summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2023-05-28ipsec: T5042: fix remote-access "Tunnel IP" columnChristian Breunig
Connection ID Username Protocol State Uptime Tunnel IP --------------- ---------- ---------- ------- -------- ----------------- 27 cpo IKEv2 UP 11s ['172.16.222.17'] "Tunnel IP" should be a string over list.
2023-05-28router-advert: T5240: verify() that no more then 3 IPv6 name-servers configuredChristian Breunig
This is a radvd limitation.
2023-05-26bridge: T4579: fix error message for bridge and bond membershipChristian Breunig
2023-05-25T5231: Add op-mode for show reverse-proxyViacheslav Hletenko
Add op-mode CLI for reverse-proxy "show reverse-proxy" Ability to get JSON and formatted output
2023-05-21T5234: add bash prompt identifier for given VRF instanceChristian Breunig
2023-05-19T5222: reverse-proxy add send-proxy option for backend serverViacheslav Hletenko
To accept a Proxy Protocol header on incoming TCP connections, add an accept-proxy parameter to the bind line in a frontend section. This parameter detects both Proxy Protocol version 1 (text format) and Proxy Protocol version 2 (binary format). set load-balancing reverse-proxy backend <tag> server <tag> send-proxy
2023-05-19T5222: Refactoring load-balancing reverse-proxyViacheslav Hletenko
Improve and refactoring "load-balancing reverse-proxy" - replace 'reverse-proxy server <tag>' => 'reverse-proxy service <tag>' - replace 'reverse-proxy global-parameters tls <xxx>' => 'reverse-proxy global-parameters tls-version-min xxx' => 'reverse-proxy global-parameters ssl-bind-ciphers xxx' - replace 'reverse-proxy service https rule <tag> set server 'xxx' => 'reverse-proxy service https rule <tag> set backend 'xxx' 'service https rule <tag> domain-name xxx' set as multinode
2023-05-17Merge pull request #2004 from sever-sever/T5222Christian Breunig
T5222: Add load-balancing for web traffic
2023-05-17T5222: Add load-balancing for web trafficViacheslav Hletenko
2023-05-14T5224: Stop syslog.socket alongside syslog.serviceJoe Groocock
Avoids the following warning, and any external service from re-activating syslog via systemd socket activation: frebib@vyos# commit [ system syslog ] DEBUG/COMMAND returned (err): Warning: Stopping syslog.service, but it can still be activated by: syslog.socket DEBUG/COMMAND cmd 'systemctl stop syslog.service' Signed-off-by: Joe Groocock <me@frebib.net>
2023-05-14T5224: Fix `del system syslog`Joe Groocock
os.unlink() is the correct function: Traceback (most recent call last): File "/usr/libexec/vyos/conf_mode/system-syslog.py", line 146, in <module> generate(c) File "/usr/libexec/vyos/conf_mode/system-syslog.py", line 114, in generate os.path.unlink(rsyslog_conf) ^^^^^^^^^^^^^^ AttributeError: module 'posixpath' has no attribute 'unlink' Signed-off-by: Joe Groocock <me@frebib.net>
2023-05-12ethernet: T3891: add conditional code-path when doing speed/duplex changesChristian Breunig
There is no need for the backend code to call ethtool and try to change speed or duplex settings every time there is a change in the interface configuration, but no change for the speed/duplex subnodes. This also makes the commit itself faster when working with ethernet interfaces. Bonus: no repeating CLI messages that the driver does not support speed/duplex changes, as we do not change anything here. Extension to commit f2ecc9710 ("ethernet: T3891: honor auto-negotiation support per NIC")
2023-05-12ocserv: T3896: improve XML definition and add warning about 3rd party configsChristian Breunig
When enabling identity-based-config, users can add arbitrary config keys that are processed by ocserv. The user "must know" what he is been doing, as invalid config option will make the ocserv daemon go ... whoop! Thus add a warning and inform the user about this setting.
2023-05-12Merge pull request #1783 from PeppyH/T3896-ocserv-config-per-xChristian Breunig
ocserv: T3896: add CLI options to configure ocserv config-per-user/group
2023-05-12Merge pull request #2002 from Zen3515/fix-cloudflare-ddnsChristian Breunig
T5219: ddclient: Allow not set login for Cloudflare API token
2023-05-12T5219: ddclient: Cloudflare doesn't require loginZen3515
2023-05-11Merge pull request #1999 from dmbaturin/T5251-vrrp-group-ping-fixJohn Estabrook
vrrp: T5215: fix the commit error when health check is not configured
2023-05-12vrrp: T5215: fix VRRP commit error when health check is not configuredDaniil Baturin
2023-05-11vyos.util: T5195: remove the unused camel case to snake case functionDaniil Baturin
that was replaced with Humps in all sciprts
2023-05-11Merge pull request #1956 from mkorobeinikov/currentChristian Breunig
T5158: Refactoring the commad sh interfaces counters
2023-05-11T5158: Refactoring the commad '$ sh interfaces counters'mkorobeinikov
For more detailed information it's necessary to add information about drops and error counters.
