summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2019-12-30 14:05:26 +0100
committerGitHub <noreply@github.com>2019-12-30 14:05:26 +0100
commit972944a930c4417af86acb5905b6f92ec55eeb1c (patch)
tree58104b2b02cfcaf6358ece5e87a8e932efcf8c74
parentef3b8d81fc98a43e6a7605ea807667ad8b674bd9 (diff)
parent685e9fb19140d002bcae9f3b78d5bd0f33b172d0 (diff)
downloadvyos-1x-972944a930c4417af86acb5905b6f92ec55eeb1c.tar.gz
vyos-1x-972944a930c4417af86acb5905b6f92ec55eeb1c.zip
Merge pull request #194 from DmitriyEshenko/l2tp_fix_on
l2tp: T1858: Delete deprecated outside-nexthop
-rw-r--r--interface-definitions/l2tp-server.xml.in4
-rwxr-xr-xsrc/conf_mode/accel_l2tp.py24
-rwxr-xr-xsrc/migration-scripts/l2tp/1-to-233
3 files changed, 45 insertions, 16 deletions
diff --git a/interface-definitions/l2tp-server.xml.in b/interface-definitions/l2tp-server.xml.in
index 98c17b8b2..7fc844054 100644
--- a/interface-definitions/l2tp-server.xml.in
+++ b/interface-definitions/l2tp-server.xml.in
@@ -28,9 +28,9 @@
</constraint>
</properties>
</leafNode>
- <leafNode name="outside-nexthop">
+ <leafNode name="gateway-address">
<properties>
- <help>Nexthop IP address for reaching the VPN clients</help>
+ <help>Gatway address uses as client tunnel termination point</help>
<constraint>
<validator name="ipv4-address"/>
</constraint>
diff --git a/src/conf_mode/accel_l2tp.py b/src/conf_mode/accel_l2tp.py
index 37fda2029..a7af9cc68 100755
--- a/src/conf_mode/accel_l2tp.py
+++ b/src/conf_mode/accel_l2tp.py
@@ -118,15 +118,15 @@ secret={{lns_shared_secret}}
{% endfor -%}
{% endif %}
{% endif %}
-{% if outside_nexthop %}
-gw-ip-address={{outside_nexthop}}
+{% if gateway_address %}
+gw-ip-address={{gateway_address}}
{% endif %}
{% if authentication['mode'] == 'local' %}
[chap-secrets]
chap-secrets=/etc/accel-ppp/l2tp/chap-secrets
-{% if outside_nexthop %}
-gw-ip-address={{outside_nexthop}}
+{% if gateway_address %}
+gw-ip-address={{gateway_address}}
{% endif %}
{% endif %}
@@ -181,7 +181,7 @@ dae-server={{authentication['radiusopt']['dae-srv']['ip-addr']}}:\
{{authentication['radiusopt']['dae-srv']['port']}},\
{{authentication['radiusopt']['dae-srv']['secret']}}
{% endif -%}
-gw-ip-address={{outside_nexthop}}
+gw-ip-address={{gateway_address}}
verbose=1
{% endif -%}
@@ -290,7 +290,7 @@ def get_config():
'mppe' : 'prefer'
},
'outside_addr' : '',
- 'outside_nexthop' : '10.255.255.0',
+ 'gateway_address' : '10.255.255.0',
'dns' : [],
'dnsv6' : [],
'wins' : [],
@@ -430,17 +430,17 @@ def get_config():
config_data['mtu'] = c.return_value('mtu')
### gateway address
- if c.exists('outside-nexthop'):
- config_data['outside_nexthop'] = c.return_value('outside-nexthop')
+ if c.exists('gateway-address'):
+ config_data['gateway_address'] = c.return_value('gateway-address')
else:
### calculate gw-ip-address
if c.exists('client-ip-pool start'):
### use start ip as gw-ip-address
- config_data['outside_nexthop'] = c.return_value('client-ip-pool start')
+ config_data['gateway_address'] = c.return_value('client-ip-pool start')
elif c.exists('client-ip-pool subnet'):
### use first ip address from first defined pool
lst_ip = re.findall("\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}", c.return_values('client-ip-pool subnet')[0])
- config_data['outside_nexthop'] = lst_ip[0]
+ config_data['gateway_address'] = lst_ip[0]
if c.exists('authentication require'):
auth_mods = {'pap' : 'pap','chap' : 'auth_chap_md5', 'mschap' : 'auth_mschap_v1', 'mschap-v2' : 'auth_mschap_v2'}
@@ -497,10 +497,6 @@ def verify(c):
if not c['client_ip_pool'] and not c['client_ip_subnets']:
raise ConfigError("set vpn l2tp remote-access client-ip-pool requires subnet or start/stop IP pool")
- if not c['outside_nexthop']:
- #raise ConfigError('set vpn l2tp remote-access outside-nexthop required')
- print ("WARMING: set vpn l2tp remote-access outside-nexthop required")
-
## check ipv6
if 'delegate_prefix' in c['client_ipv6_pool'] and not 'prefix' in c['client_ipv6_pool']:
raise ConfigError("\"set vpn l2tp remote-access client-ipv6-pool prefix\" required for delegate-prefix ")
diff --git a/src/migration-scripts/l2tp/1-to-2 b/src/migration-scripts/l2tp/1-to-2
new file mode 100755
index 000000000..c46eba8f8
--- /dev/null
+++ b/src/migration-scripts/l2tp/1-to-2
@@ -0,0 +1,33 @@
+#!/usr/bin/env python3
+
+# Delete depricated outside-nexthop address
+
+import sys
+
+from vyos.configtree import ConfigTree
+
+if (len(sys.argv) < 1):
+ print("Must specify file name!")
+ sys.exit(1)
+
+file_name = sys.argv[1]
+
+with open(file_name, 'r') as f:
+ config_file = f.read()
+
+config = ConfigTree(config_file)
+
+cfg_base = ['vpn', 'l2tp', 'remote-access']
+if not config.exists(cfg_base):
+ # Nothing to do
+ sys.exit(0)
+else:
+ if config.exists(cfg_base + ['outside-nexthop']):
+ config.delete(cfg_base + ['outside-nexthop'])
+
+ try:
+ with open(file_name, 'w') as f:
+ f.write(config.to_string())
+ except OSError as e:
+ print("Failed to save the modified config: {}".format(e))
+ sys.exit(1)