diff options
Diffstat (limited to 'interface-definitions')
-rw-r--r-- | interface-definitions/cron.xml.in | 3 | ||||
-rw-r--r-- | interface-definitions/include/ssh-group.xml.i | 12 | ||||
-rw-r--r-- | interface-definitions/include/ssh-user.xml.i | 12 | ||||
-rw-r--r-- | interface-definitions/include/vpn-ipsec-encryption.xml.i | 462 | ||||
-rw-r--r-- | interface-definitions/include/vpn-ipsec-hash.xml.i | 128 | ||||
-rw-r--r-- | interface-definitions/interfaces-ethernet.xml.in | 8 | ||||
-rw-r--r-- | interface-definitions/interfaces-vti.xml.in | 1 | ||||
-rw-r--r-- | interface-definitions/interfaces-wirelessmodem.xml.in | 83 | ||||
-rw-r--r-- | interface-definitions/interfaces-wwan.xml.in | 45 | ||||
-rw-r--r-- | interface-definitions/ssh.xml.in | 49 | ||||
-rw-r--r-- | interface-definitions/vpn_ipsec.xml.in | 2 |
11 files changed, 376 insertions, 429 deletions
diff --git a/interface-definitions/cron.xml.in b/interface-definitions/cron.xml.in index ad2cb36ad..58dcf64ac 100644 --- a/interface-definitions/cron.xml.in +++ b/interface-definitions/cron.xml.in @@ -1,7 +1,4 @@ <?xml version="1.0"?> - -<!-- Cron configuration --> - <interfaceDefinition> <node name="system"> <children> diff --git a/interface-definitions/include/ssh-group.xml.i b/interface-definitions/include/ssh-group.xml.i new file mode 100644 index 000000000..9c8b8692f --- /dev/null +++ b/interface-definitions/include/ssh-group.xml.i @@ -0,0 +1,12 @@ +<!-- include start from ssh-group.xml.i --> +<leafNode name="group"> + <properties> + <help>Allow members of a group to login</help> + <constraint> + <regex>[a-z_][a-z0-9_-]{1,31}[$]?</regex> + </constraint> + <constraintErrorMessage>illegal characters or more than 32 characters</constraintErrorMessage> + <multi/> + </properties> +</leafNode> +<!-- include end --> diff --git a/interface-definitions/include/ssh-user.xml.i b/interface-definitions/include/ssh-user.xml.i new file mode 100644 index 000000000..677602dd8 --- /dev/null +++ b/interface-definitions/include/ssh-user.xml.i @@ -0,0 +1,12 @@ +<!-- include start from ssh-user.xml.i --> +<leafNode name="user"> + <properties> + <help>Allow specific users to login</help> + <constraint> + <regex>[a-z_][a-z0-9_-]{1,31}[$]?</regex> + </constraint> + <constraintErrorMessage>illegal characters or more than 32 characters</constraintErrorMessage> + <multi/> + </properties> +</leafNode> +<!-- include end --> diff --git a/interface-definitions/include/vpn-ipsec-encryption.xml.i b/interface-definitions/include/vpn-ipsec-encryption.xml.i index 041ba9902..9ef2f7c90 100644 --- a/interface-definitions/include/vpn-ipsec-encryption.xml.i +++ b/interface-definitions/include/vpn-ipsec-encryption.xml.i @@ -1,233 +1,233 @@ <!-- include start from vpn-ipsec-encryption.xml.i --> - <leafNode name="encryption"> - <properties> - <help>Encryption algorithm</help> - <completionHelp> - <list>null aes128 aes192 aes256 aes128ctr aes192ctr aes256ctr aes128ccm64 aes192ccm64 aes256ccm64 aes128ccm96 aes192ccm96 aes256ccm96 aes128ccm128 aes192ccm128 aes256ccm128 aes128gcm64 aes192gcm64 aes256gcm64 aes128gcm96 aes192gcm96 aes256gcm96 aes128gcm128 aes192gcm128 aes256gcm128 aes128gmac aes192gmac aes256gmac 3des blowfish128 blowfish192 blowfish256 camellia128 camellia192 camellia256 camellia128ctr camellia192ctr camellia256ctr camellia128ccm64 camellia192ccm64 camellia256ccm64 camellia128ccm96 camellia192ccm96 camellia256ccm96 camellia128ccm128 camellia192ccm128 camellia256ccm128 serpent128 serpent192 serpent256 twofish128 twofish192 twofish256 cast128 chacha20poly1305</list> - </completionHelp> - <valueHelp> - <format>null</format> - <description>Null encryption</description> - </valueHelp> - <valueHelp> - <format>aes128</format> - <description>128 bit AES-CBC (default)</description> - </valueHelp> - <valueHelp> - <format>aes192</format> - <description>192 bit AES-CBC</description> - </valueHelp> - <valueHelp> - <format>aes256</format> - <description>256 