From 1ee415d4070b0c9b70de86805e27f5c12abadce5 Mon Sep 17 00:00:00 2001 From: UnicronNL Date: Fri, 24 Jul 2015 14:51:54 +0200 Subject: Remove fuse group, not needed in debian jessie --- templates/interfaces/bridge/node.def | 4 ++-- templates/interfaces/bridge/node.tag/aging/node.def | 4 ++-- .../interfaces/bridge/node.tag/forwarding-delay/node.def | 2 +- templates/interfaces/bridge/node.tag/hello-time/node.def | 4 ++-- templates/interfaces/bridge/node.tag/max-age/node.def | 4 ++-- templates/interfaces/bridge/node.tag/priority/node.def | 4 ++-- templates/interfaces/bridge/node.tag/stp/node.def | 12 ++++++------ 7 files changed, 17 insertions(+), 17 deletions(-) (limited to 'templates') diff --git a/templates/interfaces/bridge/node.def b/templates/interfaces/bridge/node.def index c20b361c..8525cb9e 100644 --- a/templates/interfaces/bridge/node.def +++ b/templates/interfaces/bridge/node.def @@ -5,7 +5,7 @@ help: Bridge interface name val_help: ; Bridge interface name syntax:expression: pattern $VAR(@) "^br[0-9]+$" ; "Must be (br0 - br999)" -create: /usr/sbin/brctl addbr $VAR(@) +create: /sbin/brctl addbr $VAR(@) if [ -n "$VAR(mac/@)" ] ; then ip li set dev $VAR(@) address $VAR(mac/@) fi @@ -17,4 +17,4 @@ delete: if ! /opt/vyatta/sbin/vyatta-bridgegroup-depedency.pl \ exit 1 fi ip link set $VAR(@) down; - /usr/sbin/brctl delbr $VAR(@); + /sbin/brctl delbr $VAR(@); diff --git a/templates/interfaces/bridge/node.tag/aging/node.def b/templates/interfaces/bridge/node.tag/aging/node.def index a67a7ca3..ab83140f 100644 --- a/templates/interfaces/bridge/node.tag/aging/node.def +++ b/templates/interfaces/bridge/node.tag/aging/node.def @@ -6,5 +6,5 @@ syntax:expression: $VAR(@) == 0 || ( $VAR(@) >= 10 && $VAR(@) < 1000000 ) ; val_help: 0; Disable retaining address in bridge (always flood) val_help: u32:10-1000000; Address aging time for bridge seconds (default 300) -update: /usr/sbin/brctl setageing $VAR(../@) $VAR(@) -delete: /usr/sbin/brctl setageing $VAR(../@) 300 +update: /sbin/brctl setageing $VAR(../@) $VAR(@) +delete: /sbin/brctl setageing $VAR(../@) 300 diff --git a/templates/interfaces/bridge/node.tag/forwarding-delay/node.def b/templates/interfaces/bridge/node.tag/forwarding-delay/node.def index 21de2454..7783339b 100644 --- a/templates/interfaces/bridge/node.tag/forwarding-delay/node.def +++ b/templates/interfaces/bridge/node.tag/forwarding-delay/node.def @@ -2,4 +2,4 @@ type: u32 help: Forwarding delay syntax:expression:$VAR(@) <= 200; "Forwarding delay must be between 0 and 200" val_help: u32:0-200; Spanning Tree Protocol forwarding delay in seconds (default 15) -update: /usr/sbin/brctl setfd $VAR(../@) $VAR(@) +update: /sbin/brctl setfd $VAR(../@) $VAR(@) diff --git a/templates/interfaces/bridge/node.tag/hello-time/node.def b/templates/interfaces/bridge/node.tag/hello-time/node.def index 8f48b8be..f6d54d73 100644 --- a/templates/interfaces/bridge/node.tag/hello-time/node.def +++ b/templates/interfaces/bridge/node.tag/hello-time/node.def @@ -3,5 +3,5 @@ default: 2 help: Hello packet advertisment interval syntax:expression: $VAR(@) <= 30; "Bridge Hello interval must be between 0 and 30 seconds" val_help: u32:0-30; Spanning Tree Protocol hello advertisement interval (default 2) -update: /usr/sbin/brctl sethello $VAR(../@) $VAR(@) -delete: /usr/sbin/brctl sethello $VAR(../@) 2 +update: /sbin/brctl sethello $VAR(../@) $VAR(@) +delete: /sbin/brctl sethello $VAR(../@) 2 diff --git a/templates/interfaces/bridge/node.tag/max-age/node.def b/templates/interfaces/bridge/node.tag/max-age/node.def index b30e5e9e..452313ad 100644 --- a/templates/interfaces/bridge/node.tag/max-age/node.def +++ b/templates/interfaces/bridge/node.tag/max-age/node.def @@ -5,6 +5,6 @@ syntax:expression: $VAR(@) >= 6 && $VAR(@) <= 200 ; "Bridge max aging value must be between 6 and 200" val_help: u32:6-200; Bridge maximum aging time value (default 20) -update: /usr/sbin/brctl setmaxage $VAR(../@) $VAR(@) -delete: /usr/sbin/brctl setmaxage $VAR(../@) 20 +update: /sbin/brctl setmaxage $VAR(../@) $VAR(@) +delete: /sbin/brctl setmaxage $VAR(../@) 20 diff --git a/templates/interfaces/bridge/node.tag/priority/node.def b/templates/interfaces/bridge/node.tag/priority/node.def index ba17f841..3e35dc67 100644 --- a/templates/interfaces/bridge/node.tag/priority/node.def +++ b/templates/interfaces/bridge/node.tag/priority/node.def @@ -4,5 +4,5 @@ default: 32768 syntax:expression:$VAR(@) < 65536 ; "Bridge priority must be between 0 and 65535 (multiples of 4096)" val_help: u32:0-65535; Bridge priority (default 32768) -update: /usr/sbin/brctl setbridgeprio $VAR(../@) $VAR(@) -delete: /usr/sbin/brctl setbridgeprio $VAR(../@) 32768 +update: /sbin/brctl setbridgeprio $VAR(../@) $VAR(@) +delete: /sbin/brctl setbridgeprio $VAR(../@) 32768 diff --git a/templates/interfaces/bridge/node.tag/stp/node.def b/templates/interfaces/bridge/node.tag/stp/node.def index d24a3261..63000648 100644 --- a/templates/interfaces/bridge/node.tag/stp/node.def +++ b/templates/interfaces/bridge/node.tag/stp/node.def @@ -6,13 +6,13 @@ val_help: false; Disable Spanning Tree Protocol (default) update: if [ "$VAR(@)" == "true" ]; then if [ -z "$VAR(../../forwarding-delay)" ]; then - /usr/sbin/brctl setfd $VAR(../@) 15 + /sbin/brctl setfd $VAR(../@) 15 else - /usr/sbin/brctl setfd $VAR(../@) $VAR(../../forwarding-delay) + /sbin/brctl setfd $VAR(../@) $VAR(../../forwarding-delay) fi - /usr/sbin/brctl stp $VAR(../@) on + /sbin/brctl stp $VAR(../@) on else - /usr/sbin/brctl stp $VAR(../@) off - /usr/sbin/brctl setfd $VAR(../@) 0 + /sbin/brctl stp $VAR(../@) off + /sbin/brctl setfd $VAR(../@) 0 fi -delete:/usr/sbin/brctl stp $VAR(../@) off +delete:/sbin/brctl stp $VAR(../@) off -- cgit v1.2.3 From 8b7275209398e7c8e19c7cf45079bd883e86549c Mon Sep 17 00:00:00 2001 From: Seamus Caveney Date: Tue, 26 Jan 2016 17:29:00 -0500 Subject: vyatta-cfg-system: add support for 6rd tunnel interfaces --- templates/interfaces/tunnel/node.def | 3 +++ templates/interfaces/tunnel/node.tag/6rd-prefix/node.def | 10 ++++++++++ 2 files changed, 13 insertions(+) create mode 100644 templates/interfaces/tunnel/node.tag/6rd-prefix/node.def (limited to 'templates') diff --git a/templates/interfaces/tunnel/node.def b/templates/interfaces/tunnel/node.def index 5fbe205e..720bf64f 100644 --- a/templates/interfaces/tunnel/node.def +++ b/templates/interfaces/tunnel/node.def @@ -62,6 +62,9 @@ create: fi if [ "$VAR(./encapsulation/@)" == "gre" ] && [ -z $VAR(./remote-ip/) ]; then ip tunnel add $VAR(@) local $LIP mode gre $KEY $TTL $TOS + elif [ "$VAR(./encapsulation/@)" == "sit" ] && [ -n "$VAR(./6rd-prefix/@)" ]; then + ip tunnel add $VAR(@) remote $VAR(./remote-ip/@) mode sit + ip tunnel 6rd dev $VAR(@) 6rd-prefix $VAR(./6rd-prefix/@) else ip tunnel add $VAR(@) local $LIP remote $VAR(./remote-ip/@) mode $VAR(./encapsulation/@) $KEY $TTL $TOS fi diff --git a/templates/interfaces/tunnel/node.tag/6rd-prefix/node.def b/templates/interfaces/tunnel/node.tag/6rd-prefix/node.def new file mode 100644 index 00000000..7e899d5d --- /dev/null +++ b/templates/interfaces/tunnel/node.tag/6rd-prefix/node.def @@ -0,0 +1,10 @@ +multi: +type: ipv6net +val_help: ipv6net; IPv6 address and prefix length +help: 6rd network prefix + +syntax:expression: exec "/opt/vyatta/sbin/valid_address $VAR(@)" + +create:expression: "true" +update:expression: "false" ; \ + "6rd-prefix can only be modified at tunnel creation for $VAR(../@)" -- cgit v1.2.3 From 1415c7fb591cc210a49b46453c4968fc41894b47 Mon Sep 17 00:00:00 2001 From: Seamus Caveney Date: Wed, 27 Jan 2016 08:58:52 -0500 Subject: vyatta-cfg-system: add 6rd-relay-prefix option to support providers using ipv6 networks larger than /32 --- templates/interfaces/tunnel/node.def | 9 ++++++--- templates/interfaces/tunnel/node.tag/6rd-relay-prefix/node.def | 10 ++++++++++ 2 files changed, 16 insertions(+), 3 deletions(-) create mode 100644 templates/interfaces/tunnel/node.tag/6rd-relay-prefix/node.def (limited to 'templates') diff --git a/templates/interfaces/tunnel/node.def b/templates/interfaces/tunnel/node.def index 720bf64f..bd2c4255 100644 --- a/templates/interfaces/tunnel/node.def +++ b/templates/interfaces/tunnel/node.def @@ -57,14 +57,17 @@ create: else TTL="ttl 255" fi - if [ -n "$VAR(./parameters/ip/key/@)" ]; then + if [ -n "$VAR(./parameters/ip/key/@)" ]; then KEY="key $VAR(./parameters/ip/key/@)" - fi + fi if [ "$VAR(./encapsulation/@)" == "gre" ] && [ -z $VAR(./remote-ip/) ]; then ip tunnel add $VAR(@) local $LIP mode gre $KEY $TTL $TOS elif [ "$VAR(./encapsulation/@)" == "sit" ] && [ -n "$VAR(./6rd-prefix/@)" ]; then + if [ -n "$VAR(./6rd-relay-prefix/@)" ]; then + RP="6rd-relay_prefix $VAR(./6rd-relay-prefix/@)" + fi ip tunnel add $VAR(@) remote $VAR(./remote-ip/@) mode sit - ip tunnel 6rd dev $VAR(@) 6rd-prefix $VAR(./6rd-prefix/@) + ip tunnel 6rd dev $VAR(@) 6rd-prefix $VAR(./6rd-prefix/@) $RP else ip tunnel add $VAR(@) local $LIP remote $VAR(./remote-ip/@) mode $VAR(./encapsulation/@) $KEY $TTL $TOS fi diff --git a/templates/interfaces/tunnel/node.tag/6rd-relay-prefix/node.def b/templates/interfaces/tunnel/node.tag/6rd-relay-prefix/node.def new file mode 100644 index 00000000..0f877e2d --- /dev/null +++ b/templates/interfaces/tunnel/node.tag/6rd-relay-prefix/node.def @@ -0,0 +1,10 @@ +multi: +type: ipv4net +val_help: ipv4net; IPv4 prefix of interface for 6rd +help: 6rd relay prefix + +syntax:expression: exec "/opt/vyatta/sbin/valid_address $VAR(@)" + +create:expression: "true" +update:expression: "false" ; \ + "6rd-relay-prefix can only be modified at tunnel creation for $VAR(../@)" -- cgit v1.2.3 From 9d0c8946c537a1d857df67be2ffc26255c24bdbb Mon Sep 17 00:00:00 2001 From: Kim Hagen Date: Tue, 9 Feb 2016 02:08:23 -0500 Subject: Use directory /var/lib/dhcp instead of /var/lib/dhcp3. Use directory /etc/dhcp instead of /etc/dhcp3. --- ChangeLog | 6055 +++++++++++++++++++- scripts/vyatta-address | 4 +- scripts/vyatta-dhcp-helper.pl | 2 +- scripts/vyatta-dhcpv6-client.pl | 6 +- scripts/vyatta-interfaces.pl | 8 +- scripts/vyatta-update-tunnel.pl | 2 +- .../bonding/node.tag/dhcpv6-options/node.def | 2 +- .../vif-s/node.tag/dhcpv6-options/node.def | 2 +- .../vif-c/node.tag/dhcpv6-options/node.def | 2 +- .../node.tag/vif/node.tag/dhcpv6-options/node.def | 2 +- .../bridge/node.tag/dhcpv6-options/node.def | 2 +- .../ethernet/node.tag/dhcpv6-options/node.def | 2 +- .../vif-s/node.tag/dhcpv6-options/node.def | 2 +- .../vif-c/node.tag/dhcpv6-options/node.def | 2 +- .../node.tag/vif/node.tag/dhcpv6-options/node.def | 2 +- .../node.tag/dhcpv6-options/node.def | 2 +- .../vif-s/node.tag/dhcpv6-options/node.def | 2 +- .../vif-c/node.tag/dhcpv6-options/node.def | 2 +- .../node.tag/vif/node.tag/dhcpv6-options/node.def | 2 +- .../tunnel/node.tag/dhcp-interface/node.def | 2 +- templates/service/dns/forwarding/dhcp/node.def | 2 +- 21 files changed, 6080 insertions(+), 27 deletions(-) mode change 120000 => 100644 ChangeLog (limited to 'templates') diff --git a/ChangeLog b/ChangeLog deleted file mode 120000 index d526672c..00000000 --- a/ChangeLog +++ /dev/null @@ -1 +0,0 @@ -debian/changelog \ No newline at end of file diff --git a/ChangeLog b/ChangeLog new file mode 100644 index 00000000..2d7dc77f --- /dev/null +++ b/ChangeLog @@ -0,0 +1,6054 @@ +vyatta-cfg-system (0.20.44+vyos2+current3) unstable; urgency=medium + + [ Kim Hagen ] + * Update 'is_live_cd_boot' and 'is_union_instal' functions to search on 'overlay' instead of 'overlayfs' + + [ Seamus Caveney ] + * vyatta-cfg-system: add support for 6rd tunnel interfaces + + [ Daniil Baturin ] + * Sanitize dependencies, use ISC DHCP client. + + -- Daniil Baturin Wed, 27 Jan 2016 08:24:32 -0500 + +vyatta-cfg-system (0.20.44+vyos2+current2) unstable; urgency=medium + + * Update dependencies + + -- Kim Hagen Mon, 25 Jan 2016 03:47:13 -0500 + +vyatta-cfg-system (0.20.44+vyos2+current1) unstable; urgency=medium + + [ UnicronNL ] + * Remove fuse group, not needed in debian jessie + + [ Thomas Jepp ] + * Dependency fixes for Jessie. Remove the dependency on vyatta-busybox, use the system busybox. + * Add missing runtime dependencies. + + [ Kim Hagen ] + + -- Kim Hagen Sun, 24 Jan 2016 15:04:10 -0500 + +vyatta-cfg-system (0.20.44+vyos2+lithium41) unstable; urgency=low + + [ Alex Harpin ] + * vyatta-cfg-system: formatting changes for style consistency + * vyatta-cfg-system: add restart option to vyatta-dns-forwarding.pl + + -- Alex Harpin Thu, 19 Nov 2015 22:25:54 +0000 + +vyatta-cfg-system (0.20.44+vyos2+lithium40) unstable; urgency=low + + [ Alex Harpin ] + * vyatta-cfg-system: enable usb autosuspend to reduce cpu usage on kvm + + -- Alex Harpin Sun, 15 Nov 2015 10:20:47 +0000 + +vyatta-cfg-system (0.20.44+vyos2+lithium39) unstable; urgency=low + + [ Alex Harpin ] + * vyatta-cfg-system: add missing changelog entries + + -- Alex Harpin Fri, 13 Nov 2015 20:59:16 +0000 + +vyatta-cfg-system (0.20.44+vyos2+lithium38) unstable; urgency=low + + [ Alex Harpin ] + * vyatta-cfg-system: formatting changes for style consistency + * vyatta-cfg-system: rename ethernet offload option nodes + * vyatta-cfg-system: update get_offload_option function due to rename + * vyatta-cfg-system: add option to modify interface scatter-gather option + + -- Alex Harpin Sun, 08 Nov 2015 13:59:11 +0000 + +vyatta-cfg-system (0.20.44+vyos2+lithium37) unstable; urgency=low + + [ Alex Harpin ] + * vyatta-cfg-system: rename smp_affinity to smp-affinity + * vyatta-cfg-system: bump system version to 7 for smp-affinity rename + + -- Alex Harpin Thu, 05 Nov 2015 20:33:18 +0000 + +vyatta-cfg-system (0.20.44+vyos2+lithium36) unstable; urgency=low + + [ Alex Harpin ] + * vyatta-cfg-system: formatting changes for style consistency + * vyatta-cfg-system: ensure bridge slaves are deletable from bridges + * vyatta-cfg-system: allow bridge slaves to be moved from empty bridges + + -- Alex Harpin Mon, 19 Oct 2015 07:52:48 +0100 + +vyatta-cfg-system (0.20.44+vyos2+lithium35) unstable; urgency=low + + [ Alex