summaryrefslogtreecommitdiff
path: root/interface-definitions
diff options
context:
space:
mode:
Diffstat (limited to 'interface-definitions')
-rw-r--r--interface-definitions/container.xml.in6
-rw-r--r--interface-definitions/include/firewall/common-rule-bridge.xml.i1
-rw-r--r--interface-definitions/include/firewall/global-options.xml.i6
-rw-r--r--interface-definitions/include/firewall/match-ether-type.xml.i30
-rw-r--r--interface-definitions/include/firewall/match-vlan.xml.i1
-rw-r--r--interface-definitions/interfaces_wireless.xml.in68
-rw-r--r--interface-definitions/nat66.xml.in1
-rw-r--r--interface-definitions/service_dns_forwarding.xml.in173
-rw-r--r--interface-definitions/service_pppoe-server.xml.in12
-rw-r--r--interface-definitions/service_router-advert.xml.in6
10 files changed, 288 insertions, 16 deletions
diff --git a/interface-definitions/container.xml.in b/interface-definitions/container.xml.in
index 6ea44a6d4..3dd1b3249 100644
--- a/interface-definitions/container.xml.in
+++ b/interface-definitions/container.xml.in
@@ -519,6 +519,12 @@
<multi/>
</properties>
</leafNode>
+ <leafNode name="no-name-server">
+ <properties>
+ <help>Disable Domain Name System (DNS) plugin for this network</help>
+ <valueless/>
+ </properties>
+ </leafNode>
#include <include/interface/vrf.xml.i>
</children>
</tagNode>
diff --git a/interface-definitions/include/firewall/common-rule-bridge.xml.i b/interface-definitions/include/firewall/common-rule-bridge.xml.i
index 9ae28f7be..80088bbec 100644
--- a/interface-definitions/include/firewall/common-rule-bridge.xml.i
+++ b/interface-definitions/include/firewall/common-rule-bridge.xml.i
@@ -10,6 +10,7 @@
#include <include/firewall/limit.xml.i>
#include <include/firewall/log.xml.i>
#include <include/firewall/log-options.xml.i>
+#include <include/firewall/match-ether-type.xml.i>
#include <include/firewall/match-ipsec.xml.i>
#include <include/firewall/match-vlan.xml.i>
#include <include/firewall/nft-queue.xml.i>
diff --git a/interface-definitions/include/firewall/global-options.xml.i b/interface-definitions/include/firewall/global-options.xml.i
index cee8f1854..05fdd75cb 100644
--- a/interface-definitions/include/firewall/global-options.xml.i
+++ b/interface-definitions/include/firewall/global-options.xml.i
@@ -49,6 +49,12 @@
<help>Apply configured firewall rules to traffic switched by bridges</help>
</properties>
<children>
+ <leafNode name="invalid-connections">
+ <properties>
+ <help>Accept ARP and DHCP despite they are marked as invalid connection</help>
+ <valueless/>
+ </properties>
+ </leafNode>
<leafNode name="ipv4">
<properties>
<help>Apply configured IPv4 firewall rules</help>
diff --git a/interface-definitions/include/firewall/match-ether-type.xml.i b/interface-definitions/include/firewall/match-ether-type.xml.i
new file mode 100644
index 000000000..abfa9034d
--- /dev/null
+++ b/interface-definitions/include/firewall/match-ether-type.xml.i
@@ -0,0 +1,30 @@
+<!-- include start from firewall/match-ether-type.xml.i -->
+<leafNode name="ethernet-type">
+ <properties>
+ <help>Ethernet type</help>
+ <completionHelp>
+ <list>802.1q 802.1ad arp ipv4 ipv6</list>
+ </completionHelp>
+ <valueHelp>
+ <format>802.1q</format>
+ <description>Customer VLAN tag type</description>
+ </valueHelp>
+ <valueHelp>
+ <format>802.1ad</format>
+ <description>Service VLAN tag type</description>
+ </valueHelp>
+ <valueHelp>
+ <format>arp</format>
+ <description>Adress Resolution Protocol</description>
+ </valueHelp>
+ <valueHelp>
+ <format>_ipv4</format>
+ <description>Internet Protocol version 4</description>
+ </valueHelp>
+ <valueHelp>
+ <format>_ipv6</format>
+ <description>Internet Protocol version 6</description>
+ </valueHelp>
+ </properties>
+</leafNode>
+<!-- include end -->
