summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2024-04-30Merge pull request #3371 from Embezzle/T4982Christian Breunig
openconnect: T4982: Support defining minimum TLS version in openconnect VPN
2024-04-29openconnect: T4982: Support defining minimum TLS version in openconnect VPNAlex W
2024-04-29Merge pull request #3375 from aapostoliuk/T6272-circinusChristian Breunig
T6272: Changed interface existence verification in pppoe/ipoe to Warning
2024-04-29T6272: Changed interface existence verification in pppoe/ipoe to Warningaapostoliuk
Throwing Warning message instead of Error if interface which is used in pppoe/ipoe does not exist.
2024-04-29Merge pull request #3372 from jestabro/no-configdep-on-errChristian Breunig
configdep: T6276: do not call dependencies on script error
2024-04-28configdep: T6276: do not call dependencies on script errorJohn Estabrook
2024-04-25Merge pull request #3363 from sever-sever/T6263Christian Breunig
T6263: Groups 224.0.0.0/24 are reserved and cannot be joined
2024-04-25Merge pull request #3316 from HollyGurza/T4248Daniil Baturin
qos: T4248: Allow to remove the only rule from the qos class
2024-04-25T6263: Groups 224.0.0.0/24 are reserved and cannot be joinedViacheslav Hletenko
The join addresses within the multicast group 224.0.0.0/24 are reserved and cannot be joined FRR ``` r4(config)# interface eth2 r4(config-if)# ip igmp join 224.0.0.0 224.0.0.10 % Configuration failed. Error type: validation Error description: Groups within 224.0.0.0/24 are reserved and cannot be joined r4(config-if)# ``` Add verify check
2024-04-25Merge pull request #3361 from sever-sever/T6258Daniil Baturin
T6258: Add sysctl base-reachable-time for IPv6
2024-04-25T6258: Add sysctl base-reachable-time for IPv6Viacheslav Hletenko
Add abiilty to change `base_reachable_time_ms` option /proc/sys/net/ipv6/neigh/{ifname}/base_reachable_time_ms
2024-04-24Merge pull request #3359 from sever-sever/T5833Christian Breunig
T5833: Not all AFIs compatible with VRF add verify check
2024-04-24T5833: Not all AFIs compatible with VRF add verify checkViacheslav Hletenko
Not all FRR address-families compatibe with VRF ``` r4# conf t r4(config)# router bgp 65001 vrf bgp r4(config-router)# r4(config-router)# address-family ipv4 flowspec Only Unicast/Multicast/EVPN SAFIs supported in non-core instances. r4(config-router)# r4(config-router)# address-family ipv4 labeled-unicast Only Unicast/Multicast/EVPN SAFIs supported in non-core instances. r4(config-router)# r4(config-router)# address-family ipv4 vpn Only Unicast/Multicast/EVPN SAFIs supported in non-core instances. r4(config-router)# ``` Add verify AFI for VRF
2024-04-24Merge pull request #3345 from Embezzle/T6259Daniil Baturin
PKI: T6259: Support RFC822 names in certificate generation
2024-04-23Merge pull request #3340 from Embezzle/T6255Daniil Baturin
T6255: static-routing: don't render whitespace from static table descriptions
2024-04-23T6255: static-routing: don't render whitespace from static table descriptionsAlex W
2024-04-23Merge pull request #3354 from sever-sever/T6217Christian Breunig
T6217: Conntrack-sync change the actual name of the script
2024-04-23Merge pull request #3355 from sever-sever/T6109Christian Breunig
T6109: Fix remote logging for sudo commands
2024-04-23T6109: Fix remote logging for sudo commandsViacheslav Hletenko
This fix for bug when `sudo` commands were not send to the remote syslog server. They stop before the directive that includes all configurations `$IncludeConfig /etc/rsyslog.d/*.conf`
2024-04-23T6217: Conntrack-sync change the actual name of the scriptViacheslav Hletenko
The actual name of the script is `vyos-vrrp-conntracksync.sh`
2024-04-23Merge pull request #3342 from fsdrw08/currentChristian Breunig
T6226: add HAPROXY tcp-request related block to load-balancing reverse proxy config
2024-04-23T6226: add HAPROXY tcp-request related block to load-balancing reverse proxy ↵Windom WU
config
2024-04-23GitHub: use ubuntu-latest for labeler actionChristian Breunig
2024-04-23GitHub: adjust MergifyIo regex match to both upper and lower caseChristian Breunig
2024-04-23Merge pull request #3346 from jestabro/add-image-enospcChristian Breunig
image-tools: T6260: remove persistence image directory if no space error
2024-04-23Merge pull request #3347 from Giggum/vyos-1x_T6261Christian Breunig
connect_disconnect: T6261: correction to typo in check_ppp_running
