diff options
Diffstat (limited to 'data/templates/accel-ppp')
21 files changed, 756 insertions, 0 deletions
diff --git a/data/templates/accel-ppp/chap-secrets.config_dict.j2 b/data/templates/accel-ppp/chap-secrets.config_dict.j2 new file mode 100644 index 0000000..51e66d5 --- /dev/null +++ b/data/templates/accel-ppp/chap-secrets.config_dict.j2 @@ -0,0 +1,10 @@ +# username server password acceptable local IP addresses shaper +{% if authentication.local_users.username is vyos_defined %} +{% for user, user_config in authentication.local_users.username.items() if user_config.disabled is not vyos_defined %} +{% if user_config.rate_limit is vyos_defined %} +{{ "%-12s" | format(user) }} * {{ "%-16s" | format(user_config.password) }} {{ "%-16s" | format(user_config.static_ip) }} {{ user_config.rate_limit.download }}/{{ user_config.rate_limit.upload }} +{% else %} +{{ "%-12s" | format(user) }} * {{ "%-16s" | format(user_config.password) }} {{ "%-16s" | format(user_config.static_ip) }} +{% endif %} +{% endfor %} +{% endif %} diff --git a/data/templates/accel-ppp/chap-secrets.ipoe.j2 b/data/templates/accel-ppp/chap-secrets.ipoe.j2 new file mode 100644 index 0000000..43083e2 --- /dev/null +++ b/data/templates/accel-ppp/chap-secrets.ipoe.j2 @@ -0,0 +1,13 @@ +# username server password acceptable local IP addresses shaper +{% if authentication.interface is vyos_defined %} +{% for iface, iface_config in authentication.interface.items() %} +{% if iface_config.mac is vyos_defined %} +{% for mac, mac_config in iface_config.mac.items() %} +{% if mac_config.vlan is vyos_defined %} +{% set iface = iface ~ '.' ~ mac_config.vlan %} +{% endif %} +{{ "%-11s" | format(iface) }} * {{ mac | lower }} * {{ mac_config.rate_limit.download ~ '/' ~ mac_config.rate_limit.upload if mac_config.rate_limit.download is vyos_defined and mac_config.rate_limit.upload is vyos_defined }} +{% endfor %} +{% endif %} +{% endfor %} +{% endif %} diff --git a/data/templates/accel-ppp/chap-secrets.j2 b/data/templates/accel-ppp/chap-secrets.j2 new file mode 100644 index 0000000..cc3ddc2 --- /dev/null +++ b/data/templates/accel-ppp/chap-secrets.j2 @@ -0,0 +1,10 @@ +# username server password acceptable local IP addresses shaper +{% for user in local_users %} +{% if user.state == 'enabled' %} +{% if user.upload and user.download %} +{{ "%-12s" | format(user.name) }} * {{ "%-16s" | format(user.password) }} {{ "%-16s" | format(user.ip) }} {{ user.download }}/{{ user.upload }} +{% else %} +{{ "%-12s" | format(user.name) }} * {{ "%-16s" | format(user.password) }} {{ "%-16s" | format(user.ip) }} +{% endif %} +{% endif %} +{% endfor %} diff --git a/data/templates/accel-ppp/config_chap_secrets_radius.j2 b/data/templates/accel-ppp/config_chap_secrets_radius.j2 new file mode 100644 index 0000000..e343ce4 --- /dev/null +++ b/data/templates/accel-ppp/config_chap_secrets_radius.j2 @@ -0,0 +1,58 @@ +{% if authentication.mode is vyos_defined('local') %} +[chap-secrets] +chap-secrets={{ chap_secrets_file }} +{% elif authentication.mode is vyos_defined('radius') %} +[radius] +verbose=1 +{% for server, options in authentication.radius.server.items() if not options.disable is vyos_defined %} +{% set _server_cfg = "server=" %} +{% set _server_cfg = _server_cfg + server %} +{% set _server_cfg = _server_cfg + "," + options.key %} +{% set _server_cfg = _server_cfg + ",auth-port=" + options.port %} +{% set _server_cfg = _server_cfg + ",acct-port=" + options.acct_port %} +{% set _server_cfg = _server_cfg + ",req-limit=0" %} +{% set _server_cfg = _server_cfg + ",fail-time=" + options.fail_time %} +{% if options.priority is vyos_defined %} +{% set _server_cfg = _server_cfg + ",weight=" + options.priority %} +{% endif %} +{% if options.backup is vyos_defined %} +{% set _server_cfg = _server_cfg + ",backup" %} +{% endif %} +{{ _server_cfg }} +{% endfor %} +{% if authentication.radius.accounting_interim_interval is vyos_defined %} +acct-interim-interval={{ authentication.radius.accounting_interim_interval }} +{% endif %} +{% if authentication.radius.acct_interim_jitter is vyos_defined %} +acct-interim-jitter={{ authentication.radius.acct_interim_jitter }} +{% endif %} +acct-timeout={{ authentication.radius.acct_timeout }} +timeout={{ authentication.radius.timeout }} +max-try={{ authentication.radius.max_try }} +{% if authentication.radius.nas_identifier is vyos_defined %} +nas-identifier={{ authentication.radius.nas_identifier }} +{% endif %} +{% if authentication.radius.nas_ip_address is vyos_defined %} +nas-ip-address={{ authentication.radius.nas_ip_address }} +{% endif %} +{% if authentication.radius.source_address is vyos_defined %} +bind={{ authentication.radius.source_address }} +{% endif %} +{% if authentication.radius.dynamic_author.server is vyos_defined %} +dae-server={{ authentication.radius.dynamic_author.server }}:{{ authentication.radius.dynamic_author.port }},{{ authentication.radius.dynamic_author.key }} +{% endif %} +{% endif %} +{# Both chap-secrets and radius block required the gw-ip-address #} +{% if authentication.mode is vyos_defined('local') or authentication.mode is vyos_defined('radius') %} +{% if gateway_address is vyos_defined %} +{% if server_type == 'ipoe' %} +{% for gw in gateway_address %} +{% set host_address, _ = gw.split('/') %} +gw-ip-address={{ host_address }} +{% endfor %} +{% else %} +gw-ip-address={{ gateway_address }} +{% endif %} +{% endif %} +{% endif %} + diff --git a/data/templates/accel-ppp/config_extended_scripts.j2 b/data/templates/accel-ppp/config_extended_scripts.j2 new file mode 100644 index 0000000..ded0a0a --- /dev/null +++ b/data/templates/accel-ppp/config_extended_scripts.j2 @@ -0,0 +1,9 @@ +{% if extended_scripts is vyos_defined %} +[pppd-compat] +verbose=1 +radattr-prefix=/run/accel-pppd/radattr +{% set script_name = {'on_up': 'ip-up', 'on_down': 'ip-down', 'on_change':'ip-change', 'on_pre_up':'ip-pre-up'} %} +{% for script in extended_scripts %} +{{ script_name[script] }}={{ extended_scripts[script] }} +{% endfor %} +{% endif %}
\ No newline at end of file diff --git a/data/templates/accel-ppp/config_ip_pool.j2 b/data/templates/accel-ppp/config_ip_pool.j2 new file mode 100644 index 0000000..8e66486 --- /dev/null +++ b/data/templates/accel-ppp/config_ip_pool.j2 @@ -0,0 +1,32 @@ +{% if ordered_named_pools is vyos_defined %} +[ip-pool] +{% if gateway_address is vyos_defined %} +{% if server_type == 'ipoe' %} +{% for gw in gateway_address %} +{% set host_address, _ = gw.split('/') %} +gw-ip-address={{ host_address }} +{% endfor %} +{% else %} +gw-ip-address={{ gateway_address }} +{% endif %} +{% endif %} +{% for pool in ordered_named_pools %} +{% for pool_name, pool_config in pool.items() %} +{% if pool_config.range is vyos_defined %} +{% for range in pool_config.range %} +{% set iprange_str = range %} +{% set iprange_list = range.split('-') %} +{% if iprange_list | length == 2 %} +{% set last_ip_oct = iprange_list[1].split('.') %} +{% set iprange_str = iprange_list[0] + '-' + last_ip_oct[last_ip_oct | length - 1] %} +{% endif %} +{% if loop.last and pool_config.next_pool is vyos_defined %} +{{ iprange_str }},name={{ pool_name }},next={{ pool_config.next_pool }} +{% else %} +{{ iprange_str }},name={{ pool_name }} +{% endif %} +{% endfor %} +{% endif %} +{% endfor %} +{% endfor %} +{% endif %}
