android: Make custom subnets configurable in the GUI
authorTobias Brunner <tobias@strongswan.org>
Thu, 22 Jun 2017 10:26:19 +0000 (12:26 +0200)
committerTobias Brunner <tobias@strongswan.org>
Mon, 3 Jul 2017 08:27:53 +0000 (10:27 +0200)
src/frontends/android/app/src/main/java/org/strongswan/android/ui/VpnProfileDetailActivity.java
src/frontends/android/app/src/main/res/layout/profile_detail_view.xml
src/frontends/android/app/src/main/res/values-de/strings.xml
src/frontends/android/app/src/main/res/values-pl/strings.xml
src/frontends/android/app/src/main/res/values-ru/strings.xml
src/frontends/android/app/src/main/res/values-ua/strings.xml
src/frontends/android/app/src/main/res/values-zh-rCN/strings.xml
src/frontends/android/app/src/main/res/values-zh-rTW/strings.xml
src/frontends/android/app/src/main/res/values/strings.xml

index 2be50e6..d495b74 100644 (file)
@@ -106,6 +106,8 @@ public class VpnProfileDetailActivity extends AppCompatActivity
        private TextInputLayoutHelper mMTUWrap;
        private EditText mPort;
        private TextInputLayoutHelper mPortWrap;
+       private EditText mIncludedSubnets;
+       private TextInputLayoutHelper mIncludedSubnetsWrap;
        private EditText mExcludedSubnets;
        private TextInputLayoutHelper mExcludedSubnetsWrap;
        private CheckBox mBlockIPv4;
@@ -152,6 +154,8 @@ public class VpnProfileDetailActivity extends AppCompatActivity
                mMTUWrap = (TextInputLayoutHelper) findViewById(R.id.mtu_wrap);
                mPort = (EditText)findViewById(R.id.port);
                mPortWrap = (TextInputLayoutHelper) findViewById(R.id.port_wrap);
+               mIncludedSubnets = (EditText)findViewById(R.id.included_subnets);
+               mIncludedSubnetsWrap = (TextInputLayoutHelper)findViewById(R.id.included_subnets_wrap);
                mExcludedSubnets = (EditText)findViewById(R.id.excluded_subnets);
                mExcludedSubnetsWrap = (TextInputLayoutHelper)findViewById(R.id.excluded_subnets_wrap);
                mBlockIPv4 = (CheckBox)findViewById(R.id.split_tunneling_v4);
@@ -443,7 +447,7 @@ public class VpnProfileDetailActivity extends AppCompatActivity
                        Integer st = mProfile.getSplitTunneling();
                        show = mProfile.getRemoteId() != null || mProfile.getMTU() != null ||
                                   mProfile.getPort() != null || (st != null && st != 0) ||
-                                  mProfile.getExcludedSubnets() != null;
+                                  mProfile.getIncludedSubnets() != null || mProfile.getExcludedSubnets() != null;
                }
                mShowAdvanced.setVisibility(!show ? View.VISIBLE : View.GONE);
                mAdvancedSettings.setVisibility(show ? View.VISIBLE : View.GONE);
@@ -516,6 +520,11 @@ public class VpnProfileDetailActivity extends AppCompatActivity
                        mMTUWrap.setError(String.format(getString(R.string.alert_text_out_of_range), Constants.MTU_MIN, Constants.MTU_MAX));
                        valid = false;
                }
+               if (!validateSubnets(mIncludedSubnets))
+               {
+                       mIncludedSubnetsWrap.setError(getString(R.string.alert_text_no_subnets));
+                       valid = false;
+               }
                if (!validateSubnets(mExcludedSubnets))
                {
                        mExcludedSubnetsWrap.setError(getString(R.string.alert_text_no_subnets));
@@ -558,6 +567,8 @@ public class VpnProfileDetailActivity extends AppCompatActivity
                mProfile.setRemoteId(remote_id.isEmpty() ? null : remote_id);
                mProfile.setMTU(getInteger(mMTU));
                mProfile.setPort(getInteger(mPort));
+               String included = mIncludedSubnets.getText().toString().trim();
+               mProfile.setIncludedSubnets(included.isEmpty() ? null : included);
                String excluded = mExcludedSubnets.getText().toString().trim();
                mProfile.setExcludedSubnets(excluded.isEmpty() ? null : excluded);
                int st = 0;
@@ -589,6 +600,7 @@ public class VpnProfileDetailActivity extends AppCompatActivity
                                mRemoteId.setText(mProfile.getRemoteId());
                                mMTU.setText(mProfile.getMTU() != null ? mProfile.getMTU().toString() : null);
                                mPort.setText(mProfile.getPort() != null ? mProfile.getPort().toString() : null);
+                               mIncludedSubnets.setText(mProfile.getIncludedSubnets());
                                mExcludedSubnets.setText(mProfile.getExcludedSubnets());
                                mBlockIPv4.setChecked(mProfile.getSplitTunneling() != null && (mProfile.getSplitTunneling() & VpnProfile.SPLIT_TUNNELING_BLOCK_IPV4) != 0);