Harpin ] + * vyatta-cfg-system: remove ip address requirements from port checking + + -- Alex Harpin Sat, 17 Oct 2015 19:25:16 +0100 + +vyatta-cfg-system (0.20.44+vyos2+lithium34) unstable; urgency=low + + [ Alex Harpin ] + * vyatta-cfg-system: add scripts/is_port_available.pl for port checking + * vyatta-cfg-system: add listen-address and port checks for telnet + + -- Alex Harpin Sat, 17 Oct 2015 18:23:34 +0100 + +vyatta-cfg-system (0.20.44+vyos2+lithium33) unstable; urgency=low + + [ Carl Byington ] + * allow dhcp interface for the local end of a tunnel + * dhcp bound/reboot must ignore old values + + [ Daniil Baturin ] + * Add templates and scripts for the popularity contest. + + -- Daniil Baturin Mon, 27 Jul 2015 04:10:37 +0200 + +vyatta-cfg-system (0.20.44+vyos2+lithium32) unstable; urgency=low + + [ Alex Harpin ] + * vyatta-cfg-system: use sha-512 instead of md5 for installation password + + -- Alex Harpin Thu, 02 Jul 2015 00:14:27 +0100 + +vyatta-cfg-system (0.20.44+vyos2+lithium31) unstable; urgency=low + + [ Alex Harpin ] + * Revert "vyatta-cfg-system: prevent deletion of all user authentication" + + -- Alex Harpin Mon, 22 Jun 2015 21:20:41 +0100 + +vyatta-cfg-system (0.20.44+vyos2+lithium30) unstable; urgency=low + + [ Alex Harpin ] + * vyatta-cfg-system: prevent deletion of system based post-hook symlinks + * vyatta-cfg-system: update dh_gencontrol with new development build flag + + [ Carl Byington ] + * allow dhcp interface for the local end of a tunnel + * dhcp bound/reboot must ignore old values + + -- Alex Harpin Tue, 16 Jun 2015 07:48:49 +0100 + +vyatta-cfg-system (0.20.44+vyos2+lithium29) unstable; urgency=low + + [ Alex Harpin ] + * vyatta-cfg-system: 'delete system login user' doesn't remove the user + * vyatta-cfg-system: missing encrypted-password breaks user config node + * vyatta-cfg-system: prevent deletion of all authentication for user + + -- Alex Harpin Sat, 13 Jun 2015 15:31:56 +0100 + +vyatta-cfg-system (0.20.44+vyos2+lithium28) unstable; urgency=low + + * Bug #410: add an option for ARP cache timeout. + + -- Daniil Baturin Mon, 04 May 2015 00:20:52 +0200 + +vyatta-cfg-system (0.20.44+vyos2+lithium27) unstable; urgency=low + + * Bug #541: load l2tp_ip6 module so L2TPv3 over IPv6 can work. + + -- Daniil Baturin Sun, 03 May 2015 19:59:52 +0200 + +vyatta-cfg-system (0.20.44+vyos2+lithium26) unstable; urgency=low + + * Add parted to dependencies, the install scripts need it. + + -- Daniil Baturin Sat, 25 Apr 2015 15:39:47 +0200 + +vyatta-cfg-system (0.20.44+vyos2+lithium25) unstable; urgency=low + + * Further debian/control cleanup. + + -- Daniil Baturin Thu, 09 Apr 2015 03:19:33 +0200 + +vyatta-cfg-system (0.20.44+vyos2+lithium24) unstable; urgency=low + + * Force release + + -- Daniil Baturin Thu, 09 Apr 2015 00:20:26 +0200 + +vyatta-cfg-system (0.20.44+vyos2+lithium23) unstable; urgency=low + + * Remove hypervisor_vendor, obsoleted by hvinfo. + + -- Daniil Baturin Thu, 09 Apr 2015 00:19:54 +0200 + +vyatta-cfg-system (0.20.44+vyos2+lithium22) unstable; urgency=low + + [ kouak ] + * Set correct dhclient configuration filename (#508) + * Add dhcpv6 client-id option (#519) + + [ Daniil Baturin ] + * Fix package description and copyright information. + + -- Daniil Baturin Thu, 26 Mar 2015 01:23:40 +0100 + +vyatta-cfg-system (0.20.44+vyos2+lithium21) unstable; urgency=low + + [ Benjamin Beret ] + * Set default STP priority to 32768 (#512) + + [ Alex Harpin ] + * vyatta-cfg-system: set default stp priority to 32768 (additional) + + -- Alex Harpin Mon, 09 Mar 2015 09:18:45 +0000 + +vyatta-cfg-system (0.20.44+vyos2+lithium20) unstable; urgency=low + + [ Benjamin Beret ] + * Fix broken commit + * Accept custom dyndns services (Bug #507) + + [ Alex Harpin ] + * vyatta-cfg-system: remove unnecessary service symlink + * vyatta-cfg-system: update protocol, remove server and node wording + * vyatta-cfg-system: formatting changes for style consistency + * vyatta-cfg-system: add additional services and check for protocols + * vyatta-cfg-system: update node text so that it fits on a console line + + -- Alex Harpin Sat, 07 Mar 2015 21:13:20 +0000 + +vyatta-cfg-system (0.20.44+vyos2+lithium19) unstable; urgency=low + + [ Alex Harpin ] + * vyatta-cfg-system: ensure grub is installed to the raid slave members + + -- Alex Harpin Sat, 28 Feb 2015 16:44:40 +0000 + +vyatta-cfg-system (0.20.44+vyos2+lithium18) unstable; urgency=low + + [ Alex Harpin ] + * vyatta-cfg-system: adjust mtu node priority to set mtu after parent + * vyatta-cfg-system: correct typo in node.def + * vyatta-cfg-system: redesign the layout and updating of ntp + * vyatta-cfg-system: rename variable in ntp_format subroutine + * vyatta-cfg-system: update new ntp updating routine to work with dhcp + * vyatta-cfg-system: skip over invalid ntp servers rather than exiting + * vyatta-cfg-system: add vyatta-dhcp3-client to dependencies list + + -- Alex Harpin Sat, 28 Feb 2015 12:43:32 +0000 + +vyatta-cfg-system (0.20.44+vyos2+lithium17) unstable; urgency=low + + [ kouak ] + * Fix a bug in rfc2136 import + * Add ingress-qos-mapping/egress-qos-mapping to VLAN configuration + (#385) + + [ Daniil Baturin ] + * Bug #498: dirty hack to disallow remote command execution for + operator level users. + + -- Daniil Baturin Wed, 25 Feb 2015 17:17:53 +0100 + +vyatta-cfg-system (0.20.44+vyos2+lithium16) unstable; urgency=low + + [ Benjamin Beret ] + * Bug #389: Add RFC2136 configuration options for ddclient 3.8.2 + + [ Alex Harpin ] + * vyatta-cfg-system: add dnsutils to depends following rfc2136 options + + -- Alex Harpin Sun, 22 Feb 2015 15:04:28 +0000 + +vyatta-cfg-system (0.20.44+vyos2+lithium15) unstable; urgency=low + + * Bug #490: use command line options for parameters-only and temporary + * Bug #490: remove priority inversion in dhcpv6-options. + * Bug #491: don't allow temporary and parameters-only + * Bug #492: fail commit in case of DHCPv6 configuration errors. + + -- Daniil Baturin Fri, 20 Feb 2015 15:54:29 +0100 + +vyatta-cfg-system (0.20.44+vyos2+lithium14) unstable; urgency=low + + * Bug #356: use VyOS SNMP OID instead of the old Vyatta one. + + -- Daniil Baturin Sun, 15 Feb 2015 05:21:20 +0100 + +vyatta-cfg-system (0.20.44+vyos2+lithium13) unstable; urgency=low + + [ Alex Harpin ] + * vyatta-cfg-system: multiple servers for dns forwarding domain override + * vyatta-cfg-system: redesign the layout and updating of /etc/resolv.conf + * vyatta-cfg-system: remove blank domain search and expand comment type + + -- Alex Harpin Sat, 14 Feb 2015 14:37:03 +0000 + +vyatta-cfg-system (0.20.44+vyos2+lithium12) unstable; urgency=low + + [ Alex Harpin ] + * vyatta-cfg-system: invalid resolv.conf format causing extra DNS request + + -- Alex Harpin Mon, 09 Feb 2015 22:34:02 +0000 + +vyatta-cfg-system (0.20.44+vyos2+lithium11) unstable; urgency=low + + [ Hiroyuki Sato ] + * Bug#382: fix radvd status check + + [ Kim Hagen ] + * Bug #467, tos inherit not turned on by default on tunnels (IPIP, GRE) + * Bug #352 - QinQ - changing the ethertype value of vif-s + * Can not change EtherType with vif-c interfaces configured + + [ Alex Harpin ] + * vyatta-cfg-system: allow dynamic dns updating from behind nat + + -- Alex Harpin Sun, 08 Feb 2015 20:19:41 +0000 + +vyatta-cfg-system (0.20.44+vyos2+lithium10) unstable; urgency=low + + [ Alex Harpin ] + * vyatta-cfg-system: formatting changes for style consistency + * vyatta-cfg-system: changes to update_inittab for xen console access + * vyatta-cfg-system: remove default speed value for console access + + -- Alex Harpin Sun, 25 Jan 2015 09:32:40 +0000 + +vyatta-cfg-system (0.20.44+vyos2+lithium9) unstable; urgency=low + + [ Alex Harpin ] + * vyatta-cfg-system: update the required version of ddclient + * vyatta-cfg-system: add dynamic dns support for no-ip.com/noip + + -- Alex Harpin Sun, 18 Jan 2015 16:01:51 +0000 + +vyatta-cfg-system (0.20.44+vyos2+lithium8) unstable; urgency=low + + [ Alex Harpin ] + * vyatta-cfg-system: formatting changes for style consistency + * vyatta-cfg-system: add dynamic dns support for afraid.org/freedns + * vyatta-cfg-system: set required version of ddclient for freedns support + + -- Alex Harpin Sat, 03 Jan 2015 18:20:32 +0000 + +vyatta-cfg-system (0.20.44+vyos2+lithium7) unstable; urgency=low + + [ Alex Harpin ] + * vyatta-cfg-system: really remove cpufrequtils from depends this time + + -- Alex Harpin Tue, 30 Dec 2014 21:48:13 +0000 + +vyatta-cfg-system (0.20.44+vyos2+lithium6) unstable; urgency=low + + [ Alex Harpin ] + * vyatta-cfg-system: remove acpid and cpufrequtils from depends + + -- Alex Harpin Tue, 30 Dec 2014 20:18:42 +0000 + +vyatta-cfg-system (0.20.44+vyos2+lithium5) unstable; urgency=low + + * Force release + + -- Daniil Baturin Tue, 23 Dec 2014 01:55:46 +0100 + +vyatta-cfg-system (0.20.44+vyos2+lithium4) unstable; urgency=low + + [ Hiroshi Umehara ] + * vyatta-cfg-system: fix for unusable "link" option (Bug #381) + + [ Jared Baldridge ] + * Adding support for spaces in the key comment field (Bug #411) + + [ Ryo Nakamura ] + * support "remote" attribute of VXLAN tunnel (Bug #416) + + [ Alex Harpin ] + + -- Alex Harpin Sat, 20 Dec 2014 18:38:25 +0000 + +vyatta-cfg-system (0.20.44+vyos2+lithium3) unstable; urgency=low + + [ Jared Baldridge ] + * Adding initial support for loading a config from AWS EC2 user-data + + [ Jason Hendry ] + * Expose rsyslog log level 'all' in CLI + * Initial import fo vyatta_update_sysctl.pl + * Creating template for net.ipv4.ipfrag_time sysctl + * Adding all + custom sysctl option nodes + * Removing sysctl all node, adding net.ipv4.igmp_max_memberships + * Adding offload setting management to vyatta-interfaces.pl + * Adding templates for tso options. fixing logic in vyatta-interfaces for tso options + * Making offload setting changes change on a single option + * Updating comments so they make a bit more sense + * Removing default settings offload values + * Cleaning up ethtool execution code + * Correcting udp offload option name form segmentation to fragmentation + * Removing unsed variable from declaration + + [ Paul Gear ] + * Omit "Vyatta" from sysDescr + + [ Hiroyuki Sato ] + * Fix Bug#382 Removing system ipv6 forwarding causes script error. + + [ Alex Harpin ] + + -- Alex Harpin Wed, 10 Dec 2014 07:53:50 +0000 + +vyatta-cfg-system (0.20.44+vyos2+lithium2) unstable; urgency=low + + * Force release + + -- Daniil Baturin Wed, 29 Oct 2014 22:45:42 +0100 + +vyatta-cfg-system (0.20.44+vyos2+lithium1) unstable; urgency=low + + * New branch + + -- Daniil Baturin Wed, 29 Oct 2014 22:44:52 +0100 + +vyatta-cfg-system (0.20.43+vyos1+helium24) unstable; urgency=low + + * vyatta-cfg-system: fix for 'user vyos doesn't exist' on password reset + * vyatta-cfg-system: add complete user config entry on password reset + * vyatta-cfg-system: set default vyos password hash to sha-512 when reset + * vyatta-cfg-system: allow password reset for users other than vyos + * vyatta-cfg-system: fix for deleting encrypted password breaks config + * vyatta-cfg-system: comment change in the plaintext-password node + + -- Alex Harpin Fri, 24 Oct 2014 16:57:23 +0100 + +vyatta-cfg-system (0.20.43+vyos1+helium23) unstable; urgency=low + + [ Alex Harpin ] + * vyatta-cfg-system: allow dhcp and dhcpv6 addresses to be deleted + + [ Daniil Baturin ] + + -- Daniil Baturin Thu, 09 Oct 2014 23:18:31 +0200 + +vyatta-cfg-system (0.20.43+vyos1+helium22) unstable; urgency=low + + * Make EC2 key fetcher start on boot. + + -- Daniil Baturin Thu, 09 Oct 2014 21:18:44 +0200 + +vyatta-cfg-system (0.20.43+vyos1+helium21) unstable; urgency=low + + * Use returnEffectiveValues in intfwatchd so it works outside of + config session. + + -- Daniil Baturin Thu, 09 Oct 2014 00:10:29 +0200 + +vyatta-cfg-system (0.20.43+vyos1+helium20) unstable; urgency=low + + * Fix regular expression so it works with any (I hope!) interface + types. + * Even more specific regex. + + -- Daniil Baturin Wed, 08 Oct 2014 21:17:39 +0200 + +vyatta-cfg-system (0.20.43+vyos1+helium19) unstable; urgency=low + + * Add ex2-check script. + + -- Daniil Baturin Wed, 08 Oct 2014 15:50:02 +0200 + +vyatta-cfg-system (0.20.43+vyos1+helium18) unstable; urgency=low + + * If not running on AWS (system UUID and serial do not start with + EC2), don't do AWS-specific things. + * Bug #335, run the EC2 key fetching script as vyattacfg. + + -- Daniil Baturin Wed, 08 Oct 2014 12:13:29 +0200 + +vyatta-cfg-system (0.20.43+vyos1+helium17) unstable; urgency=low + + [ upa ] + * Add support for VXLAN + * fix create/del error handling + + [ Alex Harpin ] + * vyatta-cfg-system: formatting changes for style consistency + * vyatta-cfg-system: revert bb71cf5b7b3a48812e28dbefba8c535f9bbf9973 + * vyatta-cfg-system: add 'set system allow-dhcp-nameservers' option + + [ Kim Hagen ] + * Remove gre-multipoint encapsulation option, make the tunnel + multipoint if 'remote-ip' is nowt set. + + [ Alex Harpin ] + * vyatta-cfg-system: formatting changes for style consistency + * vyatta-cfg-system: expand 'set system allow-dhcp-nameservers' logic + + [ Kim Hagen ] + * Fix syntax error + + [ Alex Harpin ] + * vyatta-cfg-system: rename allow-dhcp-nameservers and change to + typeless + + [ Daniil Baturin ] + * Remove VXLAN templates that are supposed to be generated. + * Add VXLAN to generated templates. + * Remove ip/node.def, it's autogenerated too. + * Remove source-validation templates, those are also autogenerated. + + [ Kim Hagen ] + * Fix typo + + [ Daniil Baturin ] + * Rename "dev" to "link" under VXLAN for consistency with peth + * Fix a typo in help string. + + -- Daniil Baturin Tue, 07 Oct 2014 19:45:58 +0200 + +vyatta-cfg-system (0.20.43+vyos1+helium16) unstable; urgency=low + + [ UnicronNL ] + * Remove execution of vyatta-update-nhtp script + * Remove obsolete information + * Always allow gre-multipoint + + [ Kim Hagen ] + * Bug #285 - Cannot delete bond interface with vif + + [ Alex Harpin ] + * vyatta-cfg-system: remove quotes from SysContact