diff options
Diffstat (limited to 'interface-definitions')
-rw-r--r-- | interface-definitions/containers.xml.in | 34 | ||||
-rw-r--r-- | interface-definitions/dns-domain-name.xml.in | 2 | ||||
-rw-r--r-- | interface-definitions/dns-dynamic.xml.in | 6 | ||||
-rw-r--r-- | interface-definitions/https.xml.in | 1 | ||||
-rw-r--r-- | interface-definitions/include/bgp/afi-aggregate-address.xml.i | 1 | ||||
-rw-r--r-- | interface-definitions/include/bgp/protocol-common-config.xml.i | 6 | ||||
-rw-r--r-- | interface-definitions/interfaces-openvpn.xml.in | 86 | ||||
-rw-r--r-- | interface-definitions/interfaces-tunnel.xml.in | 1 | ||||
-rw-r--r-- | interface-definitions/snmp.xml.in | 20 | ||||
-rw-r--r-- | interface-definitions/system-console.xml.in | 1 | ||||
-rw-r--r-- | interface-definitions/system-lcd.xml.in | 8 | ||||
-rw-r--r-- | interface-definitions/vpn_l2tp.xml.in | 8 |
12 files changed, 163 insertions, 11 deletions
diff --git a/interface-definitions/containers.xml.in b/interface-definitions/containers.xml.in index bf672307c..1e9c36ee5 100644 --- a/interface-definitions/containers.xml.in +++ b/interface-definitions/containers.xml.in @@ -21,6 +21,38 @@ <valueless/> </properties> </leafNode> + <leafNode name="cap-add"> + <properties> + <help>Container capabilities/permissions</help> + <completionHelp> + <list>net-admin net-raw setpcap sys-admin sys-time</list> + </completionHelp> + <valueHelp> + <format>net-admin</format> + <description>Network operations (interface, firewall, routing tables)</description> + </valueHelp> + <valueHelp> + <format>net-raw</format> + <description>Permission to create raw network sockets</description> + </valueHelp> + <valueHelp> + <format>setpcap</format> + <description>Capability sets (from bounded or inherited set)</description> + </valueHelp> + <valueHelp> + <format>sys-admin</format> + <description>Administation operations (quotactl, mount, sethostname, setdomainame)</description> + </valueHelp> + <valueHelp> + <format>sys-time</format> + <description>Permission to set system clock</description> + </valueHelp> + <constraint> + <regex>^(net-admin|net-raw|setpcap|sys-admin|sys-time)$</regex> + </constraint> + <multi/> + </properties> + </leafNode> #include <include/generic-description.xml.i> #include <include/generic-disable-node.xml.i> <tagNode name="environment"> @@ -141,7 +173,7 @@ </tagNode> <leafNode name="restart"> <properties> - <help>Mount a volume into the container</help> + <help>Restart options for container</help> <completionHelp> <list>no on-failure always</list> </completionHelp> diff --git a/interface-definitions/dns-domain-name.xml.in b/interface-definitions/dns-domain-name.xml.in index 2b1644609..005a55ab3 100644 --- a/interface-definitions/dns-domain-name.xml.in +++ b/interface-definitions/dns-domain-name.xml.in @@ -102,11 +102,11 @@ <constraint> <validator name="ip-address"/> </constraint> + <multi/> </properties> </leafNode> </children> </tagNode> - </children> </node> </children> diff --git a/interface-definitions/dns-dynamic.xml.in b/interface-definitions/dns-dynamic.xml.in index 250642691..64826516e 100644 --- a/interface-definitions/dns-dynamic.xml.in +++ b/interface-definitions/dns-dynamic.xml.in @@ -274,6 +274,12 @@ </leafNode> </children> </node> + <leafNode name="ipv6-enable"> + <properties> + <help>Allow explicit IPv6 addresses for Dynamic DNS for this interface</help> + <valueless/> + </properties> + </leafNode> </children> </tagNode> </children> diff --git a/interface-definitions/https.xml.in b/interface-definitions/https.xml.in index bb6f71744..f60df7c34 100644 --- a/interface-definitions/https.xml.in +++ b/interface-definitions/https.xml.in @@ -121,6 +121,7 @@ <help>TLS certificates</help> </properties> <children> + #include <include/pki/ca-certificate.xml.i> #include <include/pki/certificate.xml.i> <node name="certbot" owner="${vyos_conf_scripts_dir}/le_cert.py"> <properties> diff --git a/interface-definitions/include/bgp/afi-aggregate-address.xml.i b/interface-definitions/include/bgp/afi-aggregate-address.xml.i index 646751c32..c1b7958da 100644 --- a/interface-definitions/include/bgp/afi-aggregate-address.xml.i +++ b/interface-definitions/include/bgp/afi-aggregate-address.xml.i @@ -5,6 +5,7 @@ <valueless/> </properties> </leafNode> +#include <include/route-map.xml.i> <leafNode name="summary-only"> <properties> <help>Announce the aggregate summary network only</help> diff --git a/interface-definitions/include/bgp/protocol-common-config.xml.i b/interface-definitions/include/bgp/protocol-common-config.xml.i index 30033bc50..2dfae517e 100644 --- a/interface-definitions/include/bgp/protocol-common-config.xml.i +++ b/interface-definitions/include/bgp/protocol-common-config.xml.i @@ -1253,12 +1253,6 @@ </constraint> </properties> </leafNode> - <leafNode name="no-ipv4-unicast"> - <properties> - <help>Deactivate IPv4 unicast for a peer by default</help> - <valueless/> - </properties> - </leafNode> </children> </node> <leafNode name="deterministic-med"> diff --git a/interface-definitions/interfaces-openvpn.xml.in b/interface-definitions/interfaces-openvpn.xml.in index d67549d87..6b4440688 100644 --- a/interface-definitions/interfaces-openvpn.xml.in +++ b/interface-definitions/interfaces-openvpn.xml.in @@ -633,6 +633,92 @@ </properties> <defaultValue>net30</defaultValue> </leafNode> + <node name="mfa"> + <properties> + <help>multi-factor authentication</help> + </properties> + <children> + <node name="totp"> + <properties> + <help>Time-based one-time passwords</help> + </properties> + <children> + <leafNode name="slop"> + <properties> + <help>Maximum allowed clock slop in seconds (default: 180)</help> + <valueHelp> + <format>1-65535</format> + <description>Seconds</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 1-65535"/> + </constraint> + </properties> + <defaultValue>180</defaultValue> + </leafNode> + <leafNode name="drift"> + <properties> + <help>Time drift in seconds (default: 0)</help> + <valueHelp> + <format>1-65535</format> + <description>Seconds</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 1-65535"/> + </constraint> + </properties> + <defaultValue>0</defaultValue> + </leafNode> + <leafNode name="step"> + <properties> + <help>Step value for totp in seconds (default: 30)</help> + <valueHelp> + <format>1-65535</format> + <description>Seconds</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 1-65535"/> + </constraint> + </properties> + <defaultValue>30</defaultValue> + </leafNode> + <leafNode name="digits"> + <properties> + <help>Number of digits to use for totp hash (default: 6)</help> + <valueHelp> + <format>1-65535</format> + <description>Seconds</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 1-65535"/> + </constraint> + </properties> + <defaultValue>6</defaultValue> + </leafNode> + <leafNode name="challenge"> + <properties> + <help>Expect password as result of a challenge response protocol (default: enabled)</help> + <completionHelp> + <list>disable enable</list> + </completionHelp> + <valueHelp> + <format>disable</format> + <description>Disable challenge-response</description> + </valueHelp> + <valueHelp> + <format>enable</format> + <description>Enable chalenge-response (default)</description> + </valueHelp> + <constraint> + <regex>^(disable|enable)$</regex> + </constraint> + </properties> + <defaultValue>enable</defaultValue> + </leafNode> + </children> + </node> + </children> + </node> </children> </node> <leafNode name="shared-secret-key"> diff --git a/interface-definitions/interfaces-tunnel.xml.in b/interface-definitions/interfaces-tunnel.xml.in index 7450ef2af..cca732f82 100644 --- a/interface-definitions/interfaces-tunnel.xml.in +++ b/interface-definitions/interfaces-tunnel.xml.in @@ -54,7 +54,6 @@ </constraint> </properties> </leafNode> - #include <include/dhcp-interface.xml.i> <leafNode name="encapsulation"> <properties> <help>Encapsulation of this tunnel interface</help> diff --git a/interface-definitions/snmp.xml.in b/interface-definitions/snmp.xml.in index b0b7768d2..949536fe7 100644 --- a/interface-definitions/snmp.xml.in +++ b/interface-definitions/snmp.xml.in @@ -149,6 +149,26 @@ <constraintErrorMessage>Oid must be 'route-table'</constraintErrorMessage> </properties> </leafNode> + <leafNode name="protocol"> + <properties> + <help>Listen protocol for SNMP</help> + <completionHelp> + <list>udp tcp</list> + </completionHelp> + <valueHelp> + <format>udp</format> + <description>Listen protocol UDP (default)</description> + </valueHelp> + <valueHelp> + <format>tcp</format> + <description>Listen protocol TCP</description> + </valueHelp> + <constraint> + <regex>^(udp|tcp)$</regex> + </constraint> + </properties> + <defaultValue>udp</defaultValue> + </leafNode> <leafNode name="smux-peer"> <properties> <help>Register a subtree for SMUX-based processing</help> diff --git a/interface-definitions/system-console.xml.in b/interface-definitions/system-console.xml.in index 88f7f82a9..2897e5e97 100644 --- a/interface-definitions/system-console.xml.in +++ b/interface-definitions/system-console.xml.in @@ -74,6 +74,7 @@ <regex>^(1200|2400|4800|9600|19200|38400|57600|115200)$</regex> </constraint> </properties> + <defaultValue>115200</defaultValue> </leafNode> </children> </tagNode> diff --git a/interface-definitions/system-lcd.xml.in b/interface-definitions/system-lcd.xml.in index 36116ae1b..4c9d5c92e 100644 --- a/interface-definitions/system-lcd.xml.in +++ b/interface-definitions/system-lcd.xml.in @@ -12,7 +12,7 @@ <properties> <help>Model of the display attached to this system [REQUIRED]</help> <completionHelp> - <list>cfa-533 cfa-631 cfa-633 cfa-635 sdec</list> + <list>cfa-533 cfa-631 cfa-633 cfa-635 hd44780 sdec</list> </completionHelp> <valueHelp> <format>cfa-533</format> @@ -31,11 +31,15 @@ <description>Crystalfontz CFA-635</description> </valueHelp> <valueHelp> + <format>hd44780</format> + <description>Hitachi HD44780, Caswell Appliances</description> + </valueHelp> + <valueHelp> <format>sdec</format> <description>Lanner, Watchguard, Nexcom NSA, Sophos UTM appliances</description> </valueHelp> <constraint> - <regex>^(cfa-533|cfa-631|cfa-633|cfa-635|sdec)$</regex> + <regex>^(cfa-533|cfa-631|cfa-633|cfa-635|hd44780|sdec)$</regex> </constraint> </properties> </leafNode> diff --git a/interface-definitions/vpn_l2tp.xml.in b/interface-definitions/vpn_l2tp.xml.in index cbd5e38e7..6a88756a7 100644 --- a/interface-definitions/vpn_l2tp.xml.in +++ b/interface-definitions/vpn_l2tp.xml.in @@ -34,6 +34,14 @@ <help>Tunnel password used to authenticate the client (LAC)</help> </properties> </leafNode> + <leafNode name="host-name"> + <properties> + <help>Sent to the client (LAC) in the Host-Name attribute</help> + <constraint> + <regex>[A-Za-z0-9][-.A-Za-z0-9]*[A-Za-z0-9]</regex> + </constraint> + </properties> + </leafNode> </children> </node> <leafNode name="ccp-disable"> |