diff options
Diffstat (limited to 'interface-definitions')
17 files changed, 198 insertions, 104 deletions
diff --git a/interface-definitions/firewall.xml.in b/interface-definitions/firewall.xml.in index 662ba24ab..3219471b1 100644 --- a/interface-definitions/firewall.xml.in +++ b/interface-definitions/firewall.xml.in @@ -2,7 +2,7 @@ <interfaceDefinition> <node name="firewall" owner="${vyos_conf_scripts_dir}/firewall.py"> <properties> - <priority>199</priority> + <priority>319</priority> <help>Firewall</help> </properties> <children> @@ -94,7 +94,7 @@ <properties> <help>Firewall domain-group</help> <constraint> - <regex>[a-zA-Z_][a-zA-Z0-9][\w\-\.]*</regex> + <regex>[a-zA-Z_][a-zA-Z0-9]?[\w\-\.]*</regex> </constraint> <constraintErrorMessage>Name of domain-group can only contain alpha-numeric letters, hyphen, underscores and not start with numeric</constraintErrorMessage> </properties> diff --git a/interface-definitions/include/bgp/neighbor-path-attribute.xml.i b/interface-definitions/include/bgp/neighbor-path-attribute.xml.i index 30568d8c6..399a6bcdd 100644 --- a/interface-definitions/include/bgp/neighbor-path-attribute.xml.i +++ b/interface-definitions/include/bgp/neighbor-path-attribute.xml.i @@ -14,6 +14,7 @@ <constraint> <validator name="numeric" argument="--range 1-255"/> </constraint> + <multi/> </properties> </leafNode> <leafNode name="treat-as-withdraw"> diff --git a/interface-definitions/include/bgp/protocol-common-config.xml.i b/interface-definitions/include/bgp/protocol-common-config.xml.i index ea6e75bbd..ca67eaf3c 100644 --- a/interface-definitions/include/bgp/protocol-common-config.xml.i +++ b/interface-definitions/include/bgp/protocol-common-config.xml.i @@ -894,6 +894,30 @@ </leafNode> </children> </node> + <node name="mac-vrf"> + <properties> + <help>EVPN MAC-VRF</help> + </properties> + <children> + <leafNode name="soo"> + <properties> + <help>Site-of-Origin extended community</help> + <valueHelp> + <format>ASN:NN</format> + <description>based on autonomous system number in format <0-65535:0-4294967295></description> + </valueHelp> + <valueHelp> + <format>IP:NN</format> + <description>Based on a router-id IP address in format <IP:0-65535></description> + </valueHelp> + <constraint> + <validator name="bgp-extended-community"/> + </constraint> + <constraintErrorMessage>Should be in form: ASN:NN or IPADDR:NN where ASN is autonomous system number</constraintErrorMessage> + </properties> + </leafNode> + </children> + </node> <tagNode name="vni"> <properties> <help>VXLAN Network Identifier</help> diff --git a/interface-definitions/include/eigrp/protocol-common-config.xml.i b/interface-definitions/include/eigrp/protocol-common-config.xml.i index a21d18424..a8290f772 100644 --- a/interface-definitions/include/eigrp/protocol-common-config.xml.i +++ b/interface-definitions/include/eigrp/protocol-common-config.xml.i @@ -1,5 +1,5 @@ <!-- include start from eigrp/protocol-common-config.xml.i --> -<leafNode name="local-as"> +<leafNode name="system-as"> <properties> <help>Autonomous System Number (ASN)</help> <valueHelp> @@ -61,6 +61,7 @@ <completionHelp> <script>${vyos_completion_dir}/list_interfaces</script> </completionHelp> + <multi/> </properties> </leafNode> <leafNode name="redistribute"> @@ -108,7 +109,7 @@ </properties> </leafNode> #include <include/router-id.xml.i> -<!-- FRR timers not implemented yet --> +<!-- FRR error: active time not implemented yet --> <leafNode name="variance"> <properties> <help>Control load balancing variance</help> diff --git a/interface-definitions/include/pki/cli-certificate-base64.xml.i b/interface-definitions/include/pki/cli-certificate-base64.xml.i new file mode 100644 index 000000000..a3eff79e8 --- /dev/null +++ b/interface-definitions/include/pki/cli-certificate-base64.xml.i @@ -0,0 +1,11 @@ +<!-- include start from pki/cli-certificate-base64.xml.i --> +<leafNode name="certificate"> + <properties> + <help>Certificate in PEM format</help> + <constraint> + <validator name="base64"/> + </constraint> + <constraintErrorMessage>Certificate is not base64-encoded</constraintErrorMessage> + </properties> +</leafNode> +<!