summaryrefslogtreecommitdiff
path: root/data/configd-include.json
AgeCommit message (Collapse)Author
2024-08-23wireless: T6318: move country-code to a system wide configurationChristian Breunig
Wireless devices are subject to regulations issued by authorities. For any given AP or router, there will most likely be no case where one wireless NIC is located in one country and another wireless NIC in the same device is located in another country, resulting in different regulatory domains to apply to the same box. Currently, wireless regulatory domains in VyOS need to be configured per-NIC: set interfaces wireless wlan0 country-code us This leads to several side-effects: * When operating multiple WiFi NICs, they all can have different regulatory domains configured which might offend legislation. * Some NICs need additional entries to /etc/modprobe.d/cfg80211.conf to apply regulatory domain settings, such as: "options cfg80211 ieee80211_regdom=US" This is true for the Compex WLE600VX. This setting cannot be done per-interface. Migrate the first found wireless module country-code from the wireless interface CLI to: "system wireless country-code" (cherry picked from commit 9e22ab6b2aee48029d3455f65880e45c558cf1da)
2024-06-25Merge pull request #3716 from vyos/mergify/bp/circinus/pr-3694Daniil Baturin
snmp: T6489: use new Python wrapper to interact with config filesystem (backport #3694)
2024-06-24login: T6489: add smarter way to interact with the working config instead of ↵Christian Breunig
my_set/my_delete (cherry picked from commit da29c9b3ab7b0cc23d64c8b033fc5a79c1b09174)
2024-06-24snmp: T6489: use new Python wrapper to interact with config filesystemChristian Breunig
Do no longer use my_set and my_delete as this prevents scripts beeing run under supervision of vyos-configd. (cherry picked from commit 7e0e8101998a6c8de6cb93c42bfbf1278c13f226)
2024-05-14T3420: Remove service upnpViacheslav Hletenko
Remove `service upnp` as it never worked as expected, nft rules do not integrated and custom patches do not seem like a suitable solution for now. Security: UPnP has been historically associated with security risks due to its automatic and potentially unauthenticated nature. UPnP devices might be vulnerable to unauthorized access or exploitation.
2024-05-01vrf: T6189: render FRR L3VNI configuration when creating VRF instanceChristian Breunig
When adding and removing VRF instances on the fly it was noticed that the vni statement under the VRF instance in FRR vanishes. This was caused by a race condition which was previously designed to fix another bug. The wierd design of a Python helper below the VRF tree to only generate the VNI configuration nodes is now gone and all is rendered in the proper place.
2024-01-01vyos-configd: T4942: include config-management scriptChristian Breunig
2024-01-01vyos-configd: T563: include webproxy scriptChristian Breunig
2024-01-01vyos-configd: T4222: include SLA (OWAMP and TWAMP) scriptChristian Breunig
2024-01-01vyos-configd: T5261: include AWS GLB scriptChristian Breunig
2023-12-31T5474: establish common file name pattern for XML conf mode commandsChristian Breunig
We will use _ as CLI level divider. The XML definition filename and also the Python helper should match the CLI node. Example: set interfaces ethernet -> interfaces_ethernet.xml.in set interfaces bond -> interfaces_bond.xml.in set service dhcp-server -> service_dhcp-server-xml.in
2023-12-20T2898: add ndp-proxy serviceChristian Breunig
VyOS CLI command set service ndp-proxy interface eth0 prefix 2001:db8::/64 mode 'static' Will generate the following NDP proxy configuration $ cat /run/ndppd/ndppd.conf # autogenerated by service_ndp-proxy.py # This tells 'ndppd' how often to reload the route file /proc/net/ipv6_route route-ttl 30000 # This sets up a listener, that will listen for any Neighbor Solicitation # messages, and respond to them according to a set of rules proxy eth0 { # Turn on or off the router flag for Neighbor Advertisements router no # Control how long to wait for a Neighbor Advertisment message before invalidating the entry (milliseconds) timeout 500 # Control how long a valid or invalid entry remains in the cache (milliseconds) ttl 30000 # This is a rule that the target address is to match against. If no netmask # is provided, /128 is assumed. You may have several rule sections, and the # addresses may or may not overlap. rule 2001:db8::/64 { static } }
2023-12-11srv6: T591: initial implementation to support locator definitionChristian Breunig
VyOS CLI set protocols segment-routing srv6 locator bar prefix '2001:b::/64' set protocols segment-routing srv6 locator foo behavior-usid set protocols segment-routing srv6 locator foo prefix '2001:a::/64' Will generate in FRR segment-routing srv6 locators locator bar prefix 2001:b::/64 block-len 40 node-len 24 func-bits 16 exit ! locator foo prefix 2001:a::/64 block-len 40 node-len 24 func-bits 16 behavior usid exit ! exit ! exit ! exit
2023-11-13igmp: T5736: migrate "protocols igmp" to "protocols pim"Christian Breunig
IGMP and PIM are two different but related things. FRR has both combined in pimd. As we use get_config_dict() and FRR reload it is better to have both centrally stored under the same CLI node (as FRR does, too) to just "fire and forget" the commit to the daemon. "set protocols igmp interface eth1" -> "set protocols pim interface eth1 igmp"
2023-06-14http-api: T5292: do not include https.py in scripts run by configdJohn Estabrook
2023-06-06dns: T5144: update conf script nameJohn Estabrook
2023-04-21vrf: T5150: l3vni must be removed prior to removing BGP VRF processChristian Breunig
2023-04-14T5162: Updated configd-include.json to remove extra comma.KyleM
removed extra comma invalidating json.
