From 264f86db9b7a965f6f3f096f70ea5f4f317ebebd Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sun, 10 Apr 2022 20:15:54 +0200 Subject: wifi: T4333: migrate to new vyos_defined Jinja2 test --- data/templates/wifi/cfg80211.conf.tmpl | 2 +- data/templates/wifi/crda.tmpl | 2 +- data/templates/wifi/hostapd.conf.tmpl | 205 +++++++++++++-------------- data/templates/wifi/wpa_supplicant.conf.tmpl | 4 +- 4 files changed, 105 insertions(+), 108 deletions(-) diff --git a/data/templates/wifi/cfg80211.conf.tmpl b/data/templates/wifi/cfg80211.conf.tmpl index 91df57aab..c029f1311 100644 --- a/data/templates/wifi/cfg80211.conf.tmpl +++ b/data/templates/wifi/cfg80211.conf.tmpl @@ -1 +1 @@ -{{ 'options cfg80211 ieee80211_regdom=' + regdom if regdom is defined }} +{{ 'options cfg80211 ieee80211_regdom=' ~ regdom if regdom is vyos_defined }} diff --git a/data/templates/wifi/crda.tmpl b/data/templates/wifi/crda.tmpl index 6cd125e37..e6428f34d 100644 --- a/data/templates/wifi/crda.tmpl +++ b/data/templates/wifi/crda.tmpl @@ -1 +1 @@ -{{ 'REGDOMAIN=' + regdom if regdom is defined }} +{{ 'REGDOMAIN=' ~ regdom if regdom is vyos_defined }} diff --git a/data/templates/wifi/hostapd.conf.tmpl b/data/templates/wifi/hostapd.conf.tmpl index 433e1d36f..79d005b15 100644 --- a/data/templates/wifi/hostapd.conf.tmpl +++ b/data/templates/wifi/hostapd.conf.tmpl @@ -11,7 +11,7 @@ device_name={{ description | truncate(32, True) }} # command line parameter. interface={{ ifname }} -{% if is_bridge_member is defined %} +{% if is_bridge_member is vyos_defined %} # In case of atheros and nl80211 driver interfaces, an additional # configuration parameter, bridge, may be used to notify hostapd if the # interface is included in a bridge. This parameter is not used with Host AP @@ -72,7 +72,7 @@ ssid={{ ssid }} channel={{ channel }} {% endif %} -{% if mode is defined and mode is not none %} +{% if mode is vyos_defined %} # Operation mode (a = IEEE 802.11a (5 GHz), b = IEEE 802.11b (2.4 GHz), # g = IEEE 802.11g (2.4 GHz), ad = IEEE 802.11ad (60 GHz); a/g options are used # with IEEE 802.11n (HT), too, to specify band). For IEEE 802.11ac (VHT), this @@ -81,9 +81,9 @@ channel={{ channel }} # special value "any" can be used to indicate that any support band can be used. # This special case is currently supported only with drivers with which # offloaded ACS is used. -{% if mode == 'n' %} +{% if mode is vyos_defined('n') %} hw_mode=g -{% elif mode == 'ac' %} +{% elif mode is vyos_defined('ac') %} hw_mode=a ieee80211h=1 ieee80211ac=1 @@ -104,7 +104,7 @@ ieee80211w=1 ieee80211w=2 {% endif %} -{% if capabilities is defined and capabilities.ht is defined %} +{% if capabilities is vyos_defined %} # ht_capab: HT capabilities (list of flags) # LDPC coding capability: [LDPC] = supported # Supported channel width set: [HT40-] = both 20 MHz and 40 MHz with secondary @@ -140,52 +140,52 @@ ieee80211w=2 # L-SIG TXOP protection support: [LSIG-TXOP-PROT] (disabled if not set) {% set output = namespace(value='') %} -{% if capabilities.ht.fourtymhz_incapable is defined %} -{% set output.value = output.value + '[40-INTOLERANT]' %} +{% if capabilities.ht.fourtymhz_incapable is vyos_defined %} +{% set output.value = output.value ~ '[40-INTOLERANT]' %} {% endif %} -{% if capabilities.ht.delayed_block_ack is defined %} -{% set output.value = output.value + '[DELAYED-BA]' %} +{% if