<lexicon lang="zh-cn">
	<entry>
    	<base>FORM_TITLE</base>
    	<trans>Bridged OpenVPN daemon configuration</trans>
    </entry>

	<entry>
    	<base>DESC_FIRST_PAGE</base>
    	<trans><![CDATA[This page lets you manage a bridged OpenVPN daemon.<br> Bridged mode allows VPN clients to have an IP address in the local network, thus, they have access to every ressources of your local network.<br><br>]]></trans>
    </entry>

	<entry>
    	<base>LABEL_STATUS</base>
    	<trans>服务状态</trans>
    </entry>

	<entry>
    	<base>LABEL_AUTH_TYPE</base>
    	<trans>认证模式</trans>
    </entry>

	<entry>
    	<base>LABEL_IP_POOL</base>
    	<trans>IP 地址范围</trans>
    </entry>

	<entry>
    	<base>DESC_RULE_BUTTON</base>
    	<trans>规则配置管理</trans>
    </entry>

	<entry>
    	<base>DESC_SHOW_CLIENTS_BUTTON</base>
    	<trans>显示已连接的客户端</trans>
    </entry>

	<entry>
    	<base>DESC_CONFIG_BUTTON</base>
    	<trans>服务配置</trans>
    </entry>

	<entry>
    	<base>DESC_CRT_CONFIG_BUTTON</base>
    	<trans>证书配置</trans>
    </entry>

	<entry>
    	<base>LABEL_CRT_STATUS</base>
    	<trans>证书状态</trans>
    </entry>

	<entry>
    	<base>CRT_CONFIG_ERROR</base>
    	<trans><![CDATA[<span style="color:red">There's a problem with the configuration of your certificates, you should check it.</span>]]></trans>
    </entry>

	<entry>
    	<base>CRT_CONFIG_OK</base>
    	<trans><![CDATA[<span style="color:green">Certificates are ready</span>]]></trans>
    </entry>

	<entry>
    	<base>CRT_ONLY</base>
    	<trans>Certificate only</trans>
    </entry>

	<entry>
    	<base>CRT_WITH_PASS</base>
    	<trans>Certificate and login/password</trans>
    </entry>

	<entry>
    	<base>DESC_RULES_PAGE</base>
    	<trans><![CDATA[This page lets you create configuration "rules". Depending on the certificate of a client, you can:<br> - Give him a fixed IP address<br> - Configure the gateway redirection<br> - Temporarily denied the access<br> ]]></trans>
    </entry>

	<entry>
    	<base>DESC_RULES</base>
    	<trans><![CDATA[<b>Actual rules</b>]]></trans>
    </entry>
NO_RULE
	<entry>
    	<base>NO_RULE</base>
    	<trans><![CDATA[<b>There's no rule]]></trans>
    </entry>

	<entry>
    	<base>DESC_ADD_RULE_BUTTON</base>
    	<trans>添加规则</trans>
    </entry>

	<entry>
    	<base>COMMON_NAME</base>
    	<trans>通用名称</trans>
    </entry>

	<entry>
    	<base>IP_ADDRESS</base>
    	<trans>IP地址</trans>
    </entry>

	<entry>
    	<base>COMMENT</base>
    	<trans>备注</trans>
    </entry>

	<entry>
    	<base>GATEWAY_REDIRECTION</base>
    	<trans>网关重定向</trans>
    </entry>

	<entry>
    	<base>ACCESS</base>
    	<trans>访问</trans>
    </entry>

	<entry>
    	<base>MODIFY</base>
    	<trans>修改</trans>
    </entry>

	<entry>
    	<base>REMOVE</base>
    	<trans>移除</trans>
    </entry>

	<entry>
    	<base>DYNAMIC</base>
    	<trans>动态的</trans>
    </entry>

	<entry>
    	<base>ENABLED</base>
    	<trans>启用</trans>
    </entry>

	<entry>
    	<base>DISABLED</base>
    	<trans>禁用</trans>
    </entry>

	<entry>
    	<base>ALLOWED</base>
    	<trans>允许的</trans>
    </entry>

	<entry>
    	<base>DENIED</base>
    	<trans>拒绝的</trans>
    </entry>

	<entry>
    	<base>DESC_ADD_OR_MODIFY_PAGE</base>
    	<trans><![CDATA[<b>Create or modify</b>]]></trans>
    </entry>

	<entry>
    	<base>DESC_COMMON_NAME</base>
    	<trans>Enter a common name. If a client connects with a certificates which has this common name, the coresponding configuration will be applied.</trans>
    </entry>

	<entry>
    	<base>DESC_COMMENT</base>
    	<trans>请输入注释（可选项）</trans>
   </entry>

