this command, you must have VPN Server administrator privileges. +CMD_ProtoOptionsSet_Args ProtoOptionsSet [protocol] [/NAME:option_name] [/VALUE:string/true/false] +CMD_ProtoOptionsSet_[protocol] Protocol name. +CMD_ProtoOptionsSet_NAME Option name. +CMD_ProtoOptionsSet_VALUE Option value. Make sure to write a value that is accepted by the specified protocol! +CMD_ProtoOptionsSet_Prompt_[protocol] Protocol: +CMD_ProtoOptionsSet_Prompt_NAME Option: +CMD_ProtoOptionsSet_Prompt_VALUE Value: + + +# ProtoOptionsGet 명령 +CMD_ProtoOptionsGet Lists the options for the specified protocol +CMD_ProtoOptionsGet_Help This command can be used to retrieve the options for a specific protocol. \nDetailed info (e.g. value type) will be shown. \nYou can change an option's value with the ProtoOptionsSet command. +CMD_ProtoOptionsGet_Args ProtoOptionsGet [protocol] +CMD_ProtoOptionsGet_[protocol] Protocol name. +CMD_ProtoOptionsGet_Prompt_[protocol] Protocol: +CMD_ProtoOptionsGet_Column_Name Name +CMD_ProtoOptionsGet_Column_Type Type +CMD_ProtoOptionsGet_Column_Value Value +CMD_ProtoOptionsGet_Column_Description Description + +# ProtoOptions +CMD_ProtoOptions_Description_OpenVPN_DefaultClientOption When OpenVPN is compiled without OCC code, it doesn't send the options string to the server. The original OpenVPN server still works, because the configuration is static. SoftEther VPN is heuristic and wants to support as many different configurations as possible. This option allows to define the string that is sent to clients built without OCC code, so that they can successfully connect. +CMD_ProtoOptions_Description_OpenVPN_Obfuscation This may help an OpenVPN client bypass firewalls that are aware of the protocol and block it. The same XOR mask has to be applied client-side, otherwise it will not be able to connect with certain obfuscation methods! +CMD_ProtoOptions_Description_OpenVPN_ObfuscationMask Mask used to XOR the bytes in the packet (used for certain obfuscation modes). +CMD_ProtoOptions_Description_OpenVPN_PushDummyIPv4AddressOnL2Mode There's a bug that manifests under certain circumstances on Linux. It causes the OpenVPN client to disconnect unless the TAP device is UP. This option tells the server to push a dummy IPv4 address (RFC7600) to the client, so that the TAP adapter is forced to be UP. + + # ServerPasswordSet 명령 CMD_ServerPasswordSet VPN Server 관리자 암호 설정 CMD_ServerPasswordSet_Help VPN Server 관리자 암호를 설정합니다. 매개 변수로 암호를 지정 할 수 있습니다. 매개 변수를 지정하지 않으면, 패스워드와 그 확인 입력을위한 프롬프트가 표시됩니다. 비밀번호를 매개 변수로 주었을 경우, 암호가 일시적으로 화면에 표시되기 때문에 위험합니다. 가능한 매개 변수를 지정하지 않고 암호 프롬프트를 사용하여 암호를 입력 할 것을 권장합니다. \n이 명령을 실행하려면 VPN Server 관리자 권한이 있어야합니다. diff --git a/src/bin/hamcore/strtable_pt_br.stb b/src/bin/hamcore/strtable_pt_br.stb index 953d329c..6252a619 100644 --- a/src/bin/hamcore/strtable_pt_br.stb +++ b/src/bin/hamcore/strtable_pt_br.stb @@ -4285,6 +4285,36 @@ CMD_PortsUDPGet_Args PortsUDPGet CMD_PortsUDPGet_Ports UDP ports +# ProtoOptionsSet command +CMD_ProtoOptionsSet Sets an option's value for the specified protocol +CMD_ProtoOptionsSet_Help This command can be used to change an option's value for a specific protocol. \nYou can retrieve the options using the ProtoOptionsGet command. \nTo execute this command, you must have VPN Server administrator privileges. +CMD_ProtoOptionsSet_Args ProtoOptionsSet [protocol] [/NAME:option_name] [/VALUE:string/true/false] +CMD_ProtoOptionsSet_[protocol] Protocol name. +CMD_ProtoOptionsSet_NAME Option name. +CMD_ProtoOptionsSet_VALUE Option value. Make sure to write a value that is accepted by the specified protocol! +CMD_ProtoOptionsSet_Prompt_[protocol] Protocol: +CMD_ProtoOptionsSet_Prompt_NAME Option: +CMD_ProtoOptionsSet_Prompt_VALUE Value: + + +# ProtoOptionsGet command +CMD_ProtoOptionsGet Lists the options for the specified protocol +CMD_ProtoOptionsGet_Help This command can be used to retrieve the options for a specific protocol. \nDetailed info (e.g. value type) will be shown. \nYou can change an option's value with the ProtoOptionsSet command. +CMD_ProtoOptionsGet_Args ProtoOptionsGet [protocol] +CMD_ProtoOptionsGet_[protocol] Protocol name. +CMD_ProtoOptionsGet_Prompt_[protocol] Protocol: +CMD_ProtoOptionsGet_Column_Name Name +CMD_ProtoOptionsGet_Column_Type Type +CMD_ProtoOptionsGet_Column_Value Value +CMD_ProtoOptionsGet_Column_Description Description + +# ProtoOptions +CMD_ProtoOptions_Description_OpenVPN_DefaultClientOption When OpenVPN is compiled without OCC code, it doesn't send the options string to the server. The original OpenVPN server still works, because the configuration is static. SoftEther VPN is heuristic and wants to support as many different configurations as possible. This option allows to define the string that is sent to clients built without OCC code, so that they can successfully connect. +CMD_ProtoOptions_Description_OpenVPN_Obfuscation This may help an OpenVPN client bypass firewalls that are aware of the protocol and block it. The same XOR mask has to be applied client-side, otherwise it will not be able to connect with certain obfuscation methods! +CMD_ProtoOptions_Description_OpenVPN_ObfuscationMask Mask used to XOR the bytes in the packet (used for certain obfuscation modes). +CMD_ProtoOptions_Description_OpenVPN_PushDummyIPv4AddressOnL2Mode There's a bug that manifests under certain circumstances on Linux. It causes the OpenVPN client to disconnect unless the TAP device is UP. This option tells the server to push a dummy IPv4 address (RFC7600) to the client, so that the TAP adapter is forced to be UP. + + # ServerPasswordSet command CMD_ServerPasswordSet Set VPN Server Administrator Password CMD_ServerPasswordSet_Help This sets the VPN Server administrator password. You can specify the password as a parameter. If the password is not specified, a prompt will be displayed to input the password and password confirmation. If you include the password as a parameter, this password will be displayed momentarily on the screen, which poses a risk. We recommend that whenever possible, avoid specifying this parameter and input the password using the password prompt. \nTo execute this command, you must have VPN Server administrator privileges. diff --git a/src/bin/hamcore/strtable_ru.stb b/src/bin/hamcore/strtable_ru.stb index cd851a48..6a34ebec 100644 --- a/src/bin/hamcore/strtable_ru.stb +++ b/src/bin/hamcore/strtable_ru.stb @@ -4563,6 +4563,36 @@ CMD_PortsUDPGet_Args PortsUDPGet CMD_PortsUDPGet_Ports UDP ports +# ProtoOptionsSet command +CMD_ProtoOptionsSet Sets an option's value for the specified protocol +CMD_ProtoOptionsSet_Help This command can be used to change an option's value for a specific protocol. \nYou can retrieve the options using the ProtoOptionsGet command. \nTo execute this command, you must have VPN Server administrator privileges. +CMD_ProtoOptionsSet_Args ProtoOptionsSet [protocol] [/NAME:option_name] [/VALUE:string/true/false] +CMD_ProtoOptionsSet_[protocol] Protocol name. +CMD_ProtoOptionsSet_NAME Option name. +CMD_ProtoOptionsSet_VALUE Option value. Make sure to write a value that is accepted by the specified protocol! +CMD_ProtoOptionsSet_Prompt_[protocol] Protocol: +CMD_ProtoOptionsSet_Prompt_NAME Option: +CMD_ProtoOptionsSet_Prompt_VALUE Value: + + +# ProtoOptionsGet command +CMD_ProtoOptionsGet Lists the options for the specified protocol +CMD_ProtoOptionsGet_Help This command can be used to retrieve the options for a specific protocol. \nDetailed info (e.g. value type) will be shown. \nYou can change an option's value with the ProtoOptionsSet command. +CMD_ProtoOptionsGet_Args ProtoOptionsGet [protocol] +CMD_ProtoOptionsGet_[protocol] Protocol name. +CMD_ProtoOptionsGet_Prompt_[protocol] Protocol: +CMD_ProtoOptionsGet_Column_Name Name +CMD_ProtoOptionsGet_Column_Type Type +CMD_ProtoOptionsGet_Column_Value Value +CMD_ProtoOptionsGet_Column_Description Description + +# ProtoOptions +CMD_ProtoOptions_Description_OpenVPN_DefaultClientOption When OpenVPN is compiled without OCC code, it doesn't send the options string to the server. The original OpenVPN server still works, because the configuration is static. SoftEther VPN is heuristic and wants to support as many different configurations as possible. This option allows to define the string that is sent to clients built without OCC code, so that they can successfully connect. +CMD_ProtoOptions_Description_OpenVPN_Obfuscation This may help an OpenVPN client bypass firewalls that are aware of the protocol and block it. The same XOR mask has to be applied client-side, otherwise it will not be