summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2023-03-09xml: T4952: improve interface completion helper CLI experienceChristian Breunig
2023-03-09qos: T5018: Use configdep to fix interface mirror/redirect issuesarthurdev
This will check if mirror/redirect is present on a QoS interface and use `vyos.configdep` module to update the interface again after QoS is applied.
2023-03-09T5063: IPoE-server ethX vlan must not be used with client-subnetViacheslav Hletenko
IPoE-server 'interface ethX vlan xxx' (aka vlan-mon) must not be used with 'interface ethX client-subnet' So instead of shared pool accel-ppp uses the same pool for each dynamically added VLAN eth1 client-subnet '192.0.2.0/24' eth1 vlan '2000-2021' It cause this issue: eth1.2000 range 192.0.2.0/24 (the first client gets address from 192.0.2.2) eth2.2001 range 192.0.2.0/24 (the first client gets address from 192.0.2.2) Only named pools with vlan option must be used.
2023-03-08T5066: Fix GRE tunnel variable name which checks keysViacheslav Hletenko
2023-03-07frr: T5045: lift LimitNOFILE 1024 -> 4096Christian Breunig
Lift the amount of allowed open file descriptors for the FRR process tree. Required if there are hundreds to thousands interfaces on a system.
2023-03-05op-mode: T5051: use typing.Literal in op-mode scriptsJohn Estabrook
2023-03-05op-mode: T5051: interpret Literal types as enumsJohn Estabrook
2023-03-04Merge pull request #1862 from jestabro/schema-generateChristian Breunig
graphql: T5040: generate schema on installation, rather than dynamically
2023-03-03graphql: T5040: use path from defaultsJohn Estabrook
2023-03-02Merge pull request #1865 from jbordongit/T4916-sagittaChristian Breunig
ipsec: T4916: Fixed migrations script
2023-03-03ipsec: T4916: Fixed migrations scriptjbordongit
* removed unused `re` from imports * replaced `return_value()` to `return_values()` for `remote-address` because this is a multi-value configuration node
2023-03-02login: T5039: catch error on 'my_set' for auth plaintext-passwordJohn Estabrook
2023-03-01graphql: T5040: generate schema in vyos-1x.postinstJohn Estabrook
2023-03-01graphql: T5040: use nullable key field to allow schema static generationJohn Estabrook
Schema had been dynamically generated, based on configuration setting for authentication. Add nullable field 'key' for static generation of schema regardless of key/token use.
2023-02-28Merge pull request #1857 from nicolas-fort/nft_queueChristian Breunig
T5037: Firewall: Add queue action and options to firewall
2023-02-28T4967: Allow setting container hostnameViacheslav Hletenko
Ability setting container hostname This host name is used as /etc/hostname set container name <tag> host-name 'mybox'
2023-02-28T5037: Firewall: Add queue action and options to firewallNicolas Fort
2023-02-28Merge pull request #1800 from vfreex/feature-babelChristian Breunig
T4977: Add Babel routing protocol support
2023-02-28Merge pull request #1784 from Zen3515/current-add-container-command-argChristian Breunig
container: T4014: Add `command`, `arg` and `entrypoint` configuration options for containers
2023-02-28Merge pull request #1853 from sever-sever/T5033Christian Breunig
T5033: Ability to generate muliple keys from a file or link
2023-02-27openvpn: T4770: fix tabulate output in _format_openvpnJohn Estabrook
2023-02-27openconnect: T4955: Renamed function and changed error messagesaapostoliuk
Renamed local function to be identical to 1.3 ver Changed error messages after commit to be identical to 1.3 ver
2023-02-27Merge pull request #1644 from aapostoliuk/T4790-sagittaViacheslav Hletenko
T4790: Added check of the sum of radius timeouts
2023-02-27T5033: Ability to generate muliple keys from a file or linkViacheslav Hletenko
We generate only one public key (string) from a file xxx.pub op-mode with 'generate public-key-command user vyos lik_to_key_file' Add ability to generate configuration (from op-mode) for multiple keys As github keys don't use identifiers, generate uuid4 id for them
