diff options
Diffstat (limited to 'interface-definitions')
98 files changed, 1354 insertions, 944 deletions
diff --git a/interface-definitions/container.xml.in b/interface-definitions/container.xml.in index bd2ff820d..3a5cfbaa6 100644 --- a/interface-definitions/container.xml.in +++ b/interface-definitions/container.xml.in @@ -31,7 +31,7 @@ <properties> <help>Grant individual Linux capability to container instance</help> <completionHelp> - <list>net-admin net-bind-service net-raw setpcap sys-admin sys-module sys-nice sys-time</list> + <list>net-admin net-bind-service net-raw mknod setpcap sys-admin sys-module sys-nice sys-time</list> </completionHelp> <valueHelp> <format>net-admin</format> @@ -46,6 +46,10 @@ <description>Permission to create raw network sockets</description> </valueHelp> <valueHelp> + <format>mknod</format> + <description>Permission to create special files</description> + </valueHelp> + <valueHelp> <format>setpcap</format> <description>Capability sets (from bounded or inherited set)</description> </valueHelp> @@ -66,7 +70,7 @@ <description>Permission to set system clock</description> </valueHelp> <constraint> - <regex>(net-admin|net-bind-service|net-raw|setpcap|sys-admin|sys-module|sys-nice|sys-time)</regex> + <regex>(net-admin|net-bind-service|net-raw|mknod|setpcap|sys-admin|sys-module|sys-nice|sys-time)</regex> </constraint> <multi/> </properties> @@ -131,7 +135,7 @@ <properties> <help>Add custom environment variables</help> <constraint> - <regex>[-_a-zA-Z0-9]+</regex> + #include <include/constraint/alpha-numeric-hyphen-underscore.xml.i> </constraint> <constraintErrorMessage>Environment variable name must be alphanumeric and can contain hyphen and underscores</constraintErrorMessage> </properties> @@ -275,6 +279,7 @@ </properties> <defaultValue>64</defaultValue> </leafNode> + #include <include/name-server-ipv4-ipv6.xml.i> <tagNode name="network"> <properties> <help>Attach user defined network to container</help> @@ -411,6 +416,35 @@ </constraint> </properties> </leafNode> + <tagNode name="tmpfs"> + <properties> + <help>Mount a tmpfs filesystem into the container</help> + </properties> + <children> + <leafNode name="destination"> + <properties> + <help>Destination container directory</help> + <valueHelp> + <format>txt</format> + <description>Destination container directory</description> + </valueHelp> + </properties> + </leafNode> + <leafNode name="size"> + <properties> + <help>tmpfs filesystem size in MB</help> + <valueHelp> + <format>u32:1-65536</format> + <description>tmpfs filesystem size in MB</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 1-65535"/> + </constraint> + <constraintErrorMessage>Container tmpfs size must be between 1 and 65535 MB</constraintErrorMessage> + </properties> + </leafNode> + </children> + </tagNode> <tagNode name="volume"> <properties> <help>Mount a volume into the container</help> @@ -537,6 +571,54 @@ <children> #include <include/interface/authentication.xml.i> #include <include/generic-disable-node.xml.i> + <leafNode name="insecure"> + <properties> + <help>Allow registry access over unencrypted HTTP or TLS connections with untrusted certificates</help> + <valueless/> + </properties> + </leafNode> + <node name="mirror"> + <properties> + <help>Registry mirror, use host-name|address[:port][/path]</help> + </properties> + <children> + <leafNode name="address"> + <properties> + <help>IP address of container registry mirror</help> + <valueHelp> + <format>ipv4</format> + <description>IPv4 address of container registry mirror</description> + </valueHelp> + <valueHelp> + <format>ipv6</format> + <description>IPv6 address of container registry mirror</description> + </valueHelp> + <constraint> + <validator name="ip-address"/> + <validator name="ipv6-link-local"/> + </constraint> + </properties> + </leafNode> + <leafNode name="host-name"> + <properties> + <help>Hostname of container registry mirror</help> + <valueHelp> + <format>hostname</format> + <description>FQDN of container registry mirror</description> + </valueHelp> + <constraint> + <validator name="fqdn"/> + </constraint> + </properties> + </leafNode> + #include <include/port-number.xml.i> + <leafNode name="path"> + <properties> + <help>Path of container registry mirror, optional, must be start with '/' if not empty</help> + </properties> + </leafNode> + </children> + </node> </children> </tagNode> </children> diff --git a/interface-definitions/firewall.xml.in b/interface-definitions/firewall.xml.in index 07c88f799..7538c3cc5 100755..100644 --- a/interface-definitions/firewall.xml.in +++ b/interface-definitions/firewall.xml.in @@ -16,15 +16,7 @@ </properties> <children> #include <include/generic-description.xml.i> - <leafNode name="interface"> - <properties> - <help>Interfaces to use this flowtable</help> - <completionHelp> - <script>${vyos_completion_dir}/list_interfaces</script> - </completionHelp> - <multi/> - </properties> - </leafNode> + #include <include/generic-interface-multi.xml.i> <leafNode name="offload"> <properties> <help>Offloading method</help> @@ -146,6 +138,19 @@ </tagNode> </children> </node> + <tagNode name="remote-group"> + <properties> + <help>Firewall remote-group</help> + <constraint> + #include <include/constraint/alpha-numeric-hyphen-underscore-dot.xml.i> + </constraint> + <constraintErrorMessage>Name of firewall group can only contain alphanumeric letters, hyphen, underscores and dot</constraintErrorMessage> + </properties> + <children> + #include <include/url-http-https.xml.i> + #include <include/generic-description.xml.i> + </children> + </tagNode> <tagNode name="interface-group"> <properties> <help>Firewall interface-group</help> @@ -155,15 +160,7 @@ <constraintErrorMessage>Name of firewall group can only contain alphanumeric letters, hyphen, underscores and dot</constraintErrorMessage> </properties> <children> - <leafNode name="interface"> - <properties> - <help>Interface-group member</help> - <completionHelp> - <script>${vyos_completion_dir}/list_interfaces</script> - </completionHelp> - <multi/> - </properties> - </leafNode> + #include <include/generic-interface-multi.xml.i> <leafNode name="include"> <properties> <help>Include another interface-group</help> @@ -464,24 +461,27 @@ </node> </children> </tagNode> - <leafNode name="interface"> + <node name="member"> <properties> <help>Interface associated with zone</help> - <valueHelp> - <format>txt</format> - <description>Interface associated with zone</description> - </valueHelp> - <valueHelp> - <format>vrf</format> - <description>VRF associated with zone</description> - </valueHelp> - <completionHelp> - <script>${vyos_completion_dir}/list_interfaces</script> - <path>vrf name</path> - </completionHelp> - <multi/> </properties> - </leafNode> + <children> + #include <include/generic-interface-multi.xml.i> + <leafNode name="vrf"> + <properties> + <help>VRF associated with zone</help> + <valueHelp> + <format>vrf</format> + <description>VRF associated with zone</description> + </valueHelp> + <completionHelp> + <path>vrf name</path> + </completionHelp> + <multi/> + </properties> + </leafNode> + </children> + </node> <node name="intra-zone-filtering"> <properties> <help>Intra-zone filtering</help> diff --git a/interface-definitions/high-availability.xml.in b/interface-definitions/high-availability.xml.in index 7108aa06c..6cf6237ca 100644 --- a/interface-definitions/high-availability.xml.in +++ b/interface-definitions/high-availability.xml.in @@ -247,22 +247,7 @@ <help>Disable track state of main interface</help> </properties> </leafNode> - <leafNode name="interface"> - <properties> - <help>Interface name state check</help> - <completionHelp> - <script>${vyos_completion_dir}/list_interfaces --broadcast</script> - </completionHelp> - <valueHelp> - <format>txt</format> - <description>Interface name</description> - </valueHelp> - <constraint> - #include <include/constraint/interface-name.xml.i> - </constraint> - <multi/> - </properties> - </leafNode> + #include <include/generic-interface-multi-broadcast.xml.i> </children> </node> #include <include/vrrp-transition-script.xml.i> diff --git a/interface-definitions/include/auth-mode-pre-shared-secret.xml.i b/interface-definitions/include/auth-mode-pre-shared-secret.xml.i new file mode 100644 index 000000000..cf1003917 --- /dev/null +++ b/interface-definitions/include/auth-mode-pre-shared-secret.xml.i @@ -0,0 +1,14 @@ +<!-- include start from auth-mode-pre-shared-secret.xml.i --> +<leafNode name="mode"> + <properties> + <help>Authentication mode</help> + <completionHelp> + <list>pre-shared-secret</list> + </completionHelp> + <valueHelp> + <format>pre-shared-secret</format> + <description>Use a pre-shared secret key</description> + </valueHelp> + </properties> +</leafNode> +<!-- include end --> diff --git a/interface-definitions/include/auth-psk-id.xml.i b/interface-definitions/include/auth-psk-id.xml.i new file mode 100644 index 000000000..ab2451045 --- /dev/null +++ b/interface-definitions/include/auth-psk-id.xml.i @@ -0,0 +1,11 @@ +<!-- include start from auth-psk-id.xml.i --> +<leafNode name="id"> + <properties> + <help>ID for authentication</help> + <valueHelp> + <format>txt</format> + <description>ID used for authentication</description> + </valueHelp> + </properties> +</leafNode> +<!-- include end --> diff --git a/interface-definitions/include/auth-psk-secret.xml.i b/interface-definitions/include/auth-psk-secret.xml.i new file mode 100644 index 000000000..24257dcab --- /dev/null +++ b/interface-definitions/include/auth-psk-secret.xml.i @@ -0,0 +1,15 @@ +<!-- include start from auth-psk-secret.xml.i --> +<leafNode name="secret"> + <properties> + <help>pre-shared secret key</help> + <valueHelp> + <format>txt</format> + <description>16byte pre-shared-secret key (32 character hexadecimal key)</description> + </valueHelp> + <constraint> + <validator name="psk-secret"/> + </constraint> + <constraintErrorMessage>Pre-Shared-Keys must be at leas 16 bytes long, which implies at least 32 characterss</constraintErrorMessage> + </properties> +</leafNode> +<!-- include end --> diff --git a/interface-definitions/include/babel/redistribute-common.xml.i b/interface-definitions/include/babel/redistribute-common.xml.i index 93efe68dd..e988cc0d0 100644 --- a/interface-definitions/include/babel/redistribute-common.xml.i +++ b/interface-definitions/include/babel/redistribute-common.xml.i @@ -23,6 +23,12 @@ <valueless/> </properties> </leafNode> + <leafNode name="nhrp"> + <properties> + <help>Redistribute NHRP routes</help> + <valueless/> + </properties> + </leafNode> <leafNode name="openfabric"> <properties> <help>OpenFabric Routing Protocol</help> diff --git a/interface-definitions/include/bgp/afi-redistribute-common-protocols.xml.i b/interface-definitions/include/bgp/afi-redistribute-common-protocols.xml.i new file mode 100644 index 000000000..3f6517d03 --- /dev/null +++ b/interface-definitions/include/bgp/afi-redistribute-common-protocols.xml.i @@ -0,0 +1,62 @@ +<!-- include start from bgp/afi-redistribute-common-protocols.xml.i --> +<node name="babel"> + <properties> + <help>Redistribute Babel routes into BGP</help> + </properties> + <children> + #include <include/bgp/afi-redistribute-metric-route-map.xml.i> + </children> +</node> +<node name="connected"> + <properties> + <help>Redistribute connected routes into BGP</help> + </properties> + <children> + #include <include/bgp/afi-redistribute-metric-route-map.xml.i> + </children> +</node> +<node name="isis"> + <properties> + <help>Redistribute IS-IS routes into BGP</help> + </properties> + <children> + #include <include/bgp/afi-redistribute-metric-route-map.xml.i> + </children> +</node> +<node name="kernel"> + <properties> + <help>Redistribute kernel routes into BGP</help> + </properties> + <children> + #include <include/bgp/afi-redistribute-metric-route-map.xml.i> + </children> +</node> +<node name="nhrp"> + <properties> + <help>Redistribute NHRP routes into BGP</help> + </properties> + <children> + #include <include/bgp/afi-redistribute-metric-route-map.xml.i> + </children> +</node> +<node name="static"> + <properties> + <help>Redistribute static routes into BGP</help> + </properties> + <children> + #include <include/bgp/afi-redistribute-metric-route-map.xml.i> + </children> +</node> +<tagNode name="table"> + <properties> + <help>Redistribute non-main Kernel Routing Table</help> + <completionHelp> + <path>protocols static table</path> + </completionHelp> + #include <include/constraint/protocols-static-table.xml.i> + </properties> + <children> + #include <include/bgp/afi-redistribute-metric-route-map.xml.i> + </children> +</tagNode> +<!-- include end --> diff --git a/interface-definitions/include/bgp/afi-route-map-export-import.xml.i b/interface-definitions/include/bgp/afi-route-map-export-import.xml.i deleted file mode 100644 index 388991241..000000000 --- a/interface-definitions/include/bgp/afi-route-map-export-import.xml.i +++ /dev/null @@ -1,34 +0,0 @@ -<!-- include start from bgp/afi-route-map.xml.i --> -<leafNode name="export"> - <properties> - <help>Route-map to filter outgoing route updates</help> - <completionHelp> - <path>policy route-map</path> - </completionHelp> - <valueHelp> - <format>txt</format> - <description>Route map name</description> - </valueHelp> - <constraint> - #include <include/constraint/alpha-numeric-hyphen-underscore-dot.xml.i> - </constraint> - <constraintErrorMessage>Name of route-map can only contain alpha-numeric letters, hyphen and underscores</constraintErrorMessage> - </properties> -</leafNode> -<leafNode name="import"> - <properties> - <help>Route-map to filter incoming route updates</help> - <completionHelp> - <path>policy route-map</path> - </completionHelp> - <valueHelp> - <format>txt</format> - <description>Route map name</description> - </valueHelp> - <constraint> - #include <include/constraint/alpha-numeric-hyphen-underscore-dot.xml.i> - </constraint> - <constraintErrorMessage>Name of route-map can only contain alpha-numeric letters, hyphen and underscores</constraintErrorMessage> - </properties> -</leafNode> -<!