summaryrefslogtreecommitdiff
path: root/interface-definitions
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2021-07-03 15:42:03 +0200
committerChristian Poessinger <christian@poessinger.com>2021-07-03 15:42:03 +0200
commitdcfeb0de0a510d00c37101da50205b51dd464d72 (patch)
tree4352ed737a931a3d6fbbfb6ecd99cfb84f34661f /interface-definitions
parent13924804aafa9a43b4a300fb9afbdf29b69603fb (diff)
parent1e74c0df2179c60036e440e15ed9036163039b2a (diff)
downloadvyos-1x-dcfeb0de0a510d00c37101da50205b51dd464d72.tar.gz
vyos-1x-dcfeb0de0a510d00c37101da50205b51dd464d72.zip
Merge branch 'ipsec-ikev2-remote-access' of github.com:c-po/vyos-1x into current
* 'ipsec-ikev2-remote-access' of github.com:c-po/vyos-1x: ipsec: T2816: remove default values from Jinja2 template and place them in XML ipsec: T2816: rework IKE and ESP key assignment ipsec: T2816: add Jinja2 converter for ESP/IKE groups to string ipsec: T2816: adjust Jinja2 template to coding style xml: provide building block for a generic description node
Diffstat (limited to 'interface-definitions')
-rw-r--r--interface-definitions/firewall.xml.in18
-rw-r--r--interface-definitions/include/firewall/common-rule.xml.i2
-rw-r--r--interface-definitions/include/firewall/description.xml.i11
-rw-r--r--interface-definitions/include/generic-description.xml.i (renamed from interface-definitions/include/policy/description.xml.i)2
-rw-r--r--interface-definitions/policy.xml.in36
-rw-r--r--interface-definitions/vpn_ipsec.xml.in59
6 files changed, 58 insertions, 70 deletions
diff --git a/interface-definitions/firewall.xml.in b/interface-definitions/firewall.xml.in
index 5528d6bc5..f07c619a8 100644
--- a/interface-definitions/firewall.xml.in
+++ b/interface-definitions/firewall.xml.in
@@ -91,7 +91,7 @@
<multi/>
</properties>
</leafNode>
- #include <include/firewall/description.xml.i>
+ #include <include/generic-description.xml.i>
</children>
</tagNode>
<tagNode name="ipv6-address-group">
@@ -112,7 +112,7 @@
<multi/>
</properties>
</leafNode>
- #include <include/firewall/description.xml.i>
+ #include <include/generic-description.xml.i>
</children>
</tagNode>
<tagNode name="ipv6-network-group">
@@ -120,7 +120,7 @@
<help>Network-group member</help>
</properties>
<children>
- #include <include/firewall/description.xml.i>
+ #include <include/generic-description.xml.i>
<leafNode name="network">
<properties>
<help>Network-group member</help>
@@ -141,7 +141,7 @@
<help>Firewall network-group</help>
</properties>
<children>
- #include <include/firewall/description.xml.i>
+ #include <include/generic-description.xml.i>
<leafNode name="network">
<properties>
<help>Network-group member</help>
@@ -162,7 +162,7 @@
<help>Firewall port-group</help>
</properties>
<children>
- #include <include/firewall/description.xml.i>
+ #include <include/generic-description.xml.i>
<leafNode name="port">
<properties>
<help>Port-group member</help>
@@ -210,15 +210,15 @@
</properties>
<children>
#include <include/firewall/name-default-action.xml.i>
- #include <include/firewall/description.xml.i>
#include <include/firewall/name-default-log.xml.i>
+ #include <include/generic-description.xml.i>
<tagNode name="rule">
<properties>
<help>Rule number (1-9999)</help>
</properties>
<children>
#include <include/firewall/action.xml.i>
- #include <include/firewall/description.xml.i>
+ #include <include/generic-description.xml.i>
<node name="destination">
<properties>
<help>Destination parameters</help>
@@ -578,15 +578,15 @@
</properties>
<children>
#include <include/firewall/name-default-action.xml.i>
- #include <include/firewall/description.xml.i>
#include <include/firewall/name-default-log.xml.i>
+ #include <include/generic-description.xml.i>
<tagNode name="rule">
<properties>
<help>Rule number (1-9999)</help>
</properties>
<children>
#include <include/firewall/action.xml.i>
- #include <include/firewall/description.xml.i>
+ #include <include/generic-description.xml.i>
<node name="destination">
<properties>
<help>Destination parameters</help>
diff --git a/interface-definitions/include/firewall/common-rule.xml.i b/interface-definitions/include/firewall/common-rule.xml.i
index 466599e0a..1ee8da73d 100644
--- a/interface-definitions/include/firewall/common-rule.xml.i
+++ b/interface-definitions/include/firewall/common-rule.xml.i
