summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2023-04-13Merge pull request #1952 from sever-sever/T4727Christian Breunig
T4727: Add RADIUS rate-limit attribute for vpn pptp
2023-04-13Merge pull request #1954 from sever-sever/T5152-eqChristian Breunig
T5152: Get default hostname for telegraf from FQDN or hostname
2023-04-13Merge pull request #1951 from fett0/T4939Daniil Baturin
T4939: backport VRRP startup delay
2023-04-12T5152: Get default hostname for telegraf from FQDN or hostnameViacheslav Hletenko
Fix for Telegraf agent hostname isn't qualified Try to get the hostname from FQDN and then from the hostname Used for metrics You may have more than one machine with different domain names r1 domain-name foo.local, hostname myhost r2 domain-name bar.local, hostname myhost It helps to detect from which exactly host we get metrics for InfluxDB2
2023-04-12 T4939: fixed template VRRP startup delayfett0
2023-04-11T4727: Add RADIUS rate-limit attribute for vpn pptpViacheslav Hletenko
Add rate-limit attribute, multiplier, vendor specific attribute for the [shaper] section
2023-04-11 T4939: backport VRRP startup delayfett0
2023-04-05Merge pull request #1928 from c-po/t4959-backportChristian Breunig
T4959: Add container registry authentication config for containers (backport)
2023-04-01container: T4959: add registry authentication optionChristian Breunig
Container registry CLI node changed from leafNode to tagNode with the same defaults. In addition we can now configure an authentication option per registry. (cherry picked from commit fe82d86d3e87cb8d92ebc9d0652c08e3dd79a12c)
2023-04-01schema: T5079: extension to support defaultValues on tagNodesChristian Breunig
(cherry picked from commit b4af532dd531c23bc1ad84cca290916be55357bf)
2023-04-01Merge pull request #1919 from c-po/equuleusChristian Breunig
container: T5047: restart only containers that changed (backport)
2023-04-01container: T5047: bugfix TypeError: argument of type 'NoneType' is not iterableChristian Breunig
Commit 52e51ffb ("container: T5047: restart only containers that changed") started to iterate over a NoneType which is invalid. This happened when a network description was changed but no container was due for restart. (cherry picked from commit 86d7b8d1d2b53b9fa93bd456abb4ea1b4f2949b6)
2023-03-29Merge pull request #1912 from jestabro/eq-countersChristian Breunig
op-mode: T5097: show interfaces should reflect cleared counters
2023-03-29container: T5047: restart only containers that changedChristian Breunig
By default VyOS used to restart all containers it managed. This makes no sense as it will be service disrupting. Instead only restart the containers that had changes on the CLI beeing made. (cherry picked from commit 52e51ffbb84996aee9d5b94eebf64589ead31225)
2023-03-23op-mode: T5097: show interfaces should reflect cleared countersJohn Estabrook
'show interfaces counters' correctly displays counter stats after a call to 'clear interfaces counters', however, 'show interfaces detail' does not. Add missing update to counter stats.
2023-03-23Merge pull request #1907 from c-po/t5105-backportDaniil Baturin
T5105: dhcp-server: Fix error message from dhcp-server (backport)
2023-03-23T5105: Fix error message from dhcp-serverNicolas Fort
(cherry picked from commit 05e00b986a563681b038b226c86c83a29d6da820)
2023-03-16Merge pull request #1887 from sever-sever/T2516-eq1.3.3-epa1Daniil Baturin
T2516: Exclude veth interfaces from duplex and speed check
2023-03-16Merge pull request #1885 from sever-sever/T5058-eqDaniil Baturin
T5058: Fix IPoE regex Jinja2 for interface
2023-03-16Merge pull request #1892 from sever-sever/T3083-eqDaniil Baturin
T3083: Add service event-handler
2023-03-15T3083: Add service event-handlerViacheslav Hletenko
Event-handler allows executing a custom script when detects some configured "pattern regex" set service event-handler event first filter pattern '.*ssh2.*' set service event-handler event first script arguments '192.0.2.5' set service event-handler event first script environment interface value 'eth0' set service event-handler event first script path '/config/scripts/hello.sh' It is the backport from 1.4
2023-03-13T2516: Exclude veth interfaces from duplex and speed checkViacheslav Hletenko
Exclude interfaces with 'veth' driver from duplex and speed check
2023-03-12T5057: Fix IPoE regex Jinja2 for interfaceViacheslav Hletenko
Fix incorrect regex '\d+' when used vlan ranges For example 'ipoe-server interface eth1 vlan 2000-3000' - replace 'interface=re:eth1\.\d+' => 'interface=re:^eth1\.(200\d|20[1-9]\d|2[1-9]\d{2}|3000)$'
2023-03-12T5058: Add template filter range_to_regexViacheslav Hletenko
Add template filter 'range_to_regex' Convert range of numbers or list of ranges to regex % range_to_regex('11-12') '(1[1-2])' % range_to_regex(['11-12', '14-15']) '(1[1-2]|1[4-5])'
2023-03-10Merge pull request #1859 from sever-sever/T5033-eqViacheslav Hletenko
T5033: Ability to generate muliple keys from a file or link
2023-03-09Merge pull request #1878 from sever-sever/T5066-eqDaniil Baturin
