summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2022-11-03validators: T4795: migrate mac-address python validator to validate-valueChristian Poessinger
Instead of spawning the Python interpreter for every mac-address to validate, rather use the base validate-value OCaml implementation which is much faster. This removes redundant code and also makes the CLI more responsive. Validator is moved out to a dedicated file instead of using XML inlined <regex> for the reason of re-usability. So if that regex needs to be touched again - it can all happen in one single file.
2022-11-03validators: T4795: drop unused Python validatorsChristian Poessinger
2022-11-03xml: T4795: superseed allowed-vlan validator by numeric range validatorChristian Poessinger
Reduce CPU time when spawning the python interpreter. Same can be done by the numeric validator.
2022-11-02Merge pull request #1636 from jestabro/standardize-op-mode-outputJohn Estabrook
op-mode: T4791: consistent normalization of 'raw' output of op-mode scripts for CLI and API
2022-11-02Merge pull request #1623 from sever-sever/T4771Daniil Baturin
T4771: Ability to get raw format for op-mode BGP commands
2022-11-01graphql: T4791: decamelize/normalize result of op-mode queriesJohn Estabrook
2022-11-01T4777: Ability to get logs in machine-readable formatViacheslav Hletenko
Ability to get logs in JSON format Possible filter by unit. Options for count lines, UTC time, facility or logs since boot
2022-11-01Merge pull request #1632 from dmbaturin/vrrp-commit-in-progressViacheslav Hletenko
T4526: use informative error messages for keepalived-fifo with commit in progress
2022-10-31ipsec: T4787: add support for road-warrior/remote-access RADIUS timeoutChristian Poessinger
This enabled users to also use 2FA/MFA authentication with a radius backend as there is enough time to enter the second factor.
2022-10-31T4526: use informative error messages for keepalived-fifo with commit in ↵Daniil Baturin
progress
2022-10-31T4771: Ability to get raw format for op-mode BGP commandsViacheslav Hletenko
2022-10-29Merge pull request #1621 from sarthurdev/T4774Christian Poessinger
wireguard: T4774: Prevent duplicate peer public keys
2022-10-29Merge pull request #1628 from sarthurdev/T3903Christian Poessinger
containers: T3903: Use systemd to handle containers
2022-10-29containers: T3903: Use systemd units for containerssarthurdev
* ExecStop action with defined timeout allows for quicker reboot/shutdown with containers
2022-10-28Merge pull request #1624 from dmbaturin/op-mode-bytesViacheslav Hletenko
T4779: output raw memory and storage values in bytes
2022-10-28T4779: switch raw output of "show system storage" to bytesDaniil Baturin
2022-10-28T4291: consolidate component version string read/write functionsJohn Estabrook
2022-10-28T4779: use bytes in the raw output of "show system memory"Daniil Baturin
2022-10-28wireguard: T4774: Prevent duplicate peer public keyssarthurdev
2022-10-27ipsec: T4778: raise UnconfiguredSubsystem if IPsec not initializedJohn Estabrook
2022-10-27Merge pull request #1606 from sever-sever/T4762Daniil Baturin
T4762: Add check for show nat if nat config does not exist
2022-10-26Merge pull request #1618 from sarthurdev/T4764Christian Poessinger
nat: T4764: Remove NAT tables on node deletion
2022-10-25nat: T4706: Verify translation address or port existssarthurdev
2022-10-25nat: T4764: Remove tables on NAT deletionsarthurdev
2022-10-25vyos.util: T4773: add camel_to_snake_case conversionJohn Estabrook
2022-10-25graphql: T4574: set byte length of shared secret from CLIJohn Estabrook
2022-10-25graphql: T4574: set token expiration time in claimsJohn Estabrook
2022-10-25graphql: T4574: add context to read token in queries/mutationsJohn Estabrook
2022-10-25graphql: T4574: read config and generate schema with/without key authJohn Estabrook
2022-10-25graphql: T4574: add mutation for requesting JWT tokenJohn Estabrook
2022-10-25graphql: T4574: reorganize directory structure for clarityJohn Estabrook
2022-10-25graphql: T4574: call all schema definition generation on initJohn Estabrook
2022-10-24route: T4772: return list of dicts in 'raw' outputJohn Estabrook
2022-10-23T4762: Add check for show nat if nat config does not existViacheslav Hletenko
Add check for 'show nat xxx' if nat configuration does not exist
2022-10-21Merge pull request #1611 from dmbaturin/field-normalization-2John Estabrook
T4765: support list and primitives in op mode output normalization
2022-10-21T4765: support list and primitives in op mode output normalizationcreate with ansible
2022-10-21graphql: T4768: change name of api child node from 'gql' to 'graphql'John Estabrook
2022-10-20T4765: normalize dict fields in op mode ouputsDaniil Baturin
2022-10-17Merge pull request #1600 from jestabro/gql-compositeJohn Estabrook
graphql: T4753: generalize system_status to composite_{query,mutation}
2022-10-16graphql: T4753: generalize system_status to composite_{query,mutation}John Estabrook
2022-10-16xdp: T4284: migrate to Debian libbpfChristian Poessinger
In order to properly retrieve JSON information in the Smoketests for the new QoS implementation we need a recent (>6.0) version of iproute2. This requires the libbpf-dev package and this small source-code change.
2022-10-14Merge pull request #1597 from jestabro/http-api-config-dictJohn Estabrook
http-api: T4749: transition to config_dict for conf_mode http-api.py
2022-10-14Merge pull request #1598 from sever-sever/T4533Christian Poessinger
T4533: Allow basic permissions to unprivileged RADIUS users
2022-10-14login: 2fa: T874: remove unused code path for global 1fa settingsChristian Poessinger
2022-10-14login: 2fa: T874: fix Google authenticator issuesChristian Poessinger
Move default values of TOTP configuration from a global to a per user setting. This makes the entire code easier as no global configuration must be blended into the per user config dict. Also it should be possible to set the authentication window "multiple concurrent keys" individual per user. set system login user vyos authentication otp key 'gzkmajid7na2oltajs4kbuq7lq' set system login user vyos authentication plaintext-password 'vyos'
2022-10-14T4533: Allow basic permissions to unprivileged RADIUS usersViacheslav Hletenko
Unprivileged RADIUS users cannot do simple diagnostics like ping or traceroute. Allow them such tools. Ability to execute op-mode commands for them. It is not new 'operator mode' feature but it allows RADIUS users execute op-mode commands
2022-10-14http-api: T4749: transition to config_dictJohn Estabrook
2022-10-14T4725: Fix Regex for correctly reset IPsec peersViacheslav Hletenko
As IPsec site-so-site was rewritten we do not need replace ':' => '-' as ':' can not be in the connection name So connection name can not use IP(v6) address as peer name And current peers/connections not required prefix 'peer_' Fix template that search correctly connection name of the peers that allow to reset them again (reset ipsec peer was broken)
2022-10-13monitoring: T4746: Add exception if we do not have firewall rulesViacheslav Hletenko
Telegraf checks the firewall table 'vyos_filter' but it we don't have any firewall in the system we don't have this table by default It cause commit error for "service monitoring" Add exception if the table "vyos_filter" is not found
2022-10-12bgp: T4744: Directly connected neighbors and ebgp-multihop checkViacheslav Hletenko
BGP directly connected neighbors (interface neighbors) do not compatible with ebgp-multihop option