summaryrefslogtreecommitdiff
path: root/interface-definitions
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2020-03-20 23:25:56 +0100
committerChristian Poessinger <christian@poessinger.com>2020-03-20 23:25:56 +0100
commit940e9f5d60cfc180dc32100dfa0f28b74d3dcd4a (patch)
tree524b1885fe2ab1a3008cec4c590cc99e3b95db3d /interface-definitions
parent7a211cf6a9bd9cf2014a1c23ea04aa69f49da0a4 (diff)
parent95c42faa4436c5dd761049a8a6e75996c815cc2c (diff)
downloadvyos-1x-940e9f5d60cfc180dc32100dfa0f28b74d3dcd4a.tar.gz
vyos-1x-940e9f5d60cfc180dc32100dfa0f28b74d3dcd4a.zip
Merge branch 'sstp-rewrite' of github.com:c-po/vyos-1x into current
* 'sstp-rewrite' of github.com:c-po/vyos-1x: sstp: T2008: migrate SSL certificate nodes sstp: T2006: fix valueHelp and validators for numeric values sstp: T2008: remove req-limit config node sstp: T2110: use uniform RADIUS CLI syntax sstp: T2008: adjust config syntax to common style ntp: only import deepcopy from copy sstp: T2008: use pep8 formatting sstp: T2008: dns: unwind configuration sstp: T2008: move to vpn node sstp: T2007: fix MTU boundaries
Diffstat (limited to 'interface-definitions')
-rw-r--r--interface-definitions/include/interface-mtu-68-1500.xml.i13
-rw-r--r--interface-definitions/vpn-sstp.xml.in (renamed from interface-definitions/sstp.xml.in)203
2 files changed, 104 insertions, 112 deletions
diff --git a/interface-definitions/include/interface-mtu-68-1500.xml.i b/interface-definitions/include/interface-mtu-68-1500.xml.i
new file mode 100644
index 000000000..81223c332
--- /dev/null
+++ b/interface-definitions/include/interface-mtu-68-1500.xml.i
@@ -0,0 +1,13 @@
+<leafNode name="mtu">
+ <properties>
+ <help>Maximum Transmission Unit (MTU)</help>
+ <valueHelp>
+ <format>68-1500</format>
+ <description>Maximum Transmission Unit</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 68-1500"/>
+ </constraint>
+ <constraintErrorMessage>MTU must be between 68 and 1500</constraintErrorMessage>
+ </properties>
+</leafNode>
diff --git a/interface-definitions/sstp.xml.in b/interface-definitions/vpn-sstp.xml.in
index 10b97b833..59aae9f7f 100644
--- a/interface-definitions/sstp.xml.in
+++ b/interface-definitions/vpn-sstp.xml.in
@@ -1,11 +1,11 @@
<?xml version="1.0"?>
<interfaceDefinition>
- <node name="service">
+ <node name="vpn">
<children>
- <node name="sstp-server" owner="${vyos_conf_scripts_dir}/accel_sstp.py">
+ <node name="sstp" owner="${vyos_conf_scripts_dir}/vpn_sstp.py">
<properties>
- <help>Secure Socket Tunneling Protocol (SSTP) Server</help>
- <priority>900</priority>
+ <help>Secure Socket Tunneling Protocol (SSTP) server</help>
+ <priority>901</priority>
</properties>
<children>
<node name="authentication">
@@ -113,85 +113,96 @@
<multi />
</properties>
</leafNode>
- <tagNode name="radius-server">
- <properties>
- <help>IP address of RADIUS server</help>
- <valueHelp>
- <format>ipv4</format>
- <description>IP address of RADIUS server</description>
- </valueHelp>
- </properties>
- <children>
- <leafNode name="secret">
- <properties>
- <help>Key for accessing the specified server</help>
- </properties>
- </leafNode>
- <leafNode name="req-limit">
- <properties>
- <help>Maximum number of simultaneous requests to server (default: unlimited)</help>
- </properties>
- </leafNode>
- <leafNode name="fail-time">
- <properties>
- <help>If server does not responds mark it as unavailable for this time (seconds)</help>
- </properties>
- </leafNode>
- </children>
- </tagNode>
- <node name="radius-settings">
- <properties>
- <help>RADIUS settings</help>
- </properties>
+ #include <include/radius-server.xml.i>
+ <node name="radius">
<children>
+ <tagNode name="server">
+ <children>
+ <leafNode name="fail-time">
+ <properties>
