From 1f501dc38464b45873c4ee00d38ff84a514a9d04 Mon Sep 17 00:00:00 2001 From: Tomoyuki Sahara Date: Mon, 22 Apr 2024 18:35:03 +0900 Subject: [PATCH] =?UTF-8?q?interface=20pppac=20max-session=20=E3=81=AE=20"?= =?UTF-8?q?unlimit"=20=E3=81=AF=20"none"=20=E3=81=AB=E5=A4=89=E6=8F=9B?= =?UTF-8?q?=E3=81=99=E3=82=8B=E3=80=82?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit なおデフォルト値が unlimit(=none) から 1024 に変更されているため、 必要に応じて none を明示する。 --- seil2recipe.js | 27 ++++++++++++++++++++++++- test/test.js | 53 ++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 79 insertions(+), 1 deletion(-) diff --git a/seil2recipe.js b/seil2recipe.js index 482eab3..a8cc9ee 100644 --- a/seil2recipe.js +++ b/seil2recipe.js @@ -147,6 +147,7 @@ class Note { this.memo.set('ike.peer.dynamic', []); this.memo.set('ike.preshared-key', {}); this.memo.set('interface.l2tp.tunnel', {}); + this.memo.set('interface.pppac.max-session', new Map()); this.memo.set('interface.router-advertisements', []); this.memo.set('qos.class', { 'default': 'root' }); this.memo.set('resolver.address', []); @@ -606,6 +607,7 @@ const CompatibilityList = { 'ipsec security-association add ... ipv6': [ 0, 1 ], 'interface ... add dhcp6': [ 0, 1 ], 'interface ... add router-advertisement(s)': [ 0, 1 ], + 'interface pppac max-session unlimit': [ 0, 1 ], 'nat6': [ 0, 1 ], 'option ip fragment-requeueing off': [ 0, 1 ], 'option ip monitor-linkstate off': [ 0, 1 ], @@ -2358,6 +2360,10 @@ Converter.rules['interface'] = { conv.param2recipe(protocol, 'sstp-keepalive-timeout', `${k1}.sstp.keepalive.timeout`); conv.param2recipe(protocol, 'tcp-mss-adjust', `${k1}.sstp.tcp-mss-adjust`, on2enable); } + + if (!conv.get_memo('interface.pppac.max-session').has(ifname)) { + conv.get_memo('interface.pppac.max-session').set(ifname, 'default'); + } }, 'description': (conv, tokens) => { @@ -2458,7 +2464,16 @@ Converter.rules['interface'] = { // interface max-session 'max-session': (conv, tokens) => { const ifname = conv.ifmap(tokens[1]); - conv.add(`interface.${ifname}.max-session`, tokens[3]); + const num = tokens[3]; + + conv.get_memo('interface.pppac.max-session').set(ifname, num); + if (num == 'unlimit') { + if (!conv.missing('interface pppac max-session unlimit')) { + conv.add(`interface.${ifname}.max-session`, 'none'); + } + } else { + conv.add(`interface.${ifname}.max-session`, num); + } }, 'mdi': 'deprecated', @@ -2732,6 +2747,16 @@ Converter.rules['interface'] = { }, }; +Converter.defer((conv) => { + if (!conv.missing('interface pppac max-session unlimit', true)) { + conv.get_memo('interface.pppac.max-session').forEach((num, ifname) => { + if (num == 'default') { + conv.add(`interface.${ifname}.max-session`, 'none'); + } + }); + } +}); + function ike_peer(conv, prefix, peer, if_prefix) { const prefix_ike = if_prefix ? `${prefix}.ike` : prefix; const prefix_proposal = if_prefix ? `${prefix}.ike.proposal.phase1` : `${prefix}.proposal`; diff --git a/test/test.js b/test/test.js index 8786310..d146e84 100644 --- a/test/test.js +++ b/test/test.js @@ -159,6 +159,7 @@ describe('authentication+pppac', () => { interface.pppac0.l2tp.idle-timer: 123 interface.pppac0.l2tp.ipsec.preshared-key: SecretKey interface.pppac0.l2tp.service: enable + interface.pppac0.max-session: none interface.pppac1.authentication.100.type: radius interface.pppac1.authentication.100.radius.authentication-server.100.address: 172.17.0.1 interface.pppac1.authentication.100.radius.authentication-server.100.port: 1814 @@ -177,6 +178,7 @@ describe('authentication+pppac', () => { interface.pppac1.l2tp.idle-timer: 