-- include end --> diff --git a/interface-definitions/include/bgp/afi-route-map-export.xml.i b/interface-definitions/include/bgp/afi-route-map-export.xml.i new file mode 100644 index 000000000..94d77caf2 --- /dev/null +++ b/interface-definitions/include/bgp/afi-route-map-export.xml.i @@ -0,0 +1,18 @@ +<!-- include start from bgp/afi-route-map-export.xml.i --> +<leafNode name="export"> + <properties> + <help>Route-map to filter outgoing route updates</help> + <completionHelp> + <path>policy route-map</path> + </completionHelp> + <valueHelp> + <format>txt</format> + <description>Route map name</description> + </valueHelp> + <constraint> + #include <include/constraint/alpha-numeric-hyphen-underscore-dot.xml.i> + </constraint> + <constraintErrorMessage>Route map names can only contain alphanumeric characters, hyphens, and underscores</constraintErrorMessage> + </properties> +</leafNode> +<!-- include end --> diff --git a/interface-definitions/include/bgp/afi-route-map-import.xml.i b/interface-definitions/include/bgp/afi-route-map-import.xml.i new file mode 100644 index 000000000..a1b154fcd --- /dev/null +++ b/interface-definitions/include/bgp/afi-route-map-import.xml.i @@ -0,0 +1,18 @@ +<!-- include start from bgp/afi-route-map-import.xml.i --> +<leafNode name="import"> + <properties> + <help>Route-map to filter incoming route updates</help> + <completionHelp> + <path>policy route-map</path> + </completionHelp> + <valueHelp> + <format>txt</format> + <description>Route map name</description> + </valueHelp> + <constraint> + #include <include/constraint/alpha-numeric-hyphen-underscore-dot.xml.i> + </constraint> + <constraintErrorMessage>Name of route-map can only contain alpha-numeric letters, hyphen and underscores</constraintErrorMessage> + </properties> +</leafNode> +<!-- include end --> diff --git a/interface-definitions/include/bgp/afi-route-map-vpn.xml.i b/interface-definitions/include/bgp/afi-route-map-vpn.xml.i index e6be113c5..ac7b55af6 100644 --- a/interface-definitions/include/bgp/afi-route-map-vpn.xml.i +++ b/interface-definitions/include/bgp/afi-route-map-vpn.xml.i @@ -9,7 +9,8 @@ <help>Between current address-family and VPN</help> </properties> <children> - #include <include/bgp/afi-route-map-export-import.xml.i> + #include <include/bgp/afi-route-map-export.xml.i> + #include <include/bgp/afi-route-map-import.xml.i> </children> </node> </children> diff --git a/interface-definitions/include/bgp/afi-route-map-vrf.xml.i b/interface-definitions/include/bgp/afi-route-map-vrf.xml.i new file mode 100644 index 000000000..5c1783bda --- /dev/null +++ b/interface-definitions/include/bgp/afi-route-map-vrf.xml.i @@ -0,0 +1,17 @@ +<!-- include start from bgp/afi-route-map-vrf.xml.i --> +<node name="route-map"> + <properties> + <help>Route-map to filter route updates to/from this peer</help> + </properties> + <children> + <node name="vrf"> + <properties> + <help>Between current address-family and VRF</help> + </properties> + <children> + #include <include/bgp/afi-route-map-import.xml.i> + </children> + </node> + </children> +</node> +<!-- include end --> diff --git a/interface-definitions/include/bgp/afi-route-map.xml.i b/interface-definitions/include/bgp/afi-route-map.xml.i index 0b6178176..f8e1d7033 100644 --- a/interface-definitions/include/bgp/afi-route-map.xml.i +++ b/interface-definitions/include/bgp/afi-route-map.xml.i @@ -4,7 +4,8 @@ <help>Route-map to filter route updates to/from this peer</help> </properties> <children> - #include <include/bgp/afi-route-map-export-import.xml.i> + #include <include/bgp/afi-route-map-export.xml.i> + #include <include/bgp/afi-route-map-import.xml.i> </children> </node> <!-- include end --> diff --git a/interface-definitions/include/bgp/protocol-common-config.xml.i b/interface-definitions/include/bgp/protocol-common-config.xml.i index 0f05625a7..31c8cafea 100644 --- a/interface-definitions/include/bgp/protocol-common-config.xml.i +++ b/interface-definitions/include/bgp/protocol-common-config.xml.i @@ -119,6 +119,7 @@ </tagNode> #include <include/bgp/afi-rd.xml.i> #include <include/bgp/afi-route-map-vpn.xml.i> + #include <include/bgp/afi-route-map-vrf.xml.i> #include <include/bgp/afi-route-target-vpn.xml.i> #include <include/bgp/afi-nexthop-vpn-export.xml.i> <node name="redistribute"> @@ -126,30 +127,7 @@ <help>Redistribute routes from other protocols into BGP</help> </properties> <children> - <node name="connected"> - <properties> - <help>Redistribute connected routes into BGP</help> - </properties> - <children> - #include <include/bgp/afi-redistribute-metric-route-map.xml.i> - </children> - </node> - <node name="isis"> - <properties> - <help>Redistribute IS-IS routes into BGP</help> - </properties> - <children> - #include <include/bgp/afi-redistribute-metric-route-map.xml.i> - </children> - </node> - <node name="kernel"> - <properties> - <help>Redistribute kernel routes into BGP</help> - </properties> - <children> - #include <include/bgp/afi-redistribute-metric-route-map.xml.i> - </children> - </node> + #include <include/bgp/afi-redistribute-common-protocols.xml.i> <node name="ospf"> <properties> <help>Redistribute OSPF routes into BGP</help> @@ -166,27 +144,6 @@ #include <include/bgp/afi-redistribute-metric-route-map.xml.i> </children> </node> - <node name="babel"> - <properties> - <help>Redistribute Babel routes into BGP</help> - </properties> - <children> - #include <include/bgp/afi-redistribute-metric-route-map.xml.i> - </children> - </node> - <node name="static"> - <properties> - <help>Redistribute static routes into BGP</help> - </properties> - <children> - #include <include/bgp/afi-redistribute-metric-route-map.xml.i> - </children> - </node> - <leafNode name="table"> - <properties> - <help>Redistribute non-main Kernel Routing Table</help> - </properties> - </leafNode> </children> </node> #include <include/bgp/afi-sid.xml.i> @@ -503,22 +460,7 @@ <help>Redistribute routes from other protocols into BGP</help> </properties> <children> - <node name="connected"> - <properties> - <help>Redistribute connected routes into BGP</help> - </properties> - <children> - #include <include/bgp/afi-redistribute-metric-route-map.xml.i> - </children> - </node> - <node name="kernel"> - <properties> - <help>Redistribute kernel routes into BGP</help> - </properties> - <children> - #include <include/bgp/afi-redistribute-metric-route-map.xml.i> - </children> - </node> + #include <include/bgp/afi-redistribute-common-protocols.xml.i> <node name="ospfv3"> <properties> <help>Redistribute OSPFv3 routes into BGP</help> @@ -535,27 +477,6 @@ #include <include/bgp/afi-redistribute-metric-route-map.xml.i> </children> </node> - <node name="babel"> - <properties> - <help>Redistribute Babel routes into BGP</help> - </properties> - <children> - #include <include/bgp/afi-redistribute-metric-route-map.xml.i> - </children> - </node> - <node name="static"> - <properties> - <help>Redistribute static routes into BGP</help> - </properties> - <children> - #include <include/bgp/afi-redistribute-metric-route-map.xml.i> - </children> - </node> - <leafNode name="table"> - <properties> - <help>Redistribute non-main Kernel Routing Table</help> - </properties> - </leafNode> </children> </node> #include <include/bgp/afi-sid.xml.i> @@ -721,15 +642,7 @@ <help>Apply local policy routing to interface</help> </properties> <children> - <leafNode name="interface"> - <properties> - <help>Interface</help> - <completionHelp> - <script>${vyos_completion_dir}/list_interfaces</script> - </completionHelp> - <multi/> - </properties> - </leafNode> + #include <include/generic-interface-multi.xml.i> </children> </node> </children> diff --git a/interface-definitions/include/constraint/interface-name.xml.i b/interface-definitions/include/constraint/interface-name.xml.i index 3e7c4e667..f64ea86f5 100644 --- a/interface-definitions/include/constraint/interface-name.xml.i +++ b/interface-definitions/include/constraint/interface-name.xml.i @@ -1,4 +1,4 @@ <!-- include start from constraint/interface-name.xml.i --> -<regex>(bond|br|dum|en|ersp|eth|gnv|ifb|ipoe|lan|l2tp|l2tpeth|macsec|peth|ppp|pppoe|pptp|sstp|sstpc|tun|veth|vti|vtun|vxlan|wg|wlan|wwan)[0-9]+(.\d+)?|lo</regex> +<regex>(bond|br|dum|en|ersp|eth|gnv|ifb|ipoe|lan|l2tp|l2tpeth|macsec|peth|ppp|pppoe|pptp|sstp|sstpc|tun|veth|vpptap|vpptun|vti|vtun|vxlan|wg|wlan|wwan)[0-9]+(.\d+)?|pod-[-_a-zA-Z0-9]{1,11}|lo</regex> <validator name="file-path --lookup-path /sys/class/net --directory"/> <!-- include end --> diff --git a/interface-definitions/include/constraint/protocols-static-table.xml.i b/interface-definitions/include/constraint/protocols-static-table.xml.i new file mode 100644 index 000000000..2d8b067a4 --- /dev/null +++ b/interface-definitions/include/constraint/protocols-static-table.xml.i @@ -0,0 +1,9 @@ +<!-- include start from constraint/host-name.xml.i --> +<valueHelp> + <format>u32:1-200</format> + <description>Policy route table number</description> +</valueHelp> +<constraint> + <validator name="numeric" argument="--range 1-200"/> +</constraint> +<!-- include end --> diff --git a/interface-definitions/include/constraint/wireguard-keys.xml.i b/interface-definitions/include/constraint/wireguard-keys.xml.i new file mode 100644 index 000000000..f59c86087 --- /dev/null +++ b/interface-definitions/include/constraint/wireguard-keys.xml.i @@ -0,0 +1,6 @@ +<!-- include start from constraint/wireguard-keys.xml.i --> +<constraint> + <validator name="base64" argument="--decoded-len 32"/> +</constraint> +<constraintErrorMessage>Key must be Base64-encoded with 32 bytes in length</constraintErrorMessage> +<!-- include end --> diff --git a/interface-definitions/include/dhcp/option-v4.xml.i b/interface-definitions/include/dhcp/option-v4.xml.i index bd6fc6043..08fbcca4a 100644 --- a/interface-definitions/include/dhcp/option-v4.xml.i +++ b/interface-definitions/include/dhcp/option-v4.xml.i @@ -59,6 +59,18 @@ <constraintErrorMessage>DHCP client prefix length must be 0 to 32</constraintErrorMessage> </properties> </leafNode> + <leafNode name="capwap-controller"> + <properties> + <help>IP address of CAPWAP access controller (Option 138)</help> + <valueHelp> + <format>ipv4</format> + <description>CAPWAP AC controller</description> + </valueHelp> + <constraint> + <validator name="ipv4-address"/> + </constraint> + </properties> + </leafNode> <leafNode name="default-router"> <properties> <help>IP address of default router</help> diff --git a/interface-definitions/include/dhcp/option-v6.xml.i b/interface-definitions/include/dhcp/option-v6.xml.i index e1897f52d..202843ddf 100644 --- a/interface-definitions/include/dhcp/option-v6.xml.i +++ b/interface-definitions/include/dhcp/option-v6.xml.i @@ -7,6 +7,18 @@ #include <include/dhcp/captive-portal.xml.i> #include <include/dhcp/domain-search.xml.i> #include <include/name-server-ipv6.xml.i> + <leafNode name="capwap-controller"> + <properties> + <help>IP address of CAPWAP access controller (Option 52)</help> + <valueHelp> + <format>ipv6</format> + <description>CAPWAP AC controller</description> + </valueHelp> + <constraint> + <validator name="ipv6-address"/> + </constraint> + </properties> + </leafNode> <leafNode name="nis-domain"> <properties> <help>NIS domain name for client to use</help> diff --git a/interface-definitions/include/firewall/common-rule-ipv4.xml.i b/interface-definitions/include/firewall/common-rule-ipv4.xml.i index 803b94b06..b67ef25dc 100644 --- a/interface-definitions/include/firewall/common-rule-ipv4.xml.i +++ b/interface-definitions/include/firewall/common-rule-ipv4.xml.i @@ -16,6 +16,7 @@ #include <include/firewall/port.xml.i> #include <include/firewall/source-destination-group.xml.i> #include <include/firewall/source-destination-dynamic-group.xml.i> + #include <include/firewall/source-destination-remote-group.xml.i> </children> </node> <leafNode name="jump-target"> @@ -39,6 +40,7 @@ #include <include/firewall/port.xml.i> #include <include/firewall/source-destination-group.xml.i> #include <include/firewall/source-destination-dynamic-group.xml.i> + #include <include/firewall/source-destination-remote-group.xml.i> </children> </node> <!-- include end -->