+ <help>Mark server unavailable for &lt;n&gt; seconds on failure</help>
+ <valueHelp>
+ <format>0-600</format>
+ <description>Fail time penalty</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 0-600"/>
+ </constraint>
+ <constraintErrorMessage>Fail time must be between 0 and 600 seconds</constraintErrorMessage>
+ </properties>
+ </leafNode>
+ </children>
+ </tagNode>
<leafNode name="timeout">
<properties>
- <help>Timeout to wait response from server (seconds)</help>
+ <help>Timeout in seconds to wait response from RADIUS server</help>
+ <valueHelp>
+ <format>1-60</format>
+ <description>Timeout in seconds</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1-60"/>
+ </constraint>
+ <constraintErrorMessage>Timeout must be between 1 and 60 seconds</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="acct-timeout">
<properties>
- <help>Timeout to wait reply for Interim-Update packets. (default 3 seconds)</help>
+ <help>Timeout for Interim-Update packets, terminate session afterwards (default 3 seconds)</help>
+ <valueHelp>
+ <format>0-60</format>
+ <description>Timeout in seconds, 0 to keep active</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 0-60"/>
+ </constraint>
+ <constraintErrorMessage>Timeout must be between 0 and 60 seconds</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="max-try">
<properties>
- <help>Maximum number of tries to send Access-Request/Accounting-Request queries</help>
+ <help>Number of tries to send Access-Request/Accounting-Request queries</help>
+ <valueHelp>
+ <format>1-20</format>
+ <description>Maximum tries</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1-20"/>
+ </constraint>
+ <constraintErrorMessage>Maximum tries must be between 1 and 20</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="nas-identifier">
<properties>
- <help>Value to send to RADIUS server in NAS-Identifier attribute and to be matched in DM/CoA requests.</help>
+ <help>NAS-Identifier attribute sent to RADIUS</help>
</properties>
</leafNode>
<leafNode name="nas-ip-address">
<properties>
- <help>Value to send to RADIUS server in NAS-IP-Address attribute and to be matched in DM/CoA requests. Also DM/CoA server will bind to that address.</help>
+ <help>NAS-IP-Address attribute sent to RADIUS</help>
<constraint>
<validator name="ipv4-address"/>
</constraint>
- <constraintErrorMessage>invalid IPv4 address</constraintErrorMessage>
<valueHelp>
<format>ipv4</format>
- <description>NAS-IP-Address Attribute Value</description>
+ <description>NAS-IP-Address attribute</description>
</valueHelp>
- </properties>
- </leafNode>
- <node name="dae-server">
+ </properties>
+ </leafNode>
+ <node name="dynamic-author">
<properties>
- <help>IPv4 address and port to bind Dynamic Authorization Extension server (DM/CoA)</help>
+ <help>Dynamic Authorization Extension/Change of Authorization server</help>
</properties>
<children>
- <leafNode name="ip-address">
+ <leafNode name="server">
<properties>
<help>IP address for Dynamic Authorization Extension server (DM/CoA)</help>
<constraint>
<validator name="ipv4-address"/>
</constraint>
- <constraintErrorMessage>invalid IPv4 address</constraintErrorMessage>
<valueHelp>
<format>ipv4</format>
- <description>Specifies IP address for Dynamic Authorization Extension server (DM/CoA)</description>
+ <description>IPv4 address for aynamic authorization server</description>
</valueHelp>
</properties>
</leafNode>
@@ -207,9 +218,9 @@
</constraint>
</properties>
</leafNode>
- <leafNode name="secret">
+ <leafNode name="key">
<properties>
- <help>Secret for Dynamic Authorization Extension server (DM/CoA)</help>
+ <help>Shared secret for Dynamic Authorization Extension server</help>
</properties>
</leafNode>
</children>
@@ -221,17 +232,17 @@
<children>
