summaryrefslogtreecommitdiff
path: root/interface-definitions
diff options
context:
space:
mode:
Diffstat (limited to 'interface-definitions')
-rw-r--r--interface-definitions/container.xml.in12
-rw-r--r--interface-definitions/firewall.xml.in26
-rw-r--r--interface-definitions/include/bgp/neighbor-disable-connected-check.xml.i2
-rw-r--r--interface-definitions/include/bgp/protocol-common-config.xml.i6
-rw-r--r--interface-definitions/include/constraint/alpha-numeric-hyphen-underscore-dot.xml.i2
-rw-r--r--interface-definitions/include/constraint/vrf.xml.i6
-rw-r--r--interface-definitions/include/firewall/global-options.xml.i20
-rw-r--r--interface-definitions/include/interface/mtu-68-16000.xml.i1
-rw-r--r--interface-definitions/include/interface/vrf.xml.i1
-rw-r--r--interface-definitions/include/qos/queue-average-packet.xml.i16
-rw-r--r--interface-definitions/include/qos/queue-mark-probability.xml.i16
-rw-r--r--interface-definitions/include/qos/queue-maximum-threshold.xml.i16
-rw-r--r--interface-definitions/include/qos/queue-minimum-threshold.xml.i15
-rw-r--r--interface-definitions/include/version/container-version.xml.i2
-rw-r--r--interface-definitions/include/version/firewall-version.xml.i2
-rw-r--r--interface-definitions/include/vrf-multi.xml.i22
-rw-r--r--interface-definitions/interfaces_bonding.xml.in3
-rw-r--r--interface-definitions/interfaces_bridge.xml.in3
-rw-r--r--interface-definitions/interfaces_dummy.xml.in3
-rw-r--r--interface-definitions/interfaces_vti.xml.in3
-rw-r--r--interface-definitions/interfaces_wireguard.xml.in2
-rw-r--r--interface-definitions/nat_cgnat.xml.in197
-rw-r--r--interface-definitions/qos.xml.in67
-rw-r--r--interface-definitions/service_config-sync.xml.in6
-rw-r--r--interface-definitions/service_conntrack-sync.xml.in6
-rw-r--r--interface-definitions/service_dhcp-server.xml.in21
-rw-r--r--interface-definitions/service_ssh.xml.in2
-rw-r--r--interface-definitions/system_ip.xml.in6
-rw-r--r--interface-definitions/vrf.xml.in5
29 files changed, 404 insertions, 85 deletions
diff --git a/interface-definitions/container.xml.in b/interface-definitions/container.xml.in
index 7e1f4811a..e7dacea36 100644
--- a/interface-definitions/container.xml.in
+++ b/interface-definitions/container.xml.in
@@ -21,11 +21,11 @@
<valueless/>
</properties>
</leafNode>
- <leafNode name="cap-add">
+ <leafNode name="capability">
<properties>
- <help>Container capabilities/permissions</help>
+ <help>Grant individual Linux capability to container instance</help>
<completionHelp>
- <list>net-admin net-bind-service net-raw setpcap sys-admin sys-module sys-time</list>
+ <list>net-admin net-bind-service net-raw setpcap sys-admin sys-module sys-nice sys-time</list>
</completionHelp>
<valueHelp>
<format>net-admin</format>
@@ -52,11 +52,15 @@
<description>Load, unload and delete kernel modules</description>
</valueHelp>
<valueHelp>
+ <format>sys-nice</format>
+ <description>Permission to set process nice value</description>
+ </valueHelp>
+ <valueHelp>
<format>sys-time</format>
<description>Permission to set system clock</description>
</valueHelp>
<constraint>
- <regex>(net-admin|net-bind-service|net-raw|setpcap|sys-admin|sys-module|sys-time)</regex>
+ <regex>(net-admin|net-bind-service|net-raw|setpcap|sys-admin|sys-module|sys-nice|sys-time)</regex>
</constraint>
<multi/>
</properties>
diff --git a/interface-definitions/firewall.xml.in b/interface-definitions/firewall.xml.in
index 3219471b1..24e63c5ec 100644
--- a/interface-definitions/firewall.xml.in
+++ b/interface-definitions/firewall.xml.in
@@ -56,8 +56,9 @@
<properties>
<help>Firewall address-group</help>
<constraint>
- <regex>[a-zA-Z0-9][\w\-\.]*</regex>
+ #include <include/constraint/alpha-numeric-hyphen-underscore-dot.xml.i>
</constraint>
+ <constraintErrorMessage>Name of firewall group can only contain alphanumeric letters, hyphen, underscores and dot</constraintErrorMessage>
</properties>
<children>
<leafNode name="address">
@@ -96,7 +97,7 @@
<constraint>
<regex>[a-zA-Z_][a-zA-Z0-9]?[\w\-\.]*</regex>
