summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2020-05-22nat: T2460: fix KeyError: 'sport'Christian Poessinger
2020-05-22nat: T2460: migrate to new Python implementationChristian Poessinger
2020-05-22Merge branch 'T2460' of https://github.com/thomas-mangin/vyos-1x into ↵Christian Poessinger
nat-integration * 'T2460' of https://github.com/thomas-mangin/vyos-1x: nat: T2460: add src/op_mode/show_nat_translations.py
2020-05-22login: T2492: fix flake8 warningsChristian Poessinger
2020-05-22login: T2492: do not set encrypted user password when it is not changedChristian Poessinger
2020-05-22pppoe: T2488: bugfix, missing not in if condition prevented startupChristian Poessinger
Commit 39c53aadbf9e ("pppoe: T2488: remove logfile generation") accidently missed a not in an if statement.
2020-05-22pppoe: T2380: drop superfluous list_pppoe_peers.shChristian Poessinger
2020-05-22macsec: T2491: add replay window protectionChristian Poessinger
2020-05-22macsec: T2023: flake8/autopep8 correctionsChristian Poessinger
2020-05-22macsec: T2023: fix wrong use or f-format stringChristian Poessinger
2020-05-22macsec: T2023: remove unused importChristian Poessinger
2020-05-21nat: T2460: add src/op_mode/show_nat_translations.pyThomas Mangin
2020-05-21pppoe: T2380: fix NameError: name 'intf' is not definedChristian Poessinger
2020-05-21pppoe: T2380: dis-/connect should use proper systemd callsChristian Poessinger
2020-05-21pppoe: T2488: remove logfile generationChristian Poessinger
2020-05-21pppoe: wwan: T2488: drop individual ppp logsChristian Poessinger
2020-05-21wireless: T1627: remove get_conf_file()Christian Poessinger
2020-05-21macsec: T2023: delete wpa_supplicant config when interface is removedChristian Poessinger
2020-05-21macsec: T2023: stop wpa_supplicant on interface deletionChristian Poessinger
2020-05-21macsec: T2023: cleanup wpa_supplicant config file nameChristian Poessinger
2020-05-21macsec: T2023: improve verify() when encryption is enabledChristian Poessinger
With enabled encryption keys must be configured.
2020-05-21macsec: T2023: support MACsec Key Agreement protocol actor priorityChristian Poessinger
2020-05-21macsec: T2023: rename "security key" node to "security mka"Christian Poessinger
MACsec always talks about MKA (MACsec Key Agreement protocol) thus the node should reflect that.
2020-05-21macsec: T2023: use wpa_supplicant for key managementChristian Poessinger
2020-05-21macsec: T2023: cli: move "cipher" and "encryption" under new "secutiry" nodeChristian Poessinger
This is best suited as a key is required, too.
2020-05-21macsec: T2023: cipher suite is mandatoryChristian Poessinger
2020-05-21macsec: T2023: use list when working with Config()Christian Poessinger
2020-05-21macsec: T2023: add optional encryption commandChristian Poessinger
By default MACsec only authenticates traffic but has support for optional encryption. Encryption can now be enabled using: set interfaces macsec <interface> encrypt
2020-05-21macsec: T2023: add initial XML and Python interfacesChristian Poessinger
2020-05-20Merge pull request #416 from kroy-the-rabbit/patch-5Daniil Baturin
T2465: Permissions on vyos-hostsd socket incorrect
2020-05-19T2465: Permissions on vyos-hostsd socket incorrectkroy-the-rabbit
The DHCP server is unable to apply entries to the hosts file because the permissions on the socket are getting created wrong. ``` $ ls -al /run/vyos-hostsd.sock srwxrwxrwx 1 root vyattacfg 0 May 20 01:38 /run/vyos-hostsd.sock ``` This gives it the correct permissions so that the nobody/nobody user/group can change it.
2020-05-19Revert "T2465: vyos-hostsd-client needs sudo"kroy-the-rabbit
2020-05-19Merge pull request #414 from thomas-mangin/T2467Christian Poessinger
util: T2467: automatically add sudo to known commands
2020-05-19wireguard: T2481: support IPv6 based underlayChristian Poessinger
2020-05-19util: T2467: add systemctl to autosudoThomas Mangin
2020-05-19nat: do not report unassigned IP address for DNATChristian Poessinger
That warning made no sense as the destination address where we forward a port to is by design not locally connected.
2020-05-19Merge pull request #413 from kroy-the-rabbit/patch-4Christian Poessinger
T2465: vyos-hostsd-client needs sudo
2020-05-19dhcpv6-pd: T421: support ethernet based interfacesChristian Poessinger
Add support for prefix delegation when receiving the prefix via ethernet, bridge, bond, wireless.
2020-05-19configdict: T2372: interfaces must reuse interface_default_dataChristian Poessinger
This is to remove the amount of duplicated entries in dictionaries. It's one more part to move to a unified interface management.
2020-05-19T2465: vyos-hostsd-client needs sudokroy-the-rabbit
There have been a number of complaints about DHCP not getting inserted into the `/etc/hosts` file. This should correct that problem.
2020-05-19dhcpv6-server: T815: support delegating IPv6 prefixesChristian Poessinger
2020-05-18flake8: T2475: fix a number of issue reported by flake8Thomas Mangin
2020-05-17pppoe: dhcpv6-pd: T421: change system type to forkingChristian Poessinger
Wide dhcp client forks by itself
2020-05-17pppoe: dhcpv6-pd: T421: stop service when config is removedChristian Poessinger
2020-05-17pppoe: dhcpv6-pd: T421: start/stop delegation with interface statusChristian Poessinger
2020-05-17pppoe: dhcpv6-pd: T421: initial supportChristian Poessinger
The following configuration will assign a /64 prefix out of a /56 delegation to eth0. The IPv6 address assigned to eth0 will be <prefix>::ffff/64. If you do not know the prefix size delegated to you, start with sla-len 0. pppoe pppoe0 { authentication { password vyos user vyos } description sadfas dhcpv6-options { delegate eth0 { interface-id 65535 sla-id 0 sla-len 8 } } ipv6 { address { autoconf } enable } source-interface eth1 } vyos@vyos:~$ show interfaces Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down Interface IP Address S/L Description --------- ---------- --- ----------- eth0 2001:db8:8003:400::ffff/64 u/u
2020-05-17dhcpv6-pd: T421: migrate from ISC dhclient to wide-dhcpv6-clientChristian Poessinger
ISC does not support running the client on PPP(oE) interfaces which makes it unusable for DHCPv6 Prefix Delegation tasks. Internet Systems Consortium DHCP Client 4.4.1 Copyright 2004-2018 Internet Systems Consortium. All rights reserved. For info, please visit https://www.isc.org/software/dhcp/ Unsupported device type 512 for "pppoe0"
2020-05-17frr: combine all templates in frr directoryChristian Poessinger
2020-05-17powerdns: T2470: adjust systemd RuntimeDirectoryChristian Poessinger
2020-05-17powerdns: T2470: adjust config file permissions for recursor 4.3Christian Poessinger
PowerDNS recursor 4.3 now uns as user pdns and group pdns, thus the generated configuration file and directory need to have the appropriate permissions set.