diff options
| author | Viacheslav <v.gletenko@vyos.io> | 2021-11-02 13:48:36 +0000 |
|---|---|---|
| committer | Viacheslav <v.gletenko@vyos.io> | 2021-11-02 13:48:42 +0000 |
| commit | dd036c62d1370f655a8d2075577597f24ffff7dc (patch) | |
| tree | f3d946c89b0bbaaf8dacf823072304ecab7923e0 /interface-definitions | |
| parent | 0c2384114e8abbd9c883a57729564c70c0a86eec (diff) | |
| download | vyos-1x-dd036c62d1370f655a8d2075577597f24ffff7dc.tar.gz vyos-1x-dd036c62d1370f655a8d2075577597f24ffff7dc.zip | |
sstp: T2566: Fix to allow IPv6 only pools
To allow IPv6 only for vpn sstp sessions we have to add
'ppp-options' which can disable IPv4 allocation explicity.
Additional IPv6 ppp-options and fix template for it.
Diffstat (limited to 'interface-definitions')
| -rw-r--r-- | interface-definitions/include/accel-ppp/ppp-options-ipv4.xml.i | 23 | ||||
| -rw-r--r-- | interface-definitions/include/accel-ppp/ppp-options-ipv6.xml.i | 31 | ||||
| -rw-r--r-- | interface-definitions/vpn_sstp.xml.in | 2 |
3 files changed, 56 insertions, 0 deletions
diff --git a/interface-definitions/include/accel-ppp/ppp-options-ipv4.xml.i b/interface-definitions/include/accel-ppp/ppp-options-ipv4.xml.i new file mode 100644 index 000000000..3e065329d --- /dev/null +++ b/interface-definitions/include/accel-ppp/ppp-options-ipv4.xml.i @@ -0,0 +1,23 @@ +<!-- include start from accel-ppp/ppp-options-ipv4.xml.i --> +<leafNode name="ipv4"> + <properties> + <help>IPv4 negotiation algorithm</help> + <constraint> + <regex>^(deny|allow)$</regex> + </constraint> + <constraintErrorMessage>invalid value</constraintErrorMessage> + <valueHelp> + <format>deny</format> + <description>Do not negotiate IPv4</description> + </valueHelp> + <valueHelp> + <format>allow</format> + <description>Negotiate IPv4 only if client requests</description> + </valueHelp> + <completionHelp> + <list>deny allow</list> + </completionHelp> + </properties> + <defaultValue>allow</defaultValue> +</leafNode> +<!-- include end --> diff --git a/interface-definitions/include/accel-ppp/ppp-options-ipv6.xml.i b/interface-definitions/include/accel-ppp/ppp-options-ipv6.xml.i new file mode 100644 index 000000000..b9fbac5c6 --- /dev/null +++ b/interface-definitions/include/accel-ppp/ppp-options-ipv6.xml.i @@ -0,0 +1,31 @@ +<!-- include start from accel-ppp/ppp-options-ipv6.xml.i --> +<leafNode name="ipv6"> + <properties> + <help>IPv6 (IPCP6) negotiation algorithm</help> + <constraint> + <regex>^(deny|allow|prefer|require)$</regex> + </constraint> + <constraintErrorMessage>invalid value</constraintErrorMessage> + <valueHelp> + <format>deny</format> + <description>Do not negotiate IPv6</description> + </valueHelp> + <valueHelp> + <format>allow</format> + <description>Negotiate IPv6 only if client requests</description> + </valueHelp> + <valueHelp> + <format>prefer</format> + <description>Ask client for IPv6 negotiation, do not fail if it rejects</description> + </valueHelp> + <valueHelp> + <format>require</format> + <description>Require IPv6 negotiation</description> + </valueHelp> + <completionHelp> + <list>deny allow prefer require</list> + </completionHelp> + </properties> + <defaultValue>deny</defaultValue> +</leafNode> +<!-- include end --> diff --git a/interface-definitions/vpn_sstp.xml.in b/interface-definitions/vpn_sstp.xml.in index 5406ede41..ad905a1f0 100644 --- a/interface-definitions/vpn_sstp.xml.in +++ b/interface-definitions/vpn_sstp.xml.in @@ -43,6 +43,8 @@ </properties> <children> #include <include/accel-ppp/ppp-mppe.xml.i> + #include <include/accel-ppp/ppp-options-ipv4.xml.i> + #include <include/accel-ppp/ppp-options-ipv6.xml.i> #include <include/accel-ppp/lcp-echo-interval-failure.xml.i> #include <include/accel-ppp/lcp-echo-timeout.xml.i> </children> |