diff options
Diffstat (limited to 'interface-definitions')
63 files changed, 561 insertions, 197 deletions
diff --git a/interface-definitions/dhcp-server.xml.in b/interface-definitions/dhcp-server.xml.in index 60e738e01..6e1592200 100644 --- a/interface-definitions/dhcp-server.xml.in +++ b/interface-definitions/dhcp-server.xml.in @@ -67,10 +67,7 @@ </node> <leafNode name="global-parameters"> <properties> - <help>Additional global parameters for DHCP server. You must - use the syntax of dhcpd.conf in this text-field. Using this - without proper knowledge may result in a crashed DHCP server. - Check system log to look for errors.</help> + <help>Additional global parameters for DHCP server. You must use the syntax of dhcpd.conf in this text-field. Using this without proper knowledge may result in a crashed DHCP server. Check system log to look for errors.</help> <multi/> </properties> </leafNode> @@ -111,10 +108,7 @@ #include <include/name-server-ipv4.xml.i> <leafNode name="shared-network-parameters"> <properties> - <help>Additional shared-network parameters for DHCP server. - You must use the syntax of dhcpd.conf in this text-field. - Using this without proper knowledge may result in a crashed - DHCP server. Check system log to look for errors.</help> + <help>Additional shared-network parameters for DHCP server. You must use the syntax of dhcpd.conf in this text-field. Using this without proper knowledge may result in a crashed DHCP server. Check system log to look for errors.</help> <multi/> </properties> </leafNode> @@ -134,17 +128,38 @@ <leafNode name="bootfile-name"> <properties> <help>Bootstrap file name</help> + <constraint> + <regex>[-_a-zA-Z0-9./]+</regex> + </constraint> </properties> </leafNode> <leafNode name="bootfile-server"> <properties> - <help>Server (IP address or domain name) from which the initial - boot file is to be loaded</help> + <help>Server from which the initial boot file is to be loaded</help> + <valueHelp> + <format>ipv4</format> + <description>Bootfile server IPv4 address</description> + </valueHelp> + <valueHelp> + <format>hostname</format> + <description>Bootfile server FQDN</description> + </valueHelp> + <constraint> + <validator name="ipv4-address"/> + <validator name="fqdn"/> + </constraint> </properties> </leafNode> <leafNode name="bootfile-size"> <properties> - <help>Bootstrap file size in 512 byte blocks</help> + <help>Bootstrap file size</help> + <valueHelp> + <format>u32:1-16</format> + <description>Bootstrap file size in 512 byte blocks</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 1-16"/> + </constraint> </properties> </leafNode> <leafNode name="client-prefix-length"> @@ -326,11 +341,7 @@ </leafNode> <leafNode name="static-mapping-parameters"> <properties> - <help>Additional static-mapping parameters for DHCP server. - Will be placed inside the "host" block of the mapping. - You must use the syntax of dhcpd.conf in this text-field. - Using this without proper knowledge may result in a crashed - DHCP server. Check system log to look for errors.</help> + <help>Additional static-mapping parameters for DHCP server. Will be placed inside the "host" block of the mapping. You must use the syntax of dhcpd.conf in this text-field. Using this without proper knowledge may result in a crashed DHCP server. Check system log to look for errors.</help> <multi/> </properties> </leafNode> @@ -338,7 +349,7 @@ </tagNode> <tagNode name="static-route"> <properties> - <help>Classless static route destination subnet [REQUIRED]</help> + <help>Classless static route destination subnet</help> <valueHelp> <format>ipv4net</format> <description>IPv4 address and prefix length</description> @@ -364,10 +375,7 @@ </tagNode > <leafNode name="subnet-parameters"> <properties> - <help>Additional subnet parameters for DHCP server. You must - use the syntax of dhcpd.conf in this text-field. Using this - without proper knowledge may result in a crashed DHCP server. - Check system log to look for errors.</help> + <help>Additional subnet parameters for DHCP server. You must use the syntax of dhcpd.conf in this text-field. Using this without proper knowledge may result in a crashed DHCP server. Check system log to look for errors.</help> <multi/> </properties> </leafNode> diff --git a/interface-definitions/dhcpv6-server.xml.in b/interface-definitions/dhcpv6-server.xml.in index 10335b07e..9dff68a24 100644 --- a/interface-definitions/dhcpv6-server.xml.in +++ b/interface-definitions/dhcpv6-server.xml.in @@ -32,7 +32,7 @@ </leafNode> <tagNode name="shared-network-name"> <properties> - <help>DHCPv6 shared network name [REQUIRED]</help> + <help>DHCPv6 shared network name</help> <constraint> <regex>[-_a-zA-Z0-9.]+</regex> </constraint> @@ -64,7 +64,7 @@ </node> <tagNode name="subnet"> <properties> - <help>IPv6 DHCP subnet for this shared network [REQUIRED]</help> + <help>IPv6 DHCP subnet for this shared network</help> <valueHelp> <format>ipv6net</format> <description>IPv6 address and prefix length</description> diff --git a/interface-definitions/dns-domain-name.xml.in b/interface-definitions/dns-domain-name.xml.in index 0d6418272..70b2fb271 100644 --- a/interface-definitions/dns-domain-name.xml.in +++ b/interface-definitions/dns-domain-name.xml.in @@ -91,7 +91,7 @@ </leafNode> <leafNode name="inet"> <properties> - <help>IP Address [REQUIRED]</help> + <help>IP Address</help> <valueHelp> <format>ipv4</format> <description>IPv4 address</description> diff --git a/interface-definitions/dns-dynamic.xml.in b/interface-definitions/dns-dynamic.xml.in index 6bc467b76..e41ba7f60 100644 --- a/interface-definitions/dns-dynamic.xml.in +++ b/interface-definitions/dns-dynamic.xml.in @@ -14,7 +14,7 @@ <children> <tagNode name="interface"> <properties> - <help>Interface to send DDNS updates for [REQUIRED]</help> + <help>Interface to send DDNS updates for</help> <completionHelp> <script>${vyos_completion_dir}/list_interfaces.py</script> </completionHelp> @@ -27,7 +27,7 @@ <children> <leafNode name="key"> <properties> - <help>File containing the secret key shared with remote DNS server [REQUIRED]</help> + <help>File containing the secret key shared with remote DNS server</help> <valueHelp> <format>filename</format> <description>File in /config/auth directory</description> @@ -36,13 +36,13 @@ </leafNode> <leafNode name="record"> <properties> - <help>Record to be updated [REQUIRED]</help> + <help>Record to be updated</help> <multi/> </properties> </leafNode> <leafNode name="server"> <properties> - <help>Server to be updated [REQUIRED]</help> + <help>Server to be updated</help> </properties> </leafNode> <leafNode name="ttl"> @@ -60,14 +60,14 @@ </leafNode> <leafNode name="zone"> <properties> - <help>Zone to be updated [REQUIRED]</help> + <help>Zone to be updated</help> </properties> </leafNode> </children> </tagNode> <tagNode name="service"> <properties> - <help>Service being used for Dynamic DNS [REQUIRED]</help> + <help>Service being used for Dynamic DNS</help> <completionHelp> <list>afraid changeip cloudflare dnspark dslreports dyndns easydns namecheap noip sitelutions zoneedit</list> </completionHelp> @@ -127,23 +127,23 @@ <children> <leafNode name="host-name"> <properties> - <help>Hostname registered with DDNS service [REQUIRED]</help> + <help>Hostname registered with DDNS service</help> <multi/> </properties> </leafNode> <leafNode name="login"> <properties> - <help>Login for DDNS service [REQUIRED]</help> + <help>Login for DDNS service</help> </properties> </leafNode> <leafNode name="password"> <properties> - <help>Password for DDNS service [REQUIRED]</help> + <help>Password for DDNS service</help> </properties> </leafNode> <leafNode name="protocol"> <properties> - <help>ddclient protocol used for DDNS service [REQUIRED FOR CUSTOM]</help> + <help>ddclient protocol used for DDNS service</help> <completionHelp> <list>changeip cloudflare dnsmadeeasy dnspark dondominio dslreports1 dtdns duckdns dyndns2 easydns freedns freemyip googledomains hammernode1 namecheap nfsn noip sitelutions woima yandex zoneedit1</list> </completionHelp> @@ -239,7 +239,7 @@ </leafNode> <leafNode name="server"> <properties> - <help>Server to send DDNS update to [REQUIRED FOR CUSTOM]</help> + <help>Server to send DDNS update to</help> <valueHelp> <format>IPv4</format> <description>IP address of DDNS server</description> diff --git a/interface-definitions/dns-forwarding.xml.in b/interface-definitions/dns-forwarding.xml.in index 6ead3e199..3de0dc0eb 100644 --- a/interface-definitions/dns-forwarding.xml.in +++ b/interface-definitions/dns-forwarding.xml.in @@ -36,6 +36,18 @@ <multi/> </properties> </leafNode> + <leafNode name="dns64-prefix"> + <properties> + <help>Help to communicate between IPv6-only client and IPv4-only server</help> + <valueHelp> + <format>ipv6net</format> + <description>IPv6 address and /96 only prefix length</description> + </valueHelp> + <constraint> + <validator name="ipv6-prefix"/> + </constraint> + </properties> + </leafNode> <leafNode name="dnssec"> <properties> <help>DNSSEC mode</help> @@ -133,14 +145,18 @@ <format>@</format> <description>Root record</description> </valueHelp> + <valueHelp> + <format>any</format> + <description>Wildcard record (any subdomain)</description> + </valueHelp> <constraint> - <regex>([-_a-zA-Z0-9.]