Merge pull request #581 from sever-sever/T2631

accel: T2631: Add option for radius disable-accounting

6 files changed, 20 insertions, 0 deletions

diff --git a/interface-definitions/include/accel-radius-additions-disable-accounting.xlm.in b/interface-definitions/include/accel-radius-additions-disable-accounting.xlm.in
new file mode 100644
index 000000000..026f67453
--- /dev/null
+++ b/interface-definitions/include/accel-radius-additions-disable-accounting.xlm.in
@@ -0,0 +1,7 @@
+<leafNode name="disable-accounting">
+  <properties>
+    <help>Disable accounting</help>
+    <valueless/>
+  </properties>
+</leafNode>
+
diff --git a/interface-definitions/include/accel-radius-additions.xml.i b/interface-definitions/include/accel-radius-additions.xml.i
index 598fb73f8..bf0f0ac94 100644
--- a/interface-definitions/include/accel-radius-additions.xml.i
+++ b/interface-definitions/include/accel-radius-additions.xml.i
@@ -29,6 +29,7 @@
           </properties>
           <defaultValue>1813</defaultValue>
         </leafNode>
+        #include <include/accel-radius-additions-disable-accounting.xlm.in>
         <leafNode name="fail-time">
           <properties>
             <help>Mark server unavailable for &lt;n&gt; seconds on failure</help>
diff --git a/interface-definitions/vpn_l2tp.xml.in b/interface-definitions/vpn_l2tp.xml.in
index 8802c0564..82af86470 100644
--- a/interface-definitions/vpn_l2tp.xml.in
+++ b/interface-definitions/vpn_l2tp.xml.in
@@ -225,6 +225,7 @@
                     <children>
                       <tagNode name="server">
                         <children>
+                          #include <include/accel-radius-additions-disable-accounting.xlm.in>
                           <leafNode name="fail-time">
                             <properties>
                               <help>Mark server unavailable for &lt;n&gt; seconds on failure</help>
diff --git a/python/vyos/configdict.py b/python/vyos/configdict.py
index 62df3334c..db17c33fc 100644
--- a/python/vyos/configdict.py
+++ b/python/vyos/configdict.py
@@ -455,6 +455,11 @@ def get_accel_dict(config, base, chap_secrets):
             dict['authentication']['radius']['server'][server] = dict_merge(
                 default_values, dict['authentication']['radius']['server'][server])
 
+            # Check option "disable-accounting" per server and replace default value from '1813' to '0'
+            # set vpn sstp authentication radius server x.x.x.x disable-accounting
+            if 'disable_accounting' in dict['authentication']['radius']['server'][server]:
+                dict['authentication']['radius']['server'][server]['acct_port'] = '0'
+
     # Add individual local-user default values
     if vyos_dict_search('authentication.local_users.username', dict):
         default_values = defaults(base + ['authentication', 'local-users', 'username'])
diff --git a/src/conf_mode/vpn_l2tp.py b/src/conf_mode/vpn_l2tp.py
index 48d887abe..465986d5b 100755
--- a/src/conf_mode/vpn_l2tp.py
+++ b/src/conf_mode/vpn_l2tp.py
@@ -162,6 +162,9 @@ def get_config(config=None):
 
             conf.set_level(base_path + ['authentication', 'radius', 'server', server])
 
+            if conf.exists(['disable-accounting']):
+                radius['acct_port'] = '0'
+
             if conf.exists(['fail-time']):
                 radius['fail_time'] = conf.return_value(['fail-time'])
 
diff --git a/src/conf_mode/vpn_pptp.py b/src/conf_mode/vpn_pptp.py
index 306d05c60..3125ee9d0 100755
--- a/src/conf_mode/vpn_pptp.py
+++ b/src/conf_mode/vpn_pptp.py
@@ -121,6 +121,9 @@ def get_config(config=None):
 
             conf.set_level(base_path + ['authentication', 'radius', 'server', server])
 
+            if conf.exists(['disable-accounting']):
+                radius['acct_port'] = '0'
+
             if conf.exists(['fail-time']):
                 radius['fail_time'] = conf.return_value(['fail-time'])