summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2021-08-23container: T2216: add option to "disable" a containerChristian Poessinger
2021-08-23container: T2216: verify() volume pathsChristian Poessinger
Volumes must have both a source and destination path specified. Also the source path must exist on the current system.
2021-08-23container: T2216: bugfix ValueError when assembling volumesChristian Poessinger
A call to .items() was missing that triggered the following error: ValueError: too many values to unpack (expected 2)
2021-08-23container: T2216: no need to query container statusChristian Poessinger
As VyOS CLI is the only truth for dealing with containers we do not need to query if a container is running, exists or what so ever. We simply always restart it if something changes and do not rely on the underlaying Linux status. If a users does container stuff under the hood - it will be overridden.
2021-08-23ipsec: T1210: use ConfigTreeQuery() instead of Config() from op-modeChristian Poessinger
2021-08-23pki: T3642: use ConfigTreeQuery() instead of Config() from op-modeChristian Poessinger
2021-08-23container: T2216: op-mode now supports updating the image for a given containerChristian Poessinger
2021-08-23container: T2216: increase sysctl inotify watchersChristian Poessinger
2021-08-23containers: T2216: restructure container_base_cmd to have image name at the endChristian Poessinger
2021-08-23containers: T2216: add CLI commands to specify restart behavior and memory usageChristian Poessinger
A container is limited to 256MB memory by default and will always restart on failure.
2021-08-23containers: T2216: xml: impove help string for address commandChristian Poessinger
2021-08-23containers: T2216: add missing verify() step on environment variablesChristian Poessinger
A environment variable MUST always have a value specified. Non existing values will cause the following error: Traceback (most recent call last): File "/usr/libexec/vyos/conf_mode/containers.py", line 269, in <module> apply(c) File "/usr/libexec/vyos/conf_mode/containers.py", line 224, in apply env_opt += " -e ".join(f"{k}={v['value']}" for k, v in container_config['environment'].items()) File "/usr/libexec/vyos/conf_mode/containers.py", line 224, in <genexpr> env_opt += " -e ".join(f"{k}={v['value']}" for k, v in container_config['environment'].items()) KeyError: 'value'
2021-08-21pppoe: T3090: migrate to vyos.ifconfig library to use the full potentialChristian Poessinger
Now that MSS clamping is done on the "per-interface" level the entire PPPoE stuff would have needed to get a full copy in GNU BASH for this or, participate in the common library. Add a new PPP ip-up script named 99-vyos-pppoe-callback which will call the vyos.ifconfig.PPPoEIf.update() function to configure everything as done with all other interfaces. This removes duplicated code for VRF assignment and route installation when a PPPoE interface is brought up or down.
2021-08-21wwan: T3620: remove superfluous import statementChristian Poessinger
WWAN does no londer need to render any configuration files.
2021-08-21interfaces: T3090: migrate adjust-mss from "firewall options" to "interface" ↵Christian Poessinger
level Getting rid of "set firewall options" and move it from: set firewall options interface ethX adjust-mss 1400 set firewall options interface ethX adjust-mss6 1400 to: set interfaces ethernet ethX ip adjust-mss 1400 set interfaces ethernet ethX ipv6 adjust-mss 1400 In addition add an extra option called clamp-mss-to-pmtu instead of a value.
2021-08-21udev: T2490: fix substitution error reported by udevChristian Poessinger
2021-08-21nhrp: T3599: move PID file to /run/opennhrpChristian Poessinger
2021-08-20bgp: T3759: add IPv4/IPv6 unicast AFI route-map for VPN import/exportChristian Poessinger
This adds the following new commands: set protocols bgp address-family ipv4-unicast route-map vpn export foo-map-out set protocols bgp address-family ipv4-unicast route-map vpn import foo-map-in set protocols bgp address-family ipv6-unicast route-map vpn export foo-map-out set protocols bgp address-family ipv6-unicast route-map vpn import foo-map-in
2021-08-18bgp: evpn: T1513: VNI rt and rd are only supported under EVPN VRFChristian Poessinger
2021-08-18nat: T2198: remove superfluous else clause on missing outbound-interfaceChristian Poessinger
2021-08-18nptv6: T2518: remove superfluous else clause on missing outbound-interfaceChristian Poessinger
2021-08-18nptv6: T2518: add missing verify() stage for mandatory translation addressChristian Poessinger
2021-08-18nat66: ndppd: T2518: rename Jinja2 template folder to match common naming ↵Christian Poessinger
convention
2021-08-18policy: T2425: import exact Perl match criteria for large-community-listChristian Poessinger
2021-08-17bgp: T3759: add l3vpn "import vrf" commandsChristian Poessinger
2021-08-17bgp: T2771: adjust verify() logic to common coding style for validationChristian Poessinger
2021-08-17policy: T2425: add missing validator for large-community-listsChristian Poessinger
without the validators FRR commit errors would happen.
