diff options
author | Daniil Baturin <daniil@baturin.org> | 2018-11-18 21:21:33 +0100 |
---|---|---|
committer | Daniil Baturin <daniil@baturin.org> | 2018-11-18 21:21:33 +0100 |
commit | dcb207265472c2fed5fe13c1ba7091e5eea334a7 (patch) | |
tree | 8840e362818c5b0d6306ff5886ea3a05a4f088e0 | |
parent | eee479a836b5699df8105a23107bbb056541c436 (diff) | |
parent | 7115030c32f8545e8a2e3f21723952110690d32f (diff) | |
download | vyos-1x-dcb207265472c2fed5fe13c1ba7091e5eea334a7.tar.gz vyos-1x-dcb207265472c2fed5fe13c1ba7091e5eea334a7.zip |
Merge branch 'current' of https://github.com/vyos/vyos-1x into current
25 files changed, 936 insertions, 277 deletions
diff --git a/interface-definitions/ntp.xml b/interface-definitions/ntp.xml index d324404da..945345898 100644 --- a/interface-definitions/ntp.xml +++ b/interface-definitions/ntp.xml @@ -14,12 +14,6 @@ <help>Network Time Protocol (NTP) server</help> </properties> <children> - <leafNode name="dynamic"> - <properties> - <help>Allow server to be configured even if not reachable</help> - <valueless/> - </properties> - </leafNode> <leafNode name="noselect"> <properties> <help>Marks the server as unused</help> diff --git a/interface-definitions/pppoe-server.xml b/interface-definitions/pppoe-server.xml index 543ff1663..2fac4ec5a 100644 --- a/interface-definitions/pppoe-server.xml +++ b/interface-definitions/pppoe-server.xml @@ -8,6 +8,19 @@ <priority>900</priority> </properties> <children> + <node name="snmp"> + <properties> + <help>Enable SNMP</help> + </properties> + <children> + <leafNode name="master-agent"> + <properties> + <help>enable SNMP master agent mode</help> + <valueless /> + </properties> + </leafNode> + </children> + </node> <leafNode name="access-concentrator"> <properties> <help>Access concentrator name</help> @@ -51,22 +64,25 @@ </tagNode> </children> </node> - <leafNode name="mode"> + <node name="mode"> <properties> <help>Authentication mode for PPPoE Server</help> - <valueHelp> - <format>local</format> - <description>Use local username/password configuration</description> - </valueHelp> - <valueHelp> - <format>radius</format> - <description>Use Radius server to autenticate users</description> - </valueHelp> - <constraint> - <regex>^(local|radius)</regex> - </constraint> </properties> - </leafNode> + <children> + <leafNode name="local"> + <properties> + <help>Use local username/password configuration</help> + <valueless /> + </properties> + </leafNode> + <leafNode name="radius"> + <properties> + <help>Use Radius server to autenticate users</help> + <valueless /> + </properties> + </leafNode> + </children> + </node> <tagNode name="radius-server"> <properties> <help>IP address of radius server</help> @@ -76,13 +92,77 @@ </valueHelp> </properties> <children> - <leafNode name="key"> + <leafNode name="secret"> <properties> <help>Key for accessing the specified server</help> </properties> </leafNode> + <leafNode name="req-limit"> + <properties> + <help>maximum number of simultaneous requests to server (default: unlimited)</help> + </properties> + </leafNode> + <leafNode name="fail-time"> + <properties> + <help>if server doesn't responds mark it as unavailable for this amount of time in seconds</help> + </properties> + </leafNode> </children> </tagNode> + <node name="radius-settings"> + <properties> + <help>radius settings</help> + </properties> + <children> + <leafNode name="timeout"> + <properties> + <help>timeout to wait response from server (sec)</help> + </properties> + </leafNode> + <leafNode name="acct-timeout"> + <properties> + <help>timeout to wait reply for Interim-Update packets. (default 3 sec)</help> + </properties> + </leafNode> + <leafNode name="max-try"> + <properties> + <help>maximum number of tries to send Access-Request/Accounting-Request queries</help> + </properties> + </leafNode> + <leafNode name="nas-identifier"> + <properties> + <help>value to send to RADIUS server in NAS-Identifier attribute and to be matched in DM/CoA requests.</help> + </properties> + </leafNode> + <leafNode name="nas-ip-address"> + <properties> + <help>value to send to RADIUS server in NAS-IP-Address attribute and to be matched in DM/CoA requests. Also DM/CoA server will bind to that address.</help> + </properties> + </leafNode> + <node name="dae-server"> + <properties> + <help>IPv4 address and port to bind Dynamic Authorization Extension server (DM/CoA)</help> + </properties> + <children> + <leafNode name="ip-address"> + <properties> + <help>IP address for Dynamic Authorization Extension server (DM/CoA)</help> + </properties> + </leafNode> + <leafNode name="port"> + <properties> + <help>port for Dynamic Authorization Extension server (DM/CoA)</help> + </properties> + </leafNode> + <leafNode name="secret"> + <properties> + <help>secret for Dynamic Authorization Extension server (DM/CoA)</help> + </properties> + </leafNode> + </children> + </node> + </children> + </node> </children> </node> <node name="client-ip-pool"> @@ -108,14 +188,38 @@ </leafNode> </children> </node> + + <node name="client-ipv6-pool"> + <properties> + <help>pool of client IP space</help> + </properties> + <children> + <leafNode name="prefix"> + <properties> + <help>format: ipv6prefix/mask,prefix_len (e.g.: fc00:0:1::/48,64 - divides prefix into /64 subnets for clients)</help> + <multi /> + </properties> + </leafNode> + <leafNode name="delegate-prefix"> + <properties> + <help>format: ipv6prefix/mask,prefix_len (delegate to clients through DHCPv6 prefix delegation - rfc3633)</help> + <multi /> + </properties> + </leafNode> + </children> + </node> <node name="dns-servers"> <properties> - <help>Domain Name Service (DNS) server</help> + <help>IPv4 Domain Name Service (DNS) server</help> </properties> <children> <leafNode name="server-1"> <properties> <help>Primary DNS server</help> + <valueHelp> + <format>ipv4</format> + <description>IPv4 address</description> + </valueHelp> <constraint> <validator name="ipv4-address"/> </constraint> @@ -124,6 +228,10 @@ <leafNode name="server-2"> <properties> <help>Secondary DNS server</help> + <valueHelp> + <format>ipv4</format> + <description>IPv4 address</description> + </valueHelp> <constraint> <validator name="ipv4-address"/> </constraint> @@ -131,6 +239,49 @@ </leafNode> </children> </node> + <node name="dnsv6-servers"> + <properties> + <help>IPv6 Domain Name Service (DNS) server</help> + </properties> + <children> + <leafNode name="server-1"> + <properties> + <valueHelp> + <format>ipv6</format> + <description>IPv6 