\ No newline at end of file diff --git a/interface-definitions/include/firewall/global-options.xml.i b/interface-definitions/include/firewall/global-options.xml.i index 05fdd75cb..355b41fde 100644 --- a/interface-definitions/include/firewall/global-options.xml.i +++ b/interface-definitions/include/firewall/global-options.xml.i @@ -51,7 +51,7 @@ <children> <leafNode name="invalid-connections"> <properties> - <help>Accept ARP and DHCP despite they are marked as invalid connection</help> + <help>Accept ARP, DHCP and PPPoE despite they are marked as invalid connection</help> <valueless/> </properties> </leafNode> diff --git a/interface-definitions/include/firewall/source-destination-remote-group.xml.i b/interface-definitions/include/firewall/source-destination-remote-group.xml.i new file mode 100644 index 000000000..16463c8eb --- /dev/null +++ b/interface-definitions/include/firewall/source-destination-remote-group.xml.i @@ -0,0 +1,17 @@ +<!-- include start from firewall/source-destination-remote-group.xml.i --> +<node name="group"> + <properties> + <help>Group</help> + </properties> + <children> + <leafNode name="remote-group"> + <properties> + <help>Group of remote addresses</help> + <completionHelp> + <path>firewall group remote-group</path> + </completionHelp> + </properties> + </leafNode> + </children> +</node> +<!-- include end --> diff --git a/interface-definitions/include/generic-interface-broadcast.xml.i b/interface-definitions/include/generic-interface-broadcast.xml.i index e37e75012..52a4a2717 100644 --- a/interface-definitions/include/generic-interface-broadcast.xml.i +++ b/interface-definitions/include/generic-interface-broadcast.xml.i @@ -1,7 +1,7 @@ <!-- include start from generic-interface-broadcast.xml.i --> <leafNode name="interface"> <properties> - <help>Interface to use</help> + <help>Interface</help> <completionHelp> <script>${vyos_completion_dir}/list_interfaces --broadcast</script> </completionHelp> diff --git a/interface-definitions/include/generic-interface-multi-broadcast.xml.i b/interface-definitions/include/generic-interface-multi-broadcast.xml.i index ed13cf2cf..65ca1ffab 100644 --- a/interface-definitions/include/generic-interface-multi-broadcast.xml.i +++ b/interface-definitions/include/generic-interface-multi-broadcast.xml.i @@ -1,7 +1,7 @@ <!-- include start from generic-interface-multi-broadcast.xml.i --> <leafNode name="interface"> <properties> - <help>Interface to use</help> + <help>Interface</help> <completionHelp> <script>${vyos_completion_dir}/list_interfaces --broadcast</script> </completionHelp> diff --git a/interface-definitions/include/generic-interface-multi-wildcard.xml.i b/interface-definitions/include/generic-interface-multi-wildcard.xml.i index 6c846a795..cd65028ac 100644 --- a/interface-definitions/include/generic-interface-multi-wildcard.xml.i +++ b/interface-definitions/include/generic-interface-multi-wildcard.xml.i @@ -1,7 +1,7 @@ <!-- include start from generic-interface-multi-wildcard.xml.i --> <leafNode name="interface"> <properties> - <help>Interface to use</help> + <help>Interface</help> <completionHelp> <script>${vyos_completion_dir}/list_interfaces</script> </completionHelp> diff --git a/interface-definitions/include/generic-interface-multi.xml.i b/interface-definitions/include/generic-interface-multi.xml.i index cfc77af3a..a4329cba7 100644 --- a/interface-definitions/include/generic-interface-multi.xml.i +++ b/interface-definitions/include/generic-interface-multi.xml.i @@ -1,7 +1,7 @@ <!-- include start from generic-interface-multi.xml.i --> <leafNode name="interface"> <properties> - <help>Interface to use</help> + <help>Interface</help> <completionHelp> <script>${vyos_completion_dir}/list_interfaces</script> </completionHelp> diff --git a/interface-definitions/include/generic-interface.xml.i b/interface-definitions/include/generic-interface.xml.i index 65f5bfbb8..cf6fb9151 100644 --- a/interface-definitions/include/generic-interface.xml.i +++ b/interface-definitions/include/generic-interface.xml.i @@ -1,7 +1,7 @@ <!-- include start from generic-interface.xml.i --> <leafNode name="interface"> <properties> - <help>Interface to use</help> + <help>Interface</help> <completionHelp> <script>${vyos_completion_dir}/list_interfaces</script> </completionHelp> diff --git a/interface-definitions/include/haproxy/rule-backend.xml.i b/interface-definitions/include/haproxy/rule-backend.xml.i index b2be4fde4..1df9d5dcf 100644 --- a/interface-definitions/include/haproxy/rule-backend.xml.i +++ b/interface-definitions/include/haproxy/rule-backend.xml.i @@ -47,7 +47,7 @@ <properties> <help>Server name</help> <constraint> - <regex>[-_a-zA-Z0-9]+</regex> + #include <include/constraint/alpha-numeric-hyphen-underscore.xml.i> </constraint> <constraintErrorMessage>Server name must be alphanumeric and can contain hyphen and underscores</constraintErrorMessage> </properties> diff --git a/interface-definitions/include/haproxy/rule-frontend.xml.i b/interface-definitions/include/haproxy/rule-frontend.xml.i index 001ae2d80..eabdd8632 100644 --- a/interface-definitions/include/haproxy/rule-frontend.xml.i +++ b/interface-definitions/include/haproxy/rule-frontend.xml.i @@ -47,9 +47,12 @@ <properties> <help>Backend name</help> <constraint> - <regex>[-_a-zA-Z0-9]+</regex> + #include <include/constraint/alpha-numeric-hyphen-underscore.xml.i> </constraint> <constraintErrorMessage>Server name must be alphanumeric and can contain hyphen and underscores</constraintErrorMessage> + <completionHelp> + <path>load-balancing haproxy backend</path> + </completionHelp> </properties> </leafNode> </children> diff --git a/interface-definitions/include/haproxy/timeout-check.xml.i b/interface-definitions/include/haproxy/timeout-check.xml.i new file mode 100644 index 000000000..d1217fac3 --- /dev/null +++ b/interface-definitions/include/haproxy/timeout-check.xml.i @@ -0,0 +1,14 @@ +<!-- include start from haproxy/timeout-check.xml.i --> +<leafNode name="check"> + <properties> + <help>Timeout in seconds for established connections</help> + <valueHelp> + <format>u32:1-3600</format> + <description>Check timeout in seconds</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 1-3600"/> + </constraint> + </properties> +</leafNode> +<!-- include end --> diff --git a/interface-definitions/include/haproxy/timeout-client.xml.i b/interface-definitions/include/haproxy/timeout-client.xml.i new file mode 100644 index 000000000..2250ccdef --- /dev/null +++ b/interface-definitions/include/haproxy/timeout-client.xml.i @@ -0,0 +1,14 @@ +<!-- include start from haproxy/timeout-client.xml.i --> +<leafNode name="client"> + <properties> + <help>Maximum inactivity time on the client side</help> + <valueHelp> + <format>u32:1-3600</format> + <description>Timeout in seconds</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 1-3600"/> + </constraint> + </properties> +</leafNode> +<!-- include end --> diff --git a/interface-definitions/include/haproxy/timeout-connect.xml.i b/interface-definitions/include/haproxy/timeout-connect.xml.i new file mode 100644 index 000000000..da4f983af --- /dev/null +++ b/interface-definitions/include/haproxy/timeout-connect.xml.i @@ -0,0 +1,14 @@ +<!-- include start from haproxy/timeout-connect.xml.i --> +<leafNode name="connect"> + <properties> + <help>Set the maximum time to wait for a connection attempt to a server to succeed</help> + <valueHelp> + <format>u32:1-3600</format> + <description>Connect timeout in seconds</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 1-3600"/> + </constraint> + </properties> +</leafNode> +<!-- include end --> diff --git a/interface-definitions/include/haproxy/timeout-server.xml.i b/interface-definitions/include/haproxy/timeout-server.xml.i new file mode 100644 index 000000000..f27d415c1 --- /dev/null +++ b/interface-definitions/include/haproxy/timeout-server.xml.i @@ -0,0 +1,14 @@ +<!-- include start from haproxy/timeout-server.xml.i --> +<leafNode name="server"> + <properties> + <help>Set the maximum inactivity time on the server side</help> + <valueHelp> + <format>u32:1-3600</format> + <description>Server timeout in seconds</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 1-3600"/> + </constraint> + </properties> +</leafNode> +<!-- include end --> diff --git a/interface-definitions/include/haproxy/timeout.xml.i b/interface-definitions/include/haproxy/timeout.xml.i index 79e7303b1..a3a5a8a3e 100644 --- a/interface-definitions/include/haproxy/timeout.xml.i +++ b/interface-definitions/include/haproxy/timeout.xml.i @@ -4,42 +4,9 @@ <help>Timeout options</help> </properties> <children> - <leafNode name="check"> - <properties> - <help>Timeout in seconds for established connections</help> - <valueHelp> - <format>u32:1-3600</format> - <description>Check timeout in seconds</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 1-3600"/> - </constraint> - </properties> - </leafNode> - <leafNode name="connect"> - <properties> - <help>Set the maximum time to wait for a connection attempt to a server to succeed</help> - <valueHelp> - <format>u32:1-3600</format> - <description>Connect timeout in seconds</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 1-3600"/> - </constraint> - </properties> - </leafNode> - <leafNode name="server"> - <properties> - <help>Set the maximum inactivity time on the server side</help> - <valueHelp> - <format>u32:1-3600</format> - <description>Server timeout in seconds</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 1-3600"/> - </constraint> - </properties> - </leafNode> + #include <include/haproxy/timeout-check.xml.i> + #include <include/haproxy/timeout-connect.xml.i> + #include <include/haproxy/timeout-server.xml.i> </children> </node> <!-- include end --> diff --git a/interface-definitions/include/interface/default-route-distance.xml.i b/interface-definitions/include/interface/default-route-distance.xml.i index 6eda52c91..7a226a538 100644 --- a/interface-definitions/include/interface/default-route-distance.xml.i +++ b/interface-definitions/include/interface/default-route-distance.xml.i @@ -4,7 +4,7 @@ <help>Distance for installed default route</help> <valueHelp> <format>u32:1-255</format> - <description>Distance for the default route from DHCP server</description> + <description>Distance for the default route received from the server</description> </valueHelp> <constraint> <validator name="numeric" argument="--range 1-255"/> diff --git a/interface-definitions/include/ip-address.xml.i b/interface-definitions/include/ip-address.xml.i new file mode 100644 index 000000000..6027e97ee --- /dev/null +++ b/interface-definitions/include/ip-address.xml.i @@ -0,0 +1,14 @@ +<!-- include start from ip-address.xml.i --> +<leafNode name="ip-address"> + <properties> + <help>Fixed IP address of static mapping</help> + <valueHelp> + <format>ipv4</format> + <description>IPv4 address used in static mapping</description> + </valueHelp> + <constraint> + <validator name="ipv4-address"/> + </constraint> + </properties> +</leafNode> +<!-- include end --> diff --git a/interface-definitions/include/isis/protocol-common-config.xml.i b/interface-definitions/include/isis/protocol-common-config.xml.i index 35ce80be9..e0a7e62b6 100644 --- a/interface-definitions/include/isis/protocol-common-config.xml.i +++ b/interface-definitions/include/isis/protocol-common-config.xml.i @@ -418,6 +418,14 @@ #include <include/isis/redistribute-level-1-2.xml.i> </children> </node> + <node name="nhrp"> + <properties> + <help>Redistribute NHRP routes into IS-IS</help> + </properties> + <children> + #include <include/isis/redistribute-level-1-2.xml.i> + </children> + </node> <node name="ospf"> <properties> <help>Redistribute OSPF routes into IS-IS</help> diff --git a/interface-definitions/include/monitoring/blackbox-exporter-module-commons.xml.i b/interface-definitions/include/monitoring/blackbox-exporter-module-commons.xml.i new file mode 100644 index 000000000..a97eb5232 --- /dev/null +++ b/interface-definitions/include/monitoring/blackbox-exporter-module-commons.xml.i @@ -0,0 +1,39 @@ +<!-- include start from monitoring/blackbox-module-commons.xml.i --> +<leafNode name="timeout"> + <properties> + <help>Timeout in seconds for the probe request</help> + <valueHelp> + <format>u32:1-60</format> + <description>Timeout in seconds</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 1-60"/> + </constraint> + <constraintErrorMessage>Timeout must be between 1 and 60 seconds</constraintErrorMessage> + </properties> + <defaultValue>5</defaultValue> +</leafNode> +<leafNode name="preferred-ip-protocol"> + <properties> + <help>Preferred IP protocol for this module</help> + <valueHelp> + <format>ipv4</format> + <description>Prefer IPv4</description> + </valueHelp> + <valueHelp> + <format>ipv6</format> + <description>Prefer IPv6</description> + </valueHelp> + <constraint> + <regex>(ipv4|ipv6)</regex> + </constraint> + </properties> + <defaultValue>ip6</defaultValue> +</leafNode> +<leafNode name="ip-protocol-fallback"> + <properties> + <help>Allow fallback to other IP protocol if necessary</help> + <valueless/> + </properties> +</leafNode> +<!-- include end -->
\ No newline at end of file diff --git a/interface-definitions/include/netlink/log-level.xml.i b/interface-definitions/include/netlink/log-level.xml.i new file mode 100644 index 000000000..bbaf9412c --- /dev/null +++ b/interface-definitions/include/netlink/log-level.xml.i @@ -0,0 +1,21 @@ +<!-- include start from netlink/log-level.xml.i --> +<leafNode name="log-level"> + <properties> + <help>Set log-level</help> + <completionHelp> + <list>info debug</list> + </completionHelp> + <valueHelp> + <format>info</format> + <description>Info log level</description> + </valueHelp> + <valueHelp> + <format>debug</format> + <description>Debug log level</description> + </valueHelp> + <constraint> + <regex>(info|debug)</regex> + </constraint> + </properties> +</leafNode> +<!-- include end --> diff --git a/interface-definitions/include/netlink/queue-size.xml.i b/interface-definitions/include/netlink/queue-size.xml.i new file mode 100644 index 000000000..d284838cf --- /dev/null +++ b/interface-definitions/include/netlink/queue-size.xml.i @@ -0,0 +1,15 @@ +<!-- include start from netlink/queue-size.xml.i --> +<leafNode name="queue-size"> + <properties> + <help>Internal message queue size</help> + <valueHelp> + <format>u32:100-2147483647</format> + <description>Queue size</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 1-2147483647"/> + </constraint> + <constraintErrorMessage>Queue size must be between 100 and 2147483647</constraintErrorMessage> + </properties> +</leafNode> +<!-- include end --> diff --git a/interface-definitions/include/ospf/protocol-common-config.xml.i b/interface-definitions/include/ospf/protocol-common-config.xml.i index c4778e126..f597be64e 100644 --- a/interface-definitions/include/ospf/protocol-common-config.xml.i +++ b/interface-definitions/include/ospf/protocol-common-config.xml.i @@ -321,6 +321,7 @@ <children> #include <include/ospf/authentication.xml.i> #include <include/ospf/intervals.xml.i> + #include <include/ospf/retransmit-window.xml.i> </children> </tagNode> </children> @@ -433,6 +434,7 @@ </leafNode> #include <include/ospf/authentication.xml.i> #include <include/ospf/intervals.xml.i> + #include <include/ospf/retransmit-window.xml.i> #include <include/ospf/interface-common.xml.i> #include <include/isis/ldp-sync-interface.xml.i> <leafNode name="bandwidth"> @@ -796,6 +798,16 @@ #include <include/route-map.xml.i> </children> </node> + <node name="nhrp"> + <properties> + <help>Redistribute NHRP routes</help> + </properties> + <children> + #include <include/ospf/metric.xml.i> + #include <include/ospf/metric-type.xml.i> + #include <include/route-map.xml.i> + </children> + </node> <node name="rip"> <properties> <help>Redistribute RIP routes</help> diff --git a/interface-definitions/include/ospf/retransmit-window.xml.i b/interface-definitions/include/ospf/retransmit-window.xml.i new file mode 100644 index 000000000..a5e20f522 --- /dev/null +++ b/interface-definitions/include/ospf/retransmit-window.xml.i @@ -0,0 +1,15 @@ +<!