-- include end --> diff --git a/interface-definitions/include/pki/cli-private-key-base64.xml.i b/interface-definitions/include/pki/cli-private-key-base64.xml.i new file mode 100644 index 000000000..3a7ee0ce9 --- /dev/null +++ b/interface-definitions/include/pki/cli-private-key-base64.xml.i @@ -0,0 +1,11 @@ +<!-- include start from pki/pki-cli-private-key.xml.i --> +<leafNode name="key"> + <properties> + <help>Private key in PEM format</help> + <constraint> + <validator name="base64"/> + </constraint> + <constraintErrorMessage>Private key is not base64-encoded</constraintErrorMessage> + </properties> +</leafNode> +<!-- include end --> diff --git a/interface-definitions/include/pki/cli-public-key-base64.xml.i b/interface-definitions/include/pki/cli-public-key-base64.xml.i new file mode 100644 index 000000000..3a7ee0ce9 --- /dev/null +++ b/interface-definitions/include/pki/cli-public-key-base64.xml.i @@ -0,0 +1,11 @@ +<!-- include start from pki/pki-cli-private-key.xml.i --> +<leafNode name="key"> + <properties> + <help>Private key in PEM format</help> + <constraint> + <validator name="base64"/> + </constraint> + <constraintErrorMessage>Private key is not base64-encoded</constraintErrorMessage> + </properties> +</leafNode> +<!-- include end --> diff --git a/interface-definitions/include/pki/cli-revoke.xml.i b/interface-definitions/include/pki/cli-revoke.xml.i new file mode 100644 index 000000000..61cd978bb --- /dev/null +++ b/interface-definitions/include/pki/cli-revoke.xml.i @@ -0,0 +1,8 @@ +<!-- include start from pki/cli-revoke.xml.i --> +<leafNode name="revoke"> + <properties> + <help>Include certificate in parent CRL</help> + <valueless/> + </properties> +</leafNode> +<!-- include end --> diff --git a/interface-definitions/include/pki/openssh-key.xml.i b/interface-definitions/include/pki/openssh-key.xml.i new file mode 100644 index 000000000..8f005d077 --- /dev/null +++ b/interface-definitions/include/pki/openssh-key.xml.i @@ -0,0 +1,14 @@ +<!-- include start from pki/openssh-key.xml.i --> +<leafNode name="key"> + <properties> + <help>OpenSSH key in PKI configuration</help> + <completionHelp> + <path>pki openssh</path> + </completionHelp> + <valueHelp> + <format>txt</format> + <description>Name of OpenSSH key in PKI configuration</description> + </valueHelp> + </properties> +</leafNode> +<!-- include end --> diff --git a/interface-definitions/include/pki/password-protected.xml.i b/interface-definitions/include/pki/password-protected.xml.i new file mode 100644 index 000000000..b72e4ecec --- /dev/null +++ b/interface-definitions/include/pki/password-protected.xml.i @@ -0,0 +1,8 @@ +<!-- include start from pki/password-protected.xml.i --> +<leafNode name="password-protected"> + <properties> + <help>Private key portion is password protected</help> + <valueless/> + </properties> +</leafNode> +<!-- include end --> diff --git a/interface-definitions/include/static/static-route-reject.xml.i b/interface-definitions/include/static/static-route-reject.xml.i index 81d4f9afd..ef713ac85 100644 --- a/interface-definitions/include/static/static-route-reject.xml.i +++ b/interface-definitions/include/static/static-route-reject.xml.i @@ -9,4 +9,3 @@ </children> </node> <!-- include end --> - diff --git a/interface-definitions/include/static/static-route-segments.xml.i b/interface-definitions/include/static/static-route-segments.xml.i new file mode 100644 index 000000000..2068b1ab4 --- /dev/null +++ b/interface-definitions/include/static/static-route-segments.xml.i @@ -0,0 +1,14 @@ +<!-- include start from static/static-route-segments.xml.i --> +<leafNode name="segments"> + <properties> + <help>SRv6 segments</help> + <valueHelp> + <format>txt</format> + <description>Segs (SIDs)</description> + </valueHelp> + <constraint> + <validator name="ipv6-srv6-segments"/> + </constraint> + </properties> + </leafNode> + <!