{1,63}|@)(?<!\.)</regex> + <regex>([-_a-zA-Z0-9.]{1,63}|@|any)(?<!\.)</regex> </constraint> </properties> <children> <leafNode name="address"> <properties> - <help>IPv4 address [REQUIRED]</help> + <help>IPv4 address</help> <valueHelp> <format>ipv4</format> <description>IPv4 address</description> @@ -166,14 +182,18 @@ <format>@</format> <description>Root record</description> </valueHelp> + <valueHelp> + <format>any</format> + <description>Wildcard record (any subdomain)</description> + </valueHelp> <constraint> - <regex>([-_a-zA-Z0-9.]{1,63}|@)(?<!\.)</regex> + <regex>([-_a-zA-Z0-9.]{1,63}|@|any)(?<!\.)</regex> </constraint> </properties> <children> <leafNode name="address"> <properties> - <help>IPv6 address [REQUIRED]</help> + <help>IPv6 address</help> <valueHelp> <format>ipv6</format> <description>IPv6 address</description> @@ -206,7 +226,7 @@ <children> <leafNode name="target"> <properties> - <help>Target DNS name [REQUIRED]</help> + <help>Target DNS name</help> <valueHelp> <format>name.example.com</format> <description>An absolute DNS name</description> @@ -238,7 +258,7 @@ <children> <tagNode name="server"> <properties> - <help>Mail server [REQUIRED]</help> + <help>Mail server</help> <valueHelp> <format>name.example.com</format> <description>An absolute DNS name</description> @@ -285,7 +305,7 @@ <children> <leafNode name="target"> <properties> - <help>Target DNS name [REQUIRED]</help> + <help>Target DNS name</help> <valueHelp> <format>name.example.com</format> <description>An absolute DNS name</description> @@ -317,7 +337,7 @@ <children> <leafNode name="value"> <properties> - <help>Record contents [REQUIRED]</help> + <help>Record contents</help> <valueHelp> <format>text</format> <description>Record contents</description> @@ -347,7 +367,7 @@ <children> <leafNode name="value"> <properties> - <help>Record contents [REQUIRED]</help> + <help>Record contents</help> <valueHelp> <format>text</format> <description>Record contents</description> @@ -376,7 +396,7 @@ <children> <tagNode name="entry"> <properties> - <help>Service entry [REQUIRED]</help> + <help>Service entry</help> <valueHelp> <format>u32:0-65535</format> <description>Entry number</description> @@ -388,7 +408,7 @@ <children> <leafNode name="hostname"> <properties> - <help>Server hostname [REQUIRED]</help> + <help>Server hostname</help> <valueHelp> <format>name.example.com</format> <description>An absolute DNS name</description> @@ -400,7 +420,7 @@ </leafNode> <leafNode name="port"> <properties> - <help>Port number [REQUIRED]</help> + <help>Port number</help> <valueHelp> <format>u32:0-65535</format> <description>TCP/UDP port number</description> @@ -460,7 +480,7 @@ <children> <tagNode name="rule"> <properties> - <help>NAPTR rule [REQUIRED]</help> + <help>NAPTR rule</help> <valueHelp> <format>u32:0-65535</format> <description>Rule number</description> diff --git a/interface-definitions/firewall.xml.in b/interface-definitions/firewall.xml.in index ff8d92a24..2e9452dfd 100644 --- a/interface-definitions/firewall.xml.in +++ b/interface-definitions/firewall.xml.in @@ -97,6 +97,40 @@ <multi/> </properties> </leafNode> + <leafNode name="include"> + <properties> + <help>Include another address-group</help> + <completionHelp> + <path>firewall group address-group</path> + </completionHelp> + <multi/> + </properties> + </leafNode> + #include <include/generic-description.xml.i> + </children> + </tagNode> + <tagNode name="domain-group"> + <properties> + <help>Firewall domain-group</help> + <constraint> + <regex>[a-zA-Z_][a-zA-Z0-9][\w\-\.]*</regex> + </constraint> + <constraintErrorMessage>Name of domain-group can only contain alpha-numeric letters, hyphen, underscores and not start with numeric</constraintErrorMessage> + </properties> + <children> + <leafNode name="address"> + <properties> + <help>Domain-group member</help> + <valueHelp> + <format>txt</format> + <description>Domain address to match</description> + </valueHelp> + <constraint> + <regex>[a-z0-9]+([\-\.]{1}[a-z0-9]+)*\.[a-z]{2,99}?(\/.*)?</regex> + </constraint> + <multi/> + </properties> + </leafNode> #include <include/generic-description.xml.i> </children> </tagNode> @@ -126,6 +160,15 @@ <multi/> </properties> </leafNode> + <leafNode name="include"> + <properties> + <help>Include another ipv6-address-group</help> + <completionHelp> + <path>firewall group ipv6-address-group</path> + </completionHelp> + <multi/> + </properties> + </leafNode> #include <include/generic-description.xml.i> </children> </tagNode> @@ -151,6 +194,15 @@ <multi/> </properties> </leafNode> + <leafNode name="include"> + <properties> + <help>Include another ipv6-network-group</help> + <completionHelp> + <path>firewall group ipv6-network-group</path> + </completionHelp> + <multi/> + </properties> + </leafNode> </children> </tagNode> <tagNode name="mac-group"> @@ -175,6 +227,15 @@ <multi/> </properties> </leafNode> + <leafNode name="include"> + <properties> + <help>Include another mac-group</help> + <completionHelp> + <path>firewall group mac-group</path> + </completionHelp> + <multi/> + </properties> + </leafNode> </children> </tagNode> <tagNode name="network-group"> @@ -199,6 +260,15 @@ <multi/> </properties> </leafNode> + <leafNode name="include"> + <properties> + <help>Include another network-group</help> + <completionHelp> + <path>firewall group network-group</path> + </completionHelp> + <multi/> + </properties> + </leafNode> </children> </tagNode> <tagNode name="port-group"> @@ -231,6 +301,15 @@ </constraint> </properties> </leafNode> + <leafNode name="include"> + <properties> + <help>Include another port-group</help> + <completionHelp> + <path>firewall group port-group</path> + </completionHelp> + <multi/> + </properties> + </leafNode> </children> </tagNode> </children> @@ -287,6 +366,7 @@ </properties> <children> #include <include/firewall/address-ipv6.xml.i> + #include <include/firewall/geoip.xml.i> #include <include/firewall/source-destination-group-ipv6.xml.i> #include <include/firewall/port.xml.i> </children> @@ -297,6 +377,7 @@ </properties> <children> #include <include/firewall/address-ipv6.xml.i> + #include <include/firewall/geoip.xml.i> #include <include/firewall/source-destination-group-ipv6.xml.i> #include <include/firewall/port.xml.i> </children> @@ -473,6 +554,7 @@ </properties> <children> #include <include/firewall/address.xml.i> + #include <include/firewall/geoip.xml.i> #include <include/firewall/source-destination-group.xml.i> #include <include/firewall/port.xml.i> </children> @@ -483,6 +565,7 @@ </properties> <children> #include <include/firewall/address.xml.i> + #include <include/firewall/geoip.xml.i> #include <include/firewall/source-destination-group.xml.i> #include <include/firewall/port.xml.i> </children> @@ -520,6 +603,49 @@ #include <include/firewall/icmp-type-name.xml.i> </children> </node> + <node name="ttl"> + <properties> + <help>Time