-- include start from ospf/retransmit-window.xml.i --> +<leafNode name="retransmit-window"> + <properties> + <help>Window for LSA retransmit</help> + <valueHelp> + <format>u32:20-1000</format> + <description>Retransmit LSAs expiring in this window (milliseconds)</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 20-1000"/> + </constraint> + </properties> + <defaultValue>50</defaultValue> +</leafNode> +<!-- include end --> diff --git a/interface-definitions/include/policy/community-value-list.xml.i b/interface-definitions/include/policy/community-value-list.xml.i index 8c665c5f0..b1499440a 100644 --- a/interface-definitions/include/policy/community-value-list.xml.i +++ b/interface-definitions/include/policy/community-value-list.xml.i @@ -4,7 +4,6 @@ local-as no-advertise no-export - internet graceful-shutdown accept-own route-filter-translated-v4 @@ -35,10 +34,6 @@ <description>Well-known communities value NO_EXPORT 0xFFFFFF01</description> </valueHelp> <valueHelp> - <format>internet</format> - <description>Well-known communities value 0</description> -</valueHelp> -<valueHelp> <format>graceful-shutdown</format> <description>Well-known communities value GRACEFUL_SHUTDOWN 0xFFFF0000</description> </valueHelp> @@ -84,7 +79,7 @@ </valueHelp> <multi/> <constraint> - <regex>local-as|no-advertise|no-export|internet|graceful-shutdown|accept-own|route-filter-translated-v4|route-filter-v4|route-filter-translated-v6|route-filter-v6|llgr-stale|no-llgr|accept-own-nexthop|blackhole|no-peer</regex> + <regex>local-as|no-advertise|no-export|graceful-shutdown|accept-own|route-filter-translated-v4|route-filter-v4|route-filter-translated-v6|route-filter-v6|llgr-stale|no-llgr|accept-own-nexthop|blackhole|no-peer</regex> <validator name="bgp-regular-community"/> </constraint> <!-- include end --> diff --git a/interface-definitions/include/qos/class-match.xml.i b/interface-definitions/include/qos/class-match.xml.i index 77d1933a3..3ad5547f2 100644 --- a/interface-definitions/include/qos/class-match.xml.i +++ b/interface-definitions/include/qos/class-match.xml.i @@ -29,12 +29,12 @@ <leafNode name="protocol"> <properties> <help>Ethernet protocol for this match</help> - <!-- this refers to /etc/protocols --> + <!-- this refers to /etc/ethertypes --> <completionHelp> <list>all 802.1Q 802_2 802_3 aarp aoe arp atalk dec ip ipv6 ipx lat localtalk rarp snap x25</list> </completionHelp> <valueHelp> - <format>u32:0-65535</format> + <format>u32:1-65535</format> <description>Ethernet protocol number</description> </valueHelp> <valueHelp> @@ -50,7 +50,7 @@ <description>Internet IP (IPv4)</description> </valueHelp> <valueHelp> - <format>ipv6</format> + <format>_ipv6</format> <description>Internet IP (IPv6)</description> </valueHelp> <valueHelp> @@ -59,7 +59,7 @@ </valueHelp> <valueHelp> <format>atalk</format> - <description>Appletalk</description> + <description>AppleTalk</description> </valueHelp> <valueHelp> <format>ipx</format> @@ -69,8 +69,48 @@ <format>802.1Q</format> <description>802.1Q VLAN tag</description> </valueHelp> + <valueHelp> + <format>802_2</format> + <description>IEEE 802.2</description> + </valueHelp> + <valueHelp> + <format>802_3</format> + <description>IEEE 802.3</description> + </valueHelp> + <valueHelp> + <format>aarp</format> + <description>AppleTalk Address Resolution Protocol</description> + </valueHelp> + <valueHelp> + <format>aoe</format> + <description>ATA over Ethernet</description> + </valueHelp> + <valueHelp> + <format>dec</format> + <description>DECnet Protocol</description> + </valueHelp> + <valueHelp> + <format>lat</format> + <description>Local Area Transport</description> + </valueHelp> + <valueHelp> + <format>localtalk</format> + <description>Apple LocalTalk</description> + </valueHelp> + <valueHelp> + <format>rarp</format> + <description>Reverse Address Resolution Protocol</description> + </valueHelp> + <valueHelp> + <format>snap</format> + <description>Subnetwork Access Protocol</description> + </valueHelp> + <valueHelp> + <format>x25</format> + <description>X.25 Packet-Switching Protocol</description> + </valueHelp> <constraint> - <validator name="ip-protocol"/> + <validator name="ether-type"/> </constraint> </properties> </leafNode> diff --git a/interface-definitions/include/source-address-ipv4.xml.i b/interface-definitions/include/source-address-ipv4.xml.i index 052678113..aa0b083c7 100644 --- a/interface-definitions/include/source-address-ipv4.xml.i +++ b/interface-definitions/include/source-address-ipv4.xml.i @@ -1,7 +1,7 @@ <!-- include start from source-address-ipv4.xml.i --> <leafNode name="source-address"> <properties> - <help>IPv4 source address used to initiate connection</help> + <help>IPv4 address used to initiate connection</help> <completionHelp> <script>${vyos_completion_dir}/list_local_ips.sh --ipv4</script> </completionHelp> diff --git a/interface-definitions/include/source-address-ipv6.xml.i b/interface-definitions/include/source-address-ipv6.xml.i new file mode 100644 index 000000000..a27955b0c --- /dev/null +++ b/interface-definitions/include/source-address-ipv6.xml.i @@ -0,0 +1,17 @@ +<!-- include start from source-address-ipv6.xml.i --> +<leafNode name="source-address"> + <properties> + <help>IPv6 address used to initiate connection</help> + <completionHelp> + <script>${vyos_completion_dir}/list_local_ips.sh --ipv6</script> + </completionHelp> + <valueHelp> + <format>ipv6</format> + <description>IPv6 source address</description> + </valueHelp> + <constraint> + <validator name="ipv6-address"/> + </constraint> + </properties> +</leafNode> +<!-- include end --> diff --git a/interface-definitions/include/static/static-route-bfd.xml.i b/interface-definitions/include/static/static-route-bfd.xml.i deleted file mode 100644 index d588b369f..000000000 --- a/interface-definitions/include/static/static-route-bfd.xml.i +++ /dev/null @@ -1,36 +0,0 @@ -<!-- include start from static/static-route-bfd.xml.i --> -<node name="bfd"> - <properties> - <help>BFD monitoring</help> - </properties> - <children> - #include <include/bfd/profile.xml.i> - <node name="multi-hop"> - <properties> - <help>Use BFD multi hop session</help> - </properties> - <children> - <tagNode name="source"> - <properties> - <help>Use source for BFD session</help> - <valueHelp> - <format>ipv4</format> - <description>IPv4 source address</description> - </valueHelp> - <valueHelp> - <format>ipv6</format> - <description>IPv6 source address</description> - </valueHelp> - <constraint> - <validator name="ip-address"/> - </constraint> - </properties> - <children> - #include <include/bfd/profile.xml.i> - </children> - </tagNode> - </children> - </node> - </children> -</node> -<!-- include end --> diff --git a/interface-definitions/include/static/static-route-interface.xml.i b/interface-definitions/include/static/static-route-interface.xml.i deleted file mode 100644 index cb5436847..000000000 --- a/interface-definitions/include/static/static-route-interface.xml.i +++ /dev/null @@ -1,17 +0,0 @@ -<!-- include start from static/static-route-interface.xml.i --> -<leafNode name="interface"> - <properties> - <help>Gateway interface name</help> - <completionHelp> - <script>${vyos_completion_dir}/list_interfaces</script> - </completionHelp> - <valueHelp> - <format>txt</format> - <description>Gateway interface name</description> - </valueHelp> - <constraint> - #include <include/constraint/interface-name.xml.i> - </constraint> - </properties> -</leafNode> -<!-- include end --> diff --git a/interface-definitions/include/static/static-route.xml.i b/interface-definitions/include/static/static-route.xml.i index 29921a731..c261874f5 100644 --- a/interface-definitions/include/static/static-route.xml.i +++ b/interface-definitions/include/static/static-route.xml.i @@ -13,7 +13,7 @@ <children> #include <include/static/static-route-blackhole.xml.i> #include <include/static/static-route-reject.xml.i> - #include <include/dhcp-interface.xml.i> + #include <include/dhcp-interface-multi.xml.i> #include <include/generic-description.xml.i> <tagNode name="interface"> <properties> @@ -49,12 +49,26 @@ <children> #include <include/generic-disable-node.xml.i> #include <include/static/static-route-distance.xml.i> - #include <include/static/static-route-interface.xml.i> + #include <include/generic-interface.xml.i> #include <include/static/static-route-vrf.xml.i> - #include <include/static/static-route-bfd.xml.i> + <node name="bfd"> + <properties> + <help>BFD monitoring</help> + </properties> + <children> + #include <include/bfd/profile.xml.i> + <node name="multi-hop"> + <properties> + <help>Configure BFD multi-hop session</help> + </properties> + <children> + #include <include/source-address-ipv4.xml.i> + </children> + </node> + </children> + </node> </children> </tagNode> </children> </tagNode> <!-- include end --> - diff --git a/interface-definitions/include/static/static-route6.xml.i b/interface-definitions/include/static/static-route6.xml.i index 4468c8025..a3d972d39 100644 --- a/interface-definitions/include/static/static-route6.xml.i +++ b/interface-definitions/include/static/static-route6.xml.i @@ -48,11 +48,26 @@ </properties> <children> #include <include/generic-disable-node.xml.i> - #include <include/static/static-route-bfd.xml.i> #include <include/static/static-route-distance.xml.i> - #include <include/static/static-route-interface.xml.i> + #include <include/generic-interface.xml.i> #include <include/static/static-route-segments.xml.i> #include <include/static/static-route-vrf.xml.i> + <node name="bfd"> + <properties> + <help>BFD monitoring</help> + </properties> + <children> + #include <include/bfd/profile.xml.i> + <node name="multi-hop"> + <properties> + <help>Configure BFD multi-hop session</help> + </properties> + <children> + #include <include/source-address-ipv6.xml.i> + </children> + </node> + </children> + </node> </children> </tagNode> </children> diff --git a/interface-definitions/include/stunnel/psk.xml.i b/interface-definitions/include/stunnel/psk.xml.i index db11a93d3..a8226c866 100644 --- a/interface-definitions/include/stunnel/psk.xml.i +++ b/interface-definitions/include/stunnel/psk.xml.i @@ -4,27 +4,8 @@ <help>Pre-shared key name</help> </properties> <children> - <leafNode name="id"> - <properties> - <help>ID for authentication</help> - <valueHelp> - <format>txt</format> - <description>ID used for authentication</description> - </valueHelp> - </properties> - </leafNode> - <leafNode name="secret"> - <properties> - <help>pre-shared secret key</help> - <valueHelp> - <format>txt</format> - <description>pre-shared secret key are required to be at least 16 bytes long, which implies at least 32 characters for hexadecimal key</description> - </valueHelp> - <constraint> - <validator name="psk-secret"/> - </constraint> - </properties> - </leafNode> + #include <include/auth-psk-id.xml.i> + #include <include/auth-psk-secret.xml.i> </children> </tagNode> <!-- include end --> diff --git a/interface-definitions/include/version/bgp-version.xml.i b/interface-definitions/include/version/bgp-version.xml.i index 6bed7189f..c90276151 100644 --- a/interface-definitions/include/version/bgp-version.xml.i +++ b/interface-definitions/include/version/bgp-version.xml.i @@ -1,3 +1,3 @@ <!-- include start from include/version/bgp-version.xml.i --> -<syntaxVersion component='bgp' version='5'></syntaxVersion> +<syntaxVersion component='bgp' version='6'></syntaxVersion> <!-- include end --> diff --git a/interface-definitions/include/version/firewall-version.xml.i b/interface-definitions/include/version/firewall-version.xml.i index a15cf0eec..1a8098297 100644 --- a/interface-definitions/include/version/firewall-version.xml.i +++ b/interface-definitions/include/version/firewall-version.xml.i @@ -1,3 +1,3 @@ <!-- include start from include/version/firewall-version.xml.i --> -<syntaxVersion component='firewall' version='17'></syntaxVersion> +<syntaxVersion component='firewall' version='18'></syntaxVersion> <!-- include end --> diff --git a/interface-definitions/include/version/flow-accounting-version.xml.i b/interface-definitions/include/version/flow-accounting-version.xml.i index 5b01fe4b5..95d1e20db 100644 --- a/interface-definitions/include/version/flow-accounting-version.xml.i +++ b/interface-definitions/include/version/flow-accounting-version.xml.i @@ -1,3 +1,3 @@ <!-- include start from include/version/flow-accounting-version.xml.i --> -<syntaxVersion component='flow-accounting' version='1'></syntaxVersion> +<syntaxVersion component='flow-accounting' version='2'></syntaxVersion> <!-- include end --> diff --git a/interface-definitions/include/version/lldp-version.xml.i b/interface-definitions/include/version/lldp-version.xml.i index b41d80451..a7110691a 100644 --- a/interface-definitions/include/version/lldp-version.xml.i +++ b/interface-definitions/include/version/lldp-version.xml.i @@ -1,3 +1,3 @@ <!-- include start from include/version/lldp-version.xml.i --> -<syntaxVersion component='lldp' version='2'></syntaxVersion> +<syntaxVersion component='lldp' version='3'></syntaxVersion> <!-- include end --> diff --git a/interface-definitions/include/version/monitoring-version.xml.i b/interface-definitions/include/version/monitoring-version.xml.i index 6a275a5d8..2e2e0116e 100644 --- a/interface-definitions/include/version/monitoring-version.xml.i +++ b/interface-definitions/include/version/monitoring-version.xml.i @@ -1,3 +1,3 @@ <!-- include start from include/version/monitoring-version.xml.i --> -<syntaxVersion component='monitoring' version='1'></syntaxVersion> +<syntaxVersion component='monitoring' version='2'></syntaxVersion> <!-- include end --> diff --git a/interface-definitions/include/version/nhrp-version.xml.i b/interface-definitions/include/version/nhrp-version.xml.i new file mode 100644 index 000000000..7f6f3c4f7 --- /dev/null +++ b/interface-definitions/include/version/nhrp-version.xml.i @@ -0,0 +1,3 @@ +<!-- include start from include/version/nhrp-version.xml.i --> +<syntaxVersion component='nhrp' version='1'></syntaxVersion> +<!