T4916: Rewrite IPsec peer authentication and psk migration

Rewrite strongswan IPsec authentication to reflect structure
from swanctl.conf
The most important change is that more than one local/remote ID in the
same auth entry should be allowed

replace: 'ipsec site-to-site peer <tag> authentication pre-shared-secret xxx'
      => 'ipsec authentication psk <tag> secret xxx'

set vpn ipsec authentication psk <tag> id '192.0.2.1'
set vpn ipsec authentication psk <tag> id '192.0.2.2'
set vpn ipsec authentication psk <tag> secret 'xxx'
set vpn ipsec site-to-site peer <tag> authentication local-id '192.0.2.1'
set vpn ipsec site-to-site peer <tag> authentication mode 'pre-shared-secret'
set vpn ipsec site-to-site peer <tag> authentication remote-id '192.0.2.2'

Add template filter for Jinja2 'generate_uuid4'

1 files changed, 18 insertions, 0 deletions

diff --git a/interface-definitions/include/dhcp-interface-multi.xml.i b/interface-definitions/include/dhcp-interface-multi.xml.i
new file mode 100644
index 000000000..c74751a19
--- /dev/null
+++ b/interface-definitions/include/dhcp-interface-multi.xml.i
@@ -0,0 +1,18 @@
+<!-- include start from dhcp-interface-multi.xml.i -->
+<leafNode name="dhcp-interface">
+  <properties>
+    <help>DHCP interface supplying next-hop IP address</help>
+    <completionHelp>
+      <script>${vyos_completion_dir}/list_interfaces.py</script>
+    </completionHelp>
+    <valueHelp>
+      <format>txt</format>
+      <description>DHCP interface name</description>
+    </valueHelp>
+    <constraint>
+      #include <include/constraint/interface-name.xml.in>
+    </constraint>
+    <multi/>
+  </properties>
+</leafNode>
+<!-- include end -->
\ No newline at end of file