summaryrefslogtreecommitdiff
path: root/interface-definitions
diff options
context:
space:
mode:
Diffstat (limited to 'interface-definitions')
-rw-r--r--interface-definitions/include/dhcp/ddns-dns-server.xml.i19
-rw-r--r--interface-definitions/include/dhcp/ddns-settings.xml.i172
-rw-r--r--interface-definitions/include/interface/ipv6-address-interface-identifier.xml.i15
-rw-r--r--interface-definitions/include/interface/ipv6-address.xml.i12
-rw-r--r--interface-definitions/include/interface/ipv6-options-with-nd.xml.i9
-rw-r--r--interface-definitions/include/interface/ipv6-options.xml.i11
-rw-r--r--interface-definitions/include/interface/vif-s.xml.i2
-rw-r--r--interface-definitions/include/interface/vif.xml.i1
-rw-r--r--interface-definitions/interfaces_bonding.xml.in1
-rw-r--r--interface-definitions/interfaces_bridge.xml.in1
-rw-r--r--interface-definitions/interfaces_ethernet.xml.in1
-rw-r--r--interface-definitions/interfaces_geneve.xml.in1
-rw-r--r--interface-definitions/interfaces_l2tpv3.xml.in1
-rw-r--r--interface-definitions/interfaces_macsec.xml.in1
-rw-r--r--interface-definitions/interfaces_openvpn.xml.in1
-rw-r--r--interface-definitions/interfaces_pppoe.xml.in1
-rw-r--r--interface-definitions/interfaces_pseudo-ethernet.xml.in1
-rw-r--r--interface-definitions/interfaces_vxlan.xml.in1
-rw-r--r--interface-definitions/interfaces_wireless.xml.in1
-rw-r--r--interface-definitions/interfaces_wwan.xml.in1
-rw-r--r--interface-definitions/policy_route.xml.in4
-rw-r--r--interface-definitions/service_dhcp-server.xml.in121
-rw-r--r--interface-definitions/service_router-advert.xml.in13
-rw-r--r--interface-definitions/vpn_ipsec.xml.in57
24 files changed, 432 insertions, 16 deletions
diff --git a/interface-definitions/include/dhcp/ddns-dns-server.xml.i b/interface-definitions/include/dhcp/ddns-dns-server.xml.i
new file mode 100644
index 000000000..ba9f186d0
--- /dev/null
+++ b/interface-definitions/include/dhcp/ddns-dns-server.xml.i
@@ -0,0 +1,19 @@
+<!-- include start from dhcp/ddns-dns-server.xml.i -->
+<tagNode name="dns-server">
+ <properties>
+ <help>DNS server specification</help>
+ <valueHelp>
+ <format>u32:1-999999</format>
+ <description>Number for this DNS server</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1-999999"/>
+ </constraint>
+ <constraintErrorMessage>DNS server number must be between 1 and 999999</constraintErrorMessage>
+ </properties>
+ <children>
+ #include <include/address-ipv4-ipv6-single.xml.i>
+ #include <include/port-number.xml.i>
+ </children>
+</tagNode>
+<!-- include end -->
diff --git a/interface-definitions/include/dhcp/ddns-settings.xml.i b/interface-definitions/include/dhcp/ddns-settings.xml.i
new file mode 100644
index 000000000..3e202685e
--- /dev/null
+++ b/interface-definitions/include/dhcp/ddns-settings.xml.i
@@ -0,0 +1,172 @@
+<!-- include start from dhcp/ddns-settings.xml.i -->
+<leafNode name="send-updates">
+ <properties>
+ <help>Enable or disable updates for this scope</help>
+ <completionHelp>
+ <list>enable disable</list>
+ </completionHelp>
+ <valueHelp>
+ <format>enable</format>
+ <description>Enable updates for this scope</description>
+ </valueHelp>
+ <valueHelp>
+ <format>disable</format>
+ <description>Disable updates for this scope</description>
+ </valueHelp>
+ <constraint>
+ <regex>(enable|disable)</regex>
+ </constraint>
+ <constraintErrorMessage>Set it to either enable or disable</constraintErrorMessage>
+ </properties>
+</leafNode>
+<leafNode name="override-client-update">
+ <properties>
