blob: 6a1109b26aa32b985b679c76980821532d1ddbb7 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
|
tag:
priority: 800
type: txt
help: L2TPv3 interface
val_help: <l2tpethN>; L2TPv3 interface name
syntax:expression: pattern $VAR(@) "^l2tpeth[0-9]+$" \
; "tunnel must be (l2tpeth0-l2tpeth999)"
commit:expression: $VAR(./local-ip/) != "" ; \
"Must configure the l2tpv3 local-ip for $VAR(@)"
commit:expression: $VAR(./remote-ip/) != "" ; \
"Must configure the l2tpv3 remote-ip for $VAR(@)"
commit:expression: $VAR(./tunnel-id/) != "" ; \
"Must configure the l2tpv3 tunnel-id for $VAR(@)"
commit:expression: $VAR(./peer-tunnel-id/) != "" ; \
"Must configure the l2tpv3 peer-tunnel-id for $VAR(@)"
commit:expression: $VAR(./session-id/) != "" ; \
"Must configure the l2tpv3 session-id for $VAR(@)"
commit:expression: $VAR(./peer-session-id/) != "" ; \
"Must configure the l2tpv3 peer-session-id for $VAR(@)"
begin:
[ -d /sys/module/l2tp_eth ] || sudo modprobe l2tp_eth
[ -d /sys/module/l2tp_netlink ] || sudo modprobe l2tp_netlink
if [ "$VAR(./encapsulation/@)" = "ip" ]; then
if [ ! -d /sys/module/l2tp_ip ]; then
sudo modprobe l2tp_ip
fi
if [ ! -d /sys/module/l2tp_ip6 ]; then
sudo modprobe l2tp_ip6
fi
fi
create:
sudo ip l2tp add tunnel tunnel_id $VAR(./tunnel-id/@) \
peer_tunnel_id $VAR(./peer-tunnel-id/@) \
udp_sport $VAR(./source-port/@) \
udp_dport $VAR(./destination-port/@) \
encap $VAR(./encapsulation/@) \
local $VAR(./local-ip/@) \
remote $VAR(./remote-ip/@)
sudo ip l2tp add session session_id $VAR(./session-id/@) \
tunnel_id $VAR(./tunnel-id/@) \
peer_session_id $VAR(./peer-session-id/@) \
name $VAR(@)
sudo ip link set $VAR(@) up
delete:
sudo ip link set $VAR(@) down
if [ -n "$VAR(./tunnel-id/@)" ] && [ -n "$VAR(./session-id/@)" ] ; then
sudo ip l2tp del session tunnel_id $VAR(./tunnel-id/@) session_id $VAR(./session-id/@)
fi
if [ -n "$VAR(./tunnel-id/@)" ] ; then
sudo ip l2tp del tunnel tunnel_id $VAR(./tunnel-id/@)
fi
|