summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2024-10-09T6525: Add default dir for ext-scripts without absolute path (#4144)mergify[bot]
(cherry picked from commit 2f52106dc160f217d6e27da45674c0231a93382a) Co-authored-by: khramshinr <khramshinr@gmail.com>
2024-10-08op-mode: T6753: Fix json output for mtr / monitor traceroute (#4122) (#4143)mergify[bot]
(cherry picked from commit 17c9b444ecc7883f1d8af01fefc8d00f6f1ef49b) Co-authored-by: Nataliia S. <81954790+natali-rs1985@users.noreply.github.com>
2024-10-08smoketest: T4576: add guard timeout for systemd in log level tests (#4142)mergify[bot]
Systemd comes with a default of 5 restarts in 10 seconds policy, this limit can be hit by this reastart sequence, slow down a bit. (cherry picked from commit 810d9a819ee378460a05ed6c7e064fb105058fc2) Co-authored-by: Christian Breunig <christian@breunig.cc>
2024-10-07Merge pull request #4134 from vyos/mergify/bp/circinus/pr-4131Christian Breunig
static: T4283: fix missing f'ormat string (backport #4131)
2024-10-07Merge pull request #4137 from vyos/mergify/bp/circinus/pr-4132Daniil Baturin
T6759: add support for italian keymap (backport #4132)
2024-10-07Merge pull request #4140 from vyos/mergify/bp/circinus/pr-4118Christian Breunig
pki: T6481: auto import ACME certificate chain into CLI (backport #4118)
2024-10-07pki: T6481: auto import ACME certificate chain into CLIChristian Breunig
When using an ACME based certificate with VyOS we provide the necessary PEM files opaque in the background when using the internal tools. This however will not properly work with the CA chain portion, as the system is based on the "pki certificate <name> acme" CLI node of a certificate but CA chains reside under "pki ca". This adds support for importing the PEM data of a CA chain issued via ACME into the "pki ca AUTOCHAIN_<name> certificate" subsystem so it can be queried by other daemons. Importing the chain only happens, when the chain was not already added manually by the user. ACME certificate chains that are automatically added to the CLI are all prefixed using AUTOCHAIN_certname so they can be consumed by any daemon. This also adds a safeguard when the intermediate CA changes, the referenced name on the CLI stays consitent for any pending daemon updates. (cherry picked from commit 875764b07f937fc599e2e62c667e7b811ddc2ed3)
2024-10-06T6759: add support for italian keymapChristian Breunig
set system option keyboard-layout it (cherry picked from commit 1c83b39f30880b7e5297db3fffc3afd2cd699f55)
2024-10-06static: T4283: fix missing f'ormat stringChristian Breunig
This fixes the error message: Can not use both blackhole and reject for prefix "{prefix}"! Added in commit bb78f3a9ad28 ("static: T4283: support "reject" routes - emit an ICMP unreachable when matched") (cherry picked from commit 490ee3ec5ba7ea28002890841eab8e46f775a129)
2024-10-04Merge pull request #4127 from vyos/mergify/bp/circinus/pr-4126Christian Breunig
T6763: Delete Jenkins file (backport #4126)
2024-10-04T6763: Delete Jenkins fileViacheslav Hletenko
(cherry picked from commit a3b79255fae48dea35b6fd240c6671e226382cfe)
2024-09-30Merge pull request #4113 from vyos/mergify/bp/circinus/pr-4024Christian Breunig
T6687: add fqdn support to nat rules. (backport #4024)
2024-09-30T6687: add fqdn support to nat rules.Nicolas Fort
(cherry picked from commit 4c3d037f036e84c77333a400b35bb1a628a1a118)
2024-09-30Merge pull request #4117 from vyos/mergify/bp/circinus/pr-4112Daniil Baturin
policy: T6751: add missing completion helpers for community-list (backport #4112)
2024-09-30Merge pull request #4115 from vyos/mergify/bp/circinus/pr-4061Daniil Baturin
syslog: T5367: add format option to include timezone in message (backport #4061)
2024-09-30Merge pull request #4103 from vyos/mergify/bp/circinus/pr-4002Daniil Baturin
dhclient: T6667: Added workaround for communication with FRR (backport #4002)
2024-09-30policy: T6751: add missing completion helpers for community-listChristian Breunig
Add all missing, well-known values for the community-list regex. (cherry picked from commit 3e94e5e318b852dfca36e64d078728d4f5d5304c)