</constraint>
- <constraintErrorMessage>Name of domain-group can only contain alpha-numeric letters, hyphen, underscores and not start with numeric</constraintErrorMessage>
+ <constraintErrorMessage>Name of domain-group can only contain alphanumeric letters, hyphen, underscores and not start with numeric</constraintErrorMessage>
</properties>
<children>
<leafNode name="address">
@@ -124,8 +125,9 @@
<properties>
<help>Firewall dynamic address group</help>
<constraint>
- <regex>[a-zA-Z0-9][\w\-\.]*</regex>
+ #include <include/constraint/alpha-numeric-hyphen-underscore-dot.xml.i>
</constraint>
+ <constraintErrorMessage>Name of firewall group can only contain alphanumeric letters, hyphen, underscores and dot</constraintErrorMessage>
</properties>
<children>
#include <include/generic-description.xml.i>
@@ -148,8 +150,9 @@
<properties>
<help>Firewall interface-group</help>
<constraint>
- <regex>[a-zA-Z0-9][\w\-\.]*</regex>
+ #include <include/constraint/alpha-numeric-hyphen-underscore-dot.xml.i>
</constraint>
+ <constraintErrorMessage>Name of firewall group can only contain alphanumeric letters, hyphen, underscores and dot</constraintErrorMessage>
</properties>
<children>
<leafNode name="interface">
@@ -177,8 +180,9 @@
<properties>
<help>Firewall ipv6-address-group</help>
<constraint>
- <regex>[a-zA-Z0-9][\w\-\.]*</regex>
+ #include <include/constraint/alpha-numeric-hyphen-underscore-dot.xml.i>
</constraint>
+ <constraintErrorMessage>Name of firewall group can only contain alphanumeric letters, hyphen, underscores and dot</constraintErrorMessage>
</properties>
<children>
<leafNode name="address">
@@ -215,8 +219,9 @@
<properties>
<help>Firewall ipv6-network-group</help>
<constraint>
- <regex>[a-zA-Z0-9][\w\-\.]*</regex>
+ #include <include/constraint/alpha-numeric-hyphen-underscore-dot.xml.i>
</constraint>
+ <constraintErrorMessage>Name of firewall group can only contain alphanumeric letters, hyphen, underscores and dot</constraintErrorMessage>
</properties>
<children>
#include <include/generic-description.xml.i>
@@ -248,8 +253,9 @@
<properties>
<help>Firewall mac-group</help>
<constraint>
- <regex>[a-zA-Z0-9][\w\-\.]*</regex>
+ #include <include/constraint/alpha-numeric-hyphen-underscore-dot.xml.i>
</constraint>
+ <constraintErrorMessage>Name of firewall group can only contain alphanumeric letters, hyphen, underscores and dot</constraintErrorMessage>
</properties>
<children>
#include <include/generic-description.xml.i>
@@ -281,8 +287,9 @@
<properties>
<help>Firewall network-group</help>
<constraint>
- <regex>[a-zA-Z0-9][\w\-\.]*</regex>
+ #include <include/constraint/alpha-numeric-hyphen-underscore-dot.xml.i>
</constraint>
+ <constraintErrorMessage>Name of firewall group can only contain alphanumeric letters, hyphen, underscores and dot</constraintErrorMessage>
</properties>
<children>
#include <include/generic-description.xml.i>
@@ -314,8 +321,9 @@
<properties>
<help>Firewall port-group</help>
<constraint>
- <regex>[a-zA-Z0-9][\w\-\.]*</regex>
+ #include <include/constraint/alpha-numeric-hyphen-underscore-dot.xml.i>
</constraint>
+ <constraintErrorMessage>Name of firewall group can only contain alphanumeric letters, hyphen, underscores and dot</constraintErrorMessage>
</properties>
<children>
#include <include/generic-description.xml.i>
diff --git a/interface-definitions/include/bgp/neighbor-disable-connected-check.xml.i b/interface-definitions/include/bgp/neighbor-disable-connected-check.xml.i
index cb8b610b4..aef5a55e9 100644
--- a/interface-definitions/include/bgp/neighbor-disable-connected-check.xml.i
+++ b/interface-definitions/include/bgp/neighbor-disable-connected-check.xml.i
@@ -1,7 +1,7 @@
<!-- include start from bgp/neighbor-disable-connected-check.xml.i -->
<leafNode name="disable-connected-check">
<properties>
- <help>Disable check to see if eBGP peer address is a connected route</help>
+ <help>Allow peerings between eBGP peer using loopback/dummy address</help>
<valueless/>
</properties>
</leafNode>
