summaryrefslogtreecommitdiff
path: root/interface-definitions
diff options
context:
space:
mode:
Diffstat (limited to 'interface-definitions')
-rw-r--r--interface-definitions/include/interface-ipv4.xml.i11
-rw-r--r--interface-definitions/include/interface-ipv6.xml.i10
-rw-r--r--interface-definitions/interfaces-tunnel.xml.in9
-rw-r--r--interface-definitions/ssh.xml.in32
4 files changed, 51 insertions, 11 deletions
diff --git a/interface-definitions/include/interface-ipv4.xml.i b/interface-definitions/include/interface-ipv4.xml.i
new file mode 100644
index 000000000..15932a9d3
--- /dev/null
+++ b/interface-definitions/include/interface-ipv4.xml.i
@@ -0,0 +1,11 @@
+<node name="ip">
+ <properties>
+ <help>IPv4 routing parameters</help>
+ </properties>
+ <children>
+ #include <include/interface-disable-arp-filter.xml.i>
+ #include <include/interface-enable-arp-accept.xml.i>
+ #include <include/interface-enable-arp-announce.xml.i>
+ #include <include/interface-enable-arp-ignore.xml.i>
+ </children>
+</node>
diff --git a/interface-definitions/include/interface-ipv6.xml.i b/interface-definitions/include/interface-ipv6.xml.i
new file mode 100644
index 000000000..23362f75a
--- /dev/null
+++ b/interface-definitions/include/interface-ipv6.xml.i
@@ -0,0 +1,10 @@
+<node name="ipv6">
+ <properties>
+ <help>IPv6 routing parameters</help>
+ </properties>
+ <children>
+ #include <include/ipv6-address.xml.i>
+ #include <include/ipv6-disable-forwarding.xml.i>
+ #include <include/ipv6-dup-addr-detect-transmits.xml.i>
+ </children>
+</node>
diff --git a/interface-definitions/interfaces-tunnel.xml.in b/interface-definitions/interfaces-tunnel.xml.in
index a38a73e15..64520ce99 100644
--- a/interface-definitions/interfaces-tunnel.xml.in
+++ b/interface-definitions/interfaces-tunnel.xml.in
@@ -22,13 +22,8 @@
#include <include/interface-disable-link-detect.xml.i>
#include <include/interface-vrf.xml.i>
#include <include/interface-mtu-64-8024.xml.i>
- <node name="ipv6">
- <children>
- #include <include/ipv6-address.xml.i>
- #include <include/ipv6-disable-forwarding.xml.i>
- #include <include/ipv6-dup-addr-detect-transmits.xml.i>
- </children>
- </node>
+ #include <include/interface-ipv4.xml.i>
+ #include <include/interface-ipv6.xml.i>
<leafNode name="local-ip">
<properties>
<help>Local IP address for this tunnel</help>
diff --git a/interface-definitions/ssh.xml.in b/interface-definitions/ssh.xml.in
index 4e8cf28eb..1b20f5776 100644
--- a/interface-definitions/ssh.xml.in
+++ b/interface-definitions/ssh.xml.in
@@ -76,8 +76,12 @@
<properties>
<help>Allowed ciphers</help>
<completionHelp>
- <script>ssh -Q cipher | tr '\n' ' '</script>
+ <!-- generated by ssh -Q cipher | tr '\n' ' ' as this will not change dynamically -->
+ <list>3des-cbc aes128-cbc aes192-cbc aes256-cbc rijndael-cbc@lysator.liu.se aes128-ctr aes192-ctr aes256-ctr aes128-gcm@openssh.com aes256-gcm@openssh.com chacha20-poly1305@openssh.com</list>
</completionHelp>
+ <constraint>
+ <regex>^(3des-cbc|aes128-cbc|aes192-cbc|aes256-cbc|rijndael-cbc@lysator.liu.se|aes128-ctr|aes192-ctr|aes256-ctr|aes128-gcm@openssh.com|aes256-gcm@openssh.com|chacha20-poly1305@openssh.com)$</regex>
