summaryrefslogtreecommitdiff
path: root/interface-definitions
diff options
context:
space:
mode:
Diffstat (limited to 'interface-definitions')
-rw-r--r--interface-definitions/containers.xml.in34
-rw-r--r--interface-definitions/dns-domain-name.xml.in2
-rw-r--r--interface-definitions/dns-dynamic.xml.in6
-rw-r--r--interface-definitions/https.xml.in1
-rw-r--r--interface-definitions/include/bgp/afi-aggregate-address.xml.i1
-rw-r--r--interface-definitions/include/bgp/protocol-common-config.xml.i6
-rw-r--r--interface-definitions/interfaces-openvpn.xml.in86
-rw-r--r--interface-definitions/interfaces-tunnel.xml.in1
-rw-r--r--interface-definitions/snmp.xml.in20
-rw-r--r--interface-definitions/system-console.xml.in1
-rw-r--r--interface-definitions/system-lcd.xml.in8
-rw-r--r--interface-definitions/vpn_l2tp.xml.in8
12 files changed, 163 insertions, 11 deletions
diff --git a/interface-definitions/containers.xml.in b/interface-definitions/containers.xml.in
index bf672307c..1e9c36ee5 100644
--- a/interface-definitions/containers.xml.in
+++ b/interface-definitions/containers.xml.in
@@ -21,6 +21,38 @@
<valueless/>
</properties>
</leafNode>
+ <leafNode name="cap-add">
+ <properties>
+ <help>Container capabilities/permissions</help>
+ <completionHelp>
+ <list>net-admin net-raw setpcap sys-admin sys-time</list>
+ </completionHelp>
+ <valueHelp>
+ <format>net-admin</format>
+ <description>Network operations (interface, firewall, routing tables)</description>
+ </valueHelp>
+ <valueHelp>
+ <format>net-raw</format>
+ <description>Permission to create raw network sockets</description>
+ </valueHelp>
+ <valueHelp>
+ <format>setpcap</format>
+ <description>Capability sets (from bounded or inherited set)</description>
+ </valueHelp>
+ <valueHelp>
+ <format>sys-admin</format>
+ <description>Administation operations (quotactl, mount, sethostname, setdomainame)</description>
+ </valueHelp>
+ <valueHelp>
+ <format>sys-time</format>
+ <description>Permission to set system clock</description>
+ </valueHelp>
+ <constraint>
+ <regex>^(net-admin|net-raw|setpcap|sys-admin|sys-time)$</regex>
+ </constraint>
+ <multi/>
+ </properties>
+ </leafNode>
#include <include/generic-description.xml.i>
#include <include/generic-disable-node.xml.i>
<tagNode name="environment">
@@ -141,7 +173,7 @@
</tagNode>
<leafNode name="restart">
<properties>
- <help>Mount a volume into the container</help>
+ <help>Restart options for container</help>
<completionHelp>
<list>no on-failure always</list>
</completionHelp>
diff --git a/interface-definitions/dns-domain-name.xml.in b/interface-definitions/dns-domain-name.xml.in
index 2b1644609..005a55ab3 100644
--- a/interface-definitions/dns-domain-name.xml.in
+++ b/interface-definitions/dns-domain-name.xml.in
@@ -102,11 +102,11 @@
<constraint>
<validator name="ip-address"/>
</constraint>
+ <multi/>
</properties>
</leafNode>
</children>
</tagNode>
-
</children>
</node>
</children>
diff --git a/interface-definitions/dns-dynamic.xml.in b/interface-definitions/dns-dynamic.xml.in
index 250642691..64826516e 100644
--- a/interface-definitions/dns-dynamic.xml.in
+++ b/interface-definitions/dns-dynamic.xml.in
@@ -274,6 +274,12 @@
</leafNode>
</children>
</node>
+ <leafNode name="ipv6-enable">
+ <properties>
+ <help>Allow explicit IPv6 addresses for Dynamic DNS for this interface</help>
+ <valueless/>
+ </properties>
+ </leafNode>
</children>
</tagNode>
</children>
diff --git a/interface-definitions/https.xml.in b/interface-definitions/https.xml.in
index bb6f71744..f60df7c34 100644
--- a/interface-definitions/https.xml.in
+++ b/interface-definitions/https.xml.in