capabilities.ht.delayed_block_ack is vyos_defined %} +{% set output.value = output.value ~ '[DELAYED-BA]' %} {% endif %} -{% if capabilities.ht.dsss_cck_40 is defined %} -{% set output.value = output.value + '[DSSS_CCK-40]' %} +{% if capabilities.ht.dsss_cck_40 is vyos_defined %} +{% set output.value = output.value ~ '[DSSS_CCK-40]' %} {% endif %} -{% if capabilities.ht.greenfield is defined %} -{% set output.value = output.value + '[GF]' %} +{% if capabilities.ht.greenfield is vyos_defined %} +{% set output.value = output.value ~ '[GF]' %} {% endif %} -{% if capabilities.ht.ldpc is defined %} -{% set output.value = output.value + '[LDPC]' %} +{% if capabilities.ht.ldpc is vyos_defined %} +{% set output.value = output.value ~ '[LDPC]' %} {% endif %} -{% if capabilities.ht.lsig_protection is defined %} -{% set output.value = output.value + '[LSIG-TXOP-PROT]' %} +{% if capabilities.ht.lsig_protection is vyos_defined %} +{% set output.value = output.value ~ '[LSIG-TXOP-PROT]' %} {% endif %} -{% if capabilities.ht.stbc is defined and capabilities.ht.stbc.tx is defined %} -{% set output.value = output.value + '[TX-STBC]' %} +{% if capabilities.ht.stbc.tx is vyos_defined %} +{% set output.value = output.value ~ '[TX-STBC]' %} {% endif %} -{% if capabilities.ht.stbc is defined and capabilities.ht.stbc.rx is defined %} -{% set output.value = output.value + '[RX-STBC-' + capabilities.ht.stbc.rx | upper + ']' %} +{% if capabilities.ht.stbc.rx is vyos_defined %} +{% set output.value = output.value ~ '[RX-STBC-' ~ capabilities.ht.stbc.rx | upper ~ ']' %} {% endif %} -{% if capabilities.ht.max_amsdu is defined %} -{% set output.value = output.value + '[MAX-AMSDU-' + capabilities.ht.max_amsdu + ']' %} +{% if capabilities.ht.max_amsdu is vyos_defined %} +{% set output.value = output.value ~ '[MAX-AMSDU-' ~ capabilities.ht.max_amsdu ~ ']' %} {% endif %} -{% if capabilities.ht.smps is defined %} -{% set output.value = output.value + '[SMPS-' + capabilities.ht.smps | upper + ']' %} +{% if capabilities.ht.smps is vyos_defined %} +{% set output.value = output.value ~ '[SMPS-' ~ capabilities.ht.smps | upper ~ ']' %} {% endif %} -{% if capabilities.ht.channel_set_width is defined %} +{% if capabilities.ht.channel_set_width is vyos_defined %} {% for csw in capabilities.ht.channel_set_width %} -{% set output.value = output.value + '[' + csw | upper + ']' %} +{% set output.value = output.value ~ '[' ~ csw | upper ~ ']' %} {% endfor %} {% endif %} -{% if capabilities.ht.short_gi is defined %} +{% if capabilities.ht.short_gi is vyos_defined %} {% for short_gi in capabilities.ht.short_gi %} -{% set output.value = output.value + '[SHORT-GI-' + short_gi | upper + ']' %} +{% set output.value = output.value ~ '[SHORT-GI-' ~ short_gi | upper ~ ']' %} {% endfor %} {% endif %} ht_capab={{ output.value }} -{% if capabilities.ht.auto_powersave is defined %} +{% if capabilities.ht.auto_powersave is vyos_defined %} # WMM-PS Unscheduled Automatic Power Save Delivery [U-APSD] # Enable this flag if U-APSD supported outside hostapd (eg., Firmware/driver) uapsd_advertisement_enabled=1 @@ -196,12 +196,12 @@ uapsd_advertisement_enabled=1 wme_enabled=1 -{% if capabilities is defined and capabilities.require_ht is defined %} +{% if capabilities.require_ht is vyos_defined %} # Require stations to support HT PHY (reject association