diff options
Diffstat (limited to 'interface-definitions')
24 files changed, 478 insertions, 76 deletions
diff --git a/interface-definitions/include/accel-radius-additions.xml.in b/interface-definitions/include/accel-radius-additions.xml.in index 227a043cd..e37b68514 100644 --- a/interface-definitions/include/accel-radius-additions.xml.in +++ b/interface-definitions/include/accel-radius-additions.xml.in @@ -2,6 +2,18 @@ <children> <tagNode name="server"> <children> + <leafNode name="acct-port"> + <properties> + <help>Accounting port</help> + <valueHelp> + <format>1-65535</format> + <description>Numeric IP port (default: 1813)</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 1-65535"/> + </constraint> + </properties> + </leafNode> <leafNode name="fail-time"> <properties> <help>Mark server unavailable for <n> seconds on failure</help> diff --git a/interface-definitions/include/bgp-afi-aggregate-address.xml.i b/interface-definitions/include/bgp-afi-aggregate-address.xml.i index 40c030fc1..050ee0074 100644 --- a/interface-definitions/include/bgp-afi-aggregate-address.xml.i +++ b/interface-definitions/include/bgp-afi-aggregate-address.xml.i @@ -1,12 +1,12 @@ -<leafNode name="as-set">
- <properties>
- <help>Generate AS-set path information for this aggregate address</help>
- <valueless/>
- </properties>
-</leafNode>
-<leafNode name="summary-only">
- <properties>
- <help>Announce the aggregate summary network only</help>
- <valueless/>
- </properties>
-</leafNode>
+<leafNode name="as-set"> + <properties> + <help>Generate AS-set path information for this aggregate address</help> + <valueless/> + </properties> +</leafNode> +<leafNode name="summary-only"> + <properties> + <help>Announce the aggregate summary network only</help> + <valueless/> + </properties> +</leafNode> diff --git a/interface-definitions/include/dhcp-options.xml.i b/interface-definitions/include/dhcp-options.xml.i index 0f71d9321..9989291fc 100644 --- a/interface-definitions/include/dhcp-options.xml.i +++ b/interface-definitions/include/dhcp-options.xml.i @@ -1,6 +1,6 @@ <node name="dhcp-options"> <properties> - <help>DHCP options</help> + <help>DHCP client settings/options</help> </properties> <children> <leafNode name="client-id"> diff --git a/interface-definitions/include/dhcpv6-options.xml.i b/interface-definitions/include/dhcpv6-options.xml.i index 98a87dba2..b0a806806 100644 --- a/interface-definitions/include/dhcpv6-options.xml.i +++ b/interface-definitions/include/dhcpv6-options.xml.i @@ -1,11 +1,24 @@ <node name="dhcpv6-options"> <properties> - <help>DHCPv6 options</help> + <help>DHCPv6 client settings/options</help> </properties> <children> - <node name="prefix-delegation"> + <leafNode name="parameters-only"> <properties> - <help>DHCPv6 Prefix Delegation Options</help> + <help>Acquire only config parameters, no address</help> + <valueless/> + </properties> + </leafNode> + <tagNode name="pd"> + <properties> + <help>DHCPv6 prefix delegation interface statement</help> + <valueHelp> + <format>instance number</format> + <description>Prefix delegation instance (>= 0)</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--non-negative"/> + </constraint> </properties> <children> <leafNode name="length"> @@ -19,6 +32,7 @@ <validator name="numeric" argument="--range 32-64"/> </constraint> </properties> + <defaultValue>64</defaultValue> </leafNode> <tagNode name="interface"> <properties> @@ -52,31 +66,19 @@ </constraint> </properties> </leafNode> - <leafNode name="sla-len"> - <properties> - <help>Site-Level aggregator (SLA) length</help> - <valueHelp> - <format>0-128</format> - <description>Length of delegated prefix</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 0-128"/> - </constraint> - </properties> - </leafNode> </children> </tagNode> </children> - </node> - <leafNode name="parameters-only"> + </tagNode> + <leafNode name="rapid-commit"> <properties> - <help>Acquire