summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rwxr-xr-xsrc/conf_mode/vpn_l2tp.py47
1 files changed, 22 insertions, 25 deletions
diff --git a/src/conf_mode/vpn_l2tp.py b/src/conf_mode/vpn_l2tp.py
index fbccc93d1..08654e2ff 100755
--- a/src/conf_mode/vpn_l2tp.py
+++ b/src/conf_mode/vpn_l2tp.py
@@ -22,6 +22,7 @@ from stat import S_IRUSR, S_IWUSR, S_IRGRP
from sys import exit
from time import sleep
+from ipaddress import ip_network
from jinja2 import FileSystemLoader, Environment
from vyos.config import Config
@@ -40,7 +41,8 @@ default_config_data = {
'chap_secrets_file': l2tp_chap_secrets, # used in Jinja2 template
'client_ip_pool': None,
'client_ip_subnets': [],
- 'client_ipv6_pool': {},
+ 'client_ipv6_pool': [],
+ 'client_ipv6_delegate_prefix': [],
'dnsv4': [],
'dnsv6': [],
'gateway_address': '10.255.255.0',
@@ -62,9 +64,7 @@ default_config_data = {
'radius_shaper_vendor': '',
'radius_dynamic_author': '',
'wins': [],
- 'ip6_column': '',
- 'ip6_dp_column': '',
- 'ppp_options': {},
+ 'ip6_column': [],
'thread_cnt': 1
}
@@ -232,32 +232,30 @@ def get_config():
l2tp['client_ip_subnets'] = conf.return_values(['client-ip-pool', 'subnet'])
if conf.exists(['client-ipv6-pool', 'prefix']):
- l2tp['client_ipv6_pool']['prefix'] = conf.return_values(
- 'client-ipv6-pool prefix')
- l2tp['ip6_column'] = 'ip6,'
+ l2tp['client_ipv6_pool'] = conf.return_values(['client-ipv6-pool', 'prefix'])
+ l2tp['ip6_column'].append('ip6')
- if conf.exists('client-ipv6-pool delegate-prefix'):
- l2tp['client_ipv6_pool']['delegate_prefix'] = conf.return_values(
- 'client-ipv6-pool delegate-prefix')
- l2tp['ip6_dp_column'] = 'ip6-dp,'
+ if conf.exists(['client-ipv6-pool', 'delegate-prefix']):
+ l2tp['client_ipv6_delegate_prefix'] = conf.return_values(['client-ipv6-pool', 'delegate-prefix'])
+ l2tp['ip6_column'].append('ip6-dp')
- if conf.exists('mtu'):
- l2tp['mtu'] = conf.return_value('mtu')
+ if conf.exists(['mtu']):
+ l2tp['mtu'] = conf.return_value(['mtu'])
# gateway address
- if conf.exists('gateway-address'):
- l2tp['gateway_address'] = conf.return_value('gateway-address')
+ if conf.exists(['gateway-address']):
+ l2tp['gateway_address'] = conf.return_value(['gateway-address'])
else:
# calculate gw-ip-address
- if conf.exists('client-ip-pool start'):
+ if conf.exists(['client-ip-pool', 'start']):
# use start ip as gw-ip-address
- l2tp['gateway_address'] = conf.return_value(
- 'client-ip-pool start')
- elif conf.exists('client-ip-pool subnet'):
+ l2tp['gateway_address'] = conf.return_value(['client-ip-pool', 'start'])
+
+ elif conf.exists(['client-ip-pool', 'subnet']):
# use first ip address from first defined pool
- lst_ip = re.findall("\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}", conf.return_values(
- 'client-ip-pool subnet')[0])
- l2tp['gateway_address'] = lst_ip[0]
+ subnet = conf.return_values(['client-ip-pool', 'subnet'])[0]
+ subnet = ip_network(subnet)
+ l2tp['gateway_address'] = str(list(subnet.hosts())[0])
# LNS secret
if conf.exists(['lns', 'shared-secret']):
@@ -305,9 +303,8 @@ def verify(l2tp):
"set vpn l2tp remote-access client-ip-pool requires subnet or start/stop IP pool")
# check ipv6
- if 'delegate_prefix' in l2tp['client_ipv6_pool'] and not 'prefix' in l2tp['client_ipv6_pool']:
- raise ConfigError(
- "\"set vpn l2tp remote-access client-ipv6-pool prefix\" required for delegate-prefix ")
+ if l2tp['client_ipv6_delegate_prefix'] and not l2tp['client_ipv6_pool']:
+ raise ConfigError('IPv6 prefix delegation requires client-ipv6-pool prefix')
if len(l2tp['wins']) > 2:
raise ConfigError('Not more then two IPv4 WINS name-servers can be configured')