bit AES-CBC</description> - </valueHelp> - <valueHelp> - <format>aes128ctr</format> - <description>128 bit AES-COUNTER</description> - </valueHelp> - <valueHelp> - <format>aes192ctr</format> - <description>192 bit AES-COUNTER</description> - </valueHelp> - <valueHelp> - <format>aes256ctr</format> - <description>256 bit AES-COUNTER</description> - </valueHelp> - <valueHelp> - <format>aes128ccm64</format> - <description>128 bit AES-CCM with 64 bit ICV</description> - </valueHelp> - <valueHelp> - <format>aes192ccm64</format> - <description>192 bit AES-CCM with 64 bit ICV</description> - </valueHelp> - <valueHelp> - <format>aes256ccm64</format> - <description>256 bit AES-CCM with 64 bit ICV</description> - </valueHelp> - <valueHelp> - <format>aes128ccm96</format> - <description>128 bit AES-CCM with 96 bit ICV</description> - </valueHelp> - <valueHelp> - <format>aes192ccm96</format> - <description>192 bit AES-CCM with 96 bit ICV</description> - </valueHelp> - <valueHelp> - <format>aes256ccm96</format> - <description>256 bit AES-CCM with 96 bit ICV</description> - </valueHelp> - <valueHelp> - <format>aes128ccm128</format> - <description>128 bit AES-CCM with 128 bit ICV</description> - </valueHelp> - <valueHelp> - <format>aes192ccm128</format> - <description>192 bit AES-CCM with 128 bit IC</description> - </valueHelp> - <valueHelp> - <format>aes256ccm128</format> - <description>256 bit AES-CCM with 128 bit ICV</description> - </valueHelp> - <valueHelp> - <format>aes128gcm64</format> - <description>128 bit AES-GCM with 64 bit ICV</description> - </valueHelp> - <valueHelp> - <format>aes192gcm64</format> - <description>192 bit AES-GCM with 64 bit ICV</description> - </valueHelp> - <valueHelp> - <format>aes256gcm64</format> - <description>256 bit AES-GCM with 64 bit ICV</description> - </valueHelp> - <valueHelp> - <format>aes128gcm96</format> - <description>128 bit AES-GCM with 96 bit ICV</description> - </valueHelp> - <valueHelp> - <format>aes192gcm96</format> - <description>192 bit AES-GCM with 96 bit ICV</description> - </valueHelp> - <valueHelp> - <format>aes256gcm96</format> - <description>256 bit AES-GCM with 96 bit ICV</description> - </valueHelp> - <valueHelp> - <format>aes128gcm128</format> - <description>128 bit AES-GCM with 128 bit ICV</description> - </valueHelp> - <valueHelp> - <format>aes192gcm128</format> - <description>192 bit AES-GCM with 128 bit ICV</description> - </valueHelp> - <valueHelp> - <format>aes256gcm128</format> - <description>256 bit AES-GCM with 128 bit ICV</description> - </valueHelp> - <valueHelp> - <format>aes128gmac</format> - <description>Null encryption with 128 bit AES-GMAC</description> - </valueHelp> - <valueHelp> - <format>aes192gmac</format> - <description>Null encryption with 192 bit AES-GMAC</description> - </valueHelp> - <valueHelp> - <format>aes256gmac</format> - <description>Null encryption with 256 bit AES-GMAC</description> - </valueHelp> - <valueHelp> - <format>3des</format> - <description>168 bit 3DES-EDE-CBC</description> - </valueHelp> - <valueHelp> - <format>blowfish128</format> - <description>128 bit Blowfish-CBC</description> - </valueHelp> - <valueHelp> - <format>blowfish192</format> - <description>192 bit Blowfish-CBC</description> - </valueHelp> - <valueHelp> - <format>blowfish256</format> - <description>256 bit Blowfish-CBC</description> - </valueHelp> - <valueHelp> - <format>camellia128</format> - <description>128 bit Camellia-CBC</description> - </valueHelp> - <valueHelp> - <format>camellia192</format> - <description>192 bit Camellia-CBC</description> - </valueHelp> - <valueHelp> - <format>camellia256</format> - <description>256 bit Camellia-CBC</description> - </valueHelp> - <valueHelp> - <format>camellia128ctr</format> - <description>128 bit Camellia-COUNTER</description> - </valueHelp> - <valueHelp> - <format>camellia192ctr</format> - <description>192 bit