diff --git a/interface-definitions/include/firewall/match-vlan.xml.i b/interface-definitions/include/firewall/match-vlan.xml.i
index 44ad02c99..d58e84353 100644
--- a/interface-definitions/include/firewall/match-vlan.xml.i
+++ b/interface-definitions/include/firewall/match-vlan.xml.i
@@ -36,6 +36,7 @@
</constraint>
</properties>
</leafNode>
+ #include <include/firewall/match-ether-type.xml.i>
</children>
</node>
<!-- include end --> \ No newline at end of file
diff --git a/interface-definitions/interfaces_wireless.xml.in b/interface-definitions/interfaces_wireless.xml.in
index fdcb79b19..474953500 100644
--- a/interface-definitions/interfaces_wireless.xml.in
+++ b/interface-definitions/interfaces_wireless.xml.in
@@ -248,26 +248,26 @@
<properties>
<help>VHT operating channel center frequency - center freq 1 (for use with 80, 80+80 and 160 modes)</help>
<valueHelp>
- <format>u32:34-173</format>
+ <format>u32:34-177</format>
<description>5Ghz (802.11 a/h/j/n/ac) center channel index (use 42 for primary 80MHz channel 36)</description>
</valueHelp>
<constraint>
- <validator name="numeric" argument="--range 34-173"/>
+ <validator name="numeric" argument="--range 34-177"/>
</constraint>
- <constraintErrorMessage>Channel center value must be between 34 and 173</constraintErrorMessage>
+ <constraintErrorMessage>Channel center value must be between 34 and 177</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="freq-2">
<properties>
<help>VHT operating channel center frequency - center freq 2 (for use with the 80+80 mode)</help>
<valueHelp>
- <format>u32:34-173</format>
+ <format>u32:34-177</format>
<description>5Ghz (802.11 ac) center channel index (use 58 for secondary 80MHz channel 52)</description>
</valueHelp>
<constraint>
- <validator name="numeric" argument="--range 34-173"/>
+ <validator name="numeric" argument="--range 34-177"/>
</constraint>
- <constraintErrorMessage>Channel center value must be between 34 and 173</constraintErrorMessage>
+ <constraintErrorMessage>Channel center value must be between 34 and 177</constraintErrorMessage>
</properties>
</leafNode>
</children>
@@ -436,30 +436,42 @@
https://w1.fi/cgit/hostap/tree/src/common/ieee802_11_common.c?id=195cc3d919503fb0d699d9a56a58a72602b25f51#n1525
802.11ax (WiFi-6e - HE) can use up to 160MHz bandwidth channels
-->
- <list>131 132 133 134 135</list>
+ <list>81 83 84 131 132 133 134 135</list>
</completionHelp>
<valueHelp>
+ <format>81</format>
+ <description>2.4GHz, 20 MHz channel width</description>
+ </valueHelp>
+ <valueHelp>
+ <format>83</format>
+ <description>2.4GHz, 40 MHz channel width, secondary 20MHz channel above primary channel</description>
+ </valueHelp>
+ <valueHelp>
+ <format>84</format>
+ <description>2.4GHz, 40 MHz channel width, secondary 20MHz channel below primary channel</description>
+ </valueHelp>
+ <valueHelp>
<format>131</format>
- <description>20 MHz channel width</description>
+ <description>6GHz, 20 MHz channel width</description>
</valueHelp>
<valueHelp>
<format>132</format>
- <description>40 MHz channel width</description>
+ <description>6GHz, 40 MHz channel width</description>
</valueHelp>
<valueHelp>
<format>133</format>
- <description>80 MHz channel width</description>
+ <description>6GHz, 80 MHz channel width</description>
</valueHelp>
<valueHelp>
<format>134</format>
- <description>160 MHz channel width</description>
+ <description>6GHz, 160 MHz channel width</description>
</valueHelp>
<valueHelp>
<format>135</format>
- <description>80+80 MHz channel width</description>
+ <description>6GHz, 80+80 MHz channel width</description>
</valueHelp>
<constraint>
- <regex>(131|132|133|134|135)</regex>
+ <regex>(81|83|84|131|132|133|134|135)</regex>
</constraint>
</properties>
</leafNode>
@@ -535,6 +547,30 @@
</constraint>
</properties>
</leafNode>
+ <leafNode name="coding-scheme">