+ <help>Always update both forward and reverse DNS data, regardless of the client's request</help>
+ <completionHelp>
+ <list>enable disable</list>
+ </completionHelp>
+ <valueHelp>
+ <format>enable</format>
+ <description>Force update both forward and reverse DNS records</description>
+ </valueHelp>
+ <valueHelp>
+ <format>disable</format>
+ <description>Respect client request settings</description>
+ </valueHelp>
+ <constraint>
+ <regex>(enable|disable)</regex>
+ </constraint>
+ <constraintErrorMessage>Set it to either enable or disable</constraintErrorMessage>
+ </properties>
+</leafNode>
+<leafNode name="override-no-update">
+ <properties>
+ <help>Perform a DDNS update, even if the client instructs the server not to</help>
+ <completionHelp>
+ <list>enable disable</list>
+ </completionHelp>
+ <valueHelp>
+ <format>enable</format>
+ <description>Force DDNS updates regardless of client request</description>
+ </valueHelp>
+ <valueHelp>
+ <format>disable</format>
+ <description>Respect client request settings</description>
+ </valueHelp>
+ <constraint>
+ <regex>(enable|disable)</regex>
+ </constraint>
+ <constraintErrorMessage>Set it to either enable or disable</constraintErrorMessage>
+ </properties>
+</leafNode>
+<leafNode name="replace-client-name">
+ <properties>
+ <help>Replace client name mode</help>
+ <completionHelp>
+ <list>never always when-present when-not-present</list>
+ </completionHelp>
+ <valueHelp>
+ <format>never</format>
+ <description>Use the name the client sent. If the client sent no name, do not generate
+ one</description>
+ </valueHelp>
+ <valueHelp>
+ <format>always</format>
+ <description>Replace the name the client sent. If the client sent no name, generate one
+ for the client</description>
+ </valueHelp>
+ <valueHelp>
+ <format>when-present</format>
+ <description>Replace the name the client sent. If the client sent no name, do not
+ generate one</description>
+ </valueHelp>
+ <valueHelp>
+ <format>when-not-present</format>
+ <description>Use the name the client sent. If the client sent no name, generate one for
+ the client</description>
+ </valueHelp>
+ <constraint>
+ <regex>(never|always|when-present|when-not-present)</regex>
+ </constraint>
+ <constraintErrorMessage>Invalid replace client name mode</constraintErrorMessage>
+ </properties>
+</leafNode>
+<leafNode name="generated-prefix">
+ <properties>
+ <help>The prefix used in the generation of an FQDN</help>
+ <constraint>
+ <validator name="fqdn" />
+ </constraint>
+ <constraintErrorMessage>Invalid generated prefix</constraintErrorMessage>
+ </properties>
+</leafNode>
+<leafNode name="qualifying-suffix">
+ <properties>
+ <help>The suffix used when generating an FQDN, or when qualifying a partial name</help>
+ <constraint>
+ <validator name="fqdn" />
+ </constraint>
+ <constraintErrorMessage>Invalid qualifying suffix</constraintErrorMessage>
+ </properties>
+</leafNode>
+<leafNode name="update-on-renew">
+ <properties>
+ <help>Update DNS record on lease renew</help>
+ <completionHelp>
+ <list>enable disable</list>
+ </completionHelp>
+ <valueHelp>
+ <format>enable</format>
+ <description>Update DNS record on lease renew</description>
+ </valueHelp>
+ <valueHelp>
+ <format>disable</format>
+ <description>Do not update DNS record on lease renew</description>
+ </valueHelp>
+ <constraint>
+ <regex>(enable|disable)</regex>
+ </constraint>
+ <constraintErrorMessage>Set it to either enable or disable</constraintErrorMessage>
+ </properties>
+</leafNode>