2021-08-16conntrack: T3579: bugfix when deleting non existent iptable rulesChristian Poessinger
We only delete iptables rules if they really exist - if we try to delete a non- existing rule a PermissionError exception is thrown. We could either ignore the error code (that is what the old Vyatta code did), or we check what we are doing beforehand.
2021-08-16conntrack: T3579: remove debug print()Christian Poessinger
2021-08-16ospf: T3757: verify() bugfix for interface areaChristian Poessinger
Commit 6f87d8c9 ("ospf: T3757: support to configure area at an interface level") did not allow the old way an area and netwokr was set-up as the if expression was missing a check if 'area' was set in both the interface and the ospf process.
2021-08-15pbr: T3702: Fix incorrect splits for fwmarkViacheslav
2021-08-15ospf: T3757: support to configure area at an interface levelChristian Poessinger
FRR supports configuring either network prefixes per area, or assign an interface to an area to participate in the routing process. This is already well known from other venders and supported by FRR. A valid VyOS OSPF configuration would then look like: vyos@vyos# show protocols ospf { interface dum0 { area 0 } interface eth0.201 { area 0 authentication { md5 { key-id 10 { md5-key vyos } } } dead-interval 40 hello-interval 10 priority 1 retransmit-interval 5 transmit-delay 1 } log-adjacency-changes { detail } parameters { abr-type cisco router-id 172.18.254.201 } passive-interface default passive-interface-exclude eth0.201 }
2021-08-15wireguard: T3756: fix generated qr code headerBoris Manojlovic
2021-08-15Merge pull request #944 from sever-sever/T3702Christian Poessinger
pbr: T3702: Add rules match fwmark
2021-08-15Merge pull request #970 from jack9603301/T3648Christian Poessinger
op-mode: nat: T3648: Modify the operation mode script implementation of NAT to fix the existing problem
2021-08-15conntrack: T3275: migrate 'disable' syntax to 'enable' syntax for the new ↵Lulu Cathrinus Grimalkin
default behavior
2021-08-14op-mode: ipsec: T3745: "show vpn ipse sa" improve sortingChristian Poessinger
2021-08-14ospf: T3236: use proper daemon named template fileChristian Poessinger
2021-08-14op-mode: nat: T3648: Modify the operation mode script implementation of NAT ↵jack9603301
to fix the existing problem
2021-08-13vrf: T3734: T3728: vni must be configured with a higher priority then bgpdChristian Poessinger
When removing bgp (vrf) instances the assigned VRF vni must be deleted from FRR prior the removal of the bgp settings (T3734). This is now done by moving the CLI command "set vrf name red vni 1000" to a dedicated Python script with a priority higher then bgp.
2021-08-13Merge pull request #969 from sarthurdev/T3752Christian Poessinger
pki: T3752: Fix file output for certificate requests
2021-08-13pki: T3752: Fix file output for certificate requestssarthurdev
2021-08-13openvpn: T3738: Disable authentication option for server modeViacheslav
2021-08-13Merge pull request #967 from sever-sever/T3708-currChristian Poessinger
isis: T3708: Fix errors in MTU calculation
2021-08-13isis: T3708: Fix errors in MTU calculationViacheslav
2021-08-12T3749: Moving some counters into the proper loopKroy
2021-08-12login: T3746: inform users about pending rebootsChristian Poessinger
2021-08-12Merge pull request #963 from FileGo/T3744Christian Poessinger
dns: T3744: fixed dns fwd statistics formatting
2021-08-12dns: T3744: fixed dns fwd statistics formattingFileGo
2021-08-10snmp: T3709: Allow enable oid ipCidrRouteTableViacheslav