diff --git a/Makefile b/Makefile
index 7986ccdc9..97e933694 100644
--- a/Makefile
+++ b/Makefile
@@ -1,75 +1,101 @@
TMPL_DIR := templates-cfg
OP_TMPL_DIR := templates-op
+BUILD_DIR := build
+CFLAGS :=
+
+src = $(wildcard interface-definitions/*.xml.in)
+obj = $(src:.xml.in=.xml)
+
+%.xml: %.xml.in
+ @echo Generating $(BUILD_DIR)/$@ from $<
+ # -ansi This turns off certain features of GCC that are incompatible
+ # with ISO C90. Without this regexes containing '/' as in an URL
+ # won't work
+ # -x c By default GCC guesses the input language from its file extension,
+ # thus XML is unknown. Force it to C language
+ # -E Stop after the preprocessing stage
+ # -undef Do not predefine any system-specific or GCC-specific macros.
+ # -nostdinc Do not search the standard system directories for header files
+ # -P Inhibit generation of linemarkers in the output from the
+ # preprocessor
+ @$(CC) -ansi -x c -E -undef -nostdinc -P -I$(CURDIR)/interface-definitions -o $(BUILD_DIR)/$@ -c $<
+
+$(BUILD_DIR):
+ install -d -m 0755 $(BUILD_DIR)/interface-definitions
+ install -d -m 0755 $(BUILD_DIR)/op-mode-definitions
.PHONY: interface_definitions
.ONESHELL:
-interface_definitions:
+interface_definitions: $(BUILD_DIR) $(obj)
mkdir -p $(TMPL_DIR)
- find $(CURDIR)/interface-definitions/ -type f -name "*.xml" | xargs -I {} $(CURDIR)/scripts/build-command-templates {} $(CURDIR)/schema/interface_definition.rng $(TMPL_DIR) || exit 1
+ find $(BUILD_DIR)/interface-definitions -type f -name "*.xml" | xargs -I {} $(CURDIR)/scripts/build-command-templates {} $(CURDIR)/schema/interface_definition.rng $(TMPL_DIR) || exit 1
# XXX: delete top level node.def's that now live in other packages
rm -f $(TMPL_DIR)/firewall/node.def
rm -f $(TMPL_DIR)/interfaces/node.def
rm -f $(TMPL_DIR)/interfaces/bonding/node.tag/ip/node.def
+ rm -f $(TMPL_DIR)/interfaces/bonding/node.tag/vif/node.tag/ip/node.def
rm -f $(TMPL_DIR)/interfaces/bridge/node.tag/ip/node.def
rm -f $(TMPL_DIR)/interfaces/ethernet/node.tag/ip/node.def
rm -f $(TMPL_DIR)/interfaces/ethernet/node.tag/vif/node.tag/ip/node.def
rm -f $(TMPL_DIR)/interfaces/ethernet/node.tag/vif-s/node.tag/ip/node.def
rm -f $(TMPL_DIR)/interfaces/ethernet/node.tag/vif-s/node.tag/vif-c/node.tag/ip/node.def
rm -f $(TMPL_DIR)/interfaces/vxlan/node.tag/ip/node.def
+ rm -f $(TMPL_DIR)/interfaces/wireless/node.tag/vif/node.tag/ip/node.def
rm -f $(TMPL_DIR)/protocols/node.def
rm -f $(TMPL_DIR)/protocols/static/node.def
rm -f $(TMPL_DIR)/system/node.def
rm -f $(TMPL_DIR)/system/options/node.def
rm -f $(TMPL_DIR)/vpn/node.def
rm -f $(TMPL_DIR)/vpn/ipsec/node.def
.PHONY: op_mode_definitions
.ONESHELL:
op_mode_definitions:
mkdir -p $(OP_TMPL_DIR)
find $(CURDIR)/op-mode-definitions/ -type f -name "*.xml" | xargs -I {} $(CURDIR)/scripts/build-command-op-templates {} $(CURDIR)/schema/op-mode-definition.rng $(OP_TMPL_DIR) || exit 1
# XXX: delete top level op mode node.def's that now live in other packages
rm -f $(OP_TMPL_DIR)/clear/node.def
rm -f $(OP_TMPL_DIR)/clear/interfaces/node.def
rm -f $(OP_TMPL_DIR)/set/node.def
rm -f $(OP_TMPL_DIR)/show/node.def
rm -f $(OP_TMPL_DIR)/show/interfaces/node.def
rm -f $(OP_TMPL_DIR)/show/ip/node.def
rm -f $(OP_TMPL_DIR)/show/ip/route/node.def
rm -f $(OP_TMPL_DIR)/show/ipv6/node.def
rm -f $(OP_TMPL_DIR)/show/ipv6/route/node.def
rm -f $(OP_TMPL_DIR)/restart/node.def
rm -f $(OP_TMPL_DIR)/monitor/node.def
rm -f $(OP_TMPL_DIR)/generate/node.def
rm -f $(OP_TMPL_DIR)/show/vpn/node.def
rm -f $(OP_TMPL_DIR)/show/system/node.def
rm -f $(OP_TMPL_DIR)/delete/node.def
rm -f $(OP_TMPL_DIR)/reset/vpn/node.def
rm -f $(OP_TMPL_DIR)/show/system/node.def
.PHONY: all
all: clean interface_definitions op_mode_definitions
.PHONY: clean
clean:
- rm -rf $(TMPL_DIR)/*
- rm -rf $(OP_TMPL_DIR)/*
+ rm -rf $(BUILD_DIR)
+ rm -rf $(TMPL_DIR)
+ rm -rf $(OP_TMPL_DIR)
.PHONY: test
test:
PYTHONPATH=python/ python3 -m "nose" --with-xunit src --with-coverage --cover-erase --cover-xml --cover-package src/conf_mode,src/op_mode,src/completion,src/helpers,src/validators,src/tests --verbose
.PHONY: sonar
sonar:
sonar-scanner -X -Dsonar.login=${SONAR_TOKEN}
.PHONY: docs
.ONESHELL:
docs:
sphinx-apidoc -o sphinx/source/ python/
cd sphinx/
PYTHONPATH=../python make html
diff --git a/interface-definitions/arp.xml b/interface-definitions/arp.xml.in
similarity index 100%
rename from interface-definitions/arp.xml
rename to interface-definitions/arp.xml.in
diff --git a/interface-definitions/bcast-relay.xml b/interface-definitions/bcast-relay.xml.in
similarity index 100%
rename from interface-definitions/bcast-relay.xml
rename to interface-definitions/bcast-relay.xml.in
diff --git a/interface-definitions/beep-on-boot.xml b/interface-definitions/beep-on-boot.xml.in
similarity index 100%
rename from interface-definitions/beep-on-boot.xml
rename to interface-definitions/beep-on-boot.xml.in
diff --git a/interface-definitions/cron.xml b/interface-definitions/cron.xml.in
similarity index 100%
rename from interface-definitions/cron.xml
rename to interface-definitions/cron.xml.in
diff --git a/interface-definitions/dhcp-relay.xml b/interface-definitions/dhcp-relay.xml.in
similarity index 100%
rename from interface-definitions/dhcp-relay.xml
rename to interface-definitions/dhcp-relay.xml.in
diff --git a/interface-definitions/dhcp-server.xml b/interface-definitions/dhcp-server.xml.in
similarity index 99%
rename from interface-definitions/dhcp-server.xml
rename to interface-definitions/dhcp-server.xml.in
index 7d42294e8..e8bdff3df 100644
--- a/interface-definitions/dhcp-server.xml
+++ b/interface-definitions/dhcp-server.xml.in
@@ -1,467 +1,467 @@
<?xml version="1.0"?>
<!-- DHCP server configuration -->
<interfaceDefinition>
<node name="service">
<children>
<node name="dhcp-server" owner="${vyos_conf_scripts_dir}/dhcp_server.py">
<properties>
<help>Dynamic Host Configuration Protocol (DHCP) for DHCP server</help>
<priority>911</priority>
</properties>
<children>
<leafNode name="disable">
<properties>
<help>Option to disable DHCP server</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="dynamic-dns-update">
<properties>
<help>DHCP server to dynamically update the Domain Name System (DNS)</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="global-parameters">
<properties>
<help>Additional global parameters for DHCP server. You must
use the syntax of dhcpd.conf in this text-field. Using this
without proper knowledge may result in a crashed DHCP server.
Check system log to look for errors.</help>
<multi/>
</properties>
</leafNode>
<leafNode name="hostfile-update">
<properties>
<help>Enable DHCP server updating /etc/hosts (per client lease)</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="host-decl-name">
<properties>
<help>Instruct server to use host declaration name for forward DNS name</help>
<valueless/>
</properties>
</leafNode>
<tagNode name="shared-network-name">
<properties>
<help>DHCP shared network name [REQUIRED]</help>
<constraint>
<regex>[-_a-zA-Z0-9.]+</regex>
</constraint>
<constraintErrorMessage>Invalid shared network name. May only contain letters, numbers and .-_</constraintErrorMessage>
</properties>
<children>
<leafNode name="authoritative">
<properties>
<help>Option to make DHCP server authoritative for this physical network</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="description">
<properties>
<help>Shared-network-name description</help>
</properties>
</leafNode>
<leafNode name="disable">
<properties>
<help>Option to disable DHCP configuration for shared-network</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="shared-network-parameters">
<properties>
<help>Additional shared-network parameters for DHCP server.
You must use the syntax of dhcpd.conf in this text-field.
Using this without proper knowledge may result in a crashed
DHCP server. Check system log to look for errors.</help>
<multi/>
</properties>
</leafNode>
<tagNode name="subnet">
<properties>
<help>DHCP subnet for shared network</help>
<valueHelp>
<format>ipv4net</format>
<description>IPv4 address and prefix length</description>
</valueHelp>
<constraint>
<validator name="ipv4-prefix"/>
</constraint>
</properties>
<children>
<leafNode name="bootfile-name">
<properties>
<help>Bootstrap file name</help>
</properties>
</leafNode>
<leafNode name="bootfile-server">
<properties>
<help>Server (IP address or domain name) from which the initial
boot file is to be loaded</help>
</properties>
</leafNode>
<leafNode name="client-prefix-length">
<properties>
<help>Specifies the clients subnet mask as per RFC 950. If unset, subnet declaration is used.</help>
<valueHelp>
<format>0-32</format>
<description>DHCP client prefix length must be 0 to 32</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 0-32"/>
</constraint>
<constraintErrorMessage>DHCP client prefix length must be 0 to 32</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="default-router">
<properties>
<help>IP address of default router</help>
<valueHelp>
<format>ipv4</format>
<description>Default router IPv4 address</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="dns-server">
<properties>
<help>DNS server IPv4 address</help>
<valueHelp>
<format>ipv4</format>
<description>DNS server IPv4 address</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
<multi/>
</properties>
</leafNode>
<leafNode name="domain-name">
<properties>
<help>Client domain name</help>
</properties>
</leafNode>
<leafNode name="domain-search">
<properties>
<help>Client domain search</help>
<multi/>
</properties>
</leafNode>
<leafNode name="exclude">
<properties>
<help>IP address to exclude from DHCP lease range</help>
<valueHelp>
<format>ipv4</format>
<description>IPv4 address to exclude from lease range</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
<multi/>
</properties>
</leafNode>
<node name="failover">
<properties>
<help>DHCP failover parameters</help>
</properties>
<children>
<leafNode name="local-address">
<properties>
<help>IP address for failover peer to connect [REQUIRED]</help>
<valueHelp>
<format>ipv4</format>
<description>IPv4 address to exclude from lease range</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="name">
<properties>
<help>DHCP failover peer name [REQUIRED]</help>
<constraint>
<regex>[-_a-zA-Z0-9.]+</regex>
</constraint>
<constraintErrorMessage>Invalid failover peer name. May only contain letters, numbers and .-_</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="peer-address">
<properties>
<help>IP address of failover peer [REQUIRED]</help>
<valueHelp>
<format>ipv4</format>
<description>IPv4 address of failover peer</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="status">
<properties>
<help>DHCP failover peer status (primary|secondary) [REQUIRED]</help>
<completionHelp>
<list>primary secondary</list>
</completionHelp>
<constraint>
<regex>(primary|secondary)</regex>
</constraint>
<constraintErrorMessage>Invalid DHCP failover peer status</constraintErrorMessage>
</properties>
</leafNode>
</children>
</node>
<leafNode name="ip-forwarding">
<properties>
<help>Enable IP forwarding on client</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="lease">
<properties>
<help>Lease timeout in seconds (default: 86400)</help>
<valueHelp>
<format>0-4294967295</format>
<description>DHCP lease time in seconds</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 0-4294967295"/>
</constraint>
<constraintErrorMessage>DHCP lease time must be between 0 and 4294967295 (49 days)</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="ntp-server">
<properties>
<help>IP address of NTP server</help>
<valueHelp>
<format>ipv4</format>
<description>NTP server IPv4 address</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
<multi/>
</properties>
</leafNode>
<leafNode name="pop-server">
<properties>
<help>IP address of POP3 server</help>
<valueHelp>
<format>ipv4</format>
<description>POP3 server IPv4 address</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
<multi/>
</properties>
</leafNode>
<leafNode name="server-identifier">
<properties>
<help>Address for DHCP server identifier</help>
<valueHelp>
<format>ipv4</format>
<description>DHCP server identifier IPv4 address</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="smtp-server">
<properties>
<help>IP address of SMTP server</help>
<valueHelp>
<format>ipv4</format>
<description>SMTP server IPv4 address</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
<multi/>
</properties>
</leafNode>
<tagNode name="range">
<properties>
<help>DHCP lease range</help>
<constraint>
<regex>[-_a-zA-Z0-9.]+</regex>
</constraint>
<constraintErrorMessage>Invalid DHCP lease range name. May only contain letters, numbers and .-_</constraintErrorMessage>
</properties>
<children>
<leafNode name="start">
<properties>
<help>First IP address for DHCP lease range</help>
<valueHelp>
<format>ipv4</format>
<description>IPv4 start address of pool</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="stop">
<properties>
<help>Last IP address for DHCP lease range</help>
<valueHelp>
<format>ipv4</format>
<description>IPv4 end address of pool</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
</children>
</tagNode>
<tagNode name="static-mapping">
<properties>
<help>Name of static mapping</help>
<constraint>
<regex>[-_a-zA-Z0-9.]+</regex>
</constraint>
<constraintErrorMessage>Invalid static mapping name. May only contain letters, numbers and .-_</constraintErrorMessage>
</properties>
<children>
<leafNode name="disable">
<properties>
<help>Option to disable static mapping</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="ip-address">
<properties>
<help>Fixed IP address of static mapping</help>
<valueHelp>
<format>ipv4</format>
<description>IPv4 address used in static mapping</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="mac-address">
<properties>
<help>MAC address of static mapping [REQUIRED]</help>
<valueHelp>
<format>h:h:h:h:h:h</format>
<description>MAC address used in static mapping [REQUIRED]</description>
</valueHelp>
</properties>
</leafNode>
<leafNode name="static-mapping-parameters">
<properties>
<help>Additional static-mapping parameters for DHCP server.
Will be placed inside the "host" block of the mapping.
You must use the syntax of dhcpd.conf in this text-field.
Using this without proper knowledge may result in a crashed
DHCP server. Check system log to look for errors.</help>
<multi/>
</properties>
</leafNode>
</children>
</tagNode>
<node name="static-route">
<properties>
<help>Classless static route</help>
</properties>
<children>
<leafNode name="destination-subnet">
<properties>
<help>Destination subnet [REQUIRED]</help>
<valueHelp>
<format>ipv4net</format>
<description>IPv4 address and prefix length</description>
</valueHelp>
<constraint>
<validator name="ipv4-prefix"/>
</constraint>
</properties>
</leafNode>
<leafNode name="router">
<properties>
<help>IP address of router to be used to reach the destination subnet [REQUIRED]</help>
<valueHelp>
<format>ipv4</format>
<description>IPv4 address of router</description>
</valueHelp>
<constraint>
<validator name="ip-address"/>
</constraint>
</properties>
</leafNode>
</children>
</node>
<leafNode name="subnet-parameters">
<properties>
<help>Additional subnet parameters for DHCP server. You must
use the syntax of dhcpd.conf in this text-field. Using this
without proper knowledge may result in a crashed DHCP server.
Check system log to look for errors.</help>
<multi/>
</properties>
</leafNode>
<leafNode name="tftp-server-name">
<properties>
<help>TFTP server name</help>
</properties>
</leafNode>
<leafNode name="time-offset">
<properties>
- <help>Offset of the client's subnet in seconds from Coordinated Universal Time (UTC)</help>
+ <help>Client subnet offset in seconds from Coordinated Universal Time (UTC)</help>
<valueHelp>
<format>[-]N</format>
<description>Time offset (number, may be negative)</description>
</valueHelp>
<constraint>
<regex>-?[0-9]+</regex>
</constraint>
<constraintErrorMessage>Invalid time offset value</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="time-server">
<properties>
<help>IP address of time server</help>
<valueHelp>
<format>ipv4</format>
<description>Time server IPv4 address</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
<multi/>
</properties>
</leafNode>
<leafNode name="wins-server">
<properties>
<help>IP address for Windows Internet Name Service (WINS) server</help>
<valueHelp>
<format>ipv4</format>
<description>WINS server IPv4 address</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
<multi/>
</properties>
</leafNode>
<leafNode name="wpad-url">
<properties>
<help>Web Proxy Autodiscovery (WPAD) URL</help>
</properties>
</leafNode>
</children>
</tagNode>
</children>
</tagNode>
</children>
</node>
</children>
</node>
</interfaceDefinition>
diff --git a/interface-definitions/dhcpv6-relay.xml b/interface-definitions/dhcpv6-relay.xml.in
similarity index 100%
rename from interface-definitions/dhcpv6-relay.xml
rename to interface-definitions/dhcpv6-relay.xml.in
diff --git a/interface-definitions/dhcpv6-server.xml b/interface-definitions/dhcpv6-server.xml.in
similarity index 98%
rename from interface-definitions/dhcpv6-server.xml
rename to interface-definitions/dhcpv6-server.xml.in
index 28b56a64d..7d4c0de23 100644
--- a/interface-definitions/dhcpv6-server.xml
+++ b/interface-definitions/dhcpv6-server.xml.in
@@ -1,328 +1,328 @@
<?xml version="1.0"?>
<!-- DHCPv6 server configuration -->
<interfaceDefinition>
<node name="service">
<children>
<node name="dhcpv6-server" owner="${vyos_conf_scripts_dir}/dhcpv6_server.py">
<properties>
<help>DHCP for IPv6 (DHCPv6) server</help>
<priority>900</priority>
</properties>
<children>
<leafNode name="disable">
<properties>
<help>Option to disable DHCPv6 server</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="preference">
<properties>
<help>Preference of this DHCPv6 server compared with others</help>
<valueHelp>
<format>0-255</format>
<description>DHCPv6 server preference (0-255)</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 0-255"/>
</constraint>
<constraintErrorMessage>Preference must be between 0 and 255</constraintErrorMessage>
</properties>
</leafNode>
<tagNode name="shared-network-name">
<properties>
<help>DHCPv6 shared network name [REQUIRED]</help>
<constraint>
<regex>[-_a-zA-Z0-9.]+</regex>
</constraint>
<constraintErrorMessage>Invalid DHCPv6 shared network name. May only contain letters, numbers and .-_</constraintErrorMessage>
</properties>
<children>
<leafNode name="disable">
<properties>
<help>Option to disable DHCPv6 configuration for shared-network</help>
<valueless/>
</properties>
</leafNode>
<tagNode name="subnet">
<properties>
<help>IPv6 DHCP subnet for this shared network [REQUIRED]</help>
<valueHelp>
<format>ipv6net</format>
<description>IPv6 address and prefix length</description>
</valueHelp>
<constraint>
<validator name="ipv6-prefix"/>
</constraint>
</properties>
<children>
<node name="address-range">
<properties>
<help>Parameters setting ranges for assigning IPv6 addresses</help>
</properties>
<children>
<tagNode name="prefix">
<properties>
<help>IPv6 prefix defining range of addresses to assign</help>
<valueHelp>
<format>ipv6net</format>
<description>IPv6 address and prefix length</description>
</valueHelp>
<constraint>
<validator name="ipv6-prefix"/>
</constraint>
</properties>
<children>
<leafNode name="temporary">
<properties>
<help>Address range will be used for temporary addresses</help>
<valueless/>
</properties>
</leafNode>
</children>
</tagNode>
<tagNode name="start">
<properties>
<help>First in range of consecutive IPv6 addresses to assign</help>
<valueHelp>
<format>ipv6</format>
<description>IPv6 address</description>
</valueHelp>
<constraint>
<validator name="ipv6-address"/>
</constraint>
</properties>
<children>
<leafNode name="stop">
<properties>
<help>Last in range of consecutive IPv6 addresses</help>
<valueHelp>
<format>ipv6</format>
<description>IPv6 address</description>
</valueHelp>
<constraint>
<validator name="ipv6-address"/>
</constraint>
</properties>
</leafNode>
</children>
</tagNode>
</children>
</node>
<leafNode name="domain-search">
<properties>
<help>Domain name for client to search</help>
<constraint>
<regex>[-_a-zA-Z0-9.]+</regex>
</constraint>
<constraintErrorMessage>Invalid domain name. May only contain letters, numbers and .-_</constraintErrorMessage>
<multi/>
</properties>
</leafNode>
<node name="lease-time">
<properties>
<help>Parameters relating to the lease time</help>
</properties>
<children>
<leafNode name="default">
<properties>
<help>Default time (in seconds) that will be assigned to a lease</help>
</properties>
</leafNode>
<leafNode name="maximum">
<properties>
<help>Maximum time (in seconds) that will be assigned to a lease</help>
</properties>
</leafNode>
<leafNode name="minimum">
<properties>
<help>Minimum time (in seconds) that will be assigned to a lease</help>
</properties>
</leafNode>
</children>
</node>
<leafNode name="name-server">
<properties>
<help>IPv6 address of a Recursive DNS Server</help>
<valueHelp>
<format>ipv6</format>
<description>IPv6 address of DNS name server</description>
</valueHelp>
<constraint>
<validator name="ipv6-address"/>
</constraint>
<multi/>
</properties>
</leafNode>
<leafNode name="nis-domain">
<properties>
<help>NIS domain name for client to use</help>
<constraint>
<regex>[-_a-zA-Z0-9.]+</regex>
</constraint>
<constraintErrorMessage>Invalid NIS domain name</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="nis-server">
<properties>
<help>IPv6 address of a NIS Server</help>
<valueHelp>
<format>ipv6</format>
<description>IPv6 address of NIS server</description>
</valueHelp>
<constraint>
<validator name="ipv6-address"/>
</constraint>
<multi/>
</properties>
</leafNode>
<leafNode name="nisplus-domain">
<properties>
<help>NIS+ domain name for client to use</help>
<constraint>
<regex>[-_a-zA-Z0-9.]+</regex>
</constraint>
<constraintErrorMessage>Invalid NIS+ domain name. May only contain letters, numbers and .-_</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="nisplus-server">
<properties>
<help>IPv6 address of a NIS+ Server</help>
<valueHelp>
<format>ipv6</format>
<description>IPv6 address of NIS+ server</description>
</valueHelp>
<constraint>
<validator name="ipv6-address"/>
</constraint>
<multi/>
</properties>
</leafNode>
<node name="prefix-delegation">
<properties>
<help>Parameters relating to IPv6 prefix delegation</help>
</properties>
<children>
<tagNode name="start">
<properties>
<help>First in range of IPv6 addresses to be used in prefix delegation</help>
<valueHelp>
<format>ipv6</format>
<description>IPv6 address used in prefix delegation</description>
</valueHelp>
<constraint>
<validator name="ipv6-address"/>
</constraint>
</properties>
<children>
<leafNode name="prefix-length">
<properties>
<help>Length in bits of prefixes to be delegated</help>
<valueHelp>
<format>0-255</format>
<description>DHCPv6 server preference (0-255)</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 0-255"/>
</constraint>
<constraintErrorMessage>Preference must be between 0 and 255</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="stop">
<properties>
<help>Last in range of IPv6 addresses to be used in prefix delegation</help>
<valueHelp>
<format>ipv6</format>
<description>IPv6 address used in prefix delegation</description>
</valueHelp>
<constraint>
<validator name="ipv6-address"/>
</constraint>
</properties>
</leafNode>
</children>
</tagNode>
</children>
</node>
<leafNode name="sip-server-address">
<properties>
<help>IPv6 address of SIP server</help>
<valueHelp>
<format>ipv6</format>
<description>IPv6 address of SIP server</description>
</valueHelp>
<constraint>
<validator name="ipv6-address"/>
</constraint>
<multi/>
</properties>
</leafNode>
<leafNode name="sip-server-name">
<properties>
<help>SIP server name</help>
<constraint>
<regex>[-_a-zA-Z0-9.]+</regex>
</constraint>
<constraintErrorMessage>Invalid SIP server name. May only contain letters, numbers and .-_</constraintErrorMessage>
<multi/>
</properties>
</leafNode>
<leafNode name="sntp-server">
<properties>
<help>IPv6 address of an SNTP server for client to use</help>
<constraint>
<validator name="ipv6-address"/>
</constraint>
<multi/>
</properties>
</leafNode>
<tagNode name="static-mapping">
<properties>
<help>Name of static mapping</help>
<constraint>
<regex>[-_a-zA-Z0-9.]+</regex>
</constraint>
<constraintErrorMessage>Invalid static mapping name. May only contain letters, numbers and .-_</constraintErrorMessage>
</properties>
<children>
<leafNode name="disable">
<properties>
<help>Option to disable static mapping</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="identifier">
<properties>
<help>Client identifier (DUID) for this static mapping</help>
<valueHelp>
<format>h[[:h]...]</format>
<description>DUID: colon-separated hex list (as used by isc-dhcp option dhcpv6.client-id)</description>
</valueHelp>
<constraint>
<regex>([0-9A-Fa-f]{1,2}[:])*([0-9A-Fa-f]{1,2})</regex>
</constraint>
- <constraintErrorMessage>Invalid DUID. Must be in the format h[[:h]...] where each \"h\" is 1 to 2 hex characters.</constraintErrorMessage>
+ <constraintErrorMessage>Invalid DUID, must be in the format h[[:h]...]</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="ipv6-address">
<properties>
<help>Client IPv6 address for this static mapping</help>
<valueHelp>
<format>ipv6</format>
<description>IPv6 address for this static mapping</description>
</valueHelp>
<constraint>
<validator name="ipv6-address"/>
</constraint>
</properties>
</leafNode>
</children>
</tagNode>
</children>
</tagNode>
</children>
</tagNode>
</children>
</node>
</children>
</node>
</interfaceDefinition>
diff --git a/interface-definitions/dns-domain-name.xml b/interface-definitions/dns-domain-name.xml.in
similarity index 100%
rename from interface-definitions/dns-domain-name.xml
rename to interface-definitions/dns-domain-name.xml.in
diff --git a/interface-definitions/dns-dynamic.xml b/interface-definitions/dns-dynamic.xml.in
similarity index 100%
rename from interface-definitions/dns-dynamic.xml
rename to interface-definitions/dns-dynamic.xml.in
diff --git a/interface-definitions/dns-forwarding.xml b/interface-definitions/dns-forwarding.xml.in
similarity index 99%
rename from interface-definitions/dns-forwarding.xml
rename to interface-definitions/dns-forwarding.xml.in
index a88c174e3..8b89bf758 100644
--- a/interface-definitions/dns-forwarding.xml
+++ b/interface-definitions/dns-forwarding.xml.in
@@ -1,177 +1,177 @@
<?xml version="1.0"?>
<!-- DNS forwarder configuration -->
<interfaceDefinition>
<node name="service">
<children>
<node name="dns">
<properties>
<help>Domain Name System related services</help>
</properties>
<children>
<node name="forwarding" owner="${vyos_conf_scripts_dir}/dns_forwarding.py">
<properties>
<help>DNS forwarding</help>
<priority>918</priority>
</properties>
<children>
<leafNode name="cache-size">
<properties>
<help>DNS forwarding cache size</help>
<valueHelp>
<format>0-10000</format>
<description>DNS forwarding cache size</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 0-10000"/>
</constraint>
</properties>
</leafNode>
<leafNode name="dhcp">
<properties>
<help>Use DNS servers received from DHCP server for specified interface</help>
<completionHelp>
<script>${vyos_completion_dir}/list_interfaces.py</script>
</completionHelp>
<multi/>
</properties>
</leafNode>
<leafNode name="dnssec">
<properties>
<help>DNSSEC mode</help>
<completionHelp>
<list>off process-no-validate process log-fail validate</list>
</completionHelp>
<valueHelp>
<format>off</format>
<description>No DNSSEC processing whatsoever!</description>
</valueHelp>
<valueHelp>
<format>process-no-validate</format>
- <description>Respond with DNSSEC records to clients that ask for it. Don't do any validation.</description>
+ <description>Respond with DNSSEC records to clients that ask for it. No validation done at all!</description>
</valueHelp>
<valueHelp>
<format>process</format>
<description>Respond with DNSSEC records to clients that ask for it. Validation for clients that request it.</description>
</valueHelp>
<valueHelp>
<format>log-fail</format>
<description>Similar behaviour to process, but validate RRSIGs on responses and log bogus responses.</description>
</valueHelp>
<valueHelp>
<format>validate</format>
<description>Full blown DNSSEC validation. Send SERVFAIL to clients on bogus responses.</description>
</valueHelp>
<constraint>
<regex>(off|process-no-validate|process|log-fail|validate)</regex>
</constraint>
</properties>
</leafNode>
<tagNode name="domain">
<properties>
<help>Domain to forward to a custom DNS server</help>
</properties>
<children>
<leafNode name="server">
<properties>
<help>Domain Name Server (DNS) to forward queries to</help>
<valueHelp>
<format>ipv4</format>
<description>Domain Name Server (DNS) IPv4 address</description>
</valueHelp>
<valueHelp>
<format>ipv6</format>
<description>Domain Name Server (DNS) IPv6 address</description>
</valueHelp>
<multi/>
<constraint>
<validator name="ipv4-address"/>
<validator name="ipv6-address"/>
</constraint>
</properties>
</leafNode>
</children>
</tagNode>
<leafNode name="ignore-hosts-file">
<properties>
<help>Do not use local /etc/hosts file in name resolution</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="allow-from">
<properties>
<help>Networks allowed to query this server</help>
<valueHelp>
<format>ipv4net</format>
<description>IP address and prefix length</description>
</valueHelp>
<valueHelp>
<format>ipv6net</format>
<description>IPv6 address and prefix length</description>
</valueHelp>
<multi/>
<constraint>
<validator name="ip-prefix"/>
</constraint>
</properties>
</leafNode>
<leafNode name="listen-address">
<properties>
<help>Addresses to listen for DNS queries [REQUIRED]</help>
<valueHelp>
<format>ipv4</format>
<description>Domain Name Server (DNS) IPv4 address</description>
</valueHelp>
<valueHelp>
<format>ipv6</format>
<description>Domain Name Server (DNS) IPv6 address</description>
</valueHelp>
<multi/>
<constraint>
<validator name="ipv4-address"/>
<validator name="ipv6-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="negative-ttl">
<properties>
<help>Maximum amount of time negative entries are cached</help>
<valueHelp>
<format>0-7200</format>
<description>Seconds to cache NXDOMAIN entries</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 0-7200"/>
</constraint>
</properties>
</leafNode>
<leafNode name="name-server">
<properties>
<help>Domain Name Servers (DNS) addresses [OPTIONAL]</help>
<valueHelp>
<format>ipv4</format>
<description>Domain Name Server (DNS) IPv4 address</description>
</valueHelp>
<valueHelp>
<format>ipv6</format>
<description>Domain Name Server (DNS) IPv6 address</description>
</valueHelp>
<multi/>
<constraint>
<validator name="ipv4-address"/>
<validator name="ipv6-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="system">
<properties>
<help>Use system name servers</help>
<valueless/>
</properties>
</leafNode>
</children>
</node>
</children>
</node>
</children>
</node>
</interfaceDefinition>
diff --git a/interface-definitions/firewall-options.xml b/interface-definitions/firewall-options.xml.in
similarity index 100%
rename from interface-definitions/firewall-options.xml
rename to interface-definitions/firewall-options.xml.in
diff --git a/interface-definitions/https.xml b/interface-definitions/https.xml.in
similarity index 99%
rename from interface-definitions/https.xml
rename to interface-definitions/https.xml.in
index d9874a1f9..923aac811 100644
--- a/interface-definitions/https.xml
+++ b/interface-definitions/https.xml.in
@@ -1,135 +1,134 @@
<?xml version="1.0"?>
<!-- HTTPS configuration -->
<interfaceDefinition>
<node name="service">
<children>
<node name="https" owner="${vyos_conf_scripts_dir}/https.py">
<properties>
<help>HTTPS configuration</help>
<priority>1001</priority>
</properties>
<children>
<tagNode name="listen-address">
<properties>
<help>Addresses to listen for HTTPS requests</help>
<valueHelp>
<format>ipv4</format>
<description>HTTPS IPv4 address</description>
</valueHelp>
<valueHelp>
<format>ipv6</format>
<description>HTTPS IPv6 address</description>
</valueHelp>
<valueHelp>
<format>'*'</format>
<description>any</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
<validator name="ipv6-address"/>
<regex>^\*$</regex>
</constraint>
</properties>
<children>
<leafNode name='listen-port'>
<properties>
<help>Port to listen for HTTPS requests; default 443</help>
<valueHelp>
<format>1-65535</format>
<description>Numeric IP port</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 1-65535"/>
</constraint>
</properties>
</leafNode>