-- include end --> diff --git a/interface-definitions/include/version/policy-version.xml.i b/interface-definitions/include/version/policy-version.xml.i index db727fea9..5c53a4032 100644 --- a/interface-definitions/include/version/policy-version.xml.i +++ b/interface-definitions/include/version/policy-version.xml.i @@ -1,3 +1,3 @@ <!-- include start from include/version/policy-version.xml.i --> -<syntaxVersion component='policy' version='8'></syntaxVersion> +<syntaxVersion component='policy' version='9'></syntaxVersion> <!-- include end --> diff --git a/interface-definitions/include/version/quagga-version.xml.i b/interface-definitions/include/version/quagga-version.xml.i index 23d884cd4..10ca2816e 100644 --- a/interface-definitions/include/version/quagga-version.xml.i +++ b/interface-definitions/include/version/quagga-version.xml.i @@ -1,3 +1,3 @@ <!-- include start from include/version/quagga-version.xml.i --> -<syntaxVersion component='quagga' version='11'></syntaxVersion> +<syntaxVersion component='quagga' version='12'></syntaxVersion> <!-- include end --> diff --git a/interface-definitions/include/version/system-version.xml.i b/interface-definitions/include/version/system-version.xml.i index 3ecf124c7..5cdece74a 100644 --- a/interface-definitions/include/version/system-version.xml.i +++ b/interface-definitions/include/version/system-version.xml.i @@ -1,3 +1,3 @@ <!-- include start from include/version/system-version.xml.i --> -<syntaxVersion component='system' version='28'></syntaxVersion> +<syntaxVersion component='system' version='29'></syntaxVersion> <!-- include end --> diff --git a/interface-definitions/include/version/wanloadbalance-version.xml.i b/interface-definitions/include/version/wanloadbalance-version.xml.i index 59f8729cc..34c3c76ff 100644 --- a/interface-definitions/include/version/wanloadbalance-version.xml.i +++ b/interface-definitions/include/version/wanloadbalance-version.xml.i @@ -1,3 +1,3 @@ <!-- include start from include/version/wanloadbalance-version.xml.i --> -<syntaxVersion component='wanloadbalance' version='3'></syntaxVersion> +<syntaxVersion component='wanloadbalance' version='4'></syntaxVersion> <!-- include end --> diff --git a/interface-definitions/interfaces_ethernet.xml.in b/interface-definitions/interfaces_ethernet.xml.in index 89f990d41..b3559a626 100644 --- a/interface-definitions/interfaces_ethernet.xml.in +++ b/interface-definitions/interfaces_ethernet.xml.in @@ -56,6 +56,12 @@ </properties> <defaultValue>auto</defaultValue> </leafNode> + <leafNode name="switchdev"> + <properties> + <help>Enables switchdev mode on interface</help> + <valueless/> + </properties> + </leafNode> #include <include/interface/eapol.xml.i> <node name="evpn"> <properties> diff --git a/interface-definitions/interfaces_geneve.xml.in b/interface-definitions/interfaces_geneve.xml.in index 990c5bd91..c1e6c33d5 100644 --- a/interface-definitions/interfaces_geneve.xml.in +++ b/interface-definitions/interfaces_geneve.xml.in @@ -23,6 +23,10 @@ #include <include/interface/ipv6-options.xml.i> #include <include/interface/mac.xml.i> #include <include/interface/mtu-1200-16000.xml.i> + #include <include/port-number.xml.i> + <leafNode name="port"> + <defaultValue>6081</defaultValue> + </leafNode> <node name="parameters"> <properties> <help>GENEVE tunnel parameters</help> diff --git a/interface-definitions/interfaces_pppoe.xml.in b/interface-definitions/interfaces_pppoe.xml.in index 56660bc15..f24bc41d8 100644 --- a/interface-definitions/interfaces_pppoe.xml.in +++ b/interface-definitions/interfaces_pppoe.xml.in @@ -21,6 +21,9 @@ #include <include/interface/dial-on-demand.xml.i> #include <include/interface/no-default-route.xml.i> #include <include/interface/default-route-distance.xml.i> + <leafNode name="default-route-distance"> + <defaultValue>1</defaultValue> + </leafNode> #include <include/interface/dhcpv6-options.xml.i> #include <include/generic-description.xml.i> #include <include/interface/disable.xml.i> diff --git a/interface-definitions/interfaces_virtual-ethernet.xml.in b/interface-definitions/interfaces_virtual-ethernet.xml.in index c4610feec..2dfbd50b8 100644 --- a/interface-definitions/interfaces_virtual-ethernet.xml.in +++ b/interface-definitions/interfaces_virtual-ethernet.xml.in @@ -21,6 +21,10 @@ #include <include/interface/dhcp-options.xml.i> #include <include/interface/dhcpv6-options.xml.i> #include <include/interface/disable.xml.i> + #include <include/interface/mtu-68-16000.xml.i> + <leafNode name="mtu"> + <defaultValue>1500</defaultValue> + </leafNode> #include <include/interface/netns.xml.i> #include <include/interface/vif-s.xml.i> #include <include/interface/vif.xml.i> diff --git a/interface-definitions/interfaces_wireguard.xml.in b/interface-definitions/interfaces_wireguard.xml.in index ce49de038..33cb5864a 100644 --- a/interface-definitions/interfaces_wireguard.xml.in +++ b/interface-definitions/interfaces_wireguard.xml.in @@ -40,13 +40,23 @@ </properties> <defaultValue>0</defaultValue> </leafNode> - <leafNode name="private-key"> + <leafNode name="max-dns-retry"> <properties> - <help>Base64 encoded private key</help> + <help>DNS retries when resolve fails</help> + <valueHelp> + <format>u32:1-15</format> + <description>Maximum number of retries</description> + </valueHelp> <constraint> - <validator name="base64"/> + <validator name="numeric" argument="--range 1-15"/> </constraint> - <constraintErrorMessage>Key is not base64-encoded</constraintErrorMessage> + </properties> + <defaultValue>3</defaultValue> + </leafNode> + <leafNode name="private-key"> + <properties> + <help>Base64 encoded private key</help> + #include <include/constraint/wireguard-keys.xml.i> </properties> </leafNode> <tagNode name="peer"> @@ -62,20 +72,14 @@ #include <include/generic-description.xml.i> <leafNode name="public-key"> <properties> - <help>base64 encoded public key</help> - <constraint> - <validator name="base64"/> - </constraint> - <constraintErrorMessage>Key is not base64-encoded</constraintErrorMessage> + <help>Base64 encoded public key</help> + #include <include/constraint/wireguard-keys.xml.i> </properties> </leafNode> <leafNode name="preshared-key"> <properties> - <help>base64 encoded preshared key</help> - <constraint> - <validator name="base64"/> - </constraint> - <constraintErrorMessage>Key is not base64-encoded</constraintErrorMessage> + <help>Base64 encoded preshared key</help> + #include <include/constraint/wireguard-keys.xml.i> </properties> </leafNode> <leafNode name="allowed-ips"> @@ -104,6 +108,18 @@ </constraint> </properties> </leafNode> + <leafNode name="host-name"> + <properties> + <help>Hostname of tunnel endpoint</help> + <valueHelp> + <format>hostname</format> + <description>FQDN of WireGuard endpoint</description> + </valueHelp> + <constraint> + <validator name="fqdn"/> + </constraint> + </properties> + </leafNode> #include <include/port-number.xml.i> <leafNode name="persistent-keepalive"> <properties> diff --git a/interface-definitions/load-balancing_haproxy.xml.in b/interface-definitions/load-balancing_haproxy.xml.in index 742272436..b95e02337 100644 --- a/interface-definitions/load-balancing_haproxy.xml.in +++ b/interface-definitions/load-balancing_haproxy.xml.in @@ -48,6 +48,46 @@ <valueless/> </properties> </leafNode> + <node name="timeout"> + <properties> + <help>Timeout options</help> + </properties> + <children> + #include <include/haproxy/timeout-client.xml.i> + </children> + </node> + <node name="http-compression"> + <properties> + <help>Compress HTTP responses</help> + </properties> + <children> + <leafNode name="algorithm"> + <properties> + <help>Compression algorithm</help> + <completionHelp> + <list>gzip deflate identity raw-deflate</list> + </completionHelp> + <constraint> + <regex>(gzip|deflate|identity|raw-deflate)</regex> + </constraint> + </properties> + </leafNode> + <leafNode name="mime-type"> + <properties> + <help>MIME types to compress</help> + <valueHelp> + <format>txt</format> + <description>MIME type to compress</description> + </valueHelp> + <multi/> + <constraint> + <regex>\w+\/[-+.\w]+</regex> + </constraint> + <constraintErrorMessage>Invalid MIME type specified</constraintErrorMessage> + </properties> + </leafNode> + </children> + </node> <node name="ssl"> <properties> <help>SSL Certificate, SSL Key and CA</help> @@ -336,6 +376,29 @@ </leafNode> </children> </node> + <node name="timeout"> + <properties> + <help>Timeout options</help> + </properties> + <children> + #include <include/haproxy/timeout-check.xml.i> + <leafNode name="check"> + <defaultValue>5</defaultValue> + </leafNode> + #include <include/haproxy/timeout-connect.xml.i> + <leafNode name="connect"> + <defaultValue>10</defaultValue> + </leafNode> + #include <include/haproxy/timeout-client.xml.i> + <leafNode name="client"> + <defaultValue>50</defaultValue> + </leafNode> + #include <include/haproxy/timeout-server.xml.i> + <leafNode name="server"> + <defaultValue>50</defaultValue> + </leafNode> + </children> + </node> #include <include/interface/vrf.xml.i> </children> </node> diff --git a/interface-definitions/pki.xml.in b/interface-definitions/pki.xml.in index c69886a4b..161f20b33 100644 --- a/interface-definitions/pki.xml.in +++ b/interface-definitions/pki.xml.in @@ -80,7 +80,7 @@ </constraint> </properties> </leafNode> - #include <include/listen-address-ipv4-single.xml.i> + #include <include/listen-address-single.xml.i> <leafNode name="rsa-key-size"> <properties> <help>Size of the RSA key</help> @@ -202,30 +202,6 @@ </node> </children> </tagNode> - <tagNode name="openssh"> - <properties> - <help>OpenSSH public and private keys</help> - </properties> - <children> - <node name="public"> - <properties> - <help>Public key</help> - </properties> - <children> - #include <include/pki/cli-public-key-base64.xml.i> - </children> - </node> - <node name="private"> - <properties> - <help>Private key</help> - </properties> - <children> - #include <include/pki/cli-private-key-base64.xml.i> - #include <include/pki/password-protected.xml.i> - </children> - </node> - </children> - </tagNode> <node name="openvpn"> <properties> <help>OpenVPN keys</help> diff --git a/interface-definitions/policy.xml.in b/interface-definitions/policy.xml.in index cbab6173f..25dbf5581 100644 --- a/interface-definitions/policy.xml.in +++ b/interface-definitions/policy.xml.in @@ -202,7 +202,7 @@ <properties> <help>Regular expression to match against a community-list</help> <completionHelp> - <list>local-AS no-advertise no-export internet graceful-shutdown accept-own-nexthop accept-own route-filter-translated-v4 route-filter-v4 route-filter-translated-v6 route-filter-v6 llgr-stale no-llgr blackhole no-peer additive</list> + <list>local-AS no-advertise no-export graceful-shutdown accept-own-nexthop accept-own route-filter-translated-v4 route-filter-v4 route-filter-translated-v6 route-filter-v6 llgr-stale no-llgr blackhole no-peer additive</list> </completionHelp> <valueHelp> <format><aa:nn></format> @@ -221,10 +221,6 @@ <description>Well-known communities value NO_EXPORT 0xFFFFFF01</description> </valueHelp> <valueHelp> - <format>internet</format> - <description>Well-known communities value 0</description> - </valueHelp> - <valueHelp> <format>graceful-shutdown</format> <description>Well-known communities value GRACEFUL_SHUTDOWN 0xFFFF0000</description> </valueHelp> @@ -1096,6 +1092,20 @@ </constraint> </properties> </leafNode> + <leafNode name="source-vrf"> + <properties> + <help>Source vrf</help> + #include <include/constraint/vrf.xml.i> + <valueHelp> + <format>txt</format> + <description>VRF instance name</description> + </valueHelp> + <completionHelp> + <path>vrf name</path> + <list>default</list> + </completionHelp> + </properties> + </leafNode> #include <include/policy/tag.xml.i> </children> </node> diff --git a/interface-definitions/protocols_failover.xml.in b/interface-definitions/protocols_failover.xml.in index f70975949..fae9be76a 100644 --- a/interface-definitions/protocols_failover.xml.in +++ b/interface-definitions/protocols_failover.xml.in @@ -110,7 +110,7 @@ </leafNode> </children> </node> - #include <include/static/static-route-interface.xml.i> + #include <include/generic-interface.xml.i> <leafNode name="metric"> <properties> <help>Route metric for this gateway</help> diff --git a/interface-definitions/protocols_mpls.xml.in b/interface-definitions/protocols_mpls.xml.in index 831601fc6..fc1864f38 100644 --- a/interface-definitions/protocols_mpls.xml.in +++ b/interface-definitions/protocols_mpls.xml.in @@ -524,7 +524,29 @@ </node> </children> </node> - #include <include/generic-interface-multi.xml.i> + <tagNode name="interface"> + <properties> + <help>Interface</help> + <completionHelp> + <script>${vyos_completion_dir}/list_interfaces</script> + </completionHelp> + <valueHelp> + <format>txt</format> + <description>Interface name</description> + </valueHelp> + <constraint> + #include <include/constraint/interface-name.xml.i> + </constraint> + </properties> + <children> + <leafNode name="disable-establish-hello"> + <properties> + <help>Disable response to hello packet with an additional hello LDP packet</help> + <valueless/> + </properties> + </leafNode> + </children> + </tagNode> </children> </node> <node name="parameters"> diff --git a/interface-definitions/protocols_nhrp.xml.in b/interface-definitions/protocols_nhrp.xml.in index d7663c095..5304fbd78 100644 --- a/interface-definitions/protocols_nhrp.xml.in +++ b/interface-definitions/protocols_nhrp.xml.in @@ -20,115 +20,163 @@ </valueHelp> </properties> <children> - <leafNode name="cisco-authentication"> + <node name="map"> <properties> - <help>Pass phrase for cisco authentication</help> - <valueHelp> - <format>txt</format> - <description>Pass phrase for cisco authentication</description> - </valueHelp> - <constraint> - <regex>[^[:space:]]{1,8}</regex> - </constraint> - <constraintErrorMessage>Password should contain up to eight non-whitespace characters</constraintErrorMessage> - </properties> - </leafNode> - <tagNode name="dynamic-map"> - <properties> - <help>Set an HUB tunnel address</help> - <valueHelp> - <format>ipv4net</format> - <description>Set the IP address and prefix