diff --git a/interface-definitions/include/bgp/protocol-common-config.xml.i b/interface-definitions/include/bgp/protocol-common-config.xml.i
index ca67eaf3c..0f05625a7 100644
--- a/interface-definitions/include/bgp/protocol-common-config.xml.i
+++ b/interface-definitions/include/bgp/protocol-common-config.xml.i
@@ -1249,6 +1249,12 @@
<valueless/>
</properties>
</leafNode>
+ <leafNode name="disable-ebgp-connected-route-check">
+ <properties>
+ <help>Disable checking if nexthop is connected on eBGP session</help>
+ <valueless/>
+ </properties>
+ </leafNode>
<leafNode name="always-compare-med">
<properties>
<help>Always compare MEDs from different neighbors</help>
diff --git a/interface-definitions/include/constraint/alpha-numeric-hyphen-underscore-dot.xml.i b/interface-definitions/include/constraint/alpha-numeric-hyphen-underscore-dot.xml.i
index 7aeb85260..34c94e53c 100644
--- a/interface-definitions/include/constraint/alpha-numeric-hyphen-underscore-dot.xml.i
+++ b/interface-definitions/include/constraint/alpha-numeric-hyphen-underscore-dot.xml.i
@@ -1,3 +1,3 @@
<!-- include start from constraint/alpha-numeric-hyphen-underscore-dot.xml.i -->
-<regex>[-_a-zA-Z0-9.]+</regex>
+<regex>[-_a-zA-Z0-9][\w\-\.\+]*</regex>
<!-- include end -->
diff --git a/interface-definitions/include/constraint/vrf.xml.i b/interface-definitions/include/constraint/vrf.xml.i
new file mode 100644
index 000000000..a1922bb6d
--- /dev/null
+++ b/interface-definitions/include/constraint/vrf.xml.i
@@ -0,0 +1,6 @@
+<!-- include start from constraint/vrf.xml.i -->
+<constraint>
+ <validator name="vrf-name"/>
+</constraint>
+<constraintErrorMessage>VRF instance name must be 15 characters or less and can not\nbe named as regular network interfaces.\nA name must starts from a letter.\n</constraintErrorMessage>
+<!-- include end -->
diff --git a/interface-definitions/include/firewall/global-options.xml.i b/interface-definitions/include/firewall/global-options.xml.i
index 415d85f05..9cd0b3239 100644
--- a/interface-definitions/include/firewall/global-options.xml.i
+++ b/interface-definitions/include/firewall/global-options.xml.i
@@ -44,6 +44,26 @@
</properties>
<defaultValue>disable</defaultValue>
</leafNode>
+ <leafNode name="directed-broadcast">
+ <properties>
+ <help>Policy for handling IPv4 directed broadcast forwarding on all interfaces</help>
+ <completionHelp>
+ <list>enable disable</list>
+ </completionHelp>
+ <valueHelp>
+ <format>enable</format>
+ <description>Enable IPv4 directed broadcast forwarding on all interfaces</description>
+ </valueHelp>
+ <valueHelp>
+ <format>disable</format>
+ <description>Disable IPv4 directed broadcast forwarding on all interfaces</description>
+ </valueHelp>
+ <constraint>
+ <regex>(enable|disable)</regex>
+ </constraint>
+ </properties>
+ <defaultValue>enable</defaultValue>
+ </leafNode>
<leafNode name="ip-src-route">
<properties>
<help>Policy for handling IPv4 packets with source route option</help>
diff --git a/interface-definitions/include/interface/mtu-68-16000.xml.i b/interface-definitions/include/interface/mtu-68-16000.xml.i
index cb666f470..df1b7b716 100644
--- a/interface-definitions/include/interface/mtu-68-16000.xml.i
+++ b/interface-definitions/include/interface/mtu-68-16000.xml.i
@@ -11,6 +11,5 @@
</constraint>
<constraintErrorMessage>MTU must be between 68 and 16000</constraintErrorMessage>
</properties>
- <defaultValue>1500</defaultValue>
</leafNode>
<!-- include end -->
diff --git a/interface-definitions/include/interface/vrf.xml.i b/interface-definitions/include/interface/vrf.xml.i
index 8605f56e8..ef0058f86 100644
--- a/interface-definitions/include/interface/vrf.xml.i
+++ b/interface-definitions/include/interface/vrf.xml.i
@@ -9,6 +9,7 @@
<completionHelp>
<path>vrf name</path>
</completionHelp>
+ #include <include/constraint/vrf.xml.i>
</properties>
</leafNode>
<!-- include end -->
diff --git a/interface-definitions/include/qos/queue-average-packet.xml.i b/interface-definitions/include/qos/queue-average-packet.xml.i
new file mode 100644
index 000000000..2f8bfe266
