diff --git a/Makefile b/Makefile
index 7986ccdc9..97e933694 100644
--- a/Makefile
+++ b/Makefile
@@ -1,75 +1,101 @@
TMPL_DIR := templates-cfg
OP_TMPL_DIR := templates-op
+BUILD_DIR := build
+CFLAGS :=
+
+src = $(wildcard interface-definitions/*.xml.in)
+obj = $(src:.xml.in=.xml)
+
+%.xml: %.xml.in
+ @echo Generating $(BUILD_DIR)/$@ from $<
+ # -ansi This turns off certain features of GCC that are incompatible
+ # with ISO C90. Without this regexes containing '/' as in an URL
+ # won't work
+ # -x c By default GCC guesses the input language from its file extension,
+ # thus XML is unknown. Force it to C language
+ # -E Stop after the preprocessing stage
+ # -undef Do not predefine any system-specific or GCC-specific macros.
+ # -nostdinc Do not search the standard system directories for header files
+ # -P Inhibit generation of linemarkers in the output from the
+ # preprocessor
+ @$(CC) -ansi -x c -E -undef -nostdinc -P -I$(CURDIR)/interface-definitions -o $(BUILD_DIR)/$@ -c $<
+
+$(BUILD_DIR):
+ install -d -m 0755 $(BUILD_DIR)/interface-definitions
+ install -d -m 0755 $(BUILD_DIR)/op-mode-definitions
.PHONY: interface_definitions
.ONESHELL:
-interface_definitions:
+interface_definitions: $(BUILD_DIR) $(obj)
mkdir -p $(TMPL_DIR)
- find $(CURDIR)/interface-definitions/ -type f -name "*.xml" | xargs -I {} $(CURDIR)/scripts/build-command-templates {} $(CURDIR)/schema/interface_definition.rng $(TMPL_DIR) || exit 1
+ find $(BUILD_DIR)/interface-definitions -type f -name "*.xml" | xargs -I {} $(CURDIR)/scripts/build-command-templates {} $(CURDIR)/schema/interface_definition.rng $(TMPL_DIR) || exit 1
# XXX: delete top level node.def's that now live in other packages
rm -f $(TMPL_DIR)/firewall/node.def
rm -f $(TMPL_DIR)/interfaces/node.def
rm -f $(TMPL_DIR)/interfaces/bonding/node.tag/ip/node.def
+ rm -f $(TMPL_DIR)/interfaces/bonding/node.tag/vif/node.tag/ip/node.def
rm -f $(TMPL_DIR)/interfaces/bridge/node.tag/ip/node.def
rm -f $(TMPL_DIR)/interfaces/ethernet/node.tag/ip/node.def
rm -f $(TMPL_DIR)/interfaces/ethernet/node.tag/vif/node.tag/ip/node.def
rm -f $(TMPL_DIR)/interfaces/ethernet/node.tag/vif-s/node.tag/ip/node.def
rm -f $(TMPL_DIR)/interfaces/ethernet/node.tag/vif-s/node.tag/vif-c/node.tag/ip/node.def
rm -f $(TMPL_DIR)/interfaces/vxlan/node.tag/ip/node.def
+ rm -f $(TMPL_DIR)/interfaces/wireless/node.tag/vif/node.tag/ip/node.def
rm -f $(TMPL_DIR)/protocols/node.def
rm -f $(TMPL_DIR)/protocols/static/node.def
rm -f $(TMPL_DIR)/system/node.def
rm -f $(TMPL_DIR)/system/options/node.def
rm -f $(TMPL_DIR)/vpn/node.def
rm -f $(TMPL_DIR)/vpn/ipsec/node.def
.PHONY: op_mode_definitions
.ONESHELL:
op_mode_definitions:
mkdir -p $(OP_TMPL_DIR)
find $(CURDIR)/op-mode-definitions/ -type f -name "*.xml" | xargs -I {} $(CURDIR)/scripts/build-command-op-templates {} $(CURDIR)/schema/op-mode-definition.rng $(OP_TMPL_DIR) || exit 1
# XXX: delete top level op mode node.def's that now live in other packages
rm -f $(OP_TMPL_DIR)/clear/node.def
rm -f $(OP_TMPL_DIR)/clear/interfaces/node.def
rm -f $(OP_TMPL_DIR)/set/node.def
rm -f $(OP_TMPL_DIR)/show/node.def
rm -f $(OP_TMPL_DIR)/show/interfaces/node.def
rm -f $(OP_TMPL_DIR)/show/ip/node.def
rm -f $(OP_TMPL_DIR)/show/ip/route/node.def
rm -f $(OP_TMPL_DIR)/show/ipv6/node.def
rm -f $(OP_TMPL_DIR)/show/ipv6/route/node.def
rm -f $(OP_TMPL_DIR)/restart/node.def
rm -f $(OP_TMPL_DIR)/monitor/node.def
rm -f $(OP_TMPL_DIR)/generate/node.def
rm -f $(OP_TMPL_DIR)/show/vpn/node.def
rm -f $(OP_TMPL_DIR)/show/system/node.def
rm -f $(OP_TMPL_DIR)/delete/node.def
rm -f $(OP_TMPL_DIR)/reset/vpn/node.def
rm -f $(OP_TMPL_DIR)/show/system/node.def
.PHONY: all
all: clean interface_definitions op_mode_definitions
.PHONY: clean
clean:
- rm -rf $(TMPL_DIR)/*
- rm -rf $(OP_TMPL_DIR)/*
+ rm -rf $(BUILD_DIR)
+ rm -rf $(TMPL_DIR)
+ rm -rf $(OP_TMPL_DIR)
.PHONY: test
test:
PYTHONPATH=python/ python3 -m "nose" --with-xunit src --with-coverage --cover-erase --cover-xml --cover-package src/conf_mode,src/op_mode,src/completion,src/helpers,src/validators,src/tests --verbose
.PHONY: sonar
sonar:
sonar-scanner -X -Dsonar.login=${SONAR_TOKEN}
.PHONY: docs
.ONESHELL:
docs:
sphinx-apidoc -o sphinx/source/ python/
cd sphinx/
PYTHONPATH=../python make html
diff --git a/interface-definitions/arp.xml b/interface-definitions/arp.xml.in
similarity index 100%
rename from interface-definitions/arp.xml
rename to interface-definitions/arp.xml.in
diff --git a/interface-definitions/bcast-relay.xml b/interface-definitions/bcast-relay.xml.in
similarity index 100%
rename from interface-definitions/bcast-relay.xml
rename to interface-definitions/bcast-relay.xml.in
diff --git a/interface-definitions/beep-on-boot.xml b/interface-definitions/beep-on-boot.xml.in
similarity index 100%
rename from interface-definitions/beep-on-boot.xml
rename to interface-definitions/beep-on-boot.xml.in
diff --git a/interface-definitions/cron.xml b/interface-definitions/cron.xml.in
similarity index 100%
rename from interface-definitions/cron.xml
rename to interface-definitions/cron.xml.in
diff --git a/interface-definitions/dhcp-relay.xml b/interface-definitions/dhcp-relay.xml.in
similarity index 100%
rename from interface-definitions/dhcp-relay.xml
rename to interface-definitions/dhcp-relay.xml.in
diff --git a/interface-definitions/dhcp-server.xml b/interface-definitions/dhcp-server.xml.in
similarity index 99%
rename from interface-definitions/dhcp-server.xml
rename to interface-definitions/dhcp-server.xml.in
index 7d42294e8..e8bdff3df 100644
--- a/interface-definitions/dhcp-server.xml
+++ b/interface-definitions/dhcp-server.xml.in
@@ -1,467 +1,467 @@
<?xml version="1.0"?>
<!-- DHCP server configuration -->
<interfaceDefinition>
<node name="service">
<children>
<node name="dhcp-server" owner="${vyos_conf_scripts_dir}/dhcp_server.py">
<properties>
<help>Dynamic Host Configuration Protocol (DHCP) for DHCP server</help>
<priority>911</priority>
</properties>
<children>
<leafNode name="disable">
<properties>
<help>Option to disable DHCP server</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="dynamic-dns-update">
<properties>
<help>DHCP server to dynamically update the Domain Name System (DNS)</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="global-parameters">
<properties>
<help>Additional global parameters for DHCP server. You must
use the syntax of dhcpd.conf in this text-field. Using this
without proper knowledge may result in a crashed DHCP server.
Check system log to look for errors.</help>
<multi/>
</properties>
</leafNode>
<leafNode name="hostfile-update">
<properties>
<help>Enable DHCP server updating /etc/hosts (per client lease)</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="host-decl-name">
<properties>
<help>Instruct server to use host declaration name for forward DNS name</help>
<valueless/>
</properties>
</leafNode>
<tagNode name="shared-network-name">
<properties>
<help>DHCP shared network name [REQUIRED]</help>
<constraint>
<regex>[-_a-zA-Z0-9.]+</regex>
</constraint>
<constraintErrorMessage>Invalid shared network name. May only contain letters, numbers and .-_</constraintErrorMessage>
</properties>
<children>
<leafNode name="authoritative">
<properties>
<help>Option to make DHCP server authoritative for this physical network</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="description">
<properties>
<help>Shared-network-name description</help>
</properties>
</leafNode>
<leafNode name="disable">
<properties>
<help>Option to disable DHCP configuration for shared-network</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="shared-network-parameters">
<properties>
<help>Additional shared-network parameters for DHCP server.
You must use the syntax of dhcpd.conf in this text-field.
Using this without proper knowledge may result in a crashed
DHCP server. Check system log to look for errors.</help>
<multi/>
</properties>
</leafNode>
<tagNode name="subnet">
<properties>
<help>DHCP subnet for shared network</help>
<valueHelp>
<format>ipv4net</format>
<description>IPv4 address and prefix length</description>
</valueHelp>
<constraint>
<validator name="ipv4-prefix"/>
</constraint>
</properties>
<children>
<leafNode name="bootfile-name">
<properties>
<help>Bootstrap file name</help>
</properties>
</leafNode>
<leafNode name="bootfile-server">
<properties>
<help>Server (IP address or domain name) from which the initial
boot file is to be loaded</help>
</properties>
</leafNode>
<leafNode name="client-prefix-length">
<properties>
<help>Specifies the clients subnet mask as per RFC 950. If unset, subnet declaration is used.</help>
<valueHelp>
<format>0-32</format>
<description>DHCP client prefix length must be 0 to 32</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 0-32"/>
</constraint>
<constraintErrorMessage>DHCP client prefix length must be 0 to 32</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="default-router">
<properties>
<help>IP address of default router</help>
<valueHelp>
<format>ipv4</format>
<description>Default router IPv4 address</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="dns-server">
<properties>
<help>DNS server IPv4 address</help>
<valueHelp>
<format>ipv4</format>
<description>DNS server IPv4 address</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
<multi/>
</properties>
</leafNode>
<leafNode name="domain-name">
<properties>
<help>Client domain name</help>
</properties>
</leafNode>
<leafNode name="domain-search">
<properties>
<help>Client domain search</help>
<multi/>
</properties>
</leafNode>
<leafNode name="exclude">
<properties>
<help>IP address to exclude from DHCP lease range</help>
<valueHelp>
<format>ipv4</format>
<description>IPv4 address to exclude from lease range</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
<multi/>
</properties>
</leafNode>
<node name="failover">
<properties>
<help>DHCP failover parameters</help>
</properties>
<children>
<leafNode name="local-address">
<properties>
<help>IP address for failover peer to connect [REQUIRED]</help>
<valueHelp>
<format>ipv4</format>
<description>IPv4 address to exclude from lease range</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="name">
<properties>
<help>DHCP failover peer name [REQUIRED]</help>
<constraint>
<regex>[-_a-zA-Z0-9.]+</regex>
</constraint>
<constraintErrorMessage>Invalid failover peer name. May only contain letters, numbers and .-_</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="peer-address">
<properties>
<help>IP address of failover peer [REQUIRED]</help>
<valueHelp>
<format>ipv4</format>
<description>IPv4 address of failover peer</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="status">
<properties>
<help>DHCP failover peer status (primary|secondary) [REQUIRED]</help>
<completionHelp>
<list>primary secondary</list>
</completionHelp>
<constraint>
<regex>(primary|secondary)</regex>
</constraint>
<constraintErrorMessage>Invalid DHCP failover peer status</constraintErrorMessage>
</properties>
</leafNode>
</children>
</node>
<leafNode name="ip-forwarding">
<properties>
<help>Enable IP forwarding on client</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="lease">
<properties>
<help>Lease timeout in seconds (default: 86400)</help>
<valueHelp>
<format>0-4294967295</format>
<description>DHCP lease time in seconds</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 0-4294967295"/>
</constraint>
<constraintErrorMessage>DHCP lease time must be between 0 and 4294967295 (49 days)</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="ntp-server">
<properties>
<help>IP address of NTP server</help>
<valueHelp>
<format>ipv4</format>
<description>NTP server IPv4 address</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
<multi/>
</properties>
</leafNode>
<leafNode name="pop-server">
<properties>
<help>IP address of POP3 server</help>
<valueHelp>
<format>ipv4</format>
<description>POP3 server IPv4 address</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
<multi/>
</properties>
</leafNode>
<leafNode name="server-identifier">
<properties>
<help>Address for DHCP server identifier</help>
<valueHelp>
<format>ipv4</format>
<description>DHCP server identifier IPv4 address</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="smtp-server">
<properties>
<help>IP address of SMTP server</help>
<valueHelp>
<format>ipv4</format>
<description>SMTP server IPv4 address</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
<multi/>
</properties>
</leafNode>
<tagNode name="range">
<properties>
<help>DHCP lease range</help>
<constraint>
<regex>[-_a-zA-Z0-9.]+</regex>
</constraint>
<constraintErrorMessage>Invalid DHCP lease range name. May only contain letters, numbers and .-_</constraintErrorMessage>
</properties>
<children>
<leafNode name="start">
<properties>
<help>First IP address for DHCP lease range</help>
<valueHelp>
<format>ipv4</format>
<description>IPv4 start address of pool</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="stop">
<properties>
<help>Last IP address for DHCP lease range</help>
<valueHelp>
<format>ipv4</format>
<description>IPv4 end address of pool</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
</children>
</tagNode>
<tagNode name="static-mapping">
<properties>
<help>Name of static mapping</help>
<constraint>
<regex>[-_a-zA-Z0-9.]+</regex>
</constraint>
<constraintErrorMessage>Invalid static mapping name. May only contain letters, numbers and .-_</constraintErrorMessage>
</properties>
<children>
<leafNode name="disable">
<properties>
<help>Option to disable static mapping</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="ip-address">
<properties>
<help>Fixed IP address of static mapping</help>
<valueHelp>
<format>ipv4</format>
<description>IPv4 address used in static mapping</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="mac-address">
<properties>
<help>MAC address of static mapping [REQUIRED]</help>
<valueHelp>
<format>h:h:h:h:h:h</format>
<description>MAC address used in static mapping [REQUIRED]</description>
</valueHelp>
</properties>
</leafNode>
<leafNode name="static-mapping-parameters">
<properties>
<help>Additional static-mapping parameters for DHCP server.
Will be placed inside the "host" block of the mapping.
You must use the syntax of dhcpd.conf in this text-field.
Using this without proper knowledge may result in a crashed
DHCP server. Check system log to look for errors.</help>
<multi/>
</properties>
</leafNode>
</children>
</tagNode>
<node name="static-route">
<properties>
<help>Classless static route</help>
</properties>
<children>
<leafNode name="destination-subnet">
<properties>
<help>Destination subnet [REQUIRED]</help>
<valueHelp>
<format>ipv4net</format>
<description>IPv4 address and prefix length</description>
</valueHelp>
<constraint>
<validator name="ipv4-prefix"/>
</constraint>
</properties>
</leafNode>
<leafNode name="router">
<properties>
<help>IP address of router to be used to reach the destination subnet [REQUIRED]</help>
<valueHelp>
<format>ipv4</format>
<description>IPv4 address of router</description>
</valueHelp>
<constraint>
<validator name="ip-address"/>
</constraint>
</properties>
</leafNode>
</children>
</node>
<leafNode name="subnet-parameters">
<properties>
<help>Additional subnet parameters for DHCP server. You must
use the syntax of dhcpd.conf in this text-field. Using this
without proper knowledge may result in a crashed DHCP server.
Check system log to look for errors.</help>
<multi/>
</properties>
</leafNode>
<leafNode name="tftp-server-name">
<properties>
<help>TFTP server name</help>
</properties>
</leafNode>
<leafNode name="time-offset">
<properties>
- <help>Offset of the client's subnet in seconds from Coordinated Universal Time (UTC)</help>
+ <help>Client subnet offset in seconds from Coordinated Universal Time (UTC)</help>
<valueHelp>
<format>[-]N</format>
<description>Time offset (number, may be negative)</description>
</valueHelp>
<constraint>
<regex>-?[0-9]+</regex>
</constraint>
<constraintErrorMessage>Invalid time offset value</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="time-server">
<properties>
<help>IP address of time server</help>
<valueHelp>
<format>ipv4</format>
<description>Time server IPv4 address</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
<multi/>
</properties>
</leafNode>
<leafNode name="wins-server">
<properties>
<help>IP address for Windows Internet Name Service (WINS) server</help>
<valueHelp>
<format>ipv4</format>
<description>WINS server IPv4 address</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
<multi/>
</properties>
</leafNode>
<leafNode name="wpad-url">
<properties>
<help>Web Proxy Autodiscovery (WPAD) URL</help>
</properties>
</leafNode>
</children>
</tagNode>
</children>
</tagNode>
</children>
</node>
</children>
</node>
</interfaceDefinition>
diff --git a/interface-definitions/dhcpv6-relay.xml b/interface-definitions/dhcpv6-relay.xml.in
similarity index 100%
rename from interface-definitions/dhcpv6-relay.xml
rename to interface-definitions/dhcpv6-relay.xml.in
diff --git a/interface-definitions/dhcpv6-server.xml b/interface-definitions/dhcpv6-server.xml.in
similarity index 98%
rename from interface-definitions/dhcpv6-server.xml
rename to interface-definitions/dhcpv6-server.xml.in
index 28b56a64d..7d4c0de23 100644
--- a/interface-definitions/dhcpv6-server.xml
+++ b/interface-definitions/dhcpv6-server.xml.in
@@ -1,328 +1,328 @@
<?xml version="1.0"?>
<!-- DHCPv6 server configuration -->
<interfaceDefinition>
<node name="service">
<children>
<node name="dhcpv6-server" owner="${vyos_conf_scripts_dir}/dhcpv6_server.py">
<properties>
<help>DHCP for IPv6 (DHCPv6) server</help>
<priority>900</priority>
</properties>
<children>
<leafNode name="disable">
<properties>
<help>Option to disable DHCPv6 server</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="preference">
<properties>
<help>Preference of this DHCPv6 server compared with others</help>
<valueHelp>
<format>0-255</format>
<description>DHCPv6 server preference (0-255)</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 0-255"/>
</constraint>
<constraintErrorMessage>Preference must be between 0 and 255</constraintErrorMessage>
</properties>
</leafNode>
<tagNode name="shared-network-name">
<properties>
<help>DHCPv6 shared network name [REQUIRED]</help>
<constraint>
<regex>[-_a-zA-Z0-9.]+</regex>
</constraint>
<constraintErrorMessage>Invalid DHCPv6 shared network name. May only contain letters, numbers and .-_</constraintErrorMessage>
</properties>
<children>
<leafNode name="disable">
<properties>
<help>Option to disable DHCPv6 configuration for shared-network</help>
<valueless/>
</properties>
</leafNode>
<tagNode name="subnet">
<properties>
<help>IPv6 DHCP subnet for this shared network [REQUIRED]</help>
<valueHelp>
<format>ipv6net</format>
<description>IPv6 address and prefix length</description>
</valueHelp>
<constraint>
<validator name="ipv6-prefix"/>
</constraint>
</properties>
<children>
<node name="address-range">
<properties>
<help>Parameters setting ranges for assigning IPv6 addresses</help>
</properties>
<children>
<tagNode name="prefix">
<properties>
<help>IPv6 prefix defining range of addresses to assign</help>
<valueHelp>
<format>ipv6net</format>
<description>IPv6 address and prefix length</description>
</valueHelp>
<constraint>
<validator name="ipv6-prefix"/>
</constraint>
</properties>
<children>
<leafNode name="temporary">
<properties>
<help>Address range will be used for temporary addresses</help>
<valueless/>
</properties>
</leafNode>
</children>
</tagNode>
<tagNode name="start">
<properties>
<help>First in range of consecutive IPv6 addresses to assign</help>
<valueHelp>
<format>ipv6</format>
<description>IPv6 address</description>
</valueHelp>
<constraint>
<validator name="ipv6-address"/>
</constraint>
</properties>
<children>
<leafNode name="stop">
<properties>
<help>Last in range of consecutive IPv6 addresses</help>
<valueHelp>
<format>ipv6</format>
<description>IPv6 address</description>
</valueHelp>
<constraint>
<validator name="ipv6-address"/>
</constraint>
</properties>
</leafNode>
</children>
</tagNode>
</children>
</node>
<leafNode name="domain-search">
<properties>
<help>Domain name for client to search</help>
<constraint>
<regex>[-_a-zA-Z0-9.]+</regex>
</constraint>
<constraintErrorMessage>Invalid domain name. May only contain letters, numbers and .-_</constraintErrorMessage>
<multi/>
</properties>
</leafNode>
<node name="lease-time">
<properties>
<help>Parameters relating to the lease time</help>
</properties>
<children>
<leafNode name="default">
<properties>
<help>Default time (in seconds) that will be assigned to a lease</help>
</properties>
</leafNode>
<leafNode name="maximum">
<properties>
<help>Maximum time (in seconds) that will be assigned to a lease</help>
</properties>
</leafNode>
<leafNode name="minimum">
<properties>
<help>Minimum time (in seconds) that will be assigned to a lease</help>
</properties>
</leafNode>
</children>
</node>
<leafNode name="name-server">
<properties>
<help>IPv6 address of a Recursive DNS Server</help>
<valueHelp>
<format>ipv6</format>
<description>IPv6 address of DNS name server</description>
</valueHelp>
<constraint>
<validator name="ipv6-address"/>
</constraint>
<multi/>
</properties>
</leafNode>
<leafNode name="nis-domain">
<properties>
<help>NIS domain name for client to use</help>
<constraint>
<regex>[-_a-zA-Z0-9.]+</regex>
</constraint>
<constraintErrorMessage>Invalid NIS domain name</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="nis-server">
<properties>
<help>IPv6 address of a NIS Server</help>
<valueHelp>
<format>ipv6</format>
<description>IPv6 address of NIS server</description>
</valueHelp>
<constraint>
<validator name="ipv6-address"/>
</constraint>
<multi/>
</properties>
</leafNode>
<leafNode name="nisplus-domain">
<properties>
<help>NIS+ domain name for client to use</help>
<constraint>
<regex>[-_a-zA-Z0-9.]+</regex>
</constraint>
<constraintErrorMessage>Invalid NIS+ domain name. May only contain letters, numbers and .-_</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="nisplus-server">
<properties>
<help>IPv6 address of a NIS+ Server</help>
<valueHelp>
<format>ipv6</format>
<description>IPv6 address of NIS+ server</description>
</valueHelp>
<constraint>
<validator name="ipv6-address"/>
</constraint>
<multi/>
</properties>
</leafNode>
<node name="prefix-delegation">
<properties>
<help>Parameters relating to IPv6 prefix delegation</help>
</properties>
<children>
<tagNode name="start">
<properties>
<help>First in range of IPv6 addresses to be used in prefix delegation</help>
<valueHelp>
<format>ipv6</format>
<description>IPv6 address used in prefix delegation</description>
</valueHelp>
<constraint>
<validator name="ipv6-address"/>
</constraint>
</properties>
<children>
<leafNode name="prefix-length">
<properties>
<help>Length in bits of prefixes to be delegated</help>
<valueHelp>
<format>0-255</format>
<description>DHCPv6 server preference (0-255)</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 0-255"/>
</constraint>
<constraintErrorMessage>Preference must be between 0 and 255</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="stop">
<properties>
<help>Last in range of IPv6 addresses to be used in prefix delegation</help>
<valueHelp>
<format>ipv6</format>
<description>IPv6 address used in prefix delegation</description>
</valueHelp>
<constraint>
<validator name="ipv6-address"/>
</constraint>
</properties>
</leafNode>
</children>
</tagNode>
</children>
</node>
<leafNode name="sip-server-address">
<properties>
<help>IPv6 address of SIP server</help>
<valueHelp>
<format>ipv6</format>
<description>IPv6 address of SIP server</description>
</valueHelp>
<constraint>
<validator name="ipv6-address"/>
</constraint>
<multi/>
</properties>
</leafNode>
<leafNode name="sip-server-name">
<properties>
<help>SIP server name</help>
<constraint>
<regex>[-_a-zA-Z0-9.]+</regex>
</constraint>
<constraintErrorMessage>Invalid SIP server name. May only contain letters, numbers and .-_</constraintErrorMessage>
<multi/>
</properties>
</leafNode>
<leafNode name="sntp-server">
<properties>
<help>IPv6 address of an SNTP server for client to use</help>
<constraint>
<validator name="ipv6-address"/>
</constraint>
<multi/>
</properties>
</leafNode>
<tagNode name="static-mapping">
<properties>
<help>Name of static mapping</help>
<constraint>
<regex>[-_a-zA-Z0-9.]+</regex>
</constraint>
<constraintErrorMessage>Invalid static mapping name. May only contain letters, numbers and .-_</constraintErrorMessage>
</properties>
<children>
<leafNode name="disable">
<properties>
<help>Option to disable static mapping</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="identifier">
<properties>
<help>Client identifier (DUID) for this static mapping</help>
<valueHelp>
<format>h[[:h]...]</format>
<description>DUID: colon-separated hex list (as used by isc-dhcp option dhcpv6.client-id)</description>
</valueHelp>
<constraint>
<regex>([0-9A-Fa-f]{1,2}[:])*([0-9A-Fa-f]{1,2})</regex>
</constraint>
- <constraintErrorMessage>Invalid DUID. Must be in the format h[[:h]...] where each \"h\" is 1 to 2 hex characters.</constraintErrorMessage>
+ <constraintErrorMessage>Invalid DUID, must be in the format h[[:h]...]</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="ipv6-address">
<properties>
<help>Client IPv6 address for this static mapping</help>
<valueHelp>
<format>ipv6</format>
<description>IPv6 address for this static mapping</description>
</valueHelp>
<constraint>
<validator name="ipv6-address"/>
</constraint>
</properties>
</leafNode>
</children>
</tagNode>
</children>
</tagNode>
</children>
</tagNode>
</children>
</node>
</children>
</node>
</interfaceDefinition>
diff --git a/interface-definitions/dns-domain-name.xml b/interface-definitions/dns-domain-name.xml.in
similarity index 100%
rename from interface-definitions/dns-domain-name.xml
rename to interface-definitions/dns-domain-name.xml.in
diff --git a/interface-definitions/dns-dynamic.xml b/interface-definitions/dns-dynamic.xml.in
similarity index 100%
rename from interface-definitions/dns-dynamic.xml
rename to interface-definitions/dns-dynamic.xml.in
diff --git a/interface-definitions/dns-forwarding.xml b/interface-definitions/dns-forwarding.xml.in
similarity index 99%
rename from interface-definitions/dns-forwarding.xml
rename to interface-definitions/dns-forwarding.xml.in
index a88c174e3..8b89bf758 100644
--- a/interface-definitions/dns-forwarding.xml
+++ b/interface-definitions/dns-forwarding.xml.in
@@ -1,177 +1,177 @@
<?xml version="1.0"?>
<!-- DNS forwarder configuration -->
<interfaceDefinition>
<node name="service">
<children>
<node name="dns">
<properties>
<help>Domain Name System related services</help>
</properties>
<children>
<node name="forwarding" owner="${vyos_conf_scripts_dir}/dns_forwarding.py">
<properties>
<help>DNS forwarding</help>
<priority>918</priority>
</properties>
<children>
<leafNode name="cache-size">
<properties>
<help>DNS forwarding cache size</help>
<valueHelp>
<format>0-10000</format>
<description>DNS forwarding cache size</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 0-10000"/>
</constraint>
</properties>
</leafNode>
<leafNode name="dhcp">
<properties>
<help>Use DNS servers received from DHCP server for specified interface</help>
<completionHelp>
<script>${vyos_completion_dir}/list_interfaces.py</script>
</completionHelp>
<multi/>
</properties>
</leafNode>
<leafNode name="dnssec">
<properties>
<help>DNSSEC mode</help>
<completionHelp>
<list>off process-no-validate process log-fail validate</list>
</completionHelp>
<valueHelp>
<format>off</format>
<description>No DNSSEC processing whatsoever!</description>
</valueHelp>
<valueHelp>
<format>process-no-validate</format>
- <description>Respond with DNSSEC records to clients that ask for it. Don't do any validation.</description>
+ <description>Respond with DNSSEC records to clients that ask for it. No validation done at all!</description>
</valueHelp>
<valueHelp>
<format>process</format>
<description>Respond with DNSSEC records to clients that ask for it. Validation for clients that request it.</description>
</valueHelp>
<valueHelp>
<format>log-fail</format>
<description>Similar behaviour to process, but validate RRSIGs on responses and log bogus responses.</description>
</valueHelp>
<valueHelp>
<format>validate</format>
<description>Full blown DNSSEC validation. Send SERVFAIL to clients on bogus responses.</description>
</valueHelp>
<constraint>
<regex>(off|process-no-validate|process|log-fail|validate)</regex>
</constraint>
</properties>
</leafNode>
<tagNode name="domain">
<properties>
<help>Domain to forward to a custom DNS server</help>
</properties>
<children>
<leafNode name="server">
<properties>
<help>Domain Name Server (DNS) to forward queries to</help>
<valueHelp>
<format>ipv4</format>
<description>Domain Name Server (DNS) IPv4 address</description>
</valueHelp>
<valueHelp>
<format>ipv6</format>
<description>Domain Name Server (DNS) IPv6 address</description>
</valueHelp>
<multi/>
<constraint>
<validator name="ipv4-address"/>
<validator name="ipv6-address"/>
</constraint>
</properties>
</leafNode>
</children>
</tagNode>
<leafNode name="ignore-hosts-file">
<properties>
<help>Do not use local /etc/hosts file in name resolution</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="allow-from">
<properties>
<help>Networks allowed to query this server</help>
<valueHelp>
<format>ipv4net</format>
<description>IP address and prefix length</description>
</valueHelp>
<valueHelp>
<format>ipv6net</format>
<description>IPv6 address and prefix length</description>
</valueHelp>
<multi/>
<constraint>
<validator name="ip-prefix"/>
</constraint>
</properties>
</leafNode>
<leafNode name="listen-address">
<properties>
<help>Addresses to listen for DNS queries [REQUIRED]</help>
<valueHelp>
<format>ipv4</format>
<description>Domain Name Server (DNS) IPv4 address</description>
</valueHelp>
<valueHelp>
<format>ipv6</format>
<description>Domain Name Server (DNS) IPv6 address</description>
</valueHelp>
<multi/>
<constraint>
<validator name="ipv4-address"/>
<validator name="ipv6-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="negative-ttl">
<properties>
<help>Maximum amount of time negative entries are cached</help>
<valueHelp>
<format>0-7200</format>
<description>Seconds to cache NXDOMAIN entries</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 0-7200"/>
</constraint>
</properties>
</leafNode>
<leafNode name="name-server">
<properties>
<help>Domain Name Servers (DNS) addresses [OPTIONAL]</help>
<valueHelp>
<format>ipv4</format>
<description>Domain Name Server (DNS) IPv4 address</description>
</valueHelp>
<valueHelp>
<format>ipv6</format>
<description>Domain Name Server (DNS) IPv6 address</description>
</valueHelp>
<multi/>
<constraint>
<validator name="ipv4-address"/>
<validator name="ipv6-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="system">
<properties>
<help>Use system name servers</help>
<valueless/>
</properties>
</leafNode>
</children>
</node>
</children>
</node>
</children>
</node>
</interfaceDefinition>
diff --git a/interface-definitions/firewall-options.xml b/interface-definitions/firewall-options.xml.in
similarity index 100%
rename from interface-definitions/firewall-options.xml
rename to interface-definitions/firewall-options.xml.in
diff --git a/interface-definitions/https.xml b/interface-definitions/https.xml.in
similarity index 99%
rename from interface-definitions/https.xml
rename to interface-definitions/https.xml.in
index d9874a1f9..923aac811 100644
--- a/interface-definitions/https.xml
+++ b/interface-definitions/https.xml.in
@@ -1,135 +1,134 @@
<?xml version="1.0"?>
<!-- HTTPS configuration -->
<interfaceDefinition>
<node name="service">
<children>
<node name="https" owner="${vyos_conf_scripts_dir}/https.py">
<properties>
<help>HTTPS configuration</help>
<priority>1001</priority>
</properties>
<children>
<tagNode name="listen-address">
<properties>
<help>Addresses to listen for HTTPS requests</help>
<valueHelp>
<format>ipv4</format>
<description>HTTPS IPv4 address</description>
</valueHelp>
<valueHelp>
<format>ipv6</format>
<description>HTTPS IPv6 address</description>
</valueHelp>
<valueHelp>
<format>'*'</format>
<description>any</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
<validator name="ipv6-address"/>
<regex>^\*$</regex>
</constraint>
</properties>
<children>
<leafNode name='listen-port'>
<properties>
<help>Port to listen for HTTPS requests; default 443</help>
<valueHelp>
<format>1-65535</format>
<description>Numeric IP port</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 1-65535"/>
</constraint>
</properties>
</leafNode>