@@ -121,6 +121,7 @@
<help>TLS certificates</help>
</properties>
<children>
+ #include <include/pki/ca-certificate.xml.i>
#include <include/pki/certificate.xml.i>
<node name="certbot" owner="${vyos_conf_scripts_dir}/le_cert.py">
<properties>
diff --git a/interface-definitions/include/bgp/afi-aggregate-address.xml.i b/interface-definitions/include/bgp/afi-aggregate-address.xml.i
index 646751c32..c1b7958da 100644
--- a/interface-definitions/include/bgp/afi-aggregate-address.xml.i
+++ b/interface-definitions/include/bgp/afi-aggregate-address.xml.i
@@ -5,6 +5,7 @@
<valueless/>
</properties>
</leafNode>
+#include <include/route-map.xml.i>
<leafNode name="summary-only">
<properties>
<help>Announce the aggregate summary network only</help>
diff --git a/interface-definitions/include/bgp/protocol-common-config.xml.i b/interface-definitions/include/bgp/protocol-common-config.xml.i
index 30033bc50..2dfae517e 100644
--- a/interface-definitions/include/bgp/protocol-common-config.xml.i
+++ b/interface-definitions/include/bgp/protocol-common-config.xml.i
@@ -1253,12 +1253,6 @@
</constraint>
</properties>
</leafNode>
- <leafNode name="no-ipv4-unicast">
- <properties>
- <help>Deactivate IPv4 unicast for a peer by default</help>
- <valueless/>
- </properties>
- </leafNode>
</children>
</node>
<leafNode name="deterministic-med">
diff --git a/interface-definitions/interfaces-openvpn.xml.in b/interface-definitions/interfaces-openvpn.xml.in
index d67549d87..6b4440688 100644
--- a/interface-definitions/interfaces-openvpn.xml.in
+++ b/interface-definitions/interfaces-openvpn.xml.in
@@ -633,6 +633,92 @@
</properties>
<defaultValue>net30</defaultValue>
</leafNode>
+ <node name="mfa">
+ <properties>
+ <help>multi-factor authentication</help>
+ </properties>
+ <children>
+ <node name="totp">
+ <properties>
+ <help>Time-based one-time passwords</help>
+ </properties>
+ <children>
+ <leafNode name="slop">
+ <properties>
+ <help>Maximum allowed clock slop in seconds (default: 180)</help>
+ <valueHelp>
+ <format>1-65535</format>
+ <description>Seconds</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1-65535"/>
+ </constraint>
+ </properties>
+ <defaultValue>180</defaultValue>
+ </leafNode>
+ <leafNode name="drift">
+ <properties>
+ <help>Time drift in seconds (default: 0)</help>
+ <valueHelp>
+ <format>1-65535</format>
+ <description>Seconds</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1-65535"/>
+ </constraint>
+ </properties>
+ <defaultValue>0</defaultValue>
+ </leafNode>
+ <leafNode name="step">
+ <properties>
+ <help>Step value for totp in seconds (default: 30)</help>
+ <valueHelp>
+ <format>1-65535</format>
+ <description>Seconds</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1-65535"/>
+ </constraint>
+ </properties>
+ <defaultValue>30</defaultValue>
+ </leafNode>
+ <leafNode name="digits">
+ <properties>
+ <help>Number of digits to use for totp hash (default: 6)</help>
+ <valueHelp>
+ <format>1-65535</format>
+ <description>Seconds</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1-65535"/>
+ </constraint>
+ </properties>
+ <defaultValue>6</defaultValue>
+ </leafNode>
+ <leafNode name="challenge">
+ <properties>
+ <help>Expect password as result of a challenge response protocol (default: enabled)</help>
+ <completionHelp>
+ <list>disable enable</list>
+ </completionHelp>
+ <valueHelp>
+ <format>disable</format>
+ <description>Disable challenge-response</description>
+ </valueHelp>
+ <valueHelp>
+ <format>enable</format>
+ <description>Enable chalenge-response (default)</description>
+ </valueHelp>
+ <constraint>