<leafNode name="server-name">
<properties>
<help>Server names: exact, wildcard, regex, or '_' (any)</help>
<multi/>
</properties>
</leafNode>
</children>
</tagNode>
<node name="certificates">
<properties>
<help>TLS certificates</help>
</properties>
<children>
<node name="system-generated-certificate" owner="${vyos_conf_scripts_dir}/vyos_cert.py">
<properties>
<help>Use an automatically generated self-signed certificate</help>
<valueless/>
</properties>
<children>
<leafNode name="lifetime">
<properties>
<help>Lifetime in days; default is 365</help>
<valueHelp>
<format>1-65535</format>
<description>Number of days</description>
</valueHelp>
</properties>
</leafNode>
</children>
</node>
</children>
</node>
<node name="api" owner="${vyos_conf_scripts_dir}/http-api.py">
<properties>
<help>VyOS HTTP API configuration</help>
<priority>1002</priority>
</properties>
<children>
<leafNode name="port">
<properties>
<help>Port for HTTP API service</help>
<valueHelp>
<format>1-65535</format>
<description>Numeric IP port</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 1-65535"/>
</constraint>
</properties>
</leafNode>
<node name="keys">
<properties>
<help>HTTP API keys</help>
</properties>
<children>
<tagNode name="id">
<properties>
<help>HTTP API id</help>
</properties>
<children>
<leafNode name="key">
<properties>
<help>HTTP API plaintext key</help>
</properties>
</leafNode>
</children>
</tagNode>
</children>
</node>
<leafNode name="strict">
<properties>
<help>Enforce strict path checking</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="debug">
<properties>
<help>Debug</help>
<valueless/>
<hidden/>
</properties>
</leafNode>
</children>
</node>
</children>
</node>
</children>
</node>
</interfaceDefinition>
-
diff --git a/interface-definitions/igmp-proxy.xml b/interface-definitions/igmp-proxy.xml.in
similarity index 97%
rename from interface-definitions/igmp-proxy.xml
rename to interface-definitions/igmp-proxy.xml.in
index ab56019b4..74fec6b48 100644
--- a/interface-definitions/igmp-proxy.xml
+++ b/interface-definitions/igmp-proxy.xml.in
@@ -1,100 +1,100 @@
<?xml version="1.0"?>
<!-- IGMP Proxy configuration -->
<interfaceDefinition>
<node name="protocols">
<children>
<node name="igmp-proxy" owner="${vyos_conf_scripts_dir}/igmp_proxy.py">
<properties>
<help>Internet Group Management Protocol (IGMP) proxy parameters</help>
<priority>740</priority>
</properties>
<children>
<leafNode name="disable">
<properties>
<help>Option to disable IGMP proxy</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="disable-quickleave">
<properties>
<help>Option to disable "quickleave"</help>
<valueless/>
</properties>
</leafNode>
<tagNode name="interface">
<properties>
<help>Interface for IGMP proxy [REQUIRED]</help>
<completionHelp>
<script>${vyos_completion_dir}/list_interfaces.py</script>
</completionHelp>
</properties>
<children>
<leafNode name="alt-subnet">
<properties>
- <help>Allowed unicast sources for multicast traffic to be proxy'ed</help>
+ <help>Unicast source networks allowed for multicast traffic to be proxyed</help>
<valueHelp>
<format>ipv4net</format>
<description>IPv4 network</description>
</valueHelp>
<constraint>
<validator name="ipv4-prefix"/>
</constraint>
<multi/>
</properties>
</leafNode>
<leafNode name="role">
<properties>
<help>Role of this IGMP interface</help>
<completionHelp>
<list>upstream downstream disabled</list>
</completionHelp>
<valueHelp>
<format>upstream</format>
<description>Upstream interface (only 1 allowed)</description>
</valueHelp>
<valueHelp>
<format>downstream</format>
<description>Downstream interface(s) (default)</description>
</valueHelp>
<valueHelp>
<format>disabled</format>
<description>Disabled interface</description>
</valueHelp>
<constraint>
<regex>(upstream|downstream|disabled)</regex>
</constraint>
</properties>
</leafNode>
<leafNode name="threshold">
<properties>
<help>TTL threshold</help>
<valueHelp>
<format>1-255</format>
<description>TTL threshold for the interfaces (default: 1)</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 1-255"/>
</constraint>
<constraintErrorMessage>threshold must be between 1 and 255</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="whitelist">
<properties>
<help>Group to whitelist</help>
<valueHelp>
<format>ipv4net</format>
<description>IPv4 network</description>
</valueHelp>
<constraint>
<validator name="ipv4-prefix"/>
</constraint>
<multi/>
</properties>
</leafNode>
</children>
</tagNode>
</children>
</node>
</children>
</node>
</interfaceDefinition>
diff --git a/interface-definitions/include/address-ipv4-ipv6-dhcp.xml.i b/interface-definitions/include/address-ipv4-ipv6-dhcp.xml.i
new file mode 100644
index 000000000..fb46f2c09
--- /dev/null
+++ b/interface-definitions/include/address-ipv4-ipv6-dhcp.xml.i
@@ -0,0 +1,29 @@
+<leafNode name="address">
+ <properties>
+ <help>IP address</help>
+ <completionHelp>
+ <list>dhcp dhcpv6</list>
+ </completionHelp>
+ <valueHelp>
+ <format>ipv4net</format>
+ <description>IPv4 address and prefix length</description>
+ </valueHelp>
+ <valueHelp>
+ <format>ipv6net</format>
+ <description>IPv6 address and prefix length</description>
+ </valueHelp>
+ <valueHelp>
+ <format>dhcp</format>
+ <description>Dynamic Host Configuration Protocol</description>
+ </valueHelp>
+ <valueHelp>
+ <format>dhcpv6</format>
+ <description>Dynamic Host Configuration Protocol for IPv6</description>
+ </valueHelp>
+ <constraint>
+ <validator name="ip-cidr"/>
+ <regex>(dhcp|dhcpv6)</regex>
+ </constraint>
+ <multi/>
+ </properties>
+</leafNode>
diff --git a/interface-definitions/include/address-ipv4-ipv6.xml.i b/interface-definitions/include/address-ipv4-ipv6.xml.i
new file mode 100644
index 000000000..aa84a5640
--- /dev/null
+++ b/interface-definitions/include/address-ipv4-ipv6.xml.i
@@ -0,0 +1,17 @@
+<leafNode name="address">
+ <properties>
+ <help>IP address</help>
+ <valueHelp>
+ <format>ipv4net</format>
+ <description>IPv4 address and prefix length</description>
+ </valueHelp>
+ <valueHelp>
+ <format>ipv6net</format>
+ <description>IPv6 address and prefix length</description>
+ </valueHelp>
+ <constraint>
+ <validator name="ip-cidr"/>
+ </constraint>
+ <multi/>
+ </properties>
+</leafNode>
diff --git a/interface-definitions/include/dhcp-dhcpv6-options.xml.i b/interface-definitions/include/dhcp-dhcpv6-options.xml.i
new file mode 100644
index 000000000..104b1fbe0
--- /dev/null
+++ b/interface-definitions/include/dhcp-dhcpv6-options.xml.i
@@ -0,0 +1,42 @@
+<node name="dhcp-options">
+ <properties>
+ <help>DHCP options</help>
+ </properties>
+ <children>
+ <leafNode name="client-id">
+ <properties>
+ <help>DHCP client identifier</help>
+ </properties>
+ </leafNode>
+ <leafNode name="host-name">
+ <properties>
+ <help>DHCP client host name (overrides system host name)</help>
+ </properties>
+ </leafNode>
+ <leafNode name="vendor-class-id">
+ <properties>
+ <help>DHCP client vendor type</help>
+ </properties>
+ </leafNode>
+ </children>
+</node>
+<node name="dhcpv6-options">
+ <properties>
+ <help>DHCPv6 options</help>
+ <priority>319</priority>
+ </properties>
+ <children>
+ <leafNode name="parameters-only">
+ <properties>
+ <help>Acquire only config parameters, no address</help>
+ <valueless/>
+ </properties>
+ </leafNode>
+ <leafNode name="temporary">
+ <properties>
+ <help>IPv6 "temporary" address</help>
+ <valueless/>
+ </properties>
+ </leafNode>
+ </children>
+</node>
diff --git a/interface-definitions/include/interface-arp-cache-timeout.xml.i b/interface-definitions/include/interface-arp-cache-timeout.xml.i
new file mode 100644
index 000000000..81d35f593
--- /dev/null
+++ b/interface-definitions/include/interface-arp-cache-timeout.xml.i
@@ -0,0 +1,13 @@
+<leafNode name="arp-cache-timeout">
+ <properties>
+ <help>ARP cache entry timeout in seconds</help>
+ <valueHelp>
+ <format>1-86400</format>
+ <description>ARP cache entry timout in seconds (default 30)</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1-86400"/>
+ </constraint>
+ <constraintErrorMessage>ARP cache entry timeout must be between 1 and 86400 seconds</constraintErrorMessage>
+ </properties>
+</leafNode>
diff --git a/interface-definitions/include/interface-description.xml.i b/interface-definitions/include/interface-description.xml.i
new file mode 100644
index 000000000..6356888da
--- /dev/null
+++ b/interface-definitions/include/interface-description.xml.i
@@ -0,0 +1,9 @@
+<leafNode name="description">
+ <properties>
+ <help>Interface description</help>
+ <constraint>
+ <regex>^.{1,256}$</regex>
+ </constraint>
+ <constraintErrorMessage>Interface description too long (limit 256 characters)</constraintErrorMessage>
+ </properties>
+</leafNode>
diff --git a/interface-definitions/include/interface-disable-link-detect.xml.i b/interface-definitions/include/interface-disable-link-detect.xml.i
new file mode 100644
index 000000000..619cd03b0
--- /dev/null
+++ b/interface-definitions/include/interface-disable-link-detect.xml.i
@@ -0,0 +1,6 @@
+<leafNode name="disable-link-detect">
+ <properties>
+ <help>Ignore link state changes</help>
+ <valueless/>
+ </properties>
+</leafNode>
diff --git a/interface-definitions/include/interface-disable.xml.i b/interface-definitions/include/interface-disable.xml.i
new file mode 100644
index 000000000..c6c24f867
--- /dev/null
+++ b/interface-definitions/include/interface-disable.xml.i
@@ -0,0 +1,6 @@
+<leafNode name="disable">
+ <properties>
+ <help>Set interface to Administratively down</help>
+ <valueless/>
+ </properties>
+</leafNode>
diff --git a/interface-definitions/include/interface-enable-proxy-arp.xml.i b/interface-definitions/include/interface-enable-proxy-arp.xml.i
new file mode 100644
index 000000000..14ab08875
--- /dev/null
+++ b/interface-definitions/include/interface-enable-proxy-arp.xml.i
@@ -0,0 +1,6 @@
+<leafNode name="enable-proxy-arp">
+ <properties>
+ <help>Enable proxy-arp on this interface</help>
+ <valueless/>
+ </properties>
+</leafNode>
diff --git a/interface-definitions/include/interface-mac.xml.i b/interface-definitions/include/interface-mac.xml.i
new file mode 100644
index 000000000..7b2456236
--- /dev/null
+++ b/interface-definitions/include/interface-mac.xml.i
@@ -0,0 +1,12 @@
+<leafNode name="mac">
+ <properties>
+ <help>Media Access Control (MAC) address</help>
+ <valueHelp>
+ <format>h:h:h:h:h:h</format>
+ <description>Hardware (MAC) address</description>
+ </valueHelp>
+ <constraint>
+ <validator name="mac-address"/>
+ </constraint>
+ </properties>
+</leafNode>
diff --git a/interface-definitions/include/interface-mtu-1450-9000.xml.i b/interface-definitions/include/interface-mtu-1450-9000.xml.i
new file mode 100644
index 000000000..87296a050
--- /dev/null
+++ b/interface-definitions/include/interface-mtu-1450-9000.xml.i
@@ -0,0 +1,13 @@
+<leafNode name="mtu">
+ <properties>
+ <help>Maximum Transmission Unit (MTU)</help>
+ <valueHelp>
+ <format>1450-9000</format>
+ <description>Maximum Transmission Unit</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1450-9000"/>
+ </constraint>
+ <constraintErrorMessage>MTU must be between 1450 and 9000</constraintErrorMessage>
+ </properties>
+</leafNode>
diff --git a/interface-definitions/include/interface-mtu-68-9000.xml.i b/interface-definitions/include/interface-mtu-68-9000.xml.i
new file mode 100644
index 000000000..ad11afa80
--- /dev/null
+++ b/interface-definitions/include/interface-mtu-68-9000.xml.i
@@ -0,0 +1,13 @@
+<leafNode name="mtu">
+ <properties>
+ <help>Maximum Transmission Unit (MTU)</help>
+ <valueHelp>
+ <format>68-9000</format>
+ <description>Maximum Transmission Unit</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 68-9000"/>
+ </constraint>
+ <constraintErrorMessage>MTU must be between 68 and 9000</constraintErrorMessage>
+ </properties>
+</leafNode>
diff --git a/interface-definitions/include/interface-proxy-arp-pvlan.xml.i b/interface-definitions/include/interface-proxy-arp-pvlan.xml.i
new file mode 100644
index 000000000..7e72b3800
--- /dev/null
+++ b/interface-definitions/include/interface-proxy-arp-pvlan.xml.i
@@ -0,0 +1,6 @@
+<leafNode name="proxy-arp-pvlan">
+ <properties>
+ <help>Enable private VLAN proxy ARP on this interface</help>
+ <valueless/>
+ </properties>
+</leafNode>
diff --git a/interface-definitions/include/vif-s.xml.i b/interface-definitions/include/vif-s.xml.i
new file mode 100644
index 000000000..772804f53
--- /dev/null
+++ b/interface-definitions/include/vif-s.xml.i
@@ -0,0 +1,56 @@
+<tagNode name="vif-s">
+ <properties>
+ <help>QinQ TAG-S Virtual Local Area Network (VLAN) ID</help>
+ <constraint>
+ <validator name="numeric" argument="--range 0-4094"/>
+ </constraint>
+ <constraintErrorMessage>VLAN ID must be between 0 and 4094</constraintErrorMessage>
+ </properties>
+ <children>
+ #include <include/address-ipv4-ipv6-dhcp.xml.i>
+ #include <include/interface-description.xml.i>
+ #include <include/dhcp-dhcpv6-options.xml.i>
+ #include <include/interface-disable-link-detect.xml.i>
+ #include <include/interface-disable.xml.i>
+ <leafNode name="ethertype">
+ <properties>
+ <help>Set Ethertype</help>
+ <completionHelp>
+ <list>0x88A8 0x8100</list>
+ </completionHelp>
+ <valueHelp>
+ <format>0x88A8</format>
+ <description>802.1ad</description>
+ </valueHelp>
+ <valueHelp>
+ <format>0x8100</format>
+ <description>802.1q</description>
+ </valueHelp>
+ <constraint>
+ <regex>(0x88A8|0x8100)</regex>
+ </constraint>
+ <constraintErrorMessage>Ethertype must be 0x88A8 or 0x8100</constraintErrorMessage>
+ </properties>
+ </leafNode>
+ #include <include/interface-mac.xml.i>
+ #include <include/interface-mtu-68-9000.xml.i>
+ <tagNode name="vif-c">
+ <properties>
+ <help>QinQ TAG-C Virtual Local Area Network (VLAN) ID</help>
+ <constraint>
+ <validator name="numeric" argument="--range 0-4094"/>
+ </constraint>
+ <constraintErrorMessage>VLAN ID must be between 0 and 4094</constraintErrorMessage>
+ </properties>
+ <children>
+ #include <include/address-ipv4-ipv6-dhcp.xml.i>
+ #include <include/interface-description.xml.i>
+ #include <include/dhcp-dhcpv6-options.xml.i>
+ #include <include/interface-disable-link-detect.xml.i>
+ #include <include/interface-disable.xml.i>
+ #include <include/interface-mac.xml.i>
+ #include <include/interface-mtu-68-9000.xml.i>
+ </children>
+ </tagNode>
+ </children>
+</tagNode>
diff --git a/interface-definitions/include/vif.xml.i b/interface-definitions/include/vif.xml.i
new file mode 100644
index 000000000..7c8a29a93
--- /dev/null
+++ b/interface-definitions/include/vif.xml.i
@@ -0,0 +1,52 @@
+<tagNode name="vif">
+ <properties>
+ <help>Virtual Local Area Network (VLAN) ID</help>
+ <valueHelp>
+ <format>0-4094</format>
+ <description>Virtual Local Area Network (VLAN) ID</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 0-4094"/>
+ </constraint>
+ <constraintErrorMessage>VLAN ID must be between 0 and 4094</constraintErrorMessage>
+ </properties>
+ <children>
+ #include <include/address-ipv4-ipv6-dhcp.xml.i>
+ #include <include/interface-description.xml.i>
+ #include <include/dhcp-dhcpv6-options.xml.i>
+ #include <include/interface-disable-link-detect.xml.i>
+ #include <include/interface-disable.xml.i>
+ <leafNode name="egress-qos">
+ <properties>
+ <help>VLAN egress QoS</help>
+ <completionHelp>
+ <script>echo Format for qos mapping, e.g.: '0:1 1:6 7:6'</script>
+ </completionHelp>
+ <constraint>
+ <regex>[:0-7 ]+$</regex>
+ </constraint>
+ <constraintErrorMessage>QoS mapping should be in the format of '0:7 2:3' with numbers 0-9</constraintErrorMessage>
+ </properties>
+ </leafNode>
+ <leafNode name="ingress-qos">
+ <properties>
+ <help>VLAN ingress QoS</help>
+ <completionHelp>
+ <script>echo Format for qos mapping '0:1 1:6 7:6'</script>
+ </completionHelp>
+ <constraint>
+ <regex>[:0-7 ]+$</regex>
+ </constraint>
+ <constraintErrorMessage>QoS mapping should be in the format of '0:7 2:3' with numbers 0-9</constraintErrorMessage>
+ </properties>
+ </leafNode>
+ <node name="ip">
+ <children>
+ #include <include/interface-arp-cache-timeout.xml.i>
+ #include <include/interface-enable-proxy-arp.xml.i>
+ </children>
+ </node>
+ #include <include/interface-mac.xml.i>
+ #include <include/interface-mtu-68-9000.xml.i>
+ </children>
+</tagNode>
diff --git a/interface-definitions/intel_qat.xml b/interface-definitions/intel_qat.xml.in
similarity index 99%
rename from interface-definitions/intel_qat.xml
rename to interface-definitions/intel_qat.xml.in
index 5e4d5b190..812484184 100644
--- a/interface-definitions/intel_qat.xml
+++ b/interface-definitions/intel_qat.xml.in
@@ -1,22 +1,21 @@
<?xml version="1.0"?>
<interfaceDefinition>
<node name="system">
<children>
<node name="acceleration" owner="${vyos_conf_scripts_dir}/intel_qat.py">
<properties>
<help>Acceleration components</help>
<priority>50</priority>
</properties>
<children>
<leafNode name="qat">
<properties>
<help>Enable Intel QAT (Quick Assist Technology) for cryptographic acceleration</help>
<valueless/>
</properties>
</leafNode>
</children>
</node>
</children>
</node>
</interfaceDefinition>
-
diff --git a/interface-definitions/interfaces-bonding.xml b/interface-definitions/interfaces-bonding.xml
deleted file mode 100644
index 821dd15fa..000000000
--- a/interface-definitions/interfaces-bonding.xml
+++ /dev/null
@@ -1,693 +0,0 @@
-<?xml version="1.0"?>
-<interfaceDefinition>
- <node name="interfaces">
- <children>
- <tagNode name="bonding" owner="${vyos_conf_scripts_dir}/interfaces-bonding.py">
- <properties>
- <help>Bonding interface name</help>
- <priority>320</priority>
- <constraint>
- <regex>bond[0-9]+$</regex>
- </constraint>
- <constraintErrorMessage>Bonding interface must be named bondN</constraintErrorMessage>
- <valueHelp>
- <format>bondN</format>
- <description>Bonding interface name</description>
- </valueHelp>
- </properties>
- <children>
- <leafNode name="address">
- <properties>
- <help>IP address</help>
- <completionHelp>
- <list>dhcp dhcpv6</list>
- </completionHelp>
- <valueHelp>
- <format>ipv4net</format>
- <description>IPv4 address and prefix length</description>
- </valueHelp>
- <valueHelp>
- <format>ipv6net</format>
- <description>IPv6 address and prefix length</description>
- </valueHelp>
- <valueHelp>
- <format>dhcp</format>
- <description>Dynamic Host Configuration Protocol</description>
- </valueHelp>
- <valueHelp>
- <format>dhcpv6</format>
- <description>Dynamic Host Configuration Protocol for IPv6</description>
- </valueHelp>
- <constraint>
- <validator name="ip-cidr"/>
- <regex>(dhcp|dhcpv6)</regex>
- </constraint>
- <multi/>
- </properties>
- </leafNode>
- <node name="arp-monitor">
- <properties>
- <help>ARP link monitoring parameters</help>
- </properties>
- <children>
- <leafNode name="interval">
- <properties>
- <help>ARP link monitoring interval</help>
- <valueHelp>
- <format>0-4294967295</format>
- <description>Specifies the ARP link monitoring frequency in milliseconds</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--range 0-4294967295"/>
- </constraint>
- </properties>
- </leafNode>
- <leafNode name="target">
- <properties>
- <help>IP address used for ARP monitoring</help>
- <valueHelp>
- <format>ipv4</format>
- <description>Network Time Protocol (NTP) IPv4 address</description>
- </valueHelp>
- <constraint>
- <validator name="ipv4-address"/>
- </constraint>
- <multi/>
- </properties>
- </leafNode>
- </children>
- </node>
- <leafNode name="description">
- <properties>
- <help>Interface description</help>
- <constraint>
- <regex>^.{1,256}$</regex>
- </constraint>
- <constraintErrorMessage>Interface description too long (limit 256 characters)</constraintErrorMessage>
- </properties>
- </leafNode>
- <node name="dhcp-options">
- <properties>
- <help>DHCP options</help>
- </properties>
- <children>
- <leafNode name="client-id">
- <properties>
- <help>DHCP client identifier</help>
- </properties>
- </leafNode>
- <leafNode name="host-name">
- <properties>
- <help>DHCP client host name (overrides the system host name)</help>
- </properties>
- </leafNode>
- <leafNode name="vendor-class-id">
- <properties>
- <help>DHCP client vendor type</help>
- </properties>
- </leafNode>
- </children>
- </node>
- <node name="dhcpv6-options">
- <properties>
- <help>DHCPv6 options</help>
- <priority>319</priority>
- </properties>
- <children>
- <leafNode name="parameters-only">
- <properties>
- <help>Acquire only config parameters, no address</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="temporary">
- <properties>
- <help>IPv6 "temporary" address</help>
- <valueless/>
- </properties>
- </leafNode>
- </children>
- </node>
- <leafNode name="disable-link-detect">
- <properties>
- <help>Ignore link state changes</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="disable">
- <properties>
- <help>Disable this bridge interface</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="hash-policy">
- <properties>
- <help>Bonding transmit hash policy</help>
- <completionHelp>
- <list>layer2 layer2+3 layer3+4</list>
- </completionHelp>
- <valueHelp>
- <format>layer2</format>
- <description>use MAC addresses to generate the hash (802.3ad, default)</description>
- </valueHelp>
- <valueHelp>
- <format>layer2+3</format>
- <description>combine MAC address and IP address to make hash</description>
- </valueHelp>
- <valueHelp>
- <format>layer3+4</format>
- <description>combine IP address and port to make hash</description>
- </valueHelp>
- <constraint>
- <regex>(layer2\+3|layer3\+4|layer2)</regex>
- </constraint>
- <constraintErrorMessage>hash-policy must be layer2 layer2+3 or layer3+4</constraintErrorMessage>
- </properties>
- </leafNode>
- <node name="ip">
- <children>
- <leafNode name="arp-cache-timeout">
- <properties>
- <help>ARP cache entry timeout in seconds</help>
- <valueHelp>
- <format>1-86400</format>
- <description>ARP cache entry timout in seconds (default 30)</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--range 1-86400"/>
- </constraint>
- <constraintErrorMessage>ARP cache entry timeout must be between 1 and 86400 seconds</constraintErrorMessage>
- </properties>
- </leafNode>
- <leafNode name="enable-proxy-arp">
- <properties>
- <help>Enable proxy-arp on this interface</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="proxy-arp-pvlan">
- <properties>
- <help>Enable private VLAN proxy ARP on this interface</help>
- <valueless/>
- </properties>
- </leafNode>
- </children>
- </node>
- <leafNode name="mac">
- <properties>
- <help>Media Access Control (MAC) address</help>
- <valueHelp>
- <format>h:h:h:h:h:h</format>
- <description>Hardware (MAC) address</description>
- </valueHelp>
- <constraint>
- <validator name="mac-address"/>
- </constraint>
- </properties>
- </leafNode>
- <leafNode name="mode">
- <properties>
- <help>Bonding mode</help>
- <completionHelp>
- <list>802.3ad active-backup broadcast round-robin transmit-load-balance adaptive-load-balance xor-hash</list>
- </completionHelp>
- <valueHelp>
- <format>802.3ad</format>
- <description>IEEE 802.3ad Dynamic link aggregation (Default)</description>
- </valueHelp>
- <valueHelp>
- <format>active-backup</format>
- <description>Fault tolerant: only one slave in the bond is active</description>
- </valueHelp>
- <valueHelp>
- <format>broadcast</format>
- <description>Fault tolerant: transmits everything on all slave interfaces</description>
- </valueHelp>
- <valueHelp>
- <format>round-robin</format>
- <description>Load balance: transmit packets in sequential order</description>
- </valueHelp>
- <valueHelp>
- <format>transmit-load-balance</format>
- <description>Load balance: adapts based on transmit load and speed</description>
- </valueHelp>
- <valueHelp>
- <format>adaptive-load-balance</format>
- <description>Load balance: adapts based on transmit and receive plus ARP</description>
- </valueHelp>
- <valueHelp>
- <format>xor-hash</format>
- <description>Distribute based on MAC address</description>
- </valueHelp>
- <constraint>
- <regex>(802.3ad|active-backup|broadcast|round-robin|transmit-load-balance|adaptive-load-balance|xor-hash)</regex>
- </constraint>
- <constraintErrorMessage>mode must be 802.3ad, active-backup, broadcast, round-robin, transmit-load-balance, adaptive-load-balance, or xor</constraintErrorMessage>
- </properties>
- </leafNode>
- <node name="member">
- <properties>
- <help>Bridge member interfaces</help>
- </properties>
- <children>
- <leafNode name="interface">
- <properties>
- <help>Member interface name</help>
- <completionHelp>
- <script>${vyos_completion_dir}/list_interfaces.py --bondable</script>
- </completionHelp>
- <multi/>
- </properties>
- </leafNode>
- </children>
- </node>
- <leafNode name="mtu">
- <properties>
- <help>Maximum Transmission Unit (MTU)</help>
- <valueHelp>
- <format>68-9000</format>
- <description>Maximum Transmission Unit</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--range 68-9000"/>
- </constraint>
- <constraintErrorMessage>MTU must be between 68 and 9000</constraintErrorMessage>
- </properties>
- </leafNode>
- <leafNode name="primary">
- <properties>
- <help>Primary device interface</help>
- <completionHelp>
- <script>${vyos_completion_dir}/list_interfaces.py --bondable</script>
- </completionHelp>
- </properties>
- </leafNode>
- <tagNode name="vif-s">
- <properties>
- <help>QinQ TAG-S Virtual Local Area Network (VLAN) ID</help>
- <constraint>
- <validator name="numeric" argument="--range 0-4094"/>
- </constraint>
- <constraintErrorMessage>VLAN ID must be between 0 and 4094</constraintErrorMessage>
- </properties>
- <children>
- <leafNode name="address">
- <properties>
- <help>IP address</help>
- <completionHelp>
- <list>dhcp dhcpv6</list>
- </completionHelp>
- <valueHelp>
- <format>ipv4net</format>
- <description>IPv4 address and prefix length</description>
- </valueHelp>
- <valueHelp>
- <format>ipv6net</format>
- <description>IPv6 address and prefix length</description>
- </valueHelp>
- <valueHelp>
- <format>dhcp</format>
- <description>Dynamic Host Configuration Protocol</description>
- </valueHelp>
- <valueHelp>
- <format>dhcpv6</format>
- <description>Dynamic Host Configuration Protocol for IPv6</description>
- </valueHelp>
- <constraint>
- <validator name="ip-cidr"/>
- <regex>(dhcp|dhcpv6)</regex>
- </constraint>
- <multi/>
- </properties>
- </leafNode>
- <leafNode name="description">
- <properties>
- <help>Interface description</help>
- <constraint>
- <regex>^.{1,256}$</regex>
- </constraint>
- <constraintErrorMessage>Interface description too long (limit 256 characters)</constraintErrorMessage>
- </properties>
- </leafNode>
- <node name="dhcp-options">
- <properties>
- <help>DHCP options</help>
- </properties>
- <children>
- <leafNode name="client-id">
- <properties>
- <help>DHCP client identifier</help>
- </properties>
- </leafNode>
- <leafNode name="host-name">
- <properties>
- <help>DHCP client host name (overrides the system host name)</help>
- </properties>
- </leafNode>
- <leafNode name="vendor-class-id">
- <properties>
- <help>DHCP client vendor type</help>
- </properties>
- </leafNode>
- </children>
- </node>
- <node name="dhcpv6-options">
- <properties>
- <help>DHCPv6 options</help>
- <priority>319</priority>
- </properties>
- <children>
- <leafNode name="parameters-only">
- <properties>
- <help>Acquire only config parameters, no address</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="temporary">
- <properties>
- <help>IPv6 "temporary" address</help>
- <valueless/>
- </properties>
- </leafNode>
- </children>
- </node>
- <leafNode name="disable-link-detect">
- <properties>
- <help>Ignore link state changes</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="disable">
- <properties>
- <help>Disable this bridge interface</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="ethertype">
- <properties>
- <help>Set Ethertype</help>
- <completionHelp>
- <list>0x88A8 0x8100</list>
- </completionHelp>
- <valueHelp>
- <format>0x88A8</format>
- <description>802.1ad</description>
- </valueHelp>
- <valueHelp>
- <format>0x8100</format>
- <description>802.1q</description>
- </valueHelp>
- <constraint>
- <regex>(0x88A8|0x8100)</regex>
- </constraint>
- <constraintErrorMessage>Ethertype must be 0x88A8 or 0x8100</constraintErrorMessage>
- </properties>
- </leafNode>
- <leafNode name="mac">
- <properties>
- <help>Media Access Control (MAC) address</help>
- <valueHelp>
- <format>h:h:h:h:h:h</format>
- <description>Hardware (MAC) address</description>
- </valueHelp>
- <constraint>
- <validator name="mac-address"/>
- </constraint>
- </properties>
- </leafNode>
- <leafNode name="mtu">
- <properties>
- <help>Maximum Transmission Unit (MTU)</help>
- <valueHelp>
- <format>68-9000</format>
- <description>Maximum Transmission Unit</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--range 68-9000"/>
- </constraint>
- <constraintErrorMessage>MTU must be between 68 and 9000</constraintErrorMessage>
- </properties>
- </leafNode>
- <tagNode name="vif-c">
- <properties>
- <help>QinQ TAG-C Virtual Local Area Network (VLAN) ID</help>
- <constraint>
- <validator name="numeric" argument="--range 0-4094"/>
- </constraint>
- <constraintErrorMessage>VLAN ID must be between 0 and 4094</constraintErrorMessage>
- </properties>
- <children>
- <leafNode name="address">
- <properties>
- <help>IP address</help>
- <completionHelp>
- <list>dhcp dhcpv6</list>
- </completionHelp>
- <valueHelp>
- <format>ipv4net</format>
- <description>IPv4 address and prefix length</description>
- </valueHelp>
- <valueHelp>
- <format>ipv6net</format>
- <description>IPv6 address and prefix length</description>
- </valueHelp>
- <valueHelp>
- <format>dhcp</format>
- <description>Dynamic Host Configuration Protocol</description>
- </valueHelp>
- <valueHelp>
- <format>dhcpv6</format>
- <description>Dynamic Host Configuration Protocol for IPv6</description>
- </valueHelp>
- <constraint>
- <validator name="ip-cidr"/>
- <regex>(dhcp|dhcpv6)</regex>
- </constraint>
- <multi/>
- </properties>
- </leafNode>
- <leafNode name="description">
- <properties>
- <help>Interface description</help>
- <constraint>
- <regex>^.{1,256}$</regex>
- </constraint>
- <constraintErrorMessage>Interface description too long (limit 256 characters)</constraintErrorMessage>
- </properties>
- </leafNode>
- <node name="dhcp-options">
- <properties>
- <help>DHCP options</help>
- </properties>
- <children>
- <leafNode name="client-id">
- <properties>
- <help>DHCP client identifier</help>
- </properties>
- </leafNode>
- <leafNode name="host-name">
- <properties>
- <help>DHCP client host name (overrides the system host name)</help>
- </properties>
- </leafNode>
- <leafNode name="vendor-class-id">
- <properties>
- <help>DHCP client vendor type</help>
- </properties>
- </leafNode>
- </children>
- </node>
- <node name="dhcpv6-options">
- <properties>
- <help>DHCPv6 options</help>
- <priority>319</priority>
- </properties>
- <children>
- <leafNode name="parameters-only">
- <properties>
- <help>Acquire only config parameters, no address</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="temporary">
- <properties>
- <help>IPv6 "temporary" address</help>
- <valueless/>
- </properties>
- </leafNode>
- </children>
- </node>
- <leafNode name="disable-link-detect">
- <properties>
- <help>Ignore link state changes</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="disable">
- <properties>
- <help>Disable this bridge interface</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="mac">
- <properties>
- <help>Media Access Control (MAC) address</help>
- <valueHelp>
- <format>h:h:h:h:h:h</format>
- <description>Hardware (MAC) address</description>
- </valueHelp>
- <constraint>
- <validator name="mac-address"/>
- </constraint>
- </properties>
- </leafNode>
- <leafNode name="mtu">
- <properties>
- <help>Maximum Transmission Unit (MTU)</help>
- <valueHelp>
- <format>68-9000</format>
- <description>Maximum Transmission Unit</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--range 68-9000"/>
- </constraint>
- <constraintErrorMessage>MTU must be between 68 and 9000</constraintErrorMessage>
- </properties>
- </leafNode>
- </children>
- </tagNode>
- </children>
- </tagNode>
- <tagNode name="vif">
- <properties>
- <help>Virtual Local Area Network (VLAN) ID</help>
- <constraint>
- <validator name="numeric" argument="--range 0-4094"/>
- </constraint>
- <constraintErrorMessage>VLAN ID must be between 0 and 4094</constraintErrorMessage>
- </properties>
- <children>
- <leafNode name="address">
- <properties>
- <help>IP address</help>
- <completionHelp>
- <list>dhcp dhcpv6</list>
- </completionHelp>
- <valueHelp>
- <format>ipv4net</format>
- <description>IPv4 address and prefix length</description>
- </valueHelp>
- <valueHelp>
- <format>ipv6net</format>
- <description>IPv6 address and prefix length</description>
