diff --git a/data/templates/accel-ppp/pppoe.config.tmpl b/data/templates/accel-ppp/pppoe.config.tmpl
index b37004f5b..3e5c64eb8 100644
--- a/data/templates/accel-ppp/pppoe.config.tmpl
+++ b/data/templates/accel-ppp/pppoe.config.tmpl
@@ -1,171 +1,185 @@
### generated by accel_pppoe.py ###
[modules]
log_syslog
pppoe
shaper
{# Common authentication backend definitions #}
{% include 'accel-ppp/config_modules_auth_mode.j2' %}
ippool
{# Common IPv6 definitions #}
{% include 'accel-ppp/config_modules_ipv6.j2' %}
{# Common authentication protocols (pap, chap ...) #}
{% include 'accel-ppp/config_modules_auth_protocols.j2' %}
{% if snmp is defined %}
net-snmp
{% endif %}
{% if limits is defined %}
connlimit
{% endif %}
+{% if extended_scripts is defined %}
+sigchld
+pppd_compat
+{% endif %}
[core]
thread-count={{ thread_count }}
[log]
syslog=accel-pppoe,daemon
copy=1
level=5
{% if snmp is defined and snmp.master_agent is defined %}
[snmp]
master=1
{% endif %}
[client-ip-range]
disable
{# Common IP pool definitions #}
{% include 'accel-ppp/config_ip_pool.j2' %}
{# Common IPv6 pool definitions #}
{% include 'accel-ppp/config_ipv6_pool.j2' %}
{# Common DNS name-server definition #}
{% include 'accel-ppp/config_name_server.j2' %}
{% if wins_server is defined and wins_server is not none %}
[wins]
{% for server in wins_server %}
wins{{ loop.index }}={{ server }}
{% endfor %}
{% endif %}
{# Common chap-secrets and RADIUS server/option definitions #}
{% include 'accel-ppp/config_chap_secrets_radius.j2' %}
{% if session_control is defined and session_control != 'disable' %}
[common]
single-session={{ session_control }}
{% endif %}
[ppp]
verbose=1
check-ip=1
ccp={{ "1" if ppp_options.ccp is defined else "0" }}
unit-preallocate={{ "1" if authentication.radius.preallocate_vif is defined else "0" }}
{% if ppp_options.min_mtu is defined and ppp_options.min_mtu is not none %}
min-mtu={{ ppp_options.min_mtu }}
{% endif %}
{% if ppp_options.mru is defined and ppp_options.mru is not none %}
mru={{ ppp_options.mru }}
{% endif %}
mppe={{ ppp_options.mppe }}
lcp-echo-interval={{ ppp_options.lcp_echo_interval }}
lcp-echo-timeout={{ ppp_options.lcp_echo_timeout }}
lcp-echo-failure={{ ppp_options.lcp_echo_failure }}
{% if ppp_options.ipv4 is defined and ppp_options.ipv4 is not none %}
ipv4={{ ppp_options.ipv4 }}
{% endif %}
{# IPv6 #}
{% if ppp_options.ipv6 is defined and ppp_options.ipv6 is not none %}
ipv6={{ ppp_options.ipv6 }}
{% if ppp_options.ipv6_intf_id is defined and ppp_options.ipv6_intf_id is not none %}
ipv6-intf-id={{ ppp_options.ipv6_intf_id }}
{% endif %}
{% if ppp_options.ipv6_peer_intf_id is defined and ppp_options.ipv6_peer_intf_id is not none %}
ipv6-peer-intf-id={{ ppp_options.ipv6_peer_intf_id }}
{% endif %}
ipv6-accept-peer-intf-id={{ "1" if ppp_options.ipv6_accept_peer_intf_id is defined else "0" }}
{% endif %}
{# MTU #}
mtu={{ mtu }}
{% if ppp_options.interface_cache is defined and ppp_options.interface_cache is not none %}
unit-cache={{ ppp_options.interface_cache }}
{% endif %}
[pppoe]
verbose=1
ac-name={{ access_concentrator }}
{% if interface is defined and interface is not none %}
{% for iface, iface_config in interface.items() %}
{% if iface_config.vlan_id is not defined and iface_config.vlan_range is not defined %}
interface={{ iface }}
{% endif %}
{% if iface_config.vlan_range is defined %}
{% for regex in iface_config.regex %}
interface=re:^{{ iface | replace('.', '\\.') }}\.({{ regex }})$
{% endfor %}
vlan-mon={{ iface }},{{ iface_config.vlan_range | join(',') }}
{% endif %}
{% if iface_config.vlan_id is defined %}
{% for vlan in iface_config.vlan_id %}
vlan-mon={{ iface }},{{ vlan }}
interface=re:^{{ iface | replace('.', '\\.') }}\.{{ vlan }}$
{% endfor %}
{% endif %}
{% endfor %}
{% endif %}
{% if service_name %}
service-name={{ service_name | join(',') }}
{% endif %}
{% if pado_delay %}
{% set pado_delay_param = namespace(value='0') %}
{% for delay in pado_delay|sort(attribute='0') %}
{% if not loop.last %}
{% set pado_delay_param.value = pado_delay_param.value + ',' + delay + ':' + pado_delay[delay].sessions %}
{% else %}
{% set pado_delay_param.value = pado_delay_param.value + ',-1:' + pado_delay[delay].sessions %}
