From 6a2e75dbe4003c6987c6932296e68c486ff7b380 Mon Sep 17 00:00:00 2001
From: Christian Poessinger <christian@poessinger.com>
Date: Fri, 10 Apr 2020 19:32:24 +0200
Subject: vpn: l2tp: T2264: combine IPv4/IPv6 name-server CLI syntax
There is no reason to distinguish between an IPv4 and IPv6 name-server node
on the CLI - this can be done in the underlaying Python scripts.
---
src/conf_mode/vpn_l2tp.py | 29 ++++++++++--------
src/migration-scripts/l2tp/2-to-3 | 64 +++++++++++++++++++++++++++++++++++++++
2 files changed, 81 insertions(+), 12 deletions(-)
create mode 100755 src/migration-scripts/l2tp/2-to-3
(limited to 'src')
diff --git a/src/conf_mode/vpn_l2tp.py b/src/conf_mode/vpn_l2tp.py
index d5274a6bc..93ee9edf9 100755
--- a/src/conf_mode/vpn_l2tp.py
+++ b/src/conf_mode/vpn_l2tp.py
@@ -26,9 +26,9 @@ from jinja2 import FileSystemLoader, Environment
from vyos.config import Config
from vyos.defaults import directories as vyos_data_dir
-from vyos import ConfigError
from vyos.util import run
-
+from vyos.validate import is_ipv4
+from vyos import ConfigError
pidfile = r'/var/run/accel_l2tp.pid'
l2tp_cnf_dir = r'/etc/accel-ppp/l2tp'
@@ -53,7 +53,7 @@ default_config_data = {
},
'outside_addr': '',
'gateway_address': '10.255.255.0',
- 'dns': [],
+ 'dnsv4': [],
'dnsv6': [],
'wins': [],
'client_ip_pool': None,
@@ -91,7 +91,7 @@ def _accel_cmd(command):
def get_config():
c = Config()
- base = ['vpn', 'l2tp' 'remote-access']
+ base = ['vpn', 'l2tp', 'remote-access']
if not c.exists(base):
return None
@@ -99,17 +99,19 @@ def get_config():
config_data = deepcopy(default_config_data)
### general options ###
- if c.exists('dns-servers server-1'):
- config_data['dns'].append(c.return_value('dns-servers server-1'))
- if c.exists('dns-servers server-2'):
- config_data['dns'].append(c.return_value('dns-servers server-2'))
- if c.exists('dnsv6-servers'):
- for dns6_server in c.return_values('dnsv6-servers'):
- config_data['dnsv6'].append(dns6_server)
+ if c.exists(['name-server']):
+ for name_server in c.return_values(['name-server']):
+ if is_ipv4(name_server):
+ config_data['dnsv4'].append(name_server)
+ else:
+ config_data['dnsv6'].append(name_server)
+
if c.exists('wins-servers server-1'):
config_data['wins'].append(c.return_value('wins-servers server-1'))
+
if c.exists('wins-servers server-2'):
config_data['wins'].append(c.return_value('wins-servers server-2'))
+
if c.exists('outside-address'):
config_data['outside_addr'] = c.return_value('outside-address')
@@ -324,8 +326,11 @@ def verify(c):
raise ConfigError(
"\"set vpn l2tp remote-access client-ipv6-pool prefix\" required for delegate-prefix ")
+ if len(c['dnsv4']) > 2:
+ raise ConfigError('Not more then two IPv4 DNS name-servers can be configured')
+
if len(c['dnsv6']) > 3:
- raise ConfigError("Maximum allowed dnsv6-servers addresses is 3")
+ raise ConfigError('Not more then three IPv6 DNS name-servers can be configured')
def generate(c):
diff --git a/src/migration-scripts/l2tp/2-to-3 b/src/migration-scripts/l2tp/2-to-3
new file mode 100755
index 000000000..ebeb814c1
--- /dev/null
+++ b/src/migration-scripts/l2tp/2-to-3
@@ -0,0 +1,64 @@
+#!/usr/bin/env python3
+#
+# Copyright (C) 2020 VyOS maintainers and contributors
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 or later as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+# - remove primary/secondary identifier from nameserver
+
+import os
+import sys
+
+from sys import argv, exit
+from vyos.configtree import ConfigTree
+
+if (len(argv) < 1):
+ print("Must specify file name!")
+ exit(1)
+
+file_name = argv[1]
+
+with open(file_name, 'r') as f:
+ config_file = f.read()
+
+config = ConfigTree(config_file)
+base = ['vpn', 'l2tp', 'remote-access']
+if not config.exists(base):
+ # Nothing to do
+ exit(0)
+else:
+
+ # Migrate IPv4 DNS servers
+ dns_base = base + ['dns-servers']
+ if config.exists(dns_base):
+ for server in ['server-1', 'server-2']:
+ if config.exists(dns_base + [server]):
+ dns = config.return_value(dns_base + [server])
+ config.set(base + ['name-server'], value=dns, replace=False)
+
+ config.delete(dns_base)
+
+ # Migrate IPv6 DNS servers
+ dns_base = base + ['dnsv6-servers']
+ if config.exists(dns_base):
+ for server in config.return_values(dns_base):
+ config.set(base + ['name-server'], value=server, replace=False)
+
+ config.delete(dns_base)
+
+ try:
+ with open(file_name, 'w') as f:
+ f.write(config.to_string())
+ except OSError as e:
+ print("Failed to save the modified config: {}".format(e))
+ exit(1)
--
cgit v1.2.3