Age | Commit message (Collapse) | Author |
|
(cherry picked from commit ef7c5aaecd2936d9c2f28d22aec185602dc48206)
|
|
|
|
|
|
|
|
|
|
* Deprecated option since openssh 7.5 UsePrivilegeSeparation, KeyRegenerationInterval,
ServerKeyBits, RSAAuthentication, RhostsRSAAuthentication
|
|
|
|
|
|
With some interfaces, for example bond vif, it take some time for the state
change to really happen. Because of this later code, like starting DHCP client,
might not work as expected as get_state() reports the old (real) state.
Now when changing state of an interface we are (busy-)waiting up to 12.5
seconds before we inform the user that the interface could not be brought up.
This should be more then enough time for any interface to start except when
there is really no cable attached.
|
|
This resulted in a commit error when Bonding interfaces have been involved.
|
|
|
|
|
|
Previously when static-mappings have been created the address was still within
the DHCP pool resulting in log entries as follows:
dhcpd: Dynamic and static leases present for 192.0.2.51
dhcpd: Remove host declaration DMZ_PC2 or remove 192.0.2.51
dhcpd: from the dynamic address pool for DMZ
(cherry picked from commit 6f954ab56768af9a07d8a1dc086f54ddefa58da7)
|
|
(cherry picked from commit bdf890cca40157b3f2a2386685e043e0fa220fac)
|
|
Moved the code for splicing a DHCP range into its dedicated function as this
will later be required again. Having subsequent DHCP exclude addresses
e.g. 192.0.2.70 and 192.0.2.71 did not work as the previous algorithm
created a range whose start address was after the end address.
(cherry picked from commit 0f0f9f2835cf85c1fd3652ec83368528754764cd)
|
|
|
|
|
|
Rev load config
|
|
Rewrite of the load functionality of vyatta-load-config.pl, removing the
dependency on Vyatta::Config.
|
|
(ported from vyatta-cfg f051e369)
|
|
This reverts commit daf2e29e3693a7eb2d8b6fc378d984b9a17d2aa3.
It had unknown side effects, undiscovered during testing
|
|
|
|
[OpenVPN]: T1688: Add support for using encryption aes128gcm, aes192gcm and aes25gcm
|
|
combination with shared-secret-key-file, which is not supported (OpenVPN throws error message)
|
|
|
|
|
|
[dhcp hostfile-update] T1678 migrate to vyos-hostsd-client
|
|
[vyos-hostsd] T1701 Fix check for delete domain-name and domain-search
|
|
|
|
* 'current' of github.com:vyos/vyos-1x:
T1694: delete the now broken tests for NTP.
Jenkins: assume dependencies are available in DOcker container
OpenVPN: T1512: always enable compat-names option
Interface: T1695: Syntax error in interface-dummy.py - Missing colon
T1694 NTPd: Do not listen on all interfaces by default
openvpn: T1691: interface is not always created - take care when setting alias
openvpn: T1691: add artifical abort when waiting on interface
ipoe-server: T1690 - restart op-mode command for service ipoe-server
ipoe-server: T1692 - ipoe-server verify function error
pppoe-server: T1690 - restart op-mode commands for pppoe-server
T1685 Adding ethernet valueHelp for vif,vif-s,vif-c
wireguard: T1681 - code cleanup and maintenace.
|
|
|
|
|
|
|
|
|
|
|
|
T1694 NTPd: Do not listen on all interfaces by default
|
|
|
|
|
|
|
|
|
|
|
|
|
|
T1685 Adding ethernet valueHelp for vif,vif-s,vif-c
|
|
|
|
* fully uses VYOS_TAGNODE_VALUE, which reduces checks and loops
to a single interface
* config comparison happens now only in get_config()
|
|
* 'current' of github.com:vyos/vyos-1x: (31 commits)
Jenkins: rely on the global defined label for Docker executors
Python/ifconfig: T1557: add STPIf class (spanning tree) bridge member
Python/ifconfig: T1557: bugfix removing Q-in-Q VLAN interfaces
openvpn: T1548: setup interface alias
Python/ifconfig: T1557: refactor BondIf 'mode' property to set_mode()
Python/ifconfig: T1557: refactor BondIf 'arp_interval' property to set_arp_interval()
Python/ifconfig: T1557: refactor BondIf 'arp_ip_target' property to set_arp_ip_target()/get_arp_ip_target()
Python/ifconfig: T1557: refactor BondIf 'arp_interval' property to set_arp_interval()
Python/ifconfig: T1557: refactor BondIf 'xmit_hash_policy' property to set_hash_policy()
Python/ifconfig: T1557: remove unused has_autoneg() from EthernetIf
Python/ifconfig: T1557: refactor Interface 'state' property to set_state()/get_state()
Python/ifconfig: T1557: refactor Interface 'arp_cache_tmo' property to set_set_arp_cache_tmo()
Python/ifconfig: T1557: refactor Interface 'proxy_arp_pvlan' property to set_proxy_arp_pvlan()
Python/ifconfig: T1557: refactor Interface 'proxy_arp' property to set_proxy_arp()
Python/ifconfig: T1557: loopback: implement derived remove()
Python/ifconfig: T1557: refactor Interface 'ifalias' property to set_alias()
Python/ifconfig: T1557: refactor Interface 'link_detect' property to set_link_detect()
Python/ifconfig: T1557: refactor BridgeIf 'stp_state' property to set_stp()
Python/ifconfig: T1557: refactor BridgeIf 'priority' property to set_priority()
Python/ifconfig: T1557: refactor BridgeIf 'ageing_time' property to set_ageing_time()
...