length</description> - </valueHelp> + <help>Map tunnel IP to NBMA </help> </properties> <children> - <leafNode name="nbma-domain-name"> + <tagNode name ="tunnel-ip"> <properties> - <help>Set HUB fqdn (nbma-address - fqdn)</help> + <help>Set a NHRP tunnel address</help> <valueHelp> - <format><fqdn></format> - <description>Set the external HUB fqdn</description> + <format>ipv4</format> + <description>Set the IP address to map</description> </valueHelp> + <constraint> + <validator name="ip-address"/> + </constraint> </properties> - </leafNode> + <children> + <leafNode name="nbma"> + <properties> + <help>Set NHRP NBMA address to map</help> + <completionHelp> + <list>local</list> + </completionHelp> + <valueHelp> + <format>ipv4</format> + <description>Set the IP address to map</description> + </valueHelp> + <valueHelp> + <format>local</format> + <description>Set the local address</description> + </valueHelp> + <constraint> + <validator name="ip-address"/> + <regex>(local)</regex> + </constraint> + </properties> + </leafNode> + </children> + </tagNode> </children> - </tagNode> - <leafNode name="holding-time"> + </node> + <node name="nhs"> <properties> - <help>Holding time in seconds</help> - </properties> - </leafNode> - <tagNode name="map"> - <properties> - <help>Set an HUB tunnel address</help> + <help>Map tunnel IP to NBMA of Next Hop Server</help> </properties> <children> - <leafNode name="cisco"> - <properties> - <help>If the statically mapped peer is running Cisco IOS, specify this</help> - <valueless/> - </properties> - </leafNode> - <leafNode name="nbma-address"> + <tagNode name ="tunnel-ip"> <properties> - <help>Set HUB address (nbma-address - external hub address or fqdn)</help> - </properties> - </leafNode> - <leafNode name="register"> - <properties> - <help>Specifies that Registration Request should be sent to this peer on startup</help> - <valueless/> + <help>Set a NHRP NHS tunnel address</help> + <completionHelp> + <list>dynamic</list> + </completionHelp> + <valueHelp> + <format>ipv4</format> + <description>Set the IP address to map</description> + </valueHelp> + <valueHelp> + <format>dynamic</format> + <description> Set Next Hop Server to have a dynamic address </description> + </valueHelp> + <constraint> + <validator name="ip-address"/> + <regex>(dynamic)</regex> + </constraint> </properties> - </leafNode> + <children> + <leafNode name="nbma"> + <properties> + <help>Set NHRP NBMA address of NHS</help> + <valueHelp> + <format>ipv4</format> + <description>Set the IP address to map</description> + </valueHelp> + <constraint> + <validator name="ip-address"/> + </constraint> + <multi/> + </properties> + </leafNode> + </children> + </tagNode> </children> - </tagNode> + </node> <leafNode name="multicast"> <properties> - <help>Set multicast for NHRP</help> + <help>Map multicast to NBMA</help> <completionHelp> - <list>dynamic nhs</list> + <list>dynamic</list> </completionHelp> + <valueHelp> + <format>ipv4</format> + <description>Set the IP address to map(IP|FQDN)</description> + </valueHelp> + <valueHelp> + <format>dynamic</format> + <description>NBMA address is learnt dynamically</description> + </valueHelp> <constraint> - <regex>(dynamic|nhs)</regex> + <validator name="ip-address"/> + <regex>(dynamic)</regex> </constraint> + <multi/> </properties> </leafNode> - <leafNode name="non-caching"> + <leafNode name="registration-no-unique"> <properties> - <help>This can be used to reduce memory consumption on big NBMA subnets</help> + <help>Don't set unique flag</help> <valueless/> </properties> </leafNode> - <leafNode name="redirect"> + <leafNode name="authentication"> <properties> - <help>Enable sending of Cisco style NHRP Traffic Indication packets</help> - <valueless/> + <help>NHRP authentication</help> + <valueHelp> + <format>txt</format> + <description>Pass phrase for NHRP authentication</description> + </valueHelp> + <constraint> + <regex>[^[:space:]]{1,8}</regex> + </constraint> + <constraintErrorMessage>Password should contain up to eight non-whitespace characters</constraintErrorMessage> </properties> </leafNode> - <leafNode name="shortcut-destination"> + <leafNode name="holdtime"> <properties> - <help>This instructs opennhrp to reply with authorative answers on NHRP Resolution Requests destined to addresses in this interface</help> - <valueless/> + <help>Holding time in seconds</help> + <valueHelp> + <format>u32:1-65000</format> + <description>ring buffer size</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 1-65000"/> + </constraint> </properties> </leafNode> - <tagNode name="shortcut-target"> + <leafNode name="redirect"> <properties> - <help>Defines an off-NBMA network prefix for which the GRE interface will act as a gateway</help> + <help>Enable sending of Cisco style NHRP Traffic Indication packets</help> + <valueless/> </properties> - <children> - <leafNode name="holding-time"> - <properties> - <help>Holding time in seconds</help> - </properties> - </leafNode> - </children> - </tagNode> + </leafNode> <leafNode name="shortcut"> <properties> <help>Enable creation of shortcut routes. A received NHRP Traffic Indication will trigger the resolution and establishment of a shortcut route</help> <valueless/> </properties> </leafNode> + #include <include/interface/mtu-68-16000.xml.i> + <leafNode name="network-id"> + <properties> + <help>NHRP network id</help> + <valueHelp> + <format><1-4294967295></format> + <description>NHRP network id</description> + </valueHelp> + </properties> + </leafNode> </children> </tagNode> </children> diff --git a/interface-definitions/protocols_rip.xml.in b/interface-definitions/protocols_rip.xml.in index 0edd8f2ce..745280fd7 100644 --- a/interface-definitions/protocols_rip.xml.in +++ b/interface-definitions/protocols_rip.xml.in @@ -209,6 +209,14 @@ #include <include/rip/redistribute.xml.i> </children> </node> + <node name="nhrp"> + <properties> + <help>Redistribute NHRP routes</help> + </properties> + <children> + #include <include/rip/redistribute.xml.i> + </children> + </node> <node name="ospf"> <properties> <help>Redistribute OSPF routes</help> diff --git a/interface-definitions/protocols_rpki.xml.in b/interface-definitions/protocols_rpki.xml.in index 54d69eadb..9e2e84717 100644 --- a/interface-definitions/protocols_rpki.xml.in +++ b/interface-definitions/protocols_rpki.xml.in @@ -42,6 +42,7 @@ </constraint> </properties> </leafNode> + #include <include/source-address-ipv4.xml.i> <node name="ssh"> <properties> <help>RPKI SSH connection settings</help> diff --git a/interface-definitions/protocols_segment-routing.xml.in b/interface-definitions/protocols_segment-routing.xml.in index c299f624e..688b253b6 100644 --- a/interface-definitions/protocols_segment-routing.xml.in +++ b/interface-definitions/protocols_segment-routing.xml.in @@ -126,6 +126,25 @@ </properties> <defaultValue>24</defaultValue> </leafNode> + <leafNode name="format"> + <properties> + <help>SRv6 SID format</help> + <completionHelp> + <list>uncompressed-f4024 usid-f3216</list> + </completionHelp> + <valueHelp> + <format>uncompressed-f4024</format> + <description>Uncompressed f4024 format</description> + </valueHelp> + <valueHelp> + <format>usid-f3216</format> + <description>usid-f3216 format</description> + </valueHelp> + <constraint> + <regex>(uncompressed-f4024|usid-f3216)</regex> + </constraint> + </properties> + </leafNode> </children> </tagNode> </children> diff --git a/interface-definitions/protocols_static.xml.in b/interface-definitions/protocols_static.xml.in index ca4ca2d74..c721bb3fc 100644 --- a/interface-definitions/protocols_static.xml.in +++ b/interface-definitions/protocols_static.xml.in @@ -11,21 +11,64 @@ <priority>480</priority> </properties> <children> - #include <include/route-map.xml.i> - #include <include/static/static-route.xml.i> - #include <include/static/static-route6.xml.i> - <tagNode name="table"> + <tagNode name="mroute"> <properties> - <help>Policy route table number</help> + <help>Static IPv4 route for Multicast RIB</help> <valueHelp> - <format>u32:1-200</format> - <description>Policy route table number</description> + <format>ipv4net</format> + <description>Network</description> </valueHelp> <constraint> - <validator name="numeric" argument="--range 1-200"/> + <validator name="ipv4-prefix"/> </constraint> </properties> <children> + <tagNode name="next-hop"> + <properties> + <help>Next-hop IPv4 router address</help> + <valueHelp> + <format>ipv4</format> + <description>Next-hop router address</description> + </valueHelp> + <constraint> + <validator name="ipv4-address"/> + </constraint> + </properties> + <children> + #include <include/generic-disable-node.xml.i> + #include <include/static/static-route-distance.xml.i> + </children> + </tagNode> + <tagNode name="interface"> + <properties> + <help>Next-hop IPv4 router interface</help> + <completionHelp> + <script>${vyos_completion_dir}/list_interfaces</script> + </completionHelp> + <valueHelp> + <format>txt</format> + <description>Gateway interface name</description> + </valueHelp> + <constraint> + #include <include/constraint/interface-name.xml.i> + </constraint> + </properties> + <children> + #include <include/generic-disable-node.xml.i> + #include <include/static/static-route-distance.xml.i> + </children> + </tagNode> + </children> + </tagNode> + #include <include/route-map.xml.i> + #include <include/static/static-route.xml.i> + #include <include/static/static-route6.xml.i> + <tagNode name="table"> + <properties> + <help>Non-main Kernel Routing Table</help> + #include <include/constraint/protocols-static-table.xml.i> + </properties> + <children> <!-- iproute2 only considers the first "word" until whitespace in the name field but does not complain about special characters. diff --git a/interface-definitions/protocols_static_multicast.xml.in b/interface-definitions/protocols_static_multicast.xml.in deleted file mode 100644 index caf95ed7c..000000000 --- a/interface-definitions/protocols_static_multicast.xml.in +++ /dev/null @@ -1,95 +0,0 @@ -<?xml version="1.0"?> -<interfaceDefinition> - <node name="protocols"> - <children> - <node name="static"> - <children> - <node name="multicast" owner="${vyos_conf_scripts_dir}/protocols_static_multicast.py"> - <properties> - <help>Multicast static route</help> - <priority>481</priority> - </properties> - <children> - <tagNode name="route"> - <properties> - <help>Configure static unicast route into MRIB for multicast RPF lookup</help> - <valueHelp> - <format>ipv4net</format> - <description>Network</description> - </valueHelp> - <constraint> - <validator name="ip-prefix"/> - </constraint> - </properties> - <children> - <tagNode name="next-hop"> - <properties> - <help>Nexthop IPv4 address</help> - <valueHelp> - <format>ipv4</format> - <description>Nexthop IPv4 address</description> - </valueHelp> - <constraint> - <validator name="ipv4-address"/> - </constraint> - </properties> - <children> - <leafNode name="distance"> - <properties> - <help>Distance value for this route</help> - <valueHelp> - <format>u32:1-255</format> - <description>Distance for this route</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 1-255"/> - </constraint> - </properties> - </leafNode> - </children> - </tagNode> - </children> - </tagNode> - <tagNode name="interface-route"> - <properties> - <help>Multicast interface based route</help> - <valueHelp> - <format>ipv4net</format> - <description>Network</description> - </valueHelp> - <constraint> - <validator name="ip-prefix"/> - </constraint> - </properties> - <children> - <tagNode name="next-hop-interface"> - <properties> - <help>Next-hop interface</help> - <completionHelp> - <script>${vyos_completion_dir}/list_interfaces</script> - </completionHelp> - </properties> - <children> - <leafNode name="distance"> - <properties> - <help>Distance value for this route</help> - <valueHelp> - <format>u32:1-255</format> - <description>Distance for this route</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 1-255"/> - </constraint> - </properties> - </leafNode> - </children> - </tagNode> - </children> - </tagNode> - </children> - </node> - </children> - </node> - </children> - </node> -</interfaceDefinition> diff --git a/interface-definitions/service_dhcp-server.xml.in b/interface-definitions/service_dhcp-server.xml.in index cb5f9a804..9a194de4f 100644 --- a/interface-definitions/service_dhcp-server.xml.in +++ b/interface-definitions/service_dhcp-server.xml.in @@ -211,18 +211,7 @@ #include <include/dhcp/option-v4.xml.i> #include <include/generic-description.xml.i> #include <include/generic-disable-node.xml.i> - <leafNode name="ip-address"> - <properties> - <help>Fixed IP address of static mapping</help> - <valueHelp> - <format>ipv4</format> - <description>IPv4 address used in static mapping</description> - </valueHelp> - <constraint> - <validator name="ipv4-address"/> - </constraint> - </properties> - </leafNode> + #include <include/ip-address.xml.i> #include <include/interface/mac.xml.i> #include <include/interface/duid.xml.i> </children> diff --git a/interface-definitions/service_dhcpv6-server.xml.in b/interface-definitions/service_dhcpv6-server.xml.in index cf14388e8..a6763a345 100644 --- a/interface-definitions/service_dhcpv6-server.xml.in +++ b/interface-definitions/service_dhcpv6-server.xml.in @@ -48,21 +48,7 @@ <children> #include <include/generic-disable-node.xml.i> #include <include/generic-description.xml.i> - <leafNode name="interface"> - <properties> - <help>Optional interface for this shared network to accept requests from</help> - <completionHelp> - <script>${vyos_completion_dir}/list_interfaces</script> - </completionHelp> - <valueHelp> - <format>txt</format> - <description>Interface name</description> - </valueHelp> - <constraint> - #include <include/constraint/interface-name.xml.i> - </constraint> - </properties> - </leafNode> + #include <include/generic-interface.xml.i> #include <include/dhcp/option-v6.xml.i> <tagNode name="subnet"> <properties> @@ -77,21 +63,7 @@ </properties> <children> #include <include/dhcp/option-v6.xml.i> - <leafNode name="interface"> - <properties> - <help>Optional interface