- </valueHelp>
- <valueHelp>
- <format>dhcp</format>
- <description>Dynamic Host Configuration Protocol</description>
- </valueHelp>
- <valueHelp>
- <format>dhcpv6</format>
- <description>Dynamic Host Configuration Protocol for IPv6</description>
- </valueHelp>
- <constraint>
- <validator name="ip-cidr"/>
- <regex>(dhcp|dhcpv6)</regex>
- </constraint>
- <multi/>
- </properties>
- </leafNode>
- <leafNode name="description">
- <properties>
- <help>Interface description</help>
- <constraint>
- <regex>^.{1,256}$</regex>
- </constraint>
- <constraintErrorMessage>Interface description too long (limit 256 characters)</constraintErrorMessage>
- </properties>
- </leafNode>
- <node name="dhcp-options">
- <properties>
- <help>DHCP options</help>
- </properties>
- <children>
- <leafNode name="client-id">
- <properties>
- <help>DHCP client identifier</help>
- </properties>
- </leafNode>
- <leafNode name="host-name">
- <properties>
- <help>DHCP client host name (overrides the system host name)</help>
- </properties>
- </leafNode>
- <leafNode name="vendor-class-id">
- <properties>
- <help>DHCP client vendor type</help>
- </properties>
- </leafNode>
- </children>
- </node>
- <node name="dhcpv6-options">
- <properties>
- <help>DHCPv6 options</help>
- <priority>319</priority>
- </properties>
- <children>
- <leafNode name="parameters-only">
- <properties>
- <help>Acquire only config parameters, no address</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="temporary">
- <properties>
- <help>IPv6 "temporary" address</help>
- <valueless/>
- </properties>
- </leafNode>
- </children>
- </node>
- <leafNode name="disable-link-detect">
- <properties>
- <help>Ignore link state changes</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="disable">
- <properties>
- <help>Disable this bridge interface</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="mac">
- <properties>
- <help>Media Access Control (MAC) address</help>
- <valueHelp>
- <format>h:h:h:h:h:h</format>
- <description>Hardware (MAC) address</description>
- </valueHelp>
- <constraint>
- <validator name="mac-address"/>
- </constraint>
- </properties>
- </leafNode>
- <leafNode name="mtu">
- <properties>
- <help>Maximum Transmission Unit (MTU)</help>
- <valueHelp>
- <format>68-9000</format>
- <description>Maximum Transmission Unit</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--range 68-9000"/>
- </constraint>
- <constraintErrorMessage>MTU must be between 68 and 9000</constraintErrorMessage>
- </properties>
- </leafNode>
- </children>
- </tagNode>
- </children>
- </tagNode>
- </children>
- </node>
-</interfaceDefinition>
diff --git a/interface-definitions/interfaces-bonding.xml.in b/interface-definitions/interfaces-bonding.xml.in
new file mode 100644
index 000000000..e6557a967
--- /dev/null
+++ b/interface-definitions/interfaces-bonding.xml.in
@@ -0,0 +1,159 @@
+<?xml version="1.0"?>
+<interfaceDefinition>
+ <node name="interfaces">
+ <children>
+ <tagNode name="bonding" owner="${vyos_conf_scripts_dir}/interfaces-bonding.py">
+ <properties>
+ <help>Bonding interface name</help>
+ <priority>320</priority>
+ <constraint>
+ <regex>bond[0-9]+$</regex>
+ </constraint>
+ <constraintErrorMessage>Bonding interface must be named bondN</constraintErrorMessage>
+ <valueHelp>
+ <format>bondN</format>
+ <description>Bonding interface name</description>
+ </valueHelp>
+ </properties>
+ <children>
+ #include <include/address-ipv4-ipv6-dhcp.xml.i>
+ <node name="arp-monitor">
+ <properties>
+ <help>ARP link monitoring parameters</help>
+ </properties>
+ <children>
+ <leafNode name="interval">
+ <properties>
+ <help>ARP link monitoring interval</help>
+ <valueHelp>
+ <format>0-4294967295</format>
+ <description>Specifies the ARP link monitoring frequency in milliseconds</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 0-4294967295"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ <leafNode name="target">
+ <properties>
+ <help>IP address used for ARP monitoring</help>
+ <valueHelp>
+ <format>ipv4</format>
+ <description>Network Time Protocol (NTP) IPv4 address</description>
+ </valueHelp>
+ <constraint>
+ <validator name="ipv4-address"/>
+ </constraint>
+ <multi/>
+ </properties>
+ </leafNode>
+ </children>
+ </node>
+ #include <include/interface-description.xml.i>
+ #include <include/dhcp-dhcpv6-options.xml.i>
+ #include <include/interface-disable-link-detect.xml.i>
+ #include <include/interface-disable.xml.i>
+ <leafNode name="hash-policy">
+ <properties>
+ <help>Bonding transmit hash policy</help>
+ <completionHelp>
+ <list>layer2 layer2+3 layer3+4</list>
+ </completionHelp>
+ <valueHelp>
+ <format>layer2</format>
+ <description>use MAC addresses to generate the hash (802.3ad, default)</description>
+ </valueHelp>
+ <valueHelp>
+ <format>layer2+3</format>
+ <description>combine MAC address and IP address to make hash</description>
+ </valueHelp>
+ <valueHelp>
+ <format>layer3+4</format>
+ <description>combine IP address and port to make hash</description>
+ </valueHelp>
+ <constraint>
+ <regex>(layer2\+3|layer3\+4|layer2)</regex>
+ </constraint>
+ <constraintErrorMessage>hash-policy must be layer2 layer2+3 or layer3+4</constraintErrorMessage>
+ </properties>
+ </leafNode>
+ <node name="ip">
+ <children>
+ #include <include/interface-arp-cache-timeout.xml.i>
+ #include <include/interface-enable-proxy-arp.xml.i>
+ #include <include/interface-proxy-arp-pvlan.xml.i>
+ </children>
+ </node>
+ #include <include/interface-mac.xml.i>
+ <leafNode name="mode">
+ <properties>
+ <help>Bonding mode</help>
+ <completionHelp>
+ <list>802.3ad active-backup broadcast round-robin transmit-load-balance adaptive-load-balance xor-hash</list>
+ </completionHelp>
+ <valueHelp>
+ <format>802.3ad</format>
+ <description>IEEE 802.3ad Dynamic link aggregation (Default)</description>
+ </valueHelp>
+ <valueHelp>
+ <format>active-backup</format>
+ <description>Fault tolerant: only one slave in the bond is active</description>
+ </valueHelp>
+ <valueHelp>
+ <format>broadcast</format>
+ <description>Fault tolerant: transmits everything on all slave interfaces</description>
+ </valueHelp>
+ <valueHelp>
+ <format>round-robin</format>
+ <description>Load balance: transmit packets in sequential order</description>
+ </valueHelp>
+ <valueHelp>
+ <format>transmit-load-balance</format>
+ <description>Load balance: adapts based on transmit load and speed</description>
+ </valueHelp>
+ <valueHelp>
+ <format>adaptive-load-balance</format>
+ <description>Load balance: adapts based on transmit and receive plus ARP</description>
+ </valueHelp>
+ <valueHelp>
+ <format>xor-hash</format>
+ <description>Distribute based on MAC address</description>
+ </valueHelp>
+ <constraint>
+ <regex>(802.3ad|active-backup|broadcast|round-robin|transmit-load-balance|adaptive-load-balance|xor-hash)</regex>
+ </constraint>
+ <constraintErrorMessage>mode must be 802.3ad, active-backup, broadcast, round-robin, transmit-load-balance, adaptive-load-balance, or xor</constraintErrorMessage>
+ </properties>
+ </leafNode>
+ <node name="member">
+ <properties>
+ <help>Bridge member interfaces</help>
+ </properties>
+ <children>
+ <leafNode name="interface">
+ <properties>
+ <help>Member interface name</help>
+ <completionHelp>
+ <script>${vyos_completion_dir}/list_interfaces.py --bondable</script>
+ </completionHelp>
+ <multi/>
+ </properties>
+ </leafNode>
+ </children>
+ </node>
+ #include <include/interface-mtu-68-9000.xml.i>
+ <leafNode name="primary">
+ <properties>
+ <help>Primary device interface</help>
+ <completionHelp>
+ <script>${vyos_completion_dir}/list_interfaces.py --bondable</script>
+ </completionHelp>
+ </properties>
+ </leafNode>
+ #include <include/vif-s.xml.i>
+ #include <include/vif.xml.i>
+ </children>
+ </tagNode>
+ </children>
+ </node>
+</interfaceDefinition>
diff --git a/interface-definitions/interfaces-bridge.xml b/interface-definitions/interfaces-bridge.xml.in
similarity index 59%
rename from interface-definitions/interfaces-bridge.xml
rename to interface-definitions/interfaces-bridge.xml.in
index 40505d7de..a28daeba6 100644
--- a/interface-definitions/interfaces-bridge.xml
+++ b/interface-definitions/interfaces-bridge.xml.in
@@ -1,274 +1,164 @@
<?xml version="1.0"?>
<interfaceDefinition>
<node name="interfaces">
<children>
<tagNode name="bridge" owner="${vyos_conf_scripts_dir}/interfaces-bridge.py">
<properties>
<help>Bridge interface name</help>
<priority>470</priority>
<constraint>
<regex>^br[0-9]+$</regex>
</constraint>
<constraintErrorMessage>Bridge interface must be named brN</constraintErrorMessage>
<valueHelp>
<format>brN</format>
<description>Bridge interface name</description>
</valueHelp>
</properties>
<children>
- <leafNode name="address">
- <properties>
- <help>IP address</help>
- <completionHelp>
- <list>dhcp dhcpv6</list>
- </completionHelp>
- <valueHelp>
- <format>ipv4net</format>
- <description>IPv4 address and prefix length</description>
- </valueHelp>
- <valueHelp>
- <format>ipv6net</format>
- <description>IPv6 address and prefix length</description>
- </valueHelp>
- <valueHelp>
- <format>dhcp</format>
- <description>Dynamic Host Configuration Protocol</description>
- </valueHelp>
- <valueHelp>
- <format>dhcpv6</format>
- <description>Dynamic Host Configuration Protocol for IPv6</description>
- </valueHelp>
- <constraint>
- <validator name="ip-cidr"/>
- <regex>(dhcp|dhcpv6)</regex>
- </constraint>
- <multi/>
- </properties>
- </leafNode>
+ #include <include/address-ipv4-ipv6-dhcp.xml.i>
<leafNode name="aging">
<properties>
<help>MAC address aging interval</help>
<valueHelp>
<format>0</format>
<description>Disable MAC address learning (always flood)</description>
</valueHelp>
<valueHelp>
<format>10-1000000</format>
<description>MAC address aging time in seconds (default: 300)</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 0-0 --range 10-1000000"/>
</constraint>
</properties>
</leafNode>
- <leafNode name="description">
- <properties>
- <help>Interface description</help>
- <constraint>
- <regex>^.{1,256}$</regex>
- </constraint>
- <constraintErrorMessage>Interface description too long (limit 256 characters)</constraintErrorMessage>
- </properties>
- </leafNode>
- <node name="dhcp-options">
- <properties>
- <help>DHCP options</help>
- </properties>
- <children>
- <leafNode name="client-id">
- <properties>
- <help>DHCP client identifier</help>
- </properties>
- </leafNode>
- <leafNode name="host-name">
- <properties>
- <help>DHCP client host name (overrides the system host name)</help>
- </properties>
- </leafNode>
- <leafNode name="vendor-class-id">
- <properties>
- <help>DHCP client vendor type</help>
- </properties>
- </leafNode>
- </children>
- </node>
- <node name="dhcpv6-options">
- <properties>
- <help>DHCPv6 options</help>
- <priority>319</priority>
- </properties>
- <children>
- <leafNode name="parameters-only">
- <properties>
- <help>Acquire only config parameters, no address</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="temporary">
- <properties>
- <help>IPv6 "temporary" address</help>
- <valueless/>
- </properties>
- </leafNode>
- </children>
- </node>
- <leafNode name="disable-link-detect">
- <properties>
- <help>Ignore link state changes</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="disable">
- <properties>
- <help>Disable this bridge interface</help>
- <valueless/>
- </properties>
- </leafNode>
+ #include <include/interface-description.xml.i>
+ #include <include/dhcp-dhcpv6-options.xml.i>
+ #include <include/interface-disable-link-detect.xml.i>
+ #include <include/interface-disable.xml.i>
<leafNode name="forwarding-delay">
<properties>
<help>Forwarding delay</help>
<valueHelp>
<format>0-200</format>
<description>Spanning Tree Protocol forwarding delay in seconds (default 15)</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 0-200"/>
</constraint>
<constraintErrorMessage>Forwarding delay must be between 0 and 200 seconds</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="hello-time">
<properties>
<help>Hello packet advertisment interval</help>
<valueHelp>
<format>1-10</format>
<description>Spanning Tree Protocol hello advertisement interval in seconds (default 2)</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 1-10"/>
</constraint>
<constraintErrorMessage>Bridge Hello interval must be between 1 and 10 seconds</constraintErrorMessage>
</properties>
</leafNode>
<node name="igmp">
<properties>
<help>Internet Group Management Protocol (IGMP) settings</help>
</properties>
<children>
<leafNode name="querier">
<properties>
<help>Enable IGMP querier</help>
<valueless/>
</properties>
</leafNode>
</children>
</node>
<node name="ip">
<children>
- <leafNode name="arp-cache-timeout">
- <properties>
- <help>ARP cache entry timeout in seconds</help>
- <valueHelp>
- <format>1-86400</format>
- <description>ARP cache entry timout in seconds (default 30)</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--range 1-86400"/>
- </constraint>
- <constraintErrorMessage>ARP cache entry timeout must be between 1 and 86400 seconds</constraintErrorMessage>
- </properties>
- </leafNode>
+ #include <include/interface-arp-cache-timeout.xml.i>
</children>
</node>
- <leafNode name="mac">
- <properties>
- <help>Media Access Control (MAC) address</help>
- <valueHelp>
- <format>h:h:h:h:h:h</format>
- <description>Hardware (MAC) address</description>
- </valueHelp>
- <constraint>
- <validator name="mac-address"/>
- </constraint>
- </properties>
- </leafNode>
+ #include <include/interface-mac.xml.i>
<leafNode name="max-age">
<properties>
<help>Interval at which neighbor bridges are removed</help>
<valueHelp>
<format>1-40</format>
<description>Bridge maximum aging time in seconds (default 20)</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 1-40"/>
</constraint>
<constraintErrorMessage>Bridge max aging value must be between 1 and 40 seconds</constraintErrorMessage>
</properties>
</leafNode>
<node name="member">
<properties>
<help>Bridge member interfaces</help>
</properties>
<children>
<tagNode name="interface">
<properties>
<help>Member interface name</help>
<completionHelp>
<script>${vyos_completion_dir}/list_interfaces.py --bridgeable</script>
</completionHelp>
</properties>
<children>
<leafNode name="cost">
<properties>
<help>Bridge port cost</help>
<valueHelp>
<format>1-65535</format>
<description>Path cost value for Spanning Tree Protocol</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 1-65535"/>
</constraint>
<constraintErrorMessage>Path cost value must be between 1 and 65535</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="priority">
<properties>
<help>Bridge port priority</help>
<valueHelp>
<format>0-63</format>
<description>Bridge port priority</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 1-63"/>
</constraint>
<constraintErrorMessage>Port priority value must be between 0 and 63</constraintErrorMessage>
</properties>
</leafNode>
</children>
</tagNode>
</children>
</node>
<leafNode name="priority">
<properties>
<help>Priority for this bridge</help>
<valueHelp>
<format>0-65535</format>
<description>Bridge priority (default 32768)</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 0-65535"/>
</constraint>
<constraintErrorMessage>Bridge priority must be between 0 and 65535 (multiples of 4096)</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="stp">
<properties>
<help>Enable spanning tree protocol</help>
<valueless/>
</properties>
</leafNode>
</children>
</tagNode>
</children>
</node>
</interfaceDefinition>
diff --git a/interface-definitions/interfaces-dummy.xml b/interface-definitions/interfaces-dummy.xml
deleted file mode 100644
index 3bc4330e4..000000000
--- a/interface-definitions/interfaces-dummy.xml
+++ /dev/null
@@ -1,55 +0,0 @@
-<?xml version="1.0"?>
-<interfaceDefinition>
- <node name="interfaces">
- <children>
- <tagNode name="dummy" owner="${vyos_conf_scripts_dir}/interfaces-dummy.py">
- <properties>
- <help>Dummy interface name</help>
- <priority>300</priority>
- <constraint>
- <regex>dum[0-9]+$</regex>
- </constraint>
- <constraintErrorMessage>Dummy interface must be named dumN</constraintErrorMessage>
- <valueHelp>
- <format>dumN</format>
- <description>Dummy interface name</description>
- </valueHelp>
- </properties>
- <children>
- <leafNode name="address">
- <properties>
- <help>IP address</help>
- <valueHelp>
- <format>ipv4net</format>
- <description>IPv4 address and prefix length</description>
- </valueHelp>
- <valueHelp>
- <format>ipv6net</format>
- <description>IPv6 address and prefix length</description>
- </valueHelp>
- <multi/>
- <constraint>
- <validator name="ip-cidr"/>
- </constraint>
- </properties>
- </leafNode>
- <leafNode name="description">
- <properties>
- <help>Interface description</help>
- <constraint>
- <regex>^.{1,256}$</regex>
- </constraint>
- <constraintErrorMessage>Interface description too long (limit 256 characters)</constraintErrorMessage>
- </properties>
- </leafNode>
- <leafNode name="disable">
- <properties>
- <help>Disable interface</help>
- <valueless/>
- </properties>
- </leafNode>
- </children>
- </tagNode>
- </children>
- </node>
-</interfaceDefinition>
diff --git a/interface-definitions/interfaces-dummy.xml.in b/interface-definitions/interfaces-dummy.xml.in
new file mode 100644
index 000000000..445f6b2d4
--- /dev/null
+++ b/interface-definitions/interfaces-dummy.xml.in
@@ -0,0 +1,26 @@
+<?xml version="1.0"?>
+<interfaceDefinition>
+ <node name="interfaces">
+ <children>
+ <tagNode name="dummy" owner="${vyos_conf_scripts_dir}/interfaces-dummy.py">
+ <properties>
+ <help>Dummy interface name</help>
+ <priority>300</priority>
+ <constraint>
+ <regex>dum[0-9]+$</regex>
+ </constraint>
+ <constraintErrorMessage>Dummy interface must be named dumN</constraintErrorMessage>
+ <valueHelp>
+ <format>dumN</format>
+ <description>Dummy interface name</description>
+ </valueHelp>
+ </properties>
+ <children>
+ #include <include/address-ipv4-ipv6.xml.i>
+ #include <include/interface-description.xml.i>
+ #include <include/interface-disable.xml.i>
+ </children>
+ </tagNode>
+ </children>
+ </node>
+</interfaceDefinition>
diff --git a/interface-definitions/interfaces-ethernet.xml b/interface-definitions/interfaces-ethernet.xml
deleted file mode 100644
index f51bb3d87..000000000
--- a/interface-definitions/interfaces-ethernet.xml
+++ /dev/null
@@ -1,904 +0,0 @@
-<?xml version="1.0"?>
-<interfaceDefinition>
- <node name="interfaces">
- <children>
- <tagNode name="ethernet" owner="${vyos_conf_scripts_dir}/interfaces-ethernet.py">
- <properties>
- <help>Ethernet interface name</help>
- <priority>318</priority>
- <constraint>
- <regex>((eth|lan)[0-9]+|(eno|ens|enp|enx).+)$</regex>
- </constraint>
- <constraintErrorMessage>Invalid Ethernet interface name</constraintErrorMessage>
- <valueHelp>
- <format>ethN</format>
- <description>Ethernet interface name</description>
- </valueHelp>
- <valueHelp>
- <format>en[ospx]N</format>
- <description>Ethernet interface name</description>
- </valueHelp>
- </properties>
- <children>
- <leafNode name="address">
- <properties>
- <help>IP address</help>
- <completionHelp>
- <list>dhcp dhcpv6</list>
- </completionHelp>
- <valueHelp>
- <format>ipv4net</format>
- <description>IPv4 address and prefix length</description>
- </valueHelp>
- <valueHelp>
- <format>ipv6net</format>
- <description>IPv6 address and prefix length</description>
- </valueHelp>
- <valueHelp>
- <format>dhcp</format>
- <description>Dynamic Host Configuration Protocol</description>
- </valueHelp>
- <valueHelp>
- <format>dhcpv6</format>
- <description>Dynamic Host Configuration Protocol for IPv6</description>
- </valueHelp>
- <constraint>
- <validator name="ip-cidr"/>
- <regex>(dhcp|dhcpv6)</regex>
- </constraint>
- <multi/>
- </properties>
- </leafNode>
- <leafNode name="description">
- <properties>
- <help>Interface description</help>
- <constraint>
- <regex>^.{1,256}$</regex>
- </constraint>
- <constraintErrorMessage>Interface description too long (limit 256 characters)</constraintErrorMessage>
- </properties>
- </leafNode>
- <node name="dhcp-options">
- <properties>
- <help>DHCP options</help>
- </properties>
- <children>
- <leafNode name="client-id">
- <properties>
- <help>DHCP client identifier</help>
- </properties>
- </leafNode>
- <leafNode name="host-name">
- <properties>
- <help>DHCP client host name (overrides system host name)</help>
- </properties>
- </leafNode>
- <leafNode name="vendor-class-id">
- <properties>
- <help>DHCP client vendor type</help>
- </properties>
- </leafNode>
- </children>
- </node>
- <node name="dhcpv6-options">
- <properties>
- <help>DHCPv6 options</help>
- <priority>319</priority>
- </properties>
- <children>
- <leafNode name="parameters-only">
- <properties>
- <help>Acquire only config parameters, no address</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="temporary">
- <properties>
- <help>IPv6 "temporary" address</help>
- <valueless/>
- </properties>
- </leafNode>
- </children>
- </node>
- <leafNode name="disable-flow-control">
- <properties>
- <help>Disable Ethernet flow control (pause frames)</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="disable-link-detect">
- <properties>
- <help>Ignore link state changes</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="disable">
- <properties>
- <help>Disable this bridge interface</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="duplex">
- <properties>
- <help>Duplex mode</help>
- <completionHelp>
- <list>auto half full</list>
- </completionHelp>
- <valueHelp>
- <format>auto</format>
- <description>Auto negotiation (default)</description>
- </valueHelp>
- <valueHelp>
- <format>half</format>
- <description>Half duplex</description>
- </valueHelp>
- <valueHelp>
- <format>full</format>
- <description>Full duplex</description>
- </valueHelp>
- <constraint>
- <regex>(auto|half|full)</regex>
- </constraint>
- <constraintErrorMessage>duplex must be auto, half or full</constraintErrorMessage>
- </properties>
- </leafNode>
- <leafNode name="hw-id">
- <properties>
- <help>Media Access Control (MAC) address</help>
- <valueHelp>
- <format>h:h:h:h:h:h</format>
- <description>Hardware (MAC) address</description>
- </valueHelp>
- <constraint>
- <validator name="mac-address"/>
- </constraint>
- </properties>
- </leafNode>
- <node name="ip">
- <children>
- <leafNode name="arp-cache-timeout">
- <properties>
- <help>ARP cache entry timeout in seconds</help>
- <valueHelp>
- <format>1-86400</format>
- <description>ARP cache entry timout in seconds (default 30)</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--range 1-86400"/>
- </constraint>
- <constraintErrorMessage>ARP cache entry timeout must be between 1 and 86400 seconds</constraintErrorMessage>
- </properties>
- </leafNode>
- <leafNode name="enable-proxy-arp">
- <properties>
- <help>Enable proxy-arp on this interface</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="proxy-arp-pvlan">
- <properties>
- <help>Enable private VLAN proxy ARP on this interface</help>
- <valueless/>
- </properties>
- </leafNode>
- </children>
- </node>
- <leafNode name="mac">
- <properties>
- <help>Media Access Control (MAC) address</help>
- <valueHelp>
- <format>h:h:h:h:h:h</format>
- <description>Hardware (MAC) address</description>
- </valueHelp>
- <constraint>
- <validator name="mac-address"/>
- </constraint>
- </properties>
- </leafNode>
- <leafNode name="mtu">
- <properties>
- <help>Maximum Transmission Unit (MTU)</help>
- <valueHelp>
- <format>68-9000</format>
- <description>Maximum Transmission Unit</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--range 68-9000"/>
- </constraint>
- <constraintErrorMessage>MTU must be between 68 and 9000</constraintErrorMessage>
- </properties>
- </leafNode>
- <node name="offload-options">
- <properties>
- <help>Configurable offload options</help>
- </properties>
- <children>
- <leafNode name="generic-receive">
- <properties>
- <help>Configure GRO (generic receive offload)</help>
- <completionHelp>
- <list>on off</list>
- </completionHelp>
- <valueHelp>
- <format>on</format>
- <description>Enable GRO (generic receive offload)</description>
- </valueHelp>
- <valueHelp>
- <format>off</format>
- <description>Disable GRO (generic receive offload)</description>
- </valueHelp>
- <constraint>
- <regex>(on|off)</regex>
- </constraint>
- <constraintErrorMessage>Must be either 'on' or 'off'</constraintErrorMessage>
- </properties>
- </leafNode>
- <leafNode name="generic-segmentation">
- <properties>
- <help>Configure GSO (generic segmentation offload)</help>
- <completionHelp>
- <list>on off</list>
- </completionHelp>
- <valueHelp>
- <format>on</format>
- <description>Enable GSO (generic segmentation offload)</description>
- </valueHelp>
- <valueHelp>
- <format>off</format>
- <description>Disable GSO (generic segmentation offload)</description>
- </valueHelp>
- <constraint>
- <regex>(on|off)</regex>
- </constraint>
- <constraintErrorMessage>Must be either 'on' or 'off'</constraintErrorMessage>
- </properties>
- </leafNode>
- <leafNode name="scatter-gather">
- <properties>
- <help>Configure scatter-gather option</help>
- <completionHelp>
- <list>on off</list>
- </completionHelp>
- <valueHelp>
- <format>on</format>
- <description>Enable scatter-gather</description>
- </valueHelp>
- <valueHelp>
- <format>off</format>
- <description>Disable scatter-gather</description>
- </valueHelp>
- <constraint>
- <regex>(on|off)</regex>
- </constraint>
- <constraintErrorMessage>Must be either 'on' or 'off'</constraintErrorMessage>
- </properties>
- </leafNode>
- <leafNode name="tcp-segmentation">
- <properties>
- <help>Configure TSO (TCP segmentation offloading)</help>
- <completionHelp>
- <list>on off</list>
- </completionHelp>
- <valueHelp>
- <format>on</format>
- <description>Enable TSO (TCP segmentation offloading)</description>
- </valueHelp>
- <valueHelp>
- <format>off</format>
- <description>Disable TSO (TCP segmentation offloading)</description>
- </valueHelp>
- <constraint>
- <regex>(on|off)</regex>
- </constraint>
- <constraintErrorMessage>Must be either 'on' or 'off'</constraintErrorMessage>
- </properties>
- </leafNode>
- <leafNode name="udp-fragmentation">
- <properties>
- <help>Configure UDP fragmentation offloading</help>
- <completionHelp>
- <list>on off</list>
- </completionHelp>
- <valueHelp>
- <format>on</format>
- <description>Enable UDP fragmentation offloading</description>
- </valueHelp>
- <valueHelp>
- <format>off</format>
- <description>Disable UDP fragmentation offloading</description>
- </valueHelp>
- <constraint>
- <regex>(on|off)</regex>
- </constraint>
- <constraintErrorMessage>Must be either 'on' or 'off'</constraintErrorMessage>
- </properties>
- </leafNode>
- </children>
- </node>
- <leafNode name="smp-affinity">
- <properties>
- <help>CPU interrupt affinity mask</help>
- <completionHelp>
- <list>auto 10 100 1000 2500 5000 10000</list>
- </completionHelp>
- <valueHelp>
- <format>auto</format>
- <description>Auto negotiation (default)</description>
- </valueHelp>
- <valueHelp>
- <format>hex</format>
- <description>Bitmask representing CPUs that this NIC will interrupt</description>
- </valueHelp>
- <valueHelp>
- <format>hex,hex</format>
- <description>Bitmasks representing CPUs for interrupt and receive processing</description>
- </valueHelp>
- <constraint>
- <regex>(auto)</regex>
- <regex>[0-9a-f]+(|,[0-9a-f]+)$</regex>
- </constraint>
- <constraintErrorMessage>IRQ affinity mask must be hex value or auto</constraintErrorMessage>
- </properties>
- </leafNode>
- <leafNode name="speed">
- <properties>
- <help>Link speed</help>
- <completionHelp>
- <list>auto 10 100 1000 2500 5000 10000 25000 40000 50000 100000</list>
- </completionHelp>
- <valueHelp>
- <format>auto</format>
- <description>Auto negotiation (default)</description>
- </valueHelp>
- <valueHelp>
- <format>10</format>
- <description>10 Mbit/sec</description>
- </valueHelp>
- <valueHelp>
- <format>100</format>
- <description>100 Mbit/sec</description>
- </valueHelp>
- <valueHelp>
- <format>1000</format>
- <description>1 Gbit/sec</description>
- </valueHelp>
- <valueHelp>
- <format>2500</format>
- <description>2.5 Gbit/sec</description>
- </valueHelp>
- <valueHelp>
- <format>5000</format>
- <description>5 Gbit/sec</description>
- </valueHelp>
- <valueHelp>
- <format>10000</format>
- <description>10 Gbit/sec</description>
- </valueHelp>
- <valueHelp>
- <format>25000</format>
- <description>25 Gbit/sec</description>
- </valueHelp>
- <valueHelp>
- <format>40000</format>
- <description>40 Gbit/sec</description>
- </valueHelp>
- <valueHelp>
- <format>50000</format>
- <description>50 Gbit/sec</description>
- </valueHelp>
- <valueHelp>
- <format>100000</format>
- <description>100 Gbit/sec</description>
- </valueHelp>
- <constraint>
- <regex>(auto|10|100|1000|2500|5000|10000|25000|40000|50000|100000)</regex>
- </constraint>
- <constraintErrorMessage>Speed must be auto, 10, 100, 1000, 2500, 5000, 10000, 25000, 40000, 50000 or 100000</constraintErrorMessage>
- </properties>
- </leafNode>
- <tagNode name="vif-s">
- <properties>
- <help>QinQ TAG-S Virtual Local Area Network (VLAN) ID</help>
- <valueHelp>
- <format>0-4094</format>
- <description>QinQ TAG-S Virtual Local Area Network (VLAN) ID</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--range 0-4094"/>
- </constraint>
- <constraintErrorMessage>VLAN ID must be between 0 and 4094</constraintErrorMessage>
- </properties>
- <children>
- <leafNode name="address">
- <properties>
- <help>IP address</help>
- <completionHelp>
- <list>dhcp dhcpv6</list>
- </completionHelp>
- <valueHelp>
- <format>ipv4net</format>
- <description>IPv4 address and prefix length</description>
- </valueHelp>
- <valueHelp>
- <format>ipv6net</format>
- <description>IPv6 address and prefix length</description>
- </valueHelp>
- <valueHelp>
- <format>dhcp</format>
- <description>Dynamic Host Configuration Protocol</description>
- </valueHelp>
- <valueHelp>
- <format>dhcpv6</format>
- <description>Dynamic Host Configuration Protocol for IPv6</description>
- </valueHelp>
- <constraint>
- <validator name="ip-cidr"/>
- <regex>(dhcp|dhcpv6)</regex>
- </constraint>
- <multi/>
- </properties>
- </leafNode>
- <leafNode name="description">
- <properties>
- <help>Interface description</help>
- <constraint>
- <regex>^.{1,256}$</regex>
- </constraint>
- <constraintErrorMessage>Interface description too long (limit 256 characters)</constraintErrorMessage>
- </properties>
- </leafNode>
- <node name="dhcp-options">
- <properties>
- <help>DHCP options</help>
- </properties>
- <children>
- <leafNode name="client-id">
- <properties>
- <help>DHCP client identifier</help>
- </properties>
- </leafNode>
- <leafNode name="host-name">
- <properties>
- <help>DHCP client host name (overrides system host name)</help>
- </properties>
- </leafNode>
- <leafNode name="vendor-class-id">
- <properties>
- <help>DHCP client vendor type</help>
- </properties>
- </leafNode>
- </children>
- </node>
- <node name="dhcpv6-options">
- <properties>
- <help>DHCPv6 options</help>
- <priority>319</priority>
- </properties>
- <children>
- <leafNode name="parameters-only">
- <properties>
- <help>Acquire only config parameters, no address</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="temporary">
- <properties>
- <help>IPv6 "temporary" address</help>
- <valueless/>
- </properties>
- </leafNode>
- </children>
- </node>
- <leafNode name="disable-link-detect">
- <properties>
- <help>Ignore link state changes</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="disable">
- <properties>
- <help>Disable this bridge interface</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="ethertype">
- <properties>
- <help>Set Ethertype</help>
- <completionHelp>
- <list>0x88A8 0x8100</list>
- </completionHelp>
- <valueHelp>
- <format>0x88A8</format>
- <description>802.1ad</description>
- </valueHelp>
- <valueHelp>
- <format>0x8100</format>
- <description>802.1q</description>
- </valueHelp>
- <constraint>
- <regex>(0x88A8|0x8100)</regex>
- </constraint>
- <constraintErrorMessage>Ethertype must be 0x88A8 or 0x8100</constraintErrorMessage>
- </properties>
- </leafNode>
- <node name="ip">
- <children>
- <leafNode name="enable-proxy-arp">
- <properties>
- <help>Enable proxy-arp on this interface</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="proxy-arp-pvlan">
- <properties>
- <help>Enable private VLAN proxy ARP on this interface</help>
- <valueless/>
- </properties>
- </leafNode>
- </children>
- </node>
- <leafNode name="mac">
- <properties>
- <help>Media Access Control (MAC) address</help>
- <valueHelp>
- <format>h:h:h:h:h:h</format>
- <description>Hardware (MAC) address</description>