address</description> + </valueHelp> + <help>Primary DNS server</help> + <constraint> + <validator name="ipv6-address"/> + </constraint> + </properties> + </leafNode> + <leafNode name="server-2"> + <properties> + <valueHelp> + <format>ipv6</format> + <description>IPv6 address</description> + </valueHelp> + <help>Secondary DNS server</help> + <constraint> + <validator name="ipv6-address"/> + </constraint> + </properties> + </leafNode> + <leafNode name="server-3"> + <properties> + <valueHelp> + <format>ipv6</format> + <description>IPv6 address</description> + </valueHelp> + <help>Tertiary DNS server</help> + <constraint> + <validator name="ipv6-address"/> + </constraint> + </properties> + </leafNode> + </children> + </node> <leafNode name="interface"> <properties> <help>interface(s) to listen on</help> @@ -150,12 +301,38 @@ </leafNode> <leafNode name="mtu"> <properties> - <help>Maximum Transmission Unit (MTU) - default 1440</help> + <help>Maximum Transmission Unit (MTU) - default 1492</help> <constraint> <validator name="numeric" argument="--range 128-16384"/> </constraint> </properties> </leafNode> + <node name="limits"> + <properties> + <help>limits the connection rate from a single source</help> + </properties> + <children> + <leafNode name="connection-limit"> + <properties> + <help>acceptable rate of connections (e.g. 1/min, 60/sec)</help> + <constraint> + <regex>^[0-9]+\/(min|sec)$</regex> + </constraint> + <constraintErrorMessage>illegal value</constraintErrorMessage> + </properties> + </leafNode> + <leafNode name="burst"> + <properties> + <help>burst count</help> + </properties> + </leafNode> + <leafNode name="timeout"> + <properties> + <help>timeout in seconds</help> + </properties> + </leafNode> + </children> + </node> <node name="radius"> <properties> <help>RADIUS settings</help> @@ -207,6 +384,173 @@ </leafNode> </children> </node> + <node name="ppp-options"> + <children> + <leafNode name="min-mtu"> + <properties> + <help>minimum acceptable MTU (68-65535)</help> + <constraint> + <validator name="numeric" argument="--range 68-65535"/> + </constraint> + </properties> + </leafNode> + <leafNode name="mru"> + <properties> + <help>preferred MRU (68-65535)</help> + <constraint> + <validator name="numeric" argument="--range 68-65535"/> + </constraint> + </properties> + </leafNode> + <leafNode name="ccp"> + <properties> + <help>ccp negotiation (default disabled)</help> + <valueless /> + </properties> + </leafNode> + <node name="mppe"> + <properties> + <help>specifies mppe negotiation preference. (default prefer mppe)</help> + </properties> + <children> + <leafNode name="require"> + <properties> + <help>ask client for mppe, if it rejects drop connection</help> + <valueless /> + </properties> + </leafNode> + <leafNode name="prefer"> + <properties> + <help>ask client for mppe, if it rejects don't fail</help> + <valueless /> + </properties> + </leafNode> + <leafNode name="deny"> + <properties> + <help>deny mppe</help> + <valueless /> + </properties> + </leafNode> + </children> + </node> + <leafNode name="lcp-echo-interval"> + <properties> + <help>lcp echo-requests/sec</help> + <constraint> + <validator name="numeric" argument="--positive"/> + </constraint> + </properties> + </leafNode> + <leafNode name="lcp-echo-failure"> + <properties> + <help>maximum number of Echo-Requests may be sent without valid reply</help> + <constraint> + <validator name="numeric" argument="--positive"/> + </constraint> + </properties> + </leafNode> + <leafNode name="lcp-echo-timeout"> + <properties> + <help>timeout in seconds to wait for any peer activity. If this option specified it turns on adaptive lcp echo functionality and "lcp-echo-failure" is not used.</help> + <constraint> + <validator name="numeric" argument="--positive"/> + </constraint> + </properties> + </leafNode> + <leafNode name="ipv4"> + <properties> + <help>specify IPv4 (IPCP) negotiation algorithm</help> + <constraint> + <regex>^(deny|allow|prefer|require)</regex> + </constraint> + <constraintErrorMessage>invalid value</constraintErrorMessage> + <valueHelp> + <format>deny</format> + <description>don't negotiate IPv4</description> + </valueHelp> + <valueHelp> + <format>allow</format> + <description>negotiate IPv4 only if client requests</description> + </valueHelp> + <valueHelp> + <format>prefer</format> + <description>ask client for IPv4 negotiation, don't fail if he rejects</description> + </valueHelp> + <valueHelp> + <format>require</format> + <description>require IPv4 negotiation</description> + </valueHelp> + </properties> + </leafNode> + <leafNode name="ipv6"> + <properties> + <help>specify IPv6 (IPCP6) negotiation algorithm</help> + <constraint> + <regex>^(deny|allow|prefer|require)</regex> + </constraint> + <constraintErrorMessage>invalid value</constraintErrorMessage> + <valueHelp> + <format>deny</format> + <description>don't negotiate IPv6</description> + </valueHelp> + <valueHelp> + <format>allow</format> + <description>negotiate IPv6 only if client requests</description> + </valueHelp> + <valueHelp> + <format>prefer</format> + <description>ask client for IPv6 negotiation, don't fail if he rejects</description> + </valueHelp> + <valueHelp> + <format>require</format> + <description>require IPv6 negotiation</description> + </valueHelp> + </properties> + </leafNode> + <leafNode name="ipv6-intf-id"> + <properties> + <help>Specify fixed or random interface identifier for IPv6</help> + <valueHelp> + <format>random</format> + <description>specify random interface identifier for IPv6</description> + </valueHelp> + <valueHelp> + <format>x:x:x:x</format> + <description>specify interface identifier for IPv6</description> + </valueHelp> + </properties> + </leafNode> + <leafNode name="ipv6-peer-intf-id"> + <properties> + <help>specify peer interface identifier for IPv6</help> + <valueHelp> + <format>x:x:x:x</format> + <description>specify interface identifier for IPv6</description> + </valueHelp> + <valueHelp> + <format>random</format> + <description>specify a random interface identifier for IPv6</description> + </valueHelp> + <valueHelp> + <format>ipv4</format> + <description>calculate interface identifier from IPv4 address, for example 192:168:0:1</description> + </valueHelp> + <valueHelp> + <format>calling-sid</format> + <description>calculate interface identifier from calling-station-Id</description> + </valueHelp> + </properties> + </leafNode> + <leafNode