Age | Commit message (Collapse) | Author | |
---|---|---|---|
2018-05-15 | Merge branch 'remove-ssh-allow-root' into current | Christian Poessinger | |
* remove-ssh-allow-root: T634: Remove 'service ssh allow-root' | |||
2018-05-15 | T634: Remove 'service ssh allow-root' | Christian Poessinger | |
2018-05-15 | Merge branch 't632-ssh-multi-nodes' into current | Christian Poessinger | |
* t632-ssh-multi-nodes: T632: allow multiple algoorithms for: Ciper, KEX, MACs T632: use multi node for SSH allow/deny users and groups | |||
2018-05-15 | bugfix: DNS domain forward server syntax | Christian Poessinger | |
When generating a configuration for DNS domain forward to a local server with 'set service dns forwarding domain foo.com server 1.1.1.1' this resulted in # domain ... server ... forward-zones=bar.com = 2.1.1.1;2.1.1.2 forward-zones=foo.com = 1.1.1.1;1.1.1.2 On PowerDNS recursor restart the last line won and it totally forgot about 'bar.com'. This could be seen from the logfiles that only one domain was loaded: Redirecting queries for zone 'foo.com.' to: 1.1.1.1:53, 1.1.1.2:53 The manual at https://doc.powerdns.com/3/recursor/settings/#forward-zones shows that all domains have to be configured on one 'forward-zones=' line. In the above example this has to result in: forward-zones=bar.com=2.1.1.1;2.1.1.2, foo.com=1.1.1.1;1.1.1.2 A subsequent check within the logfiles reveal that it's now working: Redirecting queries for zone 'bar.com.' to: 2.2.2.2:53, 2.2.2.1:53 Redirecting queries for zone 'foo.com.' to: 1.1.1.1:53, 1.1.1.2:53 | |||
2018-05-15 | Merge remote-tracking branch 'upstream/current' into current | Christian Poessinger | |
* upstream/current: Do not try to decode data read from /sys files in the show version script, it's already an str. Dependencies on file and pystache, for install and show version scripts.. Add dependency on hvinfo, too. T637, T638: add dependencies on tcpdump and bmon. T638: new op mode CLI for the bandwidth monitor commands. T637: new op mode for traffic dumps based on tcpdump. Correct the logic of generating tag nodes for op mode. Add missing vyos.base module Fix cron interval regex to allow single digit values. Fix misplaces ConfigError exception. Some more valueless fixes. Mark nodes in SSH and NTP valueless (related to T602). | |||
2018-05-15 | bugfix: vyos-config-dns-forwarding.py: adding name-server into dictionary | Christian Poessinger | |
2018-05-15 | bugfix: remove whitespaces in generated 'powerdns/recursor.conf' | Christian Poessinger | |
2018-05-15 | Do not try to decode data read from /sys files in the show version script, | Daniil Baturin | |
it's already an str. | |||
2018-05-15 | Dependencies on file and pystache, for install and show version scripts.. | Daniil Baturin | |
2018-05-15 | Add dependency on hvinfo, too. | Daniil Baturin | |
2018-05-15 | T637, T638: add dependencies on tcpdump and bmon. | Daniil Baturin | |
2018-05-15 | T638: new op mode CLI for the bandwidth monitor commands. | Daniil Baturin | |
2018-05-15 | T637: new op mode for traffic dumps based on tcpdump. | Daniil Baturin | |
2018-05-15 | Correct the logic of generating tag nodes for op mode. | Daniil Baturin | |
Unlike conf mode tag nodes, op mode "pseudo-tag nodes" have the real node.def inside the node.tag dir rather than at the top level. The required node.def at the top level is populated with the help string from the real one. A side effect is that commands that take arguments now must have their own words, e.g. "run show arp" and "run show arp eth0" is impossible and has to be "run show arp" and "run show arp interface eth0", which is probably a good thing. | |||
2018-05-14 | Merge pull request #11 from higebu/add-missing-base-module | Christian Poessinger | |
Add missing vyos.base module | |||
2018-05-15 | Add missing vyos.base module | Yuya Kusakabe | |
2018-05-14 | Fix cron interval regex to allow single digit values. | Daniil Baturin | |
2018-05-14 | Fix misplaces ConfigError exception. | Daniil Baturin | |
2018-05-14 | Some more valueless fixes. | Daniil Baturin | |
2018-05-14 | Mark nodes in SSH and NTP valueless (related to T602). | Daniil Baturin | |
