Age | Commit message (Collapse) | Author |
|
T1755: Python KeyError exceptions raised with 'show vpn ipsec sa' command under use of certain IPSEC cipher suites.
|
|
(encr-keysize) will result in KeyError - such as for CHACHA20_POLY1305
|
|
(integ-alg) will result in KeyError - such as with GCM based options
|
|
wireguard: T1756 - additional output for WG connection states
|
|
|
|
|
|
There was a bug when refactoring this with commits 5848a4d ("dhcp-server:
T1707: remove DHCP static-mappings from address pool") and 1182b44
("dhcp-server: T1707: bugfix on subsequent DHCP exclude addresses") that when
a static address assignemnt was using the last IP address from the specified
range.
This triggered the following error:
"DHCP range stop address x must be greater or equal to the range start
address y!"
|
|
* removed subprocess as it is not required, script is executed via sudo
* pep8 formatted
|
|
|
|
|
|
DHCP was only started when the interface operstate was set to up but this is
wrong. An interface can be configured as DHCP interface and DHCP client must
be launched even when the physical interface becomes available n-minutes
later. DHCP client then can ask for an IP assignemnt by DHCP.
Tested by starting DHCP client on a not connected ethernet interface. Address
was assigned later on after link became ready.
|
|
|
|
|
|
|
|
[BGP] T1490: Added migration for obsoleted 'bgp scan-time' parameter
|
|
This reverts commit 1257d7851866d42287018b38dd871f279b87286a.
It will delay network interface configuration everywhere when e.g. no network
cable is plugged in. We should find the root cause why DHCPd sometimes did not
start.
|
|
* typo fixed
|
|
Systems not runing BGP won't boot anymore. Syslog shows:
snmpd[5404]: getaddrinfo: inetCidrRouteTable Name or service not known
snmpd[5404]: getaddrinfo("inetCidrRouteTable", NULL, ...): Name or service not known
snmpd[5404]: Error opening specified endpoint "inetCidrRouteTable"
snmpd[5404]: Server Exiting with code 1
snmpd[5401]: Starting SNMP services::
systemd[1]: snmpd.service: control process exited, code=exited status=1
systemd[1]: Failed to start LSB: SNMP agents.
systemd[1]: Unit snmpd.service entered failed state.
This reverts commit e45648cdd5a52569be7f3ac30473b0c7474a7894.
|
|
|
|
|
|
renamed: interface-bonding.py -> interfaces-bonding.py
renamed: interface-bridge.py -> interfaces-bridge.py
renamed: interface-dummy.py -> interfaces-dummy.py
renamed: interface-ethernet.py -> interfaces-ethernet.py
renamed: interface-loopback.py -> interfaces-loopback.py
renamed: interface-openvpn.py -> interfaces-openvpn.py
renamed: interface-vxlan.py -> interfaces-vxlan.py
renamed: interface-wireguard.py -> interfaces-wireguard.py
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
With some interfaces, for example bond vif, it take some time for the state
change to really happen. Because of this later code, like starting DHCP client,
might not work as expected as get_state() reports the old (real) state.
Now when changing state of an interface we are (busy-)waiting up to 12.5
seconds before we inform the user that the interface could not be brought up.
This should be more then enough time for any interface to start except when
there is really no cable attached.
|
|
This resulted in a commit error when Bonding interfaces have been involved.
|
|
|
|
|
|
Previously when static-mappings have been created the address was still within
the DHCP pool resulting in log entries as follows:
dhcpd: Dynamic and static leases present for 192.0.2.51
dhcpd: Remove host declaration DMZ_PC2 or remove 192.0.2.51
dhcpd: from the dynamic address pool for DMZ
(cherry picked from commit 6f954ab56768af9a07d8a1dc086f54ddefa58da7)
|
|
(cherry picked from commit bdf890cca40157b3f2a2386685e043e0fa220fac)
|
|
Moved the code for splicing a DHCP range into its dedicated function as this
will later be required again. Having subsequent DHCP exclude addresses
e.g. 192.0.2.70 and 192.0.2.71 did not work as the previous algorithm
created a range whose start address was after the end address.
(cherry picked from commit 0f0f9f2835cf85c1fd3652ec83368528754764cd)
|
|
|
|
|
|
Rev load config
|
|
Rewrite of the load functionality of vyatta-load-config.pl, removing the
dependency on Vyatta::Config.
|
|
(ported from vyatta-cfg f051e369)
|
|
This reverts commit daf2e29e3693a7eb2d8b6fc378d984b9a17d2aa3.
It had unknown side effects, undiscovered during testing
|
|
|
|
[OpenVPN]: T1688: Add support for using encryption aes128gcm, aes192gcm and aes25gcm
|
|
combination with shared-secret-key-file, which is not supported (OpenVPN throws error message)
|