Age | Commit message (Collapse) | Author | |
---|---|---|---|
2018-09-29 | T855: fix SNMP python verify() to allow non group assignment | Christian Poessinger | |
VyOS 1.1.8 support SNMPv3 without a group beeing assigned to a user. This was yet not supported in VyOS 1.2.0. Use for testing: ================ set service snmp v3 user testsnmpv3 auth plain 'authkey12345' set service snmp v3 user testsnmpv3 auth type sha set service snmp v3 user testsnmpv3 mode ro set service snmp v3 user testsnmpv3 privacy plain 'privkey12345' set service snmp v3 user testsnmpv3 privacy type aes | |||
2018-09-21 | Merge pull request #47 from Watcher7/current | Christian Poessinger | |
Bring VRRP configuration in line with keepalived config documentation. | |||
2018-09-19 | T849: fix quagga 2-to-3 migration script permissions. | Daniil Baturin | |
2018-09-19 | T849: remove stray debug prints. | Daniil Baturin | |
2018-09-18 | T849: add a migration script for the new IPv4 BGP syntax. | Daniil Baturin | |
2018-09-16 | T850: SNMP: improve non existing listen-address assignments | Christian Poessinger | |
2018-09-16 | snmp: fix python script indention | Christian Poessinger | |
2018-09-16 | T850: tftp server: improve non existing listen-address assignments | Christian Poessinger | |
2018-09-10 | snmp.py: proper creation of non network bound SNMP communities | Christian Poessinger | |
2018-09-10 | snmp.py: improve JINJA2 template robustness | Christian Poessinger | |
2018-09-08 | T836: syslog messages split accross multiple files | hagbard | |
- logs now only to /var/log/messages per default - enforces the global template from /usr/share/vyos/rsyslog/rsyslog.conf | |||
2018-09-05 | T831: ntp.py: fix restrict configuration keyword to allow clients to sync up | Christian Poessinger | |
2018-09-04 | T823: extend the new DHCP op mode. | Daniil Baturin | |
2018-09-04 | dhcp_server.py: bugfix pool assignment | Christian Poessinger | |
Commit 91c3b8bdd9 ("dhcp_server.py: cleanup") did not only cleanup parts of the code but in addition added support for DHCP failover. That support could lead to an empty pool {} statement if the subnet declaration only had static address assignments but no range at all. ---<snip>--- dhcpd: /etc/dhcp/dhcpd.conf line 70: Pool declaration with no address range. dhcpd: } dhcpd: ^ dhcpd: Pool declarations must always contain at least dhcpd: one range statement. ---</snip>--- | |||
2018-09-02 | Merge remote-tracking branch 'upstream/current' into T793 | hagbard | |
2018-09-02 | T793: wireguard preshared-key implementation | hagbard | |
- the psk is only read from a file, due to sudo it's redirection doesn't work file is created in /tmp (it's tmpfs), wg comand executed and the psk file is deleted again, to avoid leakage of the psk. It's create umaks(077) and root:root | |||
2018-09-02 | T825: add system 8-to-9 migration script | Christian Poessinger | |
2018-09-02 | mdns_repeater: cleanup python implementation | Christian Poessinger | |
2018-09-02 | T823: add a new DHCP op mode script, only capable of showing leases now. | Daniil Baturin | |
2018-09-01 | snmp.py: improve daemon startup | Christian Poessinger | |
The previous implementation used a hardcoded 2 seconds sleep until the daemon configuration was rendered by snmpd (user/password stuff). Waiting 2 seconds is error prone and was replaced by reading the configuration file until it shows a marker indicating that the file was properly processed by snmpd. | |||
2018-09-01 | Merge remote-tracking branch 'upstream/current' into T793 | hagbard | |
2018-09-01 | snmp.py: beautify generated snmp.conf #2 | Christian Poessinger | |
2018-09-01 | snmp.py: bugfix - CLI client community node was not processed | Christian Poessinger | |
2018-09-01 | snmp.py: bugfix writing rocommunity string in config | Christian Poessinger | |
2018-09-01 | snmp.py: beautify generated snmp.conf | Christian Poessinger | |
2018-09-01 | T771: snmp.px: reduce syslog noise | Christian Poessinger | |
2018-08-31 | T811: dhcpv6_server.py: add missing validators when comitting config changes | Christian Poessinger | |
2018-08-31 | dhcp_server.py: cleanup | Christian Poessinger | |