                                mBlockIPv6.setChecked(mProfile.getSplitTunneling() != null && (mProfile.getSplitTunneling() & VpnProfile.SPLIT_TUNNELING_BLOCK_IPV6) != 0);
index 82880a1..f9a512d 100644 (file)
                 android:textSize="20sp"
                 android:text="@string/profile_split_tunneling_label" />
 
+            <TextView
+                android:layout_width="match_parent"
+                android:layout_height="wrap_content"
+                android:layout_marginTop="10dp"
+                android:layout_marginBottom="10dp"
+                android:layout_marginLeft="4dp"
+                android:textSize="12sp"
+                android:text="@string/profile_split_tunneling_intro" />
+
+            <org.strongswan.android.ui.widget.TextInputLayoutHelper
+                android:id="@+id/included_subnets_wrap"
+                android:layout_width="match_parent"
+                android:layout_height="wrap_content"
+                app:helper_text="@string/profile_included_subnets_hint" >
+
+                <android.support.design.widget.TextInputEditText
+                    android:id="@+id/included_subnets"
+                    android:layout_width="match_parent"
+                    android:layout_height="wrap_content"
+                    android:singleLine="true"
+                    android:inputType="textNoSuggestions"
+                    android:hint="@string/profile_included_subnets_label" />
+
+            </org.strongswan.android.ui.widget.TextInputLayoutHelper>
+
             <org.strongswan.android.ui.widget.TextInputLayoutHelper
                 android:id="@+id/excluded_subnets_wrap"
                 android:layout_width="match_parent"
index 30e984e..b981375 100644 (file)
     <string name="profile_port_label">Server Port</string>
     <string name="profile_port_hint">UDP-Port zu dem verbunden wird, falls dieser vom Standard-Port abweicht</string>
     <string name="profile_split_tunneling_label">Split-Tunneling</string>
+    <string name="profile_split_tunneling_intro">Standardmässig leitet der Client allen Netzwerkverkehr durch den VPN Tunnel, ausser der Server schränkt die Subnetze beim Verbindungsaufbau ein, in welchem Fall nur der Verkehr via VPN geleitet wird, den der Server erlaubt (der Rest wird standardmässig behandelt, als ob kein VPN vorhanden wäre).</string>
     <string name="profile_split_tunnelingv4_title">Blockiere IPv4 Verkehr der nicht für das VPN bestimmt ist</string>
     <string name="profile_split_tunnelingv6_title">Blockiere IPv6 Verkehr der nicht für das VPN bestimmt ist</string>
+    <string name="profile_included_subnets_label">Benutzerdefinierte Subnetze</string>
+    <string name="profile_included_subnets_hint">Nur Verkehr in die spezifizierten Subnetze wird via VPN geleitet, der Rest wird behandelt, als ob kein VPN vorhanden wäre (mit Leerzeichen getrennt, z.B. \"192.168.1.0/24 2001:db8::/64\")</string>
     <string name="profile_excluded_subnets_label">Ausgeschlossene Subnetze</string>
-    <string name="profile_excluded_subnets_hint">Mit Leerzeichen getrennte Subnetze und/oder IP-Adressen, die vom VPN ausgeschlossen werden sollen (z.B. \"192.168.1.0/24 2001:db8::/64\")</string>
+    <string name="profile_excluded_subnets_hint">Verkehr in diese Subnetze wird vom VPN ausgeschlossen und behandelt, als ob kein VPN vorhanden wäre (mit Leerzeichen getrennt, z.B. \"192.168.1.0/24 2001:db8::/64\")</string>
     <string name="profile_import">VPN Profile importieren</string>
     <string name="profile_import_failed">VPN Profil-Import fehlgeschlagen</string>
     <string name="profile_import_failed_detail">VPN Profil-Import fehlgeschlagen: %1$s</string>
index 6823ccd..6924aec 100644 (file)
     <string name="profile_port_label">Server port</string>
     <string name="profile_port_hint">UDP port to connect to, if different from the default</string>
     <string name="profile_split_tunneling_label">Split tunneling</string>
+    <string name="profile_split_tunneling_intro">By default, the client will route all network traffic through the VPN, unless the server narrows the subnets when the connection is established, in which case only traffic the server allows will be routed via VPN (by default, all other traffic is routed as if there was no VPN).</string>
     <string name="profile_split_tunnelingv4_title">Block IPv4 traffic not destined for the VPN</string>
     <string name="profile_split_tunnelingv6_title">Block IPv6 traffic not destined for the VPN</string>
+    <string name="profile_included_subnets_label">Custom subnets</string>