<leafNode name="server-name">
<properties>
<help>Server names: exact, wildcard, regex, or '_' (any)</help>
<multi/>
</properties>
</leafNode>
</children>
</tagNode>
<node name="certificates">
<properties>
<help>TLS certificates</help>
</properties>
<children>
<node name="system-generated-certificate" owner="${vyos_conf_scripts_dir}/vyos_cert.py">
<properties>
<help>Use an automatically generated self-signed certificate</help>
<valueless/>
</properties>
<children>
<leafNode name="lifetime">
<properties>
<help>Lifetime in days; default is 365</help>
<valueHelp>
<format>1-65535</format>
<description>Number of days</description>
</valueHelp>
</properties>
</leafNode>
</children>
</node>
</children>
</node>
<node name="api" owner="${vyos_conf_scripts_dir}/http-api.py">
<properties>
<help>VyOS HTTP API configuration</help>
<priority>1002</priority>
</properties>
<children>
<leafNode name="port">
<properties>
<help>Port for HTTP API service</help>
<valueHelp>
<format>1-65535</format>
<description>Numeric IP port</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 1-65535"/>
</constraint>
</properties>
</leafNode>
<node name="keys">
<properties>
<help>HTTP API keys</help>
</properties>
<children>
<tagNode name="id">
<properties>
<help>HTTP API id</help>
</properties>
<children>
<leafNode name="key">
<properties>
<help>HTTP API plaintext key</help>
</properties>
</leafNode>
</children>
</tagNode>
</children>
</node>
<leafNode name="strict">
<properties>
<help>Enforce strict path checking</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="debug">
<properties>
<help>Debug</help>
<valueless/>
<hidden/>
</properties>
</leafNode>
</children>
</node>
</children>
</node>
</children>
</node>
</interfaceDefinition>
-
diff --git a/interface-definitions/igmp-proxy.xml b/interface-definitions/igmp-proxy.xml.in
similarity index 97%
rename from interface-definitions/igmp-proxy.xml
rename to interface-definitions/igmp-proxy.xml.in
index ab56019b4..74fec6b48 100644
--- a/interface-definitions/igmp-proxy.xml
+++ b/interface-definitions/igmp-proxy.xml.in
@@ -1,100 +1,100 @@
<?xml version="1.0"?>
<!-- IGMP Proxy configuration -->
<interfaceDefinition>
<node name="protocols">
<children>
<node name="igmp-proxy" owner="${vyos_conf_scripts_dir}/igmp_proxy.py">
<properties>
<help>Internet Group Management Protocol (IGMP) proxy parameters</help>
<priority>740</priority>
</properties>
<children>
<leafNode name="disable">
<properties>
<help>Option to disable IGMP proxy</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="disable-quickleave">
<properties>
<help>Option to disable "quickleave"</help>
<valueless/>
</properties>
</leafNode>
<tagNode name="interface">
<properties>
<help>Interface for IGMP proxy [REQUIRED]</help>
<completionHelp>
<script>${vyos_completion_dir}/list_interfaces.py</script>
</completionHelp>
</properties>
<children>
<leafNode name="alt-subnet">
<properties>
- <help>Allowed unicast sources for multicast traffic to be proxy'ed</help>
+ <help>Unicast source networks allowed for multicast traffic to be proxyed</help>
<valueHelp>
<format>ipv4net</format>
<description>IPv4 network</description>
</valueHelp>
<constraint>
<validator name="ipv4-prefix"/>
</constraint>
<multi/>
</properties>
</leafNode>
<leafNode name="role">
<properties>
<help>Role of this IGMP interface</help>
<completionHelp>
<list>upstream downstream disabled</list>
</completionHelp>
<valueHelp>
<format>upstream</format>
<description>Upstream interface (only 1 allowed)</description>
</valueHelp>
<valueHelp>
<format>downstream</format>
<description>Downstream interface(s) (default)</description>
</valueHelp>
<valueHelp>
<format>disabled</format>
<description>Disabled interface</description>
</valueHelp>
<constraint>
<regex>(upstream|downstream|disabled)</regex>
</constraint>
</properties>
</leafNode>
<leafNode name="threshold">
<properties>
<help>TTL threshold</help>
<valueHelp>
<format>1-255</format>
<description>TTL threshold for the interfaces (default: 1)</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 1-255"/>
</constraint>
<constraintErrorMessage>threshold must be between 1 and 255</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="whitelist">
<properties>
<help>Group to whitelist</help>
<valueHelp>
<format>ipv4net</format>
<description>IPv4 network</description>
</valueHelp>
<constraint>
<validator name="ipv4-prefix"/>
</constraint>
<multi/>
</properties>
</leafNode>
</children>
</tagNode>
</children>
</node>
</children>
</node>
</interfaceDefinition>
diff --git a/interface-definitions/include/address-ipv4-ipv6-dhcp.xml.i b/interface-definitions/include/address-ipv4-ipv6-dhcp.xml.i
new file mode 100644
index 000000000..fb46f2c09
--- /dev/null
+++ b/interface-definitions/include/address-ipv4-ipv6-dhcp.xml.i
@@ -0,0 +1,29 @@
+<leafNode name="address">
+ <properties>
+ <help>IP address</help>
+ <completionHelp>
+ <list>dhcp dhcpv6</list>
+ </completionHelp>
+ <valueHelp>
+ <format>ipv4net</format>
+ <description>IPv4 address and prefix length</description>
+ </valueHelp>
+ <valueHelp>
+ <format>ipv6net</format>
+ <description>IPv6 address and prefix length</description>
+ </valueHelp>
+ <valueHelp>
+ <format>dhcp</format>
+ <description>Dynamic Host Configuration Protocol</description>
+ </valueHelp>
+ <valueHelp>
+ <format>dhcpv6</format>
+ <description>Dynamic Host Configuration Protocol for IPv6</description>
+ </valueHelp>
+ <constraint>
+ <validator name="ip-cidr"/>
+ <regex>(dhcp|dhcpv6)</regex>
+ </constraint>
+ <multi/>
+ </properties>
+</leafNode>
diff --git a/interface-definitions/include/address-ipv4-ipv6.xml.i b/interface-definitions/include/address-ipv4-ipv6.xml.i
new file mode 100644
index 000000000..aa84a5640
--- /dev/null
+++ b/interface-definitions/include/address-ipv4-ipv6.xml.i
@@ -0,0 +1,17 @@
+<leafNode name="address">
+ <properties>
+ <help>IP address</help>
+ <valueHelp>
+ <format>ipv4net</format>
+ <description>IPv4 address and prefix length</description>
+ </valueHelp>
+ <valueHelp>
+ <format>ipv6net</format>
+ <description>IPv6 address and prefix length</description>
+ </valueHelp>
+ <constraint>
+ <validator name="ip-cidr"/>
+ </constraint>
+ <multi/>
+ </properties>
+</leafNode>
diff --git a/interface-definitions/include/dhcp-dhcpv6-options.xml.i b/interface-definitions/include/dhcp-dhcpv6-options.xml.i
new file mode 100644
index 000000000..104b1fbe0
--- /dev/null
+++ b/interface-definitions/include/dhcp-dhcpv6-options.xml.i
@@ -0,0 +1,42 @@
+<node name="dhcp-options">
+ <properties>
+ <help>DHCP options</help>
+ </properties>
+ <children>
+ <leafNode name="client-id">
+ <properties>
+ <help>DHCP client identifier</help>
+ </properties>
+ </leafNode>
+ <leafNode name="host-name">
+ <properties>
+ <help>DHCP client host name (overrides system host name)</help>
+ </properties>
+ </leafNode>
+ <leafNode name="vendor-class-id">
+ <properties>
+ <help>DHCP client vendor type</help>
+ </properties>
+ </leafNode>
+ </children>
+</node>
+<node name="dhcpv6-options">
+ <properties>
+ <help>DHCPv6 options</help>
+ <priority>319</priority>
+ </properties>
+ <children>
+ <leafNode name="parameters-only">
+ <properties>
+ <help>Acquire only config parameters, no address</help>
+ <valueless/>
+ </properties>
+ </leafNode>
+ <leafNode name="temporary">
+ <properties>
+ <help>IPv6 "temporary" address</help>
+ <valueless/>
+ </properties>
+ </leafNode>
+ </children>
+</node>
diff --git a/interface-definitions/include/interface-arp-cache-timeout.xml.i b/interface-definitions/include/interface-arp-cache-timeout.xml.i
new file mode 100644
index 000000000..81d35f593
--- /dev/null
+++ b/interface-definitions/include/interface-arp-cache-timeout.xml.i
@@ -0,0 +1,13 @@
+<leafNode name="arp-cache-timeout">
+ <properties>
+ <help>ARP cache entry timeout in seconds</help>
+ <valueHelp>
+ <format>1-86400</format>
+ <description>ARP cache entry timout in seconds (default 30)</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1-86400"/>
+ </constraint>
+ <constraintErrorMessage>ARP cache entry timeout must be between 1 and 86400 seconds</constraintErrorMessage>
+ </properties>
+</leafNode>
diff --git a/interface-definitions/include/interface-description.xml.i b/interface-definitions/include/interface-description.xml.i
new file mode 100644
index 000000000..6356888da
--- /dev/null
+++ b/interface-definitions/include/interface-description.xml.i
@@ -0,0 +1,9 @@
+<leafNode name="description">
+ <properties>
+ <help>Interface description</help>
+ <constraint>
+ <regex>^.{1,256}$</regex>
+ </constraint>
+ <constraintErrorMessage>Interface description too long (limit 256 characters)</constraintErrorMessage>
+ </properties>
+</leafNode>
diff --git a/interface-definitions/include/interface-disable-link-detect.xml.i b/interface-definitions/include/interface-disable-link-detect.xml.i
new file mode 100644
index 000000000..619cd03b0
--- /dev/null
+++ b/interface-definitions/include/interface-disable-link-detect.xml.i
@@ -0,0 +1,6 @@
+<leafNode name="disable-link-detect">
+ <properties>
+ <help>Ignore link state changes</help>
+ <valueless/>
+ </properties>
+</leafNode>
diff --git a/interface-definitions/include/interface-disable.xml.i b/interface-definitions/include/interface-disable.xml.i
new file mode 100644
index 000000000..c6c24f867
--- /dev/null
+++ b/interface-definitions/include/interface-disable.xml.i
@@ -0,0 +1,6 @@
+<leafNode name="disable">
+ <properties>
+ <help>Set interface to Administratively down</help>
+ <valueless/>
+ </properties>
+</leafNode>
diff --git a/interface-definitions/include/interface-enable-proxy-arp.xml.i b/interface-definitions/include/interface-enable-proxy-arp.xml.i
new file mode 100644
index 000000000..14ab08875
--- /dev/null
+++ b/interface-definitions/include/interface-enable-proxy-arp.xml.i
@@ -0,0 +1,6 @@
+<leafNode name="enable-proxy-arp">
+ <properties>
+ <help>Enable proxy-arp on this interface</help>
+ <valueless/>
+ </properties>
+</leafNode>
diff --git a/interface-definitions/include/interface-mac.xml.i b/interface-definitions/include/interface-mac.xml.i
new file mode 100644
index 000000000..7b2456236
--- /dev/null
+++ b/interface-definitions/include/interface-mac.xml.i
@@ -0,0 +1,12 @@
+<leafNode name="mac">
+ <properties>
+ <help>Media Access Control (MAC) address</help>
+ <valueHelp>
+ <format>h:h:h:h:h:h</format>
+ <description>Hardware (MAC) address</description>
+ </valueHelp>
+ <constraint>
+ <validator name="mac-address"/>
+ </constraint>
+ </properties>
+</leafNode>
diff --git a/interface-definitions/include/interface-mtu-1450-9000.xml.i b/interface-definitions/include/interface-mtu-1450-9000.xml.i
new file mode 100644
index 000000000..87296a050
--- /dev/null
+++ b/interface-definitions/include/interface-mtu-1450-9000.xml.i
@@ -0,0 +1,13 @@
+<leafNode name="mtu">
+ <properties>
+ <help>Maximum Transmission Unit (MTU)</help>
+ <valueHelp>
+ <format>1450-9000</format>
+ <description>Maximum Transmission Unit</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1450-9000"/>
+ </constraint>
+ <constraintErrorMessage>MTU must be between 1450 and 9000</constraintErrorMessage>
+ </properties>
+</leafNode>
diff --git a/interface-definitions/include/interface-mtu-68-9000.xml.i b/interface-definitions/include/interface-mtu-68-9000.xml.i
new file mode 100644
index 000000000..ad11afa80
--- /dev/null
+++ b/interface-definitions/include/interface-mtu-68-9000.xml.i
@@ -0,0 +1,13 @@
+<leafNode name="mtu">
+ <properties>
+ <help>Maximum Transmission Unit (MTU)</help>
+ <valueHelp>
+ <format>68-9000</format>
+ <description>Maximum Transmission Unit</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 68-9000"/>
+ </constraint>
+ <constraintErrorMessage>MTU must be between 68 and 9000</constraintErrorMessage>
+ </properties>
+</leafNode>
diff --git a/interface-definitions/include/interface-proxy-arp-pvlan.xml.i b/interface-definitions/include/interface-proxy-arp-pvlan.xml.i
new file mode 100644
index 000000000..7e72b3800
--- /dev/null
+++ b/interface-definitions/include/interface-proxy-arp-pvlan.xml.i
@@ -0,0 +1,6 @@
+<leafNode name="proxy-arp-pvlan">
+ <properties>
+ <help>Enable private VLAN proxy ARP on this interface</help>
+ <valueless/>
+ </properties>
+</leafNode>
diff --git a/interface-definitions/include/vif-s.xml.i b/interface-definitions/include/vif-s.xml.i
new file mode 100644
index 000000000..772804f53
--- /dev/null
+++ b/interface-definitions/include/vif-s.xml.i
@@ -0,0 +1,56 @@
+<tagNode name="vif-s">
+ <properties>
+ <help>QinQ TAG-S Virtual Local Area Network (VLAN) ID</help>
+ <constraint>
+ <validator name="numeric" argument="--range 0-4094"/>
+ </constraint>
+ <constraintErrorMessage>VLAN ID must be between 0 and 4094</constraintErrorMessage>
+ </properties>
+ <children>
+ #include <include/address-ipv4-ipv6-dhcp.xml.i>
+ #include <include/interface-description.xml.i>
+ #include <include/dhcp-dhcpv6-options.xml.i>
+ #include <include/interface-disable-link-detect.xml.i>
+ #include <include/interface-disable.xml.i>
+ <leafNode name="ethertype">
+ <properties>
+ <help>Set Ethertype</help>
+ <completionHelp>
+ <list>0x88A8 0x8100</list>
+ </completionHelp>
+ <valueHelp>
+ <format>0x88A8</format>
+ <description>802.1ad</description>
+ </valueHelp>
+ <valueHelp>
+ <format>0x8100</format>
+ <description>802.1q</description>
+ </valueHelp>
+ <constraint>
+ <regex>(0x88A8|0x8100)</regex>
+ </constraint>
+ <constraintErrorMessage>Ethertype must be 0x88A8 or 0x8100</constraintErrorMessage>
+ </properties>
+ </leafNode>
+ #include <include/interface-mac.xml.i>
+ #include <include/interface-mtu-68-9000.xml.i>
+ <tagNode name="vif-c">
+ <properties>
+ <help>QinQ TAG-C Virtual Local Area Network (VLAN) ID</help>
+ <constraint>
+ <validator name="numeric" argument="--range 0-4094"/>
+ </constraint>
+ <constraintErrorMessage>VLAN ID must be between 0 and 4094</constraintErrorMessage>
+ </properties>
+ <children>
+ #include <include/address-ipv4-ipv6-dhcp.xml.i>
+ #include <include/interface-description.xml.i>
+ #include <include/dhcp-dhcpv6-options.xml.i>
+ #include <include/interface-disable-link-detect.xml.i>
+ #include <include/interface-disable.xml.i>
+ #include <include/interface-mac.xml.i>
+ #include <include/interface-mtu-68-9000.xml.i>
+ </children>
+ </tagNode>
+ </children>
+</tagNode>
diff --git a/interface-definitions/include/vif.xml.i b/interface-definitions/include/vif.xml.i
new file mode 100644
index 000000000..7c8a29a93
--- /dev/null
+++ b/interface-definitions/include/vif.xml.i
@@ -0,0 +1,52 @@
+<tagNode name="vif">
+ <properties>
+ <help>Virtual Local Area Network (VLAN) ID</help>
+ <valueHelp>
+ <format>0-4094</format>
+ <description>Virtual Local Area Network (VLAN) ID</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 0-4094"/>
+ </constraint>
+ <constraintErrorMessage>VLAN ID must be between 0 and 4094</constraintErrorMessage>
+ </properties>
+ <children>
+ #include <include/address-ipv4-ipv6-dhcp.xml.i>
+ #include <include/interface-description.xml.i>
+ #include <include/dhcp-dhcpv6-options.xml.i>
+ #include <include/interface-disable-link-detect.xml.i>
+ #include <include/interface-disable.xml.i>
+ <leafNode name="egress-qos">
+ <properties>
+ <help>VLAN egress QoS</help>
+ <completionHelp>
+ <script>echo Format for qos mapping, e.g.: '0:1 1:6 7:6'</script>
+ </completionHelp>
+ <constraint>
+ <regex>[:0-7 ]+$</regex>
+ </constraint>
+ <constraintErrorMessage>QoS mapping should be in the format of '0:7 2:3' with numbers 0-9</constraintErrorMessage>
+ </properties>
+ </leafNode>
+ <leafNode name="ingress-qos">
+ <properties>
+ <help>VLAN ingress QoS</help>
+ <completionHelp>
+ <script>echo Format for qos mapping '0:1 1:6 7:6'</script>
+ </completionHelp>
+ <constraint>
+ <regex>[:0-7 ]+$</regex>
+ </constraint>
+ <constraintErrorMessage>QoS mapping should be in the format of '0:7 2:3' with numbers 0-9</constraintErrorMessage>
+ </properties>
+ </leafNode>
+ <node name="ip">
+ <children>
+ #include <include/interface-arp-cache-timeout.xml.i>
+ #include <include/interface-enable-proxy-arp.xml.i>
+ </children>
+ </node>
+ #include <include/interface-mac.xml.i>
+ #include <include/interface-mtu-68-9000.xml.i>
+ </children>
+</tagNode>
diff --git a/interface-definitions/intel_qat.xml b/interface-definitions/intel_qat.xml.in
similarity index 99%
rename from interface-definitions/intel_qat.xml
rename to interface-definitions/intel_qat.xml.in
index 5e4d5b190..812484184 100644
--- a/interface-definitions/intel_qat.xml
+++ b/interface-definitions/intel_qat.xml.in
@@ -1,22 +1,21 @@
<?xml version="1.0"?>
<interfaceDefinition>
<node name="system">
<children>
<node name="acceleration" owner="${vyos_conf_scripts_dir}/intel_qat.py">
<properties>
<help>Acceleration components</help>
<priority>50</priority>
</properties>
<children>
<leafNode name="qat">
<properties>
<help>Enable Intel QAT (Quick Assist Technology) for cryptographic acceleration</help>
<valueless/>
</properties>
</leafNode>
</children>
</node>
</children>
</node>
</interfaceDefinition>
-
diff --git a/interface-definitions/interfaces-bonding.xml b/interface-definitions/interfaces-bonding.xml
deleted file mode 100644
index 821dd15fa..000000000
--- a/interface-definitions/interfaces-bonding.xml
+++ /dev/null
@@ -1,693 +0,0 @@
-<?xml version="1.0"?>
-<interfaceDefinition>
- <node name="interfaces">
- <children>
- <tagNode name="bonding" owner="${vyos_conf_scripts_dir}/interfaces-bonding.py">
- <properties>
- <help>Bonding interface name</help>
- <priority>320</priority>
- <constraint>
- <regex>bond[0-9]+$</regex>
- </constraint>
- <constraintErrorMessage>Bonding interface must be named bondN</constraintErrorMessage>
- <valueHelp>
- <format>bondN</format>
- <description>Bonding interface name</description>
- </valueHelp>
- </properties>
- <children>
- <leafNode name="address">
- <properties>
- <help>IP address</help>
- <completionHelp>
- <list>dhcp dhcpv6</list>
- </completionHelp>
- <valueHelp>
- <format>ipv4net</format>
- <description>IPv4 address and prefix length</description>
- </valueHelp>
- <valueHelp>
- <format>ipv6net</format>
- <description>IPv6 address and prefix length</description>
- </valueHelp>
- <valueHelp>
- <format>dhcp</format>
- <description>Dynamic Host Configuration Protocol</description>
- </valueHelp>
- <valueHelp>
- <format>dhcpv6</format>
- <description>Dynamic Host Configuration Protocol for IPv6</description>
- </valueHelp>
- <constraint>
- <validator name="ip-cidr"/>
- <regex>(dhcp|dhcpv6)</regex>
- </constraint>
- <multi/>
- </properties>
- </leafNode>
- <node name="arp-monitor">
- <properties>
- <help>ARP link monitoring parameters</help>
- </properties>
- <children>
- <leafNode name="interval">
- <properties>
- <help>ARP link monitoring interval</help>
- <valueHelp>
- <format>0-4294967295</format>
- <description>Specifies the ARP link monitoring frequency in milliseconds</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--range 0-4294967295"/>
- </constraint>
- </properties>
- </leafNode>
- <leafNode name="target">
- <properties>
- <help>IP address used for ARP monitoring</help>
- <valueHelp>
- <format>ipv4</format>
- <description>Network Time Protocol (NTP) IPv4 address</description>
- </valueHelp>
- <constraint>
- <validator name="ipv4-address"/>
- </constraint>
- <multi/>
- </properties>
- </leafNode>
- </children>
- </node>
- <leafNode name="description">
- <properties>
- <help>Interface description</help>
- <constraint>
- <regex>^.{1,256}$</regex>
- </constraint>
- <constraintErrorMessage>Interface description too long (limit 256 characters)</constraintErrorMessage>
- </properties>
- </leafNode>
- <node name="dhcp-options">
- <properties>
- <help>DHCP options</help>
- </properties>
- <children>
- <leafNode name="client-id">
- <properties>
- <help>DHCP client identifier</help>
- </properties>
- </leafNode>
- <leafNode name="host-name">
- <properties>
- <help>DHCP client host name (overrides the system host name)</help>
- </properties>
- </leafNode>
- <leafNode name="vendor-class-id">
- <properties>
- <help>DHCP client vendor type</help>
- </properties>
- </leafNode>
- </children>
- </node>
- <node name="dhcpv6-options">
- <properties>
- <help>DHCPv6 options</help>
- <priority>319</priority>
- </properties>
- <children>
- <leafNode name="parameters-only">
- <properties>
- <help>Acquire only config parameters, no address</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="temporary">
- <properties>
- <help>IPv6 "temporary" address</help>
- <valueless/>
- </properties>
- </leafNode>
- </children>
- </node>
- <leafNode name="disable-link-detect">
- <properties>
- <help>Ignore link state changes</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="disable">
- <properties>
- <help>Disable this bridge interface</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="hash-policy">
- <properties>
- <help>Bonding transmit hash policy</help>
- <completionHelp>
- <list>layer2 layer2+3 layer3+4</list>
- </completionHelp>
- <valueHelp>
- <format>layer2</format>
- <description>use MAC addresses to generate the hash (802.3ad, default)</description>
- </valueHelp>
- <valueHelp>
- <format>layer2+3</format>
- <description>combine MAC address and IP address to make hash</description>
- </valueHelp>
- <valueHelp>
- <format>layer3+4</format>
- <description>combine IP address and port to make hash</description>
- </valueHelp>
- <constraint>
- <regex>(layer2\+3|layer3\+4|layer2)</regex>
- </constraint>
- <constraintErrorMessage>hash-policy must be layer2 layer2+3 or layer3+4</constraintErrorMessage>
- </properties>
- </leafNode>
- <node name="ip">
- <children>
- <leafNode name="arp-cache-timeout">
- <properties>
- <help>ARP cache entry timeout in seconds</help>
- <valueHelp>
- <format>1-86400</format>
- <description>ARP cache entry timout in seconds (default 30)</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--range 1-86400"/>
- </constraint>
- <constraintErrorMessage>ARP cache entry timeout must be between 1 and 86400 seconds</constraintErrorMessage>
- </properties>
- </leafNode>
- <leafNode name="enable-proxy-arp">
- <properties>
- <help>Enable proxy-arp on this interface</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="proxy-arp-pvlan">
- <properties>
- <help>Enable private VLAN proxy ARP on this interface</help>
- <valueless/>
- </properties>
- </leafNode>
- </children>
- </node>
- <leafNode name="mac">
- <properties>
- <help>Media Access Control (MAC) address</help>
- <valueHelp>
- <format>h:h:h:h:h:h</format>
- <description>Hardware (MAC) address</description>
- </valueHelp>
- <constraint>
- <validator name="mac-address"/>
- </constraint>
- </properties>
- </leafNode>
- <leafNode name="mode">
- <properties>
- <help>Bonding mode</help>
- <completionHelp>
- <list>802.3ad active-backup broadcast round-robin transmit-load-balance adaptive-load-balance xor-hash</list>
- </completionHelp>
- <valueHelp>
- <format>802.3ad</format>
- <description>IEEE 802.3ad Dynamic link aggregation (Default)</description>
- </valueHelp>
- <valueHelp>
- <format>active-backup</format>
- <description>Fault tolerant: only one slave in the bond is active</description>
- </valueHelp>
- <valueHelp>
- <format>broadcast</format>
- <description>Fault tolerant: transmits everything on all slave interfaces</description>
- </valueHelp>
- <valueHelp>
- <format>round-robin</format>
- <description>Load balance: transmit packets in sequential order</description>
- </valueHelp>
- <valueHelp>
- <format>transmit-load-balance</format>
- <description>Load balance: adapts based on transmit load and speed</description>
- </valueHelp>
- <valueHelp>
- <format>adaptive-load-balance</format>
- <description>Load balance: adapts based on transmit and receive plus ARP</description>
- </valueHelp>
- <valueHelp>
- <format>xor-hash</format>
- <description>Distribute based on MAC address</description>
- </valueHelp>
- <constraint>
- <regex>(802.3ad|active-backup|broadcast|round-robin|transmit-load-balance|adaptive-load-balance|xor-hash)</regex>
- </constraint>
- <constraintErrorMessage>mode must be 802.3ad, active-backup, broadcast, round-robin, transmit-load-balance, adaptive-load-balance, or xor</constraintErrorMessage>
- </properties>
- </leafNode>
- <node name="member">
- <properties>
- <help>Bridge member interfaces</help>
- </properties>
- <children>
- <leafNode name="interface">
- <properties>
- <help>Member interface name</help>
- <completionHelp>
- <script>${vyos_completion_dir}/list_interfaces.py --bondable</script>
- </completionHelp>
- <multi/>
- </properties>
- </leafNode>
- </children>
- </node>
- <leafNode name="mtu">
- <properties>
- <help>Maximum Transmission Unit (MTU)</help>
- <valueHelp>
- <format>68-9000</format>
- <description>Maximum Transmission Unit</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--range 68-9000"/>
- </constraint>
- <constraintErrorMessage>MTU must be between 68 and 9000</constraintErrorMessage>
- </properties>
- </leafNode>
- <leafNode name="primary">
- <properties>
- <help>Primary device interface</help>
- <completionHelp>
- <script>${vyos_completion_dir}/list_interfaces.py --bondable</script>
- </completionHelp>
- </properties>
- </leafNode>
- <tagNode name="vif-s">
- <properties>
- <help>QinQ TAG-S Virtual Local Area Network (VLAN) ID</help>
- <constraint>
- <validator name="numeric" argument="--range 0-4094"/>
- </constraint>
- <constraintErrorMessage>VLAN ID must be between 0 and 4094</constraintErrorMessage>
- </properties>
- <children>
- <leafNode name="address">
- <properties>
- <help>IP address</help>
- <completionHelp>
- <list>dhcp dhcpv6</list>
- </completionHelp>
- <valueHelp>
- <format>ipv4net</format>
- <description>IPv4 address and prefix length</description>
- </valueHelp>
- <valueHelp>
- <format>ipv6net</format>
- <description>IPv6 address and prefix length</description>
- </valueHelp>
- <valueHelp>
- <format>dhcp</format>
- <description>Dynamic Host Configuration Protocol</description>
- </valueHelp>
- <valueHelp>
- <format>dhcpv6</format>
- <description>Dynamic Host Configuration Protocol for IPv6</description>
- </valueHelp>
- <constraint>
- <validator name="ip-cidr"/>
- <regex>(dhcp|dhcpv6)</regex>
- </constraint>
- <multi/>
- </properties>
- </leafNode>
- <leafNode name="description">
- <properties>
- <help>Interface description</help>
- <constraint>
- <regex>^.{1,256}$</regex>
- </constraint>
- <constraintErrorMessage>Interface description too long (limit 256 characters)</constraintErrorMessage>
- </properties>
- </leafNode>
- <node name="dhcp-options">
- <properties>
- <help>DHCP options</help>
- </properties>
- <children>
- <leafNode name="client-id">
- <properties>
- <help>DHCP client identifier</help>
- </properties>
- </leafNode>
- <leafNode name="host-name">
- <properties>
- <help>DHCP client host name (overrides the system host name)</help>
- </properties>
- </leafNode>
- <leafNode name="vendor-class-id">
- <properties>
- <help>DHCP client vendor type</help>
- </properties>
- </leafNode>
- </children>
- </node>
- <node name="dhcpv6-options">
- <properties>
- <help>DHCPv6 options</help>
- <priority>319</priority>
- </properties>
- <children>
- <leafNode name="parameters-only">
- <properties>
- <help>Acquire only config parameters, no address</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="temporary">
- <properties>
- <help>IPv6 "temporary" address</help>
- <valueless/>
- </properties>
- </leafNode>
- </children>
- </node>
- <leafNode name="disable-link-detect">
- <properties>
- <help>Ignore link state changes</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="disable">
- <properties>
- <help>Disable this bridge interface</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="ethertype">
- <properties>
- <help>Set Ethertype</help>
- <completionHelp>
- <list>0x88A8 0x8100</list>
- </completionHelp>
- <valueHelp>
- <format>0x88A8</format>
- <description>802.1ad</description>
- </valueHelp>
- <valueHelp>
- <format>0x8100</format>
- <description>802.1q</description>
- </valueHelp>
- <constraint>
- <regex>(0x88A8|0x8100)</regex>
- </constraint>
- <constraintErrorMessage>Ethertype must be 0x88A8 or 0x8100</constraintErrorMessage>
- </properties>
- </leafNode>
- <leafNode name="mac">
- <properties>
- <help>Media Access Control (MAC) address</help>
- <valueHelp>
- <format>h:h:h:h:h:h</format>
- <description>Hardware (MAC) address</description>
- </valueHelp>
- <constraint>
- <validator name="mac-address"/>
- </constraint>
- </properties>
- </leafNode>
- <leafNode name="mtu">
- <properties>
- <help>Maximum Transmission Unit (MTU)</help>
- <valueHelp>
- <format>68-9000</format>
- <description>Maximum Transmission Unit</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--range 68-9000"/>
- </constraint>
- <constraintErrorMessage>MTU must be between 68 and 9000</constraintErrorMessage>
- </properties>
- </leafNode>
- <tagNode name="vif-c">
- <properties>
- <help>QinQ TAG-C Virtual Local Area Network (VLAN) ID</help>
- <constraint>
- <validator name="numeric" argument="--range 0-4094"/>
- </constraint>
- <constraintErrorMessage>VLAN ID must be between 0 and 4094</constraintErrorMessage>
- </properties>
- <children>
- <leafNode name="address">
- <properties>
- <help>IP address</help>
- <completionHelp>
- <list>dhcp dhcpv6</list>
- </completionHelp>
- <valueHelp>
- <format>ipv4net</format>
- <description>IPv4 address and prefix length</description>
- </valueHelp>
- <valueHelp>
- <format>ipv6net</format>
- <description>IPv6 address and prefix length</description>
- </valueHelp>
- <valueHelp>
- <format>dhcp</format>
- <description>Dynamic Host Configuration Protocol</description>
- </valueHelp>
- <valueHelp>
- <format>dhcpv6</format>
- <description>Dynamic Host Configuration Protocol for IPv6</description>
- </valueHelp>
- <constraint>
- <validator name="ip-cidr"/>
- <regex>(dhcp|dhcpv6)</regex>
- </constraint>
- <multi/>
- </properties>
- </leafNode>
- <leafNode name="description">
- <properties>
- <help>Interface description</help>
- <constraint>
- <regex>^.{1,256}$</regex>
- </constraint>
- <constraintErrorMessage>Interface description too long (limit 256 characters)</constraintErrorMessage>
- </properties>
- </leafNode>
- <node name="dhcp-options">
- <properties>
- <help>DHCP options</help>
- </properties>
- <children>
- <leafNode name="client-id">
- <properties>
- <help>DHCP client identifier</help>
- </properties>
- </leafNode>
- <leafNode name="host-name">
- <properties>
- <help>DHCP client host name (overrides the system host name)</help>
- </properties>
- </leafNode>
- <leafNode name="vendor-class-id">
- <properties>
- <help>DHCP client vendor type</help>
- </properties>
- </leafNode>
- </children>
- </node>
- <node name="dhcpv6-options">
- <properties>
- <help>DHCPv6 options</help>
- <priority>319</priority>
- </properties>
- <children>
- <leafNode name="parameters-only">
- <properties>
- <help>Acquire only config parameters, no address</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="temporary">
- <properties>
- <help>IPv6 "temporary" address</help>
- <valueless/>
- </properties>
- </leafNode>
- </children>
- </node>
- <leafNode name="disable-link-detect">
- <properties>
- <help>Ignore link state changes</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="disable">
- <properties>
- <help>Disable this bridge interface</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="mac">
- <properties>
- <help>Media Access Control (MAC) address</help>
- <valueHelp>
- <format>h:h:h:h:h:h</format>
- <description>Hardware (MAC) address</description>
- </valueHelp>
- <constraint>
- <validator name="mac-address"/>
- </constraint>
- </properties>
- </leafNode>
- <leafNode name="mtu">
- <properties>
- <help>Maximum Transmission Unit (MTU)</help>
- <valueHelp>
- <format>68-9000</format>
- <description>Maximum Transmission Unit</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--range 68-9000"/>
- </constraint>
- <constraintErrorMessage>MTU must be between 68 and 9000</constraintErrorMessage>
- </properties>
- </leafNode>
- </children>
- </tagNode>
- </children>
- </tagNode>
- <tagNode name="vif">
- <properties>
- <help>Virtual Local Area Network (VLAN) ID</help>
- <constraint>
- <validator name="numeric" argument="--range 0-4094"/>
- </constraint>
- <constraintErrorMessage>VLAN ID must be between 0 and 4094</constraintErrorMessage>
- </properties>
- <children>
- <leafNode name="address">
- <properties>
- <help>IP address</help>
- <completionHelp>
- <list>dhcp dhcpv6</list>
- </completionHelp>
- <valueHelp>
- <format>ipv4net</format>
- <description>IPv4 address and prefix length</description>
- </valueHelp>
- <valueHelp>
- <format>ipv6net</format>
- <description>IPv6 address and prefix length</description>
