Linux ubuntu 6.8.0-90-generic #91-Ubuntu SMP PREEMPT_DYNAMIC Tue Nov 18 14:14:30 UTC 2025 x86_64
nginx/1.24.0
: 67.217.245.49 | : 216.73.216.153
Cant Read [ /etc/named.conf ]
8.3.6
www-data
Bypass.pw
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
Backdoor Scanner
Backdoor Create
Alfa Webshell
CPANEL RESET
CREATE WP USER
README
+ Create Folder
+ Create File
/
usr /
share /
augeas /
lenses /
dist /
[ HOME SHELL ]
Name
Size
Permission
Action
tests
[ DIR ]
drwxr-xr-x
access.aug
3.58
KB
-rw-r--r--
activemq_conf.aug
1.47
KB
-rw-r--r--
activemq_xml.aug
864
B
-rw-r--r--
afs_cellalias.aug
1.56
KB
-rw-r--r--
aliases.aug
2.18
KB
-rw-r--r--
anaconda.aug
775
B
-rw-r--r--
anacron.aug
2.49
KB
-rw-r--r--
approx.aug
1.26
KB
-rw-r--r--
apt_update_manager.aug
1.11
KB
-rw-r--r--
aptcacherngsecurity.aug
726
B
-rw-r--r--
aptconf.aug
3.9
KB
-rw-r--r--
aptpreferences.aug
1.79
KB
-rw-r--r--
aptsources.aug
1.98
KB
-rw-r--r--
authinfo2.aug
1.44
KB
-rw-r--r--
authorized_keys.aug
1.84
KB
-rw-r--r--
authselectpam.aug
3.7
KB
-rw-r--r--
automaster.aug
3.31
KB
-rw-r--r--
automounter.aug
4.05
KB
-rw-r--r--
avahi.aug
1.38
KB
-rw-r--r--
backuppchosts.aug
1014
B
-rw-r--r--
bbhosts.aug
4.24
KB
-rw-r--r--
bootconf.aug
3.65
KB
-rw-r--r--
build.aug
16.65
KB
-rw-r--r--
cachefilesd.aug
2
KB
-rw-r--r--
carbon.aug
1.54
KB
-rw-r--r--
ceph.aug
719
B
-rw-r--r--
cgconfig.aug
3.37
KB
-rw-r--r--
cgrules.aug
2.38
KB
-rw-r--r--
channels.aug
3.84
KB
-rw-r--r--
chrony.aug
13.79
KB
-rw-r--r--
clamav.aug
1.72
KB
-rw-r--r--
cmdline.aug
506
B
-rw-r--r--
cobblermodules.aug
398
B
-rw-r--r--
cobblersettings.aug
2.24
KB
-rw-r--r--
cockpit.aug
1.96
KB
-rw-r--r--
collectd.aug
869
B
-rw-r--r--
cpanel.aug
824
B
-rw-r--r--
cron.aug
4.05
KB
-rw-r--r--
cron_user.aug
1.26
KB
-rw-r--r--
crypttab.aug
3.08
KB
-rw-r--r--
csv.aug
1.18
KB
-rw-r--r--
cups.aug
459
B
-rw-r--r--
cyrus_imapd.aug
1.51
KB
-rw-r--r--
darkice.aug
773
B
-rw-r--r--
debctrl.aug
3.61
KB
-rw-r--r--
desktop.aug
1.39
KB
-rw-r--r--
devfsrules.aug
619
B
-rw-r--r--
device_map.aug
620
B
-rw-r--r--
dhclient.aug
6.69
KB
-rw-r--r--
dhcpd.aug
20.88
KB
-rw-r--r--
dns_zone.aug
2.89
KB
-rw-r--r--
dnsmasq.aug
2.16
KB
-rw-r--r--
dovecot.aug
3.98
KB
-rw-r--r--
dpkg.aug
2.78
KB
-rw-r--r--
dput.aug
2.16
KB
-rw-r--r--
erlang.aug
4.33
KB
-rw-r--r--
ethers.aug
663
B
-rw-r--r--
exports.aug
2.37
KB
-rw-r--r--
fai_diskconfig.aug
9.28
KB
-rw-r--r--
fail2ban.aug
1.79
KB
-rw-r--r--
fonts.aug
819
B
-rw-r--r--
fstab.aug
1.23
KB
-rw-r--r--
fuse.aug
871
B
-rw-r--r--
gdm.aug
1.8
KB
-rw-r--r--
getcap.aug
1.57
KB
-rw-r--r--
group.aug
1.66
KB
-rw-r--r--
grub.aug
11.05
KB
-rw-r--r--
grubenv.aug
508
B
-rw-r--r--
gshadow.aug
2.19
KB
-rw-r--r--
gtkbookmarks.aug
855
B
-rw-r--r--
host_conf.aug
1.9
KB
-rw-r--r--
hostname.aug
435
B
-rw-r--r--
hosts.aug
485
B
-rw-r--r--
hosts_access.aug
4.32
KB
-rw-r--r--
htpasswd.aug
1.02
KB
-rw-r--r--
httpd.aug
7.35
KB
-rw-r--r--
inetd.aug
6.22
KB
-rw-r--r--
inifile.aug
15.49
KB
-rw-r--r--
inittab.aug
780
B
-rw-r--r--
inputrc.aug
1.62
KB
-rw-r--r--
