summaryrefslogtreecommitdiff
path: root/data/templates/accel-ppp
AgeCommit message (Collapse)Author
2024-07-23SSTP-server: add missed pppd_compat modulemergify/bp/circinus/pr-3832Viacheslav Hletenko
(cherry picked from commit 8c8054ad5410e8aedf6ab7a0702b317872d4fd41)
2024-07-23PPTP-server: add missed pppd_compat moduleViacheslav Hletenko
(cherry picked from commit 440a3e6b89748bfd861f580fc8c4f41b58c6cec2)
2024-07-23L2TP-server: add missed pppd_compat moduleViacheslav Hletenko
(cherry picked from commit ef50cd9954a2d6eb2a041c26a0bb8ea0758b1f17)
2024-07-23IPoE-server: add missed pppd_compat moduleViacheslav Hletenko
(cherry picked from commit b92bc209cc1d6ed54a5fa052e0c27c54488ae955)
2024-05-27T4576: Accel-ppp logging level configurationkhramshinr
add ability to change logging level config for: * VPN L2TP * VPN PPTP * VPN SSTP * IPoE Server * PPPoE Serve
2024-05-15T5756: L2TP RADIUS backup and weight settingskhramshinr
2024-05-09sstp: T4393: Add support to configure host-name (SNI)Nataliia Solomko
2024-04-25pppoe-server: T6234: PPPoE-server pado-delay refactoringNataliia Solomko
2024-04-12pppoe-server: T6141: T5364: PPPoE-server add pado-delay without sessions ↵Nataliia Solomko
fails (#3296)
2024-02-15T6029: Rewritten Accel-PPP services to an identical feature setaapostoliuk
Removed dhcp-interface option (l2tp) Added wins-server (sstp) Added description (ipoe, pppoe, sstp, pptp) Added exteded-script (l2tp, sstp, pptp) Added shaper (ipoe, pptp, sstp, l2tp) Added limits (ipoe, pptp, sstp, l2tp) Added snmp ( ipoe, pptp,sstp, l2tp) Refactoring and reformated code.
2024-02-07T5960: Rewritten authentication node in PPTP to a single viewaapostoliuk
Rewritten authentication node in accel-ppp services to a single view. In particular - PPTP authentication.
2024-01-29T5971: Rewritten ppp options in accel-ppp servicesaapostoliuk
Rewritten 'ppp-options' to the same view in all accel-ppp services. Adding IPv6 support to PPTP.
2024-01-16T5865: Moved ipv6 pools to named ipv6 pools in accel-pppaapostoliuk
Moved ipv6 pools to named ipv6 pools in accel-ppp services
2024-01-09T5688: Changed 'range' to multi in 'client-ip-pool' for accell-pppaapostoliuk
Changed node 'range' to multi in 'client-ip-pool' for accell-ppp services. Added completionHelp to default-pool and next-pool. Fixed verification in vpn l2tp config script.
2023-12-28Merge pull request #2658 from aapostoliuk/T5801-circinusChristian Breunig
T5801: Rewritten L2TP to get_config_dict
2023-12-28Merge pull request #2695 from aapostoliuk/T5842-circinusChristian Breunig
T5842: Rewritten PPTP to get_config_dict
2023-12-27T5842: Rewritten PPTP to get_config_dictaapostoliuk
Rewritten PPTP to get_config_dict Fixed 'dynamic-author' commands. These commands did not create anything in accel-ppp config.
2023-12-27T5859: Fixed format of pool range in the accel-ppp configaapostoliuk
Fixed format of ipv4 pool range from 'x.x.x.x-x.x.x.y' to 'x.x.x.x-y'
2023-12-20T5801: Rewritten L2TP to get_config_dictaapostoliuk
Rewritten L2TP to get_config_dict Rewritten L2TP xml to accel-ppp patterns Migrated 'idle' to 'ppp-options.lcp-echo-timeout' Migrated 'authentication.mppe' to 'ppp-options.mppe' Migrated 'authentication.radius.dae-server' to 'authentication.radius.dynamic-author' Migrated 'authentication.require' to 'authentication.protocol' Added 'authentication.radius.acct-interim-jitter' Added 'authentication.radius.preallocate-vif' Added 'authentication.radius.server.<IP>.acct-port' Added 'ppp-options.ipv4' Added smoke-tests Fixed 'preallocate-vif' in SSTP
2023-12-04accel-ppp: T5688: Standardized pool configuration in accel-pppaapostoliuk
Standardized pool configuration for all accel-ppp services. 1. Only named pools are used now. 2. Allows all services to use range in x.x.x.x/mask and x.x.x.x-x.x.x.y format 3. next-pool can be used in all services 2. Allows to use in ipoe gw-ip-address without pool configuration which allows to use Fraimed-IP-Address attribute by radius. 3. Default pool name should be explicidly configured with default-pool. 4. In ipoe netmask and range subnet can be different.
