From ba0509379c5ca47e4a78fef920d14a52a46b8e82 Mon Sep 17 00:00:00 2001
From: Christian Poessinger <christian@poessinger.com>
Date: Fri, 2 Oct 2020 17:42:29 +0200
Subject: acces-ppp: T2953: drop redundant CLI definitions

---
 .../include/accel-auth-local-users.xml.i           |  56 +++++
 .../include/accel-auth-mode.xml.i                  |   2 +
 .../include/accel-auth-protocols.xml.i             |  30 +++
 .../include/accel-client-ipv6-pool.xml.i           |   2 +
 .../include/accel-client-subnet.xml.i              |  16 ++
 .../include/accel-gateway-address.xml.i            |  15 ++
 .../include/accel-lcp-echo-interval-failure.xml.i  |  20 ++
 .../include/accel-lcp-echo-timeout.xml.i           |  11 +
 .../include/accel-name-server.xml.i                |   2 +
 interface-definitions/include/accel-ppp-mppe.xml.i |  25 +++
 .../accel-radius-additions-rate-limit.xml.i        |  25 +++
 interface-definitions/service_pppoe-server.xml.in  | 249 ++++-----------------
 interface-definitions/vpn_l2tp.xml.in              | 119 +---------
 interface-definitions/vpn_pptp.xml.in              |   9 +-
 interface-definitions/vpn_sstp.xml.in              | 240 +++-----------------
 15 files changed, 290 insertions(+), 531 deletions(-)
 create mode 100644 interface-definitions/include/accel-auth-local-users.xml.i
 create mode 100644 interface-definitions/include/accel-auth-protocols.xml.i
 create mode 100644 interface-definitions/include/accel-client-subnet.xml.i
 create mode 100644 interface-definitions/include/accel-gateway-address.xml.i
 create mode 100644 interface-definitions/include/accel-lcp-echo-interval-failure.xml.i
 create mode 100644 interface-definitions/include/accel-lcp-echo-timeout.xml.i
 create mode 100644 interface-definitions/include/accel-ppp-mppe.xml.i
 create mode 100644 interface-definitions/include/accel-radius-additions-rate-limit.xml.i

diff --git a/interface-definitions/include/accel-auth-local-users.xml.i b/interface-definitions/include/accel-auth-local-users.xml.i
new file mode 100644
index 000000000..4dc6c6dff
--- /dev/null
+++ b/interface-definitions/include/accel-auth-local-users.xml.i
@@ -0,0 +1,56 @@
+<!-- included start from accel-auth-local-users.xml.i -->
+<node name="local-users">
+  <properties>
+    <help>Local user authentication for PPPoE server</help>
+  </properties>
+  <children>
+    <tagNode name="username">
+      <properties>
+        <help>User name for authentication</help>
+      </properties>
+      <children>
+        <leafNode name="disable">
+          <properties>
+            <help>Option to disable a PPPoE Server user</help>
+            <valueless/>
+          </properties>
+        </leafNode>
+        <leafNode name="password">
+          <properties>
+            <help>Password for authentication</help>
+          </properties>
+        </leafNode>
+        <leafNode name="static-ip">
+          <properties>
+            <help>Static client IP address</help>
+          </properties>
+          <defaultValue>*</defaultValue>
+        </leafNode>
+        <node name="rate-limit">
+          <properties>
+            <help>Upload/Download speed limits</help>
+          </properties>
+          <children>
+            <leafNode name="upload">
+              <properties>
+                <help>Upload bandwidth limit in kbits/sec</help>
+                <constraint>
+                  <validator name="numeric" argument="--range 1-65535"/>
+                </constraint>
+              </properties>
+            </leafNode>
+            <leafNode name="download">
+              <properties>
+                <help>Download bandwidth limit in kbits/sec</help>
+                <constraint>
+                  <validator name="numeric" argument="--range 1-65535"/>
+                </constraint>
+              </properties>
+            </leafNode>
+          </children>
+        </node>
+      </children>
+    </tagNode>
+  </children>
+</node>
+<!-- included end -->
diff --git a/interface-definitions/include/accel-auth-mode.xml.i b/interface-definitions/include/accel-auth-mode.xml.i
index 750c3117b..85c3c5e82 100644
--- a/interface-definitions/include/accel-auth-mode.xml.i
+++ b/interface-definitions/include/accel-auth-mode.xml.i
@@ -1,3 +1,4 @@
+<!-- included start from accel-auth-mode.xml.i -->
 <leafNode name="mode">
   <properties>
     <help>Authentication mode used by this server</help>
@@ -18,3 +19,4 @@
   </properties>
   <defaultValue>local</defaultValue>
 </leafNode>
+<!-- included end -->
diff --git a/interface-definitions/include/accel-auth-protocols.xml.i b/interface-definitions/include/accel-auth-protocols.xml.i
new file mode 100644
index 000000000..10d89d4de
--- /dev/null
+++ b/interface-definitions/include/accel-auth-protocols.xml.i
@@ -0,0 +1,30 @@
+<!-- included start from accel-auth-protocols.xml.i -->
+<leafNode name="protocols">
+  <properties>
+    <help>Authentication protocol for remote access peer SSTP VPN</help>
+    <completionHelp>
+      <list>pap chap mschap mschap-v2</list>
+    </completionHelp>
+    <valueHelp>
+      <format>pap</format>
+      <description>Authentication via PAP (Password Authentication Protocol)</description>
+    </valueHelp>
+    <valueHelp>
+      <format>chap</format>
+      <description>Authentication via CHAP (Challenge Handshake Authentication Protocol)</description>
+    </valueHelp>
+    <valueHelp>
+      <format>mschap</format>
+      <description>Authentication via MS-CHAP (Microsoft Challenge Handshake Authentication Protocol)</description>
+    </valueHelp>
+    <valueHelp>
+      <format>mschap-v2</format>
+      <description>Authentication via MS-CHAPv2 (Microsoft Challenge Handshake Authentication Protocol, version 2)</description>
