mirror of
https://github.com/ansible-collections/community.routeros.git
synced 2025-06-21 09:35:45 +02:00
support for multiple "ip ipsec *" API paths (#129)
Signed-off-by: Tomas Herfert <herfik> Signed-off-by: Tomas Herfert <herfik> Co-authored-by: Tomas Herfert <herfik>
This commit is contained in:
Tomas Herfert
GitHub
parent
29247faaa3
commit
c48f4c74ce
4 changed files with 89 additions and 25 deletions
|
|
@ -301,6 +301,31 @@ PATHS = {
|
|||
'transparent-proxy': KeyInfo(),
|
||||
},
|
||||
),
|
||||
('ip', 'ipsec', 'identity'): APIData(
|
||||
fully_understood=True,
|
||||
primary_keys=('peer', ),
|
||||
fields={
|
||||
'auth-method': KeyInfo(default='pre-shared-key'),
|
||||
'certificate': KeyInfo(),
|
||||
'comment': KeyInfo(can_disable=True, remove_value=''),
|
||||
'disabled': KeyInfo(default=False),
|
||||
'eap-methods': KeyInfo(default='eap-tls'),
|
||||
'generate-policy': KeyInfo(default=False),
|
||||
'key': KeyInfo(),
|
||||
'match-by': KeyInfo(can_disable=True, remove_value='remote-id'),
|
||||
'mode-config': KeyInfo(can_disable=True, remove_value='none'),
|
||||
'my-id': KeyInfo(can_disable=True, remove_value='auto'),
|
||||
'notrack-chain': KeyInfo(can_disable=True, remove_value=''),
|
||||
'password': KeyInfo(),
|
||||
'peer': KeyInfo(),
|
||||
'policy-template-group': KeyInfo(can_disable=True, remove_value='default'),
|
||||
'remote-certificate': KeyInfo(),
|
||||
'remote-id': KeyInfo(can_disable=True, remove_value='auto'),
|
||||
'remote-key': KeyInfo(),
|
||||
'secret': KeyInfo(default=''),
|
||||
'username': KeyInfo(),
|
||||
},
|
||||
),
|
||||
('ip', 'ipsec', 'mode-config'): APIData(
|
||||
unknown_mechanism=True,
|
||||
# primary_keys=('default', ),
|
||||
|
|
@ -311,6 +336,22 @@ PATHS = {
|
|||
'use-responder-dns': KeyInfo(),
|
||||
},
|
||||
),
|
||||
('ip', 'ipsec', 'peer'): APIData(
|
||||
fully_understood=True,
|
||||
primary_keys=('name', ),
|
||||
fields={
|
||||
'address': KeyInfo(can_disable=True, remove_value=''),
|
||||
'comment': KeyInfo(can_disable=True, remove_value=''),
|
||||
'disabled': KeyInfo(default=False),
|
||||
'exchange-mode': KeyInfo(default='main'),
|
||||
'local-address': KeyInfo(can_disable=True, remove_value='0.0.0.0'),
|
||||
'name': KeyInfo(),
|
||||
'passive': KeyInfo(can_disable=True, remove_value=False),
|
||||
'port': KeyInfo(can_disable=True, remove_value=500),
|
||||
'profile': KeyInfo(default='default'),
|
||||
'send-initial-contact': KeyInfo(default=True),
|
||||
},
|
||||
),
|
||||
('ip', 'ipsec', 'policy', 'group'): APIData(
|
||||
unknown_mechanism=True,
|
||||
# primary_keys=('default', ),
|
||||
|
|
@ -320,32 +361,32 @@ PATHS = {
|
|||
},
|
||||
),
|
||||
('ip', 'ipsec', 'profile'): APIData(
|
||||
unknown_mechanism=True,
|
||||
# primary_keys=('default', ),
|
||||
fully_understood=True,
|
||||
primary_keys=('name', ),
|
||||
fields={
|
||||
'default': KeyInfo(),
|
||||