<leafNode name="attribute">
<properties>
- <help>Specifies which radius attribute contains rate information. (default is Filter-Id)</help>
+ <help>Specifies RADIUS attribute containing rate information (default 'Filter-Id')</help>
</properties>
</leafNode>
<leafNode name="vendor">
<properties>
- <help>Specifies the vendor dictionary. (dictionary needs to be in /usr/share/accel-ppp/radius)</help>
+ <help>Specifies vendor dictionary (needs to be in /usr/share/accel-ppp/radius)</help>
</properties>
</leafNode>
<leafNode name="enable">
<properties>
- <help>Enables Bandwidth shaping via RADIUS</help>
+ <help>Enable RADIUS bandwidth shaping</help>
<valueless />
</properties>
</leafNode>
@@ -241,42 +252,35 @@
</node>
</children>
</node>
- <node name="sstp-settings">
+ <node name="ssl">
<properties>
- <help>SSTP settings</help>
+ <help>SSL Certificate, SSL Key and CA (/config/user-data/sstp)</help>
</properties>
<children>
- <node name="ssl-certs">
+ <leafNode name="ca-cert-file">
<properties>
- <help>SSL Certificate, SSL Key and CA (/config/user-data/sstp)</help>
+ <help>Certificate Authority certificate</help>
+ <completionHelp>
+ <script>if [ -e /config/user-data/sstp ]; then ls /config/user-data/sstp; fi</script>
+ </completionHelp>
</properties>
- <children>
- <leafNode name="ca">
- <properties>
- <help>Certificate Authority certificate</help>
- <completionHelp>
- <script>if [ -e /config/user-data/sstp ]; then ls /config/user-data/sstp; fi</script>
- </completionHelp>
- </properties>
- </leafNode>
- <leafNode name="server-cert">
- <properties>
- <help>Server Certificate</help>
- <completionHelp>
- <script>if [ -e /config/user-data/sstp ]; then ls /config/user-data/sstp; fi</script>
- </completionHelp>
- </properties>
- </leafNode>
- <leafNode name="server-key">
- <properties>
- <help>Privat Key of the Server Certificate</help>
- <completionHelp>
- <script>if [ -e /config/user-data/sstp ]; then ls /config/user-data/sstp; fi</script>
- </completionHelp>
- </properties>
- </leafNode>
- </children>
- </node>
+ </leafNode>
+ <leafNode name="cert-file">
+ <properties>
+ <help>Server Certificate</help>
+ <completionHelp>
+ <script>if [ -e /config/user-data/sstp ]; then ls /config/user-data/sstp; fi</script>
+ </completionHelp>
+ </properties>
+ </leafNode>
+ <leafNode name="key-file">
+ <properties>
+ <help>Privat Key of the Server Certificate</help>
+ <completionHelp>
+ <script>if [ -e /config/user-data/sstp ]; then ls /config/user-data/sstp; fi</script>
+ </completionHelp>
+ </properties>
+ </leafNode>
</children>
</node>
<node name="network-settings">
@@ -318,14 +322,9 @@
</leafNode>
</children>
</node>
- <node name="dns-server">
+ <leafNode name="name-server">
<properties>
<help>DNS servers propagated to clients</help>
- </properties>
- <children>
- <leafNode name="primary-dns">
- <properties>
- <help>Primary DNS Server</help>
<valueHelp>
<format>ipv4</format>
<description>IPv4 address</description>
@@ -333,30 +332,10 @@
<constraint>
<validator name="ipv4-address"/>
</constraint>
- </properties>
- </leafNode>
- <leafNode name="secondary-dns">
- <properties>
- <help>Secondary DNS Server</help>
- <valueHelp>
- <format>ipv4</format>
- <description>IPv4 address</description>
- </valueHelp>
- <constraint>
- <validator name="ipv4-address"/>
- </constraint>
- </properties>
- </leafNode>
- </children>
- </node>
- <leafNode name="mtu">
- <properties>
- <help>Maximum Transmission Unit (MTU)</help>
- <constraint>
- <validator name="numeric" argument="--range 128-16384"/>
- </constraint>
+ <multi/>
</properties>
</leafNode>
+ #include <include/interface-mtu-68-1500.xml.i>
</children>
</node>
<node name="ppp-settings">
generated by cgit v1.2.3 (git 2.39.1) at 2024-10-04 04:28:05 +0000