summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authoraapostoliuk <a.apostoliuk@vyos.io>2024-01-05 16:18:15 +0200
committerMergify <37929162+mergify[bot]@users.noreply.github.com>2024-01-10 19:00:37 +0000
commitb588e0784626ca42bf0da84a766213bda725305e (patch)
tree089396678f19f2c792f47ebe56ab0e379b3ba4e3 /src
parent9bfc538e7af508bcb3979f4489076049e3a0031d (diff)
downloadvyos-1x-b588e0784626ca42bf0da84a766213bda725305e.tar.gz
vyos-1x-b588e0784626ca42bf0da84a766213bda725305e.zip
T5688: Changed 'range' to multi in 'client-ip-pool' for accell-ppp
Changed node 'range' to multi in 'client-ip-pool' for accell-ppp services. Added completionHelp to default-pool and next-pool. Fixed verification in vpn l2tp config script. (cherry picked from commit 4ffec67d04670192d9b722353cbaef04cb0ba129)
Diffstat (limited to 'src')
-rwxr-xr-xsrc/conf_mode/vpn_l2tp.py2
-rwxr-xr-xsrc/migration-scripts/ipoe-server/1-to-22
-rwxr-xr-xsrc/migration-scripts/l2tp/4-to-544
-rwxr-xr-xsrc/migration-scripts/pppoe-server/6-to-745
-rwxr-xr-xsrc/migration-scripts/pptp/2-to-319
-rwxr-xr-xsrc/migration-scripts/sstp/4-to-517
-rwxr-xr-xsrc/validators/ipv4-range-mask36
7 files changed, 66 insertions, 99 deletions
diff --git a/src/conf_mode/vpn_l2tp.py b/src/conf_mode/vpn_l2tp.py
index 03a27d3cd..1a91951b4 100755
--- a/src/conf_mode/vpn_l2tp.py
+++ b/src/conf_mode/vpn_l2tp.py
@@ -71,7 +71,7 @@ def verify(l2tp):
raise ConfigError('DA/CoE server key required!')
if dict_search('authentication.mode', l2tp) in ['local', 'noauth']:
- if not l2tp['client_ip_pool'] and not l2tp['client_ipv6_pool']:
+ if not dict_search('client_ip_pool', l2tp) and not dict_search('client_ipv6_pool', l2tp):
raise ConfigError(
"L2TP local auth mode requires local client-ip-pool or client-ipv6-pool to be configured!")
if dict_search('client_ip_pool', l2tp) and not dict_search('default_pool', l2tp):
diff --git a/src/migration-scripts/ipoe-server/1-to-2 b/src/migration-scripts/ipoe-server/1-to-2
index c8cec6835..11d7911e9 100755
--- a/src/migration-scripts/ipoe-server/1-to-2
+++ b/src/migration-scripts/ipoe-server/1-to-2
@@ -57,7 +57,7 @@ for pool_name in config.list_nodes(namedpools_base):
pool_path = namedpools_base + [pool_name]
if config.exists(pool_path + ['subnet']):
subnet = config.return_value(pool_path + ['subnet'])
- config.set(pool_base + [pool_name, 'range'], value=subnet)
+ config.set(pool_base + [pool_name, 'range'], value=subnet, replace=False)
# Get netmask from subnet
mask = subnet.split("/")[1]
if config.exists(pool_path + ['next-pool']):
diff --git a/src/migration-scripts/l2tp/4-to-5 b/src/migration-scripts/l2tp/4-to-5
index 496dc83d6..3176f895a 100755
--- a/src/migration-scripts/l2tp/4-to-5
+++ b/src/migration-scripts/l2tp/4-to-5
@@ -24,7 +24,7 @@ import os
from sys import argv
from sys import exit
from vyos.configtree import ConfigTree
-
+from vyos.base import Warning
if len(argv) < 2:
print("Must specify file name!")
