diff options
| author | Christian Poessinger <christian@poessinger.com> | 2021-12-28 20:05:42 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-12-28 20:05:42 +0100 |
| commit | 961ed0f869979f66cb99492545d686ec380689a9 (patch) | |
| tree | 8643a31cc75b4c0174f06b202205bada3e4b0a90 | |
| parent | 5c5e283f8a964f5bbb3d838d1c0aabdee4e2032b (diff) | |
| parent | 5e05bfe790035f7d53dede8d76bccb089a186864 (diff) | |
| download | vyos-1x-961ed0f869979f66cb99492545d686ec380689a9.tar.gz vyos-1x-961ed0f869979f66cb99492545d686ec380689a9.zip | |
Merge pull request #1123 from sever-sever/T4111
ipsec: T4111: Fix for swanctl configuration IPV6 peers
| -rw-r--r-- | data/templates/ipsec/swanctl.conf.tmpl | 2 | ||||
| -rw-r--r-- | data/templates/ipsec/swanctl/peer.tmpl | 2 | ||||
| -rw-r--r-- | python/vyos/template.py | 10 |
3 files changed, 12 insertions, 2 deletions
diff --git a/data/templates/ipsec/swanctl.conf.tmpl b/data/templates/ipsec/swanctl.conf.tmpl index 161f19f95..68b108365 100644 --- a/data/templates/ipsec/swanctl.conf.tmpl +++ b/data/templates/ipsec/swanctl.conf.tmpl @@ -57,7 +57,7 @@ secrets { {% endif %} {% if site_to_site is defined and site_to_site.peer is defined %} {% for peer, peer_conf in site_to_site.peer.items() if peer not in dhcp_no_address and peer_conf.disable is not defined %} -{% set peer_name = peer.replace(".", "-").replace("@", "") %} +{% set peer_name = peer.replace("@", "") | dot_colon_to_dash %} {% if peer_conf.authentication.mode == 'pre-shared-secret' %} ike_{{ peer_name }} { {% if peer_conf.local_address is defined %} diff --git a/data/templates/ipsec/swanctl/peer.tmpl b/data/templates/ipsec/swanctl/peer.tmpl index 8c3776bf1..1b221814e 100644 --- a/data/templates/ipsec/swanctl/peer.tmpl +++ b/data/templates/ipsec/swanctl/peer.tmpl @@ -1,5 +1,5 @@ {% macro conn(peer, peer_conf, ike_group, esp_group) %} -{% set name = peer.replace(".", "-").replace("@", "") %} +{% set name = peer.replace("@", "") | dot_colon_to_dash %} {# peer needs to reference the global IKE configuration for certain values #} {% set ike = ike_group[peer_conf.ike_group] %} peer_{{ name }} { diff --git a/python/vyos/template.py b/python/vyos/template.py index b32cafe74..29c6b3882 100644 --- a/python/vyos/template.py +++ b/python/vyos/template.py @@ -151,6 +151,16 @@ def bracketize_ipv6(address): return f'[{address}]' return address +@register_filter('dot_colon_to_dash') +def dot_colon_to_dash(text): + """ Replace dot and colon to dash for string + Example: + 192.0.2.1 => 192-0-2-1, 2001:db8::1 => 2001-db8--1 + """ + text = text.replace(":", "-") + text = text.replace(".", "-") + return text + @register_filter('netmask_from_cidr') def netmask_from_cidr(prefix): """ Take CIDR prefix and convert the prefix length to a "subnet mask". |