interfaces.aug
4.62
KB
-rw-r--r--
iproute2.aug
323
B
-rw-r--r--
iptables.aug
2.64
KB
-rw-r--r--
iscsid.aug
684
B
-rw-r--r--
jaas.aug
1.57
KB
-rw-r--r--
jettyrealm.aug
1.52
KB
-rw-r--r--
jmxaccess.aug
1.35
KB
-rw-r--r--
jmxpassword.aug
1.34
KB
-rw-r--r--
json.aug
2.15
KB
-rw-r--r--
kdump.aug
3.06
KB
-rw-r--r--
keepalived.aug
10.73
KB
-rw-r--r--
known_hosts.aug
1.93
KB
-rw-r--r--
koji.aug
898
B
-rw-r--r--
krb5.aug
6.98
KB
-rw-r--r--
ldif.aug
7.65
KB
-rw-r--r--
ldso.aug
1.06
KB
-rw-r--r--
lightdm.aug
1.75
KB
-rw-r--r--
limits.aug
2.02
KB
-rw-r--r--
login_defs.aug
615
B
-rw-r--r--
logrotate.aug
4.23
KB
-rw-r--r--
logwatch.aug
1.44
KB
-rw-r--r--
lokkit.aug
2.16
KB
-rw-r--r--
lvm.aug
2.03
KB
-rw-r--r--
mailscanner.aug
1.66
KB
-rw-r--r--
mailscanner_rules.aug
2.84
KB
-rw-r--r--
masterpasswd.aug
4.36
KB
-rw-r--r--
mcollective.aug
1.09
KB
-rw-r--r--
mdadm_conf.aug
10.05
KB
-rw-r--r--
memcached.aug
1.24
KB
-rw-r--r--
mke2fs.aug
6.29
KB
-rw-r--r--
modprobe.aug
3.34
KB
-rw-r--r--
modules.aug
741
B
-rw-r--r--
modules_conf.aug
1.04
KB
-rw-r--r--
mongodbserver.aug
1.17
KB
-rw-r--r--
monit.aug
2.13
KB
-rw-r--r--
multipath.aug
4.21
KB
-rw-r--r--
mysql.aug
1.95
KB
-rw-r--r--
nagioscfg.aug
2.09
KB
-rw-r--r--
nagiosobjects.aug
1.57
KB
-rw-r--r--
netmasks.aug
1.69
KB
-rw-r--r--
networkmanager.aug
2.18
KB
-rw-r--r--
networks.aug
1.09
KB
-rw-r--r--
nginx.aug
3.65
KB
-rw-r--r--
nrpe.aug
1.78
KB
-rw-r--r--
nslcd.aug
9.87
KB
-rw-r--r--
nsswitch.aug
2.33
KB
-rw-r--r--
ntp.aug
5.29
KB
-rw-r--r--
ntpd.aug
4.75
KB
-rw-r--r--
odbc.aug
1.42
KB
-rw-r--r--
opendkim.aug
3.1
KB
-rw-r--r--
openshift_config.aug
2.46
KB
-rw-r--r--
openshift_http.aug
1.03
KB
-rw-r--r--
openshift_quickstarts.aug
1.02
KB
-rw-r--r--
openvpn.aug
22.28
KB
-rw-r--r--
oz.aug
1.35
KB
-rw-r--r--
pagekite.aug
2.6
KB
-rw-r--r--
pam.aug
2.58
KB
-rw-r--r--
pamconf.aug
1.23
KB
-rw-r--r--
passwd.aug
3.52
KB
-rw-r--r--
pbuilder.aug
638
B
-rw-r--r--
pg_hba.aug
2.97
KB
-rw-r--r--
pgbouncer.aug
1.43
KB
-rw-r--r--
php.aug
2.34
KB
-rw-r--r--
phpvars.aug
3.85
KB
-rw-r--r--
postfix_access.aug
771
B
-rw-r--r--
postfix_main.aug
1.52
KB
-rw-r--r--
postfix_master.aug
1.9
KB
-rw-r--r--
postfix_passwordmap.aug
1.28
KB
-rw-r--r--
postfix_sasl_smtpd.aug
697
B
-rw-r--r--
postfix_transport.aug
1.48
KB
-rw-r--r--
postfix_virtual.aug
1.32
KB
-rw-r--r--
postgresql.aug
2.1
KB
-rw-r--r--
properties.aug
2.3
KB
-rw-r--r--
protocols.aug
1.05
KB
-rw-r--r--
puppet.aug
1.52
KB
-rw-r--r--
puppet_auth.aug
1.95
KB
-rw-r--r--
puppetfile.aug
2.27
KB
-rw-r--r--
puppetfileserver.aug
3.12
KB
-rw-r--r--
pylonspaste.aug
2.3
KB
-rw-r--r--
pythonpaste.aug
1.99
KB
-rw-r--r--
qpid.aug
670
B
-rw-r--r--
quote.aug
6.71
KB
-rw-r--r--
rabbitmq.aug
4.69
KB
-rw-r--r--
radicale.aug
1.48
KB
-rw-r--r--
rancid.aug
927
B
-rw-r--r--
redis.aug
6.5
KB
-rw-r--r--
reprepro_uploaders.aug
5.47
KB
-rw-r--r--
resolv.aug
4.03
KB
-rw-r--r--
rhsm.aug
1.1
KB
-rw-r--r--
rmt.aug
788
B
-rw-r--r--
rsyncd.aug
1.97
KB
-rw-r--r--
rsyslog.aug
3.27
KB
-rw-r--r--
rtadvd.aug
854
B
-rw-r--r--
