diff options
Diffstat (limited to 'data/templates/accel-ppp')
| -rw-r--r-- | data/templates/accel-ppp/config_chap_secrets_radius.j2 | 11 | ||||
| -rw-r--r-- | data/templates/accel-ppp/config_ip_pool.j2 | 42 | ||||
| -rw-r--r-- | data/templates/accel-ppp/config_ipv6_pool.j2 | 21 | ||||
| -rw-r--r-- | data/templates/accel-ppp/config_shaper_radius.j2 | 2 | ||||
| -rw-r--r-- | data/templates/accel-ppp/ipoe.config.j2 | 45 | ||||
| -rw-r--r-- | data/templates/accel-ppp/l2tp.config.j2 | 170 | ||||
| -rw-r--r-- | data/templates/accel-ppp/ppp-options.j2 | 39 | ||||
| -rw-r--r-- | data/templates/accel-ppp/pppoe.config.j2 | 66 | ||||
| -rw-r--r-- | data/templates/accel-ppp/pptp.config.j2 | 120 | ||||
| -rw-r--r-- | data/templates/accel-ppp/sstp.config.j2 | 24 |
10 files changed, 213 insertions, 327 deletions
diff --git a/data/templates/accel-ppp/config_chap_secrets_radius.j2 b/data/templates/accel-ppp/config_chap_secrets_radius.j2 index a498d8186..595e3a565 100644 --- a/data/templates/accel-ppp/config_chap_secrets_radius.j2 +++ b/data/templates/accel-ppp/config_chap_secrets_radius.j2 @@ -30,7 +30,16 @@ dae-server={{ authentication.radius.dynamic_author.server }}:{{ authentication.r {% endif %} {% endif %} {# Both chap-secrets and radius block required the gw-ip-address #} -{% if gateway_address is vyos_defined %} +{% if authentication.mode is vyos_defined('local') or authentication.mode is vyos_defined('radius') %} +{% if gateway_address is vyos_defined %} +{% if server_type == 'ipoe' %} +{% for gw in gateway_address %} +{% set host_address, _ = gw.split('/') %} +gw-ip-address={{ host_address }} +{% endfor %} +{% else %} gw-ip-address={{ gateway_address }} +{% endif %} +{% endif %} {% endif %} diff --git a/data/templates/accel-ppp/config_ip_pool.j2 b/data/templates/accel-ppp/config_ip_pool.j2 index f7511e445..8e66486e6 100644 --- a/data/templates/accel-ppp/config_ip_pool.j2 +++ b/data/templates/accel-ppp/config_ip_pool.j2 @@ -1,24 +1,32 @@ -{% if client_ip_pool is vyos_defined %} +{% if ordered_named_pools is vyos_defined %} [ip-pool] {% if gateway_address is vyos_defined %} +{% if server_type == 'ipoe' %} +{% for gw in gateway_address %} +{% set host_address, _ = gw.split('/') %} +gw-ip-address={{ host_address }} +{% endfor %} +{% else %} gw-ip-address={{ gateway_address }} +{% endif %} {% endif %} -{% if client_ip_pool.start is vyos_defined and client_ip_pool.stop is vyos_defined %} -{{ client_ip_pool.start }}-{{ client_ip_pool.stop.split('.')[3] }} -{% endif %} -{% if client_ip_pool.subnet is vyos_defined %} -{% for subnet in client_ip_pool.subnet %} -{{ subnet }} -{% endfor %} -{% endif %} -{% if client_ip_pool.name is vyos_defined %} -{% for pool, pool_config in client_ip_pool.name.items() %} -{% if pool_config.subnet is vyos_defined %} -{{ pool_config.subnet }},name={{ pool }} -{% endif %} -{% if pool_config.gateway_address is vyos_defined %} -gw-ip-address={{ pool_config.gateway_address }} +{% for pool in ordered_named_pools %} +{% for pool_name, pool_config