@@ -45,33 +45,33 @@ if not config.exists(pool_base):
exit(0)
default_pool = ''
range_pool_name = 'default-range-pool'
-subnet_base_name = 'default-subnet-pool'
-number = 1
-subnet_pool_name = f'{subnet_base_name}-{number}'
-prev_subnet_pool = subnet_pool_name
-if config.exists(pool_base + ['subnet']):
- default_pool = subnet_pool_name
- for subnet in config.return_values(pool_base + ['subnet']):
- config.set(pool_base + [subnet_pool_name, 'range'], value=subnet)
- if prev_subnet_pool != subnet_pool_name:
- config.set(pool_base + [prev_subnet_pool, 'next-pool'],
- value=subnet_pool_name)
- prev_subnet_pool = subnet_pool_name
- number += 1
- subnet_pool_name = f'{subnet_base_name}-{number}'
-
- config.delete(pool_base + ['subnet'])
if config.exists(pool_base + ['start']) and config.exists(pool_base + ['stop']):
+ def is_legalrange(ip1: str, ip2: str, mask: str):
+ from ipaddress import IPv4Interface
+ interface1 = IPv4Interface(f'{ip1}/{mask}')
+
+ interface2 = IPv4Interface(f'{ip2}/{mask}')
+ return interface1.network.network_address == interface2.network.network_address and interface2.ip > interface1.ip
+
start_ip = config.return_value(pool_base + ['start'])
stop_ip = config.return_value(pool_base + ['stop'])
- ip_range = f'{start_ip}-{stop_ip}'
+ if is_legalrange(start_ip, stop_ip,'24'):
+ ip_range = f'{start_ip}-{stop_ip}'
+ config.set(pool_base + [range_pool_name, 'range'], value=ip_range, replace=False)
+ default_pool = range_pool_name
+ else:
+ Warning(
+ f'L2TP client-ip-pool range start-ip:{start_ip} and stop-ip:{stop_ip} can not be migrated.')
+
config.delete(pool_base + ['start'])
config.delete(pool_base + ['stop'])
- config.set(pool_base + [range_pool_name, 'range'], value=ip_range)
- if default_pool:
- config.set(pool_base + [range_pool_name, 'next-pool'],
- value=default_pool)
+
+if config.exists(pool_base + ['subnet']):
+ for subnet in config.return_values(pool_base + ['subnet']):
+ config.set(pool_base + [range_pool_name, 'range'], value=subnet, replace=False)
+
+ config.delete(pool_base + ['subnet'])
default_pool = range_pool_name
if default_pool:
diff --git a/src/migration-scripts/pppoe-server/6-to-7 b/src/migration-scripts/pppoe-server/6-to-7
index d856c1f34..b94ce57f9 100755
--- a/src/migration-scripts/pppoe-server/6-to-7
+++ b/src/migration-scripts/pppoe-server/6-to-7
@@ -29,7 +29,7 @@ import os
from sys import argv
from sys import exit
from vyos.configtree import ConfigTree
-
+from vyos.base import Warning
if len(argv) < 2:
print("Must specify file name!")
