summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2024-04-23Merge pull request #3355 from sever-sever/T6109Christian Breunig
T6109: Fix remote logging for sudo commands
2024-04-23T6109: Fix remote logging for sudo commandsViacheslav Hletenko
This fix for bug when `sudo` commands were not send to the remote syslog server. They stop before the directive that includes all configurations `$IncludeConfig /etc/rsyslog.d/*.conf`
2024-04-23T6217: Conntrack-sync change the actual name of the scriptViacheslav Hletenko
The actual name of the script is `vyos-vrrp-conntracksync.sh`
2024-04-23Merge pull request #3342 from fsdrw08/currentChristian Breunig
T6226: add HAPROXY tcp-request related block to load-balancing reverse proxy config
2024-04-23T6226: add HAPROXY tcp-request related block to load-balancing reverse proxy ↵Windom WU
config
2024-04-23GitHub: use ubuntu-latest for labeler actionChristian Breunig
2024-04-23GitHub: adjust MergifyIo regex match to both upper and lower caseChristian Breunig
2024-04-23Merge pull request #3346 from jestabro/add-image-enospcChristian Breunig
image-tools: T6260: remove persistence image directory if no space error
2024-04-23Merge pull request #3347 from Giggum/vyos-1x_T6261Christian Breunig
connect_disconnect: T6261: correction to typo in check_ppp_running
2024-04-22connect_disconnect: T6261: correction to typo in check_ppp_running functionGinko
Connect_disconnect: T6261: correction to typo in check_ppp_running function Changes include: 1. Replaces "beeing" -> being in print statement for check_ppp_running 2. Replaces "can not" -> cannot in print statement on lines 61 and 93
2024-04-22ntp: T4909: Rewrite NTP op mode in new formatGinko
ntp: T4909: Rewrite NTP op mode in new format Adapts ntp.xml.in to reference new ntp.py file Add ntp.py Adds a check to ntp.py to verify if the ntp service is configured Adds raw mode to ntp.py For raw output, replaces the original method of parsing the command line output FROM re.split+regex TO csv.reader. Separates chrony commands into equivalent functions show_tracking, show_sources, source_sourcestats and show_activity Revises the names of raw dictionary keys variables to be lowercase Corrects a comment typo and renames function name used for raw mode
2024-04-22image-tools: T6260: remove persistence image directory if no space errorJohn Estabrook
2024-04-22PKI: T6259: Support RFC822 names in certificate generationAlex W
2024-04-22Merge pull request #3339 from andre-luiz-dos-santos/patch-1Christian Breunig
xml: T5738: fix typo in radius-additions.xml.i
2024-04-22xml: T5738: fix typo in radius-additions.xml.iAndré Luiz dos Santos
2024-04-22Merge pull request #3336 from c-po/t6244-seconds_to_humanDaniil Baturin
vyos.utils: T6244: add whitespace after time unit in uptime
2024-04-22Merge pull request #3337 from Embezzle/T6237Christian Breunig
T6237: IPSec remote access VPN: ability to set EAP ID of clients
2024-04-21T6237: IPSec remote access VPN: ability to set EAP ID of clientsAlex W
2024-04-21smoketest: support dynamic enable of smoketest debuggingChristian Breunig
$ touch /tmp/vyos.smoketest.debug will enable dynamic debugging of the smoketests - showing the appropriate CLI commands on stdout
2024-04-21Merge pull request #3338 from nvollmar/haproxy-http-checkChristian Breunig
T6246: improve haproxy http check configuration
2024-04-21op-mode: T6244: add whitespace after time unit in "show system uptime"Christian Breunig
2024-04-21vyos.utils: T6244: add support for year timebase in seconds_to_human()Christian Breunig
We only supported calculating seconds to weeks but not seconds to years. This has been added. Testcase: from vyos.utils.convert import seconds_to_human minute = 60 hour = minute * 60 day = hour * 24 week = day * 7 year = day * 365.25 for separator in ['', ' ', '-', '/']: print(f'----- Using separator "{separator}" -----') print(seconds_to_human(10, separator)) print(seconds_to_human(5* minute, separator)) print(seconds_to_human(3* hour, separator)) print(seconds_to_human(4* day, separator)) print(seconds_to_human(7 * week, separator)) print(seconds_to_human(10 * year, separator)) print(seconds_to_human(5*year + 4*week + 3*day + 2*hour + minute + 5, separator)) print() cpo@LR1.wue3:~$ ./foo.py ----- Using separator "" ----- 10s 5m 3h 4d 7w 10y 5y4w3d2h1m5s ----- Using separator " " ----- 10s 5m 3h 4d 7w 10y 5y 4w 3d 2h 1m 5s ----- Using separator "-" ----- 10s 5m 3h 4d 7w 10y 5y-4w-3d-2h-1m-5s ----- Using separator "/" ----- 10s 5m 3h 4d 7w 10y 5y/4w/3d/2h/1m/5s
2024-04-21vyos.utils: T6244: use list to build up result stringChristian Breunig
When handling optional separators rather build up a list and join the list with the requested delimiter to form the resulting human readable time string.