{% endif %}
{% endfor %}
pado-delay={{ pado_delay_param.value }}
{% endif %}
{% if authentication.radius.called_sid_format is defined and authentication.radius.called_sid_format is not none %}
called-sid={{ authentication.radius.called_sid_format }}
{% endif %}
{% if authentication is defined and authentication.mode is defined and authentication.mode == 'local' %}
{% if client_ip_pool is defined and client_ip_pool is not none %}
{% if client_ip_pool.name is defined and client_ip_pool.name is not none %}
{% for pool, pool_config in client_ip_pool.name.items() %}
{% if pool_config.subnet is defined and pool_config.subnet is not none %}
ip-pool={{ pool }}
{% if pool_config.gateway_address is defined and pool_config.gateway_address is not none %}
gw-ip-address={{ pool_config.gateway_address }}/{{ pool_config.subnet.split('/')[1] }}
{% endif %}
{% endif %}
{% endfor %}
{% endif %}
{% endif %}
{% endif %}
{% if limits is defined %}
[connlimit]
{% if limits.connection_limit is defined and limits.connection_limit is not none %}
limit={{ limits.connection_limit }}
{% endif %}
{% if limits.burst is defined and limits.burst %}
burst={{ limits.burst }}
{% endif %}
{% if limits.timeout is defined and limits.timeout is not none %}
timeout={{ limits.timeout }}
{% endif %}
{% endif %}
{# Common RADIUS shaper configuration #}
{% include 'accel-ppp/config_shaper_radius.j2' %}
+{% if extended_scripts is defined %}
+[pppd-compat]
+verbose=1
+radattr-prefix=/run/accel-pppd/radattr
+{% set script_name = {'on_up': 'ip-up', 'on_down': 'ip-down', 'on_change':'ip-change', 'on_pre_up':'ip-pre-up'} %}
+{% for script in extended_scripts %}
+{{ script_name[script] }}={{ extended_scripts[script] }}
+{% endfor %}
+{% endif %}
+
[cli]
tcp=127.0.0.1:2001
diff --git a/interface-definitions/service_pppoe-server.xml.in b/interface-definitions/service_pppoe-server.xml.in
index 65868226b..876aadcf7 100644
--- a/interface-definitions/service_pppoe-server.xml.in
+++ b/interface-definitions/service_pppoe-server.xml.in
@@ -1,347 +1,386 @@
<?xml version="1.0"?>
<interfaceDefinition>
<node name="service">
<children>
<node name="pppoe-server" owner="${vyos_conf_scripts_dir}/service_pppoe-server.py">
<properties>
<help>Point to Point over Ethernet (PPPoE) Server</help>
<priority>900</priority>
</properties>
<children>
#include <include/pppoe-access-concentrator.xml.i>
<leafNode name="access-concentrator">
<defaultValue>vyos-ac</defaultValue>
</leafNode>
<node name="authentication">
<properties>
<help>Authentication for remote access PPPoE Server</help>
</properties>
<children>
#include <include/accel-ppp/auth-local-users.xml.i>
#include <include/accel-ppp/auth-mode.xml.i>
#include <include/accel-ppp/auth-protocols.xml.i>
#include <include/radius-server-ipv4.xml.i>
#include <include/accel-ppp/radius-additions.xml.i>
<node name="radius">
<children>
#include <include/accel-ppp/radius-additions-rate-limit.xml.i>
<leafNode name="called-sid-format">
<properties>
<help>Format of Called-Station-Id attribute</help>
<completionHelp>
<list>ifname ifname:mac</list>
</completionHelp>
<constraint>
<regex>^(ifname|ifname:mac)$</regex>
</constraint>
<constraintErrorMessage>Invalid Called-Station-Id format</constraintErrorMessage>
<valueHelp>
<format>ifname</format>
<description>NAS-Port-Id - should contain root interface name (NAS-Port-Id=eth1)</description>
</valueHelp>
<valueHelp>
<format>ifname:mac</format>
<description>NAS-Port-Id - should contain root interface name and mac address (NAS-Port-Id=eth1:00:00:00:00:00:00)</description>
</valueHelp>
</properties>
</leafNode>
</children>
</node>
</children>
</node>
<node name="client-ip-pool">
<properties>
<help>Pool of client IP addresses (must be within a /24)</help>
</properties>
<children>
#include <include/accel-ppp/client-ip-pool-start-stop.xml.i>
#include <include/accel-ppp/client-ip-pool-subnet.xml.i>
#include <include/accel-ppp/client-ip-pool-name.xml.i>
</children>
</node>
#include <include/accel-ppp/client-ipv6-pool.xml.i>
#include <include/name-server-ipv4-ipv6.xml.i>
<tagNode name="interface">
<properties>
<help>interface(s) to listen on</help>
