summaryrefslogtreecommitdiff
path: root/data/templates
diff options
context:
space:
mode:
Diffstat (limited to 'data/templates')
-rw-r--r--data/templates/accel-ppp/l2tp.config.j2145
-rw-r--r--data/templates/accel-ppp/pptp.config.j289
-rw-r--r--data/templates/accel-ppp/sstp.config.j21
3 files changed, 66 insertions, 169 deletions
diff --git a/data/templates/accel-ppp/l2tp.config.j2 b/data/templates/accel-ppp/l2tp.config.j2
index 89cc0eae7..49755254a 100644
--- a/data/templates/accel-ppp/l2tp.config.j2
+++ b/data/templates/accel-ppp/l2tp.config.j2
@@ -2,21 +2,17 @@
[modules]
log_syslog
l2tp
-chap-secrets
-{% for proto in auth_proto %}
-{{ proto }}
-{% endfor %}
-{% if auth_mode == 'radius' %}
-radius
-{% endif %}
-ippool
shaper
-ipv6pool
-ipv6_nd
-ipv6_dhcp
+{# Common authentication backend definitions #}
+{% include 'accel-ppp/config_modules_auth_mode.j2' %}
+ippool
+{# Common IPv6 definitions #}
+{% include 'accel-ppp/config_modules_ipv6.j2' %}
+{# Common authentication protocols (pap, chap ...) #}
+{% include 'accel-ppp/config_modules_auth_protocols.j2' %}
[core]
-thread-count={{ thread_cnt }}
+thread-count={{ thread_count }}
[common]
{% if max_concurrent_sessions is vyos_defined %}
@@ -28,23 +24,12 @@ syslog=accel-l2tp,daemon
copy=1
level=5
-{% if dnsv4 %}
-[dns]
-{% for dns in dnsv4 %}
-dns{{ loop.index }}={{ dns }}
-{% endfor %}
-{% endif %}
+{# Common DNS name-server definition #}
+{% include 'accel-ppp/config_name_server.j2' %}
-{% if dnsv6 %}
-[ipv6-dns]
-{% for dns in dnsv6 %}
-{{ dns }}
-{% endfor %}
-{% endif %}
-
-{% if wins %}
+{% if wins_server is vyos_defined %}
[wins]
-{% for server in wins %}
+{% for server in wins_server %}
wins{{ loop.index }}={{ server }}
{% endfor %}
{% endif %}
@@ -53,15 +38,15 @@ wins{{ loop.index }}={{ server }}
verbose=1
ifname=l2tp%d
ppp-max-mtu={{ mtu }}
-mppe={{ ppp_mppe }}
-{% if outside_addr %}
-bind={{ outside_addr }}
+mppe={{ ppp_options.mppe }}
+{% if outside_address is vyos_defined %}
+bind={{ outside_address }}
{% endif %}
-{% if lns_shared_secret %}
-secret={{ lns_shared_secret }}
+{% if lns.shared_secret is vyos_defined %}
+secret={{ lns.shared_secret }}
{% endif %}
-{% if lns_host_name %}
-host-name={{ lns_host_name }}
+{% if lns.host_name is vyos_defined %}
+host-name={{ lns.host_name }}
{% endif %}
{% if default_pool is vyos_defined %}
ip-pool={{ default_pool }}
@@ -73,87 +58,39 @@ ip-pool={{ default_pool }}
{# Common IP pool definitions #}
{% include 'accel-ppp/config_ip_pool.j2' %}
-{% if auth_mode == 'local' %}
-[chap-secrets]
-chap-secrets={{ chap_secrets_file }}
-{% elif auth_mode == 'radius' %}
-[radius]
-verbose=1
-{% for r in radius_server %}
-server={{ r.server }},{{ r.key }},auth-port={{ r.port }},acct-port={{ r.acct_port }},req-limit=0,fail-time={{ r.fail_time }}
-{% endfor %}
-{% if radius_dynamic_author.server is vyos_defined %}
-dae-server={{ radius_dynamic_author.server }}:{{ radius_dynamic_author.port }},{{ radius_dynamic_author.key }}
-{% endif %}
-{% if radius_acct_interim_interval is vyos_defined %}
-acct-interim-interval={{ radius_acct_interim_interval }}
-{% endif %}
-{% if radius_acct_inter_jitter %}
-acct-interim-jitter={{ radius_acct_inter_jitter }}
-{% endif %}
-acct-timeout={{ radius_acct_tmo }}
-timeout={{ radius_timeout }}