2023-11-06T5716: Fix accel-ppp template down-limiter does not rely on fwmarkViacheslav Hletenko
accel-ppp template shaper `down-limiter` does not rely on `fwmark` Fix it
2023-11-02T5704: PPPoE L2TP SSTP IPoE add option max-concurrent-sessionsViacheslav Hletenko
Add `max-starting` option: [common] max-starting=N Specifies maximum concurrent session attempts which server may processed set service pppoe-server max-concurrent-sessions '30' Useful to prevent high CPU utilization and compat execution scripts per time.
2023-09-03ipoe: T5542: fix Jinja2 template and add missing dhcp relay configNiklas Polte
2023-05-10T5213: Add accounting-interim-interval option for PPTP-serverViacheslav Hletenko
Add RADIUS accounting-interim-interval option for PPTP-server Specifies interval in seconds to send accounting information (may be overridden by radius Acct-Interim-Interval attribute) set vpn pptp remote-access authentication radius accounting-interim-interval '52'
2023-05-10T5213: Add accounting-interim-interval option for L2TP-serverViacheslav Hletenko
Add RADIUS accounting-interim-interval option for L2TP-server Specifies interval in seconds to send accounting information (may be overridden by radius Acct-Interim-Interval attribute) set vpn l2tp remote-access authentication radius accounting-interim-interval '120'
2023-05-09T5213: Add accounting-interim-interval option for PPPoE IPoE SSTPViacheslav Hletenko
Add RADIUS accounting-interim-interval option for PPPoE/IPoE/SSTP servers. Specifies interval in seconds to send accounting information (may be overridden by radius Acct-Interim-Interval attribute) set service pppoe-server authentication radius accounting-interim-interval '60'
2023-04-11T4727: Change and fix RADIUS rate-limit option for pptpViacheslav Hletenko
Initially the option 'rate-limit' was implemented with the wrong place in the CLI: set vpn pptp remote-access authentication rate-limit <xxx> Expected under 'radius' section: set vpn pptp remote-access authentication radius rate-limit <xxx> Configuration for 'rate-limit' (Jinja2 template) never worked for pptp, fix it.
2023-03-21T5099: IPoE-server add option next-pool for named ip poolsViacheslav Hletenko
In cases with multiple named IP pools, it is required the option 'next' to be sure that if IP addresses ended in one pool, then they would begin to be allocated from the next named pool. For accel-ppp it requires specific order as pool must be defined before we can use it with the 'next-option' set service ipoe-server client-ip-pool name first-pool subnet '192.0.2.0/25' set service ipoe-server client-ip-pool name first-pool next-pool 'second-pool' set service ipoe-server client-ip-pool name second-pool subnet '203.0.113.0/25' [ip-pool] 203.0.113.0/25,name=second-pool 192.0.2.0/25,name=first-pool,next=second-pool
2023-03-16T5092: IPoE-server named pool must not rely on auth typeViacheslav Hletenko
Named pools for ipoe-server must not rely on autentication type It is a separate global option for [ipoe] and [ip-pool] sections
2023-03-09T5073: IPoE-server fix parse empty range optionViacheslav Hletenko
If the 'client-subnet' is not used we must exclude it from the ipoe.config.j2 template. Otherwise we get wrong empty parameter ',range=,'
2023-03-07T5057: Fix IPoE regex Jinja2 for interfaceViacheslav Hletenko
Fix incorrect regex '\d+' when used vlan ranges For example 'ipoe-server interface eth1 vlan 2000-3000' - replace 'interface=re:eth1\.\d+' => 'interface=re:^eth1\.(200\d|20[1-9]\d|2[1-9]\d{2}|3000)$'
2023-03-06T5056: Fix IPoE server template for vlan-monViacheslav Hletenko
After rewriting IPoE server for config.dict the ipoe.config.j2 template wasn't changed for 'vlan-mon' section Fix it
2023-02-17T5005: PPPoE server allow any login with option noauthViacheslav Hletenko
Disabling authentication is useful in emergency situations (e.g. RADIUS server is down) or testing purposes. Clients can connect with any login and username. set service pppoe-server authentication mode 'noauth'
