Age | Commit message (Collapse) | Author |
|
on reboot and shutdown attempts
|
|
config path
|
|
Connection ID Username Protocol State Uptime Tunnel IP
--------------- ---------- ---------- ------- -------- -----------------
27 cpo IKEv2 UP 11s ['172.16.222.17']
"Tunnel IP" should be a string over list.
|
|
T5158: Refactoring the commad sh interfaces counters
|
|
For more detailed information it's necessary to add information about drops and error counters.
|
|
|
|
|
|
conntrack-sync: T4888: rewrite the op mode script in the new format
|
|
dns: T5144: Make dns dynamic status output legacy format compatible
|
|
ipsec: T5042: Rewritten 'show vpn ipsec remote-access' command
|
|
pki: T3642: Fix show command if no CA certs are present
|
|
op-mode: T5159: dhcpv6 incorrect warning message
|
|
The operational command "show dhcpv6 server leases" shows a warning message e
ven if dhcpv6 setting are configured and ipv6 address
got assigned to clients.
|
|
|
|
Adjust the output of dynamic dns status to be compatible with both
legacy and new ddclient cache format. This is necessary because the
legacy format is still used by some of the dyndns2 family of protocols.
This is a follow-up to commit 3f3621b6874354.
|
|
Split script to small functions for flexible output reports.
Improve header for commands.
Each funciton easily can be modified or extended.
Remove splitting command/output via percent symbol.
Remove old commands and directiories like /etc/rc.local, iptables,
brctl, etc.
Remove ethtool operation for subinterfaces.
Extend ethtool debug output.
Add correct nftables command.
|
|
Now 'show vpn ipsec remote-access' shows only IKEv2 Remote access
VPN IPSec connections.
Added option 'summary' that shows a summary table for
these connections.
Added option 'detail' that shows only RA SAs output of 'swanctl -l'
Added options 'username' and 'connection-id' that filters output.
Fixed output 'show vpn ipsec sa detail', the previous was
'show vpn ipsec sa verbose'.
|
|
T5137: refactoring the tech-support command
|
|
dns: T5144: Improve dns dynamic status output
|
|
T4770: Ability to get OpenVPN iface state and description for raw
|
|
|
|
|
|
Refactoring the tech-support command from .sh to .py
|
|
Improve and fix the output of dynamic dns status to be compatible with
new ddclient cache format.
Additional details:
- The status output is now formatted as a table with per-host dual-stack
information in rows. Columns not having actual value present in the
output will be kept empty.
- The 'Last update' column is now formatted in Local time format instead
of UTC.
|
|
Add "Packet drops suppressed" option
Rename "Samples drop events sent" to "Packet drops sent"
|
|
Add new metric, the number of packet-drop-events sent
|
|
ipsec: T5093: Fixed 'reset vpn ipsec profile' command
|
|
Add op-mode for sFlow based on hsflowd "show sflow"
Add machine readable format '--raw' and formatted output
|
|
|
|
Fixed 'reset vpn ipsec profile' command
using vici library and new op-mode style.
Added ability to use 'reset vpn ipsec profile' command
with 'remote-host' option.
|
|
|
|
|
|
'show interfaces counters' correctly displays counter stats after a call
to 'clear interfaces counters', however, 'show interfaces detail' does
not. Add missing update to counter stats.
|
|
There is a missing usefull option 'rate-limit' for
L2TP/PPTP/SSTP/IPoE raw output format
|
|
|
|
ipsec: T5043: Rewritten and fixed 'reset vpn' commands
|
|
|
|
1. Rewritten CLI of 'reset vpn' commands.
2. Created 'reset vpn ipsec remote-access' commands to reset
RA IKEv2 session.
3. Created 'reset vpn ipsec site-to-site all' command to reset all
configured IPSec site-to-site peers sessions.
4. Rewritten 'reset vpn l2t|pptp|sstp' commands to
new opmode style.
|
|
With long lease time for example lease '4294967295' seconds
it is impossible to get end lease as value is 'ends never;'
It cause error to get timestamp() from 'ends never' and remaining
time 'lease.end - datetime.utcnow()'
Set default remaining and end lease to '-' if we cannot get this
info
|
|
|
|
T4977: Add Babel routing protocol support
|
|
T5033: Ability to generate muliple keys from a file or link
|
|
|
|
We generate only one public key (string) from a file xxx.pub
op-mode with 'generate public-key-command user vyos lik_to_key_file'
Add ability to generate configuration (from op-mode) for multiple keys
As github keys don't use identifiers, generate uuid4 id for them
|
|
ipsec: T4985: Changed 'reset vpn ipsec-peer' to use vici library
|
|
1. Changed reset IPSEC, IKE SAs to use vici library.
2. Created package vyos.ipsec to communicate with vici library.
|
|
T5013: Extend accelppp op-mode script to get statistic
|
|
Extend openvpn.py op-mode script to get list of configured clients
for the '--raw' output
|
|
Extend accelppp.py op-mode script to get
subnet/start/stop/gateway/client_ip_pool/ etc
info from the configuration
|
|
Fixed 'reset vpn ipsec-peer {peer}' command.
The op-mode script uses value 'None' in the 'tunnel' parameter
to clear all CHILD SAs.
|