diff options
Diffstat (limited to 'data/templates/accel-ppp')
-rw-r--r-- | data/templates/accel-ppp/chap-secrets.config_dict.j2 (renamed from data/templates/accel-ppp/chap-secrets.config_dict.tmpl) | 10 | ||||
-rw-r--r-- | data/templates/accel-ppp/chap-secrets.ipoe.j2 (renamed from data/templates/accel-ppp/chap-secrets.ipoe.tmpl) | 22 | ||||
-rw-r--r-- | data/templates/accel-ppp/chap-secrets.j2 (renamed from data/templates/accel-ppp/chap-secrets.tmpl) | 10 | ||||
-rw-r--r-- | data/templates/accel-ppp/ipoe.config.j2 (renamed from data/templates/accel-ppp/ipoe.config.tmpl) | 92 | ||||
-rw-r--r-- | data/templates/accel-ppp/l2tp.config.j2 (renamed from data/templates/accel-ppp/l2tp.config.tmpl) | 69 | ||||
-rw-r--r-- | data/templates/accel-ppp/pppoe.config.j2 (renamed from data/templates/accel-ppp/pppoe.config.tmpl) | 70 | ||||
-rw-r--r-- | data/templates/accel-ppp/pptp.config.j2 (renamed from data/templates/accel-ppp/pptp.config.tmpl) | 32 | ||||
-rw-r--r-- | data/templates/accel-ppp/sstp.config.j2 (renamed from data/templates/accel-ppp/sstp.config.tmpl) | 0 |
8 files changed, 153 insertions, 152 deletions
diff --git a/data/templates/accel-ppp/chap-secrets.config_dict.tmpl b/data/templates/accel-ppp/chap-secrets.config_dict.j2 index d4e8bb2aa..51e66d57c 100644 --- a/data/templates/accel-ppp/chap-secrets.config_dict.tmpl +++ b/data/templates/accel-ppp/chap-secrets.config_dict.j2 @@ -1,10 +1,10 @@ # username server password acceptable local IP addresses shaper {% if authentication.local_users.username is vyos_defined %} -{% for user, user_config in authentication.local_users.username.items() if user_config.disabled is not vyos_defined %} -{% if user_config.rate_limit is vyos_defined %} +{% for user, user_config in authentication.local_users.username.items() if user_config.disabled is not vyos_defined %} +{% if user_config.rate_limit is vyos_defined %} {{ "%-12s" | format(user) }} * {{ "%-16s" | format(user_config.password) }} {{ "%-16s" | format(user_config.static_ip) }} {{ user_config.rate_limit.download }}/{{ user_config.rate_limit.upload }} -{% else %} +{% else %} {{ "%-12s" | format(user) }} * {{ "%-16s" | format(user_config.password) }} {{ "%-16s" | format(user_config.static_ip) }} -{% endif %} -{% endfor %} +{% endif %} +{% endfor %} {% endif %} diff --git a/data/templates/accel-ppp/chap-secrets.ipoe.tmpl b/data/templates/accel-ppp/chap-secrets.ipoe.j2 index 1df878fcf..a1430ec22 100644 --- a/data/templates/accel-ppp/chap-secrets.ipoe.tmpl +++ b/data/templates/accel-ppp/chap-secrets.ipoe.j2 @@ -1,18 +1,18 @@ # username server password acceptable local IP addresses shaper {% for interface in auth_interfaces %} -{% for mac in interface.mac %} -{% if mac.rate_upload and mac.rate_download %} -{% if mac.vlan_id %} +{% for mac in interface.mac %} +{% if mac.rate_upload and mac.rate_download %} +{% if mac.vlan_id %} {{ interface.name }}.{{ mac.vlan_id }} * {{ mac.address | lower }} * {{ mac.rate_download }}/{{ mac.rate_upload }} -{% else %} +{% else %} {{ interface.name }} * {{ mac.address | lower }} * {{ mac.rate_download }}/{{ mac.rate_upload }} -{% endif %} -{% else %} -{% if mac.vlan_id %} +{% endif %} +{% else %} +{% if mac.vlan_id %} {{ interface.name }}.