summaryrefslogtreecommitdiff
path: root/interface-definitions/interfaces-openvpn.xml.in
diff options
context:
space:
mode:
Diffstat (limited to 'interface-definitions/interfaces-openvpn.xml.in')
-rw-r--r--interface-definitions/interfaces-openvpn.xml.in96
1 files changed, 94 insertions, 2 deletions
diff --git a/interface-definitions/interfaces-openvpn.xml.in b/interface-definitions/interfaces-openvpn.xml.in
index 2ecac78e2..16d91145f 100644
--- a/interface-definitions/interfaces-openvpn.xml.in
+++ b/interface-definitions/interfaces-openvpn.xml.in
@@ -34,6 +34,8 @@
</children>
</node>
#include <include/interface/description.xml.i>
+ #include <include/interface/interface-firewall.xml.i>
+ #include <include/interface/interface-policy.xml.i>
<leafNode name="device-type">
<properties>
<help>OpenVPN interface device-type (default: tun)</help>
@@ -633,6 +635,92 @@
</properties>
<defaultValue>net30</defaultValue>
</leafNode>
+ <node name="mfa">
+ <properties>
+ <help>multi-factor authentication</help>
+ </properties>
+ <children>
+ <node name="totp">
+ <properties>
+ <help>Time-based one-time passwords</help>
+ </properties>
+ <children>
+ <leafNode name="slop">
+ <properties>
+ <help>Maximum allowed clock slop in seconds (default: 180)</help>
+ <valueHelp>
+ <format>1-65535</format>
+ <description>Seconds</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1-65535"/>
+ </constraint>
+ </properties>
+ <defaultValue>180</defaultValue>
+ </leafNode>
+ <leafNode name="drift">
+ <properties>
+ <help>Time drift in seconds (default: 0)</help>
+ <valueHelp>
+ <format>1-65535</format>
+ <description>Seconds</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1-65535"/>
+ </constraint>
+ </properties>
+ <defaultValue>0</defaultValue>
+ </leafNode>
+ <leafNode name="step">
+ <properties>
+ <help>Step value for totp in seconds (default: 30)</help>
+ <valueHelp>
+ <format>1-65535</format>
+ <description>Seconds</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1-65535"/>
+ </constraint>
+ </properties>
+ <defaultValue>30</defaultValue>
+ </leafNode>
+ <leafNode name="digits">
+ <properties>
+ <help>Number of digits to use for totp hash (default: 6)</help>
+ <valueHelp>
+ <format>1-65535</format>
+ <description>Seconds</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1-65535"/>
+ </constraint>
+ </properties>
+ <defaultValue>6</defaultValue>
+ </leafNode>
+ <leafNode name="challenge">
+ <properties>
+ <help>Expect password as result of a challenge response protocol (default: enabled)</help>
+ <completionHelp>
+ <list>disable enable</list>
+ </completionHelp>
+ <valueHelp>
+ <format>disable</format>
+ <description>Disable challenge-response</description>
+ </valueHelp>
+ <valueHelp>
+ <format>enable</format>
+ <description>Enable chalenge-response (default)</description>
+ </valueHelp>
+ <constraint>
+ <regex>^(disable|enable)$</regex>
+ </constraint>
+ </properties>
+ <defaultValue>enable</defaultValue>
+ </leafNode>
+ </children>
+ </node>
+ </children>
+ </node>
</children>
</node>
<leafNode name="shared-secret-key">
@@ -678,7 +766,7 @@
<properties>
<help>Specify the minimum required TLS version</help>
<completionHelp>
- <list>1.0 1.1 1.2</list>
+ <list>1.0 1.1 1.2 1.3</list>
</completionHelp>
<valueHelp>
<format>1.0</format>
@@ -692,8 +780,12 @@
<format>1.2</format>
<description>TLS v1.2</description>
</valueHelp>
+ <valueHelp>
+ <format>1.3</format>
+ <description>TLS v1.3</description>
+ </valueHelp>
<constraint>
- <regex>^(1.0|1.1|1.2)$</regex>
+ <regex>^(1.0|1.1|1.2|1.3)$</regex>
</constraint>
</properties>
</leafNode>
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-18 05:50:51 +0000