summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--data/config-mode-dependencies/vyos-1x.json3
-rw-r--r--interface-definitions/system_frr.xml.in2
-rw-r--r--op-mode-definitions/show-system.xml.in4
-rw-r--r--op-mode-definitions/show-version.xml.in2
-rw-r--r--python/vyos/qos/trafficshaper.py2
-rw-r--r--python/vyos/utils/config.py9
-rwxr-xr-xsmoketest/scripts/cli/test_vpn_l2tp.py41
-rwxr-xr-xsrc/conf_mode/vpn_l2tp.py10
-rwxr-xr-xsrc/init/vyos-router6
9 files changed, 67 insertions, 12 deletions
diff --git a/data/config-mode-dependencies/vyos-1x.json b/data/config-mode-dependencies/vyos-1x.json
index 4fd94d895..b62603e34 100644
--- a/data/config-mode-dependencies/vyos-1x.json
+++ b/data/config-mode-dependencies/vyos-1x.json
@@ -29,6 +29,9 @@
"openconnect": ["vpn_openconnect"],
"sstp": ["vpn_sstp"]
},
+ "vpn_l2tp": {
+ "ipsec": ["vpn_ipsec"]
+ },
"qos": {
"bonding": ["interfaces_bonding"],
"bridge": ["interfaces_bridge"],
diff --git a/interface-definitions/system_frr.xml.in b/interface-definitions/system_frr.xml.in
index 76001b392..28242dfe4 100644
--- a/interface-definitions/system_frr.xml.in
+++ b/interface-definitions/system_frr.xml.in
@@ -4,7 +4,7 @@
<children>
<node name="frr" owner="${vyos_conf_scripts_dir}/system_frr.py">
<properties>
- <help>Configure FRR parameters</help>
+ <help>Configure FRRouting parameters</help>
<!-- Before components that use FRR -->
<priority>150</priority>
</properties>
diff --git a/op-mode-definitions/show-system.xml.in b/op-mode-definitions/show-system.xml.in
index 116c7460f..6873b816b 100644
--- a/op-mode-definitions/show-system.xml.in
+++ b/op-mode-definitions/show-system.xml.in
@@ -150,7 +150,7 @@
</children>
</tagNode>
</children>
- </node>
+ </node>
<node name="users">
<properties>
<help>Show user account information</help>
@@ -239,7 +239,7 @@
</node>
<leafNode name="routing-daemons">
<properties>
- <help>Show Quagga routing daemons</help>
+ <help>Show FRRouting daemons</help>
</properties>
<command>vtysh -c "show daemons"</command>
</leafNode>
diff --git a/op-mode-definitions/show-version.xml.in b/op-mode-definitions/show-version.xml.in
index d9c4738af..36e68ff79 100644
--- a/op-mode-definitions/show-version.xml.in
+++ b/op-mode-definitions/show-version.xml.in
@@ -22,7 +22,7 @@
</leafNode>
<leafNode name="frr">
<properties>
- <help>Show Quagga version information</help>
+ <help>Show FRRouting version information</help>
</properties>
<command>vtysh -c "show version"</command>
</leafNode>
diff --git a/python/vyos/qos/trafficshaper.py b/python/vyos/qos/trafficshaper.py
index d6705cc77..7d580baa2 100644
--- a/python/vyos/qos/trafficshaper.py
+++ b/python/vyos/qos/trafficshaper.py
@@ -39,7 +39,7 @@ class TrafficShaper(QoSBase):
# need a bigger r2q if going fast than 16 mbits/sec
if (speed_bps // r2q) >= MAXQUANTUM: # integer division
- r2q = ceil(speed_bps // MAXQUANTUM)
+ r2q = ceil(speed_bps / MAXQUANTUM)
else:
# if there is a slow class then may need smaller value
if 'class' in config:
diff --git a/python/vyos/utils/config.py b/python/vyos/utils/config.py
index bd363ce46..33047010b 100644
--- a/python/vyos/utils/config.py
+++ b/python/vyos/utils/config.py
@@ -1,4 +1,4 @@
-# Copyright 2023 VyOS maintainers and contributors <maintainers@vyos.io>
+# Copyright 2023-2024 VyOS maintainers and contributors <maintainers@vyos.io>
#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
@@ -31,4 +31,9 @@ def read_saved_value(path: list):
if not ct.exists(path):
return ''
res = ct.return_values(path)
- return res[0] if len(res) == 1 else res
+ if len(res) == 1:
+ return res[0]
+ res = ct.list_nodes(path)
+ if len(res) == 1:
+ return ' '.join(res)
+ return res