for this subnet to accept requests from</help> - <completionHelp> - <script>${vyos_completion_dir}/list_interfaces</script> - </completionHelp> - <valueHelp> - <format>txt</format> - <description>Interface name</description> - </valueHelp> - <constraint> - #include <include/constraint/interface-name.xml.i> - </constraint> - </properties> - </leafNode> + #include <include/generic-interface.xml.i> <tagNode name="range"> <properties> <help>Parameters setting ranges for assigning IPv6 addresses</help> diff --git a/interface-definitions/service_ipoe-server.xml.in b/interface-definitions/service_ipoe-server.xml.in index 39cfb7889..fe9d32bbd 100644 --- a/interface-definitions/service_ipoe-server.xml.in +++ b/interface-definitions/service_ipoe-server.xml.in @@ -70,6 +70,7 @@ <constraintErrorMessage>VLAN IDs need to be in range 1-4094</constraintErrorMessage> </properties> </leafNode> + #include <include/ip-address.xml.i> </children> </tagNode> </children> diff --git a/interface-definitions/service_lldp.xml.in b/interface-definitions/service_lldp.xml.in index 51a9f9cce..a189cc13b 100644 --- a/interface-definitions/service_lldp.xml.in +++ b/interface-definitions/service_lldp.xml.in @@ -29,7 +29,34 @@ </constraint> </properties> <children> - #include <include/generic-disable-node.xml.i> + <leafNode name="mode"> + <properties> + <help>Set LLDP receive/transmit operation mode of this interface</help> + <completionHelp> + <list>disable rx-tx tx rx</list> + </completionHelp> + <valueHelp> + <format>disable</format> + <description>Do not process or send LLDP messages</description> + </valueHelp> + <valueHelp> + <format>rx-tx</format> + <description>Send and process LLDP messages</description> + </valueHelp> + <valueHelp> + <format>rx</format> + <description>Process incoming LLDP messages</description> + </valueHelp> + <valueHelp> + <format>tx</format> + <description>Send LLDP messages</description> + </valueHelp> + <constraint> + <regex>(disable|rx-tx|tx|rx)</regex> + </constraint> + </properties> + <defaultValue>rx-tx</defaultValue> + </leafNode> <node name="location"> <properties> <help>LLDP-MED location data</help> diff --git a/interface-definitions/service_monitoring_frr_exporter.xml.in b/interface-definitions/service_monitoring_frr_exporter.xml.in deleted file mode 100644 index 96aee3ab4..000000000 --- a/interface-definitions/service_monitoring_frr_exporter.xml.in +++ /dev/null @@ -1,25 +0,0 @@ -<?xml version="1.0"?> -<interfaceDefinition> - <node name="service"> - <children> - <node name="monitoring"> - <children> - <node name="frr-exporter" owner="${vyos_conf_scripts_dir}/service_monitoring_frr-exporter.py"> - <properties> - <help>Prometheus exporter for FRR metrics</help> - <priority>1280</priority> - </properties> - <children> - #include <include/listen-address.xml.i> - #include <include/port-number.xml.i> - <leafNode name="port"> - <defaultValue>9342</defaultValue> - </leafNode> - #include <include/interface/vrf.xml.i> - </children> - </node> - </children> - </node> - </children> - </node> -</interfaceDefinition> diff --git a/interface-definitions/service_monitoring_network_event.xml.in b/interface-definitions/service_monitoring_network_event.xml.in new file mode 100644 index 000000000..edf23a06a --- /dev/null +++ b/interface-definitions/service_monitoring_network_event.xml.in @@ -0,0 +1,61 @@ +<?xml version="1.0"?> +<interfaceDefinition> + <node name="service"> + <children> + <node name="monitoring"> + <properties> + <help>Monitoring services</help> + </properties> + <children> + <node name="network-event" owner="${vyos_conf_scripts_dir}/service_monitoring_network_event.py"> + <properties> + <help>Network event logger</help> + <priority>1280</priority> + </properties> + <children> + <node name="event"> + <properties> + <help>Network event type</help> + </properties> + <children> + <leafNode name="route"> + <properties> + <help>Log routing table update events</help> + <valueless/> + </properties> + </leafNode> + <leafNode name="link"> + <properties> + <help>Log link status change events</help> + <valueless/> + </properties> + </leafNode> + <leafNode name="addr"> + <properties> + <help>Log address assignment and removal events</help> + <valueless/> + </properties> + </leafNode> + <leafNode name="neigh"> + <properties> + <help>Log neighbor (ARP/ND) table update events</help> + <valueless/> + </properties> + </leafNode> + <leafNode name="rule"> + <properties> + <help>Log policy routing rule change events</help> + <valueless/> + </properties> + </leafNode> + </children> + </node> + #include <include/netlink/queue-size.xml.i> + #include <include/netlink/log-level.xml.i> + </children> + </node> + </children> + </node> + </children> + </node> +</interfaceDefinition> diff --git a/interface-definitions/service_monitoring_node_exporter.xml.in b/interface-definitions/service_monitoring_node_exporter.xml.in deleted file mode 100644 index a11d2304f..000000000 --- a/interface-definitions/service_monitoring_node_exporter.xml.in +++ /dev/null @@ -1,25 +0,0 @@ -<?xml version="1.0"?> -<interfaceDefinition> - <node name="service"> - <children> - <node name="monitoring"> - <children> - <node name="node-exporter" owner="${vyos_conf_scripts_dir}/service_monitoring_node-exporter.py"> - <properties> - <help>Prometheus exporter for hardware and operating system metrics</help> - <priority>1280</priority> - </properties> - <children> - #include <include/listen-address.xml.i> - #include <include/port-number.xml.i> - <leafNode name="port"> - <defaultValue>9100</defaultValue> - </leafNode> - #include <include/interface/vrf.xml.i> - </children> - </node> - </children> - </node> - </children> - </node> -</interfaceDefinition> diff --git a/interface-definitions/service_monitoring_prometheus.xml.in b/interface-definitions/service_monitoring_prometheus.xml.in new file mode 100644 index 000000000..8bcebf5f3 --- /dev/null +++ b/interface-definitions/service_monitoring_prometheus.xml.in @@ -0,0 +1,134 @@ +<?xml version="1.0"?> +<interfaceDefinition> + <node name="service"> + <children> + <node name="monitoring"> + <children> + <node name="prometheus" owner="${vyos_conf_scripts_dir}/service_monitoring_prometheus.py"> + <properties> + <help>Prometheus metric exporter</help> + <priority>1280</priority> + </properties> + <children> + <node name="node-exporter"> + <properties> + <help>Prometheus exporter for hardware and operating system metrics</help> + </properties> + <children> + #include <include/listen-address.xml.i> + #include <include/port-number.xml.i> + <leafNode name="port"> + <defaultValue>9100</defaultValue> + </leafNode> + #include <include/interface/vrf.xml.i> + <node name="collectors"> + <properties> + <help>Collectors specific configuration</help> + </properties> + <children> + <leafNode name="textfile"> + <properties> + <help>Enables textfile collector to read from /run/node_exporter/collector</help> + <valueless/> + </properties> + </leafNode> + </children> + </node> + </children> + </node> + <node name="frr-exporter"> + <properties> + <help>Prometheus exporter for FRR metrics</help> + </properties> + <children> + #include <include/listen-address.xml.i> + #include <include/port-number.xml.i> + <leafNode name="port"> + <defaultValue>9342</defaultValue> + </leafNode> + #include <include/interface/vrf.xml.i> + </children> + </node> + <node name="blackbox-exporter"> + <properties> + <help>Prometheus exporter for probing endpoints</help> + </properties> + <children> + #include <include/listen-address.xml.i> + #include <include/port-number.xml.i> + <leafNode name="port"> + <defaultValue>9115</defaultValue> + </leafNode> + #include <include/interface/vrf.xml.i> + <node name="modules"> + <properties> + <help>Configure blackbox exporter modules</help> + </properties> + <children> + <node name="dns"> + <properties> + <help>Configure dns module</help> + </properties> + <children> + <tagNode name="name"> + <properties> + <help>Name of the dns module</help> + </properties> + <children> + <leafNode name="query-name"> + <properties> + <help>Name to be queried</help> + <constraint> + <validator name="fqdn"/> + </constraint> + </properties> + </leafNode> + <leafNode name="query-type"> + <properties> + <help>DNS query type</help> + <valueHelp> + <format>ANY</format> + <description>Query any DNS record</description> + </valueHelp> + <valueHelp> + <format>A</format> + <description>Query IPv4 address record</description> + </valueHelp> + <valueHelp> + <format>AAAA</format> + <description>Query IPv6 address record</description> + </valueHelp> + </properties> + <defaultValue>ANY</defaultValue> + </leafNode> + #include <include/monitoring/blackbox-exporter-module-commons.xml.i> + </children> + </tagNode> + </children> + </node> + <node name="icmp"> + <properties> + <help>Configure icmp module</help> + </properties> + <children> + <tagNode name="name"> + <properties> + <help>Name of the icmp module</help> + </properties> + <children> + #include <include/monitoring/blackbox-exporter-module-commons.xml.i> + </children> + </tagNode> + </children> + </node> + </children> + </node> + </children> + </node> + </children> + </node> + </children> + </node> + </children> + </node> +</interfaceDefinition> diff --git a/interface-definitions/service_monitoring_zabbix-agent.xml.in b/interface-definitions/service_monitoring_zabbix-agent.xml.in index e44b31312..122e61e8b 100644 --- a/interface-definitions/service_monitoring_zabbix-agent.xml.in +++ b/interface-definitions/service_monitoring_zabbix-agent.xml.in @@ -10,6 +10,23 @@ <priority>1280</priority> </properties> <children> + <node name="authentication"> + <properties> + <help>Authentication</help> + </properties> + <children> + #include <include/auth-mode-pre-shared-secret.xml.i> + <node name="psk"> + <properties> + <help>Pre-shared key</help> + </properties> + <children> + #include <include/auth-psk-id.xml.i> + #include <include/auth-psk-secret.xml.i> + </children> + </node> + </children> + </node> <leafNode name="directory"> <properties> <help>Folder containing individual Zabbix-agent configuration files</help> diff --git a/interface-definitions/service_ndp-proxy.xml.in b/interface-definitions/service_ndp-proxy.xml.in index aabba3f4e..327ce89d5 100644 --- a/interface-definitions/service_ndp-proxy.xml.in +++ b/interface-definitions/service_ndp-proxy.xml.in @@ -111,17 +111,7 @@ </properties> <defaultValue>static</defaultValue> </leafNode> - <leafNode name="interface"> - <properties> - <help>Interface to forward Neighbor Solicitation message through. Required for "iface" mode</help> - <completionHelp> - <script>${vyos_completion_dir}/list_interfaces</script> - </completionHelp> - <constraint> - #include <include/constraint/interface-name.xml.i> - </constraint> - </properties> - </leafNode> + #include <include/generic-interface.xml.i> </children> </tagNode> </children> diff --git a/interface-definitions/service_ntp.xml.in b/interface-definitions/service_ntp.xml.in index 5dc0cd295..c31b572bd 100644 --- a/interface-definitions/service_ntp.xml.in +++ b/interface-definitions/service_ntp.xml.in @@ -13,72 +13,72 @@ #include <include/generic-interface.xml.i> #include <include/listen-address.xml.i> #include <include/interface/vrf.xml.i> - <node name="ptp"> + <node name="timestamp"> <properties> - <help>Enable Precision Time Protocol (PTP) transport</help> + <help>Enable timestamping of packets in the NIC hardware</help> </properties> <children> - #include <include/port-number.xml.i> - <leafNode name="port"> - <defaultValue>319</defaultValue> - </leafNode> - <node name="timestamp"> + <tagNode name="interface"> <properties> - <help>Enable timestamping of packets in the NIC hardware</help> + <help>Interface to enable timestamping on</help> + <completionHelp> + <script>${vyos_completion_dir}/list_interfaces</script> + <list>all</list> + </completionHelp> + <valueHelp> + <format>all</format> + <description>Select all interfaces</description> + </valueHelp> + <valueHelp> + <format>txt</format> + <description>Interface name</description> + </valueHelp> + <constraint> + #include <include/constraint/interface-name.xml.i> + <regex>all</regex> + </constraint> </properties> <children> - <tagNode name="interface"> + <leafNode name="receive-filter"> <properties> - <help>Interface to enable timestamping on</help> + <help>Selects which inbound packets are timestamped by the NIC</help> <completionHelp> - <script>${vyos_completion_dir}/list_interfaces</script> - <list>all</list> + <list>all ntp ptp none</list> </completionHelp> <valueHelp> <format>all</format> - <description>Select all interfaces</description> + <description>All packets are timestamped</description> </valueHelp> <valueHelp> - <format>txt</format> - <description>Interface name</description> + <format>ntp</format> + <description>Only NTP packets are timestamped</description> + </valueHelp> + <valueHelp> + <format>ptp</format> + <description>Only PTP or NTP packets using the PTP transport are timestamped</description> + </valueHelp> + <valueHelp> + <format>none</format> + <description>No packet is timestamped</description> </valueHelp> <constraint> - #include <include/constraint/interface-name.xml.i> - <regex>all</regex> + <regex>(all|ntp|ptp|none)</regex> </constraint> </properties> - <children> - <leafNode name="receive-filter"> - <properties> - <help>Selects which inbound packets are timestamped by the NIC</help> - <completionHelp> - <list>all ntp ptp none</list> - </completionHelp> - <valueHelp> - <format>all</format> - <description>All packets are timestamped</description> - </valueHelp> - <valueHelp> - <format>ntp</format> - <description>Only NTP packets are timestamped</description> - </valueHelp> - <valueHelp> - <format>ptp</format> - <description>Only PTP or NTP packets using the PTP transport are timestamped</description> - </valueHelp> - <valueHelp> - <format>none</format> - <description>No packet is timestamped</description> - </valueHelp> - <constraint> - <regex>(all|ntp|ptp|none)</regex> - </constraint> - </properties> - </leafNode> - </children> - </tagNode> + </leafNode> </children> - </node> + </tagNode> + </children> + </node> + <node