if they do not) require_ht=1 {% endif %} -{% if capabilities is defined and capabilities.vht is defined %} +{% if capabilities.vht is vyos_defined %} # vht_capab: VHT capabilities (list of flags) # # vht_max_mpdu_len: [MAX-MPDU-7991] [MAX-MPDU-11454] @@ -297,7 +297,7 @@ require_ht=1 # Indicates the maximum length of A-MPDU pre-EOF padding that the STA can recv # This field is an integer in the range of 0 to 7. # The length defined by this field is equal to -# 2 pow(13 + Maximum A-MPDU Length Exponent) -1 octets +# 2 pow(13 ~ Maximum A-MPDU Length Exponent) -1 octets # # VHT Link Adaptation Capable: [VHT-LINK-ADAPT2] [VHT-LINK-ADAPT3] # Indicates whether or not the STA supports link adaptation using VHT variant @@ -320,84 +320,83 @@ require_ht=1 # 0 = Tx antenna pattern might change during the lifetime of an association # 1 = Tx antenna pattern does not change during the lifetime of an -{% if capabilities.vht.center_channel_freq is defined and capabilities.vht.center_channel_freq.freq_1 is defined %} -# center freq = 5 GHz + (5 * index) +{% if capabilities.vht.center_channel_freq.freq_1 is vyos_defined %} +# center freq = 5 GHz ~ (5 * index) # So index 42 gives center freq 5.210 GHz # which is channel 42 in 5G band vht_oper_centr_freq_seg0_idx={{ capabilities.vht.center_channel_freq.freq_1 }} {% endif %} -{% if capabilities.vht.center_channel_freq is defined and capabilities.vht.center_channel_freq.freq_2 is defined %} -# center freq = 5 GHz + (5 * index) +{% if capabilities.vht.center_channel_freq.freq_2 is vyos_defined %} +# center freq = 5 GHz ~ (5 * index) # So index 159 gives center freq 5.795 GHz # which is channel 159 in 5G band vht_oper_centr_freq_seg1_idx={{ capabilities.vht.center_channel_freq.freq_2 }} {% endif %} -{% if capabilities.vht.channel_set_width is defined %} +{% if capabilities.vht.channel_set_width is vyos_defined %} vht_oper_chwidth={{ capabilities.vht.channel_set_width }} {% endif %} {% set output = namespace(value='') %} -{% if capabilities.vht.stbc is defined and capabilities.vht.stbc.tx is defined %} -{% set output.value = output.value + '[TX-STBC-2BY1]' %} +{% if capabilities.vht.stbc.tx is vyos_defined %} +{% set output.value = output.value ~ '[TX-STBC-2BY1]' %} {% endif %} -{% if capabilities.vht.stbc is defined and capabilities.vht.stbc.rx is defined %} -{% set output.value = output.value + '[RX-STBC-' + capabilities.vht.stbc.rx + ']' %} +{% if capabilities.vht.stbc.rx is vyos_defined %} +{% set output.value = output.value ~ '[RX-STBC-' ~ capabilities.vht.stbc.rx ~ ']' %} {% endif %} -{% if capabilities.vht.ldpc is defined %} -{% set output.value = output.value + '[RXLDPC]' %} +{% if capabilities.vht.ldpc is vyos_defined %} +{% set output.value = output.value ~ '[RXLDPC]' %} {% endif %} -{% if capabilities.vht.tx_powersave is defined %} -{% set output.value = output.value + '[VHT-TXOP-PS]' %} +{% if capabilities.vht.tx_powersave is vyos_defined %} +{% set output.value = output.value ~ '[VHT-TXOP-PS]' %} {% endif %} -{% if capabilities.vht.vht_cf is defined %} -{% set output.value = output.value + '[HTC-VHT]' %} +{% if capabilities.vht.vht_cf is vyos_defined %} +{% set output.value = output.value ~ '[HTC-VHT]' %} {% endif %} -{% if capabilities.vht.antenna_pattern_fixed is defined %} -{% set output.value = output.value + '[RX-ANTENNA-PATTERN][TX-ANTENNA-PATTERN]' %} +{% if