\ No newline at end of file diff --git a/data/templates/accel-ppp/config_ipv6_pool.j2 b/data/templates/accel-ppp/config_ipv6_pool.j2 new file mode 100644 index 0000000..86efdc1 --- /dev/null +++ b/data/templates/accel-ppp/config_ipv6_pool.j2 @@ -0,0 +1,21 @@ +{% if client_ipv6_pool is vyos_defined %} +[ipv6-nd] +AdvAutonomousFlag=1 +verbose=1 + +[ipv6-pool] +{% for pool_name, pool_config in client_ipv6_pool.items() %} +{% if pool_config.prefix is vyos_defined %} +{% for prefix, options in pool_config.prefix.items() %} +{{ prefix }},{{ options.mask }},name={{ pool_name }} +{% endfor %} +{% endif %} +{% if pool_config.delegate is vyos_defined %} +{% for prefix, options in pool_config.delegate.items() %} +delegate={{ prefix }},{{ options.delegation_prefix }},name={{ pool_name }} +{% endfor %} +{% endif %} +{% endfor %} +[ipv6-dhcp] +verbose=1 +{% endif %} diff --git a/data/templates/accel-ppp/config_limits.j2 b/data/templates/accel-ppp/config_limits.j2 new file mode 100644 index 0000000..f10dfcc --- /dev/null +++ b/data/templates/accel-ppp/config_limits.j2 @@ -0,0 +1,12 @@ +{% if limits is vyos_defined %} +[connlimit] +{% if limits.connection_limit is vyos_defined %} +limit={{ limits.connection_limit }} +{% endif %} +{% if limits.burst is vyos_defined %} +burst={{ limits.burst }} +{% endif %} +{% if limits.timeout is vyos_defined %} +timeout={{ limits.timeout }} +{% endif %} +{% endif %}
\ No newline at end of file diff --git a/data/templates/accel-ppp/config_modules_auth_mode.j2 b/data/templates/accel-ppp/config_modules_auth_mode.j2 new file mode 100644 index 0000000..3fb8a01 --- /dev/null +++ b/data/templates/accel-ppp/config_modules_auth_mode.j2 @@ -0,0 +1,5 @@ +{% if authentication.mode is vyos_defined('local') %} +chap-secrets +{% elif authentication.mode is vyos_defined('radius') %} +radius +{% endif %} diff --git a/data/templates/accel-ppp/config_modules_auth_protocols.j2 b/data/templates/accel-ppp/config_modules_auth_protocols.j2 new file mode 100644 index 0000000..2854684 --- /dev/null +++ b/data/templates/accel-ppp/config_modules_auth_protocols.j2 @@ -0,0 +1,10 @@ +{% for protocol in authentication.protocols %} +{# this should be fixed in the CLI by a migrator #} +{% if protocol == 'chap' %} +auth_chap_md5 +{% elif protocol == 'mschap' %} +auth_mschap_v1 +{% else %} +auth_{{ protocol.replace('-', '_') }} +{% endif %} +{% endfor %} diff --git a/data/templates/accel-ppp/config_modules_ipv6.j2 b/data/templates/accel-ppp/config_modules_ipv6.j2 new file mode 100644 index 0000000..6174779 --- /dev/null +++ b/data/templates/accel-ppp/config_modules_ipv6.j2 @@ -0,0 +1,5 @@ +{% if ppp_options.ipv6 is vyos_defined and ppp_options.ipv6 is not vyos_defined('deny') %} +ipv6pool +ipv6_nd +ipv6_dhcp +{% endif %} diff --git a/data/templates/accel-ppp/config_name_server.j2 b/data/templates/accel-ppp/config_name_server.j2 new file mode 100644 index 0000000..9c745fe --- /dev/null +++ b/data/templates/accel-ppp/config_name_server.j2 @@ -0,0 +1,13 @@ +{% if name_server_ipv4 is vyos_defined %} +[dns] +{% for ns in name_server_ipv4 %} +dns{{ loop.index }}={{ ns }} +{% endfor %} +{% endif %} + +{% if name_server_ipv6 is vyos_defined %} +[ipv6-dns] +{% for ns in name_server_ipv6 %} +{{ ns }} +{% endfor %} +{% endif %} diff --git a/data/templates/accel-ppp/config_shaper_radius.j2 b/data/templates/accel-ppp/config_shaper_radius.j2 new file mode 100644 index 0000000..fcd68f6 --- /dev/null +++ b/data/templates/accel-ppp/config_shaper_radius.j2 @@ -0,0 +1,19 @@ +{% if authentication.mode is vyos_defined('radius') or shaper is vyos_defined %} +[shaper] +verbose=1 +down-limiter=tbf +{% if authentication.radius.rate_limit.enable is vyos_defined %} +attr={{ authentication.radius.rate_limit.attribute }} +{% if authentication.radius.rate_limit.vendor is vyos_defined %} +vendor={{ authentication.radius.rate_limit.vendor }} +{% endif %} +{% if authentication.radius.rate_limit.multiplier is vyos_defined %} +rate-multiplier={{ authentication.radius.rate_limit.multiplier }} +{% endif %} +{% endif %} +{% if shaper is vyos_defined %} +{% if shaper.fwmark is vyos_defined %} +fwmark={{ shaper.fwmark }} +{% endif %} +{% endif %} +{% endif %}
\ No newline at end of file diff --git a/data/templates/accel-ppp/config_snmp.j2 b/data/templates/accel-ppp/config_snmp.j2 new file mode 100644 index 0000000..11526dd --- /dev/null +++ b/data/templates/accel-ppp/config_snmp.j2 @@ -0,0 +1,4 @@ +{% if snmp.master_agent is vyos_defined %} +[snmp] +master=1 +{% endif %} diff --git a/data/templates/accel-ppp/config_wins_server.j2 b/data/templates/accel-ppp/config_wins_server.j2 new file mode 100644 index 0000000..23312f9 --- /dev/null +++ b/data/templates/accel-ppp/config_wins_server.j2 @@ -0,0 +1,6 @@ +{% if wins_server is vyos_defined %} +[wins] +{% for server in wins_server %} +wins{{ loop.index }}={{ server }} +{% endfor %} +{% endif %} diff --git a/data/templates/accel-ppp/ipoe.config.j2 b/data/templates/accel-ppp/ipoe.config.j2 new file mode 100644 index 0000000..c898129 --- /dev/null +++ b/data/templates/accel-ppp/ipoe.config.j2 @@ -0,0 +1,104 @@ +{# j2lint: disable=operator-enclosed-by-spaces #} +### generated by ipoe.py ### +[modules] +log_syslog +ipoe +shaper +{# Common authentication backend definitions #} +{% include 'accel-ppp/config_modules_auth_mode.j2' %} +ippool +ipv6pool +ipv6_nd +ipv6_dhcp +{% if snmp is vyos_defined %} +net-snmp +{% endif %} +{% if limits is vyos_defined %} +connlimit +{% endif %} + +[core] +thread-count={{ thread_count }} + +[common] +{% if max_concurrent_sessions is vyos_defined %} +max-starting={{ max_concurrent_sessions }} +{% endif %} + + +[log] +syslog=accel-ipoe,daemon +copy=1 +level=5 + +[ipoe] +verbose=1 +{% if interface is vyos_defined %} +{% for iface, iface_config in interface.items() %} +{% set tmp = 'interface=' %} +{% if iface_config.vlan is vyos_defined %} +{% set tmp = tmp ~ 're:^' ~ iface ~ '\.' ~ iface_config.vlan | range_to_regex ~ '$' %} +{% else %} +{% set tmp = tmp ~ iface %} +{% endif %} +{% set shared = '' %} +{% if iface_config.network is vyos_defined('shared') %} +{% set shared = 'shared=1,' %} +{% elif iface_config.network is vyos_defined('vlan') %} +{% set shared = 'shared=0,' %} +{% endif %} +{% set range = 'range=' ~ iface_config.client_subnet ~ ',' if iface_config.client_subnet is vyos_defined else '' %} +{% set relay = ',' ~ 'relay=' ~ iface_config.external_dhcp.dhcp_relay if iface_config.external_dhcp.dhcp_relay is vyos_defined else '' %} +{% set giaddr = ',' ~ 'giaddr=' ~ iface_config.external_dhcp.giaddr if iface_config.external_dhcp.giaddr is vyos_defined else '' %} +{{ tmp }},{{ shared }}mode={{ iface_config.mode | upper }},ifcfg=1,{{ range }}start=dhcpv4,ipv6=1{{ relay }}{{ giaddr }} +{% if iface_config.vlan is vyos_defined %} +vlan-mon={{ iface }},{{ iface_config.vlan | join(',') }} +{% endif %} +{% endfor %} +{% endif %} +{% if authentication.mode is vyos_defined('noauth') %} +noauth=1 +{% elif authentication.mode is vyos_defined('local') %} +username=ifname +password=csid +{% endif %} +{% if default_pool is vyos_defined %} +ip-pool={{ default_pool }} +{% endif %} +{% if default_ipv6_pool is vyos_defined %} +ipv6-pool={{ default_ipv6_pool }} +ipv6-pool-delegate={{ default_ipv6_pool }} +{% endif %} +{% if gateway_address is vyos_defined %} +{% for gw_addr in gateway_address %} +gw-ip-address={{ gw_addr }} +{% endfor %} +{% endif %} +proxy-arp=1 + +{# Common IP pool definitions #} +{% include 'accel-ppp/config_ip_pool.j2' %} + +{# Common IPv6 pool definitions #} +{% include 'accel-ppp/config_ipv6_pool.j2' %} + +{# Common DNS name-server definition #} +{% include 'accel-ppp/config_name_server.j2' %} + +{# Common chap-secrets and RADIUS server/option definitions #} +{% include 'accel-ppp/config_chap_secrets_radius.j2' %} + +{# Common RADIUS shaper configuration #} +{% include 'accel-ppp/config_shaper_radius.j2' %} + +{# Common Extended scripts configuration #} +{% include 'accel-ppp/config_extended_scripts.j2' %} + +{# Common Limits configuration #} +{% include 'accel-ppp/config_limits.j2' %} + +{# Common SNMP definitions #} +{% include 'accel-ppp/config_snmp.j2' %} + +[cli] +tcp=127.0.0.1:2002 diff --git a/data/templates/accel-ppp/l2tp.config.j2 b/data/templates/accel-ppp/l2tp.config.j2 new file mode 100644 index 0000000..4ce9042 --- /dev/null +++ b/data/templates/accel-ppp/l2tp.config.j2 @@ -0,0 +1,90 @@ +### generated by accel_l2tp.py ### +[modules] +log_syslog +l2tp +shaper +{# Common authentication backend definitions #} +{% include 'accel-ppp/config_modules_auth_mode.j2' %} +ippool +{# Common IPv6 definitions #} +{% include 'accel-ppp/config_modules_ipv6.j2' %} +{# Common authentication protocols (pap, chap ...) #} +{% include 'accel-ppp/config_modules_auth_protocols.j2' %} +{% if snmp is vyos_defined %} +net-snmp +{% endif %} +{% if limits is vyos_defined %} +connlimit +{% endif %} + +[core] +thread-count={{ thread_count }} + +[common] +{% if max_concurrent_sessions is vyos_defined %} +max-starting={{ max_concurrent_sessions }} +{% endif %} + +[log] +syslog=accel-l2tp,daemon +copy=1 +level=5 + +[client-ip-range] +0.0.0.0/0 + +[l2tp] +verbose=1 +ifname=l2tp%d +ppp-max-mtu={{ mtu }} +mppe={{ ppp_options.mppe }} +{% if outside_address is vyos_defined %} +bind={{ outside_address }} +{% endif %} +{% if lns.shared_secret is vyos_defined %} +secret={{ lns.shared_secret }} +{% endif %} +{% if lns.host_name is vyos_defined %} +host-name={{ lns.host_name }} +{% endif %} +{% if default_pool is vyos_defined %} +ip-pool={{ default_pool }} +{% endif %} +{% if default_ipv6_pool is vyos_defined %} +ipv6-pool={{ default_ipv6_pool }} +ipv6-pool-delegate={{ default_ipv6_pool }} +{% endif %} + +{# Common IP pool definitions #} +{% include 'accel-ppp/config_ip_pool.j2' %} + +{# Common IPv6 pool definitions #} +{% include 'accel-ppp/config_ipv6_pool.j2' %} + +{# Common DNS name-server definition #} +{% include 'accel-ppp/config_name_server.j2' %} + +{# Common wins-server definition #} +{% include 'accel-ppp/config_wins_server.j2' %} + +{# Common chap-secrets and RADIUS server/option definitions #} +{% include 'accel-ppp/config_chap_secrets_radius.j2' %} + +{# Common