summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2018-09-29T855: fix SNMP python verify() to allow non group assignmentChristian Poessinger
VyOS 1.1.8 support SNMPv3 without a group beeing assigned to a user. This was yet not supported in VyOS 1.2.0. Use for testing: ================ set service snmp v3 user testsnmpv3 auth plain 'authkey12345' set service snmp v3 user testsnmpv3 auth type sha set service snmp v3 user testsnmpv3 mode ro set service snmp v3 user testsnmpv3 privacy plain 'privkey12345' set service snmp v3 user testsnmpv3 privacy type aes
2018-09-21Merge pull request #47 from Watcher7/currentChristian Poessinger
Bring VRRP configuration in line with keepalived config documentation.
2018-09-19T849: fix quagga 2-to-3 migration script permissions.Daniil Baturin
2018-09-19T849: remove stray debug prints.Daniil Baturin
2018-09-18T849: add a migration script for the new IPv4 BGP syntax.Daniil Baturin
2018-09-16T850: SNMP: improve non existing listen-address assignmentsChristian Poessinger
2018-09-16snmp: fix python script indentionChristian Poessinger
2018-09-16T850: tftp server: improve non existing listen-address assignmentsChristian Poessinger
2018-09-10snmp.py: proper creation of non network bound SNMP communitiesChristian Poessinger
2018-09-10snmp.py: improve JINJA2 template robustnessChristian Poessinger
2018-09-08T836: syslog messages split accross multiple fileshagbard
- logs now only to /var/log/messages per default - enforces the global template from /usr/share/vyos/rsyslog/rsyslog.conf
2018-09-05T831: ntp.py: fix restrict configuration keyword to allow clients to sync upChristian Poessinger
2018-09-04T823: extend the new DHCP op mode.Daniil Baturin
2018-09-04dhcp_server.py: bugfix pool assignmentChristian Poessinger
Commit 91c3b8bdd9 ("dhcp_server.py: cleanup") did not only cleanup parts of the code but in addition added support for DHCP failover. That support could lead to an empty pool {} statement if the subnet declaration only had static address assignments but no range at all. ---<snip>--- dhcpd: /etc/dhcp/dhcpd.conf line 70: Pool declaration with no address range. dhcpd: } dhcpd: ^ dhcpd: Pool declarations must always contain at least dhcpd: one range statement. ---</snip>---
2018-09-02Merge remote-tracking branch 'upstream/current' into T793hagbard
2018-09-02T793: wireguard preshared-key implementationhagbard
- the psk is only read from a file, due to sudo it's redirection doesn't work file is created in /tmp (it's tmpfs), wg comand executed and the psk file is deleted again, to avoid leakage of the psk. It's create umaks(077) and root:root
2018-09-02T825: add system 8-to-9 migration scriptChristian Poessinger
2018-09-02mdns_repeater: cleanup python implementationChristian Poessinger
2018-09-02T823: add a new DHCP op mode script, only capable of showing leases now.Daniil Baturin
2018-09-01snmp.py: improve daemon startupChristian Poessinger
The previous implementation used a hardcoded 2 seconds sleep until the daemon configuration was rendered by snmpd (user/password stuff). Waiting 2 seconds is error prone and was replaced by reading the configuration file until it shows a marker indicating that the file was properly processed by snmpd.