Camellia-COUNTER</description> - </valueHelp> - <valueHelp> - <format>camellia256ctr</format> - <description>256 bit Camellia-COUNTER</description> - </valueHelp> - <valueHelp> - <format>camellia128ccm64</format> - <description>128 bit Camellia-CCM with 64 bit ICV</description> - </valueHelp> - <valueHelp> - <format>camellia192ccm64</format> - <description>192 bit Camellia-CCM with 64 bit ICV</description> - </valueHelp> - <valueHelp> - <format>camellia256ccm64</format> - <description>256 bit Camellia-CCM with 64 bit ICV</description> - </valueHelp> - <valueHelp> - <format>camellia128ccm96</format> - <description>128 bit Camellia-CCM with 96 bit ICV</description> - </valueHelp> - <valueHelp> - <format>camellia192ccm96</format> - <description>192 bit Camellia-CCM with 96 bit ICV</description> - </valueHelp> - <valueHelp> - <format>camellia256ccm96</format> - <description>256 bit Camellia-CCM with 96 bit ICV</description> - </valueHelp> - <valueHelp> - <format>camellia128ccm128</format> - <description>128 bit Camellia-CCM with 128 bit ICV</description> - </valueHelp> - <valueHelp> - <format>camellia192ccm128</format> - <description>192 bit Camellia-CCM with 128 bit ICV</description> - </valueHelp> - <valueHelp> - <format>camellia256ccm128</format> - <description>256 bit Camellia-CCM with 128 bit ICV</description> - </valueHelp> - <valueHelp> - <format>serpent128</format> - <description>128 bit Serpent-CBC</description> - </valueHelp> - <valueHelp> - <format>serpent192</format> - <description>192 bit Serpent-CBC</description> - </valueHelp> - <valueHelp> - <format>serpent256</format> - <description>256 bit Serpent-CBC</description> - </valueHelp> - <valueHelp> - <format>twofish128</format> - <description>128 bit Twofish-CBC</description> - </valueHelp> - <valueHelp> - <format>twofish192</format> - <description>192 bit Twofish-CBC</description> - </valueHelp> - <valueHelp> - <format>twofish256</format> - <description>256 bit Twofish-CBC</description> - </valueHelp> - <valueHelp> - <format>cast128</format> - <description>128 bit CAST-CBC</description> - </valueHelp> - <valueHelp> - <format>chacha20poly1305</format> - <description>256 bit ChaCha20/Poly1305 with 128 bit ICV</description> - </valueHelp> - <constraint> - <regex>^(null|aes128|aes192|aes256|aes128ctr|aes192ctr|aes256ctr|aes128ccm64|aes192ccm64|aes256ccm64|aes128ccm96|aes192ccm96|aes256ccm96|aes128ccm128|aes192ccm128|aes256ccm128|aes128gcm64|aes192gcm64|aes256gcm64|aes128gcm96|aes192gcm96|aes256gcm96|aes128gcm128|aes192gcm128|aes256gcm128|aes128gmac|aes192gmac|aes256gmac|3des|blowfish128|blowfish192|blowfish256|camellia128|camellia192|camellia256|camellia128ctr|camellia192ctr|camellia256ctr|camellia128ccm64|camellia192ccm64|camellia256ccm64|camellia128ccm96|camellia192ccm96|camellia256ccm96|camellia128ccm128|camellia192ccm128|camellia256ccm128|serpent128|serpent192|serpent256|twofish128|twofish192|twofish256|cast128|chacha20poly1305)$</regex> - </constraint> - </properties> - </leafNode> +<leafNode name="encryption"> + <properties> + <help>Encryption algorithm</help> + <completionHelp> + <list>null aes128 aes192 aes256 aes128ctr aes192ctr aes256ctr aes128ccm64 aes192ccm64 aes256ccm64 aes128ccm96 aes192ccm96 aes256ccm96 aes128ccm128 aes192ccm128 aes256ccm128 aes128gcm64 aes192gcm64 aes256gcm64 aes128gcm96 aes192gcm96 aes256gcm96 aes128gcm128 aes192gcm128 aes256gcm128 aes128gmac aes192gmac aes256gmac 3des blowfish128 blowfish192 blowfish256 camellia128 camellia192 camellia256 camellia128ctr camellia192ctr camellia256ctr camellia128ccm64 camellia192ccm64 camellia256ccm64 camellia128ccm96 camellia192ccm96 camellia256ccm96 camellia128ccm128 camellia192ccm128 camellia256ccm128 serpent128 serpent192 serpent256 twofish128 twofish192 twofish256 cast128 chacha20poly1305</list> + </completionHelp> + <valueHelp> + <format>null</format> + <description>Null encryption</description> + </valueHelp> + <valueHelp> + <format>aes128</format> + <description>128 bit AES-CBC (default)</description> + </valueHelp> + <valueHelp> + <format>aes192</format> + <description>192 bit AES-CBC</description> + </valueHelp> + <valueHelp> + <format>aes256</format> + <description>256 bit AES-CBC</description> + </valueHelp> + <valueHelp> + <format>aes128ctr</format> + <description>128 bit AES-COUNTER</description> + </valueHelp> + <valueHelp> + <format>aes192ctr</format> + <description>192 bit AES-COUNTER</description> + </valueHelp> + <valueHelp> + <format>aes256ctr</format> + <description>256 bit AES-COUNTER</description> + </valueHelp> + <valueHelp> + <format>aes128ccm64</format> + <description>128 bit AES-CCM with 64 bit ICV</description> + </valueHelp> + <valueHelp> + <format>aes192ccm64</format> + <description>192 bit AES-CCM with 64 bit ICV</description> + </valueHelp> + <valueHelp> + <format>aes256ccm64</format> + <description>256 bit AES-CCM with 64 bit ICV</description> + </valueHelp> + <valueHelp> + <format>aes128ccm96</format> + <description>128 bit AES-CCM with 96 bit ICV</description> + </valueHelp> + <valueHelp> + <format>aes192ccm96</format> + <description>192 bit AES-CCM with 96 bit ICV</description> + </valueHelp> + <valueHelp> + <format>aes256ccm96</format> + <description>256 bit AES-CCM with 96 bit ICV</description> + </valueHelp> + <valueHelp> + <format>aes128ccm128</format> + <description>128 bit AES-CCM with 128 bit ICV</description> + </valueHelp> + <valueHelp> + <format>aes192ccm128</format> + <description>192 bit AES-CCM with 128 bit IC</description> + </valueHelp> + <valueHelp> + <format>aes256ccm128</format> + <description>256 bit AES-CCM with 128 bit ICV</description> + </valueHelp> + <valueHelp> + <format>aes128gcm64</format> + <description>128 bit AES-GCM with 64 bit ICV</description> + </valueHelp> + <valueHelp> + <format>aes192gcm64</format> + <description>192 bit AES-GCM with 64 bit ICV</description> + </valueHelp> + <valueHelp> + <format>aes256gcm64</format> + <description>256 bit AES-GCM with 64 bit ICV</description> + </valueHelp> + <valueHelp> + <format>aes128gcm96</format> + <description>128 bit AES-GCM with 96 bit ICV</description> + </valueHelp> + <valueHelp> + <format>aes192gcm96</format> + <description>192 bit AES-GCM with 96 bit ICV</description> + </valueHelp> + <valueHelp> + <format>aes256gcm96</format> + <description>256 bit AES-GCM with 96 bit ICV</description> + </valueHelp> + <valueHelp> + <format>aes128gcm128</format> + <description>128 bit AES-GCM with 128 bit ICV</description> + </valueHelp> + <valueHelp> + <format>aes192gcm128</format> + <description>192 bit AES-GCM with 128 bit ICV</description> + </valueHelp> + <valueHelp> + <format>aes256gcm128</format> + <description>256 bit AES-GCM with 128 bit ICV</description> + </valueHelp> + <valueHelp> + <format>aes128gmac</format> + <description>Null encryption with 128 bit AES-GMAC</description> + </valueHelp> + <valueHelp> + <format>aes192gmac</format> + <description>Null encryption with 192 bit AES-GMAC</description> + </valueHelp> + <valueHelp> + <format>aes256gmac</format> + <description>Null encryption with 256 bit AES-GMAC</description> + </valueHelp> + <valueHelp> + <format>3des</format> + <description>168 bit 3DES-EDE-CBC</description> + </valueHelp> + <valueHelp> + <format>blowfish128</format> + <description>128 bit Blowfish-CBC</description> + </valueHelp> + <valueHelp> + <format>blowfish192</format> + <description>192 bit Blowfish-CBC</description> + </valueHelp> + <valueHelp> + <format>blowfish256</format> + <description>256 bit Blowfish-CBC</description> + </valueHelp> + <valueHelp> + <format>camellia128</format> + <description>128 bit Camellia-CBC</description> + </valueHelp> + <valueHelp> + <format>camellia192</format> + <description>192 bit Camellia-CBC</description> + </valueHelp> + <valueHelp> + <format>camellia256</format> + <description>256 bit Camellia-CBC</description> + </valueHelp> + <valueHelp> + <format>camellia128ctr</format> + <description>128 