summaryrefslogtreecommitdiff
path: root/src/conf_mode
AgeCommit message (Collapse)Author
2022-02-14backport: policy: T4151: remove all previous rules on editHenning Surmeier
2022-02-14backport: policy: T4151: Bugfix policy ipv6-local-routeHenning Surmeier
2022-02-14backport: policy: T4151: Add policy ipv6-local-routeHenning Surmeier
Adds support for `ip -6 rule` policy based routing. Also, extends the existing ipv4 implemenation with a `destination` key, which is translated as `ip rule add to x.x.x.x/x` rules. https://phabricator.vyos.net/T4151
2022-02-14tunnel: T4154: import cleanupChristian Poessinger
(cherry picked from commit 122c7a53575f67759f157e02eca776f799658dc1)
2022-02-14tunnel: T4154: verify() no more then one GRE tunnel is used w/o "ip key" per ↵Christian Poessinger
interface It is impossible for the OS kernel to distinguish multiple GRE tunnels when no "gre key" is configured when sourcing tunnels from the same interface. (cherry picked from commit 6f1326d6b68f6dcb83843374c876407ef2922bd1)
2022-02-13vrf: T4191: bugfix for "ip rule" when VRFs are createdChristian Poessinger
We always mangled and worked on the "ip rule" singleton even when nothing needed to be changed. This resulted in a VRF hickup when the same VRF was added and removed multiple times. set interfaces ethernet eth1 vrf foo set vrf name foo table '1000' commit delete interfaces ethernet eth1 vrf delete vrf commit set interfaces ethernet eth1 vrf foo set vrf name foo table '1000' commit broke reachability on eth1 - a reboot was required. This change will now only alter the ip rule tables once when VRF instances are created for the first time and will not touch the Kernel "ip rule" representation afterwards. (cherry picked from commit 2cec431e5caf9df85640f707cd6dc3077c17c238)
2022-02-11conntrack-sync: T4237: Fix checks for listen-address list to strViacheslav Hletenko
Verify section conntrack_sync.py funciton 'is_addr_assigned' should checks address as string not as list
2022-02-08monitoring: T3872: Add new feature service monitoring telegrafViacheslav Hletenko
2022-01-09squid: T3299: Add listen address 0.0.0.0sever-sever
(cherry picked from commit 1a74e6b3ce061f3c866bcb3f119ee5c73b0c6796)
2021-12-30Merge pull request #1125 from DmitriyEshenko/eq-1x-29122021-01Daniil Baturin
l2tp-server: T4117: Add dae-server configuration to template
2021-12-29configd: T4086: use 'copy' on mutable global var default_config_dataJohn Estabrook
(cherry picked from commit d2ca2ac1cf9cacd44a04fbb6da9a884c23f043f6)
2021-12-29l2tp-server: T4117: Add dae-server configuration to templateDmitriyEshenko
2021-12-27snmp: T4093: add missing verify() step for required group per snmp v3 userChristian Poessinger
(cherry picked from commit a70a4001fe0b3a91a7d86191ff32dcc7205d2eae)
2021-12-26http: api: T4055: add VRF supportChristian Poessinger
(cherry picked from commit 4aaf0ba69139d84f89e5c3feee6edd845af8d1e5)
2021-12-19T4084: dehardcode the post-login bannerDaniil Baturin
2021-12-16http-api: T4076: allow setting CORS option 'Access-Control-Allow-Origin'John Estabrook
(cherry picked from commit 55f8ede2d09a9ad095f9ec5c2a729f8c5fb6aafa)
2021-12-15pppoe-server: T3006: Add range to regex generatorDmitriyEshenko
2021-12-14http-api: T4071: allow API to bind to unix domain socketJohn Estabrook
(cherry picked from commit 0e3c35e6517f5cfebb4206c735a2ea976a7fd383)
2021-12-11T3912: migrate "Welcome to VyOS" from issue file to motd to not silently ↵Christian Poessinger
expose OS (cherry picked from commit 9ccc353893a3a9a1dc7dfd59463d34449bf05afb)
2021-12-10wwan: T3795: remove superfluous import (render)Christian Poessinger
2021-12-10wwan: T3795: only enable cron helper when interface is in useChristian Poessinger
2021-12-10wwan: T3795: only run ModemManager when interface is in useChristian Poessinger
2021-12-09https: T4055: add vrf supportChristian Poessinger
(cherry picked from commit 955f260ce682d64d27b3b11e618b1ae0176e4b91)
2021-12-08mpls: T4024: use FRRConfig() class for config reloadingChristian Poessinger
2021-12-06sflow: T4046: Add source-address for sflowViacheslav
(cherry picked from commit bb77dd269bfb9522f5b56ac027598ac20e101f13)
2021-12-03tftp: T4012: Add TFTP VRF supportDmitriyEshenko
2021-12-01http-api: T3440: simplify vyos-http-api initializationJohn Estabrook
