Age | Commit message (Collapse) | Author | |
---|---|---|---|
2022-11-03 | validators: T4795: migrate mac-address python validator to validate-value | Christian Poessinger | |
Instead of spawning the Python interpreter for every mac-address to validate, rather use the base validate-value OCaml implementation which is much faster. This removes redundant code and also makes the CLI more responsive. Validator is moved out to a dedicated file instead of using XML inlined <regex> for the reason of re-usability. So if that regex needs to be touched again - it can all happen in one single file. | |||
2022-11-03 | validators: T4795: drop unused Python validators | Christian Poessinger | |
2022-11-03 | xml: T4795: superseed allowed-vlan validator by numeric range validator | Christian Poessinger | |
Reduce CPU time when spawning the python interpreter. Same can be done by the numeric validator. | |||
2022-11-02 | Merge pull request #1636 from jestabro/standardize-op-mode-output | John Estabrook | |
op-mode: T4791: consistent normalization of 'raw' output of op-mode scripts for CLI and API | |||
2022-11-02 | Merge pull request #1623 from sever-sever/T4771 | Daniil Baturin | |
T4771: Ability to get raw format for op-mode BGP commands | |||
2022-11-01 | graphql: T4791: decamelize/normalize result of op-mode queries | John Estabrook | |
2022-11-01 | T4777: Ability to get logs in machine-readable format | Viacheslav Hletenko | |
Ability to get logs in JSON format Possible filter by unit. Options for count lines, UTC time, facility or logs since boot | |||
2022-11-01 | Merge pull request #1632 from dmbaturin/vrrp-commit-in-progress | Viacheslav Hletenko | |
T4526: use informative error messages for keepalived-fifo with commit in progress | |||
2022-10-31 | ipsec: T4787: add support for road-warrior/remote-access RADIUS timeout | Christian Poessinger | |
This enabled users to also use 2FA/MFA authentication with a radius backend as there is enough time to enter the second factor. | |||
2022-10-31 | T4526: use informative error messages for keepalived-fifo with commit in ↵ | Daniil Baturin | |
progress | |||
2022-10-31 | T4771: Ability to get raw format for op-mode BGP commands | Viacheslav Hletenko | |
2022-10-29 | Merge pull request #1621 from sarthurdev/T4774 | Christian Poessinger | |
wireguard: T4774: Prevent duplicate peer public keys | |||
2022-10-29 | Merge pull request #1628 from sarthurdev/T3903 | Christian Poessinger | |
containers: T3903: Use systemd to handle containers | |||
2022-10-29 | containers: T3903: Use systemd units for containers | sarthurdev | |
* ExecStop action with defined timeout allows for quicker reboot/shutdown with containers | |||
2022-10-28 | Merge pull request #1624 from dmbaturin/op-mode-bytes | Viacheslav Hletenko | |
T4779: output raw memory and storage values in bytes | |||
2022-10-28 | T4779: switch raw output of "show system storage" to bytes | Daniil Baturin | |
2022-10-28 | T4291: consolidate component version string read/write functions | John Estabrook | |
2022-10-28 | T4779: use bytes in the raw output of "show system memory" | Daniil Baturin | |
2022-10-28 | wireguard: T4774: Prevent duplicate peer public keys | sarthurdev | |
2022-10-27 | ipsec: T4778: raise UnconfiguredSubsystem if IPsec not initialized | John Estabrook | |
2022-10-27 | Merge pull request #1606 from sever-sever/T4762 | Daniil Baturin | |
T4762: Add check for show nat if nat config does not exist | |||
2022-10-26 | Merge pull request #1618 from sarthurdev/T4764 | Christian Poessinger | |
nat: T4764: Remove NAT tables on node deletion | |||
2022-10-25 | nat: T4706: Verify translation address or port exists | sarthurdev | |
2022-10-25 | nat: T4764: Remove tables on NAT deletion | sarthurdev | |
2022-10-25 | vyos.util: T4773: add camel_to_snake_case conversion | John Estabrook | |
2022-10-25 | graphql: T4574: set byte length of shared secret from CLI | John Estabrook | |
2022-10-25 | graphql: T4574: set token expiration time in claims | John Estabrook | |
2022-10-25 | graphql: T4574: add context to read token in queries/mutations | John Estabrook | |
