summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2024-04-06T6188: add description to show firewalll0crian1
(cherry picked from commit b2ced47bdc547ada59b37e6617422188e150282c)
2024-04-05Merge pull request #3253 from HollyGurza/T6204-sagittaDaniil Baturin
T6204: cleanup shebang lines
2024-04-05T6204: cleanup shebang lineskhramshinr
2024-04-05Merge pull request #3248 from vyos/mergify/bp/sagitta/pr-3244Daniil Baturin
T6197: Fixed usage ipoe interface client-subnet without pools (backport #3244)
2024-04-05Merge pull request #3251 from vyos/mergify/bp/sagitta/pr-3249Daniil Baturin
ospf: T6089: fix invalid "ospf passive-interface default" (backport #3249)
2024-04-04ospf: T6089: fix invalid "ospf passive-interface default"Christian Breunig
The option "passive-interface default" was set even if it was not present in the previous version we are migrating from. Fix migration script to handle this with a conditional path. (cherry picked from commit ef8d9a73335bc685084e3ff97238836e452dfa8c)
2024-04-04GitHub: fix "on" trigger for unused-imports workflowChristian Breunig
(cherry picked from commit 44bd4c360dc032e4bde55b11423ddae0f042600e)
2024-04-04Merge pull request #3247 from vyos/mergify/bp/sagitta/pr-3246Christian Breunig
T6199: drop unused Python imports from graphql source (backport #3246)
2024-04-04T6197: Fixed usage ipoe interface client-subnet without poolsaapostoliuk
Allowed using ipoe interface client-subnet without client pools configuration. (cherry picked from commit 49d4df5926637ec3dfd33a1dfcaab364adc28c4c)
2024-04-04Makefile: improve "unused-imports" targetChristian Breunig
(cherry picked from commit faa153524f04ebe8ab5f12d7afe6df2a6eb3728a)
2024-04-04T6199: drop unused Python imports from graphql sourceChristian Breunig
(cherry picked from commit 9b4a3bc54ec6d2ff8e435add5e2de995a54dfc6a)
2024-04-04Merge pull request #3245 from vyos/mergify/bp/sagitta/pr-3238Christian Breunig
bgp: T5943: BGP Peer-group members must be all internal or all external (backport #3238)
2024-04-04bgp: T5943: BGP Peer-group members must be all internal or all externalkhramshinr
(cherry picked from commit d403117cdb5e7718c8590cfeb79a336cb5b67aac)
2024-04-04Merge pull request #3241 from c-po/spring-cleaning-sagittaDaniil Baturin
T6199: spring cleaning - drop unused Python imports (backport #3240)
2024-04-04Merge pull request #3239 from nicolas-fort/T6068-sagChristian Breunig
T6068: T6171: change <fail-over> node to <high-availability>; add <mode> parameter
2024-04-03GitHub: run unused imports action only for pull requestsChristian Breunig
(cherry picked from commit 8205e3cf918142a55e00c00dc241a6a30914fbd9)
2024-04-03GitHub: add action to check for unused importsChristian Breunig
(cherry picked from commit 74198e68a6edbdb36a6103a7666de530bdd71696)
2024-04-03T6199: drop unused Python importsChristian Breunig
found using "git ls-files *.py | xargs pylint | grep W0611" (cherry picked from commit 274b2da242acd1f1f64ff1dee471e34295137c5f)
2024-04-03T6199: replace netifaces.interfaces() with common custom helpersChristian Breunig
* Use interface_exists() outside of verify() * Use verify_interface_exists() in verify() to drop common error message (cherry picked from commit 4c7c168fe970b807750a05ceb66b70c0d8652535)
2024-04-03T6199: drop unused sphinx documentation folderChristian Breunig
(cherry picked from commit 86b632874288aa5707a94a4f28ca816e543823b9)
2024-04-03T6068: T6171: change <fail-over> node from dhcp-server to ↵Nicolas Fort
<high-availability>. Also, add <mode> parameter in order to configure active-active or active-passive behavior for HA.
