summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2023-03-16Merge pull request #1885 from sever-sever/T5058-eqDaniil Baturin
T5058: Fix IPoE regex Jinja2 for interface
2023-03-16Merge pull request #1892 from sever-sever/T3083-eqDaniil Baturin
T3083: Add service event-handler
2023-03-15T3083: Add service event-handlerViacheslav Hletenko
Event-handler allows executing a custom script when detects some configured "pattern regex" set service event-handler event first filter pattern '.*ssh2.*' set service event-handler event first script arguments '192.0.2.5' set service event-handler event first script environment interface value 'eth0' set service event-handler event first script path '/config/scripts/hello.sh' It is the backport from 1.4
2023-03-12T5057: Fix IPoE regex Jinja2 for interfaceViacheslav Hletenko
Fix incorrect regex '\d+' when used vlan ranges For example 'ipoe-server interface eth1 vlan 2000-3000' - replace 'interface=re:eth1\.\d+' => 'interface=re:^eth1\.(200\d|20[1-9]\d|2[1-9]\d{2}|3000)$'
2023-03-12T5058: Add template filter range_to_regexViacheslav Hletenko
Add template filter 'range_to_regex' Convert range of numbers or list of ranges to regex % range_to_regex('11-12') '(1[1-2])' % range_to_regex(['11-12', '14-15']) '(1[1-2]|1[4-5])'
2023-03-10Merge pull request #1859 from sever-sever/T5033-eqViacheslav Hletenko
T5033: Ability to generate muliple keys from a file or link
2023-03-09Merge pull request #1878 from sever-sever/T5066-eqDaniil Baturin
T5066: Fix GRE tunnel variable name for verify check keys
2023-03-09T5066: Fix GRE tunnel variable name for verify check keysViacheslav Hletenko
2023-03-08Merge pull request #1874 from jestabro/tunnel-ipChristian Breunig
openvpn: T4381: Add tunnel ip column for status command
2023-03-07Merge pull request #1867 from jestabro/equuleus-cache-diffDaniil Baturin
configdiff: T4900: cache diff_tree and diff_dict in Config instance
2023-03-07openvpn: T4872: fix parsing of tunnel IP in 'show openvpn server'John Estabrook
(cherry picked from commit 779f4001a4828f1af39a5b0b861d62635fcb3726)
2023-03-07openvpn: T4381: Add tunnel ip column for status commandsrividya0208
Added the tunnel ip column to see the assigned ip address in server mode (cherry picked from commit 500c182c4fa4e0fa030b7c68139fbe948266c49b)
2023-03-03configdiff: T4900: cache diff_tree and diff_dict in Config instanceJohn Estabrook
(cherry picked from commit d2330b00f109a9c837fc8ae6971e2f6bfa7eb372)
2023-03-01Merge pull request #1861 from c-po/container-backportsViacheslav Hletenko
T4014: T4014: container backports for equuleus
2023-03-01T4967: xml: provide re-usable constraint for CLI host-name definitionsChristian Breunig
(cherry picked from commit d14a6814acb173cdc6df13212620f7da330434ed)
2023-03-01T4967: Allow setting container hostnameViacheslav Hletenko
Ability setting container hostname This host name is used as /etc/hostname set container name <tag> host-name 'mybox' (cherry picked from commit c68d73e6720a7df2b48df17ac7b9b4c906e0294c)
2023-03-01container: T4014: Add `command`, `arg` and `entrypoint` configuration ↵Zen3515
options for containers (cherry picked from commit 53aebddb4ca54b0cc4a296d6cc4c4d960c5f1d73)
2023-02-28T5033: Ability to generate muliple keys from a file or linkViacheslav Hletenko
We generate only one public key (string) from a file xxx.pub op-mode with 'generate public-key-command user vyos lik_to_key_file' Add ability to generate configuration (from op-mode) for multiple keys As github keys don't use identifiers, generate uuid4 id for them
