Fix #22

conf/openvpn_client.conf.tpl

@@ -1,8 +1,8 @@
-# [WARN] Edit this raw configuration ONLY IF YOU KNOW what
-#        you do!
-# [WARN] Continue to use the placeholders <TPL:*> and keep
-#        update their value on the web admin (they are not
-#        only used for this file).
+# [WARN] Edit this raw configuration ONLY IF YOU KNOW 
+#        what you do!
+# [WARN] Continue to use the placeholders <TPL:*> and
+#        keep update their value on the web admin (they 
+#        are not only used for this file).
 
 remote <TPL:SERVER_NAME>
 proto <TPL:PROTO>

conf/ynh-vpnclient

@@ -52,6 +52,11 @@ is_serverip6route_set() {
   fi
 }
 
+is_dns_set() {
+  [ -e /etc/dhcp/dhclient-exit-hooks.d/ynh-vpnclient ]\
+  && grep -q ${ynh_dns0} /etc/resolv.conf
+}
+
 is_openvpn_running() {
   systemctl is-active openvpn@client.service &> /dev/null
 }
@@ -59,7 +64,7 @@ is_openvpn_running() {
 is_running() {
   ((has_nativeip6 && is_serverip6route_set "${new_server_ip6}") || ! has_nativeip6)\
   && ((! has_hotspot_app && has_ip6delegatedprefix && is_ip6addr_set) || has_hotspot_app || ! has_ip6delegatedprefix)\
-  && is_openvpn_running
+  && is_dns_set && is_openvpn_running
 }
 
 ## Setters
@@ -76,6 +81,15 @@ set_serverip6route() {
   ip route add "${server_ip6}/128" via "${ip6_gw}" dev "${wired_device}"
 }
 
+set_dns() {
+  cat << EOF > /etc/dhcp/dhclient-exit-hooks.d/ynh-vpnclient
+echo nameserver ${ynh_dns0} > /etc/resolv.conf
+echo nameserver ${ynh_dns1} >> /etc/resolv.conf
+EOF
+
+  bash /etc/dhcp/dhclient-exit-hooks.d/ynh-vpnclient
+}
+
 start_openvpn() {
   ip6_gw=${1}
   server_ip6=${2}
@@ -129,6 +143,10 @@ unset_serverip6route() {
   ip route delete "${server_ip6}/128" via "${ip6_gw}" dev "${wired_device}"
 }
 
+unset_dns() {
+  rm -f /etc/dhcp/dhclient-exit-hooks.d/ynh-vpnclient
+}
+
 stop_openvpn() {
   systemctl stop openvpn.service
 }
@@ -187,6 +205,8 @@ if [ "$1" != restart ]; then
   ynh_server_proto=$(ynh_setting_get vpnclient server_proto)
   ynh_ip6_addr=$(ynh_setting_get vpnclient ip6_addr)
   ynh_login_user=$(ynh_setting_get vpnclient login_user)
+  ynh_dns0=$(ynh_setting_get vpnclient dns0)
+  ynh_dns1=$(ynh_setting_get vpnclient dns1)
 
   old_ip6_gw=$(ynh_setting_get vpnclient ip6_gw)
   old_wired_device=$(ynh_setting_get vpnclient wired_device)
@@ -255,6 +275,12 @@ case "${1}" in
         set_ip6addr
       fi
 
+      # Set host DNS resolvers
+      if ! is_dns_set; then
+        echo "Set host DNS resolvers"
+        set_dns
+      fi
+
       # Update dynamic settings
       ynh_setting_set vpnclient server_ip6 "${new_server_ip6}"
       ynh_setting_set vpnclient ip6_gw "${new_ip6_gw}"
@@ -280,6 +306,11 @@ case "${1}" in
       unset_serverip6route "${old_server_ip6}" "${old_ip6_gw}" "${old_wired_device}"
     fi
 
+    if is_dns_set; then
+      echo "Unset forced host DNS resolvers"
+      unset_dns
+    fi
+
     if is_openvpn_running; then
       echo "Stop openvpn"
       stop_openvpn
@@ -347,6 +378,13 @@ case "${1}" in
       echo "[INFO] No IPv6 server route to set"
     fi
 