- </valueHelp>
- <valueHelp>
- <format>dhcp</format>
- <description>Dynamic Host Configuration Protocol</description>
- </valueHelp>
- <valueHelp>
- <format>dhcpv6</format>
- <description>Dynamic Host Configuration Protocol for IPv6</description>
- </valueHelp>
- <constraint>
- <validator name="ip-cidr"/>
- <regex>(dhcp|dhcpv6)</regex>
- </constraint>
- <multi/>
- </properties>
- </leafNode>
- <leafNode name="description">
- <properties>
- <help>Interface description</help>
- <constraint>
- <regex>^.{1,256}$</regex>
- </constraint>
- <constraintErrorMessage>Interface description too long (limit 256 characters)</constraintErrorMessage>
- </properties>
- </leafNode>
- <node name="dhcp-options">
- <properties>
- <help>DHCP options</help>
- </properties>
- <children>
- <leafNode name="client-id">
- <properties>
- <help>DHCP client identifier</help>
- </properties>
- </leafNode>
- <leafNode name="host-name">
- <properties>
- <help>DHCP client host name (overrides the system host name)</help>
- </properties>
- </leafNode>
- <leafNode name="vendor-class-id">
- <properties>
- <help>DHCP client vendor type</help>
- </properties>
- </leafNode>
- </children>
- </node>
- <node name="dhcpv6-options">
- <properties>
- <help>DHCPv6 options</help>
- <priority>319</priority>
- </properties>
- <children>
- <leafNode name="parameters-only">
- <properties>
- <help>Acquire only config parameters, no address</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="temporary">
- <properties>
- <help>IPv6 "temporary" address</help>
- <valueless/>
- </properties>
- </leafNode>
- </children>
- </node>
- <leafNode name="disable-link-detect">
- <properties>
- <help>Ignore link state changes</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="disable">
- <properties>
- <help>Disable this bridge interface</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="mac">
- <properties>
- <help>Media Access Control (MAC) address</help>
- <valueHelp>
- <format>h:h:h:h:h:h</format>
- <description>Hardware (MAC) address</description>
- </valueHelp>
- <constraint>
- <validator name="mac-address"/>
- </constraint>
- </properties>
- </leafNode>
- <leafNode name="mtu">
- <properties>
- <help>Maximum Transmission Unit (MTU)</help>
- <valueHelp>
- <format>68-9000</format>
- <description>Maximum Transmission Unit</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--range 68-9000"/>
- </constraint>
- <constraintErrorMessage>MTU must be between 68 and 9000</constraintErrorMessage>
- </properties>
- </leafNode>
- </children>
- </tagNode>
- </children>
- </tagNode>
- </children>
- </node>
-</interfaceDefinition>
diff --git a/interface-definitions/interfaces-bonding.xml.in b/interface-definitions/interfaces-bonding.xml.in
new file mode 100644
index 000000000..e6557a967
--- /dev/null
+++ b/interface-definitions/interfaces-bonding.xml.in
@@ -0,0 +1,159 @@
+<?xml version="1.0"?>
+<interfaceDefinition>
+ <node name="interfaces">
+ <children>
+ <tagNode name="bonding" owner="${vyos_conf_scripts_dir}/interfaces-bonding.py">
+ <properties>
+ <help>Bonding interface name</help>
+ <priority>320</priority>
+ <constraint>
+ <regex>bond[0-9]+$</regex>
+ </constraint>
+ <constraintErrorMessage>Bonding interface must be named bondN</constraintErrorMessage>
+ <valueHelp>
+ <format>bondN</format>
+ <description>Bonding interface name</description>
+ </valueHelp>
+ </properties>
+ <children>
+ #include <include/address-ipv4-ipv6-dhcp.xml.i>
+ <node name="arp-monitor">
+ <properties>
+ <help>ARP link monitoring parameters</help>
+ </properties>
+ <children>
+ <leafNode name="interval">
+ <properties>
+ <help>ARP link monitoring interval</help>
+ <valueHelp>
+ <format>0-4294967295</format>
+ <description>Specifies the ARP link monitoring frequency in milliseconds</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 0-4294967295"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ <leafNode name="target">
+ <properties>
+ <help>IP address used for ARP monitoring</help>
+ <valueHelp>
+ <format>ipv4</format>
+ <description>Network Time Protocol (NTP) IPv4 address</description>
+ </valueHelp>
+ <constraint>
+ <validator name="ipv4-address"/>
+ </constraint>
+ <multi/>
+ </properties>
+ </leafNode>
+ </children>
+ </node>
+ #include <include/interface-description.xml.i>
+ #include <include/dhcp-dhcpv6-options.xml.i>
+ #include <include/interface-disable-link-detect.xml.i>
+ #include <include/interface-disable.xml.i>
+ <leafNode name="hash-policy">
+ <properties>
+ <help>Bonding transmit hash policy</help>
+ <completionHelp>
+ <list>layer2 layer2+3 layer3+4</list>
+ </completionHelp>
+ <valueHelp>
+ <format>layer2</format>
+ <description>use MAC addresses to generate the hash (802.3ad, default)</description>
+ </valueHelp>
+ <valueHelp>
+ <format>layer2+3</format>
+ <description>combine MAC address and IP address to make hash</description>
+ </valueHelp>
+ <valueHelp>
+ <format>layer3+4</format>
+ <description>combine IP address and port to make hash</description>
+ </valueHelp>
+ <constraint>
+ <regex>(layer2\+3|layer3\+4|layer2)</regex>
+ </constraint>
+ <constraintErrorMessage>hash-policy must be layer2 layer2+3 or layer3+4</constraintErrorMessage>
+ </properties>
+ </leafNode>
+ <node name="ip">
+ <children>
+ #include <include/interface-arp-cache-timeout.xml.i>
+ #include <include/interface-enable-proxy-arp.xml.i>
+ #include <include/interface-proxy-arp-pvlan.xml.i>
+ </children>
+ </node>
+ #include <include/interface-mac.xml.i>
+ <leafNode name="mode">
+ <properties>
+ <help>Bonding mode</help>
+ <completionHelp>
+ <list>802.3ad active-backup broadcast round-robin transmit-load-balance adaptive-load-balance xor-hash</list>
+ </completionHelp>
+ <valueHelp>
+ <format>802.3ad</format>
+ <description>IEEE 802.3ad Dynamic link aggregation (Default)</description>
+ </valueHelp>
+ <valueHelp>
+ <format>active-backup</format>
+ <description>Fault tolerant: only one slave in the bond is active</description>
+ </valueHelp>
+ <valueHelp>
+ <format>broadcast</format>
+ <description>Fault tolerant: transmits everything on all slave interfaces</description>
+ </valueHelp>
+ <valueHelp>
+ <format>round-robin</format>
+ <description>Load balance: transmit packets in sequential order</description>
+ </valueHelp>
+ <valueHelp>
+ <format>transmit-load-balance</format>
+ <description>Load balance: adapts based on transmit load and speed</description>
+ </valueHelp>
+ <valueHelp>
+ <format>adaptive-load-balance</format>
+ <description>Load balance: adapts based on transmit and receive plus ARP</description>
+ </valueHelp>
+ <valueHelp>
+ <format>xor-hash</format>
+ <description>Distribute based on MAC address</description>
+ </valueHelp>
+ <constraint>
+ <regex>(802.3ad|active-backup|broadcast|round-robin|transmit-load-balance|adaptive-load-balance|xor-hash)</regex>
+ </constraint>
+ <constraintErrorMessage>mode must be 802.3ad, active-backup, broadcast, round-robin, transmit-load-balance, adaptive-load-balance, or xor</constraintErrorMessage>
+ </properties>
+ </leafNode>
+ <node name="member">
+ <properties>
+ <help>Bridge member interfaces</help>
+ </properties>
+ <children>
+ <leafNode name="interface">
+ <properties>
+ <help>Member interface name</help>
+ <completionHelp>
+ <script>${vyos_completion_dir}/list_interfaces.py --bondable</script>
+ </completionHelp>
+ <multi/>
+ </properties>
+ </leafNode>
+ </children>
+ </node>
+ #include <include/interface-mtu-68-9000.xml.i>
+ <leafNode name="primary">
+ <properties>
+ <help>Primary device interface</help>
+ <completionHelp>
+ <script>${vyos_completion_dir}/list_interfaces.py --bondable</script>
+ </completionHelp>
+ </properties>
+ </leafNode>
+ #include <include/vif-s.xml.i>
+ #include <include/vif.xml.i>
+ </children>
+ </tagNode>
+ </children>
+ </node>
+</interfaceDefinition>
diff --git a/interface-definitions/interfaces-bridge.xml b/interface-definitions/interfaces-bridge.xml.in
similarity index 59%
rename from interface-definitions/interfaces-bridge.xml
rename to interface-definitions/interfaces-bridge.xml.in
index 40505d7de..a28daeba6 100644
--- a/interface-definitions/interfaces-bridge.xml
+++ b/interface-definitions/interfaces-bridge.xml.in
@@ -1,274 +1,164 @@
<?xml version="1.0"?>
<interfaceDefinition>
<node name="interfaces">
<children>
<tagNode name="bridge" owner="${vyos_conf_scripts_dir}/interfaces-bridge.py">
<properties>
<help>Bridge interface name</help>
<priority>470</priority>
<constraint>
<regex>^br[0-9]+$</regex>
</constraint>
<constraintErrorMessage>Bridge interface must be named brN</constraintErrorMessage>
<valueHelp>
<format>brN</format>
<description>Bridge interface name</description>
</valueHelp>
</properties>
<children>
- <leafNode name="address">
- <properties>
- <help>IP address</help>
- <completionHelp>
- <list>dhcp dhcpv6</list>
- </completionHelp>
- <valueHelp>
- <format>ipv4net</format>
- <description>IPv4 address and prefix length</description>
- </valueHelp>
- <valueHelp>
- <format>ipv6net</format>
- <description>IPv6 address and prefix length</description>
- </valueHelp>
- <valueHelp>
- <format>dhcp</format>
- <description>Dynamic Host Configuration Protocol</description>
- </valueHelp>
- <valueHelp>
- <format>dhcpv6</format>
- <description>Dynamic Host Configuration Protocol for IPv6</description>
- </valueHelp>
- <constraint>
- <validator name="ip-cidr"/>
- <regex>(dhcp|dhcpv6)</regex>
- </constraint>
- <multi/>
- </properties>
- </leafNode>
+ #include <include/address-ipv4-ipv6-dhcp.xml.i>
<leafNode name="aging">
<properties>
<help>MAC address aging interval</help>
<valueHelp>
<format>0</format>
<description>Disable MAC address learning (always flood)</description>
</valueHelp>
<valueHelp>
<format>10-1000000</format>
<description>MAC address aging time in seconds (default: 300)</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 0-0 --range 10-1000000"/>
</constraint>
</properties>
</leafNode>
- <leafNode name="description">
- <properties>
- <help>Interface description</help>
- <constraint>
- <regex>^.{1,256}$</regex>
- </constraint>
- <constraintErrorMessage>Interface description too long (limit 256 characters)</constraintErrorMessage>
- </properties>
- </leafNode>
- <node name="dhcp-options">
- <properties>
- <help>DHCP options</help>
- </properties>
- <children>
- <leafNode name="client-id">
- <properties>
- <help>DHCP client identifier</help>
- </properties>
- </leafNode>
- <leafNode name="host-name">
- <properties>
- <help>DHCP client host name (overrides the system host name)</help>
- </properties>
- </leafNode>
- <leafNode name="vendor-class-id">
- <properties>
- <help>DHCP client vendor type</help>
- </properties>
- </leafNode>
- </children>
- </node>
- <node name="dhcpv6-options">
- <properties>
- <help>DHCPv6 options</help>
- <priority>319</priority>
- </properties>
- <children>
- <leafNode name="parameters-only">
- <properties>
- <help>Acquire only config parameters, no address</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="temporary">
- <properties>
- <help>IPv6 "temporary" address</help>
- <valueless/>
- </properties>
- </leafNode>
- </children>
- </node>
- <leafNode name="disable-link-detect">
- <properties>
- <help>Ignore link state changes</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="disable">
- <properties>
- <help>Disable this bridge interface</help>
- <valueless/>
- </properties>
- </leafNode>
+ #include <include/interface-description.xml.i>
+ #include <include/dhcp-dhcpv6-options.xml.i>
+ #include <include/interface-disable-link-detect.xml.i>
+ #include <include/interface-disable.xml.i>
<leafNode name="forwarding-delay">
<properties>
<help>Forwarding delay</help>
<valueHelp>
<format>0-200</format>
<description>Spanning Tree Protocol forwarding delay in seconds (default 15)</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 0-200"/>
</constraint>
<constraintErrorMessage>Forwarding delay must be between 0 and 200 seconds</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="hello-time">
<properties>
<help>Hello packet advertisment interval</help>
<valueHelp>
<format>1-10</format>
<description>Spanning Tree Protocol hello advertisement interval in seconds (default 2)</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 1-10"/>
</constraint>
<constraintErrorMessage>Bridge Hello interval must be between 1 and 10 seconds</constraintErrorMessage>
</properties>
</leafNode>
<node name="igmp">
<properties>
<help>Internet Group Management Protocol (IGMP) settings</help>
</properties>
<children>
<leafNode name="querier">
<properties>
<help>Enable IGMP querier</help>
<valueless/>
</properties>
</leafNode>
</children>
</node>
<node name="ip">
<children>
- <leafNode name="arp-cache-timeout">
- <properties>
- <help>ARP cache entry timeout in seconds</help>
- <valueHelp>
- <format>1-86400</format>
- <description>ARP cache entry timout in seconds (default 30)</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--range 1-86400"/>
- </constraint>
- <constraintErrorMessage>ARP cache entry timeout must be between 1 and 86400 seconds</constraintErrorMessage>
- </properties>
- </leafNode>
+ #include <include/interface-arp-cache-timeout.xml.i>
</children>
</node>
- <leafNode name="mac">
- <properties>
- <help>Media Access Control (MAC) address</help>
- <valueHelp>
- <format>h:h:h:h:h:h</format>
- <description>Hardware (MAC) address</description>
- </valueHelp>
- <constraint>
- <validator name="mac-address"/>
- </constraint>
- </properties>
- </leafNode>
+ #include <include/interface-mac.xml.i>
<leafNode name="max-age">
<properties>
<help>Interval at which neighbor bridges are removed</help>
<valueHelp>
<format>1-40</format>
<description>Bridge maximum aging time in seconds (default 20)</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 1-40"/>
</constraint>
<constraintErrorMessage>Bridge max aging value must be between 1 and 40 seconds</constraintErrorMessage>
</properties>
</leafNode>
<node name="member">
<properties>
<help>Bridge member interfaces</help>
</properties>
<children>
<tagNode name="interface">
<properties>
<help>Member interface name</help>
<completionHelp>
<script>${vyos_completion_dir}/list_interfaces.py --bridgeable</script>
</completionHelp>
</properties>
<children>
<leafNode name="cost">
<properties>
<help>Bridge port cost</help>
<valueHelp>
<format>1-65535</format>
<description>Path cost value for Spanning Tree Protocol</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 1-65535"/>
</constraint>
<constraintErrorMessage>Path cost value must be between 1 and 65535</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="priority">
<properties>
<help>Bridge port priority</help>
<valueHelp>
<format>0-63</format>
<description>Bridge port priority</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 1-63"/>
</constraint>
<constraintErrorMessage>Port priority value must be between 0 and 63</constraintErrorMessage>
</properties>
</leafNode>
</children>
</tagNode>
</children>
</node>
<leafNode name="priority">
<properties>
<help>Priority for this bridge</help>
<valueHelp>
<format>0-65535</format>
<description>Bridge priority (default 32768)</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 0-65535"/>
</constraint>
<constraintErrorMessage>Bridge priority must be between 0 and 65535 (multiples of 4096)</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="stp">
<properties>
<help>Enable spanning tree protocol</help>
<valueless/>
</properties>
</leafNode>
</children>
</tagNode>
</children>
</node>
</interfaceDefinition>
diff --git a/interface-definitions/interfaces-dummy.xml b/interface-definitions/interfaces-dummy.xml
deleted file mode 100644
index 3bc4330e4..000000000
--- a/interface-definitions/interfaces-dummy.xml
+++ /dev/null
@@ -1,55 +0,0 @@
-<?xml version="1.0"?>
-<interfaceDefinition>
- <node name="interfaces">
- <children>
- <tagNode name="dummy" owner="${vyos_conf_scripts_dir}/interfaces-dummy.py">
- <properties>
- <help>Dummy interface name</help>
- <priority>300</priority>
- <constraint>
- <regex>dum[0-9]+$</regex>
- </constraint>
- <constraintErrorMessage>Dummy interface must be named dumN</constraintErrorMessage>
- <valueHelp>
- <format>dumN</format>
- <description>Dummy interface name</description>
- </valueHelp>
- </properties>
- <children>
- <leafNode name="address">
- <properties>
- <help>IP address</help>
- <valueHelp>
- <format>ipv4net</format>
- <description>IPv4 address and prefix length</description>
- </valueHelp>
- <valueHelp>
- <format>ipv6net</format>
- <description>IPv6 address and prefix length</description>
- </valueHelp>
- <multi/>
- <constraint>
- <validator name="ip-cidr"/>
- </constraint>
- </properties>
- </leafNode>
- <leafNode name="description">
- <properties>
- <help>Interface description</help>
- <constraint>
- <regex>^.{1,256}$</regex>
- </constraint>
- <constraintErrorMessage>Interface description too long (limit 256 characters)</constraintErrorMessage>
- </properties>
- </leafNode>
- <leafNode name="disable">
- <properties>
- <help>Disable interface</help>
- <valueless/>
- </properties>
- </leafNode>
- </children>
- </tagNode>
- </children>
- </node>
-</interfaceDefinition>
diff --git a/interface-definitions/interfaces-dummy.xml.in b/interface-definitions/interfaces-dummy.xml.in
new file mode 100644
index 000000000..445f6b2d4
--- /dev/null
+++ b/interface-definitions/interfaces-dummy.xml.in
@@ -0,0 +1,26 @@
+<?xml version="1.0"?>
+<interfaceDefinition>
+ <node name="interfaces">
+ <children>
+ <tagNode name="dummy" owner="${vyos_conf_scripts_dir}/interfaces-dummy.py">
+ <properties>
+ <help>Dummy interface name</help>
+ <priority>300</priority>
+ <constraint>
+ <regex>dum[0-9]+$</regex>
+ </constraint>
+ <constraintErrorMessage>Dummy interface must be named dumN</constraintErrorMessage>
+ <valueHelp>
+ <format>dumN</format>
+ <description>Dummy interface name</description>
+ </valueHelp>
+ </properties>
+ <children>
+ #include <include/address-ipv4-ipv6.xml.i>
+ #include <include/interface-description.xml.i>
+ #include <include/interface-disable.xml.i>
+ </children>
+ </tagNode>
+ </children>
+ </node>
+</interfaceDefinition>
diff --git a/interface-definitions/interfaces-ethernet.xml b/interface-definitions/interfaces-ethernet.xml
deleted file mode 100644
index f51bb3d87..000000000
--- a/interface-definitions/interfaces-ethernet.xml
+++ /dev/null
@@ -1,904 +0,0 @@
-<?xml version="1.0"?>
-<interfaceDefinition>
- <node name="interfaces">
- <children>
- <tagNode name="ethernet" owner="${vyos_conf_scripts_dir}/interfaces-ethernet.py">
- <properties>
- <help>Ethernet interface name</help>
- <priority>318</priority>
- <constraint>
- <regex>((eth|lan)[0-9]+|(eno|ens|enp|enx).+)$</regex>
- </constraint>
- <constraintErrorMessage>Invalid Ethernet interface name</constraintErrorMessage>
- <valueHelp>
- <format>ethN</format>
- <description>Ethernet interface name</description>
- </valueHelp>
- <valueHelp>
- <format>en[ospx]N</format>
- <description>Ethernet interface name</description>
- </valueHelp>
- </properties>
- <children>
- <leafNode name="address">
- <properties>
- <help>IP address</help>
- <completionHelp>
- <list>dhcp dhcpv6</list>
- </completionHelp>
- <valueHelp>
- <format>ipv4net</format>
- <description>IPv4 address and prefix length</description>
- </valueHelp>
- <valueHelp>
- <format>ipv6net</format>
- <description>IPv6 address and prefix length</description>
- </valueHelp>
- <valueHelp>
- <format>dhcp</format>
- <description>Dynamic Host Configuration Protocol</description>
- </valueHelp>
- <valueHelp>
- <format>dhcpv6</format>
- <description>Dynamic Host Configuration Protocol for IPv6</description>
- </valueHelp>
- <constraint>
- <validator name="ip-cidr"/>
- <regex>(dhcp|dhcpv6)</regex>
- </constraint>
- <multi/>
- </properties>
- </leafNode>
- <leafNode name="description">
- <properties>
- <help>Interface description</help>
- <constraint>
- <regex>^.{1,256}$</regex>
- </constraint>
- <constraintErrorMessage>Interface description too long (limit 256 characters)</constraintErrorMessage>
- </properties>
- </leafNode>
- <node name="dhcp-options">
- <properties>
- <help>DHCP options</help>
- </properties>
- <children>
- <leafNode name="client-id">
- <properties>
- <help>DHCP client identifier</help>
- </properties>
- </leafNode>
- <leafNode name="host-name">
- <properties>
- <help>DHCP client host name (overrides system host name)</help>
- </properties>
- </leafNode>
- <leafNode name="vendor-class-id">
- <properties>
- <help>DHCP client vendor type</help>
- </properties>
- </leafNode>
- </children>
- </node>
- <node name="dhcpv6-options">
- <properties>
- <help>DHCPv6 options</help>
- <priority>319</priority>
- </properties>
- <children>
- <leafNode name="parameters-only">
- <properties>
- <help>Acquire only config parameters, no address</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="temporary">
- <properties>
- <help>IPv6 "temporary" address</help>
- <valueless/>
- </properties>
- </leafNode>
- </children>
- </node>
- <leafNode name="disable-flow-control">
- <properties>
- <help>Disable Ethernet flow control (pause frames)</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="disable-link-detect">
- <properties>
- <help>Ignore link state changes</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="disable">
- <properties>
- <help>Disable this bridge interface</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="duplex">
- <properties>
- <help>Duplex mode</help>
- <completionHelp>
- <list>auto half full</list>
- </completionHelp>
- <valueHelp>
- <format>auto</format>
- <description>Auto negotiation (default)</description>
- </valueHelp>
- <valueHelp>
- <format>half</format>
- <description>Half duplex</description>
- </valueHelp>
- <valueHelp>
- <format>full</format>
- <description>Full duplex</description>
- </valueHelp>
- <constraint>
- <regex>(auto|half|full)</regex>
- </constraint>
- <constraintErrorMessage>duplex must be auto, half or full</constraintErrorMessage>
- </properties>
- </leafNode>
- <leafNode name="hw-id">
- <properties>
- <help>Media Access Control (MAC) address</help>
- <valueHelp>
- <format>h:h:h:h:h:h</format>
- <description>Hardware (MAC) address</description>
- </valueHelp>
- <constraint>
- <validator name="mac-address"/>
- </constraint>
- </properties>
- </leafNode>
- <node name="ip">
- <children>
- <leafNode name="arp-cache-timeout">
- <properties>
- <help>ARP cache entry timeout in seconds</help>
- <valueHelp>
- <format>1-86400</format>
- <description>ARP cache entry timout in seconds (default 30)</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--range 1-86400"/>
- </constraint>
- <constraintErrorMessage>ARP cache entry timeout must be between 1 and 86400 seconds</constraintErrorMessage>
- </properties>
- </leafNode>
- <leafNode name="enable-proxy-arp">
- <properties>
- <help>Enable proxy-arp on this interface</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="proxy-arp-pvlan">
- <properties>
- <help>Enable private VLAN proxy ARP on this interface</help>
- <valueless/>
- </properties>
- </leafNode>
- </children>
- </node>
- <leafNode name="mac">
- <properties>
- <help>Media Access Control (MAC) address</help>
- <valueHelp>
- <format>h:h:h:h:h:h</format>
- <description>Hardware (MAC) address</description>
- </valueHelp>
- <constraint>
- <validator name="mac-address"/>
- </constraint>
- </properties>
- </leafNode>
- <leafNode name="mtu">
- <properties>
- <help>Maximum Transmission Unit (MTU)</help>
- <valueHelp>
- <format>68-9000</format>
- <description>Maximum Transmission Unit</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--range 68-9000"/>
- </constraint>
- <constraintErrorMessage>MTU must be between 68 and 9000</constraintErrorMessage>
- </properties>
- </leafNode>
- <node name="offload-options">
- <properties>
- <help>Configurable offload options</help>
- </properties>
- <children>
- <leafNode name="generic-receive">
- <properties>
- <help>Configure GRO (generic receive offload)</help>
- <completionHelp>
- <list>on off</list>
- </completionHelp>
- <valueHelp>
- <format>on</format>
- <description>Enable GRO (generic receive offload)</description>
- </valueHelp>
- <valueHelp>
- <format>off</format>
- <description>Disable GRO (generic receive offload)</description>
- </valueHelp>
- <constraint>
- <regex>(on|off)</regex>
- </constraint>
- <constraintErrorMessage>Must be either 'on' or 'off'</constraintErrorMessage>
- </properties>
- </leafNode>
- <leafNode name="generic-segmentation">
- <properties>
- <help>Configure GSO (generic segmentation offload)</help>
- <completionHelp>
- <list>on off</list>
- </completionHelp>
- <valueHelp>
- <format>on</format>
- <description>Enable GSO (generic segmentation offload)</description>
- </valueHelp>
- <valueHelp>
- <format>off</format>
- <description>Disable GSO (generic segmentation offload)</description>
- </valueHelp>
- <constraint>
- <regex>(on|off)</regex>
- </constraint>
- <constraintErrorMessage>Must be either 'on' or 'off'</constraintErrorMessage>
- </properties>
- </leafNode>
- <leafNode name="scatter-gather">
- <properties>
- <help>Configure scatter-gather option</help>
- <completionHelp>
- <list>on off</list>
- </completionHelp>
- <valueHelp>
- <format>on</format>
- <description>Enable scatter-gather</description>
- </valueHelp>
- <valueHelp>
- <format>off</format>
- <description>Disable scatter-gather</description>
- </valueHelp>
- <constraint>
- <regex>(on|off)</regex>
- </constraint>
- <constraintErrorMessage>Must be either 'on' or 'off'</constraintErrorMessage>
- </properties>
- </leafNode>
- <leafNode name="tcp-segmentation">
- <properties>
- <help>Configure TSO (TCP segmentation offloading)</help>
- <completionHelp>
- <list>on off</list>
- </completionHelp>
- <valueHelp>
- <format>on</format>
- <description>Enable TSO (TCP segmentation offloading)</description>
- </valueHelp>
- <valueHelp>
- <format>off</format>
- <description>Disable TSO (TCP segmentation offloading)</description>
- </valueHelp>
- <constraint>
- <regex>(on|off)</regex>
- </constraint>
- <constraintErrorMessage>Must be either 'on' or 'off'</constraintErrorMessage>
- </properties>
- </leafNode>
- <leafNode name="udp-fragmentation">
- <properties>
- <help>Configure UDP fragmentation offloading</help>
- <completionHelp>
- <list>on off</list>
- </completionHelp>
- <valueHelp>
- <format>on</format>
- <description>Enable UDP fragmentation offloading</description>
- </valueHelp>
- <valueHelp>
- <format>off</format>
- <description>Disable UDP fragmentation offloading</description>
- </valueHelp>
- <constraint>
- <regex>(on|off)</regex>
- </constraint>
- <constraintErrorMessage>Must be either 'on' or 'off'</constraintErrorMessage>
- </properties>
- </leafNode>
- </children>
- </node>
- <leafNode name="smp-affinity">
- <properties>
- <help>CPU interrupt affinity mask</help>
- <completionHelp>
- <list>auto 10 100 1000 2500 5000 10000</list>
- </completionHelp>
- <valueHelp>
- <format>auto</format>
- <description>Auto negotiation (default)</description>
- </valueHelp>
- <valueHelp>
- <format>hex</format>
- <description>Bitmask representing CPUs that this NIC will interrupt</description>
- </valueHelp>
- <valueHelp>
- <format>hex,hex</format>
- <description>Bitmasks representing CPUs for interrupt and receive processing</description>
- </valueHelp>
- <constraint>
- <regex>(auto)</regex>
- <regex>[0-9a-f]+(|,[0-9a-f]+)$</regex>
- </constraint>
- <constraintErrorMessage>IRQ affinity mask must be hex value or auto</constraintErrorMessage>
- </properties>
- </leafNode>
- <leafNode name="speed">
- <properties>
- <help>Link speed</help>
- <completionHelp>
- <list>auto 10 100 1000 2500 5000 10000 25000 40000 50000 100000</list>
- </completionHelp>
- <valueHelp>
- <format>auto</format>
- <description>Auto negotiation (default)</description>
- </valueHelp>
- <valueHelp>
- <format>10</format>
- <description>10 Mbit/sec</description>
- </valueHelp>
- <valueHelp>
- <format>100</format>
- <description>100 Mbit/sec</description>
- </valueHelp>
- <valueHelp>
- <format>1000</format>
- <description>1 Gbit/sec</description>
- </valueHelp>
- <valueHelp>
- <format>2500</format>
- <description>2.5 Gbit/sec</description>
- </valueHelp>
- <valueHelp>
- <format>5000</format>
- <description>5 Gbit/sec</description>
- </valueHelp>
- <valueHelp>
- <format>10000</format>
- <description>10 Gbit/sec</description>
- </valueHelp>
- <valueHelp>
- <format>25000</format>
- <description>25 Gbit/sec</description>
- </valueHelp>
- <valueHelp>
- <format>40000</format>
- <description>40 Gbit/sec</description>
- </valueHelp>
- <valueHelp>
- <format>50000</format>
- <description>50 Gbit/sec</description>
- </valueHelp>
- <valueHelp>
- <format>100000</format>
- <description>100 Gbit/sec</description>
- </valueHelp>
- <constraint>
- <regex>(auto|10|100|1000|2500|5000|10000|25000|40000|50000|100000)</regex>
- </constraint>
- <constraintErrorMessage>Speed must be auto, 10, 100, 1000, 2500, 5000, 10000, 25000, 40000, 50000 or 100000</constraintErrorMessage>
- </properties>
- </leafNode>
- <tagNode name="vif-s">
- <properties>
- <help>QinQ TAG-S Virtual Local Area Network (VLAN) ID</help>
- <valueHelp>
- <format>0-4094</format>
- <description>QinQ TAG-S Virtual Local Area Network (VLAN) ID</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--range 0-4094"/>
- </constraint>
- <constraintErrorMessage>VLAN ID must be between 0 and 4094</constraintErrorMessage>
- </properties>
- <children>
- <leafNode name="address">
- <properties>
- <help>IP address</help>
- <completionHelp>
- <list>dhcp dhcpv6</list>
- </completionHelp>
- <valueHelp>
- <format>ipv4net</format>
- <description>IPv4 address and prefix length</description>
- </valueHelp>
- <valueHelp>
- <format>ipv6net</format>
- <description>IPv6 address and prefix length</description>
- </valueHelp>
- <valueHelp>
- <format>dhcp</format>
- <description>Dynamic Host Configuration Protocol</description>
- </valueHelp>
- <valueHelp>
- <format>dhcpv6</format>
- <description>Dynamic Host Configuration Protocol for IPv6</description>
- </valueHelp>
- <constraint>
- <validator name="ip-cidr"/>
- <regex>(dhcp|dhcpv6)</regex>
- </constraint>
- <multi/>
- </properties>
- </leafNode>
- <leafNode name="description">
- <properties>
- <help>Interface description</help>
- <constraint>
- <regex>^.{1,256}$</regex>
- </constraint>
- <constraintErrorMessage>Interface description too long (limit 256 characters)</constraintErrorMessage>
- </properties>
- </leafNode>
- <node name="dhcp-options">
- <properties>
- <help>DHCP options</help>
- </properties>
- <children>
- <leafNode name="client-id">
- <properties>
- <help>DHCP client identifier</help>
- </properties>
- </leafNode>
- <leafNode name="host-name">
- <properties>
- <help>DHCP client host name (overrides system host name)</help>
- </properties>
- </leafNode>
- <leafNode name="vendor-class-id">
- <properties>
- <help>DHCP client vendor type</help>
- </properties>
- </leafNode>
- </children>
- </node>
- <node name="dhcpv6-options">
- <properties>
- <help>DHCPv6 options</help>
- <priority>319</priority>
- </properties>
- <children>
- <leafNode name="parameters-only">
- <properties>
- <help>Acquire only config parameters, no address</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="temporary">
- <properties>
- <help>IPv6 "temporary" address</help>
- <valueless/>
- </properties>
- </leafNode>
- </children>
- </node>
- <leafNode name="disable-link-detect">
- <properties>
- <help>Ignore link state changes</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="disable">
- <properties>
- <help>Disable this bridge interface</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="ethertype">
- <properties>
- <help>Set Ethertype</help>
- <completionHelp>
- <list>0x88A8 0x8100</list>
- </completionHelp>
- <valueHelp>
- <format>0x88A8</format>
- <description>802.1ad</description>
- </valueHelp>
- <valueHelp>
- <format>0x8100</format>
- <description>802.1q</description>
- </valueHelp>
- <constraint>
- <regex>(0x88A8|0x8100)</regex>
- </constraint>
- <constraintErrorMessage>Ethertype must be 0x88A8 or 0x8100</constraintErrorMessage>
- </properties>
- </leafNode>
- <node name="ip">
- <children>
- <leafNode name="enable-proxy-arp">
- <properties>
- <help>Enable proxy-arp on this interface</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="proxy-arp-pvlan">
- <properties>
- <help>Enable private VLAN proxy ARP on this interface</help>
- <valueless/>
- </properties>
- </leafNode>
- </children>
- </node>
- <leafNode name="mac">
- <properties>
- <help>Media Access Control (MAC) address</help>
- <valueHelp>
- <format>h:h:h:h:h:h</format>
- <description>Hardware (MAC) address</description>