2023-02-24Merge pull request #1794 from aapostoliuk/T4955-equuleusChristian Breunig
openconnect: T4955: Removed wrong authserver in radiusclient.conf
2023-02-24Merge pull request #1846 from aapostoliuk/T5008-equuleusChristian Breunig
macsec: T5008: Changed length of CKN to (2..64 hex-digits)
2023-02-24macsec: T5008: Changed length of CKN to (2..64 hex-digits)aapostoliuk
Based on wpa_supplicant documentation. mka_ckn (CKN = CAK Name) takes a 1..32-bytes (8..256 bit) hex-string (2..64 hex-digits) Changed allowable length of CKN from strong 64 hex-digits to the range (2..64 hex-digits)
2023-02-23Merge pull request #1843 from sever-sever/T5007-eqChristian Breunig
T5007: Fix multicast implementation for the tunnel interfaces
2023-02-23T5007: Fix multicast implementation for the tunnel interfacesViacheslav Hletenko
Multicast has not been implemented for the tunnel interfaces. We have only configuration CLI commands that do anything. Fix it. ip link set dev <tag> multicast on ip link set dev <tag> multicast off (cherry picked from commit ac821d0d1764e9623015e04c5158a06c00ab370b)
2023-02-22Merge pull request #1833 from sever-sever/T5011-eqChristian Breunig
T5011: Set default values for min_mtu max_mtu
2023-02-22Merge pull request #1838 from sever-sever/T4978-eqChristian Breunig
T4978: Default values of port rewrite default container values
2023-02-21T4978: Default values of port rewrite default container valuesViacheslav Hletenko
As we have the same variable name 'default_values' for container name, port and volume, it rewrites default container parameters with default port parameters Fix it (cherry picked from commit 679efe8ac7998ba1b8f3c7c4bfc7508d8869907d)
2023-02-20T5011: Set default values for min_mtu max_mtuViacheslav Hletenko
Some interface drivers don't support/provide min_mtu and max_mtu values For example VyOS in docker container with 'veth' driver on some platforms As a workarund add default values for min/max MTU for calculations and pass function "verify_mtu(config)" (cherry picked from commit 87fb9be4cab3a261406c69c723add7467e4ef1fa)
2023-02-20openconnect: T4955: Removed wrong authserver in radiusclient.confaapostoliuk
After merging config dictionary with default values, radius port the default value was merged not in a proper way. It is added as a server. After creating radiusclient.conf added and the illegal authserver equal 'port'. Backported from 1.4
2023-02-16Merge pull request #1824 from sever-sever/T4971-eqDaniil Baturin
T4971: Accel-ppp verify if client_ip_pool key exists in config
2023-02-15T4971: Accel-ppp verify if client_ip_pool key exists in configViacheslav Hletenko
If 'client_ip_pool' not exists in config we cannot search it in the dictionary dict_search_recursive(config, 'gateway_address', ['client_ip_pool', 'name']) Add check for Equuleus
2023-02-14Merge pull request #1818 from c-po/equuleusDaniil Baturin
smoketest: tftp: T4012: extend process scanning loop for VRFs (equuleus)
2023-02-14Merge pull request #1820 from nicolas-fort/T5009-restart-relayDaniil Baturin
T5009: relay: Fix op-mode for restarting dhcp relay service
2023-02-14T5009: relay: correct service name for restarting dhcp relay serviceNicolas Fort
2023-02-13smoketest: tftp: T4012: extend process scanning loop for VRFsChristian Breunig
This extends commit c6016db17ef ("smoketest: tftp: T4012: add busy waiting loop when validating service availability") so that we also wait when reading in the VRF result(s).