- </valueHelp>
- <constraint>
- <validator name="mac-address"/>
- </constraint>
- </properties>
- </leafNode>
- <leafNode name="mtu">
- <properties>
- <help>Maximum Transmission Unit (MTU)</help>
- <valueHelp>
- <format>68-9000</format>
- <description>Maximum Transmission Unit</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--range 68-9000"/>
- </constraint>
- <constraintErrorMessage>MTU must be between 68 and 9000</constraintErrorMessage>
- </properties>
- </leafNode>
- <tagNode name="vif-c">
- <properties>
- <help>QinQ TAG-C Virtual Local Area Network (VLAN) ID</help>
- <valueHelp>
- <format>0-4094</format>
- <description>QinQ TAG-C Virtual Local Area Network (VLAN) ID</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--range 0-4094"/>
- </constraint>
- <constraintErrorMessage>VLAN ID must be between 0 and 4094</constraintErrorMessage>
- </properties>
- <children>
- <leafNode name="address">
- <properties>
- <help>IP address</help>
- <completionHelp>
- <list>dhcp dhcpv6</list>
- </completionHelp>
- <valueHelp>
- <format>ipv4net</format>
- <description>IPv4 address and prefix length</description>
- </valueHelp>
- <valueHelp>
- <format>ipv6net</format>
- <description>IPv6 address and prefix length</description>
- </valueHelp>
- <valueHelp>
- <format>dhcp</format>
- <description>Dynamic Host Configuration Protocol</description>
- </valueHelp>
- <valueHelp>
- <format>dhcpv6</format>
- <description>Dynamic Host Configuration Protocol for IPv6</description>
- </valueHelp>
- <constraint>
- <validator name="ip-cidr"/>
- <regex>(dhcp|dhcpv6)</regex>
- </constraint>
- <multi/>
- </properties>
- </leafNode>
- <leafNode name="description">
- <properties>
- <help>Interface description</help>
- <constraint>
- <regex>^.{1,256}$</regex>
- </constraint>
- <constraintErrorMessage>Interface description too long (limit 256 characters)</constraintErrorMessage>
- </properties>
- </leafNode>
- <node name="dhcp-options">
- <properties>
- <help>DHCP options</help>
- </properties>
- <children>
- <leafNode name="client-id">
- <properties>
- <help>DHCP client identifier</help>
- </properties>
- </leafNode>
- <leafNode name="host-name">
- <properties>
- <help>DHCP client host name (overrides system host name)</help>
- </properties>
- </leafNode>
- <leafNode name="vendor-class-id">
- <properties>
- <help>DHCP client vendor type</help>
- </properties>
- </leafNode>
- </children>
- </node>
- <node name="dhcpv6-options">
- <properties>
- <help>DHCPv6 options</help>
- <priority>319</priority>
- </properties>
- <children>
- <leafNode name="parameters-only">
- <properties>
- <help>Acquire only config parameters, no address</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="temporary">
- <properties>
- <help>IPv6 "temporary" address</help>
- <valueless/>
- </properties>
- </leafNode>
- </children>
- </node>
- <leafNode name="disable-link-detect">
- <properties>
- <help>Ignore link state changes</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="disable">
- <properties>
- <help>Disable this bridge interface</help>
- <valueless/>
- </properties>
- </leafNode>
- <node name="ip">
- <children>
- <leafNode name="enable-proxy-arp">
- <properties>
- <help>Enable proxy-arp on this interface</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="proxy-arp-pvlan">
- <properties>
- <help>Enable private VLAN proxy ARP on this interface</help>
- <valueless/>
- </properties>
- </leafNode>
- </children>
- </node>
- <leafNode name="mac">
- <properties>
- <help>Media Access Control (MAC) address</help>
- <valueHelp>
- <format>h:h:h:h:h:h</format>
- <description>Hardware (MAC) address</description>
- </valueHelp>
- <constraint>
- <validator name="mac-address"/>
- </constraint>
- </properties>
- </leafNode>
- <leafNode name="mtu">
- <properties>
- <help>Maximum Transmission Unit (MTU)</help>
- <valueHelp>
- <format>68-9000</format>
- <description>Maximum Transmission Unit</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--range 68-9000"/>
- </constraint>
- <constraintErrorMessage>MTU must be between 68 and 9000</constraintErrorMessage>
- </properties>
- </leafNode>
- </children>
- </tagNode>
- </children>
- </tagNode>
- <tagNode name="vif">
- <properties>
- <help>Virtual Local Area Network (VLAN) ID</help>
- <valueHelp>
- <format>0-4094</format>
- <description>Virtual Local Area Network (VLAN) ID</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--range 0-4094"/>
- </constraint>
- <constraintErrorMessage>VLAN ID must be between 0 and 4094</constraintErrorMessage>
- </properties>
- <children>
- <leafNode name="address">
- <properties>
- <help>IP address</help>
- <completionHelp>
- <list>dhcp dhcpv6</list>
- </completionHelp>
- <valueHelp>
- <format>ipv4net</format>
- <description>IPv4 address and prefix length</description>
- </valueHelp>
- <valueHelp>
- <format>ipv6net</format>
- <description>IPv6 address and prefix length</description>
- </valueHelp>
- <valueHelp>
- <format>dhcp</format>
- <description>Dynamic Host Configuration Protocol</description>
- </valueHelp>
- <valueHelp>
- <format>dhcpv6</format>
- <description>Dynamic Host Configuration Protocol for IPv6</description>
- </valueHelp>
- <constraint>
- <validator name="ip-cidr"/>
- <regex>(dhcp|dhcpv6)</regex>
- </constraint>
- <multi/>
- </properties>
- </leafNode>
- <leafNode name="description">
- <properties>
- <help>Interface description</help>
- <constraint>
- <regex>^.{1,256}$</regex>
- </constraint>
- <constraintErrorMessage>Interface description too long (limit 256 characters)</constraintErrorMessage>
- </properties>
- </leafNode>
- <node name="dhcp-options">
- <properties>
- <help>DHCP options</help>
- </properties>
- <children>
- <leafNode name="client-id">
- <properties>
- <help>DHCP client identifier</help>
- </properties>
- </leafNode>
- <leafNode name="host-name">
- <properties>
- <help>DHCP client host name (overrides system host name)</help>
- </properties>
- </leafNode>
- <leafNode name="vendor-class-id">
- <properties>
- <help>DHCP client vendor type</help>
- </properties>
- </leafNode>
- </children>
- </node>
- <node name="dhcpv6-options">
- <properties>
- <help>DHCPv6 options</help>
- <priority>319</priority>
- </properties>
- <children>
- <leafNode name="parameters-only">
- <properties>
- <help>Acquire only config parameters, no address</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="temporary">
- <properties>
- <help>IPv6 "temporary" address</help>
- <valueless/>
- </properties>
- </leafNode>
- </children>
- </node>
- <leafNode name="disable-link-detect">
- <properties>
- <help>Ignore link state changes</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="disable">
- <properties>
- <help>Disable this bridge interface</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="egress-qos">
- <properties>
- <help>VLAN egress QoS</help>
- <completionHelp>
- <script>echo Format for qos mapping \"0:1 1:6 7:6\"</script>
- </completionHelp>
- <constraint>
- <regex>[:0-7 ]+$</regex>
- </constraint>
- <constraintErrorMessage>QoS mapping should be in the format of \"0:7 2:3\" with numbers 0-9</constraintErrorMessage>
- </properties>
- </leafNode>
- <leafNode name="ingress-qos">
- <properties>
- <help>VLAN ingress QoS</help>
- <completionHelp>
- <script>echo Format for qos mapping \"0:1 1:6 7:6\"</script>
- </completionHelp>
- <constraint>
- <regex>[:0-7 ]+$</regex>
- </constraint>
- <constraintErrorMessage>QoS mapping should be in the format of \"0:7 2:3\" with numbers 0-9</constraintErrorMessage>
- </properties>
- </leafNode>
- <node name="ip">
- <children>
- <leafNode name="arp-cache-timeout">
- <properties>
- <help>ARP cache entry timeout in seconds</help>
- <valueHelp>
- <format>1-86400</format>
- <description>ARP cache entry timout in seconds (default 30)</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--range 1-86400"/>
- </constraint>
- <constraintErrorMessage>ARP cache entry timeout must be between 1 and 86400 seconds</constraintErrorMessage>
- </properties>
- </leafNode>
- <leafNode name="enable-proxy-arp">
- <properties>
- <help>Enable proxy-arp on this interface</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="proxy-arp-pvlan">
- <properties>
- <help>Enable private VLAN proxy ARP on this interface</help>
- <valueless/>
- </properties>
- </leafNode>
- </children>
- </node>
- <leafNode name="mac">
- <properties>
- <help>Media Access Control (MAC) address</help>
- <valueHelp>
- <format>h:h:h:h:h:h</format>
- <description>Hardware (MAC) address</description>
- </valueHelp>
- <constraint>
- <validator name="mac-address"/>
- </constraint>
- </properties>
- </leafNode>
- <leafNode name="mtu">
- <properties>
- <help>Maximum Transmission Unit (MTU)</help>
- <valueHelp>
- <format>68-9000</format>
- <description>Maximum Transmission Unit</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--range 68-9000"/>
- </constraint>
- <constraintErrorMessage>MTU must be between 68 and 9000</constraintErrorMessage>
- </properties>
- </leafNode>
- </children>
- </tagNode>
- </children>
- </tagNode>
- </children>
- </node>
-</interfaceDefinition>
diff --git a/interface-definitions/interfaces-ethernet.xml.in b/interface-definitions/interfaces-ethernet.xml.in
new file mode 100644
index 000000000..7fa20ac18
--- /dev/null
+++ b/interface-definitions/interfaces-ethernet.xml.in
@@ -0,0 +1,273 @@
+<?xml version="1.0"?>
+<interfaceDefinition>
+ <node name="interfaces">
+ <children>
+ <tagNode name="ethernet" owner="${vyos_conf_scripts_dir}/interfaces-ethernet.py">
+ <properties>
+ <help>Ethernet interface name</help>
+ <priority>318</priority>
+ <constraint>
+ <regex>((eth|lan)[0-9]+|(eno|ens|enp|enx).+)$</regex>
+ </constraint>
+ <constraintErrorMessage>Invalid Ethernet interface name</constraintErrorMessage>
+ <valueHelp>
+ <format>ethN</format>
+ <description>Ethernet interface name</description>
+ </valueHelp>
+ <valueHelp>
+ <format>en[ospx]N</format>
+ <description>Ethernet interface name</description>
+ </valueHelp>
+ </properties>
+ <children>
+ #include <include/address-ipv4-ipv6-dhcp.xml.i>
+ #include <include/interface-description.xml.i>
+ #include <include/dhcp-dhcpv6-options.xml.i>
+ <leafNode name="disable-flow-control">
+ <properties>
+ <help>Disable Ethernet flow control (pause frames)</help>
+ <valueless/>
+ </properties>
+ </leafNode>
+ #include <include/interface-disable-link-detect.xml.i>
+ #include <include/interface-disable.xml.i>
+ <leafNode name="duplex">
+ <properties>
+ <help>Duplex mode</help>
+ <completionHelp>
+ <list>auto half full</list>
+ </completionHelp>
+ <valueHelp>
+ <format>auto</format>
+ <description>Auto negotiation (default)</description>
+ </valueHelp>
+ <valueHelp>
+ <format>half</format>
+ <description>Half duplex</description>
+ </valueHelp>
+ <valueHelp>
+ <format>full</format>
+ <description>Full duplex</description>
+ </valueHelp>
+ <constraint>
+ <regex>(auto|half|full)</regex>
+ </constraint>
+ <constraintErrorMessage>duplex must be auto, half or full</constraintErrorMessage>
+ </properties>
+ </leafNode>
+ <leafNode name="hw-id">
+ <properties>
+ <help>Media Access Control (MAC) address</help>
+ <valueHelp>
+ <format>h:h:h:h:h:h</format>
+ <description>Hardware (MAC) address</description>
+ </valueHelp>
+ <constraint>
+ <validator name="mac-address"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ <node name="ip">
+ <children>
+ #include <include/interface-arp-cache-timeout.xml.i>
+ #include <include/interface-enable-proxy-arp.xml.i>
+ #include <include/interface-proxy-arp-pvlan.xml.i>
+ </children>
+ </node>
+ #include <include/interface-mac.xml.i>
+ #include <include/interface-mtu-68-9000.xml.i>
+ <node name="offload-options">
+ <properties>
+ <help>Configurable offload options</help>
+ </properties>
+ <children>
+ <leafNode name="generic-receive">
+ <properties>
+ <help>Configure GRO (generic receive offload)</help>
+ <completionHelp>
+ <list>on off</list>
+ </completionHelp>
+ <valueHelp>
+ <format>on</format>
+ <description>Enable GRO (generic receive offload)</description>
+ </valueHelp>
+ <valueHelp>
+ <format>off</format>
+ <description>Disable GRO (generic receive offload)</description>
+ </valueHelp>
+ <constraint>
+ <regex>(on|off)</regex>
+ </constraint>
+ <constraintErrorMessage>Must be either 'on' or 'off'</constraintErrorMessage>
+ </properties>
+ </leafNode>
+ <leafNode name="generic-segmentation">
+ <properties>
+ <help>Configure GSO (generic segmentation offload)</help>
+ <completionHelp>
+ <list>on off</list>
+ </completionHelp>
+ <valueHelp>
+ <format>on</format>
+ <description>Enable GSO (generic segmentation offload)</description>
+ </valueHelp>
+ <valueHelp>
+ <format>off</format>
+ <description>Disable GSO (generic segmentation offload)</description>
+ </valueHelp>
+ <constraint>
+ <regex>(on|off)</regex>
+ </constraint>
+ <constraintErrorMessage>Must be either 'on' or 'off'</constraintErrorMessage>
+ </properties>
+ </leafNode>
+ <leafNode name="scatter-gather">
+ <properties>
+ <help>Configure scatter-gather option</help>
+ <completionHelp>
+ <list>on off</list>
+ </completionHelp>
+ <valueHelp>
+ <format>on</format>
+ <description>Enable scatter-gather</description>
+ </valueHelp>
+ <valueHelp>
+ <format>off</format>
+ <description>Disable scatter-gather</description>
+ </valueHelp>
+ <constraint>
+ <regex>(on|off)</regex>
+ </constraint>
+ <constraintErrorMessage>Must be either 'on' or 'off'</constraintErrorMessage>
+ </properties>
+ </leafNode>
+ <leafNode name="tcp-segmentation">
+ <properties>
+ <help>Configure TSO (TCP segmentation offloading)</help>
+ <completionHelp>
+ <list>on off</list>
+ </completionHelp>
+ <valueHelp>
+ <format>on</format>
+ <description>Enable TSO (TCP segmentation offloading)</description>
+ </valueHelp>
+ <valueHelp>
+ <format>off</format>
+ <description>Disable TSO (TCP segmentation offloading)</description>
+ </valueHelp>
+ <constraint>
+ <regex>(on|off)</regex>
+ </constraint>
+ <constraintErrorMessage>Must be either 'on' or 'off'</constraintErrorMessage>
+ </properties>
+ </leafNode>
+ <leafNode name="udp-fragmentation">
+ <properties>
+ <help>Configure UDP fragmentation offloading</help>
+ <completionHelp>
+ <list>on off</list>
+ </completionHelp>
+ <valueHelp>
+ <format>on</format>
+ <description>Enable UDP fragmentation offloading</description>
+ </valueHelp>
+ <valueHelp>
+ <format>off</format>
+ <description>Disable UDP fragmentation offloading</description>
+ </valueHelp>
+ <constraint>
+ <regex>(on|off)</regex>
+ </constraint>
+ <constraintErrorMessage>Must be either 'on' or 'off'</constraintErrorMessage>
+ </properties>
+ </leafNode>
+ </children>
+ </node>
+ <leafNode name="smp-affinity">
+ <properties>
+ <help>CPU interrupt affinity mask</help>
+ <completionHelp>
+ <list>auto 10 100 1000 2500 5000 10000</list>
+ </completionHelp>
+ <valueHelp>
+ <format>auto</format>
+ <description>Auto negotiation (default)</description>
+ </valueHelp>
+ <valueHelp>
+ <format>hex</format>
+ <description>Bitmask representing CPUs that this NIC will interrupt</description>
+ </valueHelp>
+ <valueHelp>
+ <format>hex,hex</format>
+ <description>Bitmasks representing CPUs for interrupt and receive processing</description>
+ </valueHelp>
+ <constraint>
+ <regex>(auto)</regex>
+ <regex>[0-9a-f]+(|,[0-9a-f]+)$</regex>
+ </constraint>
+ <constraintErrorMessage>IRQ affinity mask must be hex value or auto</constraintErrorMessage>
+ </properties>
+ </leafNode>
+ <leafNode name="speed">
+ <properties>
+ <help>Link speed</help>
+ <completionHelp>
+ <list>auto 10 100 1000 2500 5000 10000 25000 40000 50000 100000</list>
+ </completionHelp>
+ <valueHelp>
+ <format>auto</format>
+ <description>Auto negotiation (default)</description>
+ </valueHelp>
+ <valueHelp>
+ <format>10</format>
+ <description>10 Mbit/sec</description>
+ </valueHelp>
+ <valueHelp>
+ <format>100</format>
+ <description>100 Mbit/sec</description>
+ </valueHelp>
+ <valueHelp>
+ <format>1000</format>
+ <description>1 Gbit/sec</description>
+ </valueHelp>
+ <valueHelp>
+ <format>2500</format>
+ <description>2.5 Gbit/sec</description>
+ </valueHelp>
+ <valueHelp>
+ <format>5000</format>
+ <description>5 Gbit/sec</description>
+ </valueHelp>
+ <valueHelp>
+ <format>10000</format>
+ <description>10 Gbit/sec</description>
+ </valueHelp>
+ <valueHelp>
+ <format>25000</format>
+ <description>25 Gbit/sec</description>
+ </valueHelp>
+ <valueHelp>
+ <format>40000</format>
+ <description>40 Gbit/sec</description>
+ </valueHelp>
+ <valueHelp>
+ <format>50000</format>
+ <description>50 Gbit/sec</description>
+ </valueHelp>
+ <valueHelp>
+ <format>100000</format>
+ <description>100 Gbit/sec</description>
+ </valueHelp>
+ <constraint>
+ <regex>(auto|10|100|1000|2500|5000|10000|25000|40000|50000|100000)</regex>
+ </constraint>
+ <constraintErrorMessage>Speed must be auto, 10, 100, 1000, 2500, 5000, 10000, 25000, 40000, 50000 or 100000</constraintErrorMessage>
+ </properties>
+ </leafNode>
+ #include <include/vif-s.xml.i>
+ #include <include/vif.xml.i>
+ </children>
+ </tagNode>
+ </children>
+ </node>
+</interfaceDefinition>
diff --git a/interface-definitions/interfaces-geneve.xml b/interface-definitions/interfaces-geneve.xml
deleted file mode 100644
index e65ce6826..000000000
--- a/interface-definitions/interfaces-geneve.xml
+++ /dev/null
@@ -1,118 +0,0 @@
-<?xml version="1.0"?>
-<interfaceDefinition>
- <node name="interfaces">
- <children>
- <tagNode name="geneve" owner="${vyos_conf_scripts_dir}/interfaces-geneve.py">
- <properties>
- <help>Generic Network Virtualization Encapsulation (GENEVE)</help>
- <priority>460</priority>
- <constraint>
- <regex>gnv[0-9]+$</regex>
- </constraint>
- <constraintErrorMessage>GENEVE interface must be named gnvN</constraintErrorMessage>
- <valueHelp>
- <format>gnvN</format>
- <description>GENEVE interface name</description>
- </valueHelp>
- </properties>
- <children>
- <leafNode name="address">
- <properties>
- <help>IP address</help>
- <valueHelp>
- <format>ipv4net</format>
- <description>IPv4 address and prefix length</description>
- </valueHelp>
- <valueHelp>
- <format>ipv6net</format>
- <description>IPv6 address and prefix length</description>
- </valueHelp>
- <multi/>
- <constraint>
- <validator name="ip-cidr"/>
- </constraint>
- </properties>
- </leafNode>
- <leafNode name="description">
- <properties>
- <help>Interface description</help>
- <constraint>
- <regex>^.{1,256}$</regex>
- </constraint>
- <constraintErrorMessage>Interface description too long (limit 256 characters)</constraintErrorMessage>
- </properties>
- </leafNode>
- <leafNode name="disable">
- <properties>
- <help>Disable interface</help>
- <valueless/>
- </properties>
- </leafNode>
- <node name="ip">
- <properties>
- <help>IPv4 routing parameters</help>
- </properties>
- <children>
- <leafNode name="arp-cache-timeout">
- <properties>
- <help>ARP cache entry timeout in seconds</help>
- <valueHelp>
- <format>1-86400</format>
- <description>ARP cache entry timout in seconds (default 30)</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--range 1-86400"/>
- </constraint>
- <constraintErrorMessage>ARP cache entry timeout must be between 1 and 86400 seconds</constraintErrorMessage>
- </properties>
- </leafNode>
- <leafNode name="enable-proxy-arp">
- <properties>
- <help>Enable proxy-arp on this interface</help>
- <valueless/>
- </properties>
- </leafNode>
- </children>
- </node>
- <leafNode name="mtu">
- <properties>
- <help>Maximum Transmission Unit (MTU)</help>
- <valueHelp>
- <format>1450-9000</format>
- <description>Maximum Transmission Unit</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--range 1500-9000"/>
- </constraint>
- <constraintErrorMessage>MTU must be between 1500 and 9000</constraintErrorMessage>
- </properties>
- </leafNode>
- <leafNode name="remote">
- <properties>
- <help>Remote address of GENEVE tunnel</help>
- <valueHelp>
- <format>ipv4</format>
- <description>Remote address of GENEVE tunnel</description>
- </valueHelp>
- <constraint>
- <validator name="ipv4-address"/>
- </constraint>
- </properties>
- </leafNode>
- <leafNode name="vni">
- <properties>
- <help>Virtual Network Identifier</help>
- <valueHelp>
- <format>0-16777214</format>
- <description>GENEVE virtual network identifier</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--range 0-16777214"/>
- </constraint>
- </properties>
- </leafNode>
- </children>
- </tagNode>
- </children>
- </node>
-</interfaceDefinition>
diff --git a/interface-definitions/interfaces-geneve.xml.in b/interface-definitions/interfaces-geneve.xml.in
new file mode 100644
index 000000000..0a866143e
--- /dev/null
+++ b/interface-definitions/interfaces-geneve.xml.in
@@ -0,0 +1,60 @@
+<?xml version="1.0"?>
+<interfaceDefinition>
+ <node name="interfaces">
+ <children>
+ <tagNode name="geneve" owner="${vyos_conf_scripts_dir}/interfaces-geneve.py">
+ <properties>
+ <help>Generic Network Virtualization Encapsulation (GENEVE)</help>
+ <priority>460</priority>
+ <constraint>
+ <regex>gnv[0-9]+$</regex>
+ </constraint>
+ <constraintErrorMessage>GENEVE interface must be named gnvN</constraintErrorMessage>
+ <valueHelp>
+ <format>gnvN</format>
+ <description>GENEVE interface name</description>
+ </valueHelp>
+ </properties>
+ <children>
+ #include <include/address-ipv4-ipv6.xml.i>
+ #include <include/interface-description.xml.i>
+ #include <include/interface-disable.xml.i>
+ <node name="ip">
+ <properties>
+ <help>IPv4 routing parameters</help>
+ </properties>
+ <children>
+ #include <include/interface-arp-cache-timeout.xml.i>
+ #include <include/interface-enable-proxy-arp.xml.i>
+ </children>
+ </node>
+ #include <include/interface-mtu-1450-9000.xml.i>
+ <leafNode name="remote">
+ <properties>
+ <help>Remote address of GENEVE tunnel</help>
+ <valueHelp>
+ <format>ipv4</format>
+ <description>Remote address of GENEVE tunnel</description>
+ </valueHelp>
+ <constraint>
+ <validator name="ipv4-address"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ <leafNode name="vni">
+ <properties>
+ <help>Virtual Network Identifier</help>
+ <valueHelp>
+ <format>0-16777214</format>
+ <description>GENEVE virtual network identifier</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 0-16777214"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ </children>
+ </tagNode>
+ </children>
+ </node>
+</interfaceDefinition>
diff --git a/interface-definitions/interfaces-loopback.xml b/interface-definitions/interfaces-loopback.xml
deleted file mode 100644
index 0f003bc64..000000000
--- a/interface-definitions/interfaces-loopback.xml
+++ /dev/null
@@ -1,46 +0,0 @@
-<?xml version="1.0"?>
-<interfaceDefinition>
- <node name="interfaces">
- <children>
- <tagNode name="loopback" owner="${vyos_conf_scripts_dir}/interfaces-loopback.py">
- <properties>
- <help>Loopback interface</help>
- <priority>300</priority>
- <constraint>
- <regex>lo$</regex>
- </constraint>
- <constraintErrorMessage>Loopback interface must be named lo</constraintErrorMessage>
- <valueHelp>
- <format>lo</format>
- <description>Loopback interface</description>
- </valueHelp>
- </properties>
- <children>
- <leafNode name="address">
- <properties>
- <help>IP address</help>
- <valueHelp>
- <format>ipv4net</format>
- <description>IPv4 address and prefix length</description>
- </valueHelp>
- <valueHelp>
- <format>ipv6net</format>
- <description>IPv6 address and prefix length</description>
- </valueHelp>
- <multi/>
- </properties>
- </leafNode>
- <leafNode name="description">
- <properties>
- <help>Interface description</help>
- <constraint>
- <regex>^.{1,256}$</regex>
- </constraint>
- <constraintErrorMessage>Interface description too long (limit 256 characters)</constraintErrorMessage>
- </properties>
- </leafNode>
- </children>
- </tagNode>
- </children>
- </node>
-</interfaceDefinition>
diff --git a/interface-definitions/interfaces-loopback.xml.in b/interface-definitions/interfaces-loopback.xml.in
new file mode 100644
index 000000000..007a0f189
--- /dev/null
+++ b/interface-definitions/interfaces-loopback.xml.in
@@ -0,0 +1,25 @@
+<?xml version="1.0"?>
+<interfaceDefinition>
+ <node name="interfaces">
+ <children>
+ <tagNode name="loopback" owner="${vyos_conf_scripts_dir}/interfaces-loopback.py">
+ <properties>
+ <help>Loopback interface</help>
+ <priority>300</priority>
+ <constraint>
+ <regex>lo$</regex>
+ </constraint>
+ <constraintErrorMessage>Loopback interface must be named lo</constraintErrorMessage>
+ <valueHelp>
+ <format>lo</format>
+ <description>Loopback interface</description>
+ </valueHelp>
+ </properties>
+ <children>
+ #include <include/address-ipv4-ipv6.xml.i>
+ #include <include/interface-description.xml.i>
+ </children>
+ </tagNode>
+ </children>
+ </node>
+</interfaceDefinition>
diff --git a/interface-definitions/interfaces-openvpn.xml b/interface-definitions/interfaces-openvpn.xml.in
similarity index 98%
rename from interface-definitions/interfaces-openvpn.xml
rename to interface-definitions/interfaces-openvpn.xml.in
index 2c2556f45..638e9048b 100644
--- a/interface-definitions/interfaces-openvpn.xml
+++ b/interface-definitions/interfaces-openvpn.xml.in
@@ -1,677 +1,668 @@
<?xml version="1.0"?>
<interfaceDefinition>
<node name="interfaces">
<children>
<tagNode name="openvpn" owner="${vyos_conf_scripts_dir}/interfaces-openvpn.py">
<properties>
<help>OpenVPN tunnel interface name</help>
<priority>460</priority>
<constraint>
<regex>^vtun[0-9]+$</regex>
</constraint>
<constraintErrorMessage>OpenVPN tunnel interface must be named vtunN</constraintErrorMessage>
<valueHelp>
<format>vtunN</format>
<description>OpenVPN interface name</description>
</valueHelp>
</properties>
<children>
<node name="authentication">
<properties>
<help>Authentication options</help>
</properties>
<children>
<leafNode name="password">
<properties>
<help>OpenVPN password used for authentication</help>
</properties>
</leafNode>
<leafNode name="username">
<properties>
<help>OpenVPN username used for authentication</help>
</properties>
</leafNode>
</children>
</node>
- <leafNode name="description">
- <properties>
- <help>Description</help>
- </properties>
- </leafNode>
+ #include <include/interface-description.xml.i>
<leafNode name="device-type">
<properties>
<help>OpenVPN interface device-type</help>
<completionHelp>
<list>tun tap</list>
</completionHelp>
<valueHelp>
<format>tun</format>
<description>TUN device, required for OSI layer 3</description>
</valueHelp>
<valueHelp>
<format>tap</format>
<description>TAP device, required for OSI layer 2</description>
</valueHelp>
<constraint>
<regex>(tun|tap)</regex>
</constraint>
</properties>
</leafNode>
- <leafNode name="disable">
- <properties>
- <help>Disable interface</help>
- <valueless/>
- </properties>
- </leafNode>
+ #include <include/interface-disable.xml.i>
<node name="encryption">
<properties>
<help>Data Encryption settings</help>
</properties>
<children>
<leafNode name="cipher">
<properties>
<help>Standard Data Encryption Algorithm</help>
<completionHelp>
<list>des 3des bf128 bf256 aes128 aes128gcm aes192 aes192gcm aes256 aes256gcm</list>
</completionHelp>
<valueHelp>
<format>des</format>
<description>DES algorithm</description>
</valueHelp>
<valueHelp>
<format>3des</format>
<description>DES algorithm with triple encryption</description>
</valueHelp>
<valueHelp>
<format>bf128</format>
<description>Blowfish algorithm with 128-bit key</description>
</valueHelp>
<valueHelp>
<format>bf256</format>
<description>Blowfish algorithm with 256-bit key</description>
</valueHelp>
<valueHelp>
<format>aes128</format>
<description>AES algorithm with 128-bit key CBC</description>
</valueHelp>
<valueHelp>
<format>aes128gcm</format>
<description>AES algorithm with 128-bit key GCM</description>
</valueHelp>
<valueHelp>
<format>aes192</format>
<description>AES algorithm with 192-bit key CBC</description>
</valueHelp>
<valueHelp>
<format>aes192gcm</format>
<description>AES algorithm with 192-bit key GCM</description>
</valueHelp>
<valueHelp>
<format>aes256</format>
<description>AES algorithm with 256-bit key CBC</description>
</valueHelp>
<valueHelp>
<format>aes256gcm</format>
<description>AES algorithm with 256-bit key GCM</description>
</valueHelp>
<constraint>
<regex>(des|3des|bf128|bf256|aes128|aes128gcm|aes192|aes192gcm|aes256|aes256gcm)</regex>
</constraint>
</properties>
</leafNode>
<leafNode name="ncp-ciphers">
<properties>
<help>Cipher negotiation list for use in server or client mode</help>
<completionHelp>
<list>des 3des aes128 aes128gcm aes192 aes192gcm aes256 aes256gcm</list>
</completionHelp>
<valueHelp>
<format>des</format>
<description>DES algorithm</description>
</valueHelp>
<valueHelp>
<format>3des</format>
<description>DES algorithm with triple encryption</description>
</valueHelp>
<valueHelp>
<format>aes128</format>
<description>AES algorithm with 128-bit key CBC</description>
</valueHelp>
<valueHelp>
<format>aes128gcm</format>
<description>AES algorithm with 128-bit key GCM</description>
</valueHelp>
<valueHelp>
<format>aes192</format>
<description>AES algorithm with 192-bit key CBC</description>
</valueHelp>
<valueHelp>
<format>aes192gcm</format>
<description>AES algorithm with 192-bit key GCM</description>
</valueHelp>
<valueHelp>
<format>aes256</format>
<description>AES algorithm with 256-bit key CBC</description>
</valueHelp>
<valueHelp>
<format>aes256gcm</format>
<description>AES algorithm with 256-bit key GCM</description>
</valueHelp>
<constraint>
<regex>(des|3des|aes128|aes128gcm|aes192|aes192gcm|aes256|aes256gcm)</regex>
</constraint>
<multi/>
</properties>
</leafNode>
<leafNode name="disable-ncp">
<properties>
<help>Disable support for ncp-ciphers</help>
<valueless/>
</properties>
</leafNode>
</children>
</node>
<leafNode name="hash">
<properties>
<help>Hashing Algorithm</help>
<completionHelp>
<list>md5 sha1 sha256 sha384 sha512</list>
</completionHelp>
<valueHelp>
<format>md5</format>
<description>MD5 algorithm</description>
</valueHelp>
<valueHelp>
<format>sha1</format>
<description>SHA-1 algorithm</description>
</valueHelp>
<valueHelp>
<format>sha256</format>
<description>SHA-256 algorithm</description>
</valueHelp>
<valueHelp>
<format>sha384</format>
<description>SHA-384 algorithm</description>
</valueHelp>
<valueHelp>
<format>sha512</format>
<description>SHA-512 algorithm</description>
</valueHelp>
<constraint>
<regex>(md5|sha1|sha256|sha384|sha512)</regex>
</constraint>
</properties>
</leafNode>
<node name="keep-alive">
<properties>
<help>Keepalive helper options</help>
</properties>
<children>
<leafNode name="failure-count">
<properties>
<help>Maximum number of keepalive packet failures [default 6]</help>
<valueHelp>
<format>0-1000</format>
<description>Maximum number of keepalive packet failures</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 0-1000"/>
</constraint>
</properties>
</leafNode>
<leafNode name="interval">
<properties>
<help>Keepalive packet interval (seconds) [default 10]</help>
<valueHelp>
<format>0-600</format>
<description>Keepalive packet interval (seconds)</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 0-600"/>
</constraint>
</properties>
</leafNode>
</children>
</node>
<tagNode name="local-address">
<properties>
<help>Local IP address of tunnel</help>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
<children>
<leafNode name="subnet-mask">
<properties>
<help>Subnet-mask for local IP address of tunnel</help>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
</children>
</tagNode>
<leafNode name="local-host">
<properties>
<help>Local IP address to accept connections (all if not set)</help>
<valueHelp>
<format>ipv4</format>
<description>Local IPv4 address</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="local-port">
<properties>
<help>Local port number to accept connections</help>
<valueHelp>
<format>1-65535</format>
<description>Numeric IP port</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 1-65535"/>
</constraint>
</properties>
</leafNode>
<leafNode name="mode">
<properties>
<help>OpenVPN mode of operation</help>
<completionHelp>
<list>site-to-site client server</list>
</completionHelp>
<valueHelp>
<format>site-to-site</format>
<description>Site-to-site mode</description>
</valueHelp>
<valueHelp>
<format>client</format>
<description>Client in client-server mode</description>
</valueHelp>
<valueHelp>
<format>server</format>
<description>Server in client-server mode</description>
</valueHelp>
<constraint>
<regex>(site-to-site|client|server)</regex>
</constraint>
</properties>
</leafNode>
<leafNode name="openvpn-option">
<properties>
<help>Additional OpenVPN options. You must
use the syntax of openvpn.conf in this text-field. Using this
without proper knowledge may result in a crashed OpenVPN server.