+ <properties>
+ <help>Spacial Stream and Modulation Coding Scheme settings</help>
+ <valueHelp>
+ <format>u32:0</format>
+ <description>HE-MCS 0-7</description>
+ </valueHelp>
+ <valueHelp>
+ <format>u32:1</format>
+ <description>HE-MCS 0-9</description>
+ </valueHelp>
+ <valueHelp>
+ <format>u32:2</format>
+ <description>HE-MCS 0-11</description>
+ </valueHelp>
+ <valueHelp>
+ <format>u32:3</format>
+ <description>HE-MCS is not supported</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 0-3"/>
+ </constraint>
+ </properties>
+ </leafNode>
</children>
</node>
<leafNode name="require-he">
@@ -554,10 +590,10 @@
</valueHelp>
<valueHelp>
<format>u32:1-14</format>
- <description>2.4Ghz (802.11 b/g/n) Channel</description>
+ <description>2.4Ghz (802.11 b/g/n/ax) Channel</description>
</valueHelp>
<valueHelp>
- <format>u32:34-173</format>
+ <format>u32:34-177</format>
<description>5Ghz (802.11 a/h/j/n/ac) Channel</description>
</valueHelp>
<valueHelp>
@@ -565,7 +601,7 @@
<description>6Ghz (802.11 ax) Channel</description>
</valueHelp>
<constraint>
- <validator name="numeric" argument="--range 0-0 --range 1-14 --range 34-173 --range 1-233"/>
+ <validator name="numeric" argument="--range 0-0 --range 1-14 --range 34-177 --range 1-233"/>
</constraint>
</properties>
<defaultValue>0</defaultValue>
diff --git a/interface-definitions/nat66.xml.in b/interface-definitions/nat66.xml.in
index 32d501cce..c59725c53 100644
--- a/interface-definitions/nat66.xml.in
+++ b/interface-definitions/nat66.xml.in
@@ -179,6 +179,7 @@
</properties>
</leafNode>
#include <include/nat-port.xml.i>
+ #include <include/firewall/source-destination-group-ipv6.xml.i>
</children>
</node>
<node name="source">
diff --git a/interface-definitions/service_dns_forwarding.xml.in b/interface-definitions/service_dns_forwarding.xml.in
index 5667028b7..d0bc2e6c8 100644
--- a/interface-definitions/service_dns_forwarding.xml.in
+++ b/interface-definitions/service_dns_forwarding.xml.in
@@ -793,6 +793,179 @@
</leafNode>
</children>
</node>
+ <tagNode name="zone-cache">
+ <properties>
+ <help>Load a zone into the recursor cache</help>
+ <valueHelp>
+ <format>txt</format>
+ <description>Domain name</description>
+ </valueHelp>
+ <constraint>
+ <validator name="fqdn"/>
+ </constraint>
+ </properties>
+ <children>
+ <node name="source">
+ <properties>
+ <help>Zone source</help>
+ </properties>
+ <children>
+ <leafNode name="axfr">
+ <properties>
+ <help>DNS server address</help>
+ <valueHelp>
+ <format>ipv4</format>
+ <description>IPv4 address</description>
+ </valueHelp>
+ <valueHelp>
+ <format>ipv6</format>
+ <description>IPv6 address</description>
+ </valueHelp>
+ <constraint>
+ <validator name="ip-address"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ <leafNode name="url">
+ <properties>
+ <help>Source URL</help>
+ <valueHelp>
+ <format>url</format>
+ <description>Zone file URL</description>
+ </valueHelp>
+ <constraint>
+ <validator name="url" argument="--scheme http --scheme https"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ </children>
+ </node>
+ <node name="options">
+ <properties>
+ <help>Zone caching options</help>
+ </properties>
+ <children>
+ <leafNode name="timeout">
+ <properties>
+ <help>Zone retrieval timeout</help>
+ <valueHelp>
+ <format>u32:1-3600</format>
+ <description>Request timeout in seconds</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1-3600"/>
+ </constraint>
+ </properties>
+ <defaultValue>20</defaultValue>
+ </leafNode>
+ <node name="refresh">
+ <properties>
+ <help>Zone caching options</help>
+ </properties>
+ <children>
+ <leafNode name="on-reload">
+ <properties>
+ <help>Retrieval zone only at startup and on reload</help>
+ <valueless/>
+ </properties>
+ </leafNode>
+ <leafNode name="interval">
+ <properties>
