summaryrefslogtreecommitdiff
path: root/data
diff options
context:
space:
mode:
Diffstat (limited to 'data')
-rw-r--r--data/config-mode-dependencies/vyos-1x.json3
-rw-r--r--data/templates/frr/isisd.frr.j242
-rw-r--r--data/templates/frr/ldpd.frr.j210
-rw-r--r--data/templates/https/vyos-http-api.service.j21
-rw-r--r--data/templates/openvpn/server.conf.j29
-rw-r--r--data/templates/pmacct/override.conf.j24
-rw-r--r--data/templates/pmacct/uacctd.conf.j22
-rw-r--r--data/templates/pppoe/peer.j22
8 files changed, 56 insertions, 17 deletions
diff --git a/data/config-mode-dependencies/vyos-1x.json b/data/config-mode-dependencies/vyos-1x.json
index 6c86642c7..4d73c844c 100644
--- a/data/config-mode-dependencies/vyos-1x.json
+++ b/data/config-mode-dependencies/vyos-1x.json
@@ -6,6 +6,9 @@
"group_resync": ["conntrack", "nat", "policy-route"]
},
"http_api": {"https": ["https"]},
+ "interfaces_bonding": {
+ "ethernet": ["interfaces-ethernet"]
+ },
"load_balancing_wan": {
"conntrack": ["conntrack"],
"conntrack_sync": ["conntrack_sync"]
diff --git a/data/templates/frr/isisd.frr.j2 b/data/templates/frr/isisd.frr.j2
index dbb8c7305..1e1cc3c27 100644
--- a/data/templates/frr/isisd.frr.j2
+++ b/data/templates/frr/isisd.frr.j2
@@ -165,6 +165,48 @@ advertise-passive-only
{% endfor %}
{% endfor %}
{% endif %}
+{% if fast_reroute.lfa is vyos_defined %}
+{% if fast_reroute.lfa.local is vyos_defined %}
+{% if fast_reroute.lfa.local.load_sharing.disable.level_1 is vyos_defined %}
+ fast-reroute load-sharing disable level-1
+{% elif fast_reroute.lfa.local.load_sharing.disable.level_2 is vyos_defined %}
+ fast-reroute load-sharing disable level-2
+{% elif fast_reroute.lfa.local.load_sharing.disable is vyos_defined %}
+ fast-reroute load-sharing disable
+{% endif %}
+{% if fast_reroute.lfa.local.priority_limit is vyos_defined %}
+{% for priority, priority_limit_options in fast_reroute.lfa.local.priority_limit.items() %}
+{% for level in priority_limit_options %}
+ fast-reroute priority-limit {{ priority }} {{ level | replace('_', '-') }}
+{% endfor %}
+{% endfor %}
+{% endif %}
+{% if fast_reroute.lfa.local.tiebreaker is vyos_defined %}
+{% for tiebreaker, tiebreaker_options in fast_reroute.lfa.local.tiebreaker.items() %}
+{% for index, index_options in tiebreaker_options.items() %}
+{% for index_value, index_value_options in index_options.items() %}
+{% for level in index_value_options %}
+ fast-reroute lfa tiebreaker {{ tiebreaker | replace('_', '-') }} index {{ index_value }} {{ level | replace('_', '-') }}
+{% endfor %}
+{% endfor %}
+{% endfor %}
+{% endfor %}
+{% endif %}
+{% endif %}
+{% if fast_reroute.lfa.remote.prefix_list is vyos_defined %}
+{% for prefix_list, prefix_list_options in fast_reroute.lfa.remote.prefix_list.items() %}
+{% if prefix_list_options.level_1 is vyos_defined %}
+fast-reroute remote-lfa prefix-list {{ prefix_list }} level-1
+{% endif %}
+{% if prefix_list_options.level_2 is vyos_defined %}
+fast-reroute remote-lfa prefix-list {{ prefix_list }} level-2
+{% endif %}
+{% if prefix_list is vyos_defined and prefix_list_options.level_1 is not vyos_defined and prefix_list_options.level_2 is not vyos_defined %}
+fast-reroute remote-lfa prefix-list {{ prefix_list }}
+{% endif %}
+{% endfor %}
+{% endif %}
+{% endif %}
{% if redistribute.ipv4 is vyos_defined %}
{% for protocol, protocol_options in redistribute.ipv4.items() %}
{% for level, level_config in protocol_options.items() %}
diff --git a/data/templates/frr/ldpd.frr.j2 b/data/templates/frr/ldpd.frr.j2
index 11aff331a..9a893cc55 100644
--- a/data/templates/frr/ldpd.frr.j2
+++ b/data/templates/frr/ldpd.frr.j2
@@ -14,19 +14,19 @@ mpls ldp
ordered-control
{% endif %}