+ </constraint>
<multi/>
</properties>
</leafNode>
@@ -97,9 +101,13 @@
<properties>
<help>Allowed key exchange (KEX) algorithms</help>
<completionHelp>
- <script>ssh -Q kex | tr '\n' ' '</script>
+ <!-- generated by ssh -Q kex | tr '\n' ' ' as this will not change dynamically -->
+ <list>diffie-hellman-group1-sha1 diffie-hellman-group14-sha1 diffie-hellman-group14-sha256 diffie-hellman-group16-sha512 diffie-hellman-group18-sha512 diffie-hellman-group-exchange-sha1 diffie-hellman-group-exchange-sha256 ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521 curve25519-sha256 curve25519-sha256@libssh.org</list>
</completionHelp>
<multi/>
+ <constraint>
+ <regex>^(diffie-hellman-group1-sha1|diffie-hellman-group14-sha1|diffie-hellman-group14-sha256|diffie-hellman-group16-sha512|diffie-hellman-group18-sha512|diffie-hellman-group-exchange-sha1|diffie-hellman-group-exchange-sha256|ecdh-sha2-nistp256|ecdh-sha2-nistp384|ecdh-sha2-nistp521|curve25519-sha256|curve25519-sha256@libssh.org)$</regex>
+ </constraint>
</properties>
</leafNode>
<leafNode name="listen-address">
@@ -123,6 +131,9 @@
<leafNode name="loglevel">
<properties>
<help>Log level</help>
+ <completionHelp>
+ <list>QUIET FATAL ERROR INFO VERBOSE</list>
+ </completionHelp>
<valueHelp>
<format>QUIET</format>
<description>stay silent</description>
@@ -143,14 +154,22 @@
<format>VERBOSE</format>
<description>enable logging of failed login attempts</description>
</valueHelp>
+ <constraint>
+ <regex>^(QUIET|FATAL|ERROR|INFO|VERBOSE)$</regex>
+ </constraint>
</properties>
+ <defaultValue>INFO</defaultValue>
</leafNode>
<leafNode name="mac">
<properties>
<help>Allowed message authentication code (MAC) algorithms</help>
<completionHelp>
- <script>ssh -Q mac | tr '\n' ' '</script>
+ <!-- generated by ssh -Q mac | tr '\n' ' ' as this will not change dynamically -->
+ <list>hmac-sha1 hmac-sha1-96 hmac-sha2-256 hmac-sha2-512 hmac-md5 hmac-md5-96 umac-64@openssh.com umac-128@openssh.com hmac-sha1-etm@openssh.com hmac-sha1-96-etm@openssh.com hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com hmac-md5-etm@openssh.com hmac-md5-96-etm@openssh.com umac-64-etm@openssh.com umac-128-etm@openssh.com</list>
</completionHelp>
+ <constraint>
+ <regex>^(hmac-sha1|hmac-sha1-96|hmac-sha2-256|hmac-sha2-512|hmac-md5|hmac-md5-96|umac-64@openssh.com|umac-128@openssh.com|hmac-sha1-etm@openssh.com|hmac-sha1-96-etm@openssh.com|hmac-sha2-256-etm@openssh.com|hmac-sha2-512-etm@openssh.com|hmac-md5-etm@openssh.com|hmac-md5-96-etm@openssh.com|umac-64-etm@openssh.com|umac-128-etm@openssh.com)$</regex>
+ </constraint>
<multi/>
</properties>
</leafNode>
@@ -166,10 +185,15 @@
<validator name="numeric" argument="--range 1-65535"/>
</constraint>
</properties>
+ <defaultValue>22</defaultValue>
</leafNode>
<leafNode name="client-keepalive-interval">
<properties>
- <help>how often send keep alives in seconds</help>
+ <help>Enable transmission of keepalives from server to client</help>
+ <valueHelp>
+ <format>1-65535</format>
+ <description>Time interval in seconds for keepalive message</description>
+ </valueHelp>
<constraint>
<validator name="numeric" argument="--range 1-65535"/>
</constraint>