only config parameters, no address</help> + <help>Wait for immediate reply instead of advertisements</help> <valueless/> </properties> </leafNode> <leafNode name="temporary"> <properties> - <help>IPv6 "temporary" address</help> + <help>IPv6 temporary address</help> <valueless/> </properties> </leafNode> diff --git a/interface-definitions/include/interface-arp-cache-timeout.xml.i b/interface-definitions/include/interface-arp-cache-timeout.xml.i index 81d35f593..e65321158 100644 --- a/interface-definitions/include/interface-arp-cache-timeout.xml.i +++ b/interface-definitions/include/interface-arp-cache-timeout.xml.i @@ -10,4 +10,5 @@ </constraint> <constraintErrorMessage>ARP cache entry timeout must be between 1 and 86400 seconds</constraintErrorMessage> </properties> + <defaultValue>30</defaultValue> </leafNode> diff --git a/interface-definitions/include/nat-rule.xml.i b/interface-definitions/include/nat-rule.xml.i index f62a08987..a2d058479 100644 --- a/interface-definitions/include/nat-rule.xml.i +++ b/interface-definitions/include/nat-rule.xml.i @@ -2,13 +2,13 @@ <properties> <help>Rule number for NAT</help> <valueHelp> - <format>1-9999</format> + <format>1-999999</format> <description>Number for this NAT rule</description> </valueHelp> <constraint> - <validator name="numeric" argument="--range 1-9999"/> + <validator name="numeric" argument="--range 1-999999"/> </constraint> - <constraintErrorMessage>NAT rule number must be between 1 and 9999</constraintErrorMessage> + <constraintErrorMessage>NAT rule number must be between 1 and 999999</constraintErrorMessage> </properties> <children> <leafNode name="description"> diff --git a/interface-definitions/interfaces-bonding.xml.in b/interface-definitions/interfaces-bonding.xml.in index ddd52979b..7d658f6a0 100644 --- a/interface-definitions/interfaces-bonding.xml.in +++ b/interface-definitions/interfaces-bonding.xml.in @@ -78,6 +78,7 @@ </constraint> <constraintErrorMessage>hash-policy must be layer2 layer2+3 or layer3+4</constraintErrorMessage> </properties> + <defaultValue>layer2</defaultValue> </leafNode> <node name="ip"> <children> @@ -137,6 +138,7 @@ </constraint> <constraintErrorMessage>mode must be 802.3ad, active-backup, broadcast, round-robin, transmit-load-balance, adaptive-load-balance, or xor</constraintErrorMessage> </properties> + <defaultValue>802.3ad</defaultValue> </leafNode> <node name="member"> <properties> diff --git a/interface-definitions/interfaces-bridge.xml.in b/interface-definitions/interfaces-bridge.xml.in index 6b610e623..92356d696 100644 --- a/interface-definitions/interfaces-bridge.xml.in +++ b/interface-definitions/interfaces-bridge.xml.in @@ -32,6 +32,7 @@ <validator name="numeric" argument="--range 0-0 --range 10-1000000"/> </constraint> </properties> + <defaultValue>300</defaultValue> </leafNode> #include <include/interface-description.xml.i> #include <include/dhcp-options.xml.i> @@ -51,6 +52,7 @@ </constraint> <constraintErrorMessage>Forwarding delay must be between 0 and 200 seconds</constraintErrorMessage> </properties> + <defaultValue>14</defaultValue> </leafNode> <leafNode name="hello-time"> <properties> @@ -64,6 +66,7 @@ </constraint> <constraintErrorMessage>Bridge Hello interval must be between 1 and 10 seconds</constraintErrorMessage> </properties> + <defaultValue>2</defaultValue> </leafNode> <node name="igmp"> <properties> @@ -107,6 +110,7 @@ </constraint> <constraintErrorMessage>Bridge max aging value must be between 1 and 40 seconds</constraintErrorMessage> </properties> + <defaultValue>20</defaultValue> </leafNode> <node name="member"> <properties> @@ -133,6 +137,7 @@ </constraint> <constraintErrorMessage>Path cost value must be between 1 and 65535</constraintErrorMessage> </properties> + <defaultValue>100</defaultValue> </leafNode> <leafNode name="priority"> <properties> @@ -146,6 +151,7 @@ </constraint> <constraintErrorMessage>Port