summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2024-02-28Merge pull request #3059 from vyos/mergify/bp/sagitta/pr-3055Christian Breunig
vrf: conntrack: T6073: Populate VRF zoning chains only while conntrack is required (backport #3055)
2024-02-28vrf: conntrack: T6073: Populate VRF zoning chains only while conntrack is ↵sarthurdev
required (cherry picked from commit 6f7d1e15665655e37e8ca830e28d9650445c1217)
2024-02-28smoketest: T5160: Deduplicate nftables verify functions to testcase class, ↵sarthurdev
remove obsolete imports (cherry picked from commit bc9ccaeda54279022b73a806fa8aa77c523fbecc)
2024-02-28Merge pull request #3057 from vyos/mergify/bp/sagitta/pr-3054Christian Breunig
vyos-hostsd: T4270: do not resolve local router FQDN to 127.0.1.1 (backport #3054)
2024-02-28container: T6074: do not allow deleting images which have a container runningChristian Breunig
The current VyOS container image manipulation "delete container image" command allows force removal of container images - even if they still have a container running. Drop the --force option from the op-mode script. vyos@vyos:~$ delete container image 2636705a815a Error: image used by 6adb0175d47f.. image is in use by a container: consider listing external containers and force-removing image (cherry picked from commit bfc065f2c4dcfc969981453e49b8156330674006)
2024-02-28vyos-hostsd: T4270: do not resolve local router FQDN to 127.0.1.1Christian Breunig
Clients using VyOS as their DNS server and trying to resolve the FQDN of the router will receive 127.0.1.1 as answer. set service dns forwarding allow-from '172.16.0.0/12' set service dns forwarding listen-address '172.31.0.254' set service dns forwarding negative-ttl '60' set system domain-name 'vyos.net' set system host-name 'R1' Will return: $ host R1.vyos.net 172.31.0.254 Using domain server: Name: 172.31.0.254 Address: 172.31.0.254#53 Aliases: R1.vyos.net has address 127.0.1.1 When it should rather return the real IP address assigned via DNS. (cherry picked from commit 665ae5072911fbb1373c393d9b57212552957888)
2024-02-24Merge pull request #3048 from vyos/mergify/bp/sagitta/pr-3046Christian Breunig
container: T6060: support removing all container images at once via op-mode (backport #3046)
2024-02-24Merge pull request #3047 from vyos/mergify/bp/sagitta/pr-2633Daniil Baturin
T5781: add ability to add additional minisign keys (backport #2633)
2024-02-24container: T6060: support removing all container images at once via op-modeChristian Breunig
cpo@LR1.wue3:~$ show container image REPOSITORY TAG IMAGE ID CREATED SIZE docker.io/library/busybox latest 3f57d9401f8d 5 weeks ago 4.5 MB docker.io/jacobalberty/unifi v7.5 f6df690d6c67 4 months ago 827 MB docker.io/jacobalberty/unifi v7.4 7838b75ef7b9 7 months ago 786 MB cpo@LR1.wue3:~$ delete container image Possible completions: 3f57d9401f8d Delete container image 7838b75ef7b9 all f6df690d6c67 cpo@LR1.wue3:~$ delete container image all cpo@LR1.wue3:~$ show container image REPOSITORY TAG IMAGE ID CREATED SIZE (cherry picked from commit 9e51a1661fac3e0d762cffdd28705e7e4bad76e9)
2024-02-24Merge pull request #3043 from vyos/mergify/bp/sagitta/pr-3042Christian Breunig
T6054: WLB: fix rules parsing when using multiple ports in one rule (backport #3042)
2024-02-24Merge pull request #3045 from vyos/mergify/bp/sagitta/pr-3044Christian Breunig
container: T5909: move registry login to op-mode (backport #3044)
2024-02-24T5781: use dynamic minisign key listKyleM
Updated image_installer.py to try and validate image with all minisign public keys in /usr/share/vyos/keys/ (cherry picked from commit dfbc854157fa4655a8f459b2447df64dc74119d1)
2024-02-24container: T5909: move registry login to op-modeChristian Breunig