capabilities.vht.antenna_pattern_fixed is vyos_defined %} +{% set output.value = output.value ~ '[RX-ANTENNA-PATTERN][TX-ANTENNA-PATTERN]' %} {% endif %} -{% if capabilities.vht.max_mpdu is defined %} -{% set output.value = output.value + '[MAX-MPDU-' + capabilities.vht.max_mpdu + ']' %} +{% if capabilities.vht.max_mpdu is vyos_defined %} +{% set output.value = output.value ~ '[MAX-MPDU-' ~ capabilities.vht.max_mpdu ~ ']' %} {% endif %} -{% if capabilities.vht.max_mpdu_exp is defined %} -{% set output.value = output.value + '[MAX-A-MPDU-LEN-EXP-' + capabilities.vht.max_mpdu_exp + ']' %} -{% endif %} -{% if capabilities.vht.max_mpdu_exp is defined and capabilities.vht.max_mpdu_exp == '2' %} -{% set output.value = output.value + '[VHT160]' %} -{% endif %} -{% if capabilities.vht.max_mpdu_exp is defined and capabilities.vht.max_mpdu_exp == '3' %} -{% set output.value = output.value + '[VHT160-80PLUS80]' %} -{% endif %} -{% if capabilities.vht.link_adaptation is defined and capabilities.vht.link_adaptation == 'unsolicited' %} -{% set output.value = output.value + '[VHT-LINK-ADAPT2]' %} +{% if capabilities.vht.max_mpdu_exp is vyos_defined %} +{% set output.value = output.value ~ '[MAX-A-MPDU-LEN-EXP-' ~ capabilities.vht.max_mpdu_exp ~ ']' %} +{% if capabilities.vht.max_mpdu_exp is vyos_defined('2') %} +{% set output.value = output.value ~ '[VHT160]' %} +{% endif %} +{% if capabilities.vht.max_mpdu_exp is vyos_defined('3') %} +{% set output.value = output.value ~ '[VHT160-80PLUS80]' %} +{% endif %} {% endif %} -{% if capabilities.vht.link_adaptation is defined and capabilities.vht.link_adaptation == 'both' %} -{% set output.value = output.value + '[VHT-LINK-ADAPT3]' %} +{% if capabilities.vht.link_adaptation is vyos_defined('unsolicited') %} +{% set output.value = output.value ~ '[VHT-LINK-ADAPT2]' %} +{% elif capabilities.vht.link_adaptation is vyos_defined('both') %} +{% set output.value = output.value ~ '[VHT-LINK-ADAPT3]' %} {% endif %} -{% for short_gi in capabilities.vht.short_gi if capabilities.vht.short_gi is defined %} -{% set output.value = output.value + '[SHORT-GI-' + short_gi | upper + ']' %} +{% for short_gi in capabilities.vht.short_gi if capabilities.vht.short_gi is vyos_defined %} +{% set output.value = output.value ~ '[SHORT-GI-' ~ short_gi | upper ~ ']' %} {% endfor %} -{% for beamform in capabilities.vht.beamform if capabilities.vht.beamform is defined %} -{% set output.value = output.value + '[SU-BEAMFORMER]' if beamform == 'single-user-beamformer' else '' %} -{% set output.value = output.value + '[SU-BEAMFORMEE]' if beamform == 'single-user-beamformee' else '' %} -{% set output.value = output.value + '[MU-BEAMFORMER]' if beamform == 'multi-user-beamformer' else '' %} -{% set output.value = output.value + '[MU-BEAMFORMEE]' if beamform == 'multi-user-beamformee' else '' %} +{% for beamform in capabilities.vht.beamform if capabilities.vht.beamform is vyos_defined %} +{% set output.value = output.value ~ '[SU-BEAMFORMER]' if beamform is vyos_defined('single-user-beamformer') else '' %} +{% set output.value = output.value ~ '[SU-BEAMFORMEE]' if beamform is vyos_defined('single-user-beamformee') else '' %} +{% set output.value = output.value ~ '[MU-BEAMFORMER]' if beamform is vyos_defined('multi-user-beamformer') else '' %} +{% set output.value = output.value ~ '[MU-BEAMFORMEE]' if