summaryrefslogtreecommitdiff
path: root/src/conf_mode
AgeCommit message (Collapse)Author
2019-11-24Merge branch 'current' of github.com:vyos/vyos-1x into equuleusChristian Poessinger
* 'current' of github.com:vyos/vyos-1x: bridge: T1673: re-use "base" variable bridge: T1673: add missing VLAN bridge member migration geneve: T1799: add misssing "vni" to default_config_data vxlan: T1636: add misssing "vni" to default_config_data geneve: T1799: set minimum MTU size 1500 bytes geneve: T1799: add IPv4 routing parameters geneve: T1799: support bridging geneve: T1799: add Generic Network Virtualization Encapsulation
2019-11-24geneve: T1799: add misssing "vni" to default_config_dataChristian Poessinger
2019-11-24vxlan: T1636: add misssing "vni" to default_config_dataChristian Poessinger
2019-11-24geneve: T1799: set minimum MTU size 1500 bytesChristian Poessinger
2019-11-24geneve: T1799: add IPv4 routing parametersChristian Poessinger
2019-11-24geneve: T1799: add Generic Network Virtualization EncapsulationChristian Poessinger
2019-11-23Merge branch 'current' into equuleusChristian Poessinger
* current: wireless: T1627: support station mode wireless: T1627: support DHCP(v6) addresses wireless: T1627: add support for RADIUS source-address wireless: T1627: RADIUS servers must have a key specified wireless: T1627: change RADIUS CLI syntax l2tp: harmonize RADIUS wording wireless: T1627: re-order WPA key in hostapd config wireless: T1627: change priority from 318 to 400 wireless: T1627: fix generated ht_capab and vht_capab wireless: T1627: fix regex for 'ht channel-set-width' wireless: T1627: config migrator does not support camel casing wireless: T1627: initial rewrite of show-wireless.pl in Python wireless: T1627: add op-mode commands wireless: T1627: initial rewrite in XML/Python style pppoe-server: T1821: Set radius module priority T1818: Print name of migration script on failure T1814: Add log of migration scripts run during config migration vyos-hostsd: T1812: run increment first [vyos-hostsd] T1812: Reload pdns on dhcp client update migration-scripts: l2tp: T1811: add missing check on server existence
2019-11-23Merge branch 't1627-wireless' of github.com:c-po/vyos-1x into currentChristian Poessinger
* 't1627-wireless' of github.com:c-po/vyos-1x: wireless: T1627: support station mode wireless: T1627: support DHCP(v6) addresses wireless: T1627: add support for RADIUS source-address wireless: T1627: RADIUS servers must have a key specified wireless: T1627: change RADIUS CLI syntax l2tp: harmonize RADIUS wording wireless: T1627: re-order WPA key in hostapd config wireless: T1627: change priority from 318 to 400 wireless: T1627: fix generated ht_capab and vht_capab wireless: T1627: fix regex for 'ht channel-set-width' wireless: T1627: config migrator does not support camel casing wireless: T1627: initial rewrite of show-wireless.pl in Python wireless: T1627: add op-mode commands wireless: T1627: initial rewrite in XML/Python style
2019-11-23wireless: T1627: support station modeChristian Poessinger
Tested using: ------------- set interfaces wireless wlan0 address 'dhcp' set interfaces wireless wlan0 channel '0' set interfaces wireless wlan0 description '1' set interfaces wireless wlan0 physical-device 'phy0' set interfaces wireless wlan0 security wpa passphrase '12345678' set interfaces wireless wlan0 ssid 'VyOS-TEST' set interfaces wireless wlan0 type 'station'
2019-11-23wireless: T1627: RADIUS servers must have a key specifiedChristian Poessinger
2019-11-23wireless: T1627: change RADIUS CLI syntaxChristian Poessinger
Adopt RADIUS configuration and harmonize it with the rest of VyOS. Move the following configuration block: security { wpa { cipher CCMP mode wpa2 radius-server 172.16.100.10 { port 1812 secret secretkey } radius-server 172.16.100.11 { port 1812 secret secretkey } } } to the harmonized version of: security { wpa { cipher CCMP mode wpa2 radius { server 172.16.100.10 { port 1812 secret secretkey } server 172.16.100.11 { port 1812 secret secretkey } } } } And add the new "set interfaces wireless wlan0 security wpa radius source-address" CLI command to specify the origin of any RADIUS query on systems having multiple IP addresses.
