From d956fda57f3288d6b23af90eab205091a0797e1a Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sun, 1 May 2022 21:11:09 +0200 Subject: accel-ppp: T4353: fix Jinja2 linting errors --- .../accel-ppp/chap-secrets.config_dict.j2 | 10 ++ .../accel-ppp/chap-secrets.config_dict.tmpl | 10 -- data/templates/accel-ppp/chap-secrets.ipoe.j2 | 18 +++ data/templates/accel-ppp/chap-secrets.ipoe.tmpl | 18 --- data/templates/accel-ppp/chap-secrets.j2 | 10 ++ data/templates/accel-ppp/chap-secrets.tmpl | 10 -- data/templates/accel-ppp/ipoe.config.j2 | 142 +++++++++++++++++ data/templates/accel-ppp/ipoe.config.tmpl | 138 ----------------- data/templates/accel-ppp/l2tp.config.j2 | 153 ++++++++++++++++++ data/templates/accel-ppp/l2tp.config.tmpl | 156 ------------------- data/templates/accel-ppp/pppoe.config.j2 | 172 +++++++++++++++++++++ data/templates/accel-ppp/pppoe.config.tmpl | 172 --------------------- data/templates/accel-ppp/pptp.config.j2 | 98 ++++++++++++ data/templates/accel-ppp/pptp.config.tmpl | 98 ------------ data/templates/accel-ppp/sstp.config.j2 | 65 ++++++++ data/templates/accel-ppp/sstp.config.tmpl | 65 -------- 16 files changed, 668 insertions(+), 667 deletions(-) create mode 100644 data/templates/accel-ppp/chap-secrets.config_dict.j2 delete mode 100644 data/templates/accel-ppp/chap-secrets.config_dict.tmpl create mode 100644 data/templates/accel-ppp/chap-secrets.ipoe.j2 delete mode 100644 data/templates/accel-ppp/chap-secrets.ipoe.tmpl create mode 100644 data/templates/accel-ppp/chap-secrets.j2 delete mode 100644 data/templates/accel-ppp/chap-secrets.tmpl create mode 100644 data/templates/accel-ppp/ipoe.config.j2 delete mode 100644 data/templates/accel-ppp/ipoe.config.tmpl create mode 100644 data/templates/accel-ppp/l2tp.config.j2 delete mode 100644 data/templates/accel-ppp/l2tp.config.tmpl create mode 100644 data/templates/accel-ppp/pppoe.config.j2 delete mode 100644 data/templates/accel-ppp/pppoe.config.tmpl create mode 100644 data/templates/accel-ppp/pptp.config.j2 delete mode 100644 data/templates/accel-ppp/pptp.config.tmpl create mode 100644 data/templates/accel-ppp/sstp.config.j2 delete mode 100644 data/templates/accel-ppp/sstp.config.tmpl (limited to 'data') diff --git a/data/templates/accel-ppp/chap-secrets.config_dict.j2 b/data/templates/accel-ppp/chap-secrets.config_dict.j2 new file mode 100644 index 000000000..51e66d57c --- /dev/null +++ b/data/templates/accel-ppp/chap-secrets.config_dict.j2 @@ -0,0 +1,10 @@ +# username server password acceptable local IP addresses shaper +{% if authentication.local_users.username is vyos_defined %} +{% for user, user_config in authentication.local_users.username.items() if user_config.disabled is not vyos_defined %} +{% if user_config.rate_limit is vyos_defined %} +{{ "%-12s" | format(user) }} * {{ "%-16s" | format(user_config.password) }} {{ "%-16s" | format(user_config.static_ip) }} {{ user_config.rate_limit.download }}/{{ user_config.rate_limit.upload }} +{% else %} +{{ "%-12s" | format(user) }} * {{ "%-16s" | format(user_config.password) }} {{ "%-16s" | format(user_config.static_ip) }} +{% endif %} +{% endfor %} +{% endif %} diff --git a/data/templates/accel-ppp/chap-secrets.config_dict.tmpl b/data/templates/accel-ppp/chap-secrets.config_dict.tmpl deleted file mode 100644 index d4e8bb2aa..000000000 --- a/data/templates/accel-ppp/chap-secrets.config_dict.tmpl +++ /dev/null @@ -1,10 +0,0 @@ -# username server password acceptable local IP addresses shaper -{% if authentication.local_users.username is vyos_defined %} -{% for user, user_config in authentication.local_users.username.items() if user_config.disabled is not vyos_defined %} -{% if user_config.rate_limit is vyos_defined %} -{{ "%-12s" | format(user) }} * {{ "%-16s" | format(user_config.password) }} {{ "%-16s" | format(user_config.static_ip) }} {{ user_config.rate_limit.download }}/{{ user_config.rate_limit.upload }} -{% else %} -{{ "%-12s" | format(user) }} * {{ "%-16s" | format(user_config.password) }} {{ "%-16s" | format(user_config.static_ip) }} -{% endif %} -{% endfor %} -{% endif %} diff --git a/data/templates/accel-ppp/chap-secrets.ipoe.j2 b/data/templates/accel-ppp/chap-secrets.ipoe.j2 new file mode 100644 index 000000000..a1430ec22 --- /dev/null +++ b/data/templates/accel-ppp/chap-secrets.ipoe.j2 @@ -0,0 +1,18 @@ +# username server password acceptable local IP addresses shaper +{% for interface in auth_interfaces %} +{% for mac in interface.mac %} +{% if mac.rate_upload and mac.rate_download %} +{% if mac.vlan_id %} +{{ interface.name }}.{{ mac.vlan_id }} * {{ mac.address | lower }} * {{ mac.rate_download }}/{{ mac.rate_upload }} +{% else %} +{{ interface.name }} * {{ mac.address | lower }} * {{ mac.rate_download }}/{{ mac.rate_upload }} +{% endif %} +{% else %} +{% if mac.vlan_id %} +{{ interface.name }}.