bit Camellia-COUNTER</description> + </valueHelp> + <valueHelp> + <format>camellia192ctr</format> + <description>192 bit Camellia-COUNTER</description> + </valueHelp> + <valueHelp> + <format>camellia256ctr</format> + <description>256 bit Camellia-COUNTER</description> + </valueHelp> + <valueHelp> + <format>camellia128ccm64</format> + <description>128 bit Camellia-CCM with 64 bit ICV</description> + </valueHelp> + <valueHelp> + <format>camellia192ccm64</format> + <description>192 bit Camellia-CCM with 64 bit ICV</description> + </valueHelp> + <valueHelp> + <format>camellia256ccm64</format> + <description>256 bit Camellia-CCM with 64 bit ICV</description> + </valueHelp> + <valueHelp> + <format>camellia128ccm96</format> + <description>128 bit Camellia-CCM with 96 bit ICV</description> + </valueHelp> + <valueHelp> + <format>camellia192ccm96</format> + <description>192 bit Camellia-CCM with 96 bit ICV</description> + </valueHelp> + <valueHelp> + <format>camellia256ccm96</format> + <description>256 bit Camellia-CCM with 96 bit ICV</description> + </valueHelp> + <valueHelp> + <format>camellia128ccm128</format> + <description>128 bit Camellia-CCM with 128 bit ICV</description> + </valueHelp> + <valueHelp> + <format>camellia192ccm128</format> + <description>192 bit Camellia-CCM with 128 bit ICV</description> + </valueHelp> + <valueHelp> + <format>camellia256ccm128</format> + <description>256 bit Camellia-CCM with 128 bit ICV</description> + </valueHelp> + <valueHelp> + <format>serpent128</format> + <description>128 bit Serpent-CBC</description> + </valueHelp> + <valueHelp> + <format>serpent192</format> + <description>192 bit Serpent-CBC</description> + </valueHelp> + <valueHelp> + <format>serpent256</format> + <description>256 bit Serpent-CBC</description> + </valueHelp> + <valueHelp> + <format>twofish128</format> + <description>128 bit Twofish-CBC</description> + </valueHelp> + <valueHelp> + <format>twofish192</format> + <description>192 bit Twofish-CBC</description> + </valueHelp> + <valueHelp> + <format>twofish256</format> + <description>256 bit Twofish-CBC</description> + </valueHelp> + <valueHelp> + <format>cast128</format> + <description>128 bit CAST-CBC</description> + </valueHelp> + <valueHelp> + <format>chacha20poly1305</format> + <description>256 bit ChaCha20/Poly1305 with 128 bit ICV</description> + </valueHelp> + <constraint> + <regex>^(null|aes128|aes192|aes256|aes128ctr|aes192ctr|aes256ctr|aes128ccm64|aes192ccm64|aes256ccm64|aes128ccm96|aes192ccm96|aes256ccm96|aes128ccm128|aes192ccm128|aes256ccm128|aes128gcm64|aes192gcm64|aes256gcm64|aes128gcm96|aes192gcm96|aes256gcm96|aes128gcm128|aes192gcm128|aes256gcm128|aes128gmac|aes192gmac|aes256gmac|3des|blowfish128|blowfish192|blowfish256|camellia128|camellia192|camellia256|camellia128ctr|camellia192ctr|camellia256ctr|camellia128ccm64|camellia192ccm64|camellia256ccm64|camellia128ccm96|camellia192ccm96|camellia256ccm96|camellia128ccm128|camellia192ccm128|camellia256ccm128|serpent128|serpent192|serpent256|twofish128|twofish192|twofish256|cast128|chacha20poly1305)$</regex> + </constraint> + </properties> +</leafNode> <!-- include end --> diff --git a/interface-definitions/include/vpn-ipsec-hash.xml.i b/interface-definitions/include/vpn-ipsec-hash.xml.i index 93d57b622..5a06b290e 100644 --- a/interface-definitions/include/vpn-ipsec-hash.xml.i +++ b/interface-definitions/include/vpn-ipsec-hash.xml.i @@ -1,65 +1,65 @@ -<!