There are things that should be simply incorrect grammar, and this is one of them, as of me.

https://github.com/vyos/vyos-build/pull/46

I'm using VyOS 1.2.0-beta1 (lithium) with a 1 GB HDD on ESXi.

I‘m using VyOS 1.2.x wirh a 4GB HDD on ESXi

The renderer works now (for a long time already, even), so it's time to close this task finally. ;)

It looks pretty clear from configuration point of view. Actually this request was made to avoid potential security breach if somebody doesn't have correct acl on wan facing interface.

As soon as someone sets set system ntp allow-clients address 172.16.0.0/12 we act as NTP server for this network,too. It's a bit odd that this node is under system but ... it is as it is.

that is weird,
i was under impression that we have it as client.
So it perfectly make sense have it under service

@syncer we do offer NTP as service (unfortunately it's unter the system tree instead of service.

@c-po i think we not offer ntp service as of now, but i think maybe we should?

We already have set system ntp allow-clients address 172.16.0.0/12 which can become a brother to a new command named set system ntp listen-on.

I agree with the above, this is actually how I'm dealing with custom options with dhcpd at the moment, however the same can't be done with openvpn as the functionality to include files doesn't exist within openvpn's config format, whereas it does with dhcpd.

We have thing like this in dhcpd's config - there you can state something like "subnet-parameters ... include file".
I was thinkking a little bit on it and came to the following idea - may be we should implement general syntax for stanza like "hey, vyos, I have config file for this service, please use it as is, but I still need the service to be operated on by vyos CLI commands". How do you think, would it be a good option to implement @dmbaturin?

Not just for inputting alot of commands, but making it possible to simply specifiy an opevnpn config instead of having to re-implement every possible openvpn setting using the VyOS syntax would be a huge benefit.
Not to mention the automation aspects.. copy config, load it. done.

Considering JSON's a standard that's quite close to the VyOS syntax, i don't see why maintaining another nonstandard format is needed when JSON is available :)

@sebastianm In VyConf it's going to be fairly easy (ok, possible at least) to implement different input and output formats, so chances are we can add | display json or | display yaml filters if there's demand for it.

To my mind... I'd rather keep a compatible syntax than a new one, even if there are benefits in terms of uniformity and parsing.

I say don't change it (keep it the same as it's in 1.1.7). I'd consider YAML or JSON (in that order) though. (I am/was lylylyly on IRC).

Following a discussion with @dmbaturin in #vyos, I'm to work on this puppy.

I think we can just reference it directly.

In that case, BatString can just be added as a dependency, I guess, and we can call upon that function to sort as needed? Or would you still like a specific function for node sorting?

I've just done a quick test of the BatString.numeric_compare, looks perfect.

Depending on your feelings toward batteries, we could either use BatString's numeric_compare or just crib the implementation of that function (with all due credit given, of course).