2022-10-25 | graphql: T4574: read config and generate schema with/without key auth | John Estabrook | |
2022-10-25 | graphql: T4574: add mutation for requesting JWT token | John Estabrook | |
2022-10-25 | graphql: T4574: reorganize directory structure for clarity | John Estabrook | |
2022-10-25 | graphql: T4574: call all schema definition generation on init | John Estabrook | |
2022-10-24 | route: T4772: return list of dicts in 'raw' output | John Estabrook | |
2022-10-23 | T4762: Add check for show nat if nat config does not exist | Viacheslav Hletenko | |
Add check for 'show nat xxx' if nat configuration does not exist | |||
2022-10-21 | Merge pull request #1611 from dmbaturin/field-normalization-2 | John Estabrook | |
T4765: support list and primitives in op mode output normalization | |||
2022-10-21 | T4765: support list and primitives in op mode output normalization | create with ansible | |
2022-10-21 | graphql: T4768: change name of api child node from 'gql' to 'graphql' | John Estabrook | |
2022-10-20 | T4765: normalize dict fields in op mode ouputs | Daniil Baturin | |
2022-10-17 | Merge pull request #1600 from jestabro/gql-composite | John Estabrook | |
graphql: T4753: generalize system_status to composite_{query,mutation} | |||
2022-10-16 | graphql: T4753: generalize system_status to composite_{query,mutation} | John Estabrook | |
2022-10-16 | xdp: T4284: migrate to Debian libbpf | Christian Poessinger | |
In order to properly retrieve JSON information in the Smoketests for the new QoS implementation we need a recent (>6.0) version of iproute2. This requires the libbpf-dev package and this small source-code change. | |||
2022-10-14 | Merge pull request #1597 from jestabro/http-api-config-dict | John Estabrook | |
http-api: T4749: transition to config_dict for conf_mode http-api.py | |||
2022-10-14 | Merge pull request #1598 from sever-sever/T4533 | Christian Poessinger | |
T4533: Allow basic permissions to unprivileged RADIUS users | |||
2022-10-14 | login: 2fa: T874: remove unused code path for global 1fa settings | Christian Poessinger | |
2022-10-14 | login: 2fa: T874: fix Google authenticator issues | Christian Poessinger | |
Move default values of TOTP configuration from a global to a per user setting. This makes the entire code easier as no global configuration must be blended into the per user config dict. Also it should be possible to set the authentication window "multiple concurrent keys" individual per user. set system login user vyos authentication otp key 'gzkmajid7na2oltajs4kbuq7lq' set system login user vyos authentication plaintext-password 'vyos' | |||
2022-10-14 | T4533: Allow basic permissions to unprivileged RADIUS users | Viacheslav Hletenko | |
Unprivileged RADIUS users cannot do simple diagnostics like ping or traceroute. Allow them such tools. Ability to execute op-mode commands for them. It is not new 'operator mode' feature but it allows RADIUS users execute op-mode commands | |||
2022-10-14 | http-api: T4749: transition to config_dict | John Estabrook | |
2022-10-14 | T4725: Fix Regex for correctly reset IPsec peers | Viacheslav Hletenko | |
As IPsec site-so-site was rewritten we do not need replace ':' => '-' as ':' can not be in the connection name So connection name can not use IP(v6) address as peer name And current peers/connections not required prefix 'peer_' Fix template that search correctly connection name of the peers that allow to reset them again (reset ipsec peer was broken) | |||
2022-10-13 | monitoring: T4746: Add exception if we do not have firewall rules | Viacheslav Hletenko | |
Telegraf checks the firewall table 'vyos_filter' but it we don't have any firewall in the system we don't have this table by default It cause commit error for "service monitoring" Add exception if the table "vyos_filter" is not found | |||
2022-10-12 | bgp: T4744: Directly connected neighbors and ebgp-multihop check | Viacheslav Hletenko | |
BGP directly connected neighbors (interface neighbors) do not compatible with ebgp-multihop option |