-- include start from pn-ipsec-hash.xml.i --> - <leafNode name="hash"> - <properties> - <help>Hash algorithm</help> - <completionHelp> - <list>md5 md5_128 sha1 sha1_160 sha256 sha256_96 sha384 sha512 aesxcbc aescmac aes128gmac aes192gmac aes256gmac</list> - </completionHelp> - <valueHelp> - <format>md5</format> - <description>MD5 HMAC</description> - </valueHelp> - <valueHelp> - <format>md5_128</format> - <description>MD5_128 HMAC</description> - </valueHelp> - <valueHelp> - <format>sha1</format> - <description>SHA1 HMAC (default)</description> - </valueHelp> - <valueHelp> - <format>sha1_160</format> - <description>SHA1_160 HMAC</description> - </valueHelp> - <valueHelp> - <format>sha256</format> - <description>SHA2_256_128 HMAC</description> - </valueHelp> - <valueHelp> - <format>sha256_96</format> - <description>SHA2_256_96 HMAC</description> - </valueHelp> - <valueHelp> - <format>sha384</format> - <description>SHA2_384_192 HMAC</description> - </valueHelp> - <valueHelp> - <format>sha512</format> - <description>SHA2_512_256 HMAC</description> - </valueHelp> - <valueHelp> - <format>aesxcbc</format> - <description>AES XCBC</description> - </valueHelp> - <valueHelp> - <format>aescmac</format> - <description>AES CMAC</description> - </valueHelp> - <valueHelp> - <format>aes128gmac</format> - <description>128-bit AES-GMAC</description> - </valueHelp> - <valueHelp> - <format>aes192gmac</format> - <description>192-bit AES-GMAC</description> - </valueHelp> - <valueHelp> - <format>aes256gmac</format> - <description>256-bit AES-GMAC</description> - </valueHelp> - <constraint> - <regex>^(md5|md5_128|sha1|sha1_160|sha256|sha256_96|sha384|sha512|aesxcbc|aescmac|aes128gmac|aes192gmac|aes256gmac)$</regex> - </constraint> - </properties> - </leafNode> +<!-- include start from vpn-ipsec-hash.xml.i --> +<leafNode name="hash"> + <properties> + <help>Hash algorithm</help> + <completionHelp> + <list>md5 md5_128 sha1 sha1_160 sha256 sha256_96 sha384 sha512 aesxcbc aescmac aes128gmac aes192gmac aes256gmac</list> + </completionHelp> + <valueHelp> + <format>md5</format> + <description>MD5 HMAC</description> + </valueHelp> + <valueHelp> + <format>md5_128</format> + <description>MD5_128 HMAC</description> + </valueHelp> + <valueHelp> + <format>sha1</format> + <description>SHA1 HMAC (default)</description> + </valueHelp> + <valueHelp> + <format>sha1_160</format> + <description>SHA1_160 HMAC</description> + </valueHelp> + <valueHelp> + <format>sha256</format> + <description>SHA2_256_128 HMAC</description> + </valueHelp> + <valueHelp> + <format>sha256_96</format> + <description>SHA2_256_96 HMAC</description> + </valueHelp> + <valueHelp> + <format>sha384</format> + <description>SHA2_384_192 HMAC</description> + </valueHelp> + <valueHelp> + <format>sha512</format> + <description>SHA2_512_256 HMAC</description> + </valueHelp> + <valueHelp> + <format>aesxcbc</format> + <description>AES XCBC</description> + </valueHelp> + <valueHelp> + <format>aescmac</format> + <description>AES CMAC</description> + </valueHelp> + <valueHelp> + <format>aes128gmac</format> + <description>128-bit AES-GMAC</description> + </valueHelp> + <valueHelp> + <format>aes192gmac</format> + <description>192-bit AES-GMAC</description> + </valueHelp> + <valueHelp> + <format>aes256gmac</format> + <description>256-bit AES-GMAC</description> + </valueHelp> + <constraint> + <regex>^(md5|md5_128|sha1|sha1_160|sha256|sha256_96|sha384|sha512|aesxcbc|aescmac|aes128gmac|aes192gmac|aes256gmac)$</regex> + </constraint> + </properties> +</leafNode> <!-- include end --> diff --git a/interface-definitions/interfaces-ethernet.xml.in b/interface-definitions/interfaces-ethernet.xml.in index fff8db2d1..942f88d0a 100644 --- a/interface-definitions/interfaces-ethernet.xml.in +++ b/interface-definitions/interfaces-ethernet.xml.in @@ -9,14 +9,14 @@ <properties> <help>Ethernet Interface</help> <priority>318</priority> - <constraint> - <regex>^((eth|lan)[0-9]+|(eno|ens|enp|enx).+)$</regex> - </constraint> - <constraintErrorMessage>Invalid Ethernet interface name</constraintErrorMessage> <valueHelp> <format>ethN</format> <description>Ethernet interface name</description> </valueHelp> + <constraint> + <regex>^((eth|lan)[0-9]+|(eno|ens|enp|enx).