2024-09-30syslog: T5367: add format option to include timezone in messageChristian Breunig
Add CLI option to include the systems timezone in the syslog message sent to a collector. This can be enabled using: set system syslog host <hostname> format include-timezone (cherry picked from commit 042be39ccabb43a766e04a447207610ff017bd7d)
2024-09-26dhclient: T6667: Added workaround for communication with FRRzsdc
To increase the chance for dhclient to configure routes in FRR, added a workaround. Now 10 attempts are performed with 1 second delay and only after this dhclient gives up. (cherry picked from commit da64a7246e9b12d5bd84287517cfbfa59e364c28)
2024-09-26Merge pull request #4095 from vyos/mergify/bp/circinus/pr-4086Daniil Baturin
bridge: T6675: VXLAN Interface configuration lost due to improper bridge detachment (backport #4086)
2024-09-25Merge pull request #4097 from vyos/mergify/bp/circinus/pr-4079Daniil Baturin
syslog: T6719: fix the behavior of "syslog global preserve-fqdn" (backport #4079)
2024-09-24syslog: T6719: fix the behavior of "syslog global preserve-fqdn"Nicolas Vollmar
(cherry picked from commit c196c6d9207ef112e478f44923b2d0bc8a15b3c9)
2024-09-24bridge: T6675: VXLAN Interface configuration lost due to improper bridge ↵Nataliia Solomko
detachment (cherry picked from commit 7dbd07657c914d5a46eed101ae44d73ba3b4c6f0)
2024-09-22Merge pull request #4093 from vyos/mergify/bp/circinus/pr-4091Christian Breunig
lldp: T6727: add missing input validation for interface names (backport #4091)
2024-09-21lldp: T6727: add missing input validation for interface namesChristian Breunig
There is no input CLI validation on the interface name passed to the LLDP service. (cherry picked from commit 82ba669c2632ae554528b13efd6489ced3e39964)
2024-09-20Merge pull request #4088 from vyos/mergify/bp/circinus/pr-4087Christian Breunig
wireless: T6709: fix missing wpa_supplicant configuration (backport #4087)
2024-09-19wireless: T6709: fix missing wpa_supplicant configurationChristian Breunig
Commit 0ee8d5e35 ("ethernet: T6709: move EAPoL support to common framework") added support to also have EAPoL on other interface types then ethernet. This introduced a regression where the wireless interface wpa_supplicant configuration would get deleted. (cherry picked from commit 58dfd957fd8ec24caeca73105f7823148ef8c8bf)
2024-09-19Merge pull request #4085 from vyos/mergify/bp/circinus/pr-3711Daniil Baturin
T6496: Added support for WPA-Enterprise client-mode (backport #3711)
2024-09-19wireless: T6496: use mac-address validator on BSSID and move it up one CLI levelChristian Breunig
(cherry picked from commit 0c9499c5b3f7cc053c1f29ecf28d679c1a3156e2)
2024-09-19wireless: T6496: use ascii regex for WPA passphrase constraintChristian Breunig
(cherry picked from commit 5a6ac65fe0684fc5298de3daa8582294ac387b46)
2024-09-19wireless: T6496: support for EAP-MSCHAPv2 client over wifiChristopher
fix: attempt to fix indentation on `wpa_supplicant.conf.j2` fix: attempt to fix indentation on `wpa_supplicant.conf.j2` fix: incorrect bssid mapping fix: use the correct jinja templating (I think) fix: “remote blank space fix: attempt to fix the formatting in j2 fix: attempt to fix the formatting in j2 feat: rename enterprise username and password + add checks in conf mode. fix: move around `bssid` config option on `wpa_supplicant.conf.j2` and fix the security config part fix: fix indentation on `wpa_supplicant.conf.j2` (cherry picked from commit fc4263021acb72d2d8afb165922d9cb7e11b2bf1)
2024-09-18Merge pull request #4082 from vyos/mergify/bp/circinus/pr-3823Daniil Baturin
OpenVPN CLI-option: T6571: rename ncp-ciphers with data-ciphers (backport #3823)
2024-09-18Merge pull request #4081 from vyos/mergify/bp/circinus/pr-3930Daniil Baturin
T6486: use data-ciphers instead of ncp-ciphers in "run generate openvpn client-config" (backport #3930)
2024-09-18OpenVPN CLI-option: T6571: rename ncp-ciphers with data-cipherssrividya0208
(cherry picked from commit b62b2f5f8a9c4f0a7dc26bce1f15843651119256)