2018-05-14 | T632: allow multiple algoorithms for: Ciper, KEX, MACs | Christian Poessinger | |
2018-05-14 | T632: use multi node for SSH allow/deny users and groups | Christian Poessinger | |
2018-05-14 | T564: initial implementation of the DNS forwarding op mode commands. | Daniil Baturin | |
2018-05-14 | Move the show version command to the vyos-1x package and refactor it a bit. | Daniil Baturin | |
2018-05-14 | T633: build integration and minor fixes in the op mode command generator. | Daniil Baturin | |
2018-05-14 | T602: replace the now-gone type attribute with proper use of constraints in ↵ | Daniil Baturin | |
existing interface definitions. | |||
2018-05-14 | Add some ipaddrcheck-based IP validators. | Daniil Baturin | |
2018-05-14 | T602: remove support for the type element and correct the logic for setting ↵ | Daniil Baturin | |
the type in generated command templates. | |||
2018-05-13 | T623: refactor NTP script and switch to jinja2 | Christian Poessinger | |
2018-05-13 | Merge branch 'ssh-rewrite' into current | Christian Poessinger | |
* ssh-rewrite: T631: small bugfix in config parsind for deny-users T631: improve help for access-control T631: refactor SSH script and switch to jinja2 T631: first full generated config file with XML and Python T631: use completionHelp for SSH rather then valueHelp T631: Rewrite SSH configuration as XML interface definition | |||
2018-05-13 | T631: small bugfix in config parsind for deny-users | Christian Poessinger | |
2018-05-13 | T631: improve help for access-control | Christian Poessinger | |
2018-05-13 | T631: refactor SSH script and switch to jinja2 | Christian Poessinger | |
2018-05-12 | T560: bugfix access to NoneType object | Christian Poessinger | |
Commit f1bbc20716 ("Add jinja2 and ipaddrcheck to dependencies.") introduced access to a NoneType object when the service was removed. This happened after: $ delete service dns forwarding $ commit File "/opt/vyatta/sbin/vyos-config-dns-forwarding.py", line 201, in <module> verify(c) File "/opt/vyatta/sbin/vyos-config-dns-forwarding.py", line 164, in verify if not dns['interfaces']: TypeError: 'NoneType' object is not subscriptable | |||
2018-05-12 | vyos-config-dns-forwarding.py remote obsolete 'import time' | Christian Poessinger | |
2018-05-12 | T631: first full generated config file with XML and Python | Christian Poessinger | |
2018-05-12 | T631: use completionHelp for SSH rather then valueHelp | Christian Poessinger | |
SSH is already probed for some possible values. ALso use completionHelp for available ciphers. In addition drop 'perl' from helper script in favor of 'tr'. | |||
2018-05-12 | T631: Rewrite SSH configuration as XML interface definition | Christian Poessinger | |
2018-05-12 | Add jinja2 and ipaddrcheck to dependencies. | Daniil Baturin | |
2018-05-11 | T560: refactor the pdns script and switch to jinja2. | Daniil Baturin | |
2018-05-07 | Merge branch 't623-ntp-rewrite' into current | Christian Poessinger | |
* t623-ntp-rewrite: Switch to DNS hostnames for NTP servers T623: Rewrite NTP subsystem in new XML style interface definition | |||
2018-05-07 | Switch to DNS hostnames for NTP servers | Christian Poessinger | |
2018-05-06 | T623: Rewrite NTP subsystem in new XML style interface definition | Christian Poessinger | |
2018-05-06 | T622: PDNS does not export /etc/hosts entries | Christian Poessinger | |
2018-04-19 | Update debian/changelog - 1.0.5 | Christian Poessinger | |
2018-04-19 | T606: Error in DNS Forwarder listen-on | Christian Poessinger | |
By accident "type: txt" was removed from the wrong file... | |||
2018-04-19 | broadcast-relay: bugfix writing daemon config file | Christian Poessinger | |
2018-04-19 | broadcast-relay: bugfix loading configuration into list [] | Christian Poessinger | |
2018-04-19 | mdns-repeater: ensure list [] when retrieving interfaces | Christian Poessinger | |
2018-04-15 | dns-forwarding.py: be more tolerant on missconfigured DHCP source | Christian Poessinger | |
If a user configures 'set service dns forwarding dhcp <if>' and <if> is not a DHCP interface, this won't corrupt the recursor.conf. The missconfiguration is simply ignored. |