priority value must be between 0 and 63</constraintErrorMessage> </properties> + <defaultValue>32</defaultValue> </leafNode> </children> </tagNode> @@ -163,6 +169,7 @@ </constraint> <constraintErrorMessage>Bridge priority must be between 0 and 65535 (multiples of 4096)</constraintErrorMessage> </properties> + <defaultValue>32768</defaultValue> </leafNode> <leafNode name="stp"> <properties> diff --git a/interface-definitions/interfaces-ethernet.xml.in b/interface-definitions/interfaces-ethernet.xml.in index 1e32a15f8..e8f3f09f1 100644 --- a/interface-definitions/interfaces-ethernet.xml.in +++ b/interface-definitions/interfaces-ethernet.xml.in @@ -56,6 +56,7 @@ </constraint> <constraintErrorMessage>duplex must be auto, half or full</constraintErrorMessage> </properties> + <defaultValue>auto</defaultValue> </leafNode> #include <include/interface-hw-id.xml.i> <node name="ip"> @@ -265,6 +266,7 @@ </constraint> <constraintErrorMessage>Speed must be auto, 10, 100, 1000, 2500, 5000, 10000, 25000, 40000, 50000 or 100000</constraintErrorMessage> </properties> + <defaultValue>auto</defaultValue> </leafNode> #include <include/vif-s.xml.i> #include <include/vif.xml.i> diff --git a/interface-definitions/interfaces-l2tpv3.xml.in b/interface-definitions/interfaces-l2tpv3.xml.in index 30dd9b604..3a878ad76 100644 --- a/interface-definitions/interfaces-l2tpv3.xml.in +++ b/interface-definitions/interfaces-l2tpv3.xml.in @@ -29,6 +29,7 @@ <validator name="numeric" argument="--range 1-65535"/> </constraint> </properties> + <defaultValue>5000</defaultValue> </leafNode> #include <include/interface-disable.xml.i> <leafNode name="encapsulation"> @@ -50,6 +51,7 @@ </constraint> <constraintErrorMessage>Encapsulation must be UDP or IP</constraintErrorMessage> </properties> + <defaultValue>udp</defaultValue> </leafNode> <node name="ipv6"> <children> @@ -138,6 +140,7 @@ <validator name="numeric" argument="--range 1-65535"/> </constraint> </properties> + <defaultValue>5000</defaultValue> </leafNode> <leafNode name="tunnel-id"> <properties> diff --git a/interface-definitions/interfaces-pseudo-ethernet.xml.in b/interface-definitions/interfaces-pseudo-ethernet.xml.in index d5f9ca661..4382db598 100644 --- a/interface-definitions/interfaces-pseudo-ethernet.xml.in +++ b/interface-definitions/interfaces-pseudo-ethernet.xml.in @@ -70,7 +70,9 @@ </constraint> <constraintErrorMessage>mode must be private, vepa, bridge or passthru</constraintErrorMessage> </properties> + <defaultValue>private</defaultValue> </leafNode> + #include <include/interface-mtu-68-9000.xml.i> #include <include/vif-s.xml.i> #include <include/vif.xml.i> </children> diff --git a/interface-definitions/interfaces-vxlan.xml.in b/interface-definitions/interfaces-vxlan.xml.in index bd3ab4022..8529f6885 100644 --- a/interface-definitions/interfaces-vxlan.xml.in +++ b/interface-definitions/interfaces-vxlan.xml.in @@ -93,6 +93,7 @@ <validator name="numeric" argument="--range 1-65535"/> </constraint> </properties> + <defaultValue>8472</defaultValue> </leafNode> <leafNode name="vni"> <properties> diff --git a/interface-definitions/interfaces-wireguard.xml.in b/interface-definitions/interfaces-wireguard.xml.in index 5894f159d..981bce826 100644 --- a/interface-definitions/interfaces-wireguard.xml.in +++ b/interface-definitions/interfaces-wireguard.xml.in @@ -30,9 +30,10 @@ <description>value which marks the packet for QoS/shaper</description> </valueHelp> <constraint> - <validator name="numeric" argument="--range 1-255"/> + <validator name="numeric" argument="--range 0-4294967295"/> </constraint> </properties> + <defaultValue>0</defaultValue> </leafNode> <leafNode name="private-key"> <properties> @@ -41,6 +42,7 @@ <script>${vyos_op_scripts_dir}/wireguard.py --listkdir</script> </completionHelp> </properties> + <defaultValue>default</defaultValue> </leafNode> <tagNode name="peer"> <properties> @@ -103,7 +105,11 @@ #include <include/port-number.xml.i> <leafNode name="persistent-keepalive"> <properties> - <help>how often send keep alives in seconds</help> + <help>Interval to send keepalive messages</help> + <valueHelp> + <format>1-65535</format> + <description>Interval in seconds</description> + </valueHelp> <constraint> <validator name="numeric" argument="--range 1-65535"/> </constraint> diff --git a/interface-definitions/interfaces-wireless.xml.in b/interface-definitions/interfaces-wireless.xml.in index 06c7734f5..6f0ec9e71 100644 --- a/interface-definitions/interfaces-wireless.xml.in +++ b/interface-definitions/interfaces-wireless.xml.in @@ -320,7 +320,7 @@ <properties> <help>VHT link adaptation capabilities</help> <completionHelp> - <list>unsolicited both</list> + <list>unsolicited both</list> </completionHelp> <valueHelp> <format>unsolicited</format> @@ -451,6 +451,7 @@ <leafNode name="disable-broadcast-ssid"> <properties> <help>Disable broadcast of SSID from access-point</help> + <valueless/> </properties> </leafNode> #include <include/interface-disable-link-detect.xml.i> @@ -551,9 +552,10 @@ <description>802.11ac - 1300 Mbits/sec</description> </valueHelp> <constraint> - <regex>(a|b|g|n|ac)</regex> + <regex>^(a|b|g|n|ac)$</regex> </constraint> </properties> + <defaultValue>g</defaultValue> </leafNode> <leafNode name="physical-device"> <properties> @@ -637,7 +639,7 @@ <description>Temporal Key Integrity Protocol [IEEE 802.11i/D7.0]</description> </valueHelp> <constraint> - <regex>(GCMP-256|GCMP|CCMP-256|CCMP|TKIP)</regex> + <regex>^(GCMP-256|GCMP|CCMP-256|CCMP|TKIP)$</regex> </constraint> <constraintErrorMessage>Invalid cipher selection</constraintErrorMessage> <multi/> @@ -670,7 +672,7 @@ <description>Temporal Key Integrity Protocol [IEEE 802.11i/D7.0]</description> </valueHelp> <constraint> - <regex>(GCMP-256|GCMP|CCMP-256|CCMP|TKIP)</regex> + <regex>^(GCMP-256|GCMP|CCMP-256|CCMP|TKIP)$</regex> </constraint> <constraintErrorMessage>Invalid group cipher selection</constraintErrorMessage> <multi/> @@ -695,7 +697,7 @@ <description>Allow both WPA and WPA2</description> </valueHelp> <constraint> - <regex>(wpa|wpa2|both)</regex> + <regex>^(wpa|wpa2|both)$</regex> </constraint> <constraintErrorMessage>Unknown WPA mode</constraintErrorMessage> </properties> @@ -762,10 +764,11 @@ <description>Passively monitor all packets on the frequency/channel</description> </valueHelp> <constraint> - <regex>(access-point|station|monitor)</regex> + <regex>^(access-point|station|monitor)$</regex> </constraint> <constraintErrorMessage>Type must be access-point, station or monitor</constraintErrorMessage> </properties> + <defaultValue>monitor</defaultValue> </leafNode> #include <include/vif.xml.i> #include <include/vif-s.xml.i> diff --git a/interface-definitions/lldp.xml.in b/interface-definitions/lldp.xml.in index 3a2899b57..8f6629d81 100644 --- a/interface-definitions/lldp.xml.in +++ b/interface-definitions/lldp.xml.in @@ -21,6 +21,7 @@ </valueHelp> <completionHelp> <script>${vyatta_sbindir}/vyatta-interfaces.pl --show all</script> + <list>all</list> </completionHelp> </properties> <children> @@ -73,7 +74,7 @@ </completionHelp> <constraintErrorMessage>Datum should be WGS84, NAD83, or MLLW</constraintErrorMessage> <constraint> - <regex>(WGS84|NAD83|MLLW)$</regex> + <regex>^(WGS84|NAD83|MLLW)$</regex> </constraint> </properties> </leafNode> diff --git a/interface-definitions/nat.xml.in b/interface-definitions/nat.xml.in index f8415b7c0..8a14f4d25 100644 --- a/interface-definitions/nat.xml.in +++ b/interface-definitions/nat.xml.in @@ -61,13 +61,13 @@ <properties> <help>NPTv6 rule number</help> <valueHelp> - <format>1-9999</format> + <format>1-999999</format> <description>Number for this rule</description> </valueHelp> <constraint> - <validator name="numeric" argument="--range 1-9999"/> + <validator name="numeric" argument="--range 1-999999"/> </constraint> - <constraintErrorMessage>NAT