summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2022-04-26Merge pull request #1294 from goodNETnick/ocserv_otp_keygenChristian Poessinger
ocserv: T4380: 2FA OTP key generator in VyOS CLI
2022-04-26Merge pull request #1301 from sever-sever/T4236Christian Poessinger
op-mode: T4236: Split to new lines openvpn client certs
2022-04-26dhcp: T4389: use lowercase vendor name in CLIChristian Poessinger
2022-04-26dhcp: T4389: fix vendor name, it is ubiquiti with an i, not yxChristian Poessinger
2022-04-26op-mode: T4236: Split to new lines openvpn client certsViacheslav Hletenko
The command "generate openvpn client-config" generates client.ovpn file and CA and client certificate are displayed in one line To fix it Add 'fill' that set new line after every x characters
2022-04-26Makefile: exclude __pycache__ dir from vyos-configd enablement checkChristian Poessinger
2022-04-26dhcp(v6): T3100: enable support with vyos-configdChristian Poessinger
2022-04-26vti: T1579: enable vyos-configd supoportChristian Poessinger
2022-04-26Makefile: check which CLI scripts are not enabled to work with vyos-configdChristian Poessinger
2022-04-26smoketest: ethernet: bugfix - NameError: name 'af' is not definedChristian Poessinger
2022-04-26Merge pull request #1300 from sever-sever/T4210Christian Poessinger
nat: T4210: Fix template for negated ports
2022-04-26Merge pull request #1302 from sever-sever/T4398Christian Poessinger
vpn-ipsec: T4398: Fix unexpected passthrough policy for peer
2022-04-25vpn-ipsec: T4398: Fix unexpected passthrough policy for peerViacheslav Hletenko
Set default passtrough list to None to prevent unexpected policy for peers with not overplapped local and remote prefixes
2022-04-25smoketest: config: T4397: add ARP entries for a second interfaceChristian Poessinger
2022-04-25pppoe: T4391: bugfix IPv6 DHCP-PD not working after rebootChristian Poessinger
When VyOS is booting and an interface is brought up (PPPoE) which requires a user callback script that is executed asynchronously when the interface is up we can not use Config(). The problem is, Config() is not available when the system starts and the initial commit is still processed. We need to move to ConfigTreeQuery() which was build for this exact same purpose.
2022-04-25vyos.configdict: T4391: enable get_interface_dict() ti be used with ↵Christian Poessinger
ConfigTreeQuery() When VyOS is booting and an interface is brought up (PPPoE) which requires a user callback script that is executed asynchronously when the interface is up we can not use Config(). The problem is, Config() is not available when the system starts and the initial commit is still processed. We need to move to ConfigTreeQuery() which was build for this exact same purpose. TO reduce side effects and also dependencies on the entire vyos.configdict library the set_level()/get_level() calls got eliminated from within the library. All calls to functions like: * get_removed_vlans() * is_node_changed() * leaf_node_changed() * is_mirror_intf() * ... Now require that the full config path to the node is passed.