to live limit</help> + </properties> + <children> + <leafNode name="eq"> + <properties> + <help>Value to match a ttl equal to it</help> + <valueHelp> + <format>u32:0-255</format> + <description>ttl equal to value</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 0-255"/> + </constraint> + </properties> + </leafNode> + <leafNode name="gt"> + <properties> + <help>Value to match a ttl greater than or equal to it</help> + <valueHelp> + <format>u32:0-255</format> + <description>ttl greater than value</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 0-255"/> + </constraint> + </properties> + </leafNode> + <leafNode name="lt"> + <properties> + <help>Value to match a ttl less than or equal to it</help> + <valueHelp> + <format>u32:0-255</format> + <description>ttl less than value</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 0-255"/> + </constraint> + </properties> + </leafNode> + </children> + </node> </children> </tagNode> </children> @@ -599,7 +725,7 @@ </properties> <children> #include <include/firewall/action-accept-drop-reject.xml.i> - #include <include/firewall/log.xml.i> + #include <include/firewall/rule-log-level.xml.i> </children> </node> <node name="invalid"> @@ -608,7 +734,7 @@ </properties> <children> #include <include/firewall/action-accept-drop-reject.xml.i> - #include <include/firewall/log.xml.i> + #include <include/firewall/rule-log-level.xml.i> </children> </node> <node name="related"> @@ -617,7 +743,7 @@ </properties> <children> #include <include/firewall/action-accept-drop-reject.xml.i> - #include <include/firewall/log.xml.i> + #include <include/firewall/rule-log-level.xml.i> </children> </node> </children> diff --git a/interface-definitions/igmp-proxy.xml.in b/interface-definitions/igmp-proxy.xml.in index 8e738fa7f..50cb33a93 100644 --- a/interface-definitions/igmp-proxy.xml.in +++ b/interface-definitions/igmp-proxy.xml.in @@ -18,7 +18,7 @@ </leafNode> <tagNode name="interface"> <properties> - <help>Interface for IGMP proxy [REQUIRED]</help> + <help>Interface for IGMP proxy</help> <completionHelp> <script>${vyos_completion_dir}/list_interfaces.py</script> </completionHelp> diff --git a/interface-definitions/include/bgp/protocol-common-config.xml.i b/interface-definitions/include/bgp/protocol-common-config.xml.i index abaff5232..c1b465e43 100644 --- a/interface-definitions/include/bgp/protocol-common-config.xml.i +++ b/interface-definitions/include/bgp/protocol-common-config.xml.i @@ -1156,7 +1156,7 @@ <children> <leafNode name="identifier"> <properties> - <help>Confederation AS identifier [REQUIRED]</help> + <help>Confederation AS identifier</help> <valueHelp> <format>u32:1-4294967294</format> <description>Confederation AS id</description> @@ -1208,7 +1208,7 @@ <children> <leafNode name="half-life"> <properties> - <help>Half-life time for dampening [REQUIRED]</help> + <help>Half-life time for dampening</help> <valueHelp> <format>u32:1-45</format> <description>Half-life penalty in minutes</description> @@ -1220,7 +1220,7 @@ </leafNode> <leafNode name="max-suppress-time"> <properties> - <help>Maximum duration to suppress a stable route [REQUIRED]</help> + <help>Maximum duration to suppress a stable route</help> <valueHelp> <format>u32:1-255</format> <description>Maximum suppress duration in minutes</description> @@ -1232,7 +1232,7 @@ </leafNode> <leafNode name="re-use"> <properties> - <help>Threshold to start reusing a route [REQUIRED]</help> + <help>Threshold to start reusing a route</help> <valueHelp> <format>u32:1-20000</format> <description>Re-use penalty points</description> @@ -1244,7 +1244,7 @@ </leafNode> <leafNode name="start-suppress-time"> <properties> - <help>When to start suppressing a route [REQUIRED]</help> + <help>When to start suppressing a route</help> <valueHelp> <format>u32:1-20000</format> <description>Start-suppress penalty points</description> diff --git a/interface-definitions/include/bgp/remote-as.xml.i b/interface-definitions/include/bgp/remote-as.xml.i index 58595b3b9..79d3b95a9 100644 --- a/interface-definitions/include/bgp/remote-as.xml.i +++ b/interface-definitions/include/bgp/remote-as.xml.i @@ -1,7 +1,7 @@ <!-- include start from bgp/remote-as.xml.i --> <leafNode name="remote-as"> <properties> - <help>Neighbor BGP AS number [REQUIRED]</help> + <help>Neighbor BGP AS number</help> <completionHelp> <list>external internal</list> </completionHelp> diff --git a/interface-definitions/include/firewall/action.xml.i b/interface-definitions/include/firewall/action.xml.i index 0f60e3c38..512cc23bd 100644 --- a/interface-definitions/include/firewall/action.xml.i +++ b/interface-definitions/include/firewall/action.xml.i @@ -1,7 +1,7 @@ <!-- include start from firewall/action.xml.i --> <leafNode name="action"> <properties> - <help>Rule action [REQUIRED]</help> + <help>Rule action</help> <completionHelp> <list>accept reject drop</list> </completionHelp> diff --git a/interface-definitions/include/firewall/common-rule.xml.i b/interface-definitions/include/firewall/common-rule.xml.i index 2a5137dbf..079864122 100644 --- a/interface-definitions/include/firewall/common-rule.xml.i +++ b/interface-definitions/include/firewall/common-rule.xml.i @@ -95,6 +95,7 @@ </constraint> </properties> </leafNode> +#include <include/firewall/rule-log-level.xml.i> <node name="connection-status"> <properties> <help>Connection status</help> diff --git a/interface-definitions/include/firewall/geoip.xml.i b/interface-definitions/include/firewall/geoip.xml.i new file mode 100644 index 000000000..9fb37a574 --- /dev/null +++ b/interface-definitions/include/firewall/geoip.xml.i @@ -0,0 +1,28 @@ +<!-- include start from firewall/geoip.xml.i --> +<node name="geoip"> + <properties> + <help>GeoIP options - Data provided by DB-IP.com</help> + </properties> + <children> + <leafNode name="country-code"> + <properties> + <help>GeoIP country code</help> + <valueHelp> + <format><country></format> + <description>Country code (2 characters)</description> + </valueHelp> + <constraint> + <regex>^(ad|ae|af|ag|ai|al|am|ao|aq|ar|as|at|au|aw|ax|az|ba|bb|bd|be|bf|bg|bh|bi|bj|bl|bm|bn|bo|bq|br|bs|bt|bv|bw|by|bz|ca|cc|cd|cf|cg|ch|ci|ck|cl|cm|cn|co|cr|cu|cv|cw|cx|cy|cz|de|dj|dk|dm|do|dz|ec|ee|eg|eh|er|es|et|fi|fj|fk|fm|fo|fr|ga|gb|gd|ge|gf|gg|gh|gi|gl|gm|gn|gp|gq|gr|gs|gt|gu|gw|gy|hk|hm|hn|hr|ht|hu|id|ie|il|im|in|io|iq|ir|is|it|je|jm|jo|jp|ke|kg|kh|ki|km|kn|kp|kr|kw|ky|kz|la|lb|lc|li|lk|lr|ls|lt|lu|lv|ly|ma|mc|md|me|mf|mg|mh|mk|ml|mm|mn|mo|mp|mq|mr|ms|mt|mu|mv|mw|mx|my|mz|na|nc|ne|nf|ng|ni|nl|no|np|nr|nu|nz|om|pa|pe|pf|pg|ph|pk|pl|pm|pn|pr|ps|pt|pw|py|qa|re|ro|rs|ru|rw|sa|sb|sc|sd|se|sg|sh|si|sj|sk|sl|sm|sn|so|sr|ss|st|sv|sx|sy|sz|tc|td|tf|tg|th|tj|tk|tl|tm|tn|to|tr|tt|tv|tw|tz|ua|ug|um|us|uy|uz|va|vc|ve|vg|vi|vn|vu|wf|ws|ye|yt|za|zm|zw)$</regex> + </constraint> + <multi /> + </properties> + </leafNode> + <leafNode name="inverse-match"> + <properties> + <help>Inverse match of country-codes</help> + <valueless/> + </properties> + </leafNode> + </children> +</node> +<!-- include end --> diff --git a/interface-definitions/include/firewall/name-default-log.xml.i b/interface-definitions/include/firewall/name-default-log.xml.i index 979395146..1d0ff9497 100644 --- a/interface-definitions/include/firewall/name-default-log.xml.i +++ b/interface-definitions/include/firewall/name-default-log.xml.i @@ -5,4 +5,4 @@ <valueless/> </properties> </leafNode> -<!-- include end --> +<!-- include end -->