+    </valueHelp>
+    <constraint>
+      <regex>(pap|chap|mschap|mschap-v2)</regex>
+    </constraint>
+      <multi />
+  </properties>
+</leafNode>
+<!-- included end -->
diff --git a/interface-definitions/include/accel-client-ipv6-pool.xml.i b/interface-definitions/include/accel-client-ipv6-pool.xml.i
index 455ada6ef..471ff714c 100644
--- a/interface-definitions/include/accel-client-ipv6-pool.xml.i
+++ b/interface-definitions/include/accel-client-ipv6-pool.xml.i
@@ -1,3 +1,4 @@
+<!-- included start from accel-client-ipv6-pool.xml.i -->
 <node name="client-ipv6-pool">
   <properties>
     <help>Pool of client IPv6 addresses</help>
@@ -57,3 +58,4 @@
     </tagNode>
   </children>
 </node>
+<!-- included end -->
diff --git a/interface-definitions/include/accel-client-subnet.xml.i b/interface-definitions/include/accel-client-subnet.xml.i
new file mode 100644
index 000000000..e6dd5534c
--- /dev/null
+++ b/interface-definitions/include/accel-client-subnet.xml.i
@@ -0,0 +1,16 @@
+<!-- included start from accel-client-subnet.xml.i -->
+<leafNode name="subnet">
+  <properties>
+    <help>Client IP subnet (CIDR notation)</help>
+    <valueHelp>
+      <format>ipv4net</format>
+      <description>IPv4 address and prefix length</description>
+    </valueHelp>
+    <constraint>
+      <validator name="ipv4-prefix"/>
+    </constraint>
+    <constraintErrorMessage>Not a valid CIDR formatted prefix</constraintErrorMessage>
+    <multi />
+  </properties>
+</leafNode>
+<!-- included end -->
diff --git a/interface-definitions/include/accel-gateway-address.xml.i b/interface-definitions/include/accel-gateway-address.xml.i
new file mode 100644
index 000000000..c45c8b532
--- /dev/null
+++ b/interface-definitions/include/accel-gateway-address.xml.i
@@ -0,0 +1,15 @@
+<!-- included start from accel-gateway-address.xml.i -->
+<leafNode name="gateway-address">
+  <properties>
+    <help>Gateway IP address</help>
+    <constraint>
+      <validator name="ipv4-address"/>
+    </constraint>
+    <constraintErrorMessage>invalid IPv4 address</constraintErrorMessage>
+    <valueHelp>
+      <format>ipv4</format>
+      <description>Default Gateway send to the client</description>
+    </valueHelp>
+  </properties>
+</leafNode>
+<!-- included end -->
diff --git a/interface-definitions/include/accel-lcp-echo-interval-failure.xml.i b/interface-definitions/include/accel-lcp-echo-interval-failure.xml.i
new file mode 100644
index 000000000..cccf4b4f2
--- /dev/null
+++ b/interface-definitions/include/accel-lcp-echo-interval-failure.xml.i
@@ -0,0 +1,20 @@
+<!-- included start from accel-lcp-echo-interval-failure.xml.i -->
+<leafNode name="lcp-echo-interval">
+  <properties>
+    <help>LCP echo-requests/sec</help>
+    <constraint>
+      <validator name="numeric" argument="--positive"/>
+    </constraint>
+  </properties>
+  <defaultValue>30</defaultValue>
+</leafNode>
+<leafNode name="lcp-echo-failure">
+  <properties>
+    <help>Maximum number of Echo-Requests may be sent without valid reply</help>
+    <constraint>
+      <validator name="numeric" argument="--positive"/>
+    </constraint>
+  </properties>
+  <defaultValue>3</defaultValue>
+</leafNode>
+<!-- included end -->
diff --git a/interface-definitions/include/accel-lcp-echo-timeout.xml.i b/interface-definitions/include/accel-lcp-echo-timeout.xml.i
new file mode 100644
index 000000000..888fa9d41
--- /dev/null
+++ b/interface-definitions/include/accel-lcp-echo-timeout.xml.i
@@ -0,0 +1,11 @@
+<!-- included start from accel-lcp-echo-timeout.xml.i -->
+<leafNode name="lcp-echo-timeout">
+  <properties>
+    <help>Timeout in seconds to wait for any peer activity. If this option specified it turns on adaptive lcp echo functionality and "lcp-echo-failure" is not used.</help>
+    <constraint>
+      <validator name="numeric" argument="--positive"/>
+    </constraint>
+  </properties>
+  <defaultValue>0</defaultValue>
+</leafNode>
+<!-- included end -->
diff --git a/interface-definitions/include/accel-name-server.xml.i b/interface-definitions/include/accel-name-server.xml.i
index 82ed6771d..e46c75b52 100644
--- a/interface-definitions/include/accel-name-server.xml.i
+++ b/interface-definitions/include/accel-name-server.xml.i
@@ -1,3 +1,4 @@
+<!-- included start from accel-name-server.xml.i -->
 <leafNode name="name-server">
   <properties>
     <help>Domain Name Server (DNS) propagated to client</help>
@@ -16,3 +17,4 @@
     <multi/>
   </properties>
 </leafNode>
+<!-- included end -->
diff --git a/interface-definitions/include/accel-ppp-mppe.xml.i b/interface-definitions/include/accel-ppp-mppe.xml.i
new file mode 100644
index 000000000..089d8e2c1
--- /dev/null
+++ b/interface-definitions/include/accel-ppp-mppe.xml.i
@@ -0,0 +1,25 @@
+<!-- included start from accel-ppp-mppe.xml.i -->
+<leafNode name="mppe">
+  <properties>
+    <help>Specifies mppe negotiation preferences</help>
+    <completionHelp>
+      <list>require prefer deny</list>
+    </completionHelp>
+    <constraint>
+      <regex>(^require|prefer|deny)</regex>
+    </constraint>
+    <valueHelp>
+      <format>require</format>
+      <description>send mppe request, if client rejects, drop the connection</description>
+    </valueHelp>
+    <valueHelp>
+      <format>prefer</format>
+      <description>send mppe request, if client rejects continue</description>
+    </valueHelp>
+    <valueHelp>
+      <format>deny</format>
+      <description>drop all mppe</description>
+    </valueHelp>
+  </properties>
+</leafNode>
+<!-- included end -->
diff --git a/interface-definitions/include/accel-radius-additions-rate-limit.xml.i b/interface-definitions/include/accel-radius-additions-rate-limit.xml.i