--- /dev/null
+++ b/interface-definitions/include/qos/queue-average-packet.xml.i
@@ -0,0 +1,16 @@
+<!-- include start from qos/queue-average-packet.xml.i -->
+<leafNode name="average-packet">
+ <properties>
+ <help>Average packet size (bytes)</help>
+ <valueHelp>
+ <format>u32:16-10240</format>
+ <description>Average packet size in bytes</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 16-10240"/>
+ </constraint>
+ <constraintErrorMessage>Average packet size must be between 16 and 10240</constraintErrorMessage>
+ </properties>
+ <defaultValue>1024</defaultValue>
+</leafNode>
+<!-- include end -->
diff --git a/interface-definitions/include/qos/queue-mark-probability.xml.i b/interface-definitions/include/qos/queue-mark-probability.xml.i
new file mode 100644
index 000000000..1a2862845
--- /dev/null
+++ b/interface-definitions/include/qos/queue-mark-probability.xml.i
@@ -0,0 +1,16 @@
+<!-- include start from qos/queue-mark-probability.xml.i -->
+<leafNode name="mark-probability">
+ <properties>
+ <help>Mark probability for random detection</help>
+ <valueHelp>
+ <format>u32</format>
+ <description>Numeric value (1/N)</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--positive"/>
+ </constraint>
+ <constraintErrorMessage>Mark probability must be greater than 0</constraintErrorMessage>
+ </properties>
+ <defaultValue>10</defaultValue>
+</leafNode>
+<!-- include end -->
diff --git a/interface-definitions/include/qos/queue-maximum-threshold.xml.i b/interface-definitions/include/qos/queue-maximum-threshold.xml.i
new file mode 100644
index 000000000..66d17ccc4
--- /dev/null
+++ b/interface-definitions/include/qos/queue-maximum-threshold.xml.i
@@ -0,0 +1,16 @@
+<!-- include start from qos/queue-maximum-threshold.xml.i -->
+<leafNode name="maximum-threshold">
+ <properties>
+ <help>Maximum threshold for random detection</help>
+ <valueHelp>
+ <format>u32:0-4096</format>
+ <description>Maximum threshold in packets</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 0-4096"/>
+ </constraint>
+ <constraintErrorMessage>Threshold must be between 0 and 4096</constraintErrorMessage>
+ </properties>
+ <defaultValue>18</defaultValue>
+</leafNode>
+<!-- include end -->
diff --git a/interface-definitions/include/qos/queue-minimum-threshold.xml.i b/interface-definitions/include/qos/queue-minimum-threshold.xml.i
new file mode 100644
index 000000000..81e12d6e2
--- /dev/null
+++ b/interface-definitions/include/qos/queue-minimum-threshold.xml.i
@@ -0,0 +1,15 @@
+<!-- include start from qos/queue-minimum-threshold.xml.i -->
+<leafNode name="minimum-threshold">
+ <properties>
+ <help>Minimum threshold for random detection</help>
+ <valueHelp>
+ <format>u32:0-4096</format>
+ <description>Minimum threshold in packets</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 0-4096"/>
+ </constraint>
+ <constraintErrorMessage>Threshold must be between 0 and 4096</constraintErrorMessage>
+ </properties>
+</leafNode>
+<!-- include end -->
diff --git a/interface-definitions/include/version/container-version.xml.i b/interface-definitions/include/version/container-version.xml.i
index 129469cec..ed6e942cd 100644
--- a/interface-definitions/include/version/container-version.xml.i
+++ b/interface-definitions/include/version/container-version.xml.i
@@ -1,3 +1,3 @@
<!-- include start from include/version/container-version.xml.i -->
-<syntaxVersion component='container' version='1'></syntaxVersion>
+<syntaxVersion component='container' version='2'></syntaxVersion>
<!-- include end -->
diff --git a/interface-definitions/include/version/firewall-version.xml.i b/interface-definitions/include/version/firewall-version.xml.i
index 6702ee041..fa8e26f78 100644
--- a/interface-definitions/include/version/firewall-version.xml.i
+++ b/interface-definitions/include/version/firewall-version.xml.i
@@ -1,3 +1,3 @@
<!-- include start from include/version/firewall-version.xml.i -->
-<syntaxVersion component='firewall' version='14'></syntaxVersion>
+<syntaxVersion component='firewall' version='15'></syntaxVersion>