+<leafNode name="conflict-resolution">
+ <properties>
+ <help>DNS conflict resolution behavior</help>
+ <completionHelp>
+ <list>enable disable</list>
+ </completionHelp>
+ <valueHelp>
+ <format>enable</format>
+ <description>Enable DNS conflict resolution</description>
+ </valueHelp>
+ <valueHelp>
+ <format>disable</format>
+ <description>Disable DNS conflict resolution</description>
+ </valueHelp>
+ <constraint>
+ <regex>(enable|disable)</regex>
+ </constraint>
+ <constraintErrorMessage>Set it to either enable or disable</constraintErrorMessage>
+ </properties>
+</leafNode>
+<leafNode name="ttl-percent">
+ <properties>
+ <help>Calculate TTL of the DNS record as a percentage of the lease lifetime</help>
+ <constraint>
+ <validator name="numeric" argument="--range 1-100" />
+ </constraint>
+ <constraintErrorMessage>Invalid qualifying suffix</constraintErrorMessage>
+ </properties>
+</leafNode>
+<leafNode name="hostname-char-set">
+ <properties>
+ <help>A regular expression describing the invalid character set in the host name</help>
+ </properties>
+</leafNode>
+<leafNode name="hostname-char-replacement">
+ <properties>
+ <help>A string of zero or more characters with which to replace each invalid character in
+ the host name</help>
+ </properties>
+</leafNode>
+<!-- include end -->
diff --git a/interface-definitions/include/interface/ipv6-address-interface-identifier.xml.i b/interface-definitions/include/interface/ipv6-address-interface-identifier.xml.i
new file mode 100644
index 000000000..d173dfdb8
--- /dev/null
+++ b/interface-definitions/include/interface/ipv6-address-interface-identifier.xml.i
@@ -0,0 +1,15 @@
+<!-- include start from interface/ipv6-address-interface-identifier.xml.i -->
+<leafNode name="interface-identifier">
+ <properties>
+ <help>SLAAC interface identifier</help>
+ <valueHelp>
+ <format>::h:h:h:h</format>
+ <description>Interface identifier</description>
+ </valueHelp>
+ <constraint>
+ <regex>::([0-9a-fA-F]{1,4}(:[0-9a-fA-F]{1,4}){0,3})</regex>
+ </constraint>
+ <constraintErrorMessage>Interface identifier format must start with :: and may contain up four hextets (::h:h:h:h)</constraintErrorMessage>
+ </properties>
+</leafNode>
+<!-- include end -->
diff --git a/interface-definitions/include/interface/ipv6-address.xml.i b/interface-definitions/include/interface/ipv6-address.xml.i
deleted file mode 100644
index e1bdf02fd..000000000
--- a/interface-definitions/include/interface/ipv6-address.xml.i
+++ /dev/null
@@ -1,12 +0,0 @@
-<!-- include start from interface/ipv6-address.xml.i -->
-<node name="address">
- <properties>
- <help>IPv6 address configuration modes</help>
- </properties>
- <children>
- #include <include/interface/ipv6-address-autoconf.xml.i>
- #include <include/interface/ipv6-address-eui64.xml.i>
- #include <include/interface/ipv6-address-no-default-link-local.xml.i>
- </children>
-</node>
-<!-- include end -->
diff --git a/interface-definitions/include/interface/ipv6-options-with-nd.xml.i b/interface-definitions/include/interface/ipv6-options-with-nd.xml.i
new file mode 100644
index 000000000..5894104b3
--- /dev/null
+++ b/interface-definitions/include/interface/ipv6-options-with-nd.xml.i
@@ -0,0 +1,9 @@
+ <node name="ipv6">
+ <children>
+ <node name="address">
+ <children>
+ #include <include/interface/ipv6-address-interface-identifier.xml.i>
+ </children>
+ </node>
+ </children>
+ </node>
diff --git a/interface-definitions/include/interface/ipv6-options.xml.i b/interface-definitions/include/interface/ipv6-options.xml.i