- </valueHelp>
- <constraint>
- <validator name="mac-address"/>
- </constraint>
- </properties>
- </leafNode>
- <leafNode name="mtu">
- <properties>
- <help>Maximum Transmission Unit (MTU)</help>
- <valueHelp>
- <format>68-9000</format>
- <description>Maximum Transmission Unit</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--range 68-9000"/>
- </constraint>
- <constraintErrorMessage>MTU must be between 68 and 9000</constraintErrorMessage>
- </properties>
- </leafNode>
- <tagNode name="vif-c">
- <properties>
- <help>QinQ TAG-C Virtual Local Area Network (VLAN) ID</help>
- <valueHelp>
- <format>0-4094</format>
- <description>QinQ TAG-C Virtual Local Area Network (VLAN) ID</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--range 0-4094"/>
- </constraint>
- <constraintErrorMessage>VLAN ID must be between 0 and 4094</constraintErrorMessage>
- </properties>
- <children>
- <leafNode name="address">
- <properties>
- <help>IP address</help>
- <completionHelp>
- <list>dhcp dhcpv6</list>
- </completionHelp>
- <valueHelp>
- <format>ipv4net</format>
- <description>IPv4 address and prefix length</description>
- </valueHelp>
- <valueHelp>
- <format>ipv6net</format>
- <description>IPv6 address and prefix length</description>
- </valueHelp>
- <valueHelp>
- <format>dhcp</format>
- <description>Dynamic Host Configuration Protocol</description>
- </valueHelp>
- <valueHelp>
- <format>dhcpv6</format>
- <description>Dynamic Host Configuration Protocol for IPv6</description>
- </valueHelp>
- <constraint>
- <validator name="ip-cidr"/>
- <regex>(dhcp|dhcpv6)</regex>
- </constraint>
- <multi/>
- </properties>
- </leafNode>
- <leafNode name="description">
- <properties>
- <help>Interface description</help>
- <constraint>
- <regex>^.{1,256}$</regex>
- </constraint>
- <constraintErrorMessage>Interface description too long (limit 256 characters)</constraintErrorMessage>
- </properties>
- </leafNode>
- <node name="dhcp-options">
- <properties>
- <help>DHCP options</help>
- </properties>
- <children>
- <leafNode name="client-id">
- <properties>
- <help>DHCP client identifier</help>
- </properties>
- </leafNode>
- <leafNode name="host-name">
- <properties>
- <help>DHCP client host name (overrides system host name)</help>
- </properties>
- </leafNode>
- <leafNode name="vendor-class-id">
- <properties>
- <help>DHCP client vendor type</help>
- </properties>
- </leafNode>
- </children>
- </node>
- <node name="dhcpv6-options">
- <properties>
- <help>DHCPv6 options</help>
- <priority>319</priority>
- </properties>
- <children>
- <leafNode name="parameters-only">
- <properties>
- <help>Acquire only config parameters, no address</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="temporary">
- <properties>
- <help>IPv6 "temporary" address</help>
- <valueless/>
- </properties>
- </leafNode>
- </children>
- </node>
- <leafNode name="disable-link-detect">
- <properties>
- <help>Ignore link state changes</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="disable">
- <properties>
- <help>Disable this bridge interface</help>
- <valueless/>
- </properties>
- </leafNode>
- <node name="ip">
- <children>
- <leafNode name="enable-proxy-arp">
- <properties>
- <help>Enable proxy-arp on this interface</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="proxy-arp-pvlan">
- <properties>
- <help>Enable private VLAN proxy ARP on this interface</help>
- <valueless/>
- </properties>
- </leafNode>
- </children>
- </node>
- <leafNode name="mac">
- <properties>
- <help>Media Access Control (MAC) address</help>
- <valueHelp>
- <format>h:h:h:h:h:h</format>
- <description>Hardware (MAC) address</description>
- </valueHelp>
- <constraint>
- <validator name="mac-address"/>
- </constraint>
- </properties>
- </leafNode>
- <leafNode name="mtu">
- <properties>
- <help>Maximum Transmission Unit (MTU)</help>
- <valueHelp>
- <format>68-9000</format>
- <description>Maximum Transmission Unit</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--range 68-9000"/>
- </constraint>
- <constraintErrorMessage>MTU must be between 68 and 9000</constraintErrorMessage>
- </properties>
- </leafNode>
- </children>
- </tagNode>
- </children>
- </tagNode>
- <tagNode name="vif">
- <properties>
- <help>Virtual Local Area Network (VLAN) ID</help>
- <valueHelp>
- <format>0-4094</format>
- <description>Virtual Local Area Network (VLAN) ID</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--range 0-4094"/>
- </constraint>
- <constraintErrorMessage>VLAN ID must be between 0 and 4094</constraintErrorMessage>
- </properties>
- <children>
- <leafNode name="address">
- <properties>
- <help>IP address</help>
- <completionHelp>
- <list>dhcp dhcpv6</list>
- </completionHelp>
- <valueHelp>
- <format>ipv4net</format>
- <description>IPv4 address and prefix length</description>
- </valueHelp>
- <valueHelp>
- <format>ipv6net</format>
- <description>IPv6 address and prefix length</description>
- </valueHelp>
- <valueHelp>
- <format>dhcp</format>
- <description>Dynamic Host Configuration Protocol</description>
- </valueHelp>
- <valueHelp>
- <format>dhcpv6</format>
- <description>Dynamic Host Configuration Protocol for IPv6</description>
- </valueHelp>
- <constraint>
- <validator name="ip-cidr"/>
- <regex>(dhcp|dhcpv6)</regex>
- </constraint>
- <multi/>
- </properties>
- </leafNode>
- <leafNode name="description">
- <properties>
- <help>Interface description</help>
- <constraint>
- <regex>^.{1,256}$</regex>
- </constraint>
- <constraintErrorMessage>Interface description too long (limit 256 characters)</constraintErrorMessage>
- </properties>
- </leafNode>
- <node name="dhcp-options">
- <properties>
- <help>DHCP options</help>
- </properties>
- <children>
- <leafNode name="client-id">
- <properties>
- <help>DHCP client identifier</help>
- </properties>
- </leafNode>
- <leafNode name="host-name">
- <properties>
- <help>DHCP client host name (overrides system host name)</help>
- </properties>
- </leafNode>
- <leafNode name="vendor-class-id">
- <properties>
- <help>DHCP client vendor type</help>
- </properties>
- </leafNode>
- </children>
- </node>
- <node name="dhcpv6-options">
- <properties>
- <help>DHCPv6 options</help>
- <priority>319</priority>
- </properties>
- <children>
- <leafNode name="parameters-only">
- <properties>
- <help>Acquire only config parameters, no address</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="temporary">
- <properties>
- <help>IPv6 "temporary" address</help>
- <valueless/>
- </properties>
- </leafNode>
- </children>
- </node>
- <leafNode name="disable-link-detect">
- <properties>
- <help>Ignore link state changes</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="disable">
- <properties>
- <help>Disable this bridge interface</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="egress-qos">
- <properties>
- <help>VLAN egress QoS</help>
- <completionHelp>
- <script>echo Format for qos mapping \"0:1 1:6 7:6\"</script>
- </completionHelp>
- <constraint>
- <regex>[:0-7 ]+$</regex>
- </constraint>
- <constraintErrorMessage>QoS mapping should be in the format of \"0:7 2:3\" with numbers 0-9</constraintErrorMessage>
- </properties>
- </leafNode>
- <leafNode name="ingress-qos">
- <properties>
- <help>VLAN ingress QoS</help>
- <completionHelp>
- <script>echo Format for qos mapping \"0:1 1:6 7:6\"</script>
- </completionHelp>
- <constraint>
- <regex>[:0-7 ]+$</regex>
- </constraint>
- <constraintErrorMessage>QoS mapping should be in the format of \"0:7 2:3\" with numbers 0-9</constraintErrorMessage>
- </properties>
- </leafNode>
- <node name="ip">
- <children>
- <leafNode name="arp-cache-timeout">
- <properties>
- <help>ARP cache entry timeout in seconds</help>
- <valueHelp>
- <format>1-86400</format>
- <description>ARP cache entry timout in seconds (default 30)</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--range 1-86400"/>
- </constraint>
- <constraintErrorMessage>ARP cache entry timeout must be between 1 and 86400 seconds</constraintErrorMessage>
- </properties>
- </leafNode>
- <leafNode name="enable-proxy-arp">
- <properties>
- <help>Enable proxy-arp on this interface</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="proxy-arp-pvlan">
- <properties>
- <help>Enable private VLAN proxy ARP on this interface</help>
- <valueless/>
- </properties>
- </leafNode>
- </children>
- </node>
- <leafNode name="mac">
- <properties>
- <help>Media Access Control (MAC) address</help>
- <valueHelp>
- <format>h:h:h:h:h:h</format>
- <description>Hardware (MAC) address</description>
- </valueHelp>
- <constraint>
- <validator name="mac-address"/>
- </constraint>
- </properties>
- </leafNode>
- <leafNode name="mtu">
- <properties>
- <help>Maximum Transmission Unit (MTU)</help>
- <valueHelp>
- <format>68-9000</format>
- <description>Maximum Transmission Unit</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--range 68-9000"/>
- </constraint>
- <constraintErrorMessage>MTU must be between 68 and 9000</constraintErrorMessage>
- </properties>
- </leafNode>
- </children>
- </tagNode>
- </children>
- </tagNode>
- </children>
- </node>
-</interfaceDefinition>
diff --git a/interface-definitions/interfaces-ethernet.xml.in b/interface-definitions/interfaces-ethernet.xml.in
new file mode 100644
index 000000000..7fa20ac18
--- /dev/null
+++ b/interface-definitions/interfaces-ethernet.xml.in
@@ -0,0 +1,273 @@
+<?xml version="1.0"?>
+<interfaceDefinition>
+ <node name="interfaces">
+ <children>
+ <tagNode name="ethernet" owner="${vyos_conf_scripts_dir}/interfaces-ethernet.py">
+ <properties>
+ <help>Ethernet interface name</help>
+ <priority>318</priority>
+ <constraint>
+ <regex>((eth|lan)[0-9]+|(eno|ens|enp|enx).+)$</regex>
+ </constraint>
+ <constraintErrorMessage>Invalid Ethernet interface name</constraintErrorMessage>
+ <valueHelp>
+ <format>ethN</format>
+ <description>Ethernet interface name</description>
+ </valueHelp>
+ <valueHelp>
+ <format>en[ospx]N</format>
+ <description>Ethernet interface name</description>
+ </valueHelp>
+ </properties>
+ <children>
+ #include <include/address-ipv4-ipv6-dhcp.xml.i>
+ #include <include/interface-description.xml.i>
+ #include <include/dhcp-dhcpv6-options.xml.i>
+ <leafNode name="disable-flow-control">
+ <properties>
+ <help>Disable Ethernet flow control (pause frames)</help>
+ <valueless/>
+ </properties>
+ </leafNode>
+ #include <include/interface-disable-link-detect.xml.i>
+ #include <include/interface-disable.xml.i>
+ <leafNode name="duplex">
+ <properties>
+ <help>Duplex mode</help>
+ <completionHelp>
+ <list>auto half full</list>
+ </completionHelp>
+ <valueHelp>
+ <format>auto</format>
+ <description>Auto negotiation (default)</description>
+ </valueHelp>
+ <valueHelp>
+ <format>half</format>
+ <description>Half duplex</description>
+ </valueHelp>
+ <valueHelp>
+ <format>full</format>
+ <description>Full duplex</description>
+ </valueHelp>
+ <constraint>
+ <regex>(auto|half|full)</regex>
+ </constraint>
+ <constraintErrorMessage>duplex must be auto, half or full</constraintErrorMessage>
+ </properties>
+ </leafNode>
+ <leafNode name="hw-id">
+ <properties>
+ <help>Media Access Control (MAC) address</help>
+ <valueHelp>
+ <format>h:h:h:h:h:h</format>
+ <description>Hardware (MAC) address</description>
+ </valueHelp>
+ <constraint>
+ <validator name="mac-address"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ <node name="ip">
+ <children>
+ #include <include/interface-arp-cache-timeout.xml.i>
+ #include <include/interface-enable-proxy-arp.xml.i>
+ #include <include/interface-proxy-arp-pvlan.xml.i>
+ </children>
+ </node>
+ #include <include/interface-mac.xml.i>
+ #include <include/interface-mtu-68-9000.xml.i>
+ <node name="offload-options">
+ <properties>
+ <help>Configurable offload options</help>
+ </properties>
+ <children>
+ <leafNode name="generic-receive">
+ <properties>
+ <help>Configure GRO (generic receive offload)</help>
+ <completionHelp>
+ <list>on off</list>
+ </completionHelp>
+ <valueHelp>
+ <format>on</format>
+ <description>Enable GRO (generic receive offload)</description>
+ </valueHelp>
+ <valueHelp>
+ <format>off</format>
+ <description>Disable GRO (generic receive offload)</description>
+ </valueHelp>
+ <constraint>
+ <regex>(on|off)</regex>
+ </constraint>
+ <constraintErrorMessage>Must be either 'on' or 'off'</constraintErrorMessage>
+ </properties>
+ </leafNode>
+ <leafNode name="generic-segmentation">
+ <properties>
+ <help>Configure GSO (generic segmentation offload)</help>
+ <completionHelp>
+ <list>on off</list>
+ </completionHelp>
+ <valueHelp>
+ <format>on</format>
+ <description>Enable GSO (generic segmentation offload)</description>
+ </valueHelp>
+ <valueHelp>
+ <format>off</format>
+ <description>Disable GSO (generic segmentation offload)</description>
+ </valueHelp>
+ <constraint>
+ <regex>(on|off)</regex>
+ </constraint>
+ <constraintErrorMessage>Must be either 'on' or 'off'</constraintErrorMessage>
+ </properties>
+ </leafNode>
+ <leafNode name="scatter-gather">
+ <properties>
+ <help>Configure scatter-gather option</help>
+ <completionHelp>
+ <list>on off</list>
+ </completionHelp>
+ <valueHelp>
+ <format>on</format>
+ <description>Enable scatter-gather</description>
+ </valueHelp>
+ <valueHelp>
+ <format>off</format>
+ <description>Disable scatter-gather</description>
+ </valueHelp>
+ <constraint>
+ <regex>(on|off)</regex>
+ </constraint>
+ <constraintErrorMessage>Must be either 'on' or 'off'</constraintErrorMessage>
+ </properties>
+ </leafNode>
+ <leafNode name="tcp-segmentation">
+ <properties>
+ <help>Configure TSO (TCP segmentation offloading)</help>
+ <completionHelp>
+ <list>on off</list>
+ </completionHelp>
+ <valueHelp>
+ <format>on</format>
+ <description>Enable TSO (TCP segmentation offloading)</description>
+ </valueHelp>
+ <valueHelp>
+ <format>off</format>
+ <description>Disable TSO (TCP segmentation offloading)</description>
+ </valueHelp>
+ <constraint>
+ <regex>(on|off)</regex>
+ </constraint>
+ <constraintErrorMessage>Must be either 'on' or 'off'</constraintErrorMessage>
+ </properties>
+ </leafNode>
+ <leafNode name="udp-fragmentation">
+ <properties>
+ <help>Configure UDP fragmentation offloading</help>
+ <completionHelp>
+ <list>on off</list>
+ </completionHelp>
+ <valueHelp>
+ <format>on</format>
+ <description>Enable UDP fragmentation offloading</description>
+ </valueHelp>
+ <valueHelp>
+ <format>off</format>
+ <description>Disable UDP fragmentation offloading</description>
+ </valueHelp>
+ <constraint>
+ <regex>(on|off)</regex>
+ </constraint>
+ <constraintErrorMessage>Must be either 'on' or 'off'</constraintErrorMessage>
+ </properties>
+ </leafNode>
+ </children>
+ </node>
+ <leafNode name="smp-affinity">
+ <properties>
+ <help>CPU interrupt affinity mask</help>
+ <completionHelp>
+ <list>auto 10 100 1000 2500 5000 10000</list>
+ </completionHelp>
+ <valueHelp>
+ <format>auto</format>
+ <description>Auto negotiation (default)</description>
+ </valueHelp>
+ <valueHelp>
+ <format>hex</format>
+ <description>Bitmask representing CPUs that this NIC will interrupt</description>
+ </valueHelp>
+ <valueHelp>
+ <format>hex,hex</format>
+ <description>Bitmasks representing CPUs for interrupt and receive processing</description>
+ </valueHelp>
+ <constraint>
+ <regex>(auto)</regex>
+ <regex>[0-9a-f]+(|,[0-9a-f]+)$</regex>
+ </constraint>
+ <constraintErrorMessage>IRQ affinity mask must be hex value or auto</constraintErrorMessage>
+ </properties>
+ </leafNode>
+ <leafNode name="speed">
+ <properties>
+ <help>Link speed</help>
+ <completionHelp>
+ <list>auto 10 100 1000 2500 5000 10000 25000 40000 50000 100000</list>
+ </completionHelp>
+ <valueHelp>
+ <format>auto</format>
+ <description>Auto negotiation (default)</description>
+ </valueHelp>
+ <valueHelp>
+ <format>10</format>
+ <description>10 Mbit/sec</description>
+ </valueHelp>
+ <valueHelp>
+ <format>100</format>
+ <description>100 Mbit/sec</description>
+ </valueHelp>
+ <valueHelp>
+ <format>1000</format>
+ <description>1 Gbit/sec</description>
+ </valueHelp>
+ <valueHelp>
+ <format>2500</format>
+ <description>2.5 Gbit/sec</description>
+ </valueHelp>
+ <valueHelp>
+ <format>5000</format>
+ <description>5 Gbit/sec</description>
+ </valueHelp>
+ <valueHelp>
+ <format>10000</format>
+ <description>10 Gbit/sec</description>
+ </valueHelp>
+ <valueHelp>
+ <format>25000</format>
+ <description>25 Gbit/sec</description>
+ </valueHelp>
+ <valueHelp>
+ <format>40000</format>
+ <description>40 Gbit/sec</description>
+ </valueHelp>
+ <valueHelp>
+ <format>50000</format>
+ <description>50 Gbit/sec</description>
+ </valueHelp>
+ <valueHelp>
+ <format>100000</format>
+ <description>100 Gbit/sec</description>
+ </valueHelp>
+ <constraint>
+ <regex>(auto|10|100|1000|2500|5000|10000|25000|40000|50000|100000)</regex>
+ </constraint>
+ <constraintErrorMessage>Speed must be auto, 10, 100, 1000, 2500, 5000, 10000, 25000, 40000, 50000 or 100000</constraintErrorMessage>
+ </properties>
+ </leafNode>
+ #include <include/vif-s.xml.i>
+ #include <include/vif.xml.i>
+ </children>
+ </tagNode>
+ </children>
+ </node>
+</interfaceDefinition>
diff --git a/interface-definitions/interfaces-geneve.xml b/interface-definitions/interfaces-geneve.xml
deleted file mode 100644
index e65ce6826..000000000
--- a/interface-definitions/interfaces-geneve.xml
+++ /dev/null
@@ -1,118 +0,0 @@
-<?xml version="1.0"?>
-<interfaceDefinition>
- <node name="interfaces">
- <children>
- <tagNode name="geneve" owner="${vyos_conf_scripts_dir}/interfaces-geneve.py">
- <properties>
- <help>Generic Network Virtualization Encapsulation (GENEVE)</help>
- <priority>460</priority>
- <constraint>
- <regex>gnv[0-9]+$</regex>
- </constraint>
- <constraintErrorMessage>GENEVE interface must be named gnvN</constraintErrorMessage>
- <valueHelp>
- <format>gnvN</format>
- <description>GENEVE interface name</description>
- </valueHelp>
- </properties>
- <children>
- <leafNode name="address">
- <properties>
- <help>IP address</help>
- <valueHelp>
- <format>ipv4net</format>
- <description>IPv4 address and prefix length</description>
- </valueHelp>
- <valueHelp>
- <format>ipv6net</format>
- <description>IPv6 address and prefix length</description>
- </valueHelp>
- <multi/>
- <constraint>
- <validator name="ip-cidr"/>
- </constraint>
- </properties>
- </leafNode>
- <leafNode name="description">
- <properties>
- <help>Interface description</help>
- <constraint>
- <regex>^.{1,256}$</regex>
- </constraint>
- <constraintErrorMessage>Interface description too long (limit 256 characters)</constraintErrorMessage>
- </properties>
- </leafNode>
- <leafNode name="disable">
- <properties>
- <help>Disable interface</help>
- <valueless/>
- </properties>
- </leafNode>
- <node name="ip">
- <properties>
- <help>IPv4 routing parameters</help>
- </properties>
- <children>
- <leafNode name="arp-cache-timeout">
- <properties>
- <help>ARP cache entry timeout in seconds</help>
- <valueHelp>
- <format>1-86400</format>
- <description>ARP cache entry timout in seconds (default 30)</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--range 1-86400"/>
- </constraint>
- <constraintErrorMessage>ARP cache entry timeout must be between 1 and 86400 seconds</constraintErrorMessage>
- </properties>
- </leafNode>
- <leafNode name="enable-proxy-arp">
- <properties>
- <help>Enable proxy-arp on this interface</help>
- <valueless/>
- </properties>
- </leafNode>
- </children>
- </node>
- <leafNode name="mtu">
- <properties>
- <help>Maximum Transmission Unit (MTU)</help>
- <valueHelp>
- <format>1450-9000</format>
- <description>Maximum Transmission Unit</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--range 1500-9000"/>
- </constraint>
- <constraintErrorMessage>MTU must be between 1500 and 9000</constraintErrorMessage>
- </properties>
- </leafNode>
- <leafNode name="remote">
- <properties>
- <help>Remote address of GENEVE tunnel</help>
- <valueHelp>
- <format>ipv4</format>
- <description>Remote address of GENEVE tunnel</description>
- </valueHelp>
- <constraint>
- <validator name="ipv4-address"/>
- </constraint>
- </properties>
- </leafNode>
- <leafNode name="vni">
- <properties>
- <help>Virtual Network Identifier</help>
- <valueHelp>
- <format>0-16777214</format>
- <description>GENEVE virtual network identifier</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--range 0-16777214"/>
- </constraint>
- </properties>
- </leafNode>
- </children>
- </tagNode>
- </children>
- </node>
-</interfaceDefinition>
diff --git a/interface-definitions/interfaces-geneve.xml.in b/interface-definitions/interfaces-geneve.xml.in
new file mode 100644
index 000000000..0a866143e
--- /dev/null
+++ b/interface-definitions/interfaces-geneve.xml.in
@@ -0,0 +1,60 @@
+<?xml version="1.0"?>
+<interfaceDefinition>
+ <node name="interfaces">
+ <children>
+ <tagNode name="geneve" owner="${vyos_conf_scripts_dir}/interfaces-geneve.py">
+ <properties>
+ <help>Generic Network Virtualization Encapsulation (GENEVE)</help>
+ <priority>460</priority>
+ <constraint>
+ <regex>gnv[0-9]+$</regex>
+ </constraint>
+ <constraintErrorMessage>GENEVE interface must be named gnvN</constraintErrorMessage>
+ <valueHelp>
+ <format>gnvN</format>
+ <description>GENEVE interface name</description>
+ </valueHelp>
+ </properties>
+ <children>
+ #include <include/address-ipv4-ipv6.xml.i>
+ #include <include/interface-description.xml.i>
+ #include <include/interface-disable.xml.i>
+ <node name="ip">
+ <properties>
+ <help>IPv4 routing parameters</help>
+ </properties>
+ <children>
+ #include <include/interface-arp-cache-timeout.xml.i>
+ #include <include/interface-enable-proxy-arp.xml.i>
+ </children>
+ </node>
+ #include <include/interface-mtu-1450-9000.xml.i>
+ <leafNode name="remote">
+ <properties>
+ <help>Remote address of GENEVE tunnel</help>
+ <valueHelp>
+ <format>ipv4</format>
+ <description>Remote address of GENEVE tunnel</description>
+ </valueHelp>
+ <constraint>
+ <validator name="ipv4-address"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ <leafNode name="vni">
+ <properties>
+ <help>Virtual Network Identifier</help>
+ <valueHelp>
+ <format>0-16777214</format>
+ <description>GENEVE virtual network identifier</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 0-16777214"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ </children>
+ </tagNode>
+ </children>
+ </node>
+</interfaceDefinition>
diff --git a/interface-definitions/interfaces-loopback.xml b/interface-definitions/interfaces-loopback.xml
deleted file mode 100644
index 0f003bc64..000000000
--- a/interface-definitions/interfaces-loopback.xml
+++ /dev/null
@@ -1,46 +0,0 @@
-<?xml version="1.0"?>
-<interfaceDefinition>
- <node name="interfaces">
- <children>
- <tagNode name="loopback" owner="${vyos_conf_scripts_dir}/interfaces-loopback.py">
- <properties>
- <help>Loopback interface</help>
- <priority>300</priority>
- <constraint>
- <regex>lo$</regex>
- </constraint>
- <constraintErrorMessage>Loopback interface must be named lo</constraintErrorMessage>
- <valueHelp>
- <format>lo</format>
- <description>Loopback interface</description>
- </valueHelp>
- </properties>
- <children>
- <leafNode name="address">
- <properties>
- <help>IP address</help>
- <valueHelp>
- <format>ipv4net</format>
- <description>IPv4 address and prefix length</description>
- </valueHelp>
- <valueHelp>
- <format>ipv6net</format>
- <description>IPv6 address and prefix length</description>
- </valueHelp>
- <multi/>
- </properties>
- </leafNode>
- <leafNode name="description">
- <properties>
- <help>Interface description</help>
- <constraint>
- <regex>^.{1,256}$</regex>
- </constraint>
- <constraintErrorMessage>Interface description too long (limit 256 characters)</constraintErrorMessage>
- </properties>
- </leafNode>
- </children>
- </tagNode>
- </children>
- </node>
-</interfaceDefinition>
diff --git a/interface-definitions/interfaces-loopback.xml.in b/interface-definitions/interfaces-loopback.xml.in
new file mode 100644
index 000000000..007a0f189
--- /dev/null
+++ b/interface-definitions/interfaces-loopback.xml.in
@@ -0,0 +1,25 @@
+<?xml version="1.0"?>
+<interfaceDefinition>
+ <node name="interfaces">
+ <children>
+ <tagNode name="loopback" owner="${vyos_conf_scripts_dir}/interfaces-loopback.py">
+ <properties>
+ <help>Loopback interface</help>
+ <priority>300</priority>
+ <constraint>
+ <regex>lo$</regex>
+ </constraint>
+ <constraintErrorMessage>Loopback interface must be named lo</constraintErrorMessage>
+ <valueHelp>
+ <format>lo</format>
+ <description>Loopback interface</description>
+ </valueHelp>
+ </properties>
+ <children>
+ #include <include/address-ipv4-ipv6.xml.i>
+ #include <include/interface-description.xml.i>
+ </children>
+ </tagNode>
+ </children>
+ </node>
+</interfaceDefinition>
diff --git a/interface-definitions/interfaces-openvpn.xml b/interface-definitions/interfaces-openvpn.xml.in
similarity index 98%
rename from interface-definitions/interfaces-openvpn.xml
rename to interface-definitions/interfaces-openvpn.xml.in
index 2c2556f45..638e9048b 100644
--- a/interface-definitions/interfaces-openvpn.xml
+++ b/interface-definitions/interfaces-openvpn.xml.in
@@ -1,677 +1,668 @@
<?xml version="1.0"?>
<interfaceDefinition>
<node name="interfaces">
<children>
<tagNode name="openvpn" owner="${vyos_conf_scripts_dir}/interfaces-openvpn.py">
<properties>
<help>OpenVPN tunnel interface name</help>
<priority>460</priority>
<constraint>
<regex>^vtun[0-9]+$</regex>
</constraint>
<constraintErrorMessage>OpenVPN tunnel interface must be named vtunN</constraintErrorMessage>
<valueHelp>
<format>vtunN</format>
<description>OpenVPN interface name</description>
</valueHelp>
</properties>
<children>
<node name="authentication">
<properties>
<help>Authentication options</help>
</properties>
<children>
<leafNode name="password">
<properties>
<help>OpenVPN password used for authentication</help>
</properties>
</leafNode>
<leafNode name="username">
<properties>
<help>OpenVPN username used for authentication</help>
</properties>
</leafNode>
</children>
</node>
- <leafNode name="description">
- <properties>
- <help>Description</help>
- </properties>
- </leafNode>
+ #include <include/interface-description.xml.i>
<leafNode name="device-type">
<properties>
<help>OpenVPN interface device-type</help>
<completionHelp>
<list>tun tap</list>
</completionHelp>
<valueHelp>
<format>tun</format>
<description>TUN device, required for OSI layer 3</description>
</valueHelp>
<valueHelp>
<format>tap</format>
<description>TAP device, required for OSI layer 2</description>
</valueHelp>
<constraint>
<regex>(tun|tap)</regex>
</constraint>
</properties>
</leafNode>
- <leafNode name="disable">
- <properties>
- <help>Disable interface</help>
- <valueless/>
- </properties>
- </leafNode>
+ #include <include/interface-disable.xml.i>
<node name="encryption">
<properties>
<help>Data Encryption settings</help>
</properties>
<children>
<leafNode name="cipher">
<properties>
<help>Standard Data Encryption Algorithm</help>
<completionHelp>
<list>des 3des bf128 bf256 aes128 aes128gcm aes192 aes192gcm aes256 aes256gcm</list>
</completionHelp>
<valueHelp>
<format>des</format>
<description>DES algorithm</description>
</valueHelp>
<valueHelp>
<format>3des</format>
<description>DES algorithm with triple encryption</description>
</valueHelp>
<valueHelp>
<format>bf128</format>
<description>Blowfish algorithm with 128-bit key</description>
</valueHelp>
<valueHelp>
<format>bf256</format>
<description>Blowfish algorithm with 256-bit key</description>
</valueHelp>
<valueHelp>
<format>aes128</format>
<description>AES algorithm with 128-bit key CBC</description>
</valueHelp>
<valueHelp>
<format>aes128gcm</format>
<description>AES algorithm with 128-bit key GCM</description>
</valueHelp>
<valueHelp>
<format>aes192</format>
<description>AES algorithm with 192-bit key CBC</description>
</valueHelp>
<valueHelp>
<format>aes192gcm</format>
<description>AES algorithm with 192-bit key GCM</description>
</valueHelp>
<valueHelp>
<format>aes256</format>
<description>AES algorithm with 256-bit key CBC</description>
</valueHelp>
<valueHelp>
<format>aes256gcm</format>
<description>AES algorithm with 256-bit key GCM</description>
</valueHelp>
<constraint>
<regex>(des|3des|bf128|bf256|aes128|aes128gcm|aes192|aes192gcm|aes256|aes256gcm)</regex>
</constraint>
</properties>
</leafNode>
<leafNode name="ncp-ciphers">
<properties>
<help>Cipher negotiation list for use in server or client mode</help>
<completionHelp>
<list>des 3des aes128 aes128gcm aes192 aes192gcm aes256 aes256gcm</list>
</completionHelp>
<valueHelp>
<format>des</format>
<description>DES algorithm</description>
</valueHelp>
<valueHelp>
<format>3des</format>
<description>DES algorithm with triple encryption</description>
</valueHelp>
<valueHelp>
<format>aes128</format>
<description>AES algorithm with 128-bit key CBC</description>
</valueHelp>
<valueHelp>
<format>aes128gcm</format>
<description>AES algorithm with 128-bit key GCM</description>
</valueHelp>
<valueHelp>
<format>aes192</format>
<description>AES algorithm with 192-bit key CBC</description>
</valueHelp>
<valueHelp>
<format>aes192gcm</format>
<description>AES algorithm with 192-bit key GCM</description>
</valueHelp>
<valueHelp>
<format>aes256</format>
<description>AES algorithm with 256-bit key CBC</description>
</valueHelp>
<valueHelp>
<format>aes256gcm</format>
<description>AES algorithm with 256-bit key GCM</description>
</valueHelp>
<constraint>
<regex>(des|3des|aes128|aes128gcm|aes192|aes192gcm|aes256|aes256gcm)</regex>
</constraint>
<multi/>
</properties>
</leafNode>
<leafNode name="disable-ncp">
<properties>
<help>Disable support for ncp-ciphers</help>
<valueless/>
</properties>
</leafNode>
</children>
</node>
<leafNode name="hash">
<properties>
<help>Hashing Algorithm</help>
<completionHelp>
<list>md5 sha1 sha256 sha384 sha512</list>
</completionHelp>
<valueHelp>
<format>md5</format>
<description>MD5 algorithm</description>
</valueHelp>
<valueHelp>
<format>sha1</format>
<description>SHA-1 algorithm</description>
</valueHelp>
<valueHelp>
<format>sha256</format>
<description>SHA-256 algorithm</description>
</valueHelp>
<valueHelp>
<format>sha384</format>
<description>SHA-384 algorithm</description>
</valueHelp>
<valueHelp>
<format>sha512</format>
<description>SHA-512 algorithm</description>
</valueHelp>
<constraint>
<regex>(md5|sha1|sha256|sha384|sha512)</regex>
</constraint>
</properties>
</leafNode>
<node name="keep-alive">
<properties>
<help>Keepalive helper options</help>
</properties>
<children>
<leafNode name="failure-count">
<properties>
<help>Maximum number of keepalive packet failures [default 6]</help>
<valueHelp>
<format>0-1000</format>
<description>Maximum number of keepalive packet failures</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 0-1000"/>
</constraint>
</properties>
</leafNode>
<leafNode name="interval">
<properties>
<help>Keepalive packet interval (seconds) [default 10]</help>
<valueHelp>
<format>0-600</format>
<description>Keepalive packet interval (seconds)</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 0-600"/>
</constraint>
</properties>
</leafNode>
</children>
</node>
<tagNode name="local-address">
<properties>
<help>Local IP address of tunnel</help>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
<children>
<leafNode name="subnet-mask">
<properties>
<help>Subnet-mask for local IP address of tunnel</help>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
</children>
</tagNode>
<leafNode name="local-host">
<properties>
<help>Local IP address to accept connections (all if not set)</help>
<valueHelp>
<format>ipv4</format>
<description>Local IPv4 address</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="local-port">
<properties>
<help>Local port number to accept connections</help>
<valueHelp>
<format>1-65535</format>
<description>Numeric IP port</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 1-65535"/>
</constraint>
</properties>
</leafNode>
<leafNode name="mode">
<properties>
<help>OpenVPN mode of operation</help>
<completionHelp>
<list>site-to-site client server</list>
</completionHelp>
<valueHelp>
<format>site-to-site</format>
<description>Site-to-site mode</description>
</valueHelp>
<valueHelp>
<format>client</format>
<description>Client in client-server mode</description>
</valueHelp>
<valueHelp>
<format>server</format>
<description>Server in client-server mode</description>
</valueHelp>
<constraint>
<regex>(site-to-site|client|server)</regex>
</constraint>
</properties>
</leafNode>
<leafNode name="openvpn-option">
<properties>
<help>Additional OpenVPN options. You must
use the syntax of openvpn.conf in this text-field. Using this
without proper knowledge may result in a crashed OpenVPN server.
