summaryrefslogtreecommitdiff
path: root/interface-definitions/vpn-ipsec.xml.in
diff options
context:
space:
mode:
authoraapostoliuk <a.apostoliuk@vyos.io>2023-01-18 19:15:44 +0200
committeraapostoliuk <a.apostoliuk@vyos.io>2023-01-18 19:15:44 +0200
commit7a663a75dc8b2f9842b72a05e17240edb4008849 (patch)
tree7bde236898035b5f95f54ae2d1ee7bd25bb6ebad /interface-definitions/vpn-ipsec.xml.in
parent6b2e7dc343eaf2e5eabbacb0d4b6440fb04ada94 (diff)
downloadvyos-1x-7a663a75dc8b2f9842b72a05e17240edb4008849.tar.gz
vyos-1x-7a663a75dc8b2f9842b72a05e17240edb4008849.zip
ipsec: T4925: Added PRF into IKE group
Added the possibility to configure Pseudo-Random Functions (PRF) in IKE group set vpn ipsec ike-group <Ike-grp> proposal <number> prf <PRF>
Diffstat (limited to 'interface-definitions/vpn-ipsec.xml.in')
-rw-r--r--interface-definitions/vpn-ipsec.xml.in39
1 files changed, 39 insertions, 0 deletions
diff --git a/interface-definitions/vpn-ipsec.xml.in b/interface-definitions/vpn-ipsec.xml.in
index fd74a51d7..fa12d999c 100644
--- a/interface-definitions/vpn-ipsec.xml.in
+++ b/interface-definitions/vpn-ipsec.xml.in
@@ -465,6 +465,45 @@
</properties>
<defaultValue>2</defaultValue>
</leafNode>
+ <leafNode name="prf">
+ <properties>
+ <help>Pseudo-Random Functions</help>
+ <completionHelp>
+ <list>prfmd5 prfsha1 prfaesxcbc prfaescmac prfsha256 prfsha384 prfsha512</list>
+ </completionHelp>
+ <valueHelp>
+ <format>prfmd5</format>
+ <description>MD5 PRF</description>
+ </valueHelp>
+ <valueHelp>
+ <format>prfsha1</format>
+ <description>SHA1 PRF</description>
+ </valueHelp>
+ <valueHelp>
+ <format>prfaesxcbc</format>
+ <description>AES XCBC PRF</description>
+ </valueHelp>
+ <valueHelp>
+ <format>prfaescmac</format>
+ <description>AES CMAC PRF</description>
+ </valueHelp>
+ <valueHelp>
+ <format>prfsha256</format>
+ <description>SHA2_256 PRF</description>
+ </valueHelp>
+ <valueHelp>
+ <format>prfsha384</format>
+ <description>SHA2_384 PRF</description>
+ </valueHelp>
+ <valueHelp>
+ <format>prfsha512</format>
+ <description>SHA2_512 PRF</description>
+ </valueHelp>
+ <constraint>
+ <regex>(prfmd5|prfsha1|prfaesxcbc|prfaescmac|prfsha256|prfsha384|prfsha512)</regex>
+ </constraint>
+ </properties>
+ </leafNode>
#include <include/vpn-ipsec-encryption.xml.i>
#include <include/vpn-ipsec-hash.xml.i>
</children>
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-07 17:45:42 +0000