+)$</regex> + </constraint> + <constraintErrorMessage>Invalid Ethernet interface name</constraintErrorMessage> </properties> <children> #include <include/interface/address-ipv4-ipv6-dhcp.xml.i> diff --git a/interface-definitions/interfaces-vti.xml.in b/interface-definitions/interfaces-vti.xml.in index 604d7dd29..10e1feb6b 100644 --- a/interface-definitions/interfaces-vti.xml.in +++ b/interface-definitions/interfaces-vti.xml.in @@ -32,6 +32,7 @@ #include <include/interface/interface-description.xml.i> #include <include/interface/interface-disable.xml.i> #include <include/interface/interface-mtu-68-16000.xml.i> + #include <include/interface/interface-vrf.xml.i> </children> </tagNode> </children> diff --git a/interface-definitions/interfaces-wirelessmodem.xml.in b/interface-definitions/interfaces-wirelessmodem.xml.in deleted file mode 100644 index 25ac2d6e0..000000000 --- a/interface-definitions/interfaces-wirelessmodem.xml.in +++ /dev/null @@ -1,83 +0,0 @@ -<?xml version="1.0"?> -<interfaceDefinition> - <node name="interfaces"> - <children> - <tagNode name="wirelessmodem" owner="${vyos_conf_scripts_dir}/interfaces-wirelessmodem.py"> - <properties> - <help>Wireless Modem (WWAN) Interface</help> - <priority>350</priority> - <constraint> - <regex>^wlm[0-9]+$</regex> - </constraint> - <constraintErrorMessage>Wireless Modem interface must be named wlmN</constraintErrorMessage> - <valueHelp> - <format>wlmN</format> - <description>Wireless modem interface name</description> - </valueHelp> - </properties> - <children> - <leafNode name="apn"> - <properties> - <help>Access Point Name (APN)</help> - </properties> - </leafNode> - <node name="backup"> - <properties> - <help>Insert backup default route</help> - </properties> - <children> - <leafNode name="distance"> - <properties> - <help>Distance backup default route</help> - <valueHelp> - <format>1-255</format> - <description>Distance of the backup route (default: 10)</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 1-255"/> - </constraint> - <constraintErrorMessage>Must be between (1-255)</constraintErrorMessage> - </properties> - <defaultValue>10</defaultValue> - </leafNode> - </children> - </node> - #include <include/interface/interface-description.xml.i> - #include <include/interface/interface-disable.xml.i> - #include <include/interface/interface-vrf.xml.i> - <leafNode name="device"> - <properties> - <help>Serial device </help> - <completionHelp> - <script>ls -1 /dev | grep ttyS</script> - <script>if [ -d /dev/serial/by-bus ]; then ls -1 /dev/serial/by-bus; fi</script> - </completionHelp> - <valueHelp> - <format>ttySXX</format> - <description>TTY device name, regular serial port</description> - </valueHelp> - <valueHelp> - <format>usbNbXpY</format> - <description>TTY device name, USB based</description> - </valueHelp> - <constraint> - <regex>^(ttyS[0-9]+|usb[0-9]+b.*)$</regex> - </constraint> - </properties> - </leafNode> - #include <include/interface/interface-disable-link-detect.xml.i> - #include <include/interface/interface-mtu-68-16000.xml.i> - #include <include/interface/interface-ipv4-options.xml.i> - #include <include/interface/interface-ipv6-options.xml.i> - <leafNode name="no-peer-dns"> - <properties> - <help>Do not use peer supplied DNS server information</help> - <valueless/> - </properties> - </leafNode> - #include <include/interface/interface-dial-on-demand.xml.i> - </children> - </tagNode> - </children> - </node> -</interfaceDefinition> diff --git a/interface-definitions/interfaces-wwan.xml.in b/interface-definitions/interfaces-wwan.xml.in new file mode 100644 index 000000000..55ac8eab1 --- /dev/null +++ b/interface-definitions/interfaces-wwan.xml.in @@ -0,0 +1,45 @@ +<?xml version="1.0"?