new file mode 100644
index 000000000..deab40e03
--- /dev/null
+++ b/interface-definitions/include/accel-radius-additions-rate-limit.xml.i
@@ -0,0 +1,25 @@
+<!-- included start from accel-radius-additions-rate-limit.xml.i -->
+<node name="rate-limit">
+  <properties>
+    <help>Upload/Download speed limits</help>
+  </properties>
+  <children>
+    <leafNode name="attribute">
+      <properties>
+        <help>Specifies which radius attribute contains rate information. (default is Filter-Id)</help>
+      </properties>
+    </leafNode>
+    <leafNode name="vendor">
+      <properties>
+        <help>Specifies the vendor dictionary. (dictionary needs to be in /usr/share/accel-ppp/radius)</help>
+      </properties>
+    </leafNode>
+    <leafNode name="enable">
+      <properties>
+        <help>Enables Bandwidth shaping via RADIUS</help>
+        <valueless />
+      </properties>
+    </leafNode>
+  </children>
+</node>
+<!-- included end -->
diff --git a/interface-definitions/service_pppoe-server.xml.in b/interface-definitions/service_pppoe-server.xml.in
index b38f692d8..3a9c25496 100644
--- a/interface-definitions/service_pppoe-server.xml.in
+++ b/interface-definitions/service_pppoe-server.xml.in
@@ -8,19 +8,6 @@
           <priority>900</priority>
         </properties>
         <children>
-          <node name="snmp">
-            <properties>
-              <help>Enable SNMP</help>
-            </properties>
-            <children>
-              <leafNode name="master-agent">
-                <properties>
-                  <help>enable SNMP master agent mode</help>
-                  <valueless />
-                </properties>
-              </leafNode>
-            </children>
-          </node>
           <leafNode name="access-concentrator">
             <properties>
               <help>Access concentrator name</help>
@@ -31,118 +18,19 @@
             </properties>
             <defaultValue>vyos-ac</defaultValue>
           </leafNode>
-          <leafNode name="session-control">
-            <properties>
-              <help>control sessions count</help>
-              <constraint>
-                <regex>^(deny|disable|replace)$</regex>
-              </constraint>
-              <constraintErrorMessage>Invalid value</constraintErrorMessage>
-              <valueHelp>
-                <format>disable</format>
-                <description>Disables session control</description>
-              </valueHelp>
-              <valueHelp>
-                <format>deny</format>
-                <description>Deny second session authorization</description>
-              </valueHelp>
-              <valueHelp>
-                <format>replace</format>
-                <description>Terminate first session when second is authorized</description>
-              </valueHelp>
-              <completionHelp>
-                <list>deny disable replace</list>
-              </completionHelp>
-            </properties>
-            <defaultValue>replace</defaultValue>
-          </leafNode>
           <node name="authentication">
             <properties>
               <help>Authentication for remote access PPPoE Server</help>
             </properties>
             <children>
-              <node name="local-users">
-                <properties>
-                  <help>Local user authentication for PPPoE server</help>
-                </properties>
-                <children>
-                  <tagNode name="username">
-                    <properties>
-                      <help>User name for authentication</help>
-                    </properties>
-                    <children>
-                      <leafNode name="disable">
-                        <properties>
-                          <help>Option to disable a PPPoE Server user</help>
-                          <valueless/>
-                        </properties>
-                      </leafNode>
-                      <leafNode name="password">
-                        <properties>
-                          <help>Password for authentication</help>
-                        </properties>
-                      </leafNode>
-                      <leafNode name="static-ip">
-                        <properties>
-                          <help>Static client IP address</help>
-                        </properties>
-                        <defaultValue>*</defaultValue>
-                      </leafNode>
-                      <node name="rate-limit">
-                        <properties>
-                          <help>Upload/Download speed limits</help>
-                        </properties>
-                        <children>
-                          <leafNode name="upload">
-                            <properties>
-                              <help>Upload bandwidth limit in kbits/sec</help>
-                              <constraint>
-                                <validator name="numeric" argument="--range 1-65535"/>
-                              </constraint>
-                            </properties>
-                          </leafNode>
-                          <leafNode name="download">
-                            <properties>
-                              <help>Download bandwidth limit in kbits/sec</help>
-                              <constraint>
-                                <validator name="numeric" argument="--range 1-65535"/>
-                              </constraint>
-                            </properties>
-                          </leafNode>
-                        </children>
-                      </node>
