summaryrefslogtreecommitdiff
path: root/src/conf_mode
AgeCommit message (Collapse)Author
2021-11-06openvpn: T3966: fix KeyError when removing interfaces without TOTPChristian Poessinger
2021-11-04containers: T2216: remove superfluous import statementsChristian Poessinger
2021-11-04containers: T2216: bugfix config error on image upgradeChristian Poessinger
As it takes time for the OS to settle while booting up the first time a container is started after image upgrade it will fail big time. To prevent this we try to start the container up to 10 times before we generate a hard error. This makes error-free image upgrade possible again when using containers.
2021-11-04containers: T3969: Fix F-string format for network ConfigErrorViacheslav
2021-11-03openvpn: T3966: OpenVPN fix the smoketestsKim Hagen
2021-11-03sstp: T3931: Fixes PKI integration with SSTPsarthurdev
2021-11-01openvpn: T3958: OpenVPN breaks the smoketestsKim Hagen
2021-11-01Merge branch 'current' into T3350-sagittazdc
2021-10-31tunnel: T3956: GRE key check must not be run on our own interface instanceChristian Poessinger
(cherry picked from commit e482377b29df05e60dbdb31d6276ae2030ffa2f9)
2021-10-31netflow: T3953: use warning if "netflow source-ip" does not exist instead of ↵Christian Poessinger
error
2021-10-31openvpn: T3834: Support for Two Factor Authentication totpKim
2021-10-31console: T3954: bugfix RuntimeError: dictionary keys changed during iterationChristian Poessinger
2021-10-29https: pki: T3642: embed CA certificate into chain if specifiedChristian Poessinger
2021-10-27vrrp: T3944: reload daemon instead of restart when already runningChristian Poessinger
This prevents a failover from MASTER -> BACKUP when changing any MASTER related configuration.
2021-10-25Merge pull request #1037 from sever-sever/T2683Christian Poessinger
hosts: T2683: Allow multiple entries for static-host-mapping
2021-10-25snmp: T2763: Add protocol TCP for service snmpViacheslav
2021-10-22sstp: T2566: Fix verify section for pool ipv6 onlyViacheslav
(cherry picked from commit 3af310cb76d96d08151e4cdc83abcfe15484a556)
2021-10-22hosts: T2683: Allow multiple entries for static-host-mappingViacheslav
2021-10-21ddclient: T3897: bugfix smoketestChristian Poessinger
2021-10-21Merge pull request #1036 from sever-sever/T3610Christian Poessinger
dhcp-server: T3610: Allow configuration for non-primary ip address
2021-10-21dhcp-server: T3610: Allow configuration for non-primary ip addressViacheslav
2021-10-21dhcp: T3626: Prevent to disable only one configured networkViacheslav
2021-10-21use vyos read_file and write_file functionsKim Hagen
2021-10-20mdns: T3917: move avahi configuration file to /runChristian Poessinger
2021-10-20tunnel: T3921: bugfix KeyError for source-addressChristian Poessinger
(cherry picked from commit 1312068cb9743dd4d16edd37dbed9c142724997e)
2021-10-20dhcpv6-server: T3918: Fix subnets verify raise ConfigErrorViacheslav
2021-10-20Merge pull request #1030 from sarthurdev/mdns-avahiChristian Poessinger
mdns: T3917: Change to avahi-daemon for IPv4 + IPv6 mDNS repeater
2021-10-19mdns: T3917: Change to avahi-daemon for IPv4 + IPv6 mDNS repeatersarthurdev
2021-10-18Merge pull request #1022 from sever-sever/T3897Christian Poessinger
ddclient: T3897: Add option for IPv6 Dynamic DNS
2021-10-18ddclient: T3897: Add option for IPv6 Dynamic DNSViacheslav
2021-10-16l2tp: T3724: allow setting accel-ppp l2tp host-nameMarek Isalski
2021-10-15containers: T3676: Allow to set capabilitiesViacheslav
2021-10-11vyos.configdict: T2653: do not merge in defaults when interface is deletedChristian Poessinger
It makes less to zero sense to blend in the default values of an interface when it is about to be deleted from the system anyways - this makes the entire dict just cleaner and easier to debug.
2021-10-10do not use PathKim Hagen
2021-10-10update writer to nicer read writeKim Hagen
2021-10-08tunnel: T3893: harden logic when validating tunnel parametersChristian Poessinger
Different types of tunnels have different keys set in get_interface_config(). Thus it should be properly verified (by e.g. using dict_search()) that the key in question esits to not raise KeyError.
2021-10-07Merge branch 'current' into 2faKim
2021-10-07openvpn: T3642: Fix password_protected checkNicolas Riebesel
2021-10-07openvpn: T3805: fix bool logic in verify_pki() for client modeChristian Poessinger
Add support for OpenVPN client mode with only the CA certificate of the server installed.
2021-10-07openvpn: T3805: drop privileges using systemd - required for rtnetlinkChristian Poessinger
2021-10-07openvpn: T3805: use vyos.util.makedir() to create system directoriesChristian Poessinger
2021-10-07openvpn: T3805: use vyos.util.write_file() to store certificatesChristian Poessinger
2021-10-07pull request fixesKim Hagen
2021-10-04OpenVPN: T3350: Changed custom options for OpenVPN processingzsdc
Custom OpenVPN options moved back to the command line from a configuration file. This should keep full compatibility with the `crux` branch, and allows to avoid mistakes with parsing options that contain `--` in the middle. The only smart part of this - handling a `push` option. Because of internal changes in OpenVPN, previously it did not require an argument in the double-quotes, but after version update in `equuleus` and `sagitta` old syntax became invalid. So, all the `push` options are processed to add quotes. The solution is still not complete, because if a single config line contains `push` with other options, it will not work, but it is better than nothing.
2021-10-02dns: forwarding: T3882: remove deprecated code to work with PowerDNS 4.5Christian Poessinger
(cherry picked from commit 8e6c48563d1612916bd7fcc665d70bfa77ec5667)
2021-09-27nat66: T3863: ndppd requires interfaces to be presentChristian Poessinger
2021-09-27frr: T2175: rename daemon Jinja2 templates to match (d)aemon suffixChristian Poessinger
2021-09-23openvpn: T3642: Fix password_protected checkNicolas Riebesel
2021-09-22vrrp: keepalived: T3847: enable no_tag_node_value_mangle for get_config_dict()Christian Poessinger
Commit 761631d6 ("vrrp: keepalived: T3847: migrate to get_config_dict()") switched to the new python function get_config_dict(), when we deal with tag nodes that can contain a hyphen, we should also set no_tag_node_value_mangle in order to preserve it. This caused a dict lookup error as the hyphens in the test scripts got replaced by an _.
2021-09-21vrrp: keepalived: T3847: migrate/streamline CLI optionsChristian Poessinger
Rename virtual-address -> address as we always talk about an IP address.