in pool.items() %} +{% if pool_config.range is vyos_defined %} +{% for range in pool_config.range %} +{% set iprange_str = range %} +{% set iprange_list = range.split('-') %} +{% if iprange_list | length == 2 %} +{% set last_ip_oct = iprange_list[1].split('.') %} +{% set iprange_str = iprange_list[0] + '-' + last_ip_oct[last_ip_oct | length - 1] %} +{% endif %} +{% if loop.last and pool_config.next_pool is vyos_defined %} +{{ iprange_str }},name={{ pool_name }},next={{ pool_config.next_pool }} +{% else %} +{{ iprange_str }},name={{ pool_name }} +{% endif %} +{% endfor %} {% endif %} {% endfor %} -{% endif %} +{% endfor %} {% endif %}
\ No newline at end of file diff --git a/data/templates/accel-ppp/config_ipv6_pool.j2 b/data/templates/accel-ppp/config_ipv6_pool.j2 index a1562a1eb..86efdc1e1 100644 --- a/data/templates/accel-ppp/config_ipv6_pool.j2 +++ b/data/templates/accel-ppp/config_ipv6_pool.j2 @@ -3,20 +3,19 @@ AdvAutonomousFlag=1 verbose=1 -{% if client_ipv6_pool.prefix is vyos_defined %} [ipv6-pool] -{% for prefix, options in client_ipv6_pool.prefix.items() %} -{{ prefix }},{{ options.mask }} -{% endfor %} -{% if client_ipv6_pool.delegate is vyos_defined %} -{% for prefix, options in client_ipv6_pool.delegate.items() %} -delegate={{ prefix }},{{ options.delegation_prefix }} +{% for pool_name, pool_config in client_ipv6_pool.items() %} +{% if pool_config.prefix is vyos_defined %} +{% for prefix, options in pool_config.prefix.items() %} +{{ prefix }},{{ options.mask }},name={{ pool_name }} {% endfor %} {% endif %} -{% endif %} - -{% if client_ipv6_pool.delegate is vyos_defined %} +{% if pool_config.delegate is vyos_defined %} +{% for prefix, options in pool_config.delegate.items() %} +delegate={{ prefix }},{{ options.delegation_prefix }},name={{ pool_name }} +{% endfor %} +{% endif %} +{% endfor %} [ipv6-dhcp] verbose=1 -{% endif %} {% endif %} diff --git a/data/templates/accel-ppp/config_shaper_radius.j2 b/data/templates/accel-ppp/config_shaper_radius.j2 index 0cf6a6a92..fcd68f69e 100644 --- a/data/templates/accel-ppp/config_shaper_radius.j2 +++ b/data/templates/accel-ppp/config_shaper_radius.j2 @@ -1,6 +1,7 @@ {% if authentication.mode is vyos_defined('radius') or shaper is vyos_defined %} [shaper] verbose=1 +down-limiter=tbf {% if authentication.radius.rate_limit.enable is vyos_defined %} attr={{ authentication.radius.rate_limit.attribute }} {% if authentication.radius.rate_limit.vendor is vyos_defined %} @@ -13,7 +14,6 @@ rate-multiplier={{ authentication.radius.rate_limit.multiplier }} {% if shaper is vyos_defined %} {% if shaper.fwmark is vyos_defined %} fwmark={{ shaper.fwmark }} -down-limiter=htb {% endif %} {% endif %} {% endif %}