{{ mac.vlan_id }} * {{ mac.address | lower }} * +{% else %} +{{ interface.name }} * {{ mac.address | lower }} * +{% endif %} +{% endif %} +{% endfor %} +{% endfor %} diff --git a/data/templates/accel-ppp/chap-secrets.ipoe.tmpl b/data/templates/accel-ppp/chap-secrets.ipoe.tmpl deleted file mode 100644 index 1df878fcf..000000000 --- a/data/templates/accel-ppp/chap-secrets.ipoe.tmpl +++ /dev/null @@ -1,18 +0,0 @@ -# username server password acceptable local IP addresses shaper -{% for interface in auth_interfaces %} -{% for mac in interface.mac %} -{% if mac.rate_upload and mac.rate_download %} -{% if mac.vlan_id %} -{{ interface.name }}.{{ mac.vlan_id }} * {{ mac.address | lower }} * {{ mac.rate_download }}/{{ mac.rate_upload }} -{% else %} -{{ interface.name }} * {{ mac.address | lower }} * {{ mac.rate_download }}/{{ mac.rate_upload }} -{% endif %} -{% else %} -{% if mac.vlan_id %} -{{ interface.name }}.{{ mac.vlan_id }} * {{ mac.address | lower }} * -{% else %} -{{ interface.name }} * {{ mac.address | lower }} * -{% endif %} -{% endif %} -{% endfor %} -{% endfor %} diff --git a/data/templates/accel-ppp/chap-secrets.j2 b/data/templates/accel-ppp/chap-secrets.j2 new file mode 100644 index 000000000..cc3ddc28f --- /dev/null +++ b/data/templates/accel-ppp/chap-secrets.j2 @@ -0,0 +1,10 @@ +# username server password acceptable local IP addresses shaper +{% for user in local_users %} +{% if user.state == 'enabled' %} +{% if user.upload and user.download %} +{{ "%-12s" | format(user.name) }} * {{ "%-16s" | format(user.password) }} {{ "%-16s" | format(user.ip) }} {{ user.download }}/{{ user.upload }} +{% else %} +{{ "%-12s" | format(user.name) }} * {{ "%-16s" | format(user.password) }} {{ "%-16s" | format(user.ip) }} +{% endif %} +{% endif %} +{% endfor %} diff --git a/data/templates/accel-ppp/chap-secrets.tmpl b/data/templates/accel-ppp/chap-secrets.tmpl deleted file mode 100644 index 6cace5401..000000000 --- a/data/templates/accel-ppp/chap-secrets.tmpl +++ /dev/null @@ -1,10 +0,0 @@ -# username server password acceptable local IP addresses shaper -{% for user in local_users %} -{% if user.state == 'enabled' %} -{% if user.upload and user.download %} -{{ "%-12s" | format(user.name) }} * {{ "%-16s" | format(user.password) }} {{ "%-16s" | format(user.ip) }} {{ user.download }}/{{ user.upload }} -{% else %} -{{ "%-12s" | format(user.name) }} * {{ "%-16s" | format(user.password) }} {{ "%-16s" | format(user.ip) }} -{% endif %} -{% endif %} -{% endfor %} diff --git a/data/templates/accel-ppp/ipoe.config.j2 b/data/templates/accel-ppp/ipoe.config.j2 new file mode 100644 index 000000000..3c0d47b27 --- /dev/null +++ b/data/templates/accel-ppp/ipoe.config.j2 @@ -0,0 +1,142 @@ +{# j2lint: disable=operator-enclosed-by-spaces #} +### generated by ipoe.py ### +[modules] +log_syslog +ipoe +shaper +ipv6pool +ipv6_nd +ipv6_dhcp +ippool +{% if auth_mode == 'radius' %} +radius +{% elif auth_mode == 'local' %} +chap-secrets +{% endif %} + +[core] +thread-count={{ thread_cnt }} + +[log] +syslog=accel-ipoe,daemon +copy=1 +level=5 + +[ipoe] +verbose=1 +{% for interface in interfaces %} +{% set tmp = 'interface=' %} +{% if interface.vlan_mon %} +{% set tmp = tmp ~ 're:' ~ interface.name ~ '\.\d+' %} +{% else %} +{% set tmp = tmp ~ interface.name %} +{% endif %} +{{ tmp }},shared={{ interface.shared }},mode={{ interface.mode }},ifcfg={{ interface.ifcfg }}{{ ',range=' ~ interface.range if interface.range is defined and interface.range is not none }},start={{ interface.sess_start }},ipv6=1 +{% endfor %} +{% if auth_mode == 'noauth' %} +noauth=1 +{% if client_named_ip_pool %} +{% for pool in client_named_ip_pool %} +{% if pool.subnet is defined %} +ip-pool={{ pool.name }} +{% endif %} +{% if pool.gateway_address is defined %} +gw-ip-address={{ pool.gateway_address }}/{{ pool.subnet.split('/')[1] }} +{% endif %} +{% endfor %} +{% endif %} +{% elif auth_mode == 'local' %} +username=ifname +password=csid +{% endif %} +proxy-arp=1 + +{% for interface in interfaces %} +{% if (interface.shared == '0') and (interface.vlan_mon) %} +vlan-mon={{ interface.name }},{{ interface.vlan_mon | join(',') }} +{% endif %} +{% endfor %} + +{% if dnsv4 %} +[dns] +{% for dns in dnsv4 %} +dns{{ loop.index }}={{ dns }} +{% endfor %} +{% endif %} + +{% if dnsv6 %} +[ipv6-dns] +{% for dns in dnsv6 %} +{{ dns }} +{% endfor %} +{% endif %} + +[ipv6-nd] +verbose=1 + +[ipv6-dhcp] +verbose=1 + +{% if client_named_ip_pool %} +[ip-pool] +{% for pool in client_named_ip_pool %} +{% if pool.subnet is defined %} +{{ pool.subnet }},name={{ pool.name }} +{% endif %} +{% if pool.gateway_address is defined %} +gw-ip-address={{ pool.gateway_address }}/{{ pool.subnet.split('/')[1] }} +{% endif %} +{% endfor %} +{% endif %} + +{% if client_ipv6_pool %} +[ipv6-pool] +{% for p in client_ipv6_pool %} +{{ p.prefix }},{{ p.mask }} +{% endfor %} +{% for p in client_ipv6_delegate_prefix %} +delegate={{ p.prefix }},{{ p.mask }} +{% endfor %} +{% endif %} + +{% if auth_mode == 'local' %} +[chap-secrets] +chap-secrets={{ chap_secrets_file }} +{% elif auth_mode == 'radius' %} +[radius] +verbose=1 +{% for r in radius_server %} +server={{ r.server }},{{ r.key }},auth-port={{ r.port }},acct-port={{ r.acct_port }},req-limit=0,fail-time={{ r.fail_time }} +{% endfor %} + +{% if radius_acct_inter_jitter %} +acct-interim-jitter={{ radius_acct_inter_jitter }} +{% endif %} + +acct-timeout={{ radius_acct_tmo }} +timeout={{ radius_timeout }} +max-try={{ radius_max_try }} +{% if radius_nas_id %} +nas-identifier={{ radius_nas_id }} +{% endif %} +{% if radius_nas_ip %} +nas-ip-address={{ radius_nas_ip }} +{% endif %} +{% if radius_source_address %} +bind={{ radius_source_address }} +{% endif %} +{% if radius_dynamic_author %} +dae-server={{ radius_dynamic_author.server }}:{{ radius_dynamic_author.port }},{{ radius_dynamic_author.key }} +{% endif %} +{% if radius_shaper_attr %} +[shaper] +verbose=1 +attr={{ radius_shaper_attr }} +{% if radius_shaper_vendor %} +vendor={{ radius_shaper_vendor }} +{% endif %} +{% endif %} +{% endif %} + +[cli] +tcp=127.0.0.1:2002 diff --git a/data/templates/accel-ppp/ipoe.config.tmpl b/data/templates/accel-ppp/ipoe.config.tmpl deleted file mode 100644 index 92c2d5715..000000000 --- a/data/templates/accel-ppp/ipoe.config.tmpl +++ /dev/null @@ -1,138 +0,0 @@ -### generated by ipoe.py ### -[modules] -log_syslog -ipoe -shaper -ipv6pool -ipv6_nd -ipv6_dhcp -ippool -{% if auth_mode == 'radius' %} -radius -{% elif auth_mode == 'local' %} -chap-secrets -{% endif %} - -[core] -thread-count={{ thread_cnt }} - -[log] -syslog=accel-ipoe,daemon -copy=1 -level=5 - -[ipoe] -verbose=1 -{% for interface in interfaces %} -{% if interface.vlan_mon %} -interface=re:{{ interface.name }}\.\d+,{% else %}interface={{ interface.name }},{% endif %}shared={{ interface.shared }},mode={{ interface.mode }},ifcfg={{ interface.ifcfg }}{{ ',range=' + interface.range if interface.range is defined and interface.range is not none }},start={{ interface.sess_start }},ipv6=1 -{% endfor %} -{% if auth_mode == 'noauth' %} -noauth=1 -{% if client_named_ip_pool %} -{% for pool in client_named_ip_pool %} -{% if pool.subnet is defined %} -ip-pool={{ pool.name }} -{% endif %} -{% if pool.gateway_address is defined %} -gw-ip-address={{ pool.gateway_address }}/{{ pool.subnet.split('/')[1] }} -{% endif %} -{% endfor%} -{% endif %} -{% elif auth_mode == 'local' %} -username=ifname -password=csid -{% endif %} -proxy-arp=1 - -{% for interface in interfaces %} -{% if (interface.shared == '0') and (interface.vlan_mon) %} -vlan-mon={{ interface.name }},{{ interface.vlan_mon | join(',') }} -{% endif %} -{% endfor %} - -{% if dnsv4 %} -[dns] -{% for dns in dnsv4 %} -dns{{ loop.index }}={{ dns }} -{% endfor %} -{% endif %} - -{% if dnsv6 %} -[ipv6-dns] -{% for dns in dnsv6 %} -{{ dns }} -{% endfor %} -{% endif %} - -[ipv6-nd] -verbose=1 - -[ipv6-dhcp] -verbose=1 - -{% if client_named_ip_pool %} -[ip-pool] -{% for pool in client_named_ip_pool %} -{% if pool.subnet is defined %} -{{ pool.subnet }},name={{ pool.name }} -{% endif %} -{% if pool.gateway_address is defined %} -gw-ip-address={{ pool.gateway_address }}/{{ pool.subnet.split('/')[1] }} -{% endif %} -{% endfor%} -{% endif %} - -{% if client_ipv6_pool %} -[ipv6-pool] -{% for p in client_ipv6_pool %} -{{ p.prefix }},{{ p.mask }} -{% endfor %} -{% for p in client_ipv6_delegate_prefix %} -delegate={{ p.prefix }},{{ p.mask }} -{% endfor %} -{% endif %} - -{% if auth_mode == 'local' %} -[chap-secrets] -chap-secrets={{ chap_secrets_file }} -{% elif auth_mode == 'radius' %} -[radius] -verbose=1 -{% for r in radius_server %} -server={{ r.server }},{{ r.key }},auth-port={{ r.port }},acct-port={{ r.acct_port }},req-limit=0,fail-time={{ r.fail_time }} -{% endfor %} - -{% if radius_acct_inter_jitter %} -acct-interim-jitter={{ radius_acct_inter_jitter }} -{% endif %} - -acct-timeout={{ radius_acct_tmo }} -timeout={{ radius_timeout }} -max-try={{ radius_max_try }} -{% if radius_nas_id %} -nas-identifier={{ radius_nas_id }} -{% endif %} -{% if radius_nas_ip %} -nas-ip-address={{ radius_nas_ip }} -{% endif %} -{% if radius_source_address %} -bind={{ radius_source_address }} -{% endif %} - -{% if radius_dynamic_author %} -dae-server={{ radius_dynamic_author.server }}:{{ radius_dynamic_author.port }},{{ radius_dynamic_author.key }} -{% endif %} - -{% if radius_shaper_attr %} -[shaper] -verbose=1 -attr={{ radius_shaper_attr }} -{% if radius_shaper_vendor %} -vendor={{ radius_shaper_vendor }} -{% endif %} -{% endif %} -{% endif %} - -[cli] -tcp=127.0.0.1:2002 diff --git a/data/templates/accel-ppp/l2tp.config.j2 b/data/templates/accel-ppp/l2tp.config.j2 new file mode 100644 index 000000000..9eeaf7622 --- /dev/null +++ b/data/templates/accel-ppp/l2tp.config.j2 @@ -0,0 +1,153 @@ +### generated by accel_l2tp.py ### +[modules] +log_syslog +l2tp +chap-secrets +{% for proto in auth_proto %} +{{ proto }} +{% endfor %} + +{% if auth_mode == 'radius' %} +radius +{% endif %} + +ippool +shaper +ipv6pool +ipv6_nd +ipv6_dhcp + +[core] +thread-count={{ thread_cnt }} + +[log] +syslog=accel-l2tp,daemon +copy=1 +level=5 + +{% if dnsv4 %} +[dns] +{% for dns in dnsv4 %} +dns{{ loop.index }}={{ dns }} +{% endfor %} +{% endif %} + +{% if dnsv6 %} +[ipv6-dns] +{% for dns in dnsv6 %} +{{ dns }} +{% endfor %} +{% endif %} + +{% if wins %} +[wins] +{% for server in wins %} +wins{{ loop.index }}={{ server }} +{% endfor %} +{% endif %} + +[l2tp] +verbose=1 +ifname=l2tp%d +ppp-max-mtu={{ mtu }} +mppe={{ ppp_mppe }} +{% if outside_addr %} +bind={{ outside_addr }} +{% endif %} +{% if lns_shared_secret %} +secret={{ lns_shared_secret }} +{% endif %} +{% if lns_host_name %} +host-name={{ lns_host_name }} +{% endif %} + +[client-ip-range] +0.0.0.0/0 + +{% if client_ip_pool or client_ip_subnets %} +[ip-pool] +{% if client_ip_pool %} +{{ client_ip_pool }} +{% endif %} +{% if client_ip_subnets %} +{% for sn in client_ip_subnets %} +{{ sn }} +{% endfor %} +{% endif %} +{% endif %} +{% if gateway_address %} +gw-ip-address={{ gateway_address }} +{% endif %} + +{% if auth_mode == 'local' %} +[chap-secrets] +chap-secrets={{ chap_secrets_file }} +{% elif auth_mode == 'radius' %} +[radius] +verbose=1 +{% for r in radius_server %} +server={{ r.server }},{{ r.key }},auth-port={{ r.port }},acct-port={{ r.acct_port }},req-limit=0,fail-time={{ r.fail_time }} +{% endfor %} +{% if radius_acct_inter_jitter %} +acct-interim-jitter={{ radius_acct_inter_jitter }} +{% endif %} +acct-timeout={{ radius_acct_tmo }} +timeout={{ radius_timeout }} +max-try={{ radius_max_try }} +{% if radius_nas_id %} +nas-identifier={{ radius_nas_id }} +{% endif %} +{% if radius_nas_ip %} +nas-ip-address={{ radius_nas_ip }} +{% endif %} +{% if radius_source_address %} +bind={{ radius_source_address }} +{% endif %} +{% endif %} +{% if gateway_address %} +gw-ip-address={{ gateway_address }} +{% endif %} + +[ppp] +verbose=1 +check-ip=1 +single-session=replace +lcp-echo-timeout={{ ppp_echo_timeout }} +lcp-echo-interval={{ ppp_echo_interval }} +lcp-echo-failure={{ ppp_echo_failure }} +{% if ccp_disable %} +ccp=0 +{% endif %} +{% if client_ipv6_pool %} +ipv6=allow +{% endif %} + + +{% if client_ipv6_pool %} +[ipv6-pool] +{% for p in client_ipv6_pool %} +{{ p.prefix }},{{ p.mask }} +{% endfor %} +{% for p in client_ipv6_delegate_prefix %} +delegate={{ p.prefix }},{{ p.mask }} +{% endfor %} +{% endif %} + +{% if client_ipv6_delegate_prefix %} +[ipv6-dhcp] +verbose=1 +{% endif %} + +{% if radius_shaper_attr %} +[shaper] +verbose=1 +attr={{ radius_shaper_attr }} +{% if radius_shaper_vendor %} +vendor={{ radius_shaper_vendor }} +{% endif %} +{% endif %} + +[cli] +tcp=127.0.0.1:2004 +sessions-columns=ifname,username,calling-sid,ip,{{ ip6_column | join(',') }}{{ ',' if ip6_column }}rate-limit,type,comp,state,rx-bytes,tx-bytes,uptime + diff --git a/data/templates/accel-ppp/l2tp.config.tmpl b/data/templates/accel-ppp/l2tp.config.tmpl deleted file mode 100644 index 9fcda76d4..000000000 --- a/data/templates/accel-ppp/l2tp.config.tmpl +++ /dev/null @@ -1,156 +0,0 @@ -### generated by accel_l2tp.py ### -[modules] -log_syslog -l2tp -chap-secrets -{% for proto in auth_proto: %} -{{proto}} -{% endfor%} - -{% if auth_mode == 'radius' %} -radius -{% endif %} - -ippool -shaper -ipv6pool -ipv6_nd -ipv6_dhcp - -[core] -thread-count={{thread_cnt}} - -[log] -syslog=accel-l2tp,daemon -copy=1 -level=5 - -{% if dnsv4 %} -[dns] -{% for dns in dnsv4 %} -dns{{ loop.index }}={{ dns }} -{% endfor %} -{% endif %} - -{% if dnsv6 %} -[ipv6-dns] -{% for dns in dnsv6 %} -{{ dns }} -{% endfor %} -{% endif %} - -{% if wins %} -[wins] -{% for server in wins %} -wins{{ loop.index }}={{ server }} -{% endfor %} -{% endif %} - -[l2tp] -verbose=1 -ifname=l2tp%d -ppp-max-mtu={{ mtu }} -mppe={{ ppp_mppe }} -{% if outside_addr %} -bind={{ outside_addr }} -{% endif %} -{% if lns_shared_secret %} -secret={{ lns_shared_secret }} -{% endif %} -{% if lns_host_name %} -host-name={{ lns_host_name }} -{% endif %} - -[client-ip-range] -0.0.0.0/0 - -{% if client_ip_pool or client_ip_subnets %} -[ip-pool] -{% if client_ip_pool %} -{{ client_ip_pool }} -{% endif %} -{% if client_ip_subnets %} -{% for sn in client_ip_subnets %} -{{sn}} -{% endfor %} -{% endif %} -{% endif %} -{% if gateway_address %} -gw-ip-address={{ gateway_address }} -{% endif %} - -{% if auth_mode == 'local' %} -[chap-secrets] -chap-secrets={{ chap_secrets_file }} -{% elif auth_mode == 'radius' %} -[radius] -verbose=1 -{% for r in radius_server %} -server={{ r.server }},{{ r.key }},auth-port={{ r.port }},acct-port={{ r.acct_port }},req-limit=0,fail-time={{ r.fail_time }} -{% endfor %} - -{% if radius_acct_inter_jitter %} -acct-interim-jitter={{ radius_acct_inter_jitter }} -{% endif %} - -acct-timeout={{ radius_acct_tmo }} -timeout={{ radius_timeout }} -max-try={{ radius_max_try }} - -{% if radius_nas_id %} -nas-identifier={{ radius_nas_id }} -{% endif %} -{% if radius_nas_ip %} -nas-ip-address={{ radius_nas_ip }} -{% endif %} -{% if radius_source_address %} -bind={{ radius_source_address }} -{% endif %} -{% endif %} -{% if gateway_address %} -gw-ip-address={{ gateway_address }} -{% endif %} - -[ppp] -verbose=1 -check-ip=1 -single-session=replace -lcp-echo-timeout={{ ppp_echo_timeout }} -lcp-echo-interval={{ ppp_echo_interval }} -lcp-echo-failure={{ ppp_echo_failure }} -{% if ccp_disable %} -ccp=0 -{% endif %} -{% if client_ipv6_pool %} -ipv6=allow -{% endif %} - - -{% if client_ipv6_pool %} -[ipv6-pool] -{% for p in client_ipv6_pool %} -{{ p.prefix }},{{ p.mask }} -{% endfor %} -{% for p in client_ipv6_delegate_prefix %} -delegate={{ p.prefix }},{{ p.mask }} -{% endfor %} -{% endif %} - -{% if client_ipv6_delegate_prefix %} -[ipv6-dhcp] -verbose=1 -{% endif %} - -{% if radius_shaper_attr %} -[shaper] -verbose=1 -attr={{ radius_shaper_attr }} -{% if radius_shaper_vendor %} -vendor={{ radius_shaper_vendor }} -{% endif %} -{% endif %} - -[cli] -tcp=127.0.0.1:2004 -sessions-columns=ifname,username,calling-sid,ip,{{ ip6_column | join(',') }}{{ ',' if ip6_column }}rate-limit,type,comp,state,rx-bytes,tx-bytes,uptime - diff --git a/data/templates/accel-ppp/pppoe.config.j2 b/data/templates/accel-ppp/pppoe.config.j2 new file mode 100644 index 000000000..0a92e2d54 --- /dev/null +++ b/data/templates/accel-ppp/pppoe.config.j2 @@ -0,0 +1,172 @@ +### generated by accel_pppoe.py ### +[modules] +log_syslog +pppoe +shaper +{# Common authentication backend definitions #} +{% include 'accel-ppp/config_modules_auth_mode.j2' %} +ippool +{# Common IPv6 definitions #} +{% include 'accel-ppp/config_modules_ipv6.j2' %} +{# Common authentication protocols (pap, chap ...) #} +{% include 'accel-ppp/config_modules_auth_protocols.j2' %} + +{% if snmp is vyos_defined %} +net-snmp +{% endif %} +{% if limits is vyos_defined %} +connlimit +{% endif %} +{% if extended_scripts is vyos_defined %} +sigchld +pppd_compat +{% endif %} + +[core] +thread-count={{ thread_count }} + +[log] +syslog=accel-pppoe,daemon +copy=1 +level=5 + +{% if snmp.master_agent is vyos_defined %} +[snmp] +master=1 +{% endif %} + +[client-ip-range] +disable + +{# Common IP pool definitions #} +{% include 'accel-ppp/config_ip_pool.j2' %} + +{# Common IPv6 pool definitions #} +{% include 'accel-ppp/config_ipv6_pool.j2' %} + +{# Common DNS name-server definition #} +{% include 'accel-ppp/config_name_server.j2' %} + +{% if wins_server is vyos_defined %} +[wins] +{% for server in wins_server %} +wins{{ loop.index }}={{ server }} +{% endfor %} +{% endif %} + +{# Common chap-secrets and RADIUS server/option definitions #} +{% include 'accel-ppp/config_chap_secrets_radius.j2' %} + +{% if session_control is vyos_defined and session_control is not vyos_defined('disable') %} +[common] +single-session={{ session_control }} +{% endif %} + +[ppp] +verbose=1 +check-ip=1 +ccp={{ "1" if ppp_options.ccp is vyos_defined else "0" }} +unit-preallocate={{ "1" if authentication.radius.preallocate_vif is vyos_defined else "0" }} +{% if ppp_options.min_mtu is vyos_defined %} +min-mtu={{ ppp_options.min_mtu }} +{% else %} +min-mtu={{ mtu }} +{% endif %} +{% if ppp_options.mru is vyos_defined %} +mru={{ ppp_options.mru }} +{% endif %} +mppe={{ ppp_options.mppe }} +lcp-echo-interval={{ ppp_options.lcp_echo_interval }} +lcp-echo-timeout={{ ppp_options.lcp_echo_timeout }} +lcp-echo-failure={{ ppp_options.lcp_echo_failure }} +{% if ppp_options.ipv4 is vyos_defined %} +ipv4={{ ppp_options.ipv4 }} +{% endif %} +{# IPv6 #} +{% if ppp_options.ipv6 is vyos_defined %} +ipv6={{ ppp_options.ipv6 }} +{% if ppp_options.ipv6_intf_id is vyos_defined %} +ipv6-intf-id={{ ppp_options.ipv6_intf_id }} +{% endif %} +{% if ppp_options.ipv6_peer_intf_id is vyos_defined %} +ipv6-peer-intf-id={{ ppp_options.ipv6_peer_intf_id }} +{% endif %} +ipv6-accept-peer-intf-id={{ "1" if ppp_options.ipv6_accept_peer_intf_id is vyos_defined else "0" }} +{% endif %} +{# MTU #} +mtu={{ mtu }} +{% if ppp_options.interface_cache is vyos_defined %} +unit-cache={{ ppp_options.interface_cache }} +{% endif %} + +[pppoe] +verbose=1 +ac-name={{ access_concentrator }} + +{% if interface is vyos_defined %} +{% for iface, iface_config in interface.items() %} +{% if iface_config.vlan_id is not vyos_defined and iface_config.vlan_range is not vyos_defined %} +interface={{ iface }} +{% endif %} +{% if iface_config.vlan_range is vyos_defined %} +{% for regex in iface_config.regex %} +interface=re:^{{ iface | replace('.', '\\.') }}\.({{ regex }})$ +{% endfor %} +vlan-mon={{ iface }},{{ iface_config.vlan_range | join(',') }} +{% endif %} +{% if iface_config.vlan_id is vyos_defined %} +{% for vlan in iface_config.vlan_id %} +vlan-mon={{ iface }},{{ vlan }} +interface=re:^{{ iface | replace('.', '\\.') }}\.{{ vlan }}$ +{% endfor %} +{% endif %} +{% endfor %} +{% endif %} + +{% if service_name %} +service-name={{ service_name | join(',') }} +{% endif %} + +{% if pado_delay %} +{% set pado_delay_param = namespace(value='0') %} +{% for delay in pado_delay | sort(attribute='0') %} +{% if not loop.last %} +{% set pado_delay_param.value = pado_delay_param.value + ',' + delay + ':' + pado_delay[delay].sessions %} +{% else %} +{% set pado_delay_param.value = pado_delay_param.value + ',-1:' + pado_delay[delay].sessions %} +{% endif %} +{% endfor %} +pado-delay={{ pado_delay_param.value }} +{% endif %} +{% if authentication.radius.called_sid_format is vyos_defined %} +called-sid={{ authentication.radius.called_sid_format }} +{% endif %} + +{% if limits is vyos_defined %} +[connlimit] +{% if limits.connection_limit is vyos_defined %} +limit={{ limits.connection_limit }} +{% endif %} +{% if limits.burst is vyos_defined %} +burst={{ limits.burst }} +{% endif %} +{% if limits.timeout is vyos_defined %} +timeout={{ limits.timeout }} +{% endif %} +{% endif %} + +{# Common RADIUS shaper configuration #} +{% include 'accel-ppp/config_shaper_radius.j2' %} + +{% if extended_scripts is vyos_defined %} +[pppd-compat] +verbose=1 +radattr-prefix=/run/accel-pppd/radattr +{% set script_name = {'on_up': 'ip-up', 'on_down': 'ip-down', 'on_change':'ip-change', 'on_pre_up':'ip-pre-up'} %} +{% for script in extended_scripts %} +{{ script_name[script] }}={{ extended_scripts[script] }} +{% endfor %} +{% endif %} + +[cli] +tcp=127.0.0.1:2001 diff --git a/data/templates/accel-ppp/pppoe.config.tmpl b/data/templates/accel-ppp/pppoe.config.tmpl deleted file mode 100644 index 81b98cc81..000000000 --- a/data/templates/accel-ppp/pppoe.config.tmpl +++ /dev/null @@ -1,172 +0,0 @@ -### generated by accel_pppoe.py ### -[modules] -log_syslog -pppoe -shaper -{# Common authentication backend definitions #} -{% include 'accel-ppp/config_modules_auth_mode.j2' %} -ippool -{# Common IPv6 definitions #} -{% include 'accel-ppp/config_modules_ipv6.j2' %} -{# Common authentication protocols (pap, chap ...) #} -{% include 'accel-ppp/config_modules_auth_protocols.j2' %} - -{% if snmp is vyos_defined %} -net-snmp -{% endif %} -{% if limits is vyos_defined %} -connlimit -{% endif %} -{% if extended_scripts is vyos_defined %} -sigchld -pppd_compat -{% endif %} - -[core] -thread-count={{ thread_count }} - -[log] -syslog=accel-pppoe,daemon -copy=1 -level=5 - -{% if snmp.master_agent is vyos_defined %} -[snmp] -master=1 -{% endif %} - -[client-ip-range] -disable - -{# Common IP pool definitions #} -{% include 'accel-ppp/config_ip_pool.j2' %} - -{# Common IPv6 pool definitions #} -{% include 'accel-ppp/config_ipv6_pool.j2' %} - -{# Common DNS name-server definition #} -{% include 'accel-ppp/config_name_server.j2' %} - -{% if wins_server is vyos_defined %} -[wins] -{% for server in wins_server %} -wins{{ loop.index }}={{ server }} -{% endfor %} -{% endif %} - -{# Common chap-secrets and RADIUS server/option definitions #} -{% include 'accel-ppp/config_chap_secrets_radius.j2' %} - -{% if session_control is vyos_defined and session_control is not vyos_defined('disable') %} -[common] -single-session={{ session_control }} -{% endif %} - -[ppp] -verbose=1 -check-ip=1 -ccp={{ "1" if ppp_options.ccp is vyos_defined else "0" }} -unit-preallocate={{ "1" if authentication.radius.preallocate_vif is vyos_defined else "0" }} -{% if ppp_options.min_mtu is vyos_defined %} -min-mtu={{ ppp_options.min_mtu }} -{% else %} -min-mtu={{ mtu }} -{% endif %} -{% if ppp_options.mru is vyos_defined %} -mru={{ ppp_options.mru }} -{% endif %} -mppe={{ ppp_options.mppe }} -lcp-echo-interval={{ ppp_options.lcp_echo_interval }} -lcp-echo-timeout={{ ppp_options.lcp_echo_timeout }} -lcp-echo-failure={{ ppp_options.lcp_echo_failure }} -{% if ppp_options.ipv4 is vyos_defined %} -ipv4={{ ppp_options.ipv4 }} -{% endif %} -{# IPv6 #} -{% if ppp_options.ipv6 is vyos_defined %} -ipv6={{ ppp_options.ipv6 }} -{% if ppp_options.ipv6_intf_id is vyos_defined %} -ipv6-intf-id={{ ppp_options.ipv6_intf_id }} -{% endif %} -{% if ppp_options.ipv6_peer_intf_id is vyos_defined %} -ipv6-peer-intf-id={{ ppp_options.ipv6_peer_intf_id }} -{% endif %} -ipv6-accept-peer-intf-id={{ "1" if ppp_options.ipv6_accept_peer_intf_id is vyos_defined else "0" }} -{% endif %} -{# MTU #} -mtu={{ mtu }} -{% if ppp_options.interface_cache is vyos_defined %} -unit-cache={{ ppp_options.interface_cache }} -{% endif %} - -[pppoe] -verbose=1 -ac-name={{ access_concentrator }} - -{% if interface is vyos_defined %} -{% for iface, iface_config in interface.items() %} -{% if iface_config.vlan_id is not vyos_defined and iface_config.vlan_range is not vyos_defined %} -interface={{ iface }} -{% endif %} -{% if iface_config.vlan_range is vyos_defined %} -{% for regex in iface_config.regex %} -interface=re:^{{ iface | replace('.', '\\.') }}\.