summaryrefslogtreecommitdiff
path: root/op-mode-definitions
AgeCommit message (Collapse)Author
2024-09-18T6723: firewall: extend op-mode commands <show firewall ..> and a <show log ↵Nicolas Fort
firewall ..> in order to match all chains/priorities
2024-09-16Merge pull request #4020 from c-po/secure-bootChristian Breunig
T861: op-mode: initial parts for UEFI secure boot CLI
2024-09-16T861: op-mode: add "install mok" CLI commandChristian Breunig
Deploy VyOS Secure Boot CA MOK (Machine Owner Key) into UEFI variables of the running machine.
2024-09-16T861: op-mode: add "show secure-boot [keys]" CLI commandChristian Breunig
Support getting current system secure boot state. In addition add optional suppor tto list all enrolled MOK (Machine Owner Keys) in the UEFI variable store.
2024-09-15op-mode: T6715: manually changing time/date is not synced into hardware clockChristian Breunig
When not using NTP and adjusting the current system time/date using set date the time is not saved across a reboot into the hardware RTC. This commit explicitly syncs the current time after a change into the systems RTC. Most routers do not run without NTP (which is even a VyOS default) so the priority is pretty low.
2024-09-12Merge pull request #4055 from natali-rs1985/T6694-add-execute-sshChristian Breunig
op-mode: T6694: Add op-mode command "execute ssh"
2024-09-12Merge pull request #4021 from natali-rs1985/T6652-currentDaniil Baturin
openfabric: T6652: Add support for OpenFabric protocol
2024-09-12op-mode: T6694: Add op-mode command "execute ssh"Nataliia Solomko
execute ssh host [host] user [username]
2024-09-12Merge pull request #4042 from natali-rs1985/T6694-currentChristian Breunig
op-mode: T6694: Move some op-mode commands to the "execute" family
2024-09-10Merge pull request #4038 from natali-rs1985/T6181-currentDaniil Baturin
op_mode: T6181: A feature for checking ports
2024-09-10op-mode: T6694: Move some op-mode commands in the "execute" familyNataliia Solomko
'force netns' — move to 'execute shell netns'. 'force vrf'— move to 'execute shell vrf'. 'force owping' — move to 'execute owping'. 'force twping' — move to 'execute twping'. 'monitor bandwidth-test' — move to 'execute bandwidth-test`. 'telnet' — move to 'execute telnet'
2024-09-10op_mode: T6181: A feature for checking portsNataliia Solomko
2024-09-05opmode: T6694: move wake-on-lan to "execute wake-on-lan" (#4031)Daniil Baturin
2024-09-04openfabric: T6652: Add support for OpenFabric protocolNataliia Solomko
OpenFabric is a routing protocol providing link-state routing with efficient flooding for topologies like spine-leaf networks. FRR implements OpenFabric in a daemon called fabricd
2024-08-22T6561: Add vrf aware for show ntpViacheslav Hletenko
2024-08-21op_mode: T6668: Add detailed statistics infomartion about MACsec interfacesfett0
2024-08-14op_mode: T6651: Add a top level op mode word "execute"Nataliia Solomko
2024-07-30Merge pull request #3698 from talmakion/bugfix/T3334Christian Breunig
system: op-mode: T3334: allow delayed getty restart when configuring serial ports
2024-07-30system: op-mode: T3334: allow delayed getty restart when configuring serial ↵Andrew Topp
ports * Created op-mode command "restart serial console" * Relocated service control to vyos.utils.serial helpers, used by conf- and op-mode serial console handling * Checking for logged-in serial sessions that may be affected by getty reconfig * Warning the user when changes are committed and serial sessions are active, otherwise restart services as normal. No prompts issued during commit, all config gen/commit steps still occur except for the service restarts (everything remains consistent) * To apply committed changes, user will need to run "restart serial console" to complete the process or reboot the whole router * Added additional flags and target filtering for generic use of helpers.
2024-07-17Merge pull request #3817 from c-po/op-mode-restartChristian Breunig
op-mode: T6577: create generic service restart helper to work with the API
2024-07-16op-mode: T6577: create generic service restart helper to work with the APIChristian Breunig
Right now we have multiple restart helpers (e.g. dhcp server, ssh, ntp) that all do the same (more or less): * Check if service is configured on CLI * Restart if configured * Error out if unconfigured This is not available via the op-mode API. Create a new restart.py op-mode helper that takes the service name and possible VRF as argument so it's also exposed via API.
2024-07-15Merge pull request #3810 from c-po/restart-ntpChristian Breunig
op-mode: T6575: add support for NTP service restart via CLI
2024-07-14firewall: T6581: fix completion for "show firewall ... rule"Daniil Baturin
2024-07-13op-mode: T6575: add support for NTP service restart via CLIChristian Breunig
This seemed to be arround in the early days, but is not available since at least VyOS 1.3.3. Add CLI helper to restart the NTP process (chrony).
2024-07-10op-mode: T6566: add support for listing all interfaces in "monitor bandwidth"Christian Breunig
Right now we can only monitor the bandwidth for one individual interface, but not all at once. This adds support to monitor all interfaces.