-- include end --> diff --git a/interface-definitions/include/static/static-route6.xml.i b/interface-definitions/include/static/static-route6.xml.i index a83cc230b..4468c8025 100644 --- a/interface-definitions/include/static/static-route6.xml.i +++ b/interface-definitions/include/static/static-route6.xml.i @@ -31,6 +31,7 @@ <children> #include <include/generic-disable-node.xml.i> #include <include/static/static-route-distance.xml.i> + #include <include/static/static-route-segments.xml.i> #include <include/static/static-route-vrf.xml.i> </children> </tagNode> @@ -47,13 +48,13 @@ </properties> <children> #include <include/generic-disable-node.xml.i> + #include <include/static/static-route-bfd.xml.i> #include <include/static/static-route-distance.xml.i> #include <include/static/static-route-interface.xml.i> + #include <include/static/static-route-segments.xml.i> #include <include/static/static-route-vrf.xml.i> - #include <include/static/static-route-bfd.xml.i> </children> </tagNode> </children> </tagNode> <!-- include end --> - diff --git a/interface-definitions/include/version/dhcpv6-server-version.xml.i b/interface-definitions/include/version/dhcpv6-server-version.xml.i index bfef27b77..1f30368a3 100644 --- a/interface-definitions/include/version/dhcpv6-server-version.xml.i +++ b/interface-definitions/include/version/dhcpv6-server-version.xml.i @@ -1,3 +1,3 @@ <!-- include start from include/version/dhcpv6-server-version.xml.i --> -<syntaxVersion component='dhcpv6-server' version='4'></syntaxVersion> +<syntaxVersion component='dhcpv6-server' version='5'></syntaxVersion> <!-- include end --> diff --git a/interface-definitions/pki.xml.in b/interface-definitions/pki.xml.in index 0ed199539..7a0b073b4 100644 --- a/interface-definitions/pki.xml.in +++ b/interface-definitions/pki.xml.in @@ -14,36 +14,15 @@ </constraint> </properties> <children> - <leafNode name="certificate"> - <properties> - <help>CA certificate in PEM format</help> - <constraint> - <validator name="base64"/> - </constraint> - <constraintErrorMessage>CA certificate is not base64-encoded</constraintErrorMessage> - </properties> - </leafNode> + #include <include/pki/cli-certificate-base64.xml.i> #include <include/generic-description.xml.i> <node name="private"> <properties> <help>CA private key in PEM format</help> </properties> <children> - <leafNode name="key"> - <properties> - <help>CA private key in PEM format</help> - <constraint> - <validator name="base64"/> - </constraint> - <constraintErrorMessage>CA private key is not base64-encoded</constraintErrorMessage> - </properties> - </leafNode> - <leafNode name="password-protected"> - <properties> - <help>CA private key is password protected</help> - <valueless/> - </properties> - </leafNode> + #include <include/pki/cli-private-key-base64.xml.i> + #include <include/pki/password-protected.xml.i> </children> </node> <leafNode name="crl"> @@ -56,12 +35,7 @@ <multi/> </properties> </leafNode> - <leafNode name="revoke"> - <properties> - <help>If parent CA is present, this CA certificate will be included in generated CRLs</help> - <valueless/> - </properties> - </leafNode> + #include <include/pki/cli-revoke.xml.i> </children> </tagNode> <tagNode name="certificate"> @@ -72,15 +46,7 @@ </constraint> </properties> <children> - <leafNode name="certificate"> - <properties> - <help>Certificate in PEM format</help> - <constraint> - <validator name="base64"/> - </constraint> - <constraintErrorMessage>Certificate is not base64-encoded</constraintErrorMessage> - </properties> - </leafNode> + #include <include/pki/cli-certificate-base64.xml.i> <node name="acme"> <properties> <help>Automatic Certificate Management Environment (ACME) request</help> @@ -141,29 +107,11 @@ <help>Certificate private key</help> </properties> <children> - <leafNode name="key"> - <properties> - <help>Certificate private key in PEM format</help> - <constraint> - <validator name="base64"/> - </constraint> - <constraintErrorMessage>Certificate private key is not base64-encoded</constraintErrorMessage> - </properties> - </leafNode> - <leafNode name="password-protected"> - <properties> - <help>Certificate private key is password protected</help> - <valueless/> - </properties> - </leafNode> + #include <include/pki/cli-private-key-base64.xml.i> + #include <include/pki/password-protected.xml.i> </children> </node> - <leafNode name="revoke"> - <properties> - <help>If CA is present, this certificate will be included in generated CRLs</help> - <valueless/> - </properties> - </leafNode> + #include <include/pki/cli-revoke.xml.i> </children> </tagNode> <tagNode name="dh"> @@ -195,15 +143,7 @@ <help>Public key</help> </properties> <children> - <leafNode name="key"> - <properties> - <help>Public