Check system log to look for errors.</help>
<multi/>
</properties>
</leafNode>
<leafNode name="persistent-tunnel">
<properties>
<help>Do not close and reopen interface (TUN/TAP device) on client restarts</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="protocol">
<properties>
<help>OpenVPN communication protocol</help>
<completionHelp>
<list>udp tcp-passive tcp-active</list>
</completionHelp>
<valueHelp>
<format>udp</format>
<description>Site-to-site mode</description>
</valueHelp>
<valueHelp>
<format>tcp-passive</format>
<description>TCP and accepts connections passively</description>
</valueHelp>
<valueHelp>
<format>tcp-active</format>
<description>TCP and initiates connections actively</description>
</valueHelp>
<constraint>
<regex>(udp|tcp-passive|tcp-active)</regex>
</constraint>
</properties>
</leafNode>
<leafNode name="remote-address">
<properties>
<help>IP address of remote end of tunnel</help>
<valueHelp>
<format>ipv4</format>
<description>Remote end IPv4 address</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="remote-host">
<properties>
<help>Remote host to connect to (dynamic if not set)</help>
<valueHelp>
<format>ipv4</format>
<description>IP address of remote host</description>
</valueHelp>
<valueHelp>
<format>txt</format>
<description>Hostname of remote host</description>
</valueHelp>
<multi/>
</properties>
</leafNode>
<leafNode name="remote-port">
<properties>
<help>Remote port number to connect to</help>
<valueHelp>
<format>1-65535</format>
<description>Numeric IP port</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 1-65535"/>
</constraint>
</properties>
</leafNode>
<node name="replace-default-route">
<properties>
<help>OpenVPN tunnel to be used as the default route</help>
</properties>
<children>
<leafNode name="local">
<properties>
<help>Tunnel endpoints are on the same subnet</help>
</properties>
</leafNode>
</children>
</node>
<node name="server">
<properties>
<help>Server-mode options</help>
</properties>
<children>
<tagNode name="client">
<properties>
<help>Client-specific settings</help>
<valueHelp>
<format>name</format>
<description>Client common-name in the certificate</description>
</valueHelp>
</properties>
<children>
<leafNode name="disable">
<properties>
<help>Option to disable client connection</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="ip">
<properties>
<help>IP address of the client</help>
<valueHelp>
<format>ipv4</format>
<description>Client IPv4 address</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="push-route">
<properties>
<help>Route to be pushed to the client</help>
<valueHelp>
<format>ipv4net</format>
<description>IPv4 network and prefix length</description>
</valueHelp>
<constraint>
<validator name="ipv4-prefix"/>
</constraint>
<multi/>
</properties>
</leafNode>
<leafNode name="subnet">
<properties>
<help>Subnet belonging to the client</help>
<valueHelp>
<format>ipv4net</format>
<description>IPv4 network and prefix length belonging to the client</description>
</valueHelp>
<constraint>
<validator name="ipv4-prefix"/>
</constraint>
<multi/>
</properties>
</leafNode>
</children>
</tagNode>
<leafNode name="domain-name">
<properties>
<help>DNS suffix to be pushed to all clients</help>
<valueHelp>
<format>txt</format>
<description>Domain Name Server suffix</description>
</valueHelp>
</properties>
</leafNode>
<leafNode name="max-connections">
<properties>
<help>Number of maximum client connections</help>
<valueHelp>
<format>1-4096</format>
<description>Number of concurrent clients</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 1-4096"/>
</constraint>
</properties>
</leafNode>
<leafNode name="name-server">
<properties>
<help>Domain Name Server (DNS)</help>
<valueHelp>
<format>ipv4</format>
<description>DNS server IPv4 address</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
<multi/>
</properties>
</leafNode>
<leafNode name="push-route">
<properties>
<help>Route to be pushed to all clients</help>
<valueHelp>
<format>ipv4net</format>
<description>IPv4 network and prefix length</description>
</valueHelp>
<constraint>
<validator name="ipv4-prefix"/>
</constraint>
<multi/>
</properties>
</leafNode>
<leafNode name="reject-unconfigured-clients">
<properties>
<help>Reject connections from clients that are not explicitly configured</help>
</properties>
</leafNode>
<leafNode name="subnet">
<properties>
<help>Server-mode subnet (from which client IPs are allocated)</help>
<valueHelp>
<format>ipv4net</format>
<description>IPv4 address and prefix length</description>
</valueHelp>
<constraint>
<validator name="ipv4-prefix"/>
</constraint>
</properties>
</leafNode>
<leafNode name="topology">
<properties>
<help>Topology for clients</help>
<completionHelp>
<list>point-to-point subnet</list>
</completionHelp>
<valueHelp>
<format>point-to-point</format>
<description>Point-to-point topology</description>
</valueHelp>
<valueHelp>
<format>subnet</format>
<description>Subnet topology</description>
</valueHelp>
<constraint>
<regex>(subnet|point-to-point)</regex>
</constraint>
</properties>
</leafNode>
</children>
</node>
<leafNode name="shared-secret-key-file">
<properties>
<help>File containing the secret key shared with remote end of tunnel</help>
<valueHelp>
<format>file</format>
<description>File in /config/auth directory</description>
</valueHelp>
<constraint>
<validator name="file-exists" argument="--directory /config/auth"/>
</constraint>
</properties>
</leafNode>
<node name="tls">
<properties>
<help>Transport Layer Security (TLS) options</help>
</properties>
<children>
<leafNode name="auth-file">
<properties>
<help>File containing tls static key for tls-auth</help>
<valueHelp>
<format>file</format>
<description>File in /config/auth directory</description>
</valueHelp>
<constraint>
<validator name="file-exists" argument="--directory /config/auth"/>
</constraint>
</properties>
</leafNode>
<leafNode name="ca-cert-file">
<properties>
<help>File containing certificate for Certificate Authority (CA)</help>
<valueHelp>
<format>file</format>
<description>File in /config/auth directory</description>
</valueHelp>
<constraint>
<validator name="file-exists" argument="--directory /config/auth"/>
</constraint>
</properties>
</leafNode>
<leafNode name="cert-file">
<properties>
<help>File containing certificate for this host</help>
<valueHelp>
<format>file</format>
<description>File in /config/auth directory</description>
</valueHelp>
<constraint>
<validator name="file-exists" argument="--directory /config/auth"/>
</constraint>
</properties>
</leafNode>
<leafNode name="crl-file">
<properties>
<help>File containing certificate revocation list (CRL) for this host</help>
<valueHelp>
<format>file</format>
<description>File in /config/auth directory</description>
</valueHelp>
<constraint>
<validator name="file-exists" argument="--directory /config/auth"/>
</constraint>
</properties>
</leafNode>
<leafNode name="dh-file">
<properties>
<help>File containing Diffie Hellman parameters (server only)</help>
<valueHelp>
<format>file</format>
<description>File in /config/auth directory</description>
</valueHelp>
<constraint>
<validator name="file-exists" argument="--directory /config/auth"/>
</constraint>
</properties>
</leafNode>
<leafNode name="key-file">
<properties>
- <help>File containing this host's private key</help>
+ <help>Private key for this host</help>
<valueHelp>
<format>file</format>
<description>File in /config/auth directory</description>
</valueHelp>
<constraint>
<validator name="file-exists" argument="--directory /config/auth"/>
</constraint>
</properties>
</leafNode>
<leafNode name="tls-version-min">
<properties>
<help>Specify the minimum required TLS version</help>
<completionHelp>
<list>1.0 1.1 1.2</list>
</completionHelp>
<valueHelp>
<format>1.0</format>
<description>TLS v1.0</description>
</valueHelp>
<valueHelp>
<format>1.1</format>
<description>TLS v1.1</description>
</valueHelp>
<valueHelp>
<format>1.2</format>
<description>TLS v1.2</description>
</valueHelp>
<constraint>
<regex>(1.0|1.1|1.2)</regex>
</constraint>
</properties>
</leafNode>
<leafNode name="role">
<properties>
- <help>File containing this host's private key</help>
+ <help>Private key for this host</help>
<completionHelp>
<list>active passive</list>
</completionHelp>
<valueHelp>
<format>active</format>
<description>Initiate TLS negotiation actively</description>
</valueHelp>
<valueHelp>
<format>passive</format>
<description>Waiting for TLS connections passively</description>
</valueHelp>
<constraint>
<regex>(active|passive)</regex>
</constraint>
</properties>
</leafNode>
</children>
</node>
<leafNode name="use-lzo-compression">
<properties>
<help>Use fast LZO compression on this TUN/TAP interface</help>
<valueless/>
</properties>
</leafNode>
</children>
</tagNode>
</children>
</node>
</interfaceDefinition>
diff --git a/interface-definitions/interfaces-vxlan.xml b/interface-definitions/interfaces-vxlan.xml.in
similarity index 54%
rename from interface-definitions/interfaces-vxlan.xml
rename to interface-definitions/interfaces-vxlan.xml.in
index f93711741..f6b5cadac 100644
--- a/interface-definitions/interfaces-vxlan.xml
+++ b/interface-definitions/interfaces-vxlan.xml.in
@@ -1,151 +1,93 @@
<?xml version="1.0"?>
<interfaceDefinition>
<node name="interfaces">
<children>
<tagNode name="vxlan" owner="${vyos_conf_scripts_dir}/interfaces-vxlan.py">
<properties>
<help>Virtual extensible LAN interface (VXLAN)</help>
<priority>460</priority>
<constraint>
<regex>vxlan[0-9]+$</regex>
</constraint>
<constraintErrorMessage>VXLAN interface must be named vxlanN</constraintErrorMessage>
<valueHelp>
<format>vxlanN</format>
<description>VXLAN interface name</description>
</valueHelp>
</properties>
<children>
- <leafNode name="address">
- <properties>
- <help>IP address</help>
- <valueHelp>
- <format>ipv4net</format>
- <description>IPv4 address and prefix length</description>
- </valueHelp>
- <valueHelp>
- <format>ipv6net</format>
- <description>IPv6 address and prefix length</description>
- </valueHelp>
- <multi/>
- <constraint>
- <validator name="ip-cidr"/>
- </constraint>
- </properties>
- </leafNode>
- <leafNode name="description">
- <properties>
- <help>Interface description</help>
- <constraint>
- <regex>^.{1,256}$</regex>
- </constraint>
- <constraintErrorMessage>Interface description too long (limit 256 characters)</constraintErrorMessage>
- </properties>
- </leafNode>
- <leafNode name="disable">
- <properties>
- <help>Disable interface</help>
- <valueless/>
- </properties>
- </leafNode>
+ #include <include/address-ipv4-ipv6.xml.i>
+ #include <include/interface-description.xml.i>
+ #include <include/interface-disable.xml.i>
<leafNode name="group">
<properties>
<help>Multicast group address for VXLAN interface</help>
<valueHelp>
<format>ipv4</format>
<description>Multicast group address</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<node name="ip">
<children>
- <leafNode name="arp-cache-timeout">
- <properties>
- <help>ARP cache entry timeout in seconds</help>
- <valueHelp>
- <format>1-86400</format>
- <description>ARP cache entry timout in seconds (default 30)</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--range 1-86400"/>
- </constraint>
- <constraintErrorMessage>ARP cache entry timeout must be between 1 and 86400 seconds</constraintErrorMessage>
- </properties>
- </leafNode>
- <leafNode name="enable-proxy-arp">
- <properties>
- <help>Enable proxy-arp on this interface</help>
- <valueless/>
- </properties>
- </leafNode>
+ #include <include/interface-arp-cache-timeout.xml.i>
+ #include <include/interface-enable-proxy-arp.xml.i>
</children>
</node>
<leafNode name="link">
<properties>
<help>Underlay device of VXLAN interface</help>
<valueHelp>
<format>interface</format>
<description>Interface used for VXLAN underlay</description>
</valueHelp>
<completionHelp>
<script>${vyos_completion_dir}/list_interfaces.py</script>
</completionHelp>
</properties>
</leafNode>
- <leafNode name="mtu">
- <properties>
- <help>Maximum Transmission Unit (MTU)</help>
- <valueHelp>
- <format>1450-9000</format>
- <description>Maximum Transmission Unit</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--range 1450-9000"/>
- </constraint>
- <constraintErrorMessage>MTU must be between 1450 and 9000</constraintErrorMessage>
- </properties>
- </leafNode>
+ #include <include/interface-mtu-1450-9000.xml.i>
<leafNode name="remote">
<properties>
<help>Remote address of VXLAN tunnel</help>
<valueHelp>
<format>ipv4</format>
<description>Remote address of VXLAN tunnel</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="port">
<properties>
<help>Destination port of VXLAN tunnel (default: 8472)</help>
<valueHelp>
<format>1-65535</format>
<description>Numeric IP port</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 1-65535"/>
</constraint>
</properties>
</leafNode>
<leafNode name="vni">
<properties>
<help>Virtual Network Identifier</help>
<valueHelp>
<format>0-16777214</format>
<description>VXLAN virtual network identifier</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 0-16777214"/>
</constraint>
</properties>
</leafNode>
</children>
</tagNode>
</children>
</node>
</interfaceDefinition>
diff --git a/interface-definitions/interfaces-wireguard.xml b/interface-definitions/interfaces-wireguard.xml.in
similarity index 79%
rename from interface-definitions/interfaces-wireguard.xml
rename to interface-definitions/interfaces-wireguard.xml.in
index 0c32a3bc1..6be0292a1 100644
--- a/interface-definitions/interfaces-wireguard.xml
+++ b/interface-definitions/interfaces-wireguard.xml.in
@@ -1,150 +1,121 @@
<?xml version="1.0"?>
<interfaceDefinition>
<node name="interfaces">
<children>
<tagNode name="wireguard" owner="${vyos_conf_scripts_dir}/interfaces-wireguard.py">
<properties>
<help>WireGuard interface name</help>
<priority>459</priority>
<!-- subsequent ones may be removed, just make sure ethernet ifs are present -->
<constraint>
<regex>^wg[0-9]{1,4}</regex>
</constraint>
<constraintErrorMessage>illegal interface name</constraintErrorMessage>
<valueHelp>
<format>wgN</format>
<description>WireGuard interface name</description>
</valueHelp>
</properties>
<children>
- <leafNode name="address">
- <properties>
- <help>IP address</help>
- <constraint>
- <validator name="ip-cidr"/>
- </constraint>
- <valueHelp>
- <format>ipv4net</format>
- <description>IPv4 address and prefix length</description>
- </valueHelp>
- <valueHelp>
- <format>ipv6net</format>
- <description>IPv6 address and prefix length</description>
- </valueHelp>
- <multi/>
- </properties>
- </leafNode>
- <leafNode name="description">
- <properties>
- <help>description</help>
- <constraint>
- <regex>^.{1,100}$</regex>
- </constraint>
- <constraintErrorMessage>interface description is too long (limit 100 characters)</constraintErrorMessage>
- </properties>
- </leafNode>
- <leafNode name="disable">
- <properties>
- <help>disables interface</help>
- <valueless/>
- </properties>
- </leafNode>
+ #include <include/address-ipv4-ipv6.xml.i>
+ #include <include/interface-description.xml.i>
+ #include <include/interface-disable.xml.i>
<leafNode name="port">
<properties>
<help>Local port number to accept connections</help>
<constraint>
<validator name="numeric" argument="--range 1024-65535"/>
</constraint>
</properties>
</leafNode>
<leafNode name="mtu">
<properties>
<help>interface mtu size(default: 1420)</help>
<constraint>
<validator name="numeric" argument="--range 68-9000"/>
</constraint>
</properties>
</leafNode>
<leafNode name="fwmark">
<properties>
<help>A 32-bit fwmark value set on all outgoing packets</help>
<valueHelp>
<format>number</format>
<description>value which marks the packet for QoS/shaper</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 1-255"/>
</constraint>
</properties>
</leafNode>
<leafNode name="private-key">
<properties>
<help>Private key to use on that interface</help>
<completionHelp>
<script>${vyos_op_scripts_dir}/wireguard.py --listkdir</script>
</completionHelp>
</properties>
</leafNode>
<tagNode name="peer">
<properties>
<help>peer alias</help>
<constraint>
<regex>[^ ]{1,100}$</regex>
</constraint>
<constraintErrorMessage>peer alias too long (limit 100 characters)</constraintErrorMessage>
</properties>
<children>
<leafNode name="disable">
<properties>
<help>disables peer</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="pubkey">
<properties>
<help>base64 encoded public key</help>
<constraint>
<regex>^[0-9a-zA-Z\+/]{43}=$</regex>
</constraint>
<constraintErrorMessage>Key is not valid 44-character (32-bytes) base64</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="preshared-key">
<properties>
<help>base64 encoded preshared key</help>
<constraint>
<regex>^[0-9a-zA-Z\+/]{43}=$</regex>
</constraint>
<constraintErrorMessage>Key is not valid 44-character (32-bytes) base64</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="allowed-ips">
<properties>
<help>IP addresses allowed to traverse the peer</help>
<constraint>
<validator name="ip-prefix"/>
</constraint>
<multi/>
</properties>
</leafNode>
<!-- eventually check format IP:port -->
<leafNode name="endpoint">
<properties>
<help>Remote endpoint (IP:port)</help>
</properties>
</leafNode>
<leafNode name="persistent-keepalive">
<properties>
<help>how often send keep alives in seconds</help>
<constraint>
<validator name="numeric" argument="--range 1-65535"/>
</constraint>
</properties>
</leafNode>
</children>
</tagNode>
</children>
</tagNode>
</children>
</node>
</interfaceDefinition>
diff --git a/interface-definitions/interfaces-wireless.xml b/interface-definitions/interfaces-wireless.xml.in
similarity index 82%
rename from interface-definitions/interfaces-wireless.xml
rename to interface-definitions/interfaces-wireless.xml.in
index 6bc49dddb..53c448930 100644
--- a/interface-definitions/interfaces-wireless.xml
+++ b/interface-definitions/interfaces-wireless.xml.in
@@ -1,963 +1,774 @@
<?xml version="1.0"?>
<interfaceDefinition>
<node name="interfaces">
<children>
<tagNode name="wireless" owner="${vyos_conf_scripts_dir}/interfaces-wireless.py">
<properties>
<help>Wireless network interface (WiFi/WLAN)</help>
<priority>400</priority>
<constraint>
<regex>wlan[0-9]+$</regex>
</constraint>
<constraintErrorMessage>Wireless interface must be named wlanN</constraintErrorMessage>
<valueHelp>
<format>wlanN</format>
<description>Wireless (WiFi/WLAN) interface name</description>
</valueHelp>
</properties>
<children>
- <leafNode name="address">
- <properties>
- <help>IP address</help>
- <completionHelp>
- <list>dhcp dhcpv6</list>
- </completionHelp>
- <valueHelp>
- <format>ipv4net</format>
- <description>IPv4 address and prefix length</description>
- </valueHelp>
- <valueHelp>
- <format>ipv6net</format>
- <description>IPv6 address and prefix length</description>
- </valueHelp>
- <valueHelp>
- <format>dhcp</format>
- <description>Dynamic Host Configuration Protocol</description>
- </valueHelp>
- <valueHelp>
- <format>dhcpv6</format>
- <description>Dynamic Host Configuration Protocol for IPv6</description>
- </valueHelp>
- <constraint>
- <validator name="ip-cidr"/>
- <regex>(dhcp|dhcpv6)</regex>
- </constraint>
- <multi/>
- </properties>
- </leafNode>
+ #include <include/address-ipv4-ipv6-dhcp.xml.i>
<node name="capabilities">
<properties>
<help>HT and VHT capabilities for your card</help>
</properties>
<children>
<node name="ht">
<properties>
<help>HT (High Throughput) settings</help>
</properties>
<children>
<leafNode name="40mhz-incapable">
<properties>
<help>40MHz intolerance, use 20MHz only!</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="auto-powersave">
<properties>
<help>Enable WMM-PS unscheduled automatic power aave delivery [U-APSD]</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="channel-set-width">
<properties>
<help>Supported channel set width</help>
<completionHelp>
<list>ht20 ht40+ ht40-</list>
</completionHelp>
<valueHelp>
<format>ht20</format>
<description>Supported channel set width both 20 MHz only</description>
</valueHelp>
<valueHelp>
<format>ht40+</format>
<description>Supported channel set width both 20 MHz and 40 MHz with secondary channel above primary channel</description>
</valueHelp>
<valueHelp>
<format>ht40-</format>
<description>Supported channel set width both 20 MHz and 40 MHz with secondary channel below primary channel</description>
</valueHelp>
<constraint>
<regex>(ht20|ht40\+|ht40-)</regex>
</constraint>
<multi/>
</properties>
</leafNode>
<leafNode name="delayed-block-ack">
<properties>
<help>Enable HT-delayed block ack</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="dsss-cck-40">
<properties>
<help>Enable DSSS_CCK-40</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="greenfield">
<properties>
<help>Enable HT-greenfield</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="ldpc">
<properties>
<help>Enable LDPC coding capability</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="lsig-protection">
<properties>
<help>Enable L-SIG TXOP protection capability</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="max-amsdu">
<properties>
<help>Set maximum A-MSDU length</help>
<completionHelp>
<list>3839 7935</list>
</completionHelp>
<valueHelp>
<format>3839</format>
<description>Set maximum A-MSDU length to 3839 octets</description>
</valueHelp>
<valueHelp>
<format>7935</format>
<description>Set maximum A-MSDU length to 7935 octets</description>
</valueHelp>
<constraint>
<regex>(3839|7935)</regex>
</constraint>
<multi/>
</properties>
</leafNode>
<leafNode name="short-gi">
<properties>
<help>Short GI capabilities</help>
<completionHelp>
<list>20 40</list>
</completionHelp>
<valueHelp>
<format>20</format>
<description>Short GI for 20 MHz</description>
</valueHelp>
<valueHelp>
<format>40</format>
<description>Short GI for 40 MHz</description>
</valueHelp>
<constraint>
<regex>(20|40)</regex>
</constraint>
<multi/>
</properties>
</leafNode>
<leafNode name="smps">
<properties>
<help>Spatial Multiplexing Power Save (SMPS) settings</help>
<completionHelp>
<list>static dynamic</list>
</completionHelp>
<valueHelp>
<format>static</format>
<description>STATIC Spatial Multiplexing (SM) Power Save</description>
</valueHelp>
<valueHelp>
<format>dynamic</format>
<description>DYNAMIC Spatial Multiplexing (SM) Power Save</description>
</valueHelp>
<constraint>
<regex>(static|dynamic)</regex>
</constraint>
<multi/>
</properties>
</leafNode>
<node name="stbc">
<properties>
<help>Support for sending and receiving PPDU using STBC (Space Time Block Coding)</help>
</properties>
<children>
<leafNode name="rx">
<properties>
<help>Enable receiving PPDU using STBC (Space Time Block Coding)</help>
<valueHelp>
<format>[1-3]+</format>
<description>Number of spacial streams that can use RX STBC</description>
</valueHelp>
<constraint>
<regex>[1-3]+</regex>
</constraint>
<constraintErrorMessage>Invalid capability item</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="tx">
<properties>
<help>Enable sending PPDU using STBC (Space Time Block Coding)</help>
<valueless/>
</properties>
</leafNode>
</children>
</node>
</children>
</node>
<leafNode name="require-ht">
<properties>
<help>Require stations to support HT PHY (reject association if they do not)</help>
<completionHelp>
<script>echo If you reject non-HT, you also disable 802.11g</script>
</completionHelp>
<valueless/>
</properties>
</leafNode>
<leafNode name="require-vht">
<properties>
<help>Require stations to support VHT PHY (reject association if they do not)</help>
<completionHelp>
<script>echo If you reject non-VHT, you also disable 802.11n</script>
</completionHelp>
<valueless/>
</properties>
</leafNode>
<node name="vht">
<properties>
<help>VHT (Very High Throughput) settings</help>
</properties>
<children>
<leafNode name="antenna-count">
<properties>
<help>Number of antennas on this card</help>
<valueHelp>
<format>1-9</format>
<description>Number of antennas for this card</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 1-9"/>
</constraint>
</properties>
</leafNode>
<leafNode name="antenna-pattern-fixed">
<properties>
<help>Set if antenna pattern does not change during the lifetime of an association</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="beamform">
<properties>
<help>Beamforming capabilities</help>
<completionHelp>
<list>single-user-beamformer single-user-beamformee multi-user-beamformer multi-user-beamformee</list>
</completionHelp>
<valueHelp>
<format>single-user-beamformer</format>
<description>Support for operation as single user beamformer</description>
</valueHelp>
<valueHelp>
<format>single-user-beamformee</format>
<description>Support for operation as single user beamformee</description>
</valueHelp>
<valueHelp>
<format>multi-user-beamformer</format>
<description>Support for operation as multi user beamformer</description>
</valueHelp>
<valueHelp>
<format>multi-user-beamformee</format>
<description>Support for operation as multi user beamformee</description>
</valueHelp>
<constraint>
<regex>(single-user-beamformer|single-user-beamformee|multi-user-beamformer|multi-user-beamformee)</regex>
</constraint>
<multi/>
</properties>
</leafNode>
<node name="center-channel-freq">
<properties>
<help>VHT operating channel center frequency</help>
</properties>
<children>
<leafNode name="freq-1">
<properties>
<help>VHT operating channel center frequency - center freq 1 (for use with 80, 80+80 and 160 modes)</help>
<valueHelp>
<format><34-173></format>
<description>5Ghz (802.11 a/h/j/n/ac) center channel index (use 42 for primary 80MHz channel 36)</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 34-173"/>
</constraint>
<constraintErrorMessage>Channel center value must be between 34 and 173</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="freq-2">
<properties>
<help>VHT operating channel center frequency - center freq 2 (for use with the 80+80 mode)</help>
<valueHelp>
<format>34-173</format>
<description>5Ghz (802.11 a/h/j/n/ac) center channel index (use 58 for primary 80MHz channel 52)</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 34-173"/>
</constraint>
<constraintErrorMessage>Channel center value must be between 34 and 173</constraintErrorMessage>
</properties>
</leafNode>
</children>
</node>
<leafNode name="channel-set-width">
<properties>
<help>VHT operating Channel width</help>
<completionHelp>
<list>0 1 2 3</list>
</completionHelp>
<valueHelp>
<format>0</format>
<description>20 or 40 MHz channel width (default)</description>
</valueHelp>
<valueHelp>
<format>1</format>
<description>80 MHz channel width</description>
</valueHelp>
<valueHelp>
<format>2</format>
<description>160 MHz channel width</description>
</valueHelp>
<valueHelp>
<format>3</format>
<description>80+80 MHz channel width</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 0-3"/>
</constraint>
</properties>
</leafNode>
<leafNode name="ldpc">
<properties>
<help>Enable LDPC (Low Density Parity Check) coding capability</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="link-adaptation">
<properties>
<help>VHT link adaptation capabilities</help>
<completionHelp>
<list>single-user-beamformer single-user-beamformee multi-user-beamformer multi-user-beamformee</list>
</completionHelp>
<valueHelp>
<format>unsolicited</format>
<description>Station provides only unsolicited VHT MFB</description>
</valueHelp>
<valueHelp>
<format>both</format>
<description>Station can provide VHT MFB in response to VHT MRQ and unsolicited VHT MFB</description>
</valueHelp>
<constraint>
<regex>(unsolicited|both)</regex>
</constraint>
<constraintErrorMessage>Invalid capability item</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="max-mpdu-exp">
<properties>
<help>Set the maximum length of A-MPDU pre-EOF padding that the station can receive</help>
<valueHelp>
<format><0-7></format>
<description>Maximum length of A-MPDU pre-EOF padding = 2 pow(13 + x) -1 octets</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 0-7"/>
</constraint>
</properties>
</leafNode>
<leafNode name="max-mpdu">
<properties>
<help>Increase Maximum MPDU length to 7991 or 11454 octets (otherwise: 3895 octets)</help>
<completionHelp>
<list>7991 11454</list>
</completionHelp>
<valueHelp>
<format>7991</format>
<description>ncrease Maximum MPDU length to 7991 octets</description>
</valueHelp>
<valueHelp>
<format>11454</format>
<description>ncrease Maximum MPDU length to 11454 octets</description>
</valueHelp>
<constraint>
<regex>(7991|11454)</regex>
</constraint>
</properties>
</leafNode>
<leafNode name="short-gi">
<properties>
<help>Short GI capabilities</help>
<completionHelp>
<list>80 160</list>
</completionHelp>
<valueHelp>
<format>80</format>
<description>Short GI for 80 MHz</description>
</valueHelp>
<valueHelp>
<format>160</format>
<description>Short GI for 160 MHz</description>
</valueHelp>
<constraint>
<regex>(80|160)</regex>
</constraint>
<multi/>
</properties>
</leafNode>
<node name="stbc">
<properties>
<help>Support for sending and receiving PPDU using STBC (Space Time Block Coding)</help>
</properties>
<children>
<leafNode name="rx">
<properties>
<help>Enable receiving PPDU using STBC (Space Time Block Coding)</help>
<valueHelp>
<format>[1-4]+</format>
<description>Number of spacial streams that can use RX STBC</description>
</valueHelp>
<constraint>
<regex>[1-4]+</regex>
</constraint>
<constraintErrorMessage>Invalid capability item</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="tx">
<properties>
<help>Enable sending PPDU using STBC (Space Time Block Coding)</help>
<valueless/>
</properties>
</leafNode>
</children>
</node>
<leafNode name="tx-powersave">
<properties>
<help>Enable VHT TXOP Power Save Mode</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="vht-cf">
<properties>
<help>Station supports receiving VHT variant HT Control field</help>
<valueless/>
</properties>
</leafNode>
</children>
</node>
</children>
</node>
<leafNode name="channel">
<properties>
<help>Wireless radio channel (use 0 for ACS auto channel selection)</help>
<valueHelp>
<format><1-14></format>
<description>2.4Ghz (802.11 b/g/n) Channel</description>
</valueHelp>
<valueHelp>
<format><0,34-173></format>
<description>5Ghz (802.11 a/h/j/n/ac) Channel</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 0-0 --range 1-14 --range 34-173"/>
</constraint>
</properties>
</leafNode>
- <leafNode name="description">
- <properties>
- <help>Interface description</help>
- <constraint>
- <regex>.{1,256}$</regex>
- </constraint>
- <constraintErrorMessage>Interface description too long (limit 256 characters)</constraintErrorMessage>
- </properties>
- </leafNode>
- <node name="dhcp-options">
- <properties>
- <help>DHCP options</help>
- </properties>
- <children>
- <leafNode name="client-id">
- <properties>
- <help>DHCP client identifier</help>
- </properties>
- </leafNode>
- <leafNode name="host-name">
- <properties>
- <help>DHCP client host name (overrides system host name)</help>
- </properties>
- </leafNode>
- <leafNode name="vendor-class-id">
- <properties>
- <help>DHCP client vendor type</help>
- </properties>
- </leafNode>
- </children>
- </node>
- <node name="dhcpv6-options">
- <properties>
- <help>DHCPv6 options</help>
- <priority>319</priority>
- </properties>
- <children>
- <leafNode name="parameters-only">
- <properties>
- <help>Acquire only config parameters, no address</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="temporary">
- <properties>
- <help>IPv6 "temporary" address</help>
- <valueless/>
- </properties>
- </leafNode>
- </children>
- </node>
+ #include <include/interface-description.xml.i>
+ #include <include/dhcp-dhcpv6-options.xml.i>
<leafNode name="disable-broadcast-ssid">
<properties>
<help>Disable broadcast of SSID from access-point</help>
</properties>
</leafNode>
- <leafNode name="disable-link-detect">
- <properties>
- <help>Ignore link state changes</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="disable">
- <properties>
- <help>Disable this bridge interface</help>
- <valueless/>
- </properties>
- </leafNode>
+ #include <include/interface-disable-link-detect.xml.i>
+ #include <include/interface-disable.xml.i>
<leafNode name="expunge-failing-stations">
<properties>
<help>Disassociate stations based on excessive transmission failures</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="hw-id">
<properties>
<help>Media Access Control (MAC) address</help>
<valueHelp>
<format>h:h:h:h:h:h</format>
<description>Hardware (MAC) address</description>
</valueHelp>
<constraint>
<validator name="mac-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="isolate-stations">
<properties>
<help>Isolate stations on the AP so they cannot see each other</help>
<valueless/>
</properties>
</leafNode>
- <leafNode name="mac">
- <properties>
- <help>Media Access Control (MAC) address</help>
- <valueHelp>
- <format>h:h:h:h:h:h</format>
- <description>Hardware (MAC) address</description>
- </valueHelp>
- <constraint>
- <validator name="mac-address"/>
- </constraint>
- </properties>
- </leafNode>
+ #include <include/interface-mac.xml.i>
<leafNode name="max-stations">
<properties>
<help>Maximum number of wireless radio stations. Excess stations will be rejected upon authentication request.</help>
<valueHelp>
<format><1-2007></format>
<description>Number of allowed stations</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 1-2007"/>
</constraint>
<constraintErrorMessage>Number of stations must be between 1 and 2007</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="mgmt-frame-protection">
<properties>
<help>Management Frame Protection (MFP) according to IEEE 802.11w</help>
<completionHelp>
<list>disabled optional required</list>
</completionHelp>
<valueHelp>
<format>disabled</format>
<description>no MFP (hostapd default)</description>
</valueHelp>
<valueHelp>
<format>optional</format>
<description>MFP optional</description>
</valueHelp>
<valueHelp>
<format>required</format>
<description>MFP enforced</description>
</valueHelp>
<constraint>
<regex>(disabled|optional|required)</regex>
</constraint>
</properties>
</leafNode>
<leafNode name="mode">
<properties>
<help>Wireless radio mode</help>
<completionHelp>
<list>a b g n ac</list>
</completionHelp>
<valueHelp>
<format>a</format>
<description>802.11a - 54 Mbits/sec</description>
</valueHelp>
<valueHelp>
<format>b</format>
<description>802.11b - 11 Mbits/sec</description>
</valueHelp>
<valueHelp>
<format>g</format>
<description>802.11g - 54 Mbits/sec (default)</description>
</valueHelp>
<valueHelp>
<format>n</format>
<description>802.11n - 600 Mbits/sec</description>
</valueHelp>
<valueHelp>
<format>ac</format>
<description>802.11ac - 1300 Mbits/sec</description>
</valueHelp>
<constraint>
<regex>(a|b|g|n|ac)</regex>
</constraint>
</properties>
</leafNode>
<leafNode name="physical-device">
<properties>
<help>Wireless physical device</help>
<completionHelp>
<script>${vyos_completion_dir}/list_wireless_phys.sh</script>
</completionHelp>
</properties>
</leafNode>
<leafNode name="reduce-transmit-power">
<properties>
<help>Transmission power reduction in dBm</help>
<valueHelp>
<format><0-255></format>
<description>TX power reduction in dBm</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 0-255"/>
</constraint>
<constraintErrorMessage>dBm value must be between 0 and 255</constraintErrorMessage>
</properties>
</leafNode>
<node name="security">
<properties>
<help>Wireless security settings</help>
</properties>
<children>
<node name="wep">
<properties>
<help>Wired Equivalent Privacy (WEP) parameters</help>
</properties>
<children>
<leafNode name="key">
<properties>
<help>WEP encryption key</help>
<valueHelp>
<format><hexdigits></format>
<description>Wired Equivalent Privacy key</description>
</valueHelp>
<constraint>
<regex>([a-fA-F0-9]{10}|[a-fA-F0-9]{26}|[a-fA-F0-9]{32})</regex>
</constraint>
<constraintErrorMessage>Invalid WEP key</constraintErrorMessage>
<multi/>
</properties>
</leafNode>
</children>
</node>
<node name="wpa">
<properties>
<help>Wifi Protected Access (WPA) parameters</help>
</properties>
<children>
<leafNode name="cipher">
<properties>
<help>Cipher suite for WPA</help>
<completionHelp>
<list>TKIP CCMP</list>
</completionHelp>
<valueHelp>
<format>CCMP</format>
<description>AES in Counter mode with CBC-MAC [RFC 3610, IEEE 802.11i/D7.0]</description>
</valueHelp>
<valueHelp>
<format>TKIP</format>
<description>Temporal Key Integrity Protocol [IEEE 802.11i/D7.0]</description>
</valueHelp>
<constraint>
<regex>(CCMP|TKIP)</regex>
</constraint>
<constraintErrorMessage>Invalid WEP key</constraintErrorMessage>
<multi/>
</properties>
</leafNode>
<leafNode name="mode">
<properties>
<help>WPA mode</help>
<completionHelp>
<list>wpa wpa2 both</list>
</completionHelp>
<valueHelp>
<format>wpa</format>
<description>WPA (IEEE 802.11i/D3.0)</description>
</valueHelp>
<valueHelp>
<format>wpa2</format>
<description>WPA2 (full IEEE 802.11i/RSN)</description>
</valueHelp>
<valueHelp>
<format>both</format>
<description>Allow both WPA and WPA2</description>
</valueHelp>
<constraint>
<regex>(wpa|wpa2|both)</regex>
</constraint>
<constraintErrorMessage>Unknown WPA mode</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="passphrase">
<properties>
<help>WPA personal shared pass phrase. If you are
