summaryrefslogtreecommitdiff
path: root/data/templates
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2020-04-22 19:02:18 +0200
committerChristian Poessinger <christian@poessinger.com>2020-04-22 19:02:18 +0200
commit2703915afb9a6bf266adc8834ab01ef721c03424 (patch)
tree6314ea4f1861bae76ecdc8465e23f96883c30334 /data/templates
parentd2477601a6c4f5f11773493cacfdc54e5f9a01ae (diff)
parent6f090e918bae878463aa683511ceab4fbbbade54 (diff)
downloadvyos-1x-2703915afb9a6bf266adc8834ab01ef721c03424.tar.gz
vyos-1x-2703915afb9a6bf266adc8834ab01ef721c03424.zip
Merge branch 'pptp-rewrite' of github.com:c-po/vyos-1x into current
* 'pptp-rewrite' of github.com:c-po/vyos-1x: accel-ppp: fix wrong reference in verify() on missing attributes accel-ppp: T2314: bugfix wrong placement of endif in Jinja2 template vpn: pptp: T2351: add support for common radius-additions XML vpn: pptp: T2351: migrate to common radius CLI vpn: pptp: T2351: migrate to common name-server, wins-server nodes accel-ppp: provide common wins-server include definition vpn: pptp: T2351: use first IP from client pool as gateway address vpn: pptp: T2351: align configuration to other accel implementations vpn: pptp: T2351: migrate from SysVinit to systemd vyos.util: migrate all cpu_count() occurances to common get_half_cpus()
Diffstat (limited to 'data/templates')
-rw-r--r--data/templates/accel-ppp/l2tp.config.tmpl2
-rw-r--r--data/templates/accel-ppp/pptp.config.tmpl89
-rw-r--r--data/templates/pptp/chap-secrets.tmpl6
-rw-r--r--data/templates/pptp/pptp.config.tmpl87
4 files changed, 90 insertions, 94 deletions
diff --git a/data/templates/accel-ppp/l2tp.config.tmpl b/data/templates/accel-ppp/l2tp.config.tmpl
index ebe3aca29..8878e3175 100644
--- a/data/templates/accel-ppp/l2tp.config.tmpl
+++ b/data/templates/accel-ppp/l2tp.config.tmpl
@@ -85,7 +85,6 @@ verbose=1
{% for r in radius_server %}
server={{ r.server }},{{ r.key }},auth-port={{ r.port }},req-limit=0,fail-time={{ r.fail_time }}
{% endfor -%}
-{% endif %}
acct-timeout={{ radius_acct_tmo }}
timeout={{ radius_timeout }}
@@ -100,6 +99,7 @@ nas-ip-address={{ radius_nas_ip }}
{% if radius_source_address %}
bind={{ radius_source_address }}
{% endif -%}
+{% endif %}
[ppp]
verbose=1
diff --git a/data/templates/accel-ppp/pptp.config.tmpl b/data/templates/accel-ppp/pptp.config.tmpl
new file mode 100644
index 000000000..0bbfc13c5
--- /dev/null
+++ b/data/templates/accel-ppp/pptp.config.tmpl
@@ -0,0 +1,89 @@
+### generated by accel_pptp.py ###
+[modules]
+log_syslog
+pptp
+ippool
+{% if auth_mode == 'local' %}
+chap-secrets
+{% elif auth_mode == 'radius' %}
+radius
+{% endif -%}
+{% for proto in auth_proto %}
+{{proto}}
+{% endfor %}
+
+[core]
+thread-count={{ thread_cnt }}
+
+[log]
+syslog=accel-pptp,daemon
+copy=1
+level=5
+
+{% if dnsv4 %}
+[dns]
+{% for dns in dnsv4 -%}
+dns{{ loop.index }}={{ dns }}
+{% endfor -%}
+{% endif %}
+
+{% if wins %}
+[wins]
+{% for server in wins -%}
+wins{{ loop.index }}={{ server }}
+{% endfor -%}
+{% endif %}
+
+
+[pptp]
+ifname=pptp%d
+{% if outside_addr %}
+bind={{ outside_addr }}
+{% endif %}
+verbose=1
+ppp-max-mtu={{mtu}}
+mppe={{ ppp_mppe }}