2024-04-22connect_disconnect: T6261: correction to typo in check_ppp_running functionGinko
Connect_disconnect: T6261: correction to typo in check_ppp_running function Changes include: 1. Replaces "beeing" -> being in print statement for check_ppp_running 2. Replaces "can not" -> cannot in print statement on lines 61 and 93
2024-04-22image-tools: T6260: remove persistence image directory if no space errorJohn Estabrook
2024-04-22PKI: T6259: Support RFC822 names in certificate generationAlex W
2024-04-22Merge pull request #3339 from andre-luiz-dos-santos/patch-1Christian Breunig
xml: T5738: fix typo in radius-additions.xml.i
2024-04-22xml: T5738: fix typo in radius-additions.xml.iAndré Luiz dos Santos
2024-04-22Merge pull request #3336 from c-po/t6244-seconds_to_humanDaniil Baturin
vyos.utils: T6244: add whitespace after time unit in uptime
2024-04-22Merge pull request #3337 from Embezzle/T6237Christian Breunig
T6237: IPSec remote access VPN: ability to set EAP ID of clients
2024-04-21T6237: IPSec remote access VPN: ability to set EAP ID of clientsAlex W
2024-04-21smoketest: support dynamic enable of smoketest debuggingChristian Breunig
$ touch /tmp/vyos.smoketest.debug will enable dynamic debugging of the smoketests - showing the appropriate CLI commands on stdout
2024-04-21Merge pull request #3338 from nvollmar/haproxy-http-checkChristian Breunig
T6246: improve haproxy http check configuration
2024-04-21op-mode: T6244: add whitespace after time unit in "show system uptime"Christian Breunig
2024-04-21vyos.utils: T6244: add support for year timebase in seconds_to_human()Christian Breunig
We only supported calculating seconds to weeks but not seconds to years. This has been added. Testcase: from vyos.utils.convert import seconds_to_human minute = 60 hour = minute * 60 day = hour * 24 week = day * 7 year = day * 365.25 for separator in ['', ' ', '-', '/']: print(f'----- Using separator "{separator}" -----') print(seconds_to_human(10, separator)) print(seconds_to_human(5* minute, separator)) print(seconds_to_human(3* hour, separator)) print(seconds_to_human(4* day, separator)) print(seconds_to_human(7 * week, separator)) print(seconds_to_human(10 * year, separator)) print(seconds_to_human(5*year + 4*week + 3*day + 2*hour + minute + 5, separator)) print() cpo@LR1.wue3:~$ ./foo.py ----- Using separator "" ----- 10s 5m 3h 4d 7w 10y 5y4w3d2h1m5s ----- Using separator " " ----- 10s 5m 3h 4d 7w 10y 5y 4w 3d 2h 1m 5s ----- Using separator "-" ----- 10s 5m 3h 4d 7w 10y 5y-4w-3d-2h-1m-5s ----- Using separator "/" ----- 10s 5m 3h 4d 7w 10y 5y/4w/3d/2h/1m/5s
2024-04-21vyos.utils: T6244: use list to build up result stringChristian Breunig
When handling optional separators rather build up a list and join the list with the requested delimiter to form the resulting human readable time string.
2024-04-21T6246: improve haproxy http check configurationNicolas Vollmar
2024-04-20gre: T6252: allow tunnel MTU to exceed 8024 bytesfett0
2024-04-19Merge pull request #3325 from nvollmar/haproxy-http-checkDaniil Baturin
T6246: basic haproxy http-check configuration
2024-04-18Merge pull request #3330 from jestabro/show-openvpn-failDaniil Baturin
openvpn: T6245: return 'n/a' if client info not available
2024-04-18openvpn: T6245: return 'n/a' if client info not availableJohn Estabrook
2024-04-18Merge pull request #3326 from sever-sever/T6221Daniil Baturin
T6221: Return default ip rule values after deleting VRF
2024-04-18Merge pull request #3327 from sarthurdev/T6241John Estabrook
pki: T6241: do not call dependency before its initialization
2024-04-18pki: T6241: do not call dependency before its initializationJohn Estabrook
2024-04-18T6221: Return default ip rule values after deleting VRFViacheslav Hletenko
Fix for restoring default ip rule values after deleting VRF Defult values: ``` $ ip rule 0: from all lookup local 32766: from all lookup main 32767: from all lookup default ``` After adding and deleting a VRF we get unexpected values: ``` $ ip rule 1000: from all lookup [l3mdev-table] 2000: from all lookup [l3mdev-table] unreachable 32765: from all lookup local 32766: from all lookup main 32767: from all lookup default ```
2024-04-17T6246: adds basic haproxy http-check configurationNicolas Vollmar
2024-04-17Merge pull request #3320 from nicolas-fort/T6191Christian Breunig
T6191: do not append action policy route|route6 when its not specified