rx.aug
4.2
KB
-rw-r--r--
samba.aug
1.71
KB
-rw-r--r--
schroot.aug
1.79
KB
-rw-r--r--
securetty.aug
450
B
-rw-r--r--
semanage.aug
1.02
KB
-rw-r--r--
sep.aug
1.28
KB
-rw-r--r--
services.aug
2.82
KB
-rw-r--r--
shadow.aug
2.35
KB
-rw-r--r--
shells.aug
745
B
-rw-r--r--
shellvars.aug
12.02
KB
-rw-r--r--
shellvars_list.aug
1.74
KB
-rw-r--r--
simplelines.aug
1.13
KB
-rw-r--r--
simplevars.aug
1.4
KB
-rw-r--r--
sip_conf.aug
1.61
KB
-rw-r--r--
slapd.aug
5.2
KB
-rw-r--r--
smbusers.aug
781
B
-rw-r--r--
solaris_system.aug
3.15
KB
-rw-r--r--
soma.aug
1.14
KB
-rw-r--r--
sos.aug
807
B
-rw-r--r--
spacevars.aug
1.42
KB
-rw-r--r--
splunk.aug
1.64
KB
-rw-r--r--
squid.aug
15.95
KB
-rw-r--r--
ssh.aug
4.39
KB
-rw-r--r--
sshd.aug
4.74
KB
-rw-r--r--
sssd.aug
861
B
-rw-r--r--
star.aug
941
B
-rw-r--r--
strongswan.aug
1.63
KB
-rw-r--r--
stunnel.aug
2.21
KB
-rw-r--r--
subversion.aug
2.75
KB
-rw-r--r--
sudoers.aug
20.08
KB
-rw-r--r--
sysconfig.aug
2.49
KB
-rw-r--r--
sysconfig_route.aug
2.55
KB
-rw-r--r--
sysctl.aug
1.36
KB
-rw-r--r--
syslog.aug
7.33
KB
-rw-r--r--
systemd.aug
6
KB
-rw-r--r--
termcap.aug
1.03
KB
-rw-r--r--
thttpd.aug
1.31
KB
-rw-r--r--
tinc.aug
1.08
KB
-rw-r--r--
tmpfiles.aug
3.16
KB
-rw-r--r--
toml.aug
4.24
KB
-rw-r--r--
trapperkeeper.aug
4.01
KB
-rw-r--r--
tuned.aug
387
B
-rw-r--r--
up2date.aug
2.21
KB
-rw-r--r--
updatedb.aug
1.13
KB
-rw-r--r--
util.aug
4.85
KB
-rw-r--r--
vfstab.aug
1.71
KB
-rw-r--r--
vmware_config.aug
702
B
-rw-r--r--
vsftpd.aug
2.72
KB
-rw-r--r--
webmin.aug
1.23
KB
-rw-r--r--
wine.aug
1.92
KB
-rw-r--r--
xendconfsxp.aug
1.07
KB
-rw-r--r--
xinetd.aug
4.02
KB
-rw-r--r--
xml.aug
6.33
KB
-rw-r--r--
xorg.aug
10.43
KB
-rw-r--r--
xymon.aug
2.26
KB
-rw-r--r--
xymon_alerting.aug
6.11
KB
-rw-r--r--
yaml.aug
1.54
KB
-rw-r--r--
yum.aug
2.19
KB
-rw-r--r--
Delete
Unzip
Zip
${this.title}
Close
Code Editor : openvpn.aug
(* OpenVPN module for Augeas Author: Raphael Pinson <raphink@gmail.com> Author: Justin Akers <dafugg@gmail.com> Reference: http://openvpn.net/index.php/documentation/howto.html Reference: https://community.openvpn.net/openvpn/wiki/Openvpn23ManPage TODO: Inline file support *) module OpenVPN = autoload xfm (************************************************************************ * USEFUL PRIMITIVES *************************************************************************) let eol = Util.eol let indent = Util.indent (* Define separators *) let sep = Util.del_ws_spc (* Define value regexps. Custom simplified ipv6 used instead of Rx.ipv6 as the augeas Travis instances are limited to 2GB of memory. Using 'ipv6_re = Rx.ipv6' consumes an extra 2GB of memory and thus the test is OOM-killed. *) let ipv6_re = /[0-9A-Fa-f:]+/ let ipv4_re = Rx.ipv4 let ip_re = ipv4_re|ipv6_re let num_re = Rx.integer let fn_re = /[^#; \t\n][^#;\n]*[^#; \t\n]|[^#; \t\n]/ let fn_safe_re = /[^#; \t\r\n]+/ let an_re = /[a-z][a-z0-9_-]*/ let hn_re = Rx.hostname let port_re = /[0-9]+/ let host_re = ip_re|hn_re let proto_re = /(tcp|udp)/ let proto_ext_re = /(udp|tcp-client|tcp-server)/ let alg_re = /(none|[A-Za-z][A-Za-z0-9-]+)/ let ipv6_bits_re = ipv6_re . /\/[0-9]+/ (* Define store aliases *) let ip = store ip_re let num = store num_re let filename = store fn_re let filename_safe = store fn_safe_re let hostname = store hn_re let sto_to_dquote = store /[^"\n]+/ (* " Emacs, relax *) let port = store port_re let host = store host_re let proto = store proto_re let proto_ext = store proto_ext_re (* define comments and empty lines *) let comment = Util.comment_generic /[ \t]*[;#][ \t]*/ "# " let comment_or_eol = eol | Util.comment_generic /[ \t]*[;#][ \t]*/ " # " let empty = Util.empty (************************************************************************ * SINGLE VALUES * * - local => IP|hostname * - port => num * - proto => udp|tcp-client|tcp-server * - proto-force => udp|tcp * - mode => p2p|server * - dev => (tun|tap)\d* * - dev-node => filename * - ca => filename * - config => filename * - cert => filename * - key => filename * - dh => filename * - ifconfig-pool-persist => filename * - learn-address => filename * - cipher => [A-Z0-9-]+ * - max-clients => num * - user => alphanum * - group => alphanum * - status => filename * - log => filename * - log-append => filename * - client-config-dir => filename * - verb => num * - mute => num * - fragment => num * - mssfix => num * - connect-retry num * - connect-retry-max num * - connect-timeout num * - http-proxy-timeout num * - max-routes num * - ns-cert-type => "server" * - resolv-retry => "infinite" * - script-security => [0-3] (execve|system)? * - ipchange => command * - topology => type *************************************************************************) let single_host = "local" | "tls-remote" let single_ip = "lladdr" let single_ipv6_bits = "iroute-ipv6" | "server-ipv6" | "ifconfig-ipv6-pool" let single_num = "port" | "max-clients" | "verb" | "mute" | "fragment" | "mssfix" | "connect-retry" | "connect-retry-max" | "connect-timeout" | "http-proxy-timeout" | "resolv-retry" | "lport" | "rport" | "max-routes" | "max-routes-per-client" | "route-metric" | "tun-mtu" | "tun-mtu-extra" | "shaper" | "ping" | "ping-exit" | "ping-restart" | "sndbuf" | "rcvbuf" | "txqueuelen" | "link-mtu" | "nice" | "management-log-cache" | "bcast-buffers" | "tcp-queue-limit" | "server-poll-timeout" | "keysize" | "pkcs11-pin-cache" | "tls-timeout" | "reneg-bytes" | "reneg-pkts" | "reneg-sec" | "hand-window" | "tran-window" let single_fn = "ca" | "cert" | "extra-certs" | "config" | "key" | "dh" | "log" | "log-append" | "client-config-dir" | "dev-node" | "cd" | "chroot" | "writepid" | "client-config-dir" | "tmp-dir" | "replay-persist" | "ca" | "capath" | "pkcs12" | "pkcs11-id" | "askpass" | "tls-export-cert" | "x509-track" let single_an = "user" | "group" | "management-client-user" | "management-client-group" let single_cmd = "ipchange" | "iproute" | "route-up" | "route-pre-down" | "mark" | "up" | "down" | "setcon" | "echo" | "client-connect" | "client-disconnect" | "learn-address" | "tls-verify" let