Check system log to look for errors.</help>
<multi/>
</properties>
</leafNode>
<leafNode name="persistent-tunnel">
<properties>
<help>Do not close and reopen interface (TUN/TAP device) on client restarts</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="protocol">
<properties>
<help>OpenVPN communication protocol</help>
<completionHelp>
<list>udp tcp-passive tcp-active</list>
</completionHelp>
<valueHelp>
<format>udp</format>
<description>Site-to-site mode</description>
</valueHelp>
<valueHelp>
<format>tcp-passive</format>
<description>TCP and accepts connections passively</description>
</valueHelp>
<valueHelp>
<format>tcp-active</format>
<description>TCP and initiates connections actively</description>
</valueHelp>
<constraint>
<regex>(udp|tcp-passive|tcp-active)</regex>
</constraint>
</properties>
</leafNode>
<leafNode name="remote-address">
<properties>
<help>IP address of remote end of tunnel</help>
<valueHelp>
<format>ipv4</format>
<description>Remote end IPv4 address</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="remote-host">
<properties>
<help>Remote host to connect to (dynamic if not set)</help>
<valueHelp>
<format>ipv4</format>
<description>IP address of remote host</description>
</valueHelp>
<valueHelp>
<format>txt</format>
<description>Hostname of remote host</description>
</valueHelp>
<multi/>
</properties>
</leafNode>
<leafNode name="remote-port">
<properties>
<help>Remote port number to connect to</help>
<valueHelp>
<format>1-65535</format>
<description>Numeric IP port</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 1-65535"/>
</constraint>
</properties>
</leafNode>
<node name="replace-default-route">
<properties>
<help>OpenVPN tunnel to be used as the default route</help>
</properties>
<children>
<leafNode name="local">
<properties>
<help>Tunnel endpoints are on the same subnet</help>
</properties>
</leafNode>
</children>
</node>
<node name="server">
<properties>
<help>Server-mode options</help>
</properties>
<children>
<tagNode name="client">
<properties>
<help>Client-specific settings</help>
<valueHelp>
<format>name</format>
<description>Client common-name in the certificate</description>
</valueHelp>
</properties>
<children>
<leafNode name="disable">
<properties>
<help>Option to disable client connection</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="ip">
<properties>
<help>IP address of the client</help>
<valueHelp>
<format>ipv4</format>
<description>Client IPv4 address</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="push-route">
<properties>
<help>Route to be pushed to the client</help>
<valueHelp>
<format>ipv4net</format>
<description>IPv4 network and prefix length</description>
</valueHelp>
<constraint>
<validator name="ipv4-prefix"/>
</constraint>
<multi/>
</properties>
</leafNode>
<leafNode name="subnet">
<properties>
<help>Subnet belonging to the client</help>
<valueHelp>
<format>ipv4net</format>
<description>IPv4 network and prefix length belonging to the client</description>
</valueHelp>
<constraint>
<validator name="ipv4-prefix"/>
</constraint>
<multi/>
</properties>
</leafNode>
</children>
</tagNode>
<leafNode name="domain-name">
<properties>
<help>DNS suffix to be pushed to all clients</help>
<valueHelp>
<format>txt</format>
<description>Domain Name Server suffix</description>
</valueHelp>
</properties>
</leafNode>
<leafNode name="max-connections">
<properties>
<help>Number of maximum client connections</help>
<valueHelp>
<format>1-4096</format>
<description>Number of concurrent clients</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 1-4096"/>
</constraint>
</properties>
</leafNode>
<leafNode name="name-server">
<properties>
<help>Domain Name Server (DNS)</help>
<valueHelp>
<format>ipv4</format>
<description>DNS server IPv4 address</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
<multi/>
</properties>
</leafNode>
<leafNode name="push-route">
<properties>
<help>Route to be pushed to all clients</help>
<valueHelp>
<format>ipv4net</format>
<description>IPv4 network and prefix length</description>
</valueHelp>
<constraint>
<validator name="ipv4-prefix"/>
</constraint>
<multi/>
</properties>
</leafNode>
<leafNode name="reject-unconfigured-clients">
<properties>
<help>Reject connections from clients that are not explicitly configured</help>
</properties>
</leafNode>
<leafNode name="subnet">
<properties>
<help>Server-mode subnet (from which client IPs are allocated)</help>
<valueHelp>
<format>ipv4net</format>
<description>IPv4 address and prefix length</description>
</valueHelp>
<constraint>
<validator name="ipv4-prefix"/>
</constraint>
</properties>
</leafNode>
<leafNode name="topology">
<properties>
<help>Topology for clients</help>
<completionHelp>
<list>point-to-point subnet</list>
</completionHelp>
<valueHelp>
<format>point-to-point</format>
<description>Point-to-point topology</description>
</valueHelp>
<valueHelp>
<format>subnet</format>
<description>Subnet topology</description>
</valueHelp>
<constraint>
<regex>(subnet|point-to-point)</regex>
</constraint>
</properties>
</leafNode>
</children>
</node>
<leafNode name="shared-secret-key-file">
<properties>
<help>File containing the secret key shared with remote end of tunnel</help>
<valueHelp>
<format>file</format>
<description>File in /config/auth directory</description>
</valueHelp>
<constraint>
<validator name="file-exists" argument="--directory /config/auth"/>
</constraint>
</properties>
</leafNode>
<node name="tls">
<properties>
<help>Transport Layer Security (TLS) options</help>
</properties>
<children>
<leafNode name="auth-file">
<properties>
<help>File containing tls static key for tls-auth</help>
<valueHelp>
<format>file</format>
<description>File in /config/auth directory</description>
</valueHelp>
<constraint>
<validator name="file-exists" argument="--directory /config/auth"/>
</constraint>
</properties>
</leafNode>
<leafNode name="ca-cert-file">
<properties>
<help>File containing certificate for Certificate Authority (CA)</help>
<valueHelp>
<format>file</format>
<description>File in /config/auth directory</description>
</valueHelp>
<constraint>
<validator name="file-exists" argument="--directory /config/auth"/>
</constraint>
</properties>
</leafNode>
<leafNode name="cert-file">
<properties>
<help>File containing certificate for this host</help>
<valueHelp>
<format>file</format>
<description>File in /config/auth directory</description>
</valueHelp>
<constraint>
<validator name="file-exists" argument="--directory /config/auth"/>
</constraint>
</properties>
</leafNode>
<leafNode name="crl-file">
<properties>
<help>File containing certificate revocation list (CRL) for this host</help>
<valueHelp>
<format>file</format>
<description>File in /config/auth directory</description>
</valueHelp>
<constraint>
<validator name="file-exists" argument="--directory /config/auth"/>
</constraint>
</properties>
</leafNode>
<leafNode name="dh-file">
<properties>
<help>File containing Diffie Hellman parameters (server only)</help>
<valueHelp>
<format>file</format>
<description>File in /config/auth directory</description>
</valueHelp>
<constraint>
<validator name="file-exists" argument="--directory /config/auth"/>
</constraint>
</properties>
</leafNode>
<leafNode name="key-file">
<properties>
- <help>File containing this host's private key</help>
+ <help>Private key for this host</help>
<valueHelp>
<format>file</format>
<description>File in /config/auth directory</description>
</valueHelp>
<constraint>
<validator name="file-exists" argument="--directory /config/auth"/>
</constraint>
</properties>
</leafNode>
<leafNode name="tls-version-min">
<properties>
<help>Specify the minimum required TLS version</help>
<completionHelp>
<list>1.0 1.1 1.2</list>
</completionHelp>
<valueHelp>
<format>1.0</format>
<description>TLS v1.0</description>
</valueHelp>
<valueHelp>
<format>1.1</format>
<description>TLS v1.1</description>
</valueHelp>
<valueHelp>
<format>1.2</format>
<description>TLS v1.2</description>
</valueHelp>
<constraint>
<regex>(1.0|1.1|1.2)</regex>
</constraint>
</properties>
</leafNode>
<leafNode name="role">
<properties>
- <help>File containing this host's private key</help>
+ <help>Private key for this host</help>
<completionHelp>
<list>active passive</list>
</completionHelp>
<valueHelp>
<format>active</format>
<description>Initiate TLS negotiation actively</description>
</valueHelp>
<valueHelp>
<format>passive</format>
<description>Waiting for TLS connections passively</description>
</valueHelp>
<constraint>
<regex>(active|passive)</regex>
</constraint>
</properties>
</leafNode>
</children>
</node>
<leafNode name="use-lzo-compression">
<properties>
<help>Use fast LZO compression on this TUN/TAP interface</help>
<valueless/>
</properties>
</leafNode>
</children>
</tagNode>
</children>
</node>
</interfaceDefinition>
diff --git a/interface-definitions/interfaces-vxlan.xml b/interface-definitions/interfaces-vxlan.xml.in
similarity index 54%
rename from interface-definitions/interfaces-vxlan.xml
rename to interface-definitions/interfaces-vxlan.xml.in
index f93711741..f6b5cadac 100644
--- a/interface-definitions/interfaces-vxlan.xml
+++ b/interface-definitions/interfaces-vxlan.xml.in
@@ -1,151 +1,93 @@
<?xml version="1.0"?>
<interfaceDefinition>
<node name="interfaces">
<children>
<tagNode name="vxlan" owner="${vyos_conf_scripts_dir}/interfaces-vxlan.py">
<properties>
<help>Virtual extensible LAN interface (VXLAN)</help>
<priority>460</priority>
<constraint>
<regex>vxlan[0-9]+$</regex>
</constraint>
<constraintErrorMessage>VXLAN interface must be named vxlanN</constraintErrorMessage>
<valueHelp>
<format>vxlanN</format>
<description>VXLAN interface name</description>
</valueHelp>
</properties>
<children>
- <leafNode name="address">
- <properties>
- <help>IP address</help>
- <valueHelp>
- <format>ipv4net</format>
- <description>IPv4 address and prefix length</description>
- </valueHelp>
- <valueHelp>
- <format>ipv6net</format>
- <description>IPv6 address and prefix length</description>
- </valueHelp>
- <multi/>
- <constraint>
- <validator name="ip-cidr"/>
- </constraint>
- </properties>
- </leafNode>
- <leafNode name="description">
- <properties>
- <help>Interface description</help>
- <constraint>
- <regex>^.{1,256}$</regex>
- </constraint>
- <constraintErrorMessage>Interface description too long (limit 256 characters)</constraintErrorMessage>
- </properties>
- </leafNode>
- <leafNode name="disable">
- <properties>
- <help>Disable interface</help>
- <valueless/>
- </properties>
- </leafNode>
+ #include <include/address-ipv4-ipv6.xml.i>
+ #include <include/interface-description.xml.i>
+ #include <include/interface-disable.xml.i>
<leafNode name="group">
<properties>
<help>Multicast group address for VXLAN interface</help>
<valueHelp>
<format>ipv4</format>
<description>Multicast group address</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<node name="ip">
<children>
- <leafNode name="arp-cache-timeout">
- <properties>
- <help>ARP cache entry timeout in seconds</help>
- <valueHelp>
- <format>1-86400</format>
- <description>ARP cache entry timout in seconds (default 30)</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--range 1-86400"/>
- </constraint>
- <constraintErrorMessage>ARP cache entry timeout must be between 1 and 86400 seconds</constraintErrorMessage>
- </properties>
- </leafNode>
- <leafNode name="enable-proxy-arp">
- <properties>
- <help>Enable proxy-arp on this interface</help>
- <valueless/>
- </properties>
- </leafNode>
+ #include <include/interface-arp-cache-timeout.xml.i>
+ #include <include/interface-enable-proxy-arp.xml.i>
</children>
</node>
<leafNode name="link">
<properties>
<help>Underlay device of VXLAN interface</help>
<valueHelp>
<format>interface</format>
<description>Interface used for VXLAN underlay</description>
</valueHelp>
<completionHelp>
<script>${vyos_completion_dir}/list_interfaces.py</script>
</completionHelp>
</properties>
</leafNode>
- <leafNode name="mtu">
- <properties>
- <help>Maximum Transmission Unit (MTU)</help>
- <valueHelp>
- <format>1450-9000</format>
- <description>Maximum Transmission Unit</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--range 1450-9000"/>
- </constraint>
- <constraintErrorMessage>MTU must be between 1450 and 9000</constraintErrorMessage>
- </properties>
- </leafNode>
+ #include <include/interface-mtu-1450-9000.xml.i>
<leafNode name="remote">
<properties>
<help>Remote address of VXLAN tunnel</help>
<valueHelp>
<format>ipv4</format>
<description>Remote address of VXLAN tunnel</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="port">
<properties>
<help>Destination port of VXLAN tunnel (default: 8472)</help>
<valueHelp>
<format>1-65535</format>
<description>Numeric IP port</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 1-65535"/>
</constraint>
</properties>
</leafNode>
<leafNode name="vni">
<properties>
<help>Virtual Network Identifier</help>
<valueHelp>
<format>0-16777214</format>
<description>VXLAN virtual network identifier</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 0-16777214"/>
</constraint>
</properties>
</leafNode>
</children>
</tagNode>
</children>
</node>
</interfaceDefinition>
diff --git a/interface-definitions/interfaces-wireguard.xml b/interface-definitions/interfaces-wireguard.xml.in
similarity index 79%
rename from interface-definitions/interfaces-wireguard.xml
rename to interface-definitions/interfaces-wireguard.xml.in
index 0c32a3bc1..6be0292a1 100644
--- a/interface-definitions/interfaces-wireguard.xml
+++ b/interface-definitions/interfaces-wireguard.xml.in
@@ -1,150 +1,121 @@
<?xml version="1.0"?>
<interfaceDefinition>
<node name="interfaces">
<children>
<tagNode name="wireguard" owner="${vyos_conf_scripts_dir}/interfaces-wireguard.py">
<properties>
<help>WireGuard interface name</help>
<priority>459</priority>
<!-- subsequent ones may be removed, just make sure ethernet ifs are present -->
<constraint>
<regex>^wg[0-9]{1,4}</regex>
</constraint>
<constraintErrorMessage>illegal interface name</constraintErrorMessage>
<valueHelp>
<format>wgN</format>
<description>WireGuard interface name</description>
</valueHelp>
</properties>
<children>
- <leafNode name="address">
- <properties>
- <help>IP address</help>
- <constraint>
- <validator name="ip-cidr"/>
- </constraint>
- <valueHelp>
- <format>ipv4net</format>
- <description>IPv4 address and prefix length</description>
- </valueHelp>
- <valueHelp>
- <format>ipv6net</format>
- <description>IPv6 address and prefix length</description>
- </valueHelp>
- <multi/>
- </properties>
- </leafNode>
- <leafNode name="description">
- <properties>
- <help>description</help>
- <constraint>
- <regex>^.{1,100}$</regex>
- </constraint>
- <constraintErrorMessage>interface description is too long (limit 100 characters)</constraintErrorMessage>
- </properties>
- </leafNode>
- <leafNode name="disable">
- <properties>
- <help>disables interface</help>
- <valueless/>
- </properties>
- </leafNode>
+ #include <include/address-ipv4-ipv6.xml.i>
+ #include <include/interface-description.xml.i>
+ #include <include/interface-disable.xml.i>
<leafNode name="port">
<properties>
<help>Local port number to accept connections</help>
<constraint>
<validator name="numeric" argument="--range 1024-65535"/>
</constraint>
</properties>
</leafNode>
<leafNode name="mtu">
<properties>
<help>interface mtu size(default: 1420)</help>
<constraint>
<validator name="numeric" argument="--range 68-9000"/>
</constraint>
</properties>
</leafNode>
<leafNode name="fwmark">
<properties>
<help>A 32-bit fwmark value set on all outgoing packets</help>
<valueHelp>
<format>number</format>
<description>value which marks the packet for QoS/shaper</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 1-255"/>
</constraint>
</properties>
</leafNode>
<leafNode name="private-key">
<properties>
<help>Private key to use on that interface</help>
<completionHelp>
<script>${vyos_op_scripts_dir}/wireguard.py --listkdir</script>
</completionHelp>
</properties>
</leafNode>
<tagNode name="peer">
<properties>
<help>peer alias</help>
<constraint>
<regex>[^ ]{1,100}$</regex>
</constraint>
<constraintErrorMessage>peer alias too long (limit 100 characters)</constraintErrorMessage>
</properties>
<children>
<leafNode name="disable">
<properties>
<help>disables peer</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="pubkey">
<properties>
<help>base64 encoded public key</help>
<constraint>
<regex>^[0-9a-zA-Z\+/]{43}=$</regex>
</constraint>
<constraintErrorMessage>Key is not valid 44-character (32-bytes) base64</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="preshared-key">
<properties>
<help>base64 encoded preshared key</help>
<constraint>
<regex>^[0-9a-zA-Z\+/]{43}=$</regex>
</constraint>
<constraintErrorMessage>Key is not valid 44-character (32-bytes) base64</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="allowed-ips">
<properties>
<help>IP addresses allowed to traverse the peer</help>
<constraint>
<validator name="ip-prefix"/>
</constraint>
<multi/>
</properties>
</leafNode>
<!-- eventually check format IP:port -->
<leafNode name="endpoint">
<properties>
<help>Remote endpoint (IP:port)</help>
</properties>
</leafNode>
<leafNode name="persistent-keepalive">
<properties>
<help>how often send keep alives in seconds</help>
<constraint>
<validator name="numeric" argument="--range 1-65535"/>
</constraint>
</properties>
</leafNode>
</children>
</tagNode>
</children>
</tagNode>
</children>
</node>
</interfaceDefinition>
diff --git a/interface-definitions/interfaces-wireless.xml b/interface-definitions/interfaces-wireless.xml.in
similarity index 82%
rename from interface-definitions/interfaces-wireless.xml
rename to interface-definitions/interfaces-wireless.xml.in
index 6bc49dddb..53c448930 100644
--- a/interface-definitions/interfaces-wireless.xml
+++ b/interface-definitions/interfaces-wireless.xml.in
@@ -1,963 +1,774 @@
<?xml version="1.0"?>
<interfaceDefinition>
<node name="interfaces">
<children>
<tagNode name="wireless" owner="${vyos_conf_scripts_dir}/interfaces-wireless.py">
<properties>
<help>Wireless network interface (WiFi/WLAN)</help>
<priority>400</priority>
<constraint>
<regex>wlan[0-9]+$</regex>
</constraint>
<constraintErrorMessage>Wireless interface must be named wlanN</constraintErrorMessage>
<valueHelp>
<format>wlanN</format>
<description>Wireless (WiFi/WLAN) interface name</description>
</valueHelp>
</properties>
<children>
- <leafNode name="address">
- <properties>
- <help>IP address</help>
- <completionHelp>
- <list>dhcp dhcpv6</list>
- </completionHelp>
- <valueHelp>
- <format>ipv4net</format>
- <description>IPv4 address and prefix length</description>
- </valueHelp>
- <valueHelp>
- <format>ipv6net</format>
- <description>IPv6 address and prefix length</description>
- </valueHelp>
- <valueHelp>
- <format>dhcp</format>
- <description>Dynamic Host Configuration Protocol</description>
- </valueHelp>
- <valueHelp>
- <format>dhcpv6</format>
- <description>Dynamic Host Configuration Protocol for IPv6</description>
- </valueHelp>
- <constraint>
- <validator name="ip-cidr"/>
- <regex>(dhcp|dhcpv6)</regex>
- </constraint>
- <multi/>
- </properties>
- </leafNode>
+ #include <include/address-ipv4-ipv6-dhcp.xml.i>
<node name="capabilities">
<properties>
<help>HT and VHT capabilities for your card</help>
</properties>
<children>
<node name="ht">
<properties>
<help>HT (High Throughput) settings</help>
</properties>
<children>
<leafNode name="40mhz-incapable">
<properties>
<help>40MHz intolerance, use 20MHz only!</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="auto-powersave">
<properties>
<help>Enable WMM-PS unscheduled automatic power aave delivery [U-APSD]</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="channel-set-width">
<properties>
<help>Supported channel set width</help>
<completionHelp>
<list>ht20 ht40+ ht40-</list>
</completionHelp>
<valueHelp>
<format>ht20</format>
<description>Supported channel set width both 20 MHz only</description>
</valueHelp>
<valueHelp>
<format>ht40+</format>
<description>Supported channel set width both 20 MHz and 40 MHz with secondary channel above primary channel</description>
</valueHelp>
<valueHelp>
<format>ht40-</format>
<description>Supported channel set width both 20 MHz and 40 MHz with secondary channel below primary channel</description>
</valueHelp>
<constraint>
<regex>(ht20|ht40\+|ht40-)</regex>
</constraint>
<multi/>
</properties>
</leafNode>
<leafNode name="delayed-block-ack">
<properties>
<help>Enable HT-delayed block ack</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="dsss-cck-40">
<properties>
<help>Enable DSSS_CCK-40</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="greenfield">
<properties>
<help>Enable HT-greenfield</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="ldpc">
<properties>
<help>Enable LDPC coding capability</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="lsig-protection">
<properties>
<help>Enable L-SIG TXOP protection capability</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="max-amsdu">
<properties>
<help>Set maximum A-MSDU length</help>
<completionHelp>
<list>3839 7935</list>
</completionHelp>
<valueHelp>
<format>3839</format>
<description>Set maximum A-MSDU length to 3839 octets</description>
</valueHelp>
<valueHelp>
<format>7935</format>
<description>Set maximum A-MSDU length to 7935 octets</description>
</valueHelp>
<constraint>
<regex>(3839|7935)</regex>
</constraint>
<multi/>
</properties>
</leafNode>
<leafNode name="short-gi">
<properties>
<help>Short GI capabilities</help>
<completionHelp>
<list>20 40</list>
</completionHelp>
<valueHelp>
<format>20</format>
<description>Short GI for 20 MHz</description>
</valueHelp>
<valueHelp>
<format>40</format>
<description>Short GI for 40 MHz</description>
</valueHelp>
<constraint>
<regex>(20|40)</regex>
</constraint>
<multi/>
</properties>
</leafNode>
<leafNode name="smps">
<properties>
<help>Spatial Multiplexing Power Save (SMPS) settings</help>
<completionHelp>
<list>static dynamic</list>
</completionHelp>
<valueHelp>
<format>static</format>
<description>STATIC Spatial Multiplexing (SM) Power Save</description>
</valueHelp>
<valueHelp>
<format>dynamic</format>
<description>DYNAMIC Spatial Multiplexing (SM) Power Save</description>
</valueHelp>
<constraint>
<regex>(static|dynamic)</regex>
</constraint>
<multi/>
</properties>
</leafNode>
<node name="stbc">
<properties>
<help>Support for sending and receiving PPDU using STBC (Space Time Block Coding)</help>
</properties>
<children>
<leafNode name="rx">
<properties>
<help>Enable receiving PPDU using STBC (Space Time Block Coding)</help>
<valueHelp>
<format>[1-3]+</format>
<description>Number of spacial streams that can use RX STBC</description>
</valueHelp>
<constraint>
<regex>[1-3]+</regex>
</constraint>
<constraintErrorMessage>Invalid capability item</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="tx">
<properties>
<help>Enable sending PPDU using STBC (Space Time Block Coding)</help>
<valueless/>
</properties>
</leafNode>
</children>
</node>
</children>
</node>
<leafNode name="require-ht">
<properties>
<help>Require stations to support HT PHY (reject association if they do not)</help>
<completionHelp>
<script>echo If you reject non-HT, you also disable 802.11g</script>
</completionHelp>
<valueless/>
</properties>
</leafNode>
<leafNode name="require-vht">
<properties>
<help>Require stations to support VHT PHY (reject association if they do not)</help>
<completionHelp>
<script>echo If you reject non-VHT, you also disable 802.11n</script>
</completionHelp>
<valueless/>
</properties>
</leafNode>
<node name="vht">
<properties>
<help>VHT (Very High Throughput) settings</help>
</properties>
<children>
<leafNode name="antenna-count">
<properties>
<help>Number of antennas on this card</help>
<valueHelp>
<format>1-9</format>
<description>Number of antennas for this card</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 1-9"/>
</constraint>
</properties>
</leafNode>
<leafNode name="antenna-pattern-fixed">
<properties>
<help>Set if antenna pattern does not change during the lifetime of an association</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="beamform">
<properties>
<help>Beamforming capabilities</help>
<completionHelp>
<list>single-user-beamformer single-user-beamformee multi-user-beamformer multi-user-beamformee</list>
</completionHelp>
<valueHelp>
<format>single-user-beamformer</format>
<description>Support for operation as single user beamformer</description>
</valueHelp>
<valueHelp>
<format>single-user-beamformee</format>
<description>Support for operation as single user beamformee</description>
</valueHelp>
<valueHelp>
<format>multi-user-beamformer</format>
<description>Support for operation as multi user beamformer</description>
</valueHelp>
<valueHelp>
<format>multi-user-beamformee</format>
<description>Support for operation as multi user beamformee</description>
</valueHelp>
<constraint>
<regex>(single-user-beamformer|single-user-beamformee|multi-user-beamformer|multi-user-beamformee)</regex>
</constraint>
<multi/>
</properties>
</leafNode>
<node name="center-channel-freq">
<properties>
<help>VHT operating channel center frequency</help>
</properties>
<children>
<leafNode name="freq-1">
<properties>
<help>VHT operating channel center frequency - center freq 1 (for use with 80, 80+80 and 160 modes)</help>
<valueHelp>
<format><34-173></format>
<description>5Ghz (802.11 a/h/j/n/ac) center channel index (use 42 for primary 80MHz channel 36)</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 34-173"/>
</constraint>
<constraintErrorMessage>Channel center value must be between 34 and 173</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="freq-2">
<properties>
<help>VHT operating channel center frequency - center freq 2 (for use with the 80+80 mode)</help>
<valueHelp>
<format>34-173</format>
<description>5Ghz (802.11 a/h/j/n/ac) center channel index (use 58 for primary 80MHz channel 52)</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 34-173"/>
</constraint>
<constraintErrorMessage>Channel center value must be between 34 and 173</constraintErrorMessage>
</properties>
</leafNode>
</children>
</node>
<leafNode name="channel-set-width">
<properties>
<help>VHT operating Channel width</help>
<completionHelp>
<list>0 1 2 3</list>
</completionHelp>
<valueHelp>
<format>0</format>
<description>20 or 40 MHz channel width (default)</description>
</valueHelp>
<valueHelp>
<format>1</format>
<description>80 MHz channel width</description>
</valueHelp>
<valueHelp>
<format>2</format>
<description>160 MHz channel width</description>
</valueHelp>
<valueHelp>
<format>3</format>
<description>80+80 MHz channel width</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 0-3"/>
</constraint>
</properties>
</leafNode>
<leafNode name="ldpc">
<properties>
<help>Enable LDPC (Low Density Parity Check) coding capability</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="link-adaptation">
<properties>
<help>VHT link adaptation capabilities</help>
<completionHelp>
<list>single-user-beamformer single-user-beamformee multi-user-beamformer multi-user-beamformee</list>
</completionHelp>
<valueHelp>
<format>unsolicited</format>
<description>Station provides only unsolicited VHT MFB</description>
</valueHelp>
<valueHelp>
<format>both</format>
<description>Station can provide VHT MFB in response to VHT MRQ and unsolicited VHT MFB</description>
</valueHelp>
<constraint>
<regex>(unsolicited|both)</regex>
</constraint>
<constraintErrorMessage>Invalid capability item</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="max-mpdu-exp">
<properties>
<help>Set the maximum length of A-MPDU pre-EOF padding that the station can receive</help>
<valueHelp>
<format><0-7></format>
<description>Maximum length of A-MPDU pre-EOF padding = 2 pow(13 + x) -1 octets</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 0-7"/>
</constraint>
</properties>
</leafNode>
<leafNode name="max-mpdu">
<properties>
<help>Increase Maximum MPDU length to 7991 or 11454 octets (otherwise: 3895 octets)</help>
<completionHelp>
<list>7991 11454</list>
</completionHelp>
<valueHelp>
<format>7991</format>
<description>ncrease Maximum MPDU length to 7991 octets</description>
</valueHelp>
<valueHelp>
<format>11454</format>
<description>ncrease Maximum MPDU length to 11454 octets</description>
</valueHelp>
<constraint>
<regex>(7991|11454)</regex>
</constraint>
</properties>
</leafNode>
<leafNode name="short-gi">
<properties>
<help>Short GI capabilities</help>
<completionHelp>
<list>80 160</list>
</completionHelp>
<valueHelp>
<format>80</format>
<description>Short GI for 80 MHz</description>
</valueHelp>
<valueHelp>
<format>160</format>
<description>Short GI for 160 MHz</description>
</valueHelp>
<constraint>
<regex>(80|160)</regex>
</constraint>
<multi/>
</properties>
</leafNode>
<node name="stbc">
<properties>
<help>Support for sending and receiving PPDU using STBC (Space Time Block Coding)</help>
</properties>
<children>
<leafNode name="rx">
<properties>
<help>Enable receiving PPDU using STBC (Space Time Block Coding)</help>
<valueHelp>
<format>[1-4]+</format>
<description>Number of spacial streams that can use RX STBC</description>
</valueHelp>
<constraint>
<regex>[1-4]+</regex>
</constraint>
<constraintErrorMessage>Invalid capability item</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="tx">
<properties>
<help>Enable sending PPDU using STBC (Space Time Block Coding)</help>
<valueless/>
</properties>
</leafNode>
</children>
</node>
<leafNode name="tx-powersave">
<properties>
<help>Enable VHT TXOP Power Save Mode</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="vht-cf">
<properties>
<help>Station supports receiving VHT variant HT Control field</help>
<valueless/>
</properties>
</leafNode>
</children>
</node>
</children>
</node>
<leafNode name="channel">
<properties>
<help>Wireless radio channel (use 0 for ACS auto channel selection)</help>
<valueHelp>
<format><1-14></format>
<description>2.4Ghz (802.11 b/g/n) Channel</description>
</valueHelp>
<valueHelp>
<format><0,34-173></format>
<description>5Ghz (802.11 a/h/j/n/ac) Channel</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 0-0 --range 1-14 --range 34-173"/>
</constraint>
</properties>
</leafNode>
- <leafNode name="description">
- <properties>
- <help>Interface description</help>
- <constraint>
- <regex>.{1,256}$</regex>
- </constraint>
- <constraintErrorMessage>Interface description too long (limit 256 characters)</constraintErrorMessage>
- </properties>
- </leafNode>
- <node name="dhcp-options">
- <properties>
- <help>DHCP options</help>
- </properties>
- <children>
- <leafNode name="client-id">
- <properties>
- <help>DHCP client identifier</help>
- </properties>
- </leafNode>
- <leafNode name="host-name">
- <properties>
- <help>DHCP client host name (overrides system host name)</help>
- </properties>
- </leafNode>
- <leafNode name="vendor-class-id">
- <properties>
- <help>DHCP client vendor type</help>
- </properties>
- </leafNode>
- </children>
- </node>
- <node name="dhcpv6-options">
- <properties>
- <help>DHCPv6 options</help>
- <priority>319</priority>
- </properties>
- <children>
- <leafNode name="parameters-only">
- <properties>
- <help>Acquire only config parameters, no address</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="temporary">
- <properties>
- <help>IPv6 "temporary" address</help>
- <valueless/>
- </properties>
- </leafNode>
- </children>
- </node>
+ #include <include/interface-description.xml.i>
+ #include <include/dhcp-dhcpv6-options.xml.i>
<leafNode name="disable-broadcast-ssid">
<properties>
<help>Disable broadcast of SSID from access-point</help>
</properties>
</leafNode>
- <leafNode name="disable-link-detect">
- <properties>
- <help>Ignore link state changes</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="disable">
- <properties>
- <help>Disable this bridge interface</help>
- <valueless/>
- </properties>
- </leafNode>
+ #include <include/interface-disable-link-detect.xml.i>
+ #include <include/interface-disable.xml.i>
<leafNode name="expunge-failing-stations">
<properties>
<help>Disassociate stations based on excessive transmission failures</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="hw-id">
<properties>
<help>Media Access Control (MAC) address</help>
<valueHelp>
<format>h:h:h:h:h:h</format>
<description>Hardware (MAC) address</description>
</valueHelp>
<constraint>
<validator name="mac-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="isolate-stations">
<properties>
<help>Isolate stations on the AP so they cannot see each other</help>
<valueless/>
</properties>
</leafNode>
- <leafNode name="mac">
- <properties>
- <help>Media Access Control (MAC) address</help>
- <valueHelp>
- <format>h:h:h:h:h:h</format>
- <description>Hardware (MAC) address</description>
- </valueHelp>
- <constraint>
