summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniil Baturin <daniil@baturin.org>2018-11-18 21:21:33 +0100
committerDaniil Baturin <daniil@baturin.org>2018-11-18 21:21:33 +0100
commitdcb207265472c2fed5fe13c1ba7091e5eea334a7 (patch)
tree8840e362818c5b0d6306ff5886ea3a05a4f088e0
parenteee479a836b5699df8105a23107bbb056541c436 (diff)
parent7115030c32f8545e8a2e3f21723952110690d32f (diff)
downloadvyos-1x-dcb207265472c2fed5fe13c1ba7091e5eea334a7.tar.gz
vyos-1x-dcb207265472c2fed5fe13c1ba7091e5eea334a7.zip
Merge branch 'current' of https://github.com/vyos/vyos-1x into current
-rw-r--r--interface-definitions/ntp.xml6
-rw-r--r--interface-definitions/pppoe-server.xml376
-rw-r--r--interface-definitions/syslog.xml15
-rw-r--r--op-mode-definitions/dhcp.xml4
-rw-r--r--op-mode-definitions/dns-forwarding.xml3
-rw-r--r--op-mode-definitions/dynamic-dns.xml1
-rw-r--r--op-mode-definitions/poweroff.xml64
-rw-r--r--op-mode-definitions/pppoe-server.xml2
-rw-r--r--op-mode-definitions/reboot.xml64
-rw-r--r--op-mode-definitions/show-arp.xml35
-rw-r--r--op-mode-definitions/show-bridge.xml3
-rw-r--r--op-mode-definitions/show-configuration.xml62
-rw-r--r--op-mode-definitions/show-disk.xml33
-rw-r--r--op-mode-definitions/show-hardware.xml7
-rw-r--r--op-mode-definitions/show-host.xml55
-rw-r--r--op-mode-definitions/show-ip-multicast.xml4
-rw-r--r--op-mode-definitions/show-ntp.xml2
-rwxr-xr-xsrc/conf_mode/accel_pppoe.py300
-rwxr-xr-xsrc/conf_mode/ntp.py2
-rwxr-xr-xsrc/conf_mode/syslog.py20
-rwxr-xr-xsrc/migration-scripts/l2tp/0-to-15
-rwxr-xr-xsrc/migration-scripts/ntp/0-to-136
-rwxr-xr-xsrc/migration-scripts/pptp/0-to-159
-rwxr-xr-xsrc/op_mode/restart_dhcp_relay.py53
-rwxr-xr-xsrc/op_mode/show_igmpproxy.py (renamed from src/op_mode/show-igmpproxy.py)2
25 files changed, 936 insertions, 277 deletions
diff --git a/interface-definitions/ntp.xml b/interface-definitions/ntp.xml
index d324404da..945345898 100644
--- a/interface-definitions/ntp.xml
+++ b/interface-definitions/ntp.xml
@@ -14,12 +14,6 @@
<help>Network Time Protocol (NTP) server</help>
</properties>
<children>
- <leafNode name="dynamic">
- <properties>
- <help>Allow server to be configured even if not reachable</help>
- <valueless/>
- </properties>
- </leafNode>
<leafNode name="noselect">
<properties>
<help>Marks the server as unused</help>
diff --git a/interface-definitions/pppoe-server.xml b/interface-definitions/pppoe-server.xml
index 543ff1663..2fac4ec5a 100644
--- a/interface-definitions/pppoe-server.xml
+++ b/interface-definitions/pppoe-server.xml
@@ -8,6 +8,19 @@
<priority>900</priority>
</properties>
<children>
+ <node name="snmp">
+ <properties>
+ <help>Enable SNMP</help>
+ </properties>
+ <children>
+ <leafNode name="master-agent">
+ <properties>
+ <help>enable SNMP master agent mode</help>
+ <valueless />
+ </properties>
+ </leafNode>
+ </children>
+ </node>
<leafNode name="access-concentrator">
<properties>
<help>Access concentrator name</help>
@@ -51,22 +64,25 @@
</tagNode>
</children>
</node>
- <leafNode name="mode">
+ <node name="mode">
<properties>
<help>Authentication mode for PPPoE Server</help>
- <valueHelp>
- <format>local</format>
- <description>Use local username/password configuration</description>
- </valueHelp>
- <valueHelp>
- <format>radius</format>
- <description>Use Radius server to autenticate users</description>
- </valueHelp>
- <constraint>
- <regex>^(local|radius)</regex>
- </constraint>
</properties>
- </leafNode>
+ <children>
+ <leafNode name="local">
+ <properties>
+ <help>Use local username/password configuration</help>
+ <valueless />
+ </properties>
+ </leafNode>
+ <leafNode name="radius">
+ <properties>
+ <help>Use Radius server to autenticate users</help>
+ <valueless />
+ </properties>
+ </leafNode>
+ </children>
+ </node>
<tagNode name="radius-server">
<properties>
<help>IP address of radius server</help>
@@ -76,13 +92,77 @@
</valueHelp>
</properties>
<children>
- <leafNode name="key">
+ <leafNode name="secret">
<properties>
<help>Key for accessing the specified server</help>
</properties>
</leafNode>
+ <leafNode name="req-limit">
+ <properties>
+ <help>maximum number of simultaneous requests to server (default: unlimited)</help>
+ </properties>
+ </leafNode>
+ <leafNode name="fail-time">
+ <properties>
+ <help>if server doesn't responds mark it as unavailable for this amount of time in seconds</help>
+ </properties>
+ </leafNode>
</children>
</tagNode>
+ <node name="radius-settings">
+ <properties>
+ <help>radius settings</help>
+ </properties>
+ <children>
+ <leafNode name="timeout">
+ <properties>
+ <help>timeout to wait response from server (sec)</help>
+ </properties>
+ </leafNode>
+ <leafNode name="acct-timeout">
+ <properties>
+ <help>timeout to wait reply for Interim-Update packets. (default 3 sec)</help>
+ </properties>
+ </leafNode>
+ <leafNode name="max-try">
+ <properties>
+ <help>maximum number of tries to send Access-Request/Accounting-Request queries</help>
+ </properties>
+ </leafNode>
+ <leafNode name="nas-identifier">
+ <properties>
+ <help>value to send to RADIUS server in NAS-Identifier attribute and to be matched in DM/CoA requests.</help>
+ </properties>
+ </leafNode>
+ <leafNode name="nas-ip-address">
+ <properties>
+ <help>value to send to RADIUS server in NAS-IP-Address attribute and to be matched in DM/CoA requests. Also DM/CoA server will bind to that address.</help>
+ </properties>
+ </leafNode>
+ <node name="dae-server">
+ <properties>
+ <help>IPv4 address and port to bind Dynamic Authorization Extension server (DM/CoA)</help>
+ </properties>
+ <children>
+ <leafNode name="ip-address">
+ <properties>
+ <help>IP address for Dynamic Authorization Extension server (DM/CoA)</help>
+ </properties>
+ </leafNode>
+ <leafNode name="port">
+ <properties>
+ <help>port for Dynamic Authorization Extension server (DM/CoA)</help>
+ </properties>
+ </leafNode>
+ <leafNode name="secret">
+ <properties>
+ <help>secret for Dynamic Authorization Extension server (DM/CoA)</help>
+ </properties>
+ </leafNode>
+ </children>
+ </node>
+ </children>
+ </node>
</children>
</node>
<node name="client-ip-pool">
@@ -108,14 +188,38 @@
</leafNode>
</children>
</node>
+
+ <node name="client-ipv6-pool">
+ <properties>
+ <help>pool of client IP space</help>
+ </properties>
+ <children>
+ <leafNode name="prefix">
+ <properties>
+ <help>format: ipv6prefix/mask,prefix_len (e.g.: fc00:0:1::/48,64 - divides prefix into /64 subnets for clients)</help>
+ <multi />
+ </properties>
+ </leafNode>
+ <leafNode name="delegate-prefix">
+ <properties>
+ <help>format: ipv6prefix/mask,prefix_len (delegate to clients through DHCPv6 prefix delegation - rfc3633)</help>