> +<interfaceDefinition> + <node name="interfaces"> + <children> + <tagNode name="wwan" owner="${vyos_conf_scripts_dir}/interfaces-wwan.py"> + <properties> + <help>Wireless Modem (WWAN) Interface</help> + <priority>350</priority> + <completionHelp> + <script>cd /sys/class/net; ls -d wwan*</script> + </completionHelp> + <constraint> + <regex>^wwan[0-9]+$</regex> + </constraint> + <constraintErrorMessage>Wireless Modem interface must be named wwanN</constraintErrorMessage> + <valueHelp> + <format>wwanN</format> + <description>Wireless Wide Area Network interface name</description> + </valueHelp> + </properties> + <children> + #include <include/interface/address-ipv4-ipv6-dhcp.xml.i> + <leafNode name="apn"> + <properties> + <help>Access Point Name (APN)</help> + </properties> + </leafNode> + #include <include/interface/dhcp-options.xml.i> + #include <include/interface/dhcpv6-options.xml.i> + #include <include/interface/interface-description.xml.i> + #include <include/interface/interface-disable.xml.i> + #include <include/interface/interface-vrf.xml.i> + #include <include/interface/interface-disable-link-detect.xml.i> + #include <include/interface/interface-mtu-68-1500.xml.i> + <leafNode name="mtu"> + <defaultValue>1430</defaultValue> + </leafNode> + #include <include/interface/interface-ipv4-options.xml.i> + #include <include/interface/interface-ipv6-options.xml.i> + #include <include/interface/interface-dial-on-demand.xml.i> + </children> + </tagNode> + </children> + </node> +</interfaceDefinition> diff --git a/interface-definitions/ssh.xml.in b/interface-definitions/ssh.xml.in index 6faef9bd5..54742f1d0 100644 --- a/interface-definitions/ssh.xml.in +++ b/interface-definitions/ssh.xml.in @@ -1,5 +1,4 @@ <?xml version="1.0"?> -<!--SSH configuration --> <interfaceDefinition> <node name="service"> <properties> @@ -14,9 +13,7 @@ <children> <node name="access-control"> <properties> - <help>SSH user/group access controls. Directives are processed - in the following order: deny-users, allow-users, deny-groups and - allow-groups.</help> + <help>SSH user/group access controls</help> </properties> <children> <node name="allow"> @@ -24,26 +21,8 @@ <help>Allow user/group SSH access</help> </properties> <children> - <leafNode name="group"> - <properties> - <help>Allow members of a group to login</help> - <constraint> - <regex>[a-z_][a-z0-9_-]{1,31}[$]?</regex> - </constraint> - <constraintErrorMessage>illegal characters or more than 32 characters</constraintErrorMessage> - <multi/> - </properties> - </leafNode> - <leafNode name="user"> - <properties> - <help>Allow specific users to login</help> - <constraint> - <regex>[a-z_][a-z0-9_-]{1,31}[$]?</regex> - </constraint> - <constraintErrorMessage>illegal characters or more than 32 characters</constraintErrorMessage> - <multi/> - </properties> - </leafNode> + #include <include/ssh-group.xml.i> + #include <include/ssh-user.xml.i> </children> </node> <node name="deny"> @@ -51,26 +30,8 @@ <help>Deny user/group SSH access</help> </properties> <children> - <leafNode name="group"> - <properties> - <help>Disallow members of a group to login</help> - <constraint> - <regex>[a-z_][a-z0-9_-]{1,31}[$]?</regex> - </constraint> - <constraintErrorMessage>illegal characters or more than 32 characters</constraintErrorMessage> - <multi/> - </properties> - </leafNode> - <leafNode name="user"> - <properties> - <help>Disallow specific users to login</help> - <constraint> - <regex>[a-z_][a-z0-9_-]{1,31}[$]?</regex> - </constraint> - <constraintErrorMessage>illegal characters or more than 32 characters</constraintErrorMessage> - <multi/> - </properties> - </leafNode> + #include <include/ssh-group.xml.i> + #include <include/ssh-user.xml.i> </children> </node> </children> diff --git a/interface-definitions/vpn_ipsec.xml.in b/interface-definitions/vpn_ipsec.xml.in index 604f49cb6..d7435d6df 100644 --- a/interface-definitions/vpn_ipsec.xml.in +++ b/interface-definitions/vpn_ipsec.xml.in @@ -642,6 +642,7 @@ <help>VPN IPSec Profile</help> </properties> <children> + #include <include/generic-disable-node.xml.i> <node name="authentication"> <properties> <help>Authentication [REQUIRED]</help> @@ -731,6 +732,7 @@ </valueHelp> </properties> <children> + #include <include/generic-disable-node.xml.i> <node name="authentication"> <properties> <help>Peer authentication [REQUIRED]</help> |