2024-04-21T6246: improve haproxy http check configurationNicolas Vollmar
2024-04-20gre: T6252: allow tunnel MTU to exceed 8024 bytesfett0
2024-04-19Merge pull request #3325 from nvollmar/haproxy-http-checkDaniil Baturin
T6246: basic haproxy http-check configuration
2024-04-18Merge pull request #3330 from jestabro/show-openvpn-failDaniil Baturin
openvpn: T6245: return 'n/a' if client info not available
2024-04-18openvpn: T6245: return 'n/a' if client info not availableJohn Estabrook
2024-04-18Merge pull request #3326 from sever-sever/T6221Daniil Baturin
T6221: Return default ip rule values after deleting VRF
2024-04-18Merge pull request #3327 from sarthurdev/T6241John Estabrook
pki: T6241: do not call dependency before its initialization
2024-04-18pki: T6241: do not call dependency before its initializationJohn Estabrook
2024-04-18T6221: Return default ip rule values after deleting VRFViacheslav Hletenko
Fix for restoring default ip rule values after deleting VRF Defult values: ``` $ ip rule 0: from all lookup local 32766: from all lookup main 32767: from all lookup default ``` After adding and deleting a VRF we get unexpected values: ``` $ ip rule 1000: from all lookup [l3mdev-table] 2000: from all lookup [l3mdev-table] unreachable 32765: from all lookup local 32766: from all lookup main 32767: from all lookup default ```
2024-04-17T6246: adds basic haproxy http-check configurationNicolas Vollmar
2024-04-17Merge pull request #3320 from nicolas-fort/T6191Christian Breunig
T6191: do not append action policy route|route6 when its not specified
2024-04-16Merge pull request #3321 from jestabro/confirm-passJohn Estabrook
image-tools: T6154: installer prompts to confirm password
2024-04-16image-tools: T6154: installer prompts to confirm a non-default passwdJohn Estabrook
2024-04-16T6191: do not append action to firewall and policy route|route6 when its not ↵Nicolas Fort
specified, in order to ensure same behavior as in Equuleus
2024-04-16Merge pull request #3313 from sever-sever/T5722Daniil Baturin
T5722: Failover route add option onlink
2024-04-16Merge pull request #3315 from Embezzle/T6242Daniil Baturin
T6242: load-balancing reverse-proxy: Ability for ssl backends to not verify server certificates
2024-04-16qos: T4248: Allow to remove the only rule from the qos classkhramshinr
2024-04-15T6242: load-balancing reverse-proxy: Ability for ssl backends to not verify ↵Alex W
server certificates
2024-04-15Merge pull request #3311 from sarthurdev/T6241John Estabrook
pki: T6241: Fix dependency updates on PKI changes
2024-04-15T5722: Failover route add option onlinkViacheslav Hletenko
onlink pretend that the nexthop is directly attached to this link, even if it does not match any interface prefix. Useful when gateway not in the same interface network set interfaces ethernet eth0 vif 10 address '10.20.30.1/32' set protocols static route 10.20.30.0/32 interface eth0.10 set protocols failover route 192.0.2.11/32 next-hop 10.20.30.0 onlink ``` vyos@r4# sudo ip route add 192.0.2.111/32 via 10.20.30.0 dev eth0.10 metric 1 proto failover Error: Nexthop has invalid gateway. [edit] vyos@r4# [edit] vyos@r4# sudo ip route add 192.0.2.111/32 via 10.20.30.0 dev eth0.10 onlink metric 1 proto failover [edit] vyos@r4# ```
2024-04-15Merge pull request #3309 from nicolas-fort/T5535Daniil Baturin
T5535: firewall: migrate command <set system ip disable-directed-broadcast> to firewall global-optinos
2024-04-15pki: T6241: Fix dependency updates on PKI changessarthurdev
2024-04-15Merge pull request #3308 from sever-sever/T5734Daniil Baturin
T5734: OpenVPN check PKI DH name exists if DH configured
2024-04-15T5535: firewall: migrate command <set system ip disable-directed-broadcast> ↵Nicolas Fort
to firewall global-optinos
2024-04-15T5734: OpenVPN check PKI DH name exists if DH configuredViacheslav Hletenko
Check if DH is configured for OpenVPN but does not exist in the PKI section ``` set pki dh dh-correct parameters 'xxxx' set interfaces openvpn vtun10 tls dh-params 'dh-fake' File "/usr/libexec/vyos/conf_mode/interfaces_openvpn.py", line 208, in verify_pki pki_dh = pki['dh'][tls['dh_params']] ~~~~~~~~~^^^^^^^^^^^^^^^^^^ KeyError: 'dh-fake' ```
2024-04-13Merge pull request #3297 from HollyGurza/T6035Daniil Baturin
qos: T6035: QoS policy shaper queue-type random-detect requires limit avpkt
2024-04-12Merge pull request #3291 from aapostoliuk/T6100-circinusChristian Breunig
T6100: Added NAT migration from IP/Netmask to Network/Netmask