summaryrefslogtreecommitdiff
path: root/interface-definitions
diff options
context:
space:
mode:
Diffstat (limited to 'interface-definitions')
-rw-r--r--interface-definitions/cron.xml.in3
-rw-r--r--interface-definitions/include/bgp/protocol-common-config.xml.i23
-rw-r--r--interface-definitions/include/interface/authentication.xml.i27
-rw-r--r--interface-definitions/include/ssh-group.xml.i12
-rw-r--r--interface-definitions/include/ssh-user.xml.i12
-rw-r--r--interface-definitions/include/vpn-ipsec-encryption.xml.i462
-rw-r--r--interface-definitions/include/vpn-ipsec-hash.xml.i128
-rw-r--r--interface-definitions/interfaces-ethernet.xml.in14
-rw-r--r--interface-definitions/interfaces-pppoe.xml.in18
-rw-r--r--interface-definitions/interfaces-vti.xml.in1
-rw-r--r--interface-definitions/interfaces-wirelessmodem.xml.in83
-rw-r--r--interface-definitions/interfaces-wwan.xml.in46
-rw-r--r--interface-definitions/policy.xml.in88
-rw-r--r--interface-definitions/service_mdns-repeater.xml.in6
-rw-r--r--interface-definitions/ssh.xml.in49
-rw-r--r--interface-definitions/vpn_ipsec.xml.in42
16 files changed, 505 insertions, 509 deletions
diff --git a/interface-definitions/cron.xml.in b/interface-definitions/cron.xml.in
index ad2cb36ad..58dcf64ac 100644
--- a/interface-definitions/cron.xml.in
+++ b/interface-definitions/cron.xml.in
@@ -1,7 +1,4 @@
<?xml version="1.0"?>
-
-<!-- Cron configuration -->
-
<interfaceDefinition>
<node name="system">
<children>
diff --git a/interface-definitions/include/bgp/protocol-common-config.xml.i b/interface-definitions/include/bgp/protocol-common-config.xml.i
index 78a4fb763..37fc7259f 100644
--- a/interface-definitions/include/bgp/protocol-common-config.xml.i
+++ b/interface-definitions/include/bgp/protocol-common-config.xml.i
@@ -1114,6 +1114,29 @@
</leafNode>
</children>
</node>
+ <leafNode name="bandwidth">
+ <properties>
+ <help>Link Bandwidth attribute</help>
+ <completionHelp>
+ <list>default-weight-for-missing ignore skip-missing</list>
+ </completionHelp>
+ <valueHelp>
+ <format>default-weight-for-missing</format>
+ <description>Assign low default weight (1) to paths not having link bandwidth</description>
+ </valueHelp>
+ <valueHelp>
+ <format>ignore</format>
+ <description>Ignore link bandwidth (do regular ECMP, not weighted)</description>
+ </valueHelp>
+ <valueHelp>
+ <format>skip-missing</format>
+ <description>Ignore paths without link bandwidth for ECMP (if other paths have it)</description>
+ </valueHelp>
+ <constraint>
+ <regex>^(default-weight-for-missing|ignore|skip-missing)$</regex>
+ </constraint>
+ </properties>
+ </leafNode>
<leafNode name="compare-routerid">
<properties>
<help>Compare the router-id for identical EBGP paths</help>
diff --git a/interface-definitions/include/interface/authentication.xml.i b/interface-definitions/include/interface/authentication.xml.i
new file mode 100644
index 000000000..c097ca9dd
--- /dev/null
+++ b/interface-definitions/include/interface/authentication.xml.i
@@ -0,0 +1,27 @@
+<!-- include start from interface/authentication.xml.i -->
+<node name="authentication">
+ <properties>
+ <help>Authentication settings</help>
+ </properties>
+ <children>
+ <leafNode name="user">
+ <properties>
+ <help>User name</help>
+ <valueHelp>
+ <format>txt</format>
+ <description>Username used for connection</description>
+ </valueHelp>
+ </properties>
+ </leafNode>
+ <leafNode name="password">
+ <properties>
+ <help>Password</help>
+ <valueHelp>
+ <format>txt</format>
+ <description>Password used for connection</description>
+ </valueHelp>
+ </properties>
+ </leafNode>
+ </children>
+</node>
+<!-- include end -->
diff --git a/interface-definitions/include/ssh-group.xml.i b/interface-definitions/include/ssh-group.xml.i
new file mode 100644
index 000000000..9c8b8692f
--- /dev/null
+++ b/interface-definitions/include/ssh-group.xml.i
@@ -0,0 +1,12 @@
+<!-- include start from ssh-group.xml.i -->
+<leafNode name="group">
+ <properties>
+ <help>Allow members of a group to login</help>
+ <constraint>
+ <regex>[a-z_][a-z0-9_-]{1,31}[$]?</regex>
+ </constraint>
+ <constraintErrorMessage>illegal characters or more than 32 characters</constraintErrorMessage>
+ <multi/>
+ </properties>
+</leafNode>
+<!-- include end -->
diff --git a/interface-definitions/include/ssh-user.xml.i b/interface-definitions/include/ssh-user.xml.i
new file mode 100644
index 000000000..677602dd8
--- /dev/null
+++ b/interface-definitions/include/ssh-user.xml.i
@@ -0,0 +1,12 @@
+<!-- include start from ssh-user.xml.i -->
+<leafNode name="user">
+ <properties>
+ <help>Allow specific users to login</help>
+ <constraint>
+ <regex>[a-z_][a-z0-9_-]{1,31}[$]?</regex>
+ </constraint>
+ <constraintErrorMessage>illegal characters or more than 32 characters</constraintErrorMessage>
+ <multi/>
+ </properties>
+</leafNode>
+<!-- include end -->
diff --git a/interface-definitions/include/vpn-ipsec-encryption.xml.i b/interface-definitions/include/vpn-ipsec-encryption.xml.i
index 041ba9902..9ef2f7c90 100644
--- a/interface-definitions/include/vpn-ipsec-encryption.xml.i
