diff options
| -rw-r--r-- | data/templates/frr/bgp.frr.tmpl | 2 | ||||
| -rw-r--r-- | interface-definitions/dhcp-server.xml.in | 1 | ||||
| -rw-r--r-- | interface-definitions/include/accel-radius-additions-disable-accounting.xlm.in | 7 | ||||
| -rw-r--r-- | interface-definitions/include/accel-radius-additions.xml.i | 1 | ||||
| -rw-r--r-- | interface-definitions/include/bgp-neighbor-afi-ipv4-unicast.xml.i | 1 | ||||
| -rw-r--r-- | interface-definitions/protocols-bgp.xml.in | 7 | ||||
| -rw-r--r-- | interface-definitions/vpn_l2tp.xml.in | 1 | ||||
| -rw-r--r-- | python/vyos/configdict.py | 5 | ||||
| -rw-r--r-- | python/vyos/template.py | 4 | ||||
| -rwxr-xr-x | src/conf_mode/protocols_bgp.py | 11 | ||||
| -rwxr-xr-x | src/conf_mode/vpn_l2tp.py | 3 | ||||
| -rwxr-xr-x | src/conf_mode/vpn_pptp.py | 3 | ||||
| -rw-r--r-- | src/tests/helper.py | 3 | ||||
| -rw-r--r-- | src/tests/test_config_parser.py | 4 | ||||
| -rwxr-xr-x | src/tests/test_find_device_file.py | 2 | ||||
| -rw-r--r-- | src/tests/test_template.py | 31 | ||||
| -rw-r--r-- | src/tests/test_util.py | 6 | ||||
| -rw-r--r-- | src/tests/test_vyos_dict_search.py | 2 |
18 files changed, 65 insertions, 29 deletions
diff --git a/data/templates/frr/bgp.frr.tmpl b/data/templates/frr/bgp.frr.tmpl index d011a1e85..02bac3bf7 100644 --- a/data/templates/frr/bgp.frr.tmpl +++ b/data/templates/frr/bgp.frr.tmpl @@ -14,7 +14,7 @@ router bgp {{ asn }} {%- if type == "ipv4_unicast" %} ! address-family ipv4 unicast -{# need to check #} +{#- need to check #} {%- if 'aggregate_address' in bgp_afi[type] %} {%- for ip in bgp_afi[type].aggregate_address %} {%- if ( ('as_set' and 'summary_only') in bgp_afi[type].aggregate_address[ip] ) %} diff --git a/interface-definitions/dhcp-server.xml.in b/interface-definitions/dhcp-server.xml.in index ca8abc036..978118b31 100644 --- a/interface-definitions/dhcp-server.xml.in +++ b/interface-definitions/dhcp-server.xml.in @@ -87,6 +87,7 @@ <constraint> <validator name="ipv4-prefix"/> </constraint> + <constraintErrorMessage>Invalid IPv4 subnet definition</constraintErrorMessage> </properties> <children> <leafNode name="bootfile-name"> diff --git a/interface-definitions/include/accel-radius-additions-disable-accounting.xlm.in b/interface-definitions/include/accel-radius-additions-disable-accounting.xlm.in new file mode 100644 index 000000000..026f67453 --- /dev/null +++ b/interface-definitions/include/accel-radius-additions-disable-accounting.xlm.in @@ -0,0 +1,7 @@ +<leafNode name="disable-accounting"> + <properties> + <help>Disable accounting</help> + <valueless/> + </properties> +</leafNode> + diff --git a/interface-definitions/include/accel-radius-additions.xml.i b/interface-definitions/include/accel-radius-additions.xml.i index 598fb73f8..bf0f0ac94 100644 --- a/interface-definitions/include/accel-radius-additions.xml.i +++ b/interface-definitions/include/accel-radius-additions.xml.i @@ -29,6 +29,7 @@ </properties> <defaultValue>1813</defaultValue> </leafNode> + #include <include/accel-radius-additions-disable-accounting.xlm.in> <leafNode name="fail-time"> <properties> <help>Mark server unavailable for <n> seconds on failure</help> diff --git a/interface-definitions/include/bgp-neighbor-afi-ipv4-unicast.xml.i b/interface-definitions/include/bgp-neighbor-afi-ipv4-unicast.xml.i index f1a61d669..155817838 100644 --- a/interface-definitions/include/bgp-neighbor-afi-ipv4-unicast.xml.i +++ b/interface-definitions/include/bgp-neighbor-afi-ipv4-unicast.xml.i @@ -267,7 +267,6 @@ <leafNode name="unsuppress-map"> <properties> <help>Route-map to selectively unsuppress suppressed IPv4-routes</help> - <valueless/> </properties> </leafNode> <leafNode name="weight"> diff --git a/interface-definitions/protocols-bgp.xml.in b/interface-definitions/protocols-bgp.xml.in index 3a4600753..e1469d6ad 100644 --- a/interface-definitions/protocols-bgp.xml.in +++ b/interface-definitions/protocols-bgp.xml.in @@ -342,7 +342,6 @@ <leafNode name="description"> <properties> <help>Description for this neighbor</help> - <valueless/> </properties> </leafNode> <leafNode name="disable-capability-negotiation"> @@ -916,12 +915,6 @@ </tagNode> </children> </node> - <leafNode name="enforce-first-as"> - <properties> - <help>Require first AS in the path to match peer AS number</help> - <valueless/> - </properties> - </leafNode> <node name="graceful-restart"> <properties> <help>Graceful restart capability parameters</help> diff --git a/interface-definitions/vpn_l2tp.xml.in b/interface-definitions/vpn_l2tp.xml.in index 8802c0564..82af86470 100644 --- a/interface-definitions/vpn_l2tp.xml.in +++ b/interface-definitions/vpn_l2tp.xml.in @@ -225,6 +225,7 @@ <children> <tagNode name="server"> <children> + #include <include/accel-radius-additions-disable-accounting.xlm.in> <leafNode name="fail-time"> <properties> <help>Mark server unavailable for <n> seconds on failure</help> diff --git a/python/vyos/configdict.py b/python/vyos/configdict.py index 62df3334c..db17c33fc 100644 --- a/python/vyos/configdict.py +++ b/python/vyos/configdict.py @@ -455,6 +455,11 @@ def get_accel_dict(config, base, chap_secrets): dict['authentication']['radius']['server'][server] = dict_merge( default_values, dict['authentication']['radius']['server'][server]) + # Check option "disable-accounting" per server and replace default value from '1813' to '0' + # set vpn sstp authentication radius server x.x.x.x disable-accounting + if 'disable_accounting' in dict['authentication']['radius']['server'][server]: + dict['authentication']['radius']['server'][server]['acct_port'] = '0' + # Add individual local-user default values if vyos_dict_search('authentication.local_users.username', dict): default_values = defaults(base + ['authentication', 'local-users', 'username']) diff --git a/python/vyos/template.py b/python/vyos/template.py index c88ab04a0..1f1ddc000 100644 --- a/python/vyos/template.py +++ b/python/vyos/template.py @@ -131,7 +131,7 @@ def vyos_address_from_cidr(text): Example: 192.0.2.0/24 -> 192.0.2.0, 2001:db8::/48 -> 2001:db8:: """ - return ip_network(text).network_address + return str(ip_network(text).network_address) @register_filter("netmask_from_cidr") @@ -140,4 +140,4 @@ def vyos_netmask_from_cidr(text): Example: 192.0.2.0/24 -> 255.255.255.0, 2001:db8::/48 -> ffff:ffff:ffff:: """ - return ip_network(text).netmask + return str(ip_network(text).netmask) diff --git a/src/conf_mode/protocols_bgp.py b/src/conf_mode/protocols_bgp.py index 1978adff5..957f72ed5 100755 --- a/src/conf_mode/protocols_bgp.py +++ b/src/conf_mode/protocols_bgp.py @@ -33,7 +33,7 @@ def get_config(): base = ['protocols', 'nbgp'] bgp = conf.get_config_dict(base, key_mangling=('-', '_')) if not conf.exists(base): - return None + bgp = {} from pprint import pprint pprint(bgp) @@ -44,10 +44,16 @@ def verify(bgp): if not bgp: return None + # Check if declared more than one ASN + for asn in bgp['nbgp'].items(): + if len(bgp['nbgp']) > 1: + raise ConfigError('Only one bgp ASN process can be definded') + return None def generate(bgp): if not bgp: + bgp['new_frr_config'] = '' return None # render(config) not needed, its only for debug @@ -58,9 +64,6 @@ def generate(bgp): return None def apply(bgp): - if bgp is None: - return None - # Save original configration prior to starting any commit actions bgp['original_config'] = frr.get_configuration(daemon='bgpd') bgp['modified_config'] = frr.replace_section(bgp['original_config'], bgp['new_frr_config'], from_re='router bgp .