summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2021-10-12validators: T3868: Allow asterisk symbol in bgp-large-community-listViacheslav
2021-10-11vyos.configdict: T2653: do not merge in defaults when interface is deletedChristian Poessinger
It makes less to zero sense to blend in the default values of an interface when it is about to be deleted from the system anyways - this makes the entire dict just cleaner and easier to debug.
2021-10-10lcd: T2564: add support for hd44780 displaysChristian Poessinger
2021-10-10do not use PathKim Hagen
2021-10-10update writer to nicer read writeKim Hagen
2021-10-09tunnel: T3894: fix design when building synthetic MAC addressesChristian Poessinger
It seems not all systems have eth0 - get a list of all available Ethernet interfaces on the system (without VLAN subinterfaces) and then take the first one.
2021-10-08tunnel: T3893: harden logic when validating tunnel parametersChristian Poessinger
Different types of tunnels have different keys set in get_interface_config(). Thus it should be properly verified (by e.g. using dict_search()) that the key in question esits to not raise KeyError.
2021-10-07add openvpn-otp dependencyKim Hagen
2021-10-07Merge branch 'current' into 2faKim
2021-10-07openvpn: T3642: Fix password_protected checkNicolas Riebesel
2021-10-07openvpn: T3805: fix bool logic in verify_pki() for client modeChristian Poessinger
Add support for OpenVPN client mode with only the CA certificate of the server installed.
2021-10-07openvpn: T3805: drop privileges using systemd - required for rtnetlinkChristian Poessinger
2021-10-07openvpn: T3805: use vyos.util.makedir() to create system directoriesChristian Poessinger
2021-10-07openvpn: T3805: use vyos.util.write_file() to store certificatesChristian Poessinger
2021-10-07pull request fixesKim Hagen
2021-10-05op-mode: T3889: do not display redundant hostname when reading logsChristian Poessinger
(cherry picked from commit 30cf3bc79e2253a004fcbbf76c9f99c52e7bc216)
2021-10-05smoketest: bgp: T3741: bugfix invalid IP address (missing prefix size)Christian Poessinger
2021-10-05Merge pull request #1020 from RyVolodya/T3881Daniil Baturin
container: T3881: Change description for container option "restart"
2021-10-05container: T3881: Fix description for containerVolodymyr
2021-10-04bgp: T3741: "parameter default no-ipv4-unicast" is now a default optionChristian Poessinger
2021-10-04op-mode: dhcpv(v6): T3890: retrieve both server and client logfilesChristian Poessinger
* rename: "show log dhcp" will become "show log dhcp server" * add: "show log dhcp client" to display logs from ALL DHCP client processes * add: "show log dhcp client interface <name>" to display logs from individual DHCP client processes * add: "show log dhcpv6 server" to display infos about running DHCPv6 server * add: "show log dhcpv6 client" to display logs from ALL DHCPv6 client processes * add: "show log dhcpv6 client interface <name>" to display logs from individual DHCPv6 client processes (cherry picked from commit ffd73958e42c20f69ded64393491966e0c9230c6)
2021-10-04op-mode: T3889: migrate to journalctl when reading daemon logsChristian Poessinger
(cherry picked from commit 3b2523b816556aa911459097c2476a2da4542151)
2021-10-04T3889: Revert "dhcpv6-pd: T421: disable wide dhcpv6 client debug messages"Christian Poessinger
This reverts commit 6b48900358ce9b01eaa78e3a086e95a26064f0df.
2021-10-04OpenVPN: T3350: Changed custom options for OpenVPN processingzsdc
Custom OpenVPN options moved back to the command line from a configuration file. This should keep full compatibility with the `crux` branch, and allows to avoid mistakes with parsing options that contain `--` in the middle. The only smart part of this - handling a `push` option. Because of internal changes in OpenVPN, previously it did not require an argument in the double-quotes, but after version update in `equuleus` and `sagitta` old syntax became invalid. So, all the `push` options are processed to add quotes. The solution is still not complete, because if a single config line contains `push` with other options, it will not work, but it is better than nothing.