+++ b/interface-definitions/include/vpn-ipsec-encryption.xml.i
@@ -1,233 +1,233 @@
<!-- include start from vpn-ipsec-encryption.xml.i -->
- <leafNode name="encryption">
- <properties>
- <help>Encryption algorithm</help>
- <completionHelp>
- <list>null aes128 aes192 aes256 aes128ctr aes192ctr aes256ctr aes128ccm64 aes192ccm64 aes256ccm64 aes128ccm96 aes192ccm96 aes256ccm96 aes128ccm128 aes192ccm128 aes256ccm128 aes128gcm64 aes192gcm64 aes256gcm64 aes128gcm96 aes192gcm96 aes256gcm96 aes128gcm128 aes192gcm128 aes256gcm128 aes128gmac aes192gmac aes256gmac 3des blowfish128 blowfish192 blowfish256 camellia128 camellia192 camellia256 camellia128ctr camellia192ctr camellia256ctr camellia128ccm64 camellia192ccm64 camellia256ccm64 camellia128ccm96 camellia192ccm96 camellia256ccm96 camellia128ccm128 camellia192ccm128 camellia256ccm128 serpent128 serpent192 serpent256 twofish128 twofish192 twofish256 cast128 chacha20poly1305</list>
- </completionHelp>
- <valueHelp>
- <format>null</format>
- <description>Null encryption</description>
- </valueHelp>
- <valueHelp>
- <format>aes128</format>
- <description>128 bit AES-CBC (default)</description>
- </valueHelp>
- <valueHelp>
- <format>aes192</format>
- <description>192 bit AES-CBC</description>
- </valueHelp>
- <valueHelp>
- <format>aes256</format>
- <description>256 bit AES-CBC</description>
- </valueHelp>
- <valueHelp>
- <format>aes128ctr</format>
- <description>128 bit AES-COUNTER</description>
- </valueHelp>
- <valueHelp>
- <format>aes192ctr</format>
- <description>192 bit AES-COUNTER</description>
- </valueHelp>
- <valueHelp>
- <format>aes256ctr</format>
- <description>256 bit AES-COUNTER</description>
- </valueHelp>
- <valueHelp>
- <format>aes128ccm64</format>
- <description>128 bit AES-CCM with 64 bit ICV</description>
- </valueHelp>
- <valueHelp>
- <format>aes192ccm64</format>
- <description>192 bit AES-CCM with 64 bit ICV</description>
- </valueHelp>
- <valueHelp>
- <format>aes256ccm64</format>
- <description>256 bit AES-CCM with 64 bit ICV</description>
- </valueHelp>
- <valueHelp>
- <format>aes128ccm96</format>
- <description>128 bit AES-CCM with 96 bit ICV</description>
- </valueHelp>
- <valueHelp>
- <format>aes192ccm96</format>
- <description>192 bit AES-CCM with 96 bit ICV</description>
- </valueHelp>
- <valueHelp>
- <format>aes256ccm96</format>
- <description>256 bit AES-CCM with 96 bit ICV</description>
- </valueHelp>
- <valueHelp>
- <format>aes128ccm128</format>
- <description>128 bit AES-CCM with 128 bit ICV</description>
- </valueHelp>
- <valueHelp>
- <format>aes192ccm128</format>
- <description>192 bit AES-CCM with 128 bit IC</description>
- </valueHelp>
- <valueHelp>
- <format>aes256ccm128</format>
- <description>256 bit AES-CCM with 128 bit ICV</description>
- </valueHelp>
- <valueHelp>
- <format>aes128gcm64</format>
- <description>128 bit AES-GCM with 64 bit ICV</description>
- </valueHelp>
- <valueHelp>
- <format>aes192gcm64</format>
- <description>192 bit AES-GCM with 64 bit ICV</description>
- </valueHelp>
- <valueHelp>
- <format>aes256gcm64</format>
- <description>256 bit AES-GCM with 64 bit ICV</description>
- </valueHelp>
- <valueHelp>
- <format>aes128gcm96</format>
- <description>128 bit AES-GCM with 96 bit ICV</description>
- </valueHelp>
- <valueHelp>
- <format>aes192gcm96</format>
- <description>192 bit AES-GCM with 96 bit ICV</description>
- </valueHelp>
- <valueHelp>
- <format>aes256gcm96</format>
- <description>256 bit AES-GCM with 96 bit ICV</description>
- </valueHelp>
- <valueHelp>
- <format>aes128gcm128</format>
- <description>128 bit AES-GCM with 128 bit ICV</description>
- </valueHelp>
- <valueHelp>
- <format>aes192gcm128</format>
- <description>192 bit AES-GCM with 128 bit ICV</description>
- </valueHelp>
- <valueHelp>
- <format>aes256gcm128</format>
- <description>256 bit AES-GCM with 128 bit ICV</description>
- </valueHelp>
- <valueHelp>
- <format>aes128gmac</format>
- <description>Null encryption with 128 bit AES-GMAC</description>
- </valueHelp>
- <valueHelp>
- <format>aes192gmac</format>
- <description>Null encryption with 192 bit AES-GMAC</description>
- </valueHelp>
- <valueHelp>
- <format>aes256gmac</format>
- <description>Null encryption with 256 bit AES-GMAC</description>
- </valueHelp>
- <valueHelp>
- <format>3des</format>
- <description>168 bit 3DES-EDE-CBC</description>
- </valueHelp>
- <valueHelp>
- <format>blowfish128</format>
- <description>128 bit Blowfish-CBC</description>
- </valueHelp>
- <valueHelp>
- <format>blowfish192</format>
- <description>192 bit Blowfish-CBC</description>
- </valueHelp>
- <valueHelp>
- <format>blowfish256</format>
- <description>256 bit Blowfish-CBC</description>
- </valueHelp>
- <valueHelp>
- <format>camellia128</format>
- <description>128 bit Camellia-CBC</description>
- </valueHelp>
- <valueHelp>
- <format>camellia192</format>
- <description>192 bit Camellia-CBC</description>
- </valueHelp>
- <valueHelp>
- <format>camellia256</format>
- <description>256 bit Camellia-CBC</description>
- </valueHelp>
- <valueHelp>
- <format>camellia128ctr</format>
- <description>128 bit Camellia-COUNTER</description>
- </valueHelp>
- <valueHelp>
- <format>camellia192ctr</format>
- <description>192 bit Camellia-COUNTER</description>
- </valueHelp>
- <valueHelp>
- <format>camellia256ctr</format>
- <description>256 bit Camellia-COUNTER</description>
- </valueHelp>
- <valueHelp>
- <format>camellia128ccm64</format>
- <description>128 bit Camellia-CCM with 64 bit ICV</description>
- </valueHelp>
- <valueHelp>
- <format>camellia192ccm64</format>
- <description>192 bit Camellia-CCM with 64 bit ICV</description>
- </valueHelp>
- <valueHelp>
- <format>camellia256ccm64</format>
- <description>256 bit Camellia-CCM with 64 bit ICV</description>
- </valueHelp>
- <valueHelp>
- <format>camellia128ccm96</format>
- <description>128 bit Camellia-CCM with 96 bit ICV</description>
- </valueHelp>
- <valueHelp>
- <format>camellia192ccm96</format>
- <description>192 bit Camellia-CCM with 96 bit ICV</description>
- </valueHelp>
- <valueHelp>
- <format>camellia256ccm96</format>
- <description>256 bit Camellia-CCM with 96 bit ICV</description>
- </valueHelp>
- <valueHelp>
- <format>camellia128ccm128</format>
- <description>128 bit Camellia-CCM with 128 bit ICV</description>
- </valueHelp>
- <valueHelp>
- <format>camellia192ccm128</format>
- <description>192 bit Camellia-CCM with 128 bit ICV</description>
- </valueHelp>
- <valueHelp>
- <format>camellia256ccm128</format>
- <description>256 bit Camellia-CCM with 128 bit ICV</description>
- </valueHelp>
- <valueHelp>
- <format>serpent128</format>
- <description>128 bit Serpent-CBC</description>
- </valueHelp>
- <valueHelp>
- <format>serpent192</format>
- <description>192 bit Serpent-CBC</description>
- </valueHelp>
- <valueHelp>
- <format>serpent256</format>
- <description>256 bit Serpent-CBC</description>
- </valueHelp>
- <valueHelp>
- <format>twofish128</format>
- <description>128 bit Twofish-CBC</description>
- </valueHelp>
- <valueHelp>
- <format>twofish192</format>
- <description>192 bit Twofish-CBC</description>
- </valueHelp>
- <valueHelp>
- <format>twofish256</format>
- <description>256 bit Twofish-CBC</description>
- </valueHelp>
- <valueHelp>
- <format>cast128</format>
- <description>128 bit CAST-CBC</description>
- </valueHelp>
- <valueHelp>
- <format>chacha20poly1305</format>
- <description>256 bit ChaCha20/Poly1305 with 128 bit ICV</description>
- </valueHelp>
- <constraint>
- <regex>^(null|aes128|aes192|aes256|aes128ctr|aes192ctr|aes256ctr|aes128ccm64|aes192ccm64|aes256ccm64|aes128ccm96|aes192ccm96|aes256ccm96|aes128ccm128|aes192ccm128|aes256ccm128|aes128gcm64|aes192gcm64|aes256gcm64|aes128gcm96|aes192gcm96|aes256gcm96|aes128gcm128|aes192gcm128|aes256gcm128|aes128gmac|aes192gmac|aes256gmac|3des|blowfish128|blowfish192|blowfish256|camellia128|camellia192|camellia256|camellia128ctr|camellia192ctr|camellia256ctr|camellia128ccm64|camellia192ccm64|camellia256ccm64|camellia128ccm96|camellia192ccm96|camellia256ccm96|camellia128ccm128|camellia192ccm128|camellia256ccm128|serpent128|serpent192|serpent256|twofish128|twofish192|twofish256|cast128|chacha20poly1305)$</regex>
- </constraint>
- </properties>
- </leafNode>
+<leafNode name="encryption">
+ <properties>
+ <help>Encryption algorithm</help>
+ <completionHelp>
+ <list>null aes128 aes192 aes256 aes128ctr aes192ctr aes256ctr aes128ccm64 aes192ccm64 aes256ccm64 aes128ccm96 aes192ccm96 aes256ccm96 aes128ccm128 aes192ccm128 aes256ccm128 aes128gcm64 aes192gcm64 aes256gcm64 aes128gcm96 aes192gcm96 aes256gcm96 aes128gcm128 aes192gcm128 aes256gcm128 aes128gmac aes192gmac aes256gmac 3des blowfish128 blowfish192 blowfish256 camellia128 camellia192 camellia256 camellia128ctr camellia192ctr camellia256ctr camellia128ccm64 camellia192ccm64 camellia256ccm64 camellia128ccm96 camellia192ccm96 camellia256ccm96 camellia128ccm128 camellia192ccm128 camellia256ccm128 serpent128 serpent192 serpent256 twofish128 twofish192 twofish256 cast128 chacha20poly1305</list>
+ </completionHelp>
+ <valueHelp>
+ <format>null</format>
+ <description>Null encryption</description>
+ </valueHelp>
+ <valueHelp>
+ <format>aes128</format>
+ <description>128 bit AES-CBC (default)</description>
+ </valueHelp>
+ <valueHelp>
+ <format>aes192</format>
+ <description>192 bit AES-CBC</description>
+ </valueHelp>
+ <valueHelp>
+ <format>aes256</format>
+ <description>256 bit AES-CBC</description>
+ </valueHelp>
+ <valueHelp>
+ <format>aes128ctr</format>
+ <description>128 bit AES-COUNTER</description>
+ </valueHelp>
+ <valueHelp>
+ <format>aes192ctr</format>
+ <description>192 bit AES-COUNTER</description>
+ </valueHelp>
+ <valueHelp>
+ <format>aes256ctr</format>
+ <description>256 bit AES-COUNTER</description>
+ </valueHelp>
+ <valueHelp>
+ <format>aes128ccm64</format>
+ <description>128 bit AES-CCM with 64 bit ICV</description>
+ </valueHelp>
+ <valueHelp>
+ <format>aes192ccm64</format>
+ <description>192 bit AES-CCM with 64 bit ICV</description>
+ </valueHelp>
+ <valueHelp>
+ <format>aes256ccm64</format>
+ <description>256 bit AES-CCM with 64 bit ICV</description>
+ </valueHelp>
+ <valueHelp>
+ <format>aes128ccm96</format>
+ <description>128 bit AES-CCM with 96 bit ICV</description>
+ </valueHelp>
+ <valueHelp>
+ <format>aes192ccm96</format>
+ <description>192 bit AES-CCM with 96 bit ICV</description>
+ </valueHelp>
+ <valueHelp>
+ <format>aes256ccm96</format>
+ <description>256 bit AES-CCM with 96 bit ICV</description>
+ </valueHelp>
+ <valueHelp>
+ <format>aes128ccm128</format>
+ <description>128 bit AES-CCM with 128 bit ICV</description>
+ </valueHelp>
+ <valueHelp>
+ <format>aes192ccm128</format>
+ <description>192 bit AES-CCM with 128 bit IC</description>
+ </valueHelp>
+ <valueHelp>
+ <format>aes256ccm128</format>
+ <description>256 bit AES-CCM with 128 bit ICV</description>
+ </valueHelp>
+ <valueHelp>
+ <format>aes128gcm64</format>
+ <description>128 bit AES-GCM with 64 bit ICV</description>
+ </valueHelp>
+ <valueHelp>
+ <format>aes192gcm64</format>
+ <description>192 bit AES-GCM with 64 bit ICV</description>
+ </valueHelp>
+ <valueHelp>
+ <format>aes256gcm64</format>
+ <description>256 bit AES-GCM with 64 bit ICV</description>
+ </valueHelp>
+ <valueHelp>
+ <format>aes128gcm96</format>
+ <description>128 bit AES-GCM with 96 bit ICV</description>
+ </valueHelp>
+ <valueHelp>
+ <format>aes192gcm96</format>
+ <description>192 bit AES-GCM with 96 bit ICV</description>
+ </valueHelp>
+ <valueHelp>
+ <format>aes256gcm96</format>
+ <description>256 bit AES-GCM with 96 bit ICV</description>
+ </valueHelp>
+ <valueHelp>
+ <format>aes128gcm128</format>
+ <description>128 bit AES-GCM with 128 bit ICV</description>
+ </valueHelp>
+ <valueHelp>
+ <format>aes192gcm128</format>
+ <description>192 bit AES-GCM with 128 bit ICV</description>
+ </valueHelp>
+ <valueHelp>
+ <format>aes256gcm128</format>
+ <description>256 bit AES-GCM with 128 bit ICV</description>
+ </valueHelp>
+ <valueHelp>
+ <format>aes128gmac</format>
+ <description>Null encryption with 128 bit AES-GMAC</description>
+ </valueHelp>
+ <valueHelp>
+ <format>aes192gmac</format>
+ <description>Null encryption with 192 bit AES-GMAC</description>
+ </valueHelp>
+ <valueHelp>
+ <format>aes256gmac</format>
+ <description>Null encryption with 256 bit AES-GMAC</description>
+ </valueHelp>
+ <valueHelp>
+ <format>3des</format>
+ <description>168 bit 3DES-EDE-CBC</description>
+ </valueHelp>
+ <valueHelp>
+ <format>blowfish128</format>
+ <description>128 bit Blowfish-CBC</description>
+ </valueHelp>
+ <valueHelp>
+ <format>blowfish192</format>
+ <description>192 bit Blowfish-CBC</description>
+ </valueHelp>
+ <valueHelp>
+ <format>blowfish256</format>
+ <description>256 bit Blowfish-CBC</description>
+ </valueHelp>
+ <valueHelp>
+ <format>camellia128</format>
+ <description>128 bit Camellia-CBC</description>
+ </valueHelp>
+ <valueHelp>
+ <format>camellia192</format>
+ <description>192 bit Camellia-CBC</description>
+ </valueHelp>
+ <valueHelp>
+ <format>camellia256</format>
+ <description>256 bit Camellia-CBC</description>
+ </valueHelp>
+ <valueHelp>
+ <format>camellia128ctr</format>
+ <description>128 bit Camellia-COUNTER</description>
+ </valueHelp>
+ <valueHelp>
+ <format>camellia192ctr</format>
+ <description>192 bit Camellia-COUNTER</description>
+ </valueHelp>
+ <valueHelp>
+ <format>camellia256ctr</format>
+ <description>256 bit Camellia-COUNTER</description>
+ </valueHelp>
+ <valueHelp>
+ <format>camellia128ccm64</format>
+ <description>128 bit Camellia-CCM with 64 bit ICV</description>
+ </valueHelp>
+ <valueHelp>
+ <format>camellia192ccm64</format>
+ <description>192 bit Camellia-CCM with 64 bit ICV</description>
+ </valueHelp>
+ <valueHelp>
+ <format>camellia256ccm64</format>
+ <description>256 bit Camellia-CCM with 64 bit ICV</description>
+ </valueHelp>
+ <valueHelp>
+ <format>camellia128ccm96</format>
+ <description>128 bit Camellia-CCM with 96 bit ICV</description>
+ </valueHelp>
+ <valueHelp>
+ <format>camellia192ccm96</format>
+ <description>192 bit Camellia-CCM with 96 bit ICV</description>
+ </valueHelp>
+ <valueHelp>
+ <format>camellia256ccm96</format>
+ <description>256 bit Camellia-CCM with 96 bit ICV</description>
+ </valueHelp>
+ <valueHelp>
+ <format>camellia128ccm128</format>
+ <description>128 bit Camellia-CCM with 128 bit ICV</description>
+ </valueHelp>
+ <valueHelp>
+ <format>camellia192ccm128</format>
+ <description>192 bit Camellia-CCM with 128 bit ICV</description>
+ </valueHelp>
+ <valueHelp>
+ <format>camellia256ccm128</format>
+ <description>256 bit Camellia-CCM with 128 bit ICV</description>
+ </valueHelp>
+ <valueHelp>
+ <format>serpent128</format>
+ <description>128 bit Serpent-CBC</description>
+ </valueHelp>
+ <valueHelp>
+ <format>serpent192</format>
+ <description>192 bit Serpent-CBC</description>
+ </valueHelp>
+ <valueHelp>
+ <format>serpent256</format>
+ <description>256 bit Serpent-CBC</description>
+ </valueHelp>
+ <valueHelp>
+ <format>twofish128</format>
+ <description>128 bit Twofish-CBC</description>
+ </valueHelp>
+ <valueHelp>
+ <format>twofish192</format>
+ <description>192 bit Twofish-CBC</description>
+ </valueHelp>
+ <valueHelp>
+ <format>twofish256</format>
+ <description>256 bit Twofish-CBC</description>
+ </valueHelp>
+ <valueHelp>
+ <format>cast128</format>
+ <description>128 bit CAST-CBC</description>
+ </valueHelp>
+ <valueHelp>
+ <format>chacha20poly1305</format>
+ <description>256 bit ChaCha20/Poly1305 with 128 bit ICV</description>
+ </valueHelp>
+ <constraint>
+ <regex>^(null|aes128|aes192|aes256|aes128ctr|aes192ctr|aes256ctr|aes128ccm64|aes192ccm64|aes256ccm64|aes128ccm96|aes192ccm96|aes256ccm96|aes128ccm128|aes192ccm128|aes256ccm128|aes128gcm64|aes192gcm64|aes256gcm64|aes128gcm96|aes192gcm96|aes256gcm96|aes128gcm128|aes192gcm128|aes256gcm128|aes128gmac|aes192gmac|aes256gmac|3des|blowfish128|blowfish192|blowfish256|camellia128|camellia192|camellia256|camellia128ctr|camellia192ctr|camellia256ctr|camellia128ccm64|camellia192ccm64|camellia256ccm64|camellia128ccm96|camellia192ccm96|camellia256ccm96|camellia128ccm128|camellia192ccm128|camellia256ccm128|serpent128|serpent192|serpent256|twofish128|twofish192|twofish256|cast128|chacha20poly1305)$</regex>
+ </constraint>
+ </properties>
+</leafNode>
<!-- include end -->
diff --git a/interface-definitions/include/vpn-ipsec-hash.xml.i b/interface-definitions/include/vpn-ipsec-hash.xml.i
index 93d57b622..5a06b290e 100644
--- a/interface-definitions/include/vpn-ipsec-hash.xml.i
+++ b/interface-definitions/include/vpn-ipsec-hash.xml.i
@@ -1,65 +1,65 @@
-<!-- include start from pn-ipsec-hash.xml.i -->
- <leafNode name="hash">
- <properties>
- <help>Hash algorithm</help>
- <completionHelp>
- <list>md5 md5_128 sha1 sha1_160 sha256 sha256_96 sha384 sha512 aesxcbc aescmac aes128gmac aes192gmac aes256gmac</list>
- </completionHelp>
- <valueHelp>
- <format>md5</format>
- <description>MD5 HMAC</description>
- </valueHelp>
- <valueHelp>
- <format>md5_128</format>
- <description>MD5_128 HMAC</description>
- </valueHelp>
- <valueHelp>
- <format>sha1</format>
- <description>SHA1 HMAC (default)</description>
- </valueHelp>
- <valueHelp>
- <format>sha1_160</format>
- <description>SHA1_160 HMAC</description>
- </valueHelp>
- <valueHelp>
- <format>sha256</format>
- <description>SHA2_256_128 HMAC</description>
- </valueHelp>
- <valueHelp>
- <format>sha256_96</format>
- <description>SHA2_256_96 HMAC</description>
- </valueHelp>
- <valueHelp>
- <format>sha384</format>
- <description>SHA2_384_192 HMAC</description>
- </valueHelp>
- <valueHelp>
- <format>sha512</format>
- <description>SHA2_512_256 HMAC</description>
- </valueHelp>
- <valueHelp>
- <format>aesxcbc</format>
- <description>AES XCBC</description>
- </valueHelp>
- <valueHelp>
- <format>aescmac</format>
- <description>AES CMAC</description>
- </valueHelp>
- <valueHelp>
- <format>aes128gmac</format>
- <description>128-bit AES-GMAC</description>
- </valueHelp>
- <valueHelp>
- <format>aes192gmac</format>
- <description>192-bit AES-GMAC</description>
- </valueHelp>
- <valueHelp>
- <format>aes256gmac</format>
- <description>256-bit AES-GMAC</description>
- </valueHelp>
- <constraint>
- <regex>^(md5|md5_128|sha1|sha1_160|sha256|sha256_96|sha384|sha512|aesxcbc|aescmac|aes128gmac|aes192gmac|aes256gmac)$</regex>
- </constraint>
- </properties>
- </leafNode>
+<!-- include start from vpn-ipsec-hash.xml.i -->
+<leafNode name="hash">
+ <properties>
+ <help>Hash algorithm</help>
+ <completionHelp>
+ <list>md5 md5_128 sha1 sha1_160 sha256 sha256_96 sha384 sha512 aesxcbc aescmac aes128gmac aes192gmac aes256gmac</list>
+ </completionHelp>
+ <valueHelp>
+ <format>md5</format>
+ <description>MD5 HMAC</description>
+ </valueHelp>
+ <valueHelp>
+ <format>md5_128</format>
+ <description>MD5_128 HMAC</description>
+ </valueHelp>
+ <valueHelp>
+ <format>sha1</format>
+ <description>SHA1 HMAC (default)</description>
+ </valueHelp>
+ <valueHelp>
+ <format>sha1_160</format>
+ <description>SHA1_160 HMAC</description>
+ </valueHelp>
+ <valueHelp>
+ <format>sha256</format>
+ <description>SHA2_256_128 HMAC</description>
+ </valueHelp>
+ <valueHelp>
+ <format>sha256_96</format>
+ <description>SHA2_256_96 HMAC</description>
+ </valueHelp>
+ <valueHelp>
+ <format>sha384</format>
+ <description>SHA2_384_192 HMAC</description>
+ </valueHelp>
+ <valueHelp>
+ <format>sha512</format>
+ <description>SHA2_512_256 HMAC</description>
+ </valueHelp>
+ <valueHelp>
+ <format>aesxcbc</format>
+ <description>AES XCBC</description>
+ </valueHelp>
+ <valueHelp>
+ <format>aescmac</format>
+ <description>AES CMAC</description>
+ </valueHelp>
+ <valueHelp>
+ <format>aes128gmac</format>
+ <description>128-bit AES-GMAC</description>
+ </valueHelp>
+ <valueHelp>
+ <format>aes192gmac</format>
+ <description>192-bit AES-GMAC</description>
+ </valueHelp>
+ <valueHelp>
+ <format>aes256gmac</format>
+ <description>256-bit AES-GMAC</description>
+ </valueHelp>
+ <constraint>
+ <regex>^(md5|md5_128|sha1|sha1_160|sha256|sha256_96|sha384|sha512|aesxcbc|aescmac|aes128gmac|aes192gmac|aes256gmac)$</regex>
+ </constraint>
+ </properties>
+</leafNode>
<!-- include end -->
diff --git a/interface-definitions/interfaces-ethernet.xml.in b/interface-definitions/interfaces-ethernet.xml.in
index fff8db2d1..cb451f5be 100644
--- a/interface-definitions/interfaces-ethernet.xml.in
+++ b/interface-definitions/interfaces-ethernet.xml.in
@@ -9,14 +9,14 @@
<properties>
<help>Ethernet Interface</help>
<priority>318</priority>
- <constraint>
- <regex>^((eth|lan)[0-9]+|(eno|ens|enp|enx).+)$</regex>
- </constraint>
- <constraintErrorMessage>Invalid Ethernet interface name</constraintErrorMessage>
<valueHelp>
<format>ethN</format>
<description>Ethernet interface name</description>
</valueHelp>
+ <constraint>
+ <regex>^((eth|lan)[0-9]+|(eno|ens|enp|enx).+)$</regex>
+ </constraint>
+ <constraintErrorMessage>Invalid Ethernet interface name</constraintErrorMessage>
</properties>
<children>
#include <include/interface/address-ipv4-ipv6-dhcp.xml.i>
@@ -80,6 +80,12 @@
<valueless/>
</properties>
</leafNode>
+ <leafNode name="lro">
+ <properties>
+ <help>Enable Large Receive Offload</help>
+ <valueless/>
+ </properties>
+ </leafNode>
<leafNode name="rps">
<properties>
<help>Enable Receive Packet Steering</help>
diff --git a/interface-definitions/interfaces-pppoe.xml.in b/interface-definitions/interfaces-pppoe.xml.in
index 8c2b50eba..96479e057 100644
--- a/interface-definitions/interfaces-pppoe.xml.in
+++ b/interface-definitions/interfaces-pppoe.xml.in
@@ -25,23 +25,7 @@
<constraintErrorMessage>Access concentrator name must be composed of uppper and lower case letters or numbers only</constraintErrorMessage>
</properties>
</leafNode>
- <node name="authentication">
- <properties>
- <help>Authentication settings</help>
- </properties>
- <children>
- <leafNode name="user">
- <properties>
- <help>User name</help>
- </properties>
- </leafNode>
- <leafNode name="password">
- <properties>
- <help>Password</help>
- </properties>
- </leafNode>
- </children>
- </node>
+ #include <include/interface/authentication.xml.i>
#include <include/interface/interface-dial-on-demand.xml.i>
<leafNode name="default-route">
<properties>
diff --git a/interface-definitions/interfaces-vti.xml.in b/interface-definitions/interfaces-vti.xml.in
index 604d7dd29..10e1feb6b 100644
--- a/interface-definitions/interfaces-vti.xml.in
+++ b/interface-definitions/interfaces-vti.xml.in
@@ -32,6 +32,7 @@
#include <include/interface/interface-description.xml.i>
#include <include/interface/interface-disable.xml.i>
#include <include/interface/interface-mtu-68-16000.xml.i>
+ #include <include/interface/interface-vrf.xml.i>
</children>
</tagNode>
</children>
diff --git a/interface-definitions/interfaces-wirelessmodem.xml.in b/interface-definitions/interfaces-wirelessmodem.xml.in
deleted file mode 100644
index 25ac2d6e0..000000000
--- a/interface-definitions/interfaces-wirelessmodem.xml.in
+++ /dev/null
@@ -1,83 +0,0 @@
-<?xml version="1.0"?>
-<interfaceDefinition>
- <node name="interfaces">
- <children>
- <tagNode name="wirelessmodem" owner="${vyos_conf_scripts_dir}/interfaces-wirelessmodem.py">
- <properties>
- <help>Wireless Modem (WWAN) Interface</help>
- <priority>350</priority>
- <constraint>
- <regex>^wlm[0-9]+$</regex>
- </constraint>
- <constraintErrorMessage>Wireless Modem interface must be named wlmN</constraintErrorMessage>
- <valueHelp>
- <format>wlmN</format>
- <description>Wireless modem interface name</description>
- </valueHelp>
- </properties>
- <children>
- <leafNode name="apn">
- <properties>
- <help>Access Point Name (APN)</help>
- </properties>
- </leafNode>
- <node name="backup">
- <properties>
- <help>Insert backup default route</help>
- </properties>
- <children>
- <leafNode name="distance">
- <properties>
- <help>Distance backup default route</help>
- <valueHelp>
- <format>1-255</format>
- <description>Distance of the backup route (default: 10)</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--range 1-255"/>
- </constraint>
- <constraintErrorMessage>Must be between (1-255)</constraintErrorMessage>
- </properties>
- <defaultValue>10</defaultValue>
- </leafNode>
- </children>
- </node>
- #include <include/interface/interface-description.xml.i>
- #include <include/interface/interface-disable.xml.i>
- #include <include/interface/interface-vrf.xml.i>
- <leafNode name="device">
- <properties>
- <help>Serial device </help>
- <completionHelp>
- <script>ls -1 /dev | grep ttyS</script>
- <script>if [ -d /dev/serial/by-bus ]; then ls -1 /dev/serial/by-bus; fi</script>
- </completionHelp>
- <valueHelp>
- <format>ttySXX</format>
- <description>TTY device name, regular serial port</description>
- </valueHelp>
- <valueHelp>
- <format>usbNbXpY</format>
- <description>TTY device name, USB based</description>
- </valueHelp>
- <constraint>
- <regex>^(ttyS[0-9]+|usb[0-9]+b.*)$</regex>
- </constraint>
- </properties>
- </leafNode>
- #include <include/interface/interface-disable-link-detect.xml.i>
- #include <include/interface/interface-mtu-68-16000.xml.i>
- #include <include/interface/interface-ipv4-options.xml.i>
- #include <include/interface/interface-ipv6-options.xml.i>
- <leafNode name="no-peer-dns">
- <properties>
- <help>Do not use peer supplied DNS server information</help>
- <valueless/>
- </properties>
- </leafNode>
- #include <include/interface/interface-dial-on-demand.xml.i>
- </children>
- </tagNode>
- </children>
- </node>
-</interfaceDefinition>
diff --git a/interface-definitions/interfaces-wwan.xml.in b/interface-definitions/interfaces-wwan.xml.in
new file mode 100644
index 000000000..ea3184a11
--- /dev/null
+++ b/interface-definitions/interfaces-wwan.xml.in
@@ -0,0 +1,46 @@
+<?xml version="1.0"?>
+<interfaceDefinition>
+ <node name="interfaces">
+ <children>
+ <tagNode name="wwan" owner="${vyos_conf_scripts_dir}/interfaces-wwan.py">
+ <properties>
+ <help>Wireless Modem (WWAN) Interface</help>
+ <priority>350</priority>
+ <completionHelp>
+ <script>cd /sys/class/net; ls -d wwan*</script>
+ </completionHelp>
+ <constraint>
+ <regex>^wwan[0-9]+$</regex>
+ </constraint>
+ <constraintErrorMessage>Wireless Modem interface must be named wwanN</constraintErrorMessage>
+ <valueHelp>
+ <format>wwanN</format>
+ <description>Wireless Wide Area Network interface name</description>
+ </valueHelp>
+ </properties>
+ <children>
+ #include <include/interface/address-ipv4-ipv6-dhcp.xml.i>
+ <leafNode name="apn">
+ <properties>
+ <help>Access Point Name (APN)</help>
+ </properties>
+ </leafNode>
+ #include <include/interface/dhcp-options.xml.i>
+ #include <include/interface/dhcpv6-options.xml.i>
+ #include <include/interface/authentication.xml.i>
+ #include <include/interface/interface-description.xml.i>
+ #include <include/interface/interface-disable.xml.i>
+ #include <include/interface/interface-vrf.xml.i>
+ #include <include/interface/interface-disable-link-detect.xml.i>
+ #include <include/interface/interface-mtu-68-1500.xml.i>
+ <leafNode name="mtu">
+ <defaultValue>1430</defaultValue>
+ </leafNode>
+ #include <include/interface/interface-ipv4-options.xml.i>
+ #include <include/interface/interface-ipv6-options.xml.i>
+ #include <include/interface/interface-dial-on-demand.xml.i>
+ </children>
+ </tagNode>
+ </children>
+ </node>
+</interfaceDefinition>
diff --git a/interface-definitions/policy.xml.in b/interface-definitions/policy.xml.in
index 195e074a3..6a002cc20 100644
--- a/interface-definitions/policy.xml.in
+++ b/interface-definitions/policy.xml.in
@@ -925,15 +925,6 @@
<valueless/>
</properties>
</leafNode>
- <leafNode name="bgp-extcommunity-rt">
- <properties>
- <help>Set route target value</help>
- <valueHelp>
- <format>&lt;aa:nn&gt;</format>
- <description>ExtCommunity in format: asn:value</description>
- </valueHelp>
- </properties>
- </leafNode>
<node name="comm-list">
<properties>
<help>Border Gateway Protocol (BGP) communities matching a community-list</help>
@@ -1007,24 +998,71 @@
</constraint>
</properties>
</leafNode>
- <leafNode name="extcommunity-rt">
+ <node name="extcommunity">
<properties>
- <help>Set route target value</help>
- <valueHelp>
- <format>txt</format>
- <description>ASN:nn_or_IP_address:nn VPN extended community</description>
- </valueHelp>
+ <help>BGP extended community attribute</help>
</properties>
- </leafNode>
- <leafNode name="extcommunity-soo">
- <properties>
- <help>Set Site of Origin value</help>
- <valueHelp>
- <format>txt</format>
- <description>ASN:nn_or_IP_address:nn VPN extended community</description>
- </valueHelp>
- </properties>
- </leafNode>
+ <children>
+ <leafNode name="bandwidth">
+ <properties>
+ <help>Bandwidth value in Mbps</help>
+ <completionHelp>
+ <list>cumulative num-multipaths</list>
+ </completionHelp>
+ <valueHelp>
+ <format>u32:1-25600</format>
+ <description>Bandwidth value in Mbps</description>
+ </valueHelp>
+ <valueHelp>
+ <format>cumulative</format>
+ <description>Cumulative bandwidth of all multipaths (outbound-only)</description>
+ </valueHelp>
+ <valueHelp>
+ <format>num-multipaths</format>
+ <description>Internally computed bandwidth based on number of multipaths (outbound-only)</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1-25600"/>
+ <regex>^(cumulative|num-multipaths)$</regex>
+ </constraint>
+ </properties>
+ </leafNode>
+ <leafNode name="rt">
+ <properties>
+ <help>Set route target value</help>
+ <valueHelp>
+ <format>ASN:NN</format>
+ <description>based on autonomous system number</description>
+ </valueHelp>
+ <valueHelp>
+ <format>IP:NN</format>
+ <description>Based on a router-id IP address</description>
+ </valueHelp>
+ <constraint>
+ <regex>^((?:[0-9]{1,3}\.){3}[0-9]{1,3}|\d+):\d+$</regex>
+ </constraint>
+ <constraintErrorMessage>Should be in form: ASN:NN or IPADDR:NN where ASN is autonomous system number</constraintErrorMessage>
+ </properties>
+ </leafNode>
+ <leafNode name="soo">
+ <properties>
+ <help>Set Site of Origin value</help>
+ <valueHelp>
+ <format>ASN:NN</format>
+ <description>based on autonomous system number</description>
+ </valueHelp>
+ <valueHelp>
+ <format>IP:NN</format>
+ <description>Based on a router-id IP address</description>
+ </valueHelp>
+ <constraint>
+ <regex>^((?:[0-9]{1,3}\.){3}[0-9]{1,3}|\d+):\d+$</regex>
+ </constraint>