\ No newline at end of file diff --git a/interface-definitions/include/firewall/rule-log-level.xml.i b/interface-definitions/include/firewall/rule-log-level.xml.i new file mode 100644 index 000000000..10c8de5e3 --- /dev/null +++ b/interface-definitions/include/firewall/rule-log-level.xml.i @@ -0,0 +1,45 @@ +<!-- include start from firewall/common-rule.xml.i --> +<leafNode name="log-level"> + <properties> + <help>Set log-level. Log must be enable.</help> + <completionHelp> + <list>emerg alert crit err warn notice info debug</list> + </completionHelp> + <valueHelp> + <format>emerg</format> + <description>Emerg log level</description> + </valueHelp> + <valueHelp> + <format>alert</format> + <description>Alert log level</description> + </valueHelp> + <valueHelp> + <format>crit</format> + <description>Critical log level</description> + </valueHelp> + <valueHelp> + <format>err</format> + <description>Error log level</description> + </valueHelp> + <valueHelp> + <format>warn</format> + <description>Warning log level</description> + </valueHelp> + <valueHelp> + <format>notice</format> + <description>Notice log level</description> + </valueHelp> + <valueHelp> + <format>info</format> + <description>Info log level</description> + </valueHelp> + <valueHelp> + <format>debug</format> + <description>Debug log level</description> + </valueHelp> + <constraint> + <regex>(emerg|alert|crit|err|warn|notice|info|debug)</regex> + </constraint> + </properties> +</leafNode> +<!-- include end -->
\ No newline at end of file diff --git a/interface-definitions/include/firewall/source-destination-group.xml.i b/interface-definitions/include/firewall/source-destination-group.xml.i index ab11e89e9..6ebee356c 100644 --- a/interface-definitions/include/firewall/source-destination-group.xml.i +++ b/interface-definitions/include/firewall/source-destination-group.xml.i @@ -12,6 +12,14 @@ </completionHelp> </properties> </leafNode> + <leafNode name="domain-group"> + <properties> + <help>Group of domains</help> + <completionHelp> + <path>firewall group domain-group</path> + </completionHelp> + </properties> + </leafNode> #include <include/firewall/mac-group.xml.i> <leafNode name="network-group"> <properties> diff --git a/interface-definitions/include/generic-interface-multi.xml.i b/interface-definitions/include/generic-interface-multi.xml.i index 44e87775c..65aae28ae 100644 --- a/interface-definitions/include/generic-interface-multi.xml.i +++ b/interface-definitions/include/generic-interface-multi.xml.i @@ -1,7 +1,7 @@ <!-- include start from generic-interface-multi.xml.i --> <leafNode name="interface"> <properties> - <help>Interface Name to use</help> + <help>Interface to use</help> <completionHelp> <script>${vyos_completion_dir}/list_interfaces.py</script> </completionHelp> diff --git a/interface-definitions/include/generic-interface.xml.i b/interface-definitions/include/generic-interface.xml.i index 50af718a5..8b4cf1d65 100644 --- a/interface-definitions/include/generic-interface.xml.i +++ b/interface-definitions/include/generic-interface.xml.i @@ -1,7 +1,7 @@ <!-- include start from generic-interface.xml.i --> <leafNode name="interface"> <properties> - <help>Interface Name to use</help> + <help>Interface to use</help> <completionHelp> <script>${vyos_completion_dir}/list_interfaces.py</script> </completionHelp> diff --git a/interface-definitions/include/interface/address-ipv4-ipv6-dhcp.xml.i b/interface-definitions/include/interface/address-ipv4-ipv6-dhcp.xml.i index b9dd59bea..5057ed9ae 100644 --- a/interface-definitions/include/interface/address-ipv4-ipv6-dhcp.xml.i +++ b/interface-definitions/include/interface/address-ipv4-ipv6-dhcp.xml.i @@ -1,4 +1,4 @@ -<!-- include start from address-ipv4-ipv6-dhcp.xml.i --> +<!-- include start from interface/address-ipv4-ipv6-dhcp.xml.i --> <leafNode name="address"> <properties> <help>IP address</help> diff --git a/interface-definitions/include/interface/address-ipv4-ipv6.xml.i b/interface-definitions/include/interface/address-ipv4-ipv6.xml.i index 519622050..d689da5aa 100644 --- a/interface-definitions/include/interface/address-ipv4-ipv6.xml.i +++ b/interface-definitions/include/interface/address-ipv4-ipv6.xml.i @@ -1,4 +1,4 @@ -<!-- include start from address-ipv4-ipv6.xml.i --> +<!-- include start from interface/address-ipv4-ipv6.xml.i --> <leafNode name="address"> <properties> <help>IP address</help> diff --git a/interface-definitions/include/interface/enable-directed-broadcast.xml.i b/interface-definitions/include/interface/enable-directed-broadcast.xml.i new file mode 100644 index 000000000..a87395806 --- /dev/null +++ b/interface-definitions/include/interface/enable-directed-broadcast.xml.i @@ -0,0 +1,8 @@ +<!-- include start from interface/enable-directed-broadcast.xml.i --> +<leafNode name="enable-directed-broadcast"> + <properties> + <help>Enable directed broadcast forwarding on this interface</help> + <valueless/> + </properties> +</leafNode> +<!-- include end --> diff --git a/interface-definitions/include/interface/ipv4-options.xml.i b/interface-definitions/include/interface/ipv4-options.xml.i index bca1229c6..eda77e851 100644 --- a/interface-definitions/include/interface/ipv4-options.xml.i +++ b/interface-definitions/include/interface/ipv4-options.xml.i @@ -8,6 +8,7 @@ #include <include/interface/arp-cache-timeout.xml.i> #include <include/interface/disable-arp-filter.xml.i> #include <include/interface/disable-forwarding.xml.i> + #include <include/interface/enable-directed-broadcast.xml.i> #include <include/interface/enable-arp-accept.xml.i> #include <include/interface/enable-arp-announce.xml.i> #include <include/interface/enable-arp-ignore.xml.i> diff --git a/interface-definitions/include/monitoring/url.xml.i b/interface-definitions/include/monitoring/url.xml.i index 32c81122d..fd61c38ea 100644 --- a/interface-definitions/include/monitoring/url.xml.i +++ b/interface-definitions/include/monitoring/url.xml.i @@ -1,7 +1,7 @@ <!-- include start from monitoring/url.xml.i --> <leafNode name="url"> <properties> - <help>Remote URL [REQUIRED]</help> + <help>Remote URL</help> <valueHelp> <format>url</format> <description>Remote URL</description> diff --git a/interface-definitions/include/ospf/protocol-common-config.xml.i b/interface-definitions/include/ospf/protocol-common-config.xml.i index c156d5b1c..791bbc0f8 100644 --- a/interface-definitions/include/ospf/protocol-common-config.xml.i +++ b/interface-definitions/include/ospf/protocol-common-config.xml.i @@ -16,7 +16,7 @@ <children> <leafNode name="export"> <properties> - <help>Filter for outgoing routing update [REQUIRED]</help> + <help>Filter for outgoing routing update</help> <completionHelp> <list>bgp connected kernel rip static</list> </completionHelp> @@ -178,10 +178,10 @@ </leafNode> <leafNode name="network"> <properties> - <help>OSPF network [REQUIRED]</help> + <help>OSPF network</help> <valueHelp> <format>ipv4net</format> - <description>OSPF network [REQUIRED]</description> + <description>OSPF network</description> </valueHelp> <constraint> <validator name="ipv4-prefix"/> diff --git a/interface-definitions/include/pki/ca-certificate-multi.xml.i b/interface-definitions/include/pki/ca-certificate-multi.xml.i new file mode 100644 index 000000000..646131b54 --- /dev/null +++ b/interface-definitions/include/pki/ca-certificate-multi.xml.i @@ -0,0 +1,15 @@ +<!-- include start from pki/ca-certificate-multi.xml.i --> +<leafNode name="ca-certificate"> + <properties> + <help>Certificate Authority chain in PKI configuration</help> + <completionHelp> + <path>pki ca</path> + </completionHelp> + <valueHelp> + <format>txt</format> + <description>Name of CA in PKI configuration</description> + </valueHelp> + <multi/> + </properties> +</leafNode> +<!-- include end --> diff --git a/interface-definitions/include/policy/action.xml.i b/interface-definitions/include/policy/action.xml.i index 0a3dc158a..5aa865523 100644 --- a/interface-definitions/include/policy/action.xml.i +++ b/interface-definitions/include/policy/action.xml.i @@ -1,7 +1,7 @@ <!-- include start from policy/action.xml.i --> <leafNode name="action"> <properties> - <help>Action to take on entries matching this rule [REQUIRED]</help> + <help>Action to take on entries matching this rule</help> <completionHelp> <list>permit deny</list> </completionHelp> diff --git a/interface-definitions/include/policy/route-rule-action.xml.i b/interface-definitions/include/policy/route-rule-action.xml.i index 1217055f2..456a21400 100644 --- a/interface-definitions/include/policy/route-rule-action.xml.i +++ b/interface-definitions/include/policy/route-rule-action.xml.i @@ -1,7 +1,7 @@ <!