|
|
|
|
* 'ifconfig-api-change' of github.com:c-po/vyos-1x: (26 commits)
Python/ifconfig: T1557: add STPIf class (spanning tree) bridge member
Python/ifconfig: T1557: bugfix removing Q-in-Q VLAN interfaces
openvpn: T1548: setup interface alias
Python/ifconfig: T1557: refactor BondIf 'mode' property to set_mode()
Python/ifconfig: T1557: refactor BondIf 'arp_interval' property to set_arp_interval()
Python/ifconfig: T1557: refactor BondIf 'arp_ip_target' property to set_arp_ip_target()/get_arp_ip_target()
Python/ifconfig: T1557: refactor BondIf 'arp_interval' property to set_arp_interval()
Python/ifconfig: T1557: refactor BondIf 'xmit_hash_policy' property to set_hash_policy()
Python/ifconfig: T1557: remove unused has_autoneg() from EthernetIf
Python/ifconfig: T1557: refactor Interface 'state' property to set_state()/get_state()
Python/ifconfig: T1557: refactor Interface 'arp_cache_tmo' property to set_set_arp_cache_tmo()
Python/ifconfig: T1557: refactor Interface 'proxy_arp_pvlan' property to set_proxy_arp_pvlan()
Python/ifconfig: T1557: refactor Interface 'proxy_arp' property to set_proxy_arp()
Python/ifconfig: T1557: loopback: implement derived remove()
Python/ifconfig: T1557: refactor Interface 'ifalias' property to set_alias()
Python/ifconfig: T1557: refactor Interface 'link_detect' property to set_link_detect()
Python/ifconfig: T1557: refactor BridgeIf 'stp_state' property to set_stp()
Python/ifconfig: T1557: refactor BridgeIf 'priority' property to set_priority()
Python/ifconfig: T1557: refactor BridgeIf 'ageing_time' property to set_ageing_time()
Python/ifconfig: T1557: refactor BridgeIf 'hello_time' property to set_hello_time()
...
|
|
|
|
VLAN interfaces have not been removed "in order". What does it mean? We need to
delete Q-in-Q interfaces prior to deleting the underlaying VLAN interface
(vif-s). This was not the case and that triggered an exception that a non
existing interface was about to be removed.
Tested using adding and deleting the following config:
set interfaces ethernet eth2 address 192.0.2.1/24
set interfaces ethernet eth2 description "VyOS bonding"
set interfaces ethernet eth2 disable-link-detect
set interfaces ethernet eth2 mac 00:91:00:00:00:01
set interfaces ethernet eth2 mtu 9000
set interfaces ethernet eth2 vif-s 100 address 192.168.10.1/24
set interfaces ethernet eth2 vif-s 100 description "802.1ad service VLAN 100"
set interfaces ethernet eth2 vif-s 100 mtu 1500
set interfaces ethernet eth2 vif-s 100 mac 00:91:00:00:00:02
set interfaces ethernet eth2 vif-s 100 vif-c 110 address "192.168.110.1/24"
set interfaces ethernet eth2 vif-s 100 vif-c 110 description "client VLAN 110"
set interfaces ethernet eth2 vif-s 100 vif-c 120 address "192.168.120.1/24"
set interfaces ethernet eth2 vif-s 100 vif-c 120 description "client VLAN 120"
set interfaces ethernet eth2 vif-s 100 vif-c 130 address "192.168.130.1/24"
set interfaces ethernet eth2 vif-s 100 vif-c 130 description "client VLAN 130"
set interfaces ethernet eth2 vif 400 address 192.168.40.1/24
set interfaces ethernet eth2 vif 400 description "802.1q VLAN 400"
set interfaces ethernet eth2 vif 400 mtu 1500
set interfaces ethernet eth2 vif 400 mac 00:91:00:00:00:03
|