name="ipv6-accept-peer-intf-id"> + <properties> + <help>accept peer's interface identifier</help> + <valueless /> + </properties> + </leafNode> + + + </children> + </node> </children> </node> </children> diff --git a/interface-definitions/syslog.xml b/interface-definitions/syslog.xml index aafa91b55..a1479128c 100644 --- a/interface-definitions/syslog.xml +++ b/interface-definitions/syslog.xml @@ -520,6 +520,21 @@ </leafNode> </children> </tagNode> + <node name="marker"> + <properties> + <help>mark messages sent to syslog</help> + </properties> + <children> + <leafNode name="interval"> + <properties> + <help>time interval how often a mark message is being sent in seconds (default: 1200)</help> + <constraint> + <validator name="numeric" argument="--positive"/> + </constraint> + </properties> + </leafNode> + </children> + </node> </children> </node> <tagNode name="file"> diff --git a/op-mode-definitions/dhcp.xml b/op-mode-definitions/dhcp.xml index eb57f8f1f..a7d09304e 100644 --- a/op-mode-definitions/dhcp.xml +++ b/op-mode-definitions/dhcp.xml @@ -83,7 +83,7 @@ <properties> <help>Restart the DHCP server process</help> </properties> - <command>sudo /opt/vyatta/sbin/dhcrelay-starter.pl --op-mode --init='/opt/vyatta/sbin/dhcrelay.init'</command> + <command>sudo ${vyos_op_scripts_dir}/restart_dhcp_relay.py --ipv4</command> </node> </children> </node> @@ -102,7 +102,7 @@ <properties> <help>Restart the DHCP server process</help> </properties> - <command>sudo /opt/vyatta/sbin/dhcv6relay-starter.pl --op_mode --config_action ACTIVE</command> + <command>sudo ${vyos_op_scripts_dir}/restart_dhcp_relay.py --ipv6</command> </node> </children> </node> diff --git a/op-mode-definitions/dns-forwarding.xml b/op-mode-definitions/dns-forwarding.xml index be71302cd..ac141174f 100644 --- a/op-mode-definitions/dns-forwarding.xml +++ b/op-mode-definitions/dns-forwarding.xml @@ -1,5 +1,4 @@ <?xml version="1.0"?> - <interfaceDefinition> <node name="show"> <children> @@ -38,7 +37,7 @@ </properties> <command>sudo ${vyos_op_scripts_dir}/dns_forwarding_restart.sh</command> </leafNode> - </children> + </children> </node> </children> </node> diff --git a/op-mode-definitions/dynamic-dns.xml b/op-mode-definitions/dynamic-dns.xml index 76c473fd7..6ea6482e1 100644 --- a/op-mode-definitions/dynamic-dns.xml +++ b/op-mode-definitions/dynamic-dns.xml @@ -1,5 +1,4 @@ <?xml version="1.0"?> - <interfaceDefinition> <node name="show"> <children> diff --git a/op-mode-definitions/poweroff.xml b/op-mode-definitions/poweroff.xml index e2483fefc..b4163bcb9 100644 --- a/op-mode-definitions/poweroff.xml +++ b/op-mode-definitions/poweroff.xml @@ -5,7 +5,6 @@ <help>Poweroff the system</help> </properties> <command>sudo ${vyos_op_scripts_dir}/powerctrl.py --poweroff</command> - <children> <leafNode name="now"> <properties> @@ -13,46 +12,41 @@ </properties> <command>sudo ${vyos_op_scripts_dir}/powerctrl.py --yes --poweroff</command> </leafNode> - <leafNode name="cancel"> <properties> <help>Cancel a pending poweroff</help> </properties> <command>sudo ${vyos_op_scripts_dir}/powerctrl.py --cancel</command> </leafNode> - - <tagNode name="in"> - <properties> - <help>Poweroff in X minutes</help> - <completionHelp> - <list><Minutes></list> - </completionHelp> - </properties> - <command>sudo ${vyos_op_scripts_dir}/powerctrl.py --yes --poweroff $3 $4</command> - - </tagNode> - - <tagNode name="at"> - <properties> - <help>Poweroff at a specific time</help> - <completionHelp> - <list><HH:MM></list> - </completionHelp> - </properties> - <command>sudo ${vyos_op_scripts_dir}/powerctrl.py --yes --poweroff $3</command> - <children> - <tagNode name="date"> - <properties> - <help>Poweroff at a specific date</help> - <completionHelp> - <list><DDMMYYYY> <DD/MM/YYYY> <DD.MM.YYYY> <DD:MM:YYYY></list> - </completionHelp> - </properties> - <command>sudo ${vyos_op_scripts_dir}/powerctrl.py --yes --poweroff $3 $5</command> - </tagNode> - </children> - </tagNode> - + <tagNode name="in"> + <properties> + <help>Poweroff in X minutes</help> + <completionHelp> + <list><Minutes></list> + </completionHelp> + </properties> + <command>sudo ${vyos_op_scripts_dir}/powerctrl.py --yes --poweroff $3 $4</command> + </tagNode> + <tagNode name="at"> + <properties> + <help>Poweroff at a specific time</help> + <completionHelp> + <list><HH:MM></list> + </completionHelp> + </properties> + <command>sudo ${vyos_op_scripts_dir}/powerctrl.py --yes --poweroff $3</command> + <children> + <tagNode name="date"> + <properties> + <help>Poweroff at a specific date</help> + <completionHelp> + <list><DDMMYYYY> <DD/MM/YYYY> <DD.MM.YYYY> <DD:MM:YYYY></list> + </completionHelp> + </properties> + <command>sudo ${vyos_op_scripts_dir}/powerctrl.py --yes --poweroff $3 $5</command> + </tagNode> + </children> + </tagNode> </children> </node> </interfaceDefinition> diff --git a/op-mode-definitions/pppoe-server.xml b/op-mode-definitions/pppoe-server.xml index 7595d6ecf..7c0b05484 100644 --- a/op-mode-definitions/pppoe-server.xml +++ b/op-mode-definitions/pppoe-server.xml @@ -26,7 +26,7 @@ <command>/usr/bin/accel-cmd 'pppoe interface show'</command> </leafNode> </children> - </node> + </node> </children> </node> </interfaceDefinition> diff --git a/op-mode-definitions/reboot.xml b/op-mode-definitions/reboot.xml index affdffd98..2c8daec5d 100644 --- a/op-mode-definitions/reboot.xml +++ b/op-mode-definitions/reboot.xml @@ -5,7 +5,6 @@ <help>Reboot the system</help> </properties> <command>sudo ${vyos_op_scripts_dir}/powerctrl.py --reboot</command> - <children> <leafNode name="now"> <properties> @@ -13,46 +12,41 @@ </properties> <command>sudo ${vyos_op_scripts_dir}/powerctrl.py --yes --reboot</command> </leafNode> - <leafNode name="cancel"> <properties> <help>Cancel a pending reboot</help> </properties> <command>sudo ${vyos_op_scripts_dir}/powerctrl.py --cancel</command> </leafNode> - - <tagNode name="in"> - <properties> - <help>Reboot in X minutes</help> - <completionHelp> - <list><Minutes></list> - </completionHelp> - </properties> - <command>sudo ${vyos_op_scripts_dir}/powerctrl.py --yes --reboot $3 $4</command> - - </tagNode> - - <tagNode name="at"> - <properties> - <help>Reboot at a specific time</help> - <completionHelp> - <list><HH:MM></list> - </completionHelp> - </properties> - <command>sudo ${vyos_op_scripts_dir}/powerctrl.py --yes --reboot $3</command> - <children> - <tagNode name="date"> - <properties> - <help>Reboot at a specific