{% if ldp.neighbor is vyos_defined %}
-{% for neighbor, neighbor_config in ldp.neighbor %}
+{% for neighbor, neighbor_config in ldp.neighbor.items() %}
{% if neighbor_config.password is vyos_defined %}
- neighbor {{ neighbors }} password {{ neighbor_config.password }}
+ neighbor {{ neighbor }} password {{ neighbor_config.password }}
{% endif %}
{% if neighbor_config.ttl_security is vyos_defined %}
{% if neighbor_config.ttl_security.disable is vyos_defined %}
- neighbor {{ neighbors }} ttl-security disable
+ neighbor {{ neighbor }} ttl-security disable
{% else %}
- neighbor {{ neighbors }} ttl-security hops {{ neighbor_config.ttl_security }}
+ neighbor {{ neighbor }} ttl-security hops {{ neighbor_config.ttl_security }}
{% endif %}
{% endif %}
{% if neighbor_config.session_holdtime is vyos_defined %}
- neighbor {{ neighbors }} session holdtime {{ neighbor_config.session_holdtime }}
+ neighbor {{ neighbor }} session holdtime {{ neighbor_config.session_holdtime }}
{% endif %}
{% endfor %}
{% endif %}
diff --git a/data/templates/https/vyos-http-api.service.j2 b/data/templates/https/vyos-http-api.service.j2
index fb424e06c..f620b3248 100644
--- a/data/templates/https/vyos-http-api.service.j2
+++ b/data/templates/https/vyos-http-api.service.j2
@@ -6,6 +6,7 @@ Requires=vyos-router.service
[Service]
ExecStart={{ vrf_command }}/usr/libexec/vyos/services/vyos-http-api-server
+ExecReload=kill -HUP $MAINPID
Type=idle
SyslogIdentifier=vyos-http-api
diff --git a/data/templates/openvpn/server.conf.j2 b/data/templates/openvpn/server.conf.j2
index 2eb9416fe..746155c37 100644
--- a/data/templates/openvpn/server.conf.j2
+++ b/data/templates/openvpn/server.conf.j2
@@ -205,19 +205,12 @@ tls-server
{% if encryption is vyos_defined %}
{% if encryption.cipher is vyos_defined %}
cipher {{ encryption.cipher | openvpn_cipher }}
-{% if encryption.cipher is vyos_defined('bf128') %}
-keysize 128
-{% elif encryption.cipher is vyos_defined('bf256') %}
-keysize 256
-{% endif %}
{% endif %}
{% if encryption.ncp_ciphers is vyos_defined %}
data-ciphers {{ encryption.ncp_ciphers | openvpn_ncp_ciphers }}
{% endif %}
{% endif %}
-# https://vyos.dev/T5027
-# Required to support BF-CBC (default ciphername when none given)
-providers legacy default
+providers default
{% if hash is vyos_defined %}
auth {{ hash }}
diff --git a/data/templates/pmacct/override.conf.j2 b/data/templates/pmacct/override.conf.j2
index 213569ddc..44a100bb6 100644
--- a/data/templates/pmacct/override.conf.j2
+++ b/data/templates/pmacct/override.conf.j2
@@ -9,9 +9,9 @@ ConditionPathExists=/run/pmacct/uacctd.conf
EnvironmentFile=
ExecStart=
ExecStart={{ vrf_command }}/usr/sbin/uacctd -f /run/pmacct/uacctd.conf
+ExecStop=/usr/libexec/vyos/system/uacctd_stop.py $MAINPID 60
WorkingDirectory=
WorkingDirectory=/run/pmacct
-PIDFile=
-PIDFile=/run/pmacct/uacctd.pid
Restart=always
RestartSec=10
+KillMode=mixed
diff --git a/data/templates/pmacct/uacctd.conf.j2 b/data/templates/pmacct/uacctd.conf.j2
index 1370f8121..aae0a0619 100644
--- a/data/templates/pmacct/uacctd.conf.j2
+++ b/data/templates/pmacct/uacctd.conf.j2
@@ -1,7 +1,7 @@
# Genereated from VyOS configuration
daemonize: true
promisc: false
-pidfile: /run/pmacct/uacctd.pid
+syslog: daemon
uacctd_group: 2
uacctd_nl_size: 2097152
snaplen: {{ packet_length }}
diff --git a/data/templates/pppoe/peer.j2 b/data/templates/pppoe/peer.j2
index f30cefe63..2a99fcb2a 100644
--- a/data/templates/pppoe/peer.j2
+++ b/data/templates/pppoe/peer.j2
@@ -50,7 +50,7 @@ ifname {{ ifname }}
ipparam {{ ifname }}
debug
mtu {{ mtu }}
-mru {{ mtu }}
+mru {{ mru }}
{% if authentication is vyos_defined %}
{{ 'user "' + authentication.username + '"' if authentication.username is vyos_defined }}