vyos-1x.git - VyOS command definitions, scripts, and utilities (mirror of https://github.com/marekm72/vyos-1x.git)

Age	Commit message (Collapse)	Author
2021-11-18	Merge pull request #1052 from sever-sever/T3643-equ	Daniil Baturin
	ipsec: T3643: Fix for show tunnels with state down
2021-11-17	snmp: T3996: fix invalid IPv6 localhost handling when using listen-address	Christian Poessinger
	We need to use a temporary variable when validating the tuple if address is used. If not the else branch will always add the tuple to the list of addresses used for listen-address. (cherry picked from commit d13b91462487e090b32c0d1ecf9139a2271b4837)
2021-11-17	openvpn: T3995: implement systemd reload support	Christian Poessinger
	(cherry picked from commit eceaa3a787929f5a514b9c45da52936c0d4d4a54)
2021-11-17	OpenVPN: T3350: Changed custom options for OpenVPN processing	zsdc
	Custom OpenVPN options moved back to the command line from a configuration file. This should keep full compatibility with the `crux` branch, and allows to avoid mistakes with parsing options that contain `--` in the middle. The only smart part of this - handling a `push` option. Because of internal changes in OpenVPN, previously it did not require an argument in the double-quotes, but after version update in `equuleus` and `sagitta` old syntax became invalid. So, all the `push` options are processed to add quotes. The solution is still not complete, because if a single config line contains `push` with other options, it will not work, but it is better than nothing. (cherry picked from commit 3fd2ff423b6c6e992b2ed531c7ba99fb9e1a2123)
2021-11-17	T3912: add additional newline after "Welcome to VyOS"	Christian Poessinger
	(cherry picked from commit 77eca49bffede005f546b7d9d3660bf2e32c7e8e)
2021-11-15	graphql: T3993: add config file save/load	John Estabrook
	(cherry picked from commit 8915a19f7761253b7bdf6ca847069539ee33851d)
2021-11-15	graphql: T3993: move schema generation to bindings.py; clean up for linting	John Estabrook
	(cherry picked from commit 9e2694b24b06d928240522322c9a6d60c7a7d290)
2021-11-15	l2tp: T3724: allow setting accel-ppp l2tp host-name	Marek Isalski
	(cherry picked from commit 3d00140453b3967370c77ddd9dac4af223a7ddce)
2021-11-08	T3912: remove duplicate "Welcome to VyOS!" already shown by pre-login	Christian Poessinger
	(cherry picked from commit 73be449b1cd09f3ca86400753630fb4804fbeca7)
2021-11-07	http-api: T2768: update dhcp-server example for migration 5-to-6	John Estabrook
	(cherry picked from commit dc9a2821d063a96681d6cb1d962618829b71937d)
2021-11-07	http-api: T3440: give uvicorn time to initialize before starting Nginx	John Estabrook
	(cherry picked from commit 889e16a77517549fb833a90d047455533be02f06)
2021-11-07	http-api: T2768: add README.graphql	John Estabrook
	(cherry picked from commit 5b69aad5bfe1fd1dfc51afb1d4b6323028009deb)
2021-11-07	http-api: T2768: example using GraphQL for high-level config operations	John Estabrook
	(cherry picked from commit b168b4cc7da456f14714d917cdc7a1c6b8df9af5)
2021-11-07	http-api: T3616: update for strict content-type check in FastAPI 0.65.2	John Estabrook
	FastAPI 0.65.2 checks content-type request header before assuming JSON, closing a well-known loophole. This requires a modification of the code providing backwards compatibility of multipart forms. (cherry picked from commit 3a9041e2d4d4a48ba7c01439e69c5f86a4a850c2)
2021-11-07	http api: T3412: use FastAPI as web framework; support application/json	John Estabrook
	Replace the Flask micro-framework with FastAPI, in order to support extensions to the API and OpenAPI 3.* generation. This change will remain backwards compatible with previous versions. Notably, the multipart forms version of requests remain supported; in addition application/json requests are now natively supported. (cherry picked from commit 0125fff200efe3259aa25953e7505f69679261f8)
2021-11-07	T3912: use a more informative default login banner	Christian Poessinger
	(cherry picked from commit 5d39a113bdef82e201aa43f848217c30db2f6fd9)
2021-11-01	dhclient: T3940: Added lease file argument to the `dhclient -x` call	zsdc
	When `dhclient` with the `-x` option is used to stop running DHCP client with a lease file that is not the same as in the new `dhclient` process, it requires a `-lf` argument with a path to the old lease file to find information about old/active leases and process them according to instructions and config. This commit adds the option to the `02-vyos-stopdhclient` hook, which allows to properly process `dhclient` instances started in different ways. (cherry picked from commit 393970f9ee5b3dfc58e0e999d3d5941a198b2c6f)
2021-10-31	tunnel: T3956: GRE key check must not be run on our own interface instance	Christian Poessinger