+ <multi />
+ </properties>
+ </leafNode>
+ </children>
+ </node>
<node name="dns-servers">
<properties>
- <help>Domain Name Service (DNS) server</help>
+ <help>IPv4 Domain Name Service (DNS) server</help>
</properties>
<children>
<leafNode name="server-1">
<properties>
<help>Primary DNS server</help>
+ <valueHelp>
+ <format>ipv4</format>
+ <description>IPv4 address</description>
+ </valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
@@ -124,6 +228,10 @@
<leafNode name="server-2">
<properties>
<help>Secondary DNS server</help>
+ <valueHelp>
+ <format>ipv4</format>
+ <description>IPv4 address</description>
+ </valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
@@ -131,6 +239,49 @@
</leafNode>
</children>
</node>
+ <node name="dnsv6-servers">
+ <properties>
+ <help>IPv6 Domain Name Service (DNS) server</help>
+ </properties>
+ <children>
+ <leafNode name="server-1">
+ <properties>
+ <valueHelp>
+ <format>ipv6</format>
+ <description>IPv6 address</description>
+ </valueHelp>
+ <help>Primary DNS server</help>
+ <constraint>
+ <validator name="ipv6-address"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ <leafNode name="server-2">
+ <properties>
+ <valueHelp>
+ <format>ipv6</format>
+ <description>IPv6 address</description>
+ </valueHelp>
+ <help>Secondary DNS server</help>
+ <constraint>
+ <validator name="ipv6-address"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ <leafNode name="server-3">
+ <properties>
+ <valueHelp>
+ <format>ipv6</format>
+ <description>IPv6 address</description>
+ </valueHelp>
+ <help>Tertiary DNS server</help>
+ <constraint>
+ <validator name="ipv6-address"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ </children>
+ </node>
<leafNode name="interface">
<properties>
<help>interface(s) to listen on</help>
@@ -150,12 +301,38 @@
</leafNode>
<leafNode name="mtu">
<properties>
- <help>Maximum Transmission Unit (MTU) - default 1440</help>
+ <help>Maximum Transmission Unit (MTU) - default 1492</help>
<constraint>
<validator name="numeric" argument="--range 128-16384"/>
</constraint>
</properties>
</leafNode>
+ <node name="limits">
+ <properties>
+ <help>limits the connection rate from a single source</help>
+ </properties>
+ <children>
+ <leafNode name="connection-limit">
+ <properties>
+ <help>acceptable rate of connections (e.g. 1/min, 60/sec)</help>
+ <constraint>
+ <regex>^[0-9]+\/(min|sec)$</regex>
+ </constraint>
+ <constraintErrorMessage>illegal value</constraintErrorMessage>
+ </properties>
+ </leafNode>
+ <leafNode name="burst">
+ <properties>
+ <help>burst count</help>
+ </properties>
+ </leafNode>
+ <leafNode name="timeout">
+ <properties>
+ <help>timeout in seconds</help>
+ </properties>
+ </leafNode>
+ </children>
+ </node>
<node name="radius">
<properties>
<help>RADIUS settings</help>
@@ -207,6 +384,173 @@
</leafNode>
</children>
</node>
+ <node name="ppp-options">
+ <children>
+ <leafNode name="min-mtu">
+ <properties>
+ <help>minimum acceptable MTU (68-65535)</help>
+ <constraint>
+ <validator name="numeric" argument="--range 68-65535"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ <leafNode name="mru">
+ <properties>
+ <help>preferred MRU (68-65535)</help>
+ <constraint>
+ <validator name="numeric" argument="--range 68-65535"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ <leafNode name="ccp">
+ <properties>
+ <help>ccp negotiation (default disabled)</help>
+ <valueless />
+ </properties>
+ </leafNode>
+ <node name="mppe">
+ <properties>
+ <help>specifies mppe negotiation preference. (default prefer mppe)</help>
+ </properties>
+ <children>
+ <leafNode name="require">
+ <properties>
+ <help>ask client for mppe, if it rejects drop connection</help>
+ <valueless />
+ </properties>
+ </leafNode>
+ <leafNode name="prefer">
+ <properties>
+ <help>ask client for mppe, if it rejects don't fail</help>
+ <valueless />
+ </properties>
+ </leafNode>
+ <leafNode name="deny">
+ <properties>
+ <help>deny mppe</help>
+ <valueless />
+ </properties>
+ </leafNode>
+ </children>
+ </node>
+ <leafNode name="lcp-echo-interval">
+ <properties>
+ <help>lcp echo-requests/sec</help>
+ <constraint>
+ <validator name="numeric" argument="--positive"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ <leafNode name="lcp-echo-failure">
+ <properties>
+ <help>maximum number of Echo-Requests may be sent without valid reply</help>
+ <constraint>
+ <validator name="numeric" argument="--positive"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ <leafNode name="lcp-echo-timeout">
+ <properties>
+ <help>timeout in seconds to wait for any peer activity. If this option specified it turns on adaptive lcp echo functionality and "lcp-echo-failure" is not used.</help>
+ <constraint>
+ <validator name="numeric" argument="--positive"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ <leafNode name="ipv4">
+ <properties>
+ <help>specify IPv4 (IPCP) negotiation algorithm</help>
+ <constraint>
+ <regex>^(deny|allow|prefer|require)</regex>
+ </constraint>
+ <constraintErrorMessage>invalid value</constraintErrorMessage>
+ <valueHelp>
+ <format>deny</format>
+ <description>don't negotiate IPv4</description>
+ </valueHelp>
+ <valueHelp>
+ <format>allow</format>
+ <description>negotiate IPv4 only if client requests</description>
+ </valueHelp>
+ <valueHelp>
+ <format>prefer</format>
+ <description>ask client for IPv4 negotiation, don't fail if he rejects</description>
+ </valueHelp>
+ <valueHelp>
+ <format>require</format>
+ <description>require IPv4 negotiation</description>
+ </valueHelp>
+ </properties>
+ </leafNode>
+ <leafNode name="ipv6">
+ <properties>
+ <help>specify IPv6 (IPCP6) negotiation algorithm</help>
+ <constraint>
+ <regex>^(deny|allow|prefer|require)</regex>
+ </constraint>
+ <constraintErrorMessage>invalid value</constraintErrorMessage>
+ <valueHelp>
+ <format>deny</format>
+ <description>don't negotiate IPv6</description>
+ </valueHelp>
+ <valueHelp>
+ <format>allow</format>
+ <description>negotiate IPv6 only if client requests</description>
+ </valueHelp>
+ <valueHelp>
+ <format>prefer</format>
+ <description>ask client for IPv6 negotiation, don't fail if he rejects</description>
+ </valueHelp>
+ <valueHelp>
+ <format>require</format>
+ <description>require IPv6 negotiation</description>
+ </valueHelp>
+ </properties>
+ </leafNode>
+ <leafNode name="ipv6-intf-id">
+ <properties>
+ <help>Specify fixed or random interface identifier for IPv6</help>
+ <valueHelp>
+ <format>random</format>
+ <description>specify random interface identifier for IPv6</description>
+ </valueHelp>
+ <valueHelp>
+ <format>x:x:x:x</format>