It does not make sense to perform the "podman login" command when setting up containers, as images are not automatically pulled in from the registry - due to issues with the default route during startup. The same issue manifests in "podman login" where we can not login to a registry unless there is a default route present. This commit changes the behavior that the container registry is part of the configuration, but it is only referenced during "add container image" and thus never during system boot. (cherry picked from commit baf30d8319ef4d0f0cc4cdf0f7c12f03f8a492b6)
2024-02-23T6054: WLB: fix rules parsing when using multiple ports in one ruleNicolas Fort
(cherry picked from commit 6d79c73d4fa2d26197c1bc19df215a204af6c5dd)
2024-02-23Merge pull request #3041 from vyos/mergify/bp/sagitta/pr-3040Christian Breunig
pki: T6055: Cleanup unnecessary sudo, preserve env when sudo is needed (backport #3040)
2024-02-23pki: T3642: Fix typo in PKI includessarthurdev
(cherry picked from commit e2adfdef9e79aa7550e82a12d661718a479aba90)
2024-02-23pki: T6055: Cleanup unnecessary sudo, preserve env when sudo is neededsarthurdev
(cherry picked from commit 1f22ac1bb0a32d3e7ef06713f42e7f6f1c3f3775)
2024-02-22Merge pull request #3039 from dmbaturin/T3420-no-upnp-for-now1.4.0-epa1Christian Breunig
upnp: T3420: disable the UPnP CLI in Sagitta until bugs are fixed
2024-02-22upnp: T3420: disable the UPnP CLI in Sagitta until bugs are fixedDaniil Baturin
2024-02-22Merge pull request #3038 from vyos/mergify/bp/sagitta/pr-3037Christian Breunig
conntrack: T5376: Fix priority for CT helpers (backport #3037)
2024-02-22conntrack: T5376: Fix priority for CT helperssarthurdev
Ref: https://www.spinics.net/lists/netfilter/msg59549.html (cherry picked from commit 538aeeccc46d31ab54647b67c8a2ba442d61cc46)
2024-02-21Merge pull request #3036 from vyos/mergify/bp/sagitta/pr-3032Christian Breunig
vyos-event-handler.py: T6048: handling exception when _PID is not found (backport #3032)
2024-02-20event-handler: T6048: handling exception when _PID is not foundgavol
(cherry picked from commit b678009b484eb6d20fceb5db00b0dc62344296a2)
2024-02-20Merge pull request #3034 from vyos/mergify/bp/sagitta/pr-3033Christian Breunig
T6050: Fixed descriptions of 'extended-scripts' commands in accel-ppp (backport #3033)
2024-02-20T6050: Fixed descriptions of 'extended-scripts' commands in accel-pppaapostoliuk
Removed word 'PPPoE' from descriptions in common template for all accel-ppp services. (cherry picked from commit 8e1793834bf453ff252f38ae5271f7f9bcea9bf9)
2024-02-18Merge pull request #3031 from vyos/mergify/bp/sagitta/pr-3030Christian Breunig
smoketest: T6043: proper cleanup after testcase (backport #3030)
2024-02-18smoketest: T6043: proper cleanup after testcaseChristian Breunig
This extends commit dbe8c613b ("bridge: T6043: do not call vxlan dependency if interface does not exist (yet)") with a proper cleanup of additional interfaces created during the testrun. (cherry picked from commit 4cb80868ab3ab35453d8609392ca470a02764fac)
2024-02-18Merge pull request #3029 from vyos/mergify/bp/sagitta/pr-3026Christian Breunig
bridge: T6043: do not call vxlan dependency if interface does not exist (yet) (backport #3026)
2024-02-18bridge: T6043: do not call vxlan dependency if interface does not exist (yet)Christian Breunig
In order to keep the proper priority list during system startup and on initial setup/commit for this feature the dependent VXLAN code should not be called, if the interface in question does not exist (yet). (cherry picked from commit dbe8c613bb80bc8b714398825054ade5942ea75b)
2024-02-17Merge pull request #3023 from vyos/mergify/bp/sagitta/pr-3019John Estabrook
login: T5972: add possibility to disable individual local user accounts (backport #3019)
2024-02-17Merge pull request #3028 from vyos/mergify/bp/sagitta/pr-3027Daniil Baturin
