summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2024-07-22Merge pull request #3850 from c-po/openvpn-totp-T3834Christian Breunig
openvpn: T3834: verify() is not allowed to change anything on the system
2024-07-22Merge pull request #3839 from c-po/unused-importsChristian Breunig
vrf: T6592: remove unused import get_interface_config
2024-07-22openvpn: T3834: verify() is not allowed to change anything on the systemChristian Breunig
Commit e3c71af1466 ("remove secrets file if the tunnel is deleted and fix opmode commands") added a code path into verify() which removed files on the system if TOTP was not defined. This commit moves the code path to the appropriate generate() function.
2024-07-22Merge pull request #3833 from c-po/wifi-fixChristian Breunig
wireless: T6597: improve hostapd startup and corresponding smoketests
2024-07-22T6599: ipsec: fix incorect default behavior for dead-peer-detectionLucas Christian
2024-07-21vrf: T6592: remove unused import get_interface_configChristian Breunig
Remove unused import (left over) from commit 36f3791e0 ("utils: migrate to new get_vrf_tableid() helper")
2024-07-20utils: migrate to new get_vrf_tableid() helperChristian Breunig
Commit 452068ce7 ("interfaces: T6592: moving an interface between VRF instances failed") introduced a new helper to retrieve the VRF table ID from the Kernel. This commit migrates the old code path where the individual fields got queried to the new helper vyos.utils.network.get_vrf_tableid().
2024-07-20wireless: T6597: improve hostapd startup and corresponding smoketestsChristian Breunig
This was found during smoketesting as thoase started to repeadingly fail in the last weeks File "/usr/libexec/vyos/tests/smoke/cli/test_interfaces_wireless.py", line 534, in test_wireless_security_station_address self.assertTrue(process_named_running('hostapd')) AssertionError: None is not true Digging into this revealed that this is NOT related to the smoketest coding but to hostapd/systemd instead. With a configured WIFI interface and calling: "sudo systemctl reload-or-restart hostapd@wlan1" multiple times in a short period caused systemd to report: "Jul 18 16:15:32 systemd[1]: hostapd@wlan1.service: Deactivated successfully." According to the internal systemd logic used in our version this is explained by: /* If there's a stop job queued before we enter the DEAD state, we shouldn't act on Restart=, in order to not * undo what has already been enqueued. */ if (unit_stop_pending(UNIT(s))) allow_restart = false; if (s->result == SERVICE_SUCCESS) s->result = f; if (s->result == SERVICE_SUCCESS) { unit_log_success(UNIT(s)); end_state = SERVICE_DEAD;` Where unit_log_success() generates the log message in question. Improve the restart login in the wireless interface script and an upgrade to hostapd solved the issue.
2024-07-19Merge pull request #3828 from HollyGurza/T6578Christian Breunig
T6578: Fix unhandled exception in "show openconnect-server sessions"
2024-07-18openvpn: T6591: deprecate OpenVPN server net30 topology (#3825)Daniil Baturin
2024-07-18Merge pull request #3818 from dmbaturin/T6586-unconfigured-objectJohn Estabrook
op-mode: T6586: add a distinct exception for unconfigured objects (as opposed to entire subsystems)
2024-07-18T6578: Fix unhandled exception in "show openconnect-server sessions"khramshinr
2024-07-17Merge pull request #3817 from c-po/op-mode-restartChristian Breunig
op-mode: T6577: create generic service restart helper to work with the API
2024-07-17op-mode: T6586: add a distinct exception for unconfigured objectsDaniil Baturin
as opposed to entire subsystems
2024-07-16op-mode: T6577: create generic service restart helper to work with the APIChristian Breunig
Right now we have multiple restart helpers (e.g. dhcp server, ssh, ntp) that all do the same (more or less): * Check if service is configured on CLI * Restart if configured * Error out if unconfigured This is not available via the op-mode API. Create a new restart.py op-mode helper that takes the service name and possible VRF as argument so it's also exposed via API.