+ <description>specify interface identifier for IPv6</description>
+ </valueHelp>
+ </properties>
+ </leafNode>
+ <leafNode name="ipv6-peer-intf-id">
+ <properties>
+ <help>specify peer interface identifier for IPv6</help>
+ <valueHelp>
+ <format>x:x:x:x</format>
+ <description>specify interface identifier for IPv6</description>
+ </valueHelp>
+ <valueHelp>
+ <format>random</format>
+ <description>specify a random interface identifier for IPv6</description>
+ </valueHelp>
+ <valueHelp>
+ <format>ipv4</format>
+ <description>calculate interface identifier from IPv4 address, for example 192:168:0:1</description>
+ </valueHelp>
+ <valueHelp>
+ <format>calling-sid</format>
+ <description>calculate interface identifier from calling-station-Id</description>
+ </valueHelp>
+ </properties>
+ </leafNode>
+ <leafNode name="ipv6-accept-peer-intf-id">
+ <properties>
+ <help>accept peer's interface identifier</help>
+ <valueless />
+ </properties>
+ </leafNode>
+
+
+ </children>
+ </node>
</children>
</node>
</children>
diff --git a/interface-definitions/syslog.xml b/interface-definitions/syslog.xml
index aafa91b55..a1479128c 100644
--- a/interface-definitions/syslog.xml
+++ b/interface-definitions/syslog.xml
@@ -520,6 +520,21 @@
</leafNode>
</children>
</tagNode>
+ <node name="marker">
+ <properties>
+ <help>mark messages sent to syslog</help>
+ </properties>
+ <children>
+ <leafNode name="interval">
+ <properties>
+ <help>time interval how often a mark message is being sent in seconds (default: 1200)</help>
+ <constraint>
+ <validator name="numeric" argument="--positive"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ </children>
+ </node>
</children>
</node>
<tagNode name="file">
diff --git a/op-mode-definitions/dhcp.xml b/op-mode-definitions/dhcp.xml
index eb57f8f1f..a7d09304e 100644
--- a/op-mode-definitions/dhcp.xml
+++ b/op-mode-definitions/dhcp.xml
@@ -83,7 +83,7 @@
<properties>
<help>Restart the DHCP server process</help>
</properties>
- <command>sudo /opt/vyatta/sbin/dhcrelay-starter.pl --op-mode --init='/opt/vyatta/sbin/dhcrelay.init'</command>
+ <command>sudo ${vyos_op_scripts_dir}/restart_dhcp_relay.py --ipv4</command>
</node>
</children>
</node>
@@ -102,7 +102,7 @@
<properties>
<help>Restart the DHCP server process</help>
</properties>
- <command>sudo /opt/vyatta/sbin/dhcv6relay-starter.pl --op_mode --config_action ACTIVE</command>
+ <command>sudo ${vyos_op_scripts_dir}/restart_dhcp_relay.py --ipv6</command>
</node>
</children>
</node>
diff --git a/op-mode-definitions/dns-forwarding.xml b/op-mode-definitions/dns-forwarding.xml
index be71302cd..ac141174f 100644
--- a/op-mode-definitions/dns-forwarding.xml
+++ b/op-mode-definitions/dns-forwarding.xml
@@ -1,5 +1,4 @@
<?xml version="1.0"?>
-
<interfaceDefinition>
<node name="show">
<children>
@@ -38,7 +37,7 @@
</properties>
<command>sudo ${vyos_op_scripts_dir}/dns_forwarding_restart.sh</command>
</leafNode>
- </children>
+ </children>
</node>
</children>
</node>
diff --git a/op-mode-definitions/dynamic-dns.xml b/op-mode-definitions/dynamic-dns.xml
index 76c473fd7..6ea6482e1 100644
--- a/op-mode-definitions/dynamic-dns.xml
+++ b/op-mode-definitions/dynamic-dns.xml
@@ -1,5 +1,4 @@
<?xml version="1.0"?>
-
<interfaceDefinition>
<node name="show">
<children>
diff --git a/op-mode-definitions/poweroff.xml b/op-mode-definitions/poweroff.xml
index e2483fefc..b4163bcb9 100644
--- a/op-mode-definitions/poweroff.xml
+++ b/op-mode-definitions/poweroff.xml
@@ -5,7 +5,6 @@
<help>Poweroff the system</help>
</properties>
<command>sudo ${vyos_op_scripts_dir}/powerctrl.py --poweroff</command>
-
<children>
<leafNode name="now">
<properties>
@@ -13,46 +12,41 @@
</properties>
<command>sudo ${vyos_op_scripts_dir}/powerctrl.py --yes --poweroff</command>
</leafNode>
-
<leafNode name="cancel">
<properties>
<help>Cancel a pending poweroff</help>
</properties>
<command>sudo ${vyos_op_scripts_dir}/powerctrl.py --cancel</command>
</leafNode>
-
- <tagNode name="in">
- <properties>
- <help>Poweroff in X minutes</help>
- <completionHelp>
- <list>&lt;Minutes&gt;</list>
- </completionHelp>
- </properties>
- <command>sudo ${vyos_op_scripts_dir}/powerctrl.py --yes --poweroff $3 $4</command>
-
- </tagNode>
-
- <tagNode name="at">
- <properties>
- <help>Poweroff at a specific time</help>
- <completionHelp>
- <list>&lt;HH:MM&gt;</list>
- </completionHelp>
- </properties>
- <command>sudo ${vyos_op_scripts_dir}/powerctrl.py --yes --poweroff $3</command>
- <children>
- <tagNode name="date">
- <properties>
- <help>Poweroff at a specific date</help>
- <completionHelp>
- <list>&lt;DDMMYYYY&gt; &lt;DD/MM/YYYY&gt; &lt;DD.MM.YYYY&gt; &lt;DD:MM:YYYY&gt;</list>
- </completionHelp>
- </properties>
- <command>sudo ${vyos_op_scripts_dir}/powerctrl.py --yes --poweroff $3 $5</command>
- </tagNode>
- </children>
- </tagNode>
-
+ <tagNode name="in">
+ <properties>
+ <help>Poweroff in X minutes</help>
+ <completionHelp>
+ <list>&lt;Minutes&gt;</list>
+ </completionHelp>
+ </properties>
+ <command>sudo ${vyos_op_scripts_dir}/powerctrl.py --yes --poweroff $3 $4</command>
+ </tagNode>
+ <tagNode name="at">
+ <properties>
+ <help>Poweroff at a specific time</help>
+ <completionHelp>
+ <list>&lt;HH:MM&gt;</list>
+ </completionHelp>
+ </properties>
+ <command>sudo ${vyos_op_scripts_dir}/powerctrl.py --yes --poweroff $3</command>
+ <children>
+ <tagNode name="date">
+ <properties>
+ <help>Poweroff at a specific date</help>
+ <completionHelp>
+ <list>&lt;DDMMYYYY&gt; &lt;DD/MM/YYYY&gt; &lt;DD.MM.YYYY&gt; &lt;DD:MM:YYYY&gt;</list>
+ </completionHelp>
+ </properties>
+ <command>sudo ${vyos_op_scripts_dir}/powerctrl.py --yes --poweroff $3 $5</command>
+ </tagNode>
+ </children>
+ </tagNode>
</children>
</node>
</interfaceDefinition>
diff --git a/op-mode-definitions/pppoe-server.xml b/op-mode-definitions/pppoe-server.xml
index 7595d6ecf..7c0b05484 100644
--- a/op-mode-definitions/pppoe-server.xml
+++ b/op-mode-definitions/pppoe-server.xml
@@ -26,7 +26,7 @@
<command>/usr/bin/accel-cmd 'pppoe interface show'</command>
</leafNode>
</children>
- </node>
+ </node>
</children>
</node>
</interfaceDefinition>
diff --git a/op-mode-definitions/reboot.xml b/op-mode-definitions/reboot.xml
index affdffd98..2c8daec5d 100644
--- a/op-mode-definitions/reboot.xml
+++ b/op-mode-definitions/reboot.xml
@@ -5,7 +5,6 @@
<help>Reboot the system</help>
</properties>
<command>sudo ${vyos_op_scripts_dir}/powerctrl.py --reboot</command>
-
<children>
<leafNode name="now">
<properties>
@@ -13,46 +12,41 @@
</properties>
<command>sudo ${vyos_op_scripts_dir}/powerctrl.py --yes --reboot</command>
</leafNode>
-