index ec6ec64ee..f84a9f2cd 100644
--- a/interface-definitions/include/interface/ipv6-options.xml.i
+++ b/interface-definitions/include/interface/ipv6-options.xml.i
@@ -8,9 +8,18 @@
#include <include/interface/base-reachable-time.xml.i>
#include <include/interface/disable-forwarding.xml.i>
#include <include/interface/ipv6-accept-dad.xml.i>
- #include <include/interface/ipv6-address.xml.i>
#include <include/interface/ipv6-dup-addr-detect-transmits.xml.i>
#include <include/interface/source-validation.xml.i>
+ <node name="address">
+ <properties>
+ <help>IPv6 address configuration modes</help>
+ </properties>
+ <children>
+ #include <include/interface/ipv6-address-autoconf.xml.i>
+ #include <include/interface/ipv6-address-eui64.xml.i>
+ #include <include/interface/ipv6-address-no-default-link-local.xml.i>
+ </children>
+ </node>
</children>
</node>
<!-- include end -->
diff --git a/interface-definitions/include/interface/vif-s.xml.i b/interface-definitions/include/interface/vif-s.xml.i
index 02e7ab057..65ca10207 100644
--- a/interface-definitions/include/interface/vif-s.xml.i
+++ b/interface-definitions/include/interface/vif-s.xml.i
@@ -21,6 +21,7 @@
#include <include/interface/vlan-protocol.xml.i>
#include <include/interface/ipv4-options.xml.i>
#include <include/interface/ipv6-options.xml.i>
+ #include <include/interface/ipv6-options-with-nd.xml.i>
#include <include/interface/mac.xml.i>
#include <include/interface/mirror.xml.i>
#include <include/interface/mtu-68-16000.xml.i>
@@ -41,6 +42,7 @@
#include <include/interface/disable.xml.i>
#include <include/interface/ipv4-options.xml.i>
#include <include/interface/ipv6-options.xml.i>
+ #include <include/interface/ipv6-options-with-nd.xml.i>
#include <include/interface/mac.xml.i>
#include <include/interface/mirror.xml.i>
#include <include/interface/mtu-68-16000.xml.i>
diff --git a/interface-definitions/include/interface/vif.xml.i b/interface-definitions/include/interface/vif.xml.i
index ec3921bf6..87f91c5ce 100644
--- a/interface-definitions/include/interface/vif.xml.i
+++ b/interface-definitions/include/interface/vif.xml.i
@@ -46,6 +46,7 @@
</leafNode>
#include <include/interface/ipv4-options.xml.i>
#include <include/interface/ipv6-options.xml.i>
+ #include <include/interface/ipv6-options-with-nd.xml.i>
#include <include/interface/mac.xml.i>
#include <include/interface/mirror.xml.i>
#include <include/interface/mtu-68-16000.xml.i>
diff --git a/interface-definitions/interfaces_bonding.xml.in b/interface-definitions/interfaces_bonding.xml.in
index b17cad478..cdacae2d0 100644
--- a/interface-definitions/interfaces_bonding.xml.in
+++ b/interface-definitions/interfaces_bonding.xml.in
@@ -141,6 +141,7 @@
</leafNode>
#include <include/interface/ipv4-options.xml.i>
#include <include/interface/ipv6-options.xml.i>
+ #include <include/interface/ipv6-options-with-nd.xml.i>
#include <include/interface/mac.xml.i>
<leafNode name="mii-mon-interval">
<properties>
diff --git a/interface-definitions/interfaces_bridge.xml.in b/interface-definitions/interfaces_bridge.xml.in
index 29dd61df5..667ae3b19 100644
--- a/interface-definitions/interfaces_bridge.xml.in
+++ b/interface-definitions/interfaces_bridge.xml.in
@@ -93,6 +93,7 @@
</node>
#include <include/interface/ipv4-options.xml.i>
#include <include/interface/ipv6-options.xml.i>
+ #include <include/interface/ipv6-options-with-nd.xml.i>
#include <include/interface/mac.xml.i>
#include <include/interface/mirror.xml.i>
<leafNode name="enable-vlan">
