vpn: port pppoe server to mpd5

The local IP isn't used anywhere and the remote subnet assignment
also seems off, but since this works I'll leave it for somebody
else to maintain when it's moved to the plugins.

src/etc/inc/filter.inc

@@ -989,7 +989,7 @@ function filter_generate_optcfg_array()
         $oic['virtual'] = true;
         $FilterIflist['l2tp'] = $oic;
     }
-    if (isset($config['pppoes']['pppoe']) && is_array($config['pppoes']['pppoe']) && (count($config['pppoes']['pppoe']) > 0)) {
+    if (isset($config['pppoes']['pppoe'])) {
         $pppoeifs = array();
         foreach($config['pppoes']['pppoe'] as $pppoe) {
             if ($pppoe['mode'] == "server") {

src/etc/inc/plugins.inc.d/vpn.inc

@@ -167,19 +167,13 @@ EOD;
                     $mpdconf .= " " . $pptpdcfg['dns2'];
                 }
                 $mpdconf .= "\n";
-            } elseif (isset($config['dnsmasq']['enable'])) {
-                $mpdconf .= "  set ipcp dns " . get_interface_ip("lan");
-                if ($syscfg['dnsserver'][0]) {
-                    $mpdconf .= " " . $syscfg['dnsserver'][0];
-                }
-                $mpdconf .= "\n";
-            } elseif (isset($config['unbound']['enable'])) {
+            } elseif (isset($config['dnsmasq']['enable']) || isset($config['unbound']['enable'])) {
                 $mpdconf .= "  set ipcp dns " . get_interface_ip("lan");
-                if ($syscfg['dnsserver'][0]) {
+                if (isset($syscfg['dnsserver'][0])) {
                     $mpdconf .= " " . $syscfg['dnsserver'][0];
                 }
                 $mpdconf .= "\n";
-            } elseif (is_array($syscfg['dnsserver']) && ($syscfg['dnsserver'][0])) {
+            } elseif (isset($syscfg['dnsserver'][0])) {
                 $mpdconf .= "  set ipcp dns " . join(" ", $syscfg['dnsserver']) . "\n";
             }
 
@@ -353,39 +347,21 @@ function vpn_pppoe_configure(&$pppoecfg)
                 printf(gettext("Error: cannot open mpd.conf in vpn_pppoe_configure().") . "\n");
                 return 1;
             }
-            $mpdconf = "\n\n";
-            $mpdconf .= "poes:\n";
-
-            for ($i = 0; $i < $pppoecfg['n_pppoe_units']; $i++) {
-                $mpdconf .= "  load poes{$pppoecfg['pppoeid']}{$i}\n";
-            }
 
-            for ($i = 0; $i < $pppoecfg['n_pppoe_units']; $i++) {
+            $iprange = $pppoecfg['remoteip'] . ' ';
+            $iprange .= long2ip32(ip2long($pppoecfg['remoteip']) + $pppoecfg['n_pppoe_units'] - 1);
 
-                $clientip = long2ip32(ip2long($pppoecfg['remoteip']) + $i);
-
-                if (isset($pppoecfg['radius']['radiusissueips']) && isset($pppoecfg['radius']['server']['enable'])) {
-                    $isssue_ip_type = "set ipcp ranges {$pppoecfg['localip']}/32 0.0.0.0/0";
-                } else {
-                    $isssue_ip_type = "set ipcp ranges {$pppoecfg['localip']}/32 {$clientip}/32";
-                }
-
-                $mpdconf .=<<<EOD
-
-poes{$pppoecfg['pppoeid']}{$i}:
-  new -i poes{$pppoecfg['pppoeid']}{$i} poes{$pppoecfg['pppoeid']}{$i} poes{$pppoecfg['pppoeid']}{$i}
-  {$isssue_ip_type}
-  load pppoe_standard
-
-EOD;
+            $iptype = 'ippool pool1';
+            if (isset($pppoecfg['radius']['server']['enable']) && isset($pppoecfg['radius']['radiusissueips'])) {
+                $iptype = '0.0.0.0/0';
             }
 
-            $mpdconf .=<<<EOD
+            $mpdconf = <<<EOD
+startup:
 
