summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2020-06-23wireguard: T2632: support PSK on multiple peersChristian Poessinger
It was not possible to configure two WG peers with both utilized a pre-shared key. This has been corrected. WG psk can only be read from a file when starting the interface. The code for creating this temporary file has been moved into the ifconfig.WireGuardIf() class. Tested with: ============ set interfaces wireguard wg0 address '192.0.2.0/31' set interfaces wireguard wg0 peer one allowed-ips '0.0.0.0/0' set interfaces wireguard wg0 peer one preshared-key 'e+SIIUcrnrSDHhbTtpjwKhSlSdUALA5ZvoCjfQXcvmA=' set interfaces wireguard wg0 peer one pubkey '/qQGAQ2HfLSZBSCpdgps04r9wRlK7bSFraCH9+MScmw=' set interfaces wireguard wg0 peer two allowed-ips '0.0.0.0/0' set interfaces wireguard wg0 peer two pubkey '/qQGAQ2HfLSZBSCpdgfooor9wRlK7bSFraCH9+MScmw='
2020-06-22vpn: sstp: T2008: fix improper use of fail-time dictionary keyChristian Poessinger
2020-06-22vpn: pptp: T2351: fix improper use of fail-time dictionary keyChristian Poessinger
2020-06-22vpn: l2tp: T2264: fix improper use of fail-time dictionary keyChristian Poessinger
2020-06-22pppoe-server: T2314: fix improper use of fail-time dictionary keyChristian Poessinger
2020-06-22Merge branch 'default-dict' of github.com:c-po/vyos-1x into currentChristian Poessinger
* 'default-dict' of github.com:c-po/vyos-1x: console-server: T2588: migrate to defaults from XML interface definitions xml: T2588: add gitignore for generated defaults xml: T2588: code to extract defaults values from xml Debian: remove duplicate build dependency xml: ssh: fix typo in service description
2020-06-22console-server: T2588: migrate to defaults from XML interface definitionsChristian Poessinger
2020-06-22rip: T2547: rewriten implementation in Python and XMLViacheslav Hletenko
2020-06-22Merge pull request #452 from jjakob/T2486-dns-hostsd-fixesDaniil Baturin
T2486: DNS, vyos-hostsd fixes
2020-06-21console: T2624: fix migration script for configured powersave and no consoleChristian Poessinger
When the 'powersave' option under 'system console' was defined but no actual serial console device this cause the following error during migration: Loading configuration from 'config.boot' Traceback (most recent call last): File "/opt/vyatta/etc/config-migrate/migrate/system/16-to-17", line 45, in <module> for device in config.list_nodes(base + ['device']): File "/usr/lib/python3/dist-packages/vyos/configtree.py", line 236, in list_nodes raise ConfigTreeError("Path [{}] doesn't exist".format(path_str)) vyos.configtree.ConfigTreeError: Path [b'system console device'] doesn't exist
2020-06-20op-mode: T2621: fix repeated interface descriptionChristian Poessinger
2020-06-19router-advert: T2618: fix for wrongly converted "autonomous-flag"Christian Poessinger
Boolean nodes have been removed b/c a boolean value makes less sense. The same behavior can be achieved with the presence or absence of a node. Unfortunately the 'autonomous-flag' node has been a negated one which did not migrate it to 'no-autonomous-flag' if it was set to false previously.
2020-06-19dhcpv6-pd: T421: fix unknown lvalue 'StartLimitIntervalSec' warningChristian Poessinger
StartLimitIntervalSec is part of the [Unit] definition and not the [Service] definition [1]. This caused the following warning message: systemd[1]: /lib/systemd/system/dhcp6c@.service:12: Unknown lvalue 'StartLimitIntervalSec' in section 'Service', ignoring This error has been introduced via commit 992d356 ("dhcpv6-pd: T421: workaround for non existing interfaces"). [1]: https://www.freedesktop.org/software/systemd/man/systemd.unit.html
2020-06-19pseudo-ethernet: T2589: fix for deleting interface(s)Christian Poessinger
When deleting a peth interface the interface name was not added to the configuration dict, which lead to referencing non existent keys.
2020-06-19console-server: T2490: server must listen only on localhostChristian Poessinger
2020-06-19console-server: T2490: add SSH support for direct device accessChristian Poessinger
2020-06-18console-server: T2490: rename CLI to console-serverChristian Poessinger
2020-06-18console-server: T2490: add SSH supportChristian Poessinger
A user can define a port under the SSH node per device. WHen connecting to that port and authenticating using regular credentials we will immediately drop to the serial console. This is the same as executing "connect serial-proxy <name>".
2020-06-18console-server: T2490: log to journaldChristian Poessinger
2020-06-18console-server: T2490: move CLI parsing to get_config_dict()Christian Poessinger
For more examples on the new get_config_dict() approach migrate this implementation as it is not yet in production use. Also this serves as proof of concept code for further migrations.