*') diff --git a/src/conf_mode/vpn_l2tp.py b/src/conf_mode/vpn_l2tp.py index 48d887abe..465986d5b 100755 --- a/src/conf_mode/vpn_l2tp.py +++ b/src/conf_mode/vpn_l2tp.py @@ -162,6 +162,9 @@ def get_config(config=None): conf.set_level(base_path + ['authentication', 'radius', 'server', server]) + if conf.exists(['disable-accounting']): + radius['acct_port'] = '0' + if conf.exists(['fail-time']): radius['fail_time'] = conf.return_value(['fail-time']) diff --git a/src/conf_mode/vpn_pptp.py b/src/conf_mode/vpn_pptp.py index 306d05c60..3125ee9d0 100755 --- a/src/conf_mode/vpn_pptp.py +++ b/src/conf_mode/vpn_pptp.py @@ -121,6 +121,9 @@ def get_config(config=None): conf.set_level(base_path + ['authentication', 'radius', 'server', server]) + if conf.exists(['disable-accounting']): + radius['acct_port'] = '0' + if conf.exists(['fail-time']): radius['fail_time'] = conf.return_value(['fail-time']) diff --git a/src/tests/helper.py b/src/tests/helper.py index a7e4f201c..f7033148a 100644 --- a/src/tests/helper.py +++ b/src/tests/helper.py @@ -13,13 +13,10 @@ # # You should have received a copy of the GNU General Public License # along with this program. If not, see <http://www.gnu.org/licenses/>. -# -# import sys import importlib.util - def prepare_module(file_path='', module_name=''): spec = importlib.util.spec_from_file_location(module_name, file_path) module = importlib.util.module_from_spec(spec) diff --git a/src/tests/test_config_parser.py b/src/tests/test_config_parser.py index 5b922e2dd..6e0a071f8 100644 --- a/src/tests/test_config_parser.py +++ b/src/tests/test_config_parser.py @@ -15,11 +15,9 @@ # along with this program. If not, see <http://www.gnu.org/licenses/>. import os -import tempfile -import unittest +import vyos.configtree from unittest import TestCase -import vyos.configtree class TestConfigParser(TestCase): def setUp(self): diff --git a/src/tests/test_find_device_file.py b/src/tests/test_find_device_file.py index 8cf50b32d..43c80dc76 100755 --- a/src/tests/test_find_device_file.py +++ b/src/tests/test_find_device_file.py @@ -14,9 +14,7 @@ # You should have received a copy of the GNU General Public License # along with this program. If not, see <http://www.gnu.org/licenses/>. -import unittest from unittest import TestCase - from vyos.util import find_device_file class TestDeviceFile(TestCase): diff --git a/src/tests/test_template.py b/src/tests/test_template.py new file mode 100644 index 000000000..0b9f2c3b8 --- /dev/null +++ b/src/tests/test_template.py @@ -0,0 +1,31 @@ +#!/usr/bin/env python3 +# +# Copyright (C) 2020 VyOS maintainers and contributors +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 or later as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. + +from unittest import TestCase + +from vyos.template import vyos_address_from_cidr +from vyos.template import vyos_netmask_from_cidr + + +class TestTeamplteHelpers(TestCase): + def setUp(self): + pass + + def test_helpers_from_cidr(self): + network = '192.0.2.0/26' + self.assertEqual(vyos_address_from_cidr(network), '192.0.2.0') + self.assertEqual(vyos_netmask_from_cidr(network), '255.255.255.192') + diff --git a/src/tests/test_util.py b/src/tests/test_util.py index 09bf947b8..f7405cbde 100644 --- a/src/tests/test_util.py +++ b/src/tests/test_util.py @@ -14,10 +14,8 @@ # You should have received a copy of the GNU General Public License # along with this program. If not, see <http://www.gnu.org/licenses/>. -import unittest from unittest import TestCase - -import vyos.util +from vyos.util import mangle_dict_keys class TestVyOSUtil(TestCase): @@ -27,6 +25,6 @@ class TestVyOSUtil(TestCase): def test_key_mangline(self): data = {"foo-bar": {"baz-quux": None}} expected_data = {"foo_bar": {"baz_quux": None}} - new_data = vyos.util.mangle_dict_keys(data, '-', '_') + new_data = mangle_dict_keys(data, '-', '_') self.assertEqual(new_data, expected_data) diff --git a/src/tests/test_vyos_dict_search.py b/src/tests/test_vyos_dict_search.py index ef338d46f..cba6562da 100644 --- a/src/tests/test_vyos_dict_search.py +++ b/src/tests/test_vyos_dict_search.py @@ -14,9 +14,7 @@ # You should have received a copy of the GNU General Public License # along with this program. If not, see <http://www.gnu.org/licenses/>. -import unittest from unittest import TestCase - from vyos.util import vyos_dict_search data = { |