{{ mac.vlan_id }} * {{ mac.address | lower }} * -{% else %} +{% else %} {{ interface.name }} * {{ mac.address | lower }} * -{% endif %} -{% endif %} -{% endfor %} +{% endif %} +{% endif %} +{% endfor %} {% endfor %} diff --git a/data/templates/accel-ppp/chap-secrets.tmpl b/data/templates/accel-ppp/chap-secrets.j2 index 6cace5401..cc3ddc28f 100644 --- a/data/templates/accel-ppp/chap-secrets.tmpl +++ b/data/templates/accel-ppp/chap-secrets.j2 @@ -1,10 +1,10 @@ # username server password acceptable local IP addresses shaper {% for user in local_users %} -{% if user.state == 'enabled' %} -{% if user.upload and user.download %} +{% if user.state == 'enabled' %} +{% if user.upload and user.download %} {{ "%-12s" | format(user.name) }} * {{ "%-16s" | format(user.password) }} {{ "%-16s" | format(user.ip) }} {{ user.download }}/{{ user.upload }} -{% else %} +{% else %} {{ "%-12s" | format(user.name) }} * {{ "%-16s" | format(user.password) }} {{ "%-16s" | format(user.ip) }} -{% endif %} -{% endif %} +{% endif %} +{% endif %} {% endfor %} diff --git a/data/templates/accel-ppp/ipoe.config.tmpl b/data/templates/accel-ppp/ipoe.config.j2 index 92c2d5715..3c0d47b27 100644 --- a/data/templates/accel-ppp/ipoe.config.tmpl +++ b/data/templates/accel-ppp/ipoe.config.j2 @@ -1,3 +1,4 @@ +{# j2lint: disable=operator-enclosed-by-spaces #} ### generated by ipoe.py ### [modules] log_syslog @@ -24,45 +25,50 @@ level=5 [ipoe] verbose=1 {% for interface in interfaces %} -{% if interface.vlan_mon %} -interface=re:{{ interface.name }}\.\d+,{% else %}interface={{ interface.name }},{% endif %}shared={{ interface.shared }},mode={{ interface.mode }},ifcfg={{ interface.ifcfg }}{{ ',range=' + interface.range if interface.range is defined and interface.range is not none }},start={{ interface.sess_start }},ipv6=1 +{% set tmp = 'interface=' %} +{% if interface.vlan_mon %} +{% set tmp = tmp ~ 're:' ~ interface.name ~ '\.\d+' %} +{% else %} +{% set tmp = tmp ~ interface.name %} +{% endif %} +{{ tmp }},shared={{ interface.shared }},mode={{ interface.mode }},ifcfg={{ interface.ifcfg }}{{ ',range=' ~ interface.range if interface.range is defined and interface.range is not none }},start={{ interface.sess_start }},ipv6=1 {% endfor %} -{% if auth_mode == 'noauth' %} +{% if auth_mode == 'noauth' %} noauth=1 {% if client_named_ip_pool %} -{% for pool in client_named_ip_pool %} -{% if pool.subnet is defined %} +{% for pool in client_named_ip_pool %} +{% if pool.subnet is defined %} ip-pool={{ pool.name }} -{% endif %} -{% if pool.gateway_address is defined %} +{% endif %} +{% if pool.gateway_address is defined %} gw-ip-address={{ pool.gateway_address }}/{{ pool.subnet.split('/')[1] }} -{% endif %} -{% endfor%} +{% endif %} +{% endfor %} {% endif %} -{% elif auth_mode == 'local' %} +{% elif auth_mode == 'local' %} username=ifname password=csid {% endif %} proxy-arp=1 {% for interface in interfaces %} -{% if (interface.shared == '0') and (interface.vlan_mon) %} +{% if (interface.shared == '0') and (interface.vlan_mon) %} vlan-mon={{ interface.name }},{{ interface.vlan_mon | join(',') }} -{% endif %} +{% endif %} {% endfor %} {% if dnsv4 %} [dns] -{% for dns in dnsv4 %} +{% for dns in dnsv4 %} dns{{ loop.index }}={{ dns }} -{% endfor %} +{% endfor %} {% endif %} {% if dnsv6 %} [ipv6-dns] -{% for dns in dnsv6 %} +{% for dns in dnsv6 %} {{ dns }} -{% endfor %} +{% endfor %} {% endif %} [ipv6-nd] @@ -73,24 +79,24 @@ verbose=1 {% if client_named_ip_pool %} [ip-pool] -{% for pool in client_named_ip_pool %} -{% if pool.subnet is defined %} +{% for pool in client_named_ip_pool %} +{% if pool.subnet is defined %} {{ pool.subnet }},name={{ pool.name }} -{% endif %} -{% if pool.gateway_address is defined %} +{% endif %} +{% if pool.gateway_address is defined %} gw-ip-address={{ pool.gateway_address }}/{{ pool.subnet.split('/')[1] }} -{% endif %} -{% endfor%} +{% endif %} +{% endfor %} {% endif %} {% if client_ipv6_pool %} [ipv6-pool] -{% for p in client_ipv6_pool %} +{% for p in client_ipv6_pool %} {{ p.prefix }},{{ p.mask }} -{% endfor %} -{% for p in client_ipv6_delegate_prefix %} +{% endfor %} +{% for p in client_ipv6_delegate_prefix %} delegate={{ p.prefix }},{{ p.mask }} -{% endfor %} +{% endfor %} {% endif %} {% if auth_mode == 'local' %} @@ -99,39 +105,37 @@ chap-secrets={{ chap_secrets_file }} {% elif auth_mode == 'radius' %} [radius] verbose=1 -{% for r in radius_server %} +{% for r in radius_server %} server={{ r.server }},{{ r.key }},auth-port={{ r.port }},acct-port={{ r.acct_port }},req-limit=0,fail-time={{ r.fail_time }} -{% endfor %} +{% endfor %} -{% if radius_acct_inter_jitter %} +{% if radius_acct_inter_jitter %} acct-interim-jitter={{ radius_acct_inter_jitter }} -{% endif %} +{% endif %} acct-timeout={{ radius_acct_tmo }} timeout={{ radius_timeout }} max-try={{ radius_max_try }} -{% if radius_nas_id %} +{% if radius_nas_id %} nas-identifier={{ radius_nas_id }} -{% endif %} -{% if radius_nas_ip %} +{% endif %} +{% if radius_nas_ip %} nas-ip-address={{ radius_nas_ip }} -{% endif %} -{% if radius_source_address %} +{% endif %} +{% if radius_source_address %} bind={{ radius_source_address }} -{% endif %} - -{% if radius_dynamic_author %} +{% endif %} +{% if radius_dynamic_author %} dae-server={{ radius_dynamic_author.server }}:{{ radius_dynamic_author.port }},{{ radius_dynamic_author.key }} -{% endif %} - -{% if radius_shaper_attr %} +{% endif %} +{% if radius_shaper_attr %} [shaper] verbose=1 attr={{ radius_shaper_attr }} -{% if radius_shaper_vendor %} +{% if radius_shaper_vendor %} vendor={{ radius_shaper_vendor }} -{% endif %} -{% endif %} +{% endif %} +{% endif %} {% endif %} [cli] diff --git a/data/templates/accel-ppp/l2tp.config.tmpl b/data/templates/accel-ppp/l2tp.config.j2 index 9fcda76d4..9eeaf7622 100644 --- a/data/templates/accel-ppp/l2tp.config.tmpl +++ b/data/templates/accel-ppp/l2tp.config.j2 @@ -3,9 +3,9 @@ log_syslog l2tp chap-secrets -{% for proto in auth_proto: %} -{{proto}} -{% endfor%} +{% for proto in auth_proto %} +{{ proto }} +{% endfor %} {% if auth_mode == 'radius' %} radius @@ -18,7 +18,7 @@ ipv6_nd ipv6_dhcp [core] -thread-count={{thread_cnt}} +thread-count={{ thread_cnt }} [log] syslog=accel-l2tp,daemon @@ -27,23 +27,23 @@ level=5 {% if dnsv4 %} [dns] -{% for dns in dnsv4 %} +{% for dns in dnsv4 %} dns{{ loop.index }}={{ dns }} -{% endfor %} +{% endfor %} {% endif %} {% if dnsv6 %} [ipv6-dns] -{% for dns in dnsv6 %} +{% for dns in dnsv6 %} {{ dns }} -{% endfor %} +{% endfor %} {% endif %} {% if wins %} [wins] -{% for server in wins %} +{% for server in wins %} wins{{ loop.index }}={{ server }} -{% endfor %} +{% endfor %} {% endif %} [l2tp] @@ -66,14 +66,14 @@ host-name={{ lns_host_name }} {% if client_ip_pool or client_ip_subnets %} [ip-pool] -{% if client_ip_pool %} +{% if client_ip_pool %} {{ client_ip_pool }} -{% endif %} -{% if client_ip_subnets %} -{% for sn in client_ip_subnets %} -{{sn}} -{% endfor %} -{% endif %} +{% endif %} +{% if client_ip_subnets %} +{% for sn in client_ip_subnets %} +{{ sn }} +{% endfor %} +{% endif %} {% endif %} {% if gateway_address %} gw-ip-address={{ gateway_address }} @@ -85,27 +85,24 @@ chap-secrets={{ chap_secrets_file }} {% elif auth_mode == 'radius' %} [radius] verbose=1 -{% for r in radius_server %} +{% for r in radius_server %} server={{ r.server }},{{ r.key }},auth-port={{ r.port }},acct-port={{ r.acct_port }},req-limit=0,fail-time={{ r.fail_time }} -{% endfor %} - -{% if radius_acct_inter_jitter %} +{% endfor %} +{% if radius_acct_inter_jitter %} acct-interim-jitter={{ radius_acct_inter_jitter }} -{% endif %} - +{% endif %} acct-timeout={{ radius_acct_tmo }} timeout={{ radius_timeout }} max-try={{ radius_max_try }} - -{% if radius_nas_id %} +{% if radius_nas_id %} nas-identifier={{ radius_nas_id }} -{% endif %} -{% if radius_nas_ip %} +{% endif %} +{% if radius_nas_ip %} nas-ip-address={{ radius_nas_ip }} -{% endif %} -{% if radius_source_address %} +{% endif %} +{% if radius_source_address %} bind={{ radius_source_address }} -{% endif %} +{% endif %} {% endif %} {% if gateway_address %} gw-ip-address={{ gateway_address }} @@ -128,12 +125,12 @@ ipv6=allow {% if client_ipv6_pool %} [ipv6-pool] -{% for p in client_ipv6_pool %} +{% for p in client_ipv6_pool %} {{ p.prefix }},{{ p.mask }} -{% endfor %} -{% for p in client_ipv6_delegate_prefix %} +{% endfor %} +{% for p in client_ipv6_delegate_prefix %} delegate={{ p.prefix }},{{ p.mask }} -{% endfor %} +{% endfor %} {% endif %} {% if client_ipv6_delegate_prefix %} @@ -145,9 +142,9 @@ verbose=1 [shaper] verbose=1 attr={{ radius_shaper_attr }} -{% if radius_shaper_vendor %} +{% if radius_shaper_vendor %} vendor={{ radius_shaper_vendor }} -{% endif %} +{% endif %} {% endif %} [cli] diff --git a/data/templates/accel-ppp/pppoe.config.tmpl b/data/templates/accel-ppp/pppoe.config.j2 index 81b98cc81..0a92e2d54 100644 --- a/data/templates/accel-ppp/pppoe.config.tmpl +++ b/data/templates/accel-ppp/pppoe.config.j2 @@ -49,9 +49,9 @@ disable {% if wins_server is vyos_defined %} [wins] -{% for server in wins_server %} +{% for server