op-mode: T5581: add "show ipv6 nht" command (backport #3027)
2024-02-17Merge pull request #3025 from vyos/mergify/bp/sagitta/pr-3024John Estabrook
image-tools: T6041: fix logic of is_live_boot to allow for PXE boot (backport #3024)
2024-02-17op-mode: T5581: add "show ipv6 nht" commandChristian Breunig
This improves the implementation to support both IPv4 and IPv6 (cherry picked from commit e144e55d6360a92279167198928cbe24efd97f08)
2024-02-17image-tools: T6041: fix logic of is_live_boot to allow for PXE bootJohn Estabrook
(cherry picked from commit 5949ff72a9f953da9d06d1ad75add0e6023d0dc4)
2024-02-17Merge pull request #3022 from vyos/mergify/bp/sagitta/pr-3021Viacheslav Hletenko
T3722: Fixed L-Time in 'show vpn ike sa' command (backport #3021)
2024-02-17login: T5972: add possibility to disable individual local user accountsChristian Breunig
* set system login user <name> disable (cherry picked from commit 6e0b146ed3b90da577c3ecba38836883fd435e7a)
2024-02-17T3722: Fixed L-Time in 'show vpn ike sa' commandaapostoliuk
Fixed L-Time in 'show vpn ike sa' command (cherry picked from commit bb6e6fc2119584df6ec571e7e9335dc509d5faeb)
2024-02-16Merge pull request #3017 from vyos/mergify/bp/sagitta/pr-3016Christian Breunig
T6001: add option to disable next-hop-tracking resolve-via-default (backport #3016)
2024-02-16T6001: add option to disable next-hop-tracking resolve-via-default in VRF ↵Christian Breunig
context * set vrf name <name> ip nht no-resolve-via-default * set vrf name <name> ipv6 nht no-resolve-via-default (cherry picked from commit 0fafc4bcdb9efc03796ddab0832471b11ba1bbe0)
2024-02-16T6001: add option to disable next-hop-tracking resolve-via-defaultChristian Breunig
* set system ip nht no-resolve-via-default * set system ipv6 nht no-resolve-via-default (cherry picked from commit ece0e768f36e52f8964823d891264d7c187204ec)
2024-02-16T5150: rename smoketest config egb-igp-route-maps -> egp-igp-route-mapsChristian Breunig
EDB should be EGP for exterior gateway protocol (cherry picked from commit 56654191613113764415d7eddadcbd8c97e126de)
2024-02-15Merge pull request #3014 from vyos/mergify/bp/sagitta/pr-3011Daniil Baturin
rpki: T6034: extend config migration testcase (backport #3011)
2024-02-15rpki: T6034: extend config migration testcaseChristian Breunig
(cherry picked from commit 354603398b693af06695d5d1a7602f17079f8350)
2024-02-15Merge pull request #3013 from vyos/mergify/bp/sagitta/pr-3004Christian Breunig
T6029: Rewritten Accel-PPP services to an identical feature set (backport #3004)
2024-02-15T6029: Rewritten Accel-PPP services to an identical feature setaapostoliuk
Removed dhcp-interface option (l2tp) Added wins-server (sstp) Added description (ipoe, pppoe, sstp, pptp) Added exteded-script (l2tp, sstp, pptp) Added shaper (ipoe, pptp, sstp, l2tp) Added limits (ipoe, pptp, sstp, l2tp) Added snmp ( ipoe, pptp,sstp, l2tp) Refactoring and reformated code. (cherry picked from commit ac6a16f6c5ad7700789759e1ec093236c2e182a2)
2024-02-14Merge pull request #3009 from vyos/mergify/bp/sagitta/pr-2988Christian Breunig
rpki: T6034: move file based SSH keys for authentication to PKI subsystem (backport #2988)
2024-02-13Merge pull request #3008 from vyos/mergify/bp/sagitta/pr-3005Viacheslav Hletenko
T6019: Fix smoketest test_system_conntrack custom timeout (backport #3005)
2024-02-13rpki: T6034: Add missing sections to configtestsarthurdev
(cherry picked from commit 3bfbbef22954488541abd3cad262b1e196d4c240)
2024-02-13rpki: T6024: add migration scripts from file based keys to PKI subsystemChristian Breunig
(cherry picked from commit 4d76e9ef3e7773ed96c037108021c292675b101c)
2024-02-13rpki: T6034: remove OpenSSH keys from /run/frr when unloadedChristian Breunig
(cherry picked from commit 78820752b936e77d30f995498ff36487c5c6af87)