summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2019-08-25powerdns: T1524: support setting allow-from networkChristian Poessinger
Netmasks (both IPv4 and IPv6) that are allowed to use the server. The default allows access only from RFC 1918 private IP addresses. Due to the aggressive nature of the internet these days, it is highly recommended to not open up the recursor for the entire internet. Questions from IP addresses not listed here are ignored and do not get an answer. https://docs.powerdns.com/recursor/settings.html#allow-from Imagine an ISP network with non RFC1918 IP adresses - they can't make use of PowerDNS recursor. As of now VyOS hat allow-from set to 0.0.0.0/0 and ::/0 which created an open resolver. If there is no allow-from statement a config-migrator will add the appropriate nodes to the configuration, resulting in: service { dns { forwarding { allow-from 0.0.0.0/0 allow-from ::/0 cache-size 0 ignore-hosts-file listen-address 192.0.2.1 } } } (cherry picked from commit dc0f641956d002fa8588ef8d1213791cf36e92f2)
2019-08-13Merge pull request #101 from DmitriyEshenko/patch-6Daniil Baturin
[show arp] T1576 deleting improper quotes
2019-08-12[show arp] T1576 deleting improper quotesEshenko Dmitriy
2019-07-25T1541 Fix: adding additional checkEshenko Dmitriy
(cherry picked from commit 3945b2259aaa64eb9f4d61334126235f2d641293)
2019-07-23[wireguard] fixing value help typohagbard
(cherry picked from commit 36f8a1e4e5966c43c5330ff223fa2ef07d346b6e)
2019-07-23[wireguard] T1425 - assign a /31 address on Wireguard interfacehagbard
- added a validator for checking if the address is any cidr noted address (cherry picked from commit 2ee0eff1bd04ef02b0769341eee22543f8011b68)
2019-07-21T1537: add missing help for 'set service dns'Christian Poessinger
(cherry picked from commit d99bf6a3a623433e743bb2d1d72e2ef3e0ab5057)
2019-07-21[dns-forwarding] T1333: handle domain forward and general recursion in one ↵Christian Poessinger
configuration line In the past we used the PowerDNS cofniguration option forward-zones and forward-zones-recurse, but only the latter one sets the recursion bit in the DNS query. Thus all recursions have been moved to this config statement. (cherry picked from commit 5886dd27cbc65f8cda04752bbd39a960b0887523)
2019-07-19T1527: fix typo, s/IPv5/IPv6/Daniil Baturin
2019-07-19T1440: in IPv4 DHCP, print the subnet rather than a dict dumpDaniil Baturin
when a non-unique subnet is found.
2019-07-17Update changelog.Daniil Baturin
2019-07-16T1531: do not include FQDN in the hostname.Daniil Baturin
2019-07-12Do not try to verify the config when host_name.py is called from dhclient ↵Daniil Baturin
script.
2019-07-11[wireguard] - T1516: changing committed config causes errorhagbard
2019-07-09T1497: remove duplicate values from name servers and search domains obtained ↵Daniil Baturin
from DHCP.
2019-07-08Fix a stray debug print in vyos-config-file-query.Daniil Baturin
2019-07-04Merge branch 'crux' of https://github.com/vyos/vyos-1x into cruxDaniil Baturin
2019-07-04T1497: make host_name.py wait for commit lock too.Daniil Baturin
2019-07-04T1497: remove the no longer necessary workaround for bad ↵Daniil Baturin
return_effective_values output.
2019-07-04[vyos.config] T1505: correct return_effective_values output splitting.Daniil Baturin
2019-07-03Merge pull request #76 from qiuchengxuan/cruxChristian Poessinger
[pdns-recursor] T1469 - replace forward-zones with forward-zones-recurse
2019-07-03T1504: wait for commit lock before trying to update resolv.conf in the out ↵Daniil Baturin
of CLI mode.
