4 files changed, 98 insertions, 58 deletions

diff --git a/data/templates/l2tp/l2tp.config.tmpl b/data/templates/l2tp/l2tp.config.tmpl
index b8637e256..bea2943d2 100644
--- a/data/templates/l2tp/l2tp.config.tmpl
+++ b/data/templates/l2tp/l2tp.config.tmpl
@@ -23,21 +23,18 @@ syslog=accel-l2tp,daemon
 copy=1
 level=5
 
-{% if dns %}
+{% if dnsv4 %}
 [dns]
-{% if dns[0] %}
-dns1={{dns[0]}}
-{% endif %}
-{% if dns[1] %}
-dns2={{dns[1]}}
+{% for dns in dnsv4 -%}
+dns{{ loop.index }}={{ dns }}
+{% endfor -%}
 {% endif %}
-{% endif -%}
 
 {% if dnsv6 %}
 [ipv6-dns]
-{% for srv in dnsv6: %}
-{{srv}}
-{% endfor %}
+{% for dns in dnsv6 -%}
+{{ dns }}
+{% endfor -%}
 {% endif %}
 
 {% if wins %}
diff --git a/interface-definitions/vpn-l2tp.xml.in b/interface-definitions/vpn-l2tp.xml.in
index dcbb5f3ed..0bd592746 100644
--- a/interface-definitions/vpn-l2tp.xml.in
+++ b/interface-definitions/vpn-l2tp.xml.in
@@ -36,48 +36,22 @@
                   </constraint>
                 </properties>
               </leafNode>
-              <node name="dns-servers">
+              <leafNode name="name-server">
                 <properties>
-                  <help>IPv4 Domain Name Service (DNS) server</help>
-                </properties>
-                <children>
-                  <leafNode name="server-1">
-                    <properties>
-                      <help>Primary DNS server</help>
-                      <valueHelp>
-                        <format>ipv4</format>
-                        <description>IPv4 address</description>
-                      </valueHelp>
-                      <constraint>
-                        <validator name="ipv4-address"/>
-                      </constraint>
-                    </properties>
-                  </leafNode>
-                  <leafNode name="server-2">
-                    <properties>
-                      <help>Secondary DNS server</help>
-                      <valueHelp>
-                        <format>ipv4</format>
-                        <description>IPv4 address</description>
-                      </valueHelp>
-                      <constraint>
-                        <validator name="ipv4-address"/>
-                      </constraint>
-                    </properties>
-                  </leafNode>
-                </children>
-              </node>
-              <leafNode name="dnsv6-servers">
-                <properties>
-                  <help>IPv6 Domain Name Service (DNS) server</help>
+                  <help>Domain Name Server (DNS) propagated to client</help>
                   <valueHelp>
-                  <format>ipv6</format>
-                    <description>IPv6 DNS address</description>
+                    <format>ipv4</format>
+                    <description>Domain Name Server (DNS) IPv4 address</description>
+                  </valueHelp>
+                  <valueHelp>
+                    <format>ipv6</format>
+                    <description>Domain Name Server (DNS) IPv6 address</description>
                   </valueHelp>
                   <constraint>
+                    <validator name="ipv4-address"/>
                     <validator name="ipv6-address"/>
                   </constraint>
-                  <multi />
+                  <multi/>
                 </properties>
               </leafNode>
               <node name="lns">
diff --git a/src/conf_mode/vpn_l2tp.py b/src/conf_mode/vpn_l2tp.py
index d5274a6bc..93ee9edf9 100755
--- a/src/conf_mode/vpn_l2tp.py
+++ b/src/conf_mode/vpn_l2tp.py
@@ -26,9 +26,9 @@ from jinja2 import FileSystemLoader, Environment
 
 from vyos.config import Config
 from vyos.defaults import directories as vyos_data_dir
-from vyos import ConfigError
 from vyos.util import run
-
+from vyos.validate import is_ipv4
+from vyos import ConfigError
 
 pidfile = r'/var/run/accel_l2tp.pid'
 l2tp_cnf_dir = r'/etc/accel-ppp/l2tp'
@@ -53,7 +53,7 @@ default_config_data = {
     },
     'outside_addr': '',
     'gateway_address': '10.255.255.0',
-    'dns': [],
+    'dnsv4': [],
     'dnsv6': [],
     'wins': [],
     'client_ip_pool': None,
@@ -91,7 +91,7 @@ def _accel_cmd(command):
 
 def get_config():
     c = Config()
-    base = ['vpn', 'l2tp' 'remote-access']
+    base = ['vpn', 'l2tp', 'remote-access']
     if not c.exists(base):
         return None
 
