Age | Commit message (Collapse) | Author |
|
(cherry picked from commit 8500e8658ff10f52739143fd7814cf60c9195f16)
|
|
T6672: Fix system option ssh-client source-interface (backport #4000)
|
|
wireless: T6318: move country-code to a system wide configuration (backport #3656)
|
|
Wireless devices are subject to regulations issued by authorities. For any
given AP or router, there will most likely be no case where one wireless NIC is
located in one country and another wireless NIC in the same device is located
in another country, resulting in different regulatory domains to apply to the
same box.
Currently, wireless regulatory domains in VyOS need to be configured per-NIC:
set interfaces wireless wlan0 country-code us
This leads to several side-effects:
* When operating multiple WiFi NICs, they all can have different regulatory
domains configured which might offend legislation.
* Some NICs need additional entries to /etc/modprobe.d/cfg80211.conf to apply
regulatory domain settings, such as: "options cfg80211 ieee80211_regdom=US"
This is true for the Compex WLE600VX. This setting cannot be done
per-interface.
Migrate the first found wireless module country-code from the wireless
interface CLI to: "system wireless country-code"
(cherry picked from commit 9e22ab6b2aee48029d3455f65880e45c558cf1da)
|
|
(cherry picked from commit 5f780ebb7f1799eb9a93218bb83561db509c7e56)
Co-authored-by: Viacheslav Hletenko <v.gletenko@vyos.io>
|
|
op_mode: T6668: Add detailed statistics infomartion about MACsec (backport #4001)
|
|
(cherry picked from commit b7e7619636c372e642240c3e42f10c9813f2f587)
|
|
Fix for system option ssh-client source-interface
For the `verify_source_interface` the key `ifname` if required
(cherry picked from commit f453b33a6056de8fc5145ca9e680361fbce68348)
# Conflicts:
# smoketest/scripts/cli/test_system_option.py
|
|
op_mode: T3961: Generate PKI expect 2 character country code (backport #3997)
|
|
|
|
(cherry picked from commit 71d6d0fe31db13f4ddf5c75209b9bba88a1e0a32)
|
|
T5794: firewall: change firewall priority in oder to be loaded after all interfaces (backport #3988)
|
|
ipoe_server: T6649: Accel-ppp separate vlan-mon from listen interfaces (backport #3987)
|
|
(cherry picked from commit 58125b64c6678ea581998c9f83a19fae0cdbda12)
Co-authored-by: John Estabrook <jestabro@vyos.io>
|
|
(cherry picked from commit 663e468de2b431f771534b4e3a2d00a5924b98fe)
|
|
(cherry picked from commit b3ae35987a860a5d2cf64dfbc156a7ee7cc799a2)
|
|
op_mode: T6651: Add a top level op mode word "execute" (backport #3980)
|
|
(cherry picked from commit 69ab44309d56d73d92c2f8a7b0b4ca3016e61ff6)
|
|
T6646: conntrack: in ignore rules, if protocols=all, do not append it to the rule (backport #3981)
|
|
rule
(cherry picked from commit 2d953bedd0e416ead924f77ec612c997f950535a)
|
|
configd: T6633: inject missing env vars for configfs utility (backport #3937)
|
|
configverify: T6642: verify_interface_exists requires config_dict arg (backport #3961)
|
|
(cherry picked from commit a9024f302fd9657a0e6ef274cfc1dedccaf9d1a3)
|
|
configd: T6640: enforce in_session returns False under configd (backport #3955)
|
|
The function verify_interface_exists requires a reference to the ambient
config_dict rather than creating an instance. As access is required to
the 'interfaces' path, provide as attribute of class ConfigDict, so as
not to confuse path searches of script-specific config_dict instances.
(cherry picked from commit 5f23b7275564cfaa7c178d320868b5f5e86ae606)
|
|
T6643: firewall: fix ip address range parsing on firewall rules. (backport #3964)
|
|
(cherry picked from commit ff58f3e5f30d3775487a6a3b561863aa37d11d43)
|
|
qos: T6638: require interface state existence in verify conditional (backport #3960)
|
|
(cherry picked from commit ed63c9d1896a218715e13e1799fc059f4561f75e)
|
|
The CStore in_session check is a false positive outside of a config
session if a specific environment variable is set with an existing
referent in unionfs. To allow extensions when running under configd and
avoid confusion, enforce in_session returns False.
(cherry picked from commit 6543f444c42ff45e8115366256643186bf1dd567)
|
|
smoketest: T6539: remove explicit test for non existing global log entry (backport #3790)
|
|
Commit dd5908eac ("T6539: add logging options to load-balancer reverse-proxy")
added CLI commands to add custom log entries for frontend and backend servers
as well as a global log directive.
Remove explicit test code for no longer always present "global log" directive.
(cherry picked from commit b71481f7de93d43ff7208ff76cbc6b829b8951b2)
|
|
(cherry picked from commit 9979afa15650bd609399030da1751488baaac70b)
|
|
OPENVPN: T6555: add server-bridge options in mode server (backport #3920)
|
|
(cherry picked from commit 9bd2c196fe238a38f4fd0977efd1727333e7770e)
|
|
(cherry picked from commit 2fd817e51532c6428c95704233e62585e76b2ad8)
|
|
(cherry picked from commit 0162a27952d2166583a9e6aee2cd77b9c693062b)
|
|
(cherry picked from commit d5ae708581d453e2205ad4cf8576503f42e262b6)
|
|
(cherry picked from commit 4acad3eb8d9be173b76fecafc32b0c70eae9b192)
|
|
T6619: Remove the remaining uses of per-protocol FRR configs (backport #3916)
|
|
Functions called from config scripts outside of the standard functions
get_config/verify/generate/apply will not be called when run under
configd. Move as appropriate for the general config script structure and
the specific script requirements.
(cherry picked from commit aeb51976ea23d68d35685bdaa535042a05016185)
Co-authored-by: John Estabrook <jestabro@vyos.io>
|
|
(cherry picked from commit 31de01242a26dff8ff993061ea2f86102a8a7493)
Co-authored-by: John Estabrook <jestabro@vyos.io>
|
|
T6629: call check_kmod within a standard config function (backport #3932)
|
|
Move the remaining calls to check_kmod within a standard function,
with placement determined by the needs of the config script.
(cherry picked from commit 95eef73f1b002c8b9e8e769135ffed50c8ca6890)
|
|
(cherry picked from commit f2256ad338fc3fbaa9a5de2c0615603cd23e0f94)
|
|
console: T3334: remove unused directories imported from vyos.defaults (backport #3923)
|
|
(cherry picked from commit 4055090a8d4fd64288eab7ae41aa9440f5de4ece)
|
|
T6486: T6379: Rewrite generate openvpn client-config (backport #3747)
|
|
This command helps to generate users `.ovpn` files
Rewrite `generate openvpn client-config` to use Config()
It needs to get the default values as `ConfigTreeQuery` is
not supporting default values.
Fixed "ignores configured protocol type" if TCP is used
Fixed lzo, was used even if lzo not configured
Fixed encryption is not parse the dict
(cherry picked from commit fe50f1a9292b34e168b35453f2cfc2aee2ca4843)
|
|
T6617: T6618: vpn ipsec remote-access: fix profile generators (backport #3903)
|