rule number must be between 1 and 9999</constraintErrorMessage> + <constraintErrorMessage>NAT rule number must be between 1 and 999999</constraintErrorMessage> </properties> <children> <leafNode name="description"> diff --git a/interface-definitions/protocols-bfd.xml.in b/interface-definitions/protocols-bfd.xml.in index 62e2c87b9..8900e7955 100644 --- a/interface-definitions/protocols-bfd.xml.in +++ b/interface-definitions/protocols-bfd.xml.in @@ -28,7 +28,7 @@ <children> <node name="source"> <properties> - <help>Bind listener to specifid interface/address, mandatory for IPv6</help> + <help>Bind listener to specified interface/address, mandatory for IPv6</help> </properties> <children> <leafNode name="interface"> diff --git a/interface-definitions/protocols-mpls.xml.in b/interface-definitions/protocols-mpls.xml.in index 376323855..3e9edbf72 100644 --- a/interface-definitions/protocols-mpls.xml.in +++ b/interface-definitions/protocols-mpls.xml.in @@ -54,6 +54,30 @@ </valueHelp> </properties> <children> + <leafNode name="hello-holdtime"> + <properties> + <help>Hello holdtime</help> + <valueHelp> + <format>1-65535</format> + <description>Time in seconds</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 1-65535"/> + </constraint> + </properties> + </leafNode> + <leafNode name="hello-interval"> + <properties> + <help>Hello interval</help> + <valueHelp> + <format>1-65535</format> + <description>Time in seconds</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 1-65535"/> + </constraint> + </properties> + </leafNode> <leafNode name="transport-ipv4-address"> <properties> <help>Transport ipv4 address</help> @@ -95,4 +119,4 @@ </node> </children> </node> -</interfaceDefinition>
\ No newline at end of file +</interfaceDefinition> diff --git a/interface-definitions/mdns-repeater.xml.in b/interface-definitions/service_mdns-repeater.xml.in index a59321294..e21b1b27c 100644 --- a/interface-definitions/mdns-repeater.xml.in +++ b/interface-definitions/service_mdns-repeater.xml.in @@ -1,5 +1,4 @@ <?xml version="1.0"?> -<!-- mDNS repeater configuration --> <interfaceDefinition> <node name="service"> <children> @@ -8,7 +7,7 @@ <help>Multicast DNS (mDNS) parameters</help> </properties> <children> - <node name="repeater" owner="${vyos_conf_scripts_dir}/mdns_repeater.py"> + <node name="repeater" owner="${vyos_conf_scripts_dir}/service_mdns-repeater.py"> <properties> <help>mDNS repeater configuration</help> <priority>990</priority> diff --git a/interface-definitions/service_pppoe-server.xml.in b/interface-definitions/service_pppoe-server.xml.in index c7ba2617a..605f47b37 100644 --- a/interface-definitions/service_pppoe-server.xml.in +++ b/interface-definitions/service_pppoe-server.xml.in @@ -311,31 +311,29 @@ <valueless /> </properties> </leafNode> - <node name="mppe"> + <leafNode name="mppe"> <properties> <help>Specifies MPPE negotiation preference. (default prefer mppe)</help> + <completionHelp> + <list>deny prefer require</list> + </completionHelp> + <valueHelp> + <format>deny</format> + <description>Deny MPPE</description> + </valueHelp> + <valueHelp> + <format>prefer</format> + <description>Ask client for MPPE - do not fail on reject</description> + </valueHelp> + <valueHelp> + <format>require</format> + <description>Ask client for MPPE - drop connection on reject</description> + </valueHelp> + <constraint> + <regex>^(deny|prefer|require)$</regex> + </constraint> </properties> - <children> - <leafNode name="require"> - <properties> - <help>Ask client for MPPE, if it rejects then drop the connection</help> - <valueless /> - </properties> - </leafNode> - <leafNode name="prefer"> - <properties> - <help>Ask client for MPPE, if it rejects do not fail</help> - <valueless /> - </properties> - </leafNode> - <leafNode name="deny"> - <properties> - <help>Deny MPPE</help> - <valueless /> - </properties> - </leafNode> - </children> - </node> + </leafNode> <leafNode