<leafNode name="cancel">
<properties>
<help>Cancel a pending reboot</help>
</properties>
<command>sudo ${vyos_op_scripts_dir}/powerctrl.py --cancel</command>
</leafNode>
-
- <tagNode name="in">
- <properties>
- <help>Reboot in X minutes</help>
- <completionHelp>
- <list>&lt;Minutes&gt;</list>
- </completionHelp>
- </properties>
- <command>sudo ${vyos_op_scripts_dir}/powerctrl.py --yes --reboot $3 $4</command>
-
- </tagNode>
-
- <tagNode name="at">
- <properties>
- <help>Reboot at a specific time</help>
- <completionHelp>
- <list>&lt;HH:MM&gt;</list>
- </completionHelp>
- </properties>
- <command>sudo ${vyos_op_scripts_dir}/powerctrl.py --yes --reboot $3</command>
- <children>
- <tagNode name="date">
- <properties>
- <help>Reboot at a specific date</help>
- <completionHelp>
- <list>&lt;DDMMYYYY&gt; &lt;DD/MM/YYYY&gt; &lt;DD.MM.YYYY&gt; &lt;DD:MM:YYYY&gt;</list>
- </completionHelp>
- </properties>
- <command>sudo ${vyos_op_scripts_dir}/powerctrl.py --yes --reboot $3 $5</command>
- </tagNode>
- </children>
- </tagNode>
-
+ <tagNode name="in">
+ <properties>
+ <help>Reboot in X minutes</help>
+ <completionHelp>
+ <list>&lt;Minutes&gt;</list>
+ </completionHelp>
+ </properties>
+ <command>sudo ${vyos_op_scripts_dir}/powerctrl.py --yes --reboot $3 $4</command>
+ </tagNode>
+ <tagNode name="at">
+ <properties>
+ <help>Reboot at a specific time</help>
+ <completionHelp>
+ <list>&lt;HH:MM&gt;</list>
+ </completionHelp>
+ </properties>
+ <command>sudo ${vyos_op_scripts_dir}/powerctrl.py --yes --reboot $3</command>
+ <children>
+ <tagNode name="date">
+ <properties>
+ <help>Reboot at a specific date</help>
+ <completionHelp>
+ <list>&lt;DDMMYYYY&gt; &lt;DD/MM/YYYY&gt; &lt;DD.MM.YYYY&gt; &lt;DD:MM:YYYY&gt;</list>
+ </completionHelp>
+ </properties>
+ <command>sudo ${vyos_op_scripts_dir}/powerctrl.py --yes --reboot $3 $5</command>
+ </tagNode>
+ </children>
+ </tagNode>
</children>
</node>
</interfaceDefinition>
diff --git a/op-mode-definitions/show-arp.xml b/op-mode-definitions/show-arp.xml
index 92c231c6f..ef3e399f8 100644
--- a/op-mode-definitions/show-arp.xml
+++ b/op-mode-definitions/show-arp.xml
@@ -2,24 +2,23 @@
<interfaceDefinition>
<node name="show">
<children>
- <node name="arp">
- <properties>
- <help>Show Address Resolution Protocol (ARP) information</help>
- </properties>
- <command>/usr/sbin/arp -e -n</command>
- <children>
- <tagNode name="interface">
- <properties>
- <help>Show Address Resolution Protocol (ARP) cache for specified interface</help>
- <completionHelp>
- <script>${vyos_completion_dir}/list_interfaces.py -b</script>
- </completionHelp>
- </properties>
- <command>/usr/sbin/arp -e -n -i '$4'</command>
- </tagNode>
- </children>
- </node>
-
+ <node name="arp">
+ <properties>
+ <help>Show Address Resolution Protocol (ARP) information</help>
+ </properties>
+ <command>/usr/sbin/arp -e -n</command>
+ <children>
+ <tagNode name="interface">
+ <properties>
+ <help>Show Address Resolution Protocol (ARP) cache for specified interface</help>
+ <completionHelp>
+ <script>${vyos_completion_dir}/list_interfaces.py -b</script>
+ </completionHelp>
+ </properties>
+ <command>/usr/sbin/arp -e -n -i '$4'</command>
+ </tagNode>
+ </children>
+ </node>
</children>
</node>
</interfaceDefinition>
diff --git a/op-mode-definitions/show-bridge.xml b/op-mode-definitions/show-bridge.xml
index b285e2288..8c1f7c398 100644
--- a/op-mode-definitions/show-bridge.xml
+++ b/op-mode-definitions/show-bridge.xml
@@ -30,8 +30,7 @@
<command>/sbin/brctl showstp $3</command>
</leafNode>
</children>
- </tagNode>
-
+ </tagNode>
</children>
</node>
</interfaceDefinition>
diff --git a/op-mode-definitions/show-configuration.xml b/op-mode-definitions/show-configuration.xml
index 90c1533fb..318942ab0 100644
--- a/op-mode-definitions/show-configuration.xml
+++ b/op-mode-definitions/show-configuration.xml
@@ -2,38 +2,36 @@
<interfaceDefinition>
<node name="show">
<children>
- <node name="configuration">
- <properties>
- <help>Show available saved configurations</help>
- </properties>
- <!-- no admin check -->
- <command>cli-shell-api showCfg --show-active-only --show-hide-secrets</command>
-
- <children>
- <node name="all">
- <properties>
- <help>Show running configuration (including default values)</help>
- </properties>
- <!-- no admin check -->
- <command>cli-shell-api showCfg --show-show-defaults --show-active-only --show-hide-secrets</command>
- </node>
- <node name="commands">
- <properties>
- <help> Show running configuration as set commands </help>
- </properties>
- <!-- no admin check -->
- <command>cli-shell-api showCfg --show-active-only | vyos-config-to-commands</command>
- </node>
- <node name="files">
- <properties>
- <help> Show available saved configurations </help>
- </properties>
- <!-- no admin check -->
- <command>${vyos_op_scripts_dir}/show_configuration_files.sh</command>
- </node>
- </children>
- </node>
-
+ <node name="configuration">
+ <properties>
+ <help>Show available saved configurations</help>
+ </properties>
+ <!-- no admin check -->
+ <command>cli-shell-api showCfg --show-active-only --show-hide-secrets</command>
+ <children>
+ <node name="all">
+ <properties>
+ <help>Show running configuration (including default values)</help>
+ </properties>
+ <!-- no admin check -->
+ <command>cli-shell-api showCfg --show-show-defaults --show-active-only --show-hide-secrets</command>
+ </node>
+ <node name="commands">
+ <properties>
+ <help> Show running configuration as set commands </help>
+ </properties>
+ <!-- no admin check -->
+ <command>cli-shell-api showCfg --show-active-only | vyos-config-to-commands</command>
+ </node>
+ <node name="files">
+ <properties>
+ <help> Show available saved configurations </help>
+ </properties>
+ <!-- no admin check -->
+ <command>${vyos_op_scripts_dir}/show_configuration_files.sh</command>
+ </node>
+ </children>
+ </node>
</children>
</node>
</interfaceDefinition>
diff --git a/op-mode-definitions/show-disk.xml b/op-mode-definitions/show-disk.xml
index 8a8e35515..37da07fbe 100644
--- a/op-mode-definitions/show-disk.xml
+++ b/op-mode-definitions/show-disk.xml
@@ -2,23 +2,22 @@
<interfaceDefinition>
<node name="show">
<children>
- <tagNode name="disk">
- <properties>
- <help>Show status of disk device</help>
- <completionHelp>
- <script>${vyos_completion_dir}/list_disks.sh</script>
- </completionHelp>
- </properties>
- <children>
- <leafNode name="format">
- <properties>
- <help>Show disk drive formatting</help>
- </properties>
- <command>${vyos_op_scripts_dir}/show_disk_format.sh $3</command>
- </leafNode>
- </children>
- </tagNode>
-
+ <tagNode name="disk">
+ <properties>