date</help> - <completionHelp> - <list><DDMMYYYY> <DD/MM/YYYY> <DD.MM.YYYY> <DD:MM:YYYY></list> - </completionHelp> - </properties> - <command>sudo ${vyos_op_scripts_dir}/powerctrl.py --yes --reboot $3 $5</command> - </tagNode> - </children> - </tagNode> - + <tagNode name="in"> + <properties> + <help>Reboot in X minutes</help> + <completionHelp> + <list><Minutes></list> + </completionHelp> + </properties> + <command>sudo ${vyos_op_scripts_dir}/powerctrl.py --yes --reboot $3 $4</command> + </tagNode> + <tagNode name="at"> + <properties> + <help>Reboot at a specific time</help> + <completionHelp> + <list><HH:MM></list> + </completionHelp> + </properties> + <command>sudo ${vyos_op_scripts_dir}/powerctrl.py --yes --reboot $3</command> + <children> + <tagNode name="date"> + <properties> + <help>Reboot at a specific date</help> + <completionHelp> + <list><DDMMYYYY> <DD/MM/YYYY> <DD.MM.YYYY> <DD:MM:YYYY></list> + </completionHelp> + </properties> + <command>sudo ${vyos_op_scripts_dir}/powerctrl.py --yes --reboot $3 $5</command> + </tagNode> + </children> + </tagNode> </children> </node> </interfaceDefinition> diff --git a/op-mode-definitions/show-arp.xml b/op-mode-definitions/show-arp.xml index 92c231c6f..ef3e399f8 100644 --- a/op-mode-definitions/show-arp.xml +++ b/op-mode-definitions/show-arp.xml @@ -2,24 +2,23 @@ <interfaceDefinition> <node name="show"> <children> - <node name="arp"> - <properties> - <help>Show Address Resolution Protocol (ARP) information</help> - </properties> - <command>/usr/sbin/arp -e -n</command> - <children> - <tagNode name="interface"> - <properties> - <help>Show Address Resolution Protocol (ARP) cache for specified interface</help> - <completionHelp> - <script>${vyos_completion_dir}/list_interfaces.py -b</script> - </completionHelp> - </properties> - <command>/usr/sbin/arp -e -n -i '$4'</command> - </tagNode> - </children> - </node> - + <node name="arp"> + <properties> + <help>Show Address Resolution Protocol (ARP) information</help> + </properties> + <command>/usr/sbin/arp -e -n</command> + <children> + <tagNode name="interface"> + <properties> + <help>Show Address Resolution Protocol (ARP) cache for specified interface</help> + <completionHelp> + <script>${vyos_completion_dir}/list_interfaces.py -b</script> + </completionHelp> + </properties> + <command>/usr/sbin/arp -e -n -i '$4'</command> + </tagNode> + </children> + </node> </children> </node> </interfaceDefinition> diff --git a/op-mode-definitions/show-bridge.xml b/op-mode-definitions/show-bridge.xml index b285e2288..8c1f7c398 100644 --- a/op-mode-definitions/show-bridge.xml +++ b/op-mode-definitions/show-bridge.xml @@ -30,8 +30,7 @@ <command>/sbin/brctl showstp $3</command> </leafNode> </children> - </tagNode> - + </tagNode> </children> </node> </interfaceDefinition> diff --git a/op-mode-definitions/show-configuration.xml b/op-mode-definitions/show-configuration.xml index 90c1533fb..318942ab0 100644 --- a/op-mode-definitions/show-configuration.xml +++ b/op-mode-definitions/show-configuration.xml @@ -2,38 +2,36 @@ <interfaceDefinition> <node name="show"> <children> - <node name="configuration"> - <properties> - <help>Show available saved configurations</help> - </properties> - <!-- no admin check --> - <command>cli-shell-api showCfg --show-active-only --show-hide-secrets</command> - - <children> - <node name="all"> - <properties> - <help>Show running configuration (including default values)</help> - </properties> - <!-- no admin check --> - <command>cli-shell-api showCfg --show-show-defaults --show-active-only --show-hide-secrets</command> - </node> - <node name="commands"> - <properties> - <help> Show running configuration as set commands </help> - </properties> - <!-- no admin check --> - <command>cli-shell-api showCfg --show-active-only | vyos-config-to-commands</command> - </node> - <node name="files"> - <properties> - <help> Show available saved configurations </help> - </properties> - <!-- no admin check --> - <command>${vyos_op_scripts_dir}/show_configuration_files.sh</command> - </node> - </children> - </node> - + <node name="configuration"> + <properties> + <help>Show available saved configurations</help> + </properties> + <!-- no admin check --> + <command>cli-shell-api showCfg --show-active-only --show-hide-secrets</command> + <children> + <node name="all"> + <properties> + <help>Show running configuration (including default values)</help> + </properties> + <!-- no admin check --> + <command>cli-shell-api showCfg --show-show-defaults --show-active-only --show-hide-secrets</command> + </node> + <node name="commands"> + <properties> + <help> Show running configuration as set commands </help> + </properties> + <!-- no admin check --> + <command>cli-shell-api showCfg --show-active-only | vyos-config-to-commands</command> + </node> + <node name="files"> + <properties> + <help> Show available saved configurations </help> + </properties> + <!-- no admin check --> + <command>${vyos_op_scripts_dir}/show_configuration_files.sh</command> + </node> + </children> + </node> </children> </node> </interfaceDefinition> diff --git a/op-mode-definitions/show-disk.xml b/op-mode-definitions/show-disk.xml index 8a8e35515..37da07fbe 100644 --- a/op-mode-definitions/show-disk.xml +++ b/op-mode-definitions/show-disk.xml @@ -2,23 +2,22 @@ <interfaceDefinition> <node name="show"> <children> - <tagNode name="disk"> - <properties> - <help>Show status of disk device</help> - <completionHelp> - <script>${vyos_completion_dir}/list_disks.sh</script> - </completionHelp> - </properties> - <children> - <leafNode name="format"> - <properties> - <help>Show disk drive formatting</help> - </properties> - <command>${vyos_op_scripts_dir}/show_disk_format.sh $3</command> - </leafNode> - </children> - </tagNode> - + <tagNode name="disk"> + <properties> + <help>Show status of disk device</help> + <completionHelp> + <script>${vyos_completion_dir}/list_disks.sh</script> + </completionHelp> + </properties> + <children> + <leafNode name="format"> + <properties> + <help>Show disk drive formatting</help> + </properties> + <command>${vyos_op_scripts_dir}/show_disk_format.sh $3</command> + </leafNode> + </children> + </tagNode> </children> </node> </interfaceDefinition> diff --git a/op-mode-definitions/show-hardware.xml b/op-mode-definitions/show-hardware.xml index 6cd912aea..a49036397 100644 --- a/op-mode-definitions/show-hardware.xml +++ b/op-mode-definitions/show-hardware.xml @@ -27,21 +27,18 @@ </node> </children> </node> - <node