From a68c9238111c6caee78bb28f8054b8f0cfa0e374 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Thu, 24 Feb 2022 22:47:12 +0100 Subject: scripts: T4269: node.def generator should automatically add default values Since introducing the XML node it was common, but redundant, practice to also add a help string indicating which value would be used as default if the node is unset. This makes no sense b/c it's duplicated code/value/characters and prone to error. The node.def scripts should be extended to automatically render the appropriate default value into the CLI help string. For e.g. SSH the current PoC renders: $ cat templates-cfg/service/ssh/port/node.def multi: type: txt help: Port for SSH service (default: 22) val_help: u32:1-65535; Numeric IP port ... Not all subsystems are already migrated to get_config_dict() and make use of the defaults() call - those subsystems need to be migrated, first before the new default is added to the CLI help. --- interface-definitions/vpn_ipsec.xml.in | 32 ++++++++++++++++---------------- 1 file changed, 16 insertions(+), 16 deletions(-) (limited to 'interface-definitions/vpn_ipsec.xml.in') diff --git a/interface-definitions/vpn_ipsec.xml.in b/interface-definitions/vpn_ipsec.xml.in index dae76218f..147bb99ba 100644 --- a/interface-definitions/vpn_ipsec.xml.in +++ b/interface-definitions/vpn_ipsec.xml.in @@ -30,7 +30,7 @@ disable - Disable ESP compression (default) + Disable ESP compression enable @@ -47,7 +47,7 @@ ESP lifetime u32:30-86400 - ESP lifetime in seconds (default: 3600) + ESP lifetime in seconds @@ -87,7 +87,7 @@ tunnel - Tunnel mode (default) + Tunnel mode transport @@ -107,7 +107,7 @@ enable - Inherit Diffie-Hellman group from the IKE group (default) + Inherit Diffie-Hellman group from the IKE group dh-group1 @@ -235,7 +235,7 @@ none - Do nothing (default) + Do nothing hold @@ -267,7 +267,7 @@ hold - Attempt to re-negotiate the connection when matching traffic is seen (default) + Attempt to re-negotiate the connection when matching traffic is seen clear @@ -287,7 +287,7 @@ Keep-alive interval u32:2-86400 - Keep-alive interval in seconds (default: 30) + Keep-alive interval in seconds @@ -299,7 +299,7 @@ Dead Peer Detection keep-alive timeout (IKEv1 only) u32:2-86400 - Keep-alive timeout in seconds (default 120) + Keep-alive timeout in seconds @@ -310,7 +310,7 @@ - Re-authentication of the remote peer during an IKE re-key. IKEv2 option only + Re-authentication of the remote peer during an IKE re-key - IKEv2 only yes no @@ -320,7 +320,7 @@ no - Disable remote host re-authenticaton during an IKE rekey. (default) + Disable remote host re-authenticaton during an IKE rekey ^(yes|no)$ @@ -351,7 +351,7 @@ IKE lifetime u32:30-86400 - IKE lifetime in seconds (default: 28800) + IKE lifetime in seconds @@ -367,7 +367,7 @@ enable - Enable MOBIKE (default for IKEv2) + Enable MOBIKE disable @@ -386,7 +386,7 @@ main - Use the main mode (recommended, default) + Use the main mode (recommended) aggressive @@ -533,7 +533,7 @@ strongSwan logging Level 0 - Very basic auditing logs e.g. SA up/SA down (default) + Very basic auditing logs e.g. SA up/SA down 1 @@ -791,7 +791,7 @@ u32:1-86400 - Timeout in seconds (default: 28800) + Timeout in seconds @@ -1067,7 +1067,7 @@ inherit - Inherit the reauth configuration form your IKE-group (default) + Inherit the reauth configuration form your IKE-group ^(yes|no|inherit)$ -- cgit v1.2.3