diff options
| -rw-r--r-- | data/templates/openvpn/server.conf.j2 | 4 | ||||
| -rw-r--r-- | interface-definitions/interfaces_openvpn.xml.in | 2 | ||||
| -rwxr-xr-x | smoketest/scripts/cli/test_interfaces_openvpn.py | 10 | ||||
| -rwxr-xr-x | src/conf_mode/interfaces_openvpn.py | 18 |
4 files changed, 17 insertions, 17 deletions
diff --git a/data/templates/openvpn/server.conf.j2 b/data/templates/openvpn/server.conf.j2 index 4957cbf2c..236584387 100644 --- a/data/templates/openvpn/server.conf.j2 +++ b/data/templates/openvpn/server.conf.j2 @@ -90,8 +90,8 @@ server-ipv6 {{ subnet }} {% endif %} {% endfor %} {% endif %} -{% if server.server_bridge is vyos_defined and server.server_bridge.disable is not vyos_defined %} -server-bridge {{ server.server_bridge.gateway }} {{ server.server_bridge.subnet_mask }} {{ server.server_bridge.start }} {{ server.server_bridge.stop if server.server_bridge.stop is vyos_defined }} +{% if server.bridge is vyos_defined and server.bridge.disable is not vyos_defined %} +server-bridge {{ server.bridge.gateway }} {{ server.bridge.subnet_mask }} {{ server.bridge.start }} {{ server.bridge.stop if server.bridge.stop is vyos_defined }} {% endif %} {% if server.client_ip_pool is vyos_defined and server.client_ip_pool.disable is not vyos_defined %} ifconfig-pool {{ server.client_ip_pool.start }} {{ server.client_ip_pool.stop }} {{ server.client_ip_pool.subnet_mask if server.client_ip_pool.subnet_mask is vyos_defined }} diff --git a/interface-definitions/interfaces_openvpn.xml.in b/interface-definitions/interfaces_openvpn.xml.in index 2c2c20673..0a2c61421 100644 --- a/interface-definitions/interfaces_openvpn.xml.in +++ b/interface-definitions/interfaces_openvpn.xml.in @@ -461,7 +461,7 @@ </leafNode> </children> </tagNode> - <node name="server-bridge"> + <node name="bridge"> <properties> <help>Used with TAP device (layer 2)</help> </properties> diff --git a/smoketest/scripts/cli/test_interfaces_openvpn.py b/smoketest/scripts/cli/test_interfaces_openvpn.py index 14c302960..422fe4ceb 100755 --- a/smoketest/scripts/cli/test_interfaces_openvpn.py +++ b/smoketest/scripts/cli/test_interfaces_openvpn.py @@ -612,7 +612,7 @@ class TestInterfacesOpenVPN(VyOSUnitTestSHIM.TestCase): def test_openvpn_server_server_bridge(self): - # Create OpenVPN server interface using server-bridge. + # Create OpenVPN server interface using bridge. # Validate configuration afterwards. br_if = 'br0' vtun_if = 'vtun5010' @@ -628,10 +628,10 @@ class TestInterfacesOpenVPN(VyOSUnitTestSHIM.TestCase): self.cli_set(path + ['encryption', 'data-ciphers', 'aes192']) self.cli_set(path + ['hash', auth_hash]) self.cli_set(path + ['mode', 'server']) - self.cli_set(path + ['server', 'server-bridge', 'gateway', gw_subnet]) - self.cli_set(path + ['server', 'server-bridge', 'start', start_subnet]) - self.cli_set(path + ['server', 'server-bridge', 'stop', stop_subnet]) - self.cli_set(path + ['server', 'server-bridge', 'subnet-mask', mask_subnet]) + self.cli_set(path + ['server', 'bridge', 'gateway', gw_subnet]) + self.cli_set(path + ['server', 'bridge', 'start', start_subnet]) + self.cli_set(path + ['server', 'bridge', 'stop', stop_subnet]) + self.cli_set(path + ['server', 'bridge', 'subnet-mask', mask_subnet]) self.cli_set(path + ['keep-alive', 'failure-count', '5']) self.cli_set(path + ['keep-alive', 'interval', '5']) self.cli_set(path + ['tls', 'ca-certificate', 'ovpn_test']) diff --git a/src/conf_mode/interfaces_openvpn.py b/src/conf_mode/interfaces_openvpn.py index ded836c5f..3c133bc79 100755 --- a/src/conf_mode/interfaces_openvpn.py +++ b/src/conf_mode/interfaces_openvpn.py @@ -378,21 +378,21 @@ def verify(openvpn): if (client_v.get('ip') and len(client_v['ip']) > 1) or (client_v.get('ipv6_ip') and len(client_v['ipv6_ip']) > 1): raise ConfigError(f'Server client "{client_k}": cannot specify more than 1 IPv4 and 1 IPv6 IP') - if dict_search('server.server_bridge', openvpn): + if dict_search('server.bridge', openvpn): # check if server-bridge is a tap interfaces - if not openvpn['device_type'] == 'tap' and dict_search('server.server_bridge', openvpn): - raise ConfigError('Must specify "device-type tap" with server-bridge mode') - elif not (dict_search('server.server_bridge.start', openvpn) and dict_search('server.server_bridge.stop', openvpn)): - raise ConfigError('Server server-bridge requires both start and stop addresses') + if not openvpn['device_type'] == 'tap' and dict_search('server.bridge', openvpn): + raise ConfigError('Must specify "device-type tap" with server bridge mode') + elif not (dict_search('server.bridge.start', openvpn) and dict_search('server.bridge.stop', openvpn)): + raise ConfigError('Server server bridge requires both start and stop addresses') else: - v4PoolStart = IPv4Address(dict_search('server.server_bridge.start', openvpn)) - v4PoolStop = IPv4Address(dict_search('server.server_bridge.stop', openvpn)) + v4PoolStart = IPv4Address(dict_search('server.bridge.start', openvpn)) + v4PoolStop = IPv4Address(dict_search('server.bridge.stop', openvpn)) if v4PoolStart > v4PoolStop: - raise ConfigError(f'Server server-bridge start address {v4PoolStart} is larger than stop address {v4PoolStop}') + raise ConfigError(f'Server server bridge start address {v4PoolStart} is larger than stop address {v4PoolStop}') v4PoolSize = int(v4PoolStop) - int(v4PoolStart) if v4PoolSize >= 65536: - raise ConfigError(f'Server server_bridge is too large [{v4PoolStart} -> {v4PoolStop} = {v4PoolSize}], maximum is 65536 addresses.') + raise ConfigError(f'Server bridge is too large [{v4PoolStart} -> {v4PoolStop} = {v4PoolSize}], maximum is 65536 addresses.') if dict_search('server.client_ip_pool', openvpn): if not (dict_search('server.client_ip_pool.start', openvpn) and dict_search('server.client_ip_pool.stop', openvpn)): |