2019-07-03T1503: add functions for commit lock checking and waiting.Daniil Baturin
Conflicts: python/vyos/defaults.py
2019-07-02Merge pull request #84 from UnicronNL/cruxKim
T1497: "set system name-server" generates invalid/incorrect resolv.conf
2019-07-02T1497: "set system name-server" generates invalid/incorrect resolv.confUnicronNL
2019-07-01Merge pull request #81 from UnicronNL/cruxKim
T1498: Nameservers are not propagated into resolv.conf
2019-07-01T1498: Nameservers are not propagated into resolv.confKim Hagen
2019-06-25[pdns-recursor] T1469 - replace forward-zones with forward-zones-recurseqiuchengxuan
forward-zones-recurse behaves identically to dnsmasq server option in legacy vyos 1.1.8, while forward-zones option disallow recursive name resolving, which leads to dns lookup failure
2019-06-22DHCPDv6 T1433: rename daemon configuration fileChristian Poessinger
... to have the same pattern as the DHCPDv6 lease file (cherry picked from commit adaa9b78e2fb0c7da58ca6c09934b3e3cff44795)
2019-06-22DHCPDv6 T1433: fix wrong lease file nameChristian Poessinger
A wrong lease file caused the show command to fail: vyos@vyos:~$ show dhcpv6 server leases Traceback (most recent call last): File "/usr/libexec/vyos/op_mode/show_dhcpv6.py", line 81, in <module> leases = get_leases(lease_file, state='active') File "/usr/libexec/vyos/op_mode/show_dhcpv6.py", line 44, in get_leases leases = IscDhcpLeases(lease_file).get() File "/usr/lib/python3/dist-packages/isc_dhcp_leases/iscdhcpleases.py", line 110, in get with open(self.filename) as lease_file: FileNotFoundError: [Errno 2] No such file or directory: '/config/dhcpdv6.leases' (cherry picked from commit 3b9bfe322fd4a7d652b25b28cbcd4825fee0ea4b)
2019-06-22T1433: fix also filenames in /etc/default/isc-dhcpv6-serverJernej Jakob
(cherry picked from commit 690ae8bf526b6d45997bedf5e856f858ad251658)
2019-06-20firewall: T1461: deleting 'firewall options' causes Python TypeErrorChristian Poessinger
[ firewall options interface wg01 ] Traceback (most recent call last): File "/usr/libexec/vyos/conf_mode/firewall_options.py", line 139, in <module> apply(c) File "/usr/libexec/vyos/conf_mode/firewall_options.py", line 97, in apply if tcp['new_chain4']: TypeError: 'NoneType' object is not subscriptable delete [ firewall options ] failed delete [ firewall ] failed Commit failed (cherry picked from commit efb1a1c88f436a3704c4ca6e15b65aeded4b9654)
2019-06-20T1458: Regression in 1.2.1-S2 hostname & loggingKim Hagen
2019-06-16T1438: fix permissions when invoking 'show version'Christian Poessinger
Accessing Kernel DMI data (under /sys/class/dmi) requires elevated permission and thus retrieving a Board Serial/UUID was not possible. version.py is now called via sudo to gether all facts. (cherry picked from commit efb598caafc20db278938ff3787e3674467e0663)
2019-06-04T1379: Deprecated functions in /sbin/dhclient-scriptKim Hagen
Conflicts: src/conf_mode/host_name.py
2019-06-01T1422: fix wrong file mode.Daniil Baturin
2019-06-01T1422: add a script for querying values in config files.Daniil Baturin
2019-05-26Merge branch 'crux' of https://github.com/vyos/vyos-1x into cruxDaniil Baturin
2019-05-26[rsyslog] T1358 - typo fixed os.path.existshagbard
2019-05-26[rsyslogd] T1355 - rsyslog stopped after reboot or clean starthagbard
- rsyslog appears now to be started via systemd automatically, checking for the pid to avoid restart race condition between systemd vyos conf script
2019-05-26[rsyslog] Fixes: T1294 - Trying to delete 'system syslog' throws an exceptionhagbard
2019-05-22add tests to JenkinsfileKim Hagen
2019-05-22Create Jenkinsfile cruxKim Hagen
2019-05-21Restore the "make test" target.Daniil Baturin
2019-05-21T1255: add newlines for 3rd party script amendmentsChristian Poessinger
2019-05-20T1255: add newlines for 3rd party script amendmentsChristian Poessinger
2019-05-20hostname: bugfix for overwriting search domainsChristian Poessinger
2019-05-20Add header to resolver configuration fileChristian Poessinger
2019-05-20hostname: additional test case fixesChristian Poessinger
Conflicts: src/tests/test_host_name.py
2019-05-20T1174: migrate local hostname/DNS handling to vyos-1xChristian Poessinger
Conflicts: src/conf_mode/host_name.py
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-03 03:27:00 +0000