Age | Commit message (Collapse) | Author | |
---|---|---|---|
2022-07-22 | macsec: T2023: fixup systemd unit description | Christian Poessinger | |
2022-07-22 | op-mode: monitor log help typo | Christian Poessinger | |
2022-07-22 | ssh: T3212: cleanup deprecated /etc/default/ssh file | Christian Poessinger | |
2022-07-22 | op-mode: add show|monitor log ssh|snmp commands | Christian Poessinger | |
2022-07-22 | ssh: T3212: do not load systemd EnvironmentFile | Christian Poessinger | |
2022-07-22 | dns-forwarding: T2185: cleanup deprecated /etc/powerdns files - now living ↵ | Christian Poessinger | |
in /run/powerdns | |||
2022-07-22 | ntp: T2185: cleanup deprecated /etc/ntp.conf - now living in /run/ntpd | Christian Poessinger | |
2022-07-22 | fastnetmon: T2659: also clean /etc/networks_whitelist | Christian Poessinger | |
2022-07-22 | Merge pull request #1418 from zdc/T4546-sagitta | Christian Poessinger | |
nhrp: T4546: Fixed route add command if MTU presented | |||
2022-07-22 | Merge pull request #1425 from sever-sever/T4145 | Christian Poessinger | |
conntrack: T4145: Modify conntrack to format command runner | |||
2022-07-22 | nat: T4545: Rewrite show nat source rules script | Viacheslav Hletenko | |
Rewrite 'show nat source rules' due to a large number of bugs in NAT rules statistics. Use new format 'vyos.opmode module' Ability to get raw_data and formatted_output for the future op-mode rewriting funcitonal Ability to get raw and formatted data | |||
2022-07-22 | conntrack: T4145: Modify conntrack to format command runner | Viacheslav Hletenko | |
Change op-mode "show conntrack table ipvX" script to work with vyos.opmode module Change name "show_conntrack.py" => "conntrack.py" Ability to get IPv6 conntrack information Ability to get raw and formatted data | |||
2022-07-22 | smoketest: router-advert: T4550: test deprecate-prefix & decrement-lifetime ↵ | Christian Poessinger | |
CLI option | |||
2022-07-22 | smoketest: router-advert: use setUpClass() | Christian Poessinger | |
2022-07-22 | Merge pull request #1421 from vfreex/radvd-prefix-specific-options | Christian Poessinger | |
T4550: router-advert: Add deprecate-prefix & decrement-lifetimes options | |||
2022-07-21 | fastnetmon: T4553: reduce ban-time lower limit to 1 second | Christian Poessinger | |
2022-07-21 | op-mode: T2659: show/monitor log - add ddos-protection logs | Christian Poessinger | |
2022-07-21 | smoketest: fastnetmon: T4555: add IPv6 support | Christian Poessinger | |
2022-07-21 | fastnetmon: T2659: move configuration files to /run | Christian Poessinger | |
2022-07-21 | fastnetmon: T4555: add IPv6 support | Christian Poessinger | |
2022-07-21 | fastnetmon: T4553: band-time - zero value is prohibited | Christian Poessinger | |
2022-07-21 | fastnetmon: T4553: add processing of XML defaultValue definitions | Christian Poessinger | |
2022-07-21 | T4550: router-advert: Add deprecate-prefix & decrement-lifetimes options | Yuxiang Zhu | |
DeprecatePrefix and DecrementLifetimes options in radvd is useful in a DHCPv6-PD environment to accommodate prefix changes from ISP's delegating router. Though there is currently no integration between the DHCP PD client (wide-dhcpv6-client) and radvd, it could be a good start point to have the 2 options configurable by the user. https://phabricator.vyos.net/T4550 - deprecate-prefix: Upon shutdown, deprecate the prefix. This is useful in a DHCPv6 PD environment: When ISP re-assigns a new prefix, deprecate the old prefix that was advertised. - decrement-lifetimes: Decrement the values of the preferred and valid lifetimes for the prefix over time. This is also useful in a DHCPv6 PD environment to keep the advertised prefix's lifetimes in sync with the prefix from delegating router. | |||
2022-07-21 | fastnetmon: T4553: Allow to configure ban_time instead of 1900s default value | Adrian Almenar | |
2022-07-20 | Merge pull request #1351 from dmbaturin/genop | John Estabrook | |
T2719: prototype of an op mode command runner based on type hints and introspection | |||
2022-07-20 | T2719: fix unused imports | Daniil Baturin | |