@@ -48,38 +48,35 @@ if not config.exists(base):
if not config.exists(pool_base):
exit(0)
+
default_pool = ''
range_pool_name = 'default-range-pool'
-subnet_base_name = 'default-subnet-pool'
-number = 1
-subnet_pool_name = f'{subnet_base_name}-{number}'
-prev_subnet_pool = subnet_pool_name
#Default nameless pools migrations
-if config.exists(pool_base + ['subnet']):
- default_pool = subnet_pool_name
- for subnet in config.return_values(pool_base + ['subnet']):
- config.set(pool_base + [subnet_pool_name, 'range'], value=subnet)
- if prev_subnet_pool != subnet_pool_name:
- config.set(pool_base + [prev_subnet_pool, 'next-pool'],
- value=subnet_pool_name)
- prev_subnet_pool = subnet_pool_name
- number += 1
- subnet_pool_name = f'{subnet_base_name}-{number}'
-
- config.delete(pool_base + ['subnet'])
-
if config.exists(pool_base + ['start']) and config.exists(pool_base + ['stop']):
+ def is_legalrange(ip1: str, ip2: str, mask: str):
+ from ipaddress import IPv4Interface
+ interface1 = IPv4Interface(f'{ip1}/{mask}')
+ interface2 = IPv4Interface(f'{ip2}/{mask}')
+ return interface1.network.network_address == interface2.network.network_address and interface2.ip > interface1.ip
+
start_ip = config.return_value(pool_base + ['start'])
stop_ip = config.return_value(pool_base + ['stop'])
- ip_range = f'{start_ip}-{stop_ip}'
+ if is_legalrange(start_ip, stop_ip, '24'):
+ ip_range = f'{start_ip}-{stop_ip}'
+ config.set(pool_base + [range_pool_name, 'range'], value=ip_range, replace=False)
+ default_pool = range_pool_name
+ else:
+ Warning(
+ f'PPPoE client-ip-pool range start-ip:{start_ip} and stop-ip:{stop_ip} can not be migrated.')
config.delete(pool_base + ['start'])
config.delete(pool_base + ['stop'])
- config.set(pool_base + [range_pool_name, 'range'], value=ip_range)
- if default_pool:
- config.set(pool_base + [range_pool_name, 'next-pool'],
- value=default_pool)
+
+if config.exists(pool_base + ['subnet']):
default_pool = range_pool_name
+ for subnet in config.return_values(pool_base + ['subnet']):
+ config.set(pool_base + [range_pool_name, 'range'], value=subnet, replace=False)
+ config.delete(pool_base + ['subnet'])
gateway = ''
if config.exists(base + ['gateway-address']):
@@ -97,7 +94,7 @@ if config.exists(namedpools_base):
pool_path = namedpools_base + [pool_name]
if config.exists(pool_path + ['subnet']):
subnet = config.return_value(pool_path + ['subnet'])
- config.set(pool_base + [pool_name, 'range'], value=subnet)
+ config.set(pool_base + [pool_name, 'range'], value=subnet, replace=False)
if config.exists(pool_path + ['next-pool']):
next_pool = config.return_value(pool_path + ['next-pool'])
config.set(pool_base + [pool_name, 'next-pool'], value=next_pool)
diff --git a/src/migration-scripts/pptp/2-to-3 b/src/migration-scripts/pptp/2-to-3
index 98dc5c2a6..091cb68ec 100755
--- a/src/migration-scripts/pptp/2-to-3
+++ b/src/migration-scripts/pptp/2-to-3
@@ -23,7 +23,7 @@ import os
from sys import argv
from sys import exit
from vyos.configtree import ConfigTree
-
+from vyos.base import Warning
if len(argv) < 2:
print("Must specify file name!")
@@ -46,13 +46,24 @@ if not config.exists(pool_base):
range_pool_name = 'default-range-pool'
if config.exists(pool_base + ['start']) and config.exists(pool_base + ['stop']):
+ def is_legalrange(ip1: str, ip2: str, mask: str):
+ from ipaddress import IPv4Interface
+ interface1 = IPv4Interface(f'{ip1}/{mask}')
+ interface2 = IPv4Interface(f'{ip2}/{mask}')
+ return interface1.network.network_address == interface2.network.network_address and interface2.ip > interface1.ip
+
start_ip = config.return_value(pool_base + ['start'])
stop_ip = config.return_value(pool_base + ['stop'])
- ip_range = f'{start_ip}-{stop_ip}'
+ if is_legalrange(start_ip, stop_ip, '24'):
+ ip_range = f'{start_ip}-{stop_ip}'
+ config.set(pool_base + [range_pool_name, 'range'], value=ip_range, replace=False)
+ config.set(base + ['default-pool'], value=range_pool_name)
+ else:
+ Warning(
+ f'PPTP client-ip-pool range start-ip:{start_ip} and stop-ip:{stop_ip} can not be migrated.')
