summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2023-03-01T4967: Allow setting container hostnameViacheslav Hletenko
Ability setting container hostname This host name is used as /etc/hostname set container name <tag> host-name 'mybox' (cherry picked from commit c68d73e6720a7df2b48df17ac7b9b4c906e0294c)
2023-03-01container: T4014: Add `command`, `arg` and `entrypoint` configuration ↵Zen3515
options for containers (cherry picked from commit 53aebddb4ca54b0cc4a296d6cc4c4d960c5f1d73)
2023-02-24Merge pull request #1794 from aapostoliuk/T4955-equuleusChristian Breunig
openconnect: T4955: Removed wrong authserver in radiusclient.conf
2023-02-24Merge pull request #1846 from aapostoliuk/T5008-equuleusChristian Breunig
macsec: T5008: Changed length of CKN to (2..64 hex-digits)
2023-02-24macsec: T5008: Changed length of CKN to (2..64 hex-digits)aapostoliuk
Based on wpa_supplicant documentation. mka_ckn (CKN = CAK Name) takes a 1..32-bytes (8..256 bit) hex-string (2..64 hex-digits) Changed allowable length of CKN from strong 64 hex-digits to the range (2..64 hex-digits)
2023-02-23Merge pull request #1843 from sever-sever/T5007-eqChristian Breunig
T5007: Fix multicast implementation for the tunnel interfaces
2023-02-23T5007: Fix multicast implementation for the tunnel interfacesViacheslav Hletenko
Multicast has not been implemented for the tunnel interfaces. We have only configuration CLI commands that do anything. Fix it. ip link set dev <tag> multicast on ip link set dev <tag> multicast off (cherry picked from commit ac821d0d1764e9623015e04c5158a06c00ab370b)
2023-02-22Merge pull request #1833 from sever-sever/T5011-eqChristian Breunig
T5011: Set default values for min_mtu max_mtu
2023-02-22Merge pull request #1838 from sever-sever/T4978-eqChristian Breunig
T4978: Default values of port rewrite default container values
2023-02-21T4978: Default values of port rewrite default container valuesViacheslav Hletenko
As we have the same variable name 'default_values' for container name, port and volume, it rewrites default container parameters with default port parameters Fix it (cherry picked from commit 679efe8ac7998ba1b8f3c7c4bfc7508d8869907d)
2023-02-20T5011: Set default values for min_mtu max_mtuViacheslav Hletenko
Some interface drivers don't support/provide min_mtu and max_mtu values For example VyOS in docker container with 'veth' driver on some platforms As a workarund add default values for min/max MTU for calculations and pass function "verify_mtu(config)" (cherry picked from commit 87fb9be4cab3a261406c69c723add7467e4ef1fa)
2023-02-20openconnect: T4955: Removed wrong authserver in radiusclient.confaapostoliuk
After merging config dictionary with default values, radius port the default value was merged not in a proper way. It is added as a server. After creating radiusclient.conf added and the illegal authserver equal 'port'. Backported from 1.4
2023-02-16Merge pull request #1824 from sever-sever/T4971-eqDaniil Baturin
T4971: Accel-ppp verify if client_ip_pool key exists in config
2023-02-15T4971: Accel-ppp verify if client_ip_pool key exists in configViacheslav Hletenko
If 'client_ip_pool' not exists in config we cannot search it in the dictionary dict_search_recursive(config, 'gateway_address', ['client_ip_pool', 'name']) Add check for Equuleus
2023-02-14Merge pull request #1818 from c-po/equuleusDaniil Baturin
smoketest: tftp: T4012: extend process scanning loop for VRFs (equuleus)
2023-02-14Merge pull request #1820 from nicolas-fort/T5009-restart-relayDaniil Baturin
T5009: relay: Fix op-mode for restarting dhcp relay service
2023-02-14T5009: relay: correct service name for restarting dhcp relay serviceNicolas Fort
2023-02-13smoketest: tftp: T4012: extend process scanning loop for VRFsChristian Breunig
This extends commit c6016db17ef ("smoketest: tftp: T4012: add busy waiting loop when validating service availability") so that we also wait when reading in the VRF result(s).
2023-02-13Merge pull request #1813 from sever-sever/T4971-eqChristian Breunig
T4971: PPPoE server add named ip pool and attr Framed-Pool
2023-02-13Merge pull request #1812 from sever-sever/T1993-eqDaniil Baturin
T1993: PPPoE-server add section shaper and fwmark option
2023-02-13Merge pull request #1815 from c-po/equuleusDaniil Baturin
T5001: Replace links to the phabricator site (equuleus)
2023-02-12T5001: Replace links to the phabricator siteChristian Breunig
Replace links to the phabricator site from https://phabricator.vyos.net to https://vyos.dev (cherry-picked form commit bd9416a6aa9d5d0a746dc2cebc8d0330fd27d1a2)
2023-02-12T4971: PPPoE server add named ip pool and attr Framed-PoolViacheslav Hletenko
Add a new feature to allow to use named pools Also it can be used with RADIUS attribute 'Framed-Pool' set service pppoe-server client-ip-pool name POOL1 gateway-address '192.0.2.1' set service pppoe-server client-ip-pool name POOL1 subnet '192.0.2.0/24'
2023-02-12T4971: Add accel-ppp include client-ip-pool-nameViacheslav Hletenko
Add accel-ppp include client-ip-pool-name.xml.i Can be used in other accep-ppp CLI as "include"
2023-02-12T4999: Backport vyos util dict_search_recursiveViacheslav Hletenko
Backport "dict_search_recursive" from vyos.util 1.4 to 1.3 data = { 'interfaces': {'dummy': {'dum0': {'address': ['192.0.2.17/29']}}, 'ethernet': {'eth0': {'address': ['2001:db8::1/64', '192.0.2.1/29'], 'description': 'Test123', 'duplex': 'auto', 'hw_id': '00:00:00:00:00:01', 'speed': 'auto'}, 'eth1': {'address': ['192.0.2.9/29'], 'description': 'Test456', 'duplex': 'auto', 'hw_id': '00:00:00:00:00:02', 'speed': 'auto'}}} } dict_search_recursive(data, 'hw_id') will yield both '00:00:00:00:00:01' and '00:00:00:00:00:02' as generator object.