<!-- include end -->
diff --git a/interface-definitions/include/vrf-multi.xml.i b/interface-definitions/include/vrf-multi.xml.i
new file mode 100644
index 000000000..0b22894e4
--- /dev/null
+++ b/interface-definitions/include/vrf-multi.xml.i
@@ -0,0 +1,22 @@
+<!-- include start from interface/vrf.xml.i -->
+<leafNode name="vrf">
+ <properties>
+ <help>VRF instance name</help>
+ <completionHelp>
+ <path>vrf name</path>
+ <list>default</list>
+ </completionHelp>
+ <valueHelp>
+ <format>default</format>
+ <description>Explicitly start in default VRF</description>
+ </valueHelp>
+ <valueHelp>
+ <format>txt</format>
+ <description>VRF instance name</description>
+ </valueHelp>
+ #include <include/constraint/vrf.xml.i>
+ <multi/>
+ </properties>
+ <defaultValue>default</defaultValue>
+</leafNode>
+<!-- include end -->
diff --git a/interface-definitions/interfaces_bonding.xml.in b/interface-definitions/interfaces_bonding.xml.in
index 62ee0bdc7..92c0911db 100644
--- a/interface-definitions/interfaces_bonding.xml.in
+++ b/interface-definitions/interfaces_bonding.xml.in
@@ -261,6 +261,9 @@
</children>
</node>
#include <include/interface/mtu-68-16000.xml.i>
+ <leafNode name="mtu">
+ <defaultValue>1500</defaultValue>
+ </leafNode>
<leafNode name="primary">
<properties>
<help>Primary device interface</help>
diff --git a/interface-definitions/interfaces_bridge.xml.in b/interface-definitions/interfaces_bridge.xml.in
index 7fb5f121a..29dd61df5 100644
--- a/interface-definitions/interfaces_bridge.xml.in
+++ b/interface-definitions/interfaces_bridge.xml.in
@@ -41,6 +41,9 @@
#include <include/interface/disable.xml.i>
#include <include/interface/vrf.xml.i>
#include <include/interface/mtu-68-16000.xml.i>
+ <leafNode name="mtu">
+ <defaultValue>1500</defaultValue>
+ </leafNode>
<leafNode name="forwarding-delay">
<properties>
<help>Forwarding delay</help>
diff --git a/interface-definitions/interfaces_dummy.xml.in b/interface-definitions/interfaces_dummy.xml.in
index ef8ee78e7..36b4e41f2 100644
--- a/interface-definitions/interfaces_dummy.xml.in
+++ b/interface-definitions/interfaces_dummy.xml.in
@@ -46,6 +46,9 @@
</children>
</node>
#include <include/interface/mtu-68-16000.xml.i>
+ <leafNode name="mtu">
+ <defaultValue>1500</defaultValue>
+ </leafNode>
#include <include/interface/mirror.xml.i>
#include <include/interface/netns.xml.i>
#include <include/interface/redirect.xml.i>
diff --git a/interface-definitions/interfaces_vti.xml.in b/interface-definitions/interfaces_vti.xml.in
index 158d9afd0..39fb3131e 100644
--- a/interface-definitions/interfaces_vti.xml.in
+++ b/interface-definitions/interfaces_vti.xml.in
@@ -22,6 +22,9 @@
#include <include/interface/ipv4-options.xml.i>
#include <include/interface/ipv6-options.xml.i>
#include <include/interface/mtu-68-16000.xml.i>
+ <leafNode name="mtu">
+ <defaultValue>1500</defaultValue>
+ </leafNode>
#include <include/interface/mirror.xml.i>
#include <include/interface/redirect.xml.i>
#include <include/interface/vrf.xml.i>
diff --git a/interface-definitions/interfaces_wireguard.xml.in b/interface-definitions/interfaces_wireguard.xml.in
index fba1064ef..ce49de038 100644
--- a/interface-definitions/interfaces_wireguard.xml.in
+++ b/interface-definitions/interfaces_wireguard.xml.in
@@ -21,10 +21,10 @@
#include <include/interface/disable.xml.i>
#include <include/port-number.xml.i>
#include <include/interface/mtu-68-16000.xml.i>
- #include <include/interface/mirror.xml.i>
<leafNode name="mtu">
<defaultValue>1420</defaultValue>
</leafNode>
+ #include <include/interface/mirror.xml.i>
#include <include/interface/ipv4-options.xml.i>
#include <include/interface/ipv6-options.xml.i>
<leafNode name="fwmark">
diff --git a/interface-definitions/nat_cgnat.xml.in b/interface-definitions/nat_cgnat.xml.in
new file mode 100644
index 000000000..caa26b4d9
--- /dev/null
+++ b/interface-definitions/nat_cgnat.xml.in
@@ -0,0 +1,197 @@
+<?xml version="1.0"?>
+<interfaceDefinition>
+ <node name="nat">
+ <children>