T5066: Fix GRE tunnel variable name for verify check keys
2023-03-09T5066: Fix GRE tunnel variable name for verify check keysViacheslav Hletenko
2023-03-08Merge pull request #1874 from jestabro/tunnel-ipChristian Breunig
openvpn: T4381: Add tunnel ip column for status command
2023-03-07Merge pull request #1867 from jestabro/equuleus-cache-diffDaniil Baturin
configdiff: T4900: cache diff_tree and diff_dict in Config instance
2023-03-07openvpn: T4872: fix parsing of tunnel IP in 'show openvpn server'John Estabrook
(cherry picked from commit 779f4001a4828f1af39a5b0b861d62635fcb3726)
2023-03-07openvpn: T4381: Add tunnel ip column for status commandsrividya0208
Added the tunnel ip column to see the assigned ip address in server mode (cherry picked from commit 500c182c4fa4e0fa030b7c68139fbe948266c49b)
2023-03-03configdiff: T4900: cache diff_tree and diff_dict in Config instanceJohn Estabrook
(cherry picked from commit d2330b00f109a9c837fc8ae6971e2f6bfa7eb372)
2023-03-01Merge pull request #1861 from c-po/container-backportsViacheslav Hletenko
T4014: T4014: container backports for equuleus
2023-03-01T4967: xml: provide re-usable constraint for CLI host-name definitionsChristian Breunig
(cherry picked from commit d14a6814acb173cdc6df13212620f7da330434ed)
2023-03-01T4967: Allow setting container hostnameViacheslav Hletenko
Ability setting container hostname This host name is used as /etc/hostname set container name <tag> host-name 'mybox' (cherry picked from commit c68d73e6720a7df2b48df17ac7b9b4c906e0294c)
2023-03-01container: T4014: Add `command`, `arg` and `entrypoint` configuration ↵Zen3515
options for containers (cherry picked from commit 53aebddb4ca54b0cc4a296d6cc4c4d960c5f1d73)
2023-02-28T5033: Ability to generate muliple keys from a file or linkViacheslav Hletenko
We generate only one public key (string) from a file xxx.pub op-mode with 'generate public-key-command user vyos lik_to_key_file' Add ability to generate configuration (from op-mode) for multiple keys As github keys don't use identifiers, generate uuid4 id for them
2023-02-24Merge pull request #1794 from aapostoliuk/T4955-equuleusChristian Breunig
openconnect: T4955: Removed wrong authserver in radiusclient.conf
2023-02-24Merge pull request #1846 from aapostoliuk/T5008-equuleusChristian Breunig
macsec: T5008: Changed length of CKN to (2..64 hex-digits)
2023-02-24macsec: T5008: Changed length of CKN to (2..64 hex-digits)aapostoliuk
Based on wpa_supplicant documentation. mka_ckn (CKN = CAK Name) takes a 1..32-bytes (8..256 bit) hex-string (2..64 hex-digits) Changed allowable length of CKN from strong 64 hex-digits to the range (2..64 hex-digits)
2023-02-23Merge pull request #1843 from sever-sever/T5007-eqChristian Breunig
T5007: Fix multicast implementation for the tunnel interfaces
2023-02-23T5007: Fix multicast implementation for the tunnel interfacesViacheslav Hletenko
Multicast has not been implemented for the tunnel interfaces. We have only configuration CLI commands that do anything. Fix it. ip link set dev <tag> multicast on ip link set dev <tag> multicast off (cherry picked from commit ac821d0d1764e9623015e04c5158a06c00ab370b)
2023-02-22Merge pull request #1833 from sever-sever/T5011-eqChristian Breunig
T5011: Set default values for min_mtu max_mtu
2023-02-22Merge pull request #1838 from sever-sever/T4978-eqChristian Breunig
T4978: Default values of port rewrite default container values
2023-02-21T4978: Default values of port rewrite default container valuesViacheslav Hletenko
As we have the same variable name 'default_values' for container name, port and volume, it rewrites default container parameters with default port parameters Fix it (cherry picked from commit 679efe8ac7998ba1b8f3c7c4bfc7508d8869907d)
2023-02-20T5011: Set default values for min_mtu max_mtuViacheslav Hletenko
Some interface drivers don't support/provide min_mtu and max_mtu values For example VyOS in docker container with 'veth' driver on some platforms As a workarund add default values for min/max MTU for calculations and pass function "verify_mtu(config)" (cherry picked from commit 87fb9be4cab3a261406c69c723add7467e4ef1fa)
2023-02-20openconnect: T4955: Removed wrong authserver in radiusclient.confaapostoliuk
After merging config dictionary with default values, radius port the default value was merged not in a proper way. It is added as a server. After creating radiusclient.conf added and the illegal authserver equal 'port'. Backported from 1.4
2023-02-16Merge pull request #1824 from sever-sever/T4971-eqDaniil Baturin
T4971: Accel-ppp verify if client_ip_pool key exists in config
2023-02-15T4971: Accel-ppp verify if client_ip_pool key exists in configViacheslav Hletenko
If 'client_ip_pool' not exists in config we cannot search it in the dictionary dict_search_recursive(config, 'gateway_address', ['client_ip_pool', 'name']) Add check for Equuleus
2023-02-14Merge pull request #1818 from c-po/equuleusDaniil Baturin
smoketest: tftp: T4012: extend process scanning loop for VRFs (equuleus)