({{ regex }})$ -{% endfor %} -vlan-mon={{ iface }},{{ iface_config.vlan_range | join(',') }} -{% endif %} -{% if iface_config.vlan_id is vyos_defined %} -{% for vlan in iface_config.vlan_id %} -vlan-mon={{ iface }},{{ vlan }} -interface=re:^{{ iface | replace('.', '\\.') }}\.{{ vlan }}$ -{% endfor %} -{% endif %} -{% endfor %} -{% endif %} - -{% if service_name %} -service-name={{ service_name | join(',') }} -{% endif %} - -{% if pado_delay %} -{% set pado_delay_param = namespace(value='0') %} -{% for delay in pado_delay|sort(attribute='0') %} -{% if not loop.last %} -{% set pado_delay_param.value = pado_delay_param.value + ',' + delay + ':' + pado_delay[delay].sessions %} -{% else %} -{% set pado_delay_param.value = pado_delay_param.value + ',-1:' + pado_delay[delay].sessions %} -{% endif %} -{% endfor %} -pado-delay={{ pado_delay_param.value }} -{% endif %} -{% if authentication.radius.called_sid_format is vyos_defined %} -called-sid={{ authentication.radius.called_sid_format }} -{% endif %} - -{% if limits is vyos_defined %} -[connlimit] -{% if limits.connection_limit is vyos_defined %} -limit={{ limits.connection_limit }} -{% endif %} -{% if limits.burst is vyos_defined %} -burst={{ limits.burst }} -{% endif %} -{% if limits.timeout is vyos_defined %} -timeout={{ limits.timeout }} -{% endif %} -{% endif %} - -{# Common RADIUS shaper configuration #} -{% include 'accel-ppp/config_shaper_radius.j2' %} - -{% if extended_scripts is vyos_defined %} -[pppd-compat] -verbose=1 -radattr-prefix=/run/accel-pppd/radattr -{% set script_name = {'on_up': 'ip-up', 'on_down': 'ip-down', 'on_change':'ip-change', 'on_pre_up':'ip-pre-up'} %} -{% for script in extended_scripts %} -{{ script_name[script] }}={{ extended_scripts[script] }} -{% endfor %} -{% endif %} - -[cli] -tcp=127.0.0.1:2001 diff --git a/data/templates/accel-ppp/pptp.config.j2 b/data/templates/accel-ppp/pptp.config.j2 new file mode 100644 index 000000000..cc1a45d6b --- /dev/null +++ b/data/templates/accel-ppp/pptp.config.j2 @@ -0,0 +1,98 @@ +### generated by accel_pptp.py ### +[modules] +log_syslog +pptp +shaper +{% if auth_mode == 'local' %} +chap-secrets +{% elif auth_mode == 'radius' %} +radius +{% endif %} +ippool +{% for proto in auth_proto %} +{{ proto }} +{% endfor %} + +[core] +thread-count={{ thread_cnt }} + +[log] +syslog=accel-pptp,daemon +copy=1 +level=5 + +{% if dnsv4 %} +[dns] +{% for dns in dnsv4 %} +dns{{ loop.index }}={{ dns }} +{% endfor %} +{% endif %} + +{% if wins %} +[wins] +{% for server in wins %} +wins{{ loop.index }}={{ server }} +{% endfor %} +{% endif %} + + +[pptp] +ifname=pptp%d +{% if outside_addr %} +bind={{ outside_addr }} +{% endif %} +verbose=1 +ppp-max-mtu={{ mtu }} +mppe={{ ppp_mppe }} +echo-interval=10 +echo-failure=3 + + +[client-ip-range] +0.0.0.0/0 + +[ip-pool] +tunnel={{ client_ip_pool }} +gw-ip-address={{ gw_ip }} + +[ppp] +verbose=5 +check-ip=1 +single-session=replace + +{% if auth_mode == 'local' %} +[chap-secrets] +chap-secrets={{ chap_secrets_file }} +{% elif auth_mode == 'radius' %} +[radius] +verbose=1 +{% for r in radius_server %} +server={{ r.server }},{{ r.key }},auth-port={{ r.port }},acct-port={{ r.acct_port }},req-limit=0,fail-time={{ r.fail_time }} +{% endfor %} + +{% if radius_acct_inter_jitter %} +acct-interim-jitter={{ radius_acct_inter_jitter }} +{% endif %} + +acct-timeout={{ radius_acct_tmo }} +timeout={{ radius_timeout }} +max-try={{ radius_max_try }} + +{% if radius_nas_id %} +nas-identifier={{ radius_nas_id }} +{% endif %} +{% if radius_nas_ip %} +nas-ip-address={{ radius_nas_ip }} +{% endif %} +{% if radius_source_address %} +bind={{ radius_source_address }} +{% endif %} +{% endif %} +{# Both chap-secrets and radius block required the gw-ip-address #} +{% if gw_ip is defined and gw_ip is not none %} +gw-ip-address={{ gw_ip }} +{% endif %} + +[cli] +tcp=127.0.0.1:2003 + diff --git a/data/templates/accel-ppp/pptp.config.tmpl b/data/templates/accel-ppp/pptp.config.tmpl deleted file mode 100644 index 3cfc4a906..000000000 --- a/data/templates/accel-ppp/pptp.config.tmpl +++ /dev/null @@ -1,98 +0,0 @@ -### generated by accel_pptp.py ### -[modules] -log_syslog -pptp -shaper -{% if auth_mode == 'local' %} -chap-secrets -{% elif auth_mode == 'radius' %} -radius -{% endif %} -ippool -{% for proto in auth_proto %} -{{proto}} -{% endfor %} - -[core] -thread-count={{ thread_cnt }} - -[log] -syslog=accel-pptp,daemon -copy=1 -level=5 - -{% if dnsv4 %} -[dns] -{% for dns in dnsv4 %} -dns{{ loop.index }}={{ dns }} -{% endfor %} -{% endif %} - -{% if wins %} -[wins] -{% for server in wins %} -wins{{ loop.index }}={{ server }} -{% endfor %} -{% endif %} - - -[pptp] -ifname=pptp%d -{% if outside_addr %} -bind={{ outside_addr }} -{% endif %} -verbose=1 -ppp-max-mtu={{mtu}} -mppe={{ ppp_mppe }} -echo-interval=10 -echo-failure=3 - - -[client-ip-range] -0.0.0.0/0 - -[ip-pool] -tunnel={{ client_ip_pool }} -gw-ip-address={{ gw_ip }} - -[ppp] -verbose=5 -check-ip=1 -single-session=replace - -{% if auth_mode == 'local' %} -[chap-secrets] -chap-secrets={{ chap_secrets_file }} -{% elif auth_mode == 'radius' %} -[radius] -verbose=1 -{% for r in radius_server %} -server={{ r.server }},{{ r.key }},auth-port={{ r.port }},acct-port={{ r.acct_port }},req-limit=0,fail-time={{ r.fail_time }} -{% endfor %} - -{% if radius_acct_inter_jitter %} -acct-interim-jitter={{ radius_acct_inter_jitter }} -{% endif %} - -acct-timeout={{ radius_acct_tmo }} -timeout={{ radius_timeout }} -max-try={{ radius_max_try }} - -{% if radius_nas_id %} -nas-identifier={{ radius_nas_id }} -{% endif %} -{% if radius_nas_ip %} -nas-ip-address={{ radius_nas_ip }} -{% endif %} -{% if radius_source_address %} -bind={{ radius_source_address }} -{% endif %} -{% endif %} -{# Both chap-secrets and radius block required the gw-ip-address #} -{% if gw_ip is defined and gw_ip is not none %} -gw-ip-address={{ gw_ip }} -{% endif %} - -[cli] -tcp=127.0.0.1:2003 - diff --git a/data/templates/accel-ppp/sstp.config.j2 b/data/templates/accel-ppp/sstp.config.j2 new file mode 100644 index 000000000..5c6f19306 --- /dev/null +++ b/data/templates/accel-ppp/sstp.config.j2 @@ -0,0 +1,65 @@ +### generated by vpn_sstp.py ### +[modules] +log_syslog +sstp +shaper +{# Common authentication backend definitions #} +{% include 'accel-ppp/config_modules_auth_mode.j2' %} +ippool +{# Common IPv6 definitions #} +{% include 'accel-ppp/config_modules_ipv6.j2' %} +{# Common authentication protocols (pap, chap ...) #} +{% include 'accel-ppp/config_modules_auth_protocols.j2' %} + +[core] +thread-count={{ thread_count }} + +[common] +single-session=replace + +[log] +syslog=accel-sstp,daemon +copy=1 +level=5 + +[client-ip-range] +disable + +[sstp] +verbose=1 +ifname=sstp%d +accept=ssl +ssl-ca-file=/run/accel-pppd/sstp-ca.pem +ssl-pemfile=/run/accel-pppd/sstp-cert.pem +ssl-keyfile=/run/accel-pppd/sstp-cert.key + +{# Common IP pool definitions #} +{% include 'accel-ppp/config_ip_pool.j2' %} + +{# Common IPv6 pool definitions #} +{% include 'accel-ppp/config_ipv6_pool.j2' %} + +{# Common DNS name-server definition #} +{% include 'accel-ppp/config_name_server.j2' %} + +{# Common chap-secrets and RADIUS server/option definitions #} +{% include 'accel-ppp/config_chap_secrets_radius.j2' %} + +[ppp] +verbose=1 +check-ip=1 +{# MTU #} +mtu={{ mtu }} +ipv6={{ 'allow' if ppp_options.ipv6 is vyos_defined("deny") and client_ipv6_pool is vyos_defined else ppp_options.ipv6 }} +ipv4={{ ppp_options.ipv4 }} + +mppe={{ ppp_options.mppe }} +lcp-echo-interval={{ ppp_options.lcp_echo_interval }} +lcp-echo-timeout={{ ppp_options.lcp_echo_timeout }} +lcp-echo-failure={{ ppp_options.lcp_echo_failure }} + +{# Common RADIUS shaper configuration #} +{% include 'accel-ppp/config_shaper_radius.j2' %} + +[cli] +tcp=127.0.0.1:2005 diff --git a/data/templates/accel-ppp/sstp.config.tmpl b/data/templates/accel-ppp/sstp.config.tmpl deleted file mode 100644 index 5c6f19306..000000000 --- a/data/templates/accel-ppp/sstp.config.tmpl +++ /dev/null @@ -1,65 +0,0 @@ -### generated by vpn_sstp.py ### -[modules] -log_syslog -sstp -shaper -{# Common authentication backend definitions #} -{% include 'accel-ppp/config_modules_auth_mode.j2' %} -ippool -{# Common IPv6 definitions #} -{% include 'accel-ppp/config_modules_ipv6.j2' %} -{# Common authentication protocols (pap, chap ...) #} -{% include 'accel-ppp/config_modules_auth_protocols.j2' %} - -[core] -thread-count={{ thread_count }} - -[common] -single-session=replace - -[log] -syslog=accel-sstp,daemon -copy=1 -level=5 - -[client-ip-range] -disable - -[sstp] -verbose=1 -ifname=sstp%d -accept=ssl -ssl-ca-file=/run/accel-pppd/sstp-ca.pem -ssl-pemfile=/run/accel-pppd/sstp-cert.pem -ssl-keyfile=/run/accel-pppd/sstp-cert.key - -{# Common IP pool definitions #} -{% include 'accel-ppp/config_ip_pool.j2' %} - -{# Common IPv6 pool definitions #} -{% include 'accel-ppp/config_ipv6_pool.j2' %} - -{# Common DNS name-server definition #} -{% include 'accel-ppp/config_name_server.j2' %} - -{# Common chap-secrets and RADIUS server/option definitions #} -{% include 'accel-ppp/config_chap_secrets_radius.j2' %} - -[ppp] -verbose=1 -check-ip=1 -{# MTU #} -mtu={{ mtu }} -ipv6={{ 'allow' if ppp_options.ipv6 is vyos_defined("deny") and client_ipv6_pool is vyos_defined else ppp_options.ipv6 }} -ipv4={{ ppp_options.ipv4 }} - -mppe={{ ppp_options.mppe }} -lcp-echo-interval={{ ppp_options.lcp_echo_interval }} -lcp-echo-timeout={{ ppp_options.lcp_echo_timeout }} -lcp-echo-failure={{ ppp_options.lcp_echo_failure }} - -{# Common RADIUS shaper configuration #} -{% include 'accel-ppp/config_shaper_radius.j2' %} - -[cli] -tcp=127.0.0.1:2005 -- cgit v1.2.3