- <validator name="mac-address"/>
- </constraint>
- </properties>
- </leafNode>
+ #include <include/interface-mac.xml.i>
<leafNode name="max-stations">
<properties>
<help>Maximum number of wireless radio stations. Excess stations will be rejected upon authentication request.</help>
<valueHelp>
<format><1-2007></format>
<description>Number of allowed stations</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 1-2007"/>
</constraint>
<constraintErrorMessage>Number of stations must be between 1 and 2007</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="mgmt-frame-protection">
<properties>
<help>Management Frame Protection (MFP) according to IEEE 802.11w</help>
<completionHelp>
<list>disabled optional required</list>
</completionHelp>
<valueHelp>
<format>disabled</format>
<description>no MFP (hostapd default)</description>
</valueHelp>
<valueHelp>
<format>optional</format>
<description>MFP optional</description>
</valueHelp>
<valueHelp>
<format>required</format>
<description>MFP enforced</description>
</valueHelp>
<constraint>
<regex>(disabled|optional|required)</regex>
</constraint>
</properties>
</leafNode>
<leafNode name="mode">
<properties>
<help>Wireless radio mode</help>
<completionHelp>
<list>a b g n ac</list>
</completionHelp>
<valueHelp>
<format>a</format>
<description>802.11a - 54 Mbits/sec</description>
</valueHelp>
<valueHelp>
<format>b</format>
<description>802.11b - 11 Mbits/sec</description>
</valueHelp>
<valueHelp>
<format>g</format>
<description>802.11g - 54 Mbits/sec (default)</description>
</valueHelp>
<valueHelp>
<format>n</format>
<description>802.11n - 600 Mbits/sec</description>
</valueHelp>
<valueHelp>
<format>ac</format>
<description>802.11ac - 1300 Mbits/sec</description>
</valueHelp>
<constraint>
<regex>(a|b|g|n|ac)</regex>
</constraint>
</properties>
</leafNode>
<leafNode name="physical-device">
<properties>
<help>Wireless physical device</help>
<completionHelp>
<script>${vyos_completion_dir}/list_wireless_phys.sh</script>
</completionHelp>
</properties>
</leafNode>
<leafNode name="reduce-transmit-power">
<properties>
<help>Transmission power reduction in dBm</help>
<valueHelp>
<format><0-255></format>
<description>TX power reduction in dBm</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 0-255"/>
</constraint>
<constraintErrorMessage>dBm value must be between 0 and 255</constraintErrorMessage>
</properties>
</leafNode>
<node name="security">
<properties>
<help>Wireless security settings</help>
</properties>
<children>
<node name="wep">
<properties>
<help>Wired Equivalent Privacy (WEP) parameters</help>
</properties>
<children>
<leafNode name="key">
<properties>
<help>WEP encryption key</help>
<valueHelp>
<format><hexdigits></format>
<description>Wired Equivalent Privacy key</description>
</valueHelp>
<constraint>
<regex>([a-fA-F0-9]{10}|[a-fA-F0-9]{26}|[a-fA-F0-9]{32})</regex>
</constraint>
<constraintErrorMessage>Invalid WEP key</constraintErrorMessage>
<multi/>
</properties>
</leafNode>
</children>
</node>
<node name="wpa">
<properties>
<help>Wifi Protected Access (WPA) parameters</help>
</properties>
<children>
<leafNode name="cipher">
<properties>
<help>Cipher suite for WPA</help>
<completionHelp>
<list>TKIP CCMP</list>
</completionHelp>
<valueHelp>
<format>CCMP</format>
<description>AES in Counter mode with CBC-MAC [RFC 3610, IEEE 802.11i/D7.0]</description>
</valueHelp>
<valueHelp>
<format>TKIP</format>
<description>Temporal Key Integrity Protocol [IEEE 802.11i/D7.0]</description>
</valueHelp>
<constraint>
<regex>(CCMP|TKIP)</regex>
</constraint>
<constraintErrorMessage>Invalid WEP key</constraintErrorMessage>
<multi/>
</properties>
</leafNode>
<leafNode name="mode">
<properties>
<help>WPA mode</help>
<completionHelp>
<list>wpa wpa2 both</list>
</completionHelp>
<valueHelp>
<format>wpa</format>
<description>WPA (IEEE 802.11i/D3.0)</description>
</valueHelp>
<valueHelp>
<format>wpa2</format>
<description>WPA2 (full IEEE 802.11i/RSN)</description>
</valueHelp>
<valueHelp>
<format>both</format>
<description>Allow both WPA and WPA2</description>
</valueHelp>
<constraint>
<regex>(wpa|wpa2|both)</regex>
</constraint>
<constraintErrorMessage>Unknown WPA mode</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="passphrase">
<properties>
<help>WPA personal shared pass phrase. If you are
using special characters in the WPA passphrase then single
quotes are required.</help>
<valueHelp>
<format><text></format>
<description>Passphrase of at least 8 but not more than 63 printable characters</description>
</valueHelp>
<constraint>
<regex>.{8,63}$</regex>
</constraint>
<constraintErrorMessage>Invalid WPA pass phrase, must be 8 to 63 printable characters!</constraintErrorMessage>
</properties>
</leafNode>
<node name="radius">
<properties>
<help>RADIUS specific configuration</help>
</properties>
<children>
<leafNode name="source-address">
<properties>
<help>RADIUS client forced local IP address</help>
<valueHelp>
<format>ipv4</format>
<description>IPv4 address of RADIUS server</description>
</valueHelp>
</properties>
</leafNode>
<tagNode name="server">
<properties>
<help>IP address of RADIUS server</help>
<valueHelp>
<format>ipv4</format>
<description>IPv4 address of RADIUS server</description>
</valueHelp>
</properties>
<children>
<leafNode name="accounting">
<properties>
<help>Enable RADIUS server to receive accounting info</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="port">
<properties>
<help>RADIUS server port (default: 1812)</help>
<valueHelp>
<format>1-65535</format>
<description>RADIUS server port</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 1-65535"/>
</constraint>
</properties>
</leafNode>
<leafNode name="key">
<properties>
<help>RADIUS shared secret key</help>
</properties>
</leafNode>
</children>
</tagNode>
</children>
</node>
</children>
</node>
</children>
</node>
<leafNode name="ssid">
<properties>
<help>Wireless access-point service set identifier (SSID)</help>
<constraint>
<regex>.{1,32}$</regex>
</constraint>
<constraintErrorMessage>Invalid SSID</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="type">
<properties>
<help>Wireless device type for this interface</help>
<completionHelp>
<list>access-point station monitor</list>
</completionHelp>
<valueHelp>
<format>access-point</format>
<description>Access-point forwards packets between other nodes</description>
</valueHelp>
<valueHelp>
<format>station</format>
<description>Connects to another access point</description>
</valueHelp>
<valueHelp>
<format>monitor</format>
<description>Passively monitor all packets on the frequency/channel</description>
</valueHelp>
<constraint>
<regex>(access-point|station|monitor)</regex>
</constraint>
<constraintErrorMessage>Type must be access-point, station or monitor</constraintErrorMessage>
</properties>
</leafNode>
- <tagNode name="vif">
- <properties>
- <help>Virtual Local Area Network (VLAN) ID</help>
- <constraint>
- <validator name="numeric" argument="--range 0-4094"/>
- </constraint>
- <constraintErrorMessage>VLAN ID must be between 0 and 4094</constraintErrorMessage>
- </properties>
- <children>
- <leafNode name="address">
- <properties>
- <help>IP address</help>
- <completionHelp>
- <list>dhcp dhcpv6</list>
- </completionHelp>
- <valueHelp>
- <format>ipv4net</format>
- <description>IPv4 address and prefix length</description>
- </valueHelp>
- <valueHelp>
- <format>ipv6net</format>
- <description>IPv6 address and prefix length</description>
- </valueHelp>
- <valueHelp>
- <format>dhcp</format>
- <description>Dynamic Host Configuration Protocol</description>
- </valueHelp>
- <valueHelp>
- <format>dhcpv6</format>
- <description>Dynamic Host Configuration Protocol for IPv6</description>
- </valueHelp>
- <constraint>
- <validator name="ip-cidr"/>
- <regex>(dhcp|dhcpv6)</regex>
- </constraint>
- <multi/>
- </properties>
- </leafNode>
- <leafNode name="description">
- <properties>
- <help>Interface description</help>
- <constraint>
- <regex>^.{1,256}$</regex>
- </constraint>
- <constraintErrorMessage>Interface description too long (limit 256 characters)</constraintErrorMessage>
- </properties>
- </leafNode>
- <node name="dhcpv6-options">
- <properties>
- <help>DHCPv6 options</help>
- </properties>
- <children>
- <leafNode name="parameters-only">
- <properties>
- <help>Acquire only config parameters, no address</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="temporary">
- <properties>
- <help>IPv6 "temporary" address</help>
- <valueless/>
- </properties>
- </leafNode>
- </children>
- </node>
- <leafNode name="disable-link-detect">
- <properties>
- <help>Ignore link state changes</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="disable">
- <properties>
- <help>Disable this bridge interface</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="mac">
- <properties>
- <help>Media Access Control (MAC) address</help>
- <valueHelp>
- <format>h:h:h:h:h:h</format>
- <description>Hardware (MAC) address</description>
- </valueHelp>
- <constraint>
- <validator name="mac-address"/>
- </constraint>
- </properties>
- </leafNode>
- </children>
- </tagNode>
+ #include <include/vif.xml.i>
</children>
</tagNode>
</children>
</node>
<node name="system">
<children>
<leafNode name="wifi-regulatory-domain" owner="${vyos_conf_scripts_dir}/system-wifi-regdom.py">
<properties>
<help>Wireless regulatory domain (mandatory)</help>
<priority>305</priority>
<completionHelp>
<list>US EU JP DE UK CN</list>
</completionHelp>
<valueHelp>
<format><code%gt;</format>
<description>Country code (ISO/IEC 3166-1)</description>
</valueHelp>
<constraint>
<regex>[A-Z][A-Z]$</regex>
</constraint>
<constraintErrorMessage>invalid country code</constraintErrorMessage>
</properties>
</leafNode>
</children>
</node>
</interfaceDefinition>
diff --git a/interface-definitions/ipoe-server.xml b/interface-definitions/ipoe-server.xml.in
similarity index 99%
rename from interface-definitions/ipoe-server.xml
rename to interface-definitions/ipoe-server.xml.in
index 48f3e0fd9..5fee02614 100644
--- a/interface-definitions/ipoe-server.xml
+++ b/interface-definitions/ipoe-server.xml.in
@@ -1,378 +1,378 @@
<?xml version="1.0"?>
<interfaceDefinition>
<node name="service">
<children>
<node name="ipoe-server" owner="${vyos_conf_scripts_dir}/ipoe_server.py">
<properties>
<help>Internet Protocol over Ethernet (IPoE) Server</help>
<priority>900</priority>
</properties>
<children>
<tagNode name="interface">
<properties>
<help>Network interface to server IPoE</help>
<completionHelp>
<script>${vyos_completion_dir}/list_interfaces.py</script>
</completionHelp>
</properties>
<children>
<leafNode name="network-mode">
<properties>
<help>Network Layer IPoE serves on</help>
<completionHelp>
<list>L2 L3</list>
</completionHelp>
<constraint>
<regex>^(L2|L3)</regex>
</constraint>
<valueHelp>
<format>L2</format>
<description>client share the same subnet</description>
</valueHelp>
<valueHelp>
<format>L3</format>
<description>clients are behind this router</description>
</valueHelp>
</properties>
</leafNode>
<leafNode name="network">
<properties>
<help>Enables clients to share the same network or each client has its own vlan</help>
<completionHelp>
<list>shared vlan</list>
</completionHelp>
<constraint>
<regex>^(shared|vlan)</regex>
</constraint>
<valueHelp>
<format>shared</format>
<description>Multiple clients share the same network</description>
</valueHelp>
<valueHelp>
<format>vlan</format>
<description>One VLAN per client</description>
</valueHelp>
</properties>
</leafNode>
<leafNode name="client-subnet">
<properties>
<help>Client address pool</help>
<valueHelp>
<format>ipv4net</format>
<description>IPv4 address and prefix length</description>
</valueHelp>
<constraint>
<validator name="ipv4-prefix"/>
</constraint>
</properties>
</leafNode>
<node name="external-dhcp">
<properties>
<help>DHCP requests will be forwarded</help>
</properties>
<children>
<leafNode name="dhcp-relay">
<properties>
<help>DHCP Server the request will be redirected to.</help>
<valueHelp>
<format>ipv4</format>
<description>IPv4 address of the DHCP Server</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="giaddr">
<properties>
<help>address of the relay agent (Relay Agent IP Address)</help>
</properties>
</leafNode>
</children>
</node>
<leafNode name="vlan-id">
<properties>
<help>VLAN monitor for the automatic creation of vlans (user per vlan)</help>
<constraint>
<validator name="numeric" argument="--range 1-4096"/>
</constraint>
<constraintErrorMessage>VLAN ID needs to be between 1 and 4096</constraintErrorMessage>
<multi/>
</properties>
</leafNode>
<leafNode name="vlan-range">
<properties>
<help>VLAN monitor for the automatic creation of vlans (user per vlan)</help>
<constraint>
<regex>(409[0-6]|40[0-8][0-9]|[1-3][0-9]{3}|[1-9][0-9]{0,2})-(409[0-6]|40[0-8][0-9]|[1-3][0-9]{3}|[1-9][0-9]{0,2})</regex>
</constraint>
<multi/>
</properties>
</leafNode>
</children>
</tagNode>
<node name="dns-server">
<properties>
<help>DNS servers offered via internal DHCP</help>
</properties>
<children>
<leafNode name="server-1">
<properties>
<help>IP address of the primary DNS server</help>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="server-2">
<properties>
<help>IP address of the secondary DNS server</help>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
</children>
</node>
<node name="dnsv6-server">
<properties>
<help>DNSv6 servers offered via internal DHCPv6</help>
</properties>
<children>
<leafNode name="server-1">
<properties>
<help>IP address of the primary DNS server</help>
<constraint>
<validator name="ipv6-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="server-2">
<properties>
<help>IP address of the secondary DNS server</help>
<constraint>
<validator name="ipv6-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="server-3">
<properties>
<help>IP address of the tertiary DNS server</help>
<constraint>
<validator name="ipv6-address"/>
</constraint>
</properties>
</leafNode>
</children>
</node>
<node name="client-ipv6-pool">
<properties>
<help>Pool of client IPv6 addresses</help>
</properties>
<children>
<leafNode name="prefix">
<properties>
<help>Format: ipv6prefix/mask,prefix_len (e.g.: fc00:0:1::/48,64 - divides prefix into /64 subnets for clients)</help>
<multi/>
</properties>
</leafNode>
<leafNode name="delegate-prefix">
<properties>
<help>Format: ipv6prefix/mask,prefix_len (delegates prefix to clients via DHCPv6 prefix delegation</help>
<multi/>
</properties>
</leafNode>
</children>
</node>
<node name="authentication">
<properties>
<help>Client authentication methods</help>
</properties>
<children>
<leafNode name="mode">
<properties>
<help>Authetication mode</help>
<completionHelp>
<list>local radius noauth</list>
</completionHelp>
<constraint>
<regex>^(local|radius|noauth)</regex>
</constraint>
<valueHelp>
<format>local</format>
<description>Authentication based on local definition</description>
</valueHelp>
<valueHelp>
<format>radius</format>
<description>Authentication based on a RADIUS server</description>
</valueHelp>
<valueHelp>
<format>noauth</format>
<description>Authentication disabled</description>
</valueHelp>
</properties>
</leafNode>
<tagNode name="interface">
<properties>
<help>Network interface the client mac will appear on</help>
<completionHelp>
<script>${vyos_completion_dir}/list_interfaces.py</script>
</completionHelp>
</properties>
<children>
<tagNode name="mac-address">
<properties>
<help>Client mac address allowed to receive an IP address</help>
<valueHelp>
<format>h:h:h:h:h:h</format>
<description>Hardware (MAC) address</description>
</valueHelp>
<constraint>
<validator name="mac-address"/>
</constraint>
</properties>
<children>
<node name="rate-limit">
<properties>
<help>Upload/Download speed limits</help>
</properties>
<children>
<leafNode name="upload">
<properties>
<help>Upload bandwidth limit in kbits/sec</help>
<constraint>
<validator name="numeric" argument="--range 1-65535"/>
</constraint>
</properties>
</leafNode>
<leafNode name="download">
<properties>
<help>Download bandwidth limit in kbits/sec</help>
<constraint>
<validator name="numeric" argument="--range 1-65535"/>
</constraint>
</properties>
</leafNode>
</children>
</node>
<leafNode name="vlan-id">
<properties>
<help>VLAN-ID of the client network</help>
<constraint>
<validator name="numeric" argument="--range 1-4096"/>
</constraint>
<constraintErrorMessage>VLAN ID needs to be between 1 and 4096</constraintErrorMessage>
</properties>
</leafNode>
</children>
</tagNode>
</children>
</tagNode>
<tagNode name="radius-server">
<properties>
<help>IP address of RADIUS server</help>
<valueHelp>
<format>ipv4</format>
<description>IP address of RADIUS server</description>
</valueHelp>
</properties>
<children>
<leafNode name="secret">
<properties>
<help>Key for accessing the specified server</help>
</properties>
</leafNode>
<leafNode name="req-limit">
<properties>
<help>Maximum number of simultaneous requests to server (default: unlimited)</help>
</properties>
</leafNode>
<leafNode name="fail-time">
<properties>
- <help>If server doesn't responds mark it as unavailable for this amount of time in seconds</help>
+ <help>If server does not respond, mark it unavailable for this time (seconds)</help>
</properties>
</leafNode>
</children>
</tagNode>
<node name="radius-settings">
<properties>
<help>RADIUS settings</help>
</properties>
<children>
<leafNode name="timeout">
<properties>
<help>Timeout to wait response from server (seconds)</help>
</properties>
</leafNode>
<leafNode name="acct-timeout">
<properties>
<help>Timeout to wait reply for Interim-Update packets. (default 3 seconds)</help>
</properties>
</leafNode>
<leafNode name="max-try">
<properties>
<help>Maximum number of tries to send Access-Request/Accounting-Request queries</help>
</properties>
</leafNode>
<leafNode name="nas-identifier">
<properties>
<help>Value to send to RADIUS server in NAS-Identifier attribute and to be matched in DM/CoA requests.</help>
</properties>
</leafNode>
<leafNode name="nas-ip-address">
<properties>
<help>Value to send to RADIUS server in NAS-IP-Address attribute and to be matched in DM/CoA requests. Also DM/CoA server will bind to that address.</help>
<valueHelp>
<format>ipv4</format>
<description>IPv4 address of the DAE Server</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<node name="dae-server">
<properties>
<help>IPv4 address and port to bind Dynamic Authorization Extension server (DM/CoA)</help>
</properties>
<children>
<leafNode name="ip-address">
<properties>
<help>IP address for Dynamic Authorization Extension server (DM/CoA)</help>
<valueHelp>
<format>ipv4</format>
<description>IPv4 address of the DAE Server</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="port">
<properties>
<help>Port for Dynamic Authorization Extension server (DM/CoA)</help>
<valueHelp>
<format>1-65535</format>
<description>port number</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 1-65535"/>
</constraint>
</properties>
</leafNode>
<leafNode name="secret">
<properties>
<help>Secret for Dynamic Authorization Extension server (DM/CoA)</help>
</properties>
</leafNode>
</children>
</node>
</children>
</node>
</children>
</node>
</children>
</node>
</children>
</node>
</interfaceDefinition>
diff --git a/interface-definitions/ipsec-settings.xml b/interface-definitions/ipsec-settings.xml.in
similarity index 100%
rename from interface-definitions/ipsec-settings.xml
rename to interface-definitions/ipsec-settings.xml.in
diff --git a/interface-definitions/l2tp-server.xml b/interface-definitions/l2tp-server.xml.in
similarity index 99%
rename from interface-definitions/l2tp-server.xml
rename to interface-definitions/l2tp-server.xml.in
index e76b92b23..4e3a49b24 100644
--- a/interface-definitions/l2tp-server.xml
+++ b/interface-definitions/l2tp-server.xml.in
@@ -1,586 +1,586 @@
<?xml version="1.0"?>
<interfaceDefinition>
<node name="vpn">
<children>
<node name="l2tp" owner="${vyos_conf_scripts_dir}/accel_l2tp.py">
<properties>
<help>L2TP Virtual Private Network (VPN)</help>
</properties>
<children>
<node name="remote-access">
<properties>
<help>Remote access L2TP VPN</help>
</properties>
<children>
<leafNode name="mtu">
<properties>
<help>Maximum Transmission Unit (MTU)</help>
<constraint>
<validator name="numeric" argument="--range 128-16384"/>
</constraint>
</properties>
</leafNode>
<leafNode name="outside-address">
<properties>
<help>External IP address to which VPN clients will connect</help>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="outside-nexthop">
<properties>
<help>Nexthop IP address for reaching the VPN clients</help>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<node name="dns-servers">
<properties>
<help>IPv4 Domain Name Service (DNS) server</help>
</properties>
<children>
<leafNode name="server-1">
<properties>
<help>Primary DNS server</help>
<valueHelp>
<format>ipv4</format>
<description>IPv4 address</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="server-2">
<properties>
<help>Secondary DNS server</help>
<valueHelp>
<format>ipv4</format>
<description>IPv4 address</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
</children>
</node>
<leafNode name="dnsv6-servers">
<properties>
<help>IPv6 Domain Name Service (DNS) server</help>
<valueHelp>
<format>ipv6</format>
<description>IPv6 DNS address</description>
</valueHelp>
<constraint>
<validator name="ipv6-address"/>
</constraint>
<multi />
</properties>
</leafNode>
<node name="lns">
<properties>
<help>L2TP Network Server (LNS)</help>
</properties>
<children>
<leafNode name="shared-secret">
<properties>
<help>Tunnel password used to authenticate the client (LAC)</help>
</properties>
</leafNode>
</children>
</node>
<leafNode name="ccp-disable">
<properties>
<help>Disable Compression Control Protocol (CCP)</help>
<valueless />
</properties>
</leafNode>
<node name="ipsec-settings">
<properties>
<help>Internet Protocol Security (IPsec) for remote access L2TP VPN</help>
</properties>
<children>
<node name="authentication">
<properties>
<help>IPsec authentication settings</help>
</properties>
<children>
<leafNode name="mode">
<properties>
<help>Authentication mode for IPsec</help>
<valueHelp>
<format>pre-shared-secret</format>
<description>Use pre-shared secret for IPsec authentication</description>
</valueHelp>
<valueHelp>
<format>x509</format>
<description>Use X.509 certificate for IPsec authentication</description>
</valueHelp>
<constraint>
<regex>^(pre-shared-secret|x509)</regex>
</constraint>
<completionHelp>
<list>pre-shared-secret x509</list>
</completionHelp>
</properties>
</leafNode>
<leafNode name="pre-shared-secret">
<properties>
<help>Pre-shared secret for IPsec</help>
</properties>
</leafNode>
<node name="x509">
<properties>
<help>X.509 certificate</help>
</properties>
<children>
<leafNode name="ca-cert-file">
<properties>
<help>File containing the X.509 certificate for the Certificate Authority (CA)</help>
<valueHelp>
<format><text></format>
<description>File in /config/auth</description>
</valueHelp>
</properties>
</leafNode>
<leafNode name="crl-file">
<properties>
<help>File containing the X.509 Certificate Revocation List (CRL)</help>
<valueHelp>
<format><text></format>
<description>File in /config/auth</description>
</valueHelp>
</properties>
</leafNode>
<leafNode name="server-cert-file">
<properties>
<help>File containing the X.509 certificate for the remote access VPN server (this host)</help>
<valueHelp>
<format><text></format>
<description>File in /config/auth</description>
</valueHelp>
</properties>
</leafNode>
<leafNode name="server-key-file">
<properties>
<help>File containing the private key for the X.509 certificate for the remote access VPN server (this host)</help>
<valueHelp>
<format><text></format>
<description>File in /config/auth</description>
</valueHelp>
</properties>
</leafNode>
<leafNode name="server-key-password">
<properties>
<help>Password that protects the private key</help>
</properties>
</leafNode>
</children>
</node>
</children>
</node>
<leafNode name="ike-lifetime">
<properties>
<help>IKE lifetime</help>
<valueHelp>
<format><30-86400></format>
<description>IKE lifetime in seconds (default 3600)</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 30-86400"/>
</constraint>
</properties>
</leafNode>
<leafNode name="lifetime">
<properties>
<help>ESP lifetime</help>
<valueHelp>
<format><30-86400></format>
<description>IKE lifetime in seconds (default 3600)</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 30-86400"/>
</constraint>
</properties>
</leafNode>
</children>
</node>
<node name="wins-servers">
<properties>
<help>Windows Internet Name Service (WINS) server settings</help>
</properties>
<children>
<leafNode name="server-1">
<properties>
<help>Primary WINS server</help>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="server-2">
<properties>
<help>Secondary WINS server</help>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
</children>
</node>
<node name="client-ip-pool">
<properties>
<help>Pool of client IP addresses (must be within a /24)</help>
</properties>
<children>
<leafNode name="start">
<properties>
<help>First IP address in the pool (will be used as gateway address)</help>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="stop">
<properties>
<help>Last IP address in the pool</help>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="subnet">
<properties>
<help>Client IP subnet (CIDR notation)</help>
<constraint>
<validator name="ipv4-prefix"/>
</constraint>
<constraintErrorMessage>Not a valid CIDR formatted prefix</constraintErrorMessage>
<valueHelp>
<format>ipv4net</format>
<description>IPv4 subnet address</description>
</valueHelp>
<multi />
</properties>
</leafNode>
</children>
</node>
<node name="client-ipv6-pool">
<properties>
<help>Pool of client IPv6 addresses</help>
</properties>
<children>
<leafNode name="prefix">
<properties>
<help>IPV6 prefix delegation</help>
<valueHelp>
<format>ipv6prefix/mask,prefix_len</format>
<description>e.g.: fc00:0:1::/48,64 - divides prefix into /64 subnets for clients</description>
</valueHelp>
<multi />
</properties>
</leafNode>
<leafNode name="delegate-prefix">
<properties>
<help>DHCPv6 prefix delegation - rfc3633</help>
<valueHelp>
<format>ipv6prefix/mask,prefix_len</format>
<description>Delegate to clients through DHCPv6 prefix delegation - rfc3633</description>
</valueHelp>
<multi />
</properties>
</leafNode>
</children>
</node>
<leafNode name="description">
<properties>
<help>Description for L2TP remote-access settings</help>
</properties>
</leafNode>
<leafNode name="dhcp-interface">
<properties>
<help>DHCP interface to listen on</help>
</properties>
</leafNode>
<leafNode name="idle">
<properties>
<help>PPP idle timeout</help>
<valueHelp>
<format><30-86400></format>
<description>PPP idle timeout in seconds (default 1800)</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 30-86400"/>
</constraint>
</properties>
</leafNode>
<node name="authentication">
<properties>
<help>Authentication for remote access L2TP VPN</help>
</properties>
<children>
<leafNode name="require">
<properties>
<help>Authentication protocol for remote access peer L2TP VPN</help>
<valueHelp>
<format>pap</format>
<description>Require the peer to authenticate itself using PAP [Password Authentication Protocol].</description>
</valueHelp>
<valueHelp>
<format>chap</format>
<description>Require the peer to authenticate itself using CHAP [Challenge Handshake Authentication Protocol].</description>
</valueHelp>
<valueHelp>
<format>mschap</format>
<description>Require the peer to authenticate itself using CHAP [Challenge Handshake Authentication Protocol].</description>
</valueHelp>
<valueHelp>
<format>mschap-v2</format>
<description>Require the peer to authenticate itself using MS-CHAPv2 [Microsoft Challenge Handshake Authentication Protocol, Version 2].</description>
</valueHelp>
<constraint>
<regex>^(pap|chap|mschap|mschap-v2)</regex>
</constraint>
<completionHelp>
<list>pap chap mschap mschap-v2</list>
</completionHelp>
<multi />
</properties>
</leafNode>
<leafNode name="mppe">
<properties>
<help>Specifies mppe negotioation preference. (default require mppe 128-bit stateless</help>
<valueHelp>
<format>deny</format>
<description>deny mppe</description>
</valueHelp>
<valueHelp>
<format>prefer</format>
- <description>ask client for mppe, if it rejects don't fail</description>
+ <description>Ask client for mppe, if it rejects do not fail</description>
</valueHelp>
<valueHelp>
<format>require</format>
<description>ask client for mppe, if it rejects drop connection</description>
</valueHelp>
<constraint>
<regex>^(deny|prefer|require)</regex>
</constraint>
<completionHelp>
<list>deny prefer require</list>
</completionHelp>
</properties>
</leafNode>
<leafNode name="mode">
<properties>
<help>Authentication mode for remote access L2TP VPN</help>
<valueHelp>
<format>local</format>
<description>Use local username/password configuration</description>
</valueHelp>
<valueHelp>
<format>radius</format>
<description>Use a RADIUS server to autenticate users</description>
</valueHelp>
<constraint>
<regex>^(local|radius)</regex>
</constraint>
<completionHelp>
<list>local radius</list>
</completionHelp>
</properties>
</leafNode>
<node name="local-users">
<properties>
<help>Local user authentication for remote access L2TP VPN</help>
</properties>
<children>
<tagNode name="username">
<properties>
<help>User name for authentication</help>
</properties>
<children>
<leafNode name="disable">
<properties>
<help>Option to disable a L2TP Server user</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="password">
<properties>
<help>Password for authentication</help>
</properties>
</leafNode>
<leafNode name="static-ip">
<properties>
<help>Static client IP address</help>
</properties>
</leafNode>
<node name="rate-limit">
<properties>
<help>Upload/Download speed limits</help>
</properties>
<children>
<leafNode name="upload">
<properties>
<help>Upload bandwidth limit in kbits/sec</help>
<constraint>
<validator name="numeric" argument="--range 1-65535"/>
</constraint>
</properties>
</leafNode>
<leafNode name="download">
<properties>
<help>Download bandwidth limit in kbits/sec</help>
<constraint>
<validator name="numeric" argument="--range 1-65535"/>
</constraint>
</properties>
</leafNode>
</children>
</node>
</children>
</tagNode>
</children>
</node>
<node name="radius">
<properties>
<help>RADIUS specific configuration</help>
</properties>
<children>
<tagNode name="server">
<properties>
<help>IP address of RADIUS server</help>
<valueHelp>
<format>ipv4</format>
<description>IPv4 address of RADIUS server</description>
</valueHelp>
</properties>
<children>
<leafNode name="key">
<properties>
<help>Key for accessing the specified server</help>
</properties>
</leafNode>
<leafNode name="req-limit">
<properties>
<help>Maximum number of simultaneous requests to server (default: unlimited)</help>
</properties>
</leafNode>
<leafNode name="fail-time">
<properties>
- <help>If server doesn't responds mark it as unavailable for this amount of time in seconds</help>
+ <help>If server doesn not responds mark it unavailable for this time (seconds)</help>
</properties>
</leafNode>
</children>
</tagNode>
<leafNode name="source-address">
<properties>
<help>Local RADIUS client address from which packets are sent.</help>
<valueHelp>
<format><x.x.x.x></format>
<description>Local RADIUS client address from which packets are sent</description>
</valueHelp>
</properties>
</leafNode>
<leafNode name="timeout">
<properties>
<help>Timeout to wait response from server (seconds)</help>
</properties>
</leafNode>
<leafNode name="acct-timeout">
<properties>
<help>Timeout to wait reply for Interim-Update packets. (default 3 seconds)</help>
</properties>
</leafNode>
<leafNode name="max-try">
<properties>
<help>Maximum number of tries to send Access-Request/Accounting-Request queries</help>
</properties>
</leafNode>
<leafNode name="nas-identifier">
<properties>
<help>Value to send to RADIUS server in NAS-Identifier attribute and to be matched in DM/CoA requests.</help>
</properties>
</leafNode>
<node name="dae-server">
<properties>
<help>IPv4 address and port to bind Dynamic Authorization Extension server (DM/CoA)</help>
</properties>
<children>
<leafNode name="ip-address">
<properties>
<help>IP address for Dynamic Authorization Extension server (DM/CoA)</help>
</properties>
</leafNode>
<leafNode name="port">
<properties>
<help>Port for Dynamic Authorization Extension server (DM/CoA)</help>
</properties>
</leafNode>
<leafNode name="secret">
<properties>
<help>Secret for Dynamic Authorization Extension server (DM/CoA)</help>
</properties>
</leafNode>
</children>
</node>
<node name="rate-limit">
<properties>
<help>Upload/Download speed limits</help>
</properties>
<children>
<leafNode name="attribute">
<properties>
<help>Specifies which radius attribute contains rate information. (default is Filter-Id)</help>