name="lcp-echo-interval"> <properties> <help>LCP echo-requests/sec</help> diff --git a/interface-definitions/service_router-advert.xml.in b/interface-definitions/service_router-advert.xml.in index 6a4706ab7..5a472fc9a 100644 --- a/interface-definitions/service_router-advert.xml.in +++ b/interface-definitions/service_router-advert.xml.in @@ -32,6 +32,7 @@ </constraint> <constraintErrorMessage>Hop count must be between 0 and 255</constraintErrorMessage> </properties> + <defaultValue>64</defaultValue> </leafNode> <leafNode name="default-lifetime"> <properties> @@ -69,10 +70,11 @@ <description>Default router has high preference</description> </valueHelp> <constraint> - <regex>(low|medium|high)</regex> + <regex>^(low|medium|high)$</regex> </constraint> <constraintErrorMessage>Default preference must be low, medium or high</constraintErrorMessage> </properties> + <defaultValue>medium</defaultValue> </leafNode> <leafNode name="dnssl"> <properties> @@ -116,6 +118,7 @@ </constraint> <constraintErrorMessage>Maximum interval must be between 4 and 1800 seconds</constraintErrorMessage> </properties> + <defaultValue>600</defaultValue> </leafNode> <leafNode name="min"> <properties> @@ -191,9 +194,10 @@ </valueHelp> <constraint> <validator name="numeric" argument="--range 0-4294967295"/> - <regex>(infinity)</regex> + <regex>^(infinity)$</regex> </constraint> </properties> + <defaultValue>14400</defaultValue> </leafNode> <leafNode name="valid-lifetime"> <properties> @@ -214,6 +218,7 @@ <regex>(infinity)</regex> </constraint> </properties> + <defaultValue>2592000</defaultValue> </leafNode> </children> </tagNode> @@ -233,6 +238,7 @@ </constraint> <constraintErrorMessage>Reachable time must be 0 or between 1 and 3600000 milliseconds</constraintErrorMessage> </properties> + <defaultValue>0</defaultValue> </leafNode> <leafNode name="retrans-timer"> <properties> @@ -250,6 +256,7 @@ </constraint> <constraintErrorMessage>Retransmit interval must be 0 or between 1 and 4294967295 milliseconds</constraintErrorMessage> </properties> + <defaultValue>0</defaultValue> </leafNode> <leafNode name="no-send-advert"> <properties> diff --git a/interface-definitions/system-lcd.xml.in b/interface-definitions/system-lcd.xml.in new file mode 100644 index 000000000..36116ae1b --- /dev/null +++ b/interface-definitions/system-lcd.xml.in @@ -0,0 +1,66 @@ +<?xml version="1.0"?> +<interfaceDefinition> + <node name="system"> + <children> + <node name="lcd" owner="${vyos_conf_scripts_dir}/system_lcd.py"> + <properties> + <help>System LCD display</help> + <priority>100</priority> + </properties> + <children> + <leafNode name="model"> + <properties> + <help>Model of the display attached to this system [REQUIRED]</help> + <completionHelp> + <list>cfa-533 cfa-631 cfa-633 cfa-635 sdec</list> + </completionHelp> + <valueHelp> + <format>cfa-533</format> + <description>Crystalfontz CFA-533</description> + </valueHelp> + <valueHelp> + <format>cfa-631</format> + <description>Crystalfontz CFA-631</description> + </valueHelp> + <valueHelp> + <format>cfa-633</format> + <description>Crystalfontz CFA-633</description> + </valueHelp> + <valueHelp> + <format>cfa-635</format> + <description>Crystalfontz CFA-635</description> + </valueHelp> + <valueHelp> + <format>sdec</format> + <description>Lanner, Watchguard, Nexcom NSA, Sophos UTM appliances</description> + </valueHelp> + <constraint> + <regex>^(cfa-533|cfa-631|cfa-633|cfa-635|sdec)$</regex> + </constraint> + </properties> + </leafNode> + <leafNode name="device"> + <properties> + <help>Physical device used by LCD display</help> + <completionHelp> + <script>ls -1 /dev | grep ttyS</script> + <script>if [ -d /dev/serial/by-bus ]; then ls -1 /dev/serial/by-bus; fi</script> + </completionHelp> + <valueHelp> + <format>ttySXX</format> + <description>TTY device name, regular serial port</description> + </valueHelp> + <valueHelp> + <format>usbNbXpY</format> + <description>TTY device name, USB based</description> + </valueHelp> + <constraint> + <regex>^(ttyS[0-9]+|usb[0-9]+b.