diff options
| author | Christian Poessinger <christian@poessinger.com> | 2020-03-28 12:06:41 +0100 |
|---|---|---|
| committer | Christian Poessinger <christian@poessinger.com> | 2020-03-28 12:06:41 +0100 |
| commit | 792c00a018d0b237996e60845edf8ad970c4afbb (patch) | |
| tree | 15bea8859399c540db517c46bd78e75a5e005e78 /src/conf_mode/interfaces-openvpn.py | |
| parent | a0424f9c6a4cf813934d5a3bc877fddae6eb99de (diff) | |
| parent | 822e171a0023c3f8f335cda08bcbf70b2d6d4070 (diff) | |
| download | vyos-1x-792c00a018d0b237996e60845edf8ad970c4afbb.tar.gz vyos-1x-792c00a018d0b237996e60845edf8ad970c4afbb.zip | |
Merge branch 't1831-ipv6' into current
* t1831-ipv6:
ipv6: T1831: migrate eui64 addressing to XML and python
vyos.util: import cleanup
ipv6: T1831: migrate autoconf node
ipv6: T1831: use integers over bool in interface configuration
ipv6: T1831: migrate forwarding and dup-addr-detect-transmits nodes
ipv6: T1831: Makefile: remove node.def files in ipv6 folder
ifconfig: T2057: explicity name state functions
ifconfig: T2167: get_mac was not returning
ifconfig: T2057: add get_alias function
ifconfig: T2057: option forcing
merge config: T2169: remove redundant use of show_config
Diffstat (limited to 'src/conf_mode/interfaces-openvpn.py')
| -rwxr-xr-x | src/conf_mode/interfaces-openvpn.py | 35 |
1 files changed, 33 insertions, 2 deletions
diff --git a/src/conf_mode/interfaces-openvpn.py b/src/conf_mode/interfaces-openvpn.py index 155101f1d..17aa4697f 100755 --- a/src/conf_mode/interfaces-openvpn.py +++ b/src/conf_mode/interfaces-openvpn.py @@ -294,6 +294,10 @@ default_config_data = { 'encryption': '', 'hash': '', 'intf': '', + 'ipv6_autoconf': 0, + 'ipv6_eui64_prefix': '', + 'ipv6_forwarding': 1, + 'ipv6_dup_addr_detect': 1, 'ping_restart': '60', 'ping_interval': '10', 'local_address': '', @@ -490,6 +494,22 @@ def get_config(): if conf.exists('local-port'): openvpn['local_port'] = conf.return_value('local-port') + # Enable acquisition of IPv6 address using stateless autoconfig (SLAAC) + if conf.exists('ipv6 address autoconf'): + openvpn['ipv6_autoconf'] = 1 + + # Get prefix for IPv6 addressing based on MAC address (EUI-64) + if conf.exists('ipv6 address eui64'): + openvpn['ipv6_eui64_prefix'] = conf.return_value('ipv6 address eui64') + + # Disable IPv6 forwarding on this interface + if conf.exists('ipv6 disable-forwarding'): + openvpn['ipv6_forwarding'] = 0 + + # IPv6 Duplicate Address Detection (DAD) tries + if conf.exists('ipv6 dup-addr-detect-transmits'): + openvpn['ipv6_dup_addr_detect'] = int(conf.return_value('ipv6 dup-addr-detect-transmits')) + # OpenVPN operation mode if conf.exists('mode'): mode = conf.return_value('mode') @@ -1036,14 +1056,25 @@ def apply(openvpn): try: # we need to catch the exception if the interface is not up due to # reason stated above - VTunIf(openvpn['intf']).set_alias(openvpn['description']) + o = VTunIf(openvpn['intf']) + # update interface description used e.g. within SNMP + o.set_alias(openvpn['description']) + # IPv6 address autoconfiguration + o.set_ipv6_autoconf(openvpn['ipv6_autoconf']) + # IPv6 EUI-based address + o.set_ipv6_eui64_address(openvpn['ipv6_eui64_prefix']) + # IPv6 forwarding + o.set_ipv6_forwarding(openvpn['ipv6_forwarding']) + # IPv6 Duplicate Address Detection (DAD) tries + o.set_ipv6_dad_messages(openvpn['ipv6_dup_addr_detect']) + except: pass # TAP interface needs to be brought up explicitly if openvpn['type'] == 'tap': if not openvpn['disable']: - VTunIf(openvpn['intf']).set_state('up') + VTunIf(openvpn['intf']).set_admin_state('up') return None |