Merge pull request #1477 from sempervictus/feature/ocserv_groups

T3896(adjacent): Fix ocserv local user requirement, add groupconfig
author: Viacheslav Hletenko <v.gletenko@vyos.io> 2022-09-15 17:28:11 +0300
committer: GitHub <noreply@github.com> 2022-09-15 17:28:11 +0300
commit: 7a2ad35ec8ecd84d162a3e5dc41b50f31d18dc10 (patch)
tree: 7bc3dcdb730ebba58fb35d170f1496cded6024c2 /interface-definitions
parent: d41909874a6a7e2264e0a89928885b491efd9851 (diff)
parent: e5785ff748f93b66879d8bd0393c208c6df574a9 (diff)
download: vyos-1x-7a2ad35ec8ecd84d162a3e5dc41b50f31d18dc10.tar.gz
vyos-1x-7a2ad35ec8ecd84d162a3e5dc41b50f31d18dc10.zip
1 files changed, 35 insertions, 0 deletions
diff --git a/interface-definitions/vpn-openconnect.xml.in b/interface-definitions/vpn-openconnect.xml.in
index 6309863c5..522465611 100644
--- a/interface-definitions/vpn-openconnect.xml.in
+++ b/interface-definitions/vpn-openconnect.xml.in
@@ -50,6 +50,16 @@
                   </leafNode>
                 </children>
               </node>
+              <leafNode name="group">
+                <properties>
+                  <help>Group that a client is allowed to select (from a list). Maps to RADIUS Class attribute.</help>
+                  <valueHelp>
+                    <format>txt</format>
+                    <description>Group string. The group may be followed by a user-friendly name in brackets: group1[First Group]</description>
+                  </valueHelp>
+                  <multi/>
+                </properties>
+              </leafNode>
               #include <include/auth-local-users.xml.i>
               <node name="local-users">
                 <children>
@@ -144,6 +154,11 @@
                     </properties>
                     <defaultValue>2</defaultValue>
                   </leafNode>
+                  <leafNode name="groupconfig">
+                    <properties>
+                      <help>If the groupconfig option is set, then config-per-user will be overriden, and all configuration will be read from radius.</help>
+                    </properties>
+                  </leafNode>
                 </children>
               </node>
             </children>
@@ -278,6 +293,26 @@
                   <multi/>
                 </properties>
               </leafNode>
+              <leafNode name="tunnel-all-dns">
+                <properties>
+                  <help>If the tunnel-all-dns option is set to yes, tunnel all DNS queries via the VPN. This is the default when a default route is set.</help>
+                  <completionHelp>
+                    <list>yes no</list>
+                  </completionHelp>
+                  <valueHelp>
+                    <format>yes</format>
+                    <description>Enable tunneling of all DNS traffic</description>
+                  </valueHelp>
+                  <valueHelp>
+                    <format>no</format>
+                    <description>Disable tunneling of all DNS traffic</description>
+                  </valueHelp>
+                  <constraint>
+                    <regex>(yes|no)</regex>
+                  </constraint>
+                </properties>
+                <defaultValue>no</defaultValue>
+              </leafNode>
             </children>
           </node>
       </children>
author	Viacheslav Hletenko <v.gletenko@vyos.io>	2022-09-15 17:28:11 +0300
committer	GitHub <noreply@github.com>	2022-09-15 17:28:11 +0300
commit	7a2ad35ec8ecd84d162a3e5dc41b50f31d18dc10 (patch)
tree	7bc3dcdb730ebba58fb35d170f1496cded6024c2 /interface-definitions
parent	d41909874a6a7e2264e0a89928885b491efd9851 (diff)
parent	e5785ff748f93b66879d8bd0393c208c6df574a9 (diff)
download	vyos-1x-7a2ad35ec8ecd84d162a3e5dc41b50f31d18dc10.tar.gz vyos-1x-7a2ad35ec8ecd84d162a3e5dc41b50f31d18dc10.zip