summaryrefslogtreecommitdiff
path: root/interface-definitions
diff options
context:
space:
mode:
authorChristian Breunig <christian@breunig.cc>2023-01-28 10:10:06 +0100
committerGitHub <noreply@github.com>2023-01-28 10:10:06 +0100
commit875bce2e79539b4ec3501fd75317ee2e1858edff (patch)
tree16ffe63b43b5a699e7816987c210fd12a1ff491b /interface-definitions
parent248d4eda9304c34aaa9b2a8cd7a2b1c0bbbf91fe (diff)
parent9321e75d1edbffe10b6194062c6fad7cbf205e3e (diff)
downloadvyos-1x-875bce2e79539b4ec3501fd75317ee2e1858edff.tar.gz
vyos-1x-875bce2e79539b4ec3501fd75317ee2e1858edff.zip
Merge pull request #1787 from PeppyH/T4958-openconnect-radius-accounting
T4958: ocserv: openconnect: Add RADIUS accounting support
Diffstat (limited to 'interface-definitions')
-rw-r--r--interface-definitions/include/radius-acct-server-ipv4.xml.i26
-rw-r--r--interface-definitions/include/radius-auth-server-ipv4.xml.i (renamed from interface-definitions/include/radius-server-ipv4.xml.i)4
-rw-r--r--interface-definitions/include/radius-server-acct-port.xml.i15
-rw-r--r--interface-definitions/include/radius-server-auth-port.xml.i (renamed from interface-definitions/include/radius-server-port.xml.i)2
-rw-r--r--interface-definitions/include/radius-server-ipv4-ipv6.xml.i2
-rw-r--r--interface-definitions/interfaces-wireless.xml.in2
-rw-r--r--interface-definitions/service-ipoe-server.xml.in2
-rw-r--r--interface-definitions/service-pppoe-server.xml.in2
-rw-r--r--interface-definitions/vpn-ipsec.xml.in2
-rw-r--r--interface-definitions/vpn-l2tp.xml.in2
-rw-r--r--interface-definitions/vpn-openconnect.xml.in23
-rw-r--r--interface-definitions/vpn-pptp.xml.in2
-rw-r--r--interface-definitions/vpn-sstp.xml.in2
13 files changed, 74 insertions, 12 deletions
diff --git a/interface-definitions/include/radius-acct-server-ipv4.xml.i b/interface-definitions/include/radius-acct-server-ipv4.xml.i
new file mode 100644
index 000000000..9365aa8e9
--- /dev/null
+++ b/interface-definitions/include/radius-acct-server-ipv4.xml.i
@@ -0,0 +1,26 @@
+<!-- include start from radius-acct-server-ipv4.xml.i -->
+<node name="radius">
+ <properties>
+ <help>RADIUS accounting for users OpenConnect VPN sessions OpenConnect authentication mode radius</help>
+ </properties>
+ <children>
+ <tagNode name="server">
+ <properties>
+ <help>RADIUS server configuration</help>
+ <valueHelp>
+ <format>ipv4</format>
+ <description>RADIUS server IPv4 address</description>
+ </valueHelp>
+ <constraint>
+ <validator name="ipv4-address"/>
+ </constraint>
+ </properties>
+ <children>
+ #include <include/generic-disable-node.xml.i>
+ #include <include/radius-server-key.xml.i>
+ #include <include/radius-server-acct-port.xml.i>
+ </children>
+ </tagNode>
+ </children>
+</node>
+<!-- include end -->
diff --git a/interface-definitions/include/radius-server-ipv4.xml.i b/interface-definitions/include/radius-auth-server-ipv4.xml.i
index ab4c8e10e..dc6f4d878 100644
--- a/interface-definitions/include/radius-server-ipv4.xml.i
+++ b/interface-definitions/include/radius-auth-server-ipv4.xml.i
@@ -1,4 +1,4 @@
-<!-- include start from radius-server-ipv4.xml.i -->
+<!-- include start from radius-auth-server-ipv4.xml.i -->
<node name="radius">
<properties>
<help>RADIUS based user authentication</help>
@@ -19,7 +19,7 @@
<children>
#include <include/generic-disable-node.xml.i>
#include <include/radius-server-key.xml.i>
