Add phase2_sa_lifetime_data field on IPSecProfile

netbox/templates/vpn/ipsecprofile.html

@@ -75,9 +75,13 @@
               <td>{{ object.get_phase2_group_display }}</td>
             </tr>
             <tr>
-              <th scope="row">{% trans "SA Lifetime" %}</th>
+              <th scope="row">{% trans "SA Lifetime (Seconds)" %}</th>
               <td>{{ object.phase2_sa_lifetime|placeholder }}</td>
             </tr>
+            <tr>
+              <th scope="row">{% trans "SA Lifetime (KB)" %}</th>
+              <td>{{ object.phase2_sa_lifetime_data|placeholder }}</td>
+            </tr>
           </table>
         </div>
       </div>

netbox/vpn/api/serializers.py

@@ -113,5 +113,6 @@ class IPSecProfileSerializer(NetBoxModelSerializer):
         fields = (
             'id', 'url', 'display', 'name', 'protocol', 'ike_version', 'phase1_encryption', 'phase1_authentication',
             'phase1_group', 'phase1_sa_lifetime', 'phase2_encryption', 'phase2_authentication', 'phase2_group',
-            'phase2_sa_lifetime', 'comments', 'tags', 'custom_fields', 'created', 'last_updated',
+            'phase2_sa_lifetime', 'phase2_sa_lifetime_data', 'comments', 'tags', 'custom_fields', 'created',
+            'last_updated',
         )

netbox/vpn/filtersets.py

@@ -125,7 +125,7 @@ class IPSecProfileFilterSet(NetBoxModelFilterSet):
 
     class Meta:
         model = IPSecProfile
-        fields = ['id', 'name', 'phase1_sa_lifetime', 'phase2_sa_lifetime']
+        fields = ['id', 'name', 'phase1_sa_lifetime', 'phase2_sa_lifetime', 'phase2_sa_lifetime_data']
 
     def search(self, queryset, name, value):
         if not value.strip():

netbox/vpn/forms/bulk_edit.py

@@ -127,14 +127,24 @@ class IPSecProfileBulkEditForm(NetBoxModelBulkEditForm):
     phase2_sa_lifetime = forms.IntegerField(
         required=False
     )
+    phase2_sa_lifetime_data = forms.IntegerField(
+        required=False
+    )
     comments = CommentField()
 
     model = IPSecProfile
     fieldsets = (
-        (_('Profile'), ('protocol', 'ike_version', 'description')),
+        (_('Profile'), (
-        (_('Phase 1 Parameters'), ('phase1_encryption', 'phase1_authentication', 'phase1_group', 'phase1_sa_lifetime')),
+            'protocol', 'ike_version', 'description',
-        (_('Phase 2 Parameters'), ('phase2_encryption', 'phase2_authentication', 'phase2_group', 'phase2_sa_lifetime')),
+        )),
+        (_('Phase 1 Parameters'), (
+            'phase1_encryption', 'phase1_authentication', 'phase1_group', 'phase1_sa_lifetime',
+        )),
+        (_('Phase 2 Parameters'), (
+            'phase2_encryption', 'phase2_authentication', 'phase2_group', 'phase2_sa_lifetime',
+            'phase2_sa_lifetime_data',
+        )),
     )
     nullable_fields = (
-        'description', 'phase1_sa_lifetime', 'phase2_sa_lifetime', 'comments',
+        'description', 'phase1_sa_lifetime', 'phase2_sa_lifetime', 'phase2_sa_lifetime_data', 'comments',
     )

netbox/vpn/forms/bulk_import.py

@@ -148,6 +148,6 @@ class IPSecProfileImportForm(NetBoxModelImportForm):
         model = IPSecProfile
         fields = (
             'name', 'protocol', 'ike_version', 'phase1_encryption', 'phase1_authentication', 'phase1_group',
-            'phase1_sa_lifetime', 'phase1_encryption', 'phase1_authentication', 'phase1_group', 'phase1_sa_lifetime',
+            'phase1_sa_lifetime', 'phase2_encryption', 'phase2_authentication', 'phase2_group', 'phase2_sa_lifetime',
-            'description', 'comments', 'tags',
+            'phase2_sa_lifetime_data', 'description', 'comments', 'tags',
         )