and SysLocation + + [ Kim Hagen ] + * Do not delete tunnel if it is in use by NHRP config + + [ Alex Harpin ] + * vyatta-cfg-system: formatting changes for style consistency + * vyatta-cfg-system: allow interfaces with dhcp addresses to be + deleted + * vyatta-cfg-system: formatting changes for style consistency + * vyatta-cfg-system: prevent dhcp updating dns when statically + configured + + [ Daniil Baturin ] + * Bug #306: add option to enable private VLAN proxy ARP on an + interface. + + -- Daniil Baturin Tue, 09 Sep 2014 17:32:43 +0200 + +vyatta-cfg-system (0.20.43+vyos1+helium15) unstable; urgency=low + + * Bug #196: rename "smuxpeer" to "smux-peer" for consistency with + other commands. + * Bug #173: rename "disable" option to "ignore". + * Bug #237: improve ciphers option help and value validation. + + -- Daniil Baturin Sun, 03 Aug 2014 12:45:11 +0200 + +vyatta-cfg-system (0.20.43+vyos1+helium14) unstable; urgency=low + + * Bug #256: adjust mtu node priority. + + -- Daniil Baturin Sat, 02 Aug 2014 03:53:48 +0200 + +vyatta-cfg-system (0.20.43+vyos1+helium13) unstable; urgency=low + + * Bug #246: add multicast querier toggle to bridge. + + -- Daniil Baturin Sat, 02 Aug 2014 01:01:04 +0200 + +vyatta-cfg-system (0.20.43+vyos1+helium12) unstable; urgency=low + + [ ftoyama ] + * Change lower the priority of l2tpv3 than the priority of static + route. + + [ Daniil Baturin ] + * Rename dummy interfaces to dumX to avoid confusion with the default + + -- Daniil Baturin Thu, 31 Jul 2014 01:29:51 +0200 + +vyatta-cfg-system (0.20.43+vyos1+helium11) unstable; urgency=low + + * Replace login check with UID check in install-get-partition. + + -- Daniil Baturin Wed, 30 Jul 2014 00:29:58 +0200 + +vyatta-cfg-system (0.20.43+vyos1+helium10) unstable; urgency=low + + * Replace login name check with effective UID check. + * Replace login name check with effective UID check in install-image. + + -- Daniil Baturin Tue, 29 Jul 2014 23:41:07 +0200 + +vyatta-cfg-system (0.20.43+vyos1+helium9) unstable; urgency=low + + * Set vyos-intfwatchd to start at boot by default. + + -- Daniil Baturin Fri, 25 Jul 2014 20:28:44 +0200 + +vyatta-cfg-system (0.20.43+vyos1+helium8) unstable; urgency=low + + [ UnicronNL ] + * Add Freescale i.MX serial device + + [ Daniil Baturin ] + * Add vyod-intfwatchd for restoring IPv6 addresses after link flaps. + * Bug #259: do not try to remove addresses that don't exist. + + -- Daniil Baturin Fri, 25 Jul 2014 18:36:30 +0200 + +vyatta-cfg-system (0.20.43+vyos1+helium7) unstable; urgency=low + + [ Paul Gear ] + * Fix ignore-hosts-file operation + * Fix dnsmasq.conf generation for ignore-hosts-file + + [ tofoo ] + * Fix modprobe for l2tpv3 over ip + + [ Kim Hagen ] + * Skip finding hypervisor vendor if cpu is other than x86_64. + * Only depend on grub if archtecture is i386 or amd64 + + [ Daniil Baturin ] + * Fix is_live_boot check to account for the overlayfs change. + * Bug #269: missed return in is_ec2_ami. + + -- Daniil Baturin Fri, 25 Jul 2014 12:23:03 +0200 + +vyatta-cfg-system (0.20.43+vyos1+helium6) unstable; urgency=low + + [ Abdelouahed Haitoute ] + * Added feature to send log message to remote syslog server over UDP + or TCP. + * Added feature to add smuxpeer entries in file /etc/snmp/snmpd.conf. + + [ Kim Hagen ] + * Add QinQ vlan to ethernet interface config + * Fix variables. + * Change priority in node.def + * Add QinQ vlan to Bonding and pseudo-ethernet interfaces. + * Set help to Nested vlan. + * Bug #21 - Add the ability to adjust system ARP settings via the CLI + on a per interface basis + * Fix build errors due to interface prio in perl script. + * Remove file vyatta-cfg-system.install. + * Set separate virtual interface for QinQ. + + [ Daniil Baturin ] + * Bug #255: add an option to ignore hosts file in dnsmasq. + + -- Daniil Baturin Tue, 08 Jul 2014 17:07:35 +0200 + +vyatta-cfg-system (0.20.43+vyos1+helium5) unstable; urgency=low + + [ James Davidson ] + * Support and switch to overlayfs + + [ Kim Hagen ] + * Add fuse group for admin users so /dev/fuse is accessible and + + [ hydrajump ] + * Remove trailing whitespace + * Add support for installing a new image on the Amazon AMI + * Fix AWS EC2 AMI support + * Revert to state before add-aws-ami-support + * Fix to enable ec2-fetch-ssh-public-key init script + + [ neutralrockets ] + * Add support for ciphers and macs override in ssh + + [ Kim Hagen ] + * Bug #239 - Getting the version number by using dpkg will not work + when upgrading to newer version of debian. + + [ Daniil Baturin ] + + -- Daniil Baturin Mon, 16 Jun 2014 13:00:08 +0200 + +vyatta-cfg-system (0.20.43+vyos1+helium4) unstable; urgency=low + + [ hydrajump ] + * Add system option for ctrl-alt-del-action to configuration + * Use elif conditional instead of if + * Add syntax check to validate value + + [ Daniil Baturin ] + * Bug #170: Rename nodes for consistency with the rest of the system. + * Bug #170: Set default wait time to 0. + * Bug #170: Set link up at after creating tunnel. + * Bug #170: Add address, disable, and description options. + * Bug #170: Break iproute2 commands in multiple line for better + readability. + * Bug #170: Specify interface name in iproute2 command to override + default numering. + * Bug #170: Remove "wait" option. + * Bug #170: Improve help strings. + + -- Daniil Baturin Sat, 12 Apr 2014 22:24:22 +0200 + +vyatta-cfg-system (0.20.43+vyos1+helium3) unstable; urgency=low + + * Bug #159: add dummy type to network interface type list. + * Remove extra space before pppoe in interface types for nicer + formatting. + * Bug #170: add L2TPv3 to the interface type list. + + -- Daniil Baturin Sun, 06 Apr 2014 14:58:14 +0200 + +vyatta-cfg-system (0.20.43+vyos1+helium2) unstable; urgency=low + + [ hydrajump ] + * Fixed parted command for root partition alignment. + + [ higebu ] + * Add support for l2tpv3 + * Fix support for l2tpv3 over ip + + [ hydrajump ] + * Cleanup of unused parted root partitioning starting offset + + [ higebu ] + * Remove endpoint, and add mtu support + + [ tea2ka ] + * using a DNS server with an IPv6 address. + * collect dhcpv6-options + + [ hydrajump ] + * Delete SSH blacklists as they are no longer needed + + [ Daniil Baturin ] + * Bug #159: add conf mode templates for dummy interfaces. + * Bug #159: add delete action for dummy interfaces. + + -- Daniil Baturin Sun, 06 Apr 2014 11:52:08 +0200 + +vyatta-cfg-system (0.20.43+vyos1+helium1) unstable; urgency=low + + * New branch + + -- Daniil Baturin Sat, 15 Feb 2014 16:53:19 +0100 + +vyatta-cfg-system (0.20.43+hydrogen12) unstable; urgency=low + + * Merge changes to SNMPv3 templates and scripts from vRouter 5400 + trial ISO. + + -- Daniil Baturin Fri, 31 Jan 2014 03:55:52 +0100 + +vyatta-cfg-system (0.20.43+hydrogen11) unstable; urgency=low + + * Force release + + -- Daniil Baturin Sat, 18 Jan 2014 01:41:12 +0100 + +vyatta-cfg-system (0.20.43+hydrogen10) unstable; urgency=low + + * Bug #98: add an option for redirect support to curl call. + + -- Daniil Baturin Sat, 18 Jan 2014 01:40:28 +0100 + +vyatta-cfg-system (0.20.43+hydrogen9) unstable; urgency=low + + * Change image name for new installs to just numeric version. + + -- Daniil Baturin Sun, 22 Dec 2013 11:16:14 +0100 + +vyatta-cfg-system (0.20.43+hydrogen8) unstable; urgency=low + + * Bug #96: fix menu entry generation so image version is included. + * Fix curl command to fetch the signature file. + + -- Daniil Baturin Sun, 22 Dec 2013 09:28:12 +0100 + +vyatta-cfg-system (0.20.43+hydrogen7) unstable; urgency=low + + * Bug #92: change default timezone to UTC for the sake of scientific + * Bug #51: update /etc/timezone when timezone changes. + + -- Daniil Baturin Wed, 18 Dec 2013 04:23:05 +0100 + +vyatta-cfg-system (0.20.43+hydrogen6) unstable; urgency=low + + [ Stig Thormodsrud ] + * Fix bug 318 - Use SHA-512 hashing for user passwords instead of MD5 + + [ Daniil Baturin ] + + -- Daniil Baturin Tue, 17 Dec 2013 03:35:52 +0100 + +vyatta-cfg-system (0.20.43+hydrogen5) unstable; urgency=low + + * Remove init-floppy script + * Replace s/Vyatta/VyOS/ in parition handling installer functions + * Remove init-floppy from automake rules + * Bug #55: fix user name in password reset script. + + -- Daniil Baturin Sun, 03 Nov 2013 14:15:26 +0100 + +vyatta-cfg-system (0.20.43+hydrogen4) unstable; urgency=low + + * Fix some shell quoting weirdness (curl dumped the ISO on stdout) + + -- Daniil Baturin Sat, 02 Nov 2013 06:34:43 +0100 + +vyatta-cfg-system (0.20.43+hydrogen3) unstable; urgency=low + + * Fix image name, according to new numeric-only vyatta-version naming + * Replace missed vyatta names in installer + * Set User-Agent: to VyOS/$version for statistics collection. + + -- Daniil Baturin Sat, 02 Nov 2013 02:34:57 +0100 + +vyatta-cfg-system (0.20.43+hydrogen2) unstable; urgency=low + + * Test release + + -- Daniil Baturin Fri, 01 Nov 2013 23:55:00 +0100 + +vyatta-cfg-system (0.20.43+hydrogen1) unstable; urgency=low + + * Fix branch + + -- Daniil Baturin Fri, 01 Nov 2013 22:41:42 +0100 + +vyatta-cfg-system (0.20.42+daisy25) unstable; urgency=low + + * Replace s/Vyatta/VyOS/ in install-system script. + + -- Daniil Baturin Fri, 01 Nov 2013 21:41:42 +0100 + +vyatta-cfg-system (0.20.42+daisy24) unstable; urgency=low + + * Remote unused file test_bootfile + + -- Daniil Baturin Thu, 31 Oct 2013 13:34:48 +0100 + +vyatta-cfg-system (0.20.42+daisy23) unstable; urgency=low + + * Force release + + -- Daniil Baturin Thu, 31 Oct 2013 13:14:19 +0100 + +vyatta-cfg-system (0.20.42+daisy22) unstable; urgency=low + + * Dedicated alias for vyos maintainers as email. + * s/Vyatta/VyOS/ in default config. + * Update debian/control email too. + * ...and AUTHORS. + + -- Daniil Baturin Thu, 31 Oct 2013 13:12:19 +0100 + +vyatta-cfg-system (0.20.42+daisy21) unstable; urgency=low + + * Update names in grub config templates. + * Update default user in installer script. + * Update default hostname. + * Update maintainers addresses. + + -- Daniil Baturin Mon, 21 Oct 2013 21:49:05 -0700 + +vyatta-cfg-system (0.20.42+daisy20) unstable; urgency=low + + * SNMP: Group secLevel check. Fix 'delete priv on user' + + -- James Davidson Wed, 05 Jun 2013 09:19:58 -0700 + +vyatta-cfg-system (0.20.42+daisy19) unstable; urgency=low + + * SNMP sync up + + -- James Davidson Thu, 16 May 2013 10:20:53 -0700 + +vyatta-cfg-system (0.20.42+daisy18) unstable; urgency=low + + * Replace original config file handling behaviour + + -- James Davidson Mon, 15 Apr 2013 14:26:25 -0700 + +vyatta-cfg-system (0.20.42+daisy17) unstable; urgency=low + + * Bugfix 8711: Switch to Bash syntax for conditionals + + -- John Southworth Fri, 12 Apr 2013 14:16:11 -0700 + +vyatta-cfg-system (0.20.42+daisy16) unstable; urgency=low + + [ Stephen Hemminger ] + * ethernet: deleting device should put in admin down + + [ John Southworth ] + + -- John Southworth Fri, 12 Apr 2013 09:28:34 -0700 + +vyatta-cfg-system (0.20.42+daisy15) unstable; urgency=low + + * Bugfix 8526: don't use REQUIRED on remote-ip + + -- John Southworth Fri, 12 Apr 2013 09:26:47 -0700 + +vyatta-cfg-system (0.20.42+daisy14) unstable; urgency=low + + * Bugfix 8804 + + -- John Southworth Fri, 12 Apr 2013 09:13:36 -0700 + +vyatta-cfg-system (0.20.42+daisy13) unstable; urgency=low + + [ Stephen Hemminger ] + * snmpv3: enable strict warnings and fix perlcritic + * fix device naming on boot + + [ James Davidson ] + + -- James Davidson Tue, 02 Apr 2013 08:52:37 -0700 + +vyatta-cfg-system (0.20.42+daisy12) unstable; urgency=low + + * Fix typo in domain-name delete action + + -- James Davidson Mon, 01 Apr 2013 09:26:05 -0700 + +vyatta-cfg-system (0.20.42+daisy11) unstable; urgency=low + + * SNMP: Add multicast smux peers + + -- James Davidson Wed, 20 Mar 2013 09:07:37 -0700 + +vyatta-cfg-system (0.20.42+daisy10) unstable; urgency=low + + * Sync up SNMPv3 support + + -- James Davidson Wed, 06 Mar 2013 11:24:17 -0800 + +vyatta-cfg-system (0.20.42+daisy9) unstable; urgency=low + + * mGRE bug fixes local-ip address changes and v6 check. + + -- Saurabh Mohan Tue, 12 Feb 2013 16:11:05 -0800 + +vyatta-cfg-system (0.20.42+daisy8) unstable; urgency=low + + * Initial SNMPv3 support + + -- James Davidson Tue, 12 Feb 2013 13:39:56 -0800 + +vyatta-cfg-system (0.20.42+daisy7) unstable; urgency=low + + * Skip biosdevname if running in Xen + + -- James Davidson Wed, 06 Feb 2013 15:27:01 -0800 + +vyatta-cfg-system (0.20.42+daisy6) unstable; urgency=low + + * Add ability to restart services when hostname changes + + -- James Davidson Tue, 29 Jan 2013 09:58:49 -0800 + +vyatta-cfg-system (0.20.42+daisy5) unstable; urgency=low + + * Dmvpn merge with mirantis jan22-2013 + + -- Saurabh Mohan Tue, 22 Jan 2013 12:30:35 -0800 + +vyatta-cfg-system (0.20.42+daisy4) unstable; urgency=low + + * Bug 7856: Set default neighbour table size to 8192 + + -- James Davidson Tue, 08 Jan 2013 15:14:20 -0800 + +vyatta-cfg-system (0.20.42+daisy3) unstable; urgency=low + + * mgre support initial commit. + + -- Saurabh Mohan Wed, 26 Dec 2012 15:31:07 -0800 + +vyatta-cfg-system (0.20.42+daisy2) unstable; urgency=low + + * revert 918bd40d3e3f238a800b1486f70e2d5ee1d71a72 + + -- John Southworth Wed, 12 Dec 2012 14:40:34 -0800 + +vyatta-cfg-system (0.20.42+daisy1) unstable; urgency=low + + * create daisy branch + + -- John Southworth Sat, 13 Oct 2012 13:30:43 -0700 + +vyatta-cfg-system (0.20.42) unstable; urgency=low + + * new branch + + -- John Southworth Fri, 12 Oct 2012 19:46:58 -0700 + +vyatta-cfg-system (0.20.41) unstable; urgency=low + + * Bug 8423 move serial interfaces to vyatta-serial + + -- John Southworth Mon, 08 Oct 2012 22:32:02 -0700 + +vyatta-cfg-system (0.20.40) unstable; urgency=low + + * Bugfix 8423 add interface types to netdevice + + -- John Southworth Mon, 08 Oct 2012 21:27:40 -0700 + +vyatta-cfg-system (0.20.39) unstable; urgency=low + + * Bugfix 8410: give warning when config didn't load properly and + passwords have been changed + + -- John Southworth Fri, 05 