+ <regex>^(disable|enable)$</regex>
+ </constraint>
+ </properties>
+ <defaultValue>enable</defaultValue>
+ </leafNode>
+ </children>
+ </node>
+ </children>
+ </node>
</children>
</node>
<leafNode name="shared-secret-key">
diff --git a/interface-definitions/interfaces-tunnel.xml.in b/interface-definitions/interfaces-tunnel.xml.in
index 7450ef2af..cca732f82 100644
--- a/interface-definitions/interfaces-tunnel.xml.in
+++ b/interface-definitions/interfaces-tunnel.xml.in
@@ -54,7 +54,6 @@
</constraint>
</properties>
</leafNode>
- #include <include/dhcp-interface.xml.i>
<leafNode name="encapsulation">
<properties>
<help>Encapsulation of this tunnel interface</help>
diff --git a/interface-definitions/snmp.xml.in b/interface-definitions/snmp.xml.in
index b0b7768d2..949536fe7 100644
--- a/interface-definitions/snmp.xml.in
+++ b/interface-definitions/snmp.xml.in
@@ -149,6 +149,26 @@
<constraintErrorMessage>Oid must be 'route-table'</constraintErrorMessage>
</properties>
</leafNode>
+ <leafNode name="protocol">
+ <properties>
+ <help>Listen protocol for SNMP</help>
+ <completionHelp>
+ <list>udp tcp</list>
+ </completionHelp>
+ <valueHelp>
+ <format>udp</format>
+ <description>Listen protocol UDP (default)</description>
+ </valueHelp>
+ <valueHelp>
+ <format>tcp</format>
+ <description>Listen protocol TCP</description>
+ </valueHelp>
+ <constraint>
+ <regex>^(udp|tcp)$</regex>
+ </constraint>
+ </properties>
+ <defaultValue>udp</defaultValue>
+ </leafNode>
<leafNode name="smux-peer">
<properties>
<help>Register a subtree for SMUX-based processing</help>
diff --git a/interface-definitions/system-console.xml.in b/interface-definitions/system-console.xml.in
index 88f7f82a9..2897e5e97 100644
--- a/interface-definitions/system-console.xml.in
+++ b/interface-definitions/system-console.xml.in
@@ -74,6 +74,7 @@
<regex>^(1200|2400|4800|9600|19200|38400|57600|115200)$</regex>
</constraint>
</properties>
+ <defaultValue>115200</defaultValue>
</leafNode>
</children>
</tagNode>
diff --git a/interface-definitions/system-lcd.xml.in b/interface-definitions/system-lcd.xml.in
index 36116ae1b..4c9d5c92e 100644
--- a/interface-definitions/system-lcd.xml.in
+++ b/interface-definitions/system-lcd.xml.in
@@ -12,7 +12,7 @@
<properties>
<help>Model of the display attached to this system [REQUIRED]</help>
<completionHelp>
- <list>cfa-533 cfa-631 cfa-633 cfa-635 sdec</list>
+ <list>cfa-533 cfa-631 cfa-633 cfa-635 hd44780 sdec</list>
</completionHelp>
<valueHelp>
<format>cfa-533</format>
@@ -31,11 +31,15 @@
<description>Crystalfontz CFA-635</description>
</valueHelp>
<valueHelp>
+ <format>hd44780</format>
+ <description>Hitachi HD44780, Caswell Appliances</description>
+ </valueHelp>
+ <valueHelp>
<format>sdec</format>
<description>Lanner, Watchguard, Nexcom NSA, Sophos UTM appliances</description>
</valueHelp>
<constraint>
- <regex>^(cfa-533|cfa-631|cfa-633|cfa-635|sdec)$</regex>
+ <regex>^(cfa-533|cfa-631|cfa-633|cfa-635|hd44780|sdec)$</regex>
</constraint>
</properties>
</leafNode>
diff --git a/interface-definitions/vpn_l2tp.xml.in b/interface-definitions/vpn_l2tp.xml.in
index cbd5e38e7..6a88756a7 100644
--- a/interface-definitions/vpn_l2tp.xml.in
+++ b/interface-definitions/vpn_l2tp.xml.in
@@ -34,6 +34,14 @@
<help>Tunnel password used to authenticate the client (LAC)</help>
</properties>
</leafNode>
+ <leafNode name="host-name">
+ <properties>
+ <help>Sent to the client (LAC) in the Host-Name attribute</help>
+ <constraint>
+ <regex>[A-Za-z0-9][-.A-Za-z0-9]*[A-Za-z0-9]</regex>
+ </constraint>
+ </properties>
+ </leafNode>
</children>
</node>
<leafNode name="ccp-disable">