+ <node name="cgnat" owner="${vyos_conf_scripts_dir}/nat_cgnat.py">
+ <properties>
+ <help>Carrier-grade NAT (CGNAT) parameters</help>
+ <priority>221</priority>
+ </properties>
+ <children>
+ <node name="pool">
+ <properties>
+ <help>External and internal pool parameters</help>
+ </properties>
+ <children>
+ <tagNode name="external">
+ <properties>
+ <help>External pool name</help>
+ <valueHelp>
+ <format>txt</format>
+ <description>External pool name</description>
+ </valueHelp>
+ <constraint>
+ #include <include/constraint/alpha-numeric-hyphen-underscore-dot.xml.i>
+ </constraint>
+ <constraintErrorMessage>Name of pool can only contain alpha-numeric letters, hyphen and underscores</constraintErrorMessage>
+ </properties>
+ <children>
+ <leafNode name="external-port-range">
+ <properties>
+ <help>Port range</help>
+ <valueHelp>
+ <format>range</format>
+ <description>Numbered port range (e.g., 1001-1005)</description>
+ </valueHelp>
+ <constraint>
+ <validator name="port-range"/>
+ </constraint>
+ </properties>
+ <defaultValue>1024-65535</defaultValue>
+ </leafNode>
+ <node name="per-user-limit">
+ <properties>
+ <help>Per user limits for the pool</help>
+ </properties>
+ <children>
+ <leafNode name="port">
+ <properties>
+ <help>Ports per user</help>
+ <valueHelp>
+ <format>u32:1-65535</format>
+ <description>Numeric IP port</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1-65535"/>
+ </constraint>
+ </properties>
+ <defaultValue>2000</defaultValue>
+ </leafNode>
+ </children>
+ </node>
+ <tagNode name="range">
+ <properties>
+ <help>Range of IP addresses</help>
+ <valueHelp>
+ <format>ipv4net</format>
+ <description>IPv4 prefix</description>
+ </valueHelp>
+ <valueHelp>
+ <format>ipv4range</format>
+ <description>IPv4 address range</description>
+ </valueHelp>
+ <constraint>
+ <validator name="ipv4-prefix"/>
+ <validator name="ipv4-host"/>
+ <validator name="ipv4-range"/>
+ </constraint>
+ </properties>
+ <children>
+ <leafNode name="seq">
+ <properties>
+ <help>Sequence</help>
+ <valueHelp>
+ <format>u32:1-999999</format>
+ <description>Sequence number</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1-999999"/>
+ </constraint>
+ <constraintErrorMessage>Sequence number must be between 1 and 999999</constraintErrorMessage>
+ </properties>
+ </leafNode>
+ </children>
+ </tagNode>
+ </children>
+ </tagNode>
+ <tagNode name="internal">
+ <properties>
+ <help>Internal pool name</help>
+ <valueHelp>
+ <format>txt</format>
+ <description>Internal pool name</description>
+ </valueHelp>
+ <constraint>
+ #include <include/constraint/alpha-numeric-hyphen-underscore-dot.xml.i>
+ </constraint>
+ <constraintErrorMessage>Name of pool can only contain alpha-numeric letters, hyphen and underscores</constraintErrorMessage>
+ </properties>
+ <children>
+ <leafNode name="range">
+ <properties>
+ <help>Range of IP addresses</help>
+ <valueHelp>
+ <format>ipv4net</format>
+ <description>IPv4 prefix</description>
+ </valueHelp>
+ <valueHelp>
+ <format>ipv4range</format>
+ <description>IPv4 address range</description>
+ </valueHelp>
+ <constraint>
+ <validator name="ipv4-prefix"/>
+ <validator name="ipv4-host"/>
+ <validator name="ipv4-range"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ </children>
+ </tagNode>
+ </children>
+ </node>
+ <tagNode name="rule">
+ <properties>
+ <help>Rule</help>
+ <valueHelp>
+ <format>u32:1-999999</format>
+ <description>Number for this CGNAT rule</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1-999999"/>
+ </constraint>
+ <constraintErrorMessage>Rule number must be between 1 and 999999</constraintErrorMessage>
+ </properties>
+ <children>
+ <node name="source">
+ <properties>
+ <help>Source parameters</help>
+ </properties>
+ <children>
+ <leafNode name="pool">
+ <properties>
+ <help>Source internal pool</help>
+ <completionHelp>
+ <path>nat cgnat pool internal</path>
+ </completionHelp>
+ <valueHelp>
+ <format>txt</format>
+ <description>Source internal pool name</description>
+ </valueHelp>
+ <constraint>