\ No newline at end of file diff --git a/data/templates/accel-ppp/ipoe.config.j2 b/data/templates/accel-ppp/ipoe.config.j2 index f59428509..8b022eaa5 100644 --- a/data/templates/accel-ppp/ipoe.config.j2 +++ b/data/templates/accel-ppp/ipoe.config.j2 @@ -14,6 +14,11 @@ ippool [core] thread-count={{ thread_count }} +[common] +{% if max_concurrent_sessions is vyos_defined %} +max-starting={{ max_concurrent_sessions }} +{% endif %} + [log] syslog=accel-ipoe,daemon copy=1 @@ -50,38 +55,22 @@ noauth=1 username=ifname password=csid {% endif %} -{% if client_ip_pool.name is vyos_defined %} -{% if first_named_pool is vyos_defined %} -ip-pool={{ first_named_pool }} -{% else %} -{% for pool, pool_options in client_ip_pool.name.items() %} -{% if pool_options.subnet is vyos_defined %} -ip-pool={{ pool }} -{% endif %} -{% endfor %} -{% endif %} -{% for pool, pool_options in client_ip_pool.name.items() %} -{% if pool_options.gateway_address is vyos_defined %} -gw-ip-address={{ pool_options.gateway_address }}/{{ pool_options.subnet.split('/')[1] }} -{% endif %} +{% if default_pool is vyos_defined %} +ip-pool={{ default_pool }} +{% endif %} +{% if default_ipv6_pool is vyos_defined %} +ipv6-pool={{ default_ipv6_pool }} +ipv6-pool-delegate={{ default_ipv6_pool }} +{% endif %} +{% if gateway_address is vyos_defined %} +{% for gw_addr in gateway_address %} +gw-ip-address={{ gw_addr }} {% endfor %} {% endif %} proxy-arp=1 -{% if ordered_named_pools is vyos_defined %} -[ip-pool] -{% for p in ordered_named_pools %} -{% for pool, pool_options in p.items() %} -{% set next_named_pool = ',next=' ~ pool_options.next_pool if pool_options.next_pool is vyos_defined else '' %} -{{ pool_options.subnet }},name={{ pool }}{{ next_named_pool }} -{% endfor %} -{% endfor %} -{% for p in ordered_named_pools %} -{% for pool, pool_options in p.items() %} -gw-ip-address={{ pool_options.gateway_address }}/{{ pool_options.subnet.split('/')[1] }} -{% endfor %} -{% endfor %} -{% endif %} +{# Common IP pool definitions #} +{% include 'accel-ppp/config_ip_pool.j2' %} {# Common IPv6 pool definitions #} {% include 'accel-ppp/config_ipv6_pool.j2' %} diff --git a/data/templates/accel-ppp/l2tp.config.j2 b/data/templates/accel-ppp/l2tp.config.j2 index a2f9c9fc7..203a9772e 100644 --- a/data/templates/accel-ppp/l2tp.config.j2 +++ b/data/templates/accel-ppp/l2tp.config.j2 @@ -2,46 +2,34 @@ [modules] log_syslog l2tp -chap-secrets -{% for proto in auth_proto %} -{{ proto }} -{% endfor %} - -{% if auth_mode == 'radius' %} -radius -{% endif %} - -ippool shaper -ipv6pool -ipv6_nd -ipv6_dhcp +{# Common authentication backend definitions #} +{% include 'accel-ppp/config_modules_auth_mode.j2' %} +ippool +{# Common IPv6 definitions #} +{% include 'accel-ppp/config_modules_ipv6.j2' %} +{# Common authentication protocols (pap, chap ...) #} +{% include 'accel-ppp/config_modules_auth_protocols.j2' %} [core] -thread-count={{ thread_cnt }} +thread-count={{ thread_count }} + +[common] +{% if max_concurrent_sessions is vyos_defined %} +max-starting={{ max_concurrent_sessions }} +{% endif %} [log] syslog=accel-l2tp,daemon copy=1 level=5 -{% if dnsv4 %} -[dns] -{% for dns in dnsv4 %} -dns{{ loop.index }}={{ dns }} -{% endfor %} -{% endif %} +{# Common DNS name-server definition #} +{% include 'accel-ppp/config_name_server.j2' %} -{% if dnsv6 %} -[ipv6-dns] -{% for dns in dnsv6 %} -{{ dns }} -{% endfor %} -{% endif %} - -{% if wins %} +{% if wins_server is vyos_defined %} [wins] -{% for server in wins %} +{% for server in wins_server %} wins{{ loop.index }}={{ server }} {% endfor %} {% endif %} @@ -50,118 +38,42 @@ wins{{ loop.index }}={{ server }} verbose=1 ifname=l2tp%d ppp-max-mtu={{ mtu }} -mppe={{ ppp_mppe }} -{% if outside_addr %} -bind={{ outside_addr }} +mppe={{ ppp_options.mppe }} +{% if outside_address is vyos_defined %} +bind={{ outside_address }} +{% endif %} +{% if lns.shared_secret is vyos_defined %} +secret={{ lns.shared_secret }} {% endif %} -{% if lns_shared_secret %} -secret={{ lns_shared_secret }} +{% if lns.host_name is vyos_defined %} +host-name={{ lns.host_name }} {% endif %} -{% if lns_host_name %} -host-name={{ lns_host_name }} +{% if default_pool is vyos_defined %} +ip-pool={{ default_pool }} +{% endif %} +{% if default_ipv6_pool is vyos_defined %} +ipv6-pool={{ default_ipv6_pool }} +ipv6-pool-delegate={{ default_ipv6_pool }} {% endif %} [client-ip-range] 0.0.0.0/0 -{% if client_ip_pool or client_ip_subnets %} -[ip-pool] -{% if client_ip_pool %} -{{ client_ip_pool }} -{% endif %} -{% if client_ip_subnets %} -{% for sn in client_ip_subnets %} -{{ sn }} -{% endfor %} -{% endif %} -{% endif %} -{% if gateway_address %} -gw-ip-address={{ gateway_address }} -{% endif %} +{# Common IP pool definitions #} +{% include 'accel-ppp/config_ip_pool.j2' %} -{% if auth_mode == 'local' %} -[chap-secrets] -chap-secrets={{ chap_secrets_file }} -{% elif auth_mode == 'radius' %} -[radius] -verbose=1 -{% for r in radius_server %} -server={{ r.server }},{{ r.key }},auth-port={{ r.port }},acct-port={{ r.acct_port }},req-limit=0,fail-time={{ r.fail_time }} -{% endfor %} -{% if radius_dynamic_author.server is vyos_defined %} -dae-server={{ radius_dynamic_author.server }}:{{ radius_dynamic_author.port }},{{ radius_dynamic_author.key }} -{% endif %} -{% if radius_acct_interim_interval is vyos_defined %} -acct-interim-interval={{ radius_acct_interim_interval }} -{% endif %} -{% if radius_acct_inter_jitter %} -acct-interim-jitter={{ radius_acct_inter_jitter }} -{% endif %} -acct-timeout={{ radius_acct_tmo }} -timeout={{ radius_timeout }} -max-try={{ radius_max_try }} -{% if radius_nas_id %} -nas-identifier={{ radius_nas_id }} -{% endif %} -{% if radius_nas_ip %} -nas-ip-address={{ radius_nas_ip }} -{% endif %} -{% if radius_source_address %} -bind={{ radius_source_address }} -{% endif %} -{% endif %} -{% if gateway_address %} -gw-ip-address={{ gateway_address }} -{% endif %} - -[ppp] -verbose=1 -check-ip=1 -single-session=replace -lcp-echo-timeout={{ ppp_echo_timeout }} -lcp-echo-interval={{ ppp_echo_interval }} -lcp-echo-failure={{ ppp_echo_failure }} -{% if ccp_disable %} -ccp=0 -{% endif %} -{% if ppp_ipv6 is vyos_defined %} -ipv6={{ ppp_ipv6 }} -{% else %} -{{ 'ipv6=allow' if client_ipv6_pool_configured else '' }} -{% endif %} -{% if ppp_ipv6_intf_id is vyos_defined %} -ipv6-intf-id={{ ppp_ipv6_intf_id }} -{% endif %} -{% if ppp_ipv6_peer_intf_id is vyos_defined %} -ipv6-peer-intf-id={{ ppp_ipv6_peer_intf_id }} -{% endif %} -ipv6-accept-peer-intf-id={{ "1" if ppp_ipv6_accept_peer_intf_id else "0" }} +{# Common chap-secrets and RADIUS server/option definitions #} +{% include 'accel-ppp/config_chap_secrets_radius.j2' %} -{% if client_ipv6_pool %} -[ipv6-pool] -{% for p in client_ipv6_pool %} -{{ p.prefix }},{{ p.mask }} -{% endfor %} -{% for p in client_ipv6_delegate_prefix %} -delegate={{ p.prefix }},{{ p.mask }} -{% endfor %} -{% endif %} +{# Common ppp-options definitions #} +{% include 'accel-ppp/ppp-options.j2' %} -{% if client_ipv6_delegate_prefix %} -[ipv6-dhcp] -verbose=1 -{% endif %} +{# Common IPv6 pool definitions #} +{% include 'accel-ppp/config_ipv6_pool.j2' %} -{% if radius_shaper_attr %} -[shaper] -verbose=1 -attr={{ radius_shaper_attr }} -{% if radius_shaper_vendor %} -vendor={{ radius_shaper_vendor }} -{% endif %} -{% endif %} +{# Common RADIUS shaper configuration #} +{% include 'accel-ppp/config_shaper_radius.j2' %} [cli] tcp=127.0.0.1:2004 -sessions-columns=ifname,username,calling-sid,ip,{{ ip6_column | join(',') }}{{ ',' if ip6_column }}rate-limit,type,comp,state,rx-bytes,tx-bytes,uptime diff --git a/data/templates/accel-ppp/ppp-options.j2 b/data/templates/accel-ppp/ppp-options.j2 new file mode 100644 index 000000000..f2d2519d9 --- /dev/null +++ b/data/templates/accel-ppp/ppp-options.j2 @@ -0,0 +1,39 @@ +#ppp options +[ppp] +verbose=1 +check-ip=1 +ccp={{ "0" if ppp_options.disable_ccp is vyos_defined else "1" }} +unit-preallocate={{ "1" if authentication.radius.preallocate_vif is vyos_defined else "0" }} +{% if ppp_options.min_mtu is vyos_defined %} +min-mtu={{ ppp_options.min_mtu }} +{% endif %} +{% if ppp_options.mru is vyos_defined %} +mru={{ ppp_options.mru }} +{% endif %} +mppe={{ ppp_options.mppe }} +lcp-echo-interval={{ ppp_options.lcp_echo_interval }} +lcp-echo-timeout={{ ppp_options.lcp_echo_timeout }} +lcp-echo-failure={{ ppp_options.lcp_echo_failure }} +{% if ppp_options.ipv4 is vyos_defined %} +ipv4={{ ppp_options.ipv4 }} +{% endif %} +{# IPv6 #} +{% if ppp_options.ipv6 is vyos_defined %} +ipv6={{ ppp_options.ipv6 }} +{% if ppp_options.ipv6_interface_id is vyos_defined %} +ipv6-intf-id={{ ppp_options.ipv6_interface_id }} +{% endif %} +{% if ppp_options.ipv6_peer_interface_id is vyos_defined %} +{% if ppp_options.ipv6_peer_interface_id == 'ipv4-addr' %} +ipv6-peer-intf-id=ipv4 +{% else %} +ipv6-peer-intf-id={{ ppp_options.ipv6_peer_interface_id }} +{% endif %} +{% endif %} +ipv6-accept-peer-intf-id={{ "1" if ppp_options.ipv6_accept_peer_interface_id is vyos_defined else "0" }} +{% endif %} +{# MTU #} +mtu={{ mtu }} +{% if ppp_options.interface_cache is vyos_defined %} +unit-cache={{ ppp_options.interface_cache }} +{% endif %} diff --git a/data/templates/accel-ppp/pppoe.config.j2 b/data/templates/accel-ppp/pppoe.config.j2 index dd53edd28..bf7b2eb72 100644 --- a/data/templates/accel-ppp/pppoe.config.j2 +++ b/data/templates/accel-ppp/pppoe.config.j2 @@ -62,50 +62,20 @@ wins{{ loop.index }}={{ server }} {# Common chap-secrets and RADIUS server/option definitions #} {% include 'accel-ppp/config_chap_secrets_radius.j2' %} -{% if session_control is vyos_defined and session_control is not vyos_defined('disable') %} [common] +{% if session_control is vyos_defined and session_control is not vyos_defined('disable') %} single-session={{ session_control }} {% endif %} - -[ppp] -verbose=1 -check-ip=1 -ccp={{ "1" if ppp_options.ccp is vyos_defined else "0" }} -unit-preallocate={{ "1" if authentication.radius.preallocate_vif is vyos_defined else "0" }} -{% if ppp_options.min_mtu is vyos_defined %} -min-mtu={{ ppp_options.min_mtu }} -{% endif %} -{% if ppp_options.mru is vyos_defined %} -mru={{ ppp_options.mru }} -{% endif %} -mppe={{ ppp_options.mppe }} -lcp-echo-interval={{ ppp_options.lcp_echo_interval }} -lcp-echo-timeout={{ ppp_options.lcp_echo_timeout }} -lcp-echo-failure={{ ppp_options.lcp_echo_failure }} -{% if ppp_options.ipv4 is vyos_defined %} -ipv4={{ ppp_options.ipv4 }} -{% endif %} -{# IPv6 #} -{% if ppp_options.ipv6 is vyos_defined %} -ipv6={{ ppp_options.ipv6 }} -{% if ppp_options.ipv6_intf_id is vyos_defined %} -ipv6-intf-id={{ ppp_options.ipv6_intf_id }} -{% endif %} -{% if ppp_options.ipv6_peer_intf_id is vyos_defined %} -ipv6-peer-intf-id={{ ppp_options.ipv6_peer_intf_id }} -{% endif %} -ipv6-accept-peer-intf-id={{ "1" if ppp_options.ipv6_accept_peer_intf_id is vyos_defined else "0" }} -{% endif %} -{# MTU #} -mtu={{ mtu }} -{% if ppp_options.interface_cache is vyos_defined %} -unit-cache={{ ppp_options.interface_cache }} +{% if max_concurrent_sessions is vyos_defined %} +max-starting={{ max_concurrent_sessions }} {% endif %} +{# Common ppp-options definitions #} +{% include 'accel-ppp/ppp-options.j2' %} + [pppoe] verbose=1 ac-name={{ access_concentrator }} - {% if interface is vyos_defined %} {% for iface, iface_config in interface.items() %} {% if iface_config.vlan is not vyos_defined %} @@ -118,11 +88,9 @@ vlan-mon={{ iface }},{{ iface_config.vlan | join(',') }} {% endif %} {% endfor %} {% endif %} - {% if service_name %} service-name={{ service_name | join(',') }} {% endif %} - {% if pado_delay %} {% set pado_delay_param = namespace(value='0') %} {% for delay in pado_delay | sort(attribute='0') %} @@ -137,21 +105,15 @@ pado-delay={{ pado_delay_param.value }} {% if authentication.radius.called_sid_format is vyos_defined %} called-sid={{ authentication.radius.called_sid_format }} {% endif %} - -{% if authentication.mode is vyos_defined("local") or authentication.mode is vyos_defined("noauth") %} -{% if authentication.mode is vyos_defined("noauth") %} +{% if authentication.mode is vyos_defined("noauth") %} noauth=1 -{% endif %} -{% if client_ip_pool.name is vyos_defined %} -{% for pool, pool_config in client_ip_pool.name.items() %} -{% if pool_config.subnet is vyos_defined %} -ip-pool={{ pool }} -{% endif %} -{% if pool_config.gateway_address is vyos_defined %} -gw-ip-address={{ pool_config.gateway_address }}/{{ pool_config.subnet.split('/')[1] }} -{% endif %} -{% endfor %} -{% endif %} +{% endif %} +{% if default_pool is vyos_defined %} +ip-pool={{ default_pool }} +{% endif %} +{% if default_ipv6_pool is vyos_defined %} +ipv6-pool={{ default_ipv6_pool }} +ipv6-pool-delegate={{ default_ipv6_pool }} {% endif %} {% if limits is vyos_defined %} diff --git a/data/templates/accel-ppp/pptp.config.j2 b/data/templates/accel-ppp/pptp.config.j2 index 0082e55bf..7fe4b17bf 100644 --- a/data/templates/accel-ppp/pptp.config.j2 +++ b/data/templates/accel-ppp/pptp.config.j2 @@ -3,112 +3,80 @@ log_syslog pptp shaper -{% if auth_mode == 'local' %} -chap-secrets -{% elif auth_mode == 'radius' %} -radius -{% endif %} +{# Common authentication backend definitions #} +{% include 'accel-ppp/config_modules_auth_mode.j2' %} ippool -{% for proto in auth_proto %} -{{ proto }} -{% endfor %} +{# Common IPv6 definitions #} +{% include 'accel-ppp/config_modules_ipv6.j2' %} +{# Common authentication protocols (pap, chap ...) #} +{% if authentication.require is vyos_defined %} +{% if authentication.require == 'chap' %} +auth_chap_md5 +{% elif authentication.require == 'mschap' %} +auth_mschap_v1 +{% else %} +auth_{{ authentication.require.replace('-', '_') }} +{% endif %} +{% endif %} [core] -thread-count={{ thread_cnt }} +thread-count={{ thread_count }} + +[common] +{% if max_concurrent_sessions is vyos_defined %} +max-starting={{ max_concurrent_sessions }} +{% endif %} [log] syslog=accel-pptp,daemon copy=1 level=5 -{% if dnsv4 %} -[dns] -{% for dns in dnsv4 %} -dns{{ loop.index }}={{ dns }} -{% endfor %} -{% endif %} +{# Common DNS name-server definition #} +{% include 'accel-ppp/config_name_server.j2' %} -{% if wins %} +{% if wins_server is vyos_defined %} [wins] -{% for server in wins %} +{% for server in wins_server %} wins{{ loop.index }}={{ server }} {% endfor %} {% endif %} - [pptp] ifname=pptp%d -{% if outside_addr %} -bind={{ outside_addr }} +{% if outside_address is vyos_defined %} +bind={{ outside_address }} {% endif %} verbose=1 ppp-max-mtu={{ mtu }} -mppe={{ ppp_mppe }} +mppe={{ authentication.mppe }} echo-interval=10 echo-failure=3 - +{% if default_pool is vyos_defined %} +ip-pool={{ default_pool }} +{% endif %} +{% if default_ipv6_pool is vyos_defined %} +ipv6-pool={{ default_ipv6_pool }} +ipv6-pool-delegate={{ default_ipv6_pool }} +{% endif %} [client-ip-range] 0.0.0.0/0 -[ip-pool] -tunnel={{ client_ip_pool }} -gw-ip-address={{ gw_ip }} +{# Common IP pool definitions #} +{% include 'accel-ppp/config_ip_pool.j2' %} -[ppp] -verbose=5 -check-ip=1 -single-session=replace +{# Common IPv6 pool definitions #} +{% include 'accel-ppp/config_ipv6_pool.j2' %} -{% if auth_mode == 'local' %} -[chap-secrets] -chap-secrets={{ chap_secrets_file }} -{% elif auth_mode == 'radius' %} -[radius] -verbose=1 -{% for r in radius_server %} -server={{ r.server }},{{ r.key }},auth-port={{ r.port }},acct-port={{ r.acct_port }},req-limit=0,fail-time={{ r.fail_time }} -{% endfor %} +{# Common ppp-options definitions #} +{% include 'accel-ppp/ppp-options.j2' %} -{% if radius_acct_interim_interval is vyos_defined %} -acct-interim-interval={{ radius_acct_interim_interval }} -{% endif %} -{% if radius_acct_inter_jitter %} -acct-interim-jitter={{ radius_acct_inter_jitter }} -{% endif %} - -acct-timeout={{ radius_acct_tmo }} -timeout={{ radius_timeout }} -max-try={{ radius_max_try }} +{# Common chap-secrets and RADIUS server/option definitions #} +{% include 'accel-ppp/config_chap_secrets_radius.j2' %} -{% if radius_nas_id %} -nas-identifier={{ radius_nas_id }} -{% endif %} -{% if radius_nas_ip %} -nas-ip-address={{ radius_nas_ip }} -{% endif %} -{% if radius_source_address %} -bind={{ radius_source_address }} -{% endif %} -{% endif %} -{# Both chap-secrets and radius block required the gw-ip-address #} -{% if gw_ip is defined and gw_ip is not none %} -gw-ip-address={{ gw_ip }} -{% endif %} - -{% if radius_shaper_enable %} -[shaper] -verbose=1 -{% if radius_shaper_attr %} -attr={{ radius_shaper_attr }} -{% endif %} -{% if radius_shaper_multiplier %} -rate-multiplier={{ radius_shaper_multiplier }} -{% endif %} -{% if radius_shaper_vendor %} -vendor={{ radius_shaper_vendor }} -{% endif %} -{% endif %} +{# Common RADIUS shaper configuration #} +{% include 'accel-ppp/config_shaper_radius.j2' %} [cli] tcp=127.0.0.1:2003 diff --git a/data/templates/accel-ppp/sstp.config.j2 b/data/templates/accel-ppp/sstp.config.j2 index 7ee28dd21..c0bc62d9f 100644 --- a/data/templates/accel-ppp/sstp.config.j2 +++ b/data/templates/accel-ppp/sstp.config.j2 @@ -16,6 +16,9 @@ thread-count={{ thread_count }} [common] single-session=replace +{% if max_concurrent_sessions is vyos_defined %} +max-starting={{ max_concurrent_sessions }} +{% endif %} [log] syslog=accel-sstp,daemon @@ -33,6 +36,13 @@ accept=ssl ssl-ca-file=/run/accel-pppd/sstp-ca.pem ssl-pemfile=/run/accel-pppd/sstp-cert.pem ssl-keyfile=/run/accel-pppd/sstp-cert.key +{% if default_pool is vyos_defined %} +ip-pool={{ default_pool }} +{% endif %} +{% if default_ipv6_pool is vyos_defined %} +ipv6-pool={{ default_ipv6_pool }} +ipv6-pool-delegate={{ default_ipv6_pool }} +{% endif %} {# Common IP pool definitions #} {% include 'accel-ppp/config_ip_pool.j2' %} @@ -46,18 +56,8 @@ ssl-keyfile=/run/accel-pppd/sstp-cert.key {# Common chap-secrets and RADIUS server/option definitions #} {% include 'accel-ppp/config_chap_secrets_radius.j2' %} -[ppp] -verbose=1 -check-ip=1 -{# MTU #} -mtu={{ mtu }} -ipv6={{ 'allow' if ppp_options.ipv6 is vyos_defined("deny") and client_ipv6_pool is vyos_defined else ppp_options.ipv6 }} -ipv4={{ ppp_options.ipv4 }} - -mppe={{ ppp_options.mppe }} -lcp-echo-interval={{ ppp_options.lcp_echo_interval }} -lcp-echo-timeout={{ ppp_options.lcp_echo_timeout }} -lcp-echo-failure={{ ppp_options.lcp_echo_failure }} +{# Common ppp-options definitions #} +{% include 'accel-ppp/ppp-options.j2' %} {# Common RADIUS shaper configuration #} {% include 'accel-ppp/config_shaper_radius.j2' %} |