2024-07-14configdep: T6559: use single dependency list with reset under configdJohn Estabrook
2024-07-14configdep: T6559: drop global redundancy removal to fix error reportingJohn Estabrook
2024-07-08vxlan: T6505: Support VXLAN VLAN-VNI range mapping in CLI (#3756)Nataliia S
2024-07-06Merge pull request #3791 from c-po/T6537-powerctrlChristian Breunig
op-mode: T6537: remove unused cmd imported from vyos.utils.process
2024-07-05op-mode: T6537: remove unused cmd imported from vyos.utils.processChristian Breunig
Commit dc60fe99350 ("op-mode: T6537: include hostname in the reboot/shutdown warning message") added a more local import of vyos.utils.process.cmd() that made the fglobal import obsolete and trigger a linter warning. $ make unused-imports -------------------------------------------------------------------- Your code has been rated at 10.00/10 (previous run: 10.00/10, +0.00)
2024-07-05wireless: T6496: support for EAP-MSCHAPv2 client over wifiChristopher
fix: attempt to fix indentation on `wpa_supplicant.conf.j2` fix: attempt to fix indentation on `wpa_supplicant.conf.j2` fix: incorrect bssid mapping fix: use the correct jinja templating (I think) fix: “remote blank space fix: attempt to fix the formatting in j2 fix: attempt to fix the formatting in j2 feat: rename enterprise username and password + add checks in conf mode. fix: move around `bssid` config option on `wpa_supplicant.conf.j2` and fix the security config part fix: fix indentation on `wpa_supplicant.conf.j2`
2024-07-04Merge pull request #3778 from Giggum/vyos_t6371Christian Breunig
op-mode: T6371: fix output of NAT rules with single port range
2024-07-04Merge pull request #3776 from zdc/T6544-currentChristian Breunig
vyos_net_name: T6544: Updated the `vyos_net_name` script
2024-07-03op-mode: T6371: fix output of NAT rules with single port rangeGiggum
2024-07-03vyos_net_name: T6544: Updated the `vyos_net_name` scriptzsdc
Improvements in the `vyos_net_name`: - Used a new locking system, to be sure that multiple running scripts will not try to perform operations at the same time. - Replace logging from a file to syslog. This is common with all the rest logs, and additionally gives a better view of actions done during a boot. - Small bug fix in `get_configfile_interfaces()`: exit with an error in case a config file cannot be parsed. This resolves potentially an unbound `config` object. - Minor formatting fixes to follow our requirements.
2024-07-03op-mode: T6537: include hostname in the reboot/shutdown warning messageDaniil Baturin
2024-07-03Merge pull request #3749 from nicolas-fort/T6536-wildcardChristian Breunig
T6536: nat: add migration script that replaces wildcard charater
2024-07-03T6536: change wildcard character from + to * - extend fix to interfaces ↵Nicolas Fort
defined in zone policy.
2024-07-03T6536: nat: add migration script that replaces wildcard charater supported ↵Nicolas Fort
in 1.3 <+> with character supported in latest version <*>
2024-07-03Merge pull request #3746 from ↵Daniil Baturin
dmbaturin/T6498-machine-readable-tech-support-report op-mode: T6498: add machine-readable tech support report script
2024-07-03op-mode: T6498: add machine-readable tech support report scriptDaniil Baturin
2024-07-02Merge pull request #3745 from c-po/no-legacyDaniil Baturin
T6527: add legacy Vyatta interpreter files still in use
2024-07-02T6523: Telegraf use nft scripts only if the firewall configuredViacheslav Hletenko
If a firewall is not configured there is no reason to get and execute telegraf firewall custom scripts as there are no nft chain in the firewall nftables configuration
2024-06-30T6527: add legacy Vyatta interpreter files still in useChristian Breunig
2024-06-29T6534: fix incorrect imports in vyos-config-encrypt.pyBonus
2024-06-29Merge pull request #3733 from c-po/T6524-release-dhcpChristian Breunig
op-mode: T6524: rewrite "release dhcp(v6) interface" to new op-mode format
2024-06-28T6452: Add QoS Op Commands (#3591)l0crian1
* T6452: Add QoS Op Commands Added the following commands: show qos shaping show qos shaping detail show qos shaping interface <int name> show qos shaping interface <int name> detail show qos shaping interface <int name> class <class name> show qos shaping interface <int name> class <class name> detail show qos cake interface <int name>
2024-06-28Merge pull request #3720 from sever-sever/T6477Christian Breunig
T6477: Add telegraf loki output plugin
2024-06-28T6477: Add telegraf loki output pluginViacheslav Hletenko
Add Loki plugin to telegraf set service monitoring telegraf loki url xxx
2024-06-28Merge pull request #3524 from alainlamar/T6320Christian Breunig
wireless: T6320: Add 802.11ax at 6GHz to VyOS
2024-06-28Fixes error generated when op cmd interrupted, updates show system calls to ↵Ginko
new cli syntax (#3731)
2024-06-28T6488: firewall: extend op-mode command to show global state-policy counters ↵Nicolás Fort
(#3681) * T6488: firewall: extend op-mode command to show global state-policy counters.
2024-06-27op-mode: T6524: rewrite "release dhcp(v6) interface" to new op-mode formatChristian Breunig
2024-06-27T6497: CGNAT refactoring delete conntrack entries (#3699)Viacheslav Hletenko
2024-06-27wireless: T6320: add 802.11ax at 6GHzAlain Lamar
Authored-By: Alain Lamar <alain_lamar@yahoo.de>
2024-06-27Merge pull request #3715 from HollyGurza/T6313Christian Breunig
T6313: Add "NAT" to "generate" command for rule resequence
2024-06-27Merge pull request #3692 from jestabro/revise-migrationChristian Breunig
T6007: revise migration system
2024-06-27T6313: Add "NAT" to "generate" command for rule resequencekhramshinr
2024-06-27smoketest: T6510: remove build time test to check for /dev/input/event0Christian Breunig
The container used for the Jenkins package builds does not provide a /dev/input/event0 file, thus the build time test fails. Remove the test case as it's not mandatory.
2024-06-26migration: T6007: update run-config-migration scriptJohn Estabrook