diff options
Diffstat (limited to 'data')
| -rw-r--r-- | data/templates/dhcp-relay/config.tmpl | 17 | ||||
| -rw-r--r-- | data/templates/dhcp-server/daemon.tmpl | 8 | ||||
| -rw-r--r-- | data/templates/dhcpv6-relay/config.tmpl | 4 | ||||
| -rw-r--r-- | data/templates/dhcpv6-server/daemon.tmpl | 8 | ||||
| -rw-r--r-- | data/templates/dynamic-dns/ddclient.conf.tmpl | 3 | ||||
| -rw-r--r-- | data/templates/l2tp/chap-secrets.tmpl | 12 | ||||
| -rw-r--r-- | data/templates/l2tp/l2tp.config.tmpl | 140 | ||||
| -rw-r--r-- | data/templates/openvpn/server.conf.tmpl | 15 | ||||
| -rw-r--r-- | data/templates/sstp/sstp.config.tmpl | 2 | ||||
| -rw-r--r-- | data/templates/wifi/hostapd.conf.tmpl | 7 |
10 files changed, 83 insertions, 133 deletions
diff --git a/data/templates/dhcp-relay/config.tmpl b/data/templates/dhcp-relay/config.tmpl index 7203ae9fb..b223807cf 100644 --- a/data/templates/dhcp-relay/config.tmpl +++ b/data/templates/dhcp-relay/config.tmpl @@ -1,17 +1,4 @@ ### Autogenerated by dhcp_relay.py ### -# Defaults for isc-dhcp-relay initscript -# sourced by /etc/init.d/isc-dhcp-relay - -# -# This is a POSIX shell fragment -# - -# What servers should the DHCP relay forward requests to? -SERVERS="{{ server | join(' ') }}" - -# On what interfaces should the DHCP relay (dhrelay) serve DHCP requests? -INTERFACES="{{ interface | join(' ') }}" - -# Additional options that are passed to the DHCP relay daemon? -OPTIONS="-4 {{ options | join(' ') }}" +# Defaults for isc-dhcp-relay6.service +OPTIONS="{{ options | join(' ') }} -i {{ interface | join(' -i ') }} {{ server | join(' ') }}" diff --git a/data/templates/dhcp-server/daemon.tmpl b/data/templates/dhcp-server/daemon.tmpl deleted file mode 100644 index f88032d38..000000000 --- a/data/templates/dhcp-server/daemon.tmpl +++ /dev/null @@ -1,8 +0,0 @@ -### Autogenerated by dhcp_server.py ### - -# sourced by /etc/init.d/isc-dhcpv4-server - -DHCPD_CONF={{ config_file }} -DHCPD_PID={{ pid_file }} -OPTIONS="-4 -lf {{ lease_file }}" -INTERFACES="" diff --git a/data/templates/dhcpv6-relay/config.tmpl b/data/templates/dhcpv6-relay/config.tmpl index 28f7a1a58..55035ae6c 100644 --- a/data/templates/dhcpv6-relay/config.tmpl +++ b/data/templates/dhcpv6-relay/config.tmpl @@ -1,4 +1,4 @@ ### Autogenerated by dhcpv6_relay.py ### -# Defaults for isc-dhcpv6-relay initscript sourced by /etc/init.d/isc-dhcpv6-relay -OPTIONS="-6 -l {{ listen_addr | join(' -l ') }} -u {{ upstream_addr | join(' -u ') }} {{ options | join(' ') }}" +# Defaults for isc-dhcp-relay6.service +OPTIONS="-l {{ listen_addr | join(' -l ') }} -u {{ upstream_addr | join(' -u ') }} {{ options | join(' ') }}" diff --git a/data/templates/dhcpv6-server/daemon.tmpl b/data/templates/dhcpv6-server/daemon.tmpl deleted file mode 100644 index a4967e7c3..000000000 --- a/data/templates/dhcpv6-server/daemon.tmpl +++ /dev/null @@ -1,8 +0,0 @@ -### Autogenerated by dhcpv6_server.py ### - -# sourced by /etc/init.d/isc-dhcpv6-server - -DHCPD_CONF={{ config_file }} -DHCPD_PID={{ pid_file }} -OPTIONS="-6 -lf {{ lease_file }}" -INTERFACES="" diff --git a/data/templates/dynamic-dns/ddclient.conf.tmpl b/data/templates/dynamic-dns/ddclient.conf.tmpl index 22cb38f4e..9c7219230 100644 --- a/data/templates/dynamic-dns/ddclient.conf.tmpl +++ b/data/templates/dynamic-dns/ddclient.conf.tmpl @@ -1,10 +1,7 @@ - ### Autogenerated by dynamic_dns.py ### daemon=1m syslog=yes ssl=yes -pid={{ pid_file }} -cache={{ cache_file }} {% for interface in interfaces -%} diff --git a/data/templates/l2tp/chap-secrets.tmpl b/data/templates/l2tp/chap-secrets.tmpl index 0db295fdc..dd00d7bd0 100644 --- a/data/templates/l2tp/chap-secrets.tmpl +++ b/data/templates/l2tp/chap-secrets.tmpl @@ -1,10 +1,10 @@ -# username server password acceptable local IP addresses shaper -{% for user in authentication['local-users'] %} -{% if authentication['local-users'][user]['state'] == 'enabled' %} -{% if authentication['local-users'][user]['upload'] and authentication['local-users'][user]['download'] %} -{{ "%-12s" | format(user) }} * {{ "%-16s" | format(authentication['local-users'][user]['passwd']) }} {{ "%-16s" | format(authentication['local-users'][user]['ip']) }} {{ authentication['local-users'][user]['download'] }} / {{ authentication['local-users'][user]['upload'] }} +# username server password acceptable local IP addresses shaper +{% for user in local_users %} +{% if user.state == 'enabled' %} +{% if user.upload and user.download %} +{{ "%-12s" | format(user.name) }} * {{ "%-16s" | format(user.password) }} {{ "%-16s" | format(user.ip) }} {{ user.download }} / {{ user.upload }} {% else %} -{{ "%-12s" | format(user) }} * {{ "%-16s" | format(authentication['local-users'][user]['passwd']) }} {{ "%-16s" | format(authentication['local-users'][user]['ip']) }} +{{ "%-12s" | format(user.name) }} * {{ "%-16s" | format(user.password) }} {{ "%-16s" | format(user.ip) }} {% endif %} {% endif %} {% endfor %} diff --git a/data/templates/l2tp/l2tp.config.tmpl b/data/templates/l2tp/l2tp.config.tmpl index b8637e256..ba78cadcd 100644 --- a/data/templates/l2tp/l2tp.config.tmpl +++ b/data/templates/l2tp/l2tp.config.tmpl @@ -3,12 +3,14 @@ log_syslog l2tp chap-secrets -{% for proto in authentication['auth_proto']: %} +{% for proto in auth_proto: %} {{proto}} {% endfor%} -{% if authentication['mode'] == 'radius' %} + +{% if auth_mode == 'radius' %} radius {% endif -%} + ippool shaper ipv6pool @@ -23,52 +25,46 @@ syslog=accel-l2tp,daemon copy=1 level=5 -{% if dns %} +{% if dnsv4 %} [dns] -{% if dns[0] %} -dns1={{dns[0]}} -{% endif %} -{% if dns[1] %} -dns2={{dns[1]}} +{% for dns in dnsv4 -%} +dns{{ loop.index }}={{ dns }} +{% endfor -%} {% endif %} -{% endif -%} {% if dnsv6 %} [ipv6-dns] -{% for srv in dnsv6: %} -{{srv}} -{% endfor %} +{% for dns in dnsv6 -%} +{{ dns }} +{% endfor -%} {% endif %} {% if wins %} [wins] -{% if wins[0] %} -wins1={{wins[0]}} -{% endif %} -{% if wins[1] %} -wins2={{wins[1]}} +{% for server in wins -%} +wins{{ loop.index }}={{ server }} +{% endfor -%} {% endif %} -{% endif -%} [l2tp] verbose=1 ifname=l2tp%d -ppp-max-mtu={{mtu}} -mppe={{authentication['mppe']}} +ppp-max-mtu={{ mtu }} +mppe={{ ppp_mppe }} {% if outside_addr %} -bind={{outside_addr}} +bind={{ outside_addr }} {% endif %} {% if lns_shared_secret %} -secret={{lns_shared_secret}} +secret={{ lns_shared_secret }} {% endif %} [client-ip-range] 0.0.0.0/0 -{% if (client_ip_pool) or (client_ip_subnets) %} +{% if client_ip_pool or client_ip_subnets %} [ip-pool] {% if