diff options
author | Christian Poessinger <christian@poessinger.com> | 2022-08-15 20:16:02 +0200 |
---|---|---|
committer | Christian Poessinger <christian@poessinger.com> | 2022-08-15 20:16:51 +0200 |
commit | e41685a2f56cca0a53b4f8c084f61a85cf561c80 (patch) | |
tree | 01009f6ad19b2653b5e07c5dc7fc9c57a43ff9de | |
parent | bd102eac6d0c97a5f75324d1248814ebdad42da5 (diff) | |
download | vyos-1x-e41685a2f56cca0a53b4f8c084f61a85cf561c80.tar.gz vyos-1x-e41685a2f56cca0a53b4f8c084f61a85cf561c80.zip |
ocserv: openconnect: T4614: add support for split-dns
set vpn openconnect network-settings split-dns <domain>
-rw-r--r-- | data/templates/ocserv/ocserv_config.j2 | 5 | ||||
-rw-r--r-- | interface-definitions/vpn-openconnect.xml.in | 13 | ||||
-rwxr-xr-x | smoketest/scripts/cli/test_vpn_openconnect.py | 4 |
3 files changed, 22 insertions, 0 deletions
diff --git a/data/templates/ocserv/ocserv_config.j2 b/data/templates/ocserv/ocserv_config.j2 index d3d022bb0..e0cad5181 100644 --- a/data/templates/ocserv/ocserv_config.j2 +++ b/data/templates/ocserv/ocserv_config.j2 @@ -80,3 +80,8 @@ route = {{ route }} {% endfor %} {% endif %} +{% if network_settings.split_dns is vyos_defined %} +{% for tmp in network_settings.split_dns %} +split-dns = {{ tmp }} +{% endfor %} +{% endif %} diff --git a/interface-definitions/vpn-openconnect.xml.in b/interface-definitions/vpn-openconnect.xml.in index 21b47125d..6309863c5 100644 --- a/interface-definitions/vpn-openconnect.xml.in +++ b/interface-definitions/vpn-openconnect.xml.in @@ -265,6 +265,19 @@ </children> </node> #include <include/name-server-ipv4-ipv6.xml.i> + <leafNode name="split-dns"> + <properties> + <help>Domains over which the provided DNS should be used</help> + <valueHelp> + <format>txt</format> + <description>Client prefix length</description> + </valueHelp> + <constraint> + <validator name="fqdn"/> + </constraint> + <multi/> + </properties> + </leafNode> </children> </node> </children> diff --git a/smoketest/scripts/cli/test_vpn_openconnect.py b/smoketest/scripts/cli/test_vpn_openconnect.py index 094812791..8572d6d66 100755 --- a/smoketest/scripts/cli/test_vpn_openconnect.py +++ b/smoketest/scripts/cli/test_vpn_openconnect.py @@ -98,6 +98,8 @@ class TestVPNOpenConnect(VyOSUnitTestSHIM.TestCase): for ns in name_server: self.cli_set(base_path + ['network-settings', 'name-server', ns]) + for domain in split_dns: + self.cli_set(base_path + ['network-settings', 'split-dns', domain]) self.cli_set(base_path + ['ssl', 'ca-certificate', 'openconnect']) self.cli_set(base_path + ['ssl', 'certificate', 'openconnect']) @@ -115,6 +117,8 @@ class TestVPNOpenConnect(VyOSUnitTestSHIM.TestCase): for ns in name_server: self.assertIn(f'dns = {ns}', daemon_config) + for domain in split_dns: + self.assertIn(f'split-dns = {domain}', daemon_config) auth_config = read_file(auth_file) self.assertIn(f'{user}:*:$', auth_config) |