Age | Commit message (Collapse) | Author |
|
* 'current' of github.com:vyos/vyos-1x:
bridge: T1673: re-use "base" variable
bridge: T1673: add missing VLAN bridge member migration
geneve: T1799: add misssing "vni" to default_config_data
vxlan: T1636: add misssing "vni" to default_config_data
geneve: T1799: set minimum MTU size 1500 bytes
geneve: T1799: add IPv4 routing parameters
geneve: T1799: support bridging
geneve: T1799: add Generic Network Virtualization Encapsulation
|
|
|
|
|
|
|
|
|
|
|
|
* current:
wireless: T1627: support station mode
wireless: T1627: support DHCP(v6) addresses
wireless: T1627: add support for RADIUS source-address
wireless: T1627: RADIUS servers must have a key specified
wireless: T1627: change RADIUS CLI syntax
l2tp: harmonize RADIUS wording
wireless: T1627: re-order WPA key in hostapd config
wireless: T1627: change priority from 318 to 400
wireless: T1627: fix generated ht_capab and vht_capab
wireless: T1627: fix regex for 'ht channel-set-width'
wireless: T1627: config migrator does not support camel casing
wireless: T1627: initial rewrite of show-wireless.pl in Python
wireless: T1627: add op-mode commands
wireless: T1627: initial rewrite in XML/Python style
pppoe-server: T1821: Set radius module priority
T1818: Print name of migration script on failure
T1814: Add log of migration scripts run during config migration
vyos-hostsd: T1812: run increment first
[vyos-hostsd] T1812: Reload pdns on dhcp client update
migration-scripts: l2tp: T1811: add missing check on server existence
|
|
* 't1627-wireless' of github.com:c-po/vyos-1x:
wireless: T1627: support station mode
wireless: T1627: support DHCP(v6) addresses
wireless: T1627: add support for RADIUS source-address
wireless: T1627: RADIUS servers must have a key specified
wireless: T1627: change RADIUS CLI syntax
l2tp: harmonize RADIUS wording
wireless: T1627: re-order WPA key in hostapd config
wireless: T1627: change priority from 318 to 400
wireless: T1627: fix generated ht_capab and vht_capab
wireless: T1627: fix regex for 'ht channel-set-width'
wireless: T1627: config migrator does not support camel casing
wireless: T1627: initial rewrite of show-wireless.pl in Python
wireless: T1627: add op-mode commands
wireless: T1627: initial rewrite in XML/Python style
|
|
Tested using:
-------------
set interfaces wireless wlan0 address 'dhcp'
set interfaces wireless wlan0 channel '0'
set interfaces wireless wlan0 description '1'
set interfaces wireless wlan0 physical-device 'phy0'
set interfaces wireless wlan0 security wpa passphrase '12345678'
set interfaces wireless wlan0 ssid 'VyOS-TEST'
set interfaces wireless wlan0 type 'station'
|
|
|
|
Adopt RADIUS configuration and harmonize it with the rest of VyOS. Move the
following configuration block:
security {
wpa {
cipher CCMP
mode wpa2
radius-server 172.16.100.10 {
port 1812
secret secretkey
}
radius-server 172.16.100.11 {
port 1812
secret secretkey
}
}
}
to the harmonized version of:
security {
wpa {
cipher CCMP
mode wpa2
radius {
server 172.16.100.10 {
port 1812
secret secretkey
}
server 172.16.100.11 {
port 1812
secret secretkey
}
}
}
}
And add the new "set interfaces wireless wlan0 security wpa radius
source-address" CLI command to specify the origin of any RADIUS query on
systems having multiple IP addresses.
|
|
|
|
If no capabilities are configured on the CLI - there should also be no ht_capab
or vht_capab entry in the resulting hostapd.conf
|
|
Working:
- Wireless modes b, g, n, ac
- WPA/WPA2 psk and RADIUS (tested using Microsoft NPS)
|
|
|
|
* 'current' of github.com:vyos/vyos-1x:
dns: T1786: add proper processing of 'system disable-dhcp-nameservers'
openvpn: fix typo in op-mode command on display rx bytes
T1801: escape isolated backslashes before passing to ConfigTree()
wireless: T1627: fix interface names for list_interfaces.py
[service https] T1443: add setting of HTTPS listen port
|
|
|
|
|
|
* 'current' of github.com:vyos/vyos-1x:
ifconfig: T1793: extend set_speed_duplex() delta check
[OpenVPN]: T1704: Added uppercase entries of ncp-ciphers, since there seems to be a bug in OpenVPN client when comparing pushed cipher with local ncp cipher list
[OpenVPN]: T1704: Moved ncp-ciphers out of encryption block in config template
[OpenVPN]: T1704: Changed the description of ncp-ciphers in config
[OpenVPN]: T1704: Added function for ncp-ciphers, and ability to disable it. [OpenVPN]: T1704: Changed config structure for OpenVPN encryption to support ncp-ciphers. [OpenVPN]: T1704: Added migration scripts for interface 2-to-3
Intel QAT: T1788: Intel QAT implementation
ifconfig: T1793: add delta check on set_speed_duplex()
ifconfig: T1793: add delta check on set_flow_control()
Python/ifconfig: wireguard: remove trailing whitespaces
l2tp: T1747: automatically calculate gw-ip-address
QAT: T1788: Intel QAT implementation
|
|
to be a bug in OpenVPN client when comparing pushed cipher with local ncp cipher list
|
|
|
|
[OpenVPN]: T1704: Changed config structure for OpenVPN encryption to support ncp-ciphers.
