Age | Commit message (Collapse) | Author |
|
suricata: T751: Initial support for suricata
|
|
vyos.utils.io: T6385: handle keyboard interrupts in ask_yes_no
|
|
and return False if the user interrupts the prompt with Ctrl-C
|
|
after applying the diff
|
|
T6373: QoS Policy Limiter - classes for marked traffic do not work
|
|
|
|
Fixed broken logging for "show log nat"
Added the following commands:
show log nat source
show log nat source rule <ruleNum>
show log nat destination nat
show log nat destination nat rule <ruleNum>
show log nat static
show log nat static rule <ruleNum>
|
|
|
|
|
|
They were never supported by VyOS,
that was just for very old systens upgraded from Vyatta Core
|
|
|
|
|
|
|
|
Bond: T6303: add system mac address on interfaces bond
|
|
|
|
|
|
|
|
|
|
template directory
as a more convenient and secure alternative to environment variable
|
|
Fix import for `rc_cmd`
|
|
Fix default values for random-detect
Remove dsmakr qdisc from gred cofig because dsmark was deleted from kernel
|
|
<set table> option in policy route.
|
|
qos: T4248: Allow to remove the only rule from the qos class
|
|
Add abiilty to change `base_reachable_time_ms` option
/proc/sys/net/ipv6/neigh/{ifname}/base_reachable_time_ms
|
|
|
|
We only supported calculating seconds to weeks but not seconds to years. This
has been added.
Testcase:
from vyos.utils.convert import seconds_to_human
minute = 60
hour = minute * 60
day = hour * 24
week = day * 7
year = day * 365.25
for separator in ['', ' ', '-', '/']:
print(f'----- Using separator "{separator}" -----')
print(seconds_to_human(10, separator))
print(seconds_to_human(5* minute, separator))
print(seconds_to_human(3* hour, separator))
print(seconds_to_human(4* day, separator))
print(seconds_to_human(7 * week, separator))
print(seconds_to_human(10 * year, separator))
print(seconds_to_human(5*year + 4*week + 3*day + 2*hour + minute + 5, separator))
print()
cpo@LR1.wue3:~$ ./foo.py
----- Using separator "" -----
10s
5m
3h
4d
7w
10y
5y4w3d2h1m5s
----- Using separator " " -----
10s
5m
3h
4d
7w
10y
5y 4w 3d 2h 1m 5s
----- Using separator "-" -----
10s
5m
3h
4d
7w
10y
5y-4w-3d-2h-1m-5s
----- Using separator "/" -----
10s
5m
3h
4d
7w
10y
5y/4w/3d/2h/1m/5s
|
|
When handling optional separators rather build up a list and join the list
with the requested delimiter to form the resulting human readable time string.
|
|
T6191: do not append action policy route|route6 when its not specified
|
|
|
|
specified, in order to ensure same behavior as in Equuleus
|
|
|
|
qos: T6035: QoS policy shaper queue-type random-detect requires limit avpkt
|
|
Added params for configuration red on the shaper policy
|
|
If we use rfc3768-compatibility with long interface names like
eth1.100.200 it converts the VRRP interface name name
to `<interface>v<VRID><IP version>`
For example `eth2.100.200v10v4`
The limit for interface name is 15 symbols and it causes that
interface name is ignoring by keepalived
VMAC interface name 'eth2.100.200v10v4' too long or invalid characters - ignoring
And it uses the default prefix `vrrp` for such cases.
It works fine, but such interfaces are not displayed in the op-mode
Allow prefix `vrrp` for the op-mode for `show interfaces`
|
|
|
|
There are cloud environments available where the maximum supported ethernet
MTU is e.g. 1450 bytes, thus we clamp this to the adapters maximum MTU value
or 1500 bytes - whatever is lower.
|
|
T6203: remove obsoleted xml lib
|
|
The vyos.xml functionality is replaced with vyos.xml_ref.
|
|
|
|
T6197: Fixed usage ipoe interface client-subnet without pools
|
|
T6068: dhcp-server: add command <set service dhcp-server high-availability mode>
|
|
Allowed using ipoe interface client-subnet without client pools
configuration.
|
|
mode> so user can define what type of ha use: active-active or active-passive
|
|
found using "git ls-files *.py | xargs pylint | grep W0611"
|
|
* Use interface_exists() outside of verify()
* Use verify_interface_exists() in verify() to drop common error message
|
|
configverify: T6198: add common helper for PKI certificate validation
|
|
The next evolutional step after adding get_config_dict(..., with_pki=True) is
to add a common verification function for the recurring task of validating SSL
certificate existance in e.g. EAPoL, OpenConnect, SSTP or HTTPS.
|
|
T6192: allow binding SSH to multiple VRF instances
|
|
|
|
|