- #include <include/radius-server-port.xml.i>
+ #include <include/radius-server-auth-port.xml.i>
</children>
</tagNode>
</children>
diff --git a/interface-definitions/include/radius-server-acct-port.xml.i b/interface-definitions/include/radius-server-acct-port.xml.i
new file mode 100644
index 000000000..0b356fa18
--- /dev/null
+++ b/interface-definitions/include/radius-server-acct-port.xml.i
@@ -0,0 +1,15 @@
+<!-- include start from radius-server-acct-port.xml.i -->
+<leafNode name="port">
+ <properties>
+ <help>Accounting port</help>
+ <valueHelp>
+ <format>u32:1-65535</format>
+ <description>Numeric IP port</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1-65535"/>
+ </constraint>
+ </properties>
+ <defaultValue>1813</defaultValue>
+</leafNode>
+<!-- include end -->
diff --git a/interface-definitions/include/radius-server-port.xml.i b/interface-definitions/include/radius-server-auth-port.xml.i
index c6b691a0f..660fa540f 100644
--- a/interface-definitions/include/radius-server-port.xml.i
+++ b/interface-definitions/include/radius-server-auth-port.xml.i
@@ -1,4 +1,4 @@
-<!-- include start from radius-server-port.xml.i -->
+<!-- include start from radius-server-auth-port.xml.i -->
<leafNode name="port">
<properties>
<help>Authentication port</help>
diff --git a/interface-definitions/include/radius-server-ipv4-ipv6.xml.i b/interface-definitions/include/radius-server-ipv4-ipv6.xml.i
index 5b12bec62..c593512b4 100644
--- a/interface-definitions/include/radius-server-ipv4-ipv6.xml.i
+++ b/interface-definitions/include/radius-server-ipv4-ipv6.xml.i
@@ -23,7 +23,7 @@
<children>
#include <include/generic-disable-node.xml.i>
#include <include/radius-server-key.xml.i>
- #include <include/radius-server-port.xml.i>
+ #include <include/radius-server-auth-port.xml.i>
</children>
</tagNode>
<leafNode name="source-address">
diff --git a/interface-definitions/interfaces-wireless.xml.in b/interface-definitions/interfaces-wireless.xml.in
index aff5071b2..a9538d577 100644
--- a/interface-definitions/interfaces-wireless.xml.in
+++ b/interface-definitions/interfaces-wireless.xml.in
@@ -725,7 +725,7 @@
<constraintErrorMessage>Invalid WPA pass phrase, must be 8 to 63 printable characters!</constraintErrorMessage>
</properties>
</leafNode>
- #include <include/radius-server-ipv4.xml.i>
+ #include <include/radius-auth-server-ipv4.xml.i>
<node name="radius">
<children>
<tagNode name="server">
diff --git a/interface-definitions/service-ipoe-server.xml.in b/interface-definitions/service-ipoe-server.xml.in
index ef8569437..d778f9de0 100644
--- a/interface-definitions/service-ipoe-server.xml.in
+++ b/interface-definitions/service-ipoe-server.xml.in
@@ -220,7 +220,7 @@
#include <include/accel-ppp/radius-additions-rate-limit.xml.i>
</children>
</node>
- #include <include/radius-server-ipv4.xml.i>
+ #include <include/radius-auth-server-ipv4.xml.i>
#include <include/accel-ppp/radius-additions.xml.i>
</children>
</node>
diff --git a/interface-definitions/service-pppoe-server.xml.in b/interface-definitions/service-pppoe-server.xml.in
index 47ad96582..68592b96b 100644
--- a/interface-definitions/service-pppoe-server.xml.in
+++ b/interface-definitions/service-pppoe-server.xml.in
@@ -20,7 +20,7 @@
#include <include/accel-ppp/auth-local-users.xml.i>
#include <include/accel-ppp/auth-mode.xml.i>
#include <include/accel-ppp/auth-protocols.xml.i>
