Age | Commit message (Collapse) | Author | |
---|---|---|---|
2024-05-25 | op-mode: T6377: must call pki.py helper as root to work with ACME certificates | Christian Breunig | |
This fixes the error: vyos@vyos:~$ show pki certificate Traceback (most recent call last): File "/usr/lib/python3/dist-packages/vyos/config.py", line 111, in config_dict_mangle_acme tmp = read_file(f'{vyos_certbot_dir}/live/{name}/cert.pem') ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/lib/python3/dist-packages/vyos/utils/file.py", line 44, in read_file raise e File "/usr/lib/python3/dist-packages/vyos/utils/file.py", line 38, in read_file with open(fname, 'r') as f: ^^^^^^^^^^^^^^^^ PermissionError: [Errno 13] Permission denied: '/config/auth/letsencrypt/live/vyos/cert.pem' | |||
2024-05-24 | load-balancing haproxy: T6391: fix typo in timeout help (#3513) | Gregor Michels | |
Co-authored-by: Gregor Michels <hirnpfirsich@brainpeach.de> | |||
2024-05-23 | Merge pull request #3399 from 0xThiebaut/suricata | Christian Breunig | |
suricata: T751: Initial support for suricata | |||
2024-05-23 | suricata: T751: use key_mangling in get_config_dict() | Christian Breunig | |
2024-05-23 | suricata: T751: remove implicit default dictionary | Christian Breunig | |
2024-05-23 | suricata: T751: move CLI from "service ids suricata" -> "service suricata" | Christian Breunig | |
2024-05-23 | Merge pull request #3487 from Embezzle/T6370 | Christian Breunig | |
reverse-proxy: T6370: Set custom HTTP headers in reverse-proxy responses | |||
2024-05-23 | Merge pull request #3507 from c-po/nat-T6345 | Daniil Baturin | |
nat: T6345: source NAT port mapping "fully-random" is superfluous in Kernel >=5.0 | |||
2024-05-23 | Merge pull request #3505 from c-po/nat66-T6365 | Daniil Baturin | |
nat66: T6365: remove warnings for negated interface selections by name | |||
2024-05-23 | dhcpv6-server: T6381: fix typos in select ConfigError messages in VyOS ↵ | Ginko | |
current (#3508) | |||
2024-05-22 | nat: T6345: source NAT port mapping "fully-random" is superfluous in Kernel ↵ | Christian Breunig | |
>=5.0 random - In kernel 5.0 and newer this is the same as fully-random. In earlier kernels the port mapping will be randomized using a seeded MD5 hash mix using source and destination address and destination port. https://git.netfilter.org/nftables/commit/?id=fbe27464dee4588d906492749251454 | |||
2024-05-22 | Merge pull request #3502 from dmbaturin/T6385-yes-no-ctrl-c | Christian Breunig | |
vyos.utils.io: T6385: handle keyboard interrupts in ask_yes_no | |||
2024-05-22 | nat66: T6365: remove warnings for negated interface selections by name | Christian Breunig | |
2024-05-22 | Merge pull request #3482 from alryaz/patch-1 | Christian Breunig | |
nat: T6365: remove warnings for negated interface selections by name | |||
2024-05-22 | nat: T6365: use interface_exists() over netifaces.interfaces() | Christian Breunig | |
2024-05-22 | nat: T6365: use string startswith() over [0] index access | Christian Breunig | |
2024-05-22 | nat: T6365: remove warnings for negated interface selections by name | Ryazanov Alexander Mihailovich | |
2024-05-22 | Merge pull request #3500 from vyos/feature/T6378-remove-labeler-yml | Christian Breunig | |
T6378: remove labler yml as it is kept in reusable workflow repo | |||
2024-05-22 | Merge pull request #3501 from dmbaturin/T6384-rollback-soft-help | John Estabrook | |
rollback-soft: T6384: tell the user to compare or commit | |||
2024-05-22 | vyos.utils.io: T6385: handle keyboard interrupts in ask_yes_no | Daniil Baturin | |
and return False if the user interrupts the prompt with Ctrl-C | |||
2024-05-22 | rollback-soft: T6384: tell the user to compare or commit | Daniil Baturin | |
after applying the diff | |||
2024-05-22 | T6378: remove labler yml as it is kept in reusable workflow repo | kumvijaya | |
2024-05-21 | reverse-proxy: T6370: Set custom HTTP headers in reverse-proxy responses | Alex W | |
2024-05-21 | Merge pull request #3494 from HollyGurza/T6373 | Christian Breunig | |
T6373: QoS Policy Limiter - classes for marked traffic do not work | |||
2024-05-21 | Merge pull request #3490 from sever-sever/T6366 | Christian Breunig | |
T6366: CGNAT add ability to get external and internal allocations | |||
2024-05-21 | Merge pull request #3493 from l0crian1/T6375-fix-add-nat-logging | Christian Breunig | |
T6375: Fix/Update NAT logging | |||