name="dmi"> <properties> <help>Show system DMI details</help> </properties> <command>${vyatta_bindir}/vyatta-show-dmi</command> </node> - <node name="mem"> <properties> <help>Show system RAM details</help> </properties> <command>cat /proc/meminfo</command> </node> - <node name="pci"> <properties> <help>Show system PCI bus details</help> @@ -56,8 +53,6 @@ </node> </children> </node> - - <node name="scsi"> <properties> <help>Show SCSI device information</help> @@ -72,7 +67,6 @@ </node> </children> </node> - <node name="usb"> <properties> <help>Show peripherals connected to the USB bus</help> @@ -87,7 +81,6 @@ </node> </children> </node> - </children> </node> </children> diff --git a/op-mode-definitions/show-host.xml b/op-mode-definitions/show-host.xml index b3ea129a2..d7f8104aa 100644 --- a/op-mode-definitions/show-host.xml +++ b/op-mode-definitions/show-host.xml @@ -2,36 +2,31 @@ <interfaceDefinition> <node name="show"> <children> - <node name="host"> - <properties> - <help>Show host information</help> - </properties> - <children> - <leafNode name="domain"> - <properties> - <help>Show domain name</help> - </properties> - <command>/bin/domainname -d</command> - </leafNode> - - <leafNode name="name"> - <properties> - <help>Show host name</help> - </properties> - <command>/bin/hostname</command> - </leafNode> - - <tagNode name="lookup"> - <properties> - <help>Lookup host information for hostname|IPv4 address</help> - </properties> - <command>/usr/bin/host $4</command> - </tagNode> - - - </children> - </node> - + <node name="host"> + <properties> + <help>Show host information</help> + </properties> + <children> + <leafNode name="domain"> + <properties> + <help>Show domain name</help> + </properties> + <command>/bin/domainname -d</command> + </leafNode> + <leafNode name="name"> + <properties> + <help>Show host name</help> + </properties> + <command>/bin/hostname</command> + </leafNode> + <tagNode name="lookup"> + <properties> + <help>Lookup host information for hostname|IPv4 address</help> + </properties> + <command>/usr/bin/host $4</command> + </tagNode> + </children> + </node> </children> </node> </interfaceDefinition> diff --git a/op-mode-definitions/show-ip-multicast.xml b/op-mode-definitions/show-ip-multicast.xml index 07102bfa6..6ffe40436 100644 --- a/op-mode-definitions/show-ip-multicast.xml +++ b/op-mode-definitions/show-ip-multicast.xml @@ -13,13 +13,13 @@ <properties> <help>Show multicast interfaces</help> </properties> - <command>if ps -C igmpproxy &>/dev/null; then ${vyos_op_scripts_dir}/show-igmpproxy.py --interface; else echo IGMP proxy not configured; fi</command> + <command>if ps -C igmpproxy &>/dev/null; then ${vyos_op_scripts_dir}/show_igmpproxy.py --interface; else echo IGMP proxy not configured; fi</command> </leafNode> <leafNode name="mfc"> <properties> <help>Show multicast fowarding cache</help> </properties> - <command>if ps -C igmpproxy &>/dev/null; then ${vyos_op_scripts_dir}/show-igmpproxy.py --mfc; else echo IGMP proxy not configured; fi</command> + <command>if ps -C igmpproxy &>/dev/null; then ${vyos_op_scripts_dir}/show_igmpproxy.py --mfc; else echo IGMP proxy not configured; fi</command> </leafNode> </children> </node> diff --git a/op-mode-definitions/show-ntp.xml b/op-mode-definitions/show-ntp.xml index 4f2f2192b..4db43b449 100644 --- a/op-mode-definitions/show-ntp.xml +++ b/op-mode-definitions/show-ntp.xml @@ -6,7 +6,7 @@ <properties> <help>Show peer status of NTP daemon</help> </properties> - <command>if ps -C ntpd &>/dev/null; then ntpdc -n -c peers; else echo NTP daemon disabled; fi</command> + <command>if ps -C ntpd &>/dev/null; then ntpdc -n -c peers; else echo NTP daemon disabled; fi</command> </node> <tagNode name="ntp"> <properties> diff --git a/src/conf_mode/accel_pppoe.py b/src/conf_mode/accel_pppoe.py index 4aea84c44..0ef22110f 100755 --- a/src/conf_mode/accel_pppoe.py +++ b/src/conf_mode/accel_pppoe.py @@ -45,15 +45,22 @@ pppoe_config = ''' log_syslog pppoe ippool +{% if client_ipv6_pool %} +ipv6pool +{% endif %} chap-secrets auth_pap auth_chap_md5 auth_mschap_v1 auth_mschap_v2 -pppd_compat -shaper +#pppd_compat +#shaper +{% if snmp == 'enable' or snmp == 'enable-ma' %} net-snmp +{% endif %} +{% if limits %} connlimit +{% endif %} {% if authentication['mode'] == 'radius' %} radius {% endif %} @@ -66,8 +73,10 @@ syslog=accel-pppoe,daemon copy=1 level=5 +{% if snmp == 'enable-ma' %} [snmp] master=1 +{% endif %} [client-ip-range] disable @@ -78,6 +87,16 @@ disable {% endif %} gw-ip-address={{ppp_gw}} +{% if client_ipv6_pool %} +[ipv6-pool] +{% for prfx in client_ipv6_pool['prefix']: %} +{{prfx}} +{% endfor %} +{% for prfx in client_ipv6_pool['delegate-prefix']: %} +delegate={{prfx}} +{% endfor %} +{% endif %} + {% if dns %} [dns] {% if dns[0] %} @@ -88,6 +107,13 @@ dns2={{dns[1]}} {% endif %} {% endif %} +{% if dnsv6 %} +[dnsv6] +{% for srv in dnsv6: %} +dns={{srv}} +{% endfor %} +{% endif %} + {% if wins %} [wins] {% if wins[0] %} @@ -106,27 +132,83 @@ chap-secrets=/etc/accel-ppp/pppoe/chap-secrets {% if authentication['mode'] == 'radius' %} [radius] {% for rsrv in authentication['radiussrv']: %} -server={{rsrv}},{{authentication['radiussrv'][rsrv]}} +server={{rsrv}},{{authentication['radiussrv'][rsrv]['secret']}},\ +req-limit={{authentication['radiussrv'][rsrv]['req-limit']}},\ +fail-time={{authentication['radiussrv'][rsrv]['fail-time']}} {% endfor %} -timeout=10 -acct-timeout=3 +{% if authentication['radiusopt']['timeout'] %} +timeout={{authentication['radiusopt']['timeout']}} +{% endif %} +{% if authentication['radiusopt']['acct-timeout'] %} +acct-timeout={{authentication['radiusopt']['acct-timeout']}} +{% endif %} +{% if authentication['radiusopt']['max-try'] %} +max-try={{authentication['radiusopt']['max-try']}} +{% endif %} +{% if authentication['radiusopt']['nas-id'] %} +nas-identifier={{authentication['radiusopt']['nas-id']}} +{% endif %} +{% if authentication['radiusopt']['nas-ip'] %} +nas-ip-address={{authentication['radiusopt']['nas-ip']}} +{% endif %} +{% if authentication['radiusopt']['dae-srv'] %} +dae-server={{authentication['radiusopt']['dae-srv']['ip-addr']}}:\ +{{authentication['radiusopt']['dae-srv']['port']}},\ +{{authentication['radiusopt']['dae-srv']['secret']}} +{% endif %} gw-ip-address={{ppp_gw}} verbose=1 {% endif %} [ppp] verbose=1 -min-mtu={{mtu}} -mtu={{mtu}} -mru=1400 -check-ip=1 -mppe=prefer -ipv4=require check-ip=1 single-session=replace +{% if