Age | Commit message (Collapse) | Author |
|
Commit 91c3b8bdd9 ("dhcp_server.py: cleanup") did not only cleanup parts
of the code but in addition added support for DHCP failover. That support
could lead to an empty pool {} statement if the subnet declaration only had
static address assignments but no range at all.
---<snip>---
dhcpd: /etc/dhcp/dhcpd.conf line 70: Pool declaration with no address
range.
dhcpd: }
dhcpd: ^
dhcpd: Pool declarations must always contain at least
dhcpd: one range statement.
---</snip>---
|
|
T793: wireguard: implement fwmark, pre-shared key
|
|
|
|
- the psk is only read from a file, due to sudo it's redirection doesn't work
file is created in /tmp (it's tmpfs), wg comand executed and the psk file
is deleted again, to avoid leakage of the psk. It's create umaks(077) and root:root
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
This is needed because this dependency is missing in the python3--isc-dhcp-leases
package from stretch. When that issue is resolved, the dependency
can be safely removed.
|
|
to make them use correct PATH now, and to enable getting rid of capabilities later.
|
|
The previous implementation used a hardcoded 2 seconds sleep until the
daemon configuration was rendered by snmpd (user/password stuff).
Waiting 2 seconds is error prone and was replaced by reading the
configuration file until it shows a marker indicating that the file was
properly processed by snmpd.
|
|
- regex added to check endpoint as pattern IP:port
- T793: preparation for the use preshared key
|
|
* renamed opmode script wireguard_key.py to wireguard.py
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* dhcpv6-server-rewrite:
T811: dhcpv6_server.py: add missing validators when comitting config changes
dhcp_server.py: cleanup
bcast_relay.py: remove obsolete import statement
vyos: package: bugfix in validate.py for is_subnet_connected()
T778: dhcpv6-server: XML and Python rewrite
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Commit 067a6b1524 ("vyos: package: extend validator by is_subnet_connected()")
added a mechanism to probe if a given IPv4/IPv6 address is connected to any
interface on the subnet - or is part of this subnet.
We now use this call instead of producing more and more biler-plate code!
|
|
Verify given IPv4/IPv6 subnet is connected to any interface on this
system. Required by e.g. DHCP server that we have for IPv4 and IPv6.
|
|
Watcher7).
|
|
|
|
Commit a30dac7c2 ("vyos package: add IP address validators") added system
wide Python validators for IP addresses. Remove duplicated code and switch
to single source.
|
|
Commit a30dac7c2 ("vyos package: add IP address validators") added system
wide Python validators for IP addresses. Remove duplicated code and
switch to a single source.
|
|
* is_addr_assigned(addr) - Test if address is assigned to ANY interface
on the system
* is_ipv4(addr) - Test if it is an IPv4 address, both network and host
* is_ipv6(addr) - Test if it is an IPv6 address, both network and host
|
|
|
|
verify()
|
|
|
|
If there was yet no lease file present, dhcpd refused to start. Lease
file is created if required. Ususally this is handeled by the isc-dhcp-server
init script but we use our own path (for persistance) of that file.
|
|
|
|
|
|
Whole broadcast relay service can be temporary disabled via
set service broadcast-relay disable
Individual instances of the broadcast relay service can be disabled
set service broadcast-relay id <n> disable
|
|
|
|
|
|
|
|
|
|
This commit changes in addtion the DHCP server config syntax as defined
in "T782: Cleanup dhcp-server configuration".
Replace boolean parameter from the folowing nodes and make it valueless.
This requires a migration script which is tracked with this task
* set service dhcp-server shared-network-name <xyz> subnet 172.31.0.0/24
ip-forwarding enable (true|false)
* set service dhcp-server shared-network-name <xyz> authoritative (true|false)
* set service dhcp-server disabled (true|false)
* set service dhcp-server dynamic-dns-update enable (true|fals)
* set service dhcp-server hostfile-update (enable|disable)
Replace the nested start/stop ip address from "subnet 172.31.0.0/24 start
172.31.0.101 stop 172.31.0.149" to "subnet 172.31.0.0/24 range <foo> start" and
"subnet 172.31.0.0/24 range <foo> stop" where foo can be any character or number.
In addition the vyatta-cfg-dhcp-server package used it's own init/config file
for service startup. This has been migrated to the vanilla Debian files.
Copy 'on-dhcp-event.sh' from vyatta-cfg-shcp-server package commit 4749e648bca6.
|
|
|