2024-07-03Merge pull request #3746 from ↵Daniil Baturin
dmbaturin/T6498-machine-readable-tech-support-report op-mode: T6498: add machine-readable tech support report script
2024-07-03op-mode: T6498: add machine-readable tech support report scriptDaniil Baturin
2024-07-02Merge pull request #3745 from c-po/no-legacyDaniil Baturin
T6527: add legacy Vyatta interpreter files still in use
2024-06-30T6527: add legacy Vyatta interpreter files still in useChristian Breunig
2024-06-29Merge pull request #3733 from c-po/T6524-release-dhcpChristian Breunig
op-mode: T6524: rewrite "release dhcp(v6) interface" to new op-mode format
2024-06-28T6452: Add QoS Op Commands (#3591)l0crian1
* T6452: Add QoS Op Commands Added the following commands: show qos shaping show qos shaping detail show qos shaping interface <int name> show qos shaping interface <int name> detail show qos shaping interface <int name> class <class name> show qos shaping interface <int name> class <class name> detail show qos cake interface <int name>
2024-06-27op-mode: T6524: rewrite "release dhcp(v6) interface" to new op-mode formatChristian Breunig
2024-06-27Merge pull request #3715 from HollyGurza/T6313Christian Breunig
T6313: Add "NAT" to "generate" command for rule resequence
2024-06-27T6313: Add "NAT" to "generate" command for rule resequencekhramshinr
2024-06-24Merge pull request #3683 from dmbaturin/T6501-lsmod-on-steroidsJohn Estabrook
op mode: T6501: add "run show kernel modules"
2024-06-21op-mode: T6503: "restart ssh" command not workingChristian Breunig
Commit e5af1f090 ("ssh: T6192: allow binding to multiple VRF instances") switched the systemd unit file from ssh.service to ssh@*.service, this change was not reflected in the "restart ssh" op-mode command.
2024-06-19op mode: T6501: add "run show kernel modules"Daniil Baturin
2024-06-14Merge pull request #3645 from c-po/pki-T6480Christian Breunig
op-mode: T6480: must call pki.py helper as root to work with ACME certificates
2024-06-14Merge pull request #3646 from c-po/pki-T6407Christian Breunig
op-mode: T6407: "generate pki" missed to mangle in ACME certificates when required
2024-06-14op-mode: T6407: "generate pki" missed to mangle in ACME certificates when ↵Christian Breunig
required If the requested certificate to generate an Apple IOS profile was based on an ACME certificate, we also need to mangle in the ACME certs content to retrieve the certificates issuer name.
2024-06-14op-mode: T6480: must call pki.py helper as root to work with ACME certificatesChristian Breunig
This is an addition to commit 65fba1cd2 ("op-mode: T6377: must call pki.py helper as root to work with ACME certificates") which missed out the basic "show pki" command, as the <command> XML node was deep down in the view.
2024-06-13Merge pull request #3601 from talmakion/bugfix/T6456Daniil Baturin
T6456: Convert "monitor traffic" to modern op-mode wrapper
2024-06-11T6456: Convert "monitor traffic" to modern op-mode wrapperAndrew Topp
The old "monitor traffic" definition had misaligned arguments under the verbose node and manually offered the same parameter keyword in multiple positions to emulate flexible parameters. I've wrapped tcpdump for op-mode and replicated the "varargs" style from mtr.py/mtr.xml.in to present a few more parameters in a more flexible manner. Changes to the Makefile were required for recursive varargs lookup.
2024-06-11T6045: Recreate show lldp detail views & improve remote port selectionAndrew Topp
If the remote device has explicitly sent the interface name as the portID, we should use that first as the interface name, before working through the previous priority order. I've brought back LLDP detail views directly calling lldpcli. This can be extended to render a template from op_mode/lldp.py, but lldpcli isn't bad at rendering readable info. Raw mode (including detailed raw) is still accessible for programmatic access.
2024-06-10wireless: T6462: add op-mode command for hostapd and wpa_supplicant logsChristian Breunig
* monitor log wireless hostapd [interface <name>] * monitor log wireless wpa-supplicant [interface <name>] * show log wireless hostapd [interface <name>] * show log wireless wpa-supplicant [interface <name>]
2024-06-04T6431: op-mode command monitor traceroute missing recursive symlinkAndrew Topp
Likely this was copied from mtr in the past but the symlink wasn't added to the Makefile. I've also swapped the completion help text around to match the commands.
2024-05-29op-mode: T5231: add command to restart reverse-proxyChristian Breunig
2024-05-25op-mode: T6377: must call pki.py helper as root to work with ACME certificatesChristian Breunig
This fixes the error: vyos@vyos:~$ show pki certificate Traceback (most recent call last): File "/usr/lib/python3/dist-packages/vyos/config.py", line 111, in config_dict_mangle_acme tmp = read_file(f'{vyos_certbot_dir}/live/{name}/cert.pem') ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/lib/python3/dist-packages/vyos/utils/file.py", line 44, in read_file raise e File "/usr/lib/python3/dist-packages/vyos/utils/file.py", line 38, in read_file with open(fname, 'r') as f: ^^^^^^^^^^^^^^^^ PermissionError: [Errno 13] Permission denied: '/config/auth/letsencrypt/live/vyos/cert.pem'
2024-05-23Merge pull request #3399 from 0xThiebaut/suricataChristian Breunig
suricata: T751: Initial support for suricata
2024-05-21Merge pull request #3490 from sever-sever/T6366Christian Breunig
T6366: CGNAT add ability to get external and internal allocations