@@ -99,17 +99,19 @@ def get_config():
     config_data = deepcopy(default_config_data)
 
     ### general options ###
-    if c.exists('dns-servers server-1'):
-        config_data['dns'].append(c.return_value('dns-servers server-1'))
-    if c.exists('dns-servers server-2'):
-        config_data['dns'].append(c.return_value('dns-servers server-2'))
-    if c.exists('dnsv6-servers'):
-        for dns6_server in c.return_values('dnsv6-servers'):
-            config_data['dnsv6'].append(dns6_server)
+    if c.exists(['name-server']):
+        for name_server in c.return_values(['name-server']):
+            if is_ipv4(name_server):
+                config_data['dnsv4'].append(name_server)
+            else:
+                config_data['dnsv6'].append(name_server)
+
     if c.exists('wins-servers server-1'):
         config_data['wins'].append(c.return_value('wins-servers server-1'))
+
     if c.exists('wins-servers server-2'):
         config_data['wins'].append(c.return_value('wins-servers server-2'))
+
     if c.exists('outside-address'):
         config_data['outside_addr'] = c.return_value('outside-address')
 
@@ -324,8 +326,11 @@ def verify(c):
         raise ConfigError(
             "\"set vpn l2tp remote-access client-ipv6-pool prefix\" required for delegate-prefix ")
 
+    if len(c['dnsv4']) > 2:
+        raise ConfigError('Not more then two IPv4 DNS name-servers can be configured')
+
     if len(c['dnsv6']) > 3:
-        raise ConfigError("Maximum allowed dnsv6-servers addresses is 3")
+        raise ConfigError('Not more then three IPv6 DNS name-servers can be configured')
 
 
 def generate(c):
diff --git a/src/migration-scripts/l2tp/2-to-3 b/src/migration-scripts/l2tp/2-to-3
new file mode 100755
index 000000000..ebeb814c1
--- /dev/null
+++ b/src/migration-scripts/l2tp/2-to-3
@@ -0,0 +1,64 @@
+#!/usr/bin/env python3
+#
+# Copyright (C) 2020 VyOS maintainers and contributors
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 or later as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+# - remove primary/secondary identifier from nameserver
+
+import os
+import sys
+
+from sys import argv, exit
+from vyos.configtree import ConfigTree
+
+if (len(argv) < 1):
+    print("Must specify file name!")
+    exit(1)
+
+file_name = argv[1]
+
+with open(file_name, 'r') as f:
+    config_file = f.read()
+
+config = ConfigTree(config_file)
+base = ['vpn', 'l2tp', 'remote-access']
+if not config.exists(base):
+    # Nothing to do
+    exit(0)
+else:
+
+    # Migrate IPv4 DNS servers
+    dns_base = base + ['dns-servers']
+    if config.exists(dns_base):
+        for server in ['server-1', 'server-2']:
+          if config.exists(dns_base + [server]):
+            dns = config.return_value(dns_base + [server])
+            config.set(base + ['name-server'], value=dns, replace=False)
+
+        config.delete(dns_base)
+
+    # Migrate IPv6 DNS servers
+    dns_base = base + ['dnsv6-servers']
+    if config.exists(dns_base):
+        for server in config.return_values(dns_base):
+            config.set(base + ['name-server'], value=server, replace=False)
+
+        config.delete(dns_base)
+
+    try:
+        with open(file_name, 'w') as f:
+            f.write(config.to_string())
+    except OSError as e:
+        print("Failed to save the modified config: {}".format(e))
+        exit(1)