beamform is vyos_defined('multi-user-beamformee') else '' %} {% endfor %} -{% if capabilities.vht.antenna_count is defined and capabilities.vht.antenna_count|int > 1 %} -{% if capabilities.vht.beamform %} -{% if beamform == 'single-user-beamformer' %} -{% if capabilities.vht.antenna_count is defined and capabilities.vht.antenna_count|int > 1 and capabilities.vht.antenna_count|int < 6 %} -{% set output.value = output.value + '[BF-ANTENNA-' + capabilities.vht.antenna_count|int -1 + ']' %} -{% set output.value = output.value + '[SOUNDING-DIMENSION-' + capabilities.vht.antenna_count|int -1 + ']' %} +{% if capabilities.vht.antenna_count is vyos_defined and capabilities.vht.antenna_count | int > 1 %} +{% if capabilities.vht.beamform is vyos_defined %} +{% if capabilities.vht.beamform == 'single-user-beamformer' %} +{% if capabilities.vht.antenna_count is vyos_defined and capabilities.vht.antenna_count | int > 1 and capabilities.vht.antenna_count | int < 6 %} +{% set output.value = output.value ~ '[BF-ANTENNA-' ~ capabilities.vht.antenna_count | int -1 ~ ']' %} +{% set output.value = output.value ~ '[SOUNDING-DIMENSION-' ~ capabilities.vht.antenna_count | int -1 ~ ']' %} {% endif %} {% endif %} -{% if capabilities.vht.antenna_count is defined and capabilities.vht.antenna_count|int > 1 and capabilities.vht.antenna_count|int < 5 %} -{% set output.value = output.value + '[BF-ANTENNA-' + capabilities.vht.antenna_count + ']' %} -{% set output.value = output.value + '[SOUNDING-DIMENSION-' + capabilities.vht.antenna_count+ ']' %} +{% if capabilities.vht.antenna_count is vyos_defined and capabilities.vht.antenna_count | int > 1 and capabilities.vht.antenna_count | int < 5 %} +{% set output.value = output.value ~ '[BF-ANTENNA-' ~ capabilities.vht.antenna_count ~ ']' %} +{% set output.value = output.value ~ '[SOUNDING-DIMENSION-' ~ capabilities.vht.antenna_count ~ ']' %} {% endif %} {% endif %} {% endif %} @@ -410,7 +409,7 @@ vht_capab={{ output.value }} # 1 = enabled # Note: You will also need to enable WMM for full HT functionality. # Note: hw_mode=g (2.4 GHz) and hw_mode=a (5 GHz) is used to specify the band. -{% if capabilities is defined and capabilities.require_vht is defined %} +{% if capabilities.require_vht is vyos_defined %} ieee80211n=0 # Require stations to support VHT PHY (reject association if they do not) require_vht=1 @@ -422,7 +421,7 @@ ieee80211n=0 {% endif %} {% endif %} -{% if disable_broadcast_ssid is defined %} +{% if disable_broadcast_ssid is vyos_defined %} # Send empty SSID in beacons and ignore probe request frames that do not # specify full SSID, i.e., require stations to know SSID. # default: disabled (0) @@ -443,7 +442,7 @@ ignore_broadcast_ssid=1 # 2 = use external RADIUS server (accept/deny lists are searched first) macaddr_acl=0 -{% if max_stations is defined %} +{% if max_stations is vyos_defined %} # Maximum number of stations allowed in station table. New stations will be # rejected after the station table is full. IEEE 802.11 has a limit of 2007 # different association IDs, so this number should not be larger than that. @@ -451,13 +450,13 @@ macaddr_acl=0 max_num_sta={{ max_stations }} {% endif %} -{% if isolate_stations is defined %} +{% if isolate_stations is vyos_defined %} # Client isolation can be used to prevent low-level bridging of frames between # associated stations