diff options
Diffstat (limited to 'data')
| -rw-r--r-- | data/templates/dhcp-client/override.conf.j2 | 2 | ||||
| -rw-r--r-- | data/templates/frr/bgpd.frr.j2 | 3 | ||||
| -rw-r--r-- | data/templates/openvpn/server.conf.j2 | 6 | ||||
| -rw-r--r-- | data/vyos-firewall-init.conf | 4 |
4 files changed, 9 insertions, 6 deletions
diff --git a/data/templates/dhcp-client/override.conf.j2 b/data/templates/dhcp-client/override.conf.j2 index 03fd71bf1..d09320270 100644 --- a/data/templates/dhcp-client/override.conf.j2 +++ b/data/templates/dhcp-client/override.conf.j2 @@ -10,6 +10,6 @@ ConditionPathExists={{ isc_dhclient_dir }}/dhclient_%i.conf ExecStart= ExecStart={{ vrf_command }}/sbin/dhclient -4 {{ dhclient_options }} {{ ifname }} ExecStop= -ExecStop=/sbin/dhclient -4 -r {{ dhclient_options }} {{ ifname }} +ExecStop={{ vrf_command }}/sbin/dhclient -4 -r {{ dhclient_options }} {{ ifname }} WorkingDirectory={{ isc_dhclient_dir }} PIDFile={{ isc_dhclient_dir }}/dhclient_%i.pid diff --git a/data/templates/frr/bgpd.frr.j2 b/data/templates/frr/bgpd.frr.j2 index 4535758da..7fa974254 100644 --- a/data/templates/frr/bgpd.frr.j2 +++ b/data/templates/frr/bgpd.frr.j2 @@ -349,6 +349,9 @@ router bgp {{ system_as }} {{ 'vrf ' ~ vrf if vrf is vyos_defined }} {% if afi_config.label.vpn.export is vyos_defined %} label vpn export {{ afi_config.label.vpn.export }} {% endif %} +{% if afi_config.label.vpn.allocation_mode.per_nexthop is vyos_defined %} + label vpn export allocation-mode per-nexthop +{% endif %} {% if afi_config.local_install is vyos_defined %} {% for interface in afi_config.local_install.interface %} local-install {{ interface }} diff --git a/data/templates/openvpn/server.conf.j2 b/data/templates/openvpn/server.conf.j2 index a9bd45370..f76fbbe79 100644 --- a/data/templates/openvpn/server.conf.j2 +++ b/data/templates/openvpn/server.conf.j2 @@ -185,7 +185,7 @@ tls-version-min {{ tls.tls_version_min }} {% endif %} {% if tls.dh_params is vyos_defined %} dh /run/openvpn/{{ ifname }}_dh.pem -{% elif mode is vyos_defined('server') and tls.private_key is vyos_defined %} +{% else %} dh none {% endif %} {% if tls.auth_key is vyos_defined %} @@ -201,9 +201,9 @@ tls-client tls-server {% endif %} -{% if peer_fingerprint is vyos_defined %} +{% if tls.peer_fingerprint is vyos_defined %} <peer-fingerprint> -{% for fp in peer_fingerprint %} +{% for fp in tls.peer_fingerprint %} {{ fp }} {% endfor %} </peer-fingerprint> diff --git a/data/vyos-firewall-init.conf b/data/vyos-firewall-init.conf index 11a5bc7bf..36d92fe93 100644 --- a/data/vyos-firewall-init.conf +++ b/data/vyos-firewall-init.conf @@ -20,7 +20,7 @@ table raw { } chain PREROUTING { - type filter hook prerouting priority -200; policy accept; + type filter hook prerouting priority -300; policy accept; counter jump VYOS_CT_IGNORE counter jump VYOS_CT_TIMEOUT counter jump VYOS_CT_PREROUTING_HOOK @@ -29,7 +29,7 @@ table raw { } chain OUTPUT { - type filter hook output priority -200; policy accept; + type filter hook output priority -300; policy accept; counter jump VYOS_CT_IGNORE counter jump VYOS_CT_TIMEOUT counter jump VYOS_CT_OUTPUT_HOOK |