2019-11-23wireless: T1627: re-order WPA key in hostapd configChristian Poessinger
2019-11-23wireless: T1627: fix generated ht_capab and vht_capabChristian Poessinger
If no capabilities are configured on the CLI - there should also be no ht_capab or vht_capab entry in the resulting hostapd.conf
2019-11-23wireless: T1627: initial rewrite in XML/Python styleChristian Poessinger
Working: - Wireless modes b, g, n, ac - WPA/WPA2 psk and RADIUS (tested using Microsoft NPS)
2019-11-23pppoe-server: T1821: Set radius module priorityEshenko Dmitriy
2019-11-17Merge branch 'current' of github.com:vyos/vyos-1x into equuleusChristian Poessinger
* 'current' of github.com:vyos/vyos-1x: dns: T1786: add proper processing of 'system disable-dhcp-nameservers' openvpn: fix typo in op-mode command on display rx bytes T1801: escape isolated backslashes before passing to ConfigTree() wireless: T1627: fix interface names for list_interfaces.py [service https] T1443: add setting of HTTPS listen port
2019-11-17dns: T1786: add proper processing of 'system disable-dhcp-nameservers'zdc
2019-11-14[service https] T1443: add setting of HTTPS listen portJohn Estabrook
2019-11-11Merge branch 'current' of github.com:vyos/vyos-1x into equuleusChristian Poessinger
* 'current' of github.com:vyos/vyos-1x: ifconfig: T1793: extend set_speed_duplex() delta check [OpenVPN]: T1704: Added uppercase entries of ncp-ciphers, since there seems to be a bug in OpenVPN client when comparing pushed cipher with local ncp cipher list [OpenVPN]: T1704: Moved ncp-ciphers out of encryption block in config template [OpenVPN]: T1704: Changed the description of ncp-ciphers in config [OpenVPN]: T1704: Added function for ncp-ciphers, and ability to disable it. [OpenVPN]: T1704: Changed config structure for OpenVPN encryption to support ncp-ciphers. [OpenVPN]: T1704: Added migration scripts for interface 2-to-3 Intel QAT: T1788: Intel QAT implementation ifconfig: T1793: add delta check on set_speed_duplex() ifconfig: T1793: add delta check on set_flow_control() Python/ifconfig: wireguard: remove trailing whitespaces l2tp: T1747: automatically calculate gw-ip-address QAT: T1788: Intel QAT implementation
2019-11-11[OpenVPN]: T1704: Added uppercase entries of ncp-ciphers, since there seems ↵vindenesen
to be a bug in OpenVPN client when comparing pushed cipher with local ncp cipher list
2019-11-11[OpenVPN]: T1704: Moved ncp-ciphers out of encryption block in config templatevindenesen
2019-11-11[OpenVPN]: T1704: Added function for ncp-ciphers, and ability to disable it.vindenesen
[OpenVPN]: T1704: Changed config structure for OpenVPN encryption to support ncp-ciphers. [OpenVPN]: T1704: Added migration scripts for interface 2-to-3
2019-11-11Merge pull request #159 from DmitriyEshenko/QAT-curDaniil Baturin
QAT: T1788: Intel QAT implementation
2019-11-10Merge pull request #158 from DmitriyEshenko/cur-fix-l2tpChristian Poessinger
l2tp: T1747: automatically calculate gw-ip-address.
2019-11-10l2tp: T1747: automatically calculate gw-ip-addressDmitriyEshenko
2019-11-08Merge branch 'current' of github.com:vyos/vyos-1x into equuleusChristian Poessinger
* 'current' of github.com:vyos/vyos-1x: ddclient: T1789: fix RFC2136 generated config T1774: fix error output Python/ifconfig: T1557: do not allow both IPv4 and dhcp address on interfaces list_interfaces: add wifi interfaces to bridgeable interfaces
2019-11-08ddclient: T1789: fix RFC2136 generated configChristian Poessinger
Commit 967067970494c1800f ("ddclient: T1030: adjust to latest syntax") was under the impression that ddclient 3.9.0 now handles every config item with a comma in the end. This is unfortunately not true on RFC2136 dynamic DNS entries. Remove commas on config template.
2019-11-08QAT: T1788: Intel QAT implementationDmitriyEshenko
2019-11-02Merge branch 'current' of github.com:vyos/vyos-1x into equuleusChristian Poessinger
* 'current' of github.com:vyos/vyos-1x: bonding: T1777: change priority to be after ethernet interfaces bridge: T1783: bugfix removal of member interface
2019-11-02bridge: T1783: bugfix removal of member interfaceChristian Poessinger
Fix error when deleting a member with: delete interfaces bridge br0 member interface eth1 Traceback (most recent call last): File "/usr/libexec/vyos/conf_mode/interfaces-bridge.py", line 304, in <module> apply(c) File "/usr/libexec/vyos/conf_mode/interfaces-bridge.py", line 267, in apply br.del_port( intf['name'] ) TypeError: string indices must be integers
2019-10-31Merge branch 'current' of github.com:vyos/vyos-1x into equuleusChristian Poessinger
* 'current' of github.com:vyos/vyos-1x: [conf completion]: T1779: Add tunnels to completion [XML templates] T1772: Changed old hacks to proper regex, according to the fix Add a function for retrieving config dicts. snmp: make script extension code more readable snmp: use proper stat literals on chmod() snmp: fix verify() indent on script extensions snmp: fix verify() bail out early order snmp: T1738: cleanup import statements T1759: Fixing dependency bug from previous commit T1773, T1774: add a show config operation with JSON and raw options. T1759: Merging interface.py into ifconfig.py Allow list arguments in the vyos.config show_config() function. Replace the try and wait for segfault approach with explicit inSession check. T1773: add a script for converting the config to JSON. It also exposes those functions in vyos.configtree [XML templates] T1772: Add escaping of `\` symbol in `<regex>`
2019-10-27snmp: make script extension code more readableChristian Poessinger
2019-10-27snmp: use proper stat literals on chmod()Christian Poessinger
2019-10-27snmp: fix verify() indent on script extensionsChristian Poessinger
2019-10-27snmp: fix verify() bail out early orderChristian Poessinger
2019-10-27snmp: T1738: cleanup import statementsChristian Poessinger
2019-10-27Merge branch 'current' of github.com:vyos/vyos-1x into equuleusChristian Poessinger
* 'current' of github.com:vyos/vyos-1x: snmp: T1769: remove TSM (Transport Security Mode) support snmp: T818: T1738: remove per user/trap engine id T1759: ioctl.pm/interface.pm rewrite
2019-10-27snmp: T1769: remove TSM (Transport Security Mode) supportChristian Poessinger
The SNMPv3 TSM is very complex and I know 0 users of it. Also this is untested and I know no way how it could be tested. Instead of carrying on dead and unused code we should favour a drop of it using a proper config migration script.