2024-05-21 | T6373: QoS Policy Limiter - classes for marked traffic do not work | khramshinr | |
2024-05-21 | T6375: Fix/Update NAT logging | l0crian1 | |
Fixed broken logging for "show log nat" Added the following commands: show log nat source show log nat source rule <ruleNum> show log nat destination nat show log nat destination nat rule <ruleNum> show log nat static show log nat static rule <ruleNum> | |||
2024-05-21 | Merge pull request #3489 from c-po/commit-archive | Daniil Baturin | |
op-mode: T6367: fix "force commit-archive" TypeError | |||
2024-05-21 | T6366: CGNAT add ability to get external and internal allocations | Viacheslav Hletenko | |
Add the ability to show port allocation per external or internal address With huge entries, it is necessary to filter it by specific external/internal IP address | |||
2024-05-20 | op-mode: T6367: fix "force commit-archive" TypeError | Christian Breunig | |
/usr/bin/config-mgmt requires an argument OR to be symbolically linked to *commit-revision or *commit-archive, for which it interprets argv[0] through the useful trickery: https://github.com/vyos/vyos-1x/blob/current/python/vyos/config_mgmt.py#L693-L700 Traceback (most recent call last): File "/usr/bin/config-mgmt", line 33, in <module> sys.exit(load_entry_point('vyos==1.3.0', 'console_scripts', 'config-mgmt')()) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/lib/python3/dist-packages/vyos/config_mgmt.py", line 746, in run func = getattr(config_mgmt, args['subcommand']) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ TypeError: attribute name must be string, not 'NoneType' | |||
2024-05-20 | Merge pull request #3488 from vyos/feature/T6372-add-codeowners | Christian Breunig | |
T6372: added codeowners | |||
2024-05-20 | T6372: added codeowners | kumvijaya | |
2024-05-19 | Merge pull request #3483 from sever-sever/T6364 | Daniil Baturin | |
T6364: CGNAT drop hard limit that allows only one translation rule | |||
2024-05-18 | T6349: updated pr-labels workflow permission (#3485) | Vijayakumar A | |
2024-05-18 | T5169: Allow to set CGNAT multiple internal pools | Viacheslav Hletenko | |
Allow to set multiple CGNAT internal pools ``` set nat cgnat pool internal int-01 range '100.64.0.0/28' set nat cgnat pool internal int-01 range '100.64.222.11-100.64.222.14' ``` | |||
2024-05-18 | T6364: CGNAT drop hard limit that allows only one translation rule | Viacheslav Hletenko | |
As PoC for CGNAT had a hard limit of using only one translation rule for one internal pool. Drop this limit and extend the usage number of the rules. ``` set nat cgnat rule 100 source pool 'int-01' set nat cgnat rule 100 translation pool 'ext-01' set nat cgnat rule 120 source pool 'vyos-int-02' set nat cgnat rule 120 translation pool 'vyos-ext-02' ``` | |||
2024-05-18 | Merge pull request #3479 from sever-sever/T5169 | Daniil Baturin | |
T5169: Add smoketest for CGNAT | |||
2024-05-18 | Merge pull request #3480 from jestabro/fix-circular | Daniil Baturin | |
T6354: do an explicit read from version file to avoid circular reference | |||
2024-05-18 | T6349: updated conflict check workflow (#3468) | Vijayakumar A | |
* T6349: updated conflict workflow * T6349: updated conflict workflow * T6349: updated all workflows to use reusable workflows * T6349: updated all workflows to use reusable workflows | |||
2024-05-17 | T6354: do an explicit read from version file to avoid circular reference | John Estabrook | |
2024-05-17 | T5169: Add smoketest for CGNAT | Viacheslav Hletenko | |
2024-05-17 | Merge pull request #3471 from natali-rs1985/T6348-current | Christian Breunig | |
op mode: T6348: SNAT op-mode fails with flowtable offload entries | |||
2024-05-17 | Merge pull request #3474 from HollyGurza/T6354 | Christian Breunig | |
T6354: Get rid of the custom boot type check in version.py | |||
2024-05-17 | Merge pull request #3472 from nvollmar/T6358 | Christian Breunig | |
T6358: Container config option to enable host pid | |||
2024-05-17 | T6354: Get rid of the custom boot type check in version.py | khramshinr | |
2024-05-17 | T6358: Add config option for host process namespace | Nicolas Vollmar | |
2024-05-17 | T6358: Remove duplicate host name handling | Nicolas Vollmar | |
2024-05-17 | Merge pull request #3466 from sever-sever/T6350 | Daniil Baturin | |
T6350: CGNAT add op-mode to show allocation | |||
2024-05-17 | Merge pull request #3464 from sever-sever/T6351 | Daniil Baturin | |
T6351: CGNAT add verification if the pool exists |