| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
Increase NTP config version from 0 to 1. For more information see [1].
ntpd: Warning: the "dynamic" keyword has been obsoleted and will
be removed in the next release
[1]: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=553976
(cherry picked from commit 7a615ab169a7f6141fd9b6e84ac1ea415216d9bb)
|
|
Increase NTP config version from 0 to 1. For more information see [1].
ntpd: Warning: the "dynamic" keyword has been obsoleted and will
be removed in the next release
[1]: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=553976
|
|
(cherry picked from commit 604600bf40873a7d64329d88dafd90196ed10745)
|
|
Current implementation referred to a no longer existing Perl script to
restart the IPv4 and IPv6 instance of dhcrelay.
> restart dhcp relay-agent
> restart dhcpv6 relay-agent
(cherry picked from commit f9007c5f5e6e7957ab1c955c10b3842dca7b253d)
|
|
(cherry picked from commit fe639cd05002b16a82b74262966598bab976e67f)
|
|
|
|
Current implementation referred to a no longer existing Perl script to
restart the IPv4 and IPv6 instance of dhcrelay.
> restart dhcp relay-agent
> restart dhcpv6 relay-agent
|
|
|
|
|
|
(cherry-picked 439d86aa55c7eed9619391ecec04bc1fbd5f9323)
|
|
|
|
- ipv6 DNS, ippv6pool, ipv6 PD, ipv6 inf IDs
- snmp subagent and master mode
- connlimits configurable
- more ppp options configurable (mppe, lcp-echo intervals, mtu, mru etc.)
- radius extended options (for HA etc.)
|
|
(cherry picked from commit 2375e0876abeff26ba875419b62f974d0ff6122a)
|
|
In other words, remove top level tag nodes from radius-server and introduce
a regular "radius" node, thus we can add additional features, too. A migration
script is provided in vyos-1x which takes care of this config migration.
Change VyOS CLI from:
vyos@vyos# show vpn pptp
remote-access {
authentication {
mode radius
radius-server 172.16.100.10 {
key barbarbar
}
radius-server 172.16.100.20 {
key foofoofoo
}
}
To:
vyos@vyos# show vpn l2tp
remote-access {
authentication {
mode radius
radius {
server 172.16.100.10 {
key barbarbar
}
server 172.16.100.20 {
key foofoofoo
}
}
}
(cherry picked from commit 2b8af944d60de2fca8370a108e422ccc6b3d006d)
|
|
|
|
In other words, remove top level tag nodes from radius-server and introduce
a regular "radius" node, thus we can add additional features, too. A migration
script is provided in vyos-1x which takes care of this config migration.
Change VyOS CLI from:
vyos@vyos# show vpn pptp
remote-access {
authentication {
mode radius
radius-server 172.16.100.10 {
key barbarbar
}
radius-server 172.16.100.20 {
key foofoofoo
}
}
To:
vyos@vyos# show vpn l2tp
remote-access {
authentication {
mode radius
radius {
server 172.16.100.10 {
key barbarbar
}
server 172.16.100.20 {
key foofoofoo
}
}
}
|
|
|
|
|
|
This bug was present since the old Vyatta days as the use-web statement
was only put into action when also "use-web skip" was defined.
The service https://ipinfo.io/ip does not place any crap in front of the
IP address so the skip statement was not used and made no sense.
(cherry picked from commit 718d9a123c2ba72b87d7f6e48a5e6d83fa86d494)
|
|
This bug was present since the old Vyatta days as the use-web statement
was only put into action when also "use-web skip" was defined.
The service https://ipinfo.io/ip does not place any crap in front of the
IP address so the skip statement was not used and made no sense.
|
|
In other words, remove top level tag nodes from radius-server and
introduce a regular
"radius" node, thus we can add additional features, too. A migration
script is provided
in vyos-1x which takes care of this config migration.
Change VyOS CLI from:
vyos@vyos# show vpn l2tp
remote-access {
authentication {
mode radius
radius-server 172.16.100.10 {
key barbarbar
}
radius-server 172.16.100.20 {
key foofoofoo
}
radius-source-address 172.16.254.100
}
To:
vyos@vyos# show vpn l2tp
remote-access {
authentication {
mode radius
radius {
server 172.16.100.10 {
key barbarbar
}
server 172.16.100.20 {
key foofoofoo
}
source-address 172.16.254.100
}
}
(cherry picked from commit 979ad1a92af9ee2150ecfe5309a9d1b43fdad59d)
|
|
In other words, remove top level tag nodes from radius-server and
introduce a regular
"radius" node, thus we can add additional features, too. A migration
script is provided
in vyos-1x which takes care of this config migration.
