summaryrefslogtreecommitdiff
path: root/data
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2022-12-11 20:27:50 +0100
committerChristian Poessinger <christian@poessinger.com>2022-12-11 20:27:50 +0100
commit4df8182dfb2e5988d333db1052bb4379b8326527 (patch)
treef43b289db8073adc10a67607d6e043c18acd764d /data
parent15828b9e86f46ca7f5cfa06be59f87055c4e3fef (diff)
parentff56aeefddaad2d37d3ea32626e1adf3960eaf26 (diff)
downloadvyos-1x-4df8182dfb2e5988d333db1052bb4379b8326527.tar.gz
vyos-1x-4df8182dfb2e5988d333db1052bb4379b8326527.zip
Merge branch 't4792-sstpc' into current
* t4792-sstpc: sstp: T4384: initial implementation of SSTP client CLI pppoe: T4384: remove unused import of leaf_node_changed pppoe: xml: T4792: split "no-peer-dns" CLI node into building block xml: ddns: T4792: split "server" CLI node into building block
Diffstat (limited to 'data')
-rw-r--r--data/configd-include.json1
-rw-r--r--data/templates/sstp-client/peer.j246
2 files changed, 47 insertions, 0 deletions
diff --git a/data/configd-include.json b/data/configd-include.json
index 5a4912e30..648655a8b 100644
--- a/data/configd-include.json
+++ b/data/configd-include.json
@@ -28,6 +28,7 @@
"interfaces-openvpn.py",
"interfaces-pppoe.py",
"interfaces-pseudo-ethernet.py",
+"interfaces-sstpc.py",
"interfaces-tunnel.py",
"interfaces-vti.py",
"interfaces-vxlan.py",
diff --git a/data/templates/sstp-client/peer.j2 b/data/templates/sstp-client/peer.j2
new file mode 100644
index 000000000..1127d0564
--- /dev/null
+++ b/data/templates/sstp-client/peer.j2
@@ -0,0 +1,46 @@
+### Autogenerated by interfaces-sstpc.py ###
+{{ '# ' ~ description if description is vyos_defined else '' }}
+
+# Require peer to provide the local IP address if it is not
+# specified explicitly in the config file.
+noipdefault
+
+# Don't show the password in logfiles:
+hide-password
+
+remotename {{ ifname }}
+linkname {{ ifname }}
+ipparam {{ ifname }}
+ifname {{ ifname }}
+pty "sstpc --ipparam {{ ifname }} --nolaunchpppd {{ server }}:{{ port }} --ca-cert {{ ca_file_path }}"
+
+# Override any connect script that may have been set in /etc/ppp/options.
+connect /bin/true
+
+# Don't try to authenticate the remote node
+noauth
+
+# We won't want EAP
+refuse-eap
+
+# Don't try to proxy ARP for the remote endpoint. User can set proxy
+# arp entries up manually if they wish. More importantly, having
+# the "proxyarp" parameter set disables the "defaultroute" option.
+noproxyarp
+
+# Unlimited connection attempts
+maxfail 0
+
+plugin sstp-pppd-plugin.so
+sstp-sock /var/run/sstpc/sstpc-{{ ifname }}
+
+persist
+debug
+
+{% if authentication is vyos_defined %}
+{{ 'user "' + authentication.user + '"' if authentication.user is vyos_defined }}
+{{ 'password "' + authentication.password + '"' if authentication.password is vyos_defined }}
+{% endif %}
+
+{{ "usepeerdns" if no_peer_dns is not vyos_defined }}
+