-max-try={{ radius_max_try }}
-{% if radius_nas_id %}
-nas-identifier={{ radius_nas_id }}
-{% endif %}
-{% if radius_nas_ip %}
-nas-ip-address={{ radius_nas_ip }}
-{% endif %}
-{% if radius_source_address %}
-bind={{ radius_source_address }}
-{% endif %}
-{% endif %}
-{% if gateway_address is vyos_defined %}
-gw-ip-address={{ gateway_address }}
-{% endif %}
+{# Common chap-secrets and RADIUS server/option definitions #}
+{% include 'accel-ppp/config_chap_secrets_radius.j2' %}
[ppp]
verbose=1
check-ip=1
single-session=replace
-lcp-echo-timeout={{ ppp_echo_timeout }}
-lcp-echo-interval={{ ppp_echo_interval }}
-lcp-echo-failure={{ ppp_echo_failure }}
-{% if ccp_disable %}
+lcp-echo-interval={{ ppp_options.lcp_echo_interval }}
+lcp-echo-timeout={{ ppp_options.lcp_echo_timeout }}
+lcp-echo-failure={{ ppp_options.lcp_echo_failure }}
+{# MTU #}
+mtu={{ mtu }}
+ipv6={{ 'allow' if ppp_options.ipv6 is vyos_defined("deny") and client_ipv6_pool is vyos_defined else ppp_options.ipv6 }}
+ipv4={{ ppp_options.ipv4 }}
+mppe={{ ppp_options.mppe }}
+{% if ccp_disable is vyos_defined %}
ccp=0
{% endif %}
-{% if ppp_ipv6 is vyos_defined %}
-ipv6={{ ppp_ipv6 }}
-{% else %}
-{{ 'ipv6=allow' if client_ipv6_pool_configured else '' }}
-{% endif %}
-{% if ppp_ipv6_intf_id is vyos_defined %}
-ipv6-intf-id={{ ppp_ipv6_intf_id }}
-{% endif %}
-{% if ppp_ipv6_peer_intf_id is vyos_defined %}
-ipv6-peer-intf-id={{ ppp_ipv6_peer_intf_id }}
-{% endif %}
-ipv6-accept-peer-intf-id={{ "1" if ppp_ipv6_accept_peer_intf_id else "0" }}
+unit-preallocate={{ "1" if authentication.radius.preallocate_vif is vyos_defined else "0" }}
-{% if client_ipv6_pool %}
-[ipv6-pool]
-{% for p in client_ipv6_pool %}
-{{ p.prefix }},{{ p.mask }}
-{% endfor %}
-{% for p in client_ipv6_delegate_prefix %}
-delegate={{ p.prefix }},{{ p.mask }}
-{% endfor %}
+{% if ppp_options.ipv6_intf_id is vyos_defined %}
+ipv6-intf-id={{ ppp_options.ipv6_intf_id }}
{% endif %}
-
-{% if client_ipv6_delegate_prefix %}
-[ipv6-dhcp]
-verbose=1
+{% if ppp_options.ipv6_peer_intf_id is vyos_defined %}
+ipv6-peer-intf-id={{ ppp_options.ipv6_peer_intf_id }}
{% endif %}
+ipv6-accept-peer-intf-id={{ "1" if ppp_options.ipv6_accept_peer_intf_id is vyos_defined else "0" }}
-{% if radius_shaper_attr %}
-[shaper]
-verbose=1
-attr={{ radius_shaper_attr }}
-{% if radius_shaper_vendor %}
-vendor={{ radius_shaper_vendor }}
-{% endif %}
-{% endif %}
+{# Common IPv6 pool definitions #}
+{% include 'accel-ppp/config_ipv6_pool.j2' %}
+
+{# Common RADIUS shaper configuration #}
+{% include 'accel-ppp/config_shaper_radius.j2' %}
[cli]
tcp=127.0.0.1:2004
diff --git a/data/templates/accel-ppp/pptp.config.j2 b/data/templates/accel-ppp/pptp.config.j2
index 4e891777f..daafd6e92 100644
--- a/data/templates/accel-ppp/pptp.config.j2
+++ b/data/templates/accel-ppp/pptp.config.j2
@@ -3,18 +3,22 @@
log_syslog
pptp
shaper
-{% if auth_mode == 'local' %}
-chap-secrets
-{% elif auth_mode == 'radius' %}
-radius
-{% endif %}
+{# Common authentication backend definitions #}
+{% include 'accel-ppp/config_modules_auth_mode.j2' %}
ippool
-{% for proto in auth_proto %}
-{{ proto }}
-{% endfor %}
+{# Common authentication protocols (pap, chap ...) #}
+{% if authentication.require is vyos_defined %}
+{% if authentication.require == 'chap' %}
+auth_chap_md5
