summaryrefslogtreecommitdiff
path: root/src/conf_mode
AgeCommit message (Collapse)Author
2019-06-22T1433: fix also filenames in /etc/default/isc-dhcpv6-serverJernej Jakob
(cherry picked from commit 690ae8bf526b6d45997bedf5e856f858ad251658)
2019-06-20firewall: T1461: deleting 'firewall options' causes Python TypeErrorChristian Poessinger
[ firewall options interface wg01 ] Traceback (most recent call last): File "/usr/libexec/vyos/conf_mode/firewall_options.py", line 139, in <module> apply(c) File "/usr/libexec/vyos/conf_mode/firewall_options.py", line 97, in apply if tcp['new_chain4']: TypeError: 'NoneType' object is not subscriptable delete [ firewall options ] failed delete [ firewall ] failed Commit failed (cherry picked from commit efb1a1c88f436a3704c4ca6e15b65aeded4b9654)
2019-06-20T1458: Regression in 1.2.1-S2 hostname & loggingKim Hagen
2019-06-04T1379: Deprecated functions in /sbin/dhclient-scriptKim Hagen
Conflicts: src/conf_mode/host_name.py
2019-05-26[rsyslog] T1358 - typo fixed os.path.existshagbard
2019-05-26[rsyslogd] T1355 - rsyslog stopped after reboot or clean starthagbard
- rsyslog appears now to be started via systemd automatically, checking for the pid to avoid restart race condition between systemd vyos conf script
2019-05-26[rsyslog] Fixes: T1294 - Trying to delete 'system syslog' throws an exceptionhagbard
2019-05-20T1255: add newlines for 3rd party script amendmentsChristian Poessinger
2019-05-20hostname: bugfix for overwriting search domainsChristian Poessinger
2019-05-20Add header to resolver configuration fileChristian Poessinger
2019-05-20hostname: additional test case fixesChristian Poessinger
Conflicts: src/tests/test_host_name.py
2019-05-20T1174: migrate local hostname/DNS handling to vyos-1xChristian Poessinger
Conflicts: src/conf_mode/host_name.py
2019-05-08[VRRP] T1371: add quotes around the health check script string.Daniil Baturin
2019-04-21T1343: do not remove zeros DHCP static routetmarlok88
(cherry picked from commit 31ad6b67e3bc22bc340ba5b4f95cf3dd548e31b9)
2019-04-21[firewall] T314: add firewall options for MSS clampingChristian Poessinger
* clamp MSS IPv4 set firewall options interface pppoe0 adjust-mss '1452' * clamp MSS IPv6 set firewall options interface pppoe0 adjust-mss6 '1452' * disable entire rule set firewall options interface pppoe0 disable Output ------ $ sudo iptables-save -t mangle # Generated by iptables-save v1.4.21 on Sun Apr 21 12:56:25 2019 *mangle :PREROUTING ACCEPT [1217:439885] :INPUT ACCEPT [290:52459] :FORWARD ACCEPT [920:375774] :OUTPUT ACCEPT [301:100053] :POSTROUTING ACCEPT [1221:475827] :VYOS_FW_OPTIONS - [0:0] -A FORWARD -j VYOS_FW_OPTIONS -A VYOS_FW_OPTIONS -o pppoe0 -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss 1452 COMMIT Completed on Sun Apr 21 12:56:25 2019
2019-04-20[hostname] T1336: sanitize FQDN before passing to hostnamectlChristian Poessinger
2019-04-10[dhcp] T1330: bugfix for non working wpad urlChristian Poessinger
WPAD url could be configured by CLI but the generated config was not understood by ISC dhcp - caused by infalid if {} statement resulting in a missing option wpad-url block. (cherry picked from commit bfa9d55e9f1c3a091cff2fc214f2587d9b049cdb)
2019-04-06[dhcpv6-relay] T1322: bugfix on multiple listen interfacesChristian Poessinger
Same cause as with commit c6988bb4110541478dad74d0b892fd4643ed530a (cherry picked from commit 40c342f3a84a75acc9f41c83cb735e966da7c47e)
2019-04-03[dhcpv6-relay] T1322: support multiple upstream serversChristian Poessinger
Add support for relaying a DHCPv6 packet to multiple servers on one upstream interface. (cherry picked from commit d5b113923aaa776f89749c820d6283b593e80c3a)
2019-04-03[dhcpv6-relay] T1322: bugfix on multiple upstream interfacesChristian Poessinger
When generation the configuration for multiple upstream interfaces a whitespace was missing in the generated configuration: OPTIONS="-6 -l 2001:db8::ffff%eth1 -u 2001:db8:1:ffff%eth2-u 2001:db8:2:ffff%eth3" ^--- This caused an error when starting up the DHCPv6 relay service (cherry picked from commit c6988bb4110541478dad74d0b892fd4643ed530a)
2019-03-31Revert "Fixes: T1262 - dhcp requested WAN ip address doesn't get search ↵Daniil Baturin
parameter in /etc/resolv.conf" This reverts commit 1a384ed21f1777faaef653f9d1e3d9c05542fdc8.