2023-02-10Merge pull request #1808 from sever-sever/T1993Christian Breunig
T1993: PPPoE-server add section shaper and fwmark option
2023-02-09Merge pull request #1803 from sever-sever/T4971Christian Breunig
T4971: PPPoE server add named ip pool and attr Framed-Pool
2023-02-08T1993: PPPoE-server add section shaper and fwmark optionViacheslav Hletenko
Extended PPPoE-server rate-limiter to avoid shaping marked resources Often this feature needs for ISP, which provides access to some IX or its resources. set service pppoe-server shaper fwmark '223'
2023-02-08T2603: PPPoE-server change default min-mtu value 1280Viacheslav Hletenko
Minimum acceptable MTU. If client will try to negotiate less then specified MTU then it will be NAKed or disconnected if rejects greater MTU. Change 'min-mtu' from 1492 to 1280
2023-02-07T4971: PPPoE server add named ip pool and attr Framed-PoolViacheslav Hletenko
Add a new feature to allow to use named pools Also it can be used with RADIUS attribute 'Framed-Pool' set service pppoe-server client-ip-pool name POOL1 gateway-address '192.0.2.1' set service pppoe-server client-ip-pool name POOL1 subnet '192.0.2.0/24'
2022-12-30T4893: Add ppp-options ipv6-interface-id for L2TPViacheslav Hletenko
Add ppp-options IPv6 interface id for vpn L2TP - fixed or random interface identifier for IPv6 - peer interface identifier for IPv6 - whether to accept peer’s interface identifier set vpn l2tp remote-access ppp-options ipv6-accept-peer-intf-id set vpn l2tp remote-access ppp-options ipv6-intf-id 'random' set vpn l2tp remote-access ppp-options ipv6-peer-intf-id 'calling-sid'
2022-12-09T4868: Fix l2tp ppp IPv6 options in template and config get dictViacheslav Hletenko
L2TP 'ppp-options ipv6 x' can work without declaring IPv6 pool As we can get addresses via RADIUS attributes: - Framed-IPv6-Prefix - Delegated-IPv6-Prefix
2022-12-08T4117: Fix for L2TP DAE CoA server configurationViacheslav Hletenko
Fix l2tp dae server template and python config dict for correctlly handling Dynamic Authorization Extension server configuration
2022-10-06T4727: add support for RADIUS rate limiting to PPTP (#1570)Daniil Baturin
2022-09-21ipoe: T4678: T4703: rewrite to get_config_dict()Christian Poessinger
In addition to the rewrite to make use of get_config_dict() the CLI is slightly adjusted as specified in T4703. * Rename vlan-id and vlan-range to simply vlan * Rename network-mode to simply mode * Re-use existing common Jinja2 template for Accel-PPP which are shared with PPPoE and SSTP server. * Retrieve default values via defaultValue XML node
2022-09-17pppoe-server: T4703: combine vlan-id and vlan-range into single CLI nodeChristian Poessinger
The initial Accel-PPP PPPoE implementation used: set service pppoe-server interface <name> vlan-id <id> set service pppoe-server interface <name> vlan-range <start-stop> This is actually a duplicated CLI node.
2022-07-02ipoe: T4507: Add option rate-limit for RADIUS authenticationViacheslav Hletenko
Add rate-limit options: attribute, muptiplier and vendor set service ipoe-server auth radius rate-limit attribute 'Mikrotik-Rate-Limit' set service ipoe-server auth radius rate-limit enable set service ipoe-server auth radius rate-limit multiplier '0.001' set service ipoe-server auth radius rate-limit vendor 'Miktorik'
2022-05-26sstp: T4444. Port number changing supportgoodNETnick
2022-05-16Merge pull request #1290 from sever-sever/T4373Christian Poessinger
ppppoe-server: T4373: Add option multiplier for correct shaping
2022-05-16pppoe-server: T4373: Add option multiplier for correct shapingViacheslav Hletenko
Multiplier option is required by some vendors for correct shaping For RADIUS based rate-limits edit service pppoe-server set authentication radius rate-limit multiplier '0.001'
2022-05-01accel-ppp: T4353: fix Jinja2 linting errorsChristian Poessinger
2022-04-11T4353: enable linting of Jinja2 templatesChristian Poessinger