Age | Commit message (Collapse) | Author |
|
xml: T5738: use generic-disable-node building block for "disable" CLI nodes (backport #3091)
|
|
Make the code more uniform and maintainable.
(cherry picked from commit 21b0bf0168697fdbe514ae49a4a28b39a91ec777)
|
|
If we have any `vpn ipsec` and `protocol nhrp` configuration we
get the empty configuration file `/run/opennhrp/opennhrp.conf`
after rebooting the system.
Use config dependency instead of the old `resync_nhrp` function
fixes this issue
(cherry picked from commit 689fea253d9019df20d5c6ac7fa22d5e8454afab)
|
|
qos: T5646: Skip add filter for qos policy limiter class without match (backport #3068)
|
|
ospfv3: T6087: add support to redistribute IS-IS routes (backport #3078)
|
|
(cherry picked from commit 2104424c1a43dc027567e051262e1eed6506491f)
|
|
vyos.ethtool: T6083: use JSON input data #2 (backport #3077)
|
|
(cherry picked from commit 6a97fdfa1ba9b4135a51498ea5acabb804256b2c)
|
|
(cherry picked from commit 256e939b2cd308e1e8be9dd72ccec6e87d58504b)
|
|
settings
(cherry picked from commit 5ee89f46096626ca8aac37da9237635e3d17766a)
|
|
Feature detection is used to see if certain offload settings are available on
the given NIC.
(cherry picked from commit 63ccdc5125e19f8737bf1445938998bef803d1bd)
|
|
T6086: NAT: fix nat rules when using source-groups and translation address is a network. (backport #3080)
|
|
is a network.
(cherry picked from commit a7a0c90404d03f7deccb74a46d0fe1f99116907a)
|
|
banner: T6077: dehardcode URLs in MOTD template (backport #3070)
|
|
dhcp-server: T6079: Disable duplicate static-mappings on migration
|
|
ospfv3: allow metric and metric-type on redistributed routes (backport #3073)
|
|
(cherry picked from commit 298bcc5cb90c4c83981ec4baaaa0db785306867d)
|
|
Example:
vyos@vyos# set protocols ospfv3 redistribute bgp
Possible completions:
metric OSPF default metric
metric-type OSPF metric type for default routes (default: 2)
route-map Specify route-map name to use
(cherry picked from commit ed2c288c8a9031f91acf76d20b84e2002696981c)
|
|
Use URLs provided by flavor build system and version.json file
(cherry picked from commit a5762cb03f17fd0bc65a19604e505fe94ad42011)
|
|
vyos.ethtool: T6083: use JSON input data for ring-buffer methods (backport #3072)
|
|
(cherry picked from commit b984cf8d179cf3d4b16e7f3e5cf94f822055cb04)
|
|
qos: T6081: QoS policy shaper target and interval wrong calcuations (backport #3069)
|
|
(cherry picked from commit c7f5b510cfd117e57f2d22e259c843600ef4cc76)
|
|
|
|
vyos-hostsd: T4270: resolve only hostname without domain name to 127.0.1.1 (backport #3066)
|
|
This is a fix for commit 665ae50729 ("vyos-hostsd: T4270: do not resolve local
router FQDN to 127.0.1.1") as it made calls to sudo super slow due to:
sudo: unable to resolve host vyos: System error
To avoid the initial issue we only add the hostname without domain name, thus
the FQDN is not resolved by powerdns.
(cherry picked from commit 3712f28025a5bc99e941b5212091a2732b9f6d6c)
|
|
vyos.ethtool: T6070: fix EEE reading the incorrect status line (backport #3052)
|
|
T5504: Keepalived VRRP ability to set more than one peer-address (backport #3056)
|
|
EEE enabled status is on the 2nd line of ethtool output and not the 3rd. Subsequently, reading the 3rd line was causing an out-of-bounds access for the bnx2x driver as well.