diff --git a/interface-definitions/interfaces_ethernet.xml.in b/interface-definitions/interfaces_ethernet.xml.in
index b3559a626..819ceb2cb 100644
--- a/interface-definitions/interfaces_ethernet.xml.in
+++ b/interface-definitions/interfaces_ethernet.xml.in
@@ -74,6 +74,7 @@
#include <include/interface/hw-id.xml.i>
#include <include/interface/ipv4-options.xml.i>
#include <include/interface/ipv6-options.xml.i>
+ #include <include/interface/ipv6-options-with-nd.xml.i>
#include <include/interface/mac.xml.i>
#include <include/interface/mtu-68-16000.xml.i>
#include <include/interface/mirror.xml.i>
diff --git a/interface-definitions/interfaces_geneve.xml.in b/interface-definitions/interfaces_geneve.xml.in
index c1e6c33d5..b85bd3b9e 100644
--- a/interface-definitions/interfaces_geneve.xml.in
+++ b/interface-definitions/interfaces_geneve.xml.in
@@ -21,6 +21,7 @@
#include <include/interface/disable.xml.i>
#include <include/interface/ipv4-options.xml.i>
#include <include/interface/ipv6-options.xml.i>
+ #include <include/interface/ipv6-options-with-nd.xml.i>
#include <include/interface/mac.xml.i>
#include <include/interface/mtu-1200-16000.xml.i>
#include <include/port-number.xml.i>
diff --git a/interface-definitions/interfaces_l2tpv3.xml.in b/interface-definitions/interfaces_l2tpv3.xml.in
index 5f816c956..381e86bd0 100644
--- a/interface-definitions/interfaces_l2tpv3.xml.in
+++ b/interface-definitions/interfaces_l2tpv3.xml.in
@@ -55,6 +55,7 @@
</leafNode>
#include <include/interface/ipv4-options.xml.i>
#include <include/interface/ipv6-options.xml.i>
+ #include <include/interface/ipv6-options-with-nd.xml.i>
#include <include/source-address-ipv4-ipv6.xml.i>
#include <include/interface/mirror.xml.i>
#include <include/interface/mtu-68-16000.xml.i>
diff --git a/interface-definitions/interfaces_macsec.xml.in b/interface-definitions/interfaces_macsec.xml.in
index d825f8262..5279a9495 100644
--- a/interface-definitions/interfaces_macsec.xml.in
+++ b/interface-definitions/interfaces_macsec.xml.in
@@ -21,6 +21,7 @@
#include <include/interface/dhcpv6-options.xml.i>
#include <include/interface/ipv4-options.xml.i>
#include <include/interface/ipv6-options.xml.i>
+ #include <include/interface/ipv6-options-with-nd.xml.i>
#include <include/interface/mirror.xml.i>
<node name="security">
<properties>
diff --git a/interface-definitions/interfaces_openvpn.xml.in b/interface-definitions/interfaces_openvpn.xml.in
index 3c844107e..6510ed733 100644
--- a/interface-definitions/interfaces_openvpn.xml.in
+++ b/interface-definitions/interfaces_openvpn.xml.in
@@ -135,6 +135,7 @@
</node>
#include <include/interface/ipv4-options.xml.i>
#include <include/interface/ipv6-options.xml.i>
+ #include <include/interface/ipv6-options-with-nd.xml.i>
#include <include/interface/mirror.xml.i>
<leafNode name="hash">
<properties>
diff --git a/interface-definitions/interfaces_pppoe.xml.in b/interface-definitions/interfaces_pppoe.xml.in
index f24bc41d8..66a774e21 100644
--- a/interface-definitions/interfaces_pppoe.xml.in
+++ b/interface-definitions/interfaces_pppoe.xml.in
@@ -88,6 +88,7 @@
</properties>
<children>
#include <include/interface/ipv6-address-autoconf.xml.i>
+ #include <include/interface/ipv6-address-interface-identifier.xml.i>
</children>
</node>
#include <include/interface/adjust-mss.xml.i>
diff --git a/interface-definitions/interfaces_pseudo-ethernet.xml.in b/interface-definitions/interfaces_pseudo-ethernet.xml.in
index 031af3563..f13144bed 100644
--- a/interface-definitions/interfaces_pseudo-ethernet.xml.in