-pppoe_standard:
-  set bundle no multilink
-  set bundle enable compression
-  set auth max-logins 1
+poes:
+  set ippool add pool1 {$iprange}
+  create bundle template B
   set iface up-script /usr/local/sbin/vpn-linkup
   set iface down-script /usr/local/sbin/vpn-linkdown
   set iface idle 0
@@ -393,18 +369,8 @@ pppoe_standard:
   set iface disable proxy-arp
   set iface enable tcpmssfix
   set iface mtu 1500
-  set link no pap chap eap
-  set link enable chap
-  set link keep-alive 60 180
-  set ipcp yes vjcomp
   set ipcp no vjcomp
-  set link max-redial -1
-  set link mtu 1492
-  set link mru 1492
-  set ccp yes mpp-e40
-  set ccp yes mpp-e128
-  set ccp yes mpp-stateless
-  set link latency 1
+  set ipcp ranges {$pppoecfg['localip']}/32 {$iptype}
 
 EOD;
 
@@ -414,22 +380,42 @@ EOD;
                     $mpdconf .= " " . $pppoecfg['dns2'];
                 }
                 $mpdconf .= "\n";
-            } elseif (isset($config['dnsmasq']['enable'])) {
-                $mpdconf .= "  set ipcp dns " . get_interface_ip("lan");
-                if ($syscfg['dnsserver'][0]) {
-                    $mpdconf .= " " . $syscfg['dnsserver'][0];
-                }
-                $mpdconf .= "\n";
-            } elseif (isset($config['unbound']['enable'])) {
+            } elseif (isset($config['dnsmasq']['enable']) || isset($config['unbound']['enable'])) {
                 $mpdconf .= "  set ipcp dns " . get_interface_ip("lan");
-                if ($syscfg['dnsserver'][0]) {
+                if (isset($syscfg['dnsserver'][0])) {
                     $mpdconf .= " " . $syscfg['dnsserver'][0];
                 }
                 $mpdconf .= "\n";
-            } elseif (is_array($syscfg['dnsserver']) && ($syscfg['dnsserver'][0])) {
+            } elseif (isset($syscfg['dnsserver'][0])) {
                 $mpdconf .= "  set ipcp dns " . join(" ", $syscfg['dnsserver']) . "\n";
             }
 
+            $mpdconf .= <<<EOD
+
+  set bundle enable compression
+  set ccp yes mppc
+  set mppc yes e40
+  set mppc yes e128
+  set mppc yes stateless
+
+  create link template L pppoe
+  set link action bundle B
+  set link no multilink
+  set link disable pap
+  set link disable eap
+  set link enable chap
+  set link keep-alive 10 60
+  set link max-redial -1
+  set link mtu 1492
+  set link mru 1492
+  set link latency 1
+  set pppoe service pppoe{$pppoecfg['pppoeid']}
+  set pppoe iface {$pppoe_interface}
+  set link enable incoming
+  set auth max-logins 1
+
+EOD;
+
             if (isset($pppoecfg['radius']['server']['enable'])) {
                 $radiusport = "";
                 $radiusacctport = "";
@@ -459,32 +445,6 @@ EOD;
             fclose($fd);
             unset($mpdconf);
 
-            /* write mpd.links */
-            $fd = fopen("/var/etc/pppoe{$pppoecfg['pppoeid']}-vpn/mpd.links", "w");
-            if (!$fd) {
-                printf(gettext("Error: cannot open mpd.links in vpn_pppoe_configure().") . "\n");
-                return 1;
-            }
-
-            $mpdlinks = "";
-
-            for ($i = 0; $i < $pppoecfg['n_pppoe_units']; $i++) {
-                $mpdlinks .=<<<EOD
-
-poes{$pppoecfg['pppoeid']}{$i}:
-  set phys type pppoe
-  set pppoe iface {$pppoe_interface}
-  set pppoe service "*"
-  set pppoe disable originate
-  set pppoe enable incoming
-
-EOD;
-            }
-
-            fwrite($fd, $mpdlinks);
-            fclose($fd);
-            unset($mpdlinks);
-
             if ($pppoecfg['username']) {
                 /* write mpd.secret */
                 $fd = fopen("/var/etc/pppoe{$pppoecfg['pppoeid']}-vpn/mpd.secret", "w");

src/www/vpn_pppoe_edit.php

@@ -140,16 +140,12 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
             $input_errors[] = gettext("A valid RADIUS server address must be specified.");
         }
 
-        $pconfig['remoteip'] = gen_subnet($pconfig['remoteip'], $pconfig['pppoe_subnet']);
         $subnet_start = ip2ulong($pconfig['remoteip']);
         $subnet_end = ip2ulong($pconfig['remoteip']) + $pconfig['pppoe_subnet'] - 1;
         if ((ip2ulong($pconfig['localip']) >= $subnet_start) &&
             (ip2ulong($pconfig['localip']) <= $subnet_end)) {
             $input_errors[] = gettext("The specified server address lies in the remote subnet.");
         }
-        if ($pconfig['localip'] == get_interface_ip($pconfig['interface'])) {
-            $input_errors[] = gettext("The specified server address is equal to an interface ip address.");
-        }
     }
 
     if (!empty($pconfig['pppoeid']) && !is_numeric($_POST['pppoeid'])) {
@@ -305,18 +301,11 @@ legacy_html_escape_form_data($pconfig);
                     </td>
                   </tr>
                   <tr>
-                    <td><a id="help_for_pppoe_subnet" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Subnet netmask"); ?></td>
+                    <td><a id="help_for_localip" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Server address"); ?></td>
                     <td>
-                      <select id="pppoe_subnet" name="pppoe_subnet">
-<?php
-                      for ($x=0; $x<33; $x++):?>
-                        <option value="<?=$x;?>" <?=$x == $pconfig['pppoe_subnet'] ? "selected=\"selected\"" : "" ;?>>
-                            <?=$x;?>
-<?php
-                      endfor;?>
-                      </select>
-                      <div class="hidden" for="help_for_pppoe_subnet">
-                        <?=gettext("Hint: 24 is 255.255.255.0"); ?>
+                      <input name="localip" type="text" value="<?=$pconfig['localip'];?>" />
+                      <div class="hidden" for="help_for_localip">
+                        <?=gettext("Enter the IP address the PPPoE server should give to clients for use as their \"gateway\"."); ?>
                       </div>
                     </td>
                   </tr>
@@ -338,25 +327,27 @@ legacy_html_escape_form_data($pconfig);
                     </td>
                   </tr>
                   <tr>
-                    <td><a id="help_for_localip" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Server address"); ?></td>
+                    <td><a id="help_for_remoteip" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Remote address range"); ?></td>
                     <td>
-                      <input name="localip" type="text" value="<?=$pconfig['localip'];?>" />
-                      <div class="hidden" for="help_for_localip">
-                        <?=gettext("Enter the IP address the PPPoE server should give to clients for use as their \"gateway\"."); ?>
-                        <br />
-                        <?=gettext("Typically this is set to an unused IP just outside of the client range."); ?>
-                        <br />
-                        <br />
-                        <?=gettext("NOTE: This should NOT be set to any IP address currently in use on this firewall."); ?>
+                      <input name="remoteip" type="text" value="<?=$pconfig['remoteip'];?>" />
+                      <div class="hidden" for="help_for_remoteip">
+                        <?=gettext("Specify the starting address for the client IP address subnet."); ?>
                       </div>
                     </td>
                   </tr>
                   <tr>
-                    <td><a id="help_for_remoteip" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Remote address range"); ?></td>
+                    <td><a id="help_for_pppoe_subnet" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Subnet netmask"); ?></td>
                     <td>
-                      <input name="remoteip" type="text" value="<?=$pconfig['remoteip'];?>" />
-                      <div class="hidden" for="help_for_remoteip">
-                        <?=gettext("Specify the starting address for the client IP address subnet."); ?>
+                      <select id="pppoe_subnet" name="pppoe_subnet">
+<?php
+                      for ($x=0; $x<33; $x++):?>
+                        <option value="<?=$x;?>" <?=$x == $pconfig['pppoe_subnet'] ? "selected=\"selected\"" : "" ;?>>
+                            <?=$x;?>
+<?php
+                      endfor;?>
+                      </select>
+                      <div class="hidden" for="help_for_pppoe_subnet">
+                        <?=gettext("Hint: 24 is 255.255.255.0"); ?>
                       </div>
                     </td>
                   </tr>