(cherry picked from commit 775348a4cda34e6be16454d43c77b525e57c4e47)
|
|
(cherry picked from commit 36883ebf0f820003ec86e14e7612ce113630def2)
|
|
(cherry picked from commit 3480d92a8c4d84e8c1f94a9362bac2be0cc77921)
|
|
container: T6074: do not allow deleting images which have a container running (backport #3053)
|
|
banner: T6077: implement ASCII contest winner default logo (backport #3060)
|
|
Implement VyOS ASCII art contest winners logo as the default for our MOTD
(cherry picked from commit 0ea3a454cf560171d3eb9d4d1b97b172c06360fe)
|
|
|
|
vrf: conntrack: T6073: Populate VRF zoning chains only while conntrack is required (backport #3055)
|
|
required
(cherry picked from commit 6f7d1e15665655e37e8ca830e28d9650445c1217)
|
|
remove obsolete imports
(cherry picked from commit bc9ccaeda54279022b73a806fa8aa77c523fbecc)
|
|
vyos-hostsd: T4270: do not resolve local router FQDN to 127.0.1.1 (backport #3054)
|
|
The current VyOS container image manipulation "delete container image" command
allows force removal of container images - even if they still have a container
running.
Drop the --force option from the op-mode script.
vyos@vyos:~$ delete container image 2636705a815a
Error: image used by 6adb0175d47f.. image is in use by a container: consider
listing external containers and force-removing image
(cherry picked from commit bfc065f2c4dcfc969981453e49b8156330674006)
|
|
Clients using VyOS as their DNS server and trying to resolve the FQDN of the
router will receive 127.0.1.1 as answer.
set service dns forwarding allow-from '172.16.0.0/12'
set service dns forwarding listen-address '172.31.0.254'
set service dns forwarding negative-ttl '60'
set system domain-name 'vyos.net'
set system host-name 'R1'
Will return:
$ host R1.vyos.net 172.31.0.254
Using domain server:
Name: 172.31.0.254
Address: 172.31.0.254#53
Aliases:
R1.vyos.net has address 127.0.1.1
When it should rather return the real IP address assigned via DNS.
(cherry picked from commit 665ae5072911fbb1373c393d9b57212552957888)
|
|
container: T6060: support removing all container images at once via op-mode (backport #3046)
|
|
T5781: add ability to add additional minisign keys (backport #2633)
|
|
cpo@LR1.wue3:~$ show container image
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/library/busybox latest 3f57d9401f8d 5 weeks ago 4.5 MB
docker.io/jacobalberty/unifi v7.5 f6df690d6c67 4 months ago 827 MB
docker.io/jacobalberty/unifi v7.4 7838b75ef7b9 7 months ago 786 MB
cpo@LR1.wue3:~$ delete container image
Possible completions:
3f57d9401f8d Delete container image
7838b75ef7b9
all
f6df690d6c67
cpo@LR1.wue3:~$ delete container image all
cpo@LR1.wue3:~$ show container image
REPOSITORY TAG IMAGE ID CREATED SIZE
(cherry picked from commit 9e51a1661fac3e0d762cffdd28705e7e4bad76e9)
|
|
T6054: WLB: fix rules parsing when using multiple ports in one rule (backport #3042)
|
|
container: T5909: move registry login to op-mode (backport #3044)
|
|
Updated image_installer.py to try and validate image with all
minisign public keys in /usr/share/vyos/keys/
(cherry picked from commit dfbc854157fa4655a8f459b2447df64dc74119d1)
|
|
It does not make sense to perform the "podman login" command when setting up
containers, as images are not automatically pulled in from the registry - due
to issues with the default route during startup.
The same issue manifests in "podman login" where we can not login to a registry
unless there is a default route present.
This commit changes the behavior that the container registry is part of the
configuration, but it is only referenced during "add container image" and thus
never during system boot.
(cherry picked from commit baf30d8319ef4d0f0cc4cdf0f7c12f03f8a492b6)
|
|
(cherry picked from commit 6d79c73d4fa2d26197c1bc19df215a204af6c5dd)
|
|
pki: T6055: Cleanup unnecessary sudo, preserve env when sudo is needed (backport #3040)
|