-- include start from policy/route-rule-action.xml.i --> <leafNode name="action"> <properties> - <help>Rule action [REQUIRED]</help> + <help>Rule action</help> <completionHelp> <list>drop</list> </completionHelp> diff --git a/interface-definitions/include/version/monitoring-version.xml.i b/interface-definitions/include/version/monitoring-version.xml.i new file mode 100644 index 000000000..6a275a5d8 --- /dev/null +++ b/interface-definitions/include/version/monitoring-version.xml.i @@ -0,0 +1,3 @@ +<!-- include start from include/version/monitoring-version.xml.i --> +<syntaxVersion component='monitoring' version='1'></syntaxVersion> +<!-- include end --> diff --git a/interface-definitions/include/version/system-version.xml.i b/interface-definitions/include/version/system-version.xml.i index 3cf92001c..b7650c782 100644 --- a/interface-definitions/include/version/system-version.xml.i +++ b/interface-definitions/include/version/system-version.xml.i @@ -1,3 +1,3 @@ <!-- include start from include/version/system-version.xml.i --> -<syntaxVersion component='system' version='24'></syntaxVersion> +<syntaxVersion component='system' version='25'></syntaxVersion> <!-- include end --> diff --git a/interface-definitions/interfaces-bonding.xml.in b/interface-definitions/interfaces-bonding.xml.in index 96dede723..8b6c6ef62 100644 --- a/interface-definitions/interfaces-bonding.xml.in +++ b/interface-definitions/interfaces-bonding.xml.in @@ -94,6 +94,23 @@ #include <include/interface/ipv4-options.xml.i> #include <include/interface/ipv6-options.xml.i> #include <include/interface/mac.xml.i> + <leafNode name="mii-mon-interval"> + <properties> + <help>Specifies the MII link monitoring frequency in milliseconds</help> + <valueHelp> + <format>u32:0</format> + <description>Disable MII link monitoring</description> + </valueHelp> + <valueHelp> + <format>u32:50-1000</format> + <description>MII link monitoring frequency in milliseconds</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 0-0 --range 50-1000"/> + </constraint> + </properties> + <defaultValue>100</defaultValue> + </leafNode> <leafNode name="min-links"> <properties> <help>Minimum number of member interfaces required up before enabling bond</help> diff --git a/interface-definitions/interfaces-bridge.xml.in b/interface-definitions/interfaces-bridge.xml.in index 60edf3ce2..48ee1efbc 100644 --- a/interface-definitions/interfaces-bridge.xml.in +++ b/interface-definitions/interfaces-bridge.xml.in @@ -73,12 +73,18 @@ </leafNode> <node name="igmp"> <properties> - <help>Internet Group Management Protocol (IGMP) settings</help> + <help>Internet Group Management Protocol (IGMP) and Multicast Listener Discovery (MLD) settings</help> </properties> <children> <leafNode name="querier"> <properties> - <help>Enable IGMP querier</help> + <help>Enable IGMP/MLD querier</help> + <valueless/> + </properties> + </leafNode> + <leafNode name="snooping"> + <properties> + <help>Enable IGMP/MLD snooping</help> <valueless/> </properties> </leafNode> diff --git a/interface-definitions/interfaces-macsec.xml.in b/interface-definitions/interfaces-macsec.xml.in index dbb989588..adb48813f 100644 --- a/interface-definitions/interfaces-macsec.xml.in +++ b/interface-definitions/interfaces-macsec.xml.in @@ -63,11 +63,12 @@ <properties> <help>Secure Connectivity Association Key</help> <valueHelp> - <format>key</format> - <description>16-byte (128-bit) hex-string (32 hex-digits)</description> + <format>txt</format> + <description>16-byte (128-bit) hex-string (32 hex-digits) for gcm-aes-128 or 32-byte (256-bit) hex-string (64 hex-digits) for gcm-aes-256</description> </valueHelp> <constraint> <regex>[A-Fa-f0-9]{32}</regex> + <regex>[A-Fa-f0-9]{64}</regex> </constraint> </properties> </leafNode> @@ -75,7 +76,7 @@ <properties> <help>Secure Connectivity Association Key Name</help> <valueHelp> - <format>key</format> + <format>txt</format> <description>32-byte (256-bit) hex-string (64 hex-digits)</description> </valueHelp> <constraint> diff --git a/interface-definitions/interfaces-openvpn.xml.in b/interface-definitions/interfaces-openvpn.xml.in index bfad6d70f..6cbd91ff4 100644 --- a/interface-definitions/interfaces-openvpn.xml.in +++ b/interface-definitions/interfaces-openvpn.xml.in @@ -305,10 +305,7 @@ </leafNode> <leafNode name="openvpn-option"> <properties> - <help>Additional OpenVPN options. You must - use the syntax of openvpn.conf in this text-field. Using this - without proper knowledge may result in a crashed OpenVPN server. - Check system log to look for errors.</help> + <help>Additional OpenVPN options. You must use the syntax of openvpn.conf in this text-field. Using this without proper knowledge may result in a crashed OpenVPN server. Check system log to look for errors.</help> <multi/> </properties> </leafNode> @@ -502,10 +499,7 @@ </leafNode> <leafNode name="subnet-mask"> <properties> - <help>Subnet mask pushed to dynamic clients. - If not set the server subnet mask will be used. - Only used with topology subnet or device type tap. - Not used with bridged interfaces.</help> + <help>Subnet mask pushed to dynamic clients. If not set the server subnet mask will be used. Only used with topology subnet or device type tap. Not used with bridged interfaces.</help> <constraint> <validator name="ipv4-address"/> </constraint> @@ -747,7 +741,7 @@ </properties> </leafNode> #include <include/pki/certificate.xml.i> - #include <include/pki/ca-certificate.xml.i> + #include <include/pki/ca-certificate-multi.xml.i> <leafNode name="dh-params"> <properties> <help>Diffie Hellman parameters (server only)</help> diff --git a/interface-definitions/interfaces-pppoe.xml.in b/interface-definitions/interfaces-pppoe.xml.in index 664914baa..9674cfc0e 100644 --- a/interface-definitions/interfaces-pppoe.xml.in +++ b/interface-definitions/interfaces-pppoe.xml.in @@ -4,7 +4,7 @@ <children> <tagNode name="pppoe" owner="${vyos_conf_scripts_dir}/interfaces-pppoe.py"> <properties> - <help>Point-to-Point Protocol over Ethernet (PPPoE)</help> + <help>Point-to-Point Protocol over Ethernet (PPPoE) Interface</help> <priority>322</priority> <constraint> <regex>pppoe[0-9]+</regex> diff --git a/interface-definitions/interfaces-pseudo-ethernet.xml.in b/interface-definitions/interfaces-pseudo-ethernet.xml.in index 6b62f4c61..53e6445fa 100644 --- a/interface-definitions/interfaces-pseudo-ethernet.xml.in +++ b/interface-definitions/interfaces-pseudo-ethernet.xml.in @@ -4,7 +4,7 @@ <children> <tagNode name="pseudo-ethernet" owner="${vyos_conf_scripts_dir}/interfaces-pseudo-ethernet.py"> <properties> - <help>Pseudo Ethernet</help> + <help>Pseudo Ethernet Interface (Macvlan)</help> <priority>321</priority> <constraint> <regex>peth[0-9]+</regex> diff --git a/interface-definitions/interfaces-vti.xml.in b/interface-definitions/interfaces-vti.xml.in index b471c3b92..aa83a04b2 100644 --- a/interface-definitions/interfaces-vti.xml.in +++ b/interface-definitions/interfaces-vti.xml.in @@ -4,7 +4,7 @@ <children> <tagNode name="vti" owner="${vyos_conf_scripts_dir}/interfaces-vti.py"> <properties> - <help>Virtual Tunnel interface</help> + <help>Virtual Tunnel Interface (XFRM)</help> <priority>381</priority> <constraint> <regex>vti[0-9]+</regex> @@ -16,19 +16,7 @@ </valueHelp> </properties> <children> - <leafNode name="address"> - <properties> - <help>IP address</help> - <valueHelp> - <format>ipv4net</format> - <description>IPv4 address and prefix length</description> - </valueHelp> - <constraint> - <validator name="ipv4-host"/> - </constraint> - <multi/> - </properties> - </leafNode> + #include <include/interface/address-ipv4-ipv6.xml.i> #include <include/interface/description.xml.i> #include <include/interface/disable.xml.i> #include <include/interface/ipv4-options.xml.i> diff --git a/interface-definitions/interfaces-wireless.xml.in b/interface-definitions/interfaces-wireless.xml.in index eb6107303..daee770a9 100644 --- a/interface-definitions/interfaces-wireless.xml.in +++ b/interface-definitions/interfaces-wireless.xml.in @@ -716,9 +716,7 @@ </leafNode> <leafNode name="passphrase"> <properties> - <help>WPA personal shared pass phrase. If you are - using special characters in the WPA passphrase then single - quotes are required.