summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--smoketest/configs/pki-misc4
-rwxr-xr-xsrc/conf_mode/vpn_sstp.py8
2 files changed, 12 insertions, 0 deletions
diff --git a/smoketest/configs/pki-misc b/smoketest/configs/pki-misc
index c90226a2a..4db795565 100644
--- a/smoketest/configs/pki-misc
+++ b/smoketest/configs/pki-misc
@@ -59,6 +59,10 @@ vpn {
}
mode local
}
+ listen-ports {
+ tcp 4443
+ udp 4443
+ }
network-settings {
client-ip-settings {
subnet 192.168.160.0/24
diff --git a/src/conf_mode/vpn_sstp.py b/src/conf_mode/vpn_sstp.py
index 23e5162ba..2949ab290 100755
--- a/src/conf_mode/vpn_sstp.py
+++ b/src/conf_mode/vpn_sstp.py
@@ -26,7 +26,9 @@ from vyos.pki import wrap_certificate
from vyos.pki import wrap_private_key
from vyos.template import render
from vyos.util import call
+from vyos.util import check_port_availability
from vyos.util import dict_search
+from vyos.util import is_listen_port_bind_service
from vyos.util import write_file
from vyos import ConfigError
from vyos import airbag
@@ -62,6 +64,12 @@ def verify(sstp):
if not sstp:
return None
+ port = sstp.get('port')
+ proto = 'tcp'
+ if check_port_availability('0.0.0.0', int(port), proto) is not True and \
+ not is_listen_port_bind_service(int(port), 'accel-pppd'):
+ raise ConfigError(f'"{proto}" port "{port}" is used by another service')
+
verify_accel_ppp_base_service(sstp)
if 'client_ip_pool' not in sstp and 'client_ipv6_pool' not in sstp: