summaryrefslogtreecommitdiff
path: root/interface-definitions
diff options
context:
space:
mode:
Diffstat (limited to 'interface-definitions')
-rw-r--r--interface-definitions/containers.xml.in1
-rw-r--r--interface-definitions/include/dhcp-interface.xml.i15
-rw-r--r--interface-definitions/include/ipsec/authentication-pre-shared-secret.xml.i11
-rw-r--r--interface-definitions/include/static/static-route.xml.i16
-rw-r--r--interface-definitions/interfaces-tunnel.xml.in16
-rw-r--r--interface-definitions/vpn_ipsec.xml.in57
-rw-r--r--interface-definitions/vpn_l2tp.xml.in57
7 files changed, 48 insertions, 125 deletions
diff --git a/interface-definitions/containers.xml.in b/interface-definitions/containers.xml.in
index 6fc53c105..124b1f65e 100644
--- a/interface-definitions/containers.xml.in
+++ b/interface-definitions/containers.xml.in
@@ -3,6 +3,7 @@
<node name="container" owner="${vyos_conf_scripts_dir}/containers.py">
<properties>
<help>Container applications</help>
+ <priority>1280</priority>
</properties>
<children>
<tagNode name="name">
diff --git a/interface-definitions/include/dhcp-interface.xml.i b/interface-definitions/include/dhcp-interface.xml.i
new file mode 100644
index 000000000..939b45f15
--- /dev/null
+++ b/interface-definitions/include/dhcp-interface.xml.i
@@ -0,0 +1,15 @@
+ <leafNode name="dhcp-interface">
+ <properties>
+ <help>DHCP interface supplying next-hop IP address</help>
+ <completionHelp>
+ <script>${vyos_completion_dir}/list_interfaces.py</script>
+ </completionHelp>
+ <valueHelp>
+ <format>txt</format>
+ <description>DHCP interface name</description>
+ </valueHelp>
+ <constraint>
+ <validator name="interface-name"/>
+ </constraint>
+ </properties>
+ </leafNode>
diff --git a/interface-definitions/include/ipsec/authentication-pre-shared-secret.xml.i b/interface-definitions/include/ipsec/authentication-pre-shared-secret.xml.i
new file mode 100644
index 000000000..af2669335
--- /dev/null
+++ b/interface-definitions/include/ipsec/authentication-pre-shared-secret.xml.i
@@ -0,0 +1,11 @@
+<!-- include start from ipsec/authentication-pre-shared-secret.xml.i -->
+<leafNode name="pre-shared-secret">
+ <properties>
+ <help>Pre-shared secret key</help>
+ <valueHelp>
+ <format>txt</format>
+ <description>Pre-shared secret key</description>
+ </valueHelp>
+ </properties>
+</leafNode>
+<!-- include end -->
diff --git a/interface-definitions/include/static/static-route.xml.i b/interface-definitions/include/static/static-route.xml.i
index 254ea3163..21babc015 100644
--- a/interface-definitions/include/static/static-route.xml.i
+++ b/interface-definitions/include/static/static-route.xml.i
@@ -31,21 +31,7 @@
</leafNode>
</children>
</node>
- <leafNode name="dhcp-interface">
- <properties>
- <help>DHCP interface supplying next-hop IP address</help>
- <completionHelp>
- <script>${vyos_completion_dir}/list_interfaces.py</script>
- </completionHelp>
- <valueHelp>
- <format>txt</format>
- <description>DHCP interface name</description>
- </valueHelp>
- <constraint>
- <validator name="interface-name"/>
- </constraint>
- </properties>
- </leafNode>
+ #include <include/dhcp-interface.xml.i>
<tagNode name="interface">
<properties>
<help>Next-hop IPv4 router interface</help>
diff --git a/interface-definitions/interfaces-tunnel.xml.in b/interface-definitions/interfaces-tunnel.xml.in
index 56f8ea79c..6851c0354 100644
--- a/interface-definitions/interfaces-tunnel.xml.in
+++ b/interface-definitions/interfaces-tunnel.xml.in
@@ -61,21 +61,7 @@
</constraint>
</properties>
</leafNode>
- <leafNode name="dhcp-interface">
- <properties>
- <help>dhcp interface</help>
- <valueHelp>
- <format>interface</format>
- <description>DHCP interface that supplies the local IP address for this tunnel</description>
- </valueHelp>
- <completionHelp>
- <script>${vyos_completion_dir}/list_interfaces.py</script>
- </completionHelp>
- <constraint>
- <regex>^(en|eth|br|bond|gnv|vxlan|wg|tun)[0-9]+$</regex>
- </constraint>
- </properties>
- </leafNode>
+ #include <include/dhcp-interface.xml.i>
<leafNode name="encapsulation">
<properties>
<help>Encapsulation of this tunnel interface</help>
diff --git a/interface-definitions/vpn_ipsec.xml.in b/interface-definitions/vpn_ipsec.xml.in
index 147f351f2..9dbebdc0f 100644
--- a/interface-definitions/vpn_ipsec.xml.in
+++ b/interface-definitions/vpn_ipsec.xml.in
@@ -52,6 +52,7 @@
<regex>^(disable|enable)$</regex>
</constraint>
</properties>
+ <defaultValue>disable</defaultValue>
</leafNode>
<leafNode name="lifetime">
<properties>
@@ -509,22 +510,15 @@
<help>Sets to include an additional secrets file for strongSwan. Use an absolute path to specify the included file.</help>
</properties>
</leafNode>
- <node name="ipsec-interfaces">
+ <leafNode name="interface">
<properties>
- <help>Interface to use for VPN [REQUIRED]</help>
