Commit 17a78ef3 authored by David Johnson's avatar David Johnson

Add compression/encryption params, and agg uplink options.

parent 8176c1cd
......@@ -71,16 +71,20 @@ cd $EASY_RSA
# Setup some openvpn config file lines from our parameters.
#
CONFIG_COMPRESS="comp-lzo no"
if [ "$DO_COMPRESSION" = "1" ]; then
if [ -z "$VPN_COMPRESSION" -o "$VPN_COMPRESSION" = "none" ]; then
CONFIG_COMPRESS="comp-lzo no"
elif [ "$VPN_COMPRESSION" = "yes" ]; then
CONFIG_COMPRESS="comp-lzo yes"
elif [ -n "$DO_COMPRESSION" ]; then
CONFIG_COMPRESS="comp-lzo $DO_COMPRESSION"
elif [ -n "$VPN_COMPRESSION" ]; then
CONFIG_COMPRESS="comp-lzo $VPN_COMPRESSION"
fi
CONFIG_CRYPT="cipher none"
if [ "$DO_ENCRYPTION" = "1" ]; then
if [ -z "$VPN_CIPHER" -o "$VPN_CIPHER" = "none" ]; then
CONFIG_CRYPT="cipher none"
elif [ "$VPN_CIPHER" = "yes" ]; then
CONFIG_CRYPT="cipher AES-128-CBC"
elif [ -n "$DO_ENCRYPTION" ]; then
CONFIG_CRYPT="cipher $DO_ENCRYPTION"
elif [ -n "$VPN_CIPHER" ]; then
CONFIG_CRYPT="cipher $VPN_CIPHER"
fi
if [ ! -f $OURDIR/vpn-server-done ]; then
......
......@@ -234,12 +234,25 @@ pc.defineParameter(
"numAggregates","Number Aggregates",portal.ParameterType.INTEGER,2,
longDescription="The number of aggregates.")
pc.defineParameter(
"aggregatesPerHost","Aggregates per Host",portal.ParameterType.INTEGER,3,
"aggregatesPerHost","Aggregates per Host",portal.ParameterType.INTEGER,4,
longDescription="Number of Aggregates per physical host.")
pc.defineParameter(
"aggregateSubnetBitSize","Aggregate Subnet Bit Size",
portal.ParameterType.INTEGER,29,
longDescription="Aggregate subnet bit size.")
pc.defineParameter(
"aggUplinksAreLANs","Aggregate Uplinks are LANs",
portal.ParameterType.BOOLEAN,True,
longDescription="Set true if each aggregate uplink is just a member of a big LAN; false if you want each aggregate to uplink router connection to be its own private link.")
pc.defineParameter(
"vpnCompression","VPN Compression",portal.ParameterType.STRING,"none",
[("none","none"),("yes","yes")],
longDescription="Compression type.")
pc.defineParameter(
"vpnCipher","VPN Cipher",portal.ParameterType.STRING,"none",
[("none","none"),("yes","yes"),("AES-128-CBC","AES-128-CBC"),
("AES-256-CBC","AES-256-CBC"),("AES-256-GCM","AES-256-GCM")],
longDescription="Cipher string. Defaults to AES-128-CBC if 'yes'.")
pc.defineParameter(
"virtualizeAllFixedNodes","Virtualize all Fixed Nodes",
portal.ParameterType.BOOLEAN,False,
......@@ -318,6 +331,8 @@ clientvars.addVariable("VPNTYPE",params.vpnType)
clientvars.addVariable("VPN_NETWORK","192.168.254.0")
clientvars.addVariable("VPN_MASK","255.255.255.0")
clientvars.addVariable("VPN_BITS",24)
clientvars.addVariable("VPN_COMPRESSION",params.vpnCompression)
clientvars.addVariable("VPN_CIPHER",params.vpnCipher)
# Create a Request object to start building the RSpec.
request = pc.makeRequestRSpec()
......@@ -531,17 +546,28 @@ for aggName in sorted(aggNodes.keys()):
# that host each aggregate.
#
for uplink in ["wifi","mobile"]:
for aggName in sorted(aggNodes.keys()):
vhost = aggToVhostMap[aggName]
upnode = nodes[uplink]
lanlink = pg.Link("%s%slink" % (aggName,uplink))
uiface = upnode.addInterface("if%d" % (nextIfaceNum(upnode.client_id)))
viface = vhost.addInterface("if%d" % (nextIfaceNum(vhost.client_id)))
upnode = nodes[uplink]
upname = upnode.client_id
if params.aggUplinksAreLANs:
lanlink = pg.Link("%s%slanlink" % (vhostname,uplink))
uiface = upnode.addInterface("if%d" % (nextIfaceNum(upname)))
lanlink.addInterface(uiface)
lanlink.addInterface(viface)
for (vhostname,vhost) in agghosts.iteritems():
viface = vhost.addInterface("if%d" % (nextIfaceNum(vhostname)))
lanlink.addInterface(viface)
applyGenericNetworkSettings(lanlink)
privlinks.append(lanlink)
ipaPrivate.request_network(lanlink.client_id,2)
ipaPrivate.request_network(lanlink.client_id,len(lanlink.interfaces))
else:
for (vhostname,vhost) in agghosts.iteritems():
lanlink = pg.Link("%s%slanlink" % (vhostname,uplink))
uiface = upnode.addInterface("if%d" % (nextIfaceNum(upname)))
viface = vhost.addInterface("if%d" % (nextIfaceNum(vhostname)))
lanlink.addInterface(uiface)
lanlink.addInterface(viface)
applyGenericNetworkSettings(lanlink)
privlinks.append(lanlink)
ipaPrivate.request_network(lanlink.client_id,2)
pass
#
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment