From a477b2a889ecf730c8a93c7f4663fd70c40c1d9f Mon Sep 17 00:00:00 2001
From: chirac <chirac@re2o-services.crans.org>
Date: Sun, 8 Jul 2018 20:31:04 +0200
Subject: [PATCH] Gestion igmp et mld par vlans

---
 main.py          |  5 ++++-
 templates/hp.tpl | 19 +++++++++++++++++++
 2 files changed, 23 insertions(+), 1 deletion(-)

diff --git a/main.py b/main.py
index b9f9d5a..1d34073 100755
--- a/main.py
+++ b/main.py
@@ -68,13 +68,16 @@ class Switch:
         arp_protect_vlans = [vlan["vlan_id"] for vlan in self.all_vlans if vlan["arp_protect"]]
         dhcp_snooping_vlans = [vlan["vlan_id"] for vlan in  self.all_vlans if vlan["dhcp_snooping"]]
         dhcpv6_snooping_vlans = [vlan["vlan_id"] for vlan in self.all_vlans if vlan["dhcpv6_snooping"]]
+        igmp_vlans = [vlan["vlan_id"] for vlan in self.all_vlans if vlan["igmp"]]
+        mld_vlans = [vlan["vlan_id"] for vlan in self.all_vlans if vlan["mld"]]
         ntp_servers = [server["servers"] for server in self.all_roles if server["role_type"] == "ntp-server"][0]
         log_servers = [server["servers"] for server in self.all_roles if server["role_type"] == "log-server"][0]
         dhcp_servers = [server["servers"] for server in self.all_roles if server["role_type"] == "dhcp"][0]
+        radius_servers = [server["servers"] for server in self.all_roles if server["role_type"] == "radius-server"][0]
         ra_guarded = [str(port['port']) for port in self.switch['ports'] if port['get_port_profil']['ra_guard']]
         loop_protected = [str(port['port']) for port in self.switch['ports'] if port['get_port_profil']['loop_protect']]
 
-        self.additionals =  {'ra_guarded' : ra_guarded, 'loop_protected' : loop_protected, 'vlans' : vlans, 'arp_protect_vlans' : arp_protect_vlans, 'dhcp_snooping_vlans' : dhcp_snooping_vlans, 'dhcpv6_snooping_vlans' : dhcpv6_snooping_vlans, 'ntp_servers': ntp_servers, 'log_servers': log_servers, 'dhcp_servers' : dhcp_servers}
+        self.additionals =  {'ra_guarded' : ra_guarded, 'loop_protected' : loop_protected, 'vlans' : vlans, 'arp_protect_vlans' : arp_protect_vlans, 'dhcp_snooping_vlans' : dhcp_snooping_vlans, 'dhcpv6_snooping_vlans' : dhcpv6_snooping_vlans, 'ntp_servers': ntp_servers, 'log_servers': log_servers, 'dhcp_servers' : dhcp_servers, 'radius_servers' : radius_servers, 'igmp_vlans' : igmp_vlans, 'mld_vlans': mld_vlans}
 
 
     def gen_conf_hp(self):
diff --git a/templates/hp.tpl b/templates/hp.tpl
index fc825b9..9e35d54 100644
--- a/templates/hp.tpl
+++ b/templates/hp.tpl
@@ -62,6 +62,15 @@ vlan {{ id }}
    {%- else %}
    no ipv6 enable
    {%- endif %}
+   {%- if id in additionals.igmp_vlans %}
+   ip igmp
+   no ip igmp querier
+   {%- endif %}
+   {%- if id in additionals.mld_vlans %}
+   no ipv6 mld querier
+   ipv6 mld version 1
+   ipv6 mld enable
+   {%- endif %}
 exit
 {%- endfor %}
 ;--- Accès d'administration ---
@@ -81,6 +90,16 @@ loop-protect disable-timer 30
 loop-protect transmit-interval 3
 loop-protect {{ additionals.loop_protected|join(' ') }}
 {%- endif %}
+;--- Serveurs Radius 
+radius-server dead-time 2
+{%- for server in additionals.radius_servers %}
+{%- for interface in server.interface %}
+{%- if switch.subnet.0.vlan_id == interface.vlan_id %}
+radius-server host {{ interface.ipv4 }} key "plop"
+radius-server host {{ interface.ipv4 }} dyn-authorization
+{%- endif %}
+{%- endfor %}
+{%- endfor %}
 radius-server dyn-autz-port 3799
 ;--- Filtrage mac ---
 aaa port-access mac-based addr-format multi-colon