2018-08-31 | bcast_relay.py: remove obsolete import statement | Christian Poessinger | |
2018-08-31 | Merge remote-tracking branch 'upstream/current' into T793 | hagbard | |
2018-08-31 | T793: preshared key op-mode parts | hagbard | |
2018-08-30 | Update vrrp.py | Watcher7 | |
2018-08-30 | T778: dhcpv6-server: XML and Python rewrite | Christian Poessinger | |
2018-08-30 | dhcp_server.py: rework verify() error messages/error checking | Christian Poessinger | |
Commit 067a6b1524 ("vyos: package: extend validator by is_subnet_connected()") added a mechanism to probe if a given IPv4/IPv6 address is connected to any interface on the subnet - or is part of this subnet. We now use this call instead of producing more and more biler-plate code! | |||
2018-08-30 | T813: fix the check for duplicate VRIDs on the same interface (patch by ↵ | Daniil Baturin | |
Watcher7). | |||
2018-08-29 | snmp.py: only write 'oldEngineID' to config if v3 is enabled | Christian Poessinger | |
2018-08-29 | T733: snmp.py: switch to new IP address validators | Christian Poessinger | |
Commit a30dac7c2 ("vyos package: add IP address validators") added system wide Python validators for IP addresses. Remove duplicated code and switch to single source. | |||
2018-08-29 | tftp_server.py: switch to new IP address validators | Christian Poessinger | |
Commit a30dac7c2 ("vyos package: add IP address validators") added system wide Python validators for IP addresses. Remove duplicated code and switch to a single source. | |||
2018-08-29 | dhcp_server.py: beautify error messages generated in verify() | Christian Poessinger | |
2018-08-29 | dhcp_server.py: check if AF_INET address is configure before using it in ↵ | Christian Poessinger | |
verify() | |||
2018-08-29 | dhcp_server.py: fix KeyError in verify() | Christian Poessinger | |
2018-08-29 | dhcp_server.py: improve handling of 'dhcpd.leases' file | Christian Poessinger | |
If there was yet no lease file present, dhcpd refused to start. Lease file is created if required. Ususally this is handeled by the isc-dhcp-server init script but we use our own path (for persistance) of that file. | |||
2018-08-28 | T778: harden dhcp_server.py for non existing files | Christian Poessinger | |
2018-08-28 | T810: bugfix broadcast-relay address validator, add 'disable' functionality | Christian Poessinger | |
Whole broadcast relay service can be temporary disabled via set service broadcast-relay disable Individual instances of the broadcast relay service can be disabled set service broadcast-relay id <n> disable | |||
2018-08-28 | T793: changed op-mode script from wireguard_key.py to wireguard.py | hagbard | |
2018-08-28 | dhcp_server.py: issue warning and don't generate config if service is disabled | Christian Poessinger | |
2018-08-28 | dhcp_server.py: rename dictionary key 'disable' to 'disabled' | Christian Poessinger | |
2018-08-27 | Merge branch 'dhcp-server-rewrite' into current | Christian Poessinger | |
2018-08-27 | T778: T782: dhcp-server: XML and Python rewrite | Christian Poessinger | |
This commit changes in addtion the DHCP server config syntax as defined in "T782: Cleanup dhcp-server configuration". Replace boolean parameter from the folowing nodes and make it valueless. This requires a migration script which is tracked with this task * set service dhcp-server shared-network-name <xyz> subnet 172.31.0.0/24 ip-forwarding enable (true|false) * set service dhcp-server shared-network-name <xyz> authoritative (true|false) * set service dhcp-server disabled (true|false) * set service dhcp-server dynamic-dns-update enable (true|fals) * set service dhcp-server hostfile-update (enable|disable) Replace the nested start/stop ip address from "subnet 172.31.0.0/24 start 172.31.0.101 stop 172.31.0.149" to "subnet 172.31.0.0/24 range <foo> start" and "subnet 172.31.0.0/24 range <foo> stop" where foo can be any character or number. In addition the vyatta-cfg-dhcp-server package used it's own init/config file for service startup. This has been migrated to the vanilla Debian files. Copy 'on-dhcp-event.sh' from vyatta-cfg-shcp-server package commit 4749e648bca6. | |||
2018-08-27 | T793: wiregurard preshared-key op-mode script and interface implementation | hagbard | |