summaryrefslogtreecommitdiff
path: root/templates
AgeCommit message (Collapse)Author
2010-07-06Allow incorrect user to be deletedStephen Hemminger
Avoid password checks on delete. Bug 5418
2010-07-06Change user name validationStephen Hemminger
Do username validation in perl script. This allows for checking for what is allowed, versus what is recommended. For compatiablity we allow things like upper case user names which but this is not recommended so these names produce a warning.
2010-06-18Remove sudo from tunnel commandStephen Hemminger
Don't need sudo for ip command anymore.
2010-06-17initial support for gre-bridge tunnels.Robert Bays
2010-06-15Remove sudo from brctlStephen Hemminger
Since brctl has cap_net_admin, don't need to use sudo
2010-06-15Remove unnecessary :expression: syntaxStephen Hemminger
Several templates can use simplified non-expression syntax
2010-06-15Remove sudo from ip commandStephen Hemminger
No longer need sudo on ip because of cap_net_admin
2010-05-26Move DHCPv6 client configuration to this package and restructre parameters.Bob Gilligan
2010-05-19Add enable-proxy-arp to vif interface.Stig Thormodsrud
2010-05-14Change SNMP community handlingStephen Hemminger
Allow combination of IPv4 and IPv6 address in community setting. Use script to generate necessary community values in snmpd.conf
2010-05-12Allow configuring/restricting SNMP listen addressStephen Hemminger
Add: service snmp listen-address AAAA [port NNN]
2010-05-12Better version of SNMP IPv6 supportStephen Hemminger
Need to use different syntax for community values on IPv6 versus IPv4
2010-05-12Revert "Snmp Ipv6 support"Stephen Hemminger
This reverts commit 5aafb72b269d409500258f0b65f3e635d99712b7.
2010-05-11Snmp Ipv6 supportStephen Hemminger
Simple change to allow ipv6 or ipv4 address in configuration.
2010-04-27Make interface help completion strings consistentStephen Hemminger
Use same format/syntax over all interface types. Bug 5257
2010-04-16Configure IFB devices earlier in bootStephen Hemminger
Need ifb device to be created before other devices redirect to it.
2010-04-15Rename in0 to ifb0Stephen Hemminger
More descriptive name for input interface.
2010-04-06Add input pseudo-interface configurationStephen Hemminger
This is configuration wrapper for IFB. See spec.
2010-03-29Fix test for UPStephen Hemminger
/sys/devices/system/cpu/present is 0-NN on SMP and 0 on UP.
2010-03-29Ignore setting CPU affinity on UP systemsStephen Hemminger
If only one CPU, then not worth bothering doing any kind of interrrupt affinity.
2010-03-24Fix Bug 5487 http redirect url address placed on the router gets blocked byMohit Mehta
local-zone's firewall when using Zone Based Firewall * changed local zones INPUT and OUTPUT chain rules to allow all local-zone traffic on the loopback interface rather than using address 127.0.0.1 which was too restrictive and blocked certain traffic initiated from and going to local-zone itself. This is compliant with the Zone Concept and similar to what's done for other transient zones as well where rules are interface based
2010-03-09Bugfix 5021: Make smp_affinity configuration tolerant of failures.Bob Gilligan
2010-03-09Set primary interface after bond-group is initializedStephen Hemminger
Bug 4977 Need to wait to set/check bond primary device until after it is put in bond group.
2010-03-01Bugfix 5377: strict-dad must be applied before interfaces are configuredBob Gilligan
2010-02-23Bugfix 5377: Add parameter to control behavior when DAD fails.Bob Gilligan
RFC-4862 requires that IPv6 operation on an interface be disabled when DAD fails on a link-local address. The kernel IPv6 code supports this feature, but doesn't enable it by default. This change provides a configurable parameter to control this behavior, but, like the kenrnel, disables it by default.
