summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2022-10-25graphql: T4574: set byte length of shared secret from CLIJohn Estabrook
2022-10-25graphql: T4574: extend smoketest for token authenticationJohn Estabrook
2022-10-25graphql: T4574: set token expiration time in claimsJohn Estabrook
2022-10-25graphql: T4574: add context to read token in queries/mutationsJohn Estabrook
2022-10-25graphql: T4574: read config and generate schema with/without key authJohn Estabrook
2022-10-25graphql: T4574: add mutation for requesting JWT tokenJohn Estabrook
2022-10-25graphql: T4574: add interface definitions for authentication settingsJohn Estabrook
2022-10-25graphql: T4574: reorganize directory structure for clarityJohn Estabrook
2022-10-25graphql: T4574: call all schema definition generation on initJohn Estabrook
2022-10-24Merge pull request #1614 from jestabro/op-mode-route-outputJohn Estabrook
route: T4772: return list of dicts in 'raw' output
2022-10-24route: T4772: return list of dicts in 'raw' outputJohn Estabrook
2022-10-23T4762: Add check for show nat if nat config does not existViacheslav Hletenko
Add check for 'show nat xxx' if nat configuration does not exist
2022-10-21Merge pull request #1611 from dmbaturin/field-normalization-2John Estabrook
T4765: support list and primitives in op mode output normalization
2022-10-21T4765: support list and primitives in op mode output normalizationcreate with ansible
2022-10-21Merge pull request #1610 from jestabro/migrate-graphqlJohn Estabrook
graphql: T4768: change name of api child node from 'gql' to 'graphql'
2022-10-21graphql: T4768: change name of api child node from 'gql' to 'graphql'John Estabrook
2022-10-20Merge pull request #1608 from jestabro/T4765Daniil Baturin
T4765: normalize fields only if 'raw' is true; output must be dict
2022-10-20T4765: normalize fields only if 'raw' is true; output must be dictJohn Estabrook
2022-10-20Merge pull request #1607 from dmbaturin/op-mode-field-normalizationJohn Estabrook
T4765: normalize dict fields in op mode ouputs
2022-10-20Merge pull request #1601 from sever-sever/T4720Christian Poessinger
ssh: T4720: Ability to configure SSH-server HostKeyAlgorithms
2022-10-20T4765: normalize dict fields in op mode ouputsDaniil Baturin
2022-10-20T4763: Use nat.py for show nat destination statisticsViacheslav Hletenko
Use nat.py instead of old op-mode script
2022-10-17login: 2fa: T874: fix PAM string during ISO buildChristian Poessinger
Turns out a local installation of a package using "dpkg -i" differs when assembling an ISO using live-build. The previous version worked when using "dpkg -i" but it failed hard (no login possible) during ISO build. This has been fixed by using double quotes.
2022-10-17T4720: Add smoketest for SSH NDcPPViacheslav Hletenko
2022-10-17ssh: T4720: Ability to configure SSH-server HostKeyAlgorithmsViacheslav Hletenko
Ability to configure SSH-server HostKeyAlgorithms. Specifies the host key signature algorithms that the server offers. Can accept multiple values.
2022-10-17Merge pull request #1600 from jestabro/gql-compositeJohn Estabrook
graphql: T4753: generalize system_status to composite_{query,mutation}
2022-10-17xdp: T4284: libbpf-dev/libbpf0 is only available for VyOS on amd64Christian Poessinger
2022-10-16graphql: T4753: generalize system_status to composite_{query,mutation}John Estabrook
2022-10-16xdp: T4284: migrate to Debian libbpfChristian Poessinger
In order to properly retrieve JSON information in the Smoketests for the new QoS implementation we need a recent (>6.0) version of iproute2. This requires the libbpf-dev package and this small source-code change.
2022-10-16login: 2fa: T874: fix PAM string generation on multiple package installationsChristian Poessinger
Commit da535ef5 ("login: 2fa: T874: fix Google authenticator issues") used different strings for grep and sed resulting in the same line beeing added on every installation of the package. This is only disturbing during development not during ISO build.
2022-10-14Merge pull request #1588 from dmbaturin/pr-title-checkJohn Estabrook
T4748: add a CI action to check pull request title format
2022-10-14Merge pull request #1597 from jestabro/http-api-config-dictJohn Estabrook
http-api: T4749: transition to config_dict for conf_mode http-api.py
2022-10-14Merge pull request #1598 from sever-sever/T4533Christian Poessinger
T4533: Allow basic permissions to unprivileged RADIUS users
2022-10-14login: 2fa: T874: remove unused code path for global 1fa settingsChristian Poessinger
2022-10-14login: 2fa: T874: fix Google authenticator issuesChristian Poessinger
Move default values of TOTP configuration from a global to a per user setting. This makes the entire code easier as no global configuration must be blended into the per user config dict. Also it should be possible to set the authentication window "multiple concurrent keys" individual per user. set system login user vyos authentication otp key 'gzkmajid7na2oltajs4kbuq7lq' set system login user vyos authentication plaintext-password 'vyos'
2022-10-14T4533: Allow basic permissions to unprivileged RADIUS usersViacheslav Hletenko
Unprivileged RADIUS users cannot do simple diagnostics like ping or traceroute. Allow them such tools. Ability to execute op-mode commands for them. It is not new 'operator mode' feature but it allows RADIUS users execute op-mode commands
2022-10-14http-api: T4749: transition to config_dictJohn Estabrook
2022-10-14Merge pull request #1595 from Cheeze-It/currentChristian Poessinger
isis, ospf: T4739: ISIS and OSPF segment routing being refactored
2022-10-14Merge pull request #1596 from sever-sever/T4725Christian Poessinger
T4725: Fix Regex for correctly reset IPsec peers
2022-10-14T4725: Fix Regex for correctly reset IPsec peersViacheslav Hletenko
As IPsec site-so-site was rewritten we do not need replace ':' => '-' as ':' can not be in the connection name So connection name can not use IP(v6) address as peer name And current peers/connections not required prefix 'peer_' Fix template that search correctly connection name of the peers that allow to reset them again (reset ipsec peer was broken)
2022-10-13T4739: OSPF segment routing being refactoredCheeze_It
2022-10-13T4739: ISIS segment routing being refactoredCheeze_It
2022-10-13ci: T4748: add a CI action to check pull request titleDaniil Baturin
and commit messages format
2022-10-13Merge pull request #1592 from sever-sever/T4746Christian Poessinger
monitoring: T4746: Add exception if we do not have firewall rules
2022-10-13monitoring: T4746: Add exception if we do not have firewall rulesViacheslav Hletenko
Telegraf checks the firewall table 'vyos_filter' but it we don't have any firewall in the system we don't have this table by default It cause commit error for "service monitoring" Add exception if the table "vyos_filter" is not found
2022-10-13Merge pull request #1591 from sever-sever/T4312Christian Poessinger
monitoring: T4312: Ability to set IP address in the URL
2022-10-13monitoring: T4312: Ability to set IP address in the URLViacheslav Hletenko
Use common "url.xml" which allow URL as domain name or IP entrie
2022-10-12Merge pull request #1585 from goodNETnick/ssh_login_bugfixJohn Estabrook
system login: T874: add 2FA support for local and ssh authentication.…
2022-10-12Merge pull request #1586 from sever-sever/T4744Christian Poessinger
bgp: T4744: Directly connected neighbors and ebgp-multihop check
2022-10-12bgp: T4744: Directly connected neighbors and ebgp-multihop checkViacheslav Hletenko
BGP directly connected neighbors (interface neighbors) do not compatible with ebgp-multihop option