2022-04-25smoketest: config: T4397: add some static ARP entriesChristian Poessinger
2022-04-25arp: T4397: migrate to get_config_dict()Christian Poessinger
2022-04-25smoketest: arp: add initial testcase for static ARP entriesChristian Poessinger
2022-04-25smoketest: ethernet: verify addresses are deleted from interface after testChristian Poessinger
2022-04-25smoketest: openconnect: use setUpClass() over setUp()Christian Poessinger
2022-04-25smoketest: dhcpv6-server: use setUpClass() over setUp()Christian Poessinger
2022-04-25smoketest: pki: use setUpClass() over setUp()Christian Poessinger
2022-04-25smoketest: migrate pppoe, and wireguard to setUpClass() schemeChristian Poessinger
2022-04-25smoketest: bugfix on proper inheritance levels for classmethodChristian Poessinger
2022-04-25Merge pull request #1299 from sever-sever/T4395Christian Poessinger
op-mode: T4395: Extend show vpn debug
2022-04-25nat: T4210: Fix template for negated portsViacheslav Hletenko
2022-04-25op-mode: T4395: Extend show vpn debugViacheslav Hletenko
Get more VPN IPSec information with swanctl and iproute2 commands
2022-04-24Merge pull request #1295 from dmbaturin/T4361John Estabrook
T4361: refactor and simplify vyos.config.exists()
2022-04-24op-mode: T4390: add "monitor log dhcp(v6)" CLI commandsChristian Poessinger
2022-04-24op-mode: T4390: drop superfluous hostname from "monitor log protocol" CLI ↵Christian Poessinger
commands
2022-04-24op-mode: T4390: add "show|monitor log pppoe" CLI commandsChristian Poessinger
2022-04-24op-mode: T4390: add "monitor log kernel" commandChristian Poessinger
2022-04-24op-mode: T4390: migrate "monitor log" to journalctlChristian Poessinger
2022-04-24op-mode: T4390: migrate "show log kernel" to journalctlChristian Poessinger
2022-04-23Merge pull request #1298 from sever-sever/T4386Christian Poessinger
verify: T4386: Fix traffic-policy key in verify_mirror
2022-04-23verify: T4386: Fix traffic-policy key in verify_mirrorViacheslav Hletenko
Fix logic for verify traffic-policy in def verify_mirror_redirect It checks just "traffic_policy.in" and should also checks if 'mirror' or 'redirect' exists in config
2022-04-22dhcp: T4389: add vendor option support for Ubiquity Unifi controllerChristian Poessinger
vyos@vyos# show service dhcp-server shared-network-name LAN { subnet 172.18.201.0/24 { default-router 172.18.201.1 name-server 172.18.201.2 range 0 { start 172.18.201.101 stop 172.18.201.109 } vendor-option { ubiquity { unifi-controller 172.16.100.1 } } } }
2022-04-22dhcpv6: T4357: use variable for systemd service nameChristian Poessinger
2022-04-22dhcpv6: T4357: only two IPv6 Cisco tftp servers should be definedChristian Poessinger
2022-04-22dhcpv6: T4357: remove ConfigError() line breaks - this is done automaticallyChristian Poessinger
2022-04-22dhcpv6: T4357: rename vsio -> vendor-optionChristian Poessinger
2022-04-22dhcpv6: T4357: length must be encoded else packet is malformedChristian Poessinger
2022-04-22dhcpv6: T4357: no need to make the vendor options conditional - they do not hurtChristian Poessinger
Always render int he vendor specific option definition - it doesn't hurt.
2022-04-22Merge branch 'T4357' of https://github.com/sever-sever/vyos-1x into currentChristian Poessinger
* 'T4357' of https://github.com/sever-sever/vyos-1x: dhcpv6: T4357: Add dhcpv6 options for cisco VoIP tftp
2022-04-22dhcp: T4388: missing constraint on tftp-server-name optionChristian Poessinger
2022-04-22dhcpv6: T4357: Add dhcpv6 options for cisco VoIP tftpViacheslav Hletenko
Add vendor specific options for DHCPv6-server for working with cisco VoIP phone provisioning over IPv6
2022-04-21pppoe: T4384: replace default-route CLI option with common CLI nodes already ↵Christian Poessinger
present for DHCP VyOS 1.4 still leverages PPPd internals on the CLI. pppd supports three options for a default route, none, auto, force. * none: No default route is installed on interface up * auto: Default route is only installed if there is yet no default route * force: overwrite any default route There are several drawbacks in this design for VyOS and the users. If auto is specified, this only counted for static default routes - but what about dynamic ones? Same for force, only a static default route got replaced but dynamic ones did not got taken into account. The CLI is changed and we now re-use already existing nodes from the DHCP interface configuration: * no-default-route: On link up no default route is installed, same as the previous default-route none * default-route-distance: We can now specify the distance of this route for the routing table on the system. This defaults to 210 as we have for DHCP interfaces. All this will be migrated using a CLI migration script.
2022-04-21vyos.ifconfig: T4384: get_interface_dict() should provide "ifname" key for VIFsChristian Poessinger
2022-04-21xml: T4385: provide building blocks for default route configurationChristian Poessinger