2023-04-13T5150: initial VRF support for Kernel/Zebra route-map filteringChristian Breunig
2023-03-16T5086: Add sFlow feature based on hsflowdViacheslav Hletenko
Add sFlow feature based on hsflowd According to user reviews, it works more stable and more productive than pmacct I haven't deleted 'pmacct' 'system flow-accounting sflow' yet It could be migrated or deprecated later set system sflow agent-address '192.0.2.14' set system sflow interface 'eth0' set system sflow interface 'eth1' set system sflow polling '30' set system sflow sampling-rate '100' set system sflow server 192.0.2.1 port '6343' set system sflow server 192.0.2.11 port '6343'
2022-12-11sstp: T4384: initial implementation of SSTP client CLIChristian Poessinger
vyos@vyos# show interfaces sstpc sstpc sstpc10 { authentication { password vyos user vyos } server sstp.vyos.net ssl { ca-certificate VyOS-CA } }
2022-05-02T2216: file is called container.pyChristian Poessinger
2022-04-30vyos-configd: enable firewall supportChristian Poessinger
2022-04-29T2216: containers need to be added via "add container image" in advance ↵Christian Poessinger
before using them
2022-04-28configd: eanble other missed out servicesChristian Poessinger
2022-04-26dhcp(v6): T3100: enable support with vyos-configdChristian Poessinger
2022-04-26vti: T1579: enable vyos-configd supoportChristian Poessinger
2022-04-25arp: T4397: migrate to get_config_dict()Christian Poessinger
2022-03-21qos: T4284: initial XML interface definitions for rewriteChristian Poessinger
2022-01-30Merge pull request #789 from jack9603301/T3420Daniil Baturin
upnpd: T3420: Support UPNP protocol
2022-01-05keepalived: T4109: Update configd-include.json to reflect filename changesarthurdev
2021-12-31snmp: T4124: remove snmp.py from vyos-configdChristian Poessinger
Commit 566f7f24 ("snmp: T4124: migrate to get_config_dict()") changed the internal structure to support vyos-configd. When using SNMPv3 we need to alter the running config by replacing the plaintext-password with an encrypted one, this is not allowed with vyos-configd.
2021-12-30snmp: T4124: migrate to get_config_dict()Christian Poessinger
2021-12-25flow-accounting: T4097: move to get_config_dict()Christian Poessinger
2021-11-13upnpd: T3420: Implement featuresjack9603301
2021-08-21interfaces: T3090: migrate adjust-mss from "firewall options" to "interface" ↵Christian Poessinger
level Getting rid of "set firewall options" and move it from: set firewall options interface ethX adjust-mss 1400 set firewall options interface ethX adjust-mss6 1400 to: set interfaces ethernet ethX ip adjust-mss 1400 set interfaces ethernet ethX ipv6 adjust-mss 1400 In addition add an extra option called clamp-mss-to-pmtu instead of a value.
2021-08-13vrf: T3734: T3728: vni must be configured with a higher priority then bgpdChristian Poessinger
When removing bgp (vrf) instances the assigned VRF vni must be deleted from FRR prior the removal of the bgp settings (T3734). This is now done by moving the CLI command "set vrf name red vni 1000" to a dedicated Python script with a priority higher then bgp.
2021-07-22pki: https: T3642: Migrate HTTPS to use PKI configurationsarthurdev
2021-07-07pki: T3642: Migrate rsa-keys to PKI configurationsarthurdev
2021-07-06ipsec: T2816: Migrate ipsec-settings.xml.in and charon.conf to vpn_ipsec.pysarthurdev
Also adds check for the charon socket instead of an arbitrary sleep()
2021-06-29pki: T3642: New PKI config and managementsarthurdev
2021-06-13wwan: T3620: rename "wirelessmodem wlm" interfaces to new wwan interface treeChristian Poessinger
2021-06-06nhrp: T3599: Remove vpn_ipsec.py from configd until bug is resolvedsarthurdev
2021-06-06nhrp: T3599: Migrate NHRP to XML/Pythonsarthurdev
2021-05-28ipsec: T2816: IPSec python rework, includes DMVPN and VTI supportSimon
2021-05-27conntrack: T3535: add conntrack-sync supported vyos-configd servicesChristian Poessinger
2021-05-27conntrack: T3579: initial implementation with XML and PythonChristian Poessinger
2021-04-17policy: T2425: re-implement "policy" tree from vyatta-cfg-quagga in XML/PythonChristian Poessinger
2021-04-05tunnel: T3030: move erspan type into regular tunnel interfaceChristian Poessinger
Instead of having a dedicated ERSPAN interface type, rather move the specifics into "interface tunnel". A migrator is not needed as there is yet no LTS release with this feature and this is considered experimental.
2021-03-25configd: T3426: include bgp, isis, ospf and static protocols in processingJohn Estabrook
vyos-configd now supports calling a script with a passed argument; re-include the conf_mode scripts that were excluded in ba251b3f2c.