client_ip_pool %} -{{client_ip_pool}} +{{ client_ip_pool }} {% endif -%} {% if client_ip_subnets %} {% for sn in client_ip_subnets %} @@ -77,34 +73,41 @@ secret={{lns_shared_secret}} {% endif %} {% endif %} {% if gateway_address %} -gw-ip-address={{gateway_address}} +gw-ip-address={{ gateway_address }} {% endif %} -{% if authentication['mode'] == 'local' %} +{% if auth_mode == 'local' %} [chap-secrets] -chap-secrets=/etc/accel-ppp/l2tp/chap-secrets -{% if gateway_address %} -gw-ip-address={{gateway_address}} -{% endif %} +chap-secrets={{ chap_secrets_file }} +{% elif auth_mode == 'radius' %} +[radius] +verbose=1 +{% for r in radius_server %} +server={{ r.server }},{{ r.key }},auth-port={{ r.port }},req-limit=0,fail-time={{ r.fail_time }} +{% endfor -%} {% endif %} +acct-timeout={{ radius_acct_tmo }} +timeout={{ radius_timeout }} +max-try={{ radius_max_try }} + +{% if radius_nas_id %} +nas-identifier={{ radius_nas_id }} +{% endif -%} +{% if radius_nas_ip %} +nas-ip-address={{ radius_nas_ip }} +{% endif -%} +{% if radius_source_address %} +bind={{ radius_source_address }} +{% endif -%} + [ppp] verbose=1 check-ip=1 single-session=replace -{% if idle_timeout %} -lcp-echo-timeout={{idle_timeout}} -{% endif %} -{% if ppp_options['lcp-echo-interval'] %} -lcp-echo-interval={{ppp_options['lcp-echo-interval']}} -{% else %} -lcp-echo-interval=30 -{% endif %} -{% if ppp_options['lcp-echo-failure'] %} -lcp-echo-failure={{ppp_options['lcp-echo-failure']}} -{% else %} -lcp-echo-failure=3 -{% endif %} +lcp-echo-timeout={{ ppp_echo_timeout }} +lcp-echo-interval={{ ppp_echo_interval }} +lcp-echo-failure={{ ppp_echo_failure }} {% if ccp_disable %} ccp=0 {% endif %} @@ -112,62 +115,33 @@ ccp=0 ipv6=allow {% endif %} -{% if authentication['mode'] == 'radius' %} -[radius] -{% for rsrv in authentication['radiussrv']: %} -server={{rsrv}},{{authentication['radiussrv'][rsrv]['secret']}},\ -req-limit={{authentication['radiussrv'][rsrv]['req-limit']}},\ -fail-time={{authentication['radiussrv'][rsrv]['fail-time']}} -{% endfor %} -{% if authentication['radiusopt']['timeout'] %} -timeout={{authentication['radiusopt']['timeout']}} -{% endif %} -{% if authentication['radiusopt']['acct-timeout'] %} -acct-timeout={{authentication['radiusopt']['acct-timeout']}} -{% endif %} -{% if authentication['radiusopt']['max-try'] %} -max-try={{authentication['radiusopt']['max-try']}} -{% endif %} -{% if authentication['radiusopt']['nas-id'] %} -nas-identifier={{authentication['radiusopt']['nas-id']}} -{% endif %} -{% if authentication['radius_source_address'] %} -nas-ip-address={{authentication['radius_source_address']}} -{% endif -%} -{% if authentication['radiusopt']['dae-srv'] %} -dae-server={{authentication['radiusopt']['dae-srv']['ip-addr']}}:\ -{{authentication['radiusopt']['dae-srv']['port']}},\ -{{authentication['radiusopt']['dae-srv']['secret']}} -{% endif -%} -gw-ip-address={{gateway_address}} -verbose=1 -{% endif -%} {% if client_ipv6_pool %} [ipv6-pool] -{% for prfx in client_ipv6_pool.prefix: %} -{{prfx}} +{% for p in client_ipv6_pool %} +{{ p.prefix }},{{ p.mask }} {% endfor %} -{% for prfx in client_ipv6_pool.delegate_prefix: %} -delegate={{prfx}} +{% for p in client_ipv6_delegate_prefix %} +delegate={{ p.prefix }},{{ p.mask }} {% endfor %} + {% endif %} -{% if client_ipv6_pool['delegate_prefix'] %} +{% if client_ipv6_delegate_prefix %} [ipv6-dhcp] verbose=1 {% endif %} -{% if authentication['radiusopt']['shaper'] %} +{% if radius_shaper_attr %} [shaper] verbose=1 -attr={{authentication['radiusopt']['shaper']['attr']}} -{% if authentication['radiusopt']['shaper']['vendor'] %} -vendor={{authentication['radiusopt']['shaper']['vendor']}} +attr={{ radius_shaper_attr }} +{% if radius_shaper_vendor %} +vendor={{ radius_shaper_vendor }} {% endif -%} {% endif %} [cli] tcp=127.0.0.1:2004 -sessions-columns=ifname,username,calling-sid,ip,{{ip6_column}}{{ip6_dp_column}}rate-limit,type,comp,state,rx-bytes,tx-bytes,uptime +sessions-columns=ifname,username,calling-sid,ip,{{ ip6_column | join(',') }}{{ ',' if ip6_column }}rate-limit,type,comp,state,rx-bytes,tx-bytes,uptime diff --git a/data/templates/openvpn/server.conf.tmpl b/data/templates/openvpn/server.conf.tmpl index d0af3d2e3..a9dacd36e 100644 --- a/data/templates/openvpn/server.conf.tmpl +++ b/data/templates/openvpn/server.conf.tmpl @@ -9,8 +9,6 @@ {% endif -%} verb 3 -status /opt/vyatta/etc/openvpn/status/{{ intf }}.status 30 -writepid /var/run/openvpn/{{ intf }}.pid user {{ uid }} group {{ gid }} @@ -73,13 +71,18 @@ nobind # {%- if server_topology %} -topology {% if 'point-to-point' in server_topology %}p2p{% else %}subnet{% endif %} +topology {% if server_topology == 'point-to-point' %}p2p{% else %}{{ server_topology }}{% endif %} {%- endif %} {%- if bridge_member %} -server-bridge nogw +mode server +tls-server {%- else %} -server {{ server_subnet }} +server {{ server_subnet }}{% if server_pool_start %} nopool{% endif %} +{%- endif %} + +{%- if server_pool_start %} +ifconfig-pool {{ server_pool_start }} {{ server_pool_stop }}{% if server_pool_netmask %} {{ server_pool_netmask }}{% endif %} {%- endif %} {%- if server_max_conn %} @@ -87,7 +90,7 @@ max-clients {{ server_max_conn }} {%- endif %} {%- if client %} -client-config-dir /opt/vyatta/etc/openvpn/ccd/{{ intf }} +client-config-dir /run/openvpn/ccd/{{ intf }} {%- endif %} {%- if server_reject_unconfigured %} diff --git a/data/templates/sstp/sstp.config.tmpl b/data/templates/sstp/sstp.config.tmpl index 6c09c52ad..acdb6c76b 100644 --- a/data/templates/sstp/sstp.config.tmpl +++ b/data/templates/sstp/sstp.config.tmpl @@ -53,7 +53,7 @@ dns{{ loop.index }}={{ dns }} {% if auth_mode == 'local' %} [chap-secrets] -chap-secrets=/etc/accel-ppp/sstp/chap-secrets +chap-secrets={{ chap_secrets_file }} {% elif auth_mode == 'radius' %} [radius] verbose=1 diff --git a/data/templates/wifi/hostapd.conf.tmpl b/data/templates/wifi/hostapd.conf.tmpl index 031fb6c90..e2fb9ca8f 100644 --- a/data/templates/wifi/hostapd.conf.tmpl +++ b/data/templates/wifi/hostapd.conf.tmpl @@ -73,7 +73,6 @@ channel={{ channel }} # offloaded ACS is used. {% if 'n' in mode -%} hw_mode=g -ieee80211n=1 {% elif 'ac' in mode -%} hw_mode=a ieee80211h=1 @@ -421,6 +420,12 @@ vht_capab= ieee80211n=0 # Require stations to support VHT PHY (reject association if they do not) require_vht=1 +{% else -%} +{% if 'n' in mode or 'ac' in mode -%} +ieee80211n=1 +{% else -%} +ieee80211n=0 +{%- endif %} {% endif %} {% if cap_vht_center_freq_1 -%} |