+ <help>Show status of disk device</help>
+ <completionHelp>
+ <script>${vyos_completion_dir}/list_disks.sh</script>
+ </completionHelp>
+ </properties>
+ <children>
+ <leafNode name="format">
+ <properties>
+ <help>Show disk drive formatting</help>
+ </properties>
+ <command>${vyos_op_scripts_dir}/show_disk_format.sh $3</command>
+ </leafNode>
+ </children>
+ </tagNode>
</children>
</node>
</interfaceDefinition>
diff --git a/op-mode-definitions/show-hardware.xml b/op-mode-definitions/show-hardware.xml
index 6cd912aea..a49036397 100644
--- a/op-mode-definitions/show-hardware.xml
+++ b/op-mode-definitions/show-hardware.xml
@@ -27,21 +27,18 @@
</node>
</children>
</node>
-
<node name="dmi">
<properties>
<help>Show system DMI details</help>
</properties>
<command>${vyatta_bindir}/vyatta-show-dmi</command>
</node>
-
<node name="mem">
<properties>
<help>Show system RAM details</help>
</properties>
<command>cat /proc/meminfo</command>
</node>
-
<node name="pci">
<properties>
<help>Show system PCI bus details</help>
@@ -56,8 +53,6 @@
</node>
</children>
</node>
-
-
<node name="scsi">
<properties>
<help>Show SCSI device information</help>
@@ -72,7 +67,6 @@
</node>
</children>
</node>
-
<node name="usb">
<properties>
<help>Show peripherals connected to the USB bus</help>
@@ -87,7 +81,6 @@
</node>
</children>
</node>
-
</children>
</node>
</children>
diff --git a/op-mode-definitions/show-host.xml b/op-mode-definitions/show-host.xml
index b3ea129a2..d7f8104aa 100644
--- a/op-mode-definitions/show-host.xml
+++ b/op-mode-definitions/show-host.xml
@@ -2,36 +2,31 @@
<interfaceDefinition>
<node name="show">
<children>
- <node name="host">
- <properties>
- <help>Show host information</help>
- </properties>
- <children>
- <leafNode name="domain">
- <properties>
- <help>Show domain name</help>
- </properties>
- <command>/bin/domainname -d</command>
- </leafNode>
-
- <leafNode name="name">
- <properties>
- <help>Show host name</help>
- </properties>
- <command>/bin/hostname</command>
- </leafNode>
-
- <tagNode name="lookup">
- <properties>
- <help>Lookup host information for hostname|IPv4 address</help>
- </properties>
- <command>/usr/bin/host $4</command>
- </tagNode>
-
-
- </children>
- </node>
-
+ <node name="host">
+ <properties>
+ <help>Show host information</help>
+ </properties>
+ <children>
+ <leafNode name="domain">
+ <properties>
+ <help>Show domain name</help>
+ </properties>
+ <command>/bin/domainname -d</command>
+ </leafNode>
+ <leafNode name="name">
+ <properties>
+ <help>Show host name</help>
+ </properties>
+ <command>/bin/hostname</command>
+ </leafNode>
+ <tagNode name="lookup">
+ <properties>
+ <help>Lookup host information for hostname|IPv4 address</help>
+ </properties>
+ <command>/usr/bin/host $4</command>
+ </tagNode>
+ </children>
+ </node>
</children>
</node>
</interfaceDefinition>
diff --git a/op-mode-definitions/show-ip-multicast.xml b/op-mode-definitions/show-ip-multicast.xml
index 07102bfa6..6ffe40436 100644
--- a/op-mode-definitions/show-ip-multicast.xml
+++ b/op-mode-definitions/show-ip-multicast.xml
@@ -13,13 +13,13 @@
<properties>
<help>Show multicast interfaces</help>
</properties>
- <command>if ps -C igmpproxy &amp;&gt;/dev/null; then ${vyos_op_scripts_dir}/show-igmpproxy.py --interface; else echo IGMP proxy not configured; fi</command>
+ <command>if ps -C igmpproxy &amp;&gt;/dev/null; then ${vyos_op_scripts_dir}/show_igmpproxy.py --interface; else echo IGMP proxy not configured; fi</command>
</leafNode>
<leafNode name="mfc">
<properties>
<help>Show multicast fowarding cache</help>
</properties>
- <command>if ps -C igmpproxy &amp;&gt;/dev/null; then ${vyos_op_scripts_dir}/show-igmpproxy.py --mfc; else echo IGMP proxy not configured; fi</command>
+ <command>if ps -C igmpproxy &amp;&gt;/dev/null; then ${vyos_op_scripts_dir}/show_igmpproxy.py --mfc; else echo IGMP proxy not configured; fi</command>
</leafNode>
</children>
</node>
diff --git a/op-mode-definitions/show-ntp.xml b/op-mode-definitions/show-ntp.xml
index 4f2f2192b..4db43b449 100644
--- a/op-mode-definitions/show-ntp.xml
+++ b/op-mode-definitions/show-ntp.xml
@@ -6,7 +6,7 @@
<properties>
<help>Show peer status of NTP daemon</help>
</properties>
- <command>if ps -C ntpd &amp;>/dev/null; then ntpdc -n -c peers; else echo NTP daemon disabled; fi</command>
+ <command>if ps -C ntpd &amp;&gt;/dev/null; then ntpdc -n -c peers; else echo NTP daemon disabled; fi</command>
</node>
<tagNode name="ntp">
<properties>
diff --git a/src/conf_mode/accel_pppoe.py b/src/conf_mode/accel_pppoe.py
index 4aea84c44..0ef22110f 100755
--- a/src/conf_mode/accel_pppoe.py
+++ b/src/conf_mode/accel_pppoe.py
@@ -45,15 +45,22 @@ pppoe_config = '''
log_syslog
pppoe
ippool
+{% if client_ipv6_pool %}
+ipv6pool
+{% endif %}
chap-secrets
auth_pap
auth_chap_md5
auth_mschap_v1
auth_mschap_v2
-pppd_compat
-shaper
+#pppd_compat
+#shaper
+{% if snmp == 'enable' or snmp == 'enable-ma' %}
net-snmp
+{% endif %}
+{% if limits %}
connlimit
+{% endif %}
{% if authentication['mode'] == 'radius' %}
radius
{% endif %}
@@ -66,8 +73,10 @@ syslog=accel-pppoe,daemon
copy=1
level=5
+{% if snmp == 'enable-ma' %}
[snmp]
master=1
+{% endif %}
[client-ip-range]
disable
@@ -78,6 +87,16 @@ disable
{% endif %}
gw-ip-address={{ppp_gw}}
+{% if client_ipv6_pool %}
+[ipv6-pool]
+{% for prfx in client_ipv6_pool['prefix']: %}
+{{prfx}}
+{% endfor %}
+{% for prfx in client_ipv6_pool['delegate-prefix']: %}
+delegate={{prfx}}
+{% endfor %}
+{% endif %}
+
{% if dns %}
[dns]
{% if dns[0] %}
@@ -88,6 +107,13 @@ dns2={{dns[1]}}
{% endif %}
{% endif %}
+{% if dnsv6 %}
+[dnsv6]
+{% for srv in dnsv6: %}
+dns={{srv}}
+{% endfor %}
+{% endif %}
+
{% if wins %}
[wins]
{% if wins[0] %}
@@ -106,27 +132,83 @@ chap-secrets=/etc/accel-ppp/pppoe/chap-secrets
{% if authentication['mode'] == 'radius' %}
[radius]
{% for rsrv in authentication['radiussrv']: %}
-server={{rsrv}},{{authentication['radiussrv'][rsrv]}}
+server={{rsrv}},{{authentication['radiussrv'][rsrv]['secret']}},\
+req-limit={{authentication['radiussrv'][rsrv]['req-limit']}},\
+fail-time={{authentication['radiussrv'][rsrv]['fail-time']}}
{% endfor %}
-timeout=10
-acct-timeout=3
+{% if authentication['radiusopt']['timeout'] %}
+timeout={{authentication['radiusopt']['timeout']}}
+{% endif %}
+{% if authentication['radiusopt']['acct-timeout'] %}
+acct-timeout={{authentication['radiusopt']['acct-timeout']}}
+{% endif %}
+{% if authentication['radiusopt']['max-try'] %}
+max-try={{authentication['radiusopt']['max-try']}}
+{% endif %}
+{% if authentication['radiusopt']['nas-id'] %}
+nas-identifier={{authentication['radiusopt']['nas-id']}}