-                    </children>
-                  </tagNode>
-                </children>
-              </node>
+              #include <include/accel-auth-local-users.xml.i>
               #include <include/accel-auth-mode.xml.i>
+              #include <include/accel-auth-protocols.xml.i>
               #include <include/radius-server.xml.i>
               #include <include/accel-radius-additions.xml.i>
               <node name="radius">
                 <children>
-                  <node name="rate-limit">
-                    <properties>
-                      <help>Upload/Download speed limits</help>
-                    </properties>
-                    <children>
-                      <leafNode name="attribute">
-                        <properties>
-                          <help>Specifies which radius attribute contains rate information. (default is Filter-Id)</help>
-                        </properties>
-                      </leafNode>
-                      <leafNode name="vendor">
-                        <properties>
-                          <help>Specifies the vendor dictionary. (dictionary needs to be in /usr/share/accel-ppp/radius)</help>
-                        </properties>
-                      </leafNode>
-                      <leafNode name="enable">
-                        <properties>
-                          <help>Enables Bandwidth shaping via RADIUS</help>
-                          <valueless />
-                        </properties>
-                      </leafNode>
-                    </children>
-                  </node>
+                  #include <include/accel-radius-additions-rate-limit.xml.i>
                   <leafNode name="called-sid-format">
                     <properties>
                       <help>Format of Called-Station-Id attribute</help>
@@ -165,34 +53,6 @@
                   </leafNode>
                 </children>
               </node>
-              <leafNode name="protocols">
-                <properties>
-                  <help>Authentication protocol</help>
-                  <valueHelp>
-                    <format>pap</format>
-                    <description>Allow PAP authentication [Password Authentication Protocol]</description>
-                  </valueHelp>
-                  <valueHelp>
-                    <format>chap</format>
-                    <description>Allow CHAP authentication [Challenge Handshake Authentication Protocol]</description>
-                  </valueHelp>
-                  <valueHelp>
-                    <format>mschap</format>
-                    <description>Allow MS-CHAP authentication [Microsoft Challenge Handshake Authentication Protocol, Version 1]</description>
-                  </valueHelp>
-                  <valueHelp>
-                    <format>mschap-v2</format>
-                    <description>Allow MS-CHAPv2 authentication [Microsoft Challenge Handshake Authentication Protocol, Version 2]</description>
-                  </valueHelp>
-                  <constraint>
-                    <regex>(pap|chap|mschap|mschap-v2)</regex>
-                  </constraint>
-                  <completionHelp>
-                    <list>pap chap mschap mschap-v2</list>
-                  </completionHelp>
-                  <multi/>
-                </properties>
-              </leafNode>
             </children>
           </node>
           <node name="client-ip-pool">
@@ -216,16 +76,7 @@
                   </constraint>
                 </properties>
               </leafNode>
-              <leafNode name="subnet">
-                <properties>
-                  <help>Client IP subnet (CIDR notation)</help>
-                  <constraint>
-                    <validator name="ipv4-prefix"/>
-                  </constraint>
-                  <constraintErrorMessage>Not a valid CIDR formatted prefix</constraintErrorMessage>
-                  <multi />
-                </properties>
-              </leafNode>
+              #include <include/accel-client-subnet.xml.i>
             </children>
           </node>
           #include <include/accel-client-ipv6-pool.xml.i>
@@ -340,57 +191,9 @@
                   <valueless />
                 </properties>
               </leafNode>
-              <leafNode name="mppe">
-                <properties>
-                  <help>Specifies MPPE negotiation preference. (default prefer mppe)</help>
-                  <completionHelp>
-                    <list>deny prefer require</list>
-                  </completionHelp>
-                  <valueHelp>
-                    <format>deny</format>
-                    <description>Deny MPPE</description>
-                  </valueHelp>
-                  <valueHelp>
-                    <format>prefer</format>
-                    <description>Ask client for MPPE - do not fail on reject</description>
-                  </valueHelp>
-                  <valueHelp>
-                    <format>require</format>
-                    <description>Ask client for MPPE - drop connection on reject</description>
-                  </valueHelp>
-                  <constraint>
-                    <regex>^(deny|prefer|require)$</regex>
-                  </constraint>
-                </properties>
-                <defaultValue>prefer</defaultValue>
-              </leafNode>
-              <leafNode name="lcp-echo-interval">
-                <properties>
-                  <help>LCP echo-requests/sec</help>
-                  <constraint>
-                    <validator name="numeric" argument="--positive"/>
-                  </constraint>
-                </properties>