+    if is_dns_set; then
+      echo "[OK] Host DNS correctly set"
+    else
+      echo "[ERR] No host DNS set"
+      exitcode=1
+    fi
+
     if is_openvpn_running; then
       echo "[OK] Openvpn is running"
     else

scripts/install

@@ -63,6 +63,8 @@ if ! $upgrade; then
   sudo yunohost app setting vpnclient ip6_net -v none
   sudo yunohost app setting vpnclient login_user -v "${login_user}"
   sudo yunohost app setting vpnclient login_passphrase -v "${login_passphrase}"
+  sudo yunohost app setting vpnclient dns0 -v 89.234.141.66
+  sudo yunohost app setting vpnclient dns1 -v 2001:913::8
 
 fi
 

sources/controller.php

@@ -81,6 +81,8 @@ dispatch('/', function() {
   set('crt_server_ca_exists', file_exists('/etc/openvpn/keys/ca-server.crt'));
   set('faststatus', service_faststatus() == 0);
   set('raw_openvpn', $raw_openvpn);
+  set('dns0', ynh_setting_get('dns0'));
+  set('dns1', ynh_setting_get('dns1'));
 
   return render('settings.html.php');
 });
@@ -107,6 +109,10 @@ dispatch_put('/settings', function() {
       if($_POST['server_proto'] != 'udp' && $_POST['server_proto'] != 'tcp') {
         throw new Exception(_('The Protocol must be "udp" or "tcp"'));
       }
+
+      if(empty($_POST['dns0']) || empty($_POST['dns1'])) {
+        throw new Exception(_('You need to define two DNS resolver addresses'));
+      }
     
       if(($_FILES['crt_client']['error'] == UPLOAD_ERR_OK && $_FILES['crt_client_key']['error'] != UPLOAD_ERR_OK && (!$crt_client_key_exists || $_POST['crt_client_key_delete'] == 1))
         || ($_FILES['crt_client_key']['error'] == UPLOAD_ERR_OK && $_FILES['crt_client']['error'] != UPLOAD_ERR_OK && (!$crt_client_exists || $_POST['crt_client_delete'] == 1))) {
@@ -154,6 +160,8 @@ dispatch_put('/settings', function() {
     ynh_setting_set('server_name', $_POST['server_name']);
     ynh_setting_set('server_port', $_POST['server_port']);
     ynh_setting_set('server_proto', $_POST['server_proto']);
+    ynh_setting_set('dns0', $_POST['dns0']);
+    ynh_setting_set('dns1', $_POST['dns1']);
     ynh_setting_set('login_user', $_POST['login_user']);
     ynh_setting_set('login_passphrase', $_POST['login_passphrase']);
     ynh_setting_set('ip6_net', $ip6_net);

sources/i18n/fr_FR/LC_MESSAGES/localization.po

@@ -8,8 +8,8 @@ msgid ""
 msgstr ""
 "Project-Id-Version: data 2\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2015-07-25 10:42+0200\n"
-"PO-Revision-Date: 2015-07-25 10:50+0100\n"
+"POT-Creation-Date: 2015-09-28 16:51+0200\n"
+"PO-Revision-Date: 2015-09-28 16:52+0200\n"
 "Last-Translator: samy boutayeb <samy@langues-etcetera.fr>\n"
 "Language-Team: none\n"
 "Language: fr\n"
@@ -17,60 +17,64 @@ msgstr ""
 "Content-Type: text/plain; charset=UTF-8\n"
 "Content-Transfer-Encoding: 8bit\n"
 "Plural-Forms: nplurals=2; plural=(n > 1);\n"
-"X-Generator: Poedit 1.6.10\n"
+"X-Generator: Poedit 1.8.4\n"
 
-#: sources/controller.php:100
+#: sources/controller.php:102
 msgid "The Server Address, the Server Port and the Protocol cannot be empty"
 msgstr ""
 "L'adresse du serveur, le port du serveur et le protocole ne peuvent pas être "
 "vides"
 
-#: sources/controller.php:104
+#: sources/controller.php:106
 msgid "The Server Port must be only composed of digits"
 msgstr "Le port du serveur ne peut correspondre qu'à des chiffres"
 
-#: sources/controller.php:108
+#: sources/controller.php:110
 msgid "The Protocol must be \"udp\" or \"tcp\""
 msgstr "Le protocole ne peut correspondre qu'à \"udp\" ou \"tcp\""
 