2020-06-18console-server: T2490: replace ser2net with conserverChristian Poessinger
2020-06-18console-server: T2490: add default CLI valuesChristian Poessinger
2020-06-18console-server: T2490: rename CLI to "serial-proxy"Christian Poessinger
2020-06-18console-server: T2490: use new USB ports "by-bus"Christian Poessinger
2020-06-18console-server: T2490: initial supportChristian Poessinger
2020-06-18T2614: add a key mangling option to vyos.config.get_config_dict()Daniil Baturin
2020-06-17router-advert: T2609: remove debug pprint statementChristian Poessinger
2020-06-17router-advert: T2185: migrate from SysVinit to systemdChristian Poessinger
2020-06-17router-advert: T2609: add missing verify() for prefix lifetimeChristian Poessinger
radvd[31898]: AdvValidLifeTime must be greater than AdvPreferredLifetime in radvd.conf, line 19 This happens with the following configuration: vyos@vyos# show service router-advert interface eth0.20 { name-server 2001:4860:4860::8888 prefix ::/64 { valid-lifetime 7200 } } A validator is added to solve this issue and radvd will run again.
2020-06-18T2610: fix default-lifetime typoShohei YOKOKAWA
2020-06-17login: radius: T2299: Implement RADIUS servers priorityDmitriyEshenko
2020-06-16Merge pull request #460 from DmitriyEshenko/1xl2tp16062020Christian Poessinger
l2tp: T2602: Delete excess characters
2020-06-16snmp: T2321: use restart of start in systemctlChristian Poessinger
For an unknown reason snmpd not always starts after reboot.
2020-06-16syslog: T2604: remove unnecessary use of is_tagJohn Estabrook
2020-06-16l2tp: T2602: Delete excess charactersDmitriyEshenko
2020-06-15ifconfig: T2599: sort interface by natural orderThomas Mangin
2020-06-14wireless: T2354: add new validator for phy interfacesChristian Poessinger
2020-06-14console: T2569: bugfix removing entire console CLI treeChristian Poessinger
2020-06-13snmp: T2321: add VRF supportChristian Poessinger
2020-06-13ntp: T2321: add VRF supportChristian Poessinger
2020-06-13ssh: T2321: always run "systemctl daemon-reload"Christian Poessinger
2020-06-13ntp: T2321: remove superfluous verify() step on network addressesChristian Poessinger
Only IP prefixes are allowed to be added by the CLI thus we can drop the same check inside the Python script to validate the prefix.
2020-06-13ntp: T2321: use list over string when working with Config()Christian Poessinger
2020-06-13ssh: T2321: fix invalid string/list assignment of default portChristian Poessinger
Commit 5deb12c509be ("ssh: T2321: add VRF support") restructured the Port assignment (cleanup from the early days) but it accesses a string with methods used for a list, resulting in the funny default port 2.
2020-06-11dhclient hooks: T2486: update for vyos-hostsd rewriteJernej Jakob
- vyos-hostsd-client syntax changed - track changes in changes variable - call apply only once at the end if any changes were made - remove 'cli-shell-api existsEffective system disable-dhcp-nameservers' condition check as the functionality was moved into vyos-hostsd - remove comparison between old_ and new_ variables as it caused a bug as the nameservers didn't get updated on renew or system restart, the dhclient lease file persists across reboots, so on boot the old variables will contain the values from previous dhclient run so they will usually be equal to the new variables.
2020-06-11dns forwarding: T2534: fix incorrect path in recursor override fileJernej Jakob
2020-06-11on-dhcp-event.sh: T2486: modify for new vyos-hostsd syntaxJernej Jakob
- remove already existing entry check in /etc/hosts as vyos-hostsd will handle it - vyos-hostsd-client syntax changed - change tag "DHCP-$client_ip" to "dhcp-server-$client_ip" to make it more distinct from dhcp client tag "dhcp-$intf"
2020-06-11vyos-hostsd-client: T2583: update for vyos-hostsd rewriteJernej Jakob
- add new commands as arguments - change boolean options with extra required string options to a single string option that supports multiple arguments (makes a list) - track done operations in an extra ops variable (required for apply option)
2020-06-11dns forwarding: T2486: add conf nodes 'addnta', 'recursion-desired', migratorJernej Jakob
Add new nodes for 'service dns forwarding domain': 'addnta': adds addNTA to lua-config-file 'recursion-desired': sets '+' before the zone in forward-zones-file The migrator sets both options for all configured domains. This is usually the desired config.
2020-06-11system: T2486: migrate disable-dhcp-nameservers to name-servers-dhcpJernej Jakob
The previous implementation only supported disabling DHCP nameservers for all interfaces, and was implemented improperly so it didn't work anyway. This migrates it to name-servers-dhcp <interface>, which allows us to enable just the interfaces we want to use for system DNS, identical in syntax to 'service dns forwarding dhcp <interface>'. The migrator searches through all interfaces that have address 'dhcp(v6)?' and adds them to the name-servers-dhcp list if disable-dhcp-nameservers is not set, else it does nothing.