-                <defaultValue>30</defaultValue>
-              </leafNode>
-              <leafNode name="lcp-echo-failure">
-                <properties>
-                  <help>Maximum number of Echo-Requests may be sent without valid reply</help>
-                  <constraint>
-                    <validator name="numeric" argument="--positive"/>
-                  </constraint>
-                </properties>
-                <defaultValue>3</defaultValue>
-              </leafNode>
-              <leafNode name="lcp-echo-timeout">
-                <properties>
-                  <help>Timeout in seconds to wait for any peer activity. If this option specified it turns on adaptive lcp echo functionality and "lcp-echo-failure" is not used.</help>
-                  <constraint>
-                    <validator name="numeric" argument="--positive"/>
-                  </constraint>
-                </properties>
-                <defaultValue>0</defaultValue>
-              </leafNode>
+              #include <include/accel-ppp-mppe.xml.i>
+              #include <include/accel-lcp-echo-interval-failure.xml.i>
+              #include <include/accel-lcp-echo-timeout.xml.i>
               <leafNode name="ipv4">
                 <properties>
                   <help>IPv4 (IPCP) negotiation algorithm</help>
@@ -523,6 +326,44 @@
               </leafNode>
             </children>
           </tagNode>
+          <leafNode name="session-control">
+            <properties>
+              <help>control sessions count</help>
+              <constraint>
+                <regex>^(deny|disable|replace)$</regex>
+              </constraint>
+              <constraintErrorMessage>Invalid value</constraintErrorMessage>
+              <valueHelp>
+                <format>disable</format>
+                <description>Disables session control</description>
+              </valueHelp>
+              <valueHelp>
+                <format>deny</format>
+                <description>Deny second session authorization</description>
+              </valueHelp>
+              <valueHelp>
+                <format>replace</format>
+                <description>Terminate first session when second is authorized</description>
+              </valueHelp>
+              <completionHelp>
+                <list>deny disable replace</list>
+              </completionHelp>
+            </properties>
+            <defaultValue>replace</defaultValue>
+          </leafNode>
+          <node name="snmp">
+            <properties>
+              <help>Enable SNMP</help>
+            </properties>
+            <children>
+              <leafNode name="master-agent">
+                <properties>
+                  <help>enable SNMP master agent mode</help>
+                  <valueless />
+                </properties>
+              </leafNode>
+            </children>
+          </node>
         </children>
       </node>
     </children>
diff --git a/interface-definitions/vpn_l2tp.xml.in b/interface-definitions/vpn_l2tp.xml.in
index 4de28d2bd..d7ad9777f 100644
--- a/interface-definitions/vpn_l2tp.xml.in
+++ b/interface-definitions/vpn_l2tp.xml.in
@@ -28,14 +28,7 @@
                   </constraint>
                 </properties>
               </leafNode>
-              <leafNode name="gateway-address">
-                <properties>
-                  <help>Gatway address uses as client tunnel termination point</help>
-                  <constraint>
-                    <validator name="ipv4-address"/>
-                  </constraint>
-                </properties>
-              </leafNode>
+              #include <include/accel-gateway-address.xml.i>
               #include <include/accel-name-server.xml.i>
               <node name="lns">
                 <properties>
@@ -187,20 +180,7 @@
                       </constraint>
                     </properties>
                   </leafNode>
-                  <leafNode name="subnet">
-                    <properties>
-                      <help>Client IP subnet (CIDR notation)</help>
-                      <constraint>
-                        <validator name="ipv4-prefix"/>
-                      </constraint>
-                      <constraintErrorMessage>Not a valid CIDR formatted prefix</constraintErrorMessage>
-                      <valueHelp>
-                        <format>ipv4net</format>
-                        <description>IPv4 subnet address</description>
-                      </valueHelp>
-                      <multi />
-                    </properties>
-                  </leafNode>
+                  #include <include/accel-client-subnet.xml.i>
                 </children>
               </node>
               #include <include/accel-client-ipv6-pool.xml.i>
@@ -259,83 +239,9 @@
                       <multi />
                     </properties>
                   </leafNode>
-                  <leafNode name="mppe">
-                    <properties>
-                      <help>Specifies mppe negotioation preference. (default require mppe 128-bit stateless</help>
-                      <valueHelp>
-                        <format>deny</format>
-                        <description>deny mppe</description>
-                      </valueHelp>
-                      <valueHelp>
-                        <format>prefer</format>
-                        <description>Ask client for mppe, if it rejects do not fail</description>
-                      </valueHelp>
-                      <valueHelp>
-                        <format>require</format>
-                        <description>ask client for mppe, if it rejects drop connection</description>
-                      </valueHelp>