2023-02-12T1993: PPPoE-server add section shaper and fwmark optionViacheslav Hletenko
Extended PPPoE-server rate-limiter to avoid shaping marked resources Often this feature needs for ISP, which provides access to some IX or its resources. set service pppoe-server shaper fwmark '223'
2023-02-11Merge pull request #1806 from sever-sever/T2603-eqDaniil Baturin
T2603: PPPoE-server change default min-mtu value 1280 for Equuleus
2023-02-08T2603: PPPoE-server change default min-mtu value 1280 for EquuleusViacheslav Hletenko
Minimum acceptable MTU. If client will try to negotiate less then specified MTU then it will be NAKed or disconnected if rejects greater MTU. Change 'min-mtu' from 1492 to 1280 for 1.3.3
2023-02-05Merge pull request #1801 from c-po/fix-tftp-smoketestChristian Breunig
smoketest: tftp: T4012: add busy waiting loop when validating service availability
2023-02-05smoketest: tftp: T4012: add busy waiting loop when validating service ↵Christian Breunig
availability TFTP daemon is started as "fire and forget" and systemctl can return (thus commit will return) but the daemon itself is not yet running. This adds a loop checking if the service runs and will fail after 10 seconds.
2023-02-05Merge pull request #1798 from c-po/t4975-equuleusChristian Breunig
T4975: always sync() filesystem after commit (equuleus)
2023-02-04Revert "login: T4975: Fixed broken CLI commands"Christian Breunig
This reverts commit 7b36c363cd5b0168bd83c399f50a0a360ba3ee58. A general solution is implemented in Commit ae9dde04 ("T4975: always sync() filesystem after commit").
2023-02-04T4975: always sync() filesystem after commitChristian Breunig
(cherry picked from commit 29a44a73c638cb22839aa32986de367231b6efe9)
2023-02-03Merge pull request #1796 from zdc/T4975-equuleusDaniil Baturin
login: T4975: Fixed broken CLI commands
2023-02-02login: T4975: Fixed broken CLI commandszsdc
User profile files are not saved to disk after configuration is fully applied. Because of this, after a fast system reset, profile files can be empty, and CLI is broken. This fix adds a `sync()` call after the user's configuration, which should protect from data loss and fix the problem with profiles.
2023-01-26Merge pull request #1781 from c-po/T4947-container-fixesChristian Breunig
T4947: container: fix existing issues in equuleus after backport from 1.4
2023-01-25op-mode: container: T4947: there is no standardised vyos.opmode in equuleusChristian Breunig
2023-01-25container: xml: T4947: add missing default value in CLI helpChristian Breunig
VyOS 1.3 does not support automatic generation of the (default: <>) string from XML defaultValue nodes. Specify help string manually.
2023-01-25container: T4947: backport missing port-range validatorChristian Breunig
2023-01-25Merge pull request #1775 from c-po/t4948-backportChristian Breunig
pppoe: T4948: add CLI option to allow definition of host-uniq flag (equuleus backport)
2023-01-24Merge pull request #1773 from c-po/equuleusChristian Breunig
container: T4947: support mounting container volumes as ro or rw (equuleus backport)
2023-01-24Merge pull request #1776 from c-po/t4949-backportsChristian Breunig
T4949: Backport "monitor log" and "show log" op-mode definitions from current to equuleus
2023-01-23op-mode: add "show|monitor log pppoe-server" commandChristian Breunig
(cherry picked from commit 1bd69a81dc32fdaa62be27e4f5ae3cfe333f2a26)
2023-01-23op-mode: T4949: add "show|monitor log ipoe-server" commandChristian Breunig
(cherry picked from commit 68a8cd2612cb1b00d381059747de8107f38e8c96)
2023-01-23op-mode: T4949: backport "monitor log" commands from currentChristian Breunig
2023-01-23pppoe: T4948: add CLI option to allow definition of host-uniq flagChristian Breunig
Some ISPs seem to use the host-uniq flag to authenticate client equipment. Add CLI option in VyOS to allow specification of the host-uniq flag. set interfaces pppoe pppoeN host-uniq <value> (cherry-picked from commit 38bab79324087df5a9057c23b85a0a784c09540a)
2023-01-22Merge pull request #1774 from c-po/t4875-backportChristian Breunig
validators: T4875: use file-path to replace validator 'interface-name' (backport)
2023-01-22validators: T4798: replace python file-exists validator with file-pathChristian Breunig
(cherry-picked from commit 046bb9ccd56ac5e97c638bb4a9ca856d3d36026a)
2023-01-21validators: T4875: use file-path to replace validator 'interface-name'Christian Breunig
(cherry picked from commit f0bc6c62016d285f0645c4b3ba8b1451c40c637f)
2023-01-21container: T4947: support mounting container volumes as ro or rwChristian Breunig
Whenever a container is used and a folder is mounted, this happenes as read-write which is the default in Docker/Podman - so is the default in VyOS. A new option is added "set container name foo volume mode <ro|rw>" to specify explicitly if rw (default) or ro should be used for this mounted folder. (cherry picked from commit 275ea7303cfdb79c042da1b710622aee17a488a8)