ppp-options definitions #} +{% include 'accel-ppp/ppp-options.j2' %} + +{# Common RADIUS shaper configuration #} +{% include 'accel-ppp/config_shaper_radius.j2' %} + +{# Common Extended scripts configuration #} +{% include 'accel-ppp/config_extended_scripts.j2' %} + +{# Common Limits configuration #} +{% include 'accel-ppp/config_limits.j2' %} + +{# Common SNMP definitions #} +{% include 'accel-ppp/config_snmp.j2' %} + +[cli] +tcp=127.0.0.1:2004 + diff --git a/data/templates/accel-ppp/ppp-options.j2 b/data/templates/accel-ppp/ppp-options.j2 new file mode 100644 index 0000000..f2d2519 --- /dev/null +++ b/data/templates/accel-ppp/ppp-options.j2 @@ -0,0 +1,39 @@ +#ppp options +[ppp] +verbose=1 +check-ip=1 +ccp={{ "0" if ppp_options.disable_ccp is vyos_defined else "1" }} +unit-preallocate={{ "1" if authentication.radius.preallocate_vif is vyos_defined else "0" }} +{% if ppp_options.min_mtu is vyos_defined %} +min-mtu={{ ppp_options.min_mtu }} +{% endif %} +{% if ppp_options.mru is vyos_defined %} +mru={{ ppp_options.mru }} +{% endif %} +mppe={{ ppp_options.mppe }} +lcp-echo-interval={{ ppp_options.lcp_echo_interval }} +lcp-echo-timeout={{ ppp_options.lcp_echo_timeout }} +lcp-echo-failure={{ ppp_options.lcp_echo_failure }} +{% if ppp_options.ipv4 is vyos_defined %} +ipv4={{ ppp_options.ipv4 }} +{% endif %} +{# IPv6 #} +{% if ppp_options.ipv6 is vyos_defined %} +ipv6={{ ppp_options.ipv6 }} +{% if ppp_options.ipv6_interface_id is vyos_defined %} +ipv6-intf-id={{ ppp_options.ipv6_interface_id }} +{% endif %} +{% if ppp_options.ipv6_peer_interface_id is vyos_defined %} +{% if ppp_options.ipv6_peer_interface_id == 'ipv4-addr' %} +ipv6-peer-intf-id=ipv4 +{% else %} +ipv6-peer-intf-id={{ ppp_options.ipv6_peer_interface_id }} +{% endif %} +{% endif %} +ipv6-accept-peer-intf-id={{ "1" if ppp_options.ipv6_accept_peer_interface_id is vyos_defined else "0" }} +{% endif %} +{# MTU #} +mtu={{ mtu }} +{% if ppp_options.interface_cache is vyos_defined %} +unit-cache={{ ppp_options.interface_cache }} +{% endif %} diff --git a/data/templates/accel-ppp/pppoe.config.j2 b/data/templates/accel-ppp/pppoe.config.j2 new file mode 100644 index 0000000..42bc844 --- /dev/null +++ b/data/templates/accel-ppp/pppoe.config.j2 @@ -0,0 +1,123 @@ +### generated by accel_pppoe.py ### +[modules] +log_syslog +pppoe +shaper +{# Common authentication backend definitions #} +{% include 'accel-ppp/config_modules_auth_mode.j2' %} +ippool +{# Common IPv6 definitions #} +{% include 'accel-ppp/config_modules_ipv6.j2' %} +{# Common authentication protocols (pap, chap ...) #} +{% include 'accel-ppp/config_modules_auth_protocols.j2' %} +{% if snmp is vyos_defined %} +net-snmp +{% endif %} +{% if limits is vyos_defined %} +connlimit +{% endif %} +{% if extended_scripts is vyos_defined %} +sigchld +pppd_compat +{% endif %} + +[core] +thread-count={{ thread_count }} + +[log] +syslog=accel-pppoe,daemon +copy=1 +level=5 + +{% if authentication.mode is vyos_defined("noauth") %} +[auth] +noauth=1 +{% endif %} + +[client-ip-range] +0.0.0.0/0 + +[common] +{% if session_control is vyos_defined and session_control is not vyos_defined('disable') %} +single-session={{ session_control }} +{% endif %} +{% if max_concurrent_sessions is vyos_defined %} +max-starting={{ max_concurrent_sessions }} +{% endif %} + +[pppoe] +verbose=1 +ac-name={{ access_concentrator }} +{% if interface is vyos_defined %} +{% for iface, iface_config in interface.items() %} +{% if iface_config.vlan is not vyos_defined %} +interface={{ iface }} +{% else %} +{% for vlan in iface_config.vlan %} +interface=re:^{{ iface }}\.