2023-02-26graphql: T4979: add user info to token requestJohn Estabrook
2023-02-26T4997: add dhcp client user hooksbri
This commit adds a script to run user-defined hook scripts upon renewing a DHCP lease. This can be used to, for example, dynamically define a firewall address-group based on the dynamic IP address of an interface. For an example of its use (as well as the use case I had in mind while coding this), see https://vyos.dev/T2196#142394 Co-authored-by: br <git@ibeep.com>
2023-02-25tunnel: T5034: migrate "multicast enable" CLI node to enable-multicastChristian Breunig
Tunnel interface multicast settings can be "enabled or disabled". As we prefer valueless nodes, and the linux kernel default is "disabled" we should add a set interfaces tunnel tunXX enable-multicast command
2023-02-25python: T5026: Replace deprecated Python modules crypt, spwdsarthurdev
DeprecationWarning: 'crypt' is deprecated and slated for removal in Python 3.13 DeprecationWarning: 'spwd' is deprecated and slated for removal in Python 3.13
2023-02-24login: T1948: drop absolut path to /usr/libexec/vyos, re-use vyos.defaultsChristian Breunig
2023-02-24http-api: T5030: fix missing check on delete keys id tag or key valueJohn Estabrook
2023-02-24Merge pull request #1847 from aapostoliuk/T4985-2-sagittaChristian Breunig
ipsec: T4985: Changed 'reset vpn ipsec-peer' to use vici library
2023-02-24ipsec: T4985: Changed 'reset vpn ipsec-peer' to use vici libraryaapostoliuk
1. Changed reset IPSEC, IKE SAs to use vici library. 2. Created package vyos.ipsec to communicate with vici library.
2023-02-23Merge pull request #1829 from sever-sever/T5013Daniil Baturin
T5013: Extend accelppp op-mode script to get statistic
2023-02-22T5025: Fix timezones and validator use timedatectlViacheslav Hletenko
Fix timezones completion help and validotor Use 'timedatectl' insted of find zoneinfo
2023-02-22openconnect: T5023: Conf script missing optional config parametersarthurdev
2023-02-22Merge pull request #1839 from sarthurdev/ipsecChristian Breunig
ipsec: T4593: Remove references to deleted variables
2023-02-22ipsec: T4593: Remove references to deleted variablessarthurdev
2023-02-21Merge pull request #1835 from sever-sever/T5020Christian Breunig
T5020: Extend openvpn op-mode to get list of configured clients
2023-02-21T4978: Default values of port rewrite default container valuesViacheslav Hletenko
As we have the same variable name 'default_values' for container name, port and volume, it rewrites default container parameters with default port parameters Fix it
2023-02-20T5020: Extend openvpn op-mode to get list of configured clientsViacheslav Hletenko
Extend openvpn.py op-mode script to get list of configured clients for the '--raw' output
2023-02-18T5013: Extend accelppp op-mode script to get statisticViacheslav Hletenko
Extend accelppp.py op-mode script to get subnet/start/stop/gateway/client_ip_pool/ etc info from the configuration
2023-02-15Merge pull request #1817 from sarthurdev/bookwormChristian Breunig
debian: T5003: Upgrade base system to Debian 12 "Bookworm"
2023-02-15Merge pull request #1821 from sarthurdev/ipsecChristian Breunig
ipsec: T4593: Migrate and remove legacy `include-ipsec` nodes
2023-02-15ipsec: T4593: Migrate and remove legacy `include-ipsec` nodessarthurdev
Not supported with swanctl
2023-02-14http-api: T5006: add explicit async to retrieve/configure methodsJohn Estabrook
2023-02-14strongSwan: T4593: move to charon-systemdChristian Breunig
2023-02-14ipsec: T4985: Fixed 'reset vpn ipsec-peer {peer}' commandaapostoliuk
Fixed 'reset vpn ipsec-peer {peer}' command. The op-mode script uses value 'None' in the 'tunnel' parameter to clear all CHILD SAs.
2023-02-13debian: T5003: Fixes dynamic DNS for Bookwormsarthurdev
2023-02-13debian: T5003: Update XDP for latest libbpfsarthurdev
2023-02-13debian: T5003: Fixes for Debian Bookwormsarthurdev
* DH params of 256 length no longer supported