Age | Commit message (Collapse) | Author | |
---|---|---|---|
2021-05-08 | vrf: bgp: T3523: bugfix Kernel route-map deployment | Christian Poessinger | |
Commit 4f9aa30f ("vrf: bgp: T3523: add route-map support for kernel routes") added the possibility to also filter BGP routes towards the OS kernel, but the smoketests failed. Reason was a non working CLI command applied to bgpd. Thus the VRF route-map and the BGP configuration is now split into two templates, one to be used for each daemon (zebra and bgpd). Nevertheless one more bug was found in vyos.frr which currently does not suppoort calling modify_section() inside a configuration "block". See [1] for more info. [1]: https://phabricator.vyos.net/T3529 | |||
2021-05-06 | vrf: T3523: fix regex when removing dynamic routing protocols with a kernel ↵ | Christian Poessinger | |
route-map | |||
2021-05-05 | isis: T3520: verify interface MTU to be >= lsp-mtu | Christian Poessinger | |
2021-05-02 | radius: T3510: authenticated users must use /sbin/radius_shell as shell | Christian Poessinger | |
2021-05-02 | login: T1948: use long options when calling adduser | Christian Poessinger | |
... just to make it easier for users to read the commandline. | |||
2021-04-30 | bgp: T3504: add support for per-peer graceful shutdown | Christian Poessinger | |
This commit has a dependecy on https://github.com/FRRouting/frr/issues/8403, thus support will be "commented out" by default. | |||
2021-04-30 | openconnect: T3461: Delete CA crt file checks | sever-sever | |
2021-04-27 | op-mode: ospfv3: T3335: re-use common vtysh_wrapper.sh wrapper | Christian Poessinger | |
Instead of renaming the OSPFv3 commands for every individual XML invocation, also re-use the common helper shell script. One source, one truth! | |||
2021-04-27 | Merge pull request #821 from bstepler/T3502 | Christian Poessinger | |
ecmp: T3502: fix check for "layer4-hashing" key | |||
2021-04-27 | Merge pull request #822 from bstepler/T3503 | Christian Poessinger | |
bgp: T3503: allow "route-reflector-client" when "remote-as" is "internal" | |||
2021-04-27 | ecmp: T3502: fix check for "layer4-hashing" key | Brandon Stepler | |
2021-04-27 | bgp: T3503: allow "route-reflector-client" when "remote-as" is "internal" | Brandon Stepler | |
2021-04-27 | op-mode: T2946: only call 'stty size' if in terminal | John Estabrook | |
2021-04-27 | Merge pull request #820 from sever-sever/T3473 | Christian Poessinger | |
ipsec: T3473: Decode byte csa-name for op-mode | |||
2021-04-27 | Merge pull request #818 from sever-sever/T2216-ports | Christian Poessinger | |
container: T2216: Add binding for ports and volumes | |||
2021-04-27 | ipsec: T3473: Decode byte csa-name for op-mode | sever-sever | |
2021-04-27 | container: T2216: Add binding for ports and volumes | sever-sever | |
2021-04-26 | dhcpv6-server: T3494: Get address from network to correct sorting | DmitriyEshenko | |
2021-04-25 | policy: T3497: add verify() that prefix-lists must carry a defined prefix | Christian Poessinger | |
2021-04-25 | wireguard: T1802: add client name to configuration | Christian Poessinger | |
2021-04-24 | wireguard: T1802: generate QR code for clients on CLI | Christian Poessinger | |
generate wireguard mobile-config wg0 server wg.vyos.net address 1.2.2.2/24 WireGuard client configuration for interface: wg0 [Interface] PrivateKey = AEXrZ4b3xFVLg1lql3hy/93+d43q3+3vPdSMUGI6/Fo= Address = 1.2.2.2/24 [Peer] PublicKey = h1HkYlSuHdJN6Qv4Hz4bBzjGg5WUty+U1L7DJsZy1iE= Endpoint = wg.vyos.net:41751 AllowedIPs = 0.0.0.0/0, ::/0 The servers public key and port are automatically extracter from the running config. | |||
2021-04-24 | policy: T2425: verify() must check if a policy is still used | Christian Poessinger | |
When deleting a route-map, prefix-list or access-list, we must ensure that this routing policy is not referenced by any other protocol or policy. When trying to remove a policy still in use, raise an error. | |||
2021-04-21 | Merge pull request #816 from sever-sever/T2216-op-mode | Christian Poessinger | |
container: T2216: Rewrite op-mode to python | |||
2021-04-21 | container: T2216: Rewrite op-mode to python | sever-sever | |
2021-04-21 | containers: T2216: the first IP address is always reserved for podman | Christian Poessinger | |
2021-04-21 | containers: T2216: used "address" must belong to the used container network | Christian Poessinger | |
2021-04-21 | containers: T2216: refine implementation | Christian Poessinger | |
This commit is a cleanup and refinement of the container hosting implementation. - Renamed CLI node ipv4-prefix -> prefix so both IPv4 and IPv6 prefix can be supplied in the future. This is currently limited to IPv4 only as when using IPv6 networks in combination with IPv4 the IPv4 prefix is altered randomly - De-nested if clauses - Use "for foo, bar in baz.items()" to more easily iterate of dictionary values, this means "bar" can be used to access "baz[foo]" | |||
2021-04-21 | bridge: T2653: remove superfluous "import re" | Christian Poessinger | |
2021-04-21 | containers: T2216: add op-mode "show container network" command | Christian Poessinger | |
2021-04-20 | dhclient: T3471: Fixed process search for IPv4 | zsdc | |
Some software starts dhclient without IP protocol flag (`-4`, `-6`), this commit adds the ability to find such processes as well as with a protocol flag. Additionally, to handle rare situations when PID file may not exists (most likely, when multiple dhclient processes started with the same PID file path), added last-resort action to kill such dhclients. | |||
2021-04-19 | policy: T2425: verify() route-map match criterias | Christian Poessinger | |
When we match on a community-list, extended community-list or even a large community-list ensure that the referenced list exists on the CLI. | |||
2021-04-18 | policy: T2425: verify other policy types and probe for mandatory options | Christian Poessinger | |
2021-04-18 | policy: T2425: add common verify() code for all types of policies | Christian Poessinger | |
2021-04-18 | policy: T2425: to simplify dictionary use get_first_key=True on ↵ | Christian Poessinger | |
get_config_dict() | |||
2021-04-17 | policy: T2425: also modify route-map section when using FRR reload | Christian Poessinger | |
2021-04-17 | policy: T2425: re-implement "policy" tree from vyatta-cfg-quagga in XML/Python | Christian Poessinger | |
2021-04-17 | Merge pull request #812 from erkin/current | Christian Poessinger | |
T3472: Move over commit-confirm-notify.py from vyatta-config-mgmt | |||
2021-04-17 | T3472: Move over commit-confirm-notify.py from vyatta-config-mgmt | erkin | |
2021-04-15 | protocols: remove superfluous import of vyos.util.call | Christian Poessinger | |
2021-04-15 | bgp: T2771: add vpn, multicast, flowspec address families | Cheeze-It | |
In this commit we add more address families within BGP. This should bring VyOS the ability to enable the rest of the capabilities within FRR. Co-authored-by: Cheeze_It <none@none.com> | |||
2021-04-15 | Merge pull request #807 from zdc/T3392-sagitta | Christian Poessinger | |
dhclient: T3392: Changed dhclient-script hooks for VRF | |||
2021-04-15 | dhclient: T3392: Changed dhclient-script hooks for VRF | zsdc | |
There were two problems with VRF support inside dhclient-script: - VRF check inside the `01-vyos-cleanup` hook was needless because it will be done inside the `03-vyos-ipwrapper` anyway; - VRF was ignored for in-kernel routes in `03-vyos-ipwrapper`. Theoretically, there must be no situation now when this can leads to a real problem, but better will be to keep both kernel and FRR backends in sync. Also, the way to get and use a VRF name was changed to an easier one. | |||
2021-04-14 | Merge pull request #805 from sever-sever/T3333 | Christian Poessinger | |
ipsec: T3333: Fix status for SA state op-mode | |||
2021-04-14 | policy: T2425: rename files from policy-list to policy | Christian Poessinger | |
2021-04-14 | ipsec: T3333: Fix status for SA state op-mode | sever-sever | |
2021-04-14 | dhclient: T3471: Fixed dhclient processes search | zsdc | |
Since in some cases a dhclient command may not end with an interface name, the way to find out a list of dhclients running for a current interface was replaced to catch PIDs regardless of the exact command syntax. | |||
2021-04-13 | Merge pull request #802 from sever-sever/T3455 | Christian Poessinger | |
login: T3455: Fix edit level configuration for user | |||
2021-04-13 | Merge pull request #801 from sever-sever/T2216-pod | Christian Poessinger | |
containers: T2216: Add podman for containers | |||
2021-04-13 | login: T3455: Fix edit level configuration for user | sever-sever | |
2021-04-12 | static: T3328: route-map to zebra/kernel can not be removed | Christian Poessinger | |
Removing the Zebra/Linux Kernel route-map added by "set protocols static route-map" was not removed once applied. This was because the removal must happen within the zebra daemon and not staticd. |