Age | Commit message (Collapse) | Author | |
---|---|---|---|
2023-08-12 | T5160: fix merge regression | John Estabrook | |
2023-08-12 | T5467: removing ospf(v3) or isis interface in VRF context did not clear FRR ↵ | Christian Breunig | |
config To reproduce: set vrf name red table 2000 set vrf name red protocols ospf interface eth1 area 0 set vrf name red protocols ospf parameters router-id 1.1.1.1 set interfaces ethernet eth1 vrf red commit FRR now has an interface config vyos@vyos# vtysh -c "show run" no-header | sed -n "/^interface eth1/,/!/p" interface eth1 ip ospf area 0 ip ospf dead-interval 40 exit Now delete the interface from the OSPF(v3) or ISIS process delete vrf name red protocols ospf interface commit It's still there vyos@vyos# vtysh -c "show run" no-header | sed -n "/^interface eth1/,/!/p" interface eth1 ip ospf area 0 ip ospf dead-interval 40 exit ! Issue was caused in the FRR vtysh representation of an interface. It used to have a "vrf <name>" marker in earlier versions but FRR 8.5 and later no longer have the marker. So "interface eth1 vrf red" became "interface eth1" in vtysh, but our regex expected the "vrf" identifier when modifying FRR config. | |||
2023-08-11 | ipv6: T5464: add support for per-interface dad (duplicate address detection) ↵ | Christian Breunig | |
setting | |||
2023-08-11 | ipv6: T5464: use proper XML default for DAD transmits | Christian Breunig | |
This is only a cosmetic change so that the default value is properly retrieved from the defaultValue XML node. | |||
2023-08-11 | Merge pull request #2016 from nicolas-fort/T5160 | Christian Breunig | |
T5160: Firewall refactor | |||
2023-08-11 | Merge pull request #2148 from sever-sever/T5448 | Daniil Baturin | |
T5448: Move zabbix-agent to node monitoring | |||
2023-08-11 | interface: T5465: adjust-mss: config migration fails if applied to a VLAN or ↵ | Christian Breunig | |
Q-in-Q interface When migration from 1.3 to 1.4 and a user hat the following configured: options { interface eth0.10{ adjust-mss 1452 adjust-mss6 1432 } } The configuration was wrongly migrated to: interfaces { ethernet eth0.10 { ipv6 { adjust-mss "1432" } ip { adjust-mss "1452" } } Instead of interfaces { ethernet eth0 { vif 10 { ipv6 { adjust-mss "1432" } ip { adjust-mss "1452" } } } | |||
2023-08-11 | T5440: Restore pre/postconfig scripts if user deleted them | Apachez | |
Using variable ${vyos_rootfs_dir} instead of wildcard for both restore_if_missing_preconfig and restore_if_missing_postconfig. | |||
2023-08-11 | T5460: remove config-trap from firewall | Nicolas Fort | |
2023-08-11 | T5160: firewall refactor: fix regexep for connection-status. Create new file ↵ | Nicolas Fort | |
with common matcher for ipv4 and ipv6, and use include on all chains for all this comman matchers | |||
2023-08-11 | T5160: firewall refactor: change default value for <default-action> from ↵ | Nicolas Fort | |
<drop> to <accept> if default-action is not specified in base chains | |||
2023-08-11 | T5160: firewall refactor: move <set firewall ipv6 ipv6-name ...> to <set ↵ | Nicolas Fort | |
firewall ipv6 name ...> . Also fix some unexpected behaviour with geoip. | |||
2023-08-11 | T5160: firewall refactor: fix firewall template for correct rule parsing ↵ | Nicolas Fort | |
that contains fqnd and/or geo-ip in base chains. Fix mig script | |||
2023-08-11 | T5160: firewal refactor: fix tabulation for geo-ip parsing code. Typo fix in ↵ | Nicolas Fort | |
firewall smoketest | |||
2023-08-11 | T5160: T5250: while refactoring, fix reference column for op-mode command ↵ | Nicolas Fort | |
show_firewall_group. | |||
2023-08-11 | T5160: firewall refactor: change firewall ip to firewall ipv4 | Nicolas Fort | |
2023-08-11 | T5160: firewall refactor. Update op-mode commands to new syntax. | Nicolas Fort | |
2023-08-11 | T5160: firewall refactor: re-add missing code in template.py which was ↵ | Nicolas Fort | |
accidentaly removed. Update smokestest: remove zone test and fix test_sysfs test | |||
2023-08-11 | T5160: firewall refactor: new cli structure. Add migration script and update ↵ | Nicolas Fort | |
smoketest | |||
2023-08-11 | T5160: firewall refactor: new cli structure. Update jinja templates, python ↵ | Nicolas Fort | |
scripts and src firewall | |||
2023-08-11 | T5160: firewall refactor: new cli structure. Update only all xml | Nicolas Fort | |
2023-08-11 | T5448: Move zabbix-agent to node monitoring | Viacheslav Hletenko | |
Move 'service zabbix-agent' => 'service monitoring zabbix-agent' | |||
2023-08-11 | Merge pull request #2147 from jestabro/remaining-defaults | Viacheslav Hletenko | |
T5434: remove reamining calls to incorrect defaults | |||
2023-08-11 | Merge pull request #2146 from dmbaturin/T5270-openvpn-dh-optional | Christian Breunig | |
openvpn: T5270: do not require classic DH params in any mode | |||
2023-08-10 | T5319: remove defaults workarounds in vyos-domain-resolver.py | John Estabrook | |
2023-08-10 | T5434: use package specific cache in nosetests | John Estabrook | |
2023-08-10 | T5434: drop unneeded cache generation from old lib | John Estabrook | |
2023-08-10 | T5434: use get_defaults instead of defaults | John Estabrook | |
2023-08-10 | T5434: use auto-defaults in op-mode pki.py | John Estabrook | |
2023-08-10 | T5434: remove unneeded import | John Estabrook | |
2023-08-10 | T5434: replace import of component_version | John Estabrook | |
2023-08-10 | xml: T5218: fix typo in component_version | John Estabrook | |
2023-08-10 | T5319: remove workaround in op-mode show_openconnect_otp.py | John Estabrook | |
2023-08-10 | Merge pull request #2140 from sever-sever/T5448 | Daniil Baturin | |
T5448: Add service zabbix-agent | |||
2023-08-10 | openvpn: T5270: do not require classic DH params in any more | Daniil Baturin | |
Generate 'dh none' instead and let OpenVPN use ECDH | |||
2023-08-10 | tunnel: T5223: clear GRE key id after deletion | srividya0208 | |
2023-08-10 | Merge pull request #2144 from dmbaturin/T5271-openvpn-peer-fingerprint | Christian Breunig | |
openvpn: T5271: add peer certificate fingerprint option | |||
2023-08-09 | openvpn: T5271: add peer certificate fingerprint option | Daniil Baturin | |
2023-08-09 | Merge pull request #2143 from dmbaturin/T5273-cert-fingerprint | Viacheslav Hletenko | |
pki: T5273: add a certificate fingerprint command | |||
2023-08-09 | pki: T5273: add a certificate fingerprint command | Daniil Baturin | |
2023-08-09 | T5448: Add service zabbix-agent version 2 | Viacheslav Hletenko | |
Add service zabbix-agent set service zabbix-agent directory '/config/zabbix/' set service zabbix-agent limits buffer-flush-interval '8' set service zabbix-agent limits buffer-size '120' set service zabbix-agent log debug-level 'warning' set service zabbix-agent log size '1' set service zabbix-agent server '192.0.2.5' set service zabbix-agent server-active 192.0.2.5 port '10051' set service zabbix-agent server-active 2001:db8::123 | |||
2023-08-09 | xml: T5452: catch lib errors in generate_cache | John Estabrook | |
2023-08-09 | Merge pull request #2141 from nicolas-fort/T5453 | Christian Breunig | |
T5453: nat66: fix nat66 which got broken after nat load-balance was introduced | |||
2023-08-09 | T5453: nat66: exclude checks for nat load-balance when using ipv6 while ↵ | Nicolas Fort | |
parsing nat rules. | |||
2023-08-09 | Merge pull request #2136 from jestabro/with-defaults | Christian Breunig | |
T5319: remove workarounds for incorrect defaults in config-mode scripts | |||
2023-08-08 | Merge pull request #2138 from sever-sever/T4989 | Christian Breunig | |
T4989: QoS fix policer match mark | |||
2023-08-08 | T4989: QoS fix policer match mark | Viacheslav Hletenko | |
2023-08-08 | Merge pull request #2119 from nicolas-fort/T5014-dnat | Christian Breunig | |
T5014: nat: add source and destination nat options for configuring lo… | |||
2023-08-07 | rpki: T2044: add "reset rpki" op-mode command | Christian Breunig | |
2023-08-07 | dhcp: T5428: always release lease from default VRF | Christian Breunig | |
Otherwise packet can be received in a VRF that was already deleted. Image of the following CLI commands: del interface ethernet eth0 address dhcp del interface ethernet eth0 vrf red del vrf name red VRF could be deleted even if dhclient release was not yet completely processed. |