Age | Commit message (Collapse) | Author |
|
(cherry picked from commit commit 22e3558834784a8ca37f6335c15c58a631a7fe10)
|
|
(cherry picked from commit 82ea3b4f3c12023ce17f1062785b6238f457673d)
|
|
Interface will still be visible to the operating system.
(cherry picked from commit a14f93adfa633eabff90524e1f83d56092ec0c3c)
|
|
Improve commend in WWANIf.remove() - remove() was implemented in commit 61e4d75a
("wwan: T3620: place interface in A/D state when removed").
(cherry picked from commit d9a19b77a56031fa3fbfa43a85c8be7ee83ae3d7)
|
|
(cherry picked from commit c0bf019e9fc6251ce43c57903b85115f0e3ab2bc)
|
|
|
|
|
|
|
|
interfaces
|
|
|
|
|
|
ipsec: T3643: Fix for show tunnels with state down
|
|
We need to use a temporary variable when validating the tuple if address
is used. If not the else branch will always add the tuple to the list of
addresses used for listen-address.
(cherry picked from commit d13b91462487e090b32c0d1ecf9139a2271b4837)
|
|
(cherry picked from commit eceaa3a787929f5a514b9c45da52936c0d4d4a54)
|
|
Custom OpenVPN options moved back to the command line from a
configuration file. This should keep full compatibility with the
`crux` branch, and allows to avoid mistakes with parsing options
that contain `--` in the middle.
The only smart part of this - handling a `push` option. Because
of internal changes in OpenVPN, previously it did not require an
argument in the double-quotes, but after version update in
`equuleus` and `sagitta` old syntax became invalid. So, all the
`push` options are processed to add quotes. The solution is still
not complete, because if a single config line contains `push` with
other options, it will not work, but it is better than nothing.
(cherry picked from commit 3fd2ff423b6c6e992b2ed531c7ba99fb9e1a2123)
|
|
(cherry picked from commit 77eca49bffede005f546b7d9d3660bf2e32c7e8e)
|
|
(cherry picked from commit 8915a19f7761253b7bdf6ca847069539ee33851d)
|
|
(cherry picked from commit 9e2694b24b06d928240522322c9a6d60c7a7d290)
|
|
(cherry picked from commit 3d00140453b3967370c77ddd9dac4af223a7ddce)
|
|
This reverts a part of commit ac682795b7d69f11076ddf022c3452e411a0fdc5.
(cherry picked from commit 1353757247c027f6352000a9450b502c25c460c8)
|
|
(cherry picked from commit c45e4beadf30accb1838b3bad1f21c2146469bf8)
|
|
(cherry picked from commit 73be449b1cd09f3ca86400753630fb4804fbeca7)
|
|
(cherry picked from commit dc9a2821d063a96681d6cb1d962618829b71937d)
|
|
(cherry picked from commit 889e16a77517549fb833a90d047455533be02f06)
|
|
(cherry picked from commit 5b69aad5bfe1fd1dfc51afb1d4b6323028009deb)
|
|
(cherry picked from commit b168b4cc7da456f14714d917cdc7a1c6b8df9af5)
|
|
(cherry picked from commit d3d4e3bedcc0b43e16554b1832b43da9d41e651f)
|
|
FastAPI 0.65.2 checks content-type request header before assuming JSON,
closing a well-known loophole. This requires a modification of the code
providing backwards compatibility of multipart forms.
(cherry picked from commit 3a9041e2d4d4a48ba7c01439e69c5f86a4a850c2)
|
|
Replace the Flask micro-framework with FastAPI, in order to support
extensions to the API and OpenAPI 3.* generation. This change will
remain backwards compatible with previous versions. Notably, the
multipart forms version of requests remain supported; in addition
application/json requests are now natively supported.
(cherry picked from commit 0125fff200efe3259aa25953e7505f69679261f8)
|
|
(cherry picked from commit 5d39a113bdef82e201aa43f848217c30db2f6fd9)
|
|
(cherry picked from commit a4cf71912d52de4398273405b5682d8da5e1dbe3)
|
|
(cherry picked from commit ab111d56410753929979b06899912ea036819405)
|
|
Generic get_removed_vlans() function replaced the entire config dict when any
QinQ vif-c subinterface was deleted.
(cherry picked from commit b3be36586c85005538d5cc994c7c9694b9907d81)
|
|
(cherry picked from commit b8f702bc7b6e92b8841271b4a2355d2b65ccb247)
|
|
|
|
sstp: T2566: Fix to allow IPv6 only pools
|
|
To allow IPv6 only for vpn sstp sessions we have to add
'ppp-options' which can disable IPv4 allocation explicity.
Additional IPv6 ppp-options and fix template for it.
|
|
When `dhclient` with the `-x` option is used to stop running DHCP client
with a lease file that is not the same as in the new `dhclient` process,
it requires a `-lf` argument with a path to the old lease file to find
information about old/active leases and process them according to
instructions and config.
This commit adds the option to the `02-vyos-stopdhclient` hook, which
allows to properly process `dhclient` instances started in different
ways.
(cherry picked from commit 393970f9ee5b3dfc58e0e999d3d5941a198b2c6f)
|
|
|
|
error
(cherry picked from commit 17215846b512851e7df8cdfcfc06c18b1d27f763)
|
|
(cherry picked from commit 062422db04f5ec6fd0a769f0d71faf4efa2d377f)
|
|
We can no longer use bash veriable string code vor string manipulation. Move to
a more robust "cut" implementation.
(cherry picked from commit 513e951f3e1358ec6ff5424d03e8f4e9aa7c3388)
|
|
(cherry picked from commit f227987ccf41e01d4ddafb6db7b36ecf13148c78)
|
|
The current op-mode for "show vpn ipsec sa" shows only tunnels
which established (parent SA) and installed (child SA)
If tunnel not installed it can't show correct information about
this tunnel, in that case it can shows only parent sa state
Get codebase for "show_ipsec_sa.py" (op-mode) from 1.4 branch
where it was fixed.
|
|
IPSec: T3941: Fix uptime for tunnels sa op-mode
|
|
The current uptime for tunnels is getting from parent SA
That is incorrect as we should get value from child SA
|
|
This prevents a failover from MASTER -> BACKUP when changing any MASTER related
configuration.
(cherry picked from commit 2c82c9acbde2ccca9c7bb5e646a45fd646463afe)
|
|
op-mode: T3942: Add feature generate IPSec debug-archive
|
|
|
|
In addition to commit 0b414bcd ("vyos.ethtool: T3874: do not throw exception
if adapter has issues with autoneg") we should also not care too strict when
locating the driver name.
This might cause false positives.
(cherry picked from commit 8cf5a4f023c5459cad4c84e93f73a9ddd69be81a)
|