diff options
| -rw-r--r-- | data/templates/ocserv/ocserv_config.tmpl | 6 | ||||
| -rw-r--r-- | interface-definitions/vpn_openconnect.xml.in | 13 | ||||
| -rwxr-xr-x | smoketest/scripts/cli/test_vpn_openconnect.py | 5 |
3 files changed, 23 insertions, 1 deletions
diff --git a/data/templates/ocserv/ocserv_config.tmpl b/data/templates/ocserv/ocserv_config.tmpl index 328af0c0d..8a394f0ac 100644 --- a/data/templates/ocserv/ocserv_config.tmpl +++ b/data/templates/ocserv/ocserv_config.tmpl @@ -70,6 +70,11 @@ ipv6-network = {{ network_settings.client_ipv6_pool.prefix }} ipv6-subnet-prefix = {{ network_settings.client_ipv6_pool.mask }} {% endif %} {% endif %} +{% if network_settings.split_dns is defined %} +{% for tmp in network_settings.split_dns %} +split-dns = {{ tmp }} +{% endfor %} +{% endif %} {% endif %} {% if network_settings.push_route is string %} @@ -79,4 +84,3 @@ route = {{ network_settings.push_route }} route = {{ route }} {% endfor %} {% endif %} - diff --git a/interface-definitions/vpn_openconnect.xml.in b/interface-definitions/vpn_openconnect.xml.in index f35b1ebbd..888f32b99 100644 --- a/interface-definitions/vpn_openconnect.xml.in +++ b/interface-definitions/vpn_openconnect.xml.in @@ -191,6 +191,19 @@ </children> </node> #include <include/name-server-ipv4-ipv6.xml.i> + <leafNode name="split-dns"> + <properties> + <help>Domains over which the provided DNS should be used</help> + <valueHelp> + <format>txt</format> + <description>Client prefix length</description> + </valueHelp> + <constraint> + <validator name="fqdn"/> + </constraint> + <multi/> + </properties> + </leafNode> </children> </node> </children> diff --git a/smoketest/scripts/cli/test_vpn_openconnect.py b/smoketest/scripts/cli/test_vpn_openconnect.py index 999d7267d..6db49abab 100755 --- a/smoketest/scripts/cli/test_vpn_openconnect.py +++ b/smoketest/scripts/cli/test_vpn_openconnect.py @@ -63,6 +63,7 @@ class TestVPNOpenConnect(VyOSUnitTestSHIM.TestCase): v6_prefix = '2001:db8:1000::/64' v6_len = '126' name_server = ['1.2.3.4', '1.2.3.5', '2001:db8::1'] + split_dns = ['vyos.net', 'vyos.io'] self.cli_set(base_path + ['authentication', 'local-users', 'username', user, 'password', password]) self.cli_set(base_path + ['authentication', 'mode', "local"]) @@ -73,6 +74,8 @@ class TestVPNOpenConnect(VyOSUnitTestSHIM.TestCase): for ns in name_server: self.cli_set(base_path + ['network-settings', 'name-server', ns]) + for domain in split_dns: + self.cli_set(base_path + ['network-settings', 'split-dns', domain]) self.cli_commit() @@ -87,6 +90,8 @@ class TestVPNOpenConnect(VyOSUnitTestSHIM.TestCase): for ns in name_server: self.assertIn(f'dns = {ns}', daemon_config) + for domain in split_dns: + self.assertIn(f'split-dns = {domain}', daemon_config) auth_config = read_file(auth_file) self.assertIn(f'{user}:*:$', auth_config) |