summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2024-03-16Merge pull request #3132 from sever-sever/T6121Christian Breunig
T6121: Extend service config-sync to new sections
2024-03-16Merge pull request #3137 from nicolas-fort/T6090-policyChristian Breunig
T6090: policy: fix migration script
2024-03-15T6090: fix policy route migration script. Ensure that tcp flags migration ↵Nicolas Fort
occurs also if only <policy route> is defined.
2024-03-15T6121: Extend service config-sync to new sectionsViacheslav Hletenko
Extend `service config-sync` with new sections: - LeafNodes: pki, policy, vpn, vrf (syncs the whole sections) - Nodes: interfaces, protocols, service (syncs subsections) In this cae the Node allows to uses the next level section i.e subsection For example any of the subsection of the node `interfaces`: - set service config-sync section interfaces pseudo-ethernet - set service config-sync section interfaces virtual-ethernet Example of the config: ``` set service config-sync mode 'load' set service config-sync secondary address '192.0.2.1' set service config-sync secondary key 'xxx' set service config-sync section firewall set service config-sync section interfaces pseudo-ethernet set service config-sync section interfaces virtual-ethernet set service config-sync section nat set service config-sync section nat66 set service config-sync section protocols static set service config-sync section pki set service config-sync section vrf ```
2024-03-14Merge pull request #3135 from c-po/xml-nat66Christian Breunig
xml: T2518: T160: improve NAT66/NPTv6 and NAT64 help string s
2024-03-14xml: T160: improve NAT64 help stringChristian Breunig
2024-03-14xml: T2518: improve NAT66/NPTv6 help stringChristian Breunig
2024-03-14Merge pull request #3133 from c-po/xmlChristian Breunig
xml: T3642: improve PKI CLI help string
2024-03-14xml: T3642: improve PKI CLI help stringChristian Breunig
2024-03-13Merge pull request #3125 from c-po/radvd-T6118Daniil Baturin
radvd: T6118: add nat64prefix support RFC8781
2024-03-13Merge pull request #3126 from zdc/T4548-circinusChristian Breunig
grub: T4548: Fixed GRUB configuration files order
2024-03-13grub: T4548: Fixed configuration files orderzsdc
To iterate files on ext* file systems GRUB reads their inodes one by one, ignoring names. This breaks our configuration logic that relies on proper loading order. This commit adds a helper `sort_inodes()` that needs to be used whenever GRUB configuration files are created. It recreates files, changing their inodes in a way where inodes order matches alphabetical order.
2024-03-12radvd: T6118: add nat64prefix support RFC8781Christian Breunig
Add support for pref64 option, as defined in RFC8781. The prefix valid lifetime must not be smaller than the "interface interval max" definition which defaults to 600. set service router-advert interface eth1 nat64prefix 64:ff9b::/96
2024-03-12Merge pull request #3123 from sarthurdev/T5080_orderChristian Breunig
conntrack: T5080: Fix rule order for applied conntrack modules
2024-03-12Merge pull request #3120 from lucasec/t6114Christian Breunig
T6114: fix broken migration dhcpv6-server 4-to-5
2024-03-12conntrack: T5080: Fix rule order for applied conntrack modulessarthurdev
2024-03-10T6114: fix broken migration dhcpv6-server 4-to-5Lucas Christian
2024-03-10Merge pull request #3110 from jestabro/relax-description-constraintChristian Breunig
xml: T6098: relax description constraint to allow non-ascii characters
2024-03-10xml: T6098: relax description constraint to allow non-ascii charactersJohn Estabrook
A restriction to ascii in the constraint disallowed earlier support for unicode bytes.
2024-03-10Merge pull request #3117 from UnixxSH/patch-1Christian Breunig
dhcp-client: T6093: extend regex for client class-id's with DOT
2024-03-10dhcp-client: T6093: extend regex for client class-id's with DOTLucas
The regex used is not working if the string contains dots. Originally authored by: Lucas <pinheirolucas@pm.me>
2024-03-10Merge pull request #3115 from c-po/T6071-part2Christian Breunig
xml: T5738: revert invalid change from lower character limit - 0 length must be allowed
2024-03-10xml: T5738: revert invalid change from lower character limit - 0 length must ↵Christian Breunig
be allowed This reverts a change from commit a72ededa0 ("xml: T5738: lower maximum description to 255 characters") which incresaed the lower limit from 0 to 1. We actually require 0 length value for description nodes as introduced in commit 6eea12512e ("xml: T1579: allow zero length for description").