2021-10-02vyos.ifconfig: T3883: bugfix VRF deletionChristian Poessinger
We can not pass None as VRF name, this raises an exception. OSError: [Errno 255] failed to run command: ip link set dev eth2 master None (cherry picked from commit e687502b1cf4a3e15c562a3662afcbe0776b1fe7)
2021-10-02dns: forwarding: T3882: remove deprecated code to work with PowerDNS 4.5Christian Poessinger
(cherry picked from commit 8e6c48563d1612916bd7fcc665d70bfa77ec5667)
2021-10-01smoketest: vrrp: validate rfc3768-compatibility is not setChristian Poessinger
(cherry picked from commit eab6e6830a566af647d7e1b24197bf945788c3d0)
2021-09-30dhcp-server: T2230: add subnet description into rendered configChristian Poessinger
2021-09-30vyos.ethtool: T3874: do not throw exception if adapter has issues with autonegChristian Poessinger
Instead of throwing an exception when an adapters autoneg capabilities can not be detected, just pretend it does not support autoneg.
2021-09-30Merge pull request #1019 from jestabro/interface-namesJohn Estabrook
T3869: Rewrite vyatta_net_name/vyatta_interface_rescan in Python
2021-09-30interface-names: T3869: update udev rulesJohn Estabrook
2021-09-27interface-names: T3869: install vyos_net_name to udev directoryJohn Estabrook
2021-09-27interface-names: T3869: add vyos_net_nameJohn Estabrook
2021-09-27interface-names: T3869: add vyos_interface_rescanJohn Estabrook
2021-09-27interface-names: T3869: add /run/udev/vyos to defaultsJohn Estabrook
2021-09-27nat66: T3863: ndppd requires interfaces to be presentChristian Poessinger
2021-09-27igmp: T2230: fix Jinja2 and FRR indentionChristian Poessinger
2021-09-27frr: T2175: rename daemon Jinja2 templates to match (d)aemon suffixChristian Poessinger
2021-09-27smoketest: interface test base class QoS cleanupChristian Poessinger
There is no need to delete the old ingres-qos and egres-qos values as it's not a multi node and thus the values are simply overwritten. Also address validation is not required as it's done in a dedicates test.
2021-09-27smoketest: interface test base class for 802.1q should not extend testing to QoSChristian Poessinger
2021-09-27openvpn: T690: Fix template for gateway and metricViacheslav
Some OpenVPN clients doesnt support option gateway and metric. Set metric option only when 'metric' was added in config explicity. (cherry picked from commit 96681d8bf1ede069b573a4cbe3a2493c374d048e)
2021-09-27Merge pull request #1016 from sever-sever/T3853Christian Poessinger
nat66: T3853: Change priority to 500
2021-09-27nat66: T3853: Change priority to 500Viacheslav
Service ndppd should start after tunnels.
2021-09-26vxlan: T3867: add multicast validator for group addressChristian Poessinger
The group CLI node takes a multicast IPv4 or IPv6 address - this must be input validated to not case any OS exception cpo@LR1.wue3# show interfaces vxlan vxlan vxlan0 { + group 254.0.0.1 source-address 172.18.254.201 + source-interface dum0 vni 10 } Results in OSError beeing rasied with the following context: Error: argument "254.0.0.1" is wrong: invalid group address
2021-09-26T3866: ignore interfaces without "address" in DNS forwarding migrationDaniil Baturin
2021-09-26op-mode: pki: T3826: perform input validation when listing certificatesChristian Poessinger
2021-09-26ospf: T3757: add completion help when refering to area IDChristian Poessinger
This extends commit 6f87d8c910 ("ospf: T3757: support to configure area at an interface level") with a completion helper to show which Area ID is already in use when configuring the area for an interface.
2021-09-26vyos.ifconfig: T3860: bugfix in get_mac_synthetic()Christian Poessinger
Commit 081e23996f (vyos.ifconfig: get_mac_synthetic() must generate a stable "MAC") calculated a "stable" synthetic MAC address per the interface based on UUID and the interface name. The problem is that this calculation is too stable when run on multiple instances of VyOS on different hosts/hypervisors. Having R1 and R2 setup a connection both via "tun10" interface will become the same "synthetic" MAC address manifesting in the same link-local IPv6 address. This e.g. breaks OSPFv3 badly as both neighbors communicate using the same link-local address. As workaround one can: set interfaces tunnel tun1337 address 'fe80::1:1337/64' set interfaces tunnel tun1337 ipv6 address no-default-link-local This commit changes the way in how the synthetic MAC address is generated. It's based on the first 48 bits of a sha256 sum build from a CPU ID retrieved via DMI, the MAC address of eth0 and the interface name as used before. This should add enough entropy to get a stable pseudo MAC address.
2021-09-26ospfv3: T3859: add "log-adjacency-changes" CLI commandChristian Poessinger
2021-09-26op-mode: reboot/poweroff: T3857: send wall message to all usersChristian Poessinger