-                      <constraint>
-                        <regex>(deny|prefer|require)</regex>
-                      </constraint>
-                      <completionHelp>
-                        <list>deny prefer require</list>
-                      </completionHelp>
-                    </properties>
-                  </leafNode>
+                  #include <include/accel-ppp-mppe.xml.i>
                   #include <include/accel-auth-mode.xml.i>
-                  <node name="local-users">
-                    <properties>
-                      <help>Local user authentication for remote access L2TP VPN</help>
-                    </properties>
-                    <children>
-                      <tagNode name="username">
-                        <properties>
-                          <help>User name for authentication</help>
-                        </properties>
-                        <children>
-                          <leafNode name="disable">
-                            <properties>
-                              <help>Option to disable a L2TP Server user</help>
-                              <valueless/>
-                            </properties>
-                          </leafNode>
-                          <leafNode name="password">
-                            <properties>
-                              <help>Password for authentication</help>
-                            </properties>
-                          </leafNode>
-                          <leafNode name="static-ip">
-                            <properties>
-                              <help>Static client IP address</help>
-                            </properties>
-                          </leafNode>
-                          <node name="rate-limit">
-                            <properties>
-                              <help>Upload/Download speed limits</help>
-                            </properties>
-                            <children>
-                              <leafNode name="upload">
-                                <properties>
-                                  <help>Upload bandwidth limit in kbits/sec</help>
-                                  <constraint>
-                                    <validator name="numeric" argument="--range 1-65535"/>
-                                  </constraint>
-                                </properties>
-                              </leafNode>
-                              <leafNode name="download">
-                                <properties>
-                                  <help>Download bandwidth limit in kbits/sec</help>
-                                  <constraint>
-                                    <validator name="numeric" argument="--range 1-65535"/>
-                                  </constraint>
-                                </properties>
-                              </leafNode>
-                            </children>
-                          </node>
-                        </children>
-                      </tagNode>
-                    </children>
-                  </node>
+                  #include <include/accel-auth-local-users.xml.i>
                   #include <include/radius-server.xml.i>
                   <node name="radius">
                     <children>
@@ -430,22 +336,7 @@
                   <help>Advanced protocol options</help>
                 </properties>
                 <children>
-                  <leafNode name="lcp-echo-interval">
-                    <properties>
-                      <help>LCP echo-requests/sec</help>
-                      <constraint>
-                        <validator name="numeric" argument="--positive"/>
-                      </constraint>
-                    </properties>
-                  </leafNode>
-                  <leafNode name="lcp-echo-failure">
-                    <properties>
-                      <help>Maximum number of Echo-Requests may be sent without valid reply</help>
-                      <constraint>
-                        <validator name="numeric" argument="--positive"/>
-                      </constraint>
-                    </properties>
-                  </leafNode>
+                  #include <include/accel-lcp-echo-interval-failure.xml.i>
                 </children>
               </node>
             </children>
diff --git a/interface-definitions/vpn_pptp.xml.in b/interface-definitions/vpn_pptp.xml.in
index f37c9bd01..83e71347b 100644
--- a/interface-definitions/vpn_pptp.xml.in
+++ b/interface-definitions/vpn_pptp.xml.in
@@ -65,14 +65,7 @@
                   </leafNode>
                 </children>
               </node>
-              <leafNode name="gateway-address">
-                <properties>
-                  <help>Gatway address uses as client tunnel termination point</help>
-                  <constraint>
-                    <validator name="ipv4-address"/>
-                  </constraint>
-                </properties>
-              </leafNode>
+              #include <include/accel-gateway-address.xml.i>
               <node name="authentication">
                 <properties>
                   <help>Authentication for remote access PPTP VPN</help>
diff --git a/interface-definitions/vpn_sstp.xml.in b/interface-definitions/vpn_sstp.xml.in
index 5da2f8f24..5433a4ea7 100644
--- a/interface-definitions/vpn_sstp.xml.in
+++ b/interface-definitions/vpn_sstp.xml.in
@@ -13,117 +13,45 @@
               <help>Authentication for remote access SSTP Server</help>
             </properties>
             <children>
-              <node name="local-users">
-                <properties>