netbox/vpn/forms/filtersets.py

@@ -72,8 +72,13 @@ class IPSecProfileFilterForm(NetBoxModelFilterSetForm):
     fieldsets = (
         (None, ('q', 'filter_id', 'tag')),
         (_('Profile'), ('protocol', 'ike_version')),
-        (_('Phase 1 Parameters'), ('phase1_encryption', 'phase1_authentication', 'phase1_group', 'phase1_sa_lifetime')),
+        (_('Phase 1 Parameters'), (
-        (_('Phase 2 Parameters'), ('phase2_encryption', 'phase2_authentication', 'phase2_group', 'phase2_sa_lifetime')),
+            'phase1_encryption', 'phase1_authentication', 'phase1_group', 'phase1_sa_lifetime',
+        )),
+        (_('Phase 2 Parameters'), (
+            'phase2_encryption', 'phase2_authentication', 'phase2_group', 'phase2_sa_lifetime',
+            'phase2_sa_lifetime_data',
+        )),
     )
     protocol = forms.MultipleChoiceField(
         label=_('Protocol'),
@@ -130,4 +135,9 @@ class IPSecProfileFilterForm(NetBoxModelFilterSetForm):
         min_value=0,
         label=_('SA lifetime')
     )
+    phase2_sa_lifetime_data = forms.IntegerField(
+        required=False,
+        min_value=0,
+        label=_('SA lifetime (data)')
+    )
     tag = TagFilterField(model)

netbox/vpn/forms/model_forms.py

@@ -1,4 +1,3 @@
-from django import forms
 from django.utils.translation import gettext_lazy as _
 
 from dcim.models import Interface
@@ -89,9 +88,16 @@ class IPSecProfileForm(NetBoxModelForm):
     comments = CommentField()
 
     fieldsets = (
-        (_('Profile'), ('name', 'protocol', 'ike_version', 'description', 'tags')),
+        (_('Profile'), (
-        (_('Phase 1 Parameters'), ('phase1_encryption', 'phase1_authentication', 'phase1_group', 'phase1_sa_lifetime')),
+            'name', 'protocol', 'ike_version', 'description', 'tags',
-        (_('Phase 2 Parameters'), ('phase2_encryption', 'phase2_authentication', 'phase2_group', 'phase2_sa_lifetime')),
+        )),
+        (_('Phase 1 Parameters'), (
+            'phase1_encryption', 'phase1_authentication', 'phase1_group', 'phase1_sa_lifetime',
+        )),
+        (_('Phase 2 Parameters'), (
+            'phase2_encryption', 'phase2_authentication', 'phase2_group', 'phase2_sa_lifetime',
+            'phase2_sa_lifetime_data',
+        )),
     )
 
     class Meta:
@@ -99,5 +105,5 @@ class IPSecProfileForm(NetBoxModelForm):
         fields = [
             'name', 'protocol', 'ike_version', 'phase1_encryption', 'phase1_authentication', 'phase1_group',
             'phase1_sa_lifetime', 'phase2_encryption', 'phase2_authentication', 'phase2_group', 'phase2_sa_lifetime',
-            'description', 'comments', 'tags',
+            'phase2_sa_lifetime_data', 'description', 'comments', 'tags',
         ]

netbox/vpn/migrations/0001_initial.py

@@ -33,11 +33,12 @@ class Migration(migrations.Migration):
                 ('phase1_encryption', models.CharField()),
                 ('phase1_authentication', models.CharField()),
                 ('phase1_group', models.PositiveSmallIntegerField()),
-                ('phase1_sa_lifetime', models.PositiveSmallIntegerField(blank=True, null=True)),
+                ('phase1_sa_lifetime', models.PositiveIntegerField(blank=True, null=True)),
                 ('phase2_encryption', models.CharField()),
                 ('phase2_authentication', models.CharField()),
                 ('phase2_group', models.PositiveSmallIntegerField()),
-                ('phase2_sa_lifetime', models.PositiveSmallIntegerField(blank=True, null=True)),
+                ('phase2_sa_lifetime', models.PositiveIntegerField(blank=True, null=True)),
+                ('phase2_sa_lifetime_data', models.PositiveIntegerField(blank=True, null=True)),
                 ('tags', taggit.managers.TaggableManager(through='extras.TaggedItem', to='extras.Tag')),
             ],
             options={
@@ -59,7 +60,7 @@ class Migration(migrations.Migration):
                 ('status', models.CharField(default='active', max_length=50)),
                 ('encapsulation', models.CharField(max_length=50)),
                 ('preshared_key', models.TextField(blank=True)),
-                ('tunnel_id', models.PositiveBigIntegerField(blank=True)),
+                ('tunnel_id', models.PositiveBigIntegerField(blank=True, null=True)),
                 ('ipsec_profile', models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.PROTECT, related_name='tunnels', to='vpn.ipsecprofile')),
                 ('tags', taggit.managers.TaggableManager(through='extras.TaggedItem', to='extras.Tag')),
                 ('tenant', models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.PROTECT, related_name='tunnels', to='tenancy.tenant')),

