Age | Commit message (Collapse) | Author | |
---|---|---|---|
2022-12-13 | validators: T4798: replace python file-exists validator with file-path | John Estabrook | |
2022-12-12 | Merge pull request #1699 from jestabro/op-mode-openvpn | John Estabrook | |
openvpn: T4770: rewrite op-mode show/reset to use vyos.opmode | |||
2022-12-12 | openvpn: T4770: add reset function to openvpn.py | John Estabrook | |
2022-12-12 | openvpn: T4770: add openvpn.py with standardized show command | John Estabrook | |
2022-12-11 | sstp: T4384: initial implementation of SSTP client CLI | Christian Poessinger | |
vyos@vyos# show interfaces sstpc sstpc sstpc10 { authentication { password vyos user vyos } server sstp.vyos.net ssl { ca-certificate VyOS-CA } } | |||
2022-12-11 | pppoe: T4384: remove unused import of leaf_node_changed | Christian Poessinger | |
2022-12-09 | openvpn: T4872: fix parsing of tunnel IP in 'show openvpn server' | John Estabrook | |
2022-12-09 | T4868: Fix l2tp ppp IPv6 options in template and config get dict | Viacheslav Hletenko | |
L2TP 'ppp-options ipv6 x' can work without declaring IPv6 pool As we can get addresses via RADIUS attributes: - Framed-IPv6-Prefix - Delegated-IPv6-Prefix | |||
2022-12-08 | T4117: Fix for L2TP DAE CoA server configuration | Viacheslav Hletenko | |
Fix l2tp dae server template and python config dict for correctlly handling Dynamic Authorization Extension server configuration | |||
2022-12-07 | T4861: Openconnect replace restart to reload-or-restart | Viacheslav Hletenko | |
Every change in openconnect restarts the ocserv.service Replace "restart" to "reload-or-restart" to avoid disconnect clients during change configs | |||
2022-12-05 | Merge pull request #1693 from sever-sever/T4860 | Christian Poessinger | |
T4860: Verify if mode in openconnect ocserv dict | |||
2022-12-04 | T4860: Verify if mode in openconnect ocserv dict | Viacheslav Hletenko | |
openconnect authentication mode must be set check dict that 'mode' exists in openconnect authentication | |||
2022-12-04 | T4848: Fix for default route vpn openconnect | Viacheslav Hletenko | |
ocserv template expects list of routes but gets str "default" it cause wrong routes like: route = d route = e route = f route = a route = u route = l route = t Fix it | |||
2022-12-03 | Merge pull request #1691 from sarthurdev/T478 | Christian Poessinger | |
firewall: T478: Fix firewall group circular dependency check | |||
2022-12-03 | firewall: T478: Fix firewall group circular dependency check | sarthurdev | |
2022-12-02 | Merge pull request #1685 from sever-sever/T4805 | Christian Poessinger | |
T4805: Restart pppoe-server if client pool was changed | |||
2022-12-02 | Merge pull request #1687 from sever-sever/T4825 | Christian Poessinger | |
T4825: Verify if you are trying to add a new vethX to exists pair | |||
2022-12-02 | http-api: T4859: correct calling of script dependencies from http-api.py | John Estabrook | |
2022-12-02 | T4825: Verify if you are trying to add a new vethX to exists pair | Viacheslav Hletenko | |
Verify if you are trying to add a new vethX to exists pair: set int virtual-ethernet veth0 peer-name 'veth1' set int virtual-ethernet veth1 peer-name 'veth0' set int virtual-ethernet veth12 peer-name 'veth0' Verify veth-name and peer-name cannot be the same: set interfaces virtual-ethernet veth0 peer-name veth0 | |||
2022-12-02 | T4805: Restart pppoe-server if client pool was changed | Viacheslav Hletenko | |
Some changes for 'service pppoe-server' require 'restart' the accel-ppp@pppoe.service But we use option 'reload-or-restart' that doesn't work correctly with 'accel-ppp' Restart pppoe-server if client pool was changed | |||
2022-12-02 | op-mode: T4767: drop sudo calls | Christian Poessinger | |
It's easier and more obvious if the script is called with sudo itself and not spawning a sudo sessionf or each individual command. | |||
2022-12-02 | Merge pull request #1646 from mkorobeinikov/4767py | Christian Poessinger | |
T4767: Rewrite generate ipsec archive to python | |||
2022-11-30 | pki: T4847: set and call dependent scripts | John Estabrook | |
2022-11-29 | pki: T4847: fix typos | John Estabrook | |
2022-11-29 | mpls: T915: verify interface actually exists on the system | Christian Poessinger | |
2022-11-28 | conf-mode: T4845: add external file for dict of config-mode dependencies | John Estabrook | |
2022-11-28 | T4844: Set DB directory rigths 755 in the update webproxy script | aapostoliuk | |
Squidguard: Set DB directory rigths 755 in the update blacklist webproxy script | |||
2022-11-25 | T4825: Verify if veth interface not used in conf before deleting | Viacheslav Hletenko | |
Prevent to delete interface "vethX" which used for another interface as "vethY peer-name vethX" set interfaces virtual-ethernet veth0 peer-name 'veth1' set interfaces virtual-ethernet veth1 peer-name 'veth0' commit delete interfaces virtual-ethernet veth0 commit | |||
2022-11-24 | veth: T4825: minor improvements on XML peer-name handling | Christian Poessinger | |
2022-11-24 | Merge branch 'T4825' of https://github.com/sever-sever/vyos-1x into t4825-veth | Christian Poessinger | |
* 'T4825' of https://github.com/sever-sever/vyos-1x: T4825: Add basic smoketest for veth interfaces T4825: Add interface type veth | |||
2022-11-24 | T4825: Add interface type veth | Viacheslav Hletenko | |
Add interface type veth (Virtual ethernet) One of the usecases it's interconnect different vrf's and default vrf via bridge set interfaces virtual-ethernet veth0 peer-name 'veth1010' set interfaces virtual-ethernet veth1010 address '10.0.0.10/24' set interfaces virtual-ethernet veth1010 peer-name 'veth0' set interfaces virtual-ethernet veth1010 vrf 'foo' set interfaces bridge br0 address '10.0.0.1/24' set interfaces bridge br0 member interface veth0 | |||
2022-11-24 | T4837: expose "show ip route summary" in the op mode API | Daniil Baturin | |
2022-11-21 | graphql: T4574: add specific error message if token has expired | John Estabrook | |
Catch expiration error and return error-specific message instead of general 'not authenticated'. | |||
2022-11-21 | graphql: T4574: use Optional in func_sig | John Estabrook | |
A misreading of the makefun docs seemed to indicate Optional was not supported; it is. | |||
2022-11-21 | graphql: T4544: use load_as_module from vyos.util | John Estabrook | |
load_as_module was added to util.py for T4821; prefer over local copy | |||
2022-11-20 | IPsec: T4829: use type hint Optional for arg tunnel in reset_peer | John Estabrook | |
2022-11-20 | IPsec: T4829: add missing import TimeoutExpired | John Estabrook | |
2022-11-20 | Merge pull request #1657 from sever-sever/T4812 | Daniil Baturin | |
T4812: Add op-mode Show vpn ipsec connections | |||
2022-11-20 | op-mode: dns-forwarding: T4578: drop sudo calls | Christian Poessinger | |
Commit 66288ccfee ("dns-forwarding: T4578: Rewrite show dns forwarding") added the implementation for the new standardized op-mode definitions/implementation. As the API daemon has the proper permissions and also the CLI op-mode calls the script already with "sudo", there is no need to call "sudo" inside this script, again. Also add dns.py to data/op-mode-standardized.json for the GraphQL schema to be generated. | |||
2022-11-20 | T4827: Route-map state continue must be with action permit only | Viacheslav Hletenko | |
route-map action 'deny' cannot be used for "continue" as FRR does not validate it r14(config)# route-map FOO permit 100 r14(config-route-map)# route-map FOO deny 50 r14(config-route-map)# on-match goto 100 % Configuration failed. Error type: validation r14(config-route-map)# | |||
2022-11-20 | vrf: T4562: no need to invode "sudo" when retrieving VRf information | Christian Poessinger | |
2022-11-19 | T4780: Firewall: add firewall groups in firewall. Extend matching criteria ↵ | Nicolas Fort | |
so this new group can be used in inbound and outbound matcher | |||
2022-11-18 | IPsec: T4828: raise op-mode error on incorrect value | John Estabrook | |
2022-11-18 | Merge pull request #1662 from jestabro/config-script-dependency | Daniil Baturin | |
firewall: T4821: correct calling of conf_mode script dependencies | |||
2022-11-18 | Merge pull request #1645 from aapostoliuk/T4793-sagitta | Christian Poessinger | |
T4793: Added warning about disable-route-autoinstall | |||
2022-11-18 | T4793: Added warning about disable-route-autoinstall | aapostoliuk | |
Added warning message about disable-route-autoinstall when ipsec vti is used. | |||
2022-11-17 | Merge pull request #1654 from sarthurdev/pbr_refactor | Christian Poessinger | |
policy: T2199: T4605: Migrate policy route interface node | |||
2022-11-17 | firewall: T4821: correct calling of conf_mode script dependencies | John Estabrook | |
2022-11-16 | T4794: Fix show show firewall name | Sander Klein | |
show firewall name <name> will output an error as explained in https://phabricator.vyos.net/T4794 | |||
2022-11-16 | bridge: T4673: remove "sudo" as there is no need to elevate permissions | Christian Poessinger | |