diff options
author | Renato Botelho <renato@netgate.com> | 2016-09-01 09:23:16 -0300 |
---|---|---|
committer | Renato Botelho <renato@netgate.com> | 2016-09-01 09:23:16 -0300 |
commit | 2c0a3677de6b69ba4934ec5125775565bebb3ac9 (patch) | |
tree | 736b8bc3546e587307355595e246f92f79101b3d | |
parent | de6457345617a6518e58f3ebafa706948534b11a (diff) | |
download | pfsense-2c0a3677de6b69ba4934ec5125775565bebb3ac9.zip pfsense-2c0a3677de6b69ba4934ec5125775565bebb3ac9.tar.gz |
Convert PPPoE Server code to mpd5
-rw-r--r-- | src/etc/inc/vpn.inc | 135 |
1 files changed, 51 insertions, 84 deletions
diff --git a/src/etc/inc/vpn.inc b/src/etc/inc/vpn.inc index 46a1dad..1291c40 100644 --- a/src/etc/inc/vpn.inc +++ b/src/etc/inc/vpn.inc @@ -1580,44 +1580,53 @@ function vpn_pppoe_configure(&$pppoecfg) { printf(gettext("Error: cannot open mpd.conf in vpn_pppoe_configure().") . "\n"); return 1; } - $mpdconf = "\n\n"; - $mpdconf .= "poes:\n"; - for ($i = 0; $i < $pppoecfg['n_pppoe_units']; $i++) { - $mpdconf .= " load poes{$pppoecfg['pppoeid']}{$i}\n"; + $issue_ip_type = "set ipcp ranges {$pppoecfg['localip']}/32 "; + if (isset($pppoecfg['radius']['radiusissueips']) && isset($pppoecfg['radius']['server']['enable'])) { + $issue_ip_type .= "0.0.0.0/0"; + } else { + $issue_ip_type .= "ippool p0"; } - for ($i = 0; $i < $pppoecfg['n_pppoe_units']; $i++) { - - $clientip = ip_after($pppoecfg['remoteip'], $i); - - if (isset($pppoecfg['radius']['radiusissueips']) && isset($pppoecfg['radius']['server']['enable'])) { - $issue_ip_type = "set ipcp ranges {$pppoecfg['localip']}/32 0.0.0.0/0"; - } else { - $issue_ip_type = "set ipcp ranges {$pppoecfg['localip']}/32 {$clientip}/32"; - } - - $mpdconf .=<<<EOD - -poes{$pppoecfg['pppoeid']}{$i}: - new -i poes{$pppoecfg['pppoeid']}{$i} poes{$pppoecfg['pppoeid']}{$i} poes{$pppoecfg['pppoeid']}{$i} - {$issue_ip_type} - load pppoe_standard + $ippool_p0 = ip_after($pppoecfg['remoteip'], $pppoecfg['n_pppoe_units'] - 1); -EOD; - } if (is_numeric($pppoecfg['n_pppoe_maxlogin']) && ($pppoecfg['n_pppoe_maxlogin'] > 0)) { $pppoemaxlogins = $pppoecfg['n_pppoe_maxlogin']; } else { $pppoemaxlogins = 1; } - $mpdconf .=<<<EOD + $ipcp_dns = ''; + if (!empty($pppoecfg['dns1'])) { + $ipcp_dns = "set ipcp dns " . $pppoecfg['dns1']; + if (!empty($pppoecfg['dns2'])) { + $ipcp_dns .= " " . $pppoecfg['dns2']; + } + } elseif (isset($config['dnsmasq']['enable']) || + isset ($config['unbound']['enable'])) { + $ipcp_dns = "set ipcp dns " . get_interface_ip("lan"); + if ($syscfg['dnsserver'][0]) { + $ipcp_dns .= " " . $syscfg['dnsserver'][0]; + } + } elseif (is_array($syscfg['dnsserver']) && + ($syscfg['dnsserver'][0])) { + $ipcp_dns = "set ipcp dns " . join(" ", $syscfg['dnsserver']); + } -pppoe_standard: - set bundle no multilink + $mpdconf = <<<EOD +startup: + +poes: + set ippool add p0 {$pppoecfg['remoteip']} {$ippool_p0} + + create bundle template poes_b set bundle enable compression - set auth max-logins {$pppoemaxlogins} + + set ccp yes mppc + set mppc yes e40 + set mppc yes e128 + set mppc yes stateless + set iface up-script /usr/local/sbin/vpn-linkup set iface down-script /usr/local/sbin/vpn-linkdown set iface idle 0 @@ -1625,45 +1634,29 @@ pppoe_standard: set iface disable proxy-arp set iface enable tcpmssfix set iface mtu 1500 + + set ipcp no vjcomp + {$issue_ip_type} + {$ipcp_dns} + + create link template poes_l pppoe + set link action bundle poes_b + + set auth max-logins {$pppoemaxlogins} + + set pppoe iface {$pppoe_interface} + + set link no multilink set link no pap chap {$paporchap} set link keep-alive 60 180 - set ipcp yes vjcomp - set ipcp no vjcomp set link max-redial -1 - set link mtu 1492 set link mru 1492 - set ccp yes mpp-e40 - set ccp yes mpp-e128 - set ccp yes mpp-stateless set link latency 1 - #set ipcp dns 10.10.1.3 - #set bundle accept encryption + set link enable incoming EOD; - if (!empty($pppoecfg['dns1'])) { - $mpdconf .= " set ipcp dns " . $pppoecfg['dns1']; - if (!empty($pppoecfg['dns2'])) { - $mpdconf .= " " . $pppoecfg['dns2']; - } - $mpdconf .= "\n"; - } elseif (isset ($config['dnsmasq']['enable'])) { - $mpdconf .= " set ipcp dns " . get_interface_ip("lan"); - if ($syscfg['dnsserver'][0]) { - $mpdconf .= " " . $syscfg['dnsserver'][0]; - } - $mpdconf .= "\n"; - } elseif (isset ($config['unbound']['enable'])) { - $mpdconf .= " set ipcp dns " . get_interface_ip("lan"); - if ($syscfg['dnsserver'][0]) { - $mpdconf .= " " . $syscfg['dnsserver'][0]; - } - $mpdconf .= "\n"; - } elseif (is_array($syscfg['dnsserver']) && ($syscfg['dnsserver'][0])) { - $mpdconf .= " set ipcp dns " . join(" ", $syscfg['dnsserver']) . "\n"; - } - if (isset ($pppoecfg['radius']['server']['enable'])) { $radiusport = ""; $radiusacctport = ""; @@ -1687,7 +1680,7 @@ EOD; EOD; } - if (isset($pppoecfg['radius']['nasip'])) { + if (!empty($pppoecfg['radius']['nasip'])) { $mpdconf .= "\tset radius me {$pppoecfg['radius']['nasip']}\n"; } } @@ -1696,32 +1689,6 @@ EOD; fclose($fd); unset($mpdconf); - /* write mpd.links */ - $fd = fopen("{$g['varetc_path']}/pppoe{$pppoecfg['pppoeid']}-vpn/mpd.links", "w"); - if (!$fd) { - printf(gettext("Error: cannot open mpd.links in vpn_pppoe_configure().") . "\n"); - return 1; - } - - $mpdlinks = ""; - - for ($i = 0; $i < $pppoecfg['n_pppoe_units']; $i++) { - $mpdlinks .=<<<EOD - -poes{$pppoecfg['pppoeid']}{$i}: - set phys type pppoe - set pppoe iface {$pppoe_interface} - set pppoe service "*" - set pppoe disable originate - set pppoe enable incoming - -EOD; - } - - fwrite($fd, $mpdlinks); - fclose($fd); - unset($mpdlinks); - if ($pppoecfg['username']) { /* write mpd.secret */ $fd = fopen("{$g['varetc_path']}/pppoe{$pppoecfg['pppoeid']}-vpn/mpd.secret", "w"); @@ -1754,7 +1721,7 @@ EOD; /* Get support for netgraph(4) from the nic */ pfSense_ngctl_attach(".", $pppoe_interface); /* fire up mpd */ - mwexec("/usr/local/sbin/mpd4 -b -d {$g['varetc_path']}/pppoe{$pppoecfg['pppoeid']}-vpn -p {$g['varrun_path']}/pppoe{$pppoecfg['pppoeid']}-vpn.pid -s poes poes"); + mwexec("/usr/local/sbin/mpd5 -b -d {$g['varetc_path']}/pppoe{$pppoecfg['pppoeid']}-vpn -p {$g['varrun_path']}/pppoe{$pppoecfg['pppoeid']}-vpn.pid -s poes poes"); break; } |