123 interface.pppac1.l2tp.ipsec.preshared-key: SecretKey interface.pppac1.l2tp.service: enable + interface.pppac1.max-session: none interface.pppac2.authentication.100.type: account-list interface.pppac2.authentication.100.account-list.interval: 123 interface.pppac2.authentication.100.account-list.url: http://example.jp/ @@ -189,6 +191,7 @@ describe('authentication+pppac', () => { interface.pppac2.l2tp.idle-timer: 123 interface.pppac2.l2tp.ipsec.preshared-key: SecretKey interface.pppac2.l2tp.service: enable + interface.pppac2.max-session: none `); }); }); @@ -1830,6 +1833,7 @@ describe('pppac', () => { interface.pppac0.l2tp.authentication.200.method: chap interface.pppac0.l2tp.ipsec.preshared-key: foobar interface.pppac0.l2tp.service: enable + interface.pppac0.max-session: none `); }); @@ -1848,6 +1852,7 @@ describe('pppac', () => { interface pppac0 ipcp-configuration IPCP5L interface pppac0 bind-tunnel-protocol PROTO5L interface pppac0 bind-realm REALM5L + interface pppac0 max-session unlimit interface pppac0 tunnel-end-address 192.168.0.1 interface pppac0 user-max-session 5 interface pppac1 ipcp-configuration IPCP5A @@ -1868,6 +1873,7 @@ describe('pppac', () => { interface.pppac0.l2tp.authentication.300.method: mschapv2 interface.pppac0.l2tp.ipsec.requirement: optional interface.pppac0.l2tp.service: enable + interface.pppac0.max-session: none interface.pppac0.user-max-session: 5 interface.pppac1.authentication.100.type: account-list interface.pppac1.authentication.100.account-list.url: http://a.example.jp/ @@ -1879,9 +1885,55 @@ describe('pppac', () => { interface.pppac1.l2tp.authentication.100.method: mschapv2 interface.pppac1.l2tp.ipsec.requirement: optional interface.pppac1.l2tp.service: enable + interface.pppac1.max-session: none `); }); + it('max-session & user-max-session', () => { + // seil3 -> seil8 + assertconv(` + interface pppac0 max-session 123 + --- + interface.pppac0.max-session: 123 + `); + + // seil3 unlimit -> seil8 none + assertconv(` + interface pppac0 max-session unlimit + --- + interface.pppac0.max-session: none + `); + + // seil3 system-default = seil8 none + assertconv(` + pppac protocol l2tp add FOO accept-interface lan0 authentication-method pap + interface pppac0 bind-tunnel-protocol FOO + --- + interface.pppac0.l2tp.accept.100.interface: ge1 + interface.pppac0.l2tp.authentication.100.method: pap + interface.pppac0.l2tp.ipsec.requirement: optional + interface.pppac0.l2tp.service: enable + interface.pppac0.max-session: none + `); + + // seil3 unlimit -> seil6 (not supported) + assertconv(` + interface pppac0 max-session unlimit + --- + `, 'w2'); + + // seil3 system-default -> seil6 default (=256) + assertconv(` + pppac protocol l2tp add FOO6 accept-interface lan1 authentication-method pap + interface pppac0 bind-tunnel-protocol FOO6 + --- + interface.pppac0.l2tp.accept.100.interface: ge0 + interface.pppac0.l2tp.authentication.100.method: pap + interface.pppac0.l2tp.ipsec.requirement: optional + interface.pppac0.l2tp.service: enable + `, 'w2'); + }); + it('sstp server', () => { assertconv(` certificate my add CS certificate "CERT" private-key "KEY" @@ -1900,6 +1952,7 @@ describe('pppac', () => { interface.pppac0.ipcp.pool.100.address: 192.168.128.0 interface.pppac0.ipcp.pool.100.count: 256 interface.pppac0.ipv4.address: 192.168.127.1 + interface.pppac0.max-session: none interface.pppac0.sstp.accept.100.interface: ge0 interface.pppac0.sstp.authentication.100.method: pap interface.pppac0.sstp.authentication.200.method: chap