[OpenVPN]: T1704: Added migration scripts for interface 2-to-3
|
|
QAT: T1788: Intel QAT implementation
|
|
l2tp: T1747: automatically calculate gw-ip-address.
|
|
|
|
* 'current' of github.com:vyos/vyos-1x:
ddclient: T1789: fix RFC2136 generated config
T1774: fix error output
Python/ifconfig: T1557: do not allow both IPv4 and dhcp address on interfaces
list_interfaces: add wifi interfaces to bridgeable interfaces
|
|
Commit 967067970494c1800f ("ddclient: T1030: adjust to latest syntax")
was under the impression that ddclient 3.9.0 now handles every config
item with a comma in the end. This is unfortunately not true on RFC2136
dynamic DNS entries.
Remove commas on config template.
|
|
|
|
* 'current' of github.com:vyos/vyos-1x:
bonding: T1777: change priority to be after ethernet interfaces
bridge: T1783: bugfix removal of member interface
|
|
Fix error when deleting a member with:
delete interfaces bridge br0 member interface eth1
Traceback (most recent call last):
File "/usr/libexec/vyos/conf_mode/interfaces-bridge.py", line 304, in <module>
apply(c)
File "/usr/libexec/vyos/conf_mode/interfaces-bridge.py", line 267, in apply
br.del_port( intf['name'] )
TypeError: string indices must be integers
|
|
* 'current' of github.com:vyos/vyos-1x:
[conf completion]: T1779: Add tunnels to completion
[XML templates] T1772: Changed old hacks to proper regex, according to the fix
Add a function for retrieving config dicts.
snmp: make script extension code more readable
snmp: use proper stat literals on chmod()
snmp: fix verify() indent on script extensions
snmp: fix verify() bail out early order
snmp: T1738: cleanup import statements
T1759: Fixing dependency bug from previous commit
T1773, T1774: add a show config operation with JSON and raw options.
T1759: Merging interface.py into ifconfig.py
Allow list arguments in the vyos.config show_config() function.
Replace the try and wait for segfault approach with explicit inSession check.
T1773: add a script for converting the config to JSON. It also exposes those functions in vyos.configtree
[XML templates] T1772: Add escaping of `\` symbol in `<regex>`
|
|
|
|
|
|
|
|
|
|
|
|
* 'current' of github.com:vyos/vyos-1x:
snmp: T1769: remove TSM (Transport Security Mode) support
snmp: T818: T1738: remove per user/trap engine id
T1759: ioctl.pm/interface.pm rewrite
|
|
The SNMPv3 TSM is very complex and I know 0 users of it. Also this is untested
and I know no way how it could be tested. Instead of carrying on dead and
unused code we should favour a drop of it using a proper config migration
script.
|
|
As of the SNMP specification an SNMP engine ID should be unique per device.
To not make it more complicated for users - only use the global SNMP engine ID.
|
|
* 'current' of github.com:vyos/vyos-1x:
T1762: adjust the set_level() calls to use the new list representation.
[vyos.config] T1764: support both string and list arguments in config functions.
T1759: bug fixes, missing interface IP
[vyos.config] T1758: use vyos.configtree for reading values, instead of calling cli-shell-api.
[HTTP API] Add endpoints for config file and image management.
ddclient: T1030: add cloudflare zone config entry
[service https] T1443: organize internal data by server block
[vyos.config] T1758: check that config setup has completed before calling showConfig, else, default to config.boot
[HTTP API] Use a decorator for functions that require authentication.
ddclient: T1030: adjust to latest syntax
ddclient: T1030: auto create runtime directories
ddclient: T1030: use new default configuration file path
T1759: Migrating interfaces
T1755: fixes issue with 'show vpn ipsec sa' command where lack of keysize (encr-keysize) will result in KeyError - such as for CHACHA20_POLY1305
T1755: fixes issue with 'show vpn ipsec sa' command where lack of hash (integ-alg) will result in KeyError - such as with GCM based options
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* 'current' of github.com:vyos/vyos-1x:
T1749: support multiple ranges in the numeric validator.
dhcp-server: T1745: bugfix corner case on static-assignments
system-proxy: T1741 - Add system wide proxy setting
wireguard - remove endpoint check to enable roaming connections
system-proxy: T1741 - Add system wide proxy setting CLI implementation
Python/ifconfig: T1712: always start DHCP when configured
Python/ifconfig: T1557: get_status() must use admin state not operstate
bgp: T1490: fix migrator file permissions
snmp: T1737: add missing completion helpers
Revert "Python/ifconfig: T1712: wait when changing interface state"
snmpd: T1705 - High CPU usage by bgpd when snmp is active
Revert "snmpd: T1705 - High CPU usage by bgpd when snmp is active"
openvpn: T1548: clean out import statements
ssh.py: check if file exists before deleting it
[BGP] T1490: Added migration for obsoleted 'bgp scan-time' parameter
|
|
There was a bug when refactoring this with commits 5848a4d ("dhcp-server:
T1707: remove DHCP static-mappings from address pool") and 1182b44
("dhcp-server: T1707: bugfix on subsequent DHCP exclude addresses") that when
a static address assignemnt was using the last IP address from the specified
range.
This triggered the following error:
"DHCP range stop address x must be greater or equal to the range start
address y!"
|
|
* removed subprocess as it is not required, script is executed via sudo
* pep8 formatted
|