+ <help>Periodic zone retrieval interval</help>
+ <valueHelp>
+ <format>u32:0-31536000</format>
+ <description>Retrieval interval in seconds</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 0-31536000"/>
+ </constraint>
+ </properties>
+ <defaultValue>86400</defaultValue>
+ </leafNode>
+ </children>
+ </node>
+ <leafNode name="retry-interval">
+ <properties>
+ <help>Retry interval after zone retrieval errors</help>
+ <valueHelp>
+ <format>u32:1-86400</format>
+ <description>Retry period in seconds</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1-86400"/>
+ </constraint>
+ </properties>
+ <defaultValue>60</defaultValue>
+ </leafNode>
+ <leafNode name="max-zone-size">
+ <properties>
+ <help>Maximum zone size in megabytes</help>
+ <valueHelp>
+ <format>u32:0</format>
+ <description>No restriction</description>
+ </valueHelp>
+ <valueHelp>
+ <format>u32:1-1024</format>
+ <description>Size in megabytes</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 0-1024"/>
+ </constraint>
+ </properties>
+ <defaultValue>0</defaultValue>
+ </leafNode>
+ <leafNode name="zonemd">
+ <properties>
+ <help>Message Digest for DNS Zones (RFC 8976)</help>
+ <completionHelp>
+ <list>ignore validate require</list>
+ </completionHelp>
+ <valueHelp>
+ <format>ignore</format>
+ <description>Ignore ZONEMD records</description>
+ </valueHelp>
+ <valueHelp>
+ <format>validate</format>
+ <description>Validate ZONEMD if present</description>
+ </valueHelp>
+ <valueHelp>
+ <format>require</format>
+ <description>Require valid ZONEMD record to be present</description>
+ </valueHelp>
+ <constraint>
+ <regex>(ignore|validate|require)</regex>
+ </constraint>
+ </properties>
+ <defaultValue>validate</defaultValue>
+ </leafNode>
+ <leafNode name="dnssec">
+ <properties>
+ <help>DNSSEC mode</help>
+ <completionHelp>
+ <list>ignore validate require</list>
+ </completionHelp>
+ <valueHelp>
+ <format>ignore</format>
+ <description>Do not do DNSSEC validation</description>
+ </valueHelp>
+ <valueHelp>
+ <format>validate</format>
+ <description>Reject zones with incorrect signatures but accept unsigned zones</description>
+ </valueHelp>
+ <valueHelp>
+ <format>require</format>
+ <description>Require DNSSEC validation</description>
+ </valueHelp>
+ <constraint>
+ <regex>(ignore|validate|require)</regex>
+ </constraint>
+ </properties>
+ <defaultValue>validate</defaultValue>
+ </leafNode>
+ </children>
+ </node>
+ </children>
+ </tagNode>
</children>
</node>
</children>
diff --git a/interface-definitions/service_pppoe-server.xml.in b/interface-definitions/service_pppoe-server.xml.in
index 93ec7ade9..0c99fd261 100644
--- a/interface-definitions/service_pppoe-server.xml.in
+++ b/interface-definitions/service_pppoe-server.xml.in
@@ -77,6 +77,18 @@
<multi/>
</properties>
</leafNode>
+ <leafNode name="accept-any-service">
+ <properties>
+ <help>Accept any service name in PPPoE Active Discovery Request (PADR)</help>
+ <valueless/>
+ </properties>
+ </leafNode>
+ <leafNode name="accept-blank-service">
+ <properties>
+ <help>Accept blank service name in PADR</help>
+ <valueless/>
+ </properties>
+ </leafNode>
<tagNode name="pado-delay">
<properties>
<help>PADO delays</help>
diff --git a/interface-definitions/service_router-advert.xml.in b/interface-definitions/service_router-advert.xml.in
index 166a4a0cf..3fd33540a 100644
--- a/interface-definitions/service_router-advert.xml.in
+++ b/interface-definitions/service_router-advert.xml.in
@@ -390,6 +390,12 @@
<valueless/>
</properties>
</leafNode>
+ <leafNode name="no-send-interval">
+ <properties>
+ <help>Do not send Advertisement Interval option in RAs</help>
+ <valueless/>
+ </properties>
+ </leafNode>
</children>
</tagNode>
</children>
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-05 13:52:56 +0000