summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2019-09-10[wireguard] - remove 'show wireguard keypair'hagbard
in favor for 'show wireguard keypairs...'
2019-09-10[wireguard]: T1650 - cli option to delete default wg keyhagbard
2019-09-10[wireguard]: T1572 - Wireguard keyPair per interfacehagbard
- param key location added in op-mode script - param delkey and listkey implemented in op-mode script - param delkey implemented in op-mode script - generate and store named keys - interface implementation tu use cli option 'private-key'
2019-09-09[wireguard] - T1639: wireguard pubkey change errorhagbard
- removed sudo as is already runs as root - set privte key as variable in preparation to support multiple pk's
2019-09-07bonding: T1614: bugfix in validate - enslave failedChristian Poessinger
Forgot to exclude our current bond interface in the search for duplicate interface enslavement.
2019-09-07bridge: bonding: minor comment cleanupChristian Poessinger
2019-09-06[wireguard] - T1639: wireguard pubkey change errorhagbard
- sudo added to wg call - debug print removed when pubkey changes
2019-09-06openvpn: T1548: always restart OpenVPNChristian Poessinger
Previous implementations sent a SIGUSR1 to OpenVPN to initialte a restart after the configuration changed - as this was the same as the client keepalive mechanism did. Unfortunately on SIGUSR1 OpenVPN does not re-read the configuration file. Thus changed options were never taken into account.
2019-09-06openvpn: T1548: cleanup import statementsChristian Poessinger
2019-09-06openvpn: T1630: support adding routes as unpriviledged userChristian Poessinger
2019-09-06Merge pull request #125 from c-po/t1636-vxlanChristian Poessinger
vxlan: T1636: initial rewrite with XML and Python
2019-09-06vxlan: T1636: initial rewrite with XML and PythonChristian Poessinger
Tested using: Site 1 (VyOS 1.2.2) ------------------- set interfaces vxlan vxlan100 address '10.10.10.2/24' set interfaces vxlan vxlan100 remote '172.18.201.10' set interfaces vxlan vxlan100 vni '100' Site 2 (rewrite) ---------------- set interfaces vxlan vxlan100 address '10.10.10.1/24' set interfaces vxlan vxlan100 description 'VyOS VXLAN' set interfaces vxlan vxlan100 remote '172.18.202.10' set interfaces vxlan vxlan100 vni '100'
2019-09-06Python/ifconfig: T1557: vxlan: initial support via VXLANIfChristian Poessinger
2019-09-06dummy: loopback: T1580: T1601: synchronize commentsChristian Poessinger
2019-09-06bonding: T1614: members are not allowed to be underlaying vxlan devicesChristian Poessinger
2019-09-06bonding: T1614: reword verify() error messagesChristian Poessinger
2019-09-06bonding: T1614: enslaved interfaces can be added to only one bond at a timeChristian Poessinger
2019-09-06wireguard: T427: use long syntax on list_interfaces.py '--type' instead of '-t'Christian Poessinger
2019-09-06openvpn: T1548: use long syntax on list_interfaces.py '--type' instead of '-t'Christian Poessinger
2019-09-06bridge: T1556: make ARP cache constraint error message more genericChristian Poessinger
2019-09-06bonding: T1614: make ARP cache constraint error message more genericChristian Poessinger
2019-09-06gitignore: add patterns used by SlickEditChristian Poessinger
2019-09-06Python/ifconfig: T1557: fix remove_peer commend in WireGuardIfChristian Poessinger
2019-09-06Python/ifconfig: T1557: {add,del}_addr() now supports dhcp/dhcpv6Christian Poessinger
Instead of manually starting DHCP/DHCPv6 for every interface and have an identical if/elif/else statement checking for dhcp/dhcpv6 rather move this repeating stement into add_addr()/del_addr(). Single source is always preferred.
2019-09-06Python/ifconfig: T1557: recursively delete VLAN interfaces on remove()Christian Poessinger
2019-09-04[wireguard] - T1628: line break in coment addedhagbard
2019-09-04[wireguard] - T1628: renaming member functions, removing wg_ prefixhagbard
2019-09-04Merge branch 'current' of https://github.com/vyos/vyos-1x into currenthagbard
2019-09-04[wireguard] - T1628: fixing comment indenthagbard
2019-09-04Python/configdict: add function vlan_to_dictChristian Poessinger
A generic function which can parse the VLAN (vif, vif-s, cif-c) nodes in a config session. A dictionary describing the VLAN is returned. A good example will be the interface-bonding.py script used to generate bond interfaces in the system. It is used as follows: if conf.exists('vif'): for vif in conf.list_nodes('vif'): # set config level to vif interface conf.set_level(cfg_base + ' vif ' + vif) bond['vif'].append(vlan_to_dict(conf))
2019-09-04Python/configdict: add list_diff function to compare two listsChristian Poessinger
A list containing only unique elements not part of the other list is returned. This is usefull to check e.g. which IP addresses need to be removed from the OS.
