From adf81b8b3a5ac5f2cab4d7381265f01dba2c4968 Mon Sep 17 00:00:00 2001
From: chirac <chirac@re2o-services.crans.org>
Date: Sun, 8 Jul 2018 19:26:06 +0200
Subject: [PATCH] =?UTF-8?q?Authorisation=20des=20ip=20des=20dhcp=20l=C3=A9?=
 =?UTF-8?q?gitimes?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 main.py          | 3 ++-
 templates/hp.tpl | 5 +++++
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/main.py b/main.py
index 697aaf3..03bcb72 100755
--- a/main.py
+++ b/main.py
@@ -66,8 +66,9 @@ def preprocess(switch):
     dhcpv6_snooping_vlans = [vlan["vlan_id"] for vlan in all_vlans if vlan["dhcpv6_snooping"]]
     ntp_servers = [server["servers"] for server in all_roles if server["role_type"] == "ntp-server"][0]
     log_servers = [server["servers"] for server in all_roles if server["role_type"] == "log-server"][0]
+    dhcp_servers = [server["servers"] for server in all_roles if server["role_type"] == "dhcp"][0]
 
-    return {'ra_guarded' : ra_guarded, 'loop_protected' : loop_protected, 'vlans' : vlans, 'arp_protect_vlans' : arp_protect_vlans, 'dhcp_snooping_vlans' : dhcp_snooping_vlans, 'dhcpv6_snooping_vlans' : dhcpv6_snooping_vlans, 'ntp_servers': ntp_servers, 'log_servers': log_servers}
+    return {'ra_guarded' : ra_guarded, 'loop_protected' : loop_protected, 'vlans' : vlans, 'arp_protect_vlans' : arp_protect_vlans, 'dhcp_snooping_vlans' : dhcp_snooping_vlans, 'dhcpv6_snooping_vlans' : dhcpv6_snooping_vlans, 'ntp_servers': ntp_servers, 'log_servers': log_servers, 'dhcp_servers' : dhcp_servers}
 
 print("gen tpl")
 conf = template.render(switch=all_switchs[2], additionals=preprocess(all_switchs[2]))
diff --git a/templates/hp.tpl b/templates/hp.tpl
index 90c9f20..fc825b9 100644
--- a/templates/hp.tpl
+++ b/templates/hp.tpl
@@ -88,6 +88,11 @@ aaa port-access mac-based addr-format multi-colon
 no cdp run
 {%- if additionals.dhcp_snooping_vlans %}
 ;--- DHCP Snooping ---
+{%- for server in additionals.dhcp_servers %}
+{%- for interface in server.interface %}
+dhcp-snooping authorized-server {{ interface.ipv4 }}
+{%- endfor %}
+{%- endfor %}
 dhcp-snooping vlan {{ additionals.dhcp_snooping_vlans|join(' ') }}
 dhcp-snooping
 {%- endif %}