ppp_options['ccp'] %} +ccp=1 +{% endif %} +{% if ppp_options['min-mtu'] %} +min-mtu={{ppp_options['min-mtu']}} +{% else %} +min-mtu={{mtu}} +{% endif %} +{% if ppp_options['mru'] %} +mru={{ppp_options['mru']}} +{% endif %} +{% if ppp_options['mppe'] %} +mppe={{ppp_options['mppe']}} +{% else %} mppe=prefer +{% endif %} +{% if ppp_options['lcp-echo-interval'] %} +lcp-echo-interval={{ppp_options['lcp-echo-interval']}} +{% else %} lcp-echo-interval=30 +{% endif %} +{% if ppp_options['lcp-echo-timeout'] %} +lcp-echo-timeout={{ppp_options['lcp-echo-timeout']}} +{% endif %} +{% if ppp_options['lcp-echo-failure'] %} +lcp-echo-failure={{ppp_options['lcp-echo-failure']}} +{% else %} lcp-echo-failure=3 +{% endif %} +{% if ppp_options['ipv4'] %} +ipv4={{ppp_options['ipv4']}} +{% endif %} +{% if ppp_options['ipv6'] %} +ipv6={{ppp_options['ipv6']}} +{% if ppp_options['ipv6-intf-id'] %} +ipv6-intf-id={{ppp_options['ipv6-intf-id']}} +{% endif %} +{% if ppp_options['ipv6-peer-intf-id'] %} +ipv6-peer-intf-id={{ppp_options['ipv6-peer-intf-id']}} +{% endif %} +{% if ppp_options['ipv6-accept-peer-intf-id'] %} +ipv6-accept-peer-intf-id={{ppp_options['ipv6-accept-peer-intf-id']}} +{% endif %} +{% endif %} +mtu={{mtu}} [pppoe] verbose=1 @@ -141,12 +223,15 @@ interface={{int}} {% if svc_name %} service-name={{svc_name}} {% endif %} +pado-delay=0 +# maybe: called-sid, tr101, padi-limit etc. - +{% if limits %} [connlimit] -limit=10/min -burst=3 -timeout=60 +limit={{limits['conn-limit']}} +burst={{limits['burst']}} +timeout={{limits['timeout']}} +{% endif %} [cli] tcp=127.0.0.1:2001 @@ -210,24 +295,30 @@ def get_config(): return None config_data = { - 'concentrator' : 'vyos-ac', - 'authentication' : { - 'local-users' : { + 'concentrator' : 'vyos-ac', + 'authentication' : { + 'local-users' : { }, - 'mode' : 'local', - 'radiussrv' : {} + 'mode' : 'local', + 'radiussrv' : {}, + 'radiusopt' : {} }, - 'client_ip_pool' : '', - 'interface' : [], - 'ppp_gw' : '', - 'svc_name' : '', - 'dns' : [], - 'wins' : [], - 'mtu' : '1492' + 'client_ip_pool' : '', + 'client_ipv6_pool' : {}, + 'interface' : [], + 'ppp_gw' : '', + 'svc_name' : '', + 'dns' : [], + 'dnsv6' : [], + 'wins' : [], + 'mtu' : '1492', + 'ppp_options' : {}, + 'limits' : {}, + 'snmp' : 'disable' } c.set_level('service pppoe-server') - + ### general options if c.exists('access-concentrator'): config_data['concentrator'] = c.return_value('access-concentrator') if c.exists('service-name'): @@ -241,6 +332,13 @@ def get_config(): config_data['dns'].append(c.return_value('dns-servers server-1')) if c.return_value('dns-servers server-2'): config_data['dns'].append(c.return_value('dns-servers server-2')) + if c.exists('dnsv6-servers'): + if c.return_value('dnsv6-servers server-1'): + config_data['dnsv6'].append(c.return_value('dnsv6-servers server-1')) + if c.return_value('dnsv6-servers server-2'): + config_data['dnsv6'].append(c.return_value('dnsv6-servers server-2')) + if c.return_value('dnsv6-servers server-3'): + config_data['dnsv6'].append(c.return_value('dnsv6-servers server-3')) if c.exists('wins-servers'): if c.return_value('wins-servers server-1'): config_data['wins'].append(c.return_value('wins-servers server-1')) @@ -253,42 +351,128 @@ def get_config(): config_data['client_ip_pool'] += '-' + re.search('[0-9]+$', c.return_value('client-ip-pool stop')).group(0) else: raise ConfigError('client ip pool stop required') + if c.exists('client-ipv6-pool prefix'): + config_data['client_ipv6_pool']['prefix'] = c.return_values('client-ipv6-pool prefix') + if c.exists('client-ipv6-pool delegate-prefix'): + config_data['client_ipv6_pool']['delegate-prefix'] = c.return_values('client-ipv6-pool delegate-prefix') + if c.exists('limits'): + if c.exists('limits burst'): + config_data['limits']['burst'] = str(c.return_value('limits burst')) + if c.exists('limits timeout'): + config_data['limits']['timeout'] = str(c.return_value('limits timeout')) + if c.exists('limits connection-limit'): + config_data['limits']['conn-limit'] = str(c.return_value('limits connection-limit')) + if c.exists('snmp'): + config_data['snmp'] = 'enable' + if c.exists('snmp master-agent'): + config_data['snmp'] = 'enable-ma' #### authentication mode local - if c.exists('authentication'): - if c.return_value('authentication mode') == 'local': - if c.exists('authentication local-users username'): - for usr in c.list_nodes('authentication local-users username'): - config_data['authentication']['local-users'].update( + + if c.exists('authentication mode local'): + if c.exists('authentication local-users username'): + for usr in c.list_nodes('authentication local-users username'): + config_data['authentication']['local-users'].update( + { + usr : { + 'passwd' : '', + 'state' : 'enabled', + 'ip' : '*' + } + } + ) + if c.exists('authentication local-users username ' + usr + ' password'): + config_data['authentication']['local-users'][usr]['passwd'] = c.return_value('authentication local-users username ' + usr + ' password') + if c.exists('authentication local-users username ' + usr + ' disable'): + config_data['authentication']['local-users'][usr]['state'] = 'disable' + if c.exists('authentication local-users username ' + usr + ' static-ip'): + config_data['authentication']['local-users'][usr]['ip'] = c.return_value('authentication local-users username ' + usr + ' static-ip') + + ### authentication mode radius servers and settings + + if c.exists('authentication mode radius'): + config_data['authentication']['mode'] = 'radius' + rsrvs = c.list_nodes('authentication radius-server') + for rsrv in rsrvs: + if c.return_value('authentication radius-server ' + rsrv + ' fail-time') == None: + ftime = '0' + else: + ftime = str(c.return_value('authentication radius-server ' + rsrv + ' fail-time')) + if c.return_value('authentication radius-server ' + rsrv + ' req-limit') == None: + reql = '0' + else: + reql = str(c.return_value('authentication radius-server ' + rsrv + ' req-limit')) + config_data['authentication']['radiussrv'].update( + { + rsrv : { + 'secret' : c.return_value('authentication radius-server ' + rsrv + ' secret'), + 'fail-time' : ftime, + 'req-limit' : reql + } + } + ) + + #### advanced radius-setting + if c.exists('authentication radius-settings'): + if c.exists('authentication radius-settings acct-timeout'): + config_data['authentication']['radiusopt']['acct-timeout'] = c.return_value('authentication radius-settings acct-timeout') + if c.exists('authentication