</help> + <help>WPA personal shared pass phrase. If you are using special characters in the WPA passphrase then single quotes are required.</help> <valueHelp> <format>txt</format> <description>Passphrase of at least 8 but not more than 63 printable characters</description> diff --git a/interface-definitions/ntp.xml.in b/interface-definitions/ntp.xml.in index a518a9def..85636a50f 100644 --- a/interface-definitions/ntp.xml.in +++ b/interface-definitions/ntp.xml.in @@ -81,6 +81,7 @@ </leafNode> </children> </node> + #include <include/generic-interface-multi.xml.i> #include <include/listen-address.xml.i> #include <include/interface/vrf.xml.i> </children> diff --git a/interface-definitions/policy.xml.in b/interface-definitions/policy.xml.in index 83ae714b4..15c2beefa 100644 --- a/interface-definitions/policy.xml.in +++ b/interface-definitions/policy.xml.in @@ -639,7 +639,7 @@ </leafNode> <leafNode name="prefix-len"> <properties> - <help>IP prefix-length to match</help> + <help>IP prefix-length to match (cannot be used for BGP routes)</help> <valueHelp> <format>u32:0-32</format> <description>Prefix length</description> @@ -809,7 +809,7 @@ </leafNode> <leafNode name="prefix-len"> <properties> - <help>IPv6 prefix-length to match</help> + <help>IPv6 prefix-length to match (cannot be used for BGP routes)</help> <valueHelp> <format>u32:0-128</format> <description>Prefix length</description> @@ -852,7 +852,7 @@ <validator name="ipv6-address"/> </constraint> </properties> - </leafNode> + </leafNode> <leafNode name="access-list"> <properties> <help>IPv6 access-list to match</help> @@ -961,8 +961,13 @@ <format>ipv4</format> <description>Peer IP address</description> </valueHelp> + <valueHelp> + <format>ipv6</format> + <description>Peer IPv6 address</description> + </valueHelp> <constraint> <validator name="ipv4-address"/> + <validator name="ipv6-address"/> </constraint> </properties> </leafNode> @@ -1411,6 +1416,7 @@ <description>Metric value</description> </valueHelp> <constraint> + <validator name="numeric" argument="--relative --"/> <validator name="numeric" argument="--range 0-4294967295"/> </constraint> </properties> diff --git a/interface-definitions/protocols-mpls.xml.in b/interface-definitions/protocols-mpls.xml.in index be8e30c18..43ca659e9 100644 --- a/interface-definitions/protocols-mpls.xml.in +++ b/interface-definitions/protocols-mpls.xml.in @@ -6,7 +6,7 @@ <node name="mpls" owner="${vyos_conf_scripts_dir}/protocols_mpls.py"> <properties> <help>Multiprotocol Label Switching (MPLS)</help> - <priority>299</priority> + <priority>400</priority> </properties> <children> <node name="ldp"> diff --git a/interface-definitions/protocols-nhrp.xml.in b/interface-definitions/protocols-nhrp.xml.in index 1e08c6873..d7663c095 100644 --- a/interface-definitions/protocols-nhrp.xml.in +++ b/interface-definitions/protocols-nhrp.xml.in @@ -10,7 +10,7 @@ <children> <tagNode name="tunnel"> <properties> - <help>Tunnel for NHRP [REQUIRED]</help> + <help>Tunnel for NHRP</help> <constraint> <regex>tun[0-9]+</regex> </constraint> @@ -27,6 +27,10 @@ <format>txt</format> <description>Pass phrase for cisco authentication</description> </valueHelp> + <constraint> + <regex>[^[:space:]]{1,8}</regex> + </constraint> + <constraintErrorMessage>Password should contain up to eight non-whitespace characters</constraintErrorMessage> </properties> </leafNode> <tagNode name="dynamic-map"> @@ -40,7 +44,7 @@ <children> <leafNode name="nbma-domain-name"> <properties> - <help>Set HUB fqdn (nbma-address - fqdn) [REQUIRED]</help> + <help>Set HUB fqdn (nbma-address - fqdn)</help> <valueHelp> <format><fqdn></format> <description>Set the external HUB fqdn</description> @@ -67,7 +71,7 @@ </leafNode> <leafNode name="nbma-address"> <properties> - <help>Set HUB address (nbma-address - external hub address or fqdn) [REQUIRED]</help> + <help>Set HUB address (nbma-address - external hub address or fqdn)</help> </properties> </leafNode> <leafNode name="register"> diff --git a/interface-definitions/service_conntrack-sync.xml.in b/interface-definitions/service-conntrack-sync.xml.in index 6fa6fc5f9..6fa6fc5f9 100644 --- a/interface-definitions/service_conntrack-sync.xml.in +++ b/interface-definitions/service-conntrack-sync.xml.in diff --git a/interface-definitions/service_console-server.xml.in b/interface-definitions/service-console-server.xml.in index e9591ad87..e9591ad87 100644 --- a/interface-definitions/service_console-server.xml.in +++ b/interface-definitions/service-console-server.xml.in diff --git a/interface-definitions/service-event-handler.xml.in b/interface-definitions/service-event-handler.xml.in new file mode 100644 index 000000000..aef6bc1bc --- /dev/null +++ b/interface-definitions/service-event-handler.xml.in @@ -0,0 +1,70 @@ +<?xml version="1.0" encoding="UTF-8"?> +<interfaceDefinition> + <node name="service"> + <children> + <node name="event-handler" owner="${vyos_conf_scripts_dir}/service_event_handler.py"> + <properties> + <help>Service event handler</help> + </properties> + <children> + <tagNode name="event"> + <properties> + <help>Event handler name</help> + </properties> + <children> + <node name="filter"> + <properties> + <help>Logs filter settings</help> + </properties> + <children> + <leafNode name="pattern"> + <properties> + <help>Match pattern (regex)</help> + </properties> + </leafNode> + <leafNode name="syslog-identifier"> + <properties> + <help>Identifier of a process in syslog (string)</help> + </properties> + </leafNode> + </children> + </node> + <node name="script"> + <properties> + <help>Event handler script file</help> + </properties> + <children> + <leafNode name="arguments"> + <properties> + <help>Script arguments</help> + </properties> + </leafNode> + <tagNode name="environment"> + <properties> + <help>Script environment arguments</help> + </properties> + <children> + <leafNode name="value"> + <properties> + <help>Environment value</help> + </properties> + </leafNode> + </children> + </tagNode> + <leafNode name="path"> + <properties> + <help>Path to the script</help> + <constraint> + <validator name="script"/> + </constraint> + </properties> + </leafNode> + </children> + </node> + </children> + </tagNode> + </children> + </node> + </children> + </node> +</interfaceDefinition> diff --git a/interface-definitions/service_ipoe-server.xml.in b/interface-definitions/service-ipoe-server.xml.in index e222467b1..cd3aa3638 100644 --- a/interface-definitions/service_ipoe-server.xml.in +++ b/interface-definitions/service-ipoe-server.xml.in @@ -213,6 +213,11 @@ </tagNode> </children> </tagNode> + <node name="radius"> + <children> + #include <include/accel-ppp/radius-additions-rate-limit.xml.i> + </children> + </node> #include <include/radius-server-ipv4.xml.i> #include <include/accel-ppp/radius-additions.xml.i> </children> diff --git a/interface-definitions/service_mdns-repeater.xml.in b/interface-definitions/service-mdns-repeater.xml.in index 9a94f1488..9a94f1488 100644 --- a/interface-definitions/service_mdns-repeater.xml.in +++ b/interface-definitions/service-mdns-repeater.xml.in diff --git a/interface-definitions/service_monitoring_telegraf.xml.in b/interface-definitions/service-monitoring-telegraf.xml.in index bd528ea33..36f40a539 100644 --- a/interface-definitions/service_monitoring_telegraf.xml.in +++ b/interface-definitions/service-monitoring-telegraf.xml.in @@ -13,32 +13,50 @@ <help>Telegraf monitoring</help> </properties> <children> - <node name="authentication"> + <node name="influxdb"> <properties> - <help>Authentication parameters</help> + <help>Output plugin InfluxDB</help> </properties> <children> - <leafNode name="organization"> + <node name="authentication"> <properties> - <help>Authentication organization for InfluxDB v2 [REQUIRED]</help> - <constraint> - <regex>[a-zA-Z][1-9a-zA-Z@_\-.]{2,50}</regex> - </constraint> - <constraintErrorMessage>Organization name must be alphanumeric and can contain hyphens, underscores and at symbol.