diff options
| -rw-r--r-- | interface-definitions/ipoe-server.xml | 9 | ||||
| -rwxr-xr-x | src/conf_mode/ipoe_server.py | 23 |
2 files changed, 28 insertions, 4 deletions
diff --git a/interface-definitions/ipoe-server.xml b/interface-definitions/ipoe-server.xml index 6c93d3699..fd84439b5 100644 --- a/interface-definitions/ipoe-server.xml +++ b/interface-definitions/ipoe-server.xml @@ -255,6 +255,15 @@ </leafNode> </children> </node> + <leafNode name="vlan-id"> + <properties> + <help>VLAN-ID of the client network</help> + <constraint> + <validator name="numeric" argument="--range 1-4096"/> + </constraint> + <constraintErrorMessage>VLAN ID needs to be between 1 and 4096</constraintErrorMessage> + </properties> + </leafNode> </children> </tagNode> </children> diff --git a/src/conf_mode/ipoe_server.py b/src/conf_mode/ipoe_server.py index ca6b423e5..a60379760 100755 --- a/src/conf_mode/ipoe_server.py +++ b/src/conf_mode/ipoe_server.py @@ -41,7 +41,6 @@ ipoe_config = ''' ### generated by ipoe.py ### [modules] log_syslog -ippool ipoe shaper ipv6pool @@ -50,6 +49,7 @@ ipv6_dhcp {% if auth['mech'] == 'radius' %} radius {% endif -%} +ippool {% if auth['mech'] == 'local' %} chap-secrets {% endif %} @@ -65,7 +65,11 @@ level=5 [ipoe] verbose=1 {% for intfc in interfaces %} +{% if interfaces[intfc]['vlan_mon'] %} +interface=re:{{intfc}}\.\d+,\ +{% else %} interface={{intfc}},\ +{% endif %} shared={{interfaces[intfc]['shared']}},\ mode={{interfaces[intfc]['mode']}},\ ifcfg={{interfaces[intfc]['ifcfg']}},\ @@ -83,8 +87,7 @@ password=csid {%- for intfc in interfaces %} {% if (interfaces[intfc]['shared'] == '0') and (interfaces[intfc]['vlan_mon']) %} -vlan_mon={{interfaces[intfc]['vlan_mon']|join(',')}} -interface=re:{{intfc}}\.(409[0-6]|40[0-8][0-9]|[1-3][0-9]{3}|[1-9][0-9]{0,2}) +vlan-mon={{intfc}},{{interfaces[intfc]['vlan_mon']|join(',')}} {% endif %} {% endfor %} @@ -160,16 +163,24 @@ nas-identifier={{auth['radsettings']['nas-identifier']}} tcp=127.0.0.1:2002 ''' -### pppoe chap secrets +### chap secrets chap_secrets_conf = ''' # username server password acceptable local IP addresses shaper {% for aifc in auth['auth_if'] %} {% for mac in auth['auth_if'][aifc] %} {% if (auth['auth_if'][aifc][mac]['up']) and (auth['auth_if'][aifc][mac]['down']) %} +{% if auth['auth_if'][aifc][mac]['vlan'] %} +{{aifc}}.{{auth['auth_if'][aifc][mac]['vlan']}}\t*\t{{mac.lower()}}\t*\t{{auth['auth_if'][aifc][mac]['down']}}/{{auth['auth_if'][aifc][mac]['up']}} +{% else %} {{aifc}}\t*\t{{mac.lower()}}\t*\t{{auth['auth_if'][aifc][mac]['down']}}/{{auth['auth_if'][aifc][mac]['up']}} +{% endif %} +{% else %} +{% if auth['auth_if'][aifc][mac]['vlan'] %} +{{aifc}}.{{auth['auth_if'][aifc][mac]['vlan']}}\t*\t{{mac.lower()}}\t* {% else %} {{aifc}}\t*\t{{mac.lower()}}\t* {% endif %} +{% endif %} {% endfor %} {% endfor %} ''' @@ -213,6 +224,7 @@ def accel_cmd(cmd=''): ### chap_secrets file if auth mode local def gen_chap_secrets(c): + tmpl = jinja2.Template(chap_secrets_conf, trim_blocks=True) chap_secrets_txt = tmpl.render(c) old_umask = os.umask(0o077) @@ -296,6 +308,9 @@ def get_config(): config_data['auth']['auth_if'][auth_int][mac] = {} config_data['auth']['auth_if'][auth_int][mac]['up'] = None config_data['auth']['auth_if'][auth_int][mac]['down'] = None + ## client vlan-id + if c.exists('authentication interface ' + auth_int + ' mac-address ' + mac + ' vlan-id'): + config_data['auth']['auth_if'][auth_int][mac]['vlan'] = c.return_value('authentication interface ' + auth_int + ' mac-address ' + mac + ' vlan-id') if c.exists('authentication mode radius'): for rsrv in c.list_nodes('authentication radius-server'): config_data['auth']['radius'][rsrv] = {} |