in wins_server %} wins{{ loop.index }}={{ server }} -{% endfor %} +{% endfor %} {% endif %} {# Common chap-secrets and RADIUS server/option definitions #} @@ -85,12 +85,12 @@ ipv4={{ ppp_options.ipv4 }} {# IPv6 #} {% if ppp_options.ipv6 is vyos_defined %} ipv6={{ ppp_options.ipv6 }} -{% if ppp_options.ipv6_intf_id is vyos_defined %} +{% if ppp_options.ipv6_intf_id is vyos_defined %} ipv6-intf-id={{ ppp_options.ipv6_intf_id }} -{% endif %} -{% if ppp_options.ipv6_peer_intf_id is vyos_defined %} +{% endif %} +{% if ppp_options.ipv6_peer_intf_id is vyos_defined %} ipv6-peer-intf-id={{ ppp_options.ipv6_peer_intf_id }} -{% endif %} +{% endif %} ipv6-accept-peer-intf-id={{ "1" if ppp_options.ipv6_accept_peer_intf_id is vyos_defined else "0" }} {% endif %} {# MTU #} @@ -104,23 +104,23 @@ verbose=1 ac-name={{ access_concentrator }} {% if interface is vyos_defined %} -{% for iface, iface_config in interface.items() %} -{% if iface_config.vlan_id is not vyos_defined and iface_config.vlan_range is not vyos_defined %} +{% for iface, iface_config in interface.items() %} +{% if iface_config.vlan_id is not vyos_defined and iface_config.vlan_range is not vyos_defined %} interface={{ iface }} -{% endif %} -{% if iface_config.vlan_range is vyos_defined %} -{% for regex in iface_config.regex %} +{% endif %} +{% if iface_config.vlan_range is vyos_defined %} +{% for regex in iface_config.regex %} interface=re:^{{ iface | replace('.', '\\.') }}\.({{ regex }})$ -{% endfor %} +{% endfor %} vlan-mon={{ iface }},{{ iface_config.vlan_range | join(',') }} -{% endif %} -{% if iface_config.vlan_id is vyos_defined %} -{% for vlan in iface_config.vlan_id %} +{% endif %} +{% if iface_config.vlan_id is vyos_defined %} +{% for vlan in iface_config.vlan_id %} vlan-mon={{ iface }},{{ vlan }} interface=re:^{{ iface | replace('.', '\\.') }}\.{{ vlan }}$ -{% endfor %} -{% endif %} -{% endfor %} +{% endfor %} +{% endif %} +{% endfor %} {% endif %} {% if service_name %} @@ -128,14 +128,14 @@ service-name={{ service_name | join(',') }} {% endif %} {% if pado_delay %} -{% set pado_delay_param = namespace(value='0') %} -{% for delay in pado_delay|sort(attribute='0') %} -{% if not loop.last %} -{% set pado_delay_param.value = pado_delay_param.value + ',' + delay + ':' + pado_delay[delay].sessions %} -{% else %} -{% set pado_delay_param.value = pado_delay_param.value + ',-1:' + pado_delay[delay].sessions %} -{% endif %} -{% endfor %} +{% set pado_delay_param = namespace(value='0') %} +{% for delay in pado_delay | sort(attribute='0') %} +{% if not loop.last %} +{% set pado_delay_param.value = pado_delay_param.value + ',' + delay + ':' + pado_delay[delay].sessions %} +{% else %} +{% set pado_delay_param.value = pado_delay_param.value + ',-1:' + pado_delay[delay].sessions %} +{% endif %} +{% endfor %} pado-delay={{ pado_delay_param.value }} {% endif %} {% if authentication.radius.called_sid_format is vyos_defined %} @@ -144,15 +144,15 @@ called-sid={{ authentication.radius.called_sid_format }} {% if limits is vyos_defined %} [connlimit] -{% if limits.connection_limit