</properties>
</leafNode>
<leafNode name="vendor">
<properties>
<help>Specifies the vendor dictionary. (dictionary needs to be in /usr/share/accel-ppp/radius)</help>
</properties>
</leafNode>
<leafNode name="enable">
<properties>
<help>Enables Bandwidth shaping via RADIUS</help>
<valueless />
</properties>
</leafNode>
</children>
</node>
</children>
</node>
</children>
</node>
<node name="ppp-options">
<properties>
<help>Advanced protocol options</help>
</properties>
<children>
<leafNode name="lcp-echo-interval">
<properties>
<help>LCP echo-requests/sec</help>
<constraint>
<validator name="numeric" argument="--positive"/>
</constraint>
</properties>
</leafNode>
<leafNode name="lcp-echo-failure">
<properties>
<help>Maximum number of Echo-Requests may be sent without valid reply</help>
<constraint>
<validator name="numeric" argument="--positive"/>
</constraint>
</properties>
</leafNode>
</children>
</node>
</children>
</node>
</children>
</node>
</children>
</node>
</interfaceDefinition>
diff --git a/interface-definitions/mdns-repeater.xml b/interface-definitions/mdns-repeater.xml.in
similarity index 100%
rename from interface-definitions/mdns-repeater.xml
rename to interface-definitions/mdns-repeater.xml.in
diff --git a/interface-definitions/ntp.xml b/interface-definitions/ntp.xml.in
similarity index 100%
rename from interface-definitions/ntp.xml
rename to interface-definitions/ntp.xml.in
diff --git a/interface-definitions/pppoe-server.xml b/interface-definitions/pppoe-server.xml.in
similarity index 98%
rename from interface-definitions/pppoe-server.xml
rename to interface-definitions/pppoe-server.xml.in
index c2feef65b..6e99c2fd7 100644
--- a/interface-definitions/pppoe-server.xml
+++ b/interface-definitions/pppoe-server.xml.in
@@ -1,616 +1,616 @@
<?xml version="1.0"?>
<interfaceDefinition>
<node name="service">
<children>
<node name="pppoe-server" owner="${vyos_conf_scripts_dir}/accel_pppoe.py">
<properties>
<help>Point to Point over Ethernet (PPPoE) Server</help>
<priority>900</priority>
</properties>
<children>
<node name="snmp">
<properties>
<help>Enable SNMP</help>
</properties>
<children>
<leafNode name="master-agent">
<properties>
<help>enable SNMP master agent mode</help>
<valueless />
</properties>
</leafNode>
</children>
</node>
<leafNode name="access-concentrator">
<properties>
<help>Access concentrator name</help>
<constraint>
<regex>^[a-zA-Z0-9]{1,100}</regex>
</constraint>
<constraintErrorMessage>access-concentrator name limited to alphanumerical characters only (max. 100)</constraintErrorMessage>
- </properties>
+ </properties>
</leafNode>
<node name="authentication">
<properties>
<help>Authentication for remote access PPPoE Server</help>
</properties>
<children>
<node name="local-users">
<properties>
<help>Local user authentication for PPPoE server</help>
</properties>
<children>
<tagNode name="username">
<properties>
<help>User name for authentication</help>
</properties>
<children>
<leafNode name="disable">
<properties>
<help>Option to disable a PPPoE Server user</help>
</properties>
</leafNode>
<leafNode name="password">
<properties>
<help>Password for authentication</help>
</properties>
</leafNode>
<leafNode name="static-ip">
<properties>
<help>Static client IP address</help>
</properties>
</leafNode>
<node name="rate-limit">
<properties>
<help>Upload/Download speed limits</help>
</properties>
<children>
<leafNode name="upload">
<properties>
<help>Upload bandwidth limit in kbits/sec</help>
<constraint>
<validator name="numeric" argument="--range 1-65535"/>
</constraint>
</properties>
</leafNode>
<leafNode name="download">
<properties>
<help>Download bandwidth limit in kbits/sec</help>
<constraint>
<validator name="numeric" argument="--range 1-65535"/>
</constraint>
</properties>
</leafNode>
</children>
</node>
</children>
</tagNode>
</children>
</node>
<leafNode name="mode">
<properties>
<help>Authentication mode for PPPoE Server</help>
<valueHelp>
<format>local</format>
<description>Use local username/password configuration</description>
</valueHelp>
<valueHelp>
<format>radius</format>
<description>Use a RADIUS server to autenticate users</description>
</valueHelp>
<constraint>
<regex>^(local|radius)</regex>
</constraint>
<completionHelp>
<list>local radius</list>
</completionHelp>
</properties>
</leafNode>
<tagNode name="radius-server">
<properties>
<help>IP address of RADIUS server</help>
<valueHelp>
<format>ipv4</format>
<description>IP address of RADIUS server</description>
</valueHelp>
</properties>
<children>
<leafNode name="secret">
<properties>
<help>Key for accessing the specified server</help>
</properties>
</leafNode>
<leafNode name="req-limit">
<properties>
<help>Maximum number of simultaneous requests to server (default: unlimited)</help>
</properties>
</leafNode>
<leafNode name="fail-time">
<properties>
- <help>If server doesn't responds mark it as unavailable for this amount of time in seconds</help>
+ <help>If server does not responds mark it as unavailable for this amount of time in seconds</help>
</properties>
</leafNode>
</children>
</tagNode>
<node name="radius-settings">
<properties>
<help>RADIUS settings</help>
</properties>
<children>
<leafNode name="timeout">
<properties>
<help>Timeout to wait response from server (seconds)</help>
</properties>
</leafNode>
<leafNode name="acct-timeout">
<properties>
<help>Timeout to wait reply for Interim-Update packets. (default 3 seconds)</help>
</properties>
</leafNode>
<leafNode name="max-try">
<properties>
<help>Maximum number of tries to send Access-Request/Accounting-Request queries</help>
</properties>
</leafNode>
<leafNode name="nas-identifier">
<properties>
<help>Value to send to RADIUS server in NAS-Identifier attribute and to be matched in DM/CoA requests.</help>
</properties>
</leafNode>
<leafNode name="nas-ip-address">
<properties>
<help>Value to send to RADIUS server in NAS-IP-Address attribute and to be matched in DM/CoA requests. Also DM/CoA server will bind to that address.</help>
</properties>
</leafNode>
<node name="dae-server">
<properties>
<help>IPv4 address and port to bind Dynamic Authorization Extension server (DM/CoA)</help>
</properties>
<children>
<leafNode name="ip-address">
<properties>
<help>IP address for Dynamic Authorization Extension server (DM/CoA)</help>
</properties>
</leafNode>
<leafNode name="port">
<properties>
<help>Port for Dynamic Authorization Extension server (DM/CoA)</help>
</properties>
</leafNode>
<leafNode name="secret">
<properties>
<help>Secret for Dynamic Authorization Extension server (DM/CoA)</help>
</properties>
</leafNode>
</children>
</node>
<node name="rate-limit">
<properties>
<help>Upload/Download speed limits</help>
</properties>
<children>
<leafNode name="attribute">
<properties>
<help>Specifies which radius attribute contains rate information. (default is Filter-Id)</help>
</properties>
</leafNode>
<leafNode name="vendor">
<properties>
<help>Specifies the vendor dictionary. (dictionary needs to be in /usr/share/accel-ppp/radius)</help>
</properties>
</leafNode>
<leafNode name="enable">
<properties>
<help>Enables Bandwidth shaping via RADIUS</help>
<valueless />
</properties>
</leafNode>
</children>
</node>
</children>
</node>
</children>
</node>
<node name="client-ip-pool">
<properties>
<help>Pool of client IP addresses (must be within a /24)</help>
</properties>
<children>
<leafNode name="start">
<properties>
<help>First IP address in the pool</help>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="stop">
<properties>
<help>Last IP address in the pool</help>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="subnet">
<properties>
<help>Client IP subnet (CIDR notation)</help>
<constraint>
<validator name="ipv4-prefix"/>
</constraint>
<constraintErrorMessage>Not a valid CIDR formatted prefix</constraintErrorMessage>
<multi />
</properties>
</leafNode>
</children>
</node>
<node name="client-ipv6-pool">
<properties>
<help>Pool of client IPv6 addresses</help>
</properties>
<children>
<leafNode name="prefix">
<properties>
<help>Format: ipv6prefix/mask,prefix_len (e.g.: fc00:0:1::/48,64 - divides prefix into /64 subnets for clients)</help>
<multi />
</properties>
</leafNode>
<leafNode name="delegate-prefix">
<properties>
<help>Format: ipv6prefix/mask,prefix_len (delegate to clients through DHCPv6 prefix delegation - rfc3633)</help>
<multi />
</properties>
</leafNode>
</children>
</node>
<node name="dns-servers">
<properties>
<help>IPv4 Domain Name Service (DNS) server</help>
</properties>
<children>
<leafNode name="server-1">
<properties>
<help>Primary DNS server</help>
<valueHelp>
<format>ipv4</format>
<description>IPv4 address</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="server-2">
<properties>
<help>Secondary DNS server</help>
<valueHelp>
<format>ipv4</format>
<description>IPv4 address</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
</children>
- </node>
+ </node>
<node name="dnsv6-servers">
<properties>
<help>IPv6 Domain Name Service (DNS) server</help>
</properties>
<children>
<leafNode name="server-1">
<properties>
<valueHelp>
<format>ipv6</format>
<description>IPv6 address</description>
</valueHelp>
<help>Primary DNS server</help>
<constraint>
<validator name="ipv6-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="server-2">
<properties>
<valueHelp>
<format>ipv6</format>
<description>IPv6 address</description>
</valueHelp>
<help>Secondary DNS server</help>
<constraint>
<validator name="ipv6-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="server-3">
<properties>
<valueHelp>
<format>ipv6</format>
<description>IPv6 address</description>
</valueHelp>
<help>Tertiary DNS server</help>
<constraint>
<validator name="ipv6-address"/>
</constraint>
</properties>
</leafNode>
</children>
</node>
<tagNode name="interface">
<properties>
<help>interface(s) to listen on</help>
<completionHelp>
<script>${vyos_completion_dir}/list_interfaces.py</script>
</completionHelp>
</properties>
<children>
<leafNode name="vlan-id">
<properties>
<help>VLAN monitor for the automatic creation of vlans (user per vlan)</help>
<constraint>
<validator name="numeric" argument="--range 1-4096"/>
</constraint>
<constraintErrorMessage>VLAN ID needs to be between 1 and 4096</constraintErrorMessage>
<multi />
</properties>
</leafNode>
<leafNode name="vlan-range">
<properties>
<help>VLAN monitor for the automatic creation of vlans (user per vlan)</help>
<constraint>
<regex>(409[0-6]|40[0-8][0-9]|[1-3][0-9]{3}|[1-9][0-9]{0,2})-(409[0-6]|40[0-8][0-9]|[1-3][0-9]{3}|[1-9][0-9]{0,2})</regex>
</constraint>
<multi />
</properties>
</leafNode>
</children>
</tagNode>
<leafNode name="local-ip">
<properties>
<help>local gateway address</help>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="mtu">
<properties>
<help>Maximum Transmission Unit (MTU) - default 1492</help>
<constraint>
<validator name="numeric" argument="--range 128-16384"/>
</constraint>
</properties>
</leafNode>
<node name="limits">
<properties>
<help>Limits the connection rate from a single source</help>
</properties>
<children>
<leafNode name="connection-limit">
<properties>
<help>Acceptable rate of connections (e.g. 1/min, 60/sec)</help>
<constraint>
<regex>^[0-9]+\/(min|sec)$</regex>
</constraint>
<constraintErrorMessage>illegal value</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="burst">
<properties>
<help>Burst count</help>
</properties>
</leafNode>
<leafNode name="timeout">
<properties>
<help>Timeout in seconds</help>
</properties>
</leafNode>
</children>
</node>
<leafNode name="service-name">
<properties>
<help>Service name</help>
<constraint>
<regex>^[a-zA-Z0-9\-]{1,100}</regex>
</constraint>
<constraintErrorMessage>servicename can contain aplhanumerical characters and dashes only (max. 100)</constraintErrorMessage>
</properties>
</leafNode>
<node name="wins-servers">
<properties>
<help>Windows Internet Name Service (WINS) server settings</help>
</properties>
<children>
<leafNode name="server-1">
<properties>
<help>Primary WINS server</help>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="server-2">
<properties>
<help>Secondary WINS server</help>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
</children>
</node>
<node name="ppp-options">
<properties>
<help>Advanced protocol options</help>
</properties>
<children>
<leafNode name="min-mtu">
<properties>
<help>Minimum acceptable MTU (68-65535)</help>
<constraint>
<validator name="numeric" argument="--range 68-65535"/>
</constraint>
</properties>
</leafNode>
<leafNode name="mru">
<properties>
<help>Preferred MRU (68-65535)</help>
<constraint>
<validator name="numeric" argument="--range 68-65535"/>
</constraint>
</properties>
</leafNode>
<leafNode name="ccp">
<properties>
<help>CCP negotiation (default disabled)</help>
<valueless />
</properties>
</leafNode>
<node name="mppe">
<properties>
<help>Specifies MPPE negotiation preference. (default prefer mppe)</help>
</properties>
<children>
<leafNode name="require">
<properties>
<help>Ask client for MPPE, if it rejects then drop the connection</help>
<valueless />
</properties>
</leafNode>
<leafNode name="prefer">
<properties>
- <help>Ask client for MPPE, if it rejects don't fail</help>
+ <help>Ask client for MPPE, if it rejects do not fail</help>
<valueless />
</properties>
</leafNode>
<leafNode name="deny">
<properties>
<help>Deny MPPE</help>
<valueless />
</properties>
</leafNode>
</children>
</node>
<leafNode name="lcp-echo-interval">
<properties>
<help>LCP echo-requests/sec</help>
<constraint>
<validator name="numeric" argument="--positive"/>
</constraint>
</properties>
</leafNode>
<leafNode name="lcp-echo-failure">
<properties>
<help>Maximum number of Echo-Requests may be sent without valid reply</help>
<constraint>
<validator name="numeric" argument="--positive"/>
</constraint>
</properties>
</leafNode>
<leafNode name="lcp-echo-timeout">
<properties>
<help>Timeout in seconds to wait for any peer activity. If this option specified it turns on adaptive lcp echo functionality and "lcp-echo-failure" is not used.</help>
<constraint>
<validator name="numeric" argument="--positive"/>
</constraint>
</properties>
</leafNode>
<leafNode name="ipv4">
<properties>
<help>IPv4 (IPCP) negotiation algorithm</help>
<constraint>
<regex>^(deny|allow|prefer|require)</regex>
</constraint>
<constraintErrorMessage>invalid value</constraintErrorMessage>
<valueHelp>
<format>deny</format>
- <description>Don't negotiate IPv4</description>
+ <description>Do not negotiate IPv4</description>
</valueHelp>
<valueHelp>
<format>allow</format>
<description>Negotiate IPv4 only if client requests</description>
</valueHelp>
<valueHelp>
<format>prefer</format>
- <description>Ask client for IPv4 negotiation, don't fail if it rejects</description>
+ <description>Ask client for IPv4 negotiation, do not fail if it rejects</description>
</valueHelp>
<valueHelp>
<format>require</format>
<description>Require IPv4 negotiation</description>
</valueHelp>
</properties>
</leafNode>
<leafNode name="ipv6">
<properties>
<help>IPv6 (IPCP6) negotiation algorithm</help>
<constraint>
<regex>^(deny|allow|prefer|require)</regex>
</constraint>
<constraintErrorMessage>invalid value</constraintErrorMessage>
<valueHelp>
<format>deny</format>
- <description>Don't negotiate IPv6</description>
+ <description>Do not negotiate IPv6</description>
</valueHelp>
<valueHelp>
<format>allow</format>
<description>Negotiate IPv6 only if client requests</description>
</valueHelp>
<valueHelp>
<format>prefer</format>
- <description>Ask client for IPv6 negotiation, don't fail if it rejects</description>
+ <description>Ask client for IPv6 negotiation, do not fail if it rejects</description>
</valueHelp>
<valueHelp>
<format>require</format>
<description>Require IPv6 negotiation</description>
</valueHelp>
</properties>
</leafNode>
<leafNode name="ipv6-intf-id">
<properties>
<help>Fixed or random interface identifier for IPv6</help>
<valueHelp>
<format>random</format>
<description>Random interface identifier for IPv6</description>
</valueHelp>
<valueHelp>
<format>x:x:x:x</format>
<description>specify interface identifier for IPv6</description>
</valueHelp>
</properties>
</leafNode>
<leafNode name="ipv6-peer-intf-id">
<properties>
<help>Peer interface identifier for IPv6</help>
<valueHelp>
<format>x:x:x:x</format>
<description>Interface identifier for IPv6</description>
</valueHelp>
<valueHelp>
<format>random</format>
<description>Use a random interface identifier for IPv6</description>
</valueHelp>
<valueHelp>
<format>ipv4</format>
<description>Calculate interface identifier from IPv4 address, for example 192:168:0:1</description>
</valueHelp>
<valueHelp>
<format>calling-sid</format>
<description>Calculate interface identifier from calling-station-id</description>
</valueHelp>
</properties>
</leafNode>
<leafNode name="ipv6-accept-peer-intf-id">
<properties>
- <help>Accept peer's interface identifier</help>
- <valueless />
+ <help>Accept peer interface identifier</help>
+ <valueless />
</properties>
</leafNode>
</children>
</node>
</children>
</node>
</children>
</node>
</interfaceDefinition>
diff --git a/interface-definitions/pptp-server.xml b/interface-definitions/pptp-server.xml.in
similarity index 98%
rename from interface-definitions/pptp-server.xml
rename to interface-definitions/pptp-server.xml.in
index 5d16f8b9f..3b4ea4f17 100644
--- a/interface-definitions/pptp-server.xml
+++ b/interface-definitions/pptp-server.xml.in
@@ -1,254 +1,254 @@
<?xml version="1.0"?>
<interfaceDefinition>
<node name="vpn">
<children>
<node name="pptp" owner="${vyos_conf_scripts_dir}/accel_pptp.py">
<properties>
<help>Point to Point Tunneling Protocol (PPTP) Virtual Private Network (VPN)</help>
</properties>
<children>
<node name="remote-access">
<properties>
<help>Remote access PPTP VPN</help>
</properties>
<children>
<leafNode name="mtu">
<properties>
<help>Maximum Transmission Unit (MTU)</help>
<constraint>
<validator name="numeric" argument="--range 128-16384"/>
</constraint>
</properties>
</leafNode>
<leafNode name="outside-address">
<properties>
<help>External IP address to which VPN clients will connect</help>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<node name="dns-servers">
<properties>
<help>IPv4 Domain Name Service (DNS) server</help>
</properties>
<children>
<leafNode name="server-1">
<properties>
<help>Primary DNS server</help>
<valueHelp>
<format>ipv4</format>
<description>IPv4 address</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="server-2">
<properties>
<help>Secondary DNS server</help>
<valueHelp>
<format>ipv4</format>
<description>IPv4 address</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
</children>
- </node>
+ </node>
<node name="wins-servers">
<properties>
<help>Windows Internet Name Service (WINS) server settings</help>
</properties>
<children>
<leafNode name="server-1">
<properties>
<help>Primary WINS server</help>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="server-2">
<properties>
<help>Secondary WINS server</help>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
</children>
</node>
<node name="client-ip-pool">
<properties>
<help>Pool of client IP addresses (must be within a /24)</help>
</properties>
<children>
<leafNode name="start">
<properties>
<help>First IP address in the pool (will be used as gateway address)</help>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="stop">
<properties>
<help>Last IP address in the pool</help>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
</children>
</node>
<leafNode name="gateway-address">
<properties>
<help>Gatway address uses as client tunnel termination point</help>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<node name="authentication">
<properties>
<help>Authentication for remote access PPTP VPN</help>
</properties>
<children>
<leafNode name="require">
<properties>
<help>Authentication protocol for remote access peer PPTP VPN</help>
<valueHelp>
<format>pap</format>
<description>Require the peer to authenticate itself using PAP [Password Authentication Protocol].</description>
</valueHelp>
<valueHelp>
<format>chap</format>
<description>Require the peer to authenticate itself using CHAP [Challenge Handshake Authentication Protocol].</description>
</valueHelp>
<valueHelp>
<format>mschap</format>
<description>Require the peer to authenticate itself using CHAP [Challenge Handshake Authentication Protocol].</description>
</valueHelp>
<valueHelp>
<format>mschap-v2</format>
<description>Require the peer to authenticate itself using MS-CHAPv2 [Microsoft Challenge Handshake Authentication Protocol, Version 2].</description>
</valueHelp>
</properties>
</leafNode>
<leafNode name="mppe">
<properties>
<help>Specifies mppe negotioation preference. (default require mppe 128-bit stateless</help>
<valueHelp>
<format>deny</format>
<description>deny mppe</description>
</valueHelp>
<valueHelp>
<format>prefer</format>
- <description>ask client for mppe, if it rejects don't fail</description>
+ <description>ask client for mppe, if it rejects do not fail</description>
</valueHelp>
<valueHelp>
<format>require</format>
<description>ask client for mppe, if it rejects drop connection</description>
</valueHelp>
<constraint>
<regex>^(deny|prefer|require)</regex>
</constraint>
<completionHelp>
<list>deny prefer require</list>
</completionHelp>
</properties>
</leafNode>
<leafNode name="mode">
<properties>
<help>Authentication mode for remote access PPTP VPN</help>
<valueHelp>
<format>local</format>
<description>Use local username/password configuration</description>
</valueHelp>
<valueHelp>
<format>radius</format>
<description>Use a RADIUS server to autenticate users</description>
</valueHelp>
<constraint>
<regex>^(local|radius)</regex>
</constraint>
<completionHelp>
<list>local radius</list>
</completionHelp>
</properties>
</leafNode>
<node name="local-users">
<properties>
<help>Local user authentication for remote access PPTP VPN</help>
</properties>
<children>
<tagNode name="username">
<properties>
<help>User name for authentication</help>
</properties>
<children>
<leafNode name="disable">
<properties>
<help>Option to disable a PPTP Server user</help>
</properties>
</leafNode>
<leafNode name="password">
<properties>
<help>Password for authentication</help>
</properties>
</leafNode>
<leafNode name="static-ip">
<properties>
<help>Static client IP address</help>
</properties>
</leafNode>
</children>
</tagNode>
</children>
</node>
<node name="radius">
<properties>
<help>RADIUS specific configuration</help>
</properties>
<children>
<tagNode name="server">
<properties>
<help>IP address of radius server</help>
<valueHelp>
<format>ipv4</format>
<description>IP address of RADIUS server</description>
</valueHelp>
</properties>
<children>
<leafNode name="key">
<properties>
<help>Key for accessing the specified server</help>
</properties>
</leafNode>
<leafNode name="req-limit">
<properties>
<help>Maximum number of simultaneous requests to server (default: unlimited)</help>
</properties>
</leafNode>
<leafNode name="fail-time">
<properties>
- <help>If server doesn't responds mark it as unavailable for this amount of time in seconds</help>
+ <help>If server does not responds mark it as unavailable for this time (seconds)</help>
</properties>
</leafNode>
</children>
</tagNode>
</children>
</node>
</children>
</node>
</children>
</node>
</children>
</node>
</children>
</node>
</interfaceDefinition>
diff --git a/interface-definitions/protocols-bfd.xml b/interface-definitions/protocols-bfd.xml.in
similarity index 100%
rename from interface-definitions/protocols-bfd.xml
rename to interface-definitions/protocols-bfd.xml.in
diff --git a/interface-definitions/snmp.xml b/interface-definitions/snmp.xml.in
similarity index 100%
rename from interface-definitions/snmp.xml
rename to interface-definitions/snmp.xml.in
diff --git a/interface-definitions/ssh.xml b/interface-definitions/ssh.xml.in
similarity index 98%
rename from interface-definitions/ssh.xml
rename to interface-definitions/ssh.xml.in
index c0ce976d6..8dea94d05 100644
--- a/interface-definitions/ssh.xml
+++ b/interface-definitions/ssh.xml.in
@@ -1,182 +1,182 @@
<?xml version="1.0"?>
<!--SSH configuration -->
<interfaceDefinition>
<node name="service">
<children>
<node name="ssh" owner="${vyos_conf_scripts_dir}/ssh.py">
<properties>
<help>Secure SHell (SSH) protocol</help>
<priority>500</priority>
</properties>
<children>
<node name="access-control">
<properties>
<help>SSH user/group access controls. Directives are processed
in the following order: deny-users, allow-users, deny-groups and
allow-groups.</help>
</properties>
<children>
<node name="allow">
<properties>
<help>Allow user/group SSH access</help>
</properties>
<children>
<leafNode name="group">
<properties>
<help>Allow members of a group to login</help>
<constraint>
<regex>^[a-z_][a-z0-9_-]{1,31}[$]?</regex>
</constraint>
<constraintErrorMessage>illegal characters or more than 32 characters</constraintErrorMessage>
<multi/>
</properties>
</leafNode>
<leafNode name="user">
<properties>
<help>Allow specific users to login</help>
<constraint>
<regex>^[a-z_][a-z0-9_-]{1,31}[$]?</regex>
</constraint>
<constraintErrorMessage>illegal characters or more than 32 characters</constraintErrorMessage>
<multi/>
</properties>
</leafNode>
</children>
</node>
<node name="deny">
<properties>
<help>Deny user/group SSH access</help>
</properties>
<children>
<leafNode name="group">
<properties>
<help>Disallow members of a group to login</help>
<constraint>
<regex>^[a-z_][a-z0-9_-]{1,31}[$]?</regex>
</constraint>
<constraintErrorMessage>illegal characters or more than 32 characters</constraintErrorMessage>
<multi/>
</properties>
</leafNode>
<leafNode name="user">
<properties>
<help>Disallow specific users to login</help>
<constraint>
<regex>^[a-z_][a-z0-9_-]{1,31}[$]?</regex>
</constraint>
<constraintErrorMessage>illegal characters or more than 32 characters</constraintErrorMessage>
<multi/>
</properties>
</leafNode>
</children>
</node>
</children>
</node>
<leafNode name="ciphers">
<properties>
<help>Allowed ciphers</help>
<completionHelp>
<script>ssh -Q cipher | tr '\n' ' '</script>
</completionHelp>
<multi/>
</properties>
</leafNode>
<leafNode name="disable-host-validation">
<properties>
- <help>Don't validate the remote host name with DNS</help>
+ <help>Disable IP Address to Hostname lookup</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="disable-password-authentication">
<properties>
<help>Disable password-based authentication</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="key-exchange">
<properties>
<help>Allowed key exchange (KEX) algorithms</help>
<completionHelp>
<script>ssh -Q kex | tr '\n' ' '</script>
</completionHelp>
<multi/>
</properties>
</leafNode>
<leafNode name="listen-address">
<properties>
<help>Local addresses SSH service should listen on</help>
<valueHelp>
<format>ipv4</format>
<description>IP address to listen for incoming connections</description>
</valueHelp>
<valueHelp>
<format>ipv6</format>
<description>IPv6 address to listen for incoming connections</description>
</valueHelp>
<multi/>
<constraint>
<validator name="ipv4-address"/>
<validator name="ipv6-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="loglevel">
<properties>
<help>Log level</help>
<valueHelp>
<format>QUIET</format>
<description>stay silent</description>
</valueHelp>
<valueHelp>
<format>FATAL</format>
<description>log fatals only</description>
</valueHelp>
<valueHelp>
<format>ERROR</format>
<description>log errors and fatals only</description>
</valueHelp>
<valueHelp>
<format>INFO</format>
<description>default log level</description>
</valueHelp>
<valueHelp>
<format>VERBOSE</format>
<description>enable logging of failed login attempts</description>
</valueHelp>
</properties>
</leafNode>
<leafNode name="mac">
<properties>
<help>Allowed message authentication code (MAC) algorithms</help>
<completionHelp>
<script>ssh -Q mac | tr '\n' ' '</script>
</completionHelp>
<multi/>
</properties>
</leafNode>
<leafNode name="port">
<properties>
<help>Port for SSH service</help>
<valueHelp>
<format>1-65535</format>
<description>Numeric IP port</description>
</valueHelp>
<multi/>
<constraint>
<validator name="numeric" argument="--range 1-65535"/>
</constraint>
</properties>
</leafNode>
<leafNode name="client-keepalive-interval">
<properties>
<help>how often send keep alives in seconds</help>
<constraint>
- <validator name="numeric" argument="--range 1-65535"/>
+ <validator name="numeric" argument="--range 1-65535"/>
</constraint>
</properties>
</leafNode>
</children>
</node>
</children>
</node>
</interfaceDefinition>
diff --git a/interface-definitions/sstp.xml b/interface-definitions/sstp.xml.in
similarity index 99%
rename from interface-definitions/sstp.xml
rename to interface-definitions/sstp.xml.in
index d944baaad..290b45a98 100644
--- a/interface-definitions/sstp.xml
+++ b/interface-definitions/sstp.xml.in
@@ -1,416 +1,416 @@
<?xml version="1.0"?>
<interfaceDefinition>
<node name="service">
<children>
<node name="sstp-server" owner="${vyos_conf_scripts_dir}/accel_sstp.py">
<properties>
<help>Secure Socket Tunneling Protocol (SSTP) Server</help>
<priority>900</priority>
</properties>
<children>
<node name="authentication">
<properties>
<help>Authentication for remote access SSTP Server</help>
</properties>
<children>
<node name="local-users">
<properties>
<help>Local user authentication for SSTP server</help>
</properties>
<children>
<tagNode name="username">
<properties>
<help>User name for authentication</help>
</properties>
<children>
<leafNode name="disable">
<properties>
<help>Option to disable a SSTP Server user</help>
<valueless />
</properties>
</leafNode>
<leafNode name="password">
<properties>
<help>Password for authentication</help>
</properties>
</leafNode>
<leafNode name="static-ip">
<properties>
<help>Static client IP address</help>
</properties>
</leafNode>
<node name="rate-limit">
<properties>
<help>Upload/Download speed limits</help>
</properties>
<children>
<leafNode name="upload">
<properties>
<help>Upload bandwidth limit in kbits/sec</help>
<constraint>
<validator name="numeric" argument="--range 1-65535"/>
</constraint>
</properties>
</leafNode>
<leafNode name="download">
<properties>
<help>Download bandwidth limit in kbits/sec</help>
<constraint>
<validator name="numeric" argument="--range 1-65535"/>
</constraint>
</properties>
</leafNode>
</children>
</node>
</children>
</tagNode>
</children>
</node>
<leafNode name="mode">
<properties>
<help>Authentication mode for SSTP Server</help>
<valueHelp>
<format>local</format>
<description>Use local username/password configuration</description>
</valueHelp>
<valueHelp>
<format>radius</format>
<description>Use a RADIUS server to autenticate users</description>
</valueHelp>
<constraint>
<regex>^(local|radius)</regex>
</constraint>
<completionHelp>
<list>local radius</list>
</completionHelp>
</properties>
</leafNode>
<leafNode name="protocols">
<properties>
<help>Authentication protocol for remote access peer SSTP VPN</help>
<valueHelp>
<format>pap</format>
<description>Require the peer to authenticate itself using PAP [Password Authentication Protocol].</description>
</valueHelp>
<valueHelp>
<format>chap</format>
<description>Require the peer to authenticate itself using CHAP [Challenge Handshake Authentication Protocol].</description>
</valueHelp>
<valueHelp>
<format>mschap</format>
<description>Require the peer to authenticate itself using CHAP [Challenge Handshake Authentication Protocol].</description>
</valueHelp>
<valueHelp>
<format>mschap-v2</format>
<description>Require the peer to authenticate itself using MS-CHAPv2 [Microsoft Challenge Handshake Authentication Protocol, Version 2].</description>
</valueHelp>
<constraint>
<regex>^(pap|chap|mschap|mschap-v2)</regex>
</constraint>
<completionHelp>
<list>pap chap mschap mschap-v2</list>
</completionHelp>
<multi />
</properties>
</leafNode>
<tagNode name="radius-server">
<properties>
<help>IP address of RADIUS server</help>
<valueHelp>
<format>ipv4</format>
<description>IP address of RADIUS server</description>
</valueHelp>
</properties>
<children>
<leafNode name="secret">
<properties>
<help>Key for accessing the specified server</help>
</properties>
</leafNode>
<leafNode name="req-limit">
<properties>
<help>Maximum number of simultaneous requests to server (default: unlimited)</help>
</properties>
</leafNode>
<leafNode name="fail-time">
<properties>
- <help>If server doesn't responds mark it as unavailable for this amount of time in seconds</help>
+ <help>If server does not responds mark it as unavailable for this time (seconds)</help>
</properties>
</leafNode>
</children>
</tagNode>
<node name="radius-settings">
<properties>
<help>RADIUS settings</help>
</properties>
<children>
<leafNode name="timeout">
<properties>
<help>Timeout to wait response from server (seconds)</help>
</properties>
</leafNode>
