summaryrefslogtreecommitdiff
path: root/src/conf_mode
AgeCommit message (Collapse)Author
2023-08-20wifi: T5491: allow white-/blacklisting station MAC addresses for securityChristian Breunig
Station MAC address-based authentication means: * 'allow' accept all clients except the one on the deny list * 'deny' accept only clients listed on the accept list New CLI commands: * set interfaces wireless wlan0 security station-address mode <accept|deny> * set interfaces wireless wlan0 security station-address accept mac <mac> * set interfaces wireless wlan0 security station-address deny mac <mac>
2023-08-19wifi: T5470: improve error messageChristian Breunig
2023-08-17Merge pull request #2130 from aapostoliuk/T5409-sagittaChristian Breunig
wireguard: T5409: Added 'set interfaces wireguard wgX threaded'
2023-08-17wireguard: T5409: rename threaded CLI not to per-client-threadChristian Breunig
Using threaded as CLI node is a very deep term used by kernel threads. To make this more understandable to users, rename the node to per-client-thread. It's also not necessary to test if any one peer is configured and probing if the option is set. There is a base test which requires at least one peer to be configured.
2023-08-16Merge pull request #2150 from ↵John Estabrook
dmbaturin/T5271-openvpn-peer-fingerprint-restrictions T5271: allow OpenVPN peer-fingerprint to be used instead of a CA in site-to-site mode
2023-08-15T5483: clean up tmp config fileJohn Estabrook
2023-08-15T5271: allow the user to specify either CA or peer fingerprintDaniil Baturin
in OpenVPN site-to-site mode
2023-08-12T5160: fix merge regressionJohn Estabrook
2023-08-12T5467: removing ospf(v3) or isis interface in VRF context did not clear FRR ↵Christian Breunig
config To reproduce: set vrf name red table 2000 set vrf name red protocols ospf interface eth1 area 0 set vrf name red protocols ospf parameters router-id 1.1.1.1 set interfaces ethernet eth1 vrf red commit FRR now has an interface config vyos@vyos# vtysh -c "show run" no-header | sed -n "/^interface eth1/,/!/p" interface eth1 ip ospf area 0 ip ospf dead-interval 40 exit Now delete the interface from the OSPF(v3) or ISIS process delete vrf name red protocols ospf interface commit It's still there vyos@vyos# vtysh -c "show run" no-header | sed -n "/^interface eth1/,/!/p" interface eth1 ip ospf area 0 ip ospf dead-interval 40 exit ! Issue was caused in the FRR vtysh representation of an interface. It used to have a "vrf <name>" marker in earlier versions but FRR 8.5 and later no longer have the marker. So "interface eth1 vrf red" became "interface eth1" in vtysh, but our regex expected the "vrf" identifier when modifying FRR config.
2023-08-11Merge pull request #2016 from nicolas-fort/T5160Christian Breunig
T5160: Firewall refactor
2023-08-11T5460: remove config-trap from firewallNicolas Fort
2023-08-11T5160: firewall refactor: move <set firewall ipv6 ipv6-name ...> to <set ↵Nicolas Fort
firewall ipv6 name ...> . Also fix some unexpected behaviour with geoip.
2023-08-11T5160: firewall refactor: change firewall ip to firewall ipv4Nicolas Fort
2023-08-11T5160: firewall refactor: new cli structure. Update jinja templates, python ↵Nicolas Fort
scripts and src firewall
2023-08-11T5448: Move zabbix-agent to node monitoringViacheslav Hletenko
Move 'service zabbix-agent' => 'service monitoring zabbix-agent'
2023-08-11Merge pull request #2146 from dmbaturin/T5270-openvpn-dh-optionalChristian Breunig
openvpn: T5270: do not require classic DH params in any mode
2023-08-10Merge pull request #2140 from sever-sever/T5448Daniil Baturin
T5448: Add service zabbix-agent
2023-08-10openvpn: T5270: do not require classic DH params in any moreDaniil Baturin
Generate 'dh none' instead and let OpenVPN use ECDH
2023-08-10tunnel: T5223: clear GRE key id after deletionsrividya0208
2023-08-09T5448: Add service zabbix-agent version 2Viacheslav Hletenko
Add service zabbix-agent set service zabbix-agent directory '/config/zabbix/' set service zabbix-agent limits buffer-flush-interval '8' set service zabbix-agent limits buffer-size '120' set service zabbix-agent log debug-level 'warning' set service zabbix-agent log size '1' set service zabbix-agent server '192.0.2.5' set service zabbix-agent server-active 192.0.2.5 port '10051' set service zabbix-agent server-active 2001:db8::123
2023-08-09Merge pull request #2136 from jestabro/with-defaultsChristian Breunig
T5319: remove workarounds for incorrect defaults in config-mode scripts
2023-08-08Merge pull request #2119 from nicolas-fort/T5014-dnatChristian Breunig
T5014: nat: add source and destination nat options for configuring lo…
2023-08-07T5319: remove workarounds for defaults in vpp.pyJohn Estabrook
2023-08-07T5319: remove workarounds for defaults in vpn_openconnect.pyJohn Estabrook
2023-08-07T5319: remove workarounds for defaults in vpn_ipsec.pyJohn Estabrook
2023-08-07T5434: use auto-defaults in tftp_server.pyJohn Estabrook
2023-08-07T5319: remove workarounds for defaults in system-syslog.pyJohn Estabrook
2023-08-07T5319: remove workarounds for defaults in system_sflow.pyJohn Estabrook
2023-08-07T5434: use auto-defaults in system-option.pyJohn Estabrook
2023-08-07T5434: use auto-defaults in system-logs.pyJohn Estabrook
2023-08-07T5319: remove workarounds for defaults in system-login.pyJohn Estabrook
2023-08-07T5434: use auto-defaults in system-ipv6.pyJohn Estabrook
2023-08-07T5434: use auto-defaults in system-ip.pyJohn Estabrook
2023-08-07T5319: remove workarounds for defaults in system_console.pyJohn Estabrook
2023-08-07T5434: use merge_defaults in ssh.pyJohn Estabrook
2023-08-07T5319: remove workarounds for defaults in snmp.pyJohn Estabrook
2023-08-07T5319: remove workarounds for defaults in service_webproxy.pyJohn Estabrook
2023-08-07T5319: remove workarounds for defaults in service_upnp.pyJohn Estabrook
2023-08-07T5434: use auto-defaults in service_sla.pyJohn Estabrook
2023-08-07T5319: remove workarounds for defaults in service_router-advert.pyJohn Estabrook
2023-08-07T5434: use merge_defaults in service_monitoring_telegraf.pyJohn Estabrook
2023-08-07T5434: use merge_defaults in service_ids_fastnetmon.pyJohn Estabrook
2023-08-07T5434: use merge_defaults in service_console-server.pyJohn Estabrook
2023-08-07T5434: use merge_defaults in service_config_sync.pyJohn Estabrook
2023-08-07T5434: use merge_defaults in salt-minion.pyJohn Estabrook
2023-08-07T5319: remove workarounds for defaults in qos.pyJohn Estabrook
2023-08-07T5434: use merge_defaults in protocols_rpki.pyJohn Estabrook
2023-08-07T5434: use merge_defaults in protocols_rip.pyJohn Estabrook
2023-08-07T5434: use merge_defaults in protocols_ripng.pyJohn Estabrook
2023-08-07T5319: remove workarounds for defaults in protocols_ospfv3.pyJohn Estabrook