summaryrefslogtreecommitdiff
path: root/interface-definitions/vpn_ipsec.xml.in
AgeCommit message (Collapse)Author
2021-07-03ipsec: T2816: provide esp and ike-group XML building blockChristian Poessinger
2021-07-03ipsec: T2816: rework log options for debuggingChristian Poessinger
Renamed CLI from "logging log-modes" to "log subsystem" and "logging log-level" to "log level". THat is more human firendly.
2021-07-03ipsec: T2816: remove default values from Jinja2 template and place them in XMLChristian Poessinger
VyOS has a known to work mechanism in supplying CLI default values into the Python configuration scripts. This commit removes hardcoded default values from the Jinja2 template and places them into the appropriate XML definitions. The big advantage is that the default value itself and the corresponding help string are located in the exact same file.
2021-07-03ipsec: T2816: rework IKE and ESP key assignmentChristian Poessinger
Commit 2d79a500 ("ipsec: T2816: add Jinja2 converter for ESP/IKE groups to string") added a Jinja2 helper function which can be used to transform VyOS CLI ESP and IKE key proposals into a strongSwan compatible string cipher. This commit changes the IPSec implementation to make use of this new Jinja2 filter fubction/Python helper. This is required base work for better automated tests (smoketests) but also for an IKEv2 road-warrior setup.
2021-07-02xml: provide building block for a generic description nodeChristian Poessinger
2021-06-29pki: ipsec: T3642: Migrate IPSec to use PKI configurationsarthurdev
2021-06-15ipsec: T2816: T645: T3613: Migrated IPsec to swanctl, includes multiple ↵sarthurdev
selectors, and selectors with VTI.
2021-06-12ipsec: T57: Support disable on peer, tunnel, dmvpn profilesarthurdev
2021-06-06ipsec: T3588: remove CLI options deprecated by strongSwanChristian Poessinger
- set vpn ipsec nat-traversal - set vpn ipsec nat-networks allowed-network
2021-06-05ipsec: T3093: drop superfluous top level priorityChristian Poessinger
2021-05-28ipsec: T2816: IPSec python rework, includes DMVPN and VTI supportSimon
2021-01-07xml: include: provide generic include for disable nodeChristian Poessinger
2020-12-29xml: T1466: provide common includes for SSL certificate CLI nodesChristian Poessinger
Gather all SSL certificate, ca and key nodes into a single representation of XML which can be #included into the XML definitions of the CLI interface to be rendered.
2020-12-27xml: fix valueHelp format stringsChristian Poessinger
A pre-defined list of common format strings to be used inside the <format> node of <valueHelp> is available from [1]. Adjust all currently in use <format> nodes to re-use the predefined strings over writing them on their own by even encapsulating the <> signs as &lt; and &gt;. [1]: https://github.com/vyos/vyatta-cfg/blob/5aec1a0429f2f/etc/bash_completion.d/vyatta-cfg#L515-L566
2020-12-12xml: use "u32:" keyword when identifying port rangesChristian Poessinger
This will render the completion help more nicely.
2020-12-01vpn: ipsec: T3093: add XML for vpn ipsec conf-modeViacheslav Hletenko