diff options
author | Christian Poessinger <christian@poessinger.com> | 2022-12-11 20:27:50 +0100 |
---|---|---|
committer | Christian Poessinger <christian@poessinger.com> | 2022-12-11 20:27:50 +0100 |
commit | 4df8182dfb2e5988d333db1052bb4379b8326527 (patch) | |
tree | f43b289db8073adc10a67607d6e043c18acd764d /data | |
parent | 15828b9e86f46ca7f5cfa06be59f87055c4e3fef (diff) | |
parent | ff56aeefddaad2d37d3ea32626e1adf3960eaf26 (diff) | |
download | vyos-1x-4df8182dfb2e5988d333db1052bb4379b8326527.tar.gz vyos-1x-4df8182dfb2e5988d333db1052bb4379b8326527.zip |
Merge branch 't4792-sstpc' into current
* t4792-sstpc:
sstp: T4384: initial implementation of SSTP client CLI
pppoe: T4384: remove unused import of leaf_node_changed
pppoe: xml: T4792: split "no-peer-dns" CLI node into building block
xml: ddns: T4792: split "server" CLI node into building block
Diffstat (limited to 'data')
-rw-r--r-- | data/configd-include.json | 1 | ||||
-rw-r--r-- | data/templates/sstp-client/peer.j2 | 46 |
2 files changed, 47 insertions, 0 deletions
diff --git a/data/configd-include.json b/data/configd-include.json index 5a4912e30..648655a8b 100644 --- a/data/configd-include.json +++ b/data/configd-include.json @@ -28,6 +28,7 @@ "interfaces-openvpn.py", "interfaces-pppoe.py", "interfaces-pseudo-ethernet.py", +"interfaces-sstpc.py", "interfaces-tunnel.py", "interfaces-vti.py", "interfaces-vxlan.py", diff --git a/data/templates/sstp-client/peer.j2 b/data/templates/sstp-client/peer.j2 new file mode 100644 index 000000000..1127d0564 --- /dev/null +++ b/data/templates/sstp-client/peer.j2 @@ -0,0 +1,46 @@ +### Autogenerated by interfaces-sstpc.py ### +{{ '# ' ~ description if description is vyos_defined else '' }} + +# Require peer to provide the local IP address if it is not +# specified explicitly in the config file. +noipdefault + +# Don't show the password in logfiles: +hide-password + +remotename {{ ifname }} +linkname {{ ifname }} +ipparam {{ ifname }} +ifname {{ ifname }} +pty "sstpc --ipparam {{ ifname }} --nolaunchpppd {{ server }}:{{ port }} --ca-cert {{ ca_file_path }}" + +# Override any connect script that may have been set in /etc/ppp/options. +connect /bin/true + +# Don't try to authenticate the remote node +noauth + +# We won't want EAP +refuse-eap + +# Don't try to proxy ARP for the remote endpoint. User can set proxy +# arp entries up manually if they wish. More importantly, having +# the "proxyarp" parameter set disables the "defaultroute" option. +noproxyarp + +# Unlimited connection attempts +maxfail 0 + +plugin sstp-pppd-plugin.so +sstp-sock /var/run/sstpc/sstpc-{{ ifname }} + +persist +debug + +{% if authentication is vyos_defined %} +{{ 'user "' + authentication.user + '"' if authentication.user is vyos_defined }} +{{ 'password "' + authentication.password + '"' if authentication.password is vyos_defined }} +{% endif %} + +{{ "usepeerdns" if no_peer_dns is not vyos_defined }} + |