 #: sources/controller.php:114
+msgid "You need to define two DNS resolver addresses"
+msgstr "Vous devez définir deux adresses de résolveur DNS"
+
+#: sources/controller.php:120
 msgid "A Client Certificate is needed when you suggest a Key, or vice versa"
 msgstr ""
 "Un certificat client est nécessaire si vous proposez une clé, et inversement"
 
-#: sources/controller.php:118
+#: sources/controller.php:124
 msgid "A Password is needed when you suggest a Username, or vice versa"
 msgstr ""
 "Un mot de passe est nécessaire si vous proposez un nom d'utilisateur, et "
 "inversement"
 
-#: sources/controller.php:122
+#: sources/controller.php:128
 msgid "You need a Server CA."
 msgstr "Vous ne pouvez pas ne pas avoir de CA de serveur"
 
-#: sources/controller.php:126
+#: sources/controller.php:132
 msgid "You need either a Client Certificate, either a Username, or both"
 msgstr ""
 "Vous devez avoir soit un certificat client, soit un nom d'utilisateur, soit "
 "les deux"
 
-#: sources/controller.php:133
+#: sources/controller.php:139
 msgid "The IPv6 Delegated Prefix format looks bad"
 msgstr "Le format du préfixe IPv6 délégué semble incorrect"
 
-#: sources/controller.php:144
+#: sources/controller.php:150
 msgid "configuration not updated"
 msgstr "configuration non-mise à jour"
 
-#: sources/controller.php:189
+#: sources/controller.php:197
 msgid "Configuration updated and service successfully reloaded"
 msgstr "Configuration mise à jour et service correctement rechargé"
 
-#: sources/controller.php:191
+#: sources/controller.php:199
 msgid "Configuration updated but service reload failed"
 msgstr "Configuration mise à jour mais le rechargement du service a échoué"
 
-#: sources/controller.php:195
+#: sources/controller.php:203
 msgid "Service successfully disabled"
 msgstr "Service désactivé avec succès"
 
@@ -82,8 +86,8 @@ msgstr "Client VPN"
 msgid "Error"
 msgstr "Erreur"
 
-#: sources/views/layout.html.php:54 sources/views/settings.html.php:125
-#: sources/views/settings.html.php:165
+#: sources/views/layout.html.php:54 sources/views/settings.html.php:117
+#: sources/views/settings.html.php:157
 msgid "Notice"
 msgstr "Notice"
 
@@ -161,23 +165,11 @@ msgstr ""
 msgid "TCP"
 msgstr "TCP"
 
-#: sources/views/settings.html.php:94
-msgid "Edit the raw configuration only if you know what you do!"
-msgstr "N'éditez la configuration brute que si vous savez ce que vous faites !"
-
-#: sources/views/settings.html.php:94 sources/views/settings.html.php:99
-msgid "Advanced"
-msgstr "Avancé"
-
-#: sources/views/settings.html.php:109
-msgid "IPv6"
-msgstr "IPv6"
+#: sources/views/settings.html.php:92
+msgid "Delegated prefix (IPv6)"
+msgstr "Préfixe délégué (IPv6)"
 
-#: sources/views/settings.html.php:114
-msgid "Delegated prefix"
-msgstr "Préfixe délégué"
-
-#: sources/views/settings.html.php:116
+#: sources/views/settings.html.php:94
 msgid ""
 "Leave empty if your Internet Service Provider does not give you a delegated "
 "prefix"
@@ -185,7 +177,15 @@ msgstr ""
 "Laissez vide si votre Fournisseur d'Accès à Internet ne vous fournit pas de "
 "préfixe délégué."
 
-#: sources/views/settings.html.php:125
+#: sources/views/settings.html.php:101
+msgid "Edit the raw configuration only if you know what you do!"
+msgstr "N'éditez la configuration brute que si vous savez ce que vous faites !"
+
+#: sources/views/settings.html.php:101 sources/views/settings.html.php:106
+msgid "Advanced"
+msgstr "Avancé"
+
+#: sources/views/settings.html.php:117
 msgid ""
 "You need to upload a Client Certificate, or define a Username (or both) for "
 "starting your VPN Client."
@@ -193,83 +193,107 @@ msgstr ""
 "Vous devez téléverser le certificat du client, ou définir un nom "
 "d'utilisateur (ou les deux) pour démarrer votre client VPN."
 
-#: sources/views/settings.html.php:131
-msgid "Certificates"
-msgstr "Certificats"
+#: sources/views/settings.html.php:123
+msgid "Authentication"
+msgstr "Authentification"
 
-#: sources/views/settings.html.php:136
+#: sources/views/settings.html.php:128
 msgid "Update Client Cert."
 msgstr "Actualiser le certificat client"
 
-#: sources/views/settings.html.php:136
+#: sources/views/settings.html.php:128
 msgid "Upload Client Cert."
 msgstr "Téléverser le certificat client"
 
-#: sources/views/settings.html.php:139 sources/views/settings.html.php:152
+#: sources/views/settings.html.php:131 sources/views/settings.html.php:144
 msgid "Delete this certificate"
 msgstr "Supprimer ce certificat"
 
-#: sources/views/settings.html.php:144 sources/views/settings.html.php:157
-#: sources/views/settings.html.php:177
+#: sources/views/settings.html.php:136 sources/views/settings.html.php:149
+#: sources/views/settings.html.php:169
 msgid "Browse"
 msgstr "Parcourir"
 
-#: sources/views/settings.html.php:149
+#: sources/views/settings.html.php:141
 msgid "Update Client Key"
 msgstr "Actualiser la clé client"
 
-#: sources/views/settings.html.php:149
+#: sources/views/settings.html.php:141
 msgid "Upload Client Key"
 msgstr "Téléverser la clé client"
 
-#: sources/views/settings.html.php:155
+#: sources/views/settings.html.php:147
 msgid "Make sure your browser is able to read the key file before uploading"
 msgstr ""
 "Assurez-vous que votre navigateur peut lire le fichier contenant la clé "
 "avant de le téléverser"
 
-#: sources/views/settings.html.php:157
+#: sources/views/settings.html.php:149
 msgid "make sure your browser is able to read the key file before uploading"
 msgstr ""
 "assurez-vous que votre navigateur peut lire le fichier contenant la clé "
 "avant de le téléverser"
 
-#: sources/views/settings.html.php:165
+#: sources/views/settings.html.php:157
 msgid "You need to upload a Server CA for starting your VPN Client."
 msgstr "Vous devez transférer un CA de serveur pour démarrer votre client VPN."
 
-#: sources/views/settings.html.php:169
+#: sources/views/settings.html.php:161
 msgid "Update Server CA"
 msgstr "Actualiser le CA du serveur"
 
-#: sources/views/settings.html.php:169
+#: sources/views/settings.html.php:161
 msgid "Upload Server CA"
 msgstr "Transférer le CA du serveur"
 
-#: sources/views/settings.html.php:172
+#: sources/views/settings.html.php:164
 msgid "You cannot have no server CA"
 msgstr "Vous ne pouvez pas ne pas avoir de CA de serveur"
 
-#: sources/views/settings.html.php:185
-msgid "Login"
-msgstr "Identifiant"
-
-#: sources/views/settings.html.php:190
+#: sources/views/settings.html.php:174
 msgid "Username"
 msgstr "Nom d'utilisateur"
 
-#: sources/views/settings.html.php:192 sources/views/settings.html.php:199
+#: sources/views/settings.html.php:176 sources/views/settings.html.php:183
 msgid "Leave empty if not necessary"
 msgstr "Laisser vide si non nécessaire"
 
-#: sources/views/settings.html.php:197
+#: sources/views/settings.html.php:181
 msgid "Password"
 msgstr "Mot de passe"
 
-#: sources/views/settings.html.php:207
+#: sources/views/settings.html.php:191
+msgid "DNS"
+msgstr "DNS"
+
+#: sources/views/settings.html.php:196
+msgid "First resolver"
+msgstr "Premier résolveur"
+
+#: sources/views/settings.html.php:198 sources/views/settings.html.php:205
+msgid "IPv6 or IPv4"
+msgstr "IPv6 ou IPv4"
+
+#: sources/views/settings.html.php:203
+msgid "Second resolver"
+msgstr "Second résolveur"
+
+#: sources/views/settings.html.php:213
 msgid "Reloading may take a few minutes. Be patient."
 msgstr "Le rechargement peut prendre quelques minutes. Soyez patient."
 
