diff options
author | Christian Poessinger <christian@poessinger.com> | 2019-12-30 14:05:26 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-12-30 14:05:26 +0100 |
commit | 972944a930c4417af86acb5905b6f92ec55eeb1c (patch) | |
tree | 58104b2b02cfcaf6358ece5e87a8e932efcf8c74 | |
parent | ef3b8d81fc98a43e6a7605ea807667ad8b674bd9 (diff) | |
parent | 685e9fb19140d002bcae9f3b78d5bd0f33b172d0 (diff) | |
download | vyos-1x-972944a930c4417af86acb5905b6f92ec55eeb1c.tar.gz vyos-1x-972944a930c4417af86acb5905b6f92ec55eeb1c.zip |
Merge pull request #194 from DmitriyEshenko/l2tp_fix_on
l2tp: T1858: Delete deprecated outside-nexthop
-rw-r--r-- | interface-definitions/l2tp-server.xml.in | 4 | ||||
-rwxr-xr-x | src/conf_mode/accel_l2tp.py | 24 | ||||
-rwxr-xr-x | src/migration-scripts/l2tp/1-to-2 | 33 |
3 files changed, 45 insertions, 16 deletions
diff --git a/interface-definitions/l2tp-server.xml.in b/interface-definitions/l2tp-server.xml.in index 98c17b8b2..7fc844054 100644 --- a/interface-definitions/l2tp-server.xml.in +++ b/interface-definitions/l2tp-server.xml.in @@ -28,9 +28,9 @@ </constraint> </properties> </leafNode> - <leafNode name="outside-nexthop"> + <leafNode name="gateway-address"> <properties> - <help>Nexthop IP address for reaching the VPN clients</help> + <help>Gatway address uses as client tunnel termination point</help> <constraint> <validator name="ipv4-address"/> </constraint> diff --git a/src/conf_mode/accel_l2tp.py b/src/conf_mode/accel_l2tp.py index 37fda2029..a7af9cc68 100755 --- a/src/conf_mode/accel_l2tp.py +++ b/src/conf_mode/accel_l2tp.py @@ -118,15 +118,15 @@ secret={{lns_shared_secret}} {% endfor -%} {% endif %} {% endif %} -{% if outside_nexthop %} -gw-ip-address={{outside_nexthop}} +{% if gateway_address %} +gw-ip-address={{gateway_address}} {% endif %} {% if authentication['mode'] == 'local' %} [chap-secrets] chap-secrets=/etc/accel-ppp/l2tp/chap-secrets -{% if outside_nexthop %} -gw-ip-address={{outside_nexthop}} +{% if gateway_address %} +gw-ip-address={{gateway_address}} {% endif %} {% endif %} @@ -181,7 +181,7 @@ dae-server={{authentication['radiusopt']['dae-srv']['ip-addr']}}:\ {{authentication['radiusopt']['dae-srv']['port']}},\ {{authentication['radiusopt']['dae-srv']['secret']}} {% endif -%} -gw-ip-address={{outside_nexthop}} +gw-ip-address={{gateway_address}} verbose=1 {% endif -%} @@ -290,7 +290,7 @@ def get_config(): 'mppe' : 'prefer' }, 'outside_addr' : '', - 'outside_nexthop' : '10.255.255.0', + 'gateway_address' : '10.255.255.0', 'dns' : [], 'dnsv6' : [], 'wins' : [], @@ -430,17 +430,17 @@ def get_config(): config_data['mtu'] = c.return_value('mtu') ### gateway address - if c.exists('outside-nexthop'): - config_data['outside_nexthop'] = c.return_value('outside-nexthop') + if c.exists('gateway-address'): + config_data['gateway_address'] = c.return_value('gateway-address') else: ### calculate gw-ip-address if c.exists('client-ip-pool start'): ### use start ip as gw-ip-address - config_data['outside_nexthop'] = c.return_value('client-ip-pool start') + config_data['gateway_address'] = c.return_value('client-ip-pool start') elif c.exists('client-ip-pool subnet'): ### use first ip address from first defined pool lst_ip = re.findall("\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}", c.return_values('client-ip-pool subnet')[0]) - config_data['outside_nexthop'] = lst_ip[0] + config_data['gateway_address'] = lst_ip[0] if c.exists('authentication require'): auth_mods = {'pap' : 'pap','chap' : 'auth_chap_md5', 'mschap' : 'auth_mschap_v1', 'mschap-v2' : 'auth_mschap_v2'} @@ -497,10 +497,6 @@ def verify(c): if not c['client_ip_pool'] and not c['client_ip_subnets']: raise ConfigError("set vpn l2tp remote-access client-ip-pool requires subnet or start/stop IP pool") - if not c['outside_nexthop']: - #raise ConfigError('set vpn l2tp remote-access outside-nexthop required') - print ("WARMING: set vpn l2tp remote-access outside-nexthop required") - ## check ipv6 if 'delegate_prefix' in c['client_ipv6_pool'] and not 'prefix' in c['client_ipv6_pool']: raise ConfigError("\"set vpn l2tp remote-access client-ipv6-pool prefix\" required for delegate-prefix ") diff --git a/src/migration-scripts/l2tp/1-to-2 b/src/migration-scripts/l2tp/1-to-2 new file mode 100755 index 000000000..c46eba8f8 --- /dev/null +++ b/src/migration-scripts/l2tp/1-to-2 @@ -0,0 +1,33 @@ +#!/usr/bin/env python3 + +# Delete depricated outside-nexthop address + +import sys + +from vyos.configtree import ConfigTree + +if (len(sys.argv) < 1): + print("Must specify file name!") + sys.exit(1) + +file_name = sys.argv[1] + +with open(file_name, 'r') as f: + config_file = f.read() + +config = ConfigTree(config_file) + +cfg_base = ['vpn', 'l2tp', 'remote-access'] +if not config.exists(cfg_base): + # Nothing to do + sys.exit(0) +else: + if config.exists(cfg_base + ['outside-nexthop']): + config.delete(cfg_base + ['outside-nexthop']) + + try: + with open(file_name, 'w') as f: + f.write(config.to_string()) + except OSError as e: + print("Failed to save the modified config: {}".format(e)) + sys.exit(1) |