translate("Required. Base64-encoded private key for this interface.")
)
private_key.password = true
-private_key.datatype = "and(base64,rangelength(44, 44))"
+private_key.datatype = "and(base64,rangelength(44,44))"
private_key.optional = false
translate("Optional. UDP port used for outgoing and incoming packets.")
)
listen_port.datatype = "port"
-listen_port.placeholder = "51820"
+listen_port.placeholder = translate("random")
listen_port.optional = true
addresses = section:taboption(
Value,
"metric",
translate("Metric"),
- translate("Optional.")
+ translate("Optional")
)
metric.datatype = "uinteger"
metric.placeholder = "0"
mtu.placeholder = "1420"
mtu.optional = true
-
-preshared_key = section:taboption(
+fwmark = section:taboption(
"advanced",
Value,
- "preshared_key",
- translate("Preshared Key"),
- translate("Optional. Base64-encoded preshared key. " ..
- "Adds in an additional layer of symmetric-key " ..
- "cryptography for post-quantum resistance.")
+ "fwmark",
+ translate("Firewall Mark"),
+ translate("Optional. 32-bit mark for outgoing encrypted packets. " ..
+ "Enter value in hex, starting with <code>0x</code>.")
)
-preshared_key.password = true
-preshared_key.datatype = "and(base64,rangelength(44, 44))"
-preshared_key.optional = true
+fwmark.datatype = "hex(4)"
+fwmark.optional = true
-- peers -----------------------------------------------------------------------
translate("Public Key"),
translate("Required. Base64-encoded public key of peer.")
)
-public_key.datatype = "and(base64,rangelength(44, 44))"
+public_key.datatype = "and(base64,rangelength(44,44))"
public_key.optional = false
+preshared_key = peers:option(
+ Value,
+ "preshared_key",
+ translate("Preshared Key"),
+ translate("Optional. Base64-encoded preshared key. " ..
+ "Adds in an additional layer of symmetric-key " ..
+ "cryptography for post-quantum resistance.")
+)
+preshared_key.password = true
+preshared_key.datatype = "and(base64,rangelength(44,44))"
+preshared_key.optional = true
+
+
allowed_ips = peers:option(
DynamicList,
"allowed_ips",
translate("Optional. Seconds between keep alive messages. " ..
"Default is 0 (disabled). Recommended value if " ..
"this device is behind a NAT is 25."))
-persistent_keepalive.datatype = "range(0, 65535)"
+persistent_keepalive.datatype = "range(0,65535)"
persistent_keepalive.placeholder = "0"