diff options
| author | hagbard <vyosdev@derith.de> | 2019-04-18 11:28:47 -0700 |
|---|---|---|
| committer | hagbard <vyosdev@derith.de> | 2019-04-18 11:34:06 -0700 |
| commit | c1dc93391b9ec1785ab648fa7685521c85774d28 (patch) | |
| tree | ef7f299490d49277003b8d34323f608616987c22 | |
| parent | d748e526ca50f3acb98ec511fab977c4b044aea8 (diff) | |
| download | vyos-1x-c1dc93391b9ec1785ab648fa7685521c85774d28.tar.gz vyos-1x-c1dc93391b9ec1785ab648fa7685521c85774d28.zip | |
[pppoe-server] T1341 - Adding rate-limiter for pppoe server users
- implementation for locally definied users
| -rw-r--r-- | interface-definitions/pppoe-server.xml | 23 | ||||
| -rwxr-xr-x | src/conf_mode/accel_pppoe.py | 30 |
2 files changed, 47 insertions, 6 deletions
diff --git a/interface-definitions/pppoe-server.xml b/interface-definitions/pppoe-server.xml index a0c22d53a..79bc0ebce 100644 --- a/interface-definitions/pppoe-server.xml +++ b/interface-definitions/pppoe-server.xml @@ -60,6 +60,29 @@ <help>Static client IP address</help> </properties> </leafNode> + <node name="rate-limit"> + <properties> + <help>Upload/Download speed limits</help> + </properties> + <children> + <leafNode name="upload"> + <properties> + <help>Upload bandwidth limit in bits/sec</help> + <constraint> + <validator name="numeric" argument="--range 1-65535"/> + </constraint> + </properties> + </leafNode> + <leafNode name="download"> + <properties> + <help>Download bandwidth limit in bits/sec</help> + <constraint> + <validator name="numeric" argument="--range 1-65535"/> + </constraint> + </properties> + </leafNode> + </children> + </node> </children> </tagNode> </children> diff --git a/src/conf_mode/accel_pppoe.py b/src/conf_mode/accel_pppoe.py index 0054c99db..8c4f8b162 100755 --- a/src/conf_mode/accel_pppoe.py +++ b/src/conf_mode/accel_pppoe.py @@ -239,11 +239,16 @@ tcp=127.0.0.1:2001 ### pppoe chap secrets chap_secrets_conf = ''' -# username server password acceptable local IP addresses +# username server password acceptable local IP addresses shaper {% for user in authentication['local-users'] %} {% if authentication['local-users'][user]['state'] == 'enabled' %} +{% if (authentication['local-users'][user]['upload']) and (authentication['local-users'][user]['download']) %} +{{user}}\t*\t{{authentication['local-users'][user]['passwd']}}\t{{authentication['local-users'][user]['ip']}}\t\ +{{authentication['local-users'][user]['download']}}/{{authentication['local-users'][user]['upload']}} +{% else %} {{user}}\t*\t{{authentication['local-users'][user]['passwd']}}\t{{authentication['local-users'][user]['ip']}} {% endif %} +{% endif %} {% endfor %} ''' ### @@ -377,9 +382,11 @@ def get_config(): config_data['authentication']['local-users'].update( { usr : { - 'passwd' : '', - 'state' : 'enabled', - 'ip' : '*' + 'passwd' : None, + 'state' : 'enabled', + 'ip' : '*', + 'upload' : None, + 'download' : None } } ) @@ -389,7 +396,11 @@ def get_config(): config_data['authentication']['local-users'][usr]['state'] = 'disable' if c.exists('authentication local-users username ' + usr + ' static-ip'): config_data['authentication']['local-users'][usr]['ip'] = c.return_value('authentication local-users username ' + usr + ' static-ip') - + if c.exists('authentication local-users username ' + usr + ' rate-limit download'): + config_data['authentication']['local-users'][usr]['download'] = c.return_value('authentication local-users username ' + usr + ' rate-limit download') + if c.exists('authentication local-users username ' + usr + ' rate-limit upload'): + config_data['authentication']['local-users'][usr]['upload'] = c.return_value('authentication local-users username ' + usr + ' rate-limit upload') + ### authentication mode radius servers and settings if c.exists('authentication mode radius'): @@ -483,10 +494,17 @@ def verify(c): if c['authentication']['mode'] == 'local': if not c['authentication']['local-users']: raise ConfigError('pppoe-server authentication local-users required') - + for usr in c['authentication']['local-users']: if not c['authentication']['local-users'][usr]['passwd']: raise ConfigError('user ' + usr + ' requires a password') + ### if up/download is set, check that both have a value + if c['authentication']['local-users'][usr]['upload']: + if not c['authentication']['local-users'][usr]['download']: + raise ConfigError('user ' + usr + ' requires download speed value') + if c['authentication']['local-users'][usr]['download']: + if not c['authentication']['local-users'][usr]['upload']: + raise ConfigError('user ' + usr + ' requires upload speed value') if not c['ppp_gw']: raise ConfigError('pppoe-server local-ip required') |