summaryrefslogtreecommitdiff
path: root/interface-definitions
diff options
context:
space:
mode:
authorChristian Breunig <christian@breunig.cc>2023-06-22 22:41:48 +0200
committerGitHub <noreply@github.com>2023-06-22 22:41:48 +0200
commitb5976afd68b850523335ec64db7e1e59efb8f9fd (patch)
treec1a2932dbec7dc3e498ad5bd9db2831249c4b1fa /interface-definitions
parent2128dc0ddf6b921f440067d7b862f30d9fad0cb2 (diff)
parent3ec727670de02cac06321719a0323650046d54a1 (diff)
downloadvyos-1x-b5976afd68b850523335ec64db7e1e59efb8f9fd.tar.gz
vyos-1x-b5976afd68b850523335ec64db7e1e59efb8f9fd.zip
Merge pull request #2038 from c-po/t141-tacacs
T141: add TACACS support
Diffstat (limited to 'interface-definitions')
-rw-r--r--interface-definitions/include/radius-server-auth-port.xml.i11
-rw-r--r--interface-definitions/system-login.xml.in59
2 files changed, 46 insertions, 24 deletions
diff --git a/interface-definitions/include/radius-server-auth-port.xml.i b/interface-definitions/include/radius-server-auth-port.xml.i
index 660fa540f..d9ea1d445 100644
--- a/interface-definitions/include/radius-server-auth-port.xml.i
+++ b/interface-definitions/include/radius-server-auth-port.xml.i
@@ -1,15 +1,6 @@
<!-- include start from radius-server-auth-port.xml.i -->
+#include <include/port-number.xml.i>
<leafNode name="port">
- <properties>
- <help>Authentication port</help>
- <valueHelp>
- <format>u32:1-65535</format>
- <description>Numeric IP port</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--range 1-65535"/>
- </constraint>
- </properties>
<defaultValue>1812</defaultValue>
</leafNode>
<!-- include end -->
diff --git a/interface-definitions/system-login.xml.in b/interface-definitions/system-login.xml.in
index be4f53c3b..d772c7821 100644
--- a/interface-definitions/system-login.xml.in
+++ b/interface-definitions/system-login.xml.in
@@ -193,20 +193,7 @@
<children>
<tagNode name="server">
<children>
- <leafNode name="timeout">
- <properties>
- <help>Session timeout</help>
- <valueHelp>
- <format>u32:1-30</format>
- <description>Session timeout in seconds</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--range 1-30"/>
- </constraint>
- <constraintErrorMessage>Timeout must be between 1 and 30 seconds</constraintErrorMessage>
- </properties>
- <defaultValue>2</defaultValue>
- </leafNode>
+ #include <include/radius-timeout.xml.i>
<leafNode name="priority">
<properties>
<help>Server priority</help>
@@ -225,6 +212,50 @@
#include <include/interface/vrf.xml.i>
</children>
</node>
+ <node name="tacacs">
+ <properties>
+ <help>TACACS+ based user authentication</help>
+ </properties>
+ <children>
+ <tagNode name="server">
+ <properties>
+ <help>TACACS+ server configuration</help>
+ <valueHelp>
+ <format>ipv4</format>
+ <description>TACACS+ server IPv4 address</description>
+ </valueHelp>
+ <constraint>
+ <validator name="ipv4-address"/>
+ </constraint>
+ </properties>
+ <children>
+ #include <include/generic-disable-node.xml.i>
+ #include <include/radius-server-key.xml.i>
+ #include <include/port-number.xml.i>
+ <leafNode name="port">
+ <defaultValue>49</defaultValue>
+ </leafNode>
+ </children>
+ </tagNode>
+ <leafNode name="source-address">
+ <properties>
+ <help>Source IP used to communicate with TACACS+ server</help>
+ <completionHelp>
+ <script>${vyos_completion_dir}/list_local_ips.sh --ipv4</script>
+ </completionHelp>
+ <valueHelp>
+ <format>ipv4</format>
+ <description>IPv4 source address</description>
+ </valueHelp>
+ <constraint>
+ <validator name="ipv4-address"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ #include <include/radius-timeout.xml.i>
+ #include <include/interface/vrf.xml.i>
+ </children>
+ </node>
<leafNode name="max-login-session">
<properties>
<help>Maximum number of all login sessions</help>