+{% endif %}
+{% if authentication['radiusopt']['nas-ip'] %}
+nas-ip-address={{authentication['radiusopt']['nas-ip']}}
+{% endif %}
+{% if authentication['radiusopt']['dae-srv'] %}
+dae-server={{authentication['radiusopt']['dae-srv']['ip-addr']}}:\
+{{authentication['radiusopt']['dae-srv']['port']}},\
+{{authentication['radiusopt']['dae-srv']['secret']}}
+{% endif %}
gw-ip-address={{ppp_gw}}
verbose=1
{% endif %}
[ppp]
verbose=1
-min-mtu={{mtu}}
-mtu={{mtu}}
-mru=1400
-check-ip=1
-mppe=prefer
-ipv4=require
check-ip=1
single-session=replace
+{% if ppp_options['ccp'] %}
+ccp=1
+{% endif %}
+{% if ppp_options['min-mtu'] %}
+min-mtu={{ppp_options['min-mtu']}}
+{% else %}
+min-mtu={{mtu}}
+{% endif %}
+{% if ppp_options['mru'] %}
+mru={{ppp_options['mru']}}
+{% endif %}
+{% if ppp_options['mppe'] %}
+mppe={{ppp_options['mppe']}}
+{% else %}
mppe=prefer
+{% endif %}
+{% if ppp_options['lcp-echo-interval'] %}
+lcp-echo-interval={{ppp_options['lcp-echo-interval']}}
+{% else %}
lcp-echo-interval=30
+{% endif %}
+{% if ppp_options['lcp-echo-timeout'] %}
+lcp-echo-timeout={{ppp_options['lcp-echo-timeout']}}
+{% endif %}
+{% if ppp_options['lcp-echo-failure'] %}
+lcp-echo-failure={{ppp_options['lcp-echo-failure']}}
+{% else %}
lcp-echo-failure=3
+{% endif %}
+{% if ppp_options['ipv4'] %}
+ipv4={{ppp_options['ipv4']}}
+{% endif %}
+{% if ppp_options['ipv6'] %}
+ipv6={{ppp_options['ipv6']}}
+{% if ppp_options['ipv6-intf-id'] %}
+ipv6-intf-id={{ppp_options['ipv6-intf-id']}}
+{% endif %}
+{% if ppp_options['ipv6-peer-intf-id'] %}
+ipv6-peer-intf-id={{ppp_options['ipv6-peer-intf-id']}}
+{% endif %}
+{% if ppp_options['ipv6-accept-peer-intf-id'] %}
+ipv6-accept-peer-intf-id={{ppp_options['ipv6-accept-peer-intf-id']}}
+{% endif %}
+{% endif %}
+mtu={{mtu}}
[pppoe]
verbose=1
@@ -141,12 +223,15 @@ interface={{int}}
{% if svc_name %}
service-name={{svc_name}}
{% endif %}
+pado-delay=0
+# maybe: called-sid, tr101, padi-limit etc.
-
+{% if limits %}
[connlimit]
-limit=10/min
-burst=3
-timeout=60
+limit={{limits['conn-limit']}}
+burst={{limits['burst']}}
+timeout={{limits['timeout']}}
+{% endif %}
[cli]
tcp=127.0.0.1:2001
@@ -210,24 +295,30 @@ def get_config():
return None
config_data = {
- 'concentrator' : 'vyos-ac',
- 'authentication' : {
- 'local-users' : {
+ 'concentrator' : 'vyos-ac',
+ 'authentication' : {
+ 'local-users' : {
},
- 'mode' : 'local',
- 'radiussrv' : {}
+ 'mode' : 'local',
+ 'radiussrv' : {},
+ 'radiusopt' : {}
},
- 'client_ip_pool' : '',
- 'interface' : [],
- 'ppp_gw' : '',
- 'svc_name' : '',
- 'dns' : [],
- 'wins' : [],
- 'mtu' : '1492'
+ 'client_ip_pool' : '',
+ 'client_ipv6_pool' : {},
+ 'interface' : [],
+ 'ppp_gw' : '',
+ 'svc_name' : '',
+ 'dns' : [],
+ 'dnsv6' : [],
+ 'wins' : [],
+ 'mtu' : '1492',
+ 'ppp_options' : {},
+ 'limits' : {},
+ 'snmp' : 'disable'
}
c.set_level('service pppoe-server')
-
+ ### general options
if c.exists('access-concentrator'):
config_data['concentrator'] = c.return_value('access-concentrator')
if c.exists('service-name'):
@@ -241,6 +332,13 @@ def get_config():
config_data['dns'].append(c.return_value('dns-servers server-1'))
if c.return_value('dns-servers server-2'):
config_data['dns'].append(c.return_value('dns-servers server-2'))
+ if c.exists('dnsv6-servers'):
+ if c.return_value('dnsv6-servers server-1'):
+ config_data['dnsv6'].append(c.return_value('dnsv6-servers server-1'))
+ if c.return_value('dnsv6-servers server-2'):
+ config_data['dnsv6'].append(c.return_value('dnsv6-servers server-2'))
+ if c.return_value('dnsv6-servers server-3'):
+ config_data['dnsv6'].append(c.return_value('dnsv6-servers server-3'))
if c.exists('wins-servers'):
if c.return_value('wins-servers server-1'):
config_data['wins'].append(c.return_value('wins-servers server-1'))
@@ -253,42 +351,128 @@ def get_config():
config_data['client_ip_pool'] += '-' + re.search('[0-9]+$', c.return_value('client-ip-pool stop')).group(0)
else:
raise ConfigError('client ip pool stop required')
+ if c.exists('client-ipv6-pool prefix'):
+ config_data['client_ipv6_pool']['prefix'] = c.return_values('client-ipv6-pool prefix')
+ if c.exists('client-ipv6-pool delegate-prefix'):
+ config_data['client_ipv6_pool']['delegate-prefix'] = c.return_values('client-ipv6-pool delegate-prefix')
+ if c.exists('limits'):
+ if c.exists('limits burst'):
+ config_data['limits']['burst'] = str(c.return_value('limits burst'))
+ if c.exists('limits timeout'):
+ config_data['limits']['timeout'] = str(c.return_value('limits timeout'))
+ if c.exists('limits connection-limit'):
+ config_data['limits']['conn-limit'] = str(c.return_value('limits connection-limit'))
+ if c.exists('snmp'):
+ config_data['snmp'] = 'enable'
+ if c.exists('snmp master-agent'):
+ config_data['snmp'] = 'enable-ma'
#### authentication mode local
- if c.exists('authentication'):
- if c.return_value('authentication mode') == 'local':
- if c.exists('authentication local-users username'):
- for usr in c.list_nodes('authentication local-users username'):
- config_data['authentication']['local-users'].update(
+
+ if c.exists('authentication mode local'):
+ if c.exists('authentication local-users username'):
+ for usr in c.list_nodes('authentication local-users username'):
+ config_data['authentication']['local-users'].update(
+ {
+ usr : {
+ 'passwd' : '',
+ 'state' : 'enabled',
+ 'ip' : '*'
+ }
+ }
+ )
+ if c.exists('authentication local-users username ' + usr + ' password'):
+ config_data['authentication']['local-users'][usr]['passwd'] = c.return_value('authentication local-users username ' + usr + ' password')
+ if c.exists('authentication local-users username ' + usr + ' disable'):
+ config_data['authentication']['local-users'][usr]['state'] = 'disable'
+ if c.exists('authentication local-users username ' + usr + ' static-ip'):
+ config_data['authentication']['local-users'][usr]['ip'] = c.return_value('authentication local-users username ' + usr + ' static-ip')
+
+ ### authentication mode radius servers and settings
+
+ if c.exists('authentication mode radius'):
+ config_data['authentication']['mode'] = 'radius'
+ rsrvs = c.list_nodes('authentication radius-server')
+ for rsrv in rsrvs:
+ if c.return_value('authentication radius-server ' + rsrv + ' fail-time') == None:
+ ftime = '0'
+ else:
+ ftime = str(c.return_value('authentication radius-server ' + rsrv + ' fail-time'))
+ if c.return_value('authentication radius-server ' + rsrv + ' req-limit') == None:
+ reql = '0'
+ else:
+ reql = str(c.return_value('authentication radius-server ' + rsrv + ' req-limit'))
+ config_data['authentication']['radiussrv'].update(
+ {
+ rsrv : {
