summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2023-03-16Merge pull request #1893 from sever-sever/T5092Christian Breunig
T5092: IPoE-server named pool must not rely on auth type
2023-03-16Merge pull request #1891 from sever-sever/T5086Christian Breunig
T5086: Add sFlow feature based on hsflowd
2023-03-16openvpn: T5095: raw output should return list instead of dictJohn Estabrook
2023-03-16ipsec: T5043: Rewritten and fixed 'reset vpn' commandsaapostoliuk
1. Rewritten CLI of 'reset vpn' commands. 2. Created 'reset vpn ipsec remote-access' commands to reset RA IKEv2 session. 3. Created 'reset vpn ipsec site-to-site all' command to reset all configured IPSec site-to-site peers sessions. 4. Rewritten 'reset vpn l2t|pptp|sstp' commands to new opmode style.
2023-03-16T5091: IPoE-server verify RADIUS settingsViacheslav Hletenko
As we don't have global option 'gateway-address' for ipoe-server we cannot use general configverify.verify_accel_ppp_base_service Add verify radius setting for configuration mode 'radius' Radius authentication required at least one RADIUS server
2023-03-16T5092: IPoE-server named pool must not rely on auth typeViacheslav Hletenko
Named pools for ipoe-server must not rely on autentication type It is a separate global option for [ipoe] and [ip-pool] sections
2023-03-16T5086: Add sFlow feature based on hsflowdViacheslav Hletenko
Add sFlow feature based on hsflowd According to user reviews, it works more stable and more productive than pmacct I haven't deleted 'pmacct' 'system flow-accounting sflow' yet It could be migrated or deprecated later set system sflow agent-address '192.0.2.14' set system sflow interface 'eth0' set system sflow interface 'eth1' set system sflow polling '30' set system sflow sampling-rate '100' set system sflow server 192.0.2.1 port '6343' set system sflow server 192.0.2.11 port '6343'
2023-03-14Merge pull request #1890 from nicolas-fort/T5055Viacheslav Hletenko
T5055: NAT: extend packet-type to NAT
2023-03-14T5055: NAT: extend packet-type match option which was previously introduced ↵Nicolas Fort
in firewall, to NAT
2023-03-14Merge pull request #1888 from sever-sever/T5085Christian Breunig
T5085: Fix ipv6 route-map for ospfv3
2023-03-14T5085: Fix ipv6 route-map for ospfv3Viacheslav Hletenko
Add template to generate zebra "ipv6 protocol ospf6 route-map xxx"
2023-03-13Merge pull request #1886 from sever-sever/T2516Christian Breunig
T2516: Exclude veth interfaces from duplex and speed check
2023-03-13T2516: Exclude veth interfaces from duplex and speed checkViacheslav Hletenko
Exclude interfaces with 'veth' driver from duplex and speed check
2023-03-12Debian: bump compat (debian helper) version 10 -> 12Christian Breunig
2023-03-12Revert "Debian: T2216: add netavark dependency for podman containers"Christian Breunig
This reverts commit 9ed4113d6c4809a0126d04c99d60eaa76a7b6b15.
2023-03-11container: T5003: add dependency on fuse-overlayfsChristian Breunig
Fix podman error about invalid storage: [graphdriver] prior storage driver overlay failed: 'overlay' is not supported over overlayfs, a mount_program is required: backing file system is unsupported for this graph driver" Error: 'overlay' is not supported over overlayfs, a mount_program is required: backing file system is unsupported for this graph driver.
2023-03-11keepalived: T5003: remove Debian default config path from ConditionFileNotEmptyChristian Breunig
Also ExecReload is a duplicate of the base service file
2023-03-11Debian: T2216: add netavark dependency for podman containersChristian Breunig
2023-03-11keepalived: T5003: move to Debian upstream versionChristian Breunig
2023-03-11Debian: remove python3-pyhumps from build dependencies, provided via pip in ↵Christian Breunig
container
2023-03-10openvpn: xml: T1843: re-use generic username and password building blockChristian Breunig
2023-03-10rpki: xml: T3255: re-use generic username building blockChristian Breunig
2023-03-10system: proxy: xml: T1843: re-use generic username and password building blockChristian Breunig
2023-03-10Merge pull request #1871 from nicolas-fort/T5055Christian Breunig
T5055: Firewall: add packet-type matcher in firewall and route policy
2023-03-10container: T4959: add registry authentication optionChristian Breunig
Container registry CLI node changed from leafNode to tagNode with the same defaults. In addition we can now configure an authentication option per registry.
