Age | Commit message (Collapse) | Author |
|
|
|
|
|
radvd[31898]: AdvValidLifeTime must be greater than AdvPreferredLifetime in
radvd.conf, line 19
This happens with the following configuration:
vyos@vyos# show service router-advert
interface eth0.20 {
name-server 2001:4860:4860::8888
prefix ::/64 {
valid-lifetime 7200
}
}
A validator is added to solve this issue and radvd will run again.
|
|
|
|
|
|
l2tp: T2602: Delete excess characters
|
|
For an unknown reason snmpd not always starts after reboot.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Only IP prefixes are allowed to be added by the CLI thus we can drop the
same check inside the Python script to validate the prefix.
|
|
|
|
Commit 5deb12c509be ("ssh: T2321: add VRF support") restructured the Port
assignment (cleanup from the early days) but it accesses a string with methods
used for a list, resulting in the funny default port 2.
|
|
It shouldn't be required, if necessary it should be added to
vyos-hostsd apply command.
|
|
Removes and adds all required settings.
|
|
The getter methods will return empty values if config nodes don't exist,
so there's no point in checking if they exist before.
|
|
Init Config once in main() and pass it to both get_config() and verify().
|
|
The previous implementation only supported disabling DHCP nameservers for all
interfaces, and was implemented improperly so it didn't work anyway.
It's safe to remove it completely.
This adds support for a new config node name-servers-dhcp <interface>, which
allows us to enable just the interfaces we want to use for system DNS,
identical in syntax to 'service dns forwarding dhcp <interface>'.
The new option works by adding tags to vyos-hostsd that we want to use to add
nameservers to resolv.conf, same as adding tags for dns forwarding but for a
different destination file.
A config migrator will be added in a separate commit.
|
|
Debian Buster doesn't have the length and character limitations of
/etc/resolv.conf 'search' any more, it is unlimited.
https://sourceware.org/bugzilla/show_bug.cgi?id=19569
(glibc >2.26)
|
|
Change internal representation to the one required by vyos-hostsd.
|
|
Removes and adds all required settings.
|
|
- generate recursor.conf, recursor.conf.lua
- if recursor.vyos-hostsd.conf.lua and recursor.forward-zones.conf don't exist,
create empty ones (they are/will be generated by vyos-hostsd)
|
|
Add warning that forwarding will operate as a recursor in case there are no
nameservers configured.
|
|
Remove the old solution that retrieved dhcp tagged nameservers from hostsd
and added it to nameservers, as it didn't work anyway (only once during
configuration but it didn't update them later). This is now handled by
vyos-hostsd, just retrieve the configured interfaces and send it the list
of tags to use.
|
|
Remove manual retrieval of 'system name-server' from config and adding it to
the name servers list, as this is now handled by simply adding a 'system' tag
in vyos-hostsd.
|
|
|
|
Change internal representation to the new one expected by vyos-hostsd.
|
|
As Config is required in both get_config and verify, init it once
and pass it to both functions.
|
|
The functionality was moved to vyos-hostsd.
|
|
|
|
As part of T1595 listen-on was removed and migrated to listen-address,
but some references to it stayed in the variable names and validator
error message.
|
|
tested using:
set nat destination rule 399 description 'Redirect DNS iot VLAN'
set nat destination rule 399 destination address '!192.168.67.243-192.168.67.244'
set nat destination rule 399 destination port '53'
set nat destination rule 399 inbound-interface bond10.204
set nat destination rule 399 log
set nat destination rule 399 protocol 'tcp_udp'
set nat destination rule 399 translation address '192.168.67.243'
set nat destination rule 399 translation port '53'
set nat destination rule 400 description 'Redirect DNS lan VLAN'
set nat destination rule 400 destination address '!192.168.67.243-192.168.67.244'
set nat destination rule 400 destination port '53'
set nat destination rule 400 inbound-interface bond10.204
set nat destination rule 400 log
set nat destination rule 400 protocol 'tcp_udp'
set nat destination rule 400 translation address '192.168.67.243'
set nat destination rule 400 translation port '53'
set nat destination rule 401 description 'Redirect DNS guest VLAN'
set nat destination rule 401 destination address '!192.168.67.243-192.168.67.244'
set nat destination rule 401 destination port '53'
set nat destination rule 401 inbound-interface bond10.204
set nat destination rule 401 log
set nat destination rule 401 protocol 'tcp_udp'
set nat destination rule 401 translation address '192.168.67.243'
set nat destination rule 401 translation port '53'
|
|
|
|
|
|
|
|
|
|
|
|
Only start console if it exists on the running system. If a user detaches a
USB serial console and reboots - it should not fail!