*)$</regex> + </constraint> + </properties> + </leafNode> + </children> + </node> + </children> + </node> +</interfaceDefinition> diff --git a/interface-definitions/system-options.xml.in b/interface-definitions/system-options.xml.in index 194773329..a5fec10db 100644 --- a/interface-definitions/system-options.xml.in +++ b/interface-definitions/system-options.xml.in @@ -46,13 +46,21 @@ </leafNode> <node name="http-client"> <properties> - <help>Global options used for HTTP based commands</help> + <help>Global options used for HTTP client</help> </properties> <children> #include <include/source-interface.xml.i> #include <include/source-address-ipv4-ipv6.xml.i> </children> </node> + <node name="ssh-client"> + <properties> + <help>Global options used for SSH client</help> + </properties> + <children> + #include <include/source-address-ipv4-ipv6.xml.i> + </children> + </node> </children> </node> </children> diff --git a/interface-definitions/vpn_openconnect.xml.in b/interface-definitions/vpn_openconnect.xml.in new file mode 100644 index 000000000..16fe660a9 --- /dev/null +++ b/interface-definitions/vpn_openconnect.xml.in @@ -0,0 +1,258 @@ +<?xml version="1.0"?> +<interfaceDefinition> + <node name="vpn"> + <children> + <node name="openconnect" owner="${vyos_conf_scripts_dir}/vpn_openconnect.py"> + <properties> + <help>SSL VPN OpenConnect, AnyConnect compatible server</help> + <priority>901</priority> + </properties> + <children> + <node name="authentication"> + <properties> + <help>Authentication for remote access SSL VPN Server</help> + </properties> + <children> + <leafNode name="mode"> + <properties> + <help>Authentication mode used by this server</help> + <valueHelp> + <format>local</format> + <description>Use local username/password configuration</description> + </valueHelp> + <valueHelp> + <format>radius</format> + <description>Use RADIUS server for user autentication</description> + </valueHelp> + <constraint> + <regex>(local|radius)</regex> + </constraint> + <completionHelp> + <list>local radius</list> + </completionHelp> + </properties> + </leafNode> + <node name="local-users"> + <properties> + <help>Local user authentication for SSL VPN server</help> + </properties> + <children> + <tagNode name="username"> + <properties> + <help>User name for authentication</help> + </properties> + <children> + <leafNode name="disable"> + <properties> + <help>Option to disable a SSL VPN Server user</help> + <valueless /> + </properties> + </leafNode> + <leafNode name="password"> + <properties> + <help>Password for authentication</help> + </properties> + </leafNode> + </children> + </tagNode> + </children> + </node> + #include <include/radius-server.xml.i> + <node name="radius"> + <children> + <leafNode name="timeout"> + <properties> + <help>Session timeout</help> + <valueHelp> + <format>1-30</format> + <description>Session timeout in seconds (default: 2)</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 1-30"/> + </constraint> + <constraintErrorMessage>Timeout must be between 1 and 30 seconds</constraintErrorMessage> + </properties> + <defaultValue>2</defaultValue> + </leafNode> + </children> + </node> + </children> + </node> + <node name="listen-ports"> + <properties> + <help>SSL Certificate, SSL Key and CA (/config/auth)</help> + </properties> + <children> + <leafNode name="tcp"> + <properties> + <help>tcp port number to accept connections (default: 443)</help> + <valueHelp> + <format>1-65535</format> + <description>Numeric IP port (default: 443)</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 1-65535"/> + </constraint> + </properties> + <defaultValue>443</defaultValue> + </leafNode> + <leafNode name="udp"> + <properties> + <help>udp port number to accept connections (default: 