summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2020-03-04vrf: T31: remove superfluous vyos.vrf library functionsChristian Poessinger
vyos.vrf.list_vrfs() was only used in one function thus building a library is no longer needed. If it is needed in the future it should be placed into a library again.
2020-03-04vrf: T31: reduce script complexityChristian Poessinger
Keep it simple and stupid :)
2020-03-04vrf: T31: no need to use sudo calls in vrf.pyChristian Poessinger
All configuration mode scripts are already run with sudo.
2020-03-04vrf: T31: make 'show vrf' command behave like other 'show interface commands'Christian Poessinger
- remove the additional depth for querying discrete VRF names - retrieve available VRF names from via <path> from CLI rather then invoking an external script
2020-03-04vrf: T31: use embedded regex on 'vrf name' instead of python scriptChristian Poessinger
2020-03-04vrf: T31: initial support for a VRF backend in XML/PythonThomas Mangin
This is a work in progress to complete T31 whoever thought it was less than 1 hour of work was ..... optimistic. Only VRF vreation and show is supported right now. No interface can be bound to any one VRF.
2020-03-03interfaces: T1579: fix c/p error when evaluating ↵Christian Poessinger
os.environ['VYOS_TAGNODE_VALUE'] This has been only a theoretical problem but then the error condition was triggered - only an error has been printed instead of raising an Exception.
2020-03-03dhcp-server: T2092: add default route to rfc3442-static-route optionAndras Elso
2020-03-03dhcp-server: T2062: Fix static route bytesAndras Elso
2020-03-01syslog: T2086: do not log cron and su to regular syslogChristian Poessinger
2020-03-01login: radius: T2089: only query servers when uid matches ...Christian Poessinger
Do not query RADIUS servers when commit is running started from a non RADIUS user (localuser, root). This should reduce the overall system boot time.
2020-03-01vmware: T1028: readd static IP address after resumeChristian Poessinger
2020-03-01pppoe: T2087: enable unlimited connection attemptsChristian Poessinger
2020-03-01syslog: T2086: move sudo session open/close log entries to auth.logChristian Poessinger
2020-02-27Merge pull request #227 from thomas-mangin/T2057Christian Poessinger
ifconfig: T2057: generalised Interface configuration
2020-02-27openvpn: T2075: add support for OpenVPN tls-crypt file optionChristian Poessinger
Encrypt and authenticate all control channel packets with the key from keyfile. Encrypting (and authenticating) control channel packets: * provides more privacy by hiding the certificate used for the TLS connection * makes it harder to identify OpenVPN traffic as such * provides "poor-man's" post-quantum security, against attackers who will never know the pre-shared key (i.e. no forward secrecy)
2020-02-27login: T2050: retrieve home directory for SSH keys from OS and not guess itChristian Poessinger
We should not rely on the home dir value stored in user['home_dir'] as if a crazy user will choose username root or any other system user this will fail. Should be deny using root at all?
2020-02-25[service https] T1443: set default HTTPS listen portJohn Estabrook
2020-02-25login: T1948: migrade local and radius configurationsChristian Poessinger
Splitting was not a good idea. By combining both we can create a RADIUS server XML include file which can be reused by multiple implementations to get a uniformed CLI for the users.
2020-02-25login: radius: T2071: support disabling individual serverChristian Poessinger
2020-02-25pppoe: T2055: verify logfile really existsChristian Poessinger
2020-02-25Merge branch 'pppoe-t2070' of github.com:c-po/vyos-1x into currentChristian Poessinger
* 'pppoe-t2070' of github.com:c-po/vyos-1x: pppoe: T2070: rewrite (dis-)connect op-mode commands in XML and Python gitignore: fix ignore pattern of all debhelper files pppoe: T2055: make logfile owned by root/vyattacfg pppoe: T1318: validate existing source-interface
2020-02-25pppoe: T2070: rewrite (dis-)connect op-mode commands in XML and PythonChristian Poessinger
2020-02-25pppoe: T2055: make logfile owned by root/vyattacfgChristian Poessinger
2020-02-25pppoe: T1318: validate existing source-interfaceChristian Poessinger
It is not only sufficient to check if there is a source-interface configured, but rather it must also be checked if the source-interface exists at all in the system. If the interface does not exist pppd will complain with: pppd[2778]: /usr/sbin/pppd: In file /etc/ppp/peers/pppoe1: unrecognized option 'eth0.202'
2020-02-24ifconfig: T2057: generalised Interface configurationThomas Mangin
Provides a way to pass options to interface consistent between subclasses of Interface
2020-02-24pppoe-client: T2069: Use rp_pppoe_service for send correct service-nameDmitriyEshenko
2020-02-23service-pppoe: T2067: Allow setting multiple service-nameshagbard
2020-02-23openvpn: T2065: move daemon parameter to start-stop-daemon command-lineChristian Poessinger
2020-02-23pppoe: T1318: set interface descriptionChristian Poessinger
2020-02-23pppoe: T2055: do not try to start a deleted dialer interfaceChristian Poessinger
2020-02-23pppoe: T1318: declutter name-server CLI nodesChristian Poessinger
Instead of letting the user choose between auto and none where auto is default, it makes more sesne to just offer an option to disable the default behavior.
2020-02-23pppoe: T2055: remove router-advert node in client interfaceChristian Poessinger
2020-02-23pppoe: T1318: migrate user-id and password nodes under an authentication nodeChristian Poessinger
2020-02-23pppoe: T1318: rename link to source-interfaceChristian Poessinger
2020-02-23pppoe: T1318: extend migrator for firewall, qos and ip routing nodesChristian Poessinger
2020-02-23pppoe: T1318: proper delete old interfaces in migratorChristian Poessinger
2020-02-23pppoe: T1318: fix migrator and add missing link statementChristian Poessinger
2020-02-23pppoe: T1318: use lists rather then strings on Config()Christian Poessinger
2020-02-23pppoe: T1318: support interface descriptionChristian Poessinger
2020-02-23pppoe: T1318: remove obsolete ipv6-up.d scriptChristian Poessinger
The generated script was not called at all. Verified in vyOS 1.2.3 and rolling. Looks like a leftover from the past. If this functionality is required - it should be re-implemented the proper way!
2020-02-23pppoe: T1318: add op-mode commands for link informationChristian Poessinger
2020-02-23pppoe: T1318: use systemd to manage connectionChristian Poessinger
This reduces the amount of self written code to start-stop-daemon and also kill the process if it has no connection yet (there won't be a PID file in this case) and getting the proper PID for multiple processes would require me to walk the /proc/<pid>/cmdline for every binary involved.
2020-02-23pppoe: T1318: remove process startup debug outputChristian Poessinger
We no longer need to see the command which is used to spawn up PPPd and dial the connection.
2020-02-23pppoe: T1318: move process startup to apply()Christian Poessinger
2020-02-23pppoe: T1318: "link" option is mandatoryChristian Poessinger
2020-02-23pppoe: T1318: add first version of new XML/Python implementationChristian Poessinger
vyos@vyos# show interfaces pppoe pppoe pppoe0 { default-route force link eth2.7 mtu 400 name-server auto password 12345678 user-id vyos@vyos.io }
2020-02-21[service https] T1443: bug: set HTTPS listen port for listen-address '*'John Estabrook
2020-02-19snmp: T1769: fix indentation error and add try clauseJohn Estabrook
2020-02-18snmp: T1769: cleanup leftove code path for certificate migrationChristian Poessinger