+ <help>Onterface used for IPsec communication</help>
+ <completionHelp>
+ <script>${vyos_completion_dir}/list_interfaces.py</script>
+ </completionHelp>
+ <multi/>
</properties>
- <children>
- <leafNode name="interface">
- <properties>
- <help>IPsec interface [REQUIRED]</help>
- <completionHelp>
- <script>${vyos_completion_dir}/list_interfaces.py</script>
- </completionHelp>
- <multi/>
- </properties>
- </leafNode>
- </children>
- </node>
+ </leafNode>
<node name="log">
<properties>
<help>IPsec logging</help>
@@ -704,15 +698,7 @@
</valueHelp>
</properties>
</leafNode>
- <leafNode name="pre-shared-secret">
- <properties>
- <help>Pre-shared secret key</help>
- <valueHelp>
- <format>txt</format>
- <description>Pre-shared secret key</description>
- </valueHelp>
- </properties>
- </leafNode>
+ #include <include/ipsec/authentication-pre-shared-secret.xml.i>
</children>
</node>
<node name="bind">
@@ -811,11 +797,7 @@
</properties>
<defaultValue>x509</defaultValue>
</leafNode>
- <leafNode name="pre-shared-secret">
- <properties>
- <help>Pre-shared-secret used for server authentication</help>
- </properties>
- </leafNode>
+ #include <include/ipsec/authentication-pre-shared-secret.xml.i>
</children>
</node>
#include <include/generic-description.xml.i>
@@ -947,15 +929,7 @@
</constraint>
</properties>
</leafNode>
- <leafNode name="pre-shared-secret">
- <properties>
- <help>Pre-shared secret key</help>
- <valueHelp>
- <format>txt</format>
- <description>Pre-shared secret key</description>
- </valueHelp>
- </properties>
- </leafNode>
+ #include <include/ipsec/authentication-pre-shared-secret.xml.i>
<leafNode name="remote-id">
<properties>
<help>ID for remote authentication</help>
@@ -1001,14 +975,7 @@
</properties>
</leafNode>
#include <include/generic-description.xml.i>
- <leafNode name="dhcp-interface">
- <properties>
- <help>DHCP interface to listen on</help>
- <completionHelp>
- <script>${vyos_completion_dir}/list_interfaces.py</script>
- </completionHelp>
- </properties>
- </leafNode>
+ #include <include/dhcp-interface.xml.i>
<leafNode name="force-encapsulation">
<properties>
<help>Force UDP Encapsulation for ESP Payloads</help>
diff --git a/interface-definitions/vpn_l2tp.xml.in b/interface-definitions/vpn_l2tp.xml.in
index 4fbf3fa44..6cf5218ff 100644
--- a/interface-definitions/vpn_l2tp.xml.in
+++ b/interface-definitions/vpn_l2tp.xml.in
@@ -70,51 +70,8 @@
</completionHelp>
</properties>
</leafNode>
- <leafNode name="pre-shared-secret">
- <properties>
- <help>Pre-shared secret for IPsec</help>
- </properties>
- </leafNode>
- <node name="x509">
- <properties>
- <help>X.509 certificate</help>
- </properties>
- <children>
- #include <include/certificate-ca.xml.i>
- <leafNode name="crl-file">
- <properties>
- <help>File containing the X.509 Certificate Revocation List (CRL)</help>
- <valueHelp>
- <format>txt</format>
- <description>File in /config/auth</description>
- </valueHelp>
- </properties>
- </leafNode>
- <leafNode name="server-cert-file">
- <properties>
- <help>File containing the X.509 certificate for the remote access VPN server (this host)</help>
- <valueHelp>
- <format>txt</format>
- <description>File in /config/auth</description>
- </valueHelp>
- </properties>
- </leafNode>
- <leafNode name="server-key-file">
- <properties>
- <help>File containing the private key for the X.509 certificate for the remote access VPN server (this host)</help>
- <valueHelp>
- <format>txt</format>
- <description>File in /config/auth</description>
- </valueHelp>
- </properties>
- </leafNode>
- <leafNode name="server-key-password">
- <properties>
- <help>Password that protects the private key</help>
- </properties>
- </leafNode>
- </children>
- </node>
+ #include <include/ipsec/authentication-pre-shared-secret.xml.i>
+ #include <include/ipsec/authentication-x509.xml.i>
</children>
</node>
<leafNode name="ike-lifetime">
@@ -128,6 +85,7 @@
<validator name="numeric" argument="--range 30-86400"/>
</constraint>
</properties>
+ <defaultValue>3600</defaultValue>
</leafNode>
<leafNode name="lifetime">
<properties>
@@ -140,7 +98,10 @@
<validator name="numeric" argument="--range 30-86400"/>
</constraint>
</properties>
+ <defaultValue>3600</defaultValue>
</leafNode>
+ #include <include/ipsec/esp-group.xml.i>
+ #include <include/ipsec/ike-group.xml.i>
</children>
</node>
#include <include/accel-ppp/wins-server.xml.i>
@@ -159,11 +120,7 @@
<help>Description for L2TP remote-access settings</help>
</properties>
</leafNode>
- <leafNode name="dhcp-interface">
- <properties>
- <help>DHCP interface to listen on</help>
- </properties>
- </leafNode>
+ #include <include/dhcp-interface.xml.i>
<leafNode name="idle">
<properties>
<help>PPP idle timeout</help>
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-28 19:36:57 +0000