+
config.delete(pool_base + ['start'])
config.delete(pool_base + ['stop'])
- config.set(pool_base + [range_pool_name, 'range'], value=ip_range)
- config.set(base + ['default-pool'], value=range_pool_name)
# format as tag node
config.set_tag(pool_base)
diff --git a/src/migration-scripts/sstp/4-to-5 b/src/migration-scripts/sstp/4-to-5
index 3a86c79ec..95e482713 100755
--- a/src/migration-scripts/sstp/4-to-5
+++ b/src/migration-scripts/sstp/4-to-5
@@ -43,21 +43,12 @@ if not config.exists(base):
if not config.exists(pool_base):
exit(0)
-subnet_base_name = 'default-subnet-pool'
-number = 1
-subnet_pool_name = f'{subnet_base_name}-{number}'
-prev_subnet_pool = subnet_pool_name
+range_pool_name = 'default-range-pool'
+
if config.exists(pool_base + ['subnet']):
- default_pool = subnet_pool_name
+ default_pool = range_pool_name
for subnet in config.return_values(pool_base + ['subnet']):
- config.set(pool_base + [subnet_pool_name, 'range'], value=subnet)
- if prev_subnet_pool != subnet_pool_name:
- config.set(pool_base + [prev_subnet_pool, 'next-pool'],
- value=subnet_pool_name)
- prev_subnet_pool = subnet_pool_name
- number += 1
- subnet_pool_name = f'{subnet_base_name}-{number}'
-
+ config.set(pool_base + [range_pool_name, 'range'], value=subnet, replace=False)
config.delete(pool_base + ['subnet'])
config.set(base + ['default-pool'], value=default_pool)
# format as tag node
diff --git a/src/validators/ipv4-range-mask b/src/validators/ipv4-range-mask
index 7bb4539af..9373328ff 100755
--- a/src/validators/ipv4-range-mask
+++ b/src/validators/ipv4-range-mask
@@ -1,12 +1,5 @@
#!/bin/bash
-# snippet from https://stackoverflow.com/questions/10768160/ip-address-converter
-ip2dec () {
- local a b c d ip=$@
- IFS=. read -r a b c d <<< "$ip"
- printf '%d\n' "$((a * 256 ** 3 + b * 256 ** 2 + c * 256 + d))"
-}
-
error_exit() {
echo "Error: $1 is not a valid IPv4 address range or these IPs are not under /$2"
exit 1
@@ -22,37 +15,12 @@ do
r) range=${OPTARG}
esac
done
-if [[ "${range}" =~ "-" ]]&&[[ ! -z ${mask} ]]; then
- # This only works with real bash (<<<) - split IP addresses into array with
- # hyphen as delimiter
- readarray -d - -t strarr <<< ${range}
-
- ipaddrcheck --is-ipv4-single ${strarr[0]}
- if [ $? -gt 0 ]; then
- error_exit ${range} ${mask}
- fi
- ipaddrcheck --is-ipv4-single ${strarr[1]}
+if [[ "${range}" =~ "-" ]]&&[[ ! -z ${mask} ]]; then
+ ipaddrcheck --range-prefix-length ${mask} --is-ipv4-range ${range}
if [ $? -gt 0 ]; then
error_exit ${range} ${mask}
fi
-
- ${vyos_validators_dir}/numeric --range 0-32 ${mask} > /dev/null
- if [ $? -ne 0 ]; then
- error_exit ${range} ${mask}
- fi
-
- is_in_24=$( grepcidr ${strarr[0]}"/"${mask} <(echo ${strarr[1]}) )
- if [ -z $is_in_24 ]; then
- error_exit ${range} ${mask}
- fi
-
- start=$(ip2dec ${strarr[0]})
- stop=$(ip2dec ${strarr[1]})
- if [ $start -ge $stop ]; then
- error_exit ${range} ${mask}
- fi
-
exit 0
fi