using special characters in the WPA passphrase then single
quotes are required.</help>
<valueHelp>
<format><text></format>
<description>Passphrase of at least 8 but not more than 63 printable characters</description>
</valueHelp>
<constraint>
<regex>.{8,63}$</regex>
</constraint>
<constraintErrorMessage>Invalid WPA pass phrase, must be 8 to 63 printable characters!</constraintErrorMessage>
</properties>
</leafNode>
<node name="radius">
<properties>
<help>RADIUS specific configuration</help>
</properties>
<children>
<leafNode name="source-address">
<properties>
<help>RADIUS client forced local IP address</help>
<valueHelp>
<format>ipv4</format>
<description>IPv4 address of RADIUS server</description>
</valueHelp>
</properties>
</leafNode>
<tagNode name="server">
<properties>
<help>IP address of RADIUS server</help>
<valueHelp>
<format>ipv4</format>
<description>IPv4 address of RADIUS server</description>
</valueHelp>
</properties>
<children>
<leafNode name="accounting">
<properties>
<help>Enable RADIUS server to receive accounting info</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="port">
<properties>
<help>RADIUS server port (default: 1812)</help>
<valueHelp>
<format>1-65535</format>
<description>RADIUS server port</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 1-65535"/>
</constraint>
</properties>
</leafNode>
<leafNode name="key">
<properties>
<help>RADIUS shared secret key</help>
</properties>
</leafNode>
</children>
</tagNode>
</children>
</node>
</children>
</node>
</children>
</node>
<leafNode name="ssid">
<properties>
<help>Wireless access-point service set identifier (SSID)</help>
<constraint>
<regex>.{1,32}$</regex>
</constraint>
<constraintErrorMessage>Invalid SSID</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="type">
<properties>
<help>Wireless device type for this interface</help>
<completionHelp>
<list>access-point station monitor</list>
</completionHelp>
<valueHelp>
<format>access-point</format>
<description>Access-point forwards packets between other nodes</description>
</valueHelp>
<valueHelp>
<format>station</format>
<description>Connects to another access point</description>
</valueHelp>
<valueHelp>
<format>monitor</format>
<description>Passively monitor all packets on the frequency/channel</description>
</valueHelp>
<constraint>
<regex>(access-point|station|monitor)</regex>
</constraint>
<constraintErrorMessage>Type must be access-point, station or monitor</constraintErrorMessage>
</properties>
</leafNode>
- <tagNode name="vif">
- <properties>
- <help>Virtual Local Area Network (VLAN) ID</help>
- <constraint>
- <validator name="numeric" argument="--range 0-4094"/>
- </constraint>
- <constraintErrorMessage>VLAN ID must be between 0 and 4094</constraintErrorMessage>
- </properties>
- <children>
- <leafNode name="address">
- <properties>
- <help>IP address</help>
- <completionHelp>
- <list>dhcp dhcpv6</list>
- </completionHelp>
- <valueHelp>
- <format>ipv4net</format>
- <description>IPv4 address and prefix length</description>
- </valueHelp>
- <valueHelp>
- <format>ipv6net</format>
- <description>IPv6 address and prefix length</description>
- </valueHelp>
- <valueHelp>
- <format>dhcp</format>
- <description>Dynamic Host Configuration Protocol</description>
- </valueHelp>
- <valueHelp>
- <format>dhcpv6</format>
- <description>Dynamic Host Configuration Protocol for IPv6</description>
- </valueHelp>
- <constraint>
- <validator name="ip-cidr"/>
- <regex>(dhcp|dhcpv6)</regex>
- </constraint>
- <multi/>
- </properties>
- </leafNode>
- <leafNode name="description">
- <properties>
- <help>Interface description</help>
- <constraint>
- <regex>^.{1,256}$</regex>
- </constraint>
- <constraintErrorMessage>Interface description too long (limit 256 characters)</constraintErrorMessage>
- </properties>
- </leafNode>
- <node name="dhcpv6-options">
- <properties>
- <help>DHCPv6 options</help>
- </properties>
- <children>
- <leafNode name="parameters-only">
- <properties>
- <help>Acquire only config parameters, no address</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="temporary">
- <properties>
- <help>IPv6 "temporary" address</help>
- <valueless/>
- </properties>
- </leafNode>
- </children>
- </node>
- <leafNode name="disable-link-detect">
- <properties>
- <help>Ignore link state changes</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="disable">
- <properties>
- <help>Disable this bridge interface</help>
- <valueless/>
- </properties>
- </leafNode>
- <leafNode name="mac">
- <properties>
- <help>Media Access Control (MAC) address</help>
- <valueHelp>
- <format>h:h:h:h:h:h</format>
- <description>Hardware (MAC) address</description>
- </valueHelp>
- <constraint>
- <validator name="mac-address"/>
- </constraint>
- </properties>
- </leafNode>
- </children>
- </tagNode>
+ #include <include/vif.xml.i>
</children>
</tagNode>
</children>
</node>
<node name="system">
<children>
<leafNode name="wifi-regulatory-domain" owner="${vyos_conf_scripts_dir}/system-wifi-regdom.py">
<properties>
<help>Wireless regulatory domain (mandatory)</help>
<priority>305</priority>
<completionHelp>
<list>US EU JP DE UK CN</list>
</completionHelp>
<valueHelp>
<format><code%gt;</format>
<description>Country code (ISO/IEC 3166-1)</description>
</valueHelp>
<constraint>
<regex>[A-Z][A-Z]$</regex>
</constraint>
<constraintErrorMessage>invalid country code</constraintErrorMessage>
</properties>
</leafNode>
</children>
</node>
</interfaceDefinition>
diff --git a/interface-definitions/ipoe-server.xml b/interface-definitions/ipoe-server.xml.in
similarity index 99%
rename from interface-definitions/ipoe-server.xml
rename to interface-definitions/ipoe-server.xml.in
index 48f3e0fd9..5fee02614 100644
--- a/interface-definitions/ipoe-server.xml
+++ b/interface-definitions/ipoe-server.xml.in
@@ -1,378 +1,378 @@
<?xml version="1.0"?>
<interfaceDefinition>
<node name="service">
<children>
<node name="ipoe-server" owner="${vyos_conf_scripts_dir}/ipoe_server.py">
<properties>
<help>Internet Protocol over Ethernet (IPoE) Server</help>
<priority>900</priority>
</properties>
<children>
<tagNode name="interface">
<properties>
<help>Network interface to server IPoE</help>
<completionHelp>
<script>${vyos_completion_dir}/list_interfaces.py</script>
</completionHelp>
</properties>
<children>
<leafNode name="network-mode">
<properties>
<help>Network Layer IPoE serves on</help>
<completionHelp>
<list>L2 L3</list>
</completionHelp>
<constraint>
<regex>^(L2|L3)</regex>
</constraint>
<valueHelp>
<format>L2</format>
<description>client share the same subnet</description>
</valueHelp>
<valueHelp>
<format>L3</format>
<description>clients are behind this router</description>
</valueHelp>
</properties>
</leafNode>
<leafNode name="network">
<properties>
<help>Enables clients to share the same network or each client has its own vlan</help>
<completionHelp>
<list>shared vlan</list>
</completionHelp>
<constraint>
<regex>^(shared|vlan)</regex>
</constraint>
<valueHelp>
<format>shared</format>
<description>Multiple clients share the same network</description>
</valueHelp>
<valueHelp>
<format>vlan</format>
<description>One VLAN per client</description>
</valueHelp>
</properties>
</leafNode>
<leafNode name="client-subnet">
<properties>
<help>Client address pool</help>
<valueHelp>
<format>ipv4net</format>
<description>IPv4 address and prefix length</description>
</valueHelp>
<constraint>
<validator name="ipv4-prefix"/>
</constraint>
</properties>
</leafNode>
<node name="external-dhcp">
<properties>
<help>DHCP requests will be forwarded</help>
</properties>
<children>
<leafNode name="dhcp-relay">
<properties>
<help>DHCP Server the request will be redirected to.</help>
<valueHelp>
<format>ipv4</format>
<description>IPv4 address of the DHCP Server</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="giaddr">
<properties>
<help>address of the relay agent (Relay Agent IP Address)</help>
</properties>
</leafNode>
</children>
</node>
<leafNode name="vlan-id">
<properties>
<help>VLAN monitor for the automatic creation of vlans (user per vlan)</help>
<constraint>
<validator name="numeric" argument="--range 1-4096"/>
</constraint>
<constraintErrorMessage>VLAN ID needs to be between 1 and 4096</constraintErrorMessage>
<multi/>
</properties>
</leafNode>
<leafNode name="vlan-range">
<properties>
<help>VLAN monitor for the automatic creation of vlans (user per vlan)</help>
<constraint>
<regex>(409[0-6]|40[0-8][0-9]|[1-3][0-9]{3}|[1-9][0-9]{0,2})-(409[0-6]|40[0-8][0-9]|[1-3][0-9]{3}|[1-9][0-9]{0,2})</regex>
</constraint>
<multi/>
</properties>
</leafNode>
</children>
</tagNode>
<node name="dns-server">
<properties>
<help>DNS servers offered via internal DHCP</help>
</properties>
<children>
<leafNode name="server-1">
<properties>
<help>IP address of the primary DNS server</help>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="server-2">
<properties>
<help>IP address of the secondary DNS server</help>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
</children>
</node>
<node name="dnsv6-server">
<properties>
<help>DNSv6 servers offered via internal DHCPv6</help>
</properties>
<children>
<leafNode name="server-1">
<properties>
<help>IP address of the primary DNS server</help>
<constraint>
<validator name="ipv6-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="server-2">
<properties>
<help>IP address of the secondary DNS server</help>
<constraint>
<validator name="ipv6-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="server-3">
<properties>
<help>IP address of the tertiary DNS server</help>
<constraint>
<validator name="ipv6-address"/>
</constraint>
</properties>
</leafNode>
</children>
</node>
<node name="client-ipv6-pool">
<properties>
<help>Pool of client IPv6 addresses</help>
</properties>
<children>
<leafNode name="prefix">
<properties>
<help>Format: ipv6prefix/mask,prefix_len (e.g.: fc00:0:1::/48,64 - divides prefix into /64 subnets for clients)</help>
<multi/>
</properties>
</leafNode>
<leafNode name="delegate-prefix">
<properties>
<help>Format: ipv6prefix/mask,prefix_len (delegates prefix to clients via DHCPv6 prefix delegation</help>
<multi/>
</properties>
</leafNode>
</children>
</node>
<node name="authentication">
<properties>
<help>Client authentication methods</help>
</properties>
<children>
<leafNode name="mode">
<properties>
<help>Authetication mode</help>
<completionHelp>
<list>local radius noauth</list>
</completionHelp>
<constraint>
<regex>^(local|radius|noauth)</regex>
</constraint>
<valueHelp>
<format>local</format>
<description>Authentication based on local definition</description>
</valueHelp>
<valueHelp>
<format>radius</format>
<description>Authentication based on a RADIUS server</description>
</valueHelp>
<valueHelp>
<format>noauth</format>
<description>Authentication disabled</description>
</valueHelp>
</properties>
</leafNode>
<tagNode name="interface">
<properties>
<help>Network interface the client mac will appear on</help>
<completionHelp>
<script>${vyos_completion_dir}/list_interfaces.py</script>
</completionHelp>
</properties>
<children>
<tagNode name="mac-address">
<properties>
<help>Client mac address allowed to receive an IP address</help>
<valueHelp>
<format>h:h:h:h:h:h</format>
<description>Hardware (MAC) address</description>
</valueHelp>
<constraint>
<validator name="mac-address"/>
</constraint>
</properties>
<children>
<node name="rate-limit">
<properties>
<help>Upload/Download speed limits</help>
</properties>
<children>
<leafNode name="upload">
<properties>
<help>Upload bandwidth limit in kbits/sec</help>
<constraint>
<validator name="numeric" argument="--range 1-65535"/>
</constraint>
</properties>
</leafNode>
<leafNode name="download">
<properties>
<help>Download bandwidth limit in kbits/sec</help>
<constraint>
<validator name="numeric" argument="--range 1-65535"/>
</constraint>
</properties>
</leafNode>
</children>
</node>
<leafNode name="vlan-id">
<properties>
<help>VLAN-ID of the client network</help>
<constraint>
<validator name="numeric" argument="--range 1-4096"/>
</constraint>
<constraintErrorMessage>VLAN ID needs to be between 1 and 4096</constraintErrorMessage>
</properties>
</leafNode>
</children>
</tagNode>
</children>
</tagNode>
<tagNode name="radius-server">
<properties>
<help>IP address of RADIUS server</help>
<valueHelp>
<format>ipv4</format>
<description>IP address of RADIUS server</description>
</valueHelp>
</properties>
<children>
<leafNode name="secret">
<properties>
<help>Key for accessing the specified server</help>
</properties>
</leafNode>
<leafNode name="req-limit">
<properties>
<help>Maximum number of simultaneous requests to server (default: unlimited)</help>
</properties>
</leafNode>
<leafNode name="fail-time">
<properties>
- <help>If server doesn't responds mark it as unavailable for this amount of time in seconds</help>
+ <help>If server does not respond, mark it unavailable for this time (seconds)</help>
</properties>
</leafNode>
</children>
</tagNode>
<node name="radius-settings">
<properties>
<help>RADIUS settings</help>
</properties>
<children>
<leafNode name="timeout">
<properties>
<help>Timeout to wait response from server (seconds)</help>
</properties>
</leafNode>
<leafNode name="acct-timeout">
<properties>
<help>Timeout to wait reply for Interim-Update packets. (default 3 seconds)</help>
</properties>
</leafNode>
<leafNode name="max-try">
<properties>
<help>Maximum number of tries to send Access-Request/Accounting-Request queries</help>
</properties>
</leafNode>
<leafNode name="nas-identifier">
<properties>
<help>Value to send to RADIUS server in NAS-Identifier attribute and to be matched in DM/CoA requests.</help>
</properties>
</leafNode>
<leafNode name="nas-ip-address">
<properties>
<help>Value to send to RADIUS server in NAS-IP-Address attribute and to be matched in DM/CoA requests. Also DM/CoA server will bind to that address.</help>
<valueHelp>
<format>ipv4</format>
<description>IPv4 address of the DAE Server</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<node name="dae-server">
<properties>
<help>IPv4 address and port to bind Dynamic Authorization Extension server (DM/CoA)</help>
</properties>
<children>
<leafNode name="ip-address">
<properties>
<help>IP address for Dynamic Authorization Extension server (DM/CoA)</help>
<valueHelp>
<format>ipv4</format>
<description>IPv4 address of the DAE Server</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="port">
<properties>
<help>Port for Dynamic Authorization Extension server (DM/CoA)</help>
<valueHelp>
<format>1-65535</format>
<description>port number</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 1-65535"/>
</constraint>
</properties>
</leafNode>
<leafNode name="secret">
<properties>
<help>Secret for Dynamic Authorization Extension server (DM/CoA)</help>
</properties>
</leafNode>
</children>
</node>
</children>
</node>
</children>
</node>
</children>
</node>
</children>
</node>
</interfaceDefinition>
diff --git a/interface-definitions/ipsec-settings.xml b/interface-definitions/ipsec-settings.xml.in
similarity index 100%
rename from interface-definitions/ipsec-settings.xml
rename to interface-definitions/ipsec-settings.xml.in
diff --git a/interface-definitions/l2tp-server.xml b/interface-definitions/l2tp-server.xml.in
similarity index 99%
rename from interface-definitions/l2tp-server.xml
rename to interface-definitions/l2tp-server.xml.in
index e76b92b23..4e3a49b24 100644
--- a/interface-definitions/l2tp-server.xml
+++ b/interface-definitions/l2tp-server.xml.in
@@ -1,586 +1,586 @@
<?xml version="1.0"?>
<interfaceDefinition>
<node name="vpn">
<children>
<node name="l2tp" owner="${vyos_conf_scripts_dir}/accel_l2tp.py">
<properties>
<help>L2TP Virtual Private Network (VPN)</help>
</properties>
<children>
<node name="remote-access">
<properties>
<help>Remote access L2TP VPN</help>
</properties>
<children>
<leafNode name="mtu">
<properties>
<help>Maximum Transmission Unit (MTU)</help>
<constraint>
<validator name="numeric" argument="--range 128-16384"/>
</constraint>
</properties>
</leafNode>
<leafNode name="outside-address">
<properties>
<help>External IP address to which VPN clients will connect</help>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="outside-nexthop">
<properties>
<help>Nexthop IP address for reaching the VPN clients</help>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<node name="dns-servers">
<properties>
<help>IPv4 Domain Name Service (DNS) server</help>
</properties>
<children>
<leafNode name="server-1">
<properties>
<help>Primary DNS server</help>
<valueHelp>
<format>ipv4</format>
<description>IPv4 address</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="server-2">
<properties>
<help>Secondary DNS server</help>
<valueHelp>
<format>ipv4</format>
<description>IPv4 address</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
</children>
</node>
<leafNode name="dnsv6-servers">
<properties>
<help>IPv6 Domain Name Service (DNS) server</help>
<valueHelp>
<format>ipv6</format>
<description>IPv6 DNS address</description>
</valueHelp>
<constraint>
<validator name="ipv6-address"/>
</constraint>
<multi />
</properties>
</leafNode>
<node name="lns">
<properties>
<help>L2TP Network Server (LNS)</help>
</properties>
<children>
<leafNode name="shared-secret">
<properties>
<help>Tunnel password used to authenticate the client (LAC)</help>
</properties>
</leafNode>
</children>
</node>
<leafNode name="ccp-disable">
<properties>
<help>Disable Compression Control Protocol (CCP)</help>
<valueless />
</properties>
</leafNode>
<node name="ipsec-settings">
<properties>
<help>Internet Protocol Security (IPsec) for remote access L2TP VPN</help>
</properties>
<children>
<node name="authentication">
<properties>
<help>IPsec authentication settings</help>
</properties>
<children>
<leafNode name="mode">
<properties>
<help>Authentication mode for IPsec</help>
<valueHelp>
<format>pre-shared-secret</format>
<description>Use pre-shared secret for IPsec authentication</description>
</valueHelp>
<valueHelp>
<format>x509</format>
<description>Use X.509 certificate for IPsec authentication</description>
</valueHelp>
<constraint>
<regex>^(pre-shared-secret|x509)</regex>
</constraint>
<completionHelp>
<list>pre-shared-secret x509</list>
</completionHelp>
</properties>
</leafNode>
<leafNode name="pre-shared-secret">
<properties>
<help>Pre-shared secret for IPsec</help>
</properties>
</leafNode>
<node name="x509">
<properties>
<help>X.509 certificate</help>
</properties>
<children>
<leafNode name="ca-cert-file">
<properties>
<help>File containing the X.509 certificate for the Certificate Authority (CA)</help>
<valueHelp>
<format><text></format>
<description>File in /config/auth</description>
</valueHelp>
</properties>
</leafNode>
<leafNode name="crl-file">
<properties>
<help>File containing the X.509 Certificate Revocation List (CRL)</help>
<valueHelp>
<format><text></format>
<description>File in /config/auth</description>
</valueHelp>
</properties>
</leafNode>
<leafNode name="server-cert-file">
<properties>
<help>File containing the X.509 certificate for the remote access VPN server (this host)</help>
<valueHelp>
<format><text></format>
<description>File in /config/auth</description>
</valueHelp>
</properties>
</leafNode>
<leafNode name="server-key-file">
<properties>
<help>File containing the private key for the X.509 certificate for the remote access VPN server (this host)</help>
<valueHelp>
<format><text></format>
<description>File in /config/auth</description>
</valueHelp>
</properties>
</leafNode>
<leafNode name="server-key-password">
<properties>
<help>Password that protects the private key</help>
</properties>
</leafNode>
</children>
</node>
</children>
</node>
<leafNode name="ike-lifetime">
<properties>
<help>IKE lifetime</help>
<valueHelp>
<format><30-86400></format>
<description>IKE lifetime in seconds (default 3600)</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 30-86400"/>
</constraint>
</properties>
</leafNode>
<leafNode name="lifetime">
<properties>
<help>ESP lifetime</help>
<valueHelp>
<format><30-86400></format>
<description>IKE lifetime in seconds (default 3600)</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 30-86400"/>
</constraint>
</properties>
</leafNode>
</children>
</node>
<node name="wins-servers">
<properties>
<help>Windows Internet Name Service (WINS) server settings</help>
</properties>
<children>
<leafNode name="server-1">
<properties>
<help>Primary WINS server</help>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="server-2">
<properties>
<help>Secondary WINS server</help>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
</children>
</node>
<node name="client-ip-pool">
<properties>
<help>Pool of client IP addresses (must be within a /24)</help>
</properties>
<children>
<leafNode name="start">
<properties>
<help>First IP address in the pool (will be used as gateway address)</help>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="stop">
<properties>
<help>Last IP address in the pool</help>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="subnet">
<properties>
<help>Client IP subnet (CIDR notation)</help>
<constraint>
<validator name="ipv4-prefix"/>
</constraint>
<constraintErrorMessage>Not a valid CIDR formatted prefix</constraintErrorMessage>
<valueHelp>
<format>ipv4net</format>
<description>IPv4 subnet address</description>
</valueHelp>
<multi />
</properties>
</leafNode>
</children>
</node>
<node name="client-ipv6-pool">
<properties>
<help>Pool of client IPv6 addresses</help>
</properties>
<children>
<leafNode name="prefix">
<properties>
<help>IPV6 prefix delegation</help>
<valueHelp>
<format>ipv6prefix/mask,prefix_len</format>
<description>e.g.: fc00:0:1::/48,64 - divides prefix into /64 subnets for clients</description>
</valueHelp>
<multi />
</properties>
</leafNode>
<leafNode name="delegate-prefix">
<properties>
<help>DHCPv6 prefix delegation - rfc3633</help>
<valueHelp>
<format>ipv6prefix/mask,prefix_len</format>
<description>Delegate to clients through DHCPv6 prefix delegation - rfc3633</description>
</valueHelp>
<multi />
</properties>
</leafNode>
</children>
</node>
<leafNode name="description">
<properties>
<help>Description for L2TP remote-access settings</help>
</properties>
</leafNode>
<leafNode name="dhcp-interface">
<properties>
<help>DHCP interface to listen on</help>
</properties>
</leafNode>
<leafNode name="idle">
<properties>
<help>PPP idle timeout</help>
<valueHelp>
<format><30-86400></format>
<description>PPP idle timeout in seconds (default 1800)</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 30-86400"/>
</constraint>
</properties>
</leafNode>
<node name="authentication">
<properties>
<help>Authentication for remote access L2TP VPN</help>
</properties>
<children>
<leafNode name="require">
<properties>
<help>Authentication protocol for remote access peer L2TP VPN</help>
<valueHelp>
<format>pap</format>
<description>Require the peer to authenticate itself using PAP [Password Authentication Protocol].</description>
</valueHelp>
<valueHelp>
<format>chap</format>
<description>Require the peer to authenticate itself using CHAP [Challenge Handshake Authentication Protocol].</description>
</valueHelp>
<valueHelp>
<format>mschap</format>
<description>Require the peer to authenticate itself using CHAP [Challenge Handshake Authentication Protocol].</description>
</valueHelp>
<valueHelp>
<format>mschap-v2</format>
<description>Require the peer to authenticate itself using MS-CHAPv2 [Microsoft Challenge Handshake Authentication Protocol, Version 2].</description>
</valueHelp>
<constraint>
<regex>^(pap|chap|mschap|mschap-v2)</regex>
</constraint>
<completionHelp>
<list>pap chap mschap mschap-v2</list>
</completionHelp>
<multi />
</properties>
</leafNode>
<leafNode name="mppe">
<properties>
<help>Specifies mppe negotioation preference. (default require mppe 128-bit stateless</help>
<valueHelp>
<format>deny</format>
<description>deny mppe</description>
</valueHelp>
<valueHelp>
<format>prefer</format>
- <description>ask client for mppe, if it rejects don't fail</description>
+ <description>Ask client for mppe, if it rejects do not fail</description>
</valueHelp>
<valueHelp>
<format>require</format>
<description>ask client for mppe, if it rejects drop connection</description>
</valueHelp>
<constraint>
<regex>^(deny|prefer|require)</regex>
</constraint>
<completionHelp>
<list>deny prefer require</list>
</completionHelp>
</properties>
</leafNode>
<leafNode name="mode">
<properties>
<help>Authentication mode for remote access L2TP VPN</help>
<valueHelp>
<format>local</format>
<description>Use local username/password configuration</description>
</valueHelp>
<valueHelp>
<format>radius</format>
<description>Use a RADIUS server to autenticate users</description>
</valueHelp>
<constraint>
<regex>^(local|radius)</regex>
</constraint>
<completionHelp>
<list>local radius</list>
</completionHelp>
</properties>
</leafNode>
<node name="local-users">
<properties>
<help>Local user authentication for remote access L2TP VPN</help>
</properties>
<children>
<tagNode name="username">
<properties>
<help>User name for authentication</help>
</properties>
<children>
<leafNode name="disable">
<properties>
<help>Option to disable a L2TP Server user</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="password">
<properties>
<help>Password for authentication</help>
</properties>
</leafNode>
<leafNode name="static-ip">
<properties>
<help>Static client IP address</help>
</properties>
</leafNode>
<node name="rate-limit">
<properties>
<help>Upload/Download speed limits</help>
</properties>
<children>
<leafNode name="upload">
<properties>
<help>Upload bandwidth limit in kbits/sec</help>
<constraint>
<validator name="numeric" argument="--range 1-65535"/>
</constraint>
</properties>
</leafNode>
<leafNode name="download">
<properties>
<help>Download bandwidth limit in kbits/sec</help>
<constraint>
<validator name="numeric" argument="--range 1-65535"/>
</constraint>
</properties>
</leafNode>
</children>
</node>
</children>
</tagNode>
</children>
</node>
<node name="radius">
<properties>
<help>RADIUS specific configuration</help>
</properties>
<children>
<tagNode name="server">
<properties>
<help>IP address of RADIUS server</help>
<valueHelp>
<format>ipv4</format>
<description>IPv4 address of RADIUS server</description>
</valueHelp>
</properties>
<children>
<leafNode name="key">
<properties>
<help>Key for accessing the specified server</help>
</properties>
</leafNode>
<leafNode name="req-limit">
<properties>
<help>Maximum number of simultaneous requests to server (default: unlimited)</help>
</properties>
</leafNode>
<leafNode name="fail-time">
<properties>
- <help>If server doesn't responds mark it as unavailable for this amount of time in seconds</help>
+ <help>If server doesn not responds mark it unavailable for this time (seconds)</help>
</properties>
</leafNode>
</children>
</tagNode>
<leafNode name="source-address">
<properties>
<help>Local RADIUS client address from which packets are sent.</help>
<valueHelp>
<format><x.x.x.x></format>
<description>Local RADIUS client address from which packets are sent</description>
</valueHelp>
</properties>
</leafNode>
<leafNode name="timeout">
<properties>
<help>Timeout to wait response from server (seconds)</help>
</properties>
</leafNode>
<leafNode name="acct-timeout">
<properties>
<help>Timeout to wait reply for Interim-Update packets. (default 3 seconds)</help>
</properties>
</leafNode>
<leafNode name="max-try">
<properties>
<help>Maximum number of tries to send Access-Request/Accounting-Request queries</help>
</properties>
</leafNode>
<leafNode name="nas-identifier">
<properties>
<help>Value to send to RADIUS server in NAS-Identifier attribute and to be matched in DM/CoA requests.</help>
</properties>
</leafNode>
<node name="dae-server">
<properties>
<help>IPv4 address and port to bind Dynamic Authorization Extension server (DM/CoA)</help>
</properties>
<children>
<leafNode name="ip-address">
<properties>
<help>IP address for Dynamic Authorization Extension server (DM/CoA)</help>
</properties>
</leafNode>
<leafNode name="port">
<properties>
<help>Port for Dynamic Authorization Extension server (DM/CoA)</help>
</properties>
</leafNode>
<leafNode name="secret">
<properties>
<help>Secret for Dynamic Authorization Extension server (DM/CoA)</help>
</properties>
</leafNode>
</children>
</node>
<node name="rate-limit">
<properties>
<help>Upload/Download speed limits</help>
</properties>
<children>
<leafNode name="attribute">
<properties>
<help>Specifies which radius attribute contains rate information. (default is Filter-Id)</help>
</properties>
</leafNode>
<leafNode name="vendor">
<properties>
<help>Specifies the vendor dictionary. (dictionary needs to be in /usr/share/accel-ppp/radius)</help>
</properties>
</leafNode>
<leafNode name="enable">
<properties>
<help>Enables Bandwidth shaping via RADIUS</help>
<valueless />
</properties>
</leafNode>
</children>
</node>
</children>
</node>
</children>
</node>
<node name="ppp-options">
<properties>
<help>Advanced protocol options</help>
</properties>
<children>
<leafNode name="lcp-echo-interval">
<properties>
<help>LCP echo-requests/sec</help>
<constraint>
<validator name="numeric" argument="--positive"/>
</constraint>
</properties>
</leafNode>
<leafNode name="lcp-echo-failure">
<properties>
<help>Maximum number of Echo-Requests may be sent without valid reply</help>
<constraint>
<validator name="numeric" argument="--positive"/>
</constraint>
</properties>
</leafNode>
</children>
</node>
</children>
</node>
</children>
</node>
</children>
</node>
</interfaceDefinition>
diff --git a/interface-definitions/mdns-repeater.xml b/interface-definitions/mdns-repeater.xml.in
similarity index 100%
rename from interface-definitions/mdns-repeater.xml
rename to interface-definitions/mdns-repeater.xml.in
diff --git a/interface-definitions/ntp.xml b/interface-definitions/ntp.xml.in
similarity index 100%
rename from interface-definitions/ntp.xml
rename to interface-definitions/ntp.xml.in
diff --git a/interface-definitions/pppoe-server.xml b/interface-definitions/pppoe-server.xml.in
similarity index 98%
rename from interface-definitions/pppoe-server.xml
rename to interface-definitions/pppoe-server.xml.in
index c2feef65b..6e99c2fd7 100644
--- a/interface-definitions/pppoe-server.xml
+++ b/interface-definitions/pppoe-server.xml.in
@@ -1,616 +1,616 @@
<?xml version="1.0"?>
<interfaceDefinition>
<node name="service">
<children>
<node name="pppoe-server" owner="${vyos_conf_scripts_dir}/accel_pppoe.py">
<properties>
<help>Point to Point over Ethernet (PPPoE) Server</help>
<priority>900</priority>
</properties>
<children>
<node name="snmp">
<properties>
<help>Enable SNMP</help>
</properties>
<children>
<leafNode name="master-agent">
<properties>
<help>enable SNMP master agent mode</help>
<valueless />
</properties>
</leafNode>
</children>
</node>
<leafNode name="access-concentrator">
<properties>
<help>Access concentrator name</help>
<constraint>
<regex>^[a-zA-Z0-9]{1,100}</regex>
</constraint>
<constraintErrorMessage>access-concentrator name limited to alphanumerical characters only (max. 100)</constraintErrorMessage>
- </properties>
+ </properties>
</leafNode>
<node name="authentication">
<properties>
<help>Authentication for remote access PPPoE Server</help>
</properties>
<children>
<node name="local-users">
<properties>
<help>Local user authentication for PPPoE server</help>
</properties>
<children>
<tagNode name="username">
<properties>
<help>User name for authentication</help>
</properties>
<children>
<leafNode name="disable">
<properties>
<help>Option to disable a PPPoE Server user</help>
</properties>
</leafNode>
<leafNode name="password">
<properties>
<help>Password for authentication</help>
</properties>
</leafNode>
<leafNode name="static-ip">
<properties>
<help>Static client IP address</help>
</properties>
</leafNode>
<node name="rate-limit">
<properties>
<help>Upload/Download speed limits</help>
</properties>
<children>
<leafNode name="upload">
<properties>
<help>Upload bandwidth limit in kbits/sec</help>
<constraint>
<validator name="numeric" argument="--range 1-65535"/>
</constraint>
</properties>
</leafNode>
<leafNode name="download">
<properties>
<help>Download bandwidth limit in kbits/sec</help>
<constraint>
<validator name="numeric" argument="--range 1-65535"/>
</constraint>
</properties>
</leafNode>
</children>
</node>
</children>
</tagNode>
</children>
</node>
<leafNode name="mode">
<properties>
<help>Authentication mode for PPPoE Server</help>
<valueHelp>
<format>local</format>
<description>Use local username/password configuration</description>
</valueHelp>
<valueHelp>
<format>radius</format>
<description>Use a RADIUS server to autenticate users</description>
</valueHelp>
<constraint>
<regex>^(local|radius)</regex>
</constraint>
<completionHelp>
<list>local radius</list>
</completionHelp>
</properties>
</leafNode>
<tagNode name="radius-server">
<properties>
<help>IP address of RADIUS server</help>
<valueHelp>
<format>ipv4</format>
<description>IP address of RADIUS server</description>
</valueHelp>
</properties>
<children>
<leafNode name="secret">
<properties>
<help>Key for accessing the specified server</help>
</properties>
</leafNode>
<leafNode name="req-limit">
<properties>
<help>Maximum number of simultaneous requests to server (default: unlimited)</help>
</properties>
</leafNode>
<leafNode name="fail-time">
<properties>
- <help>If server doesn't responds mark it as unavailable for this amount of time in seconds</help>
+ <help>If server does not responds mark it as unavailable for this amount of time in seconds</help>
</properties>
</leafNode>
</children>
</tagNode>
<node name="radius-settings">
<properties>
<help>RADIUS settings</help>
</properties>
<children>
<leafNode name="timeout">
<properties>
<help>Timeout to wait response from server (seconds)</help>
</properties>
</leafNode>
<leafNode name="acct-timeout">
<properties>
<help>Timeout to wait reply for Interim-Update packets. (default 3 seconds)</help>
</properties>
</leafNode>
<leafNode name="max-try">
<properties>
<help>Maximum number of tries to send Access-Request/Accounting-Request queries</help>
</properties>
</leafNode>
<leafNode name="nas-identifier">
<properties>
<help>Value to send to RADIUS server in NAS-Identifier attribute and to be matched in DM/CoA requests.</help>
</properties>
</leafNode>
<leafNode name="nas-ip-address">
<properties>
<help>Value to send to RADIUS server in NAS-IP-Address attribute and to be matched in DM/CoA requests. Also DM/CoA server will bind to that address.</help>
</properties>
</leafNode>
<node name="dae-server">
<properties>
<help>IPv4 address and port to bind Dynamic Authorization Extension server (DM/CoA)</help>
</properties>
<children>
<leafNode name="ip-address">
<properties>
<help>IP address for Dynamic Authorization Extension server (DM/CoA)</help>
</properties>
</leafNode>
<leafNode name="port">
<properties>
<help>Port for Dynamic Authorization Extension server (DM/CoA)</help>
</properties>
</leafNode>
<leafNode name="secret">
<properties>
<help>Secret for Dynamic Authorization Extension server (DM/CoA)</help>
</properties>
</leafNode>
</children>
</node>
<node name="rate-limit">
<properties>
<help>Upload/Download speed limits</help>
</properties>
<children>
<leafNode name="attribute">
<properties>
<help>Specifies which radius attribute contains rate information. (default is Filter-Id)</help>
</properties>
</leafNode>
<leafNode name="vendor">
<properties>
<help>Specifies the vendor dictionary. (dictionary needs to be in /usr/share/accel-ppp/radius)</help>
</properties>
</leafNode>
<leafNode name="enable">
<properties>
<help>Enables Bandwidth shaping via RADIUS</help>
<valueless />
</properties>
</leafNode>
</children>
</node>
</children>
</node>
</children>
</node>
<node name="client-ip-pool">
<properties>
<help>Pool of client IP addresses (must be within a /24)</help>
</properties>
<children>
<leafNode name="start">
<properties>
<help>First IP address in the pool</help>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="stop">
<properties>
<help>Last IP address in the pool</help>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="subnet">
<properties>
<help>Client IP subnet (CIDR notation)</help>
<constraint>
<validator name="ipv4-prefix"/>
</constraint>
<constraintErrorMessage>Not a valid CIDR formatted prefix</constraintErrorMessage>
<multi />
</properties>
</leafNode>
</children>
</node>
<node name="client-ipv6-pool">
<properties>
<help>Pool of client IPv6 addresses</help>
</properties>
<children>
<leafNode name="prefix">
<properties>
<help>Format: ipv6prefix/mask,prefix_len (e.g.: fc00:0:1::/48,64 - divides prefix into /64 subnets for clients)</help>
<multi />
</properties>
</leafNode>
<leafNode name="delegate-prefix">
<properties>
<help>Format: ipv6prefix/mask,prefix_len (delegate to clients through DHCPv6 prefix delegation - rfc3633)</help>
<multi />
</properties>
</leafNode>
</children>
</node>
<node name="dns-servers">
<properties>
<help>IPv4 Domain Name Service (DNS) server</help>
</properties>
<children>
<leafNode name="server-1">