-                  <help>Local user authentication for SSTP server</help>
-                </properties>
+              #include <include/accel-auth-local-users.xml.i>
+              #include <include/accel-auth-mode.xml.i>
+              #include <include/accel-auth-protocols.xml.i>
+              #include <include/radius-server.xml.i>
+              #include <include/accel-radius-additions.xml.i>
+              <node name="radius">
                 <children>
-                  <tagNode name="username">
-                    <properties>
-                      <help>User name for authentication</help>
-                    </properties>
-                    <children>
-                      <leafNode name="disable">
-                        <properties>
-                          <help>Option to disable a SSTP Server user</help>
-                          <valueless />
-                        </properties>
-                      </leafNode>
-                      <leafNode name="password">
-                        <properties>
-                          <help>Password for authentication</help>
-                        </properties>
-                      </leafNode>
-                      <leafNode name="static-ip">
-                        <properties>
-                          <help>Static client IP address</help>
-                        </properties>
-                      </leafNode>
-                      <node name="rate-limit">
-                        <properties>
-                          <help>Upload/Download speed limits</help>
-                        </properties>
-                        <children>
-                          <leafNode name="upload">
-                            <properties>
-                              <help>Upload bandwidth limit in kbits/sec</help>
-                              <constraint>
-                                <validator name="numeric" argument="--range 1-65535"/>
-                              </constraint>
-                            </properties>
-                          </leafNode>
-                          <leafNode name="download">
-                            <properties>
-                              <help>Download bandwidth limit in kbits/sec</help>
-                              <constraint>
-                                <validator name="numeric" argument="--range 1-65535"/>
-                              </constraint>
-                            </properties>
-                          </leafNode>
-                        </children>
-                      </node>
-                    </children>
-                  </tagNode>
+                  #include <include/accel-radius-additions-rate-limit.xml.i>
                 </children>
               </node>
-              #include <include/accel-auth-mode.xml.i>
-              <leafNode name="protocols">
+            </children>
+          </node>
+          <node name="network-settings">
+            <properties>
+              <help>Network settings</help>
+            </properties>
+            <children>
+              <node name="client-ip-settings">
                 <properties>
-                  <help>Authentication protocol for remote access peer SSTP VPN</help>
-                  <completionHelp>
-                    <list>pap chap mschap mschap-v2</list>
-                  </completionHelp>
-                  <valueHelp>
-                    <format>pap</format>
-                    <description>Authentication via PAP (Password Authentication Protocol)</description>
-                  </valueHelp>
-                  <valueHelp>
-                    <format>chap</format>
-                    <description>Authentication via CHAP (Challenge Handshake Authentication Protocol)</description>
-                  </valueHelp>
-                  <valueHelp>
-                    <format>mschap</format>
-                    <description>Authentication via MS-CHAP (Microsoft Challenge Handshake Authentication Protocol)</description>
-                  </valueHelp>
-                  <valueHelp>
-                    <format>mschap-v2</format>
-                    <description>Authentication via MS-CHAPv2 (Microsoft Challenge Handshake Authentication Protocol, version 2)</description>
-                  </valueHelp>
-                  <constraint>
-                    <regex>(pap|chap|mschap|mschap-v2)</regex>
-                  </constraint>
-                    <multi />
+                  <help>Client IP pools and gateway setting</help>
                 </properties>
-              </leafNode>
-              #include <include/radius-server.xml.i>
-              #include <include/accel-radius-additions.xml.i>
-              <node name="radius">
                 <children>
-                  <node name="rate-limit">
-                    <properties>
-                      <help>Upload/Download speed limits</help>
-                    </properties>
-                    <children>
-                      <leafNode name="attribute">
-                        <properties>
-                          <help>Specifies RADIUS attribute containing rate information (default 'Filter-Id')</help>
-                        </properties>
-                      </leafNode>
-                      <leafNode name="vendor">
-                        <properties>
-                          <help>Specifies vendor dictionary (needs to be in /usr/share/accel-ppp/radius)</help>
-                        </properties>
-                      </leafNode>
-                      <leafNode name="enable">
-                        <properties>
-                          <help>Enable RADIUS bandwidth shaping</help>
