| Age | Commit message (Collapse) | Author |
|---|
|
|
|
Adopt RADIUS configuration and harmonize it with the rest of VyOS. Move the
following configuration block:
security {
wpa {
cipher CCMP
mode wpa2
radius-server 172.16.100.10 {
port 1812
secret secretkey
}
radius-server 172.16.100.11 {
port 1812
secret secretkey
}
}
}
to the harmonized version of:
security {
wpa {
cipher CCMP
mode wpa2
radius {
server 172.16.100.10 {
port 1812
secret secretkey
}
server 172.16.100.11 {
port 1812
secret secretkey
}
}
}
}
And add the new "set interfaces wireless wlan0 security wpa radius
source-address" CLI command to specify the origin of any RADIUS query on
systems having multiple IP addresses.
|
|
|
|
If no capabilities are configured on the CLI - there should also be no ht_capab
or vht_capab entry in the resulting hostapd.conf
|
|
Working:
- Wireless modes b, g, n, ac
- WPA/WPA2 psk and RADIUS (tested using Microsoft NPS)
|
|
|
|
to be a bug in OpenVPN client when comparing pushed cipher with local ncp cipher list
|
|
|
|
[OpenVPN]: T1704: Changed config structure for OpenVPN encryption to support ncp-ciphers.
[OpenVPN]: T1704: Added migration scripts for interface 2-to-3
|
|
QAT: T1788: Intel QAT implementation
|
|
l2tp: T1747: automatically calculate gw-ip-address.
|
|
|
|
Commit 967067970494c1800f ("ddclient: T1030: adjust to latest syntax")
was under the impression that ddclient 3.9.0 now handles every config
item with a comma in the end. This is unfortunately not true on RFC2136
dynamic DNS entries.
Remove commas on config template.
|
|
|
|
Fix error when deleting a member with:
delete interfaces bridge br0 member interface eth1
Traceback (most recent call last):
File "/usr/libexec/vyos/conf_mode/interfaces-bridge.py", line 304, in <module>
apply(c)
File "/usr/libexec/vyos/conf_mode/interfaces-bridge.py", line 267, in apply
br.del_port( intf['name'] )
TypeError: string indices must be integers
|
|
|
|
|
|
|
|
|
|
|
|
The SNMPv3 TSM is very complex and I know 0 users of it. Also this is untested
and I know no way how it could be tested. Instead of carrying on dead and
unused code we should favour a drop of it using a proper config migration
script.
|
|
As of the SNMP specification an SNMP engine ID should be unique per device.
To not make it more complicated for users - only use the global SNMP engine ID.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
There was a bug when refactoring this with commits 5848a4d ("dhcp-server:
T1707: remove DHCP static-mappings from address pool") and 1182b44
("dhcp-server: T1707: bugfix on subsequent DHCP exclude addresses") that when
a static address assignemnt was using the last IP address from the specified
range.
This triggered the following error:
"DHCP range stop address x must be greater or equal to the range start
address y!"
|
|
* removed subprocess as it is not required, script is executed via sudo
* pep8 formatted
|
|
|
|
|
|
* typo fixed
|
|
Systems not runing BGP won't boot anymore. Syslog shows:
snmpd[5404]: getaddrinfo: inetCidrRouteTable Name or service not known
snmpd[5404]: getaddrinfo("inetCidrRouteTable", NULL, ...): Name or service not known
snmpd[5404]: Error opening specified endpoint "inetCidrRouteTable"
snmpd[5404]: Server Exiting with code 1
snmpd[5401]: Starting SNMP services::
systemd[1]: snmpd.service: control process exited, code=exited status=1
systemd[1]: Failed to start LSB: SNMP agents.
systemd[1]: Unit snmpd.service entered failed state.
This reverts commit e45648cdd5a52569be7f3ac30473b0c7474a7894.
|
|
|
|
|
|
renamed: interface-bonding.py -> interfaces-bonding.py
renamed: interface-bridge.py -> interfaces-bridge.py
renamed: interface-dummy.py -> interfaces-dummy.py
renamed: interface-ethernet.py -> interfaces-ethernet.py
renamed: interface-loopback.py -> interfaces-loopback.py
renamed: interface-openvpn.py -> interfaces-openvpn.py
renamed: interface-vxlan.py -> interfaces-vxlan.py
renamed: interface-wireguard.py -> interfaces-wireguard.py
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
This resulted in a commit error when Bonding interfaces have been involved.
|
|
Previously when static-mappings have been created the address was still within
the DHCP pool resulting in log entries as follows:
dhcpd: Dynamic and static leases present for 192.0.2.51
dhcpd: Remove host declaration DMZ_PC2 or remove 192.0.2.51
dhcpd: from the dynamic address pool for DMZ
(cherry picked from commit 6f954ab56768af9a07d8a1dc086f54ddefa58da7)
|
|
(cherry picked from commit bdf890cca40157b3f2a2386685e043e0fa220fac)
|
|
Moved the code for splicing a DHCP range into its dedicated function as this
will later be required again. Having subsequent DHCP exclude addresses
e.g. 192.0.2.70 and 192.0.2.71 did not work as the previous algorithm
created a range whose start address was after the end address.
(cherry picked from commit 0f0f9f2835cf85c1fd3652ec83368528754764cd)
|
|
|
