Age | Commit message (Collapse) | Author |
|
T1470: improve output of "show dhcpv6 server leases"
|
|
* chap-secrets file generation
* noauth in accel config as option
* local auth with csid implemented
* radius implementation
* shaper per user implemented
* op comands for stats
|
|
- change DUID to IAID_DUID
- format IAID_DUID as colon-separated hex list
- implement functions: pool, sort, state
- add op-mode definitions for pool, sort, state
- add columns: State, Type, Last communication, Pool
- implement json output
- implement completionHelp function
|
|
* bfd:
bfd: T1183: support show of individual BFD peer
bfd: T1183: move "multiplier" configuration node to "interval multiplier"
bfd: T1183: add rx/tx interval configuration
bfd: T1183: multihop doesn't accept interface names
bfd: T1183: add support to configure detection multiplier
bfd: T1183: adjust CLI syntax for source address/interface
bfd: T1137: add 'show protocols bfd peer' command
bfd: T1183: add support for multihop
bfd: T1183: first working FRR bfd peer configuration
bfd: T1183: IPv6 peers require explicit local address/interface
bfd: T1183: initial CLI implementation
|
|
T1433: fix show dhcpv6 server leases
|
|
forward-zones-recurse behaves identically to dnsmasq server option
in legacy vyos 1.1.8, while forward-zones option disallow recursive
name resolving, which leads to dns lookup failure
|
|
|
|
|
|
vyos@vyos# show protocols
bfd {
peer 1.1.1.1 {
interval {
receive 400
transmit 300
}
}
}
|
|
|
|
Configures the detection multiplier to determine packet loss. The remote
transmission interval will be multiplied by this value to determine the
connection loss detection timer. The default value is 3.
Example: when the local system has detect-multiplier 3 and the remote
system has transmission interval 300, the local system will detect
failures only after 900 milliseconds without receiving packets.
|
|
Place address/interface under new source node.
vyis@vyos# show protocols bfd
peer 1.1.1.1 {
source {
address 1.2.3.4
interface eth0.201
}
}
|
|
multihop tells the BFD daemon that we should expect packets with TTL less than
254 (because it will take more than one hop) and to listen on the multihop port
(4784). When using multi-hop mode echo-mode will not work (see RFC 5883 section 3).
|
|
|
|
|
|
vyos@vyos# show protocols bfd
peer 172.18.202.10 {
local-address 172.18.201.10
local-interface eth0.201
shutdown
}
peer 172.18.202.12 {
shutdown
}
|
|
[ firewall options interface wg01 ]
Traceback (most recent call last):
File "/usr/libexec/vyos/conf_mode/firewall_options.py", line 139, in <module>
apply(c)
File "/usr/libexec/vyos/conf_mode/firewall_options.py", line 97, in apply
if tcp['new_chain4']:
TypeError: 'NoneType' object is not subscriptable
delete [ firewall options ] failed
delete [ firewall ] failed
Commit failed
|
|
|
|
|
|
|
|
- checking if the hostname has changed, otherwise the script and systemd try to restart
rsyslogd at the same time, at the end it's not started at all.
|
|
|
|
|
|
... to have the same pattern as the DHCPDv6 lease file
|
|
A wrong lease file caused the show command to fail:
vyos@vyos:~$ show dhcpv6 server leases
Traceback (most recent call last):
File "/usr/libexec/vyos/op_mode/show_dhcpv6.py", line 81, in <module>
leases = get_leases(lease_file, state='active')
File "/usr/libexec/vyos/op_mode/show_dhcpv6.py", line 44, in get_leases
leases = IscDhcpLeases(lease_file).get()
File "/usr/lib/python3/dist-packages/isc_dhcp_leases/iscdhcpleases.py", line 110, in get
with open(self.filename) as lease_file:
FileNotFoundError: [Errno 2] No such file or directory: '/config/dhcpdv6.leases'
|
|
[wireguard] T1428: correct handling of the fwmark option
|
|
|
|
|
|
|
|
|
|
|
|
|
|
- rsyslog appears now to be started via systemd automatically,
checking for the pid to avoid restart race condition between systemd
vyos conf script
|
|
|
|
* clamp MSS IPv4
set firewall options interface pppoe0 adjust-mss '1452'
* clamp MSS IPv6
set firewall options interface pppoe0 adjust-mss6 '1452'
* disable entire rule
set firewall options interface pppoe0 disable
Output
------
$ sudo iptables-save -t mangle
# Generated by iptables-save v1.4.21 on Sun Apr 21 12:56:25 2019
*mangle
:PREROUTING ACCEPT [1217:439885]
:INPUT ACCEPT [290:52459]
:FORWARD ACCEPT [920:375774]
:OUTPUT ACCEPT [301:100053]
:POSTROUTING ACCEPT [1221:475827]
:VYOS_FW_OPTIONS - [0:0]
-A FORWARD -j VYOS_FW_OPTIONS
-A VYOS_FW_OPTIONS -o pppoe0 -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss 1452
COMMIT
Completed on Sun Apr 21 12:56:25 2019
(cherry picked from commit 476aa4c3a561ea0ef0bf9b4c26ec8b78d18a5d02)
|
|
Remove possible trialing (.) when invoking hostnamectl. A hostname with
a trailing (.) is not supported in hostnamectl.
|
|
T1343: do not remove zeros DHCP static route
|
|
- RADIUS shaper settings
|
|
- implementation for locally definied users
|
|
|
|
|
|
WPAD url could be configured by CLI but the generated config was not
understood by ISC dhcp - caused by infalid if {} statement resulting in
a missing "option wpad-url code 252 = text;" block.
|
|
Same cause as with commit c6988bb4110541478dad74d0b892fd4643ed530a
|
|
- checks if a variable exists to avoid setting None on defined defaults
|
|
Add support for relaying a DHCPv6 packet to multiple servers on one upstream
interface.
|
|
When generation the configuration for multiple upstream interfaces a whitespace
was missing in the generated configuration:
OPTIONS="-6 -l 2001:db8::ffff%eth1 -u 2001:db8:1:ffff%eth2-u 2001:db8:2:ffff%eth3"
^---
This caused an error when starting up the DHCPv6 relay service
|
|
|
|
|
|
|
|
|