<properties>
<help>Primary DNS server</help>
<valueHelp>
<format>ipv4</format>
<description>IPv4 address</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="server-2">
<properties>
<help>Secondary DNS server</help>
<valueHelp>
<format>ipv4</format>
<description>IPv4 address</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
</children>
- </node>
+ </node>
<node name="dnsv6-servers">
<properties>
<help>IPv6 Domain Name Service (DNS) server</help>
</properties>
<children>
<leafNode name="server-1">
<properties>
<valueHelp>
<format>ipv6</format>
<description>IPv6 address</description>
</valueHelp>
<help>Primary DNS server</help>
<constraint>
<validator name="ipv6-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="server-2">
<properties>
<valueHelp>
<format>ipv6</format>
<description>IPv6 address</description>
</valueHelp>
<help>Secondary DNS server</help>
<constraint>
<validator name="ipv6-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="server-3">
<properties>
<valueHelp>
<format>ipv6</format>
<description>IPv6 address</description>
</valueHelp>
<help>Tertiary DNS server</help>
<constraint>
<validator name="ipv6-address"/>
</constraint>
</properties>
</leafNode>
</children>
</node>
<tagNode name="interface">
<properties>
<help>interface(s) to listen on</help>
<completionHelp>
<script>${vyos_completion_dir}/list_interfaces.py</script>
</completionHelp>
</properties>
<children>
<leafNode name="vlan-id">
<properties>
<help>VLAN monitor for the automatic creation of vlans (user per vlan)</help>
<constraint>
<validator name="numeric" argument="--range 1-4096"/>
</constraint>
<constraintErrorMessage>VLAN ID needs to be between 1 and 4096</constraintErrorMessage>
<multi />
</properties>
</leafNode>
<leafNode name="vlan-range">
<properties>
<help>VLAN monitor for the automatic creation of vlans (user per vlan)</help>
<constraint>
<regex>(409[0-6]|40[0-8][0-9]|[1-3][0-9]{3}|[1-9][0-9]{0,2})-(409[0-6]|40[0-8][0-9]|[1-3][0-9]{3}|[1-9][0-9]{0,2})</regex>
</constraint>
<multi />
</properties>
</leafNode>
</children>
</tagNode>
<leafNode name="local-ip">
<properties>
<help>local gateway address</help>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="mtu">
<properties>
<help>Maximum Transmission Unit (MTU) - default 1492</help>
<constraint>
<validator name="numeric" argument="--range 128-16384"/>
</constraint>
</properties>
</leafNode>
<node name="limits">
<properties>
<help>Limits the connection rate from a single source</help>
</properties>
<children>
<leafNode name="connection-limit">
<properties>
<help>Acceptable rate of connections (e.g. 1/min, 60/sec)</help>
<constraint>
<regex>^[0-9]+\/(min|sec)$</regex>
</constraint>
<constraintErrorMessage>illegal value</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="burst">
<properties>
<help>Burst count</help>
</properties>
</leafNode>
<leafNode name="timeout">
<properties>
<help>Timeout in seconds</help>
</properties>
</leafNode>
</children>
</node>
<leafNode name="service-name">
<properties>
<help>Service name</help>
<constraint>
<regex>^[a-zA-Z0-9\-]{1,100}</regex>
</constraint>
<constraintErrorMessage>servicename can contain aplhanumerical characters and dashes only (max. 100)</constraintErrorMessage>
</properties>
</leafNode>
<node name="wins-servers">
<properties>
<help>Windows Internet Name Service (WINS) server settings</help>
</properties>
<children>
<leafNode name="server-1">
<properties>
<help>Primary WINS server</help>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="server-2">
<properties>
<help>Secondary WINS server</help>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
</children>
</node>
<node name="ppp-options">
<properties>
<help>Advanced protocol options</help>
</properties>
<children>
<leafNode name="min-mtu">
<properties>
<help>Minimum acceptable MTU (68-65535)</help>
<constraint>
<validator name="numeric" argument="--range 68-65535"/>
</constraint>
</properties>
</leafNode>
<leafNode name="mru">
<properties>
<help>Preferred MRU (68-65535)</help>
<constraint>
<validator name="numeric" argument="--range 68-65535"/>
</constraint>
</properties>
</leafNode>
<leafNode name="ccp">
<properties>
<help>CCP negotiation (default disabled)</help>
<valueless />
</properties>
</leafNode>
<node name="mppe">
<properties>
<help>Specifies MPPE negotiation preference. (default prefer mppe)</help>
</properties>
<children>
<leafNode name="require">
<properties>
<help>Ask client for MPPE, if it rejects then drop the connection</help>
<valueless />
</properties>
</leafNode>
<leafNode name="prefer">
<properties>
- <help>Ask client for MPPE, if it rejects don't fail</help>
+ <help>Ask client for MPPE, if it rejects do not fail</help>
<valueless />
</properties>
</leafNode>
<leafNode name="deny">
<properties>
<help>Deny MPPE</help>
<valueless />
</properties>
</leafNode>
</children>
</node>
<leafNode name="lcp-echo-interval">
<properties>
<help>LCP echo-requests/sec</help>
<constraint>
<validator name="numeric" argument="--positive"/>
</constraint>
</properties>
</leafNode>
<leafNode name="lcp-echo-failure">
<properties>
<help>Maximum number of Echo-Requests may be sent without valid reply</help>
<constraint>
<validator name="numeric" argument="--positive"/>
</constraint>
</properties>
</leafNode>
<leafNode name="lcp-echo-timeout">
<properties>
<help>Timeout in seconds to wait for any peer activity. If this option specified it turns on adaptive lcp echo functionality and "lcp-echo-failure" is not used.</help>
<constraint>
<validator name="numeric" argument="--positive"/>
</constraint>
</properties>
</leafNode>
<leafNode name="ipv4">
<properties>
<help>IPv4 (IPCP) negotiation algorithm</help>
<constraint>
<regex>^(deny|allow|prefer|require)</regex>
</constraint>
<constraintErrorMessage>invalid value</constraintErrorMessage>
<valueHelp>
<format>deny</format>
- <description>Don't negotiate IPv4</description>
+ <description>Do not negotiate IPv4</description>
</valueHelp>
<valueHelp>
<format>allow</format>
<description>Negotiate IPv4 only if client requests</description>
</valueHelp>
<valueHelp>
<format>prefer</format>
- <description>Ask client for IPv4 negotiation, don't fail if it rejects</description>
+ <description>Ask client for IPv4 negotiation, do not fail if it rejects</description>
</valueHelp>
<valueHelp>
<format>require</format>
<description>Require IPv4 negotiation</description>
</valueHelp>
</properties>
</leafNode>
<leafNode name="ipv6">
<properties>
<help>IPv6 (IPCP6) negotiation algorithm</help>
<constraint>
<regex>^(deny|allow|prefer|require)</regex>
</constraint>
<constraintErrorMessage>invalid value</constraintErrorMessage>
<valueHelp>
<format>deny</format>
- <description>Don't negotiate IPv6</description>
+ <description>Do not negotiate IPv6</description>
</valueHelp>
<valueHelp>
<format>allow</format>
<description>Negotiate IPv6 only if client requests</description>
</valueHelp>
<valueHelp>
<format>prefer</format>
- <description>Ask client for IPv6 negotiation, don't fail if it rejects</description>
+ <description>Ask client for IPv6 negotiation, do not fail if it rejects</description>
</valueHelp>
<valueHelp>
<format>require</format>
<description>Require IPv6 negotiation</description>
</valueHelp>
</properties>
</leafNode>
<leafNode name="ipv6-intf-id">
<properties>
<help>Fixed or random interface identifier for IPv6</help>
<valueHelp>
<format>random</format>
<description>Random interface identifier for IPv6</description>
</valueHelp>
<valueHelp>
<format>x:x:x:x</format>
<description>specify interface identifier for IPv6</description>
</valueHelp>
</properties>
</leafNode>
<leafNode name="ipv6-peer-intf-id">
<properties>
<help>Peer interface identifier for IPv6</help>
<valueHelp>
<format>x:x:x:x</format>
<description>Interface identifier for IPv6</description>
</valueHelp>
<valueHelp>
<format>random</format>
<description>Use a random interface identifier for IPv6</description>
</valueHelp>
<valueHelp>
<format>ipv4</format>
<description>Calculate interface identifier from IPv4 address, for example 192:168:0:1</description>
</valueHelp>
<valueHelp>
<format>calling-sid</format>
<description>Calculate interface identifier from calling-station-id</description>
</valueHelp>
</properties>
</leafNode>
<leafNode name="ipv6-accept-peer-intf-id">
<properties>
- <help>Accept peer's interface identifier</help>
- <valueless />
+ <help>Accept peer interface identifier</help>
+ <valueless />
</properties>
</leafNode>
</children>
</node>
</children>
</node>
</children>
</node>
</interfaceDefinition>
diff --git a/interface-definitions/pptp-server.xml b/interface-definitions/pptp-server.xml.in
similarity index 98%
rename from interface-definitions/pptp-server.xml
rename to interface-definitions/pptp-server.xml.in
index 5d16f8b9f..3b4ea4f17 100644
--- a/interface-definitions/pptp-server.xml
+++ b/interface-definitions/pptp-server.xml.in
@@ -1,254 +1,254 @@
<?xml version="1.0"?>
<interfaceDefinition>
<node name="vpn">
<children>
<node name="pptp" owner="${vyos_conf_scripts_dir}/accel_pptp.py">
<properties>
<help>Point to Point Tunneling Protocol (PPTP) Virtual Private Network (VPN)</help>
</properties>
<children>
<node name="remote-access">
<properties>
<help>Remote access PPTP VPN</help>
</properties>
<children>
<leafNode name="mtu">
<properties>
<help>Maximum Transmission Unit (MTU)</help>
<constraint>
<validator name="numeric" argument="--range 128-16384"/>
</constraint>
</properties>
</leafNode>
<leafNode name="outside-address">
<properties>
<help>External IP address to which VPN clients will connect</help>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<node name="dns-servers">
<properties>
<help>IPv4 Domain Name Service (DNS) server</help>
</properties>
<children>
<leafNode name="server-1">
<properties>
<help>Primary DNS server</help>
<valueHelp>
<format>ipv4</format>
<description>IPv4 address</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="server-2">
<properties>
<help>Secondary DNS server</help>
<valueHelp>
<format>ipv4</format>
<description>IPv4 address</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
</children>
- </node>
+ </node>
<node name="wins-servers">
<properties>
<help>Windows Internet Name Service (WINS) server settings</help>
</properties>
<children>
<leafNode name="server-1">
<properties>
<help>Primary WINS server</help>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="server-2">
<properties>
<help>Secondary WINS server</help>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
</children>
</node>
<node name="client-ip-pool">
<properties>
<help>Pool of client IP addresses (must be within a /24)</help>
</properties>
<children>
<leafNode name="start">
<properties>
<help>First IP address in the pool (will be used as gateway address)</help>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="stop">
<properties>
<help>Last IP address in the pool</help>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
</children>
</node>
<leafNode name="gateway-address">
<properties>
<help>Gatway address uses as client tunnel termination point</help>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<node name="authentication">
<properties>
<help>Authentication for remote access PPTP VPN</help>
</properties>
<children>
<leafNode name="require">
<properties>
<help>Authentication protocol for remote access peer PPTP VPN</help>
<valueHelp>
<format>pap</format>
<description>Require the peer to authenticate itself using PAP [Password Authentication Protocol].</description>
</valueHelp>
<valueHelp>
<format>chap</format>
<description>Require the peer to authenticate itself using CHAP [Challenge Handshake Authentication Protocol].</description>
</valueHelp>
<valueHelp>
<format>mschap</format>
<description>Require the peer to authenticate itself using CHAP [Challenge Handshake Authentication Protocol].</description>
</valueHelp>
<valueHelp>
<format>mschap-v2</format>
<description>Require the peer to authenticate itself using MS-CHAPv2 [Microsoft Challenge Handshake Authentication Protocol, Version 2].</description>
</valueHelp>
</properties>
</leafNode>
<leafNode name="mppe">
<properties>
<help>Specifies mppe negotioation preference. (default require mppe 128-bit stateless</help>
<valueHelp>
<format>deny</format>
<description>deny mppe</description>
</valueHelp>
<valueHelp>
<format>prefer</format>
- <description>ask client for mppe, if it rejects don't fail</description>
+ <description>ask client for mppe, if it rejects do not fail</description>
</valueHelp>
<valueHelp>
<format>require</format>
<description>ask client for mppe, if it rejects drop connection</description>
</valueHelp>
<constraint>
<regex>^(deny|prefer|require)</regex>
</constraint>
<completionHelp>
<list>deny prefer require</list>
</completionHelp>
</properties>
</leafNode>
<leafNode name="mode">
<properties>
<help>Authentication mode for remote access PPTP VPN</help>
<valueHelp>
<format>local</format>
<description>Use local username/password configuration</description>
</valueHelp>
<valueHelp>
<format>radius</format>
<description>Use a RADIUS server to autenticate users</description>
</valueHelp>
<constraint>
<regex>^(local|radius)</regex>
</constraint>
<completionHelp>
<list>local radius</list>
</completionHelp>
</properties>
</leafNode>
<node name="local-users">
<properties>
<help>Local user authentication for remote access PPTP VPN</help>
</properties>
<children>
<tagNode name="username">
<properties>
<help>User name for authentication</help>
</properties>
<children>
<leafNode name="disable">
<properties>
<help>Option to disable a PPTP Server user</help>
</properties>
</leafNode>
<leafNode name="password">
<properties>
<help>Password for authentication</help>
</properties>
</leafNode>
<leafNode name="static-ip">
<properties>
<help>Static client IP address</help>
</properties>
</leafNode>
</children>
</tagNode>
</children>
</node>
<node name="radius">
<properties>
<help>RADIUS specific configuration</help>
</properties>
<children>
<tagNode name="server">
<properties>
<help>IP address of radius server</help>
<valueHelp>
<format>ipv4</format>
<description>IP address of RADIUS server</description>
</valueHelp>
</properties>
<children>
<leafNode name="key">
<properties>
<help>Key for accessing the specified server</help>
</properties>
</leafNode>
<leafNode name="req-limit">
<properties>
<help>Maximum number of simultaneous requests to server (default: unlimited)</help>
</properties>
</leafNode>
<leafNode name="fail-time">
<properties>
- <help>If server doesn't responds mark it as unavailable for this amount of time in seconds</help>
+ <help>If server does not responds mark it as unavailable for this time (seconds)</help>
</properties>
</leafNode>
</children>
</tagNode>
</children>
</node>
</children>
</node>
</children>
</node>
</children>
</node>
</children>
</node>
</interfaceDefinition>
diff --git a/interface-definitions/protocols-bfd.xml b/interface-definitions/protocols-bfd.xml.in
similarity index 100%
rename from interface-definitions/protocols-bfd.xml
rename to interface-definitions/protocols-bfd.xml.in
diff --git a/interface-definitions/snmp.xml b/interface-definitions/snmp.xml.in
similarity index 100%
rename from interface-definitions/snmp.xml
rename to interface-definitions/snmp.xml.in
diff --git a/interface-definitions/ssh.xml b/interface-definitions/ssh.xml.in
similarity index 98%
rename from interface-definitions/ssh.xml
rename to interface-definitions/ssh.xml.in
index c0ce976d6..8dea94d05 100644
--- a/interface-definitions/ssh.xml
+++ b/interface-definitions/ssh.xml.in
@@ -1,182 +1,182 @@
<?xml version="1.0"?>
<!--SSH configuration -->
<interfaceDefinition>
<node name="service">
<children>
<node name="ssh" owner="${vyos_conf_scripts_dir}/ssh.py">
<properties>
<help>Secure SHell (SSH) protocol</help>
<priority>500</priority>
</properties>
<children>
<node name="access-control">
<properties>
<help>SSH user/group access controls. Directives are processed
in the following order: deny-users, allow-users, deny-groups and
allow-groups.</help>
</properties>
<children>
<node name="allow">
<properties>
<help>Allow user/group SSH access</help>
</properties>
<children>
<leafNode name="group">
<properties>
<help>Allow members of a group to login</help>
<constraint>
<regex>^[a-z_][a-z0-9_-]{1,31}[$]?</regex>
</constraint>
<constraintErrorMessage>illegal characters or more than 32 characters</constraintErrorMessage>
<multi/>
</properties>
</leafNode>
<leafNode name="user">
<properties>
<help>Allow specific users to login</help>
<constraint>
<regex>^[a-z_][a-z0-9_-]{1,31}[$]?</regex>
</constraint>
<constraintErrorMessage>illegal characters or more than 32 characters</constraintErrorMessage>
<multi/>
</properties>
</leafNode>
</children>
</node>
<node name="deny">
<properties>
<help>Deny user/group SSH access</help>
</properties>
<children>
<leafNode name="group">
<properties>
<help>Disallow members of a group to login</help>
<constraint>
<regex>^[a-z_][a-z0-9_-]{1,31}[$]?</regex>
</constraint>
<constraintErrorMessage>illegal characters or more than 32 characters</constraintErrorMessage>
<multi/>
</properties>
</leafNode>
<leafNode name="user">
<properties>
<help>Disallow specific users to login</help>
<constraint>
<regex>^[a-z_][a-z0-9_-]{1,31}[$]?</regex>
</constraint>
<constraintErrorMessage>illegal characters or more than 32 characters</constraintErrorMessage>
<multi/>
</properties>
</leafNode>
</children>
</node>
</children>
</node>
<leafNode name="ciphers">
<properties>
<help>Allowed ciphers</help>
<completionHelp>
<script>ssh -Q cipher | tr '\n' ' '</script>
</completionHelp>
<multi/>
</properties>
</leafNode>
<leafNode name="disable-host-validation">
<properties>
- <help>Don't validate the remote host name with DNS</help>
+ <help>Disable IP Address to Hostname lookup</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="disable-password-authentication">
<properties>
<help>Disable password-based authentication</help>
<valueless/>
</properties>
</leafNode>
<leafNode name="key-exchange">
<properties>
<help>Allowed key exchange (KEX) algorithms</help>
<completionHelp>
<script>ssh -Q kex | tr '\n' ' '</script>
</completionHelp>
<multi/>
</properties>
</leafNode>
<leafNode name="listen-address">
<properties>
<help>Local addresses SSH service should listen on</help>
<valueHelp>
<format>ipv4</format>
<description>IP address to listen for incoming connections</description>
</valueHelp>
<valueHelp>
<format>ipv6</format>
<description>IPv6 address to listen for incoming connections</description>
</valueHelp>
<multi/>
<constraint>
<validator name="ipv4-address"/>
<validator name="ipv6-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="loglevel">
<properties>
<help>Log level</help>
<valueHelp>
<format>QUIET</format>
<description>stay silent</description>
</valueHelp>
<valueHelp>
<format>FATAL</format>
<description>log fatals only</description>
</valueHelp>
<valueHelp>
<format>ERROR</format>
<description>log errors and fatals only</description>
</valueHelp>
<valueHelp>
<format>INFO</format>
<description>default log level</description>
</valueHelp>
<valueHelp>
<format>VERBOSE</format>
<description>enable logging of failed login attempts</description>
</valueHelp>
</properties>
</leafNode>
<leafNode name="mac">
<properties>
<help>Allowed message authentication code (MAC) algorithms</help>
<completionHelp>
<script>ssh -Q mac | tr '\n' ' '</script>
</completionHelp>
<multi/>
</properties>
</leafNode>
<leafNode name="port">
<properties>
<help>Port for SSH service</help>
<valueHelp>
<format>1-65535</format>
<description>Numeric IP port</description>
</valueHelp>
<multi/>
<constraint>
<validator name="numeric" argument="--range 1-65535"/>
</constraint>
</properties>
</leafNode>
<leafNode name="client-keepalive-interval">
<properties>
<help>how often send keep alives in seconds</help>
<constraint>
- <validator name="numeric" argument="--range 1-65535"/>
+ <validator name="numeric" argument="--range 1-65535"/>
</constraint>
</properties>
</leafNode>
</children>
</node>
</children>
</node>
</interfaceDefinition>
diff --git a/interface-definitions/sstp.xml b/interface-definitions/sstp.xml.in
similarity index 99%
rename from interface-definitions/sstp.xml
rename to interface-definitions/sstp.xml.in
index d944baaad..290b45a98 100644
--- a/interface-definitions/sstp.xml
+++ b/interface-definitions/sstp.xml.in
@@ -1,416 +1,416 @@
<?xml version="1.0"?>
<interfaceDefinition>
<node name="service">
<children>
<node name="sstp-server" owner="${vyos_conf_scripts_dir}/accel_sstp.py">
<properties>
<help>Secure Socket Tunneling Protocol (SSTP) Server</help>
<priority>900</priority>
</properties>
<children>
<node name="authentication">
<properties>
<help>Authentication for remote access SSTP Server</help>
</properties>
<children>
<node name="local-users">
<properties>
<help>Local user authentication for SSTP server</help>
</properties>
<children>
<tagNode name="username">
<properties>
<help>User name for authentication</help>
</properties>
<children>
<leafNode name="disable">
<properties>
<help>Option to disable a SSTP Server user</help>
<valueless />
</properties>
</leafNode>
<leafNode name="password">
<properties>
<help>Password for authentication</help>
</properties>
</leafNode>
<leafNode name="static-ip">
<properties>
<help>Static client IP address</help>
</properties>
</leafNode>
<node name="rate-limit">
<properties>
<help>Upload/Download speed limits</help>
</properties>
<children>
<leafNode name="upload">
<properties>
<help>Upload bandwidth limit in kbits/sec</help>
<constraint>
<validator name="numeric" argument="--range 1-65535"/>
</constraint>
</properties>
</leafNode>
<leafNode name="download">
<properties>
<help>Download bandwidth limit in kbits/sec</help>
<constraint>
<validator name="numeric" argument="--range 1-65535"/>
</constraint>
</properties>
</leafNode>
</children>
</node>
</children>
</tagNode>
</children>
</node>
<leafNode name="mode">
<properties>
<help>Authentication mode for SSTP Server</help>
<valueHelp>
<format>local</format>
<description>Use local username/password configuration</description>
</valueHelp>
<valueHelp>
<format>radius</format>
<description>Use a RADIUS server to autenticate users</description>
</valueHelp>
<constraint>
<regex>^(local|radius)</regex>
</constraint>
<completionHelp>
<list>local radius</list>
</completionHelp>
</properties>
</leafNode>
<leafNode name="protocols">
<properties>
<help>Authentication protocol for remote access peer SSTP VPN</help>
<valueHelp>
<format>pap</format>
<description>Require the peer to authenticate itself using PAP [Password Authentication Protocol].</description>
</valueHelp>
<valueHelp>
<format>chap</format>
<description>Require the peer to authenticate itself using CHAP [Challenge Handshake Authentication Protocol].</description>
</valueHelp>
<valueHelp>
<format>mschap</format>
<description>Require the peer to authenticate itself using CHAP [Challenge Handshake Authentication Protocol].</description>
</valueHelp>
<valueHelp>
<format>mschap-v2</format>
<description>Require the peer to authenticate itself using MS-CHAPv2 [Microsoft Challenge Handshake Authentication Protocol, Version 2].</description>
</valueHelp>
<constraint>
<regex>^(pap|chap|mschap|mschap-v2)</regex>
</constraint>
<completionHelp>
<list>pap chap mschap mschap-v2</list>
</completionHelp>
<multi />
</properties>
</leafNode>
<tagNode name="radius-server">
<properties>
<help>IP address of RADIUS server</help>
<valueHelp>
<format>ipv4</format>
<description>IP address of RADIUS server</description>
</valueHelp>
</properties>
<children>
<leafNode name="secret">
<properties>
<help>Key for accessing the specified server</help>
</properties>
</leafNode>
<leafNode name="req-limit">
<properties>
<help>Maximum number of simultaneous requests to server (default: unlimited)</help>
</properties>
</leafNode>
<leafNode name="fail-time">
<properties>
- <help>If server doesn't responds mark it as unavailable for this amount of time in seconds</help>
+ <help>If server does not responds mark it as unavailable for this time (seconds)</help>
</properties>
</leafNode>
</children>
</tagNode>
<node name="radius-settings">
<properties>
<help>RADIUS settings</help>
</properties>
<children>
<leafNode name="timeout">
<properties>
<help>Timeout to wait response from server (seconds)</help>
</properties>
</leafNode>
<leafNode name="acct-timeout">
<properties>
<help>Timeout to wait reply for Interim-Update packets. (default 3 seconds)</help>
</properties>
</leafNode>
<leafNode name="max-try">
<properties>
<help>Maximum number of tries to send Access-Request/Accounting-Request queries</help>
</properties>
</leafNode>
<leafNode name="nas-identifier">
<properties>
<help>Value to send to RADIUS server in NAS-Identifier attribute and to be matched in DM/CoA requests.</help>
</properties>
</leafNode>
<leafNode name="nas-ip-address">
<properties>
<help>Value to send to RADIUS server in NAS-IP-Address attribute and to be matched in DM/CoA requests. Also DM/CoA server will bind to that address.</help>
<constraint>
<validator name="ipv4-address"/>
</constraint>
<constraintErrorMessage>invalid IPv4 address</constraintErrorMessage>
<valueHelp>
<format>ipv4</format>
<description>NAS-IP-Address Attribute Value</description>
</valueHelp>
</properties>
</leafNode>
<node name="dae-server">
<properties>
<help>IPv4 address and port to bind Dynamic Authorization Extension server (DM/CoA)</help>
</properties>
<children>
<leafNode name="ip-address">
<properties>
<help>IP address for Dynamic Authorization Extension server (DM/CoA)</help>
<constraint>
<validator name="ipv4-address"/>
</constraint>
<constraintErrorMessage>invalid IPv4 address</constraintErrorMessage>
<valueHelp>
<format>ipv4</format>
<description>Specifies IP address for Dynamic Authorization Extension server (DM/CoA)</description>
</valueHelp>
</properties>
</leafNode>
<leafNode name="port">
<properties>
<help>Port for Dynamic Authorization Extension server (DM/CoA)</help>
<valueHelp>
<format>number</format>
<description>TCP port</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 1-65535"/>
</constraint>
</properties>
</leafNode>
<leafNode name="secret">
<properties>
<help>Secret for Dynamic Authorization Extension server (DM/CoA)</help>
</properties>
</leafNode>
</children>
</node>
<node name="rate-limit">
<properties>
<help>Upload/Download speed limits</help>
</properties>
<children>
<leafNode name="attribute">
<properties>
<help>Specifies which radius attribute contains rate information. (default is Filter-Id)</help>
</properties>
</leafNode>
<leafNode name="vendor">
<properties>
<help>Specifies the vendor dictionary. (dictionary needs to be in /usr/share/accel-ppp/radius)</help>
</properties>
</leafNode>
<leafNode name="enable">
<properties>
<help>Enables Bandwidth shaping via RADIUS</help>
<valueless />
</properties>
</leafNode>
</children>
</node>
</children>
</node>
</children>
</node>
<node name="sstp-settings">
<properties>
<help>SSTP settings</help>
</properties>
<children>
<node name="ssl-certs">
<properties>
<help>SSL Certificate, SSL Key and CA (/config/user-data/sstp)</help>
</properties>
<children>
<leafNode name="ca">
<properties>
<help>Certificate Authority certificate</help>
<completionHelp>
<script>if [ -e /config/user-data/sstp ]; then ls /config/user-data/sstp; fi</script>
</completionHelp>
</properties>
</leafNode>
<leafNode name="server-cert">
<properties>
<help>Server Certificate</help>
<completionHelp>
<script>if [ -e /config/user-data/sstp ]; then ls /config/user-data/sstp; fi</script>
</completionHelp>
</properties>
</leafNode>
<leafNode name="server-key">
<properties>
<help>Privat Key of the Server Certificate</help>
<completionHelp>
<script>if [ -e /config/user-data/sstp ]; then ls /config/user-data/sstp; fi</script>
</completionHelp>
</properties>
</leafNode>
</children>
</node>
</children>
</node>
<node name="network-settings">
<properties>
<help>Network settings</help>
</properties>
<children>
<node name="client-ip-settings">
<properties>
<help>Client IP pools and gateway setting</help>
</properties>
<children>
<leafNode name="subnet">
<properties>
<help>Client IP subnet (CIDR notation)</help>
<constraint>
<validator name="ipv4-prefix"/>
</constraint>
<constraintErrorMessage>Not a valid CIDR formatted prefix</constraintErrorMessage>
<multi />
</properties>
</leafNode>
<leafNode name="gateway-address">
<properties>
<help>Gateway IP address</help>
<constraint>
<validator name="ipv4-address"/>
</constraint>
<constraintErrorMessage>invalid IPv4 address</constraintErrorMessage>
<valueHelp>
<format>ipv4</format>
<description>Default Gateway send to the client</description>
</valueHelp>
</properties>
</leafNode>
</children>
</node>
<node name="dns-server">
<properties>
<help>DNS servers propagated to clients</help>
</properties>
<children>
<leafNode name="primary-dns">
<properties>
<help>Primary DNS Server</help>
<valueHelp>
<format>ipv4</format>
<description>IPv4 address</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
<leafNode name="secondary-dns">
<properties>
<help>Secondary DNS Server</help>
<valueHelp>
<format>ipv4</format>
<description>IPv4 address</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
</constraint>
</properties>
</leafNode>
</children>
</node>
<leafNode name="mtu">
<properties>
<help>Maximum Transmission Unit (MTU)</help>
<constraint>
<validator name="numeric" argument="--range 128-16384"/>
</constraint>
</properties>
</leafNode>
</children>
</node>
<node name="ppp-settings">
<properties>
<help>PPP (Point-to-Point Protocol) settings</help>
</properties>
<children>
<leafNode name="mppe">
<properties>
<help>Specifies mppe negotiation preferences</help>
<completionHelp>
<list>require prefer deny</list>
</completionHelp>
<constraint>
<regex>(^require|prefer|deny)</regex>
</constraint>
<valueHelp>
<format>require</format>
<description>send mppe request, if client rejects, drop the connection</description>
</valueHelp>
<valueHelp>
<format>prefer</format>
<description>send mppe request, if client rejects continue</description>
</valueHelp>
<valueHelp>
<format>deny</format>
<description>drop all mppe</description>
</valueHelp>
</properties>
</leafNode>
<leafNode name="lcp-echo-interval">
<properties>
<help>LCP echo-requests/sec</help>
<constraint>
<validator name="numeric" argument="--positive"/>
</constraint>
</properties>
</leafNode>
<leafNode name="lcp-echo-failure">
<properties>
<help>Maximum number of Echo-Requests may be sent without valid reply</help>
<constraint>
<validator name="numeric" argument="--positive"/>
</constraint>
</properties>
</leafNode>
<leafNode name="lcp-echo-timeout">
<properties>
<help>Timeout in seconds to wait for any peer activity. If this option specified it turns on adaptive lcp echo functionality and "lcp-echo-failure" is not used.</help>
<constraint>
<validator name="numeric" argument="--positive"/>
</constraint>
</properties>
</leafNode>
</children>
</node>
</children>
</node>
</children>
</node>
</interfaceDefinition>
diff --git a/interface-definitions/system-proxy.xml b/interface-definitions/system-proxy.xml.in
similarity index 95%
rename from interface-definitions/system-proxy.xml
rename to interface-definitions/system-proxy.xml.in
index f43702fc8..4b21139a6 100644
--- a/interface-definitions/system-proxy.xml
+++ b/interface-definitions/system-proxy.xml.in
@@ -1,43 +1,43 @@
<?xml version="1.0"?>
<interfaceDefinition>
<node name="system">
<children>
<node name="proxy" owner="${vyos_conf_scripts_dir}/system-proxy.py">
<properties>
<help>Sets a proxy for system wide use</help>
</properties>
<children>
<leafNode name="url">
<properties>
<help>Proxy URL</help>
<constraint>
- <regex>^http://[a-z0-9\.]+$</regex>
+ <regex>http://[a-z0-9\.]+$</regex>
</constraint>
</properties>
</leafNode>
<leafNode name="port">
<properties>
<help>Proxy port</help>
<constraint>
<validator name="numeric" argument="--range 1-65535"/>
</constraint>
</properties>
</leafNode>
<leafNode name="username">
<properties>
<help>Proxy username</help>
<constraint>
<regex>^[a-z0-9-_\.]{1,100}$</regex>
</constraint>
</properties>
</leafNode>
<leafNode name="password">
<properties>
<help>Proxy password</help>
</properties>
</leafNode>
</children>
</node>
</children>
</node>
</interfaceDefinition>
diff --git a/interface-definitions/system-syslog.xml b/interface-definitions/system-syslog.xml.in
similarity index 99%
rename from interface-definitions/system-syslog.xml
rename to interface-definitions/system-syslog.xml.in
index 8f4b105c8..cce79a4c2 100644
--- a/interface-definitions/system-syslog.xml
+++ b/interface-definitions/system-syslog.xml.in
@@ -1,945 +1,945 @@
<?xml version="1.0"?>
<interfaceDefinition>
<node name="system">
<children>
<node name="syslog" owner="${vyos_conf_scripts_dir}/system-syslog.py">
<properties>
<help>System logging</help>
<priority>400</priority>
</properties>
<children>
<tagNode name="user">
<properties>
- <help>Logging to specific user's terminal</help>
+ <help>Logging to specific terminal of given user</help>
<constraint>
<regex>^[a-z_][a-z0-9_-]{1,31}[$]?</regex>
</constraint>
<constraintErrorMessage>illegal characters in user</constraintErrorMessage>
<valueHelp>
<format>username</format>
<description>user login name</description>
</valueHelp>
</properties>
<children>
<tagNode name="facility">
<properties>
<help>Facility for logging</help>
<completionHelp>
<list>auth authpriv cron daemon kern lpr mail mark news protocols security syslog user uucp local0 local1 local2 local3 local4 local5 local6 local7 all</list>
</completionHelp>
<constraint>
<regex>(auth|authpriv|cron|daemon|kern|lpr|mail|mark|news|protocols|security|syslog|user|uucp|local0|local1|local2|local3|local4|local5|local6|local7|all)</regex>
</constraint>
<constraintErrorMessage>Invalid facility type</constraintErrorMessage>
<valueHelp>
<format>all</format>
<description>All facilities excluding "mark"</description>
</valueHelp>
<valueHelp>
<format>auth</format>
<description>Authentication and authorization</description>
</valueHelp>
<valueHelp>
<format>authpriv</format>
<description>Non-system authorization</description>
</valueHelp>
<valueHelp>
<format>cron</format>
<description>Cron daemon</description>
</valueHelp>
<valueHelp>
<format>daemon</format>
<description>System daemons</description>
</valueHelp>
<valueHelp>
<format>kern</format>
<description>Kernel</description>
</valueHelp>
<valueHelp>
<format>lpr</format>
<description>Line printer spooler</description>
</valueHelp>
<valueHelp>
<format>mail</format>
<description>Mail subsystem</description>
</valueHelp>
<valueHelp>
<format>mark</format>
<description>Timestamp</description>
</valueHelp>
<valueHelp>
<format>news</format>
<description>USENET subsystem</description>
</valueHelp>
<valueHelp>
<format>protocols</format>
<description>depricated will be set to local7</description>
</valueHelp>
<valueHelp>
<format>security</format>
<description>depricated will be set to auth</description>
</valueHelp>
<valueHelp>
<format>syslog</format>
<description>Authentication and authorization</description>
</valueHelp>
<valueHelp>
<format>user</format>
<description>Application processes</description>
</valueHelp>
<valueHelp>
<format>uucp</format>
<description>UUCP subsystem</description>
</valueHelp>
<valueHelp>
<format>local0</format>
<description>Local facility 0</description>
</valueHelp>
<valueHelp>
<format>local1</format>
<description>Local facility 1</description>
</valueHelp>
<valueHelp>
<format>local2</format>
<description>Local facility 2</description>
</valueHelp>
<valueHelp>
<format>local3</format>
<description>Local facility 3</description>
</valueHelp>
<valueHelp>
<format>local4</format>
<description>Local facility 4</description>
</valueHelp>
<valueHelp>
<format>local5</format>
<description>Local facility 5</description>
</valueHelp>
<valueHelp>
<format>local6</format>
<description>Local facility 6</description>
</valueHelp>
<valueHelp>
<format>local7</format>
<description>Local facility 7</description>
</valueHelp>
</properties>
<children>
<leafNode name="level">
<properties>
<help>Logging level</help>
<completionHelp>
<list>emerg alert crit err warning notice info debug all</list>
</completionHelp>
<constraint>
<regex>(emerg|alert|crit|err|warning|notice|info|debug|all)</regex>
</constraint>
<constraintErrorMessage>Invalid loglevel</constraintErrorMessage>
<valueHelp>
<format>emerg</format>
<description>Emergency messages</description>
</valueHelp>
<valueHelp>
<format>alert</format>
<description>Urgent messages</description>
</valueHelp>
<valueHelp>
<format>crit</format>
<description>Critical messages</description>
</valueHelp>
<valueHelp>
<format>err</format>
<description>Error messages</description>
</valueHelp>
<valueHelp>
<format>warning</format>
<description>Warning messages</description>
</valueHelp>
<valueHelp>
<format>notice</format>
<description>Messages for further investigation</description>
</valueHelp>
<valueHelp>
<format>info</format>
<description>Informational messages</description>
</valueHelp>
<valueHelp>
<format>debug</format>
<description>Debug messages</description>
</valueHelp>
<valueHelp>
<format>all</format>