2019-03-22Fixes: T1262 - dhcp requested WAN ip address doesn't get search parameter in ↵hagbard
/etc/resolv.conf
2019-03-20[rsyslog] T1282 - Configure VyOS to send syslog messages to remote syslog ↵hagbard
using fully-qualified domain name
2019-03-17T103: [dhcp-server] add support to configure host declarative namesChristian Poessinger
(cherry picked from commit 0fefe3c3b9250ad2ba841287a94036119728c708)
2019-02-28Fix: T1217 - cant delete wireguard wg0 interfacehagbard
2019-02-28enhancement: T1225 - wireguard implement 'set int wireguard wg0 peer name ↵hagbard
disable' to disable single peers Conflicts: debian/changelog
2019-02-28Merge branch 'crux' of https://github.com/vyos/vyos-1x into cruxDaniil Baturin
2019-02-28T1272: send VRRP messages from the base interface in RFC-compliant mode only ↵Daniil Baturin
in unicast mode (patch by Johan Fredin).
2019-02-25T1234: add missing option when processing dhcp-relay packetsChristian Poessinger
(cherry picked from commit f0084de554d71d0f011c7fd2c6009f1864bd9d77)
2019-02-25[tftp] T1261: always adjust directory permissions of tftprootChristian Poessinger
(cherry picked from commit 583975299c625d6049be6561d70e4cadc9976242)
2019-02-25[tftp] T1261: bugfix allow-upload handlingChristian Poessinger
(cherry picked from commit fbfe43b5ae7692e6ee6ce6d5517efdb2cdf8f022)
2019-02-25[tftp] T1261: reorder DAEMON_ARGSChristian Poessinger
(cherry picked from commit 3a1e484c69c883af03f355f0349ef218212207e1)
2019-02-25[tftp] T1261: bugfix listening on multiple IP addessesChristian Poessinger
tftp-hpa which is the TFTP daemon used by VyOS does not support listening on multiple IP adresses. With this limitation we will start one TFTP daemon instance per configured listen-address via systemd. (cherry picked from commit 735a24d58ddf55294241ce8160471fe9be062498)
2019-02-10T1231: Remove cache file of 'service dns dynamic'Christian Poessinger
When deleting or changing "service dns dynamic" the cache file of ddclient is not removed, leading to abandoned host names which might be already gone. (cherry picked from commit ec604ef88e2845bcd75070f6dff325ccc50873aa)
2019-02-10T1213: ddclient: proper enquote web-skip parameterChristian Poessinger
(cherry picked from commit ad011db299196a2e5defa7d8030be149d71d53ee)
2019-02-01[broadcast-relay] T1224: fix missing newline between comment and options.Daniil Baturin
2019-01-30T1213: fix ddclient when no server is givenChristian Poessinger
(cherry picked from commit cc3f6088783373bd56cd821599bdc12ba123125b)
2019-01-30T1160: fix (ro|rw)community ACLChristian Poessinger
WHen building up the SNMP v2 community ro/rw access all hosts from a INET version could access even when the community was locked to one INET family. Example #1: set service snmp community bar network 172.16.0.0/12 Allowed access only to IPv4 network 172.16.0.0/12 but it allowed acces from IPv6 ::/0. Example #2: set service snmp community baz network 2001:db8::/64 Limited IPv6 access to 2001:db8::/64 but IPv4 was open to 0.0.0.0/0 (cherry picked from commit cc07c4727bdffb4c220ce28ab9f697b01fe4afb7)
2019-01-25Fix: T1178: Scheduled script breaks ability to modify configurationhagbard
2019-01-22Revert "Fix: T1178 - Scheduled script breaks ability to modify configuration"hagbard
This reverts commit 632893abf5c7bf935d866462a107ed1eef1747b3.
2019-01-21Fix: T1178 - Scheduled script breaks ability to modify configurationhagbard
2019-01-12T1041: make upstream DNS server optionalChristian Poessinger
The name-server option under "service dns-forwarding" was never mandatory so users never needed to specify an upstream server. With the recent switch to PowerDNS recursor in VyOS 1.2.0 we will act as a full DNS recursor when there is no upstream DNS server configured.
2019-01-06Fix: T1162 - WireGuard: Unable to modify tunnels - KeyError: 'state'hagbard
2019-01-06T1129: replace quotes when dealing with 'subnet/global-parameters'Christian Poessinger
2019-01-06T1129: fix handling of raw DHCP 'subnet-parameters'Christian Poessinger
subnet-parameters were not added to the resulting configuration.
2019-01-03T1147: Fix SNMP config file generation on newly installed systemsChristian Poessinger
2018-12-31T1128: restart SNMP on hostname change.Daniil Baturin
2018-12-16Revert "T1087: Firewall on Wireguard Interface implementation"Daniil Baturin
This reverts commit 51f61991092a163f680e4ec8f122e73f4074ddf9. It's not how it's done, those templates are generated by a script in vyatta-cfg-firewall. If we are planning a firewall overhaul in 1.3.x, there's no reason to transplant the old approach to new code.
2018-12-11T1087: Firewall on Wireguard Interface implementationhagbard
2018-11-30Fixes: T1061: Wireguard: Missing option to administrativly shutdown interfacehagbard