Age | Commit message (Collapse) | Author |
|
In some cases we can get error:
```
Traceback (most recent call last):
File "/usr/libexec/vyos/op_mode/show_openvpn.py", line 173, in <module>
data = get_status(args.mode, intf)
File "/usr/libexec/vyos/op_mode/show_openvpn.py", line 130, in get_status
client["tunnel"] = get_vpn_tunnel_address(client['remote'], interface)
File "/usr/libexec/vyos/op_mode/show_openvpn.py", line 66, in get_vpn_tunnel_address
tunnel_ip = lst[0].split(',')[0]
IndexError: list index out of range
```
|
|
|
|
'show interfaces counters' correctly displays counter stats after a call
to 'clear interfaces counters', however, 'show interfaces detail' does
not. Add missing update to counter stats.
|
|
T5033: Ability to generate muliple keys from a file or link
|
|
(cherry picked from commit 779f4001a4828f1af39a5b0b861d62635fcb3726)
|
|
Added the tunnel ip column to see the assigned ip address in server mode
(cherry picked from commit 500c182c4fa4e0fa030b7c68139fbe948266c49b)
|
|
We generate only one public key (string) from a file xxx.pub
op-mode with 'generate public-key-command user vyos lik_to_key_file'
Add ability to generate configuration (from op-mode) for multiple keys
As github keys don't use identifiers, generate uuid4 id for them
|
|
|
|
We get incorrect data when shows connections
As we get list of all connections we should compare the connection
name with entries in list and set correct data if they match
|
|
|
|
1. Added in script update webproxy blacklists generation of all DBs
2. Fixed: if the blacklist category does not have generated db,
the template generates an empty dest category
in squidGuard.conf and a Warning message.
3. Added template generation for local's categories
in the rule section.
4. Changed syntax in the generation dest section for blacklist's
categories
5. Fixed generation dest local sections in squidGuard.conf
6. Fixed bug in syntax. The word 'allow' changed to the word 'any'
in acl squidGuard.conf
7. Backported all changes from 1.4 to 1.3 which were made in T3810
8. Fixed webproxy smoketest
|
|
Add op-mode CLI "show vpn ipsec connections"
Add the ability to show all configured connections/tunnels and
their states.
|
|
T4313: handle exceptions in the "generate public-key-command" script
|
|
(cherry picked from commit c37829f1e902b84a5bc3bc5618ee97ae1ba0dd86)
|
|
Allow to reset dhcp-leases per ip
Parse file '/config/dhcpd.leases' find match section 'lease x.x.x.x {}'
And remove this section
clear dhcp-server lease 192.0.2.21
(cherry picked from commit a83eecfeee1f925c914a46623dd35f96b48389f8)
|
|
(cherry picked from commit 0ef775ab6563af8c20d72d3e30751d50946ab704)
|
|
Add python script for op-mode 'show vpn debug'
|
|
|
|
(cherry picked from commit c06861440cd21ff7c668b35ed1039f5fac4101b9)
|
|
|
|
|
|
After rewriting conntrack-sync to XML/python, part of op-mode
parameters was missed
Add "status" and "statistics" for conntrack-sync
|
|
(cherry picked from commit 4207b4c264312fc496722874ec52e2db834dec37)
|
|
(cherry picked from commit 467eb1f18ec971d6d3913d9ecc58b241db104f0d)
|
|
(cherry picked from commit f36ac55e5355b170b181eef999be616700edffc1)
|
|
(cherry picked from commit b675c8b6187c4b77759e3f96c9c92dd382dabeae)
|
|
filesystem: T3946: root partition auto resize as a service
|
|
|
|
|
|
(cherry picked from commit 82ea3b4f3c12023ce17f1062785b6238f457673d)
|
|
interfaces
|
|
The current op-mode for "show vpn ipsec sa" shows only tunnels
which established (parent SA) and installed (child SA)
If tunnel not installed it can't show correct information about
this tunnel, in that case it can shows only parent sa state
Get codebase for "show_ipsec_sa.py" (op-mode) from 1.4 branch
where it was fixed.
|
|
The current uptime for tunnels is getting from parent SA
That is incorrect as we should get value from child SA
|
|
|
|
(cherry picked from commit 0ee26592772a14e829d9d1f8e64f9db875f31a63)
|
|
|
|
(cherry picked from commit d39567c977c84f1c16998947e16d397edbb015be)
|
|
(cherry picked from commit e211cdbb375dba13af33d6ad6c3addab707f2870)
|
|
message
(cherry picked from commit 10814c4d3360598262e991e4b20768dfcde91d75)
|
|
Commit 27e53fbc ("op-mode: T3619: bugfix "show interfaces" for VLANs") fixed
the op-mode command for the "show interfaces" operation, but if a user was
interested in all the ethernet or bridge interfaces, the command "show
interfaces <type> detail" did not yield any output.
The filtered_interfaces() function was further generalized to only operate on
base components and call itself recusively if required.
(cherry picked from commit 5e1f76d16332a917bfd99c6f2bffcd73e61d934d)
|
|
Commit 31169fa8a7 ("vyos.ifconfig: T3619: only set offloading options if
supported by NIC") always instantiated an object of the Ethtool class for an
ethernet object - this is right as a real ethernet interface is managed by
Ethtool.
Unfortunately the script used for "show interface" determindes the "base class"
for an interface by its name, so eth0 -> Ethernet, eth0.10 -> Ethernet. This
assumption is incorrect as a VLAN interface can not have the physical parameters
changed of its underlaying interface. This can only be done for eth0.
There is no need for the op-mode script to determine the implementation class
for an interface at this level, as we are only interested in the state of the
interface and it's IP addresses - which is a common operation valid for every
interface on VyOS.
(cherry picked from commit 27e53fbcd843c3aad27db9e97f9060ae6dfcc5ee)
|
|
(cherry picked from commit 5bde11aceffd3d7fca99e582b16555fc0c584410)
|
|
Commit 9f20bee81c ("T1376: improve show_dhcp and show_dhcpv6") added the tab
completion helper to list the availbale IP pools to query. This was done by
calling a python script which then called cli-shell-api which resulted in a
penalty by the Python interpreter startup.
This can be solved by directly using the cli-shell-api wrapper available
as <path> in op-mode - as also seen for DHCPv6.
(cherry picked from commit b1ff7baaf3c52c8c364955632fcece2da7033b10)
|
|
FRR: op-mode: T3776: rename "restart frr <daemon>" to "restart <daemon>"
|
|
(cherry picked from commit 059307f924c604eb2bdeab19a2db8ce6d8e09f90)
|
|
|
|
(cherry picked from commit d3ae6304a3eabcddba36452e9519ca7b56bb38af)
|
|
(cherry picked from commit 1229665d353a070e14ee9cceafbfdb107d669745)
|
|
(cherry picked from commit 0f7833483c0fe4982747bbbace45a83fae793257)
|
|
In this commit we fix the do not fragment capability
for ping commands. Sorry for messing it up earlier :(
(cherry picked from commit d012c732a8902d4848e29f37fcede66a060e3c7f)
|