'dh-group': KeyInfo(),
|
||||
'dpd-interval': KeyInfo(),
|
||||
'dpd-maximum-failures': KeyInfo(),
|
||||
'enc-algorithm': KeyInfo(),
|
||||
'hash-algorithm': KeyInfo(),
|
||||
'lifetime': KeyInfo(),
|
||||
'dh-group': KeyInfo(default='modp2048,modp1024'),
|
||||
'dpd-interval': KeyInfo(default='2m'),
|
||||
'dpd-maximum-failures': KeyInfo(default=5),
|
||||
'enc-algorithm': KeyInfo(default='aes-128,3des'),
|
||||
'hash-algorithm': KeyInfo(default='sha1'),
|
||||
'lifebytes': KeyInfo(can_disable=True, remove_value=0),
|
||||
'lifetime': KeyInfo(default='1d'),
|
||||
'name': KeyInfo(),
|
||||
'nat-traversal': KeyInfo(),
|
||||
'proposal-check': KeyInfo(),
|
||||
'nat-traversal': KeyInfo(default=True),
|
||||
'prf-algorithm': KeyInfo(can_disable=True, remove_value='auto'),
|
||||
'proposal-check': KeyInfo(default='obey'),
|
||||
},
|
||||
),
|
||||
('ip', 'ipsec', 'proposal'): APIData(
|
||||
unknown_mechanism=True,
|
||||
# primary_keys=('default', ),
|
||||
fully_understood=True,
|
||||
primary_keys=('name', ),
|
||||
fields={
|
||||
'default': KeyInfo(),
|
||||
'auth-algorithms': KeyInfo(),
|
||||
'disabled': KeyInfo(),
|
||||
'enc-algorithms': KeyInfo(),
|
||||
'lifetime': KeyInfo(),
|
||||
'auth-algorithms': KeyInfo(default='sha1'),
|
||||
'disabled': KeyInfo(default=False),
|
||||
'enc-algorithms': KeyInfo(default='aes-256-cbc,aes-192-cbc,aes-128-cbc'),
|
||||
'lifetime': KeyInfo(default='30m'),
|
||||
'name': KeyInfo(),
|
||||
'pfs-group': KeyInfo(),
|
||||
'pfs-group': KeyInfo(default='modp1024'),
|
||||
},
|
||||
),
|
||||
('ip', 'pool'): APIData(
|
||||
|
|
@ -2127,15 +2168,25 @@ PATHS = {
|
|||
},
|
||||
),
|
||||
('ip', 'ipsec', 'policy'): APIData(
|
||||
has_identifier=True,
|
||||
fully_understood=True,
|
||||
fields={
|
||||
'disabled': KeyInfo(),
|
||||
'action': KeyInfo(default='encrypt'),
|
||||
'comment': KeyInfo(can_disable=True, remove_value=''),
|
||||
'disabled': KeyInfo(default=False),
|
||||
'dst-address': KeyInfo(),
|
||||
'group': KeyInfo(),
|
||||
'proposal': KeyInfo(),
|
||||
'protocol': KeyInfo(),
|
||||
'dst-port': KeyInfo(default='any'),
|
||||
'group': KeyInfo(can_disable=True, remove_value='default'),
|
||||
'ipsec-protocols': KeyInfo(default='esp'),
|
||||
'level': KeyInfo(default='require'),
|
||||
'peer': KeyInfo(),
|
||||
'proposal': KeyInfo(default='default'),
|
||||
'protocol': KeyInfo(default='all'),
|
||||
'src-address': KeyInfo(),
|
||||
'template': KeyInfo(),
|
||||
'src-port': KeyInfo(default='any'),
|
||||
'template': KeyInfo(can_disable=True, remove_value=False),
|
||||
# the tepmlate field can't really be changed once the item is created. This config captures the behavior best as it can
|
||||
# i.e. tepmplate=yes is shown, tepmlate=no is hidden
|
||||
'tunnel': KeyInfo(default=False),
|
||||
},
|
||||
),
|
||||
('ip', 'service'): APIData(
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue