summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2023-02-28Merge branch 'vyos:current' into currentYouyuan
2023-02-28Merge pull request #1800 from vfreex/feature-babelChristian Breunig
T4977: Add Babel routing protocol support
2023-02-28Merge pull request #1784 from Zen3515/current-add-container-command-argChristian Breunig
container: T4014: Add `command`, `arg` and `entrypoint` configuration options for containers
2023-02-28Merge pull request #1853 from sever-sever/T5033Christian Breunig
T5033: Ability to generate muliple keys from a file or link
2023-02-28Merge pull request #1858 from jestabro/typo-openvpnChristian Breunig
openvpn: T4770: fix tabulate output in _format_openvpn
2023-02-27openvpn: T4770: fix tabulate output in _format_openvpnJohn Estabrook
2023-02-27Merge pull request #1856 from jestabro/list-interfacesChristian Breunig
op-mode: T4952: use list_interfaces from vyos-utils
2023-02-27op-mode: T4952: use list_interfaces from vyos-utilsJohn Estabrook
2023-02-27Merge pull request #1855 from aapostoliuk/T4955-2-sagittaChristian Breunig
openconnect: T4955: Renamed function and changed error messages
2023-02-27openconnect: T4955: Renamed function and changed error messagesaapostoliuk
Renamed local function to be identical to 1.3 ver Changed error messages after commit to be identical to 1.3 ver
2023-02-27Merge pull request #1644 from aapostoliuk/T4790-sagittaViacheslav Hletenko
T4790: Added check of the sum of radius timeouts
2023-02-27T5033: Ability to generate muliple keys from a file or linkViacheslav Hletenko
We generate only one public key (string) from a file xxx.pub op-mode with 'generate public-key-command user vyos lik_to_key_file' Add ability to generate configuration (from op-mode) for multiple keys As github keys don't use identifiers, generate uuid4 id for them
2023-02-26graphql: T4979: add user info to token requestJohn Estabrook
2023-02-26T4997: add dhcp client user hooksbri
This commit adds a script to run user-defined hook scripts upon renewing a DHCP lease. This can be used to, for example, dynamically define a firewall address-group based on the dynamic IP address of an interface. For an example of its use (as well as the use case I had in mind while coding this), see https://vyos.dev/T2196#142394 Co-authored-by: br <git@ibeep.com>
2023-02-26policy: T5035: Add more actions to policy route ruleYouyuan
2023-02-26smoketest: tunnel: T5034: adjust to new multicast CLI syntaxChristian Breunig
Commit 54c36e43 (tunnel: T5034: migrate "multicast enable" CLI node to enable-multicast) changed the syntax on the CLI. This commits changes the testcase to make use of the new syntax.
2023-02-25tunnel: T5034: migrate "multicast enable" CLI node to enable-multicastChristian Breunig
Tunnel interface multicast settings can be "enabled or disabled". As we prefer valueless nodes, and the linux kernel default is "disabled" we should add a set interfaces tunnel tunXX enable-multicast command
2023-02-25python: T5026: Replace deprecated Python modules crypt, spwdsarthurdev
DeprecationWarning: 'crypt' is deprecated and slated for removal in Python 3.13 DeprecationWarning: 'spwd' is deprecated and slated for removal in Python 3.13
2023-02-24login: T1948: drop absolut path to /usr/libexec/vyos, re-use vyos.defaultsChristian Breunig
2023-02-24Merge pull request #1851 from zdc/T4943-sagittaChristian Breunig
login: T4943: Fixed 2FA + RADIUS compatibility
2023-02-24login: T4943: Fixed 2FA + RADIUS compatibilityzsdc