able to connect with certain obfuscation methods! +CMD_ProtoOptions_Description_OpenVPN_ObfuscationMask Mask used to XOR the bytes in the packet (used for certain obfuscation modes). +CMD_ProtoOptions_Description_OpenVPN_PushDummyIPv4AddressOnL2Mode There's a bug that manifests under certain circumstances on Linux. It causes the OpenVPN client to disconnect unless the TAP device is UP. This option tells the server to push a dummy IPv4 address (RFC7600) to the client, so that the TAP adapter is forced to be UP. + + # ServerPasswordSet command CMD_ServerPasswordSet Set VPN Server Administrator Password CMD_ServerPasswordSet_Help This sets the VPN Server administrator password. You can specify the password as a parameter. If the password is not specified, a prompt will be displayed to input the password and password confirmation. If you include the password as a parameter, this password will be displayed momentarily on the screen, which poses a risk. We recommend that whenever possible, avoid specifying this parameter and input the password using the password prompt. \nTo execute this command, you must have VPN Server administrator privileges. diff --git a/src/bin/hamcore/strtable_tw.stb b/src/bin/hamcore/strtable_tw.stb index e816409a..f05983b1 100644 --- a/src/bin/hamcore/strtable_tw.stb +++ b/src/bin/hamcore/strtable_tw.stb @@ -4582,6 +4582,36 @@ CMD_PortsUDPGet_Args PortsUDPGet CMD_PortsUDPGet_Ports UDP ports +# ProtoOptionsSet 命令 +CMD_ProtoOptionsSet Sets an option's value for the specified protocol +CMD_ProtoOptionsSet_Help This command can be used to change an option's value for a specific protocol. \nYou can retrieve the options using the ProtoOptionsGet command. \nTo execute this command, you must have VPN Server administrator privileges. +CMD_ProtoOptionsSet_Args ProtoOptionsSet [protocol] [/NAME:option_name] [/VALUE:string/true/false] +CMD_ProtoOptionsSet_[protocol] Protocol name. +CMD_ProtoOptionsSet_NAME Option name. +CMD_ProtoOptionsSet_VALUE Option value. Make sure to write a value that is accepted by the specified protocol! +CMD_ProtoOptionsSet_Prompt_[protocol] Protocol: +CMD_ProtoOptionsSet_Prompt_NAME Option: +CMD_ProtoOptionsSet_Prompt_VALUE Value: + + +# ProtoOptionsGet 命令 +CMD_ProtoOptionsGet Lists the options for the specified protocol +CMD_ProtoOptionsGet_Help This command can be used to retrieve the options for a specific protocol. \nDetailed info (e.g. value type) will be shown. \nYou can change an option's value with the ProtoOptionsSet command. +CMD_ProtoOptionsGet_Args ProtoOptionsGet [protocol] +CMD_ProtoOptionsGet_[protocol] Protocol name. +CMD_ProtoOptionsGet_Prompt_[protocol] Protocol: +CMD_ProtoOptionsGet_Column_Name Name +CMD_ProtoOptionsGet_Column_Type Type +CMD_ProtoOptionsGet_Column_Value Value +CMD_ProtoOptionsGet_Column_Description Description + +# ProtoOptions +CMD_ProtoOptions_Description_OpenVPN_DefaultClientOption When OpenVPN is compiled without OCC code, it doesn't send the options string to the server. The original OpenVPN server still works, because the configuration is static. SoftEther VPN is heuristic and wants to support as many different configurations as possible. This option allows to define the string that is sent to clients built without OCC code, so that they can successfully connect. +CMD_ProtoOptions_Description_OpenVPN_Obfuscation This may help an OpenVPN client bypass firewalls that are aware of the protocol and block it. The same XOR mask has to be applied client-side, otherwise it will not be able to connect with certain obfuscation methods! +CMD_ProtoOptions_Description_OpenVPN_ObfuscationMask Mask used to XOR the bytes in the packet (used for certain obfuscation modes). +CMD_ProtoOptions_Description_OpenVPN_PushDummyIPv4AddressOnL2Mode There's a bug that manifests under certain circumstances on Linux. It causes the OpenVPN client to disconnect unless the TAP device is UP. This option tells the server to push a dummy IPv4 address (RFC7600) to the client, so that the TAP adapter is forced to be UP. + + # ServerPasswordSet 命令 CMD_ServerPasswordSet 設置 VPN Server 管理員密碼 CMD_ServerPasswordSet_Help 這將設置 VPN Server 管理員密碼。您可以指定密碼為一個參數。如果密碼沒有指定,將顯示提示輸入密碼和密碼確認。如果指定密碼為一個參數,這個密碼將在螢幕上顯示瞬間,這構成了風險。我們建議盡可能避免指定這個參數,使用密碼提示輸入密碼。\n為了執行這個命令,您必須有 VPN Server 管理員許可權。