2022-07-20 | T2719: fix indentation in vyos.opmode | Daniil Baturin | |
2022-07-20 | T2719: fix a stray empty key in the CPU data dict | Daniil Baturin | |
2022-07-20 | T4480:webproxy: Add safe-ports and ssl-safe-ports for acel squid config -- ↵ | Nicolas Fort | |
Fix conflicts | |||
2022-07-20 | Merge pull request #1419 from goodNETnick/rm-pref-len | Christian Poessinger | |
route-map: T4542: match prefix-len BGP notice | |||
2022-07-20 | route-map: T4542: match prefix-len BGP notice | goodNETnick | |
2022-07-19 | nhrp: T4546: Fixed route add command if MTU presented | zsdc | |
In case if `NHRP_DESTMTU` environment variable is presented, the script uses an intermediate command to get the current route before adding a new one. Then received data is used in the `route add` command generation. This commit fixes this process, so setting MTU becomes possible. | |||
2022-07-19 | T2719: patch for general support for boolean options | John Estabrook | |
Signed-off-by: Daniil Baturin <daniil@vyos.io> | |||
2022-07-19 | smoketest: telegraf: use generic service availability check | Christian Poessinger | |
2022-07-18 | macsec: T4537: support online ciper and source-interface re-configuration | Christian Poessinger | |
2022-07-18 | macsec: T4537: allow 32-byte keys for gcm-aes-256 | Christian Poessinger | |
2022-07-18 | bgp: T4490: check peer-group for AFI/SAFI before issuing warning | Christian Poessinger | |
Commit 6cffe2aa82 ("bgp: T4490: Add informational message for peer withour AFI") only checked if an address-family is configured under the neighbor statement. This is not enough as the AFI can also be specified via a peer-group. Add a new verify_afi() helper that checks both the neighbor and the assigned peer-group. | |||
2022-07-18 | Merge pull request #1407 from sever-sever/T4523 | Christian Poessinger | |
conntrack: T4523: Extend conntrack output direciton, mark, zone | |||
2022-07-17 | login: T4536: add all accounts to frr group | Christian Poessinger | |
2022-07-17 | Merge pull request #1417 from sever-sever/T3435 | Christian Poessinger | |
op-mode: T3435: Fix SNAT any address and DNAT port dict check | |||
2022-07-17 | op-mode: T3435: Fix SNAT any address and DNAT port dict check | Viacheslav Hletenko | |
If SNAT source address in not exists use 'any' Add check if 'port' exists in dictionary | |||
2022-07-15 | smoketest: component_version: print details on failure | John Estabrook | |
2022-07-15 | monitoring: T4411: add monitoring-version.xml.i to component-versions | John Estabrook | |
When adding a new component version file, one must also include the file in xml-component-version.xml.in | |||
2022-07-15 | Merge pull request #1414 from sever-sever/T4532 | Christian Poessinger | |
netflow: T4532: replace dot and colons to dash | |||
2022-07-15 | smoketest: T4532: Update smoketest flow-accounting | Viacheslav Hletenko | |
2022-07-15 | netflow: T4532: replace dot and colons to dash | Viacheslav Hletenko | |
Fix for IPv6 netflow_plugin name When we use IPv6 uacctd.conf doesnt expect coluns in the plugin name. Replace dots and colons to dash. | |||
2022-07-15 | interfaces: T4525: interfaces can not be member of a bridge/bond and a VRF | Christian Poessinger | |
2022-07-15 | bond: T4525: fix adding member interface to bond after removing VRF | Christian Poessinger | |
When removing a VRF from an ethernet interface and adding the interface to a bond in the same commit led to an OSError: [Errno 16] Device or resource busy! | |||
2022-07-15 | vyos.configdict(): T4228: is_member() must return member interface config dict | Christian Poessinger | |
This extends commit 39157912 ("vyos.configdict(): T4228: is_member() must use the "real" hardware interface") and returns the config dict of the used member interfaces. | |||
2022-07-15 | bond: bridge: T4534: error out if member interface is assigned to a VRF instance | Christian Poessinger | |
It makes no sense to enslave an interface to a bond or a bridge device if it is bound to a given VRF. If VRFs should be used - the encapuslating/master interface should be part of the VRF. Error out if the member interface is part of a VRF. |