MFA requires KbdInteractiveAuthentication to ask a second factor, and the RADIUS module for PAM does not like it, which makes them incompatible. This commit: * disables KbdInteractiveAuthentication * changes order for PAM modules - make it first, before `pam_unix` or `pam_radius_auth` * enables the `forward_pass` option for `pam_google_authenticator` to accept both password and MFA in a single input As a result, local, RADIUS, and MFA work together. Important change: MFA should be entered together with a password. Before: ``` vyos login: <USERNAME> Password: <PASSWORD> Verification code: <MFA> ``` Now: ``` vyos login: <USERNAME> Password & verification code: <PASSWORD><MFA> ```
2023-02-24Merge pull request #1848 from sever-sever/T5029Christian Breunig
T5029: Change nginx default root directory
2023-02-24Merge pull request #1850 from jestabro/T5030Christian Breunig
http-api: T5030: fix missing check on delete keys id tag or key value
2023-02-24Merge pull request #1849 from sever-sever/T5029-regexChristian Breunig
T5029: Fix Regex for nginx to find a better match
2023-02-24T5029: Change nginx default root directoryViacheslav Hletenko
2023-02-24T5029: Fix Regex for nginx to find a better matchViacheslav Hletenko
2023-02-24http-api: T5030: fix missing check on delete keys id tag or key valueJohn Estabrook
2023-02-24Merge pull request #1847 from aapostoliuk/T4985-2-sagittaChristian Breunig
ipsec: T4985: Changed 'reset vpn ipsec-peer' to use vici library
2023-02-24ipsec: T4985: Changed 'reset vpn ipsec-peer' to use vici libraryaapostoliuk
1. Changed reset IPSEC, IKE SAs to use vici library. 2. Created package vyos.ipsec to communicate with vici library.
2023-02-23Merge pull request #1842 from sever-sever/T5027Christian Breunig
T5027: Enable legacy provider to support current ciphers
2023-02-23Merge pull request #1829 from sever-sever/T5013Daniil Baturin
T5013: Extend accelppp op-mode script to get statistic
2023-02-23Merge pull request #1845 from sever-sever/T5017Daniil Baturin
T5017: Add interface ifbX to constraint interface-name
2023-02-23T5017: Add interface ifbX to constraint interface-nameViacheslav Hletenko
2023-02-23Update README.mdYuriy Andamasov
2023-02-23Update sonar-project.propertiesYuriy Andamasov
2023-02-23T5027: Enable legacy provider to support current ciphersViacheslav Hletenko
* We will need to remove insecure ciphers as a long-term solution (BF-CBC, DES...)
2023-02-23Update sonar-project.propertiesYuriy Andamasov
2023-02-23Update sonar-project.propertiesYuriy Andamasov
2023-02-23Create build.ymlYuriy Andamasov
2023-02-22Merge pull request #1841 from sever-sever/T5025Christian Breunig
T5025: Fix timezones and validator use timedatectl
2023-02-22T5025: Fix timezones and validator use timedatectlViacheslav Hletenko
Fix timezones completion help and validotor Use 'timedatectl' insted of find zoneinfo
2023-02-22Merge pull request #1840 from sarthurdev/T5023Christian Breunig
openconnect: T5023: Conf script missing optional config parameter
2023-02-22openconnect: T5023: Conf script missing optional config parametersarthurdev
2023-02-22Merge pull request #1839 from sarthurdev/ipsecChristian Breunig
ipsec: T4593: Remove references to deleted variables
2023-02-22ipsec: T4593: Remove references to deleted variablessarthurdev
2023-02-21Merge pull request #1835 from sever-sever/T5020Christian Breunig
T5020: Extend openvpn op-mode to get list of configured clients
2023-02-21Merge pull request #1834 from sever-sever/T5007Christian Breunig
T5007: Fix multicast implementation for the tunnel interfaces
2023-02-21Merge pull request #1837 from sever-sever/T4978Christian Breunig
T4978: Default values of port rewrite default container values
2023-02-21T4978: Default values of port rewrite default container valuesViacheslav Hletenko
As we have the same variable name 'default_values' for container name, port and volume, it rewrites default container parameters with default port parameters Fix it
2023-02-20T5020: Extend openvpn op-mode to get list of configured clientsViacheslav Hletenko
Extend openvpn.py op-mode script to get list of configured clients for the '--raw' output