From 29ed00aed66c648510480897bd92977652e5d18f Mon Sep 17 00:00:00 2001 From: sever-sever Date: Thu, 22 Oct 2020 10:35:19 +0000 Subject: accel: T2631: Add option for radius disable-accounting --- .../include/accel-radius-additions-disable-accounting.xlm.in | 7 +++++++ interface-definitions/include/accel-radius-additions.xml.i | 1 + interface-definitions/vpn_l2tp.xml.in | 1 + python/vyos/configdict.py | 5 +++++ src/conf_mode/vpn_l2tp.py | 3 +++ src/conf_mode/vpn_pptp.py | 3 +++ 6 files changed, 20 insertions(+) create mode 100644 interface-definitions/include/accel-radius-additions-disable-accounting.xlm.in diff --git a/interface-definitions/include/accel-radius-additions-disable-accounting.xlm.in b/interface-definitions/include/accel-radius-additions-disable-accounting.xlm.in new file mode 100644 index 000000000..026f67453 --- /dev/null +++ b/interface-definitions/include/accel-radius-additions-disable-accounting.xlm.in @@ -0,0 +1,7 @@ + + + Disable accounting + + + + diff --git a/interface-definitions/include/accel-radius-additions.xml.i b/interface-definitions/include/accel-radius-additions.xml.i index 598fb73f8..bf0f0ac94 100644 --- a/interface-definitions/include/accel-radius-additions.xml.i +++ b/interface-definitions/include/accel-radius-additions.xml.i @@ -29,6 +29,7 @@ 1813 + #include Mark server unavailable for <n> seconds on failure diff --git a/interface-definitions/vpn_l2tp.xml.in b/interface-definitions/vpn_l2tp.xml.in index 8802c0564..82af86470 100644 --- a/interface-definitions/vpn_l2tp.xml.in +++ b/interface-definitions/vpn_l2tp.xml.in @@ -225,6 +225,7 @@ + #include Mark server unavailable for <n> seconds on failure diff --git a/python/vyos/configdict.py b/python/vyos/configdict.py index 62df3334c..db17c33fc 100644 --- a/python/vyos/configdict.py +++ b/python/vyos/configdict.py @@ -455,6 +455,11 @@ def get_accel_dict(config, base, chap_secrets): dict['authentication']['radius']['server'][server] = dict_merge( default_values, dict['authentication']['radius']['server'][server]) + # Check option "disable-accounting" per server and replace default value from '1813' to '0' + # set vpn sstp authentication radius server x.x.x.x disable-accounting + if 'disable_accounting' in dict['authentication']['radius']['server'][server]: + dict['authentication']['radius']['server'][server]['acct_port'] = '0' + # Add individual local-user default values if vyos_dict_search('authentication.local_users.username', dict): default_values = defaults(base + ['authentication', 'local-users', 'username']) diff --git a/src/conf_mode/vpn_l2tp.py b/src/conf_mode/vpn_l2tp.py index da51b0d06..4d82a9400 100755 --- a/src/conf_mode/vpn_l2tp.py +++ b/src/conf_mode/vpn_l2tp.py @@ -161,6 +161,9 @@ def get_config(config=None): conf.set_level(base_path + ['authentication', 'radius', 'server', server]) + if conf.exists(['disable-accounting']): + radius['acct_port'] = '0' + if conf.exists(['fail-time']): radius['fail_time'] = conf.return_value(['fail-time']) diff --git a/src/conf_mode/vpn_pptp.py b/src/conf_mode/vpn_pptp.py index 306d05c60..3125ee9d0 100755 --- a/src/conf_mode/vpn_pptp.py +++ b/src/conf_mode/vpn_pptp.py @@ -121,6 +121,9 @@ def get_config(config=None): conf.set_level(base_path + ['authentication', 'radius', 'server', server]) + if conf.exists(['disable-accounting']): + radius['acct_port'] = '0' + if conf.exists(['fail-time']): radius['fail_time'] = conf.return_value(['fail-time']) -- cgit v1.2.3