2024-04-03Merge pull request #3235 from vyos/mergify/bp/sagitta/pr-3229Daniil Baturin
T6192: allow binding SSH to multiple VRF instances (backport #3229)
2024-04-02Merge pull request #3237 from vyos/mergify/bp/sagitta/pr-3236Christian Breunig
configverify: T6198: add common helper for PKI certificate validation (backport #3236)
2024-04-02configverify: T6198: add common helper for PKI certificate validationChristian Breunig
The next evolutional step after adding get_config_dict(..., with_pki=True) is to add a common verification function for the recurring task of validating SSL certificate existance in e.g. EAPoL, OpenConnect, SSTP or HTTPS. (cherry picked from commit 3b758d870449e92fece9e29c791b950b332e6e65)
2024-04-02Merge pull request #3233 from vyos/mergify/bp/sagitta/pr-3232Christian Breunig
T6196: Fixed applying parameters for aggregation in BGP (backport #3232)
2024-04-02Merge pull request #3234 from vyos/mergify/bp/sagitta/pr-3230Christian Breunig
firewall: nat: policy: vrf: nft call syntax and import cleanup (backport #3230)
2024-04-02ssh: T6192: allow binding to multiple VRF instancesChristian Breunig
Currently VyOS only supports binding a service to one individual VRF. It might become handy to have the services (initially it will be VRF, NTP and SNMP) be bound to multiple VRFs. Changed VRF from leafNode to multi leafNode with defaultValue: default - which is the name of the default VRF. (cherry picked from commit e5af1f0905991103b12302892e6f0070bbb7b770)
2024-04-02utils: T5738: always use vyos.utils.network.interface_exists over os.path.existsChristian Breunig
(cherry picked from commit 5bb27f0c6220fd940b63cdd37a60c312c0ac3efd)
2024-04-02xml: T5738: extend VRF building blocks with common constraint definitionChristian Breunig
(cherry picked from commit 32d6a693de99021d2cd44fb4235e929caf7b4a6d)
2024-04-02init: T3355: always use full nft command name (e.g. --file over -f)Christian Breunig
(cherry picked from commit 0529371bc587e2fcdd8794061e9bb9d60c792c43)
2024-04-02firewall: T970: always use full nft command name (e.g. --file over -f)Christian Breunig
(cherry picked from commit f1c51884fb62d3917e92af51d4219e291c7a8e74)
2024-04-02conntrack: T4309: T4903: always use full nft command name (e.g. --file over -f)Christian Breunig
(cherry picked from commit 462ba67cf2e193883e33b4ce655b2b0cd1aab80f)
2024-04-02nhrp: T2199: always use full nft command name (e.g. --file over -f)Christian Breunig
(cherry picked from commit f92ef7f3c86ca09775b536ca2bd9813f95cc7d3f)
2024-04-02policy: T2199: always use full nft command name (e.g. --file over -f)Christian Breunig
(cherry picked from commit a33946630348371518247ff13ce918c208ef50d1)
2024-04-02nat: T2199: always use full nft command name (e.g. --file over -f)Christian Breunig
(cherry picked from commit e257155aea09b906d8784cb6143d3ab27578c4a8)
2024-04-02vrf: T3655: always use full nft command name (e.g. --check over -c)Christian Breunig
(cherry picked from commit 09ac2851f89f2b7d94a21c3506e46f380e961fba)
2024-04-02firewall: T2199: always use full nft command name (e.g. --file over -f)Christian Breunig
(cherry picked from commit 6e0fdbcbba39691461f791c7a68a2c6c5091d2c1)
2024-04-02T6196: Fixed applying parameters for aggregation in BGPaapostoliuk
Fixed using 'route-map', 'as-set' and 'summary-only' together in aggregation in BGP (cherry picked from commit d8df8339d665db58afbf20cecaeb49ac9d1b617d)
2024-04-02Merge pull request #3231 from vyos/mergify/bp/sagitta/pr-3212Daniil Baturin
bgp: T6151: Allow configuration of disable-ebgp-connected-route-check (backport #3212)
2024-04-01bgp: T6151: Fix description in PEER disable-connected-checkfett0
(cherry picked from commit 24d0400b9c55cadef1eb99b3e84a363dd6ad5033)
2024-04-01bgp: T6151: Fix description in PEER disable-connected-checkfett0
(cherry picked from commit 84b6f6bcf59d526c35928c974e3f2d03c4d5ec06)
2024-04-01bgp: T6151: Allow configuration of disable-ebgp-connected-route-checkfett0
(cherry picked from commit 85e5ccbab85c8ded426896d61bcf64d329768f2c)
2024-04-01bgp: T6010: Allow configuration of disable-ebgp-connected-route-checkfett0
(cherry picked from commit 010c4061a8884a3617368f3618a425dc517d0675)
2024-04-01Merge pull request #3227 from vyos/mergify/bp/sagitta/pr-3223Daniil Baturin
system: T6193: invalid warning "is not a DHCP interface but uses DHCP name-server option" (backport #3223)
2024-04-01Merge pull request #3226 from vyos/mergify/bp/sagitta/pr-3224Christian Breunig
dhcpv6-client: T2590: fix vyos-hostsd update for nameserver and search domains (backport #3224)
2024-04-01system: T6193: invalid warning "is not a DHCP interface but uses DHCP ↵Christian Breunig
name-server option" This fixes an invalid warning when using a DHCP VLAN interface to retrieve the system nameserver to be used. VLAN CLI config is not properly expanded leading to a false warning: [ system name-server eth1.10 ] WARNING: "eth1.10" is not a DHCP interface but uses DHCP name-server option! (cherry picked from commit 61e70c5500ad5b0a9d25bdee28d982644bad6461)
2024-04-01dhcpv6-client: T2590: fix vyos-hostsd update for nameserver and search domainsChristian Breunig
After migrating from ISC DHCLIENT for IPv6 to wide-dhcp-client the logic which was present to update /etc/resolv.conf with the DHCP specified nameservers and also the search domain list was no longer present. This commit adds a per interface rendered script to inform vyos-hostsd about the received IPv6 nameservers and search domains. (cherry picked from commit ece425f0191762638b7c967097accd8739e9103d)
2024-04-01Merge pull request #3225 from vyos/mergify/bp/sagitta/pr-3222Daniil Baturin
T6178: Check that certificate exists during reverse-proxy commit (backport #3222)
2024-04-01T6178: Check that certificate exists during reverse-proxy commitkhramshinr
(cherry picked from commit 320fe827b4842b0c0da1ec5fee3d41a5730334d5)
2024-03-31Merge pull request #3220 from vyos/mergify/bp/sagitta/pr-3218Christian Breunig
accel-ppp: T6187: use correct CPU counts adjusted for SMT (backport #3218)