From cda566dfde944f705244f0b9a9293d1a47c55a50 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sat, 18 Apr 2020 12:20:11 +0200 Subject: pppoe-server: T2314: migrate RADIUS configuration to common CLI syntax --- interface-definitions/service_pppoe-server.xml.in | 54 ++++++++--------------- src/conf_mode/service_pppoe-server.py | 12 +++-- src/migration-scripts/pppoe-server/2-to-3 | 7 +++ 3 files changed, 34 insertions(+), 39 deletions(-) diff --git a/interface-definitions/service_pppoe-server.xml.in b/interface-definitions/service_pppoe-server.xml.in index dced54b64..0d7c3568c 100644 --- a/interface-definitions/service_pppoe-server.xml.in +++ b/interface-definitions/service_pppoe-server.xml.in @@ -126,37 +126,26 @@ - - - IP address of RADIUS server - - ipv4 - IP address of RADIUS server - - - - - - Key for accessing the specified server - - - - - Maximum number of simultaneous requests to server (default: unlimited) - - - - - If server does not responds mark it as unavailable for this amount of time in seconds - - - - - - - RADIUS settings - + #include + + + + + + Mark server unavailable for <n> seconds on failure + + 0-600 + Fail time penalty + + + + + Fail time must be between 0 and 600 seconds + + + + Timeout to wait response from server (seconds) @@ -177,11 +166,6 @@ Value to send to RADIUS server in NAS-Identifier attribute and to be matched in DM/CoA requests. - - - Value to send to RADIUS server in NAS-IP-Address attribute and to be matched in DM/CoA requests. Also DM/CoA server will bind to that address. - - IPv4 address and port to bind Dynamic Authorization Extension server (DM/CoA) diff --git a/src/conf_mode/service_pppoe-server.py b/src/conf_mode/service_pppoe-server.py index 238208eff..52be86b14 100755 --- a/src/conf_mode/service_pppoe-server.py +++ b/src/conf_mode/service_pppoe-server.py @@ -71,6 +71,7 @@ default_config_data = { 'radius_timeout': '3', 'radius_nas_id': '', 'radius_nas_ip': '', + 'radius_source_address': '', 'radius_shaper_attr': '', 'radius_shaper_vendor': '', 'radius_dynamic_author': '', @@ -198,7 +199,7 @@ def get_config(): # authentication mode radius servers and settings if conf.exists(['authentication', 'mode', 'radius']): - for server in conf.list_nodes(['authentication', 'radius-server']): + for server in conf.list_nodes(['authentication', 'radius', 'server']): radius = { 'server' : server, 'key' : '', @@ -214,15 +215,15 @@ def get_config(): if conf.exists(['port']): radius['port'] = conf.return_value(['port']) - if conf.exists(['secret']): - radius['key'] = conf.return_value(['secret']) + if conf.exists(['key']): + radius['key'] = conf.return_value(['key']) if not conf.exists(['disable']): pppoe['radius_server'].append(radius) # # advanced radius-setting - conf.set_level(base_path + ['authentication', 'radius-settings']) + conf.set_level(base_path + ['authentication', 'radius']) if conf.exists(['acct-timeout']): pppoe['radius_acct_tmo'] = conf.return_value(['acct-timeout']) @@ -239,6 +240,9 @@ def get_config(): if conf.exists(['nas-ip-address']): pppoe['radius_nas_ip'] = conf.return_value(['nas-ip-address']) + if conf.exists(['source-address']): + pppoe['radius_source_address'] = conf.return_value(['source-address']) + # Dynamic Authorization Extensions (DOA)/Change Of Authentication (COA) if conf.exists(['dynamic-author']): dae = { diff --git a/src/migration-scripts/pppoe-server/2-to-3 b/src/migration-scripts/pppoe-server/2-to-3 index c85ada904..977f1ef43 100755 --- a/src/migration-scripts/pppoe-server/2-to-3 +++ b/src/migration-scripts/pppoe-server/2-to-3 @@ -68,6 +68,13 @@ else: config.delete(wins_base) + # Remove RADIUS server req-limit node + radius_base = base + ['authentication', 'radius'] + if config.exists(radius_base): + for server in config.list_nodes(radius_base + ['server']): + if config.exists(radius_base + ['server', server, 'req-limit']): + config.delete(radius_base + ['server', server, 'req-limit']) + try: with open(file_name, 'w') as f: f.write(config.to_string()) -- cgit v1.2.3