diff options
| author | Christian Poessinger <christian@poessinger.com> | 2020-04-18 12:20:11 +0200 |
|---|---|---|
| committer | Christian Poessinger <christian@poessinger.com> | 2020-04-18 13:25:08 +0200 |
| commit | cda566dfde944f705244f0b9a9293d1a47c55a50 (patch) | |
| tree | 318046bb5e10c07a12df4ae3f1c459afe7f4d36b | |
| parent | abcd7026efd8cbeb1c4db828788eda9a6dd2be41 (diff) | |
| download | vyos-1x-cda566dfde944f705244f0b9a9293d1a47c55a50.tar.gz vyos-1x-cda566dfde944f705244f0b9a9293d1a47c55a50.zip | |
pppoe-server: T2314: migrate RADIUS configuration to common CLI syntax
| -rw-r--r-- | interface-definitions/service_pppoe-server.xml.in | 54 | ||||
| -rwxr-xr-x | src/conf_mode/service_pppoe-server.py | 12 | ||||
| -rwxr-xr-x | src/migration-scripts/pppoe-server/2-to-3 | 7 |
3 files changed, 34 insertions, 39 deletions
diff --git a/interface-definitions/service_pppoe-server.xml.in b/interface-definitions/service_pppoe-server.xml.in index dced54b64..0d7c3568c 100644 --- a/interface-definitions/service_pppoe-server.xml.in +++ b/interface-definitions/service_pppoe-server.xml.in @@ -126,37 +126,26 @@ </completionHelp> </properties> </leafNode> - <tagNode name="radius-server"> - <properties> - <help>IP address of RADIUS server</help> - <valueHelp> - <format>ipv4</format> - <description>IP address of RADIUS server</description> - </valueHelp> - </properties> - <children> - <leafNode name="secret"> - <properties> - <help>Key for accessing the specified server</help> - </properties> - </leafNode> - <leafNode name="req-limit"> - <properties> - <help>Maximum number of simultaneous requests to server (default: unlimited)</help> - </properties> - </leafNode> - <leafNode name="fail-time"> - <properties> - <help>If server does not responds mark it as unavailable for this amount of time in seconds</help> - </properties> - </leafNode> - </children> - </tagNode> - <node name="radius-settings"> - <properties> - <help>RADIUS settings</help> - </properties> + #include <include/radius-server.xml.i> + <node name="radius"> <children> + <tagNode name="server"> + <children> + <leafNode name="fail-time"> + <properties> + <help>Mark server unavailable for <n> seconds on failure</help> + <valueHelp> + <format>0-600</format> + <description>Fail time penalty</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 0-600"/> + </constraint> + <constraintErrorMessage>Fail time must be between 0 and 600 seconds</constraintErrorMessage> + </properties> + </leafNode> + </children> + </tagNode> <leafNode name="timeout"> <properties> <help>Timeout to wait response from server (seconds)</help> @@ -177,11 +166,6 @@ <help>Value to send to RADIUS server in NAS-Identifier attribute and to be matched in DM/CoA requests.</help> </properties> </leafNode> - <leafNode name="nas-ip-address"> - <properties> - <help>Value to send to RADIUS server in NAS-IP-Address attribute and to be matched in DM/CoA requests. Also DM/CoA server will bind to that address.</help> - </properties> - </leafNode> <node name="dae-server"> <properties> <help>IPv4 address and port to bind Dynamic Authorization Extension server (DM/CoA)</help> diff --git a/src/conf_mode/service_pppoe-server.py b/src/conf_mode/service_pppoe-server.py index 238208eff..52be86b14 100755 --- a/src/conf_mode/service_pppoe-server.py +++ b/src/conf_mode/service_pppoe-server.py @@ -71,6 +71,7 @@ default_config_data = { 'radius_timeout': '3', 'radius_nas_id': '', 'radius_nas_ip': '', + 'radius_source_address': '', 'radius_shaper_attr': '', 'radius_shaper_vendor': '', 'radius_dynamic_author': '', @@ -198,7 +199,7 @@ def get_config(): # authentication mode radius servers and settings if conf.exists(['authentication', 'mode', 'radius']): - for server in conf.list_nodes(['authentication', 'radius-server']): + for server in conf.list_nodes(['authentication', 'radius', 'server']): radius = { 'server' : server, 'key' : '', @@ -214,15 +215,15 @@ def get_config(): if conf.exists(['port']): radius['port'] = conf.return_value(['port']) - if conf.exists(['secret']): - radius['key'] = conf.return_value(['secret']) + if conf.exists(['key']): + radius['key'] = conf.return_value(['key']) if not conf.exists(['disable']): pppoe['radius_server'].append(radius) # # advanced radius-setting - conf.set_level(base_path + ['authentication', 'radius-settings']) + conf.set_level(base_path + ['authentication', 'radius']) if conf.exists(['acct-timeout']): pppoe['radius_acct_tmo'] = conf.return_value(['acct-timeout']) @@ -239,6 +240,9 @@ def get_config(): if conf.exists(['nas-ip-address']): pppoe['radius_nas_ip'] = conf.return_value(['nas-ip-address']) + if conf.exists(['source-address']): + pppoe['radius_source_address'] = conf.return_value(['source-address']) + # Dynamic Authorization Extensions (DOA)/Change Of Authentication (COA) if conf.exists(['dynamic-author']): dae = { diff --git a/src/migration-scripts/pppoe-server/2-to-3 b/src/migration-scripts/pppoe-server/2-to-3 index c85ada904..977f1ef43 100755 --- a/src/migration-scripts/pppoe-server/2-to-3 +++ b/src/migration-scripts/pppoe-server/2-to-3 @@ -68,6 +68,13 @@ else: config.delete(wins_base) + # Remove RADIUS server req-limit node + radius_base = base + ['authentication', 'radius'] + if config.exists(radius_base): + for server in config.list_nodes(radius_base + ['server']): + if config.exists(radius_base + ['server', server, 'req-limit']): + config.delete(radius_base + ['server', server, 'req-limit']) + try: with open(file_name, 'w') as f: f.write(config.to_string()) |