+ <constraintErrorMessage>Should be in form: ASN:NN or IPADDR:NN where ASN is autonomous system number</constraintErrorMessage>
+ </properties>
+ </leafNode>
+ </children>
+ </node>
<leafNode name="ip-next-hop">
<properties>
<help>Nexthop IP address</help>
diff --git a/interface-definitions/service_mdns-repeater.xml.in b/interface-definitions/service_mdns-repeater.xml.in
index 33ef9a434..d02dac8a6 100644
--- a/interface-definitions/service_mdns-repeater.xml.in
+++ b/interface-definitions/service_mdns-repeater.xml.in
@@ -23,6 +23,12 @@
<multi/>
</properties>
</leafNode>
+ <leafNode name="vrrp-disable">
+ <properties>
+ <help>Disables mDNS repeater on VRRP interfaces not in MASTER state</help>
+ <valueless/>
+ </properties>
+ </leafNode>
</children>
</node>
</children>
diff --git a/interface-definitions/ssh.xml.in b/interface-definitions/ssh.xml.in
index 6faef9bd5..54742f1d0 100644
--- a/interface-definitions/ssh.xml.in
+++ b/interface-definitions/ssh.xml.in
@@ -1,5 +1,4 @@
<?xml version="1.0"?>
-<!--SSH configuration -->
<interfaceDefinition>
<node name="service">
<properties>
@@ -14,9 +13,7 @@
<children>
<node name="access-control">
<properties>
- <help>SSH user/group access controls. Directives are processed
- in the following order: deny-users, allow-users, deny-groups and
- allow-groups.</help>
+ <help>SSH user/group access controls</help>
</properties>
<children>
<node name="allow">
@@ -24,26 +21,8 @@
<help>Allow user/group SSH access</help>
</properties>
<children>
- <leafNode name="group">
- <properties>
- <help>Allow members of a group to login</help>
- <constraint>
- <regex>[a-z_][a-z0-9_-]{1,31}[$]?</regex>
- </constraint>
- <constraintErrorMessage>illegal characters or more than 32 characters</constraintErrorMessage>
- <multi/>
- </properties>
- </leafNode>
- <leafNode name="user">
- <properties>
- <help>Allow specific users to login</help>
- <constraint>
- <regex>[a-z_][a-z0-9_-]{1,31}[$]?</regex>
- </constraint>
- <constraintErrorMessage>illegal characters or more than 32 characters</constraintErrorMessage>
- <multi/>
- </properties>
- </leafNode>
+ #include <include/ssh-group.xml.i>
+ #include <include/ssh-user.xml.i>
</children>
</node>
<node name="deny">
@@ -51,26 +30,8 @@
<help>Deny user/group SSH access</help>
</properties>
<children>
- <leafNode name="group">
- <properties>
- <help>Disallow members of a group to login</help>
- <constraint>
- <regex>[a-z_][a-z0-9_-]{1,31}[$]?</regex>
- </constraint>
- <constraintErrorMessage>illegal characters or more than 32 characters</constraintErrorMessage>
- <multi/>
- </properties>
- </leafNode>
- <leafNode name="user">
- <properties>
- <help>Disallow specific users to login</help>
- <constraint>
- <regex>[a-z_][a-z0-9_-]{1,31}[$]?</regex>
- </constraint>
- <constraintErrorMessage>illegal characters or more than 32 characters</constraintErrorMessage>
- <multi/>
- </properties>
- </leafNode>
+ #include <include/ssh-group.xml.i>
+ #include <include/ssh-user.xml.i>
</children>
</node>
</children>
diff --git a/interface-definitions/vpn_ipsec.xml.in b/interface-definitions/vpn_ipsec.xml.in
index 604f49cb6..2031217ba 100644
--- a/interface-definitions/vpn_ipsec.xml.in
+++ b/interface-definitions/vpn_ipsec.xml.in
@@ -642,6 +642,7 @@
<help>VPN IPSec Profile</help>
</properties>
<children>
+ #include <include/generic-disable-node.xml.i>
<node name="authentication">
<properties>
<help>Authentication [REQUIRED]</help>
@@ -731,6 +732,7 @@
</valueHelp>
</properties>
<children>
+ #include <include/generic-disable-node.xml.i>
<node name="authentication">
<properties>
<help>Peer authentication [REQUIRED]</help>
@@ -967,44 +969,6 @@
</valueHelp>
</properties>
<children>
- <leafNode name="allow-nat-networks">
- <properties>
- <help>Option to allow NAT networks</help>
- <completionHelp>
- <list>enable disable</list>
- </completionHelp>
- <valueHelp>
- <format>enable</format>
- <description>Enable NAT networks</description>
- </valueHelp>
- <valueHelp>
- <format>disable</format>
- <description>Disable NAT networks (default)</description>
- </valueHelp>
- <constraint>
- <regex>^(enable|disable)$</regex>
- </constraint>
- </properties>
- </leafNode>
- <leafNode name="allow-public-networks">
- <properties>
- <help>Option to allow public networks</help>
- <completionHelp>
- <list>enable disable</list>
- </completionHelp>
- <valueHelp>
- <format>enable</format>
- <description>Enable public networks</description>
- </valueHelp>
- <valueHelp>
- <format>disable</format>
- <description>Disable public networks (default)</description>
- </valueHelp>
- <constraint>
- <regex>^(enable|disable)$</regex>
- </constraint>
- </properties>
- </leafNode>
#include <include/generic-disable-node.xml.i>
<leafNode name="esp-group">
<properties>
@@ -1047,6 +1011,7 @@
<validator name="ipv4-prefix"/>
<validator name="ipv6-prefix"/>
</constraint>
+ <multi/>
</properties>
</leafNode>
</children>
@@ -1085,6 +1050,7 @@
<validator name="ipv4-prefix"/>
<validator name="ipv6-prefix"/>
</constraint>
+ <multi/>
</properties>
</leafNode>
</children>
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-06 21:24:09 +0000