+ #include <include/constraint/alpha-numeric-hyphen-underscore-dot.xml.i>
+ </constraint>
+ <constraintErrorMessage>Name of pool can only contain alpha-numeric letters, hyphen and underscores</constraintErrorMessage>
+ </properties>
+ </leafNode>
+ </children>
+ </node>
+ <node name="translation">
+ <properties>
+ <help>Translation parameters</help>
+ </properties>
+ <children>
+ <leafNode name="pool">
+ <properties>
+ <help>Translation external pool</help>
+ <completionHelp>
+ <path>nat cgnat pool external</path>
+ </completionHelp>
+ <valueHelp>
+ <format>txt</format>
+ <description>Translation external pool name</description>
+ </valueHelp>
+ <constraint>
+ #include <include/constraint/alpha-numeric-hyphen-underscore-dot.xml.i>
+ </constraint>
+ <constraintErrorMessage>Name of pool can only contain alpha-numeric letters, hyphen and underscores</constraintErrorMessage>
+ </properties>
+ </leafNode>
+ </children>
+ </node>
+ </children>
+ </tagNode>
+ </children>
+ </node>
+ </children>
+ </node>
+</interfaceDefinition>
diff --git a/interface-definitions/qos.xml.in b/interface-definitions/qos.xml.in
index 7618c3027..8f9ae3fa6 100644
--- a/interface-definitions/qos.xml.in
+++ b/interface-definitions/qos.xml.in
@@ -470,61 +470,10 @@
</properties>
<children>
#include <include/qos/queue-limit-1-4294967295.xml.i>
- <leafNode name="average-packet">
- <properties>
- <help>Average packet size (bytes)</help>
- <valueHelp>
- <format>u32:16-10240</format>
- <description>Average packet size in bytes</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--range 0-100"/>
- </constraint>
- <constraintErrorMessage>Average packet size must be between 16 and 10240</constraintErrorMessage>
- </properties>
- <defaultValue>1024</defaultValue>
- </leafNode>
- <leafNode name="mark-probability">
- <properties>
- <help>Mark probability for this precedence</help>
- <valueHelp>
- <format>&lt;number&gt;</format>
- <description>Numeric value (1/N)</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--positive"/>
- </constraint>
- <constraintErrorMessage>Mark probability must be greater than 0</constraintErrorMessage>
- </properties>
- <defaultValue>10</defaultValue>
- </leafNode>
- <leafNode name="maximum-threshold">
- <properties>
- <help>Maximum threshold for random detection</help>
- <valueHelp>
- <format>u32:0-4096</format>
- <description>Maximum Threshold in packets</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--range 0-4096"/>
- </constraint>
- <constraintErrorMessage>Threshold must be between 0 and 4096</constraintErrorMessage>
- </properties>
- <defaultValue>18</defaultValue>
- </leafNode>
- <leafNode name="minimum-threshold">
- <properties>
- <help>Minimum threshold for random detection</help>
- <valueHelp>
- <format>u32:0-4096</format>
- <description>Maximum Threshold in packets</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--range 0-4096"/>
- </constraint>
- <constraintErrorMessage>Threshold must be between 0 and 4096</constraintErrorMessage>
- </properties>
- </leafNode>
+ #include <include/qos/queue-average-packet.xml.i>
+ #include <include/qos/queue-maximum-threshold.xml.i>
+ #include <include/qos/queue-minimum-threshold.xml.i>
+ #include <include/qos/queue-mark-probability.xml.i>
</children>
</tagNode>
</children>
@@ -697,6 +646,10 @@
#include <include/qos/interval.xml.i>
#include <include/qos/class-match.xml.i>
#include <include/qos/class-priority.xml.i>
+ #include <include/qos/queue-average-packet.xml.i>
+ #include <include/qos/queue-maximum-threshold.xml.i>
+ #include <include/qos/queue-minimum-threshold.xml.i>
+ #include <include/qos/queue-mark-probability.xml.i>
#include <include/qos/queue-limit-1-4294967295.xml.i>
#include <include/qos/queue-type.xml.i>
<leafNode name="queue-type">
@@ -759,6 +712,10 @@
</properties>
<defaultValue>20</defaultValue>
</leafNode>
+ #include <include/qos/queue-average-packet.xml.i>
+ #include <include/qos/queue-maximum-threshold.xml.i>
+ #include <include/qos/queue-minimum-threshold.xml.i>
+ #include <include/qos/queue-mark-probability.xml.i>
