diff options
Diffstat (limited to 'data/templates')
| -rw-r--r-- | data/templates/ipoe-server/chap-secrets.tmpl | 32 | ||||
| -rw-r--r-- | data/templates/ipoe-server/ipoe.config.tmpl | 21 | ||||
| -rw-r--r-- | data/templates/openvpn/client.conf.tmpl | 21 | ||||
| -rw-r--r-- | data/templates/openvpn/server.conf.tmpl | 35 |
4 files changed, 71 insertions, 38 deletions
diff --git a/data/templates/ipoe-server/chap-secrets.tmpl b/data/templates/ipoe-server/chap-secrets.tmpl index 707718e94..5e35d5775 100644 --- a/data/templates/ipoe-server/chap-secrets.tmpl +++ b/data/templates/ipoe-server/chap-secrets.tmpl @@ -1,18 +1,18 @@ # username server password acceptable local IP addresses shaper -{% for aifc in auth['auth_if'] %} -{% for mac in auth['auth_if'][aifc] %} -{% if (auth['auth_if'][aifc][mac]['up']) and (auth['auth_if'][aifc][mac]['down']) %} +{% for aifc in auth['auth_if'] -%} +{% for mac in auth['auth_if'][aifc] -%} +{% if (auth['auth_if'][aifc][mac]['up']) and (auth['auth_if'][aifc][mac]['down']) -%} +{% if auth['auth_if'][aifc][mac]['vlan'] -%} +{{aifc}}.{{auth['auth_if'][aifc][mac]['vlan']}} * {{mac.lower()}} * {{auth['auth_if'][aifc][mac]['down']}}/{{auth['auth_if'][aifc][mac]['up']}} +{% else -%} +{{aifc}} * {{mac.lower()}} * {{auth['auth_if'][aifc][mac]['down']}}/{{auth['auth_if'][aifc][mac]['up']}} +{% endif -%} +{% else -%} {% if auth['auth_if'][aifc][mac]['vlan'] %} -{{aifc}}.{{auth['auth_if'][aifc][mac]['vlan']}}\t*\t{{mac.lower()}}\t*\t{{auth['auth_if'][aifc][mac]['down']}}/{{auth['auth_if'][aifc][mac]['up']}} -{% else %} -{{aifc}}\t*\t{{mac.lower()}}\t*\t{{auth['auth_if'][aifc][mac]['down']}}/{{auth['auth_if'][aifc][mac]['up']}} -{% endif %} -{% else %} -{% if auth['auth_if'][aifc][mac]['vlan'] %} -{{aifc}}.{{auth['auth_if'][aifc][mac]['vlan']}}\t*\t{{mac.lower()}}\t* -{% else %} -{{aifc}}\t*\t{{mac.lower()}}\t* -{% endif %} -{% endif %} -{% endfor %} -{% endfor %} +{{aifc}}.{{auth['auth_if'][aifc][mac]['vlan']}} * {{mac.lower()}} * +{% else -%} +{{aifc}} * {{mac.lower()}} * +{% endif -%} +{% endif -%} +{% endfor -%} +{% endfor -%} diff --git a/data/templates/ipoe-server/ipoe.config.tmpl b/data/templates/ipoe-server/ipoe.config.tmpl index 109bc0d92..0a5ee09a6 100644 --- a/data/templates/ipoe-server/ipoe.config.tmpl +++ b/data/templates/ipoe-server/ipoe.config.tmpl @@ -26,16 +26,7 @@ level=5 verbose=1 {% for intfc in interfaces %} {% if interfaces[intfc]['vlan_mon'] %} -interface=re:{{intfc}}\.\d+,\ -{% else %} -interface={{intfc}},\ -{% endif %} -shared={{interfaces[intfc]['shared']}},\ -mode={{interfaces[intfc]['mode']}},\ -ifcfg={{interfaces[intfc]['ifcfg']}},\ -range={{interfaces[intfc]['range']}},\ -start={{interfaces[intfc]['sess_start']}},\ -ipv6=1 +interface=re:{{intfc}}\.\d+,{% else %}interface={{intfc}},{% endif %}shared={{interfaces[intfc]['shared']}},mode={{interfaces[intfc]['mode']}},ifcfg={{interfaces[intfc]['ifcfg']}},range={{interfaces[intfc]['range']}},start={{interfaces[intfc]['sess_start']}},ipv6=1 {% endfor %} {% if auth['mech'] == 'noauth' %} noauth=1 @@ -86,20 +77,20 @@ delegate={{pd}} {% if auth['mech'] == 'local' %} [chap-secrets] -chap-secrets=/etc/accel-ppp/ipoe/chap-secrets +chap-secrets={{chap_secrets_file}} {% endif %} {% if auth['mech'] == 'radius' %} [radius] verbose=1 {% for srv in auth['radius'] %} -server={{srv}},{{auth['radius'][srv]['secret']}},\ -req-limit={{auth['radius'][srv]['req-limit']}},\ +server={{srv}},{{auth['radius'][srv]['secret']}}, +req-limit={{auth['radius'][srv]['req-limit']}}, fail-time={{auth['radius'][srv]['fail-time']}} {% endfor %} {% if auth['radsettings']['dae-server']['ip-address'] %} -dae-server={{auth['radsettings']['dae-server']['ip-address']}}:\ -{{auth['radsettings']['dae-server']['port']}},\ +dae-server={{auth['radsettings']['dae-server']['ip-address']}}: +{{auth['radsettings']['dae-server']['port']}}, {{auth['radsettings']['dae-server']['secret']}} {% endif -%} {% if auth['radsettings']['acct-timeout'] %} diff --git a/data/templates/openvpn/client.conf.tmpl b/data/templates/openvpn/client.conf.tmpl index 3099f2ca7..508d8da94 100644 --- a/data/templates/openvpn/client.conf.tmpl +++ b/data/templates/openvpn/client.conf.tmpl @@ -1,8 +1,9 @@ ### Autogenerated by interfaces-openvpn.py ### {% if ip -%} -ifconfig-push {{ ip }} {{ remote_netmask }} +ifconfig-push {{ ip[0] }} {{ remote_netmask }} {% endif -%} + {% for route in push_route -%} push "route {{ route }}" {% endfor -%} @@ -11,6 +12,24 @@ push "route {{ route }}" iroute {{ net }} {% endfor -%} +{# ipv6_remote is only set when IPv6 server is enabled #} +{% if ipv6_remote -%} +# IPv6 + +{%- if ipv6_ip %} +ifconfig-ipv6-push {{ ipv6_ip[0] }} {{ ipv6_remote }} +{%- endif %} + +{%- for route6 in ipv6_push_route %} +push "route-ipv6 {{ route6 }}" +{%- endfor %} + +{%- for net6 in ipv6_subnet %} +iroute {{ net6 }} +{%- endfor %} + +{% endif -%} + {% if disable -%} disable {% endif -%} diff --git a/data/templates/openvpn/server.conf.tmpl b/data/templates/openvpn/server.conf.tmpl index a9dacd36e..0f563dc2b 100644 --- a/data/templates/openvpn/server.conf.tmpl +++ b/data/templates/openvpn/server.conf.tmpl @@ -18,7 +18,7 @@ dev {{ intf }} persist-key iproute /usr/libexec/vyos/system/unpriv-ip -proto {% if 'tcp-active' in protocol -%}tcp-client{% elif 'tcp-passive' in protocol -%}tcp-server{% else %}udp{% endif %} +proto {% if 'tcp-active' in protocol -%}tcp6-client{% elif 'tcp-passive' in protocol -%}tcp6-server{% else %}udp6{% endif %} {%- if local_host %} local {{ local_host }} @@ -78,10 +78,10 @@ topology {% if server_topology == 'point-to-point' %}p2p{% else %}{{ server_topo mode server tls-server {%- else %} -server {{ server_subnet }}{% if server_pool_start %} nopool{% endif %} +server {{ server_subnet[0] }} nopool {%- endif %} -{%- if server_pool_start %} +{%- if server_pool %} ifconfig-pool {{ server_pool_start }} {{ server_pool_stop }}{% if server_pool_netmask %} {{ server_pool_netmask }}{% endif %} {%- endif %} @@ -110,7 +110,26 @@ push "dhcp-option DNS {{ ns }}" {%- if server_domain -%} push "dhcp-option DOMAIN {{ server_domain }}" -{% endif %} +{% endif -%} + +{%- if server_ipv6_local %} +# IPv6 +push "tun-ipv6" +ifconfig-ipv6 {{ server_ipv6_local }}/{{ server_ipv6_prefixlen }} {{ server_ipv6_remote }} + +{%- if server_ipv6_pool %} +ifconfig-ipv6-pool {{ server_ipv6_pool_base }}/{{ server_ipv6_pool_prefixlen }} +{%- endif %} + +{%- for route6 in server_ipv6_push_route %} +push "route-ipv6 {{ route6 }}" +{%- endfor %} + +{%- for ns6 in server_ipv6_dns_nameserver %} +push "dhcp-option DNS6 {{ ns6 }}" +{%- endfor %} + +{%- endif %} {% else -%} # @@ -120,9 +139,13 @@ ping {{ ping_interval }} ping-restart {{ ping_restart }} {% if local_address_subnet -%} -ifconfig {{ local_address }} {{ local_address_subnet }} +ifconfig {{ local_address[0] }} {{ local_address_subnet }} {%- elif remote_address -%} -ifconfig {{ local_address }} {{ remote_address }} +ifconfig {{ local_address[0] }} {{ remote_address[0] }} +{%- endif %} + +{% if ipv6_local_address -%} +ifconfig-ipv6 {{ ipv6_local_address[0] }} {{ ipv6_remote_address[0] }} {%- endif %} {% endif -%} |