Oct 2012 17:38:42 -0700 + +vyatta-cfg-system (0.20.38) unstable; urgency=low + + * Commit and save password changes only once + + -- James Davidson Tue, 02 Oct 2012 15:33:54 -0700 + +vyatta-cfg-system (0.20.37) unstable; urgency=low + + * Bugfix 8356: Fix ARP flux with VRRP addresses + + -- John Southworth Mon, 01 Oct 2012 23:12:07 -0700 + +vyatta-cfg-system (0.20.36) unstable; urgency=low + + * Bugfix 8290: Detect original unsalted password + + -- John Southworth Tue, 25 Sep 2012 10:17:09 -0700 + +vyatta-cfg-system (0.20.35) unstable; urgency=low + + * Do not check disabled accounts for default password + + -- James Davidson Fri, 21 Sep 2012 14:17:25 -0700 + +vyatta-cfg-system (0.20.34) unstable; urgency=low + + * Set hostname after updating hosts file + + -- James Davidson Wed, 19 Sep 2012 11:56:39 -0700 + +vyatta-cfg-system (0.20.33) unstable; urgency=low + + * fix for 8372 - Unclear which user ID the changed administrator + password applies to + + -- Deepti Kulkarni Tue, 18 Sep 2012 16:58:30 -0700 + +vyatta-cfg-system (0.20.32) unstable; urgency=low + + * Bugfix 8359: When deleteing vti interface use tunnel interface mode + ipip + + -- Saurabh Mohan Tue, 18 Sep 2012 12:36:43 -0700 + +vyatta-cfg-system (0.20.31) unstable; urgency=low + + * Update /etc/hosts when host name and domain name changes + + -- James Davidson Mon, 10 Sep 2012 09:16:18 -0700 + +vyatta-cfg-system (0.20.30) unstable; urgency=low + + * Set system password also when resetting admin password + + -- James Davidson Thu, 06 Sep 2012 11:09:56 -0700 + +vyatta-cfg-system (0.20.29) unstable; urgency=low + + * Bugfix 8326 + + -- John Southworth Wed, 05 Sep 2012 14:13:13 -0700 + +vyatta-cfg-system (0.20.28) unstable; urgency=low + + * Configure logrotate to maintain log file ownership + + -- James Davidson Tue, 04 Sep 2012 18:31:25 -0700 + +vyatta-cfg-system (0.20.27) unstable; urgency=low + + * Bugfix 6967: Test if an address is already applied to an interface + before attempting to apply it + * Bugfix 8290 + + -- John Southworth Tue, 04 Sep 2012 16:40:49 -0700 + +vyatta-cfg-system (0.20.26) unstable; urgency=low + + * Force Xen installs to use ext3 without write barriers + + -- John Southworth Wed, 29 Aug 2012 11:04:41 -0700 + +vyatta-cfg-system (0.20.25) unstable; urgency=low + + * Revert "Write barriers don't work on all devices, disable them" + + -- John Southworth Tue, 28 Aug 2012 15:46:25 -0700 + +vyatta-cfg-system (0.20.24) unstable; urgency=low + + * Write barriers don't work on all devices, disable them + + -- John Southworth Tue, 28 Aug 2012 13:37:05 -0700 + +vyatta-cfg-system (0.20.23) unstable; urgency=low + + * Allow deleting unknown user + + -- Stephen Hemminger Fri, 17 Aug 2012 13:11:58 -0700 + +vyatta-cfg-system (0.20.22) unstable; urgency=low + + * Allow any mtu for bonding vif + * Fix filecaps for xtables + + -- Stephen Hemminger Thu, 16 Aug 2012 09:28:28 -0700 + +vyatta-cfg-system (0.20.21) unstable; urgency=low + + * Remove support for ssh protocol version + * fix iptables file attributes + + -- Stephen Hemminger Wed, 15 Aug 2012 16:15:25 -0700 + +vyatta-cfg-system (0.20.20) unstable; urgency=low + + * Fix path to iptables + + -- Stephen Hemminger Tue, 14 Aug 2012 11:15:55 -0700 + +vyatta-cfg-system (0.20.19) unstable; urgency=low + + * Add support for network device prefix table + + -- Stephen Hemminger Tue, 14 Aug 2012 10:52:03 -0700 + +vyatta-cfg-system (0.20.18) unstable; urgency=low + + * Bugfix 8241: VTI Sync up the mtu range check with what the kernel + module accepts. + + -- Saurabh Mohan Thu, 09 Aug 2012 14:13:33 -0700 + +vyatta-cfg-system (0.20.17) unstable; urgency=low + + [ Stephen Hemminger ] + * Minor typo in bonding help + + [ James Davidson ] + * Restart rsyslog when system time-zone changes + + -- James Davidson Fri, 03 Aug 2012 09:22:35 -0700 + +vyatta-cfg-system (0.20.16) unstable; urgency=low + + * Use hash map of addresses to interfaces + + -- Stephen Hemminger Fri, 22 Jun 2012 15:51:45 -0700 + +vyatta-cfg-system (0.20.15) unstable; urgency=low + + * Bugfix 8115: reset miimon on arp-montior deletion + + -- John Southworth Tue, 19 Jun 2012 09:13:58 -0700 + +vyatta-cfg-system (0.20.14) unstable; urgency=low + + * Fix help on for USB serial console + + -- Stephen Hemminger Wed, 13 Jun 2012 15:35:50 -0700 + +vyatta-cfg-system (0.20.13) unstable; urgency=low + + * Allow USB console in Grub setup + + -- Stephen Hemminger Tue, 12 Jun 2012 15:06:20 -0700 + +vyatta-cfg-system (0.20.12) unstable; urgency=low + + * Allow USB serial console + + -- Stephen Hemminger Tue, 12 Jun 2012 15:00:05 -0700 + +vyatta-cfg-system (0.20.11) unstable; urgency=low + + * VTI delete check for reference under vpn. + + -- Saurabh Mohan Mon, 11 Jun 2012 17:49:22 -0700 + +vyatta-cfg-system (0.20.10) unstable; urgency=low + + * Vti tunnel config support. + + -- Saurabh Mohan Wed, 16 May 2012 16:09:45 -0700 + +vyatta-cfg-system (0.20.9) unstable; urgency=low + + * Change default to No when not enough space to save config + + -- James Davidson Wed, 16 May 2012 11:02:40 -0700 + +vyatta-cfg-system (0.20.8) unstable; urgency=low + + * Move VRRP to its own package + * Remove vrrp files from Makefile + + -- John Southworth Tue, 15 May 2012 20:48:00 -0700 + +vyatta-cfg-system (0.20.7) unstable; urgency=low + + * Remove vrrp operational scripts from vyatta-cfg-system + + -- John Southworth Tue, 15 May 2012 11:37:48 -0700 + +vyatta-cfg-system (0.20.6) unstable; urgency=low + + * Turn on vrrp snmp traps by default + + -- John Southworth Mon, 07 May 2012 18:06:57 -0700 + +vyatta-cfg-system (0.20.5) unstable; urgency=low + + * vif: remove check for flags when creating VIF + + -- Stephen Hemminger Tue, 24 Apr 2012 09:00:33 -0700 + +vyatta-cfg-system (0.20.4) unstable; urgency=low + + * Return success on stop if telnetd service is not running + * 0.20.3 + * Use rsyslog to trigger log rotation + + -- James Davidson Wed, 18 Apr 2012 11:06:01 -0700 + +vyatta-cfg-system (0.20.3) unstable; urgency=low + + * Return success on stop if telnetd service is not running + + -- James Davidson Wed, 18 Apr 2012 11:02:22 -0700 + +vyatta-cfg-system (0.20.2) unstable; urgency=low + + * Fix minor perlcritc warning in vrrp-state + * Replace intf->carrier() check with intf->running() + + -- Stephen Hemminger Tue, 10 Apr 2012 18:29:28 -0700 + +vyatta-cfg-system (0.20.1) unstable; urgency=low + + * Add dependency on dialog package + * Add network console support + + -- Stephen Hemminger Wed, 04 Apr 2012 15:41:45 -0700 + +vyatta-cfg-system (0.19.176) unstable; urgency=low + + [ Jon Andersson ] + * Bugfix 7976: Move the test to update: to allow addresses to be + configured + + [ John Southworth ] + + -- John Southworth Tue, 27 Mar 2012 08:18:19 -0700 + +vyatta-cfg-system (0.19.175) unstable; urgency=low + + * new branch + + -- Deepti Kulkarni Sat, 03 Mar 2012 02:25:38 -0800 + +vyatta-cfg-system (0.19.174) unstable; urgency=low + + * bug fix for 7489 - Added warning message on delete system console + + -- Deepti Kulkarni Thu, 01 Mar 2012 06:29:12 -0800 + +vyatta-cfg-system (0.19.173) unstable; urgency=low + + * Bugfix 7555: Allow users to import keys when using loadkey + * forgot to use io::prompt + + -- John Southworth Thu, 01 Mar 2012 00:52:22 +0000 + +vyatta-cfg-system (0.19.172) unstable; urgency=low + + * Bugfix 7555: allow users to import ssh keys when running add system + image + + -- John Southworth Wed, 29 Feb 2012 22:55:45 +0000 + +vyatta-cfg-system (0.19.171) unstable; urgency=low + + * Cleanup interface statistic clear files on reboot + + -- Stephen Hemminger Tue, 21 Feb 2012 21:22:56 -0800 + +vyatta-cfg-system (0.19.170) unstable; urgency=low + + * Fix server property option + + -- Stephen Hemminger Tue, 21 Feb 2012 13:20:52 -0800 + +vyatta-cfg-system (0.19.169) unstable; urgency=low + + * Disable reboot on ctrl-alt-del + + -- Stephen Hemminger Tue, 21 Feb 2012 12:23:28 -0800 + +vyatta-cfg-system (0.19.168) unstable; urgency=low + + * Remove reference to init-floppy + + -- Stephen Hemminger Tue, 21 Feb 2012 11:09:38 -0800 + +vyatta-cfg-system (0.19.167) unstable; urgency=low + + * Fix spelling errors in install image + + -- Stephen Hemminger Tue, 21 Feb 2012 10:56:55 -0800 + +vyatta-cfg-system (0.19.166) unstable; urgency=low + + * Bug #7787: Allow using custom command line arguments in transition + * Bug #7787: Modify VRRP templates to allow custom script arguments, + * Fix VRRP templates error string capitalization. + + -- Daniil Baturin Sat, 18 Feb 2012 04:48:42 +0700 + +vyatta-cfg-system (0.19.165) unstable; urgency=low + + * snmp: add missing newline to config file + + -- Stephen Hemminger Fri, 17 Feb 2012 11:48:53 -0800 + +vyatta-cfg-system (0.19.164) unstable; urgency=low + + * Fix typo in last SNMP change. + + -- Stephen Hemminger Fri, 10 Feb 2012 11:57:32 -0800 + +vyatta-cfg-system (0.19.163) unstable; urgency=low + + * snmp: enable agentx + * fix path to ethtool + + -- Stephen Hemminger Thu, 09 Feb 2012 11:15:43 -0800 + +vyatta-cfg-system (0.19.162) unstable; urgency=low + + * Fix missing space on postinst script + + -- John Southworth Fri, 03 Feb 2012 16:29:28 -0800 + +vyatta-cfg-system (0.19.161) unstable; urgency=low + + * Bugfix 7770 + + -- John Southworth Fri, 03 Feb 2012 14:00:03 -0800 + +vyatta-cfg-system (0.19.160) unstable; urgency=low + + * Allow operator users to run dmidecode so show version works for them + + -- John Southworth Mon, 30 Jan 2012 22:43:51 +0000 + +vyatta-cfg-system (0.19.159) unstable; urgency=low + + * Fix missing error (missing lecho) in install-system + + -- Stephen Hemminger Tue, 24 Jan 2012 16:51:45 -0800 + +vyatta-cfg-system (0.19.158) unstable; urgency=low + + * Make disk label if necessary + + -- Stephen Hemminger Fri, 20 Jan 2012 15:37:31 -0800 + +vyatta-cfg-system (0.19.157) unstable; urgency=low + + * Enforce length restriction on interface description + + -- Stephen Hemminger Thu, 19 Jan 2012 19:05:36 -0800 + +vyatta-cfg-system (0.19.156) unstable; urgency=low + + * Fix check for pseudo-ethernet overlap + + -- Stephen Hemminger Mon, 16 Jan 2012 10:26:21 -0800 + +vyatta-cfg-system (0.19.155) unstable; urgency=low + + * Check for conflict between pseudo-ethernet and bonding,bridging + * install: use sfdisk to get disk size + * install-system: use sfdisk to find drive size + * Check for existance of postconfig boot up script + + -- Stephen Hemminger Wed, 11 Jan 2012 16:00:06 -0800 + +vyatta-cfg-system (0.19.154) unstable; urgency=low + + [ Jon Andersson ] + * Update to local_ip + + [ Stephen Hemminger ] + + -- Stephen Hemminger Mon, 09 Jan 2012 14:24:50 -0800 + +vyatta-cfg-system (0.19.153) unstable; urgency=low + + * Bugfix 7689: change vrrp auth_type detection 'simple' to 'plaintext- + password' + + -- John Southworth Tue, 03 Jan 2012 16:46:02 -0800 + +vyatta-cfg-system (0.19.152) unstable; urgency=low + + * bonding: do not allow interface with VRRP to be enslaved + * bridge: check for VRRP + + -- Stephen Hemminger Fri, 30 Dec 2011 11:09:11 -0800 + +vyatta-cfg-system (0.19.151) unstable; urgency=low + + * Move vrrp input filter creation to keepalived for faster transitions + + -- John Southworth Wed, 28 Dec 2011 11:48:52 -0800 + +vyatta-cfg-system (0.19.150) unstable; urgency=low + + * Move vrrp vmac sysctls to interface initialization in keepalived + + -- John Southworth Tue, 27 Dec 2011 10:34:23 -0800 + +vyatta-cfg-system (0.19.149) unstable; urgency=low + + * interfaces: don't add config for missing devices + * install: fix warning message when package is updated + + -- Stephen Hemminger Wed, 21 Dec 2011 17:53:56 -0800 + +vyatta-cfg-system (0.19.148) unstable; urgency=low + + * Extra grat. arps are not needed for vmac interfaces + + -- John Southworth Tue, 20 Dec 2011 16:17:58 -0800 + +vyatta-cfg-system (0.19.147) unstable; urgency=low + + * Verify user defined mac addresses are not VRRP mac addresses + + -- John Southworth Wed, 14 Dec 2011 15:35:04 -0800 + +vyatta-cfg-system (0.19.146) unstable; urgency=low + + * Add filtering to transition scripts for vmac interfaces; Make + transition script able to detect if the interface is a vmac + interface before applying the vmac specific changes + + -- John Southworth Mon, 12 Dec 2011 16:32:34 -0800 + +vyatta-cfg-system (0.19.145) unstable; urgency=low + + * Bug 7672: Don't execute check-params-on-reboot.d if config file + + -- Daniil Baturin Tue, 13 Dec 2011 03:13:00 +0700 + +vyatta-cfg-system (0.19.144) unstable; urgency=low + + * sysctl: increase maximum allowed socket buffer + + -- Stephen Hemminger Fri, 09 Dec 2011 11:06:08 -0800 + +vyatta-cfg-system (0.19.143) unstable; urgency=low + + * md: don't start unless needed + + -- Stephen Hemminger Fri, 09 Dec 2011 09:16:25 -0800 + +vyatta-cfg-system (0.19.142) unstable; urgency=low + + * Fix sysctl application for vlan interfaes + + -- John Southworth Thu, 08 Dec 2011 11:22:36 -0800 + +vyatta-cfg-system (0.19.141) unstable; urgency=low + + * Bugfix 7497: Include auth credentials when fetching the signature + file + + -- Bob Gilligan Tue, 06 Dec 2011 16:16:02 -0800 + +vyatta-cfg-system (0.19.140) unstable; urgency=low + + * Fix up formating of Vyatta specific HTTP options. + + -- Bob Gilligan Tue, 06 Dec 2011 14:05:59 -0800 + +vyatta-cfg-system (0.19.139) unstable; urgency=low + + * Add parsing of vrrp interfaces so that 'show vrrp interfaces ' will do what the user intended. + + -- John Southworth Tue, 06 Dec 2011 11:50:17 -0800 + +vyatta-cfg-system (0.19.138) unstable; urgency=low + + * make vyatta-interfaces.pl aware of vrrp interfaces + * Adjust the output of 'show vrrp' and 'show vrrp summary' for vmac + and address owner + + -- John Southworth Tue, 06 Dec 2011 09:14:43 -0800 + +vyatta-cfg-system (0.19.137) unstable; urgency=low + + * Add HTTP headers to identify client and version. + + -- Bob Gilligan Mon, 05 Dec 2011 17:45:10 -0800 + +vyatta-cfg-system (0.19.136) unstable; urgency=low + + * Set accept_local on vrrp interfaces so that transition from 'current + master that is not address