2019-10-27snmp: T818: T1738: remove per user/trap engine idChristian Poessinger
As of the SNMP specification an SNMP engine ID should be unique per device. To not make it more complicated for users - only use the global SNMP engine ID.
2019-10-24Merge branch 'current' of github.com:vyos/vyos-1x into equuleusChristian Poessinger
* 'current' of github.com:vyos/vyos-1x: T1762: adjust the set_level() calls to use the new list representation. [vyos.config] T1764: support both string and list arguments in config functions. T1759: bug fixes, missing interface IP [vyos.config] T1758: use vyos.configtree for reading values, instead of calling cli-shell-api. [HTTP API] Add endpoints for config file and image management. ddclient: T1030: add cloudflare zone config entry [service https] T1443: organize internal data by server block [vyos.config] T1758: check that config setup has completed before calling showConfig, else, default to config.boot [HTTP API] Use a decorator for functions that require authentication. ddclient: T1030: adjust to latest syntax ddclient: T1030: auto create runtime directories ddclient: T1030: use new default configuration file path T1759: Migrating interfaces T1755: fixes issue with 'show vpn ipsec sa' command where lack of keysize (encr-keysize) will result in KeyError - such as for CHACHA20_POLY1305 T1755: fixes issue with 'show vpn ipsec sa' command where lack of hash (integ-alg) will result in KeyError - such as with GCM based options
2019-10-24T1762: adjust the set_level() calls to use the new list representation.Daniil Baturin
2019-10-23ddclient: T1030: add cloudflare zone config entryChristian Poessinger
2019-10-23[service https] T1443: organize internal data by server blockJohn Estabrook
2019-10-23[HTTP API] Add endpoints for config file and image management.Daniil Baturin
2019-10-23ddclient: T1030: adjust to latest syntaxChristian Poessinger
2019-10-23ddclient: T1030: auto create runtime directoriesChristian Poessinger
2019-10-23ddclient: T1030: use new default configuration file pathChristian Poessinger
2019-10-19Merge branch 'current' of github.com:vyos/vyos-1x into equuleusChristian Poessinger
* 'current' of github.com:vyos/vyos-1x: T1749: support multiple ranges in the numeric validator. dhcp-server: T1745: bugfix corner case on static-assignments system-proxy: T1741 - Add system wide proxy setting wireguard - remove endpoint check to enable roaming connections system-proxy: T1741 - Add system wide proxy setting CLI implementation Python/ifconfig: T1712: always start DHCP when configured Python/ifconfig: T1557: get_status() must use admin state not operstate bgp: T1490: fix migrator file permissions snmp: T1737: add missing completion helpers Revert "Python/ifconfig: T1712: wait when changing interface state" snmpd: T1705 - High CPU usage by bgpd when snmp is active Revert "snmpd: T1705 - High CPU usage by bgpd when snmp is active" openvpn: T1548: clean out import statements ssh.py: check if file exists before deleting it [BGP] T1490: Added migration for obsoleted 'bgp scan-time' parameter
2019-10-19dhcp-server: T1745: bugfix corner case on static-assignmentsChristian Poessinger
There was a bug when refactoring this with commits 5848a4d ("dhcp-server: T1707: remove DHCP static-mappings from address pool") and 1182b44 ("dhcp-server: T1707: bugfix on subsequent DHCP exclude addresses") that when a static address assignemnt was using the last IP address from the specified range. This triggered the following error: "DHCP range stop address x must be greater or equal to the range start address y!"
2019-10-18system-proxy: T1741 - Add system wide proxy settinghagbard
* removed subprocess as it is not required, script is executed via sudo * pep8 formatted