6 files changed, 110 insertions, 0 deletions

diff --git a/interface-definitions/firewall.xml.in b/interface-definitions/firewall.xml.in
index 773e86f00..673461036 100644
--- a/interface-definitions/firewall.xml.in
+++ b/interface-definitions/firewall.xml.in
@@ -711,6 +711,7 @@
             </properties>
             <children>
               #include <include/firewall/action-accept-drop-reject.xml.i>
+              #include <include/firewall/log.xml.i>
               #include <include/firewall/rule-log-level.xml.i>
             </children>
           </node>
@@ -720,6 +721,7 @@
             </properties>
             <children>
               #include <include/firewall/action-accept-drop-reject.xml.i>
+              #include <include/firewall/log.xml.i>
               #include <include/firewall/rule-log-level.xml.i>
             </children>
           </node>
@@ -729,6 +731,7 @@
             </properties>
             <children>
               #include <include/firewall/action-accept-drop-reject.xml.i>
+              #include <include/firewall/log.xml.i>
               #include <include/firewall/rule-log-level.xml.i>
             </children>
           </node>
diff --git a/interface-definitions/include/policy/route-common-rule-ipv6.xml.i b/interface-definitions/include/policy/route-common-rule-ipv6.xml.i
index cfeba1a6c..662206336 100644
--- a/interface-definitions/include/policy/route-common-rule-ipv6.xml.i
+++ b/interface-definitions/include/policy/route-common-rule-ipv6.xml.i
@@ -198,6 +198,10 @@
           <validator name="numeric" argument="--range 1-200"/>
           <regex>(main)</regex>
         </constraint>
+        <completionHelp>
+          <list>main</list>
+          <path>protocols static table</path>
+        </completionHelp>
       </properties>
     </leafNode>
     <leafNode name="tcp-mss">
diff --git a/interface-definitions/include/policy/route-common-rule.xml.i b/interface-definitions/include/policy/route-common-rule.xml.i
index 5a17dbc95..35fccca50 100644
--- a/interface-definitions/include/policy/route-common-rule.xml.i
+++ b/interface-definitions/include/policy/route-common-rule.xml.i
@@ -198,6 +198,10 @@
           <validator name="numeric" argument="--range 1-200"/>
           <regex>(main)</regex>
         </constraint>
+        <completionHelp>
+          <list>main</list>
+          <path>protocols static table</path>
+        </completionHelp>
       </properties>
     </leafNode>
     <leafNode name="tcp-mss">
diff --git a/interface-definitions/include/qos/limiter-actions.xml.i b/interface-definitions/include/qos/limiter-actions.xml.i
new file mode 100644
index 000000000..a993423aa
--- /dev/null
+++ b/interface-definitions/include/qos/limiter-actions.xml.i
@@ -0,0 +1,66 @@
+<!-- include start from qos/limiter-actions.xml.i -->
+<leafNode name="exceed-action">
+  <properties>
+    <help>Default action for packets exceeding the limiter (default: drop)</help>
+    <completionHelp>
+      <list>continue drop ok reclassify pipe</list>
+    </completionHelp>
+    <valueHelp>
+      <format>continue</format>
+      <description>Don't do anything, just continue with the next action in line</description>
+    </valueHelp>
+    <valueHelp>
+      <format>drop</format>
+      <description>Drop the packet immediately</description>
+    </valueHelp>
+    <valueHelp>
+      <format>ok</format>
+      <description>Accept the packet</description>
+    </valueHelp>
+    <valueHelp>
+      <format>reclassify</format>
+      <description>Treat the packet as non-matching to the filter this action is attached to and continue with the next filter in line (if any)</description>
+    </valueHelp>
+    <valueHelp>
+      <format>pipe</format>
+      <description>Pass the packet to the next action in line</description>
+    </valueHelp>
+    <constraint>
+      <regex>(continue|drop|ok|reclassify|pipe)</regex>
+    </constraint>
+  </properties>
+  <defaultValue>drop</defaultValue>
+</leafNode>
+<leafNode name="notexceed-action">
+  <properties>
+    <help>Default action for packets not exceeding the limiter (default: ok)</help>
+    <completionHelp>
+      <list>continue drop ok reclassify pipe</list>
+    </completionHelp>
+    <valueHelp>
+      <format>continue</format>
+      <description>Don't do anything, just continue with the next action in line</description>
+    </valueHelp>
+    <valueHelp>
+      <format>drop</format>
+      <description>Drop the packet immediately</description>
+    </valueHelp>
+    <valueHelp>
+      <format>ok</format>
+      <description>Accept the packet</description>
+    </valueHelp>
+    <valueHelp>
+      <format>reclassify</format>
+      <description>Treat the packet as non-matching to the filter this action is attached to and continue with the next filter in line (if any)</description>
+    </valueHelp>
+    <valueHelp>
+      <format>pipe</format>
+      <description>Pass the packet to the next action in line</description>
+    </valueHelp>
+    <constraint>
+      <regex>(continue|drop|ok|reclassify|pipe)</regex>
+    </constraint>
+  </properties>
+  <defaultValue>ok</defaultValue>
+</leafNode>
+<!-- include end -->
diff --git a/interface-definitions/qos.xml.in b/interface-definitions/qos.xml.in
index e8f575a1e..e2dbcbeef 100644
--- a/interface-definitions/qos.xml.in
+++ b/interface-definitions/qos.xml.in
@@ -188,6 +188,7 @@
                   #include <include/qos/burst.xml.i>
                   #include <include/generic-description.xml.i>
                   #include <include/qos/match.xml.i>
+                  #include <include/qos/limiter-actions.xml.i>
                   <leafNode name="priority">
                     <properties>
                       <help>Priority for rule evaluation</help>
@@ -211,6 +212,7 @@
                 <children>
                   #include <include/qos/bandwidth.xml.i>
                   #include <include/qos/burst.xml.i>
+                  #include <include/qos/limiter-actions.xml.i>
                 </children>
               </node>
               #include <include/generic-description.xml.i>
diff --git a/interface-definitions/ssh.xml.in b/interface-definitions/ssh.xml.in
index 126183162..f3c731fe5 100644
--- a/interface-definitions/ssh.xml.in
+++ b/interface-definitions/ssh.xml.in
@@ -206,6 +206,37 @@
             </properties>
             <defaultValue>22</defaultValue>
           </leafNode>
+          <node name="rekey">
+            <properties>
+              <help>SSH session rekey limit</help>
+            </properties>
+            <children>
+              <leafNode name="data">
+                <properties>
+                  <help>Threshold data in megabytes</help>
+                  <valueHelp>
+                    <format>u32:1-65535</format>
+                    <description>Megabytes</description>
+                  </valueHelp>
+                  <constraint>
+                    <validator name="numeric" argument="--range 1-65535"/>
+                  </constraint>
+                </properties>
+              </leafNode>
+              <leafNode name="time">
+                <properties>
+                  <help>Threshold time in minutes</help>
+                  <valueHelp>
+                    <format>u32:1-65535</format>
+                    <description>Minutes</description>
+                  </valueHelp>
+                  <constraint>
+                    <validator name="numeric" argument="--range 1-65535"/>
+                  </constraint>
+                </properties>
+              </leafNode>
+            </children>
+          </node>
           <leafNode name="client-keepalive-interval">
             <properties>
               <help>Enable transmission of keepalives from server to client</help>