Age | Commit message (Collapse) | Author |
|
openconnect: T4982: Support defining minimum TLS version in openconnect VPN
|
|
|
|
T6272: Changed interface existence verification in pppoe/ipoe to Warning
|
|
Throwing Warning message instead of Error if interface which is
used in pppoe/ipoe does not exist.
|
|
configdep: T6276: do not call dependencies on script error
|
|
|
|
T6263: Groups 224.0.0.0/24 are reserved and cannot be joined
|
|
qos: T4248: Allow to remove the only rule from the qos class
|
|
The join addresses within the multicast group 224.0.0.0/24 are
reserved and cannot be joined
FRR
```
r4(config)# interface eth2
r4(config-if)# ip igmp join 224.0.0.0 224.0.0.10
% Configuration failed.
Error type: validation
Error description: Groups within 224.0.0.0/24 are reserved and cannot be joined
r4(config-if)#
```
Add verify check
|
|
T6258: Add sysctl base-reachable-time for IPv6
|
|
Add abiilty to change `base_reachable_time_ms` option
/proc/sys/net/ipv6/neigh/{ifname}/base_reachable_time_ms
|
|
T5833: Not all AFIs compatible with VRF add verify check
|
|
Not all FRR address-families compatibe with VRF
```
r4# conf t
r4(config)# router bgp 65001 vrf bgp
r4(config-router)#
r4(config-router)# address-family ipv4 flowspec
Only Unicast/Multicast/EVPN SAFIs supported in non-core instances.
r4(config-router)#
r4(config-router)# address-family ipv4 labeled-unicast
Only Unicast/Multicast/EVPN SAFIs supported in non-core instances.
r4(config-router)#
r4(config-router)# address-family ipv4 vpn
Only Unicast/Multicast/EVPN SAFIs supported in non-core instances.
r4(config-router)#
```
Add verify AFI for VRF
|
|
PKI: T6259: Support RFC822 names in certificate generation
|
|
T6255: static-routing: don't render whitespace from static table descriptions
|
|
|
|
T6217: Conntrack-sync change the actual name of the script
|
|
T6109: Fix remote logging for sudo commands
|
|
This fix for bug when `sudo` commands were not send to the remote
syslog server. They stop before the directive that includes all
configurations `$IncludeConfig /etc/rsyslog.d/*.conf`
|
|
The actual name of the script is `vyos-vrrp-conntracksync.sh`
|
|
T6226: add HAPROXY tcp-request related block to load-balancing reverse proxy config
|
|
config
|
|
|
|
|
|
image-tools: T6260: remove persistence image directory if no space error
|
|
connect_disconnect: T6261: correction to typo in check_ppp_running
|
|
Connect_disconnect: T6261: correction to typo in check_ppp_running function
Changes include:
1. Replaces "beeing" -> being in print statement for check_ppp_running
2. Replaces "can not" -> cannot in print statement on lines 61 and 93
|
|
|
|
|
|
xml: T5738: fix typo in radius-additions.xml.i
|
|
|
|
vyos.utils: T6244: add whitespace after time unit in uptime
|
|
T6237: IPSec remote access VPN: ability to set EAP ID of clients
|
|
|
|
$ touch /tmp/vyos.smoketest.debug
will enable dynamic debugging of the smoketests - showing the appropriate CLI
commands on stdout
|
|
T6246: improve haproxy http check configuration
|
|
|
|
We only supported calculating seconds to weeks but not seconds to years. This
has been added.
Testcase:
from vyos.utils.convert import seconds_to_human
minute = 60
hour = minute * 60
day = hour * 24
week = day * 7
year = day * 365.25
for separator in ['', ' ', '-', '/']:
print(f'----- Using separator "{separator}" -----')
print(seconds_to_human(10, separator))
print(seconds_to_human(5* minute, separator))
print(seconds_to_human(3* hour, separator))
print(seconds_to_human(4* day, separator))
print(seconds_to_human(7 * week, separator))
print(seconds_to_human(10 * year, separator))
print(seconds_to_human(5*year + 4*week + 3*day + 2*hour + minute + 5, separator))
print()
cpo@LR1.wue3:~$ ./foo.py
----- Using separator "" -----
10s
5m
3h
4d
7w
10y
5y4w3d2h1m5s
----- Using separator " " -----
10s
5m
3h
4d
7w
10y
5y 4w 3d 2h 1m 5s
----- Using separator "-" -----
10s
5m
3h
4d
7w
10y
5y-4w-3d-2h-1m-5s
----- Using separator "/" -----
10s
5m
3h
4d
7w
10y
5y/4w/3d/2h/1m/5s
|
|
When handling optional separators rather build up a list and join the list
with the requested delimiter to form the resulting human readable time string.
|
|
|
|
|
|
T6246: basic haproxy http-check configuration
|
|
openvpn: T6245: return 'n/a' if client info not available
|
|
|
|
T6221: Return default ip rule values after deleting VRF
|
|
pki: T6241: do not call dependency before its initialization
|
|
|
|
Fix for restoring default ip rule values after deleting VRF
Defult values:
```
$ ip rule
0: from all lookup local
32766: from all lookup main
32767: from all lookup default
```
After adding and deleting a VRF we get unexpected values:
```
$ ip rule
1000: from all lookup [l3mdev-table]
2000: from all lookup [l3mdev-table] unreachable
32765: from all lookup local
32766: from all lookup main
32767: from all lookup default
```
|
|
|
|
T6191: do not append action policy route|route6 when its not specified
|