2019-09-04[wireguard] - T1628: Adopt WireGuard configuration script to new ↵hagbard
vyos.ifconfig class
2019-09-04openvpn: T1617: T1632: support quotes in openvpn-optionChristian Poessinger
The following CLI command can be used to add a raw option to OpenVPN which requires quotes: > set interfaces openvpn vtun10 openvpn-option 'push "keepalive 1 10"' The resulting config file will then have the following set: > push "keepalive 1 10"
2019-09-04[service https] T1443: rename "server-names" option to "server-name".Daniil Baturin
2019-09-04[service https] T1443: correct the listen-address option in the script.Daniil Baturin
2019-09-04[service https] T1443: use "listen-address" option instead of "listen-addresses"Daniil Baturin
to follow the established convention.
2019-09-04Merge pull request #124 from c-po/t1614-bondingChristian Poessinger
T1614 bonding
2019-09-04bridge: T1615: can not add member interface to bridge if it is also part of ↵Christian Poessinger
a bond
2019-09-04bonding: T1614: T532: new commit validatorsChristian Poessinger
As in the past during the priority race of the bash script invalid configuration could appear in the CLI and are de-synced from the kernle state, e.g. some bonding modes do not support arp_interval. This is no longer allowed and added to the migration script so that the config again represents the truth.
2019-09-04Merge branch 'current' of https://github.com/vyos/vyos-1x into currentDaniil Baturin
2019-09-04[service https] T1443: create /etc/vyos if it doesn't exist.Daniil Baturin
2019-09-04T1443: add dependencies on nginx-light and ssl-cert.Daniil Baturin
2019-09-04bonding: T1614: add vif-c VLAN interface supportChristian Poessinger
Tested using: ============= set interfaces bonding bond0 address 192.0.2.1/24 set interfaces bonding bond0 description "VyOS bonding" set interfaces bonding bond0 disable-link-detect set interfaces bonding bond0 hash-policy layer2+3 set interfaces bonding bond0 ip arp-cache-timeout 86400 set interfaces bonding bond0 mac 00:91:00:00:00:01 set interfaces bonding bond0 mode active-backup set interfaces bonding bond0 mtu 9000 set interfaces bonding bond0 member interface eth1 set interfaces bonding bond0 member interface eth2 set interfaces bonding bond0 vif-s 100 address 192.168.10.1/24 set interfaces bonding bond0 vif-s 100 description "802.1ad service VLAN 100" set interfaces bonding bond0 vif-s 100 mtu 1500 set interfaces bonding bond0 vif-s 100 mac 00:91:00:00:00:02 set interfaces bonding bond0 vif-s 100 vif-c 110 address "192.168.110.1/24" set interfaces bonding bond0 vif-s 100 vif-c 110 description "client VLAN 110" set interfaces bonding bond0 vif-s 100 vif-c 120 address "192.168.120.1/24" set interfaces bonding bond0 vif-s 100 vif-c 120 description "client VLAN 120" set interfaces bonding bond0 vif-s 100 vif-c 130 address "192.168.130.1/24" set interfaces bonding bond0 vif-s 100 vif-c 130 description "client VLAN 130" set interfaces bonding bond0 vif 400 address 192.168.40.1/24 set interfaces bonding bond0 vif 400 description "802.1q VLAN 400" set interfaces bonding bond0 vif 400 mtu 1500 set interfaces bonding bond0 vif 400 mac 00:91:00:00:00:03
2019-09-04bonding: T1614: identical ID on vif and vif-s is not allowedChristian Poessinger
2019-09-04Python/ifconfig: T1557: remove double quotes on iproute2 commandsChristian Poessinger
2019-09-04bonding: T1614: T1557: add vif/vif-s VLAN interface supportChristian Poessinger
Support for vif-c interfaces is still missing
2019-09-04bonding: T1614: remove obsolete 'member_remove' dict-keyChristian Poessinger
2019-09-04bonding: T1614: can not set primary interface when it's not part of the bondChristian Poessinger
2019-09-04bonding: T1614: Initial version in new style XML/Python interfaceChristian Poessinger
The node 'interfaces ethernet eth0 bond-group' has been changed and de-nested. Bond members are now configured in the bond interface itself. set interfaces bonding bond0 member interface eth0
2019-09-03Python/ifconfig: T1557: cleanup __init__/debugChristian Poessinger