<description>Log everything</description>
</valueHelp>
</properties>
</leafNode>
</children>
</tagNode>
</children>
</tagNode>
<tagNode name="host">
<properties>
<help>Logging to a remote host</help>
<constraint>
<validator name="ip-address" />
<regex>(?=^.{4,253}$)(^((?!-)[a-zA-Z0-9-]{0,62}[a-zA-Z0-9]\.)+[a-zA-Z]{2,63}$)</regex>
</constraint>
<constraintErrorMessage>Invalid host FQDN or IP address</constraintErrorMessage>
<valueHelp>
<format>x.x.x.x or host.domain.tld</format>
<description>Remote host name or IP address</description>
</valueHelp>
</properties>
<children>
<leafNode name="port">
<properties>
<help>Destination port</help>
<valueHelp>
<format>1-65535</format>
<description>Destination port</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 1-65535"/>
</constraint>
<constraintErrorMessage>Invalid destination port value</constraintErrorMessage>
</properties>
</leafNode>
<tagNode name="facility">
<properties>
<help>Facility for logging</help>
<completionHelp>
<list>auth authpriv cron daemon kern lpr mail mark news protocols security syslog user uucp local0 local1 local2 local3 local4 local5 local6 local7 all</list>
</completionHelp>
<constraint>
<regex>(auth|authpriv|cron|daemon|kern|lpr|mail|mark|news|protocols|security|syslog|user|uucp|local0|local1|local2|local3|local4|local5|local6|local7|all)</regex>
</constraint>
- <constraintErrorMessage>Invalid facility type</constraintErrorMessage>
+ <constraintErrorMessage>Invalid facility type</constraintErrorMessage>
<valueHelp>
<format>all</format>
<description>All facilities excluding "mark"</description>
</valueHelp>
<valueHelp>
<format>auth</format>
<description>Authentication and authorization</description>
</valueHelp>
<valueHelp>
<format>authpriv</format>
<description>Non-system authorization</description>
</valueHelp>
<valueHelp>
<format>cron</format>
<description>Cron daemon</description>
</valueHelp>
<valueHelp>
<format>daemon</format>
<description>System daemons</description>
</valueHelp>
<valueHelp>
<format>kern</format>
<description>Kernel</description>
</valueHelp>
<valueHelp>
<format>lpr</format>
<description>Line printer spooler</description>
</valueHelp>
<valueHelp>
<format>mail</format>
<description>Mail subsystem</description>
</valueHelp>
<valueHelp>
<format>mark</format>
<description>Timestamp</description>
</valueHelp>
<valueHelp>
<format>news</format>
<description>USENET subsystem</description>
</valueHelp>
<valueHelp>
<format>protocols</format>
<description>depricated will be set to local7</description>
</valueHelp>
<valueHelp>
<format>security</format>
<description>depricated will be set to auth</description>
</valueHelp>
<valueHelp>
<format>syslog</format>
<description>Authentication and authorization</description>
</valueHelp>
<valueHelp>
<format>user</format>
<description>Application processes</description>
</valueHelp>
<valueHelp>
<format>uucp</format>
<description>UUCP subsystem</description>
</valueHelp>
<valueHelp>
<format>local0</format>
<description>Local facility 0</description>
</valueHelp>
<valueHelp>
<format>local1</format>
<description>Local facility 1</description>
</valueHelp>
<valueHelp>
<format>local2</format>
<description>Local facility 2</description>
</valueHelp>
<valueHelp>
<format>local3</format>
<description>Local facility 3</description>
</valueHelp>
<valueHelp>
<format>local4</format>
<description>Local facility 4</description>
</valueHelp>
<valueHelp>
<format>local5</format>
<description>Local facility 5</description>
</valueHelp>
<valueHelp>
<format>local6</format>
<description>Local facility 6</description>
</valueHelp>
<valueHelp>
<format>local7</format>
<description>Local facility 7</description>
</valueHelp>
</properties>
<children>
<leafNode name="protocol">
<properties>
<help>syslog communication protocol</help>
<valueHelp>
<format>udp</format>
<description>send log messages to remote syslog server over udp</description>
</valueHelp>
<valueHelp>
<format>tcp</format>
<description>send log messages to remote syslog server over tcp</description>
</valueHelp>
<completionHelp>
<list>udp tcp</list>
</completionHelp>
<constraint>
<regex>(udp|tcp)</regex>
</constraint>
<constraintErrorMessage>invalid protocol name</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="level">
<properties>
<help>Logging level</help>
<completionHelp>
<list>emerg alert crit err warning notice info debug all</list>
</completionHelp>
<constraint>
<regex>(emerg|alert|crit|err|warning|notice|info|debug|all)</regex>
</constraint>
<constraintErrorMessage>Invalid loglevel</constraintErrorMessage>
<valueHelp>
<format>emerg</format>
<description>Emergency messages</description>
</valueHelp>
<valueHelp>
<format>alert</format>
<description>Urgent messages</description>
</valueHelp>
<valueHelp>
<format>crit</format>
<description>Critical messages</description>
</valueHelp>
<valueHelp>
<format>err</format>
<description>Error messages</description>
</valueHelp>
<valueHelp>
<format>warning</format>
<description>Warning messages</description>
</valueHelp>
<valueHelp>
<format>notice</format>
<description>Messages for further investigation</description>
</valueHelp>
<valueHelp>
<format>info</format>
<description>Informational messages</description>
</valueHelp>
<valueHelp>
<format>debug</format>
<description>Debug messages</description>
</valueHelp>
<valueHelp>
<format>all</format>
<description>Log everything</description>
</valueHelp>
</properties>
</leafNode>
</children>
</tagNode>
</children>
</tagNode>
<node name="global">
<properties>
<help>Logging to system standard location</help>
</properties>
<children>
<node name="archive">
<properties>
<help>Log file size and rotation characteristics</help>
</properties>
<children>
<leafNode name="file">
<properties>
<help>Number of saved files (default is 5)</help>
<constraint>
<regex>^[0-9]+</regex>
</constraint>
<constraintErrorMessage>illegal characters in number of files</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="size">
<properties>
<help>Size of log files (in kbytes, default is 256)</help>
<constraint>
<regex>^[0-9]+</regex>
</constraint>
<constraintErrorMessage>illegal characters in size</constraintErrorMessage>
</properties>
</leafNode>
</children>
</node>
<tagNode name="facility">
<properties>
<help>Facility for logging</help>
<completionHelp>
<list>auth authpriv cron daemon kern lpr mail mark news protocols security syslog user uucp local0 local1 local2 local3 local4 local5 local6 local7 all</list>
</completionHelp>
<constraint>
<regex>(auth|authpriv|cron|daemon|kern|lpr|mail|mark|news|protocols|security|syslog|user|uucp|local0|local1|local2|local3|local4|local5|local6|local7|all)</regex>
</constraint>
<constraintErrorMessage>Invalid facility type</constraintErrorMessage>
<valueHelp>
<format>all</format>
<description>All facilities excluding "mark"</description>
</valueHelp>
<valueHelp>
<format>auth</format>
<description>Authentication and authorization</description>
</valueHelp>
<valueHelp>
<format>authpriv</format>
<description>Non-system authorization</description>
</valueHelp>
<valueHelp>
<format>cron</format>
<description>Cron daemon</description>
</valueHelp>
<valueHelp>
<format>daemon</format>
<description>System daemons</description>
</valueHelp>
<valueHelp>
<format>kern</format>
<description>Kernel</description>
</valueHelp>
<valueHelp>
<format>lpr</format>
<description>Line printer spooler</description>
</valueHelp>
<valueHelp>
<format>mail</format>
<description>Mail subsystem</description>
</valueHelp>
<valueHelp>
<format>mark</format>
<description>Timestamp</description>
</valueHelp>
<valueHelp>
<format>news</format>
<description>USENET subsystem</description>
</valueHelp>
<valueHelp>
<format>protocols</format>
<description>depricated will be set to local7</description>
</valueHelp>
<valueHelp>
<format>security</format>
<description>depricated will be set to auth</description>
</valueHelp>
<valueHelp>
<format>syslog</format>
<description>Authentication and authorization</description>
</valueHelp>
<valueHelp>
<format>user</format>
<description>Application processes</description>
</valueHelp>
<valueHelp>
<format>uucp</format>
<description>UUCP subsystem</description>
</valueHelp>
<valueHelp>
<format>local0</format>
<description>Local facility 0</description>
</valueHelp>
<valueHelp>
<format>local1</format>
<description>Local facility 1</description>
</valueHelp>
<valueHelp>
<format>local2</format>
<description>Local facility 2</description>
</valueHelp>
<valueHelp>
<format>local3</format>
<description>Local facility 3</description>
</valueHelp>
<valueHelp>
<format>local4</format>
<description>Local facility 4</description>
</valueHelp>
<valueHelp>
<format>local5</format>
<description>Local facility 5</description>
</valueHelp>
<valueHelp>
<format>local6</format>
<description>Local facility 6</description>
</valueHelp>
<valueHelp>
<format>local7</format>
<description>Local facility 7</description>
</valueHelp>
</properties>
<children>
<leafNode name="level">
<properties>
<help>Logging level</help>
<completionHelp>
<list>emerg alert crit err warning notice info debug all</list>
</completionHelp>
<constraint>
<regex>(emerg|alert|crit|err|warning|notice|info|debug|all)</regex>
</constraint>
<constraintErrorMessage>Invalid loglevel</constraintErrorMessage>
<valueHelp>
<format>emerg</format>
<description>Emergency messages</description>
</valueHelp>
<valueHelp>
<format>alert</format>
<description>Urgent messages</description>
</valueHelp>
<valueHelp>
<format>crit</format>
<description>Critical messages</description>
</valueHelp>
<valueHelp>
<format>err</format>
<description>Error messages</description>
</valueHelp>
<valueHelp>
<format>warning</format>
<description>Warning messages</description>
</valueHelp>
<valueHelp>
<format>notice</format>
<description>Messages for further investigation</description>
</valueHelp>
<valueHelp>
<format>info</format>
<description>Informational messages</description>
</valueHelp>
<valueHelp>
<format>debug</format>
<description>Debug messages</description>
</valueHelp>
<valueHelp>
<format>all</format>
<description>Log everything</description>
</valueHelp>
</properties>
</leafNode>
</children>
</tagNode>
<node name="marker">
<properties>
<help>mark messages sent to syslog</help>
</properties>
<children>
<leafNode name="interval">
<properties>
<help>time interval how often a mark message is being sent in seconds (default: 1200)</help>
<constraint>
<validator name="numeric" argument="--positive"/>
- </constraint>
+ </constraint>
</properties>
</leafNode>
</children>
</node>
<leafNode name ="preserve-fqdn">
<properties>
<help>uses FQDN for logging</help>
<valueless />
</properties>
</leafNode>
</children>
</node>
<tagNode name="file">
<properties>
<help>Logging to a file</help>
<constraint>
<regex>^[a-zA-Z0-9\-_.]{1,255}</regex>
</constraint>
<constraintErrorMessage>illegal characters in filename or filename longer than 255 characters</constraintErrorMessage>
</properties>
<children>
<node name="archive">
<properties>
<help>Log file size and rotation characteristics</help>
</properties>
<children>
<leafNode name="file">
<properties>
<help>Number of saved files (default is 5)</help>
<constraint>
<regex>^[0-9]+</regex>
</constraint>
<constraintErrorMessage>illegal characters in number of files</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="size">
<properties>
<help>Size of log files (in kbytes, default is 256)</help>
<constraint>
<regex>^[0-9]+</regex>
</constraint>
<constraintErrorMessage>illegal characters in size</constraintErrorMessage>
</properties>
</leafNode>
</children>
</node>
<tagNode name="facility">
<properties>
<help>Facility for logging</help>
<completionHelp>
<list>auth authpriv cron daemon kern lpr mail mark news protocols security syslog user uucp local0 local1 local2 local3 local4 local5 local6 local7 all</list>
</completionHelp>
<constraint>
<regex>(auth|authpriv|cron|daemon|kern|lpr|mail|mark|news|protocols|security|syslog|user|uucp|local0|local1|local2|local3|local4|local5|local6|local7|all)</regex>
</constraint>
<constraintErrorMessage>Invalid facility type</constraintErrorMessage>
<valueHelp>
<format>all</format>
<description>All facilities excluding "mark"</description>
</valueHelp>
<valueHelp>
<format>auth</format>
<description>Authentication and authorization</description>
</valueHelp>
<valueHelp>
<format>authpriv</format>
<description>Non-system authorization</description>
</valueHelp>
<valueHelp>
<format>cron</format>
<description>Cron daemon</description>
</valueHelp>
<valueHelp>
<format>daemon</format>
<description>System daemons</description>
</valueHelp>
<valueHelp>
<format>kern</format>
<description>Kernel</description>
</valueHelp>
<valueHelp>
<format>lpr</format>
<description>Line printer spooler</description>
</valueHelp>
<valueHelp>
<format>mail</format>
<description>Mail subsystem</description>
</valueHelp>
<valueHelp>
<format>mark</format>
<description>Timestamp</description>
</valueHelp>
<valueHelp>
<format>news</format>
<description>USENET subsystem</description>
</valueHelp>
<valueHelp>
<format>protocols</format>
<description>depricated will be set to local7</description>
</valueHelp>
<valueHelp>
<format>security</format>
<description>depricated will be set to auth</description>
</valueHelp>
<valueHelp>
<format>syslog</format>
<description>Authentication and authorization</description>
</valueHelp>
<valueHelp>
<format>user</format>
<description>Application processes</description>
</valueHelp>
<valueHelp>
<format>uucp</format>
<description>UUCP subsystem</description>
</valueHelp>
<valueHelp>
<format>local0</format>
<description>Local facility 0</description>
</valueHelp>
<valueHelp>
<format>local1</format>
<description>Local facility 1</description>
</valueHelp>
<valueHelp>
<format>local2</format>
<description>Local facility 2</description>
</valueHelp>
<valueHelp>
<format>local3</format>
<description>Local facility 3</description>
</valueHelp>
<valueHelp>
<format>local4</format>
<description>Local facility 4</description>
</valueHelp>
<valueHelp>
<format>local5</format>
<description>Local facility 5</description>
</valueHelp>
<valueHelp>
<format>local6</format>
<description>Local facility 6</description>
</valueHelp>
<valueHelp>
<format>local7</format>
<description>Local facility 7</description>
</valueHelp>
</properties>
<children>
<leafNode name="level">
<properties>
<help>Logging level</help>
<completionHelp>
<list>emerg alert crit err warning notice info debug all</list>
</completionHelp>
<constraint>
<regex>(emerg|alert|crit|err|warning|notice|info|debug|all)</regex>
</constraint>
<constraintErrorMessage>Invalid loglevel</constraintErrorMessage>
<valueHelp>
<format>emerg</format>
<description>Emergency messages</description>
</valueHelp>
<valueHelp>
<format>alert</format>
<description>Urgent messages</description>
</valueHelp>
<valueHelp>
<format>crit</format>
<description>Critical messages</description>
</valueHelp>
<valueHelp>
<format>err</format>
<description>Error messages</description>
</valueHelp>
<valueHelp>
<format>warning</format>
<description>Warning messages</description>
</valueHelp>
<valueHelp>
<format>notice</format>
<description>Messages for further investigation</description>
</valueHelp>
<valueHelp>
<format>info</format>
<description>Informational messages</description>
</valueHelp>
<valueHelp>
<format>debug</format>
<description>Debug messages</description>
</valueHelp>
<valueHelp>
<format>all</format>
<description>Log everything</description>
</valueHelp>
</properties>
</leafNode>
</children>
</tagNode>
</children>
</tagNode>
<node name="console">
<properties>
<help>logging to serial console</help>
</properties>
<children>
<tagNode name="facility">
<properties>
<help>Facility for logging</help>
<completionHelp>
<list>auth authpriv cron daemon kern lpr mail mark news protocols security syslog user uucp local0 local1 local2 local3 local4 local5 local6 local7 all</list>
</completionHelp>
<constraint>
<regex>(auth|authpriv|cron|daemon|kern|lpr|mail|mark|news|protocols|security|syslog|user|uucp|local0|local1|local2|local3|local4|local5|local6|local7|all)</regex>
</constraint>
<constraintErrorMessage>Invalid facility type</constraintErrorMessage>
<valueHelp>
<format>all</format>
<description>All facilities excluding "mark"</description>
</valueHelp>
<valueHelp>
<format>auth</format>
<description>Authentication and authorization</description>
</valueHelp>
<valueHelp>
<format>authpriv</format>
<description>Non-system authorization</description>
</valueHelp>
<valueHelp>
<format>cron</format>
<description>Cron daemon</description>
</valueHelp>
<valueHelp>
<format>daemon</format>
<description>System daemons</description>
</valueHelp>
<valueHelp>
<format>kern</format>
<description>Kernel</description>
</valueHelp>
<valueHelp>
<format>lpr</format>
<description>Line printer spooler</description>
</valueHelp>
<valueHelp>
<format>mail</format>
<description>Mail subsystem</description>
</valueHelp>
<valueHelp>
<format>mark</format>
<description>Timestamp</description>
</valueHelp>
<valueHelp>
<format>news</format>
<description>USENET subsystem</description>
</valueHelp>
<valueHelp>
<format>protocols</format>
<description>depricated will be set to local7</description>
</valueHelp>
<valueHelp>
<format>security</format>
<description>depricated will be set to auth</description>
</valueHelp>
<valueHelp>
<format>syslog</format>
<description>Authentication and authorization</description>
</valueHelp>
<valueHelp>
<format>user</format>
<description>Application processes</description>
</valueHelp>
<valueHelp>
<format>uucp</format>
<description>UUCP subsystem</description>
</valueHelp>
<valueHelp>
<format>local0</format>
<description>Local facility 0</description>
</valueHelp>
<valueHelp>
<format>local1</format>
<description>Local facility 1</description>
</valueHelp>
<valueHelp>
<format>local2</format>
<description>Local facility 2</description>
</valueHelp>
<valueHelp>
<format>local3</format>
<description>Local facility 3</description>
</valueHelp>
<valueHelp>
<format>local4</format>
<description>Local facility 4</description>
</valueHelp>
<valueHelp>
<format>local5</format>
<description>Local facility 5</description>
</valueHelp>
<valueHelp>
<format>local6</format>
<description>Local facility 6</description>
</valueHelp>
<valueHelp>
<format>local7</format>
<description>Local facility 7</description>
</valueHelp>
</properties>
<children>
<leafNode name="level">
<properties>
<help>Logging level</help>
<completionHelp>
<list>emerg alert crit err warning notice info debug all</list>
</completionHelp>
<constraint>
<regex>(emerg|alert|crit|err|warning|notice|info|debug|all)</regex>
</constraint>
<constraintErrorMessage>Invalid loglevel</constraintErrorMessage>
<valueHelp>
<format>emerg</format>
<description>Emergency messages</description>
</valueHelp>
<valueHelp>
<format>alert</format>
<description>Urgent messages</description>
</valueHelp>
<valueHelp>
<format>crit</format>
<description>Critical messages</description>
</valueHelp>
<valueHelp>
<format>err</format>
<description>Error messages</description>
</valueHelp>
<valueHelp>
<format>warning</format>
<description>Warning messages</description>
</valueHelp>
<valueHelp>
<format>notice</format>
<description>Messages for further investigation</description>
</valueHelp>
<valueHelp>
<format>info</format>
<description>Informational messages</description>
</valueHelp>
<valueHelp>
<format>debug</format>
<description>Debug messages</description>
</valueHelp>
<valueHelp>
<format>all</format>
<description>Log everything</description>
</valueHelp>
</properties>
</leafNode>
</children>
</tagNode>
</children>
</node>
</children>
</node>
</children>
</node>
</interfaceDefinition>
diff --git a/interface-definitions/tftp-server.xml b/interface-definitions/tftp-server.xml.in
similarity index 100%
rename from interface-definitions/tftp-server.xml
rename to interface-definitions/tftp-server.xml.in
diff --git a/interface-definitions/vrrp.xml b/interface-definitions/vrrp.xml.in
similarity index 100%
rename from interface-definitions/vrrp.xml
rename to interface-definitions/vrrp.xml.in
diff --git a/python/vyos/config.py b/python/vyos/config.py
index 892dcbff7..1a0da3e54 100644
--- a/python/vyos/config.py
+++ b/python/vyos/config.py
@@ -1,464 +1,465 @@
# Copyright 2017, 2019 VyOS maintainers and contributors <maintainers@vyos.io>
#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
# License as published by the Free Software Foundation; either
# version 2.1 of the License, or (at your option) any later version.
#
# This library is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public
# License along with this library. If not, see <http://www.gnu.org/licenses/>.
"""
A library for reading VyOS running config data.
This library is used internally by all config scripts of VyOS,
but its API should be considered stable and safe to use
in user scripts.
Note that this module will not work outside VyOS.
Node taxonomy
#############
There are multiple types of config tree nodes in VyOS, each requires
its own set of operations.
*Leaf nodes* (such as "address" in interfaces) can have values, but cannot
have children.
Leaf nodes can have one value, multiple values, or no values at all.
For example, "system host-name" is a single-value leaf node,
"system name-server" is a multi-value leaf node (commonly abbreviated "multi node"),
and "system ip disable-forwarding" is a valueless leaf node.
Non-leaf nodes cannot have values, but they can have child nodes. They are divided into
two classes depending on whether the names of their children are fixed or not.
For example, under "system", the names of all valid child nodes are predefined
("login", "name-server" etc.).
To the contrary, children of the "system task-scheduler task" node can have arbitrary names.
Such nodes are called *tag nodes*. This terminology is confusing but we keep using it for lack
of a better word. No one remembers if the "tag" in "task Foo" is "task" or "Foo",
but the distinction is irrelevant in practice.
Configuration modes
###################
VyOS has two distinct modes: operational mode and configuration mode. When a user logins,
the CLI is in the operational mode. In this mode, only the running (effective) config is accessible for reading.
When a user enters the "configure" command, a configuration session is setup. Every config session
has its *proposed* (or *session*) config built on top of the current running config. When changes are commited, if commit succeeds,
the proposed config is merged into the running config.
In configuration mode, "base" functions like `exists`, `return_value` return values from the session config,
while functions prefixed "effective" return values from the running config.
In operational mode, all functions return values from the running config.
"""
import os
import re
import json
import subprocess
import vyos.configtree
class VyOSError(Exception):
"""
Raised on config access errors, most commonly if the type of a config tree node
in the system does not match the type of operation.
"""
pass
class Config(object):
"""
The class of config access objects.
Internally, in the current implementation, this object is *almost* stateless,
the only state it keeps is relative *config path* for convenient access to config
subtrees.
"""
def __init__(self, session_env=None):
self._cli_shell_api = "/bin/cli-shell-api"
self._level = []
if session_env:
self.__session_env = session_env
else:
self.__session_env = None
# Running config can be obtained either from op or conf mode, it always succeeds
# (if config system is initialized at all).
if os.path.isfile('/tmp/vyos-config-status'):
running_config_text = self._run([self._cli_shell_api, '--show-active-only', '--show-show-defaults', 'showConfig'])
else:
with open('/opt/vyatta/etc/config/config.boot') as f:
running_config_text = f.read()
# Session config ("active") only exists in conf mode.
# In op mode, we'll just use the same running config for both active and session configs.
if self.in_session():
- session_config_text = self._run([self._cli_shell_api, '--show-working-only', '--show-show-defaults', 'showConfig'])
+ session_config_text = self._run([self._cli_shell_api, '--show-working-only', '--show-show-defaults', '--show-ignore-edit', 'showConfig'])
else:
session_config_text = running_config_text
self._session_config = vyos.configtree.ConfigTree(session_config_text)
self._running_config = vyos.configtree.ConfigTree(running_config_text)
def _make_command(self, op, path):
args = path.split()
cmd = [self._cli_shell_api, op] + args
return cmd
def _make_path(self, path):
# Backwards-compatibility stuff: original implementation used string paths
# libvyosconfig paths are lists, but since node names cannot contain whitespace,
# splitting at whitespace is reasonably safe.
# It may cause problems with exists() when it's used for checking values,
# since values may contain whitespace.
if isinstance(path, str):
path = re.split(r'\s+', path)
elif isinstance(path, list):
pass
else:
raise TypeError("Path must be a whitespace-separated string or a list")
return (self._level + path)
def _run(self, cmd):
if self.__session_env:
p = subprocess.Popen(cmd, stdout=subprocess.PIPE, env=self.__session_env)
else:
p = subprocess.Popen(cmd, stdout=subprocess.PIPE)
out = p.stdout.read()
p.wait()
if p.returncode != 0:
raise VyOSError()
else:
return out.decode('ascii')
def set_level(self, path):
"""
Set the *edit level*, that is, a relative config tree path.
Once set, all operations will be relative to this path,
for example, after ``set_level("system")``, calling
``exists("name-server")`` is equivalent to calling
``exists("system name-server"`` without ``set_level``.
Args:
path (str): relative config path
"""
# Make sure there's always a space between default path (level)
# and path supplied as method argument
# XXX: for small strings in-place concatenation is not a problem
if isinstance(path, str):
if path:
self._level = re.split(r'\s+', path)
else:
self._level = []
elif isinstance(path, list):
self._level = path
else:
raise TypeError("Level path must be either a whitespace-separated string or a list")
def get_level(self):
"""
Gets the current edit level.
Returns:
str: current edit level
"""
return(self._level)
def exists(self, path):
"""
Checks if a node with given path exists in the running or proposed config
Returns:
True if node exists, False otherwise
Note:
This function cannot be used outside a configuration sessions.
In operational mode scripts, use ``exists_effective``.
"""
if self._session_config.exists(self._make_path(path)):
return True
else:
# libvyosconfig exists() works only for _nodes_, not _values_
# libvyattacfg one also worked for values, so we emulate that case here
- path = re.split(r'\s+', path)
+ if isinstance(path, str):
+ path = re.split(r'\s*', path)
path_without_value = path[:-1]
path_str = " ".join(path_without_value)
try:
value = self._session_config.return_value(self._make_path(path_str))
return (value == path[-1])
except vyos.configtree.ConfigTreeError:
# node doesn't exist at all
return False
def session_changed(self):
"""
Returns:
True if the config session has uncommited changes, False otherwise.
"""
try:
self._run(self._make_command('sessionChanged', ''))
return True
except VyOSError:
return False
def in_session(self):
"""
Returns:
True if called from a configuration session, False otherwise.
"""
try:
self._run(self._make_command('inSession', ''))
return True
except VyOSError:
return False
def show_config(self, path=[], default=None):
"""
Args:
path (str list): Configuration tree path, or empty
default (str): Default value to return
Returns:
str: working configuration
"""
if isinstance(path, list):
path = " ".join(path)
try:
out = self._run(self._make_command('showConfig', path))
return out
except VyOSError:
return(default)
def get_config_dict(self, path=[], effective=False):
"""
Args: path (str list): Configuration tree path, can be empty
Returns: a dict representation of the config
"""
res = self.show_config(self._make_path(path))
config_tree = vyos.configtree.ConfigTree(res)
config_dict = json.loads(config_tree.to_json())
return config_dict
def is_multi(self, path):
"""
Args:
path (str): Configuration tree path
Returns:
True if a node can have multiple values, False otherwise.
Note:
It also returns False if node doesn't exist.
"""
try:
path = " ".join(self._level) + " " + path
self._run(self._make_command('isMulti', path))
return True
except VyOSError:
return False
def is_tag(self, path):
"""
Args:
path (str): Configuration tree path
Returns:
True if a node is a tag node, False otherwise.
Note:
It also returns False if node doesn't exist.
"""
try:
path = " ".join(self._level) + " " + path
self._run(self._make_command('isTag', path))
return True
except VyOSError:
return False
def is_leaf(self, path):
"""
Args:
path (str): Configuration tree path
Returns:
True if a node is a leaf node, False otherwise.
Note:
It also returns False if node doesn't exist.
"""
try:
path = " ".join(self._level) + " " + path
self._run(self._make_command('isLeaf', path))
return True
except VyOSError:
return False
def return_value(self, path, default=None):
"""
Retrieve a value of single-value leaf node in the running or proposed config
Args:
path (str): Configuration tree path
default (str): Default value to return if node does not exist
Returns:
str: Node value, if it has any
None: if node is valueless *or* if it doesn't exist
Note:
Due to the issue with treatment of valueless nodes by this function,
valueless nodes should be checked with ``exists`` instead.
This function cannot be used outside a configuration session.
In operational mode scripts, use ``return_effective_value``.
"""
try:
value = self._session_config.return_value(self._make_path(path))
except vyos.configtree.ConfigTreeError:
value = None
if not value:
return(default)
else:
return(value)
def return_values(self, path, default=[]):
"""
Retrieve all values of a multi-value leaf node in the running or proposed config
Args:
path (str): Configuration tree path
Returns:
str list: Node values, if it has any
[]: if node does not exist
Note:
This function cannot be used outside a configuration session.
In operational mode scripts, use ``return_effective_values``.
"""
try:
values = self._session_config.return_values(self._make_path(path))
except vyos.configtree.ConfigTreeError:
values = []
if not values:
return(default)
else:
return(values)
def list_nodes(self, path, default=[]):
"""
Retrieve names of all children of a tag node in the running or proposed config
Args:
path (str): Configuration tree path
Returns:
string list: child node names
"""
try:
nodes = self._session_config.list_nodes(self._make_path(path))
except vyos.configtree.ConfigTreeError:
nodes = []
if not nodes:
return(default)
else:
return(nodes)
def exists_effective(self, path):
"""
Check if a node exists in the running (effective) config
Args:
path (str): Configuration tree path
Returns:
True if node exists in the running config, False otherwise
Note:
This function is safe to use in operational mode. In configuration mode,
it ignores uncommited changes.
"""
return(self._running_config.exists(self._make_path(path)))
def return_effective_value(self, path, default=None):
"""
Retrieve a values of a single-value leaf node in a running (effective) config
Args:
path (str): Configuration tree path
default (str): Default value to return if node does not exist
Returns:
str: Node value
"""
try:
value = self._running_config.return_value(self._make_path(path))
except vyos.configtree.ConfigTreeError:
value = None
if not value:
return(default)
else:
return(value)
def return_effective_values(self, path, default=[]):
"""
Retrieve all values of a multi-value node in a running (effective) config
Args:
path (str): Configuration tree path
Returns:
str list: A list of values
"""
try:
values = self._running_config.return_values(self._make_path(path))
except vyos.configtree.ConfigTreeError:
values = []
if not values:
return(default)
else:
return(values)
def list_effective_nodes(self, path, default=[]):
"""
Retrieve names of all children of a tag node in the running config
Args:
path (str): Configuration tree path
Returns:
str list: child node names
Raises:
VyOSError: if the node is not a tag node
"""
try:
nodes = self._running_config.list_nodes(self._make_path(path))
except vyos.configtree.ConfigTreeError:
nodes = []
if not nodes:
return(default)
else:
return(nodes)
diff --git a/src/op_mode/powerctrl.py b/src/op_mode/powerctrl.py
index 8de25d752..a6188ec74 100755
--- a/src/op_mode/powerctrl.py
+++ b/src/op_mode/powerctrl.py
@@ -1,172 +1,175 @@
#!/usr/bin/env python3
#
# Copyright (C) 2018 VyOS maintainers and contributors
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 or later as
# published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
import os
import sys
import argparse
import subprocess
import re
from datetime import datetime, timedelta, time as type_time, date as type_date
from subprocess import check_output, CalledProcessError, STDOUT
from vyos.util import ask_yes_no
def parse_time(s):
try:
- return datetime.strptime(s, "%H:%M").time()
+ if re.match(r'^\d{1,2}$', s):
+ return datetime.strptime(s, "%M").time()
+ else:
+ return datetime.strptime(s, "%H:%M").time()
except ValueError:
return None
def parse_date(s):
for fmt in ["%d%m%Y", "%d/%m/%Y", "%d.%m.%Y", "%d:%m:%Y", "%Y-%m-%d"]:
try:
return datetime.strptime(s, fmt).date()
except ValueError:
continue
# If nothing matched...
return None
def get_shutdown_status():
try:
output = check_output(["/bin/systemctl", "status", "systemd-shutdownd.service"]).decode()
return output
except CalledProcessError:
return None
def check_shutdown():
output = get_shutdown_status()
if output:
r = re.findall(r'Status: \"(.*)\"\n', output)
if r:
# When available, that line is like
# Status: "Shutting down at Thu 1970-01-01 00:00:00 UTC (poweroff)..."
print(r[0])
else:
# Sometimes status string is not available immediately
# after service startup
print("Poweroff or reboot is scheduled")
else:
print("Poweroff or reboot is not scheduled")
def cancel_shutdown():
output = get_shutdown_status()
if output:
try:
timenow = datetime.now().strftime('%Y-%m-%d %H:%M:%S')
cmd = check_output(["/sbin/shutdown","-c","--no-wall"])
message = "Scheduled reboot or poweroff has been cancelled %s" % timenow
os.system("wall %s" % message)
except CalledProcessError as e:
sys.exit("Could not cancel a reboot or poweroff: %s" % e)
else:
print("Reboot or poweroff is not scheduled")
def execute_shutdown(time, reboot = True, ask=True):
if not ask:
action = "reboot" if reboot else "poweroff"
if not ask_yes_no("Are you sure you want to %s this system?" % action):
sys.exit(0)
action = "-r" if reboot else "-P"
if len(time) == 0:
### T870 legacy reboot job support
chk_vyatta_based_reboots()
###
cmd = check_output(["/sbin/shutdown",action,"now"],stderr=STDOUT)
print(cmd.decode().split(",",1)[0])
return
elif len(time) == 1:
# Assume the argument is just time
ts = parse_time(time[0])
if ts:
cmd = check_output(["/sbin/shutdown", action, time[0]], stderr=STDOUT)
else:
sys.exit("Invalid time \"{0}\". The valid format is HH:MM".format(time[0]))
elif len(time) == 2:
# Assume it's date and time
ts = parse_time(time[0])
ds = parse_date(time[1])
if ts and ds:
t = datetime.combine(ds, ts)
td = t - datetime.now()
t2 = 1 + int(td.total_seconds())//60 # Get total minutes
cmd = check_output(["/sbin/shutdown", action, str(t2)], stderr=STDOUT)
else:
if not ts:
sys.exit("Invalid time \"{0}\". The valid format is HH:MM".format(time[0]))
else:
sys.exit("Invalid time \"{0}\". A valid format is YYYY-MM-DD [HH:MM]".format(time[1]))
else:
sys.exit("Could not decode date and time. Valids formats are HH:MM or YYYY-MM-DD HH:MM")
check_shutdown()
def chk_vyatta_based_reboots():
### T870 commit-confirm is still using the vyatta code base, once gone, the code below can be removed
### legacy scheduled reboot s are using at and store the is as /var/run/<name>.job
### name is the node of scheduled the job, commit-confirm checks for that
f = r'/var/run/confirm.job'
if os.path.exists(f):
jid = open(f).read().strip()
if jid != 0:
subprocess.call(['sudo', 'atrm', jid])
os.remove(f)
def main():
parser = argparse.ArgumentParser()
parser.add_argument("--yes", "-y",
help="Do not ask for confirmation",
action="store_true",
dest="yes")
action = parser.add_mutually_exclusive_group(required=True)
action.add_argument("--reboot", "-r",
help="Reboot the system",
nargs="*",
metavar="Minutes|HH:MM")
action.add_argument("--poweroff", "-p",
help="Poweroff the system",
nargs="*",
metavar="Minutes|HH:MM")
action.add_argument("--cancel", "-c",
help="Cancel pending shutdown",
action="store_true")
action.add_argument("--check",
help="Check pending chutdown",
action="store_true")
args = parser.parse_args()
try:
if args.reboot is not None:
execute_shutdown(args.reboot, reboot=True, ask=args.yes)
if args.poweroff is not None:
execute_shutdown(args.poweroff, reboot=False,ask=args.yes)
if args.cancel:
cancel_shutdown()
if args.check:
check_shutdown()
except KeyboardInterrupt:
sys.exit("Interrupted")
if __name__ == "__main__":
main()