443)</help> + <valueHelp> + <format>1-65535</format> + <description>Numeric IP port (default: 443)</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 1-65535"/> + </constraint> + </properties> + <defaultValue>443</defaultValue> + </leafNode> + </children> + </node> + <node name="ssl"> + <properties> + <help>SSL Certificate, SSL Key and CA (/config/auth)</help> + </properties> + <children> + <leafNode name="ca-cert-file"> + <properties> + <help>Certificate Authority certificate</help> + <completionHelp> + <script>ls /config/auth</script> + </completionHelp> + <valueHelp> + <format>file</format> + <description>File in /config/auth directory</description> + </valueHelp> + <constraint> + <validator name="file-exists" argument="--directory /config"/> + </constraint> + </properties> + </leafNode> + <leafNode name="cert-file"> + <properties> + <help>Server Certificate</help> + <valueHelp> + <format>file</format> + <description>File in /config/auth directory</description> + </valueHelp> + <constraint> + <validator name="file-exists" argument="--directory /config"/> + </constraint> + </properties> + </leafNode> + <leafNode name="key-file"> + <properties> + <help>Privat Key of the Server Certificate</help> + <valueHelp> + <format>file</format> + <description>File in /config/auth directory</description> + </valueHelp> + <constraint> + <validator name="file-exists" argument="--directory /config"/> + </constraint> + </properties> + </leafNode> + </children> + </node> + <node name="network-settings"> + <properties> + <help>Network settings</help> + </properties> + <children> + <leafNode name="push-route"> + <properties> + <help>Route to be pushed to the client</help> + <valueHelp> + <format>ipv4net</format> + <description>IPv4 network and prefix length</description> + </valueHelp> + <valueHelp> + <format>ipv6net</format> + <description>IPv6 network and prefix length</description> + </valueHelp> + <constraint> + <validator name="ip-prefix"/> + </constraint> + <multi/> + </properties> + </leafNode> + <node name="client-ip-settings"> + <properties> + <help>Client IP pools settings</help> + </properties> + <children> + <leafNode name="subnet"> + <properties> + <help>Client IP subnet (CIDR notation)</help> + <valueHelp> + <format>ipv4net</format> + <description>IPv4 address and prefix length</description> + </valueHelp> + <constraint> + <validator name="ipv4-prefix"/> + </constraint> + <constraintErrorMessage>Not a valid CIDR formatted prefix</constraintErrorMessage> + </properties> + </leafNode> + </children> + </node> + <node name="client-ipv6-pool"> + <properties> + <help>Pool of client IPv6 addresses</help> + </properties> + <children> + <leafNode name="prefix"> + <properties> + <help>Pool of addresses used to assign to clients</help> + <valueHelp> + <format>ipv6net</format> + <description>IPv6 address and prefix length</description> + </valueHelp> + <constraint> + <validator name="ipv6-prefix"/> + </constraint> + </properties> + </leafNode> + <leafNode name="mask"> + <properties> + <help>Prefix length used for individual client</help> + <valueHelp> + <format><48-128></format> + <description>Client prefix length (default: 64)</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 48-128"/> + </constraint> + </properties> + <defaultValue>64</defaultValue> + </leafNode> + </children> + </node> + <leafNode name="name-server"> + <properties> + <help>Domain Name Server (DNS) propagated to client</help> + <valueHelp> + <format>ipv4</format> + <description>Domain Name Server (DNS) IPv4 address</description> + </valueHelp> + <valueHelp> + <format>ipv6</format> + <description>Domain Name Server (DNS) IPv6 address</description> + </valueHelp> + <constraint> + <validator name="ipv4-address"/> + <validator name="ipv6-address"/> + </constraint> + <multi/> + </properties> + </leafNode> + </children> + </node> + </children> + </node> + </children> +</node> +</interfaceDefinition> |