diff options
| author | Christian Poessinger <christian@poessinger.com> | 2019-09-22 19:13:07 +0200 |
|---|---|---|
| committer | Christian Poessinger <christian@poessinger.com> | 2019-09-22 19:13:07 +0200 |
| commit | 79a655a12875f5f152abba2d17eb6a1033b59131 (patch) | |
| tree | 5a75960039a0dd81608b5a38351a8c8314cabccf /src/conf_mode/ipoe_server.py | |
| parent | c4d0b9ed4736911d341efdebf34997e6cee8c5a8 (diff) | |
| parent | 2b9c84594a693c66b949183a25cc32dfcdee72e1 (diff) | |
| download | vyos-1x-79a655a12875f5f152abba2d17eb6a1033b59131.tar.gz vyos-1x-79a655a12875f5f152abba2d17eb6a1033b59131.zip | |
Merge branch 'current' of github.com:vyos/vyos-1x into equuleus
* 'current' of github.com:vyos/vyos-1x: (49 commits)
Jenkins: ease Pipeline
vxlan: T1636: simplyfy code (don't delete intf addresses)
ethernet: T1637: interfaces in a bond can be disabled
ethernet: T1637: fix calling arp_cache_tmo property
ethernet: T1637: do not overwrite interface description with interface name
ethernet: T1637: support offloading functions
Python/ifconfig: T1557: ethernet: add offloading interfaces
Python/ifconfig: T1557: update comments
Python/ifconfig: T1557: delete all assigned IP addresses on remove()
ethernet: T1637: call remove() on interface deletion
Python/ifconfig: T1557: use proper inheritance levels on remove()
ethernet: T1637: remove debug pprint
bridge: T1556: minor comment cleanup
bonding: T1614: minor comment cleanup
Python/ifconfig: T1557: unify '/sys/class/net/{}' path
Python/ifconfig: T1557: vmxnet3/virtio_net do not support changing speed/duplex control
Python/ifconfig: T1557: vmxnet3/virtio_net do not support changing flow control
Python/ifconfig: T1557: query driver if it supports auto negotiation
Python/ifconfig: T1557: call ethtool with full path
Python/ifconfig: T1557: return stdout string for _cmd()
...
Diffstat (limited to 'src/conf_mode/ipoe_server.py')
| -rwxr-xr-x | src/conf_mode/ipoe_server.py | 23 |
1 files changed, 19 insertions, 4 deletions
diff --git a/src/conf_mode/ipoe_server.py b/src/conf_mode/ipoe_server.py index ca6b423e5..a60379760 100755 --- a/src/conf_mode/ipoe_server.py +++ b/src/conf_mode/ipoe_server.py @@ -41,7 +41,6 @@ ipoe_config = ''' ### generated by ipoe.py ### [modules] log_syslog -ippool ipoe shaper ipv6pool @@ -50,6 +49,7 @@ ipv6_dhcp {% if auth['mech'] == 'radius' %} radius {% endif -%} +ippool {% if auth['mech'] == 'local' %} chap-secrets {% endif %} @@ -65,7 +65,11 @@ level=5 [ipoe] verbose=1 {% for intfc in interfaces %} +{% if interfaces[intfc]['vlan_mon'] %} +interface=re:{{intfc}}\.\d+,\ +{% else %} interface={{intfc}},\ +{% endif %} shared={{interfaces[intfc]['shared']}},\ mode={{interfaces[intfc]['mode']}},\ ifcfg={{interfaces[intfc]['ifcfg']}},\ @@ -83,8 +87,7 @@ password=csid {%- for intfc in interfaces %} {% if (interfaces[intfc]['shared'] == '0') and (interfaces[intfc]['vlan_mon']) %} -vlan_mon={{interfaces[intfc]['vlan_mon']|join(',')}} -interface=re:{{intfc}}\.(409[0-6]|40[0-8][0-9]|[1-3][0-9]{3}|[1-9][0-9]{0,2}) +vlan-mon={{intfc}},{{interfaces[intfc]['vlan_mon']|join(',')}} {% endif %} {% endfor %} @@ -160,16 +163,24 @@ nas-identifier={{auth['radsettings']['nas-identifier']}} tcp=127.0.0.1:2002 ''' -### pppoe chap secrets +### chap secrets chap_secrets_conf = ''' # username server password acceptable local IP addresses shaper {% for aifc in auth['auth_if'] %} {% for mac in auth['auth_if'][aifc] %} {% if (auth['auth_if'][aifc][mac]['up']) and (auth['auth_if'][aifc][mac]['down']) %} +{% if auth['auth_if'][aifc][mac]['vlan'] %} +{{aifc}}.{{auth['auth_if'][aifc][mac]['vlan']}}\t*\t{{mac.lower()}}\t*\t{{auth['auth_if'][aifc][mac]['down']}}/{{auth['auth_if'][aifc][mac]['up']}} +{% else %} {{aifc}}\t*\t{{mac.lower()}}\t*\t{{auth['auth_if'][aifc][mac]['down']}}/{{auth['auth_if'][aifc][mac]['up']}} +{% endif %} +{% else %} +{% if auth['auth_if'][aifc][mac]['vlan'] %} +{{aifc}}.{{auth['auth_if'][aifc][mac]['vlan']}}\t*\t{{mac.lower()}}\t* {% else %} {{aifc}}\t*\t{{mac.lower()}}\t* {% endif %} +{% endif %} {% endfor %} {% endfor %} ''' @@ -213,6 +224,7 @@ def accel_cmd(cmd=''): ### chap_secrets file if auth mode local def gen_chap_secrets(c): + tmpl = jinja2.Template(chap_secrets_conf, trim_blocks=True) chap_secrets_txt = tmpl.render(c) old_umask = os.umask(0o077) @@ -296,6 +308,9 @@ def get_config(): config_data['auth']['auth_if'][auth_int][mac] = {} config_data['auth']['auth_if'][auth_int][mac]['up'] = None config_data['auth']['auth_if'][auth_int][mac]['down'] = None + ## client vlan-id + if c.exists('authentication interface ' + auth_int + ' mac-address ' + mac + ' vlan-id'): + config_data['auth']['auth_if'][auth_int][mac]['vlan'] = c.return_value('authentication interface ' + auth_int + ' mac-address ' + mac + ' vlan-id') if c.exists('authentication mode radius'): for rsrv in c.list_nodes('authentication radius-server'): config_data['auth']['radius'][rsrv] = {} |