owner' to 'address owner that is + requesting master' can occur + * 0.19.135 + + -- John Southworth Fri, 02 Dec 2011 14:49:40 -0800 + +vyatta-cfg-system (0.19.135) unstable; urgency=low + + * Set accept_local on vrrp interfaces so that transition from 'current + master that is not address owner' to 'address owner that is + requesting master' can occur + + -- John Southworth Fri, 02 Dec 2011 14:49:22 -0800 + +vyatta-cfg-system (0.19.134) unstable; urgency=low + + * Add vrrp interface description for bonding vif + + -- John Southworth Fri, 02 Dec 2011 11:20:32 -0800 + +vyatta-cfg-system (0.19.133) unstable; urgency=low + + * Change arp_filter for all to 0 to allow vrrp interfaces to override + the default of 1 + * Adjust the sysctl values of vrrp interfaces on master/backup + transitions + * Add handling for address ownership (priority 255) in RFC complient + mode + * Add vrrp interface description + + -- John Southworth Thu, 01 Dec 2011 16:52:00 -0800 + +vyatta-cfg-system (0.19.132) unstable; urgency=low + + * Move vyatta changes to sudoers to separate file + * change mode of /etc/sudoers.d/vyatta + * sudoers: expand ${bindir} + + -- Stephen Hemminger Tue, 29 Nov 2011 13:57:50 -0800 + +vyatta-cfg-system (0.19.131) unstable; urgency=low + + * Display vmac interface name in "show vrrp interfaces ..." command + + -- Bob Gilligan Mon, 28 Nov 2011 18:06:04 -0800 + +vyatta-cfg-system (0.19.130) unstable; urgency=low + + * Support VRRP virtual MAC interfaces above bond and bond vif + interfaces + + -- Bob Gilligan Mon, 28 Nov 2011 15:41:39 -0800 + +vyatta-cfg-system (0.19.129) unstable; urgency=low + + [ Stephen Hemminger ] + * Remove unnecessary sudo on ethtool + * Fix perl deprecated warning with 5.14 + + [ Bob Gilligan ] + * Use new naming convention for VRRP virtual mac interfaces. + + -- Bob Gilligan Mon, 28 Nov 2011 15:15:13 -0800 + +vyatta-cfg-system (0.19.128) unstable; urgency=low + + * Fix dyndns failure caused by commit: + 5d27f2ef302dc600ea737e9af4151041aa11a2e0 + + -- John Southworth Mon, 21 Nov 2011 08:19:57 -0800 + +vyatta-cfg-system (0.19.127) unstable; urgency=low + + * Adding CLI option for domain overrides for DNS forwarding, bug id + 4086 + + -- Gaurav Sinha Wed, 09 Nov 2011 16:42:41 -0800 + +vyatta-cfg-system (0.19.126) unstable; urgency=low + + [ Stephen Hemminger ] + * Cleanup dynamic DNS script + + [ Bob Gilligan ] + * First pass implementation of support for virtual MAC address + + -- Bob Gilligan Tue, 08 Nov 2011 16:04:53 -0800 + +vyatta-cfg-system (0.19.125) unstable; urgency=low + + * pseudo-ethernet remove incorrect template + * pseudo-ethernet: add support for proxy arp + * pseudo-ethernet: add VIF support + * Add support for macvlan mode + * Fix priority of vif for pseudo-ethernet + * Remove unnecessary sudo on bonding vif link detect script + + -- Stephen Hemminger Thu, 03 Nov 2011 14:28:36 -0700 + +vyatta-cfg-system (0.19.124) unstable; urgency=low + + * Bugfix 7575 allow tshark to run as unprivileged user, tshark uses + dumpcap as the packet interface so dumpcap needs cap_net_raw and + cap_net_admin + + -- John Southworth Thu, 20 Oct 2011 16:35:18 -0500 + +vyatta-cfg-system (0.19.123) unstable; urgency=low + + * allow rmmod without being root (with capability) + + -- Stephen Hemminger Mon, 17 Oct 2011 10:36:57 -0700 + +vyatta-cfg-system (0.19.122) unstable; urgency=low + + * Bugfix 7551: Fix vlan address completion text + + -- John Southworth Mon, 10 Oct 2011 19:06:30 -0500 + +vyatta-cfg-system (0.19.121) unstable; urgency=low + + [ Stephen Hemminger ] + * snmp: remove unused enterprise-mib hook + + [ Jon Andersson ] + * Bugfix 7553: Move the logic for delete from and end tag to a delete + tag + + [ John Southworth ] + + -- John Southworth Mon, 10 Oct 2011 16:16:33 -0500 + +vyatta-cfg-system (0.19.120) unstable; urgency=low + + * Bugfix 7492: Reset mac address to hw-id when the mac is deleted + + -- John Southworth Tue, 27 Sep 2011 13:59:13 -0500 + +vyatta-cfg-system (0.19.119) unstable; urgency=low + + * Bugfix 7502: Get "add system image" to work on Xen + + -- Bob Gilligan Wed, 12 Oct 2011 17:20:38 -0700 + +vyatta-cfg-system (0.19.118) unstable; urgency=low + + * Bugfix 7488: Configure Xen PV console hvc0 in Vyatta config file. + + -- Bob Gilligan Thu, 01 Sep 2011 18:11:32 -0700 + +vyatta-cfg-system (0.19.117) unstable; urgency=low + + * Bugfix 7469: Add support for installing onto Xen + + -- Bob Gilligan Wed, 31 Aug 2011 15:07:44 -0700 + +vyatta-cfg-system (0.19.116) unstable; urgency=low + + * Fix ipv6 tunnel template error + + -- Stephen Hemminger Wed, 24 Aug 2011 10:17:49 -0700 + +vyatta-cfg-system (0.19.115) unstable; urgency=low + + [ Stephen Hemminger ] + * Cleanup vyatta-config-reboot-params + * Fix deprecated use of chown + + [ John Southworth ] + * Bugfix 7461: Fix syntax problem when setting a mac address + + -- John Southworth Tue, 23 Aug 2011 16:01:32 -0500 + +vyatta-cfg-system (0.19.114) unstable; urgency=low + + * Migration for bug 6900 + + -- John Southworth Mon, 15 Aug 2011 13:30:23 -0500 + +vyatta-cfg-system (0.19.113) unstable; urgency=low + + * Don't bring ethernet device up if it is disabled + + -- Stephen Hemminger Thu, 11 Aug 2011 15:00:44 -0700 + +vyatta-cfg-system (0.19.112) unstable; urgency=low + + * Add encapsulation to IPv6 parameters deletion so that ipip6 tunnels + will work properly after a deletion. + + -- John Southworth Thu, 11 Aug 2011 16:34:41 -0500 + +vyatta-cfg-system (0.19.111) unstable; urgency=low + + [ John Southworth ] + * Fix permission problems on /config during initial install + + [ Jon Andersson ] + * Initial checkin of ipv6 tunnel support + + [ John Southworth ] + + -- John Southworth Thu, 11 Aug 2011 12:51:51 -0500 + +vyatta-cfg-system (0.19.110) unstable; urgency=low + + * bridge: allow setting mac address + + -- Stephen Hemminger Mon, 08 Aug 2011 16:43:34 -0700 + +vyatta-cfg-system (0.19.109) unstable; urgency=low + + * 0.19.108 + * fix missing command in debian/control + + -- Stephen Hemminger Sun, 07 Aug 2011 20:46:26 -0700 + +vyatta-cfg-system (0.19.108) unstable; urgency=low + + * Force dependency on later vyatta-cfg package + + -- Stephen Hemminger Sun, 07 Aug 2011 20:45:23 -0700 + +vyatta-cfg-system (0.19.107) unstable; urgency=low + + * ethernet: avoid needlessly setting mac address + + -- Stephen Hemminger Fri, 05 Aug 2011 20:55:41 -0700 + +vyatta-cfg-system (0.19.106) unstable; urgency=low + + * Added to make "force" op-mode command accessible to user type + + -- Deepti Kulkarni Wed, 27 Jul 2011 08:00:09 -0700 + +vyatta-cfg-system (0.19.105) unstable; urgency=low + + * Bugfix 7350: Allow default config.boot to be selected as config + file. + + -- Bob Gilligan Wed, 17 Aug 2011 15:08:32 -0700 + +vyatta-cfg-system (0.19.104) unstable; urgency=low + + * Fix permission problems on /config during initial install + + -- John Southworth Fri, 15 Jul 2011 20:49:15 -0700 + +vyatta-cfg-system (0.19.103) unstable; urgency=low + + * Bugfix 7070: Need to provide full path for irq-affinity.pl in + system() + + -- Bob Gilligan Sun, 14 Aug 2011 16:37:47 -0700 + +vyatta-cfg-system (0.19.102) unstable; urgency=low + + * Add hook to call a config migration script when upgrading from VSE + Demo. + + -- Bob Gilligan Fri, 12 Aug 2011 17:30:00 -0700 + +vyatta-cfg-system (0.19.101) unstable; urgency=low + + [ Stephen Hemminger ] + * Fix duplicate detection of hypervisor + + [ John Southworth ] + * Bugfix 7326: add /config/support directory by default + + -- John Southworth Wed, 13 Jul 2011 15:56:08 -0500 + +vyatta-cfg-system (0.19.100) unstable; urgency=low + + * new branch + + -- Deepti Kulkarni Thu, 07 Jul 2011 20:55:59 -0700 + +vyatta-cfg-system (0.19.99) unstable; urgency=low + + * Add more hypervisor detection logic + + -- Stephen Hemminger Wed, 06 Jul 2011 10:20:24 -0700 + +vyatta-cfg-system (0.19.98) unstable; urgency=low + + * Move the is_uniq_address function to Interface.pm + + -- John Southworth Tue, 05 Jul 2011 16:21:46 -0500 + +vyatta-cfg-system (0.19.97) unstable; urgency=low + + * bugfix 6801: check to see if the same address is configured on + another interface in the working config before allowing an address + to be set on an interface, allows for swapping addresses in the same + commit + + -- John Southworth Fri, 01 Jul 2011 17:32:25 -0700 + +vyatta-cfg-system (0.19.96) unstable; urgency=low + + * Make add system image use the new config directory for copying files + + -- John Southworth Fri, 24 Jun 2011 17:56:26 -0500 + +vyatta-cfg-system (0.19.95) unstable; urgency=low + + * Add better hypervisor detect logic + + -- Stephen Hemminger Thu, 23 Jun 2011 16:26:27 -0700 + +vyatta-cfg-system (0.19.94) unstable; urgency=low + + * Revert "bonding: remove requirement of slaves existing before vif" + * Ignore new hypervisor_vendor binary + + -- Stephen Hemminger Thu, 16 Jun 2011 18:28:11 -0400 + +vyatta-cfg-system (0.19.93) unstable; urgency=low + + * bonding: remove requirement of slaves existing before vif + * Add utility to find hypervisor vendor + + -- Stephen Hemminger Thu, 16 Jun 2011 17:53:43 -0400 + +vyatta-cfg-system (0.19.92) unstable; urgency=low + + * Bugfix 5856: Add username and password options. + + -- Bob Gilligan Thu, 14 Jul 2011 09:51:17 -0700 + +vyatta-cfg-system (0.19.91) unstable; urgency=low + + * Move the mtu settings out of the main inteface priority subtree as a + failure boundry + + -- John Southworth Wed, 08 Jun 2011 17:26:52 -0500 + +vyatta-cfg-system (0.19.90) unstable; urgency=low + + * Always log authorization messages + + -- Stephen Hemminger Wed, 01 Jun 2011 13:46:49 +0900 + +vyatta-cfg-system (0.19.89) unstable; urgency=low + + * alternative fix for bug 6958 + + -- An-Cheng Huang Wed, 25 May 2011 13:44:44 -0700 + +vyatta-cfg-system (0.19.88) unstable; urgency=low + + * don't assume hw-id exists since it can be deleted + + -- An-Cheng Huang Mon, 23 May 2011 08:41:52 -0700 + +vyatta-cfg-system (0.19.87) unstable; urgency=low + + * irq-affinity: more fixup + + -- Stephen Hemminger Fri, 20 May 2011 11:14:21 -0700 + +vyatta-cfg-system (0.19.86) unstable; urgency=low + + * irq-affinity: use sysfs to read cpu topology + + -- Stephen Hemminger Fri, 20 May 2011 08:40:33 -0700 + +vyatta-cfg-system (0.19.85) unstable; urgency=low + + [ Stephen Hemminger ] + * 0.19.82 + + [ Stig Thormodsrud ] + * Partial fix for 6393: keepalived shutdown too late - can cause lost + traffic + * 0.19.83 + + [ Stephen Hemminger ] + * Use syslog perror for debug option + * irq-affinity: fix handling of UP system + + [ Stig Thormodsrud ] + * 0.19.84 + + [ Stephen Hemminger ] + * irq-affinity: initialize sockets to 1 + + -- Stephen Hemminger Fri, 20 May 2011 07:30:32 -0700 + +vyatta-cfg-system (0.19.84) unstable; urgency=low + + * Partial fix for 6393: keepalived shutdown too late - can cause lost + traffic + * 0.19.83 + + -- Stig Thormodsrud Thu, 19 May 2011 17:16:01 -0700 + +vyatta-cfg-system (0.19.83) unstable; urgency=low + + * Partial fix for 6393: keepalived shutdown too late - can cause lost + traffic + + -- Stig Thormodsrud Mon, 16 May 2011 23:52:05 -0700 + +vyatta-cfg-system (0.19.82) unstable; urgency=low + + * Use syslog perror for debug option + * irq-affinity: fix handling of UP system + + -- Stephen Hemminger Thu, 19 May 2011 08:10:13 -0700 + +vyatta-cfg-system (0.19.81) unstable; urgency=low + + * Fix calculation of number of cores on systems with more than one + socket. + * Bugfix: 6773 (again). Fix handling of single-queue NICs on MPs. + + -- Bob Gilligan Tue, 17 May 2011 12:10:55 -0700 + +vyatta-cfg-system (0.19.80) unstable; urgency=low + + * Support more than 10 CPUs. + + -- Bob Gilligan Tue, 17 May 2011 08:46:37 -0700 + +vyatta-cfg-system (0.19.79) unstable; urgency=low + + * Fix 5912: "show vrrp" doesn't list sync-group + + -- Stig Thormodsrud Wed, 18 May 2011 12:25:33 -0700 + +vyatta-cfg-system (0.19.78) unstable; urgency=low + + * irq-affinity: add workaround to avoid some cpu's + + -- Stephen Hemminger Tue, 17 May 2011 16:16:57 -0700 + +vyatta-cfg-system (0.19.77) unstable; urgency=low + + * Fix grub syntax error + + -- Stephen Hemminger Tue, 17 May 2011 08:51:43 -0700 + +vyatta-cfg-system (0.19.76) unstable; urgency=low + + * eliminate hard-coded commit hook directory + + -- An-Cheng Huang Mon, 16 May 2011 20:11:38 -0700 + +vyatta-cfg-system (0.19.75) unstable; urgency=low + + * smp-affinity: fix typo for assign_multiqueue + + -- Stephen Hemminger Mon, 16 May 2011 16:24:57 -0700 + +vyatta-cfg-system (0.19.74) unstable; urgency=low + + [ Stephen Hemminger ] + * Remove unused parts of rl-system.init + + [ John Southworth ] + * Bugfix 7076: make add system image copy to /config instead of + /opt/vyatta/etc/config + + -- John Southworth Fri, 13 May 2011 11:55:40 -0500 + +vyatta-cfg-system (0.19.73) unstable; urgency=low + + * Fix Bug 7012 make /config available with init-floppy + + -- Mohit Mehta Wed, 11 May 2011 11:33:15 -0700 + +vyatta-cfg-system (0.19.72) unstable; urgency=low + + * support interactive mode for rest api for install image op mode + commands. + + -- Michael Larson Tue, 10 May 2011 14:22:05 -0700 + +vyatta-cfg-system (0.19.71) unstable; urgency=low + + * changes for new commit + * more changes for new commit + + -- An-Cheng Huang Tue, 10 May 2011 09:33:55 +0800 + +vyatta-cfg-system (0.19.70) unstable; urgency=low + + * Support netxen NIC irq naming convention + * Convert mac octets from hex + + -- Stephen Hemminger Mon, 09 May 2011 09:40:24 -0700 + +vyatta-cfg-system (0.19.69) unstable; urgency=low + + * Update help for console speed + + -- Stephen Hemminger Fri, 06 May 2011 12:10:08 -0700 + +vyatta-cfg-system (0.19.68) unstable; urgency=low + + * Update grub config to new syntax + * Make ext4 the default file system type + * Using ext4 for filesystem depends on newer version of grub + + -- Stephen Hemminger Thu, 05 May 2011 08:26:20 -0700 + +vyatta-cfg-system (0.19.67) unstable; urgency=low + + * Align install-image partition correctly + + -- Stephen Hemminger Wed, 04 May 2011 