+++ b/interface-definitions/interfaces_pseudo-ethernet.xml.in
@@ -25,6 +25,7 @@
#include <include/interface/vrf.xml.i>
#include <include/interface/ipv4-options.xml.i>
#include <include/interface/ipv6-options.xml.i>
+ #include <include/interface/ipv6-options-with-nd.xml.i>
#include <include/source-interface-ethernet.xml.i>
#include <include/interface/mac.xml.i>
#include <include/interface/mirror.xml.i>
diff --git a/interface-definitions/interfaces_vxlan.xml.in b/interface-definitions/interfaces_vxlan.xml.in
index 937acb123..f4cd4fcd2 100644
--- a/interface-definitions/interfaces_vxlan.xml.in
+++ b/interface-definitions/interfaces_vxlan.xml.in
@@ -45,6 +45,7 @@
</leafNode>
#include <include/interface/ipv4-options.xml.i>
#include <include/interface/ipv6-options.xml.i>
+ #include <include/interface/ipv6-options-with-nd.xml.i>
#include <include/interface/mac.xml.i>
#include <include/interface/mtu-1200-16000.xml.i>
#include <include/interface/mirror.xml.i>
diff --git a/interface-definitions/interfaces_wireless.xml.in b/interface-definitions/interfaces_wireless.xml.in
index 474953500..1b5356caa 100644
--- a/interface-definitions/interfaces_wireless.xml.in
+++ b/interface-definitions/interfaces_wireless.xml.in
@@ -626,6 +626,7 @@
</leafNode>
#include <include/interface/ipv4-options.xml.i>
#include <include/interface/ipv6-options.xml.i>
+ #include <include/interface/ipv6-options-with-nd.xml.i>
#include <include/interface/hw-id.xml.i>
<leafNode name="isolate-stations">
<properties>
diff --git a/interface-definitions/interfaces_wwan.xml.in b/interface-definitions/interfaces_wwan.xml.in
index 1580c3bcb..552806d4e 100644
--- a/interface-definitions/interfaces_wwan.xml.in
+++ b/interface-definitions/interfaces_wwan.xml.in
@@ -38,6 +38,7 @@
</leafNode>
#include <include/interface/ipv4-options.xml.i>
#include <include/interface/ipv6-options.xml.i>
+ #include <include/interface/ipv6-options-with-nd.xml.i>
#include <include/interface/dial-on-demand.xml.i>
#include <include/interface/redirect.xml.i>
#include <include/interface/vrf.xml.i>
diff --git a/interface-definitions/policy_route.xml.in b/interface-definitions/policy_route.xml.in
index 9cc22540b..48f728923 100644
--- a/interface-definitions/policy_route.xml.in
+++ b/interface-definitions/policy_route.xml.in
@@ -35,6 +35,7 @@
#include <include/firewall/address-ipv6.xml.i>
#include <include/firewall/source-destination-group-ipv6.xml.i>
#include <include/firewall/port.xml.i>
+ #include <include/firewall/geoip.xml.i>
</children>
</node>
<node name="source">
@@ -45,6 +46,7 @@
#include <include/firewall/address-ipv6.xml.i>
#include <include/firewall/source-destination-group-ipv6.xml.i>
#include <include/firewall/port.xml.i>
+ #include <include/firewall/geoip.xml.i>
</children>
</node>
#include <include/policy/route-common.xml.i>
@@ -90,6 +92,7 @@
#include <include/firewall/address.xml.i>
#include <include/firewall/source-destination-group.xml.i>
#include <include/firewall/port.xml.i>
+ #include <include/firewall/geoip.xml.i>
</children>
</node>
<node name="source">
@@ -100,6 +103,7 @@
#include <include/firewall/address.xml.i>
#include <include/firewall/source-destination-group.xml.i>
#include <include/firewall/port.xml.i>
+ #include <include/firewall/geoip.xml.i>
</children>
</node>
#include <include/policy/route-common.xml.i>
diff --git a/interface-definitions/service_dhcp-server.xml.in b/interface-definitions/service_dhcp-server.xml.in
index c0ab7c048..78f1cea4e 100644
--- a/interface-definitions/service_dhcp-server.xml.in
