summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2021-05-22nat66: T2518: op-mode typo fixupJACK
2021-05-20sysctl: T3565: initial implementation in XML and PythonChristian Poessinger
migrate from old vyatta-cfg-system / Perl implementation.
2021-05-18openconnect-server: T3559: Add restart op-commandDmitriyEshenko
2021-05-18ddns: T3254: fix incorrect update timeFileGo
This fixes a bug when show dynamic dns status returned (formatted) UNIX time 0. I have changed the code to use ddclient's mtime value in the cache file, which is updated on every successful sync with DDNS service as opposed to atime, which was previously used.
2021-05-18vmware: T3525: fix invocation of resume scriptChristian Poessinger
Commit dce67433 ("util: T2226: rewrite resume-vm to use run") changed the way in which the script executed system binaries in a way which could not be processes by the underlayin infrastructure (lists are not supported, only strings).
2021-05-18vmware: T1028: properly expose syslog identityChristian Poessinger
2021-05-17ddclient: T3557: fix FileNotFoundError when querying status informationChristian Poessinger
If ddclient is not problery configured it will start up but no status file is generated. This commit checks if the status file exists before reading it.
2021-05-15conntrack: T3535: add op-mode commands for tracked connections"Christian Poessinger
2021-05-15dhcp-server: T3544: fix FileNotFoundError on first invokationChristian Poessinger
The problem of using the move() operation over render() is that render will silently create the directory tree in the background and move() does not. This means that on first boot when /run/dhcp-server does not exist, move will fail with a FileNotFoundError. Instead of using move() we render() the configuration two times, one for validating it via dhcpd -t and the other time to really apply it to the service. The performance impact should be little as the config should still be cached in the system RAM.
2021-05-15conntrack: T3535: add keepalived notifications for node transitionsChristian Poessinger
2021-05-14conntrack: T3535: check for VRRP group definitionChristian Poessinger
2021-05-14conntrack: T3535: remove cluster CLI nodesChristian Poessinger
2021-05-14op-mode: conntrack: T3535: add XML command definitionsChristian Poessinger
2021-05-14conntrack: T3535: migrate codebase from vyatta-conntrack-syncChristian Poessinger
2021-05-14ntp: T2809: Fix migration script if server not existsever-sever
2021-05-13dhcp-server: T3544: test config in IPv4 mode onlyChristian Poessinger
2021-05-13dhcp-server: T3544: test newly rendered configuration before restarting daemonChristian Poessinger
The current DHCP server implementation comes with options (see below) which allow the user to pass in any arbitrary option(s) in a verbatim way which will manifest in dhcpd.conf. The options are: * set service dhcp-server global-parameters * set service dhcp-server shared-network-name foo shared-network-parameters * set service dhcp-server shared-network-name foo subnet 192.0.2.0/25 subnet-parameters * set service dhcp-server shared-network-name foo subnet 192.0.2.0/25 static-mapping ff static-mapping-parameters Having an invalid configuration will yield: vyos@vyos# commit [ service dhcp-server ] Configuration file errors encountered - check your options! [[service dhcp-server]] failed
2021-05-13bonding: T3543: add support to configure lact-rate (slow or fast)Christian Poessinger
Option specifying the rate in which we'll ask our link partner to transmit LACPDU packets in 802.3ad mode. set interfaces bonding bond0 lacp-rate <slow|fast> slow: Request partner to transmit LACPDUs every 30 seconds (default) fast: Request partner to transmit LACPDUs every 1 second
2021-05-09bgp: T3530: add hyphen support for peer-group namesChristian Poessinger
2021-05-08policy: T2425: bugfix NameError: name 'name' is not definedChristian Poessinger
2021-05-08vrf: bgp: T3523: bugfix Kernel route-map deploymentChristian Poessinger
Commit 4f9aa30f ("vrf: bgp: T3523: add route-map support for kernel routes") added the possibility to also filter BGP routes towards the OS kernel, but the smoketests failed. Reason was a non working CLI command applied to bgpd. Thus the VRF route-map and the BGP configuration is now split into two templates, one to be used for each daemon (zebra and bgpd). Nevertheless one more bug was found in vyos.frr which currently does not suppoort calling modify_section() inside a configuration "block". See [1] for more info. [1]: https://phabricator.vyos.net/T3529
2021-05-06vrf: T3523: fix regex when removing dynamic routing protocols with a kernel ↵Christian Poessinger
route-map
2021-05-05isis: T3520: verify interface MTU to be >= lsp-mtuChristian Poessinger
2021-05-02radius: T3510: authenticated users must use /sbin/radius_shell as shellChristian Poessinger
2021-05-02login: T1948: use long options when calling adduserChristian Poessinger
... just to make it easier for users to read the commandline.