2024-03-10Merge pull request #3113 from c-po/firewall-T6071Daniil Baturin
firewall: T6071: truncate rule description field to 255 characters
2024-03-10firewall: T6071: truncate rule description field to 255 charactersChristian Breunig
2024-03-10xml: T5738: lower maximum description to 255 charactersChristian Breunig
e.g. Linux Kernel only supports 255 and not 256 characters for the ifalias field.
2024-03-09Merge pull request #3106 from sarthurdev/T6102Daniil Baturin
dhcp: T6102: Fix clear DHCP lease op-mode
2024-03-08dhcp: T3316: De-duplicate Kea control socket variablesarthurdev
2024-03-07Merge pull request #3108 from dmbaturin/T6107-body-max-sizeChristian Breunig
http-api: T6107: add an option to increase the request body size limit
2024-03-07http-api: T6107: add an option to increase the request body size limitDaniil Baturin
2024-03-07Merge pull request #2966 from HollyGurza/T6020Daniil Baturin
vrrp: T6020: vrrp health-check script not applied correctly
2024-03-07Merge pull request #3105 from natali-rs1985/T2998-currentDaniil Baturin
snmp: T2998: SNMP v3 oid "exclude" option fix
2024-03-07Merge pull request #1740 from sarthurdev/tpm_luksDaniil Baturin
config: T4919: Add support for encrypted config with TPM
2024-03-07config: T4919: Support copying encrypted volumes during installsarthurdev
Re-implements https://github.com/vyos/vyatta-cfg-system/pull/194
2024-03-07config: T4919: mount/unmount encrypted config on VyOS start/stopsarthurdev
Re-implements https://github.com/vyos/vyatta-cfg/pull/54
2024-03-07config: T4919: Add support for encrypted config file with TPMsarthurdev
2024-03-07snmp: T2998: SNMP v3 oid "exclude" option fixNataliia Solomko
2024-03-06dhcp: T6102: Fix clear DHCP lease op-modesarthurdev
* Add `clear dhcpv6-server lease` * Standardize using vyos.opmode
2024-03-06Merge pull request #3100 from jestabro/non-interactive-uploadJohn Estabrook
remote: T6104: fix logic of failure case in MissingHostKeyPolicy
2024-03-06remote: T6104: fix logic of failure case in MissingHostKeyPolicyJohn Estabrook
2024-03-06Merge pull request #3099 from natali-rs1985/T6057-currentChristian Breunig
conntrack-sync: T6057: Add ability to disable syslog for conntrackd
2024-03-06conntrack-sync: T6057: Add ability to disable syslog for conntrackdNataliia Solomko
2024-03-06Merge pull request #3088 from nicolas-fort/T6075Daniil Baturin
T6075: firewall and NAT: check if interface-group exists when using them in firewall|nat rules.
2024-03-06Merge pull request #3090 from c-po/wifi-regdomainChristian Breunig
wifi: T6095: incorrect country "uk" it's actually "gb"
2024-03-06Merge pull request #3085 from Apachez-/T6096Christian Breunig
T6096: Config commits are not synced properly because 00vyos-sync is deleted by vyos-router
2024-03-06Merge pull request #3087 from nicolas-fort/T6061-ct-statusChristian Breunig
T6061: fix rule parsing when connection-status is used
2024-03-05Merge pull request #3089 from jestabro/allocate-under-lockJohn Estabrook
http-api: T6069: fix allocation outside of thread lock
2024-03-05Merge pull request #3093 from c-po/kernel-T2447Christian Breunig
T2447: add configurable kernel boot option 'disable-power-saving'
2024-03-05T2447: add configurable kernel boot option 'disable-power-saving'Christian Breunig
Lower available CPU C states to a minimum if this option set. This will set Kernel commandline options "intel_idle.max_cstate=0 processor.max_cstate=1".
2024-03-05Merge pull request #3091 from c-po/xml-T5738Christian Breunig
xml: T5738: use generic-disable-node building block for "disable" CLI nodes