@@ -1,6 +1,6 @@
<!-- include start from firewall/common-rule.xml.i -->
#include <include/firewall/action.xml.i>
-#include <include/firewall/description.xml.i>
+#include <include/generic-description.xml.i>
<leafNode name="disable">
<properties>
<help>Option to disable firewall rule</help>
diff --git a/interface-definitions/include/firewall/description.xml.i b/interface-definitions/include/firewall/description.xml.i
deleted file mode 100644
index b6bae406b..000000000
--- a/interface-definitions/include/firewall/description.xml.i
+++ /dev/null
@@ -1,11 +0,0 @@
-<!-- include start from firewall/description.xml.i -->
-<leafNode name="description">
- <properties>
- <help>Description</help>
- <valueHelp>
- <format>txt</format>
- <description>Description</description>
- </valueHelp>
- </properties>
-</leafNode>
-<!-- include end -->
diff --git a/interface-definitions/include/policy/description.xml.i b/interface-definitions/include/generic-description.xml.i
index e2ff35d02..03fc564e6 100644
--- a/interface-definitions/include/policy/description.xml.i
+++ b/interface-definitions/include/generic-description.xml.i
@@ -1,4 +1,4 @@
-<!-- include start from policy/description.xml.i -->
+<!-- include start from generic-description.xml.i -->
<leafNode name="description">
<properties>
<help>Description</help>
diff --git a/interface-definitions/policy.xml.in b/interface-definitions/policy.xml.in
index 6a002cc20..5a3c58fa8 100644
--- a/interface-definitions/policy.xml.in
+++ b/interface-definitions/policy.xml.in
@@ -27,7 +27,7 @@
</valueHelp>
</properties>
<children>
- #include <include/policy/description.xml.i>
+ #include <include/generic-description.xml.i>
<tagNode name="rule">
<properties>
<help>Rule for this access-list</help>
@@ -41,7 +41,7 @@
</properties>
<children>
#include <include/policy/action.xml.i>
- #include <include/policy/description.xml.i>
+ #include <include/generic-description.xml.i>
<node name="destination">
<properties>
<help>Destination network or address</help>
@@ -87,7 +87,7 @@
</valueHelp>
</properties>
<children>
- #include <include/policy/description.xml.i>
+ #include <include/generic-description.xml.i>
<tagNode name="rule">
<properties>
<help>Rule for this access-list6</help>
@@ -101,7 +101,7 @@
</properties>
<children>
#include <include/policy/action.xml.i>
- #include <include/policy/description.xml.i>
+ #include <include/generic-description.xml.i>
<node name="source">
<properties>
<help>Source IPv6 network to match</help>
@@ -146,7 +146,7 @@
</valueHelp>
</properties>
<children>
- #include <include/policy/description.xml.i>
+ #include <include/generic-description.xml.i>
<tagNode name="rule">
<properties>
<help>Rule for this as-path-list</help>
@@ -160,7 +160,7 @@
</properties>
<children>
#include <include/policy/action.xml.i>
- #include <include/policy/description.xml.i>
+ #include <include/generic-description.xml.i>
<leafNode name="regex">
<properties>
<help>Regular expression to match against an AS path</help>
@@ -183,7 +183,7 @@
</valueHelp>
</properties>
<children>
- #include <include/policy/description.xml.i>
+ #include <include/generic-description.xml.i>
<tagNode name="rule">
<properties>
<help>Rule for this BGP community list</help>
@@ -197,7 +197,7 @@
</properties>
<children>
#include <include/policy/action.xml.i>
- #include <include/policy/description.xml.i>
+ #include <include/generic-description.xml.i>
<leafNode name="regex">
<properties>
<help>Regular expression to match against a community-list</help>
@@ -243,7 +243,7 @@
</valueHelp>
</properties>
<children>
- #include <include/policy/description.xml.i>
+ #include <include/generic-description.xml.i>
<tagNode name="rule">
<properties>
<help>Rule for this BGP extended community list</help>
@@ -257,7 +257,7 @@
</properties>
<children>
#include <include/policy/action.xml.i>
- #include <include/policy/description.xml.i>
+ #include <include/generic-description.xml.i>
<leafNode name="regex">
<properties>
<help>Regular expression to match against an extended community list</help>
@@ -288,7 +288,7 @@
</valueHelp>
</properties>
<children>
- #include <include/policy/description.xml.i>
+ #include <include/generic-description.xml.i>
<tagNode name="rule">
<properties>
<help>Rule for this BGP extended community list</help>