radius-settings max-try'): + config_data['authentication']['radiusopt']['max-try'] = c.return_value('authentication radius-settings max-try') + if c.exists('authentication radius-settings timeout'): + config_data['authentication']['radiusopt']['timeout'] = c.return_value('authentication radius-settings timeout') + if c.exists('authentication radius-settings nas-identifier'): + config_data['authentication']['radiusopt']['nas-id'] = c.return_value('authentication radius-settings nas-identifier') + if c.exists('authentication radius-settings nas-ip-address'): + config_data['authentication']['radiusopt']['nas-ip'] = c.return_value('authentication radius-settings nas-ip-address') + if c.exists('authentication radius-settings dae-server'): + config_data['authentication']['radiusopt'].update( { - usr : { - 'passwd' : '', - 'state' : 'enabled', - 'ip' : '*' + 'dae-srv' : { + 'ip-addr' : c.return_value('authentication radius-settings dae-server ip-address'), + 'port' : c.return_value('authentication radius-settings dae-server port'), + 'secret' : str(c.return_value('authentication radius-settings dae-server secret')) } } ) - if c.exists('authentication local-users username ' + usr + ' password'): - config_data['authentication']['local-users'][usr]['passwd'] = c.return_value('authentication local-users username ' + usr + ' password') - if c.exists('authentication local-users username ' + usr + ' disable'): - config_data['authentication']['local-users'][usr]['state'] = 'disable' - if c.exists('authentication local-users username ' + usr + ' static-ip'): - config_data['authentication']['local-users'][usr]['ip'] = c.return_value('authentication local-users username ' + usr + ' static-ip') - - ### authentication mode radius - if c.return_value('authentication mode') == 'radius': - config_data['authentication']['mode'] = 'radius' - rsrvs = c.list_nodes('authentication radius-server') - for rsrv in rsrvs: - config_data['authentication']['radiussrv'].update( - { - rsrv : str(c.return_value('authentication radius-server ' + rsrv + ' key')) - } - ) if c.exists('mtu'): config_data['mtu'] = c.return_value('mtu') + ### ppp_options + ppp_options = {} + if c.exists('ppp-options'): + if c.exists('ppp-options ccp'): + ppp_options['ccp'] = c.return_value('ppp-options ccp') + if c.exists('ppp-options min-mtu'): + ppp_options['min-mtu'] = c.return_value('ppp-options min-mtu') + if c.exists('ppp-options mru'): + ppp_options['mru'] = c.return_value('ppp-options mru') + if c.exists('ppp-options mppe deny'): + ppp_options['mppe'] = 'deny' + if c.exists('ppp-options mppe require'): + ppp_options['mppe'] = 'requre' + if c.exists('ppp-options mppe prefer'): + ppp_options['mppe'] = 'prefer' + if c.exists('ppp-options lcp-echo-failure'): + ppp_options['lcp-echo-failure'] = c.return_value('ppp-options lcp-echo-failure') + if c.exists('ppp-options lcp-echo-interval'): + ppp_options['lcp-echo-interval'] = c.return_value('ppp-options lcp-echo-interval') + if c.exists('ppp-options ipv4'): + ppp_options['ipv4'] = c.return_value('ppp-options ipv4') + if c.exists('ppp-options ipv6'): + ppp_options['ipv6'] = c.return_value('ppp-options ipv6') + if c.exists('ppp-options ipv6-accept-peer-intf-id'): + ppp_options['ipv6-accept-peer-intf-id']= 1 + if c.exists('ppp-options ipv6-intf-id'): + ppp_options['ipv6-intf-id'] = c.return_value('ppp-options ipv6-intf-id') + if c.exists('ppp-options ipv6-peer-intf-id'): + ppp_options['ipv6-peer-intf-id'] = c.return_value('ppp-options ipv6-peer-intf-id') + if c.exists('ppp-options lcp-echo-timeout'): + ppp_options['lcp-echo-timeout'] = c.return_value('ppp-options lcp-echo-timeout') + + if len(ppp_options) !=0: + config_data['ppp_options'] = ppp_options + return config_data def verify(c): @@ -305,6 +489,9 @@ def verify(c): if c['authentication']['mode'] == 'radius': if len(c['authentication']['radiussrv']) == 0: raise ConfigError('radius server required') + for rsrv in c['authentication']['radiussrv']: + if c['authentication']['radiussrv'][rsrv]['secret'] == None: + raise ConfigError('radius server ' + rsrv + ' needs a secret configured') def generate(c): if c == None: @@ -347,11 +534,6 @@ def apply(c): accel_cmd('restart') sl.syslog(sl.LOG_NOTICE, "reloading config via daemon restart") - #if c['state'] == 'update': - # accel_cmd('restart') - # sl.syslog(sl.LOG_NOTICE, "reloading config via daemon restart") - # ## check that config reload actually works - if __name__ == '__main__': try: c = get_config() diff --git a/src/conf_mode/ntp.py b/src/conf_mode/ntp.py index 0abb2746a..68a046939 100755 --- a/src/conf_mode/ntp.py +++ b/src/conf_mode/ntp.py @@ -108,8 +108,6 @@ def get_config(): "name": node, "options": [] } - if conf.exists('server {0} dynamic'.format(node)): - options.append('dynamic') if conf.exists('server {0} noselect'.format(node)): options.append('noselect') if conf.exists('server {0} preempt'.format(node)): diff --git a/src/conf_mode/syslog.py b/src/conf_mode/syslog.py index f652cf3d0..f8f8d9457 100755 --- a/src/conf_mode/syslog.py +++ b/src/conf_mode/syslog.py @@ -30,6 +30,12 @@ from vyos import ConfigError configs = ''' ## generated by syslog.py ## ## file based logging +{% if files['global']['marker'] %} +$ModLoad immark +{% if files['global']['marker-interval'] %} +$MarkMessagePeriod {{files['global']['marker-interval']}} +{% endif %} +{% endif %} {% for file in files %} $outchannel {{file}},{{files[file]['log-file']}},{{files[file]['max-size']}},{{files[file]['action-on-max-size']}} {{files[file]['selectors']}} :omfile:${{file}} @@ -80,10 +86,10 @@ def get_config(): c.set_level('system syslog') config_data = { - 'files' : {}, + 'files' : {}, 'console' : {}, - 'hosts' : {}, - 'user' : {} + 'hosts' : {}, + 'user' : {} } ##### @@ -102,13 +108,16 @@ def get_config(): } ) + if c.exists('global marker'): + config_data['files']['global']['marker'] = True + if c.exists('global marker interval'): + config_data['files']['global']['marker-interval'] = c.return_value('global marker interval') if c.exists('global facility'): config_data['files']['global']['selectors'] = generate_selectors(c, 'global facility') if c.exists('global archive size'): config_data['files']['global']['max-size'] = int(c.return_value('global archive size'))* 1024 if c.exists('global archive files'): config_data['files']['global']['max-files'] = c.return_value('global archive files') - ### # set system syslog file ### @@ -217,14 +226,12 @@ def generate_selectors(c, config_node): def