name="ptp"> + <properties> + <help>Enable Precision Time Protocol (PTP) transport</help> + </properties> + <children> + #include <include/port-number.xml.i> + <leafNode name="port"> + <defaultValue>319</defaultValue> + </leafNode> </children> </node> <leafNode name="leap-second"> diff --git a/interface-definitions/service_pppoe-server.xml.in b/interface-definitions/service_pppoe-server.xml.in index 0c99fd261..32215e9d2 100644 --- a/interface-definitions/service_pppoe-server.xml.in +++ b/interface-definitions/service_pppoe-server.xml.in @@ -63,6 +63,12 @@ </completionHelp> </properties> <children> + <leafNode name="combined"> + <properties> + <help>Listen on both VLANs and the base interface</help> + <valueless/> + </properties> + </leafNode> #include <include/accel-ppp/vlan.xml.i> #include <include/accel-ppp/vlan-mon.xml.i> </children> diff --git a/interface-definitions/service_snmp.xml.in b/interface-definitions/service_snmp.xml.in index f23151ef9..cc21f5b8b 100644 --- a/interface-definitions/service_snmp.xml.in +++ b/interface-definitions/service_snmp.xml.in @@ -304,7 +304,6 @@ </constraint> <constraintErrorMessage>ID must contain an even number (from 2 to 36) of hex digits</constraintErrorMessage> </properties> - <defaultValue></defaultValue> </leafNode> <tagNode name="group"> <properties> diff --git a/interface-definitions/service_ssh.xml.in b/interface-definitions/service_ssh.xml.in index 221e451d1..14d358c78 100644 --- a/interface-definitions/service_ssh.xml.in +++ b/interface-definitions/service_ssh.xml.in @@ -275,6 +275,14 @@ </constraint> </properties> </leafNode> + <node name="trusted-user-ca-key"> + <properties> + <help>Trusted user CA key</help> + </properties> + <children> + #include <include/pki/ca-certificate.xml.i> + </children> + </node> #include <include/vrf-multi.xml.i> </children> </node> diff --git a/interface-definitions/system_conntrack.xml.in b/interface-definitions/system_conntrack.xml.in index cd59d1308..54610b625 100644 --- a/interface-definitions/system_conntrack.xml.in +++ b/interface-definitions/system_conntrack.xml.in @@ -263,38 +263,8 @@ <valueless/> </properties> </leafNode> - <leafNode name="queue-size"> - <properties> - <help>Internal message queue size</help> - <valueHelp> - <format>u32:100-999999</format> - <description>Queue size</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 1-999999"/> - </constraint> - <constraintErrorMessage>Queue size must be between 100 and 999999</constraintErrorMessage> - </properties> - </leafNode> - <leafNode name="log-level"> - <properties> - <help>Set log-level. Log must be enable.</help> - <completionHelp> - <list>info debug</list> - </completionHelp> - <valueHelp> - <format>info</format> - <description>Info log level</description> - </valueHelp> - <valueHelp> - <format>debug</format> - <description>Debug log level</description> - </valueHelp> - <constraint> - <regex>(info|debug)</regex> - </constraint> - </properties> - </leafNode> + #include <include/netlink/queue-size.xml.i> + #include <include/netlink/log-level.xml.i> </children> </node> <node name="modules"> diff --git a/interface-definitions/system_flow-accounting.xml.in b/interface-definitions/system_flow-accounting.xml.in index 83a2480a3..4799205ad 100644 --- a/interface-definitions/system_flow-accounting.xml.in +++ b/interface-definitions/system_flow-accounting.xml.in @@ -362,73 +362,6 @@ </node> </children> </node> - <node name="sflow"> - <properties> - <help>sFlow settings</help> - </properties> - <children> - <leafNode name="agent-address"> - <properties> - <help>sFlow agent IPv4 address</help> - <completionHelp> - <list>auto</list> - <script>${vyos_completion_dir}/list_local_ips.sh --ipv4</script> - </completionHelp> - <valueHelp> - <format>ipv4</format> - <description>sFlow IPv4 agent address</description> - </valueHelp> - <constraint> - <validator name="ipv4-address"/> - </constraint> - </properties> - </leafNode> - <leafNode name="sampling-rate"> - <properties> - <help>sFlow sampling-rate</help> - <valueHelp> - <format>u32</format> - <description>Sampling rate (1 in N packets)</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 0-4294967295"/> - </constraint> - </properties> - </leafNode> - <tagNode name="server"> - <properties> - <help>sFlow destination server</help> - <valueHelp> - <format>ipv4</format> - <description>IPv4 server to export sFlow</description> - </valueHelp> - <valueHelp> - <format>ipv6</format> - <description>IPv6 server to export sFlow</description> - </valueHelp> - <constraint> - <validator name="ip-address"/> - </constraint> - </properties> - <children> - <leafNode name="port"> - <properties> - <help>sFlow port number</help> - <valueHelp> - <format>u32:1025-65535</format> - <description>sFlow port number</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 1025-65535"/> - </constraint> - </properties> - <defaultValue>6343</defaultValue> - </leafNode> - </children> - </tagNode> - #include <include/source-address-ipv4-ipv6.xml.i> - </children> - </node> #include <include/interface/vrf.xml.i> </children> </node> diff --git a/interface-definitions/system_sflow.xml.in b/interface-definitions/system_sflow.xml.in index aaf4033d8..2cd7a5d12 100644 --- a/interface-definitions/system_sflow.xml.in +++ b/interface-definitions/system_sflow.xml.in @@ -106,6 +106,12 @@ </leafNode> </children> </tagNode> + <leafNode name="enable-egress"> + <properties> + <help>Enable egress sampling</help> + <valueless/> + </properties> + </leafNode> #include <include/interface/vrf.xml.i> </children> </node> diff --git a/interface-definitions/system_syslog.xml.in b/interface-definitions/system_syslog.xml.in index 0a9a00572..116cbde73 100644 --- a/interface-definitions/system_syslog.xml.in +++ b/interface-definitions/system_syslog.xml.in @@ -8,28 +8,17 @@ <priority>400</priority> </properties> <children> - <tagNode name="user"> + <node name="console"> <properties> - <help>Logging to specific terminal of given user</help> - <completionHelp> - <path>system login user</path> - </completionHelp> - <valueHelp> - <format>txt</format> - <description>Local user account</description> - </valueHelp> - <constraint> - #include <include/constraint/login-username.xml.i> - </constraint> - <constraintErrorMessage>illegal characters in user</constraintErrorMessage> + <help>Log to system console (/dev/console)</help> </properties> <children> #include <include/syslog-facility.xml.i> </children> - </tagNode> - <tagNode name="host"> + </node> + <tagNode name="remote"> <properties> - <help>Logging to remote host</help> + <help>Log to remote host</help> <constraint> <validator name="ip-address"/> <validator name="fqdn"/> @@ -49,11 +38,6 @@ </valueHelp> </properties> <children> - #include <include/port-number.xml.i> - <leafNode name="port"> - <defaultValue>514</defaultValue> - </leafNode> - #include <include/protocol-tcp-udp.xml.i> #include <include/syslog-facility.xml.i> <node name="format"> <properties> @@ -62,98 +46,63 @@ <children> <leafNode name="octet-counted"> <properties> - <help>Allows for the transmission of all characters inside a syslog message</help> + <help>Allows for the transmission of multi-line messages (TCP only)</help> <valueless/> </properties> </leafNode> <leafNode name="include-timezone"> <properties> - <help>Include system timezone in syslog message</help> + <help>Use RFC 5424 format (with RFC 3339 timestamp and timezone)</help> <valueless/> </properties> </leafNode> </children> </node> + #include <include/port-number.xml.i> + <leafNode name="port"> + <defaultValue>514</defaultValue> + </leafNode> + #include <include/protocol-tcp-udp.xml.i> + #include <include/source-address-ipv4-ipv6.xml.i> + #include <include/interface/vrf.xml.i> </children> </tagNode> - <node name="global"> + <node name="local"> <properties> - <help>Logging to system standard location</help> + <help>Log to standard system location /var/log/messages</help> </properties> <children> #include <include/syslog-facility.xml.i> - <node name="marker"> - <properties> - <help>mark messages sent to syslog</help> - </properties> - <children> - <leafNode name="interval"> - <properties> - <help>time interval how often a mark message is being sent in seconds</help> - <constraint> - <validator name="numeric" argument="--positive"/> - </constraint> - </properties> - <defaultValue>1200</defaultValue> - </leafNode> - </children> - </node> - <leafNode name="preserve-fqdn"> - <properties> - <help>uses FQDN for logging</help> - <valueless/> - </properties> - </leafNode> </children> </node> - <tagNode name="file"> + <node name="marker"> <properties> - <help>Logging to a file</help> - <constraint> - <regex>[a-zA-Z0-9\-_.]{1,255}</regex> - </constraint> - <constraintErrorMessage>illegal characters in filename or filename longer than 255 characters</constraintErrorMessage> + <help>Mark messages sent to syslog</help> </properties> <children> - <node name="archive"> + #include <include/generic-disable-node.xml.i> + <leafNode name="interval"> <properties> - <help>Log file size and rotation characteristics</help> + <help>Mark message interval</help> + <valueHelp> + <format>u32:1-65535</format> + <description>Time in seconds</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 1-65535"/> + </constraint> + <constraintErrorMessage>Port number must be in range 1 to 65535</constraintErrorMessage> </properties> - <children> - <leafNode name="file"> - <properties> - <help>Number of saved files</help> - <constraint> - <regex>[0-9]+</regex> - </constraint> - <constraintErrorMessage>illegal characters in number of files</constraintErrorMessage> - </properties> - <defaultValue>5</defaultValue> - </leafNode> - <leafNode name="size"> - <properties> - <help>Size of log files in kbytes</help> - <constraint> - <regex>[0-9]+</regex> - </constraint> - <constraintErrorMessage>illegal characters in size</constraintErrorMessage> - </properties> - <defaultValue>256</defaultValue> - </leafNode> - </children> - </node> - #include <include/syslog-facility.xml.i> + <defaultValue>1200</defaultValue> + </leafNode> </children> - </tagNode> - <node name="console"> + </node> + <leafNode name="preserve-fqdn"> <properties> - <help>logging to serial console</help> + <help>Always include domain portion in hostname</help> + <valueless/> </properties> - <children> - #include <include/syslog-facility.xml.i> - </children> - </node> - #include <include/interface/vrf.xml.i> + </leafNode> </children> </node> </children> diff --git a/interface-definitions/vpn_ipsec.xml.in b/interface-definitions/vpn_ipsec.xml.in index 5540021e2..0cf526fad 100644 --- a/interface-definitions/vpn_ipsec.xml.in +++ b/interface-definitions/vpn_ipsec.xml.in @@ -722,18 +722,7 @@ <help>Authentication</help> </properties> <children> - <leafNode name="mode"> - <properties> - <help>Authentication mode</help> - <completionHelp> - <list>pre-shared-secret</list> - </completionHelp> - <valueHelp> - <format>pre-shared-secret</format> - <description>Use a pre-shared secret key</description> - </valueHelp> - </properties> - </leafNode> + #include <include/auth-mode-pre-shared-secret.xml.i> #include <include/ipsec/authentication-pre-shared-secret.xml.i> </children> </node> diff --git a/interface-definitions/xml-component-version.xml.in b/interface-definitions/xml-component-version.xml.in index 67d86a1d0..70957c5fa 100644 --- a/interface-definitions/xml-component-version.xml.in +++ b/interface-definitions/xml-component-version.xml.in @@ -1,52 +1,4 @@ <?xml version="1.0"?> <interfaceDefinition> - #include <include/version/bgp-version.xml.i> - #include <include/version/broadcast-relay-version.xml.i> - #include <include/version/cluster-version.xml.i> - #include <include/version/config-management-version.xml.i> - #include <include/version/conntrack-sync-version.xml.i> - #include <include/version/conntrack-version.xml.i> - #include <include/version/container-version.xml.i> - #include <include/version/dhcp-relay-version.xml.i> - #include <include/version/dhcp-server-version.xml.i> - #include <include/version/dhcpv6-server-version.xml.i> - #include <include/version/dns-dynamic-version.xml.i> - #include <include/version/dns-forwarding-version.xml.i> - #include <include/version/firewall-version.xml.i> - #include <include/version/flow-accounting-version.xml.i> - #include <include/version/https-version.xml.i> - #include <include/version/interfaces-version.xml.i> - #include <include/version/ids-version.xml.i> - #include <include/version/ipoe-server-version.xml.i> - #include <include/version/ipsec-version.xml.i> - #include <include/version/openvpn-version.xml.i> - #include <include/version/isis-version.xml.i> - #include <include/version/l2tp-version.xml.i> - #include <include/version/lldp-version.xml.i> - #include <include/version/mdns-version.xml.i> - #include <include/version/monitoring-version.xml.i> - #include <include/version/nat66-version.xml.i> - #include <include/version/nat-version.xml.i> - #include <include/version/ntp-version.xml.i> - #include <include/version/openconnect-version.xml.i> - #include <include/version/ospf-version.xml.i> - #include <include/version/pim-version.xml.i> - #include <include/version/policy-version.xml.i> - #include <include/version/pppoe-server-version.xml.i> - #include <include/version/pptp-version.xml.i> - #include <include/version/qos-version.xml.i> - #include <include/version/quagga-version.xml.i> - #include <include/version/rip-version.xml.i> - #include <include/version/rpki-version.xml.i> - #include <include/version/salt-version.xml.i> - #include <include/version/snmp-version.xml.i> - #include <include/version/ssh-version.xml.i> - #include <include/version/sstp-version.xml.i> - #include <include/version/system-version.xml.i> - #include <include/version/vrf-version.xml.i> - #include <include/version/vrrp-version.xml.i> - #include <include/version/vyos-accel-ppp-version.xml.i> - #include <include/version/wanloadbalance-version.xml.i> - #include <include/version/webproxy-version.xml.i> - #include <include/version/reverseproxy-version.xml.i> + #include <include/version/*> </interfaceDefinition> |