summaryrefslogtreecommitdiff
path: root/src/conf_mode
AgeCommit message (Collapse)Author
2021-10-31console: T3954: bugfix RuntimeError: dictionary keys changed during iterationChristian Poessinger
2021-10-29https: pki: T3642: embed CA certificate into chain if specifiedChristian Poessinger
2021-10-27vrrp: T3944: reload daemon instead of restart when already runningChristian Poessinger
This prevents a failover from MASTER -> BACKUP when changing any MASTER related configuration.
2021-10-25Merge pull request #1037 from sever-sever/T2683Christian Poessinger
hosts: T2683: Allow multiple entries for static-host-mapping
2021-10-25snmp: T2763: Add protocol TCP for service snmpViacheslav
2021-10-22sstp: T2566: Fix verify section for pool ipv6 onlyViacheslav
(cherry picked from commit 3af310cb76d96d08151e4cdc83abcfe15484a556)
2021-10-22hosts: T2683: Allow multiple entries for static-host-mappingViacheslav
2021-10-21ddclient: T3897: bugfix smoketestChristian Poessinger
2021-10-21Merge pull request #1036 from sever-sever/T3610Christian Poessinger
dhcp-server: T3610: Allow configuration for non-primary ip address
2021-10-21dhcp-server: T3610: Allow configuration for non-primary ip addressViacheslav
2021-10-21dhcp: T3626: Prevent to disable only one configured networkViacheslav
2021-10-21use vyos read_file and write_file functionsKim Hagen
2021-10-20mdns: T3917: move avahi configuration file to /runChristian Poessinger
2021-10-20tunnel: T3921: bugfix KeyError for source-addressChristian Poessinger
(cherry picked from commit 1312068cb9743dd4d16edd37dbed9c142724997e)
2021-10-20dhcpv6-server: T3918: Fix subnets verify raise ConfigErrorViacheslav
2021-10-20Merge pull request #1030 from sarthurdev/mdns-avahiChristian Poessinger
mdns: T3917: Change to avahi-daemon for IPv4 + IPv6 mDNS repeater
2021-10-19mdns: T3917: Change to avahi-daemon for IPv4 + IPv6 mDNS repeatersarthurdev
2021-10-18Merge pull request #1022 from sever-sever/T3897Christian Poessinger
ddclient: T3897: Add option for IPv6 Dynamic DNS
2021-10-18ddclient: T3897: Add option for IPv6 Dynamic DNSViacheslav
2021-10-16l2tp: T3724: allow setting accel-ppp l2tp host-nameMarek Isalski
2021-10-15containers: T3676: Allow to set capabilitiesViacheslav
2021-10-11vyos.configdict: T2653: do not merge in defaults when interface is deletedChristian Poessinger
It makes less to zero sense to blend in the default values of an interface when it is about to be deleted from the system anyways - this makes the entire dict just cleaner and easier to debug.
2021-10-10do not use PathKim Hagen
2021-10-10update writer to nicer read writeKim Hagen
2021-10-08tunnel: T3893: harden logic when validating tunnel parametersChristian Poessinger
Different types of tunnels have different keys set in get_interface_config(). Thus it should be properly verified (by e.g. using dict_search()) that the key in question esits to not raise KeyError.
2021-10-07Merge branch 'current' into 2faKim
2021-10-07openvpn: T3642: Fix password_protected checkNicolas Riebesel
2021-10-07openvpn: T3805: fix bool logic in verify_pki() for client modeChristian Poessinger
Add support for OpenVPN client mode with only the CA certificate of the server installed.
2021-10-07openvpn: T3805: drop privileges using systemd - required for rtnetlinkChristian Poessinger
2021-10-07openvpn: T3805: use vyos.util.makedir() to create system directoriesChristian Poessinger
2021-10-07openvpn: T3805: use vyos.util.write_file() to store certificatesChristian Poessinger
2021-10-07pull request fixesKim Hagen
2021-10-04OpenVPN: T3350: Changed custom options for OpenVPN processingzsdc
Custom OpenVPN options moved back to the command line from a configuration file. This should keep full compatibility with the `crux` branch, and allows to avoid mistakes with parsing options that contain `--` in the middle. The only smart part of this - handling a `push` option. Because of internal changes in OpenVPN, previously it did not require an argument in the double-quotes, but after version update in `equuleus` and `sagitta` old syntax became invalid. So, all the `push` options are processed to add quotes. The solution is still not complete, because if a single config line contains `push` with other options, it will not work, but it is better than nothing.
2021-10-02dns: forwarding: T3882: remove deprecated code to work with PowerDNS 4.5Christian Poessinger
(cherry picked from commit 8e6c48563d1612916bd7fcc665d70bfa77ec5667)
2021-09-27nat66: T3863: ndppd requires interfaces to be presentChristian Poessinger
2021-09-27frr: T2175: rename daemon Jinja2 templates to match (d)aemon suffixChristian Poessinger
2021-09-23openvpn: T3642: Fix password_protected checkNicolas Riebesel
2021-09-22vrrp: keepalived: T3847: enable no_tag_node_value_mangle for get_config_dict()Christian Poessinger
Commit 761631d6 ("vrrp: keepalived: T3847: migrate to get_config_dict()") switched to the new python function get_config_dict(), when we deal with tag nodes that can contain a hyphen, we should also set no_tag_node_value_mangle in order to preserve it. This caused a dict lookup error as the hyphens in the test scripts got replaced by an _.
2021-09-21vrrp: keepalived: T3847: migrate/streamline CLI optionsChristian Poessinger
Rename virtual-address -> address as we always talk about an IP address.
2021-09-21vrrp: keepalived: T3847: remove "transition-script mode-force" optionChristian Poessinger
2021-09-21vrrp: keepalived: T3847: migrate to get_config_dict()Christian Poessinger
2021-09-21vrrp: keepalived: T616: move configuration to volatile /run directoryChristian Poessinger
Move keepalived configuration from /etc/keepalived to /run/keepalived.
2021-09-21vrrp: keepalived: T2720: adjust to Jinja2 trim_blocks featureChristian Poessinger
This is a successor to commit a2ac9fac16e ("vyos.template: T2720: always enable Jinja2 trim_blocks feature"). It only shifts the whitespaces / indents inside the keepalived configuration file.
2021-09-19dhcp-server: T3672: re-add missing "name" CLI optionChristian Poessinger
This option is mandatory and must be user configurable as it needs to match on both sides.
2021-09-19dhcp-server: T3672: only one failover peer is supportedChristian Poessinger
2021-09-18container: T2216: add IPv6 support to container networksChristian Poessinger
2021-09-18dhcp-server: T1968: allow multiple static-routes to be configuredChristian Poessinger
vyos@vyos# show service dhcp-server shared-network-name LAN { subnet 10.0.0.0/24 { default-router 10.0.0.1 dns-server 194.145.150.1 lease 88 range 0 { start 10.0.0.100 stop 10.0.0.200 } static-route 192.168.10.0/24 { next-hop 10.0.0.2 } static-route 192.168.20.0/24 { router 10.0.0.2 } } }
2021-09-15ipsec: T3830: "authentication id|use-x509-id" are mutually exclusiveChristian Poessinger
Manually set peer id and use-x509-id are mutually exclusive!
2021-09-10Merge pull request #1000 from sever-sever/T3810Christian Poessinger
squid: squidguard: T3810: Fix template for sourcre-group and rule
2021-09-10squidguard: T3810: Set DB directory rigths 755Viacheslav