+ 'secret' : c.return_value('authentication radius-server ' + rsrv + ' secret'),
+ 'fail-time' : ftime,
+ 'req-limit' : reql
+ }
+ }
+ )
+
+ #### advanced radius-setting
+ if c.exists('authentication radius-settings'):
+ if c.exists('authentication radius-settings acct-timeout'):
+ config_data['authentication']['radiusopt']['acct-timeout'] = c.return_value('authentication radius-settings acct-timeout')
+ if c.exists('authentication radius-settings max-try'):
+ config_data['authentication']['radiusopt']['max-try'] = c.return_value('authentication radius-settings max-try')
+ if c.exists('authentication radius-settings timeout'):
+ config_data['authentication']['radiusopt']['timeout'] = c.return_value('authentication radius-settings timeout')
+ if c.exists('authentication radius-settings nas-identifier'):
+ config_data['authentication']['radiusopt']['nas-id'] = c.return_value('authentication radius-settings nas-identifier')
+ if c.exists('authentication radius-settings nas-ip-address'):
+ config_data['authentication']['radiusopt']['nas-ip'] = c.return_value('authentication radius-settings nas-ip-address')
+ if c.exists('authentication radius-settings dae-server'):
+ config_data['authentication']['radiusopt'].update(
{
- usr : {
- 'passwd' : '',
- 'state' : 'enabled',
- 'ip' : '*'
+ 'dae-srv' : {
+ 'ip-addr' : c.return_value('authentication radius-settings dae-server ip-address'),
+ 'port' : c.return_value('authentication radius-settings dae-server port'),
+ 'secret' : str(c.return_value('authentication radius-settings dae-server secret'))
}
}
)
- if c.exists('authentication local-users username ' + usr + ' password'):
- config_data['authentication']['local-users'][usr]['passwd'] = c.return_value('authentication local-users username ' + usr + ' password')
- if c.exists('authentication local-users username ' + usr + ' disable'):
- config_data['authentication']['local-users'][usr]['state'] = 'disable'
- if c.exists('authentication local-users username ' + usr + ' static-ip'):
- config_data['authentication']['local-users'][usr]['ip'] = c.return_value('authentication local-users username ' + usr + ' static-ip')
-
- ### authentication mode radius
- if c.return_value('authentication mode') == 'radius':
- config_data['authentication']['mode'] = 'radius'
- rsrvs = c.list_nodes('authentication radius-server')
- for rsrv in rsrvs:
- config_data['authentication']['radiussrv'].update(
- {
- rsrv : str(c.return_value('authentication radius-server ' + rsrv + ' key'))
- }
- )
if c.exists('mtu'):
config_data['mtu'] = c.return_value('mtu')
+ ### ppp_options
+ ppp_options = {}
+ if c.exists('ppp-options'):
+ if c.exists('ppp-options ccp'):
+ ppp_options['ccp'] = c.return_value('ppp-options ccp')
+ if c.exists('ppp-options min-mtu'):
+ ppp_options['min-mtu'] = c.return_value('ppp-options min-mtu')
+ if c.exists('ppp-options mru'):
+ ppp_options['mru'] = c.return_value('ppp-options mru')
+ if c.exists('ppp-options mppe deny'):
+ ppp_options['mppe'] = 'deny'
+ if c.exists('ppp-options mppe require'):
+ ppp_options['mppe'] = 'requre'
+ if c.exists('ppp-options mppe prefer'):
+ ppp_options['mppe'] = 'prefer'
+ if c.exists('ppp-options lcp-echo-failure'):
+ ppp_options['lcp-echo-failure'] = c.return_value('ppp-options lcp-echo-failure')
+ if c.exists('ppp-options lcp-echo-interval'):
+ ppp_options['lcp-echo-interval'] = c.return_value('ppp-options lcp-echo-interval')
+ if c.exists('ppp-options ipv4'):
+ ppp_options['ipv4'] = c.return_value('ppp-options ipv4')
+ if c.exists('ppp-options ipv6'):
+ ppp_options['ipv6'] = c.return_value('ppp-options ipv6')
+ if c.exists('ppp-options ipv6-accept-peer-intf-id'):
+ ppp_options['ipv6-accept-peer-intf-id']= 1
+ if c.exists('ppp-options ipv6-intf-id'):
+ ppp_options['ipv6-intf-id'] = c.return_value('ppp-options ipv6-intf-id')
+ if c.exists('ppp-options ipv6-peer-intf-id'):
+ ppp_options['ipv6-peer-intf-id'] = c.return_value('ppp-options ipv6-peer-intf-id')
+ if c.exists('ppp-options lcp-echo-timeout'):
+ ppp_options['lcp-echo-timeout'] = c.return_value('ppp-options lcp-echo-timeout')
+
+ if len(ppp_options) !=0:
+ config_data['ppp_options'] = ppp_options
+
return config_data
def verify(c):
@@ -305,6 +489,9 @@ def verify(c):
if c['authentication']['mode'] == 'radius':
if len(c['authentication']['radiussrv']) == 0:
raise ConfigError('radius server required')
+ for rsrv in c['authentication']['radiussrv']:
+ if c['authentication']['radiussrv'][rsrv]['secret'] == None:
+ raise ConfigError('radius server ' + rsrv + ' needs a secret configured')
def generate(c):
if c == None:
@@ -347,11 +534,6 @@ def apply(c):
accel_cmd('restart')
sl.syslog(sl.LOG_NOTICE, "reloading config via daemon restart")
- #if c['state'] == 'update':
- # accel_cmd('restart')
- # sl.syslog(sl.LOG_NOTICE, "reloading config via daemon restart")
- # ## check that config reload actually works
-
if __name__ == '__main__':
try:
c = get_config()
diff --git a/src/conf_mode/ntp.py b/src/conf_mode/ntp.py
index 0abb2746a..68a046939 100755
--- a/src/conf_mode/ntp.py
+++ b/src/conf_mode/ntp.py
@@ -108,8 +108,6 @@ def get_config():
"name": node,
"options": []
}
- if conf.exists('server {0} dynamic'.format(node)):
- options.append('dynamic')
if conf.exists('server {0} noselect'.format(node)):
options.append('noselect')
if conf.exists('server {0} preempt'.format(node)):
diff --git a/src/conf_mode/syslog.py b/src/conf_mode/syslog.py
index f652cf3d0..f8f8d9457 100755
--- a/src/conf_mode/syslog.py
+++ b/src/conf_mode/syslog.py
@@ -30,6 +30,12 @@ from vyos import ConfigError
configs = '''
## generated by syslog.py ##
## file based logging
+{% if files['global']['marker'] %}
+$ModLoad immark
+{% if files['global']['marker-interval'] %}
+$MarkMessagePeriod {{files['global']['marker-interval']}}
+{% endif %}
+{% endif %}
{% for file in files %}
$outchannel {{file}},{{files[file]['log-file']}},{{files[file]['max-size']}},{{files[file]['action-on-max-size']}}
{{files[file]['selectors']}} :omfile:${{file}}
@@ -80,10 +86,10 @@ def get_config():
c.set_level('system syslog')
config_data = {
- 'files' : {},
+ 'files' : {},
'console' : {},
- 'hosts' : {},
- 'user' : {}
+ 'hosts' : {},
+ 'user' : {}
}
#####
@@ -102,13 +108,16 @@ def get_config():
}
)
+ if c.exists('global marker'):
+ config_data['files']['global']['marker'] = True
+ if c.exists('global marker interval'):
+ config_data['files']['global']['marker-interval'] = c.return_value('global marker interval')
if c.exists('global facility'):
config_data['files']['global']['selectors'] = generate_selectors(c, 'global facility')
if c.exists('global archive size'):
config_data['files']['global']['max-size'] = int(c.return_value('global archive size'))* 1024