single_entry (kw:regexp) (re:regexp) = [ key kw . sep . store re . comment_or_eol ] let single_opt_entry (kw:regexp) (re:regexp) = [ key kw . (sep . store re)? .comment_or_eol ] let single = single_entry single_num num_re | single_entry single_fn fn_re | single_entry single_an an_re | single_entry single_host host_re | single_entry single_ip ip_re | single_entry single_ipv6_bits ipv6_bits_re | single_entry single_cmd fn_re | single_entry "proto" proto_ext_re | single_entry "proto-force" proto_re | single_entry "mode" /(p2p|server)/ | single_entry "dev" /(tun|tap)[0-9]*|null/ | single_entry "dev-type" /(tun|tap)/ | single_entry "topology" /(net30|p2p|subnet)/ | single_entry "cipher" alg_re | single_entry "auth" alg_re | single_entry "resolv-retry" "infinite" | single_entry "script-security" /[0-3]( execve| system)?/ | single_entry "route-gateway" (host_re|/dhcp/) | single_entry "mtu-disc" /(no|maybe|yes)/ | single_entry "remap-usr1" /SIG(HUP|TERM)/ | single_entry "socket-flags" /(TCP_NODELAY)/ | single_entry "auth-retry" /(none|nointeract|interact)/ | single_entry "tls-version-max" Rx.decimal | single_entry "verify-hash" /([A-Za-z0-9]{2}:)+[A-Za-z0-9]{2}/ | single_entry "pkcs11-cert-private" /[01]/ | single_entry "pkcs11-protected-authentication" /[01]/ | single_entry "pkcs11-private-mode" /[A-Za-z0-9]+/ | single_entry "key-method" /[12]/ | single_entry "ns-cert-type" /(client|server)/ | single_entry "remote-cert-tls" /(client|server)/ let single_opt = single_opt_entry "comp-lzo" /(yes|no|adaptive)/ | single_opt_entry "syslog" fn_re | single_opt_entry "daemon" fn_re | single_opt_entry "auth-user-pass" fn_re | single_opt_entry "explicit-exit-notify" num_re | single_opt_entry "engine" fn_re (************************************************************************ * DOUBLE VALUES *************************************************************************) let double_entry (kw:regexp) (a:string) (aval:regexp) (b:string) (bval:regexp) = [ key kw . sep . [ label a . store aval ] . sep . [ label b . store bval ] . comment_or_eol ] let double_secopt_entry (kw:regexp) (a:string) (aval:regexp) (b:string) (bval:regexp) = [ key kw . sep . [ label a . store aval ] . (sep . [ label b . store bval ])? . comment_or_eol ] let double = double_entry "keepalive" "ping" num_re "timeout" num_re | double_entry "hash-size" "real" num_re "virtual" num_re | double_entry "ifconfig" "local" ip_re "remote" ip_re | double_entry "connect-freq" "num" num_re "sec" num_re | double_entry "verify-x509-name" "name" hn_re "type" /(subject|name|name-prefix)/ | double_entry "ifconfig-ipv6" "address" ipv6_bits_re "remote" ipv6_re | double_entry "ifconfig-ipv6-push" "address" ipv6_bits_re "remote" ipv6_re | double_secopt_entry "iroute" "local" ip_re "netmask" ip_re | double_secopt_entry "stale-routes-check" "age" num_re "interval" num_re | double_secopt_entry "ifconfig-pool-persist" "file" fn_safe_re "seconds" num_re | double_secopt_entry "secret" "file" fn_safe_re "direction" /[01]/ | double_secopt_entry "prng" "algorithm" alg_re "nsl" num_re | double_secopt_entry "replay-window" "window-size" num_re "seconds" num_re (************************************************************************ * FLAGS *************************************************************************) let flag_words = "client-to-client" | "duplicate-cn" | "persist-key" | "persist-tun" | "client" | "remote-random" | "nobind" | "mute-replay-warnings" | "http-proxy-retry" | "socks-proxy-retry" | "remote-random-hostname" | "show-proxy-settings" | "float" | "bind" | "nobind" | "tun-ipv6" | "ifconfig-noexec" | "ifconfig-nowarn" | "route-noexec" | "route-nopull" | "allow-pull-fqdn" | "mtu-test" | "ping-timer-rem" | "persist-tun" | "persist-local-ip" | "persist-remote-ip" | "mlock" | "up-delay" | "down-pre" | "up-restart" | "disable-occ" | "errors-to-stderr" | "passtos" | "suppress-timestamps" | "fast-io" | "multihome" | "comp-noadapt" | "management-client" | "management-query-passwords" | "management-query-proxy" | "management-query-remote" | "management-forget-disconnect" | "management-hold" | "management-signal" | "management-up-down" | "management-client-auth" | "management-client-pf" | "push-reset" | "push-peer-info" | "disable" | "ifconfig-pool-linear" | "client-to-client" | "duplicate-cn" | "ccd-exclusive" | "tcp-nodelay" | "opt-verify" | "auth-user-pass-optional" | "client-cert-not-required" | "username-as-common-name" | "pull" | "key-direction" | "no-replay" | "mute-replay-warnings" | "no-iv" | "use-prediction-resistance" | "test-crypto" | "tls-server" | "tls-client" | "pkcs11-id-management" | "single-session" | "tls-exit" | "auth-nocache" | "show-ciphers" | "show-digests" | "show-tls" | "show-engines" | "genkey" | "mktun" | "rmtun" let flag_entry (kw:regexp) = [ key kw . comment_or_eol ] let flag = flag_entry flag_words (************************************************************************ * OTHER FIELDS * * - server => IP IP [nopool] * - server-bridge => IP IP IP IP * - route => host host [host [num]] * - push => "string" * - tls-auth => filename [01] * - remote => hostname/IP [num] [(tcp|udp)] * - management => IP num filename * - http-proxy => host port [filename|keyword] [method] * - http-proxy-option => (VERSION decimal|AGENT string) * ... * and many others * *************************************************************************) let server = [ key "server" . sep . [ label "address" . ip ] . sep . [ label "netmask" . ip ] . (sep . [ key "nopool" ]) ? . comment_or_eol ] let server_bridge = let ip_params = [ label "address" . ip ] . sep . [ label "netmask" . ip ] . sep . [ label "start" . ip ] . sep . [ label "end" . ip ] in [ key "server-bridge" . sep . (ip_params|store /(nogw)/) . comment_or_eol ] let route = let route_net_kw = store (/(vpn_gateway|net_gateway|remote_host)/|host_re) in [ key "route" . sep . [ label "address" . route_net_kw ] . (sep . [ label "netmask" . store (ip_re|/default/) ] . (sep . [ label "gateway" . route_net_kw ] . (sep . [ label "metric" . store (/default/|num_re)] )? )? )? . comment_or_eol ] let route_ipv6 = let route_net_re = /(vpn_gateway|net_gateway|remote_host)/ in [ key "route-ipv6" . sep . [ label "network" . store (route_net_re|ipv6_bits_re) ] . (sep . [ label "gateway" . store (route_net_re|ipv6_re) ] . (sep . [ label "metric" . store (/default/|num_re)] )? )? . comment_or_eol ] let push = [ key "push" . sep . Quote.do_dquote sto_to_dquote . comment_or_eol ] let tls_auth = [ key "tls-auth" . sep . [ label "key" . filename ] . sep . [ label "is_client" . store /[01]/ ] . comment_or_eol ] let remote = [ key "remote" . sep . [ label "server" . host ] . (sep . [label "port" . port] . (sep . [label "proto" . proto]) ? ) ? . comment_or_eol ] let http_proxy = let auth_method_re = /(none|basic|ntlm)/ in let auth_method = store auth_method_re in [ key "http-proxy" . sep . [ label "server" . host ] . sep . [ label "port" . port ] . (sep . [ label "auth" . filename_safe ] . (sep . [ label "auth-method" . auth_method ]) ? )? . comment_or_eol ] let http_proxy_option = [ key "http-proxy-option" . sep . [ label "option" . store /(VERSION|AGENT)/ ] . sep . [ label "value" . filename ] . comment_or_eol ] let socks_proxy = [ key "socks-proxy" . sep . [ label "server" . host ] . (sep . [ label "port" . port ] . (sep . [ label "auth" . filename_safe ])? )? . comment_or_eol ] let port_share = [ key "port-share" . sep . [ label "host" . host ] . sep . [ label "port" . port ] . (sep . [ label "dir" . filename ])? . comment_or_eol ] let route_delay = [ key "route-delay" . (sep . [ label "seconds" . num ] . (sep . [ label "win-seconds" . num ] ) ? )? . comment_or_eol ] let inetd = [ key "inetd" . (sep . [label "mode" . store /(wait|nowait)/ ] . (sep . [ label "progname" . filename ] ) ? )? . comment_or_eol ] let inactive = [ key "inactive" . sep . [ label "seconds" . num ] . (sep . [ label "bytes" . num ] ) ? . comment_or_eol ] let client_nat = [ key "client-nat" . sep . [ label "type" . store /(snat|dnat)/ ] . sep . [ label "network" . ip ] . sep . [ label "netmask" . ip ] . sep . [ label "alias" . ip ] . comment_or_eol ] let status = [ key "status" . sep . [ label "file" . filename_safe ] . (sep . [ label "repeat-seconds" . num ]) ? . comment_or_eol ] let plugin = [ key "plugin" . sep . [ label "file" . filename_safe ] . (sep . [ label "init-string" . filename ]) ? . comment_or_eol ] let management = [ key "management" . sep . [ label "server" . ip ] . sep . [ label "port" . port ] . (sep . [ label "pwfile" . filename ] ) ? . comment_or_eol ] let auth_user_pass_verify = [ key "auth-user-pass-verify" . sep . [ Quote.quote_spaces (label "command") ] . sep . [ label "method" . store /via-(env|file)/ ] . comment_or_eol ] let static_challenge = [ key "static-challenge" . sep . [ Quote.quote_spaces (label "text") ] . sep . [ label "echo" . store /[01]/ ] . comment_or_eol ] let cryptoapicert = [ key "cryptoapicert" . sep . Quote.dquote . [ key /[A-Z]+/ . Sep.colon . store /[A-Za-z _-]+/ ] . Quote.dquote . comment_or_eol ] let setenv = let envvar = /[^#;\/ \t\n][A-Za-z0-9_-]+/ in [ key ("setenv"|"setenv-safe") . sep . [ key envvar . sep . store fn_re ] . comment_or_eol ] let redirect = let redirect_flag = /(local|autolocal|def1|bypass-dhcp|bypass-dns|block-local)/ in let redirect_key = "redirect-gateway" | "redirect-private" in [ key redirect_key . (sep . [ label "flag" . store redirect_flag ] ) + . comment_or_eol ] let tls_cipher = let ciphername = /[A-Za-z0-9!_-]+/ in [ key "tls-cipher" . sep . [label "cipher" . store ciphername] . (Sep.colon . [label "cipher" . store ciphername])* . comment_or_eol ] let remote_cert_ku = let usage = [label "usage" . store /[A-Za-z0-9]{1,2}/] in [ key "remote-cert-ku" . sep . usage . (sep . usage)* . comment_or_eol ] (* FIXME: Surely there's a nicer way to do this *) let remote_cert_eku = let oid = [label "oid" . store /[0-9]+\.([0-9]+\.)*[0-9]+/] in let symbolic = [Quote.do_quote_opt (label "symbol" . store /[A-Za-z0-9][A-Za-z0-9 _-]*[A-Za-z0-9]/)] in [ key "remote-cert-eku" . sep . (oid|symbolic) . comment_or_eol ] let status_version = [ key "status-version" . (sep . num) ? . comment_or_eol ] let ifconfig_pool = [ key "ifconfig-pool" . sep . [ label "start" . ip ] . sep . [ label "end" . ip ] . (sep . [ label "netmask" . ip ])? . comment_or_eol ] let ifconfig_push = [ key "ifconfig-push" . sep . [ label "local" . ip ] . sep . [ label "remote-netmask" . ip ] . (sep . [ label "alias" . store /[A-Za-z0-9_-]+/ ] )? . comment_or_eol ] let ignore_unknown_option = [ key "ignore-unknown-option" . (sep . [ label "opt" . store /[A-Za-z0-9_-]+/ ] ) + . comment_or_eol ] let tls_version_min = [ key "tls-version-min" . sep . store Rx.decimal . (sep . [ key "or-highest" ]) ? . comment_or_eol ] let crl_verify = [ key "crl-verify" . sep . filename_safe . (sep . [ key "dir" ]) ? . comment_or_eol ] let x509_username_field = let fieldname = /[A-Za-z0-9_-]+/ in let extfield = ([key /ext/ . Sep.colon . store fieldname]) in let subjfield = ([label "subj" . store fieldname]) in [ key "x509-username-field" . sep . (extfield|subjfield) . comment_or_eol ] let other = server | server_bridge | route | push | tls_auth | remote | http_proxy | http_proxy_option | socks_proxy | management | route_delay | client_nat | redirect | inactive | setenv | inetd | status | status_version | plugin | ifconfig_pool | ifconfig_push | ignore_unknown_option | auth_user_pass_verify | port_share | static_challenge | tls_version_min | tls_cipher | cryptoapicert | x509_username_field | remote_cert_ku | remote_cert_eku | crl_verify | route_ipv6 (************************************************************************ * LENS & FILTER *************************************************************************) let lns = ( comment | empty | single | single_opt | double | flag | other )* let filter = (incl "/etc/openvpn/client.conf") . (incl "/etc/openvpn/server.conf") let xfm = transform lns filter
Close
