From d187803c31175e471397dd4f77040ab56d2e1073 Mon Sep 17 00:00:00 2001 From: aapostoliuk Date: Fri, 12 Jan 2024 12:51:46 +0200 Subject: T5865: Moved ipv6 pools to named ipv6 pools in accel-ppp Moved ipv6 pools to named ipv6 pools in accel-ppp services --- src/conf_mode/service_ipoe-server.py | 5 +---- src/conf_mode/service_pppoe-server.py | 3 ++- src/conf_mode/vpn_l2tp.py | 10 ++-------- src/conf_mode/vpn_pptp.py | 6 ------ src/conf_mode/vpn_sstp.py | 5 +---- 5 files changed, 6 insertions(+), 23 deletions(-) (limited to 'src/conf_mode') diff --git a/src/conf_mode/service_ipoe-server.py b/src/conf_mode/service_ipoe-server.py index 36f00dec5..6df6f3dc7 100755 --- a/src/conf_mode/service_ipoe-server.py +++ b/src/conf_mode/service_ipoe-server.py @@ -1,6 +1,6 @@ #!/usr/bin/env python3 # -# Copyright (C) 2018-2023 VyOS maintainers and contributors +# Copyright (C) 2018-2024 VyOS maintainers and contributors # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License version 2 or later as @@ -79,9 +79,6 @@ def verify(ipoe): if 'key' not in radius_config: raise ConfigError(f'Missing RADIUS secret key for server "{server}"') - if 'client_ipv6_pool' in ipoe: - if 'delegate' in ipoe['client_ipv6_pool'] and 'prefix' not in ipoe['client_ipv6_pool']: - raise ConfigError('IPoE IPv6 deletate-prefix requires IPv6 prefix to be configured!') return None diff --git a/src/conf_mode/service_pppoe-server.py b/src/conf_mode/service_pppoe-server.py index 7c624f034..31299a15c 100755 --- a/src/conf_mode/service_pppoe-server.py +++ b/src/conf_mode/service_pppoe-server.py @@ -1,6 +1,6 @@ #!/usr/bin/env python3 # -# Copyright (C) 2018-2023 VyOS maintainers and contributors +# Copyright (C) 2018-2024 VyOS maintainers and contributors # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License version 2 or later as @@ -85,6 +85,7 @@ def verify(pppoe): if not dict_search('authentication.radius.dynamic_author.key', pppoe): raise ConfigError('DA/CoE server key required!') + return None diff --git a/src/conf_mode/vpn_l2tp.py b/src/conf_mode/vpn_l2tp.py index 1a91951b4..b569ca140 100755 --- a/src/conf_mode/vpn_l2tp.py +++ b/src/conf_mode/vpn_l2tp.py @@ -1,6 +1,6 @@ #!/usr/bin/env python3 # -# Copyright (C) 2019-2023 VyOS maintainers and contributors +# Copyright (C) 2019-2024 VyOS maintainers and contributors # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License version 2 or later as @@ -70,15 +70,9 @@ def verify(l2tp): if not dict_search('authentication.radius.dynamic_author.key', l2tp): raise ConfigError('DA/CoE server key required!') - if dict_search('authentication.mode', l2tp) in ['local', 'noauth']: - if not dict_search('client_ip_pool', l2tp) and not dict_search('client_ipv6_pool', l2tp): - raise ConfigError( - "L2TP local auth mode requires local client-ip-pool or client-ipv6-pool to be configured!") - if dict_search('client_ip_pool', l2tp) and not dict_search('default_pool', l2tp): - Warning("'default-pool' is not defined") - verify_accel_ppp_ip_pool(l2tp) + if 'wins_server' in l2tp and len(l2tp['wins_server']) > 2: raise ConfigError( 'Not more then two WINS name-servers can be configured') diff --git a/src/conf_mode/vpn_pptp.py b/src/conf_mode/vpn_pptp.py index f769be39f..0629625bf 100755 --- a/src/conf_mode/vpn_pptp.py +++ b/src/conf_mode/vpn_pptp.py @@ -80,12 +80,6 @@ def verify(pptp): raise ConfigError( f'Missing RADIUS secret key for server "{server}"') - if auth_mode == 'local' or auth_mode == 'noauth': - if not dict_search('client_ip_pool', pptp): - raise ConfigError( - 'PPTP local auth mode requires local client-ip-pool ' - 'to be configured!') - verify_accel_ppp_ip_pool(pptp) if 'name_server' in pptp: diff --git a/src/conf_mode/vpn_sstp.py b/src/conf_mode/vpn_sstp.py index 6bf9307e1..a84513a0f 100755 --- a/src/conf_mode/vpn_sstp.py +++ b/src/conf_mode/vpn_sstp.py @@ -74,11 +74,8 @@ def verify(sstp): raise ConfigError(f'"{proto}" port "{port}" is used by another service') verify_accel_ppp_base_service(sstp) - - if 'client_ip_pool' not in sstp and 'client_ipv6_pool' not in sstp: - raise ConfigError('Client IP subnet required') - verify_accel_ppp_ip_pool(sstp) + # # SSL certificate checks # -- cgit v1.2.3