@@ -302,7 +302,7 @@
</properties>
<children>
#include <include/policy/action.xml.i>
- #include <include/policy/description.xml.i>
+ #include <include/generic-description.xml.i>
<leafNode name="regex">
<properties>
<help>Regular expression to match against a large community list</help>
@@ -329,7 +329,7 @@
<constraintErrorMessage>Name of prefix-list can only contain alpha-numeric letters, hyphen and underscores</constraintErrorMessage>
</properties>
<children>
- #include <include/policy/description.xml.i>
+ #include <include/generic-description.xml.i>
<tagNode name="rule">
<properties>
<help>Rule for this prefix-list</help>
@@ -343,7 +343,7 @@
</properties>
<children>
#include <include/policy/action.xml.i>
- #include <include/policy/description.xml.i>
+ #include <include/generic-description.xml.i>
<leafNode name="ge">
<properties>
<help>Prefix length to match a netmask greater than or equal to it</help>
@@ -397,7 +397,7 @@
<constraintErrorMessage>Name of prefix-list6 can only contain alpha-numeric letters, hyphen and underscores</constraintErrorMessage>
</properties>
<children>
- #include <include/policy/description.xml.i>
+ #include <include/generic-description.xml.i>
<tagNode name="rule">
<properties>
<help>Rule for this prefix-list6</help>
@@ -411,7 +411,7 @@
</properties>
<children>
#include <include/policy/action.xml.i>
- #include <include/policy/description.xml.i>
+ #include <include/generic-description.xml.i>
<leafNode name="ge">
<properties>
<help>Prefix length to match a netmask greater than or equal to it</help>
@@ -465,7 +465,7 @@
<constraintErrorMessage>Name of route-map can only contain alpha-numeric letters, hyphen and underscores</constraintErrorMessage>
</properties>
<children>
- #include <include/policy/description.xml.i>
+ #include <include/generic-description.xml.i>
<tagNode name="rule">
<properties>
<help>Rule for this route-map</help>
@@ -500,7 +500,7 @@
</valueHelp>
</properties>
</leafNode>
- #include <include/policy/description.xml.i>
+ #include <include/generic-description.xml.i>
<node name="match">
<properties>
<help>Route parameters to match</help>
diff --git a/interface-definitions/vpn_ipsec.xml.in b/interface-definitions/vpn_ipsec.xml.in
index 7b1b3a595..a2e9a7a5a 100644
--- a/interface-definitions/vpn_ipsec.xml.in
+++ b/interface-definitions/vpn_ipsec.xml.in
@@ -64,6 +64,7 @@
<validator name="numeric" argument="--range 30-86400"/>
</constraint>
</properties>
+ <defaultValue>3600</defaultValue>
</leafNode>
<leafNode name="mode">
<properties>
@@ -83,6 +84,7 @@
<regex>^(tunnel|transport)$</regex>
</constraint>
</properties>
+ <defaultValue>tunnel</defaultValue>
</leafNode>
<leafNode name="pfs">
<properties>
@@ -92,95 +94,95 @@
</completionHelp>
<valueHelp>
<format>enable</format>
- <description>Enable PFS. Use ike-groups dh-group (default)</description>
+ <description>Use Diffie-Hellman group 2 (modp1024) - default</description>
</valueHelp>
<valueHelp>
<format>dh-group1</format>
- <description>Enable PFS. Use Diffie-Hellman group 1 (modp768)</description>
+ <description>Use Diffie-Hellman group 1 (modp768)</description>
</valueHelp>
<valueHelp>
<format>dh-group2</format>
- <description>Enable PFS. Use Diffie-Hellman group 2 (modp1024)</description>
+ <description>Use Diffie-Hellman group 2 (modp1024)</description>
</valueHelp>
<valueHelp>
<format>dh-group5</format>
- <description>Enable PFS. Use Diffie-Hellman group 5 (modp1536)</description>
+ <description>Use Diffie-Hellman group 5 (modp1536)</description>
</valueHelp>
<valueHelp>
<format>dh-group14</format>
- <description>Enable PFS. Use Diffie-Hellman group 14 (modp2048)</description>
+ <description>Use Diffie-Hellman group 14 (modp2048)</description>
</valueHelp>
<valueHelp>
<format>dh-group15</format>
- <description>Enable PFS. Use Diffie-Hellman group 15 (modp3072)</description>
+ <description>Use Diffie-Hellman group 15 (modp3072)</description>
</valueHelp>
<valueHelp>
<format>dh-group16</format>
- <description>Enable PFS. Use Diffie-Hellman group 16 (modp4096)</description>
+ <description>Use Diffie-Hellman group 16 (modp4096)</description>
</valueHelp>
<valueHelp>
<format>dh-group17</format>
- <description>Enable PFS. Use Diffie-Hellman group 17 (modp6144)</description>
+ <description>Use Diffie-Hellman group 17 (modp6144)</description>