is vyos_defined %} +{% if limits.connection_limit is vyos_defined %} limit={{ limits.connection_limit }} -{% endif %} -{% if limits.burst is vyos_defined %} +{% endif %} +{% if limits.burst is vyos_defined %} burst={{ limits.burst }} -{% endif %} -{% if limits.timeout is vyos_defined %} +{% endif %} +{% if limits.timeout is vyos_defined %} timeout={{ limits.timeout }} -{% endif %} +{% endif %} {% endif %} {# Common RADIUS shaper configuration #} @@ -162,10 +162,10 @@ timeout={{ limits.timeout }} [pppd-compat] verbose=1 radattr-prefix=/run/accel-pppd/radattr -{% set script_name = {'on_up': 'ip-up', 'on_down': 'ip-down', 'on_change':'ip-change', 'on_pre_up':'ip-pre-up'} %} -{% for script in extended_scripts %} +{% set script_name = {'on_up': 'ip-up', 'on_down': 'ip-down', 'on_change':'ip-change', 'on_pre_up':'ip-pre-up'} %} +{% for script in extended_scripts %} {{ script_name[script] }}={{ extended_scripts[script] }} -{% endfor %} +{% endfor %} {% endif %} [cli] diff --git a/data/templates/accel-ppp/pptp.config.tmpl b/data/templates/accel-ppp/pptp.config.j2 index 3cfc4a906..cc1a45d6b 100644 --- a/data/templates/accel-ppp/pptp.config.tmpl +++ b/data/templates/accel-ppp/pptp.config.j2 @@ -10,7 +10,7 @@ radius {% endif %} ippool {% for proto in auth_proto %} -{{proto}} +{{ proto }} {% endfor %} [core] @@ -23,16 +23,16 @@ level=5 {% if dnsv4 %} [dns] -{% for dns in dnsv4 %} +{% for dns in dnsv4 %} dns{{ loop.index }}={{ dns }} -{% endfor %} +{% endfor %} {% endif %} {% if wins %} [wins] -{% for server in wins %} +{% for server in wins %} wins{{ loop.index }}={{ server }} -{% endfor %} +{% endfor %} {% endif %} @@ -42,7 +42,7 @@ ifname=pptp%d bind={{ outside_addr }} {% endif %} verbose=1 -ppp-max-mtu={{mtu}} +ppp-max-mtu={{ mtu }} mppe={{ ppp_mppe }} echo-interval=10 echo-failure=3 @@ -66,27 +66,27 @@ chap-secrets={{ chap_secrets_file }} {% elif auth_mode == 'radius' %} [radius] verbose=1 -{% for r in radius_server %} +{% for r in radius_server %} server={{ r.server }},{{ r.key }},auth-port={{ r.port }},acct-port={{ r.acct_port }},req-limit=0,fail-time={{ r.fail_time }} -{% endfor %} +{% endfor %} -{% if radius_acct_inter_jitter %} +{% if radius_acct_inter_jitter %} acct-interim-jitter={{ radius_acct_inter_jitter }} -{% endif %} +{% endif %} acct-timeout={{ radius_acct_tmo }} timeout={{ radius_timeout }} max-try={{ radius_max_try }} -{% if radius_nas_id %} +{% if radius_nas_id %} nas-identifier={{ radius_nas_id }} -{% endif %} -{% if radius_nas_ip %} +{% endif %} +{% if radius_nas_ip %} nas-ip-address={{ radius_nas_ip }} -{% endif %} -{% if radius_source_address %} +{% endif %} +{% if radius_source_address %} bind={{ radius_source_address }} -{% endif %} +{% endif %} {% endif %} {# Both chap-secrets and radius block required the gw-ip-address #} {% if gw_ip is defined and gw_ip is not none %} diff --git a/data/templates/accel-ppp/sstp.config.tmpl b/data/templates/accel-ppp/sstp.config.j2 index 5c6f19306..5c6f19306 100644 --- a/data/templates/accel-ppp/sstp.config.tmpl +++ b/data/templates/accel-ppp/sstp.config.j2 |