17:26:37 -0700 + +vyatta-cfg-system (0.19.66) unstable; urgency=low + + * Adjust root partition offset based on disk size + + -- Stephen Hemminger Tue, 03 May 2011 19:54:12 -0700 + +vyatta-cfg-system (0.19.65) unstable; urgency=low + + * Make irq affinity handle any irq naming convention + + -- Stephen Hemminger Tue, 03 May 2011 16:38:40 -0700 + +vyatta-cfg-system (0.19.64) unstable; urgency=low + + * Fix irq-affinity mapping for multiqueue NIC's + + -- Stephen Hemminger Mon, 02 May 2011 16:45:04 -0700 + +vyatta-cfg-system (0.19.63) unstable; urgency=low + + * Yet another better alignment start + + -- Stephen Hemminger Sat, 30 Apr 2011 10:32:50 -0700 + +vyatta-cfg-system (0.19.62) unstable; urgency=low + + * Fix alignment of root partition + + -- Stephen Hemminger Sat, 30 Apr 2011 09:49:31 -0700 + +vyatta-cfg-system (0.19.61) unstable; urgency=low + + * Tell parted to align disk partition + + -- Stephen Hemminger Thu, 28 Apr 2011 17:00:08 -0700 + +vyatta-cfg-system (0.19.60) unstable; urgency=low + + * Remove unsuccessful attempt to blacklist PC speaker + + -- Stephen Hemminger Wed, 27 Apr 2011 14:37:10 -0700 + +vyatta-cfg-system (0.19.59) unstable; urgency=low + + * Fix Bug 6811 ENH: add a proper post-configuration boot script + + -- Mohit Mehta Wed, 20 Apr 2011 14:25:26 -0700 + +vyatta-cfg-system (0.19.58) unstable; urgency=low + + * * run start-up script vyatta-config-reboot-params very early in boot + process + + -- Mohit Mehta Mon, 18 Apr 2011 18:14:09 -0700 + +vyatta-cfg-system (0.19.57) unstable; urgency=low + + * * Add help and checks for VRRP transition-script nodes + + -- Mohit Mehta Wed, 13 Apr 2011 18:02:09 -0700 + +vyatta-cfg-system (0.19.56) unstable; urgency=low + + * fix typo in irq-affinity + + -- Stephen Hemminger Wed, 13 Apr 2011 11:41:52 -0700 + +vyatta-cfg-system (0.19.55) unstable; urgency=low + + * Bonding script typo + * Fix irq naming convention mapping code + + -- Stephen Hemminger Wed, 13 Apr 2011 09:09:46 -0700 + +vyatta-cfg-system (0.19.54) unstable; urgency=low + + * Fix wrong name in get_irq_affinity + + -- Stephen Hemminger Tue, 12 Apr 2011 09:30:15 -0700 + +vyatta-cfg-system (0.19.53) unstable; urgency=low + + * Reset irq affinity when adding interface to bond group + + -- Stephen Hemminger Wed, 30 Mar 2011 15:08:39 -0700 + +vyatta-cfg-system (0.19.52) unstable; urgency=low + + * Remove these priorities as they are not needed. They are from an + earlier community submitted patch see bug 5491 + * Bugfix 6958: only call cleanup script for tunnel modules on the last + sibling deletion + + -- John Southworth Mon, 28 Mar 2011 18:19:32 -0500 + +vyatta-cfg-system (0.19.51) unstable; urgency=low + + * Update copybreak module param list + * Fix use of uninitialized ospeed + + -- Stephen Hemminger Fri, 25 Mar 2011 15:40:06 -0700 + +vyatta-cfg-system (0.19.50) unstable; urgency=low + + [ Stephen Hemminger ] + * Remove rsyslog logrotate file + + [ Robert Bays ] + * fix for bug 6919: Console settings don't support hvc0 for xen + * updated fix for bug 6919: Console settings don't support hvc0 for + xen + * match console type only once. + + [ Stephen Hemminger ] + * Handle irq assignment on multiqueue NIC + + -- Stephen Hemminger Wed, 16 Mar 2011 12:22:23 -0700 + +vyatta-cfg-system (0.19.49) unstable; urgency=low + + * Don't set speed duplex twice + * Remove flag file at end of transaction + * Speed/duplex setup improvements + + -- Stephen Hemminger Fri, 11 Mar 2011 14:56:40 -0800 + +vyatta-cfg-system (0.19.48) unstable; urgency=low + + [ Stephen Hemminger ] + * Fix typo in domain name regex + + [ Michael Larson ] + * fix for bug 6081. Warning, but allow commit to proceed if duplicate + address is found. + + -- Michael Larson Thu, 10 Mar 2011 10:53:58 -0800 + +vyatta-cfg-system (0.19.47) unstable; urgency=low + + * Test for ipv6 blacklist when configuring SNMP + + -- Stephen Hemminger Tue, 08 Mar 2011 09:49:14 -0800 + +vyatta-cfg-system (0.19.46) unstable; urgency=low + + * Fix SNMP ifAlias for more than 10 devices + + -- Stephen Hemminger Mon, 07 Mar 2011 16:13:26 -0800 + +vyatta-cfg-system (0.19.45) unstable; urgency=low + + * Fix network name scan for wireless + + -- Stephen Hemminger Thu, 03 Mar 2011 15:33:17 -0800 + +vyatta-cfg-system (0.19.44) unstable; urgency=low + + [ Stephen Hemminger ] + * Fix script to handle more than 10 interfaces + + [ John Southworth ] + * Bugfix 5491: Allow tunnel parameters to be changed on a + preconfigured tunnel + + -- John Southworth Thu, 03 Mar 2011 11:38:19 -0600 + +vyatta-cfg-system (0.19.43) unstable; urgency=low + + * Warn if attempting to force mask on multiqueue NIC + + -- Stephen Hemminger Tue, 01 Mar 2011 11:25:55 -0800 + +vyatta-cfg-system (0.19.42) unstable; urgency=low + + * Workaround Xen NIC address + + -- Stephen Hemminger Fri, 25 Feb 2011 11:23:30 -0800 + +vyatta-cfg-system (0.19.41) unstable; urgency=low + + * Increase upper limit of IPV6 route table + * Handle Vmware mulitqueue naming convention + * Don't set irq affinity if device is disabled + * Validate domain and host name + * Change where ipv6 route table size is increased + + -- Stephen Hemminger Fri, 25 Feb 2011 10:38:17 -0800 + +vyatta-cfg-system (0.19.40) unstable; urgency=low + + * Use standard mechanism to start/stop snmp + * Handle case of device with no active IRQ + + -- Stephen Hemminger Tue, 22 Feb 2011 10:07:39 -0800 + +vyatta-cfg-system (0.19.39) unstable; urgency=low + + * Fix syslog not reloading properly after changing the log level + + -- John Southworth Mon, 07 Feb 2011 14:24:31 -0600 + +vyatta-cfg-system (0.19.38) unstable; urgency=low + + * Bugfix 6773: Spread load of single-queue NICs across all CPUs. + + -- Bob Gilligan Thu, 03 Feb 2011 00:30:03 -0800 + +vyatta-cfg-system (0.19.37) unstable; urgency=low + + [ Mohit Mehta ] + * Fix Bug 6696 Internal error for release/renew dhcp interface under + op mode + + [ Robert Bays ] + * Fix grammar error in help string. + + [ Bob Gilligan ] + * Bugfix 6156: Allow time for renaming to complete before running + biosdevname + + -- Bob Gilligan Tue, 01 Feb 2011 10:52:49 -0800 + +vyatta-cfg-system (0.19.36) unstable; urgency=low + + [ Robert Bays ] + * Fix grammar error in help string. + + [ Mohit Mehta ] + * use val_help to present valid info for node + + -- Mohit Mehta Mon, 31 Jan 2011 12:56:34 -0800 + +vyatta-cfg-system (0.19.35) unstable; urgency=low + + * Fix Bug 6696 Internal error for release/renew dhcp interface under + op mode + + -- Mohit Mehta Thu, 27 Jan 2011 13:54:04 -0800 + +vyatta-cfg-system (0.19.34) unstable; urgency=low + + [ Stephen Hemminger ] + * Pass interface name correctly when deleting dhcpv6 + + [ Stig Thormodsrud ] + * Fix 6501: "clear vrrp master interface group " + doesnt work with sync groups. + + [ Stephen Hemminger ] + * Rearrange priority for pseudo-ethernet + * Rearrange priority for pseudo-ethernet + + [ Stig Thormodsrud ] + * Fix vrrp duplicate generation of last sync-group entry. + + -- Stig Thormodsrud Wed, 26 Jan 2011 15:43:08 -0800 + +vyatta-cfg-system (0.19.33) unstable; urgency=low + + [ Stephen Hemminger ] + * Revert "Add debug logging." + * Add logging to coldplug + * Add more debug output + * Don't fail if config.boot does not exist + * Pass interface name correctly when deleting dhcpv6 + + [ Stig Thormodsrud ] + * Fix 6501: "clear vrrp master interface group " + doesnt work with sync groups. + + -- Stig Thormodsrud Tue, 25 Jan 2011 11:14:33 -0800 + +vyatta-cfg-system (0.19.32) unstable; urgency=low + + [ Stephen Hemminger ] + * Change for rsyslog reload + + [ Bob Gilligan ] + * Add debug logging. + + -- Bob Gilligan Thu, 20 Jan 2011 22:25:40 -0800 + +vyatta-cfg-system (0.19.31) unstable; urgency=low + + * Remove call to tshark during vrrp state transition. + + -- Stig Thormodsrud Thu, 20 Jan 2011 18:18:26 -0800 + +vyatta-cfg-system (0.19.30) unstable; urgency=low + + [ Bob Gilligan ] + * Bugfix 6684: Don't delete wanpipe config files. + * Bugfix 6156: Policy must be given on command line. + * Bugfix 6668: Check to see if log files need rotation hourly. + * Bugfix 6687: Need to explicitly specify the RAID metadata version + number. + * Bugfix 6684: Don't delete wanpipe config files. + + [ Stephen Hemminger ] + * Cleanup old net-rules on upgrade + + [ Bob Gilligan ] + + -- Bob Gilligan Wed, 19 Jan 2011 20:10:16 -0800 + +vyatta-cfg-system (0.19.29) unstable; urgency=low + + * Bugfix 6687: Need to explicitly specify the RAID metadata version + number. + + -- Bob Gilligan Mon, 17 Jan 2011 23:05:43 -0800 + +vyatta-cfg-system (0.19.28) unstable; urgency=low + + * Bugfix 6668: Check to see if log files need rotation hourly. + + -- Bob Gilligan Mon, 17 Jan 2011 19:47:35 -0800 + +vyatta-cfg-system (0.19.27) unstable; urgency=low + + [ Stephen Hemminger ] + * Change priority of bonding device address + + [ Bob Gilligan ] + * Bugfix 6156: Policy must be given on command line. + + -- Bob Gilligan Sun, 16 Jan 2011 23:06:37 -0800 + +vyatta-cfg-system (0.19.26) unstable; urgency=low + + [ Stephen Hemminger ] + * Fix check for broadcast address + + [ Mohit Mehta ] + * Fix Bug 6599 ha_logd starting up by default + * skip 'new branch' commit from mendocino when using merge-branch + + -- Mohit Mehta Tue, 04 Jan 2011 17:50:17 -0800 + +vyatta-cfg-system (0.19.25) unstable; urgency=low + + * new branch + + -- An-Cheng Huang Tue, 28 Dec 2010 13:47:51 -0800 + +vyatta-cfg-system (0.19.24) unstable; urgency=low + + * Add more error recovery and disk space checking. + + -- Bob Gilligan Wed, 22 Dec 2010 02:34:19 -0800 + +vyatta-cfg-system (0.19.23) unstable; urgency=low + + * Affinity script was failing to configure some queues of multi-queue + NICs. + + -- Bob Gilligan Wed, 22 Dec 2010 01:23:08 -0800 + +vyatta-cfg-system (0.19.22) unstable; urgency=low + + * Add path to SSH V1 host key to config + + -- Stephen Hemminger Fri, 17 Dec 2010 11:23:31 -0800 + +vyatta-cfg-system (0.19.21) unstable; urgency=low + + * Don't regenerate ssh v1 key + * Add checking of protocol-version value + * Fix help for name-server + + -- Stephen Hemminger Thu, 16 Dec 2010 13:20:55 -0800 + +vyatta-cfg-system (0.19.20) unstable; urgency=low + + * Fix 6554: clear vrrp master tab completion results in cli api error + + -- Stig Thormodsrud Fri, 10 Dec 2010 18:51:36 -0800 + +vyatta-cfg-system (0.19.19) unstable; urgency=low + + * Fix 6453: After configuring VRRP on interface, VRRP is not active + until VRRP is manually restared with "restart vrrp" command. + + -- Stig Thormodsrud Fri, 10 Dec 2010 17:27:03 -0800 + +vyatta-cfg-system (0.19.18) unstable; urgency=low + + * Fix update of serial speed on all grub lines + + -- Stephen Hemminger Fri, 10 Dec 2010 14:54:00 -0800 + +vyatta-cfg-system (0.19.17) unstable; urgency=low + + * Allow telnet and ssh to start before routing protocols + + -- Stephen Hemminger Mon, 06 Dec 2010 17:13:11 -0800 + +vyatta-cfg-system (0.19.16) unstable; urgency=low + + * Fix check for unspecified IPv6 address + * Move is_local_address to common code + * Allow Ipv6 addresses in resolv.conf + * Move touch() perl to Vyatta::File + + -- Stephen Hemminger Mon, 06 Dec 2010 16:39:57 -0800 + +vyatta-cfg-system (0.19.15) unstable; urgency=low + + * Set up commit-revisions if configured after init-floppy. + + -- Stig Thormodsrud Sat, 04 Dec 2010 13:39:09 -0800 + +vyatta-cfg-system (0.19.14) unstable; urgency=low + + * Allow configuring console speed etc + * Allow more serial console lines + * Block accidental use of virtual consoles + * Mark the Vyatta specific section of inittab + + -- Stephen Hemminger Thu, 02 Dec 2010 17:17:26 -0800 + +vyatta-cfg-system (0.19.13) unstable; urgency=low + + * Cleanup leftover ipv6_no_fwd files + * Set group ownership and permissions on /var/run/vyatta + * Fix delete of mac address on bonding interface + + -- Stephen Hemminger Thu, 02 Dec 2010 13:30:48 -0800 + +vyatta-cfg-system (0.19.12) unstable; urgency=low + + * Speed up install-system progress bar + + -- Stephen Hemminger Wed, 01 Dec 2010 15:26:53 -0800 + +vyatta-cfg-system (0.19.11) unstable; urgency=low + + * Fix dhcpv6 client script + + -- Stephen Hemminger Tue, 30 Nov 2010 14:21:39 -0800 + +vyatta-cfg-system (0.19.10) unstable; urgency=low + + * Add dhcpv6 options for all interfaces that support DHCP + * Add duplicate address check on commit + * Remove old code for address insertion/deletion/validation + + -- Stephen Hemminger Tue, 30 Nov 2010 14:09:42 -0800 + +vyatta-cfg-system (0.19.9) unstable; urgency=low + + * Fix interface scanning on boot - allow more mac addresses + * Automatically configure physical device for wireless interfaces + + -- Stephen Hemminger Mon, 29 Nov 2010 17:16:45 -0800 + +vyatta-cfg-system (0.19.8) unstable; urgency=low + + * Fix use of undefined in comparison + + -- Stephen Hemminger Mon, 29 Nov 2010 16:06:03 -0800 + +vyatta-cfg-system (0.19.7) unstable; urgency=low + + * Remove module rather than deleting link device + + -- Stephen Hemminger Mon, 29 Nov 2010 12:23:53 -0800 + +vyatta-cfg-system (0.19.6) unstable; urgency=low + + * Don't let biosdevname look at wireless devices + + -- Stephen Hemminger Wed, 24 Nov 2010 16:50:26 -0800 + +vyatta-cfg-system (0.19.5) unstable; urgency=low + + * Fix tunnel cleanup script + + -- Stephen Hemminger Wed, 24 Nov 2010 12:24:52 -0800 + +vyatta-cfg-system (0.19.4) unstable; urgency=low + + * Add cpufrequtils default config file + * Fix range checking on bridge port priority is limited to 0-63 + * Revert "Don't need to rename vlan devices" + + -- Stephen Hemminger Wed, 24 Nov 2010 09:38:45 -0800 + +vyatta-cfg-system (0.19.3) unstable; urgency=low + + [ Bob Gilligan ] + * Bugfix 6457: Don't ask the question if you're not going to like the + answer. + * 0.19.2 + + [ Stephen Hemminger ] + * Don't allow zero for VRRP priority or VRID + * Bonding should have same VRRP rules as Ethernet + * typo in tunnel cleanup + * Don't need to rename vlan devices + * Make scripts executable + * Improve performance of syntax checks for vrrp address + * Use sockets