<completionHelp>
<script>${vyos_completion_dir}/list_interfaces.py</script>
</completionHelp>
</properties>
<children>
<leafNode name="vlan-id">
<properties>
<help>VLAN monitor for the automatic creation of single vlan</help>
<valueHelp>
<format>u32:1-4094</format>
<description>VLAN monitor for the automatic creation of single vlan</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 1-4094"/>
</constraint>
<constraintErrorMessage>VLAN ID needs to be between 1 and 4094</constraintErrorMessage>
<multi/>
</properties>
</leafNode>
<leafNode name="vlan-range">
<properties>
<help>VLAN monitor for the automatic creation of vlans range</help>
<valueHelp>
<format>start-end</format>
<description>VLAN monitor range for the automatic creation of vlans (e.g. 1-4094)</description>
</valueHelp>
<constraint>
<validator name="range" argument="--min=1 --max=4094"/>
</constraint>
<multi/>
</properties>
</leafNode>
</children>
</tagNode>
#include <include/accel-ppp/gateway-address.xml.i>
#include <include/accel-ppp/mtu-128-16384.xml.i>
<node name="limits">
<properties>
<help>Limits the connection rate from a single source</help>
</properties>
<children>
<leafNode name="connection-limit">
<properties>
<help>Acceptable rate of connections (e.g. 1/min, 60/sec)</help>
<constraint>
<regex>[0-9]+\/(min|sec)$</regex>
</constraint>
<constraintErrorMessage>illegal value</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="burst">
<properties>
<help>Burst count</help>
</properties>
</leafNode>
<leafNode name="timeout">
<properties>
<help>Timeout in seconds</help>
</properties>
</leafNode>
</children>
</node>
<leafNode name="service-name">
<properties>
<help>Service name</help>
<constraint>
<regex>[a-zA-Z0-9\-]{1,100}</regex>
</constraint>
<constraintErrorMessage>Service-name can contain aplhanumerical characters and dashes only (max. 100)</constraintErrorMessage>
<multi/>
</properties>
</leafNode>
#include <include/accel-ppp/wins-server.xml.i>
<node name="ppp-options">
<properties>
<help>Advanced protocol options</help>
</properties>
<children>
<leafNode name="min-mtu">
<properties>
<help>Minimum acceptable MTU (68-65535)</help>
<constraint>
<validator name="numeric" argument="--range 68-65535"/>
</constraint>
</properties>
<defaultValue>1280</defaultValue>
</leafNode>
<leafNode name="mru">
<properties>
<help>Preferred MRU (68-65535)</help>
<constraint>
<validator name="numeric" argument="--range 68-65535"/>
</constraint>
</properties>
</leafNode>
<leafNode name="ccp">
<properties>
<help>CCP negotiation (default disabled)</help>
<valueless />
</properties>
</leafNode>
#include <include/accel-ppp/ppp-mppe.xml.i>
#include <include/accel-ppp/lcp-echo-interval-failure.xml.i>
#include <include/accel-ppp/lcp-echo-timeout.xml.i>
#include <include/accel-ppp/ppp-interface-cache.xml.i>
<leafNode name="ipv4">
<properties>
<help>IPv4 (IPCP) negotiation algorithm</help>
<constraint>
<regex>^(deny|allow|prefer|require)$</regex>
</constraint>
<constraintErrorMessage>invalid value</constraintErrorMessage>
<valueHelp>
<format>deny</format>
<description>Do not negotiate IPv4</description>
</valueHelp>
<valueHelp>
<format>allow</format>
<description>Negotiate IPv4 only if client requests</description>
</valueHelp>
<valueHelp>
<format>prefer</format>
<description>Ask client for IPv4 negotiation, do not fail if it rejects</description>
</valueHelp>
<valueHelp>
<format>require</format>
<description>Require IPv4 negotiation</description>
</valueHelp>
<completionHelp>
<list>deny allow prefer require</list>
</completionHelp>
</properties>
</leafNode>
<leafNode name="ipv6">
<properties>
<help>IPv6 (IPCP6) negotiation algorithm</help>
<constraint>
<regex>^(deny|allow|prefer|require)$</regex>
</constraint>
<constraintErrorMessage>invalid value</constraintErrorMessage>
<valueHelp>
<format>deny</format>
<description>Do not negotiate IPv6</description>
</valueHelp>
<valueHelp>
<format>allow</format>
<description>Negotiate IPv6 only if client requests</description>
</valueHelp>
<valueHelp>
<format>prefer</format>
<description>Ask client for IPv6 negotiation, do not fail if it rejects</description>
</valueHelp>
<valueHelp>