#include <include/qos/queue-limit-1-4294967295.xml.i>
#include <include/qos/queue-type.xml.i>
<leafNode name="queue-type">
diff --git a/interface-definitions/service_config-sync.xml.in b/interface-definitions/service_config-sync.xml.in
index cb51a33b1..e9ea9aa4b 100644
--- a/interface-definitions/service_config-sync.xml.in
+++ b/interface-definitions/service_config-sync.xml.in
@@ -495,6 +495,12 @@
<valueless/>
</properties>
</leafNode>
+ <leafNode name="time-zone">
+ <properties>
+ <help>Local time zone</help>
+ <valueless/>
+ </properties>
+ </leafNode>
</children>
</node>
<leafNode name="vpn">
diff --git a/interface-definitions/service_conntrack-sync.xml.in b/interface-definitions/service_conntrack-sync.xml.in
index 397864867..631c830b4 100644
--- a/interface-definitions/service_conntrack-sync.xml.in
+++ b/interface-definitions/service_conntrack-sync.xml.in
@@ -81,6 +81,12 @@
<multi/>
</properties>
</leafNode>
+ <leafNode name="startup-resync">
+ <properties>
+ <help>Order conntrackd to request a complete conntrack table resync against the other node at startup</help>
+ <valueless/>
+ </properties>
+ </leafNode>
<node name="failover-mechanism">
<properties>
<help>Failover mechanism to use for conntrack-sync</help>
diff --git a/interface-definitions/service_dhcp-server.xml.in b/interface-definitions/service_dhcp-server.xml.in
index 2afa05a8a..cb5f9a804 100644
--- a/interface-definitions/service_dhcp-server.xml.in
+++ b/interface-definitions/service_dhcp-server.xml.in
@@ -22,6 +22,27 @@
</properties>
<children>
#include <include/source-address-ipv4.xml.i>
+ <leafNode name="mode">
+ <properties>
+ <help>Configure high availability mode</help>
+ <completionHelp>
+ <list>active-active active-passive</list>
+ </completionHelp>
+ <valueHelp>
+ <format>active-active</format>
+ <description>Both server attend DHCP requests</description>
+ </valueHelp>
+ <valueHelp>
+ <format>active-passive</format>
+ <description>Only primary server attends DHCP requests</description>
+ </valueHelp>
+ <constraint>
+ <regex>(active-active|active-passive)</regex>
+ </constraint>
+ <constraintErrorMessage>Invalid DHCP high availability mode</constraintErrorMessage>
+ </properties>
+ <defaultValue>active-active</defaultValue>
+ </leafNode>
<leafNode name="remote">
<properties>
<help>IPv4 remote address used for connection</help>
diff --git a/interface-definitions/service_ssh.xml.in b/interface-definitions/service_ssh.xml.in
index 5c893bd35..d9eee1ab8 100644
--- a/interface-definitions/service_ssh.xml.in
+++ b/interface-definitions/service_ssh.xml.in
@@ -262,7 +262,7 @@
</constraint>
</properties>
</leafNode>
- #include <include/interface/vrf.xml.i>
+ #include <include/vrf-multi.xml.i>
</children>
</node>
</children>
diff --git a/interface-definitions/system_ip.xml.in b/interface-definitions/system_ip.xml.in
index 015eb270f..b4b5092fe 100644
--- a/interface-definitions/system_ip.xml.in
+++ b/interface-definitions/system_ip.xml.in
@@ -23,12 +23,6 @@
<valueless/>
</properties>
</leafNode>
- <leafNode name="disable-directed-broadcast">
- <properties>
- <help>Disable IPv4 directed broadcast forwarding on all interfaces</help>
- <valueless/>
- </properties>
- </leafNode>
<node name="multipath">
<properties>
<help>IPv4 multipath settings</help>
diff --git a/interface-definitions/vrf.xml.in b/interface-definitions/vrf.xml.in
index 25f26d0cc..94ed96e4b 100644
--- a/interface-definitions/vrf.xml.in
+++ b/interface-definitions/vrf.xml.in
@@ -16,10 +16,7 @@
<tagNode name="name">
<properties>
<help>Virtual Routing and Forwarding instance</help>
- <constraint>
- <validator name="vrf-name"/>
- </constraint>
- <constraintErrorMessage>VRF instance name must be 15 characters or less and can not\nbe named as regular network interfaces.\nA name must starts from a letter.\n</constraintErrorMessage>
+ #include <include/constraint/vrf.xml.i>
<valueHelp>
<format>txt</format>
<description>VRF instance name</description>
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-02 05:16:49 +0000