2010-02-21Fix 5157: dhcpclient doesn't work when alternative mac address specified on ↵Stig Thormodsrud
bootup
2010-02-18Fix Bug 5064 can't delete bridge group and membership in one commitMohit Mehta
* fix this for eth, eth.vif, bond, bond.vif interfaces * also, bridge-group code for bonding interfaces wasn't changed with commit ec080f99 that re-strucutred bridging code in eth and eth.vifs to fix bug 4708. bridge-group code for bond and bond.vif interfaces is now similar to the fix for 4708
2010-02-17Add support for options in keyfileStephen Hemminger
The sshd file format has optional options; copy them to a placeholder node and generate to authorized_keys Better error message when wrong number of arguments.
2010-02-17Handle DSA keysStephen Hemminger
Bug 5350 Need some changes to support DSA keys (Protocol V2). Also add support for options in key file.
2010-02-16Use template to do syntax checks on ethernet device nameStephen Hemminger
Bug 5256 Going out to perl to repeatedly validate ethernet device name slows down adding VLAN's and other operations with lots of sub-devices.
2010-02-16Check current status (not configured value) when enabling vlan deviceStephen Hemminger
2010-02-16Speed up VIF creationStephen Hemminger
The overhead of compiling perl script repeatedly slows down VIF creation
2010-02-16Don't allow format strings in snmp-communityStephen Hemminger
2010-02-03Set system host-name and time-zone firstStephen Hemminger
Bug 4754 Want correct host-name for DHCP to work right later under interfaces. Want timezone correct so that any services started that print time information have correct data.
2010-02-02Run login update as rootStephen Hemminger
Need ability to open file of new user (to load authorized key). So move sudo to template.
2010-02-02Static host-name mapping changesStephen Hemminger
Fix help text (Bug 5254) and allow IPV6 static mapping (Bug 5298)
2010-02-02Add help string for system ip neighborStephen Hemminger
Bug 5285
2010-02-02Add help for system ip arpStephen Hemminger
Bug 5286
2010-01-26Add additional check that new user doesn't exist in NSSStephen Hemminger
If user exists in NSS (LDAP, TACACS+) but not on local machine, then it can not be changed with CLI. useradd will fail (user exists), and usermod will fail (can't find user in passwd file). Bug 5249
2010-01-26Don't allow vyatta configured accounts to overlap internal accountsStephen Hemminger
Bug 5269 This prevents user from doing something harmful like making a user named quagga or cron and putting vbash on that account.
2010-01-24Fix allow-root for telnet/sshStephen Hemminger
Bug 5252 The boot script needs to restore default settings, and the templates are then used to enable root access.
2010-01-19Bugfix 5162: Make disabling flow control work at boot time.Bob Gilligan
We need to delay disabling flow control in the sequence of events until after the interface address has been set. An additional benefit of adding a "priority" field is that interface configuration will not fail if the attempt to disable flow control fails for some reason.
2010-01-19fix bug 5226: Hostname does not allow number as first charRobert Bays
2010-01-19Restrict radius-server timeout valueStephen Hemminger
Values > 30 are likely to cause login timeout, so don't allow them.
2010-01-07Add support trap source addressStephen Hemminger
Bug 458 Add service snmp trap-source <address> wrapper for /etc/snmp/snmp.conf
2010-01-07Add support for trap community and portStephen Hemminger
Bug 3756 Allow setting trap communities and port values.
2010-01-05Need to be root to remove snmpd.confStephen Hemminger
Postscript to bug 4499
2010-01-05Change 'protocols snmp' to 'service snmp'Stephen Hemminger
Bug 212 The entries in config under protocols were all routing protocols except SNMP which was an unfortunate original design choice. Config script does migration.
2010-01-05Remove snmpd.conf on deletionStephen Hemminger
Bug 4499
2010-01-04Do loopback before other interfacesStephen Hemminger
Want to process loopback first, so any local addresses assigned to loopback are done.