</constraintErrorMessage> + <help>Authentication parameters</help> </properties> - </leafNode> - <leafNode name="token"> + <children> + <leafNode name="organization"> + <properties> + <help>Authentication organization for InfluxDB v2</help> + <constraint> + <regex>[a-zA-Z][1-9a-zA-Z@_\-.]{2,50}</regex> + </constraint> + <constraintErrorMessage>Organization name must be alphanumeric and can contain hyphens, underscores and at symbol.</constraintErrorMessage> + </properties> + </leafNode> + <leafNode name="token"> + <properties> + <help>Authentication token for InfluxDB v2</help> + <valueHelp> + <format>txt</format> + <description>Authentication token</description> + </valueHelp> + <constraint> + <regex>[a-zA-Z0-9-_]{86}==</regex> + </constraint> + <constraintErrorMessage>Token must be 88 characters long and must contain only [a-zA-Z0-9-_] and '==' characters.</constraintErrorMessage> + </properties> + </leafNode> + </children> + </node> + <leafNode name="bucket"> <properties> - <help>Authentication token for InfluxDB v2 [REQUIRED]</help> - <valueHelp> - <format>txt</format> - <description>Authentication token</description> - </valueHelp> - <constraint> - <regex>[a-zA-Z0-9-_]{86}==</regex> - </constraint> - <constraintErrorMessage>Token must be 88 characters long and must contain only [a-zA-Z0-9-_] and '==' characters.</constraintErrorMessage> + <help>Remote bucket</help> </properties> + <defaultValue>main</defaultValue> + </leafNode> + #include <include/monitoring/url.xml.i> + #include <include/port-number.xml.i> + <leafNode name="port"> + <defaultValue>8086</defaultValue> </leafNode> </children> </node> @@ -83,7 +101,7 @@ </node> <leafNode name="database"> <properties> - <help>Remote database name [REQUIRED]</help> + <help>Remote database name</help> <valueHelp> <format>txt</format> <description>Remote database name</description> @@ -130,12 +148,6 @@ #include <include/monitoring/url.xml.i> </children> </node> - <leafNode name="bucket"> - <properties> - <help>Remote bucket</help> - </properties> - <defaultValue>main</defaultValue> - </leafNode> <leafNode name="source"> <properties> <help>Source parameters for monitoring</help> @@ -281,7 +293,7 @@ </node> <leafNode name="url"> <properties> - <help>Remote URL [REQUIRED]</help> + <help>Remote URL</help> <valueHelp> <format>url</format> <description>Remote URL to Splunk collector</description> @@ -294,11 +306,6 @@ </leafNode> </children> </node> - #include <include/monitoring/url.xml.i> - #include <include/port-number.xml.i> - <leafNode name="port"> - <defaultValue>8086</defaultValue> - </leafNode> </children> </node> </children> diff --git a/interface-definitions/service_pppoe-server.xml.in b/interface-definitions/service-pppoe-server.xml.in index 50f42849b..50f42849b 100644 --- a/interface-definitions/service_pppoe-server.xml.in +++ b/interface-definitions/service-pppoe-server.xml.in diff --git a/interface-definitions/service_router-advert.xml.in b/interface-definitions/service-router-advert.xml.in index bb11e9cd0..258b7b749 100644 --- a/interface-definitions/service_router-advert.xml.in +++ b/interface-definitions/service-router-advert.xml.in @@ -10,7 +10,7 @@ <children> <tagNode name="interface"> <properties> - <help>Interface to send RA on [REQUIRED]</help> + <help>Interface to send RA on</help> <completionHelp> <script>${vyos_completion_dir}/list_interfaces.py</script> </completionHelp> @@ -136,6 +136,23 @@ </children> </node> #include <include/name-server-ipv6.xml.i> + <leafNode name="name-server-lifetime"> + <properties> + <help>Maximum duration how long the RDNSS entries are used</help> + <valueHelp> + <format>u32:0</format> + <description>Name-servers should no longer be used</description> + </valueHelp> + <valueHelp> + <format>u32:1-7200</format> + <description>Maximum interval in seconds</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 1-7200"/> + </constraint> + <constraintErrorMessage>Maximum interval must be between 1 and 7200 seconds</constraintErrorMessage> + </properties> + </leafNode> <leafNode name="other-config-flag"> <properties> <help>Hosts use the administered (stateful) protocol for autoconfiguration of other (non-address) information</help> diff --git a/interface-definitions/service_sla.xml.in b/interface-definitions/service-sla.xml.in index 0c4f8a591..0c4f8a591 100644 --- a/interface-definitions/service_sla.xml.in +++ b/interface-definitions/service-sla.xml.in diff --git a/interface-definitions/service_upnp.xml.in b/interface-definitions/service-upnp.xml.in index a129b7260..a129b7260 100644 --- a/interface-definitions/service_upnp.xml.in +++ b/interface-definitions/service-upnp.xml.in diff --git a/interface-definitions/service_webproxy.xml.in b/interface-definitions/service-webproxy.xml.in index 9a75bc27d..e4609b699 100644 --- a/interface-definitions/service_webproxy.xml.in +++ b/interface-definitions/service-webproxy.xml.in @@ -288,7 +288,7 @@ </leafNode> <tagNode name="listen-address"> <properties> - <help>IPv4 listen-address for WebProxy [REQUIRED]</help> + <help>IPv4 listen-address for WebProxy</help> <completionHelp> <script>${vyos_completion_dir}/list_local_ips.sh --ipv4</script> </completionHelp> @@ -452,7 +452,7 @@ </leafNode> <leafNode name="source-group"> <properties> - <help>Source-group for this rule [REQUIRED]</help> + <help>Source-group for this rule</help> <valueHelp> <format>group</format> <description>Source group identifier for this rule</description> @@ -484,7 +484,7 @@ <description>Name of source group</description> </valueHelp> <constraint> - <regex>[^0-9]</regex> + <regex>[^0-9][a-zA-Z_][a-zA-Z0-9][\w\-\.]*</regex> </constraint> <constraintErrorMessage>URL-filter source-group cannot start with a number!</constraintErrorMessage> </properties> diff --git a/interface-definitions/intel_qat.xml.in b/interface-definitions/system-acceleration-qat.xml.in index 812484184..812484184 100644 --- a/interface-definitions/intel_qat.xml.in +++ b/interface-definitions/system-acceleration-qat.xml.in diff --git a/interface-definitions/system-ip.xml.in b/interface-definitions/system-ip.xml.in index 21d70694b..e00dbf252 100644 --- a/interface-definitions/system-ip.xml.in +++ b/interface-definitions/system-ip.xml.in @@ -23,6 +23,12 @@ <valueless/> </properties> </leafNode> + <leafNode name="disable-directed-broadcast"> + <properties> + <help>Disable IPv4 directed broadcast forwarding on all interfaces</help> + <valueless/> + </properties> + </leafNode> <node name="multipath"> <properties> <help>IPv4 multipath settings</help> diff --git a/interface-definitions/system-lcd.xml.in b/interface-definitions/system-lcd.xml.in index 9b1a15317..0cf4de308 100644 --- a/interface-definitions/system-lcd.xml.in +++ b/interface-definitions/system-lcd.xml.in @@ -10,7 +10,7 @@ <children> <leafNode name="model"> <properties> - <help>Model of the display attached to this system [REQUIRED]</help> + <help>Model of the display attached to this system</help> <completionHelp> <list>cfa-533 cfa-631 cfa-633 cfa-635 hd44780 sdec</list> </completionHelp> diff --git a/interface-definitions/system-syslog.xml.in b/interface-definitions/system-syslog.xml.in index 480cb1ca6..90c3de5c1 100644 --- a/interface-definitions/system-syslog.xml.in +++ b/interface-definitions/system-syslog.xml.in @@ -390,31 +390,6 @@ <help>Logging to system standard location</help> </properties> <children> - <node name="archive"> - <properties> - <help>Log file size and rotation characteristics</help> - </properties> - <children> - <leafNode name="file"> - <properties> - <help>Number of saved files (default is 5)</help> - <constraint> - <regex>[0-9]+</regex> - </constraint> - <constraintErrorMessage>illegal characters in number of files</constraintErrorMessage> - </properties> - </leafNode> - <leafNode name="size"> - <properties> - <help>Size of log files (in kbytes, default is 256)</help> - <constraint> - <regex>[0-9]+</regex> - </constraint> - <constraintErrorMessage>illegal characters in size</constraintErrorMessage> - </properties> - </leafNode> - </children> - </node> <tagNode name="facility"> <properties> <help>Facility