{{ vlan | range_to_regex }}$ +{% endfor %} +vlan-mon={{ iface }},{{ iface_config.vlan | join(',') }} +{% endif %} +{% endfor %} +{% endif %} +{% if service_name %} +service-name={{ service_name | join(',') }} +{% endif %} +{% if pado_delay %} +{% set delay_without_sessions = pado_delay.delays_without_sessions[0] | default('0') %} +{% set pado_delay_param = namespace(value=delay_without_sessions) %} +{% for delay, sessions in pado_delay.delays_with_sessions | sort(attribute='1') %} +{% if not delay == 'disable' %} +{% set pado_delay_param.value = pado_delay_param.value + ',' + delay + ':' + sessions | string %} +{% else %} +{% set pado_delay_param.value = pado_delay_param.value + ',-1:' + sessions | string %} +{% endif %} +{% endfor %} +pado-delay={{ pado_delay_param.value }} +{% endif %} +{% if authentication.radius.called_sid_format is vyos_defined %} +called-sid={{ authentication.radius.called_sid_format }} +{% endif %} +{% if authentication.mode is vyos_defined("noauth") %} +noauth=1 +{% endif %} +{% if default_pool is vyos_defined %} +ip-pool={{ default_pool }} +{% endif %} +{% if default_ipv6_pool is vyos_defined %} +ipv6-pool={{ default_ipv6_pool }} +ipv6-pool-delegate={{ default_ipv6_pool }} +{% endif %} + +{# Common IP pool definitions #} +{% include 'accel-ppp/config_ip_pool.j2' %} + +{# Common IPv6 pool definitions #} +{% include 'accel-ppp/config_ipv6_pool.j2' %} + +{# Common DNS name-server definition #} +{% include 'accel-ppp/config_name_server.j2' %} + +{# Common wins-server definition #} +{% include 'accel-ppp/config_wins_server.j2' %} + +{# Common chap-secrets and RADIUS server/option definitions #} +{% include 'accel-ppp/config_chap_secrets_radius.j2' %} + +{# Common ppp-options definitions #} +{% include 'accel-ppp/ppp-options.j2' %} + +{# Common RADIUS shaper configuration #} +{% include 'accel-ppp/config_shaper_radius.j2' %} + +{# Common Extended scripts configuration #} +{% include 'accel-ppp/config_extended_scripts.j2' %} + +{# Common Limits configuration #} +{% include 'accel-ppp/config_limits.j2' %} + +{# Common SNMP definitions #} +{% include 'accel-ppp/config_snmp.j2' %} + +[cli] +tcp=127.0.0.1:2001 diff --git a/data/templates/accel-ppp/pptp.config.j2 b/data/templates/accel-ppp/pptp.config.j2 new file mode 100644 index 0000000..a04bd40 --- /dev/null +++ b/data/templates/accel-ppp/pptp.config.j2 @@ -0,0 +1,86 @@ +### generated by accel_pptp.py ### +[modules] +log_syslog +pptp +shaper +{# Common authentication backend definitions #} +{% include 'accel-ppp/config_modules_auth_mode.j2' %} +ippool +{# Common IPv6 definitions #} +{% include 'accel-ppp/config_modules_ipv6.j2' %} +{# Common authentication protocols (pap, chap ...) #} +{% include 'accel-ppp/config_modules_auth_protocols.j2' %} +{% if snmp is vyos_defined %} +net-snmp +{% endif %} +{% if limits is vyos_defined %} +connlimit +{% endif %} + +[core] +thread-count={{ thread_count }} + +[common] +{% if max_concurrent_sessions is vyos_defined %} +max-starting={{ max_concurrent_sessions }} +{% endif %} + +[log] +syslog=accel-pptp,daemon +copy=1 +level=5 + +[client-ip-range] +0.0.0.0/0 + +[pptp] +ifname=pptp%d +{% if outside_address is vyos_defined %} +bind={{ outside_address }} +{% endif %} +verbose=1 +ppp-max-mtu={{ mtu }} +mppe={{ authentication.mppe }} +echo-interval=10 +echo-failure=3 +{% if default_pool is vyos_defined %} +ip-pool={{ default_pool }} +{% endif %} +{% if default_ipv6_pool is vyos_defined %} +ipv6-pool={{ default_ipv6_pool }} +ipv6-pool-delegate={{ default_ipv6_pool }} +{% endif %} + +{# Common IP pool definitions #} +{% include 'accel-ppp/config_ip_pool.j2' %} + +{# Common IPv6 pool definitions #} +{% include 'accel-ppp/config_ipv6_pool.j2' %} + +{# Common DNS name-server definition #} +{% include 'accel-ppp/config_name_server.j2' %} + +{# Common wins-server definition #} +{% include 'accel-ppp/config_wins_server.j2' %} + +{# Common chap-secrets and RADIUS server/option definitions #} +{% include 'accel-ppp/config_chap_secrets_radius.j2' %} + +{# Common ppp-options definitions #} +{% include 'accel-ppp/ppp-options.j2' %} + +{# Common RADIUS shaper configuration #} +{% include 'accel-ppp/config_shaper_radius.j2' %} + +{# Common Extended scripts configuration #} +{% include 'accel-ppp/config_extended_scripts.j2' %} + +{# Common Limits configuration #} +{% include 'accel-ppp/config_limits.j2' %} + +{# Common SNMP definitions #} +{% include 'accel-ppp/config_snmp.j2' %} + +[cli] +tcp=127.0.0.1:2003 + diff --git a/data/templates/accel-ppp/sstp.config.j2 b/data/templates/accel-ppp/sstp.config.j2 new file mode 100644 index 0000000..22fb555 --- /dev/null +++ b/data/templates/accel-ppp/sstp.config.j2 @@ -0,0 +1,87 @@ +### generated by vpn_sstp.py ### +[modules] +log_syslog +sstp +shaper +{# Common authentication backend definitions #} +{% include 'accel-ppp/config_modules_auth_mode.j2' %} +ippool +{# Common IPv6 definitions #} +{% include 'accel-ppp/config_modules_ipv6.j2' %} +{# Common authentication protocols (pap, chap ...) #} +{% include 'accel-ppp/config_modules_auth_protocols.j2' %} +{% if snmp is vyos_defined %} +net-snmp +{% endif %} +{% if limits is vyos_defined %} +connlimit +{% endif %} + +[core] +thread-count={{ thread_count }} + +[common] +single-session=replace +{% if max_concurrent_sessions is vyos_defined %} +max-starting={{ max_concurrent_sessions }} +{% endif %} + +[log] +syslog=accel-sstp,daemon +copy=1 +level=5 + +[client-ip-range] +0.0.0.0/0 + +[sstp] +verbose=1 +ifname=sstp%d +port={{ port }} +accept=ssl +ssl-ca-file=/run/accel-pppd/sstp-ca.pem +ssl-pemfile=/run/accel-pppd/sstp-cert.pem +ssl-keyfile=/run/accel-pppd/sstp-cert.key +{% if host_name is vyos_defined %} +host-name={{ host_name }} +{% endif %} +{% if default_pool is vyos_defined %} +ip-pool={{ default_pool }} +{% endif %} +{% if default_ipv6_pool is vyos_defined %} +ipv6-pool={{ default_ipv6_pool }} +ipv6-pool-delegate={{ default_ipv6_pool }} +{% endif %} + +{# Common IP pool definitions #} +{% include 'accel-ppp/config_ip_pool.j2' %} + +{# Common IPv6 pool definitions #} +{% include 'accel-ppp/config_ipv6_pool.j2' %} + +{# Common DNS name-server definition #} +{% include 'accel-ppp/config_name_server.j2' %} + +{# Common wins-server definition #} +{% include 'accel-ppp/config_wins_server.j2' %} + +{# Common chap-secrets and RADIUS server/option definitions #} +{% include 'accel-ppp/config_chap_secrets_radius.j2' %} + +{# Common ppp-options definitions #} +{% include 'accel-ppp/ppp-options.j2' %} + +{# Common RADIUS shaper configuration #} +{% include 'accel-ppp/config_shaper_radius.j2' %} + +{# Common Extended scripts configuration #} +{% include 'accel-ppp/config_extended_scripts.j2' %} + +{# Common Limits configuration #} +{% include 'accel-ppp/config_limits.j2' %} + +{# Common SNMP definitions #} +{% include 'accel-ppp/config_snmp.j2' %} + +[cli] +tcp=127.0.0.1:2005 |