+    <string name="profile_included_subnets_hint">Only route traffic to specific subnets via VPN, everything else is routed as if there was no VPN (separated by spaces, e.g. \"192.168.1.0/24 2001:db8::/64\")</string>
     <string name="profile_excluded_subnets_label">Excluded subnets</string>
-    <string name="profile_excluded_subnets_hint">Subnets and/or IP addresses, separated by spaces, to exclude from the VPN (e.g. \"192.168.1.0/24 2001:db8::/64\")</string>
+    <string name="profile_excluded_subnets_hint">Traffic to these subnets will not be routed via VPN, but as if there was no VPN (separated by spaces, e.g. \"192.168.1.0/24 2001:db8::/64\")</string>
     <string name="profile_import">Import VPN profile</string>
     <string name="profile_import_failed">Failed to import VPN profile</string>
     <string name="profile_import_failed_detail">Failed to import VPN profile: %1$s</string>
index eb24bc4..0d117b7 100644 (file)
     <string name="profile_port_label">Server port</string>
     <string name="profile_port_hint">UDP port to connect to, if different from the default</string>
     <string name="profile_split_tunneling_label">Split tunneling</string>
+    <string name="profile_split_tunneling_intro">By default, the client will route all network traffic through the VPN, unless the server narrows the subnets when the connection is established, in which case only traffic the server allows will be routed via VPN (by default, all other traffic is routed as if there was no VPN).</string>
     <string name="profile_split_tunnelingv4_title">Block IPv4 traffic not destined for the VPN</string>
     <string name="profile_split_tunnelingv6_title">Block IPv6 traffic not destined for the VPN</string>
+    <string name="profile_included_subnets_label">Custom subnets</string>
+    <string name="profile_included_subnets_hint">Only route traffic to specific subnets via VPN, everything else is routed as if there was no VPN (separated by spaces, e.g. \"192.168.1.0/24 2001:db8::/64\")</string>
     <string name="profile_excluded_subnets_label">Excluded subnets</string>
-    <string name="profile_excluded_subnets_hint">Subnets and/or IP addresses, separated by spaces, to exclude from the VPN (e.g. \"192.168.1.0/24 2001:db8::/64\")</string>
+    <string name="profile_excluded_subnets_hint">Traffic to these subnets will not be routed via VPN, but as if there was no VPN (separated by spaces, e.g. \"192.168.1.0/24 2001:db8::/64\")</string>
     <string name="profile_import">Import VPN profile</string>
     <string name="profile_import_failed">Failed to import VPN profile</string>
     <string name="profile_import_failed_detail">Failed to import VPN profile: %1$s</string>
index dbae53c..22e8da2 100644 (file)
     <string name="profile_port_label">Server port</string>
     <string name="profile_port_hint">UDP port to connect to, if different from the default</string>
     <string name="profile_split_tunneling_label">Split tunneling</string>
+    <string name="profile_split_tunneling_intro">By default, the client will route all network traffic through the VPN, unless the server narrows the subnets when the connection is established, in which case only traffic the server allows will be routed via VPN (by default, all other traffic is routed as if there was no VPN).</string>
     <string name="profile_split_tunnelingv4_title">Block IPv4 traffic not destined for the VPN</string>
     <string name="profile_split_tunnelingv6_title">Block IPv6 traffic not destined for the VPN</string>
+    <string name="profile_included_subnets_label">Custom subnets</string>
+    <string name="profile_included_subnets_hint">Only route traffic to specific subnets via VPN, everything else is routed as if there was no VPN (separated by spaces, e.g. \"192.168.1.0/24 2001:db8::/64\")</string>
     <string name="profile_excluded_subnets_label">Excluded subnets</string>
-    <string name="profile_excluded_subnets_hint">Subnets and/or IP addresses, separated by spaces, to exclude from the VPN (e.g. \"192.168.1.0/24 2001:db8::/64\")</string>
+    <string name="profile_excluded_subnets_hint">Traffic to these subnets will not be routed via VPN, but as if there was no VPN (separated by spaces, e.g. \"192.168.1.0/24 2001:db8::/64\")</string>
     <string name="profile_import">Import VPN profile</string>
     <string name="profile_import_failed">Failed to import VPN profile</string>
     <string name="profile_import_failed_detail">Failed to import VPN profile: %1$s</string>
index bae1c37..8df905b 100644 (file)
     <string name="profile_port_label">服务器端口</string>
     <string name="profile_port_hint">如不同于默认值,则所需连接的UDP端口</string>
     <string name="profile_split_tunneling_label">拆分隧道</string>