-#: sources/views/settings.html.php:207
+#: sources/views/settings.html.php:213
 msgid "Save and reload"
 msgstr "Sauvegarder et recharger"
+
+#~ msgid "IPv6"
+#~ msgstr "IPv6"
+
+#~ msgid "Delegated prefix"
+#~ msgstr "Préfixe délégué"
+
+#~ msgid "Certificates"
+#~ msgstr "Certificats"
+
+#~ msgid "Login"
+#~ msgstr "Identifiant"

sources/i18n/localization.pot

@@ -8,7 +8,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2015-07-25 10:42+0200\n"
+"POT-Creation-Date: 2015-09-28 16:51+0200\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -17,51 +17,55 @@ msgstr ""
 "Content-Type: text/plain; charset=CHARSET\n"
 "Content-Transfer-Encoding: 8bit\n"
 
-#: sources/controller.php:100
+#: sources/controller.php:102
 msgid "The Server Address, the Server Port and the Protocol cannot be empty"
 msgstr ""
 
-#: sources/controller.php:104
+#: sources/controller.php:106
 msgid "The Server Port must be only composed of digits"
 msgstr ""
 
-#: sources/controller.php:108
+#: sources/controller.php:110
 msgid "The Protocol must be \"udp\" or \"tcp\""
 msgstr ""
 
 #: sources/controller.php:114
+msgid "You need to define two DNS resolver addresses"
+msgstr ""
+
+#: sources/controller.php:120
 msgid "A Client Certificate is needed when you suggest a Key, or vice versa"
 msgstr ""
 
-#: sources/controller.php:118
+#: sources/controller.php:124
 msgid "A Password is needed when you suggest a Username, or vice versa"
 msgstr ""
 
-#: sources/controller.php:122
+#: sources/controller.php:128
 msgid "You need a Server CA."
 msgstr ""
 
-#: sources/controller.php:126
+#: sources/controller.php:132
 msgid "You need either a Client Certificate, either a Username, or both"
 msgstr ""
 
-#: sources/controller.php:133
+#: sources/controller.php:139
 msgid "The IPv6 Delegated Prefix format looks bad"
 msgstr ""
 
-#: sources/controller.php:144
+#: sources/controller.php:150
 msgid "configuration not updated"
 msgstr ""
 
-#: sources/controller.php:189
+#: sources/controller.php:197
 msgid "Configuration updated and service successfully reloaded"
 msgstr ""
 
-#: sources/controller.php:191
+#: sources/controller.php:199
 msgid "Configuration updated but service reload failed"
 msgstr ""
 
-#: sources/controller.php:195
+#: sources/controller.php:203
 msgid "Service successfully disabled"
 msgstr ""
 
@@ -73,8 +77,8 @@ msgstr ""
 msgid "Error"
 msgstr ""
 
-#: sources/views/layout.html.php:54 sources/views/settings.html.php:125
-#: sources/views/settings.html.php:165
+#: sources/views/layout.html.php:54 sources/views/settings.html.php:117
+#: sources/views/settings.html.php:157
 msgid "Notice"
 msgstr ""
 
@@ -149,107 +153,115 @@ msgstr ""
 msgid "TCP"
 msgstr ""
 
-#: sources/views/settings.html.php:94
-msgid "Edit the raw configuration only if you know what you do!"
+#: sources/views/settings.html.php:92
+msgid "Delegated prefix (IPv6)"
 msgstr ""
 
-#: sources/views/settings.html.php:94 sources/views/settings.html.php:99
-msgid "Advanced"
-msgstr ""
-
-#: sources/views/settings.html.php:109
-msgid "IPv6"
+#: sources/views/settings.html.php:94
+msgid ""
+"Leave empty if your Internet Service Provider does not give you a delegated "
+"prefix"
 msgstr ""
 
-#: sources/views/settings.html.php:114
-msgid "Delegated prefix"
+#: sources/views/settings.html.php:101
+msgid "Edit the raw configuration only if you know what you do!"
 msgstr ""
 
-#: sources/views/settings.html.php:116
-msgid ""
-"Leave empty if your Internet Service Provider does not give you a delegated "
-"prefix"
+#: sources/views/settings.html.php:101 sources/views/settings.html.php:106
+msgid "Advanced"
 msgstr ""
 
-#: sources/views/settings.html.php:125
+#: sources/views/settings.html.php:117
 msgid ""
 "You need to upload a Client Certificate, or define a Username (or both) for "
 "starting your VPN Client."
 msgstr ""
 
-#: sources/views/settings.html.php:131
-msgid "Certificates"
+#: sources/views/settings.html.php:123
+msgid "Authentication"
 msgstr ""
 
-#: sources/views/settings.html.php:136
+#: sources/views/settings.html.php:128
 msgid "Update Client Cert."
 msgstr ""
 