-                          <valueless />
-                        </properties>
-                      </leafNode>
-                    </children>
-                  </node>
+                  #include <include/accel-client-subnet.xml.i>
+                  #include <include/accel-gateway-address.xml.i>
                 </children>
               </node>
+              #include <include/accel-client-ipv6-pool.xml.i>
+              #include <include/accel-name-server.xml.i>
+              #include <include/interface-mtu-68-1500.xml.i>
+            </children>
+          </node>
+          <node name="ppp-settings">
+            <properties>
+              <help>PPP (Point-to-Point Protocol) settings</help>
+            </properties>
+            <children>
+              #include <include/accel-ppp-mppe.xml.i>
+              #include <include/accel-lcp-echo-interval-failure.xml.i>
+              #include <include/accel-lcp-echo-timeout.xml.i>
             </children>
           </node>
           <node name="ssl">
@@ -168,106 +96,8 @@
               </leafNode>
             </children>
           </node>
-          <node name="network-settings">
-            <properties>
-              <help>Network settings</help>
-            </properties>
-            <children>
-              <node name="client-ip-settings">
-                <properties>
-                  <help>Client IP pools and gateway setting</help>
-                </properties>
-                <children>
-                  <leafNode name="subnet">
-                    <properties>
-                      <help>Client IP subnet (CIDR notation)</help>
-                      <valueHelp>
-                        <format>ipv4net</format>
-                        <description>IPv4 address and prefix length</description>
-                      </valueHelp>
-                      <constraint>
-                        <validator name="ipv4-prefix"/>
-                      </constraint>
-                      <constraintErrorMessage>Not a valid CIDR formatted prefix</constraintErrorMessage>
-                      <multi />
-                    </properties>
-                  </leafNode>
-                  <leafNode name="gateway-address">
-                    <properties>
-                      <help>Gateway IP address</help>
-                      <constraint>
-                        <validator name="ipv4-address"/>
-                      </constraint>
-                      <constraintErrorMessage>invalid IPv4 address</constraintErrorMessage>
-                      <valueHelp>
-                        <format>ipv4</format>
-                        <description>Default Gateway send to the client</description>
-                      </valueHelp>
-                    </properties>
-                  </leafNode>
-                </children>
-              </node>
-              #include <include/accel-client-ipv6-pool.xml.i>
-              #include <include/accel-name-server.xml.i>
-              #include <include/interface-mtu-68-1500.xml.i>
-            </children>
-          </node>
-          <node name="ppp-settings">
-            <properties>
-              <help>PPP (Point-to-Point Protocol) settings</help>
-            </properties>
-            <children>
-              <leafNode name="mppe">
-                <properties>
-                  <help>Specifies mppe negotiation preferences</help>
-                  <completionHelp>
-                    <list>require prefer deny</list>
-                  </completionHelp>
-                  <constraint>
-                    <regex>(^require|prefer|deny)</regex>
-                  </constraint>
-                  <valueHelp>
-                    <format>require</format>
-                    <description>send mppe request, if client rejects, drop the connection</description>
-                  </valueHelp>
-                  <valueHelp>
-                    <format>prefer</format>
-                    <description>send mppe request, if client rejects continue</description>
-                  </valueHelp>
-                  <valueHelp>
-                    <format>deny</format>
-                    <description>drop all mppe</description>
-                  </valueHelp>
-                </properties>
-              </leafNode>
-              <leafNode name="lcp-echo-interval">
-                <properties>
-                  <help>LCP echo-requests/sec</help>
-                  <constraint>
-                    <validator name="numeric" argument="--positive"/>
-                  </constraint>
-                </properties>
-              </leafNode>
-              <leafNode name="lcp-echo-failure">
-                <properties>
-                  <help>Maximum number of Echo-Requests may be sent without valid reply</help>
-                  <constraint>
-                    <validator name="numeric" argument="--positive"/>
-                  </constraint>
-                </properties>
-              </leafNode>
-              <leafNode name="lcp-echo-timeout">
-                <properties>
-                  <help>Timeout in seconds to wait for any peer activity. If this option specified it turns on adaptive lcp echo functionality and "lcp-echo-failure" is not used.</help>
-                  <constraint>
-                    <validator name="numeric" argument="--positive"/>
-                  </constraint>
-                </properties>
-              </leafNode>
-            </children>
-          </node>
-      </children>
-    </node>
-  </children>
-</node>
+        </children>
+      </node>
+    </children>
+  </node>
 </interfaceDefinition>
-- 
cgit v1.2.3