diff --git a/smoketest/scripts/cli/test_vpn_l2tp.py b/smoketest/scripts/cli/test_vpn_l2tp.py
index 3d9d94f52..e253f0e49 100755
--- a/smoketest/scripts/cli/test_vpn_l2tp.py
+++ b/smoketest/scripts/cli/test_vpn_l2tp.py
@@ -54,6 +54,47 @@ class TestVPNL2TPServer(BasicAccelPPPTest.TestCase):
self.assertEqual(conf['modules']['auth_mschap_v2'], None)
+ def test_vpn_l2tp_dependence_ipsec_swanctl(self):
+ # Test config vpn for tasks T3843 and T5926
+
+ base_path = ['vpn', 'l2tp', 'remote-access']
+ # make precondition
+ self.cli_set(['interfaces', 'dummy', 'dum0', 'address', '203.0.113.1/32'])
+ self.cli_set(['vpn', 'ipsec', 'interface', 'dum0'])
+
+ self.cli_commit()
+ # check ipsec apply to swanctl
+ self.assertEqual('', cmd('echo vyos | sudo -S swanctl -L '))
+
+ self.cli_set(base_path + ['authentication', 'local-users', 'username', 'foo', 'password', 'bar'])
+ self.cli_set(base_path + ['authentication', 'mode', 'local'])
+ self.cli_set(base_path + ['authentication', 'protocols', 'chap'])
+ self.cli_set(base_path + ['client-ip-pool', 'first', 'range', '10.200.100.100-10.200.100.110'])
+ self.cli_set(base_path + ['description', 'VPN - REMOTE'])
+ self.cli_set(base_path + ['name-server', '1.1.1.1'])
+ self.cli_set(base_path + ['ipsec-settings', 'authentication', 'mode', 'pre-shared-secret'])
+ self.cli_set(base_path + ['ipsec-settings', 'authentication', 'pre-shared-secret', 'SeCret'])
+ self.cli_set(base_path + ['ipsec-settings', 'ike-lifetime', '8600'])
+ self.cli_set(base_path + ['ipsec-settings', 'lifetime', '3600'])
+ self.cli_set(base_path + ['outside-address', '203.0.113.1'])
+ self.cli_set(base_path + ['gateway-address', '203.0.113.1'])
+
+ self.cli_commit()
+
+ # check l2tp apply to swanctl
+ self.assertTrue('l2tp_remote_access:' in cmd('echo vyos | sudo -S swanctl -L '))
+
+ self.cli_delete(['vpn', 'l2tp'])
+ self.cli_commit()
+
+ # check l2tp apply to swanctl after delete config
+ self.assertEqual('', cmd('echo vyos | sudo -S swanctl -L '))
+
+ # need to correct tearDown test
+ self.basic_config()
+ self.cli_set(base_path + ['authentication', 'protocols', 'chap'])
+ self.cli_commit()
+
if __name__ == '__main__':
unittest.main(verbosity=2)
diff --git a/src/conf_mode/vpn_l2tp.py b/src/conf_mode/vpn_l2tp.py
index 36b3d2a30..4ca717814 100755
--- a/src/conf_mode/vpn_l2tp.py
+++ b/src/conf_mode/vpn_l2tp.py
@@ -19,6 +19,7 @@ import os
from sys import exit
from vyos.config import Config
+from vyos.configdep import call_dependents, set_dependents
from vyos.configdict import get_accel_dict
from vyos.template import render
from vyos.utils.process import call
@@ -42,6 +43,9 @@ def get_config(config=None):
else:
conf = Config()
base = ['vpn', 'l2tp', 'remote-access']
+
+ set_dependents('ipsec', conf)
+
if not conf.exists(base):
return None
@@ -94,10 +98,10 @@ def apply(l2tp):
for file in [l2tp_chap_secrets, l2tp_conf]:
if os.path.exists(file):
os.unlink(file)
+ else:
+ call('systemctl restart accel-ppp@l2tp.service')
- return None
-
- call('systemctl restart accel-ppp@l2tp.service')
+ call_dependents()
if __name__ == '__main__':
diff --git a/src/init/vyos-router b/src/init/vyos-router
index ac1cf249e..2b4fac5ef 100755
--- a/src/init/vyos-router
+++ b/src/init/vyos-router
@@ -448,14 +448,16 @@ start ()
restore_if_missing_postconfig_script
run_postconfig_scripts
- vtysh -c "rpki start"
+ tmp=$(${vyos_libexec_dir}/read-saved-value.py --path "protocols rpki cache")
+ if [ ! -z $tmp ]; then
+ vtysh -c "rpki start"
+ fi
}
stop()
{
local -i status=0
log_daemon_msg "Stopping VyOS router"
- vtysh -c "rpki stop"
for ((i=${#sub_inits[@]} - 1; i >= 0; i--)) ; do
s=${subinit[$i]}
log_progress_msg $s