to check if IP address is local + * Use unlink rather than system() to remove files in keepalive script + * Remove check function from keepalived perl script + + -- Stephen Hemminger Tue, 23 Nov 2010 19:03:23 -0800 + +vyatta-cfg-system (0.19.2) unstable; urgency=low + + [ Bob Gilligan ] + * Bugfix 6457: Don't ask the question if you're not going to like the + answer. + + [ Stephen Hemminger ] + * Don't allow zero for VRRP priority or VRID + * Bonding should have same VRRP rules as Ethernet + * typo in tunnel cleanup + + [ Bob Gilligan ] + + -- Bob Gilligan Sun, 21 Nov 2010 08:00:56 -0800 + +vyatta-cfg-system (0.19.1) unstable; urgency=low + + * Cleanup tunnel slave device on last delete + * Add utilities checking addresses + * Replace perl address validation with utility + * Use script vyatta-address to set interface + * Optimize lookup of local ip on tunnels + + -- Stephen Hemminger Mon, 22 Nov 2010 12:57:15 -0800 + +vyatta-cfg-system (0.18.21) unstable; urgency=low + + * Bugfix 6101: Make a syslog record when a new image is added. + + -- Bob Gilligan Sun, 21 Nov 2010 03:08:06 -0800 + +vyatta-cfg-system (0.18.20) unstable; urgency=low + + * Bring tunnel down before deleting + * When removing tunnel, remove encapsulation device + + -- Stephen Hemminger Thu, 18 Nov 2010 16:45:22 -0800 + +vyatta-cfg-system (0.18.19) unstable; urgency=low + + * Add more checks for bridge/bond conflicts + * Add syntax check for bridge interface name + * Fix help for syslog + + -- Stephen Hemminger Thu, 18 Nov 2010 13:14:48 -0800 + +vyatta-cfg-system (0.18.18) unstable; urgency=low + + * Add check for adding bridge-group and bond-group when setting + address + * Add check for interface address before putting it in bonded device + * Cleanup bridge port management + * Cleanup bond-group syntax and commit checks + + -- Stephen Hemminger Wed, 17 Nov 2010 20:46:53 -0800 + +vyatta-cfg-system (0.18.17) unstable; urgency=low + + * Allow longer domain-name values + * Remove useless comment + * Add address checks to bonding + + -- Stephen Hemminger Wed, 17 Nov 2010 15:58:01 -0800 + +vyatta-cfg-system (0.18.16) unstable; urgency=low + + * Add option to disable host validation (DNS) for SSH + * Add ability to configure SSH listen address + * Add ability to configure telnet listen-addres + * Need to restart telnet if port or listen-address changes + + -- Stephen Hemminger Tue, 16 Nov 2010 16:25:44 -0800 + +vyatta-cfg-system (0.18.15) unstable; urgency=low + + * update call to error location api. + + -- Michael Larson Tue, 16 Nov 2010 09:34:32 -0800 + +vyatta-cfg-system (0.18.14) unstable; urgency=low + + * Restore IRQ affinity when device is renabled + + -- Stephen Hemminger Mon, 15 Nov 2010 13:56:33 -0800 + +vyatta-cfg-system (0.18.13) unstable; urgency=low + + * Add hw-id for existing interfaces to config + + -- Stephen Hemminger Mon, 15 Nov 2010 13:14:04 -0800 + +vyatta-cfg-system (0.18.12) unstable; urgency=low + + * Move cleanup of serial interface into rl-system.init + + -- Stephen Hemminger Mon, 15 Nov 2010 10:43:27 -0800 + +vyatta-cfg-system (0.18.11) unstable; urgency=low + + * Add more checks on VLAN + * Change mode on all executable scripts + * remove deprecated linda override + * New IRQ affinity script and RPS support + * Fix irq-affinity for special cases + * Fix is_supported_speed matching + + -- Stephen Hemminger Fri, 12 Nov 2010 14:51:08 -0800 + +vyatta-cfg-system (0.18.10) unstable; urgency=low + + * Fix path to ethtool + * Check speed and duplex settings on Ethernet interfaces + * Don't produce warnings for drivers that don't support ethtool + + -- Stephen Hemminger Mon, 08 Nov 2010 15:13:17 -0800 + +vyatta-cfg-system (0.18.9) unstable; urgency=low + + * Add special case for single-queue NICs using multi-queue naming + format. + + -- Bob Gilligan Thu, 04 Nov 2010 12:26:39 -0700 + +vyatta-cfg-system (0.18.8) unstable; urgency=low + + * Fix to show ifAlias of loopback + + -- Stephen Hemminger Wed, 03 Nov 2010 13:39:06 -0700 + +vyatta-cfg-system (0.18.7) unstable; urgency=low + + * Remove non-functional commit test on mtu of vif + + -- Stephen Hemminger Tue, 02 Nov 2010 13:06:34 -0700 + +vyatta-cfg-system (0.18.6) unstable; urgency=low + + * Allow setting MTU of VIF + * Priority change for bridging a bonded vif + * Priority change for bridging a bonded vif + + -- Stephen Hemminger Tue, 02 Nov 2010 08:41:59 -0700 + +vyatta-cfg-system (0.18.5) unstable; urgency=low + + * Fix goto in vyatta-net.rules + * Add net-snmp ifAlias hook + + -- Stephen Hemminger Fri, 29 Oct 2010 11:33:08 -0700 + +vyatta-cfg-system (0.18.4) unstable; urgency=low + + * fix for bug 6388 + + -- An-Cheng Huang Thu, 28 Oct 2010 18:14:26 -0700 + +vyatta-cfg-system (0.18.3) unstable; urgency=low + + * Don't rename vif and other non-driver interfaces + + -- Stephen Hemminger Wed, 27 Oct 2010 11:08:12 -0700 + +vyatta-cfg-system (0.18.2) unstable; urgency=low + + * Fix set on uniproc machine + + -- Stephen Hemminger Wed, 27 Oct 2010 10:53:42 -0700 + +vyatta-cfg-system (0.18.1) unstable; urgency=low + + * IRQ affinity update + * Update dependency on vyatta-cfg + * Add irqaffin to Makefile + * Fix overwrite of irq commands + + -- Stephen Hemminger Wed, 27 Oct 2010 10:47:46 -0700 + +vyatta-cfg-system (0.17.128) unstable; urgency=low + + * Use pgrep to check if ntp running + + -- Stephen Hemminger Tue, 26 Oct 2010 20:37:46 -0700 + +vyatta-cfg-system (0.17.127) unstable; urgency=low + + * Move config-mgmt to it's own package. + + -- Stig Thormodsrud Tue, 26 Oct 2010 14:48:23 -0700 + +vyatta-cfg-system (0.17.126) unstable; urgency=low + + * Change vyatta_net_name into a perl script + * Sort the interface names when adding + + -- Stephen Hemminger Tue, 26 Oct 2010 14:35:45 -0700 + +vyatta-cfg-system (0.17.125) unstable; urgency=low + + * Fix bond hash policy + * Fix typo in hash_policy + * Wait to bring up bond interface until end + * Add bonding ARP monitor parmeters + + -- Stephen Hemminger Mon, 25 Oct 2010 10:20:08 -0700 + +vyatta-cfg-system (0.17.124) unstable; urgency=low + + * Fix commit-uri bug. + + -- Stig Thormodsrud Sat, 23 Oct 2010 12:14:47 -0700 + +vyatta-cfg-system (0.17.123) unstable; urgency=low + + * Fist pass at adding archive to uri on commit. + + -- Stig Thormodsrud Fri, 22 Oct 2010 17:38:43 -0700 + +vyatta-cfg-system (0.17.122) unstable; urgency=low + + * Make empty config files readable + + -- Stephen Hemminger Wed, 20 Oct 2010 17:34:06 -0700 + +vyatta-cfg-system (0.17.121) unstable; urgency=low + + [ Stephen Hemminger ] + * keep serial console until configuration is working + + [ An-Cheng Huang ] + + -- An-Cheng Huang Tue, 19 Oct 2010 18:24:47 -0700 + +vyatta-cfg-system (0.17.120) unstable; urgency=low + + * Neuter the serial console config until it works + + -- Stephen Hemminger Mon, 18 Oct 2010 12:00:29 -0700 + +vyatta-cfg-system (0.17.119) unstable; urgency=low + + * Fix syntax error in vyatta_update_console.pl. + + -- Stig Thormodsrud Sat, 16 Oct 2010 10:04:44 -0700 + +vyatta-cfg-system (0.17.118) unstable; urgency=low + + * Add ability to set transmit hash policy + * Handle error cases on console update + * 0.17.117 + + -- Stephen Hemminger Fri, 15 Oct 2010 15:56:56 -0700 + +vyatta-cfg-system (0.17.117) unstable; urgency=low + + [ root ] + * change to accessor for outputerror + + [ Stephen Hemminger ] + + -- Stephen Hemminger Fri, 15 Oct 2010 15:55:50 -0700 + +vyatta-cfg-system (0.17.116) unstable; urgency=low + + * Add ability to run modem getty + + -- Stephen Hemminger Fri, 15 Oct 2010 10:35:46 -0700 + +vyatta-cfg-system (0.17.115) unstable; urgency=low + + * Change speed in grub config as well + + -- Stephen Hemminger Thu, 14 Oct 2010 17:23:31 -0700 + +vyatta-cfg-system (0.17.114) unstable; urgency=low + + * Add better control over console screen blanker + * Need sudo to change console settings + + -- Stephen Hemminger Thu, 14 Oct 2010 16:58:42 -0700 + +vyatta-cfg-system (0.17.113) unstable; urgency=low + + * Turn off screen blanking on console + * Need to be root to write /etc/inittab + * Restore old motd and login banner + * Remove serial console before config + + -- Stephen Hemminger Thu, 14 Oct 2010 16:18:35 -0700 + +vyatta-cfg-system (0.17.112) unstable; urgency=low + + * Add support for setting up serial console ports + * Fix email address in changelog + * Fix regexp used for disabling up serial with Xen + * Fix serial console setup functions + * Change syntax for console config + + -- Stephen Hemminger Thu, 14 Oct 2010 15:08:42 -0700 + +vyatta-cfg-system (0.17.111) unstable; urgency=low + + * Revise new ntp server config + + -- Stephen Hemminger Wed, 13 Oct 2010 18:12:44 -0700 + +vyatta-cfg-system (0.17.110) unstable; urgency=low + + * Migrate NTP server to services ntp + + -- Stephen Hemminger Wed, 13 Oct 2010 18:04:09 -0700 + +vyatta-cfg-system (0.17.109) unstable; urgency=low + + * Add default vyatta rsyslog config rules + + -- Stephen Hemminger Mon, 11 Oct 2010 12:22:30 -0700 + +vyatta-cfg-system (0.17.108) unstable; urgency=low + + * Add LSB support information to telnetd.init + * Add ubuntu changes to rsyslog + + -- Stephen Hemminger Sun, 10 Oct 2010 11:42:35 -0700 + +vyatta-cfg-system (0.17.107) unstable; urgency=low + + [ root ] + * modified reference error location. + + [ Stephen Hemminger ] + * Check if SNMP is running before starting + + -- Stephen Hemminger Sat, 09 Oct 2010 15:51:50 -0700 + +vyatta-cfg-system (0.17.106) unstable; urgency=low + + * use new error reference location method + + -- root Fri, 08 Oct 2010 12:13:11 -0700 + +vyatta-cfg-system (0.17.105) unstable; urgency=low + + * Convert from syslog to rsyslog + + -- Stephen Hemminger Fri, 08 Oct 2010 17:12:41 -0700 + +vyatta-cfg-system (0.17.104) unstable; urgency=low + + [ Stephen Hemminger ] + * Add dependency on Squeeze version of udev + * Change udev network naming to be more cooperative + * Put udev rules in /lib/udev + + [ Mohit Mehta ] + * moved code for zones to vyatta-zone package + + -- Mohit Mehta Thu, 07 Oct 2010 19:16:02 -0700 + +vyatta-cfg-system (0.17.103) unstable; urgency=low + + * Update hwclockfirst fixup for Squeeze + * Fix sysklog dependency + * List rsyslog package dependency + + -- Stephen Hemminger Thu, 07 Oct 2010 11:40:06 -0700 + +vyatta-cfg-system (0.17.102) unstable; urgency=low + + * * update count_iptables module usage + + -- Mohit Mehta Tue, 21 Sep 2010 21:15:28 -0700 + +vyatta-cfg-system (0.17.101) unstable; urgency=low + + * * use count_iptables_rule from MISC module + + -- Mohit Mehta Tue, 21 Sep 2010 17:37:14 -0700 + +vyatta-cfg-system (0.17.100) unstable; urgency=low + + * Bugfix 6210: Fix up case where login section is missing from config + file. + + -- Bob Gilligan Sat, 18 Sep 2010 01:56:15 -0700 + +vyatta-cfg-system (0.17.99) unstable; urgency=low + + * fix init-floppy for squeeze + + -- An-Cheng Huang Mon, 20 Sep 2010 15:23:36 -0700 + +vyatta-cfg-system (0.17.98) unstable; urgency=low + + * Bugfix 6210: Fix parsing of config file + + -- Bob Gilligan Fri, 17 Sep 2010 22:38:07 -0700 + +vyatta-cfg-system (0.17.97) unstable; urgency=low + + * partial fix for bug 6152 + * more fixes for bug 6152 + + -- An-Cheng Huang Mon, 13 Sep 2010 18:53:48 -0700 + +vyatta-cfg-system (0.17.96) unstable; urgency=low + + * rename pre-mendocino ipv6 modprobe files to add .conf suffix + + -- Mohit Mehta Mon, 13 Sep 2010 15:49:40 -0700 + +vyatta-cfg-system (0.17.95) unstable; urgency=low + + * Enforce username length restriction + * Fix quoting issues with conversion to lower case + * Fix quoting of shell -z + + -- Stephen Hemminger Wed, 08 Sep 2010 09:41:40 -0700 + +vyatta-cfg-system (0.17.94) unstable; urgency=low + + * Change modprobe.d files to .conf + * Update to current udev + * Update sound blacklist fix + + -- Stephen Hemminger Tue, 07 Sep 2010 09:55:34 -0700 + +vyatta-cfg-system (0.17.93) unstable; urgency=low + + [ Stephen Hemminger ] + * Remove ifDescr override + + [ An-Cheng Huang ] + * fix squeeze paths + + -- An-Cheng Huang Fri, 03 Sep 2010 14:44:40 -0700 + +vyatta-cfg-system (0.17.92) unstable; urgency=low + + * Bugfix 5499: Fix restrictions on IPv6 addresses. + + -- Bob Gilligan Tue, 31 Aug 2010 02:58:11 -0700 + +vyatta-cfg-system (0.17.91) unstable; urgency=low + + [ Stephen Hemminger ] + * Add dependency on libcap2-bin + + [ Bob Gilligan ] + * Bugfix 6085: Use "-x" flag instead of "-r" to kill the old dhclient + process + + -- Bob Gilligan Mon, 30 Aug 2010 02:33:54 -0700 + +vyatta-cfg-system (0.17.90) unstable; urgency=low + + * Add checking of port range + * Add check for port range on SNMP listen port value + * Generate interface description + + -- Stephen Hemminger Mon, 23 Aug 2010 15:03:23 -0700 + +vyatta-cfg-system (0.17.89) unstable; urgency=low + + * update help text to use val_help + + -- An-Cheng Huang Tue, 17 Aug 2010 15:31:11 -0700 + +vyatta-cfg-system (0.17.88) unstable; urgency=low + + * Don't delete existing root password + + -- Stephen Hemminger Tue, 17 Aug 2010 15:22:55 -0700 + +vyatta-cfg-system (0.17.87) unstable; urgency=low + + * Add vrrp parameters to transition script. + + -- Stig Thormodsrud Tue, 17 Aug 2010 11:59:45 -0700 + +vyatta-cfg-system (0.17.86) unstable; urgency=low + + * remove more low-level config dir usages + + -- An-Cheng Huang Mon, 16 Aug 2010 18:52:07 -0700 + +vyatta-cfg-system (0.17.85) unstable; urgency=low + + * remove low-level config dir usage + + -- An-Cheng Huang Mon, 16 Aug 2010 18:15:01 -0700 + +vyatta-cfg-system (0.17.84) unstable; urgency=low + + * remove low-level config dir usage + + -- An-Cheng Huang Mon, 16 Aug 2010 15:47:03 -0700 + +vyatta-cfg-system (0.17.83) unstable; urgency=low + + * remove "node.val" usages + + -- An-Cheng Huang Thu, 12 Aug 2010 14:13:07 -0700 + +vyatta-cfg-system (0.17.82) unstable; urgency=low + + * use listEffectiveNodes() from new API + + -- An-Cheng Huang Mon, 02 Aug 2010 17:17:30 -0700 + +vyatta-cfg-system (0.17.81) unstable; urgency=low + + * Bugfix 5964: Eliminate unnecessary version check. + + -- Bob Gilligan Mon, 02 Aug 