Change VyOS CLI from:
vyos@vyos# show vpn l2tp
remote-access {
authentication {
mode radius
radius-server 172.16.100.10 {
key barbarbar
}
radius-server 172.16.100.20 {
key foofoofoo
}
radius-source-address 172.16.254.100
}
To:
vyos@vyos# show vpn l2tp
remote-access {
authentication {
mode radius
radius {
server 172.16.100.10 {
key barbarbar
}
server 172.16.100.20 {
key foofoofoo
}
source-address 172.16.254.100
}
}
|
|
|
|
|
|
This requires adding a query-local-address6 setting to enable outbound
IPv6 queries in general, and also formatting upstream nameserver IPv6
addresses in such a way that Recursor can parse them.
(cherry picked from commit 5d2e36da657fd2e15f9dc8d5588b06478bd3d55c)
|
|
T978: Support PowerDNS Recursor outbound queries over IPv6.
|
|
This requires adding a query-local-address6 setting to enable outbound
IPv6 queries in general, and also formatting upstream nameserver IPv6
addresses in such a way that Recursor can parse them.
|
|
Fixes T976: dhcp - move commit hook into shared-network
|
|
Move the on commit in a generated dhcpd.conf into the shared-network
to fix hostfile-update not working.
|
|
Fixes T979: Allow spaces in wireguard interface description
|
|
(cherry picked from commit 15065070b7c22709e259a6ae0cc4a27fd7b59d6b)
|
|
By default PowerDNS only allows 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16
for incoming DNS queries - we changed this to 0.0.0.0/0 to be reachable
by everyone.
This only covered the IPv4 address space and any IPv6 related query was
not handled by the server.
(cherry picked from commit 1682d7167461ab9ef72471b31b199094b335276d)
|
|
|
|
By default PowerDNS only allows 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16
for incoming DNS queries - we changed this to 0.0.0.0/0 to be reachable
by everyone.
This only covered the IPv4 address space and any IPv6 related query was
not handled by the server.
|
|
|
|
Previous to this commit, setting a Wireguard interface description would
result in a validation error similar to the following:
```
brooks@border# set interfaces wireguard wg0 description "Tunnel"
[edit]
brooks@border# set interfaces wireguard wg0 description "Tunnel tunnel
tunnel"
interface description is too long (limit 100 characters)
Value validation failed
Set failed
[edit]
```
This commit makes the regex less restrictive up to 100 characters.
|
|
Examples:
=========
CFG commands:
vyos@vyos# set protocols igmp-proxy disable-quickleave
vyos@vyos# set protocols igmp-proxy interface eth0 alt-subnet '172.16.35.0/24'
vyos@vyos# set protocols igmp-proxy interface eth0 alt-subnet '172.31.0.0/24'
vyos@vyos# set protocols igmp-proxy interface eth0 role 'upstream'
vyos@vyos# set protocols igmp-proxy interface eth1 role 'downstream'
vyos@vyos# show protocols
igmp-proxy {
disable-quickleave
interface eth0 {
alt-subnet 172.16.35.0/24
alt-subnet 172.31.0.0/24
role upstream
}
interface eth1 {
role downstream
}
}
OP mode commands:
-----------------
vyos@vyos:~$ show ip multicast interface
Interface BytesIn PktsIn BytesOut PktsOut Local
eth0 0.0b 0 0.0b 0 xxx.xxx.xxx.65
eth1 0.0b 0 0.0b 0 xxx.xxx.xx.201
vyos@vyos:~$ show ip multicast mfc
Group Origin Pkts Bytes Wrong In Out
xxx.x.xx.1 xxx.xx.0.1 10 9.81KB 0 eth0 eth1
xxx.x.xx.2 xxx.xx.0.1 --
(cherry picked from commit 698c5a40b2ece2f3eb41ad932660f7ceb1f80092)
|
|
* igmproxy:
T959: XML/Python rewrite of "protocol igmp-proxy" and op-mode commands
show-raid.xml: fixup indention
Add missing VyOS copyright notices
|
|
- pubkey updates now work
- removing peers or interfaces work, was related tothe fact that tag nodes are called multiple times
|
|
- pubkey updates now work
- removing peers or interfaces work, was related tothe fact that tag nodes are called multiple times
|
|
|
|
|
|
|
|
|
