diff options
author | Christian Poessinger <christian@poessinger.com> | 2020-04-22 19:02:18 +0200 |
---|---|---|
committer | Christian Poessinger <christian@poessinger.com> | 2020-04-22 19:02:18 +0200 |
commit | 2703915afb9a6bf266adc8834ab01ef721c03424 (patch) | |
tree | 6314ea4f1861bae76ecdc8465e23f96883c30334 /data/templates | |
parent | d2477601a6c4f5f11773493cacfdc54e5f9a01ae (diff) | |
parent | 6f090e918bae878463aa683511ceab4fbbbade54 (diff) | |
download | vyos-1x-2703915afb9a6bf266adc8834ab01ef721c03424.tar.gz vyos-1x-2703915afb9a6bf266adc8834ab01ef721c03424.zip |
Merge branch 'pptp-rewrite' of github.com:c-po/vyos-1x into current
* 'pptp-rewrite' of github.com:c-po/vyos-1x:
accel-ppp: fix wrong reference in verify() on missing attributes
accel-ppp: T2314: bugfix wrong placement of endif in Jinja2 template
vpn: pptp: T2351: add support for common radius-additions XML
vpn: pptp: T2351: migrate to common radius CLI
vpn: pptp: T2351: migrate to common name-server, wins-server nodes
accel-ppp: provide common wins-server include definition
vpn: pptp: T2351: use first IP from client pool as gateway address
vpn: pptp: T2351: align configuration to other accel implementations
vpn: pptp: T2351: migrate from SysVinit to systemd
vyos.util: migrate all cpu_count() occurances to common get_half_cpus()
Diffstat (limited to 'data/templates')
-rw-r--r-- | data/templates/accel-ppp/l2tp.config.tmpl | 2 | ||||
-rw-r--r-- | data/templates/accel-ppp/pptp.config.tmpl | 89 | ||||
-rw-r--r-- | data/templates/pptp/chap-secrets.tmpl | 6 | ||||
-rw-r--r-- | data/templates/pptp/pptp.config.tmpl | 87 |
4 files changed, 90 insertions, 94 deletions
diff --git a/data/templates/accel-ppp/l2tp.config.tmpl b/data/templates/accel-ppp/l2tp.config.tmpl index ebe3aca29..8878e3175 100644 --- a/data/templates/accel-ppp/l2tp.config.tmpl +++ b/data/templates/accel-ppp/l2tp.config.tmpl @@ -85,7 +85,6 @@ verbose=1 {% for r in radius_server %} server={{ r.server }},{{ r.key }},auth-port={{ r.port }},req-limit=0,fail-time={{ r.fail_time }} {% endfor -%} -{% endif %} acct-timeout={{ radius_acct_tmo }} timeout={{ radius_timeout }} @@ -100,6 +99,7 @@ nas-ip-address={{ radius_nas_ip }} {% if radius_source_address %} bind={{ radius_source_address }} {% endif -%} +{% endif %} [ppp] verbose=1 diff --git a/data/templates/accel-ppp/pptp.config.tmpl b/data/templates/accel-ppp/pptp.config.tmpl new file mode 100644 index 000000000..0bbfc13c5 --- /dev/null +++ b/data/templates/accel-ppp/pptp.config.tmpl @@ -0,0 +1,89 @@ +### generated by accel_pptp.py ### +[modules] +log_syslog +pptp +ippool +{% if auth_mode == 'local' %} +chap-secrets +{% elif auth_mode == 'radius' %} +radius +{% endif -%} +{% for proto in auth_proto %} +{{proto}} +{% endfor %} + +[core] +thread-count={{ thread_cnt }} + +[log] +syslog=accel-pptp,daemon +copy=1 +level=5 + +{% if dnsv4 %} +[dns] +{% for dns in dnsv4 -%} +dns{{ loop.index }}={{ dns }} +{% endfor -%} +{% endif %} + +{% if wins %} +[wins] +{% for server in wins -%} +wins{{ loop.index }}={{ server }} +{% endfor -%} +{% endif %} + + +[pptp] +ifname=pptp%d +{% if outside_addr %} +bind={{ outside_addr }} +{% endif %} +verbose=1 +ppp-max-mtu={{mtu}} +mppe={{ ppp_mppe }} +echo-interval=10 +echo-failure=3 + + +[client-ip-range] +0.0.0.0/0 + +[ip-pool] +tunnel={{ client_ip_pool }} +gw-ip-address={{ gw_ip }} + +[ppp] +verbose=5 +check-ip=1 +single-session=replace + +{% if auth_mode == 'local' %} +[chap-secrets] +chap-secrets={{ chap_secrets_file }} +{% elif auth_mode == 'radius' %} +[radius] +verbose=1 +{% for r in radius_server %} +server={{ r.server }},{{ r.key }},auth-port={{ r.port }},req-limit=0,fail-time={{ r.fail_time }} +{% endfor -%} + +acct-timeout={{ radius_acct_tmo }} +timeout={{ radius_timeout }} +max-try={{ radius_max_try }} + +{% if radius_nas_id %} +nas-identifier={{ radius_nas_id }} +{% endif -%} +{% if radius_nas_ip %} +nas-ip-address={{ radius_nas_ip }} +{% endif -%} +{% if radius_source_address %} +bind={{ radius_source_address }} +{% endif -%} +{% endif %} + +[cli] +tcp=127.0.0.1:2003 + diff --git a/data/templates/pptp/chap-secrets.tmpl b/data/templates/pptp/chap-secrets.tmpl deleted file mode 100644 index f93f4607b..000000000 --- a/data/templates/pptp/chap-secrets.tmpl +++ /dev/null @@ -1,6 +0,0 @@ -# username server password acceptable local IP addresses -{% for user in authentication['local-users'] %} -{% if authentication['local-users'][user]['state'] == 'enabled' %} -{{ "%-12s" | format(user) }} * {{ "%-16s" | format(authentication['local-users'][user]['passwd']) }} {{ "%-16s" | format(authentication['local-users'][user]['ip']) }} -{% endif %} -{% endfor %} diff --git a/data/templates/pptp/pptp.config.tmpl b/data/templates/pptp/pptp.config.tmpl deleted file mode 100644 index 2596507af..000000000 --- a/data/templates/pptp/pptp.config.tmpl +++ /dev/null @@ -1,87 +0,0 @@ - -### generated by accel_pptp.py ### -[modules] -log_syslog -pptp -ippool -chap-secrets -{% if authentication['auth_proto'] %} -{{ authentication['auth_proto'] }} -{% else %} -auth_mschap_v2 -{% endif %} -{% if authentication['mode'] == 'radius' %} -radius -{% endif -%} - -[core] -thread-count={{thread_cnt}} - -[log] -syslog=accel-pptp,daemon -copy=1 -level=5 - -{% if dns %} -[dns] -{% if dns[0] %} -dns1={{dns[0]}} -{% endif %} -{% if dns[1] %} -dns2={{dns[1]}} -{% endif %} -{% endif %} - -{% if wins %} -[wins] -{% if wins[0] %} -wins1={{wins[0]}} -{% endif %} -{% if wins[1] %} -wins2={{wins[1]}} -{% endif %} -{% endif %} - -[pptp] -ifname=pptp%d -{% if outside_addr %} -bind={{outside_addr}} -{% endif %} -verbose=1 -ppp-max-mtu={{mtu}} -mppe={{authentication['mppe']}} -echo-interval=10 -echo-failure=3 - - -[client-ip-range] -0.0.0.0/0 - -[ip-pool] -tunnel={{client_ip_pool}} -gw-ip-address={{gw_ip}} - -{% if authentication['mode'] == 'local' %} -[chap-secrets] -chap-secrets=/etc/accel-ppp/pptp/chap-secrets -{% endif %} - -[ppp] -verbose=5 -check-ip=1 -single-session=replace - -{% if authentication['mode'] == 'radius' %} -[radius] -{% for rsrv in authentication['radiussrv']: %} -server={{rsrv}},{{authentication['radiussrv'][rsrv]['secret']}},\ -req-limit={{authentication['radiussrv'][rsrv]['req-limit']}},\ -fail-time={{authentication['radiussrv'][rsrv]['fail-time']}} -{% endfor %} -timeout=30 -acct-timeout=30 -max-try=3 -{%endif %} - -[cli] -tcp=127.0.0.1:2003 |