</valueHelp>
<valueHelp>
<format>dh-group18</format>
- <description>Enable PFS. Use Diffie-Hellman group 18 (modp8192)</description>
+ <description>Use Diffie-Hellman group 18 (modp8192)</description>
</valueHelp>
<valueHelp>
<format>dh-group19</format>
- <description>Enable PFS. Use Diffie-Hellman group 19 (ecp256)</description>
+ <description>Use Diffie-Hellman group 19 (ecp256)</description>
</valueHelp>
<valueHelp>
<format>dh-group20</format>
- <description>Enable PFS. Use Diffie-Hellman group 20 (ecp384)</description>
+ <description>Use Diffie-Hellman group 20 (ecp384)</description>
</valueHelp>
<valueHelp>
<format>dh-group21</format>
- <description>Enable PFS. Use Diffie-Hellman group 21 (ecp521)</description>
+ <description>Use Diffie-Hellman group 21 (ecp521)</description>
</valueHelp>
<valueHelp>
<format>dh-group22</format>
- <description>Enable PFS. Use Diffie-Hellman group 22 (modp1024s160)</description>
+ <description>Use Diffie-Hellman group 22 (modp1024s160)</description>
</valueHelp>
<valueHelp>
<format>dh-group23</format>
- <description>Enable PFS. Use Diffie-Hellman group 23 (modp2048s224)</description>
+ <description>Use Diffie-Hellman group 23 (modp2048s224)</description>
</valueHelp>
<valueHelp>
<format>dh-group24</format>
- <description>Enable PFS. Use Diffie-Hellman group 24 (modp2048s256)</description>
+ <description>Use Diffie-Hellman group 24 (modp2048s256)</description>
</valueHelp>
<valueHelp>
<format>dh-group25</format>
- <description>Enable PFS. Use Diffie-Hellman group 25 (ecp192)</description>
+ <description>Use Diffie-Hellman group 25 (ecp192)</description>
</valueHelp>
<valueHelp>
<format>dh-group26</format>
- <description>Enable PFS. Use Diffie-Hellman group 26 (ecp224)</description>
+ <description>Use Diffie-Hellman group 26 (ecp224)</description>
</valueHelp>
<valueHelp>
<format>dh-group27</format>
- <description>Enable PFS. Use Diffie-Hellman group 27 (ecp224bp)</description>
+ <description>Use Diffie-Hellman group 27 (ecp224bp)</description>
</valueHelp>
<valueHelp>
<format>dh-group28</format>
- <description>Enable PFS. Use Diffie-Hellman group 28 (ecp256bp)</description>
+ <description>Use Diffie-Hellman group 28 (ecp256bp)</description>
</valueHelp>
<valueHelp>
<format>dh-group29</format>
- <description>Enable PFS. Use Diffie-Hellman group 29 (ecp384bp)</description>
+ <description>Use Diffie-Hellman group 29 (ecp384bp)</description>
</valueHelp>
<valueHelp>
<format>dh-group30</format>
- <description>Enable PFS. Use Diffie-Hellman group 30 (ecp512bp)</description>
+ <description>Use Diffie-Hellman group 30 (ecp512bp)</description>
</valueHelp>
<valueHelp>
<format>dh-group31</format>
- <description>Enable PFS. Use Diffie-Hellman group 31 (curve25519)</description>
+ <description>Use Diffie-Hellman group 31 (curve25519)</description>
</valueHelp>
<valueHelp>
<format>dh-group32</format>
- <description>Enable PFS. Use Diffie-Hellman group 32 (curve448)</description>
+ <description>Use Diffie-Hellman group 32 (curve448)</description>
</valueHelp>
<valueHelp>
<format>disable</format>
@@ -190,6 +192,7 @@
<regex>^(enable|dh-group1|dh-group2|dh-group5|dh-group14|dh-group15|dh-group16|dh-group17|dh-group18|dh-group19|dh-group20|dh-group21|dh-group22|dh-group23|dh-group24|dh-group25|dh-group26|dh-group27|dh-group28|dh-group29|dh-group30|dh-group31|dh-group32|disable)$</regex>
</constraint>
</properties>
+ <defaultValue>enable</defaultValue>
</leafNode>
<tagNode name="proposal">
<properties>
@@ -341,6 +344,7 @@
<validator name="numeric" argument="--range 30-86400"/>
</constraint>
</properties>
+ <defaultValue>28800</defaultValue>
</leafNode>
<leafNode name="mobike">
<properties>
@@ -708,7 +712,7 @@
</tagNode>
<node name="site-to-site">
<properties>
- <help>Site to site VPN</help>
+ <help>Site-to-site VPN</help>
</properties>
<children>
<tagNode name="peer">
@@ -837,12 +841,7 @@
</completionHelp>
</properties>
</leafNode>
- <leafNode name="description">
- <properties>
- <help>VPN peer description</help>
- <valueless/>
- </properties>
- </leafNode>
+ #include <include/generic-description.xml.i>
<leafNode name="dhcp-interface">
<properties>
<help>DHCP interface to listen on</help>
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-11 09:02:30 +0000