2023-05-10Merge pull request #1987 from dmbaturin/T5251-vrrp-group-pingChristian Breunig
T5215: add a built-in ping check for VRRP groups
2023-05-10vrrp: T5215: Add built-in ping check for VRRP groupsDaniil Baturin
2023-05-10T5213: Add accounting-interim-interval option for PPTP-serverViacheslav Hletenko
Add RADIUS accounting-interim-interval option for PPTP-server Specifies interval in seconds to send accounting information (may be overridden by radius Acct-Interim-Interval attribute) set vpn pptp remote-access authentication radius accounting-interim-interval '52'
2023-05-10T5213: Add accounting-interim-interval option for L2TP-serverViacheslav Hletenko
Add RADIUS accounting-interim-interval option for L2TP-server Specifies interval in seconds to send accounting information (may be overridden by radius Acct-Interim-Interval attribute) set vpn l2tp remote-access authentication radius accounting-interim-interval '120'
2023-05-09Merge pull request #1978 from zdc/T5190-sagittaChristian Breunig
cloud-init: T5190: Added Cloud-init pre-configurator
2023-05-09Merge pull request #1984 from sever-sever/T5060Christian Breunig
T5060: Add disable option for high-availability
2023-05-09Merge pull request #1985 from c-po/t2778-syslogChristian Breunig
syslog: T2778: T2769: refactoring and VRF support
2023-05-09T5214: Fix warning if a named pool is defined for PPPoE-serverViacheslav Hletenko
2023-05-08syslog: T2769: add VRF supportChristian Breunig
Allow syslog messages to be sent through a VRF (e.g. management).
2023-05-08syslog: T2778: migrate to get_config_dict()Christian Breunig
2023-05-08T5060: Add disable option for high-availabilityViacheslav Hletenko
Add 'maintenance mode' (option disable) for high-availability set high-availability disable
2023-05-08Merge pull request #1964 from indrajitr/ddclient-improvement-round-1Christian Breunig
dns: T5144: Improve dynamic DNS validations and completions
2023-05-05T5203: Use vyos-wan-load-balance.service for load-balancingViacheslav Hletenko
Use 'vyos-wan-load-balance.service' for load-balancing instead of old start and stop 'vyatta-wanloadbalance.init' script
2023-05-05T5203: Add systemd vyos-wan-load-balance.serviceViacheslav Hletenko
Add 'vyos-wan-load-balance.service' systemd unit for 'loadbalancing wan' instead of old vyatta-wanloadbalance.init script
2023-05-04dns-forwarding: T5193: implement NS resource typeChristian Breunig
2023-05-04dns-forwarding: T5193: use f'ormat strings when building messagesChristian Breunig
2023-05-04wwan: op-mode: T5196: inform user about unconfigured interfaceChristian Breunig
2023-05-04cloud-init: T5190: Added Cloud-init pre-configuratorzsdc
Added a new service that starts before Cloud-init, waits for all network interfaces initialization, and if requested by config, checks which interfaces can get configuration via DHCP server and creates a corresponding Cloud-init network configuration. This protects from two situations: * when Cloud-init tries to get meta-data via eth0 (default and fallback variant for any data source which depends on network), but the real network is connected to another interface * when Cloud-init starts simultaneously with udev and initializes the first interface to get meta-data before it is renamed to eth0 by udev
2023-05-04Merge pull request #1973 from sever-sever/T5171Christian Breunig
T5171: Use XML for loadbalancing wan instead of old templates
2023-05-04T4771: further improvements to the BGP op mode scriptDaniil Baturin
2023-05-02T5171: Rewrite load-balancing wan to XML and python3Viacheslav Hletenko
Use XML and python3 for 'load-balancing wan' Use Jinja2 templates instead of old vyatta-wanloadbalance.pl to generate configuration '/run/load-balance/wlb.conf' wich used by /opt/vyatta/sbin/wan_lb
2023-04-30T5150: harmonize verify() error message - encapsulate variable in "" quotesChristian Breunig
2023-04-27bgp: T5010: add verify() for L2VPN EVPN route-distinguisher and route-targetChristian Breunig
Without the change users might get confused as the setting is specified on the VyOS CLI but never makes it to FRR due to an internal FRR check.
2023-04-27T5181: Fix condition to detect correct vrf name for vrf-vniViacheslav Hletenko
When we delete vrf vni there is a dictionary {'only_vrf': 'red', 'new_frr_config': '!\n'}
2023-04-27Merge pull request #1721 from dmbaturin/T4888-conntrack-sync-op-modeJohn Estabrook
conntrack-sync: T4888: rewrite the op mode script in the new format
2023-04-26bgp: T5181: FRR can not tear down VRF isntance if l3vni is still configuredChristian Breunig
Add verify() section to check if l3vni was removed in addition to the BGP process under any given VRF.
2023-04-26vrf: T5174: ensure no duplicate VNIs can be definedChristian Breunig
2023-04-26T5181: Fix for correct deleting vni under vrfViacheslav Hletenko
2023-04-25vrf: T5150: fix improper config dict generation for individual vni configurationChristian Breunig