log.info(f"Generating a vpn connection {name} cnfvar")
vpnconn_cnf = template("vpnconn", name, instance=instance,
defaults=vpnconn_defaults, **kwargs)
- if vpnconn_cnf.children.single_with_name("vpnconn_lan_type").value not in ["NIC", "CUSTOM"]:
+
+ if vpnconn_cnf.children.single_with_name("vpnconn_proto").value == "IPSEC":
+ if vpnconn_cnf.children.single_with_name("vpnconn_lan_type").value not in ["NIC", "CUSTOM"]:
+ vpnconn_cnf.children.remove_where(lambda c: c.name == "vpnconn_lan_net")
+ if vpnconn_cnf.children.single_with_name("vpnconn_remote_type").value != "CUSTOM":
+ vpnconn_cnf.children.remove_where(lambda c: c.name == "vpnconn_remote_net")
+ if vpnconn_cnf.children.single_with_name("vpnconn_remote_type").value != "MODECONFIG":
+ vpnconn_cnf.children.remove_where(lambda c: c.name == "vpnconn_remote_modeconfig_ip")
+ elif vpnconn_cnf.children.single_with_name("vpnconn_proto").value == "WIREGUARD":
+ vpnconn_cnf.children.remove_where(
+ lambda c: c.name == "vpnconn_encryption_profile_ref"
+ )
+ vpnconn_cnf.children.remove_where(lambda c: c.name == "vpnconn_ike_version")
+ vpnconn_cnf.children.remove_where(lambda c: c.name == "vpnconn_key_own_ref")
+ vpnconn_cnf.children.remove_where(lambda c: c.name == "vpnconn_key_type")
+ vpnconn_cnf.children.remove_where(lambda c: c.name == "vpnconn_lan_nat_ip")
+ vpnconn_cnf.children.remove_where(
+ lambda c: c.name == "vpnconn_lan_nat_mode"
+ )
+ vpnconn_cnf.children.remove_where(
+ lambda c: c.name == "vpnconn_lan_nat_network"
+ )
+ vpnconn_cnf.children.remove_where(lambda c: c.name == "vpnconn_lan_nic_ref")
vpnconn_cnf.children.remove_where(lambda c: c.name == "vpnconn_lan_net")
- if vpnconn_cnf.children.single_with_name("vpnconn_remote_type").value != "CUSTOM":
+ vpnconn_cnf.children.remove_where(lambda c: c.name == "vpnconn_lan_netmask")
+ vpnconn_cnf.children.remove_where(lambda c: c.name == "vpnconn_lan_type")
+ vpnconn_cnf.children.remove_where(
+ lambda c: c.name == "vpnconn_lifetime_ike"
+ )
+ vpnconn_cnf.children.remove_where(
+ lambda c: c.name == "vpnconn_lifetime_ipsecsa"
+ )
+ vpnconn_cnf.children.remove_where(lambda c: c.name == "vpnconn_peer_dns")
+ vpnconn_cnf.children.remove_where(lambda c: c.name == "vpnconn_peer_ip")
+ vpnconn_cnf.children.remove_where(lambda c: c.name == "vpnconn_peer_type")
+ vpnconn_cnf.children.remove_where(lambda c: c.name == "vpnconn_psk")
+ vpnconn_cnf.children.remove_where(
+ lambda c: c.name == "vpnconn_psk_foreign_id"
+ )
+ vpnconn_cnf.children.remove_where(
+ lambda c: c.name == "vpnconn_psk_foreign_id_type"
+ )
+ vpnconn_cnf.children.remove_where(lambda c: c.name == "vpnconn_psk_own_id")
+ vpnconn_cnf.children.remove_where(
+ lambda c: c.name == "vpnconn_psk_own_id_type"
+ )
+ vpnconn_cnf.children.remove_where(
+ lambda c: c.name == "vpnconn_remote_inet_nat"
+ )
+ vpnconn_cnf.children.remove_where(
+ lambda c: c.name == "vpnconn_remote_nat_enable"
+ )
+ vpnconn_cnf.children.remove_where(
+ lambda c: c.name == "vpnconn_remote_nat_network"
+ )
vpnconn_cnf.children.remove_where(lambda c: c.name == "vpnconn_remote_net")
- if vpnconn_cnf.children.single_with_name("vpnconn_remote_type").value != "MODECONFIG":
- vpnconn_cnf.children.remove_where(lambda c: c.name == "vpnconn_remote_modeconfig_ip")
+ vpnconn_cnf.children.remove_where(
+ lambda c: c.name == "vpnconn_remote_netmask"
+ )
+ vpnconn_cnf.children.remove_where(lambda c: c.name == "vpnconn_remote_type")
+ vpnconn_cnf.children.remove_where(lambda c: c.name == "vpnconn_retries")
+ vpnconn_cnf.children.remove_where(lambda c: c.name == "vpnconn_secured")
+ vpnconn_cnf.children.remove_where(
+ lambda c: c.name == "vpnconn_xauth_server_enable"
+ )
+
return vpnconn_cnf
git://developer.intra2net.com / pyi2ncommon / commitdiff