Age | Commit message (Collapse) | Author | |
---|---|---|---|
2023-02-26 | T4997: add dhcp client user hooks | bri | |
This commit adds a script to run user-defined hook scripts upon renewing a DHCP lease. This can be used to, for example, dynamically define a firewall address-group based on the dynamic IP address of an interface. For an example of its use (as well as the use case I had in mind while coding this), see https://vyos.dev/T2196#142394 Co-authored-by: br <git@ibeep.com> | |||
2023-02-25 | tunnel: T5034: migrate "multicast enable" CLI node to enable-multicast | Christian Breunig | |
Tunnel interface multicast settings can be "enabled or disabled". As we prefer valueless nodes, and the linux kernel default is "disabled" we should add a set interfaces tunnel tunXX enable-multicast command | |||
2023-02-25 | python: T5026: Replace deprecated Python modules crypt, spwd | sarthurdev | |
DeprecationWarning: 'crypt' is deprecated and slated for removal in Python 3.13 DeprecationWarning: 'spwd' is deprecated and slated for removal in Python 3.13 | |||
2023-02-24 | login: T1948: drop absolut path to /usr/libexec/vyos, re-use vyos.defaults | Christian Breunig | |
2023-02-24 | http-api: T5030: fix missing check on delete keys id tag or key value | John Estabrook | |
2023-02-24 | Merge pull request #1847 from aapostoliuk/T4985-2-sagitta | Christian Breunig | |
ipsec: T4985: Changed 'reset vpn ipsec-peer' to use vici library | |||
2023-02-24 | ipsec: T4985: Changed 'reset vpn ipsec-peer' to use vici library | aapostoliuk | |
1. Changed reset IPSEC, IKE SAs to use vici library. 2. Created package vyos.ipsec to communicate with vici library. | |||
2023-02-23 | Merge pull request #1829 from sever-sever/T5013 | Daniil Baturin | |
T5013: Extend accelppp op-mode script to get statistic | |||
2023-02-22 | T5025: Fix timezones and validator use timedatectl | Viacheslav Hletenko | |
Fix timezones completion help and validotor Use 'timedatectl' insted of find zoneinfo | |||
2023-02-22 | openconnect: T5023: Conf script missing optional config parameter | sarthurdev | |
2023-02-22 | Merge pull request #1839 from sarthurdev/ipsec | Christian Breunig | |
ipsec: T4593: Remove references to deleted variables | |||
2023-02-22 | ipsec: T4593: Remove references to deleted variables | sarthurdev | |
2023-02-21 | Merge pull request #1835 from sever-sever/T5020 | Christian Breunig | |
T5020: Extend openvpn op-mode to get list of configured clients | |||
2023-02-21 | T4978: Default values of port rewrite default container values | Viacheslav Hletenko | |
As we have the same variable name 'default_values' for container name, port and volume, it rewrites default container parameters with default port parameters Fix it | |||
2023-02-20 | T5020: Extend openvpn op-mode to get list of configured clients | Viacheslav Hletenko | |
Extend openvpn.py op-mode script to get list of configured clients for the '--raw' output | |||
2023-02-18 | T5013: Extend accelppp op-mode script to get statistic | Viacheslav Hletenko | |
Extend accelppp.py op-mode script to get subnet/start/stop/gateway/client_ip_pool/ etc info from the configuration | |||
2023-02-15 | Merge pull request #1817 from sarthurdev/bookworm | Christian Breunig | |
debian: T5003: Upgrade base system to Debian 12 "Bookworm" | |||
2023-02-15 | Merge pull request #1821 from sarthurdev/ipsec | Christian Breunig | |
ipsec: T4593: Migrate and remove legacy `include-ipsec` nodes | |||
2023-02-15 | ipsec: T4593: Migrate and remove legacy `include-ipsec` nodes | sarthurdev | |
Not supported with swanctl | |||
2023-02-14 | http-api: T5006: add explicit async to retrieve/configure methods | John Estabrook | |
2023-02-14 | strongSwan: T4593: move to charon-systemd | Christian Breunig | |
2023-02-14 | ipsec: T4985: Fixed 'reset vpn ipsec-peer {peer}' command | aapostoliuk | |
Fixed 'reset vpn ipsec-peer {peer}' command. The op-mode script uses value 'None' in the 'tunnel' parameter to clear all CHILD SAs. | |||
2023-02-13 | debian: T5003: Fixes dynamic DNS for Bookworm | sarthurdev | |
2023-02-13 | debian: T5003: Update XDP for latest libbpf | sarthurdev | |
2023-02-13 | debian: T5003: Fixes for Debian Bookworm | sarthurdev | |
* DH params of 256 length no longer supported | |||
2023-02-12 | T5001: Replace links to the phabricator site | Christian Breunig | |
Replace links to the phabricator site from https://phabricator.vyos.net to https://vyos.dev | |||
2023-02-11 | qos: T4284: migration script must ensure bandwidth is converted to lower case | Christian Breunig | |
tc acccepts the bandwidth value/unit pairs as lowercase - so does the VyOS CLI validator work, too. | |||
2023-02-10 | Merge pull request #1805 from nicolas-fort/T4857-frr-fix | Christian Breunig | |
T4857: snmp: Fix error when not defining client|network under community | |||
2023-02-10 | snmp: T4857: explicitly define default community networks 0.0.0.0/0 and ::/0 | Christian Breunig | |
After the RESTRICTED view was introduced snmpd requires a network to be specified. Before adding the RESTRICTED view snmpd always assumed the default network 0.0.0.0/0. This commit re-adds the build in default networks for IPv4 and IPv6 and exposes it as a proper default to the CLI so the user is informed about it: vyos@vyos# set service snmp community foooo Possible completions: authorization Authorization type (default: ro) + client IP address of SNMP client allowed to contact system + network Subnet of SNMP client(s) allowed to contact system (default: 0.0.0.0/0, ::/0) | |||
2023-02-10 | interfaces: T4995: rename user -> username CLI node for pppoe, wwan and ↵ | Christian Breunig | |
sstp-client | |||
2023-02-09 | Merge pull request #1793 from aapostoliuk/T4905-sagitta | Daniil Baturin | |
nhrp: T4905: Rewritten nhrp op-mode in new style | |||
2023-02-09 | Revert "container: T4959: Add container registry authentication config for ↵ | Christian Breunig | |
containers" This reverts commit b17251334c57c2f6875c19ad4e6c6127aa9e1811. | |||
2023-02-09 | Merge pull request #1790 from Zen3515/current-add-container-login | Christian Breunig | |
container: T4959: Add container registry authentication config for containers | |||
2023-02-06 | graphql: T4979: add query show_user_info | John Estabrook | |
2023-02-04 | dhcp-relay: T2408: use Warning() on deprecated interface CLI node | Christian Breunig | |
2023-02-04 | Merge pull request #1603 from nicolas-fort/T2408 | Christian Breunig | |
T2408: dhcp-relay: Add listen-interface and upstream-interface feature | |||
2023-02-04 | qos: T4284: add safeguard for non existing interfaces | Christian Breunig | |
When shaper is bound to a dialup (e.g. PPPoE) interface it is possible, that it is yet not availbale when to QoS code runs. Skip the configuration and inform the user. | |||
2023-02-04 | Merge pull request #1797 from ServerForge/current | Christian Breunig | |
bgp: T4817: add support for RFC9234 | |||
2023-02-04 | Revert "login: T4975: Fixed broken CLI commands" | Christian Breunig | |
This reverts commit 3a6e77d479da4321b851163490a9b79ef2cef7b8. A general solution is implemented in Commit 29a44a73 ("T4975: always sync() filesystem after commit"). | |||
2023-02-04 | T4975: always sync() filesystem after commit | Christian Breunig | |
2023-02-04 | T4817 added support for RFC 9234 | Kyle McClammy | |
2023-02-02 | login: T4975: Fixed broken CLI commands | zsdc | |
User profile files are not saved to disk after configuration is fully applied. Because of this, after a fast system reset, profile files can be empty, and CLI is broken. This fix adds a `sync()` call after the user's configuration, which should protect from data loss and fix the problem with profiles. | |||
2023-02-01 | nhrp: T4905: Rewritten nhrp op-mode in new style | aapostoliuk | |
1. Formatted output of 'show nhrp' commands to table view 2. Rewritten nhrp op-mode in new style | |||
2023-01-30 | container: T4959: Add container registry authentication config for containers | Zen3515 | |
2023-01-30 | Merge pull request #1761 from sever-sever/T4916-curr | Viacheslav Hletenko | |
T4916: Rewrite IPsec peer authentication and psk migration | |||
2023-01-28 | vrrp: T1297: improve gratuitous ARP default value handling and help strings | Christian Breunig | |
2023-01-28 | openconnect: T4955: Removed wrong acctserver in radiusclient.conf | Jamie Austin | |
Removes port key from accounting server merged config dictionary. | |||
2023-01-28 | T4958: ocserv: openconnect: refactor RADIUS accounting support | Jamie Austin | |
2023-01-28 | T4958: ocserv: openconnect: adds support for configuring RADIUS accounting | Jamie Austin | |
Adds CLI configuration options to configure RADIUS accounting for OpenConnect VPN sessions. This functionality cannot be used outside of the RADIUS OpenConnect VPN authentication mode | |||
2023-01-27 | Merge pull request #1785 from aapostoliuk/T4955-sagitta | Christian Breunig | |
openconnect: T4955: Removed wrong authserver in radiusclient.conf |