<format>require</format>
<description>Require IPv6 negotiation</description>
</valueHelp>
<completionHelp>
<list>deny allow prefer require</list>
</completionHelp>
</properties>
</leafNode>
<leafNode name="ipv6-intf-id">
<properties>
<help>Fixed or random interface identifier for IPv6</help>
<completionHelp>
<list>random</list>
</completionHelp>
<valueHelp>
<format>random</format>
<description>Random interface identifier for IPv6</description>
</valueHelp>
<valueHelp>
<format>x:x:x:x</format>
<description>specify interface identifier for IPv6</description>
</valueHelp>
</properties>
</leafNode>
<leafNode name="ipv6-peer-intf-id">
<properties>
<help>Peer interface identifier for IPv6</help>
<completionHelp>
<list>random calling-sid ipv4</list>
</completionHelp>
<valueHelp>
<format>x:x:x:x</format>
<description>Interface identifier for IPv6</description>
</valueHelp>
<valueHelp>
<format>random</format>
<description>Use a random interface identifier for IPv6</description>
</valueHelp>
<valueHelp>
<format>ipv4</format>
<description>Calculate interface identifier from IPv4 address, for example 192:168:0:1</description>
</valueHelp>
<valueHelp>
<format>calling-sid</format>
<description>Calculate interface identifier from calling-station-id</description>
</valueHelp>
</properties>
</leafNode>
<leafNode name="ipv6-accept-peer-intf-id">
<properties>
<help>Accept peer interface identifier</help>
<valueless />
</properties>
</leafNode>
</children>
</node>
<tagNode name="pado-delay">
<properties>
<help>PADO delays</help>
<valueHelp>
<format>u32:1-999999</format>
<description>Number in ms</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 1-999999"/>
</constraint>
<constraintErrorMessage>Invalid PADO delay</constraintErrorMessage>
</properties>
<children>
<leafNode name="sessions">
<properties>
<help>Number of sessions</help>
<valueHelp>
<format>u32:1-999999</format>
<description>Number of sessions</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 1-999999"/>
</constraint>
<constraintErrorMessage>Invalid number of delayed sessions</constraintErrorMessage>
</properties>
</leafNode>
</children>
</tagNode>
<leafNode name="session-control">
<properties>
<help>control sessions count</help>
<constraint>
<regex>^(deny|disable|replace)$</regex>
</constraint>
<constraintErrorMessage>Invalid value</constraintErrorMessage>
<valueHelp>
<format>disable</format>
<description>Disables session control</description>
</valueHelp>
<valueHelp>
<format>deny</format>
<description>Deny second session authorization</description>
</valueHelp>
<valueHelp>
<format>replace</format>
<description>Terminate first session when second is authorized</description>
</valueHelp>
<completionHelp>
<list>deny disable replace</list>
</completionHelp>
</properties>
<defaultValue>replace</defaultValue>
</leafNode>
#include <include/accel-ppp/shaper.xml.i>
<node name="snmp">
<properties>
<help>Enable SNMP</help>
</properties>
<children>
<leafNode name="master-agent">
<properties>
<help>enable SNMP master agent mode</help>
<valueless />
</properties>
</leafNode>
</children>
</node>
+ <node name="extended-scripts">
+ <properties>
+ <help>Extended script execution</help>
+ </properties>
+ <children>
+ <leafNode name="on-pre-up">
+ <properties>
+ <help>Script to run before PPPoE session interface comes up</help>
+ <constraint>
+ <validator name="script"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ <leafNode name="on-up">
+ <properties>
+ <help>Script to run when PPPoE session interface is completely configured and started</help>
+ <constraint>
+ <validator name="script"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ <leafNode name="on-down">
+ <properties>
+ <help>Script to run when PPPoE session interface going to terminate</help>
+ <constraint>
+ <validator name="script"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ <leafNode name="on-change">
+ <properties>
+ <help>Script to run when PPPoE session interface changed by RADIUS CoA handling</help>
+ <constraint>
+ <validator name="script"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ </children>
+ </node>
</children>
</node>
</children>
</node>
</interfaceDefinition>