+echo-interval=10
+echo-failure=3
+
+
+[client-ip-range]
+0.0.0.0/0
+
+[ip-pool]
+tunnel={{ client_ip_pool }}
+gw-ip-address={{ gw_ip }}
+
+[ppp]
+verbose=5
+check-ip=1
+single-session=replace
+
+{% if auth_mode == 'local' %}
+[chap-secrets]
+chap-secrets={{ chap_secrets_file }}
+{% elif auth_mode == 'radius' %}
+[radius]
+verbose=1
+{% for r in radius_server %}
+server={{ r.server }},{{ r.key }},auth-port={{ r.port }},req-limit=0,fail-time={{ r.fail_time }}
+{% endfor -%}
+
+acct-timeout={{ radius_acct_tmo }}
+timeout={{ radius_timeout }}
+max-try={{ radius_max_try }}
+
+{% if radius_nas_id %}
+nas-identifier={{ radius_nas_id }}
+{% endif -%}
+{% if radius_nas_ip %}
+nas-ip-address={{ radius_nas_ip }}
+{% endif -%}
+{% if radius_source_address %}
+bind={{ radius_source_address }}
+{% endif -%}
+{% endif %}
+
+[cli]
+tcp=127.0.0.1:2003
+
diff --git a/data/templates/pptp/chap-secrets.tmpl b/data/templates/pptp/chap-secrets.tmpl
deleted file mode 100644
index f93f4607b..000000000
--- a/data/templates/pptp/chap-secrets.tmpl
+++ /dev/null
@@ -1,6 +0,0 @@
-# username server password acceptable local IP addresses
-{% for user in authentication['local-users'] %}
-{% if authentication['local-users'][user]['state'] == 'enabled' %}
-{{ "%-12s" | format(user) }} * {{ "%-16s" | format(authentication['local-users'][user]['passwd']) }} {{ "%-16s" | format(authentication['local-users'][user]['ip']) }}
-{% endif %}
-{% endfor %}
diff --git a/data/templates/pptp/pptp.config.tmpl b/data/templates/pptp/pptp.config.tmpl
deleted file mode 100644
index 2596507af..000000000
--- a/data/templates/pptp/pptp.config.tmpl
+++ /dev/null
@@ -1,87 +0,0 @@
-
-### generated by accel_pptp.py ###
-[modules]
-log_syslog
-pptp
-ippool
-chap-secrets
-{% if authentication['auth_proto'] %}
-{{ authentication['auth_proto'] }}
-{% else %}
-auth_mschap_v2
-{% endif %}
-{% if authentication['mode'] == 'radius' %}
-radius
-{% endif -%}
-
-[core]
-thread-count={{thread_cnt}}
-
-[log]
-syslog=accel-pptp,daemon
-copy=1
-level=5
-
-{% if dns %}
-[dns]
-{% if dns[0] %}
-dns1={{dns[0]}}
-{% endif %}
-{% if dns[1] %}
-dns2={{dns[1]}}
-{% endif %}
-{% endif %}
-
-{% if wins %}
-[wins]
-{% if wins[0] %}
-wins1={{wins[0]}}
-{% endif %}
-{% if wins[1] %}
-wins2={{wins[1]}}
-{% endif %}
-{% endif %}
-
-[pptp]
-ifname=pptp%d
-{% if outside_addr %}
-bind={{outside_addr}}
-{% endif %}
-verbose=1
-ppp-max-mtu={{mtu}}
-mppe={{authentication['mppe']}}
-echo-interval=10
-echo-failure=3
-
-
-[client-ip-range]
-0.0.0.0/0
-
-[ip-pool]
-tunnel={{client_ip_pool}}
-gw-ip-address={{gw_ip}}
-
-{% if authentication['mode'] == 'local' %}
-[chap-secrets]
-chap-secrets=/etc/accel-ppp/pptp/chap-secrets
-{% endif %}
-
-[ppp]
-verbose=5
-check-ip=1
-single-session=replace
-
-{% if authentication['mode'] == 'radius' %}
-[radius]
-{% for rsrv in authentication['radiussrv']: %}
-server={{rsrv}},{{authentication['radiussrv'][rsrv]['secret']}},\
-req-limit={{authentication['radiussrv'][rsrv]['req-limit']}},\
-fail-time={{authentication['radiussrv'][rsrv]['fail-time']}}
-{% endfor %}
-timeout=30
-acct-timeout=30
-max-try=3
-{%endif %}
-
-[cli]
-tcp=127.0.0.1:2003