2023-02-13Merge pull request #1813 from sever-sever/T4971-eqChristian Breunig
T4971: PPPoE server add named ip pool and attr Framed-Pool
2023-02-13Merge pull request #1812 from sever-sever/T1993-eqDaniil Baturin
T1993: PPPoE-server add section shaper and fwmark option
2023-02-13Merge pull request #1815 from c-po/equuleusDaniil Baturin
T5001: Replace links to the phabricator site (equuleus)
2023-02-12T5001: Replace links to the phabricator siteChristian Breunig
Replace links to the phabricator site from https://phabricator.vyos.net to https://vyos.dev (cherry-picked form commit bd9416a6aa9d5d0a746dc2cebc8d0330fd27d1a2)
2023-02-12T4971: PPPoE server add named ip pool and attr Framed-PoolViacheslav Hletenko
Add a new feature to allow to use named pools Also it can be used with RADIUS attribute 'Framed-Pool' set service pppoe-server client-ip-pool name POOL1 gateway-address '192.0.2.1' set service pppoe-server client-ip-pool name POOL1 subnet '192.0.2.0/24'
2023-02-12T4971: Add accel-ppp include client-ip-pool-nameViacheslav Hletenko
Add accel-ppp include client-ip-pool-name.xml.i Can be used in other accep-ppp CLI as "include"
2023-02-12T4999: Backport vyos util dict_search_recursiveViacheslav Hletenko
Backport "dict_search_recursive" from vyos.util 1.4 to 1.3 data = { 'interfaces': {'dummy': {'dum0': {'address': ['192.0.2.17/29']}}, 'ethernet': {'eth0': {'address': ['2001:db8::1/64', '192.0.2.1/29'], 'description': 'Test123', 'duplex': 'auto', 'hw_id': '00:00:00:00:00:01', 'speed': 'auto'}, 'eth1': {'address': ['192.0.2.9/29'], 'description': 'Test456', 'duplex': 'auto', 'hw_id': '00:00:00:00:00:02', 'speed': 'auto'}}} } dict_search_recursive(data, 'hw_id') will yield both '00:00:00:00:00:01' and '00:00:00:00:00:02' as generator object.
2023-02-12T1993: PPPoE-server add section shaper and fwmark optionViacheslav Hletenko
Extended PPPoE-server rate-limiter to avoid shaping marked resources Often this feature needs for ISP, which provides access to some IX or its resources. set service pppoe-server shaper fwmark '223'
2023-02-11Merge pull request #1806 from sever-sever/T2603-eqDaniil Baturin
T2603: PPPoE-server change default min-mtu value 1280 for Equuleus
2023-02-08T2603: PPPoE-server change default min-mtu value 1280 for EquuleusViacheslav Hletenko
Minimum acceptable MTU. If client will try to negotiate less then specified MTU then it will be NAKed or disconnected if rejects greater MTU. Change 'min-mtu' from 1492 to 1280 for 1.3.3
2023-02-05Merge pull request #1801 from c-po/fix-tftp-smoketestChristian Breunig
smoketest: tftp: T4012: add busy waiting loop when validating service availability
2023-02-05smoketest: tftp: T4012: add busy waiting loop when validating service ↵Christian Breunig
availability TFTP daemon is started as "fire and forget" and systemctl can return (thus commit will return) but the daemon itself is not yet running. This adds a loop checking if the service runs and will fail after 10 seconds.
2023-02-05Merge pull request #1798 from c-po/t4975-equuleusChristian Breunig
T4975: always sync() filesystem after commit (equuleus)
2023-02-04Revert "login: T4975: Fixed broken CLI commands"Christian Breunig
This reverts commit 7b36c363cd5b0168bd83c399f50a0a360ba3ee58. A general solution is implemented in Commit ae9dde04 ("T4975: always sync() filesystem after commit").
2023-02-04T4975: always sync() filesystem after commitChristian Breunig
(cherry picked from commit 29a44a73c638cb22839aa32986de367231b6efe9)
2023-02-03Merge pull request #1796 from zdc/T4975-equuleusDaniil Baturin
login: T4975: Fixed broken CLI commands