-#: sources/views/settings.html.php:136
+#: sources/views/settings.html.php:128
 msgid "Upload Client Cert."
 msgstr ""
 
-#: sources/views/settings.html.php:139 sources/views/settings.html.php:152
+#: sources/views/settings.html.php:131 sources/views/settings.html.php:144
 msgid "Delete this certificate"
 msgstr ""
 
-#: sources/views/settings.html.php:144 sources/views/settings.html.php:157
-#: sources/views/settings.html.php:177
+#: sources/views/settings.html.php:136 sources/views/settings.html.php:149
+#: sources/views/settings.html.php:169
 msgid "Browse"
 msgstr ""
 
-#: sources/views/settings.html.php:149
+#: sources/views/settings.html.php:141
 msgid "Update Client Key"
 msgstr ""
 
-#: sources/views/settings.html.php:149
+#: sources/views/settings.html.php:141
 msgid "Upload Client Key"
 msgstr ""
 
-#: sources/views/settings.html.php:155
+#: sources/views/settings.html.php:147
 msgid "Make sure your browser is able to read the key file before uploading"
 msgstr ""
 
-#: sources/views/settings.html.php:157
+#: sources/views/settings.html.php:149
 msgid "make sure your browser is able to read the key file before uploading"
 msgstr ""
 
-#: sources/views/settings.html.php:165
+#: sources/views/settings.html.php:157
 msgid "You need to upload a Server CA for starting your VPN Client."
 msgstr ""
 
-#: sources/views/settings.html.php:169
+#: sources/views/settings.html.php:161
 msgid "Update Server CA"
 msgstr ""
 
-#: sources/views/settings.html.php:169
+#: sources/views/settings.html.php:161
 msgid "Upload Server CA"
 msgstr ""
 
-#: sources/views/settings.html.php:172
+#: sources/views/settings.html.php:164
 msgid "You cannot have no server CA"
 msgstr ""
 
-#: sources/views/settings.html.php:185
-msgid "Login"
-msgstr ""
-
-#: sources/views/settings.html.php:190
+#: sources/views/settings.html.php:174
 msgid "Username"
 msgstr ""
 
-#: sources/views/settings.html.php:192 sources/views/settings.html.php:199
+#: sources/views/settings.html.php:176 sources/views/settings.html.php:183
 msgid "Leave empty if not necessary"
 msgstr ""
 
-#: sources/views/settings.html.php:197
+#: sources/views/settings.html.php:181
 msgid "Password"
 msgstr ""
 
-#: sources/views/settings.html.php:207
+#: sources/views/settings.html.php:191
+msgid "DNS"
+msgstr ""
+
+#: sources/views/settings.html.php:196
+msgid "First resolver"
+msgstr ""
+
+#: sources/views/settings.html.php:198 sources/views/settings.html.php:205
+msgid "IPv6 or IPv4"
+msgstr ""
+
+#: sources/views/settings.html.php:203
+msgid "Second resolver"
+msgstr ""
+
+#: sources/views/settings.html.php:213
 msgid "Reloading may take a few minutes. Be patient."
 msgstr ""
 
-#: sources/views/settings.html.php:207
+#: sources/views/settings.html.php:213
 msgid "Save and reload"
 msgstr ""

sources/views/settings.html.php

@@ -88,6 +88,13 @@
             </div>
           </div>
 
+          <div class="form-group">
+            <label for="ip6_net" class="col-sm-3 control-label"><?= _('Delegated prefix (IPv6)') ?></label>
+            <div class="col-sm-9">
+              <input type="text" data-toggle="tooltip" data-title="<?= _('Leave empty if your Internet Service Provider does not give you a delegated prefix') ?>" class="form-control" name="ip6_net" id="ip6_net" placeholder="2001:db8:42::" value="<?= $ip6_net ?>" />
+            </div>
+          </div>
+
           <div class="form-group" id="raw_openvpn_btnpanel">
             <label class="col-sm-3 control-label"></label>
             <div class="col-sm-9">
@@ -104,21 +111,6 @@
         </div>
       </div>
 
-      <div class="panel panel-default enabled" <?= $service_enabled == 0 ? 'style="display: none"' : '' ?>>
-        <div class="panel-heading">
-          <h3 class="panel-title"><?= _("IPv6") ?></h3>
-        </div>
-
-        <div style="padding: 14px 14px 0 10px">
-          <div class="form-group">
-            <label for="ip6_net" class="col-sm-3 control-label"><?= _('Delegated prefix') ?></label>
-            <div class="col-sm-9">
-              <input type="text" data-toggle="tooltip" data-title="<?= _('Leave empty if your Internet Service Provider does not give you a delegated prefix') ?>" class="form-control" name="ip6_net" id="ip6_net" placeholder="2001:db8:42::" value="<?= $ip6_net ?>" />
-            </div>
-          </div>
-        </div>
-      </div>
-
       <?php if(!$crt_client_key_exists && empty($login_user)): ?>
         <div class="alert alert-dismissible alert-warning fade in enabled" <?= $service_enabled == 0 ? 'style="display: none"' : '' ?> style="margin: 2px 0px 17px" role="alert">
           <button type="button" class="close" data-dismiss="alert"><span aria-hidden="true">&times;</span><span class="sr-only">Close</span></button>
@@ -128,7 +120,7 @@
 
       <div class="panel panel-default enabled" <?= $service_enabled == 0 ? 'style="display: none"' : '' ?>>
         <div class="panel-heading">
-          <h3 class="panel-title"><?= _("Certificates") ?></h3>
+          <h3 class="panel-title"><?= _("Authentication") ?></h3>
         </div>
 
         <div style="padding: 14px 14px 0 10px">
@@ -177,26 +169,40 @@
               <a class="btn input-group-addon fileinput" id="crt_server_ca_chooserbtn" data-toggle="tooltip" data-title="<?= _('Browse') ?>"><span class="glyphicon glyphicon-search"></span></a>
             </div>
           </div>
+
+          <div class="form-group">
+            <label for="login_user" class="col-sm-3 control-label"><?= _('Username') ?></label>
+            <div class="col-sm-9">
+              <input type="text" data-toggle="tooltip" data-title="<?= _('Leave empty if not necessary') ?>" class="form-control" name="login_user" id="login_user" placeholder="michu" value="<?= $login_user ?>" />
+            </div>
+          </div>
+
+          <div class="form-group">
+            <label for="login_passphrase" class="col-sm-3 control-label"><?= _('Password') ?></label>
+            <div class="col-sm-9">
+              <input type="text" data-toggle="tooltip" data-title="<?= _('Leave empty if not necessary') ?>" class="form-control" name="login_passphrase" id="login_passphrase" placeholder="XVCwSbDkxnqQ" value="<?= $login_passphrase ?>" />
+            </div>
+          </div>
         </div>
       </div>
 
       <div class="panel panel-default enabled" <?= $service_enabled == 0 ? 'style="display: none"' : '' ?>>
         <div class="panel-heading">
-          <h3 class="panel-title"><?= _("Login") ?></h3>
+          <h3 class="panel-title"><?= _("DNS") ?></h3>
         </div>
 
         <div style="padding: 14px 14px 0 10px">
           <div class="form-group">
-            <label for="login_user" class="col-sm-3 control-label"><?= _('Username') ?></label>
+            <label for="dns0" class="col-sm-3 control-label"><?= _('First resolver') ?></label>
             <div class="col-sm-9">
-              <input type="text" data-toggle="tooltip" data-title="<?= _('Leave empty if not necessary') ?>" class="form-control" name="login_user" id="login_user" placeholder="michu" value="<?= $login_user ?>" />
+              <input type="text" data-toggle="tooltip" data-title="<?= _('IPv6 or IPv4') ?>" class="form-control" name="dns0" id="dns0" placeholder="89.234.141.66" value="<?= $dns0 ?>" />
             </div>
           </div>
 
           <div class="form-group">
-            <label for="login_passphrase" class="col-sm-3 control-label"><?= _('Password') ?></label>
+            <label for="dns1" class="col-sm-3 control-label"><?= _('Second resolver') ?></label>
             <div class="col-sm-9">
-              <input type="text" data-toggle="tooltip" data-title="<?= _('Leave empty if not necessary') ?>" class="form-control" name="login_passphrase" id="login_passphrase" placeholder="XVCwSbDkxnqQ" value="<?= $login_passphrase ?>" />
+              <input type="text" data-toggle="tooltip" data-title="<?= _('IPv6 or IPv4') ?>" class="form-control" name="dns1" id="dns1" placeholder="2001:913::8" value="<?= $dns1 ?>" />
             </div>
           </div>
         </div>