<leafNode name="acct-timeout">
<properties>
<help>Timeout to wait reply for Interim-Update packets. (default 3 seconds)</help>
</properties>
</leafNode>
<leafNode name="max-try">
<properties>
<help>Maximum number of tries to send Access-Request/Accounting-Request queries</help>
</properties>
</leafNode>
<leafNode name="nas-identifier">
<properties>
<help>Value to send to RADIUS server in NAS-Identifier attribute and to be matched in DM/CoA requests.</help>
</properties>
</leafNode>
<leafNode name="nas-ip-address">
<properties>
<help>Value to send to RADIUS server in NAS-IP-Address attribute and to be matched in DM/CoA requests. Also DM/CoA server will bind to that address.</help>
<constraint>
<validator name="ipv4-address"/>
</constraint>
<constraintErrorMessage>invalid IPv4 address</constraintErrorMessage>
<valueHelp>
<format>ipv4</format>
<description>NAS-IP-Address Attribute Value</description>
</valueHelp>
</properties>
</leafNode>
<node name="dae-server">
<properties>
<help>IPv4 address and port to bind Dynamic Authorization Extension server (DM/CoA)</help>
</properties>
<children>
<leafNode name="ip-address">
<properties>
<help>IP address for Dynamic Authorization Extension server (DM/CoA)</help>
<constraint>
<validator name="ipv4-address"/>
</constraint>
<constraintErrorMessage>invalid IPv4 address</constraintErrorMessage>
<valueHelp>
<format>ipv4</format>
<description>Specifies IP address for Dynamic Authorization Extension server (DM/CoA)</description>
</valueHelp>
</properties>
</leafNode>
<leafNode name="port">
<properties>
<help>Port for Dynamic Authorization Extension server (DM/CoA)</help>
<valueHelp>
<format>number</format>
<description>TCP port</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 1-65535"/>
</constraint>
</properties>
</leafNode>
<leafNode name="secret">
<properties>
<help>Secret for Dynamic Authorization Extension server (DM/CoA)</help>
</properties>
</leafNode>
</children>
</node>
<node name="rate-limit">
<properties>
<help>Upload/Download speed limits</help>
</properties>
<children>
<leafNode name="attribute">
<properties>
<help>Specifies which radius attribute contains rate information. (default is Filter-Id)</help>
</properties>
</leafNode>
<leafNode name="vendor">
<properties>
<help>Specifies the vendor dictionary. (dictionary needs to be in /usr/share/accel-ppp/radius)</help>
</properties>
</leafNode>
<leafNode name="enable">
<properties>
<help>Enables Bandwidth shaping via RADIUS</help>
<valueless />
</properties>
</leafNode>
</children>
</node>
</children>
</node>
</children>
</node>
<node name="sstp-settings">
<properties>
<help>SSTP settings</help>
</properties>
<children>
<node name="ssl-certs">
<properties>
<help>SSL Certificate, SSL Key and CA (/config/user-data/sstp)</help>
</properties>
<children>
<leafNode name="ca">
<properties>
<help>Certificate Authority certificate</help>
<completionHelp>
<script>if [ -e /config/user-data/sstp ]; then ls /config/user-data/sstp; fi</script>
</completionHelp>
</properties>
</leafNode>
<leafNode name="server-cert">
<properties>
<help>Server Certificate</help>
<completionHelp>
<script>if [ -e /config/user-data/sstp ]; then ls /config/user-data/sstp; fi</script>
</completionHelp>
</properties>
</leafNode>
<leafNode name="server-key">
<properties>
<help>Privat Key of the Server Certificate</help>
<completionHelp>
<script>if [ -e /config/user-data/sstp ]; then ls /config/user-data/sstp; fi</script>
</completionHelp>
</properties>
</leafNode>
</children>
</node>
</children>
</node>
<node name="network-settings">
<properties>
<help>Network settings</help>
</properties>
<children>
<node name="client-ip-settings">
<properties>
<help>Client IP pools and gateway setting</help>
</properties>
<children>
<leafNode name="subnet">
<properties>
<help>Client IP subnet (CIDR notation)</help>
<constraint>
<validator name="ipv4-prefix"/>
</constraint>
<constraintErrorMessage>Not a valid CIDR formatted prefix</constraintErrorMessage>
<multi />
</properties>
</leafNode>
<leafNode name="gateway-address">
<properties>
<help>Gateway IP address</help>
<constraint>
<validator name="ipv4-address"/>
</constraint>
<constraintErrorMessage>invalid IPv4 address</constraintErrorMessage>
<valueHelp>
<format>ipv4</format>
<description>Default Gateway send to the client</description>
</valueHelp>
</properties>
</leafNode>
</children>
</node>
<node name="dns-server">
<properties>
<help>DNS servers propagated to clients</help>
</properties>
<children>
<leafNode name="primary-dns">
<properties>
<help>Primary DNS Server</help>
<valueHelp>
<format>ipv4</format>
<description>IPv4 address</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="secondary-dns">
<properties>
<help>Secondary DNS Server</help>
<valueHelp>
<format>ipv4</format>
<description>IPv4 address</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
</children>
</node>
<leafNode name="mtu">
<properties>
<help>Maximum Transmission Unit (MTU)</help>
<constraint>
<validator name="numeric" argument="--range 128-16384"/>
</constraint>
</properties>
</leafNode>
</children>
</node>
<node name="ppp-settings">
<properties>
<help>PPP (Point-to-Point Protocol) settings</help>
</properties>
<children>
<leafNode name="mppe">
<properties>
<help>Specifies mppe negotiation preferences</help>
<completionHelp>
<list>require prefer deny</list>
</completionHelp>
<constraint>
<regex>(^require|prefer|deny)</regex>
</constraint>
<valueHelp>
<format>require</format>
<description>send mppe request, if client rejects, drop the connection</description>
</valueHelp>
<valueHelp>
<format>prefer</format>
<description>send mppe request, if client rejects continue</description>
</valueHelp>
<valueHelp>
<format>deny</format>
<description>drop all mppe</description>
</valueHelp>
</properties>
</leafNode>
<leafNode name="lcp-echo-interval">
<properties>
<help>LCP echo-requests/sec</help>
<constraint>
<validator name="numeric" argument="--positive"/>
</constraint>
</properties>
</leafNode>
<leafNode name="lcp-echo-failure">
<properties>
<help>Maximum number of Echo-Requests may be sent without valid reply</help>
<constraint>
<validator name="numeric" argument="--positive"/>
</constraint>
</properties>
</leafNode>
<leafNode name="lcp-echo-timeout">
<properties>
<help>Timeout in seconds to wait for any peer activity. If this option specified it turns on adaptive lcp echo functionality and "lcp-echo-failure" is not used.</help>
<constraint>
<validator name="numeric" argument="--positive"/>
</constraint>
</properties>
</leafNode>
</children>
</node>
</children>
</node>
</children>
</node>
</interfaceDefinition>
diff --git a/interface-definitions/system-proxy.xml b/interface-definitions/system-proxy.xml.in
similarity index 95%
rename from interface-definitions/system-proxy.xml
rename to interface-definitions/system-proxy.xml.in
index f43702fc8..4b21139a6 100644
--- a/interface-definitions/system-proxy.xml
+++ b/interface-definitions/system-proxy.xml.in
@@ -1,43 +1,43 @@
<?xml version="1.0"?>
<interfaceDefinition>
<node name="system">
<children>
<node name="proxy" owner="${vyos_conf_scripts_dir}/system-proxy.py">
<properties>
<help>Sets a proxy for system wide use</help>
</properties>
<children>
<leafNode name="url">
<properties>
<help>Proxy URL</help>
<constraint>
- <regex>^http://[a-z0-9\.]+$</regex>
+ <regex>http://[a-z0-9\.]+$</regex>
</constraint>
</properties>
</leafNode>
<leafNode name="port">
<properties>
<help>Proxy port</help>
<constraint>
<validator name="numeric" argument="--range 1-65535"/>
</constraint>
</properties>
</leafNode>
<leafNode name="username">
<properties>
<help>Proxy username</help>
<constraint>
<regex>^[a-z0-9-_\.]{1,100}$</regex>
</constraint>
</properties>
</leafNode>
<leafNode name="password">
<properties>
<help>Proxy password</help>
</properties>
</leafNode>
</children>
</node>
</children>
</node>
</interfaceDefinition>
diff --git a/interface-definitions/system-syslog.xml b/interface-definitions/system-syslog.xml.in
similarity index 99%
rename from interface-definitions/system-syslog.xml
rename to interface-definitions/system-syslog.xml.in
index 8f4b105c8..cce79a4c2 100644
--- a/interface-definitions/system-syslog.xml
+++ b/interface-definitions/system-syslog.xml.in
@@ -1,945 +1,945 @@
<?xml version="1.0"?>
<interfaceDefinition>
<node name="system">
<children>
<node name="syslog" owner="${vyos_conf_scripts_dir}/system-syslog.py">
<properties>
<help>System logging</help>
<priority>400</priority>
</properties>
<children>
<tagNode name="user">
<properties>
- <help>Logging to specific user's terminal</help>
+ <help>Logging to specific terminal of given user</help>
<constraint>
<regex>^[a-z_][a-z0-9_-]{1,31}[$]?</regex>
</constraint>
<constraintErrorMessage>illegal characters in user</constraintErrorMessage>
<valueHelp>
<format>username</format>
<description>user login name</description>
</valueHelp>
</properties>
<children>
<tagNode name="facility">
<properties>
<help>Facility for logging</help>
<completionHelp>
<list>auth authpriv cron daemon kern lpr mail mark news protocols security syslog user uucp local0 local1 local2 local3 local4 local5 local6 local7 all</list>
</completionHelp>
<constraint>
<regex>(auth|authpriv|cron|daemon|kern|lpr|mail|mark|news|protocols|security|syslog|user|uucp|local0|local1|local2|local3|local4|local5|local6|local7|all)</regex>
</constraint>
<constraintErrorMessage>Invalid facility type</constraintErrorMessage>
<valueHelp>
<format>all</format>
<description>All facilities excluding "mark"</description>
</valueHelp>
<valueHelp>
<format>auth</format>
<description>Authentication and authorization</description>
</valueHelp>
<valueHelp>
<format>authpriv</format>
<description>Non-system authorization</description>
</valueHelp>
<valueHelp>
<format>cron</format>
<description>Cron daemon</description>
</valueHelp>
<valueHelp>
<format>daemon</format>
<description>System daemons</description>
</valueHelp>
<valueHelp>
<format>kern</format>
<description>Kernel</description>
</valueHelp>
<valueHelp>
<format>lpr</format>
<description>Line printer spooler</description>
</valueHelp>
<valueHelp>
<format>mail</format>
<description>Mail subsystem</description>
</valueHelp>
<valueHelp>
<format>mark</format>
<description>Timestamp</description>
</valueHelp>
<valueHelp>
<format>news</format>
<description>USENET subsystem</description>
</valueHelp>
<valueHelp>
<format>protocols</format>
<description>depricated will be set to local7</description>
</valueHelp>
<valueHelp>
<format>security</format>
<description>depricated will be set to auth</description>
</valueHelp>
<valueHelp>
<format>syslog</format>
<description>Authentication and authorization</description>
</valueHelp>
<valueHelp>
<format>user</format>
<description>Application processes</description>
</valueHelp>
<valueHelp>
<format>uucp</format>
<description>UUCP subsystem</description>
</valueHelp>
<valueHelp>
<format>local0</format>
<description>Local facility 0</description>
</valueHelp>
<valueHelp>
<format>local1</format>
<description>Local facility 1</description>
</valueHelp>
<valueHelp>
<format>local2</format>
<description>Local facility 2</description>
</valueHelp>
<valueHelp>
<format>local3</format>
<description>Local facility 3</description>
</valueHelp>
<valueHelp>
<format>local4</format>
<description>Local facility 4</description>
</valueHelp>
<valueHelp>
<format>local5</format>
<description>Local facility 5</description>
</valueHelp>
<valueHelp>
<format>local6</format>
<description>Local facility 6</description>
</valueHelp>
<valueHelp>
<format>local7</format>
<description>Local facility 7</description>
</valueHelp>
</properties>
<children>
<leafNode name="level">
<properties>
<help>Logging level</help>
<completionHelp>
<list>emerg alert crit err warning notice info debug all</list>
</completionHelp>
<constraint>
<regex>(emerg|alert|crit|err|warning|notice|info|debug|all)</regex>
</constraint>
<constraintErrorMessage>Invalid loglevel</constraintErrorMessage>
<valueHelp>
<format>emerg</format>
<description>Emergency messages</description>
</valueHelp>
<valueHelp>
<format>alert</format>
<description>Urgent messages</description>
</valueHelp>
<valueHelp>
<format>crit</format>
<description>Critical messages</description>
</valueHelp>
<valueHelp>
<format>err</format>
<description>Error messages</description>
</valueHelp>
<valueHelp>
<format>warning</format>
<description>Warning messages</description>
</valueHelp>
<valueHelp>
<format>notice</format>
<description>Messages for further investigation</description>
</valueHelp>
<valueHelp>
<format>info</format>
<description>Informational messages</description>
</valueHelp>
<valueHelp>
<format>debug</format>
<description>Debug messages</description>
</valueHelp>
<valueHelp>
<format>all</format>
<description>Log everything</description>
</valueHelp>
</properties>
</leafNode>
</children>
</tagNode>
</children>
</tagNode>
<tagNode name="host">
<properties>
<help>Logging to a remote host</help>
<constraint>
<validator name="ip-address" />
<regex>(?=^.{4,253}$)(^((?!-)[a-zA-Z0-9-]{0,62}[a-zA-Z0-9]\.)+[a-zA-Z]{2,63}$)</regex>
</constraint>
<constraintErrorMessage>Invalid host FQDN or IP address</constraintErrorMessage>
<valueHelp>
<format>x.x.x.x or host.domain.tld</format>
<description>Remote host name or IP address</description>
</valueHelp>
</properties>
<children>
<leafNode name="port">
<properties>
<help>Destination port</help>
<valueHelp>
<format>1-65535</format>
<description>Destination port</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 1-65535"/>
</constraint>
<constraintErrorMessage>Invalid destination port value</constraintErrorMessage>
</properties>
</leafNode>
<tagNode name="facility">
<properties>
<help>Facility for logging</help>
<completionHelp>
<list>auth authpriv cron daemon kern lpr mail mark news protocols security syslog user uucp local0 local1 local2 local3 local4 local5 local6 local7 all</list>
</completionHelp>
<constraint>
<regex>(auth|authpriv|cron|daemon|kern|lpr|mail|mark|news|protocols|security|syslog|user|uucp|local0|local1|local2|local3|local4|local5|local6|local7|all)</regex>
</constraint>
- <constraintErrorMessage>Invalid facility type</constraintErrorMessage>
+ <constraintErrorMessage>Invalid facility type</constraintErrorMessage>
<valueHelp>
<format>all</format>
<description>All facilities excluding "mark"</description>
</valueHelp>
<valueHelp>
<format>auth</format>
<description>Authentication and authorization</description>
</valueHelp>
<valueHelp>
<format>authpriv</format>
<description>Non-system authorization</description>
</valueHelp>
<valueHelp>
<format>cron</format>
<description>Cron daemon</description>
</valueHelp>
<valueHelp>
<format>daemon</format>
<description>System daemons</description>
</valueHelp>
<valueHelp>
<format>kern</format>
<description>Kernel</description>
</valueHelp>
<valueHelp>
<format>lpr</format>
<description>Line printer spooler</description>
</valueHelp>
<valueHelp>
<format>mail</format>
<description>Mail subsystem</description>
</valueHelp>
<valueHelp>
<format>mark</format>
<description>Timestamp</description>
</valueHelp>
<valueHelp>
<format>news</format>
<description>USENET subsystem</description>
</valueHelp>
<valueHelp>
<format>protocols</format>
<description>depricated will be set to local7</description>
</valueHelp>
<valueHelp>
<format>security</format>
<description>depricated will be set to auth</description>
</valueHelp>
<valueHelp>
<format>syslog</format>
<description>Authentication and authorization</description>
</valueHelp>
<valueHelp>
<format>user</format>
<description>Application processes</description>
</valueHelp>
<valueHelp>
<format>uucp</format>
<description>UUCP subsystem</description>
</valueHelp>
<valueHelp>
<format>local0</format>
<description>Local facility 0</description>
</valueHelp>
<valueHelp>
<format>local1</format>
<description>Local facility 1</description>
</valueHelp>
<valueHelp>
<format>local2</format>
<description>Local facility 2</description>
</valueHelp>
<valueHelp>
<format>local3</format>
<description>Local facility 3</description>
</valueHelp>
<valueHelp>
<format>local4</format>
<description>Local facility 4</description>
</valueHelp>
<valueHelp>
<format>local5</format>
<description>Local facility 5</description>
</valueHelp>
<valueHelp>
<format>local6</format>
<description>Local facility 6</description>
</valueHelp>
<valueHelp>
<format>local7</format>
<description>Local facility 7</description>
</valueHelp>
</properties>
<children>
<leafNode name="protocol">
<properties>
<help>syslog communication protocol</help>
<valueHelp>
<format>udp</format>
<description>send log messages to remote syslog server over udp</description>
</valueHelp>
<valueHelp>
<format>tcp</format>
<description>send log messages to remote syslog server over tcp</description>
</valueHelp>
<completionHelp>
<list>udp tcp</list>
</completionHelp>
<constraint>
<regex>(udp|tcp)</regex>
</constraint>
<constraintErrorMessage>invalid protocol name</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="level">
<properties>
<help>Logging level</help>
<completionHelp>
<list>emerg alert crit err warning notice info debug all</list>
</completionHelp>
<constraint>
<regex>(emerg|alert|crit|err|warning|notice|info|debug|all)</regex>
</constraint>
<constraintErrorMessage>Invalid loglevel</constraintErrorMessage>
<valueHelp>
<format>emerg</format>
<description>Emergency messages</description>
</valueHelp>
<valueHelp>
<format>alert</format>
<description>Urgent messages</description>
</valueHelp>
<valueHelp>
<format>crit</format>
<description>Critical messages</description>
</valueHelp>
<valueHelp>
<format>err</format>
<description>Error messages</description>
</valueHelp>
<valueHelp>
<format>warning</format>
<description>Warning messages</description>
</valueHelp>
<valueHelp>
<format>notice</format>
<description>Messages for further investigation</description>
</valueHelp>
<valueHelp>
<format>info</format>
<description>Informational messages</description>
</valueHelp>
<valueHelp>
<format>debug</format>
<description>Debug messages</description>
</valueHelp>
<valueHelp>
<format>all</format>
<description>Log everything</description>
</valueHelp>
</properties>
</leafNode>
</children>
</tagNode>
</children>
</tagNode>
<node name="global">
<properties>
<help>Logging to system standard location</help>
</properties>
<children>
<node name="archive">
<properties>
<help>Log file size and rotation characteristics</help>
</properties>
<children>
<leafNode name="file">
<properties>
<help>Number of saved files (default is 5)</help>
<constraint>
<regex>^[0-9]+</regex>
</constraint>
<constraintErrorMessage>illegal characters in number of files</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="size">
<properties>
<help>Size of log files (in kbytes, default is 256)</help>
<constraint>
<regex>^[0-9]+</regex>
</constraint>
<constraintErrorMessage>illegal characters in size</constraintErrorMessage>
</properties>
</leafNode>
</children>
</node>
<tagNode name="facility">
<properties>
<help>Facility for logging</help>
<completionHelp>
<list>auth authpriv cron daemon kern lpr mail mark news protocols security syslog user uucp local0 local1 local2 local3 local4 local5 local6 local7 all</list>
</completionHelp>
<constraint>
<regex>(auth|authpriv|cron|daemon|kern|lpr|mail|mark|news|protocols|security|syslog|user|uucp|local0|local1|local2|local3|local4|local5|local6|local7|all)</regex>
</constraint>
<constraintErrorMessage>Invalid facility type</constraintErrorMessage>
<valueHelp>
<format>all</format>
<description>All facilities excluding "mark"</description>
</valueHelp>
<valueHelp>
<format>auth</format>
<description>Authentication and authorization</description>
</valueHelp>
<valueHelp>
<format>authpriv</format>
<description>Non-system authorization</description>
</valueHelp>
<valueHelp>
<format>cron</format>
<description>Cron daemon</description>
</valueHelp>
<valueHelp>
<format>daemon</format>
<description>System daemons</description>
</valueHelp>
<valueHelp>
<format>kern</format>
<description>Kernel</description>
</valueHelp>
<valueHelp>
<format>lpr</format>
<description>Line printer spooler</description>
</valueHelp>
<valueHelp>
<format>mail</format>
<description>Mail subsystem</description>
</valueHelp>
<valueHelp>
<format>mark</format>
<description>Timestamp</description>
</valueHelp>
<valueHelp>
<format>news</format>
<description>USENET subsystem</description>
</valueHelp>
<valueHelp>
<format>protocols</format>
<description>depricated will be set to local7</description>
</valueHelp>
<valueHelp>
<format>security</format>
<description>depricated will be set to auth</description>
</valueHelp>
<valueHelp>
<format>syslog</format>
<description>Authentication and authorization</description>
</valueHelp>
<valueHelp>
<format>user</format>
<description>Application processes</description>
</valueHelp>
<valueHelp>
<format>uucp</format>
<description>UUCP subsystem</description>
</valueHelp>
<valueHelp>
<format>local0</format>
<description>Local facility 0</description>
</valueHelp>
<valueHelp>
<format>local1</format>
<description>Local facility 1</description>
</valueHelp>
<valueHelp>
<format>local2</format>
<description>Local facility 2</description>
</valueHelp>
<valueHelp>
<format>local3</format>
<description>Local facility 3</description>
</valueHelp>
<valueHelp>
<format>local4</format>
<description>Local facility 4</description>
</valueHelp>
<valueHelp>
<format>local5</format>
<description>Local facility 5</description>
</valueHelp>
<valueHelp>
<format>local6</format>
<description>Local facility 6</description>
</valueHelp>
<valueHelp>
<format>local7</format>
<description>Local facility 7</description>
</valueHelp>
</properties>
<children>
<leafNode name="level">
<properties>
<help>Logging level</help>
<completionHelp>
<list>emerg alert crit err warning notice info debug all</list>
</completionHelp>
<constraint>
<regex>(emerg|alert|crit|err|warning|notice|info|debug|all)</regex>
</constraint>
<constraintErrorMessage>Invalid loglevel</constraintErrorMessage>
<valueHelp>
<format>emerg</format>
<description>Emergency messages</description>
</valueHelp>
<valueHelp>
<format>alert</format>
<description>Urgent messages</description>
</valueHelp>
<valueHelp>
<format>crit</format>
<description>Critical messages</description>
</valueHelp>
<valueHelp>
<format>err</format>
<description>Error messages</description>
</valueHelp>
<valueHelp>
<format>warning</format>
<description>Warning messages</description>
</valueHelp>
<valueHelp>
<format>notice</format>
<description>Messages for further investigation</description>
</valueHelp>
<valueHelp>
<format>info</format>
<description>Informational messages</description>
</valueHelp>
<valueHelp>
<format>debug</format>
<description>Debug messages</description>
</valueHelp>
<valueHelp>
<format>all</format>
<description>Log everything</description>
</valueHelp>
</properties>
</leafNode>
</children>
</tagNode>
<node name="marker">
<properties>
<help>mark messages sent to syslog</help>
</properties>
<children>
<leafNode name="interval">
<properties>
<help>time interval how often a mark message is being sent in seconds (default: 1200)</help>
<constraint>
<validator name="numeric" argument="--positive"/>
- </constraint>
+ </constraint>
</properties>
</leafNode>
</children>
</node>
<leafNode name ="preserve-fqdn">
<properties>
<help>uses FQDN for logging</help>
<valueless />
</properties>
</leafNode>
</children>
</node>
<tagNode name="file">
<properties>
<help>Logging to a file</help>
<constraint>
<regex>^[a-zA-Z0-9\-_.]{1,255}</regex>
</constraint>
<constraintErrorMessage>illegal characters in filename or filename longer than 255 characters</constraintErrorMessage>
</properties>
<children>
<node name="archive">
<properties>
<help>Log file size and rotation characteristics</help>
</properties>
<children>
<leafNode name="file">
<properties>
<help>Number of saved files (default is 5)</help>
<constraint>
<regex>^[0-9]+</regex>
</constraint>
<constraintErrorMessage>illegal characters in number of files</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="size">
<properties>
<help>Size of log files (in kbytes, default is 256)</help>
<constraint>
<regex>^[0-9]+</regex>
</constraint>
<constraintErrorMessage>illegal characters in size</constraintErrorMessage>
</properties>
</leafNode>
</children>
</node>
<tagNode name="facility">
<properties>
<help>Facility for logging</help>
<completionHelp>
<list>auth authpriv cron daemon kern lpr mail mark news protocols security syslog user uucp local0 local1 local2 local3 local4 local5 local6 local7 all</list>
</completionHelp>
<constraint>
<regex>(auth|authpriv|cron|daemon|kern|lpr|mail|mark|news|protocols|security|syslog|user|uucp|local0|local1|local2|local3|local4|local5|local6|local7|all)</regex>
</constraint>
<constraintErrorMessage>Invalid facility type</constraintErrorMessage>
<valueHelp>
<format>all</format>
<description>All facilities excluding "mark"</description>
</valueHelp>
<valueHelp>
<format>auth</format>
<description>Authentication and authorization</description>
</valueHelp>
<valueHelp>
<format>authpriv</format>
<description>Non-system authorization</description>
</valueHelp>
<valueHelp>
<format>cron</format>
<description>Cron daemon</description>
</valueHelp>
<valueHelp>
<format>daemon</format>
<description>System daemons</description>
</valueHelp>
<valueHelp>
<format>kern</format>
<description>Kernel</description>
</valueHelp>
<valueHelp>
<format>lpr</format>
<description>Line printer spooler</description>
</valueHelp>
<valueHelp>
<format>mail</format>
<description>Mail subsystem</description>
</valueHelp>
<valueHelp>
<format>mark</format>
<description>Timestamp</description>
</valueHelp>
<valueHelp>
<format>news</format>
<description>USENET subsystem</description>
</valueHelp>
<valueHelp>
<format>protocols</format>
<description>depricated will be set to local7</description>
</valueHelp>
<valueHelp>
<format>security</format>
<description>depricated will be set to auth</description>
</valueHelp>
<valueHelp>
<format>syslog</format>
<description>Authentication and authorization</description>
</valueHelp>
<valueHelp>
<format>user</format>
<description>Application processes</description>
</valueHelp>
<valueHelp>
<format>uucp</format>
<description>UUCP subsystem</description>
</valueHelp>
<valueHelp>
<format>local0</format>
<description>Local facility 0</description>
</valueHelp>
<valueHelp>
<format>local1</format>
<description>Local facility 1</description>
</valueHelp>
<valueHelp>
<format>local2</format>
<description>Local facility 2</description>
</valueHelp>
<valueHelp>
<format>local3</format>
<description>Local facility 3</description>
</valueHelp>
<valueHelp>
<format>local4</format>
<description>Local facility 4</description>
</valueHelp>
<valueHelp>
<format>local5</format>
<description>Local facility 5</description>
</valueHelp>
<valueHelp>
<format>local6</format>
<description>Local facility 6</description>
</valueHelp>
<valueHelp>
<format>local7</format>
<description>Local facility 7</description>
</valueHelp>
</properties>
<children>
<leafNode name="level">
<properties>
<help>Logging level</help>
<completionHelp>
<list>emerg alert crit err warning notice info debug all</list>
</completionHelp>
<constraint>
<regex>(emerg|alert|crit|err|warning|notice|info|debug|all)</regex>
</constraint>
<constraintErrorMessage>Invalid loglevel</constraintErrorMessage>
<valueHelp>
<format>emerg</format>
<description>Emergency messages</description>
</valueHelp>
<valueHelp>
<format>alert</format>
<description>Urgent messages</description>
</valueHelp>
<valueHelp>
<format>crit</format>
<description>Critical messages</description>
</valueHelp>
<valueHelp>
<format>err</format>
<description>Error messages</description>
</valueHelp>
<valueHelp>
<format>warning</format>
<description>Warning messages</description>
</valueHelp>
<valueHelp>
<format>notice</format>
<description>Messages for further investigation</description>
</valueHelp>
<valueHelp>
<format>info</format>
<description>Informational messages</description>
</valueHelp>
<valueHelp>
<format>debug</format>
<description>Debug messages</description>
</valueHelp>
<valueHelp>
<format>all</format>
<description>Log everything</description>
</valueHelp>
</properties>
</leafNode>
</children>
</tagNode>
</children>
</tagNode>
<node name="console">
<properties>
<help>logging to serial console</help>
</properties>
<children>
<tagNode name="facility">
<properties>
<help>Facility for logging</help>
<completionHelp>
<list>auth authpriv cron daemon kern lpr mail mark news protocols security syslog user uucp local0 local1 local2 local3 local4 local5 local6 local7 all</list>
</completionHelp>
<constraint>
<regex>(auth|authpriv|cron|daemon|kern|lpr|mail|mark|news|protocols|security|syslog|user|uucp|local0|local1|local2|local3|local4|local5|local6|local7|all)</regex>
</constraint>
<constraintErrorMessage>Invalid facility type</constraintErrorMessage>
<valueHelp>
<format>all</format>
<description>All facilities excluding "mark"</description>
</valueHelp>
<valueHelp>
<format>auth</format>
<description>Authentication and authorization</description>
</valueHelp>
<valueHelp>
<format>authpriv</format>
<description>Non-system authorization</description>
</valueHelp>
<valueHelp>
<format>cron</format>
<description>Cron daemon</description>
</valueHelp>
<valueHelp>
<format>daemon</format>
<description>System daemons</description>
</valueHelp>
<valueHelp>
<format>kern</format>
<description>Kernel</description>
</valueHelp>
<valueHelp>
<format>lpr</format>
<description>Line printer spooler</description>
</valueHelp>
<valueHelp>
<format>mail</format>
<description>Mail subsystem</description>
</valueHelp>
<valueHelp>
<format>mark</format>
<description>Timestamp</description>
</valueHelp>
<valueHelp>
<format>news</format>
<description>USENET subsystem</description>
</valueHelp>
<valueHelp>
<format>protocols</format>
<description>depricated will be set to local7</description>
</valueHelp>
<valueHelp>
<format>security</format>
<description>depricated will be set to auth</description>
</valueHelp>
<valueHelp>
<format>syslog</format>
<description>Authentication and authorization</description>
</valueHelp>
<valueHelp>
<format>user</format>
<description>Application processes</description>
</valueHelp>
<valueHelp>
<format>uucp</format>
<description>UUCP subsystem</description>
</valueHelp>
<valueHelp>
<format>local0</format>
<description>Local facility 0</description>
</valueHelp>
<valueHelp>
<format>local1</format>
<description>Local facility 1</description>
</valueHelp>
<valueHelp>
<format>local2</format>
<description>Local facility 2</description>
</valueHelp>
<valueHelp>
<format>local3</format>
<description>Local facility 3</description>
</valueHelp>
<valueHelp>
<format>local4</format>
<description>Local facility 4</description>
</valueHelp>
<valueHelp>
<format>local5</format>
<description>Local facility 5</description>
</valueHelp>
<valueHelp>
<format>local6</format>
<description>Local facility 6</description>
</valueHelp>
<valueHelp>
<format>local7</format>
<description>Local facility 7</description>
</valueHelp>
</properties>
<children>
<leafNode name="level">
<properties>
<help>Logging level</help>
<completionHelp>
<list>emerg alert crit err warning notice info debug all</list>
</completionHelp>
<constraint>
<regex>(emerg|alert|crit|err|warning|notice|info|debug|all)</regex>
</constraint>
<constraintErrorMessage>Invalid loglevel</constraintErrorMessage>
<valueHelp>
<format>emerg</format>
<description>Emergency messages</description>
</valueHelp>
<valueHelp>
<format>alert</format>
<description>Urgent messages</description>
</valueHelp>
<valueHelp>
<format>crit</format>
<description>Critical messages</description>
</valueHelp>
<valueHelp>
<format>err</format>
<description>Error messages</description>
</valueHelp>
<valueHelp>
<format>warning</format>
<description>Warning messages</description>
</valueHelp>
<valueHelp>
<format>notice</format>
<description>Messages for further investigation</description>
</valueHelp>
<valueHelp>
<format>info</format>
<description>Informational messages</description>
</valueHelp>
<valueHelp>
<format>debug</format>
<description>Debug messages</description>
</valueHelp>
<valueHelp>
<format>all</format>
<description>Log everything</description>
</valueHelp>
</properties>
</leafNode>
</children>
</tagNode>
</children>
</node>
</children>
</node>
</children>
</node>
</interfaceDefinition>
diff --git a/interface-definitions/tftp-server.xml b/interface-definitions/tftp-server.xml.in
similarity index 100%
rename from interface-definitions/tftp-server.xml
rename to interface-definitions/tftp-server.xml.in
diff --git a/interface-definitions/vrrp.xml b/interface-definitions/vrrp.xml.in
similarity index 100%
rename from interface-definitions/vrrp.xml
rename to interface-definitions/vrrp.xml.in