for logging</help> diff --git a/interface-definitions/tftp-server.xml.in b/interface-definitions/tftp-server.xml.in index 4963eab3c..8ca4da883 100644 --- a/interface-definitions/tftp-server.xml.in +++ b/interface-definitions/tftp-server.xml.in @@ -11,7 +11,7 @@ <children> <leafNode name="directory"> <properties> - <help>Folder containing files served by TFTP [REQUIRED]</help> + <help>Folder containing files served by TFTP</help> </properties> </leafNode> <leafNode name="allow-upload"> diff --git a/interface-definitions/vpn_ipsec.xml.in b/interface-definitions/vpn-ipsec.xml.in index 555ba689f..d36fbb024 100644 --- a/interface-definitions/vpn_ipsec.xml.in +++ b/interface-definitions/vpn-ipsec.xml.in @@ -19,7 +19,7 @@ </leafNode> <tagNode name="esp-group"> <properties> - <help>Encapsulated Security Payload (ESP) group name</help> + <help>Encapsulating Security Payload (ESP) group name</help> </properties> <children> <leafNode name="compression"> @@ -44,10 +44,10 @@ </leafNode> <leafNode name="lifetime"> <properties> - <help>ESP lifetime</help> + <help>Security Association time to expire</help> <valueHelp> <format>u32:30-86400</format> - <description>ESP lifetime in seconds</description> + <description>SA lifetime in seconds</description> </valueHelp> <constraint> <validator name="numeric" argument="--range 30-86400"/> @@ -57,10 +57,10 @@ </leafNode> <leafNode name="life-bytes"> <properties> - <help>ESP life in bytes</help> + <help>Security Association byte count to expire</help> <valueHelp> <format>u32:1024-26843545600000</format> - <description>ESP life in bytes</description> + <description>SA life in bytes</description> </valueHelp> <constraint> <validator name="numeric" argument="--range 1024-26843545600000"/> @@ -69,10 +69,10 @@ </leafNode> <leafNode name="life-packets"> <properties> - <help>ESP life in packets</help> + <help>Security Association packet count to expire</help> <valueHelp> <format>u32:1000-26843545600000</format> - <description>ESP life in packets</description> + <description>SA life in packets</description> </valueHelp> <constraint> <validator name="numeric" argument="--range 1000-26843545600000"/> @@ -209,7 +209,7 @@ </leafNode> <tagNode name="proposal"> <properties> - <help>ESP group proposal [REQUIRED]</help> + <help>ESP group proposal</help> <valueHelp> <format>u32:1-65535</format> <description>ESP group proposal number</description> @@ -308,13 +308,13 @@ </node> <leafNode name="ikev2-reauth"> <properties> - <help>Re-authentication of the remote peer during an IKE re-key - IKEv2 only</help> + <help>Re-authentication of the remote peer during an IKE re-key (IKEv2 only)</help> <completionHelp> <list>yes no</list> </completionHelp> <valueHelp> <format>yes</format> - <description>Enable remote host re-authentication during an IKE rekey. Currently broken due to a strongswan bug</description> + <description>Enable remote host re-authentication during an IKE rekey (currently broken due to a strongswan bug)</description> </valueHelp> <valueHelp> <format>no</format> @@ -379,7 +379,7 @@ </leafNode> <leafNode name="mode"> <properties> - <help>IKEv1 phase 1 mode selection</help> + <help>IKEv1 phase 1 mode</help> <completionHelp> <list>main aggressive</list> </completionHelp> @@ -530,10 +530,10 @@ <children> <leafNode name="level"> <properties> - <help>strongSwan logging Level</help> + <help>Global IPsec logging Level</help> <valueHelp> <format>0</format> - <description>Very basic auditing logs e.g. SA up/SA down</description> + <description>Very basic auditing logs (e.g., SA up/SA down)</description> </valueHelp> <valueHelp> <format>1</format> @@ -663,13 +663,13 @@ </node> <tagNode name="profile"> <properties> - <help>VPN IPSec profile</help> + <help>VPN IPsec profile</help> </properties> <children> #include <include/generic-disable-node.xml.i> <node name="authentication"> <properties> - <help>Authentication [REQUIRED]</help> + <help>Authentication</help> </properties> <children> <leafNode name="mode"> @@ -689,7 +689,7 @@ </node> <node name="bind"> <properties> - <help>DMVPN crypto configuration</help> + <help>DMVPN tunnel configuration</help> </properties> <children> <leafNode name="tunnel"> @@ -951,7 +951,7 @@ #include <include/generic-disable-node.xml.i> <node name="authentication"> <properties> - <help>Peer authentication [REQUIRED]</help> + <help>Peer authentication</help> </properties> <children> #include <include/ipsec/authentication-id.xml.i> @@ -1010,7 +1010,7 @@ </valueHelp> <valueHelp> <format>respond</format> - <description>Bring the connection up only if traffic is detected</description> + <description>Wait for the peer to initiate the connection</description> </valueHelp> <valueHelp> <format>none</format> @@ -1077,10 +1077,10 @@ #include <include/ipsec/local-address.xml.i> <tagNode name="tunnel"> <properties> - <help>Peer tunnel [REQUIRED]</help> + <help>Peer tunnel</help> <valueHelp> <format>u32</format> - <description>Peer tunnel [REQUIRED]</description> + <description>Peer tunnel</description> </valueHelp> </properties> <children> @@ -1090,10 +1090,10 @@ #include <include/ip-protocol.xml.i> <leafNode name="priority"> <properties> - <help>Priority for IPSec policy (lowest value more preferable)</help> + <help>Priority for IPsec policy (lowest value more preferable)</help> <valueHelp> <format>u32:1-100</format> - <description>Priority for IPSec policy (lowest value more preferable)</description> + <description>Priority for IPsec policy (lowest value more preferable)</description> </valueHelp> <constraint> <validator name="numeric" argument="--range 1-100"/> @@ -1144,7 +1144,7 @@ </leafNode> <node name="vti"> <properties> - <help>Virtual tunnel interface [REQUIRED]</help> + <help>Virtual tunnel interface</help> </properties> <children> <leafNode name="bind"> diff --git a/interface-definitions/vpn_l2tp.xml.in b/interface-definitions/vpn-l2tp.xml.in index f734283e7..f734283e7 100644 --- a/interface-definitions/vpn_l2tp.xml.in +++ b/interface-definitions/vpn-l2tp.xml.in diff --git a/interface-definitions/vpn_openconnect.xml.in b/interface-definitions/vpn-openconnect.xml.in index 21b47125d..21b47125d 100644 --- a/interface-definitions/vpn_openconnect.xml.in +++ b/interface-definitions/vpn-openconnect.xml.in diff --git a/interface-definitions/vpn_pptp.xml.in b/interface-definitions/vpn-pptp.xml.in index 28a53acb9..28a53acb9 100644 --- a/interface-definitions/vpn_pptp.xml.in +++ b/interface-definitions/vpn-pptp.xml.in diff --git a/interface-definitions/vpn_sstp.xml.in b/interface-definitions/vpn-sstp.xml.in index fe2fea9f8..195d581df 100644 --- a/interface-definitions/vpn_sstp.xml.in +++ b/interface-definitions/vpn-sstp.xml.in @@ -37,6 +37,10 @@ </children> </node> #include <include/accel-ppp/client-ipv6-pool.xml.i> + #include <include/port-number.xml.i> + <leafNode name="port"> + <defaultValue>443</defaultValue> + </leafNode> <node name="ppp-options"> <properties> <help>PPP (Point-to-Point Protocol) settings</help> diff --git a/interface-definitions/xml-component-version.xml.in b/interface-definitions/xml-component-version.xml.in index b7f063a6c..cf86f83d6 100644 --- a/interface-definitions/xml-component-version.xml.in +++ b/interface-definitions/xml-component-version.xml.in @@ -20,6 +20,7 @@ #include <include/version/l2tp-version.xml.i> #include <include/version/lldp-version.xml.i> #include <include/version/mdns-version.xml.i> + #include <include/version/monitoring-version.xml.i> #include <include/version/nat66-version.xml.i> #include <include/version/nat-version.xml.i> #include <include/version/ntp-version.xml.i> diff --git a/interface-definitions/zone-policy.xml.in b/interface-definitions/zone-policy.xml.in index 8af0dcfb6..dca4c59d1 100644 --- a/interface-definitions/zone-policy.xml.in +++ b/interface-definitions/zone-policy.xml.in @@ -19,6 +19,7 @@ </properties> <children> #include <include/generic-description.xml.i> + #include <include/firewall/name-default-log.xml.i> <leafNode name="default-action"> <properties> <help>Default-action for traffic coming into this zone</help> |