- #include <include/radius-server-ipv4.xml.i>
+ #include <include/radius-auth-server-ipv4.xml.i>
#include <include/accel-ppp/radius-additions.xml.i>
<node name="radius">
<children>
diff --git a/interface-definitions/vpn-ipsec.xml.in b/interface-definitions/vpn-ipsec.xml.in
index fa12d999c..4bb9ad145 100644
--- a/interface-definitions/vpn-ipsec.xml.in
+++ b/interface-definitions/vpn-ipsec.xml.in
@@ -923,7 +923,7 @@
#include <include/name-server-ipv4-ipv6.xml.i>
</children>
</tagNode>
- #include <include/radius-server-ipv4.xml.i>
+ #include <include/radius-auth-server-ipv4.xml.i>
<node name="radius">
<children>
#include <include/radius-nas-identifier.xml.i>
diff --git a/interface-definitions/vpn-l2tp.xml.in b/interface-definitions/vpn-l2tp.xml.in
index 86aeb324e..0a92017bd 100644
--- a/interface-definitions/vpn-l2tp.xml.in
+++ b/interface-definitions/vpn-l2tp.xml.in
@@ -178,7 +178,7 @@
#include <include/accel-ppp/ppp-mppe.xml.i>
#include <include/accel-ppp/auth-mode.xml.i>
#include <include/accel-ppp/auth-local-users.xml.i>
- #include <include/radius-server-ipv4.xml.i>
+ #include <include/radius-auth-server-ipv4.xml.i>
<node name="radius">
<children>
<tagNode name="server">
diff --git a/interface-definitions/vpn-openconnect.xml.in b/interface-definitions/vpn-openconnect.xml.in
index 82fe2bbc9..a426f604d 100644
--- a/interface-definitions/vpn-openconnect.xml.in
+++ b/interface-definitions/vpn-openconnect.xml.in
@@ -8,6 +8,27 @@
<priority>901</priority>
</properties>
<children>
+ <node name="accounting">
+ <properties>
+ <help>Accounting for users OpenConnect VPN Sessions</help>
+ </properties>
+ <children>
+ <node name="mode">
+ <properties>
+ <help>Accounting mode used by this server</help>
+ </properties>
+ <children>
+ <leafNode name="radius">
+ <properties>
+ <help>Use RADIUS server for accounting</help>
+ <valueless/>
+ </properties>
+ </leafNode>
+ </children>
+ </node>
+ #include <include/radius-acct-server-ipv4.xml.i>
+ </children>
+ </node>
<node name="authentication">
<properties>
<help>Authentication for remote access SSL VPN Server</help>
@@ -137,7 +158,7 @@
</tagNode>
</children>
</node>
- #include <include/radius-server-ipv4.xml.i>
+ #include <include/radius-auth-server-ipv4.xml.i>
<node name="radius">
<children>
#include <include/radius-timeout.xml.i>
diff --git a/interface-definitions/vpn-pptp.xml.in b/interface-definitions/vpn-pptp.xml.in
index 5e52965fd..00ffd26f9 100644
--- a/interface-definitions/vpn-pptp.xml.in
+++ b/interface-definitions/vpn-pptp.xml.in
@@ -108,7 +108,7 @@
</tagNode>
</children>
</node>
- #include <include/radius-server-ipv4.xml.i>
+ #include <include/radius-auth-server-ipv4.xml.i>
#include <include/accel-ppp/radius-additions.xml.i>
#include <include/accel-ppp/radius-additions-rate-limit.xml.i>
</children>
diff --git a/interface-definitions/vpn-sstp.xml.in b/interface-definitions/vpn-sstp.xml.in
index 195d581df..9e912063f 100644
--- a/interface-definitions/vpn-sstp.xml.in
+++ b/interface-definitions/vpn-sstp.xml.in
@@ -16,7 +16,7 @@
#include <include/accel-ppp/auth-local-users.xml.i>
#include <include/accel-ppp/auth-mode.xml.i>
#include <include/accel-ppp/auth-protocols.xml.i>
- #include <include/radius-server-ipv4.xml.i>
+ #include <include/radius-auth-server-ipv4.xml.i>
#include <include/accel-ppp/radius-additions.xml.i>
<node name="radius">
<children>