Age | Commit message (Collapse) | Author |
|
|
|
|
|
T4812: Add op-mode Show vpn ipsec connections
|
|
Commit 66288ccfee ("dns-forwarding: T4578: Rewrite show dns forwarding") added
the implementation for the new standardized op-mode definitions/implementation.
As the API daemon has the proper permissions and also the CLI op-mode calls the
script already with "sudo", there is no need to call "sudo" inside this script,
again.
Also add dns.py to data/op-mode-standardized.json for the GraphQL schema to be
generated.
|
|
route-map action 'deny' cannot be used for "continue"
as FRR does not validate it
r14(config)# route-map FOO permit 100
r14(config-route-map)# route-map FOO deny 50
r14(config-route-map)# on-match goto 100
% Configuration failed.
Error type: validation
r14(config-route-map)#
|
|
|
|
|
|
firewall: T4821: correct calling of conf_mode script dependencies
|
|
T4793: Added warning about disable-route-autoinstall
|
|
Added warning message about disable-route-autoinstall
when ipsec vti is used.
|
|
policy: T2199: T4605: Migrate policy route interface node
|
|
|
|
show firewall name <name> will output an error as explained in
https://phabricator.vyos.net/T4794
|
|
|
|
This reverts commit 44df1cea1ebc3296844c5c35cf053a92cda4b944.
|
|
Add op-mode CLI "show vpn ipsec connections"
Add the ability to show all configured connections/tunnels and
their states.
Ability to get --raw data
|
|
ip-up/down scripts added in https://github.com/vyos/vyos-1x/pull/1656
need the executable bit.
|
|
1. When a PPPoE session is connected, `pppd` will update
`/etc/resolv.conf` regardless of `system name-server` option unless `no-peer-dns` is set.
This is because `pppd` vendors scripts `/etc/ppp/ip-up.d/0000usepeerdns` and `/etc/ppp/ip-down.d/0000usepeerdns`,
which updates `/etc/resolv.conf` on PPPoE connection and reverts the change on disconnection.
This PR removes those scripts and adds custom scripts to update name server entries through `vyos-hostsd` instead.
2. There is a typo in `/etc/dhcp/dhclient-enter-hooks.d/04-vyos-resolvconf, which misspells variable name `new_dhcp6_name_servers` as `new_dhcpv6_name_servers`.
This causes IPv6 name server entries in `vyos-hostsd` not updated
when dhclient receives nameservers from DHCPv6.
3. Regular expressions in scripts under `/etc/dhcp/dhclient-enter-hooks.d` and
`/etc/dhcp/dhclient-exit-hooks.d/` are not enclosed in `^$`, so those
IPv4 related branches (like `BOUND`) could be mistakenly executed when an IPv6
reason (like `BOUND6`) is given.
|
|
<name> interface <ifname>`
* Include refactor to policy route to allow for deletion of mangle table instead of complex cleanup
* T4605: Rename mangle table to vyos_mangle
|
|
T4496: Refactoring vrf_list function in ping command
|
|
T4789: Ability to get op-mode raw data for PPPoE L2TP SSTP IPoE
|
|
Ability to get 'raw' data sessions and statistics for accel-ppp
protocols IPoE/PPPoE/L2TP/PPTP/SSTP server
|
|
Changed the function code of vrf_list to using the function from
vyos.util
|
|
T4807: Fixed traceroute help completion
|
|
Changes in traceroute command:
Added list of possible VRFs in the help.
Added list of possible interfaces in the help.
Changed, if an option was selected before,
it does not appear in possible completion.
Added error message when an unexpected option was selected
|
|
This reverts commit ff09d4f47e5f54fad8258cd27fb0adfaa4c552b3.
Process name is actually:
<bound method Process.name of psutil.Process(pid=5031, name='pdns-r/worker', status='sleeping', started='08:51:51')>
|
|
|
|
Size of /dev/shm within a container can be defined via --shm-size when invoking
the container. Add corresponding CLI node.
|
|
PowerDNS version 4.7 and above has changed the main process name from
'pdns-r/worker' to 'pdns_recursor'. This commit updates the process
name check to use the new name.
|
|
firewall: T970: T1877: Add source/destination fqdn, refactor domain resolver, firewall groups in NAT
|
|
|
|
`fqdn` node
|
|
|
|
current
* 'T4496-sagitta' of https://github.com/aapostoliuk/vyos-1x:
T4496: Added lists of values in the help of op-mode ping command
|
|
T4758: Rewrite show DHCP(v6) server leases to vyos.opmode format
|
|
Instead of spawning the Python interpreter for every mac-address to
validate, rather use the base validate-value OCaml implementation which
is much faster.
This removes redundant code and also makes the CLI more responsive.
Validator is moved out to a dedicated file instead of using XML inlined <regex>
for the reason of re-usability. So if that regex needs to be touched again - it
can all happen in one single file.
|
|
|
|
Reduce CPU time when spawning the python interpreter. Same can be done by the
numeric validator.
|
|
op-mode: T4791: consistent normalization of 'raw' output of op-mode scripts for CLI and API
|
|
Added list of possible VRFs in the help of the ping command
Added list of possible interfaces in the help of the ping command
Changed, if an option was selected before in the ping command,
it does not appear in possible completion.
Added error message when an unexpected option was selected.
|
|
|
|
Rewrite op-mode DHCP and DHCPv6 leases to vyos.opmode format
Abbility to show 'raw' format
show dhcp server leases
show dhcpv6 server leases
|
|
T4771: Ability to get raw format for op-mode BGP commands
|
|
|
|
Ability to get logs in JSON format
Possible filter by unit. Options for count lines,
UTC time, facility or logs since boot
|
|
T4526: use informative error messages for keepalived-fifo with commit in progress
|
|
This enabled users to also use 2FA/MFA authentication with a radius backend as
there is enough time to enter the second factor.
|
|
progress
|
|
|
|
wireguard: T4774: Prevent duplicate peer public keys
|