2018-09-01Merge remote-tracking branch 'upstream/current' into T793hagbard
2018-09-01snmp.py: beautify generated snmp.conf #2Christian Poessinger
2018-09-01snmp.py: bugfix - CLI client community node was not processedChristian Poessinger
2018-09-01snmp.py: bugfix writing rocommunity string in configChristian Poessinger
2018-09-01snmp.py: beautify generated snmp.confChristian Poessinger
2018-09-01T771: snmp.px: reduce syslog noiseChristian Poessinger
2018-08-31T811: dhcpv6_server.py: add missing validators when comitting config changesChristian Poessinger
2018-08-31dhcp_server.py: cleanupChristian Poessinger
2018-08-31bcast_relay.py: remove obsolete import statementChristian Poessinger
2018-08-31Merge remote-tracking branch 'upstream/current' into T793hagbard
2018-08-31T793: preshared key op-mode partshagbard
2018-08-30Update vrrp.pyWatcher7
2018-08-30T778: dhcpv6-server: XML and Python rewriteChristian Poessinger
2018-08-30dhcp_server.py: rework verify() error messages/error checkingChristian Poessinger
Commit 067a6b1524 ("vyos: package: extend validator by is_subnet_connected()") added a mechanism to probe if a given IPv4/IPv6 address is connected to any interface on the subnet - or is part of this subnet. We now use this call instead of producing more and more biler-plate code!
2018-08-30T813: fix the check for duplicate VRIDs on the same interface (patch by ↵Daniil Baturin
Watcher7).
2018-08-29snmp.py: only write 'oldEngineID' to config if v3 is enabledChristian Poessinger
2018-08-29T733: snmp.py: switch to new IP address validatorsChristian Poessinger
Commit a30dac7c2 ("vyos package: add IP address validators") added system wide Python validators for IP addresses. Remove duplicated code and switch to single source.
2018-08-29tftp_server.py: switch to new IP address validatorsChristian Poessinger
Commit a30dac7c2 ("vyos package: add IP address validators") added system wide Python validators for IP addresses. Remove duplicated code and switch to a single source.
2018-08-29dhcp_server.py: beautify error messages generated in verify()Christian Poessinger
2018-08-29dhcp_server.py: check if AF_INET address is configure before using it in ↵Christian Poessinger
verify()
2018-08-29dhcp_server.py: fix KeyError in verify()Christian Poessinger
2018-08-29dhcp_server.py: improve handling of 'dhcpd.leases' fileChristian Poessinger
If there was yet no lease file present, dhcpd refused to start. Lease file is created if required. Ususally this is handeled by the isc-dhcp-server init script but we use our own path (for persistance) of that file.
2018-08-28T778: harden dhcp_server.py for non existing filesChristian Poessinger
2018-08-28T810: bugfix broadcast-relay address validator, add 'disable' functionalityChristian Poessinger
Whole broadcast relay service can be temporary disabled via set service broadcast-relay disable Individual instances of the broadcast relay service can be disabled set service broadcast-relay id <n> disable
2018-08-28T793: changed op-mode script from wireguard_key.py to wireguard.pyhagbard
2018-08-28dhcp_server.py: issue warning and don't generate config if service is disabledChristian Poessinger
2018-08-28dhcp_server.py: rename dictionary key 'disable' to 'disabled'Christian Poessinger
2018-08-27Merge branch 'dhcp-server-rewrite' into currentChristian Poessinger
2018-08-27T778: T782: dhcp-server: XML and Python rewriteChristian Poessinger
This commit changes in addtion the DHCP server config syntax as defined in "T782: Cleanup dhcp-server configuration". Replace boolean parameter from the folowing nodes and make it valueless. This requires a migration script which is tracked with this task * set service dhcp-server shared-network-name <xyz> subnet 172.31.0.0/24 ip-forwarding enable (true|false) * set service dhcp-server shared-network-name <xyz> authoritative (true|false) * set service dhcp-server disabled (true|false) * set service dhcp-server dynamic-dns-update enable (true|fals) * set service dhcp-server hostfile-update (enable|disable) Replace the nested start/stop ip address from "subnet 172.31.0.0/24 start 172.31.0.101 stop 172.31.0.149" to "subnet 172.31.0.0/24 range <foo> start" and "subnet 172.31.0.0/24 range <foo> stop" where foo can be any character or number. In addition the vyatta-cfg-dhcp-server package used it's own init/config file for service startup. This has been migrated to the vanilla Debian files. Copy 'on-dhcp-event.sh' from vyatta-cfg-shcp-server package commit 4749e648bca6.
2018-08-27T793: wiregurard preshared-key op-mode script and interface implementationhagbard