2024-09-18T6486: generate OpenVPN use data-ciphers instead of ncp-ciphers (#3930)Viacheslav Hletenko
In the PR https://github.com/vyos/vyos-1x/pull/3823 the ncp-ciphers were replaced with `data-ciphers` fix template for "generate openvpn client-config" (cherry picked from commit ffbc04c591b534188cb08bf3991fadac4aa386a8)
2024-09-18Merge pull request #4080 from vyos/mergify/bp/circinus/pr-3753Christian Breunig
T6539: add logging options to load-balancer reverse-proxy (backport #3753)
2024-09-18T6539: add logging options to load-balancer reverse-proxyJonathan Voss
(cherry picked from commit dd5908eac390294ea178953fc0e6821d803d62f6)
2024-09-18T6716: don't automatically set ethernet offload (#4078)mergify[bot]
Remove the lines of code that checked if the kernel had offloading enabled and was then forcing the config to set it to "on." The behavior now mirrors the config and offloading will only be enabled if the config is explicitly set to enabled. Note: the code is still present to disable the offloading, in the config, if the kernel doesn't support it. Note(2): Allow the previous behavior where the offload settings get set, based on the Kernel, if the boot is a live boot. (cherry picked from commit b6c2a7476bbd20bebc3e901cc55c17965ebfc423) Co-authored-by: Dave Vogel <dvogel@greylogic.com>
2024-09-17bond: T6709: add EAPoL support (backport #4069) (#4076)mergify[bot]
* ethernet: T6709: move EAPoL support to common framework Instead of having EAPoL (Extensible Authentication Protocol over Local Area Network) support only available for ethernet interfaces, move this to common ground at vyos.ifconfig.interface making it available for all sorts of interfaces by simply including the XML portion #include <include/interface/eapol.xml.i> (cherry picked from commit 0ee8d5e35044e7480dac6a23e92d43744b8c5d36) * bond: T6709: add EAPoL support (cherry picked from commit 8eeb1bdcdfc104ffa77531f270a38cda2aee7f82) --------- Co-authored-by: Christian Breunig <christian@breunig.cc>
2024-09-16Merge pull request #4075 from vyos/mergify/bp/circinus/pr-4071Daniil Baturin
op-mode: T6715: manually changing time/date is not synced into hardware clock (backport #4071)
2024-09-16op-mode: T6715: manually changing time/date is not synced into hardware clockChristian Breunig
When not using NTP and adjusting the current system time/date using set date the time is not saved across a reboot into the hardware RTC. This commit explicitly syncs the current time after a change into the systems RTC. Most routers do not run without NTP (which is even a VyOS default) so the priority is pretty low. (cherry picked from commit 835126e249c1a8b7ae87ac169a8eb9d2df979249)
2024-09-16Merge pull request #4072 from vyos/mergify/bp/circinus/pr-4057Christian Breunig
op-mode: T6682: Fix for show vpn ike sa peer that always shows all SAs (backport #4057)
2024-09-15op-mode: T6682: Fix for show vpn ike sa peer always shows all SAsNataliia Solomko
(cherry picked from commit 8c6a57124af37ba410dd01797e9242b3a79f171a)
2024-09-15Merge pull request #4058 from vyos/mergify/bp/circinus/pr-4046Christian Breunig
T6703: Adds option to configure AMD pstate driver (backport #4046)
2024-09-14Merge pull request #4068 from vyos/mergify/bp/circinus/pr-4067Vijayakumar A
T6674: Actions fix variable for trigger build reuse repo (backport #4067)
2024-09-14T6674: Actions fix variable for trigger build reuse repo (#4067)Viacheslav Hletenko
(cherry picked from commit 5df36ba0e3c95efb2962ed54e614552f7425e173)
2024-09-13Merge pull request #4056 from vyos/mergify/bp/circinus/pr-4054Daniil Baturin
T6711: Fix restart vrrp missed comma between services (backport #4054)
2024-09-13Merge pull request #4059 from vyos/mergify/bp/circinus/pr-4047Daniil Baturin
policy: T6676: Invalid route-map caused bgpd to crash (backport #4047)
2024-09-12policy: T6676: Invalid route-map caused bgpd to crashNataliia Solomko
(cherry picked from commit 595f35bbdda732883ce0b8b0721061bb3a40a715)
2024-09-12T6703: shorten help descriptionNicolas Vollmar
(cherry picked from commit 9fcf711e669f00df8313887a801130f4bb3826df)