(cherry picked from commit f2bdd26c36e7074d093e001656bc649b7c7426d3)
2021-11-27Merge pull request #1085 from andriiandrieiev/equuleusChristian Poessinger
filesystem: T3946: root partition auto resize as a service
2021-11-25filesystem: T3946: partition resize as a serviceAndrii
2021-11-24sstp: T2661: Delete certificate files redundancy checkDmitriyEshenko
2021-11-18wwan: T3795: do not fail config-load when signal is missingChristian Poessinger
2021-11-17snmp: T3996: fix invalid IPv6 localhost handling when using listen-addressChristian Poessinger
We need to use a temporary variable when validating the tuple if address is used. If not the else branch will always add the tuple to the list of addresses used for listen-address. (cherry picked from commit d13b91462487e090b32c0d1ecf9139a2271b4837)
2021-11-17openvpn: T3995: implement systemd reload supportChristian Poessinger
(cherry picked from commit eceaa3a787929f5a514b9c45da52936c0d4d4a54)
2021-11-17OpenVPN: T3350: Changed custom options for OpenVPN processingzsdc
Custom OpenVPN options moved back to the command line from a configuration file. This should keep full compatibility with the `crux` branch, and allows to avoid mistakes with parsing options that contain `--` in the middle. The only smart part of this - handling a `push` option. Because of internal changes in OpenVPN, previously it did not require an argument in the double-quotes, but after version update in `equuleus` and `sagitta` old syntax became invalid. So, all the `push` options are processed to add quotes. The solution is still not complete, because if a single config line contains `push` with other options, it will not work, but it is better than nothing. (cherry picked from commit 3fd2ff423b6c6e992b2ed531c7ba99fb9e1a2123)
2021-11-17T3912: add additional newline after "Welcome to VyOS"Christian Poessinger
(cherry picked from commit 77eca49bffede005f546b7d9d3660bf2e32c7e8e)
2021-11-15l2tp: T3724: allow setting accel-ppp l2tp host-nameMarek Isalski
(cherry picked from commit 3d00140453b3967370c77ddd9dac4af223a7ddce)
2021-11-08T3912: remove duplicate "Welcome to VyOS!" already shown by pre-loginChristian Poessinger
(cherry picked from commit 73be449b1cd09f3ca86400753630fb4804fbeca7)
2021-11-07http-api: T3440: give uvicorn time to initialize before starting NginxJohn Estabrook
(cherry picked from commit 889e16a77517549fb833a90d047455533be02f06)
2021-11-07T3912: use a more informative default login bannerChristian Poessinger
(cherry picked from commit 5d39a113bdef82e201aa43f848217c30db2f6fd9)
2021-10-31tunnel: T3956: GRE key check must not be run on our own interface instanceChristian Poessinger
2021-10-31netflow: T3953: use warning if "netflow source-ip" does not exist instead of ↵Christian Poessinger
error (cherry picked from commit 17215846b512851e7df8cdfcfc06c18b1d27f763)
2021-10-31console: T3954: bugfix RuntimeError: dictionary keys changed during iterationChristian Poessinger
(cherry picked from commit f227987ccf41e01d4ddafb6db7b36ecf13148c78)
2021-10-27vrrp: T3944: reload daemon instead of restart when already runningChristian Poessinger
This prevents a failover from MASTER -> BACKUP when changing any MASTER related configuration. (cherry picked from commit 2c82c9acbde2ccca9c7bb5e646a45fd646463afe)
2021-10-22sstp: T2566: Fix verify section for pool ipv6 onlyViacheslav
2021-10-21dhcp-server: T3610: Allow configuration for non-primary ip addressViacheslav
(cherry picked from commit 78cfb949cc6bceab744271cf23f269276b178182)
2021-10-21dhcp: T3626: Prevent to disable only one configured networkViacheslav
(cherry picked from commit 9c825a3457a88a4eebc6475f92332822e5102889)
2021-10-20tunnel: T3921: bugfix KeyError for source-addressChristian Poessinger
2021-10-20dhcpv6-server: T3918: Fix subnets verify raise ConfigErrorViacheslav
(cherry picked from commit ead10909ba9104733930bb3f59c90610138bd047)
2021-10-08tunnel: T3893: harden logic when validating tunnel parametersChristian Poessinger
Different types of tunnels have different keys set in get_interface_config(). Thus it should be properly verified (by e.g. using dict_search()) that the key in question esits to not raise KeyError. (cherry picked from commit 5aadf673497b93e2d4ad304e567de1cd571f9e25)
2021-10-02dns: forwarding: T3882: remove deprecated code to work with PowerDNS 4.5Christian Poessinger