+{% elif authentication.require == 'mschap' %}
+auth_mschap_v1
+{% else %}
+auth_{{ authentication.require.replace('-', '_') }}
+{% endif %}
+{% endif %}
[core]
-thread-count={{ thread_cnt }}
+thread-count={{ thread_count }}
[common]
{% if max_concurrent_sessions is vyos_defined %}
@@ -26,16 +30,12 @@ syslog=accel-pptp,daemon
copy=1
level=5
-{% if dnsv4 %}
-[dns]
-{% for dns in dnsv4 %}
-dns{{ loop.index }}={{ dns }}
-{% endfor %}
-{% endif %}
+{# Common DNS name-server definition #}
+{% include 'accel-ppp/config_name_server.j2' %}
-{% if wins %}
+{% if wins_server is vyos_defined %}
[wins]
-{% for server in wins %}
+{% for server in wins_server %}
wins{{ loop.index }}={{ server }}
{% endfor %}
{% endif %}
@@ -43,12 +43,12 @@ wins{{ loop.index }}={{ server }}
[pptp]
ifname=pptp%d
-{% if outside_addr %}
-bind={{ outside_addr }}
+{% if outside_address is vyos_defined %}
+bind={{ outside_address }}
{% endif %}
verbose=1
ppp-max-mtu={{ mtu }}
-mppe={{ ppp_mppe }}
+mppe={{ authentication.mppe }}
echo-interval=10
echo-failure=3
{% if default_pool is vyos_defined %}
@@ -66,52 +66,11 @@ verbose=5
check-ip=1
single-session=replace
-{% if auth_mode == 'local' %}
-[chap-secrets]
-chap-secrets={{ chap_secrets_file }}
-{% elif auth_mode == 'radius' %}
-[radius]
-verbose=1
-{% for r in radius_server %}
-server={{ r.server }},{{ r.key }},auth-port={{ r.port }},acct-port={{ r.acct_port }},req-limit=0,fail-time={{ r.fail_time }}
-{% endfor %}
-{% if radius_acct_interim_interval is vyos_defined %}
-acct-interim-interval={{ radius_acct_interim_interval }}
-{% endif %}
-{% if radius_acct_inter_jitter %}
-acct-interim-jitter={{ radius_acct_inter_jitter }}
-{% endif %}
-acct-timeout={{ radius_acct_tmo }}
-timeout={{ radius_timeout }}
-max-try={{ radius_max_try }}
-{% if radius_nas_id %}
-nas-identifier={{ radius_nas_id }}
-{% endif %}
-{% if radius_nas_ip %}
-nas-ip-address={{ radius_nas_ip }}
-{% endif %}
-{% if radius_source_address %}
-bind={{ radius_source_address }}
-{% endif %}
-{% endif %}
-{# Both chap-secrets and radius block required the gw-ip-address #}
-{% if gateway_address is vyos_defined %}
-gw-ip-address={{ gateway_address }}
-{% endif %}
+{# Common chap-secrets and RADIUS server/option definitions #}
+{% include 'accel-ppp/config_chap_secrets_radius.j2' %}
-{% if radius_shaper_enable %}
-[shaper]
-verbose=1
-{% if radius_shaper_attr %}
-attr={{ radius_shaper_attr }}
-{% endif %}
-{% if radius_shaper_multiplier %}
-rate-multiplier={{ radius_shaper_multiplier }}
-{% endif %}
-{% if radius_shaper_vendor %}
-vendor={{ radius_shaper_vendor }}
-{% endif %}
-{% endif %}
+{# Common RADIUS shaper configuration #}
+{% include 'accel-ppp/config_shaper_radius.j2' %}
[cli]
tcp=127.0.0.1:2003
diff --git a/data/templates/accel-ppp/sstp.config.j2 b/data/templates/accel-ppp/sstp.config.j2
index 6117cea1b..014ae1235 100644
--- a/data/templates/accel-ppp/sstp.config.j2
+++ b/data/templates/accel-ppp/sstp.config.j2
@@ -57,6 +57,7 @@ verbose=1
check-ip=1
{# MTU #}
mtu={{ mtu }}
+unit-preallocate={{ "1" if authentication.radius.preallocate_vif is vyos_defined else "0" }}
ipv6={{ 'allow' if ppp_options.ipv6 is vyos_defined("deny") and client_ipv6_pool is vyos_defined else ppp_options.ipv6 }}
ipv4={{ ppp_options.ipv4 }}
mppe={{ ppp_options.mppe }}