in the BSS. By default, this bridging is allowed. ap_isolate=1 {% endif %} -{% if reduce_transmit_power is defined %} +{% if reduce_transmit_power is vyos_defined %} # Add Power Constraint element to Beacon and Probe Response frames # This config option adds Power Constraint element when applicable and Country # element is added. Power Constraint element is required by Transmit Power @@ -466,7 +465,7 @@ ap_isolate=1 local_pwr_constraint={{ reduce_transmit_power }} {% endif %} -{% if expunge_failing_stations is defined %} +{% if expunge_failing_stations is vyos_defined %} # Disassociate stations based on excessive transmission failures or other # indications of connection loss. This depends on the driver capabilities and # may not be available with all drivers. @@ -474,7 +473,7 @@ disassoc_low_ack=1 {% endif %} -{% if security is defined and security.wep is defined %} +{% if security.wep is vyos_defined %} # IEEE 802.11 specifies two authentication algorithms. hostapd can be # configured to allow both of these or only one. Open system authentication # should be used with IEEE 802.1X. @@ -503,14 +502,14 @@ wep_default_key=0 # digits, depending on whether 40-bit (64-bit), 104-bit (128-bit), or # 128-bit (152-bit) WEP is used. # Only the default key must be supplied; the others are optional. -{% if security.wep.key is defined %} +{% if security.wep.key is vyos_defined %} {% for key in sec_wep_key %} wep_key{{ loop.index -1 }}={{ security.wep.key }} {% endfor %} {% endif %} -{% elif security is defined and security.wpa is defined %} +{% elif security.wpa is vyos_defined %} ##### WPA/IEEE 802.11i configuration ########################################## # Enable WPA. Setting this variable configures the AP to require WPA (either @@ -527,17 +526,15 @@ wep_key{{ loop.index -1 }}={{ security.wep.key }} # Note that WPA3 is also configured with bit1 since it uses RSN just like WPA2. # In other words, for WPA3, wpa 2 is used the configuration (and # wpa_key_mgmt=SAE for WPA3-Personal instead of wpa_key_mgmt=WPA-PSK). -{% if security.wpa.mode is defined %} -{% if security.wpa.mode == 'wpa+wpa2' %} +{% if security.wpa.mode is vyos_defined('wpa+wpa2') %} wpa=3 -{% elif security.wpa.mode == 'wpa2' or security.wpa.mode == 'wpa3' %} +{% elif security.wpa.mode is vyos_defined('wpa2') or security.wpa.mode is vyos_defined('wpa3') %} wpa=2 -{% elif security.wpa.mode == 'wpa' %} +{% elif security.wpa.mode is vyos_defined('wpa') %} wpa=1 -{% endif %} {% endif %} -{% if security.wpa.cipher is defined %} +{% if security.wpa.cipher is vyos_defined %} # Set of accepted cipher suites (encryption algorithms) for pairwise keys # (unicast packets). This is a space separated list of algorithms: # CCMP = AES in Counter mode with CBC-MAC (CCMP-128) @@ -551,7 +548,7 @@ wpa=1 # TKIP will be used as the group cipher. The optional group_cipher parameter can # be used to override this automatic selection. -{% if security.wpa.mode is defined and security.wpa.mode == 'wpa2' %} +{% if security.wpa.mode is vyos_defined('wpa2') %} # Pairwise cipher for RSN/WPA2 (default: use wpa_pairwise value) rsn_pairwise={{ security.wpa.cipher | join(" ") }} {% else %} @@ -560,7 +557,7 @@ wpa_pairwise={{ security.wpa.cipher | join(" ") }} {% endif %} {% endif %} -{% if security.wpa.group_cipher is defined %} +{% if security.wpa.group_cipher is vyos_defined %} # Optional override for automatic group cipher selection # This can be used to select a specific group cipher regardless of which # pairwise ciphers were enabled for WPA and RSN. It should be noted that @@ -570,7 +567,7 @@ wpa_pairwise={{ security.wpa.cipher | join(" ") }} group_cipher={{ security.wpa.group_cipher | join(" ") }} {% endif %} -{% if security.wpa.passphrase is defined %} +{% if security.wpa.passphrase is vyos_defined %} # IEEE 802.11 specifies two authentication algorithms. hostapd can be # configured to allow both of these or only one. Open system authentication # should be used with IEEE 802.1X. @@ -594,13 +591,13 @@ wpa_passphrase={{ security.wpa.passphrase }} # WPA-EAP-SHA256 = WPA2-Enterprise using SHA256 # SAE = SAE (WPA3-Personal) # WPA-EAP-SUITE-B-192 = WPA3-Enterprise with 192-bit security/CNSA suite -{% if security.wpa.mode is defined and security.wpa.mode == 'wpa3' %} +{% if security.wpa.mode is vyos_defined('wpa3') %} wpa_key_mgmt=SAE {% else %} wpa_key_mgmt=WPA-PSK WPA-PSK-SHA256 {% endif %} -{% elif security.wpa.radius is defined %} +{% elif security.wpa.radius is vyos_defined %} ##### IEEE 802.1X-2004 related configuration ################################## # Require IEEE 802.1X authorization ieee8021x=1 @@ -614,19 +611,19 @@ ieee8021x=1 # WPA-EAP-SHA256 = WPA2-Enterprise using SHA256 # SAE = SAE (WPA3-Personal) # WPA-EAP-SUITE-B-192 = WPA3-Enterprise with 192-bit security/CNSA suite -{% if security.wpa.mode is defined and security.wpa.mode == 'wpa3' %} +{% if security.wpa.mode is vyos_defined('wpa3') %} wpa_key_mgmt=WPA-EAP-SUITE-B-192 {% else %} wpa_key_mgmt=WPA-EAP WPA-EAP-SHA256 {% endif %} -{% if security.wpa.radius.server is defined %} +{% if security.wpa.radius.server is vyos_defined %} # RADIUS client forced local IP address for the access point # Normally the local IP address is determined automatically based on configured # IP addresses, but this field can be used to force a specific address to be # used, e.g., when the device has multiple IP addresses. # The own IP address of the access point (used as NAS-IP-Address) -{% if security.wpa.radius.source_address is defined %} +{% if security.wpa.radius.source_address is vyos_defined %} radius_client_addr={{ security.wpa.radius.source_address }} own_ip_addr={{ security.wpa.radius.source_address }} {% else %} diff --git a/data/templates/wifi/wpa_supplicant.conf.tmpl b/data/templates/wifi/wpa_supplicant.conf.tmpl index 20b4f7976..56cd35a35 100644 --- a/data/templates/wifi/wpa_supplicant.conf.tmpl +++ b/data/templates/wifi/wpa_supplicant.conf.tmpl @@ -18,7 +18,7 @@ network={ # this will add latency to scanning, so enable this only when needed) scan_ssid=1 -{% if security is defined and security.wpa is defined and security.wpa.passphrase is defined %} +{% if security.wpa.passphrase is vyos_defined %} # ieee80211w: whether management frame protection is enabled # 0 = disabled (default unless changed with the global pmf parameter) # 1 = optional @@ -59,7 +59,7 @@ network={ # OWE = Opportunistic Wireless Encryption (a.k.a. Enhanced Open) # DPP = Device Provisioning Protocol # If not set, this defaults to: WPA-PSK WPA-EAP -{% if security.wpa.mode is defined and security.wpa.mode == 'wpa3' %} +{% if security.wpa.mode is vyos_defined('wpa3') %} key_mgmt=SAE {% else %} key_mgmt=WPA-PSK WPA-PSK-SHA256 -- cgit v1.2.3