|
|
During testing it was discovered that there is a well known problem (we had for
ethernet interfaces) also in the serial port world. They will be enumerated and
mapped to /dev/ttyUSBxxx differently from boot to boot. This is especially
painful on my development APU4 board which also has a Sierra Wireless MC7710
LTE module installed.
The serial port will toggle between ttyUSB2 and ttyUSB5 depending on the
amount of serial port extenders attached (FT4232H).
The shipped udev rule (/usr/lib/udev/rules.d/60-serial.rules) partly solves
this by enumerating the devices into /dev/serial/by-id folder with their name
and serial number - it's a very good idea but I've found that not all of the
FT4232H dongles have a serial number programmed - this leads to the situation
that when you plug in two cables with both having serial number 0 - only one
device symlink will appear - the previous one is always overwritten by the
latter one.
Derive /usr/lib/udev/rules.d/60-serial.rules and create a /dev/serial/by-bus
directory and group devices by attached USB root port.
|
|
Migrate the serial console subsystem to XML and Python.
|
|
Commit 2cb806271928 ("wirelessmodem: T2241: make VRF and bond/bridge membership
mutually exclusive") added some logic which is not forseen/neither makes sense
on a dialup interface, thus it's removed again
|
|
... all information are present in journald.
|
|
During testing it was discovered that there is a well known problem (we had for
ethernet interfaces) also in the serial port world. They will be enumerated and
mapped to /dev/ttyUSBxxx differently from boot to boot. This is especially
painful on my development APU4 board which also has a Sierra Wireless MC7710
LTE module installed.
The serial port will toggle between ttyUSB2 and ttyUSB5 depending on the
amount of serial port extenders attached (FT4232H).
The shipped udev rule (/usr/lib/udev/rules.d/60-serial.rules) partly solves
this by enumerating the devices into /dev/serial/by-id folder with their name
and serial number - it's a very good idea but I've found that not all of the
FT4232H dongles have a serial number programmed - this leads to the situation
that when you plug in two cables with both having serial number 0 - only one
device symlink will appear - the previous one is always overwritten by the
latter one.
Derive /usr/lib/udev/rules.d/60-serial.rules and create a /dev/serial/by-bus
directory and group devices by attached USB root port.
vyos@vyos:~$ find /dev/serial/by-bus/ -name usb* -exec basename {} \; | sort
usb0b1.3p1.0
usb0b1.3p1.2
usb0b1.3p1.3
usb0b2.4p1.0
usb0b2.4p1.1
usb0b2.4p1.2
usb0b2.4p1.3
So we have USB root 0 with bus 1.3 and port 1.0. The enumeration is constant
accross reboots.
|
|
Retrieving the CLI nodes from current config was missed out and only
implemented for PPPoE.
|
|
openvpn: T2550: fix for IPv4 remote-host addresses
|
|
Commit bb9f998 added IPv6 support for OpenVPN, but IPv4 only
configurations stopped working (Address family for hostname not supported)
Commit fc467519 fixed some scenarios by using IPv4 protocols
if 'local-host' is IPv4 address, but the client mode is using
'remote-host' instead and was still broken.
This commit in addition to 'local-host' also checks all the
'remote-host' addresses.
|
|
bonding: T2527: delete the last interface from bond
|