+++ b/interface-definitions/service_dhcp-server.xml.in
@@ -10,12 +10,111 @@
</properties>
<children>
#include <include/generic-disable-node.xml.i>
- <leafNode name="dynamic-dns-update">
+ <node name="dynamic-dns-update">
<properties>
<help>Dynamically update Domain Name System (RFC4702)</help>
- <valueless/>
</properties>
- </leafNode>
+ <children>
+ #include <include/dhcp/ddns-settings.xml.i>
+ <tagNode name="tsig-key">
+ <properties>
+ <help>TSIG key definition for DNS updates</help>
+ <constraint>
+ #include <include/constraint/alpha-numeric-hyphen-underscore.xml.i>
+ </constraint>
+ <constraintErrorMessage>Invalid TSIG key name. May only contain letters, numbers, hyphen and underscore</constraintErrorMessage>
+ </properties>
+ <children>
+ <leafNode name="algorithm">
+ <properties>
+ <help>TSIG key algorithm</help>
+ <completionHelp>
+ <list>md5 sha1 sha224 sha256 sha384 sha512</list>
+ </completionHelp>
+ <valueHelp>
+ <format>md5</format>
+ <description>MD5 HMAC algorithm</description>
+ </valueHelp>
+ <valueHelp>
+ <format>sha1</format>
+ <description>SHA1 HMAC algorithm</description>
+ </valueHelp>
+ <valueHelp>
+ <format>sha224</format>
+ <description>SHA224 HMAC algorithm</description>
+ </valueHelp>
+ <valueHelp>
+ <format>sha256</format>
+ <description>SHA256 HMAC algorithm</description>
+ </valueHelp>
+ <valueHelp>
+ <format>sha384</format>
+ <description>SHA384 HMAC algorithm</description>
+ </valueHelp>
+ <valueHelp>
+ <format>sha512</format>
+ <description>SHA512 HMAC algorithm</description>
+ </valueHelp>
+ <constraint>
+ <regex>(md5|sha1|sha224|sha256|sha384|sha512)</regex>
+ </constraint>
+ <constraintErrorMessage>Invalid TSIG key algorithm</constraintErrorMessage>
+ </properties>
+ </leafNode>
+ <leafNode name="secret">
+ <properties>
+ <help>TSIG key secret (base64-encoded)</help>
+ <constraint>
+ <validator name="base64"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ </children>
+ </tagNode>
+ <tagNode name="forward-domain">
+ <properties>
+ <help>Forward DNS domain name</help>
+ <constraint>
+ <validator name="fqdn"/>
+ </constraint>
+ <constraintErrorMessage>Invalid forward DNS domain name</constraintErrorMessage>
+ </properties>
+ <children>
+ <leafNode name="key-name">
+ <properties>
+ <help>TSIG key name for forward DNS updates</help>
+ <constraint>
+ #include <include/constraint/alpha-numeric-hyphen-underscore.xml.i>
+ </constraint>
+ <constraintErrorMessage>Invalid TSIG key name. May only contain letters, numbers, numbers, hyphen and underscore</constraintErrorMessage>
+ </properties>
+ </leafNode>
+ #include <include/dhcp/ddns-dns-server.xml.i>
+ </children>
+ </tagNode>
+ <tagNode name="reverse-domain">
+ <properties>
+ <help>Reverse DNS domain name</help>
+ <constraint>
+ <validator name="fqdn"/>
+ </constraint>
+ <constraintErrorMessage>Invalid reverse DNS domain name</constraintErrorMessage>
+ </properties>
+ <children>
+ <leafNode name="key-name">
+ <properties>
+ <help>TSIG key name for reverse DNS updates</help>
+ <constraint>
+ #include <include/constraint/alpha-numeric-hyphen-underscore.xml.i>
+ </constraint>
+ <constraintErrorMessage>Invalid TSIG key name. May only contain letters, numbers, numbers, hyphen and underscore</constraintErrorMessage>
+ </properties>
+ </leafNode>
+ #include <include/dhcp/ddns-dns-server.xml.i>
+ </children>
+ </tagNode>
+ </children>
+ </node>
<node name="high-availability">
<properties>
<help>DHCP high availability configuration</help>