2021-10-31	netflow: T3953: use warning if "netflow source-ip" does not exist instead of ↵	Christian Poessinger
	error (cherry picked from commit 17215846b512851e7df8cdfcfc06c18b1d27f763)
2021-10-31	console: udev: T3954: adjust rule script to new systemd-udev version	Christian Poessinger
	We can no longer use bash veriable string code vor string manipulation. Move to a more robust "cut" implementation. (cherry picked from commit 513e951f3e1358ec6ff5424d03e8f4e9aa7c3388)
2021-10-31	console: T3954: bugfix RuntimeError: dictionary keys changed during iteration	Christian Poessinger
	(cherry picked from commit f227987ccf41e01d4ddafb6db7b36ecf13148c78)
2021-10-29	ipsec: T3643: Fix for show tunnels with state down	Viacheslav
	The current op-mode for "show vpn ipsec sa" shows only tunnels which established (parent SA) and installed (child SA) If tunnel not installed it can't show correct information about this tunnel, in that case it can shows only parent sa state Get codebase for "show_ipsec_sa.py" (op-mode) from 1.4 branch where it was fixed.
2021-10-28	IPSec: T3941: Fix uptime for tunnels sa op-mode	Viacheslav
	The current uptime for tunnels is getting from parent SA That is incorrect as we should get value from child SA
2021-10-27	vrrp: T3944: reload daemon instead of restart when already running	Christian Poessinger
	This prevents a failover from MASTER -> BACKUP when changing any MASTER related configuration. (cherry picked from commit 2c82c9acbde2ccca9c7bb5e646a45fd646463afe)
2021-10-26	op-mode: T3942: Add feature generate IPSec debug-archive	Viacheslav

2021-10-22	sstp: T2566: Fix verify section for pool ipv6 only	Viacheslav

2021-10-21	Merge pull request #1032 from ross211/dhclient-vyos-cleanup	Christian Poessinger
	dhclient hooks: T3920: avoid 'too many args' error when no vrf
2021-10-21	dhcp-server: T3610: Allow configuration for non-primary ip address	Viacheslav
	(cherry picked from commit 78cfb949cc6bceab744271cf23f269276b178182)
2021-10-21	dhcp: T3626: Prevent to disable only one configured network	Viacheslav
	(cherry picked from commit 9c825a3457a88a4eebc6475f92332822e5102889)
2021-10-21	tunnel: T3925: dhcp-interface was of no use - use source-interface instead	Christian Poessinger

2021-10-20	tunnel: T3921: bugfix KeyError for source-address	Christian Poessinger

2021-10-20	dhcpv6-server: T3918: Fix subnets verify raise ConfigError	Viacheslav
	(cherry picked from commit ead10909ba9104733930bb3f59c90610138bd047)
2021-10-20	dhclient hooks: T3920: avoid 'too many args' error when no vrf	Ross Dougherty

2021-10-08	tunnel: T3893: harden logic when validating tunnel parameters	Christian Poessinger
	Different types of tunnels have different keys set in get_interface_config(). Thus it should be properly verified (by e.g. using dict_search()) that the key in question esits to not raise KeyError. (cherry picked from commit 5aadf673497b93e2d4ad304e567de1cd571f9e25)
2021-10-04	T3889: Revert "dhcpv6-pd: T421: disable wide dhcpv6 client debug messages"	Christian Poessinger
	This reverts commit 184f25819fa43fc892b97c0044813b8aa56855b4.
2021-10-02	dns: forwarding: T3882: remove deprecated code to work with PowerDNS 4.5	Christian Poessinger