generate(c): tmpl = jinja2.Template(configs, trim_blocks=True) config_text = tmpl.render(c) - #print (config_text) with open('/etc/rsyslog.d/vyos-rsyslog.conf', 'w') as f: f.write(config_text) ## eventually write for each file its own logrotate file, since size is defined it shouldn't matter tmpl = jinja2.Template(logrotate_configs, trim_blocks=True) config_text = tmpl.render(c) - #print (config_text) with open('/etc/logrotate.d/vyos-rsyslog', 'w') as f: f.write(config_text) @@ -247,6 +254,7 @@ def verify(c): fac = ['*','auth','authpriv','cron','daemon','kern','lpr','mail','mark','news','protocols','security',\ 'syslog','user','uucp','local0','local1','local2','local3','local4','local5','local6','local7'] lvl = ['emerg','alert','crit','err','warning','notice','info','debug','*'] + for conf in c: if c[conf]: for item in c[conf]: diff --git a/src/migration-scripts/l2tp/0-to-1 b/src/migration-scripts/l2tp/0-to-1 index 65adbbe77..f6c716df1 100755 --- a/src/migration-scripts/l2tp/0-to-1 +++ b/src/migration-scripts/l2tp/0-to-1 @@ -1,7 +1,8 @@ #!/usr/bin/env python3 -# Delete "set service dhcp-relay relay-options port" option -# Delete "set service dhcpv6-relay listen-port" option +# Unclutter L2TP VPN configuiration - move radius-server top level tag +# nodes to a regular node which now also configures the radius source address +# used when querying a radius server import sys diff --git a/src/migration-scripts/ntp/0-to-1 b/src/migration-scripts/ntp/0-to-1 new file mode 100755 index 000000000..9c66f3109 --- /dev/null +++ b/src/migration-scripts/ntp/0-to-1 @@ -0,0 +1,36 @@ +#!/usr/bin/env python3 + +# Delete "set system ntp server <n> dynamic" option + +import sys + +from vyos.configtree import ConfigTree + +if (len(sys.argv) < 1): + print("Must specify file name!") + sys.exit(1) + +file_name = sys.argv[1] + +with open(file_name, 'r') as f: + config_file = f.read() + +config = ConfigTree(config_file) + +if not config.exists(['system', 'ntp']): + # Nothing to do + sys.exit(0) +else: + # Delete abandoned leaf node if found inside tag node for + # "set system ntp server <n> dynamic" + base = ['system', 'ntp', 'server'] + for server in config.list_nodes(base): + if config.exists(base + [server, 'dynamic']): + config.delete(base + [server, 'dynamic']) + + try: + with open(file_name, 'w') as f: + f.write(config.to_string()) + except OSError as e: + print("Failed to save the modified config: {}".format(e)) + sys.exit(1) diff --git a/src/migration-scripts/pptp/0-to-1 b/src/migration-scripts/pptp/0-to-1 new file mode 100755 index 000000000..d0c7a83b5 --- /dev/null +++ b/src/migration-scripts/pptp/0-to-1 @@ -0,0 +1,59 @@ +#!/usr/bin/env python3 + +# Unclutter PPTP VPN configuiration - move radius-server top level tag +# nodes to a regular node which now also configures the radius source address +# used when querying a radius server + +import sys + +from vyos.configtree import ConfigTree + +if (len(sys.argv) < 1): + print("Must specify file name!") + sys.exit(1) + +file_name = sys.argv[1] + +with open(file_name, 'r') as f: + config_file = f.read() + +config = ConfigTree(config_file) + +cfg_base = ['vpn', 'pptp', 'remote-access', 'authentication'] +if not config.exists(cfg_base): + # Nothing to do + sys.exit(0) +else: + # Migrate "vpn pptp authentication radius-source-address" to new + # "vpn pptp authentication radius source-address" + if config.exists(cfg_base + ['radius-source-address']): + address = config.return_value(cfg_base + ['radius-source-address']) + # delete old configuration node + config.delete(cfg_base + ['radius-source-address']) + # write new configuration node + config.set(cfg_base + ['radius', 'source-address'], value=address) + + # Migrate "vpn pptp authentication radius-server" tag node to new + # "vpn pptp authentication radius server" tag node + for server in config.list_nodes(cfg_base + ['radius-server']): + base_server = cfg_base + ['radius-server', server] + key = config.return_value(base_server + ['key']) + + # delete old configuration node + config.delete(base_server) + # write new configuration node + config.set(cfg_base + ['radius', 'server', server, 'key'], value=key) + + # format as tag node + config.set_tag(cfg_base + ['radius', 'server']) + + # delete top level tag node + if config.exists(cfg_base + ['radius-server']): + config.delete(cfg_base + ['radius-server']) + + try: + with open(file_name, 'w') as f: + f.write(config.to_string()) + except OSError as e: + print("Failed to save the modified config: {}".format(e)) + sys.exit(1) diff --git a/src/op_mode/restart_dhcp_relay.py b/src/op_mode/restart_dhcp_relay.py new file mode 100755 index 000000000..ab02d1eb3 --- /dev/null +++ b/src/op_mode/restart_dhcp_relay.py @@ -0,0 +1,53 @@ +#!/usr/bin/env python3 +# +# Copyright (C) 2018 VyOS maintainers and contributors +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 or later as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. + +# File: restart_dhcp_relay.py +# Purpose: +# Restart IPv4 and IPv6 DHCP relay instances of dhcrelay service + +import sys +import argparse +import os + +import vyos.config + +parser = argparse.ArgumentParser() +parser.add_argument("--ipv4", action="store_true", help="Restart IPv4 DHCP relay") +parser.add_argument("--ipv6", action="store_true", help="Restart IPv6 DHCP relay") + +if __name__ == '__main__': + args = parser.parse_args() + c = vyos.config.Config() + + if args.ipv4: + # Do nothing if service is not configured + if not c.exists_effective('service dhcp-relay'): + print("DHCP relay service not configured") + else: + os.system('sudo systemctl restart isc-dhcp-relay.service') + + sys.exit(0) + elif args.ipv6: + # Do nothing if service is not configured + if not c.exists_effective('service dhcpv6-relay'): + print("DHCPv6 relay service not configured") + else: + os.system('sudo systemctl restart isc-dhcpv6-relay.service') + + sys.exit(0) + else: + parser.print_help() + sys.exit(1) diff --git a/src/op_mode/show-igmpproxy.py b/src/op_mode/show_igmpproxy.py index a021fcdde..5ccc16287 100755 --- a/src/op_mode/show-igmpproxy.py +++ b/src/op_mode/show_igmpproxy.py @@ -14,7 +14,7 @@ # You should have received a copy of the GNU General Public License # along with this program. If not, see <http://www.gnu.org/licenses/>. -# File: show-igmpproxy +# File: show_igmpproxy.py # Purpose: # Display istatistics from IPv4 IGMP proxy. # Used by the "run show ip multicast" command tree. |