| Age | Commit message (Collapse) | Author |
|---|
|
This script is usually called with the output of "cli-shell-api showCfg", which does not escape backslashes. "ConfigTree()" expects escaped backslashes when parsing a config string (and also prints them itself). Therefore this script would fail.
Manually escape backslashes here to handle backslashes in any configuration strings properly. The alternative would be to modify the output of "cli-shell-api showCfg", but that may be break other things who rely on that specific output.
This fixes https://phabricator.vyos.net/T1001
|
|
|
|
This reverts commit cda02327d059067c50df8e64080cb763e5569f52.
|
|
- adding vyos-accel-ppp-ipoe-kmod to dependencies
|
|
- verify if an auth mode is set and if its local checking that
a user and password for chap-secrets exists.
|
|
|
|
|
|
change to 'mode local|radius'
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Increase NTP config version from 0 to 1. For more information see [1].
ntpd: Warning: the "dynamic" keyword has been obsoleted and will
be removed in the next release
[1]: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=553976
(cherry picked from commit 7a615ab169a7f6141fd9b6e84ac1ea415216d9bb)
|
|
Increase NTP config version from 0 to 1. For more information see [1].
ntpd: Warning: the "dynamic" keyword has been obsoleted and will
be removed in the next release
[1]: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=553976
|
|
(cherry picked from commit 604600bf40873a7d64329d88dafd90196ed10745)
|
|
Current implementation referred to a no longer existing Perl script to
restart the IPv4 and IPv6 instance of dhcrelay.
> restart dhcp relay-agent
> restart dhcpv6 relay-agent
(cherry picked from commit f9007c5f5e6e7957ab1c955c10b3842dca7b253d)
|
|
(cherry picked from commit fe639cd05002b16a82b74262966598bab976e67f)
|
|
|
|
Current implementation referred to a no longer existing Perl script to
restart the IPv4 and IPv6 instance of dhcrelay.
> restart dhcp relay-agent
> restart dhcpv6 relay-agent
|
|
|
|
|
|
(cherry-picked 439d86aa55c7eed9619391ecec04bc1fbd5f9323)
|
|
|
|
- ipv6 DNS, ippv6pool, ipv6 PD, ipv6 inf IDs
- snmp subagent and master mode
- connlimits configurable
- more ppp options configurable (mppe, lcp-echo intervals, mtu, mru etc.)
- radius extended options (for HA etc.)
|
|
(cherry picked from commit 2375e0876abeff26ba875419b62f974d0ff6122a)
|
|
In other words, remove top level tag nodes from radius-server and introduce
a regular "radius" node, thus we can add additional features, too. A migration
script is provided in vyos-1x which takes care of this config migration.
Change VyOS CLI from:
vyos@vyos# show vpn pptp
remote-access {
authentication {
mode radius
radius-server 172.16.100.10 {
key barbarbar
}
radius-server 172.16.100.20 {
key foofoofoo
}
}
To:
vyos@vyos# show vpn l2tp
remote-access {
authentication {
mode radius
radius {
server 172.16.100.10 {
key barbarbar
}
server 172.16.100.20 {
key foofoofoo
}
}
}
(cherry picked from commit 2b8af944d60de2fca8370a108e422ccc6b3d006d)
|
|
|
|
In other words, remove top level tag nodes from radius-server and introduce
a regular "radius" node, thus we can add additional features, too. A migration
script is provided in vyos-1x which takes care of this config migration.
Change VyOS CLI from:
vyos@vyos# show vpn pptp
remote-access {
authentication {
mode radius
radius-server 172.16.100.10 {
key barbarbar
}
radius-server 172.16.100.20 {
key foofoofoo
}
}
To:
vyos@vyos# show vpn l2tp
remote-access {
authentication {
mode radius
radius {
server 172.16.100.10 {
key barbarbar
}
server 172.16.100.20 {
key foofoofoo
}
}
}
|
|
|
|
|
|
This bug was present since the old Vyatta days as the use-web statement
was only put into action when also "use-web skip" was defined.
The service https://ipinfo.io/ip does not place any crap in front of the
IP address so the skip statement was not used and made no sense.
(cherry picked from commit 718d9a123c2ba72b87d7f6e48a5e6d83fa86d494)
|
|
This bug was present since the old Vyatta days as the use-web statement
was only put into action when also "use-web skip" was defined.
The service https://ipinfo.io/ip does not place any crap in front of the
IP address so the skip statement was not used and made no sense.
|
|
In other words, remove top level tag nodes from radius-server and
introduce a regular
"radius" node, thus we can add additional features, too. A migration
script is provided
in vyos-1x which takes care of this config migration.
Change VyOS CLI from:
vyos@vyos# show vpn l2tp
remote-access {
authentication {
mode radius
radius-server 172.16.100.10 {
key barbarbar
}
radius-server 172.16.100.20 {
key foofoofoo
}
radius-source-address 172.16.254.100
}
To:
vyos@vyos# show vpn l2tp
remote-access {
authentication {
mode radius
radius {
server 172.16.100.10 {
key barbarbar
}
server 172.16.100.20 {
key foofoofoo
}
source-address 172.16.254.100
}
}
(cherry picked from commit 979ad1a92af9ee2150ecfe5309a9d1b43fdad59d)
|
|
In other words, remove top level tag nodes from radius-server and
introduce a regular
"radius" node, thus we can add additional features, too. A migration
script is provided
in vyos-1x which takes care of this config migration.
Change VyOS CLI from:
vyos@vyos# show vpn l2tp
remote-access {
authentication {
mode radius
radius-server 172.16.100.10 {
key barbarbar
}
radius-server 172.16.100.20 {
key foofoofoo
}
radius-source-address 172.16.254.100
}
To:
vyos@vyos# show vpn l2tp
remote-access {
authentication {
mode radius
radius {
server 172.16.100.10 {
key barbarbar
}
server 172.16.100.20 {
key foofoofoo
}
source-address 172.16.254.100
}
}
|
|
|
|
|
|
This requires adding a query-local-address6 setting to enable outbound
IPv6 queries in general, and also formatting upstream nameserver IPv6
addresses in such a way that Recursor can parse them.
(cherry picked from commit 5d2e36da657fd2e15f9dc8d5588b06478bd3d55c)
|
|
T978: Support PowerDNS Recursor outbound queries over IPv6.
|
|
This requires adding a query-local-address6 setting to enable outbound
IPv6 queries in general, and also formatting upstream nameserver IPv6
addresses in such a way that Recursor can parse them.
|
|
Fixes T976: dhcp - move commit hook into shared-network
|
|
Move the on commit in a generated dhcpd.conf into the shared-network
to fix hostfile-update not working.
|
|
Fixes T979: Allow spaces in wireguard interface description
|
|
(cherry picked from commit 15065070b7c22709e259a6ae0cc4a27fd7b59d6b)
|
|
By default PowerDNS only allows 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16
for incoming DNS queries - we changed this to 0.0.0.0/0 to be reachable
by everyone.
This only covered the IPv4 address space and any IPv6 related query was
not handled by the server.
(cherry picked from commit 1682d7167461ab9ef72471b31b199094b335276d)
|
|
|