	<entry>
    	<base>DESC_RESERVED_IP</base>
    	<trans>如果输入IP地址， 它就会与客户端证书相关联。该IP地址必须在本地网络（但可以在VPN分配范围之外）。请确保这个IP没有被本地其他机器占用。</trans>
    </entry>

	<entry>
    	<base>LABEL_RESERVED_IP</base>
    	<trans>预设IP地址</trans>
    </entry>

	<entry>
    	<base>DESC_GW_REDIRECTION</base>
    	<trans><![CDATA[Gateway redirection will forward all your client's traffic throught the VPN. This can protect their data when they connects from unsecure networks like WiFi hotspots. <b>Warning</b>: enabling this option can slow down your internet access (for both your client and your local networks)]]></trans>
    </entry>

	<entry>
    	<base>LABEL_GW_REDIRECTION</base>
    	<trans>网关重定向</trans>
    </entry>

	<entry>
    	<base>DESC_ACCESS</base>
    	<trans>您可以临时阻止某个客户端访问。这只具有临时的安全性。如果您想要永久禁止某个客户端，您只需删除它的证书即可。</trans>
    </entry>

	<entry>
    	<base>DESC_REMOVE_PAGE</base>
    	<trans><![CDATA[<b>You are about to remove the following rule:</b>]]></trans>
    </entry>

	<entry>
    	<base>DESC_CONNECTED_CLIENTS_PAGE</base>
    	<trans><![CDATA[This page will show you actually connected clients]]></trans>
    </entry>

	<entry>
    	<base>REFRESH</base>
    	<trans>刷新</trans>
    </entry>

	<entry>
    	<base>ERROR_CONNECT_TO_MANAGER</base>
    	<trans><![CDATA[<b>An error occured while connecting to the manager. Check the service is running.</b>]]></trans>
    </entry>

	<entry>
    	<base>NO_CLIENTS_CONNECTED</base>
    	<trans><![CDATA[<b>There's no client connected at this time.</b>]]></trans>
    </entry>

	<entry>
    	<base>DESC_CONFIG_PAGE</base>
    	<trans>这个页面允许您配置服务</trans>
    </entry>

	<entry>
    	<base>DESC_STATUS</base>
    	<trans>是否启用该服务？</trans>
    </entry>

	<entry>
    	<base>DESC_AUTH_TYPE</base>
    	<trans>请选择认证模式。“只需要证书”选项无须人机交互，但它的安全性不如“证书和账户及密码”。</trans>
    </entry>

	<entry>
    	<base>DESC_START_POOL</base>
    	<trans>您必须选择VPN客户端的IP地址范围。IP地址范围必须在本地网络之内。请检查这个范围内的IP没有被其它机器占用。请输入起始IP地址</trans>
    </entry>

	<entry>
    	<base>LABEL_START_POOL</base>
    	<trans>第一个IP地址</trans>
    </entry>

	<entry>
    	<base>DESC_END_POOL</base>
    	<trans>请输入最后一个IP地址</trans>
    </entry>

	<entry>
    	<base>LABEL_END_POOL</base>
    	<trans>最后一个IP地址</trans>
    </entry>

	<entry>
    	<base>DESC_CRT_CONFIG_PAGE</base>
    	<trans><![CDATA[This page lets you configure the certification files used by OpenVPN daemon. OpenVPN needs the following files:<br> - An authoritative certificate (CA). This certificate is used to check the clients certificates<br> - A server certificate. It will be presented to the client so they are sure they are connecting to your server<br> - The secret key associated with the server certificate<br> - A Diffie-Helman parameter file. It will allow dynamic key exchange<br> - A shared secret key. This key will allow an additional TLS authentication<br>]]></trans>
    </entry>

	<entry>
    	<base>DESC_CA_PEM</base>
    	<trans>Enter the master certificate in pem format</trans>
    </entry>

	<entry>
    	<base>DESC_CRT_PEM</base>
    	<trans>Enter the server certificate in pem format</trans>
    </entry>

	<entry>
    	<base>DESC_KEY_PEM</base>
    	<trans>Enter the secret key associated with the server certificate, in pem format</trans>
    </entry>

	<entry>
    	<base>DESC_DH_PEM</base>
    	<trans>Enter Diffie-Helman parameters</trans>
    </entry>

	<entry>
    	<base>DESC_TA_PEM</base>
    	<trans>Enter the static shared key. This key will be used for an additional authentication. This key is optional, but it can harden the security</trans>
    </entry>

	<entry>
    	<base>SUCCESS</base>
    	<trans>新的设置已被保存</trans>
    </entry>

	<entry>
    	<base>NOT_A_VALID_IP</base>
    	<trans>您输入了无效的IP地址</trans>
    </entry>

	<entry>
    	<base>NOT_IN_LOCAL_NET</base>
    	<trans>必须输入本地网络的IP地址</trans>
    </entry>

	<entry>
    	<base>SHOW_SAMPLE_CONFIG</base>
    	<trans>Display a functional client configuration file</trans>
    </entry>

	<entry>
    	<base>DESC_DISPLAY_CLIENT_CONF</base>
    	<trans><![CDATA[This is a sample configuration file to be used on clients.<br>You also have to download the certification file in # PKCS12 format (which contains the CA certificate, the user certificate and the user secret key).<br>]]></trans>
    </entry>

	<entry>
    	<base>REAL_IP</base>
    	<trans>真实IP地址</trans>
    </entry>

	<entry>
    	<base>VIRTUAL_IP</base>
    	<trans>VPN IP 地址</trans>
    </entry>

	<entry>
    	<base>SENT</base>
    	<trans>发送字节</trans>
    </entry>

	<entry>
    	<base>RECEIVED</base>
    	<trans>收到字节</trans>
    </entry>

	<entry>
    	<base>CONNECTED_SINCE</base>
    	<trans>连接始于</trans>
    </entry>

	<entry>
    	<base>DISCONNECT</base>
    	<trans>断开</trans>
    </entry>

	<entry>
    	<base>BAD_VALUE</base>
    	<trans>不正确的值</trans>
    </entry>


	<entry>
    	<base>CANCELED</base>
    	<trans>删除的</trans>
    </entry>
	
	<entry>
    	<base>DESC_CLIENT_DISCONECT_PAGE</base>
    	<trans>即将断开这个用户。是否继续？</trans>
    </entry>
	
	<entry>
    	<base>CLIENT_DISCONNECTED</base>
    	<trans>客户端已被断开</trans>
    </entry>

	<entry>
    	<base>INVALID_CHARS</base>
    	<trans>"{$string}" 包含被禁止的字符</trans>
    </entry>

	<entry>
    	<base>BRIDGE_NOT_ENABLED</base>
    	<trans><![CDATA[<span style="color:red">The bridge service must be enabled.<br>The following commands will enable it:<br>db configuration setprop bridge status enabled<br>/etc/init.d/bridge start</span><br><br>]]></trans>
    </entry>

	<entry>
    	<base>NOT_A_VALID_URL</base>
    	<trans>"{$string}" 不是有效的URL</trans>
    </entry>

	<entry>
    	<base>DESC_CRL_URL</base>
    	<trans>Enter the URL to update the CRL. (if phpki runs on the same server, you can let the default value)</trans>
    </entry>

	<entry>
    	<base>LABEL_CRL_URL</base>
    	<trans>URL to update the CRL</trans>
    </entry>

	<entry>
    	<base>LABEL_CA_PEM</base>
    	<trans>CA 证书</trans>
    </entry>

	<entry>
    	<base>LABEL_CRT_PEM</base>
    	<trans>服务器证书</trans>
    </entry>

	<entry>
    	<base>LABEL_KEY_PEM</base>
    	<trans>服务器私钥</trans>
    </entry>

	<entry>
    	<base>LABEL_DH_PEM</base>
    	<trans>DH parameters</trans>
    </entry>

	<entry>
    	<base>LABEL_TA_PEM</base>
    	<trans>Static key</trans>
    </entry>
    <entry>
        <base>DESC_HMAC</base>
        <trans>HMAC is part of the encryption of the data channel for openvpn (where your data travel) after encryption with the cipher. Default is the insecure SHA1, we suggest you to at least use SHA256. This setting should match on both the server and the client</trans>
    </entry>
    <entry>
        <base>LABEL_HMAC</base>
        <trans>HMAC algorithm</trans>
    </entry>
    <entry>
        <base>DESC_CIPHER</base>
        <trans>The cipher used for your data channel for openvpn. The default is to use the insecure BlowFish algorithm. We suggest you the AES-128-CBC or higher. This setting should match on both the server and the client.</trans>
    </entry>
    <entry>
        <base>LABEL_CIPHER</base>
        <trans>Cipher encryption algorithm</trans>
    </entry>
    <entry>
        <base>LINK</base>
        <trans>mailman状态</trans>
    </entry>
    <entry>
        <base>UP</base>
        <trans>Up</trans>
    </entry>
    <entry>
        <base>SYSTEMD_RETURNED</base>
        <trans>Systemd returned service as</trans>
    </entry>
    <entry>
        <base>CHANGEME_INSECURE</base>
        <trans>Please change this insecure parameter</trans>
    </entry>
    <entry>
        <base>SUGGESTED</base>
        <trans>当前值</trans>
    </entry>
    <entry>
        <base>DEFAULT</base>
        <trans>默认</trans>
    </entry>
    <entry>
        <base>ERROR</base>
        <trans>错误</trans>
    </entry>

</lexicon>