netbox/vpn/migrations/0002_alter_ipsecprofile_phase1_sa_lifetime_and_more.py

@@ -1,23 +0,0 @@
-# Generated by Django 4.2.6 on 2023-11-08 16:04
-
-from django.db import migrations, models
-
-
-class Migration(migrations.Migration):
-
-    dependencies = [
-        ('vpn', '0001_initial'),
-    ]
-
-    operations = [
-        migrations.AlterField(
-            model_name='ipsecprofile',
-            name='phase1_sa_lifetime',
-            field=models.PositiveIntegerField(blank=True, null=True),
-        ),
-        migrations.AlterField(
-            model_name='ipsecprofile',
-            name='phase2_sa_lifetime',
-            field=models.PositiveIntegerField(blank=True, null=True),
-        ),
-    ]

netbox/vpn/migrations/0003_alter_tunnel_tunnel_id.py

@@ -1,18 +0,0 @@
-# Generated by Django 4.2.6 on 2023-11-08 16:06
-
-from django.db import migrations, models
-
-
-class Migration(migrations.Migration):
-
-    dependencies = [
-        ('vpn', '0002_alter_ipsecprofile_phase1_sa_lifetime_and_more'),
-    ]
-
-    operations = [
-        migrations.AlterField(
-            model_name='tunnel',
-            name='tunnel_id',
-            field=models.PositiveBigIntegerField(blank=True, null=True),
-        ),
-    ]

netbox/vpn/models/crypto.py

@@ -62,16 +62,22 @@ class IPSecProfile(PrimaryModel):
         help_text=_('Diffie-Hellman group')
     )
     phase2_sa_lifetime = models.PositiveIntegerField(
-        verbose_name=_('phase 2 SA lifetime'),
+        verbose_name=_('phase 2 SA lifetime (seconds)'),
         blank=True,
         null=True,
-        help_text=_('Security association lifetime (in seconds)')
+        help_text=_('Security association lifetime (seconds)')
+    )
+    phase2_sa_lifetime_data = models.PositiveIntegerField(
+        verbose_name=_('phase 2 SA lifetime (KB)'),
+        blank=True,
+        null=True,
+        help_text=_('Security association lifetime (in kilobytes)')
     )
     # TODO: Add PFS group?
 
     clone_fields = (
         'protocol', 'ike_version', 'phase1_encryption', 'phase1_authentication', 'phase1_group', 'phase1_sa_lifetime',
-        'phase2_encryption', 'phase2_authentication', 'phase2_group', 'phase2_sa_lifetime',
+        'phase2_encryption', 'phase2_authentication', 'phase2_group', 'phase2_sa_lifetime', 'phase2_sa_lifetime_data',
     )
 
     class Meta:

netbox/vpn/tables.py

@@ -115,7 +115,7 @@ class IPSecProfileTable(TenancyColumnsMixin, NetBoxTable):
         model = IPSecProfile
         fields = (
             'pk', 'id', 'name', 'protocol', 'ike_version', 'phase1_encryption', 'phase1_authentication', 'phase1_group',
-            'phase1_sa_lifetime', 'phase2_encryption', 'phase2_authentication', 'phase2_group', 'phase1_sa_lifetime',
+            'phase1_sa_lifetime', 'phase2_encryption', 'phase2_authentication', 'phase2_group', 'phase2_sa_lifetime',
-            'description', 'comments', 'tags', 'created', 'last_updated',
+            'phase2_sa_lifetime_data', 'description', 'comments', 'tags', 'created', 'last_updated',
         )
         default_columns = ('pk', 'name', 'protocol', 'ike_version', 'description')