2021-04-30bgp: T3504: add support for per-peer graceful shutdownChristian Poessinger
This commit has a dependecy on https://github.com/FRRouting/frr/issues/8403, thus support will be "commented out" by default.
2021-04-30openconnect: T3461: Delete CA crt file checkssever-sever
2021-04-27op-mode: ospfv3: T3335: re-use common vtysh_wrapper.sh wrapperChristian Poessinger
Instead of renaming the OSPFv3 commands for every individual XML invocation, also re-use the common helper shell script. One source, one truth!
2021-04-27Merge pull request #821 from bstepler/T3502Christian Poessinger
ecmp: T3502: fix check for "layer4-hashing" key
2021-04-27Merge pull request #822 from bstepler/T3503Christian Poessinger
bgp: T3503: allow "route-reflector-client" when "remote-as" is "internal"
2021-04-27ecmp: T3502: fix check for "layer4-hashing" keyBrandon Stepler
2021-04-27bgp: T3503: allow "route-reflector-client" when "remote-as" is "internal"Brandon Stepler
2021-04-27op-mode: T2946: only call 'stty size' if in terminalJohn Estabrook
2021-04-27Merge pull request #820 from sever-sever/T3473Christian Poessinger
ipsec: T3473: Decode byte csa-name for op-mode
2021-04-27Merge pull request #818 from sever-sever/T2216-portsChristian Poessinger
container: T2216: Add binding for ports and volumes
2021-04-27ipsec: T3473: Decode byte csa-name for op-modesever-sever
2021-04-27container: T2216: Add binding for ports and volumessever-sever
2021-04-26dhcpv6-server: T3494: Get address from network to correct sortingDmitriyEshenko
2021-04-25policy: T3497: add verify() that prefix-lists must carry a defined prefixChristian Poessinger
2021-04-25wireguard: T1802: add client name to configurationChristian Poessinger
2021-04-24wireguard: T1802: generate QR code for clients on CLIChristian Poessinger
generate wireguard mobile-config wg0 server wg.vyos.net address 1.2.2.2/24 WireGuard client configuration for interface: wg0 [Interface] PrivateKey = AEXrZ4b3xFVLg1lql3hy/93+d43q3+3vPdSMUGI6/Fo= Address = 1.2.2.2/24 [Peer] PublicKey = h1HkYlSuHdJN6Qv4Hz4bBzjGg5WUty+U1L7DJsZy1iE= Endpoint = wg.vyos.net:41751 AllowedIPs = 0.0.0.0/0, ::/0 The servers public key and port are automatically extracter from the running config.
2021-04-24policy: T2425: verify() must check if a policy is still usedChristian Poessinger
When deleting a route-map, prefix-list or access-list, we must ensure that this routing policy is not referenced by any other protocol or policy. When trying to remove a policy still in use, raise an error.
2021-04-21Merge pull request #816 from sever-sever/T2216-op-modeChristian Poessinger
container: T2216: Rewrite op-mode to python
2021-04-21container: T2216: Rewrite op-mode to pythonsever-sever
2021-04-21containers: T2216: the first IP address is always reserved for podmanChristian Poessinger
2021-04-21containers: T2216: used "address" must belong to the used container networkChristian Poessinger
2021-04-21containers: T2216: refine implementationChristian Poessinger
This commit is a cleanup and refinement of the container hosting implementation. - Renamed CLI node ipv4-prefix -> prefix so both IPv4 and IPv6 prefix can be supplied in the future. This is currently limited to IPv4 only as when using IPv6 networks in combination with IPv4 the IPv4 prefix is altered randomly - De-nested if clauses - Use "for foo, bar in baz.items()" to more easily iterate of dictionary values, this means "bar" can be used to access "baz[foo]"
2021-04-21bridge: T2653: remove superfluous "import re"Christian Poessinger
2021-04-21containers: T2216: add op-mode "show container network" commandChristian Poessinger
2021-04-20dhclient: T3471: Fixed process search for IPv4zsdc
Some software starts dhclient without IP protocol flag (`-4`, `-6`), this commit adds the ability to find such processes as well as with a protocol flag. Additionally, to handle rare situations when PID file may not exists (most likely, when multiple dhclient processes started with the same PID file path), added last-resort action to kill such dhclients.