2021-10-01	vrrp: T3877: remove debug output	Christian Poessinger

2021-09-30	vrrp: T3877: backport handlers to solve "default rfc3768-compatibility" issue	John Estabrook
	Do not create rfc3768-compatibility interfaces by default because of wrong Jinja2 syntax. Backporting the entire system makes it easier in the future to additional bugfixes.
2021-09-28	dhclient: T3852: Fixed dhclient processes search	zsdc
	Backported commits: 13abffe43b2a5c41bb4ec4675c227f6cf1f868da 01158a8eaa574c48c726c20693479e4aa6e18ee6 This allows finding all running dhclient processes properly.
2021-09-26	T3866: ignore interfaces without "address" in DNS forwarding migration	Daniil Baturin

2021-09-26	op-mode: reboot/poweroff: T3857: send wall message to all users	Christian Poessinger
	(cherry picked from commit 0ee26592772a14e829d9d1f8e64f9db875f31a63)
2021-09-22	vrrp: keepalived: T616: bugfix for invalid os.unlink()	Christian Poessinger
	Commit 260f3832 ("vrrp: keepalived: T616: drop /etc/default/keepalived") dropped the old daemon configuration but there was one line of code that tried to delete the file which was no longer present. This resulted in: KeyError: 'daemon'
2021-09-21	vrrp: keepalived: T616: drop /etc/default/keepalived	Christian Poessinger
	This is a follow-up commit to 65398e5c8 ("vrrp: keepalived: T616: move configuration to volatile /run directory") as it makes no sense to store a static /etc/default/keepalived file marked as "Autogenerated by VyOS" that only enabled the SNMP option to keepalived. Better pass the --snmp switch via the systemd override file and drop all other references/files.
2021-09-21	vrrp: keepalived: T616: move configuration to volatile /run directory	Christian Poessinger
	Move keepalived configuration from /etc/keepalived to /run/keepalived. (cherry picked from commit b243795eba1b36cadd81c3149e833bdf5c5bea70)
2021-09-21	vrrp: keepalived: T2720: adjust to Jinja2 trim_blocks feature	Christian Poessinger
	This is a successor to commit a2ac9fac16e ("vyos.template: T2720: always enable Jinja2 trim_blocks feature"). It only shifts the whitespaces / indents inside the keepalived configuration file. (cherry picked from commit c1ac0630cfe0ee65569fbe435cc006ade20fed22)
2021-09-19	dhcp-server: T3672: migrate failover name option	Christian Poessinger
	Commit 2985035b (dhcp-server: T3672: re-add missing "name" CLI option) unfortunately did not add the name option to the migration script. (cherry picked from commit e83a113360ba18043edcf7f70689c7042dee2b37)
2021-09-19	dhcp-server: T2927: Add empty args if does not possible to determine variables	DmitriyEshenko
	(cherry picked from commit 2f8b33a26e63e5b9ac4e697b9312f2238d6241f3)
2021-09-19	dhcp-server: T3672: re-add missing "name" CLI option	Christian Poessinger
	This option is mandatory and must be user configurable as it needs to match on both sides. (cherry picked from commit 2985035bcb2f3732e15a41e3c2ee6c6c93a6836e)
2021-09-19	dhcp-server: T3672: only one failover peer is supported	Christian Poessinger
	(cherry picked from commit a8ccf72c222caad8cd7aaca9bca773be39e87f5c)
2021-09-19	dhcp-server: T3838: rename dns-server to name-server node	Christian Poessinger
	IPv4 DHCP uses "dns-server" to specify one or more name-servers for a given pool. In order to use the same CLI syntax this should be renamed to name-server, which is already the case for DHCPv6. (cherry picked from commit e2f9f4f4e8b2e961a58d935d09798ddb4e1e0460)