"management_query_passwords",
0,
translate("Query management channel for private key") },
- -- managemnet
+ -- management
{ Flag,
"management_hold",
0,
"server",
"10.200.200.0 255.255.255.0",
translate("Configure server mode"),
- { server_mode="1" } },
+ { client="0" }, { client="" } },
{ Value,
"server_bridge",
"10.200.200.1 255.255.255.0 10.200.200.200 10.200.200.250",
translate("Configure server bridge"),
- { server_mode="1" } },
+ { client="0" }, { client="" } },
{ DynamicList,
"push",
{ "redirect-gateway", "comp-lzo" },
translate("Push options to peer"),
- { server_mode="1" } },
+ { client="0" }, { client="" } },
{ Flag,
"push_reset",
0,
translate("Don't inherit global push options"),
- { server_mode="1" } },
+ { client="0" }, { client="" } },
{ Flag,
"disable",
0,
translate("Client is disabled"),
- { server_mode="1" } },
+ { client="0" }, { client="" } },
{ Value,
"ifconfig_pool",
"10.200.200.100 10.200.200.150 255.255.255.0",
translate("Set aside a pool of subnets"),
- { server_mode="1" } },
+ { client="0" }, { client="" } },
{ Value,
"ifconfig_pool_persist",
"/etc/openvpn/ipp.txt 600",
translate("Persist/unpersist ifconfig-pool"),
- { server_mode="1" } },
+ { client="0" }, { client="" } },
-- deprecated and replaced by --topology p2p
-- { Flag,
-- "ifconfig_pool_linear",
-- 0,
-- translate("Use individual addresses rather than /30 subnets"),
- -- { server_mode="1" } },
+ -- { client="0" }, { client="" } },
{ Value,
"ifconfig_push",
"10.200.200.1 255.255.255.255",
translate("Push an ifconfig option to remote"),
- { server_mode="1" } },
+ { client="0" }, { client="" } },
{ Value,
"iroute",
"10.200.200.0 255.255.255.0",
translate("Route subnet to client"),
- { server_mode="1" } },
+ { client="0" }, { client="" } },
{ Flag,
"client_to_client",
0,
translate("Allow client-to-client traffic"),
- { server_mode="1" } },
+ { client="0" }, { client="" } },
{ Flag,
"duplicate_cn",
0,
translate("Allow multiple clients with same certificate"),
- { server_mode="1" } },
+ { client="0" }, { client="" } },
{ Value,
"client_config_dir",
"/etc/openvpn/ccd",
translate("Directory for custom client config files"),
- { server_mode="1" } },
+ { client="0" }, { client="" } },
{ Flag,
"ccd_exclusive",
0,
translate("Refuse connection if no custom client config"),
- { server_mode="1" } },
+ { client="0" }, { client="" } },
{ Value,
"tmp_dir",
"/var/run/openvpn",
translate("Temporary directory for client-connect return file"),
- { server_mode="1" } },
+ { client="0" }, { client="" } },
{ Value,
"hash_size",
"256 256",
translate("Set size of real and virtual address hash tables"),
- { server_mode="1" } },
+ { client="0" }, { client="" } },
{ Value,
"bcast_buffers",
256,
translate("Number of allocated broadcast buffers"),
- { server_mode="1" } },
+ { client="0" }, { client="" } },
{ Value,
"tcp_queue_limit",
64,
translate("Maximum number of queued TCP output packets"),
- { server_mode="1" } },
+ { client="0" }, { client="" } },
{ Value,
"max_clients",
10,
translate("Allowed maximum of connected clients"),
- { server_mode="1" } },
+ { client="0" }, { client="" } },
{ Value,
"max_routes_per_client",
256,
translate("Allowed maximum of internal"),
- { server_mode="1" } },
+ { client="0" }, { client="" } },
{ Value,
"connect_freq",
"3 10",
translate("Allowed maximum of new connections"),
- { server_mode="1" } },
+ { client="0" }, { client="" } },
{ Flag,
"client_cert_not_required",
0,
translate("Don't require client certificate"),
- { server_mode="1" } },
+ { client="0" }, { client="" } },
{ Flag,
"username_as_common_name",
0,
translate("Use username as common name"),
- { server_mode="1" } },
+ { client="0" }, { client="" } },
{ Flag,
"client",
0,
- translate("Configure client mode"),
- { server_mode="0" }, { server_mode="" } },
+ translate("Configure client mode") },
{ Flag,
"pull",
0,
{ client="1" } },
{ Flag,
"remote_random",
- 1,
+ 0,
translate("Randomly choose remote server"),
{ client="1" } },
{ ListValue,
{ Flag,
"tls_server",
0,
- translate("Enable TLS and assume server role"), { tls_client="" }, { tls_client="0" } },
+ translate("Enable TLS and assume server role"),
+ { tls_client="" }, { tls_client="0" } },
{ Flag,
"tls_client",
0,
- translate("Enable TLS and assume client role"), { tls_server="" }, { tls_server="0" } },
+ translate("Enable TLS and assume client role"),
+ { tls_server="" }, { tls_server="0" } },
{ FileUpload,
"ca",
"/etc/easy-rsa/keys/ca.crt",
"tls_auth",
"/etc/openvpn/tlsauth.key",
translate("Additional authentication over TLS") },
+ { Value,
+ "tls_crypt",
+ "/etc/openvpn/tlscrypt.key",
+ translate("Encrypt and authenticate all control channel packets with the key") },
-- { Value,
-- "askpass",
-- "[file]",