2023-03-10schema: T5079: extension to support defaultValues on tagNodesChristian Breunig
2023-03-10xml: bgp: T5070: split out CLI definitions to include files which can be reusedChristian Breunig
2023-03-10Merge pull request #1884 from sever-sever/T5058Christian Breunig
T5058: Fix range_to_regex list argument
2023-03-10T5058: Fix range_to_regex list argumentViacheslav Hletenko
Values of the list for the 'range_to_regex' could be not only range values as ['10-20', '22-30'] but also and not range values like ['10-20', '30', '80'] Fix if we args is list and non range values are exists in ths list % range_to_regex(['10-20', '80']) '(1\\d|20|80)'
2023-03-10Merge pull request #1876 from jestabro/codegenChristian Breunig
graphql: T5068: generate client operations for code generation tools
2023-03-10Merge pull request #1880 from ichdasich/add_bgp_nexthop_to_vrfChristian Breunig
T5070: Added show bgp martian/show bgp nexthop to bgp in vrf
2023-03-10Merge pull request #1883 from sever-sever/T4973Christian Breunig
T4973: DHCP server fix output for long leases
2023-03-10Merge pull request #1882 from aapostoliuk/T5074-sagittaChristian Breunig
util: T5074: Fixed decoding of certificate value to UTF-8 string
2023-03-10T4973: DHCP server fix output for long leasesViacheslav Hletenko
With long lease time for example lease '4294967295' seconds it is impossible to get end lease as value is 'ends never;' It cause error to get timestamp() from 'ends never' and remaining time 'lease.end - datetime.utcnow()' Set default remaining and end lease to '-' if we cannot get this info
2023-03-10util: T5074: Fixed decoding of certificate value to UTF-8 stringaapostoliuk
Fixed decoding of certificate value returned by vici to UTF-8 string.
2023-03-09xml: T4952: improve interface completion helper CLI experienceChristian Breunig
2023-03-09Merge pull request #1881 from sarthurdev/qos_fixChristian Breunig
qos: T5018: Fix issues between QoS and interface mirror/redirect
2023-03-09qos: T5018: Use configdep to fix interface mirror/redirect issuesarthurdev
This will check if mirror/redirect is present on a QoS interface and use `vyos.configdep` module to update the interface again after QoS is applied.
2023-03-09qos: T5018: Fix interface tc qdisc cleanupsarthurdev
2023-03-09Merge pull request #1877 from sever-sever/T5073Christian Breunig
T5073: IPoE-server fix parse empty range option
2023-03-09T5070: Added show bgp martian/show bgp nexthop to bgp in vrfTobias Fiebig
2023-03-09Merge pull request #1879 from sever-sever/T5063Christian Breunig
T5063: IPoE-server ethX vlan must not be used with client-subnet
2023-03-09T5063: IPoE-server ethX vlan must not be used with client-subnetViacheslav Hletenko
IPoE-server 'interface ethX vlan xxx' (aka vlan-mon) must not be used with 'interface ethX client-subnet' So instead of shared pool accel-ppp uses the same pool for each dynamically added VLAN eth1 client-subnet '192.0.2.0/24' eth1 vlan '2000-2021' It cause this issue: eth1.2000 range 192.0.2.0/24 (the first client gets address from 192.0.2.2) eth2.2001 range 192.0.2.0/24 (the first client gets address from 192.0.2.2) Only named pools with vlan option must be used.
2023-03-09T5073: IPoE-server fix parse empty range optionViacheslav Hletenko
If the 'client-subnet' is not used we must exclude it from the ipoe.config.j2 template. Otherwise we get wrong empty parameter ',range=,'
2023-03-08graphql: T5068: generate client operations for code generation toolsJohn Estabrook
2023-03-08Merge pull request #1875 from sever-sever/T5066Christian Breunig
T5066: Fix GRE tunnel variable name which checks keys
2023-03-08T5066: Fix GRE tunnel variable name which checks keysViacheslav Hletenko
2023-03-07frr: T5045: lift LimitNOFILE 1024 -> 4096Christian Breunig
Lift the amount of allowed open file descriptors for the FRR process tree. Required if there are hundreds to thousands interfaces on a system.
2023-03-07Merge pull request #1868 from jestabro/literalDaniil Baturin
op-mode: T5051: use Literal types to provide op-mode CLI choices and API enums
2023-03-07Merge pull request #1872 from sever-sever/T5057Christian Breunig
T5057: Fix IPoE regex Jinja2 for interface