@@ -105,6 +204,14 @@
<constraintErrorMessage>Invalid shared network name. May only contain letters, numbers and .-_</constraintErrorMessage>
</properties>
<children>
+ <node name="dynamic-dns-update">
+ <properties>
+ <help>Dynamically update Domain Name System (RFC4702)</help>
+ </properties>
+ <children>
+ #include <include/dhcp/ddns-settings.xml.i>
+ </children>
+ </node>
<leafNode name="authoritative">
<properties>
<help>Option to make DHCP server authoritative for this physical network</help>
@@ -132,6 +239,14 @@
#include <include/dhcp/ping-check.xml.i>
#include <include/generic-description.xml.i>
#include <include/generic-disable-node.xml.i>
+ <node name="dynamic-dns-update">
+ <properties>
+ <help>Dynamically update Domain Name System (RFC4702)</help>
+ </properties>
+ <children>
+ #include <include/dhcp/ddns-settings.xml.i>
+ </children>
+ </node>
<leafNode name="exclude">
<properties>
<help>IP address to exclude from DHCP lease range</help>
diff --git a/interface-definitions/service_router-advert.xml.in b/interface-definitions/service_router-advert.xml.in
index 3fd33540a..7f96cdb19 100644
--- a/interface-definitions/service_router-advert.xml.in
+++ b/interface-definitions/service_router-advert.xml.in
@@ -255,6 +255,19 @@
</leafNode>
</children>
</tagNode>
+ <leafNode name="auto-ignore">
+ <properties>
+ <help>IPv6 prefix to be excluded in Router Advertisements (RAs) - use in conjunction with the ::/64 wildcard prefix</help>
+ <valueHelp>
+ <format>ipv6net</format>
+ <description>IPv6 prefix to be excluded</description>
+ </valueHelp>
+ <constraint>
+ <validator name="ipv6-prefix"/>
+ </constraint>
+ <multi/>
+ </properties>
+ </leafNode>
<tagNode name="prefix">
<properties>
<help>IPv6 prefix to be advertised in Router Advertisements (RAs)</help>
diff --git a/interface-definitions/vpn_ipsec.xml.in b/interface-definitions/vpn_ipsec.xml.in
index 0cf526fad..873a4f882 100644
--- a/interface-definitions/vpn_ipsec.xml.in
+++ b/interface-definitions/vpn_ipsec.xml.in
@@ -1244,6 +1244,63 @@
<children>
#include <include/ipsec/bind.xml.i>
#include <include/ipsec/esp-group.xml.i>
+ <node name="traffic-selector">
+ <properties>
+ <help>Traffic-selectors parameters</help>
+ </properties>
+ <children>
+ <node name="local">
+ <properties>
+ <help>Local parameters for interesting traffic</help>
+ </properties>
+ <children>
+ <leafNode name="prefix">
+ <properties>
+ <help>Local IPv4 or IPv6 prefix</help>
+ <valueHelp>
+ <format>ipv4net</format>
+ <description>Local IPv4 prefix</description>
+ </valueHelp>
+ <valueHelp>
+ <format>ipv6net</format>
+ <description>Local IPv6 prefix</description>
+ </valueHelp>
+ <constraint>
+ <validator name="ipv4-prefix"/>
+ <validator name="ipv6-prefix"/>
+ </constraint>
+ <multi/>
+ </properties>
+ </leafNode>
+ </children>
+ </node>
+ <node name="remote">
+ <properties>
+ <help>Remote parameters for interesting traffic</help>
+ </properties>
+ <children>
+ <leafNode name="prefix">
+ <properties>
+ <help>Remote IPv4 or IPv6 prefix</help>
+ <valueHelp>
+ <format>ipv4net</format>
+ <description>Remote IPv4 prefix</description>
+ </valueHelp>
+ <valueHelp>
+ <format>ipv6net</format>
+ <description>Remote IPv6 prefix</description>
+ </valueHelp>
+ <constraint>
+ <validator name="ipv4-prefix"/>
+ <validator name="ipv6-prefix"/>
+ </constraint>
+ <multi/>
+ </properties>
+ </leafNode>
+ </children>
+ </node>
+ </children>
+ </node>
</children>
</node>
</children>
generated by cgit v1.2.3 (git 2.39.1) at 2025-04-26 14:08:32 +0000