if c.exists('global archive files'):
config_data['files']['global']['max-files'] = c.return_value('global archive files')
-
###
# set system syslog file
###
@@ -217,14 +226,12 @@ def generate_selectors(c, config_node):
def generate(c):
tmpl = jinja2.Template(configs, trim_blocks=True)
config_text = tmpl.render(c)
- #print (config_text)
with open('/etc/rsyslog.d/vyos-rsyslog.conf', 'w') as f:
f.write(config_text)
## eventually write for each file its own logrotate file, since size is defined it shouldn't matter
tmpl = jinja2.Template(logrotate_configs, trim_blocks=True)
config_text = tmpl.render(c)
- #print (config_text)
with open('/etc/logrotate.d/vyos-rsyslog', 'w') as f:
f.write(config_text)
@@ -247,6 +254,7 @@ def verify(c):
fac = ['*','auth','authpriv','cron','daemon','kern','lpr','mail','mark','news','protocols','security',\
'syslog','user','uucp','local0','local1','local2','local3','local4','local5','local6','local7']
lvl = ['emerg','alert','crit','err','warning','notice','info','debug','*']
+
for conf in c:
if c[conf]:
for item in c[conf]:
diff --git a/src/migration-scripts/l2tp/0-to-1 b/src/migration-scripts/l2tp/0-to-1
index 65adbbe77..f6c716df1 100755
--- a/src/migration-scripts/l2tp/0-to-1
+++ b/src/migration-scripts/l2tp/0-to-1
@@ -1,7 +1,8 @@
#!/usr/bin/env python3
-# Delete "set service dhcp-relay relay-options port" option
-# Delete "set service dhcpv6-relay listen-port" option
+# Unclutter L2TP VPN configuiration - move radius-server top level tag
+# nodes to a regular node which now also configures the radius source address
+# used when querying a radius server
import sys
diff --git a/src/migration-scripts/ntp/0-to-1 b/src/migration-scripts/ntp/0-to-1
new file mode 100755
index 000000000..9c66f3109
--- /dev/null
+++ b/src/migration-scripts/ntp/0-to-1
@@ -0,0 +1,36 @@
+#!/usr/bin/env python3
+
+# Delete "set system ntp server <n> dynamic" option
+
+import sys
+
+from vyos.configtree import ConfigTree
+
+if (len(sys.argv) < 1):
+ print("Must specify file name!")
+ sys.exit(1)
+
+file_name = sys.argv[1]
+
+with open(file_name, 'r') as f:
+ config_file = f.read()
+
+config = ConfigTree(config_file)
+
+if not config.exists(['system', 'ntp']):
+ # Nothing to do
+ sys.exit(0)
+else:
+ # Delete abandoned leaf node if found inside tag node for
+ # "set system ntp server <n> dynamic"
+ base = ['system', 'ntp', 'server']
+ for server in config.list_nodes(base):
+ if config.exists(base + [server, 'dynamic']):
+ config.delete(base + [server, 'dynamic'])
+
+ try:
+ with open(file_name, 'w') as f:
+ f.write(config.to_string())
+ except OSError as e:
+ print("Failed to save the modified config: {}".format(e))
+ sys.exit(1)
diff --git a/src/migration-scripts/pptp/0-to-1 b/src/migration-scripts/pptp/0-to-1
new file mode 100755
index 000000000..d0c7a83b5
--- /dev/null
+++ b/src/migration-scripts/pptp/0-to-1
@@ -0,0 +1,59 @@
+#!/usr/bin/env python3
+
+# Unclutter PPTP VPN configuiration - move radius-server top level tag
+# nodes to a regular node which now also configures the radius source address
+# used when querying a radius server
+
+import sys
+
+from vyos.configtree import ConfigTree
+
+if (len(sys.argv) < 1):
+ print("Must specify file name!")
+ sys.exit(1)
+
+file_name = sys.argv[1]
+
+with open(file_name, 'r') as f:
+ config_file = f.read()
+
+config = ConfigTree(config_file)
+
+cfg_base = ['vpn', 'pptp', 'remote-access', 'authentication']
+if not config.exists(cfg_base):
+ # Nothing to do
+ sys.exit(0)
+else:
+ # Migrate "vpn pptp authentication radius-source-address" to new
+ # "vpn pptp authentication radius source-address"
+ if config.exists(cfg_base + ['radius-source-address']):
+ address = config.return_value(cfg_base + ['radius-source-address'])
+ # delete old configuration node
+ config.delete(cfg_base + ['radius-source-address'])
+ # write new configuration node
+ config.set(cfg_base + ['radius', 'source-address'], value=address)
+
+ # Migrate "vpn pptp authentication radius-server" tag node to new
+ # "vpn pptp authentication radius server" tag node
+ for server in config.list_nodes(cfg_base + ['radius-server']):
+ base_server = cfg_base + ['radius-server', server]
+ key = config.return_value(base_server + ['key'])
+
+ # delete old configuration node
+ config.delete(base_server)
+ # write new configuration node
+ config.set(cfg_base + ['radius', 'server', server, 'key'], value=key)
+
+ # format as tag node
+ config.set_tag(cfg_base + ['radius', 'server'])
+
+ # delete top level tag node
+ if config.exists(cfg_base + ['radius-server']):
+ config.delete(cfg_base + ['radius-server'])
+
+ try:
+ with open(file_name, 'w') as f:
+ f.write(config.to_string())
+ except OSError as e:
+ print("Failed to save the modified config: {}".format(e))
+ sys.exit(1)
diff --git a/src/op_mode/restart_dhcp_relay.py b/src/op_mode/restart_dhcp_relay.py
new file mode 100755
index 000000000..ab02d1eb3
--- /dev/null
+++ b/src/op_mode/restart_dhcp_relay.py
@@ -0,0 +1,53 @@
+#!/usr/bin/env python3
+#
+# Copyright (C) 2018 VyOS maintainers and contributors
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 or later as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+# File: restart_dhcp_relay.py
+# Purpose:
+# Restart IPv4 and IPv6 DHCP relay instances of dhcrelay service
+
+import sys
+import argparse
+import os
+
+import vyos.config
+
+parser = argparse.ArgumentParser()
+parser.add_argument("--ipv4", action="store_true", help="Restart IPv4 DHCP relay")
+parser.add_argument("--ipv6", action="store_true", help="Restart IPv6 DHCP relay")
+
+if __name__ == '__main__':
+ args = parser.parse_args()
+ c = vyos.config.Config()
+
+ if args.ipv4:
+ # Do nothing if service is not configured
+ if not c.exists_effective('service dhcp-relay'):
+ print("DHCP relay service not configured")
+ else:
+ os.system('sudo systemctl restart isc-dhcp-relay.service')
+
+ sys.exit(0)
+ elif args.ipv6:
+ # Do nothing if service is not configured
+ if not c.exists_effective('service dhcpv6-relay'):
+ print("DHCPv6 relay service not configured")
+ else:
+ os.system('sudo systemctl restart isc-dhcpv6-relay.service')
+
+ sys.exit(0)
+ else:
+ parser.print_help()
+ sys.exit(1)
diff --git a/src/op_mode/show-igmpproxy.py b/src/op_mode/show_igmpproxy.py
index a021fcdde..5ccc16287 100755
--- a/src/op_mode/show-igmpproxy.py
+++ b/src/op_mode/show_igmpproxy.py
@@ -14,7 +14,7 @@
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
-# File: show-igmpproxy
+# File: show_igmpproxy.py
# Purpose:
# Display istatistics from IPv4 IGMP proxy.
# Used by the "run show ip multicast" command tree.