key in PEM format</help> - <constraint> - <validator name="base64"/> - </constraint> - <constraintErrorMessage>Public key is not base64-encoded</constraintErrorMessage> - </properties> - </leafNode> + #include <include/pki/cli-public-key-base64.xml.i> </children> </node> <node name="private"> @@ -211,23 +151,73 @@ <help>Private key</help> </properties> <children> - <leafNode name="key"> + #include <include/pki/cli-private-key-base64.xml.i> + #include <include/pki/password-protected.xml.i> + </children> + </node> + </children> + </tagNode> + <tagNode name="openssh"> + <properties> + <help>OpenSSH public and private keys</help> + </properties> + <children> + <node name="public"> + <properties> + <help>Public key</help> + </properties> + <children> + #include <include/pki/cli-public-key-base64.xml.i> + <leafNode name="type"> <properties> - <help>Private key in PEM format</help> + <help>SSH public key type</help> + <completionHelp> + <list>ssh-rsa</list> + </completionHelp> + <valueHelp> + <format>ssh-rsa</format> + <description>Key pair based on RSA algorithm</description> + </valueHelp> <constraint> - <validator name="base64"/> + <regex>(ssh-rsa)</regex> </constraint> - <constraintErrorMessage>Private key is not base64-encoded</constraintErrorMessage> - </properties> - </leafNode> - <leafNode name="password-protected"> - <properties> - <help>Private key is password protected</help> - <valueless/> </properties> </leafNode> </children> </node> + <node name="private"> + <properties> + <help>Private key</help> + </properties> + <children> + #include <include/pki/cli-private-key-base64.xml.i> + #include <include/pki/password-protected.xml.i> + </children> + </node> + </children> + </tagNode> + <tagNode name="openssh"> + <properties> + <help>OpenSSH public and private keys</help> + </properties> + <children> + <node name="public"> + <properties> + <help>Public key</help> + </properties> + <children> + #include <include/pki/cli-public-key-base64.xml.i> + </children> + </node> + <node name="private"> + <properties> + <help>Private key</help> + </properties> + <children> + #include <include/pki/cli-private-key-base64.xml.i> + #include <include/pki/password-protected.xml.i> + </children> + </node> </children> </tagNode> <node name="openvpn"> diff --git a/interface-definitions/protocols_rpki.xml.in b/interface-definitions/protocols_rpki.xml.in index a2a0a2799..54d69eadb 100644 --- a/interface-definitions/protocols_rpki.xml.in +++ b/interface-definitions/protocols_rpki.xml.in @@ -4,7 +4,8 @@ <children> <node name="rpki" owner="${vyos_conf_scripts_dir}/protocols_rpki.py"> <properties> - <help>BGP prefix origin validation</help> + <help>Resource Public Key Infrastructure (RPKI)</help> + <priority>819</priority> </properties> <children> <tagNode name="cache"> @@ -46,22 +47,7 @@ <help>RPKI SSH connection settings</help> </properties> <children> - <leafNode name="private-key-file"> - <properties> - <help>RPKI SSH private key file</help> - <constraint> - <validator name="file-path"/> - </constraint> - </properties> - </leafNode> - <leafNode name="public-key-file"> - <properties> - <help>RPKI SSH public key file path</help> - <constraint> - <validator name="file-path"/> - </constraint> - </properties> - </leafNode> + #include <include/pki/openssh-key.xml.i> #include <include/generic-username.xml.i> </children> </node> diff --git a/interface-definitions/service_dhcpv6-server.xml.in b/interface-definitions/service_dhcpv6-server.xml.in index 28b97a64b..daca7b43f 100644 --- a/interface-definitions/service_dhcpv6-server.xml.in +++ b/interface-definitions/service_dhcpv6-server.xml.in @@ -97,6 +97,21 @@ </properties> <children> #include <include/dhcp/option-v6.xml.i> + <leafNode name="interface"> + <properties> + <help>Optional interface for this subnet to accept requests from</help> + <completionHelp> + <script>${vyos_completion_dir}/list_interfaces</script> + </completionHelp> + <valueHelp> + <format>txt</format> + <description>Interface name</description> + </valueHelp> + <constraint> + #include <include/constraint/interface-name.xml.i> + </constraint> + </properties> + </leafNode> <tagNode name="range"> <properties> <help>Parameters setting ranges for assigning IPv6 addresses</help> |