+    <string name="profile_split_tunneling_intro">By default, the client will route all network traffic through the VPN, unless the server narrows the subnets when the connection is established, in which case only traffic the server allows will be routed via VPN (by default, all other traffic is routed as if there was no VPN).</string>
     <string name="profile_split_tunnelingv4_title">屏蔽不通过VPN的IPV4流量</string>
     <string name="profile_split_tunnelingv6_title">屏蔽不通过VPN的IPV6流量</string>
+    <string name="profile_included_subnets_label">Custom subnets</string>
+    <string name="profile_included_subnets_hint">Only route traffic to specific subnets via VPN, everything else is routed as if there was no VPN (separated by spaces, e.g. \"192.168.1.0/24 2001:db8::/64\")</string>
     <string name="profile_excluded_subnets_label">Excluded subnets</string>
-    <string name="profile_excluded_subnets_hint">Subnets and/or IP addresses, separated by spaces, to exclude from the VPN (e.g. \"192.168.1.0/24 2001:db8::/64\")</string>
+    <string name="profile_excluded_subnets_hint">Traffic to these subnets will not be routed via VPN, but as if there was no VPN (separated by spaces, e.g. \"192.168.1.0/24 2001:db8::/64\")</string>
     <string name="profile_import">导入VPN配置</string>
     <string name="profile_import_failed">导入VPN配置失败</string>
     <string name="profile_import_failed_detail">导入VPN配置失败: %1$s</string>
index ccd645f..1aa0605 100644 (file)
     <string name="profile_port_label">伺服器Port</string>
     <string name="profile_port_hint">如果和預設值不同,則需要連接的UDP Port</string>
     <string name="profile_split_tunneling_label">拆分隧道</string>
+    <string name="profile_split_tunneling_intro">By default, the client will route all network traffic through the VPN, unless the server narrows the subnets when the connection is established, in which case only traffic the server allows will be routed via VPN (by default, all other traffic is routed as if there was no VPN).</string>
     <string name="profile_split_tunnelingv4_title">屏蔽不通过VPN的IPV4流量</string>
     <string name="profile_split_tunnelingv6_title">屏蔽不通过VPN的IPV6流量</string>
+    <string name="profile_included_subnets_label">Custom subnets</string>
+    <string name="profile_included_subnets_hint">Only route traffic to specific subnets via VPN, everything else is routed as if there was no VPN (separated by spaces, e.g. \"192.168.1.0/24 2001:db8::/64\")</string>
     <string name="profile_excluded_subnets_label">Excluded subnets</string>
-    <string name="profile_excluded_subnets_hint">Subnets and/or IP addresses, separated by spaces, to exclude from the VPN (e.g. \"192.168.1.0/24 2001:db8::/64\")</string>
+    <string name="profile_excluded_subnets_hint">Traffic to these subnets will not be routed via VPN, but as if there was no VPN (separated by spaces, e.g. \"192.168.1.0/24 2001:db8::/64\")</string>
     <string name="profile_import">匯入VPN設定檔</string>
     <string name="profile_import_failed">匯入VPN設定檔失敗</string>
     <string name="profile_import_failed_detail">匯入VPN設定檔失敗: %1$s</string>
index 6f1bd4b..3b35306 100644 (file)
     <string name="profile_port_label">Server port</string>
     <string name="profile_port_hint">UDP port to connect to, if different from the default</string>
     <string name="profile_split_tunneling_label">Split tunneling</string>
+    <string name="profile_split_tunneling_intro">By default, the client will route all network traffic through the VPN, unless the server narrows the subnets when the connection is established, in which case only traffic the server allows will be routed via VPN (by default, all other traffic is routed as if there was no VPN).</string>
     <string name="profile_split_tunnelingv4_title">Block IPv4 traffic not destined for the VPN</string>
     <string name="profile_split_tunnelingv6_title">Block IPv6 traffic not destined for the VPN</string>
+    <string name="profile_included_subnets_label">Custom subnets</string>
+    <string name="profile_included_subnets_hint">Only route traffic to specific subnets via VPN, everything else is routed as if there was no VPN (separated by spaces, e.g. \"192.168.1.0/24 2001:db8::/64\")</string>
     <string name="profile_excluded_subnets_label">Excluded subnets</string>
-    <string name="profile_excluded_subnets_hint">Subnets and/or IP addresses, separated by spaces, to exclude from the VPN (e.g. \"192.168.1.0/24 2001:db8::/64\")</string>
+    <string name="profile_excluded_subnets_hint">Traffic to these subnets will not be routed via VPN, but as if there was no VPN (separated by spaces, e.g. \"192.168.1.0/24 2001:db8::/64\")</string>
     <string name="profile_import">Import VPN profile</string>
     <string name="profile_import_failed">Failed to import VPN profile</string>
     <string name="profile_import_failed_detail">Failed to import VPN profile: %1$s</string>