2010 16:38:53 -0700 + +vyatta-cfg-system (0.17.80) unstable; urgency=low + + * new API change + + -- An-Cheng Huang Mon, 02 Aug 2010 15:45:23 -0700 + +vyatta-cfg-system (0.17.79) unstable; urgency=low + + * add comments and missing function + + -- An-Cheng Huang Fri, 30 Jul 2010 18:13:00 -0700 + +vyatta-cfg-system (0.17.78) unstable; urgency=low + + * Bugfix 5711: Don't allow special characters in image names. + + -- Bob Gilligan Wed, 28 Jul 2010 02:47:32 -0700 + +vyatta-cfg-system (0.17.77) unstable; urgency=low + + * new API changes + + -- An-Cheng Huang Fri, 30 Jul 2010 17:26:20 -0700 + +vyatta-cfg-system (0.17.76) unstable; urgency=low + + [ Stephen Hemminger ] + * Change ranges for bridge parameters + * Fix typo in last change + + [ Bob Gilligan ] + * Bugfix 5929: Preserve SSH host keys during image installation. + + -- Bob Gilligan Tue, 27 Jul 2010 19:47:45 -0700 + +vyatta-cfg-system (0.17.75) unstable; urgency=low + + * UNRELEASED + + -- An-Cheng Huang Thu, 22 Jul 2010 17:23:36 -0700 + +vyatta-cfg-system (0.17.74) unstable; urgency=low + + * More fixes to standalone password reset + + -- Stephen Hemminger Thu, 22 Jul 2010 15:09:01 -0700 + +vyatta-cfg-system (0.17.73) unstable; urgency=low + + [ Stephen Hemminger ] + * Make standalone password recovery more robust + + [ An-Cheng Huang ] + * remove unused options + + -- An-Cheng Huang Thu, 22 Jul 2010 12:13:05 -0700 + +vyatta-cfg-system (0.17.72) unstable; urgency=low + + * Move input interface over to Qos package + + -- Stephen Hemminger Wed, 21 Jul 2010 17:46:50 -0700 + +vyatta-cfg-system (0.17.71) unstable; urgency=low + + * Use pgrep to count number of matching processes + * Use val_help: for interface name help + * Use expression to validate VRRP password + * Add proxy-arp over bonding + * Fix help completion text + * Fix formatting of static-host mapping val help + * Add completion for text fields with limited values + * Fix completion on multi-type node + + -- Stephen Hemminger Wed, 21 Jul 2010 15:45:39 -0700 + +vyatta-cfg-system (0.17.70) unstable; urgency=low + + [ Stephen Hemminger ] + * Fix language in help text for loadkey + * Use val_help: for Ethernet interface parameters + * bonding vif val_help + * Loopback address node cleanup + * Convert tunnel parameters to new help format + * Convert public-keys help to new format + * Revise static-host-mapping + * Use val_help: features to format better + * Convert syslog commands to new CLI help style + + [ An-Cheng Huang ] + * fix typo, val_help, etc. + + [ Stephen Hemminger ] + * Convert VRRP preempt to bool + * Convert VRRP to new CLI help style + + [ Bob Gilligan ] + * Bugfix 5512: Have grub.cfg use the vmlinuz and initrd.img symlinks + if available + + -- Bob Gilligan Mon, 19 Jul 2010 17:45:16 -0700 + +vyatta-cfg-system (0.17.69) unstable; urgency=low + + [ Stephen Hemminger ] + * Remove verbs from all help messages + * Covert bonding mode to val_help + * Use val_help: for interface MTU nodes + * Bridge parameter node update + * Use val_help in zone-policy + * Fix old invalid email addresses in changelog + + [ An-Cheng Huang ] + * fix typo + + [ Stephen Hemminger ] + + -- Stephen Hemminger Mon, 19 Jul 2010 11:08:12 -0700 + +vyatta-cfg-system (0.17.68) unstable; urgency=low + + * Add syntax validation for bridge STP parameters + * Use val_help: for address nodes + + -- Stephen Hemminger Fri, 16 Jul 2010 17:30:20 -0700 + +vyatta-cfg-system (0.17.67) unstable; urgency=low + + * Bugfix 5557: Properly update initrd symlink. + + -- Bob Gilligan Wed, 14 Jul 2010 15:01:20 -0700 + +vyatta-cfg-system (0.17.66) unstable; urgency=low + + * Enable putting core files /var/core + + -- Stephen Hemminger Wed, 14 Jul 2010 16:25:22 -0700 + +vyatta-cfg-system (0.17.65) unstable; urgency=low + + * Bugfix 5845, 5557: Install vyatta-update-grub.pl in + /opt/vyatta/sbin. + + -- Bob Gilligan Wed, 14 Jul 2010 15:45:28 -0700 + +vyatta-cfg-system (0.17.64) unstable; urgency=low + + * Bugfix 5557: Add script to help update grub after full upgrade. + * Move vyatta-update-grub.pl to the vyatta-base package. + * Revert "Move vyatta-update-grub.pl to the vyatta-base package." + * Select kernel to boot based on current running kernel type. + + -- Bob Gilligan Wed, 14 Jul 2010 11:12:37 -0700 + +vyatta-cfg-system (0.17.63) unstable; urgency=low + + * Fix install-system if not saving old image config + + -- Stephen Hemminger Thu, 08 Jul 2010 09:44:16 -0700 + +vyatta-cfg-system (0.17.62) unstable; urgency=low + + * Don't need explict sync in init-floppy + * Change user name validation + * Allow incorrect user to be deleted + + -- Stephen Hemminger Tue, 06 Jul 2010 19:14:50 -0700 + +vyatta-cfg-system (0.17.61) unstable; urgency=low + + * Corrected the fix for bug 5408. + + -- Deepti Kulkarni Tue, 06 Jul 2010 16:40:24 +0000 + +vyatta-cfg-system (0.17.60) unstable; urgency=low + + * Update failover-mechanism sync-group CLI path and add + + -- Mohit Mehta Thu, 01 Jul 2010 17:40:10 -0700 + +vyatta-cfg-system (0.17.59) unstable; urgency=low + + * Fix 5675: clearing vrrp master for an interface group removes sync- + group config + + -- Stig Thormodsrud Thu, 01 Jul 2010 14:11:18 -0700 + +vyatta-cfg-system (0.17.58) unstable; urgency=low + + * Touch file before setting capability + + -- Stephen Hemminger Thu, 01 Jul 2010 13:37:07 -0700 + +vyatta-cfg-system (0.17.57) unstable; urgency=low + + [ root ] + * fix for bug 5408. + + [ Deepti Kulkarni ] + * Revert "fix for bug 5408." + * fix for bug 5408. + + -- Deepti Kulkarni Thu, 01 Jul 2010 16:53:34 +0000 + +vyatta-cfg-system (0.17.56) unstable; urgency=low + + [ Stephen Hemminger ] + * Remove sudo from tunnel command + * Fix path to ipset + + [ Michael Larson ] + * fix for bug 5663 + + -- Michael Larson Mon, 21 Jun 2010 11:09:56 -0700 + +vyatta-cfg-system (0.17.55) unstable; urgency=low + + * initial support for gre-bridge tunnels. + + -- Robert Bays Thu, 17 Jun 2010 23:33:45 -0700 + +vyatta-cfg-system (0.17.54) unstable; urgency=low + + * Remove sudo from ip command + * Remove unnecessary :expression: syntax + * Remove sudo from brctl + * Remove capability from ping + * Don't need audit write on vbash + + -- Stephen Hemminger Thu, 17 Jun 2010 14:46:35 -0700 + +vyatta-cfg-system (0.17.53) unstable; urgency=low + + * * make vrrp work with conntrack-sync + * * perltidy vyatta-keepalived.pl + + -- Mohit Mehta Wed, 09 Jun 2010 15:01:47 -0700 + +vyatta-cfg-system (0.17.52) unstable; urgency=low + + * Add skip option to vyatta-interfaces + + -- Stephen Hemminger Mon, 07 Jun 2010 16:28:13 -0700 + +vyatta-cfg-system (0.17.51) unstable; urgency=low + + * Using "send dhcp6.oro" is no longer required in config file. + + -- Bob Gilligan Sun, 30 May 2010 07:14:32 -0700 + +vyatta-cfg-system (0.17.50) unstable; urgency=low + + * Fix use of bareword file handles + * Set file capability attributes + * Add pam_cap capability configuration + + -- Stephen Hemminger Fri, 04 Jun 2010 14:10:09 -0700 + +vyatta-cfg-system (0.17.49) unstable; urgency=low + + * move list functions to vrrp perl module so other scripts can use it + as well + + -- Mohit Mehta Thu, 03 Jun 2010 16:32:05 -0700 + +vyatta-cfg-system (0.17.48) unstable; urgency=low + + * fix for bug 5656 + + -- An-Cheng Huang Thu, 03 Jun 2010 14:55:46 -0700 + +vyatta-cfg-system (0.17.47) unstable; urgency=low + + * Fix 5521: Cannot Delete vif with vrrp configured. + + -- Stig Thormodsrud Tue, 01 Jun 2010 15:24:45 -0700 + +vyatta-cfg-system (0.17.46) unstable; urgency=low + + * Move DHCPv6 client configuration to this package and restructre + parameters. + + -- Bob Gilligan Wed, 26 May 2010 16:12:45 -0700 + +vyatta-cfg-system (0.17.45) unstable; urgency=low + + * Don't enable PAM Radius by default + + -- Stephen Hemminger Mon, 24 May 2010 10:46:08 -0700 + +vyatta-cfg-system (0.17.44) unstable; urgency=low + + * don't start conntrackd itself + + -- Mohit Mehta Thu, 20 May 2010 19:29:10 -0700 + +vyatta-cfg-system (0.17.43) unstable; urgency=low + + * Add enable-proxy-arp to vif interface. + + -- Stig Thormodsrud Wed, 19 May 2010 20:16:12 -0700 + +vyatta-cfg-system (0.17.42) unstable; urgency=low + + * Change SNMP community handling + * Fix syntax of default listen address + + -- Stephen Hemminger Fri, 14 May 2010 11:01:48 -0700 + +vyatta-cfg-system (0.17.41) unstable; urgency=low + + * Revert "Snmp Ipv6 support" + * Better version of SNMP IPv6 support + * Allow configuring/restricting SNMP listen address + + -- Stephen Hemminger Wed, 12 May 2010 21:02:35 -0700 + +vyatta-cfg-system (0.17.40) unstable; urgency=low + + * Snmp Ipv6 support + * Show progress bar when copying filesystem + + -- Stephen Hemminger Wed, 12 May 2010 14:34:54 -0700 + +vyatta-cfg-system (0.17.39) unstable; urgency=low + + * Preserve file capablities and attributes during install-system + * Preserve file attributes of root files + + -- Stephen Hemminger Fri, 07 May 2010 15:25:22 -0700 + +vyatta-cfg-system (0.17.38) unstable; urgency=low + + * Add code to check digital signature of image files. + + -- Bob Gilligan Mon, 03 May 2010 17:21:10 -0700 + +vyatta-cfg-system (0.17.37) unstable; urgency=low + + * Allow user to name system images when installing them. + + -- Bob Gilligan Fri, 30 Apr 2010 15:48:57 -0700 + +vyatta-cfg-system (0.17.36) unstable; urgency=low + + * Ignore comments in level file + * Set capabilities on standard utilities + * Make interface help completion strings consistent + * Revert "Set capabilities on standard utilities" + + -- Stephen Hemminger Tue, 27 Apr 2010 15:27:49 -0700 + +vyatta-cfg-system (0.17.35) unstable; urgency=low + + * Configure IFB devices earlier in boot + + -- Stephen Hemminger Fri, 16 Apr 2010 11:35:23 -0700 + +vyatta-cfg-system (0.17.34) unstable; urgency=low + + * Rename in0 to ifb0 + + -- Stephen Hemminger Thu, 15 Apr 2010 13:16:38 -0700 + +vyatta-cfg-system (0.17.33) unstable; urgency=low + + * For Bug 5625 Not ready for DNSSEC implementation + + -- Mohit Mehta Wed, 14 Apr 2010 16:22:44 -0700 + +vyatta-cfg-system (0.17.32) unstable; urgency=low + + * increase xen hypervisor heap size + + -- An-Cheng Huang Fri, 09 Apr 2010 18:35:29 -0700 + +vyatta-cfg-system (0.17.31) unstable; urgency=low + + * Add input pseudo-interface configuration + + -- Stephen Hemminger Tue, 06 Apr 2010 09:27:17 -0700 + +vyatta-cfg-system (0.17.30) unstable; urgency=low + + * Use 3 arg open + * Use 3 arg open to create pipe + * Ignore errors from ethtool when setting speed/duplex + + -- Stephen Hemminger Mon, 05 Apr 2010 22:20:49 -0700 + +vyatta-cfg-system (0.17.29) unstable; urgency=low + + * Fail gracefully if path is unknown + + -- Stephen Hemminger Mon, 05 Apr 2010 16:17:35 -0700 + +vyatta-cfg-system (0.17.28) unstable; urgency=low + + * Improve wording of config info save dialog. + + -- Bob Gilligan Tue, 30 Mar 2010 12:02:35 -0700 + +vyatta-cfg-system (0.17.27) unstable; urgency=low + + * Ignore setting CPU affinity on UP systems + * Fix test for UP + + -- Stephen Hemminger Mon, 29 Mar 2010 16:34:57 -0700 + +vyatta-cfg-system (0.17.26) unstable; urgency=low + + * run snmpd as user snmp + + -- An-Cheng Huang Wed, 24 Mar 2010 19:08:22 -0700 + +vyatta-cfg-system (0.17.25) unstable; urgency=low + + * Fix Bug 5487 http redirect url address placed on the router gets + blocked by + + -- Mohit Mehta Wed, 24 Mar 2010 15:31:16 -0700 + +vyatta-cfg-system (0.17.24) unstable; urgency=low + + * Fix Bug 5386 L2TP will work only the first time Vyatta is booted + + -- Mohit Mehta Sat, 20 Mar 2010 22:43:27 -0700 + +vyatta-cfg-system (0.17.23) unstable; urgency=low + + [ Michael Larson ] + * fixes commit warning when run invoked via the api--getlogin() may + return an undefined value as the process is a child process + + [ Bob Gilligan ] + * Bugfix 5449: Maintain "console affinity" when adding a new image. + + -- Bob Gilligan Thu, 18 Mar 2010 18:03:55 -0700 + +vyatta-cfg-system (0.17.22) unstable; urgency=low + + * Remove Radius Server config file on reboot + * Handle devices that do not report ethtool + + -- Stephen Hemminger Wed, 17 Mar 2010 11:29:44 -0700 + +vyatta-cfg-system (0.17.21) unstable; urgency=low + + * Make /var/run/vyatta and /var/log/vyatta + * Use userdel -f to force removal of user + * Better version of forcing user logout + + -- Stephen Hemminger Mon, 15 Mar 2010 10:45:04 -0700 + +vyatta-cfg-system (0.17.20) unstable; urgency=low + + [ Stephen Hemminger ] + * Disable SELinux during password reset + * Fix case of VGA_LOGO option + + [ Mohit Mehta ] + * * Fix BZ 5334 services start automatically on boot up after upgrade + to kenwood + + [ Stephen Hemminger ] + * Run partition editor with script flag to avoid prompting user + * Force user process to die + + -- Stephen Hemminger Fri, 12 Mar 2010 10:01:06 -0800 + +vyatta-cfg-system (0.17.19) unstable; urgency=low + + * Bugfix 5021: Make smp_affinity configuration tolerant of failures. + + -- Bob Gilligan Tue, 09 Mar 2010 15:49:56 -0800 + +vyatta-cfg-system (0.17.18) unstable; urgency=low + + [ Stephen Hemminger ] + * Set primary interface after bond-group is initialized + + [ Bob Gilligan ] + * Bugfix 5424: Allow image with same version to be added to disk-based + install + + -- Bob Gilligan Tue, 09 Mar 2010 11:08:49 -0800 + +vyatta-cfg-system (0.17.17) unstable; urgency=low + + * Use more reliable method for determining system version. + + -- Bob Gilligan Mon, 08 Mar 2010 17:37:20 -0800 + +vyatta-cfg-system (0.17.16) unstable; urgency=low + + * Bugfix 5416: determine system version from version of vyatta-version + package + + -- Bob Gilligan Mon, 08 Mar 2010 16:19:08 -0800 + +vyatta-cfg-system (0.17.15) unstable; urgency=low + + * Bugfix 5360: Get name of image from correct source. + + -- Bob Gilligan Mon, 08 Mar 2010 14:51:58 -0800 + +vyatta-cfg-system (0.17.14) unstable; urgency=low + + [ Stephen Hemminger ] + * Fixup xl2tpd init during install + + [ Bob Gilligan ] + * Bugfix 5414: Use correct install root reference when copying back + SSH keys. + + -- Bob Gilligan Mon, 08 Mar 2010 14:17:56 -0800 + +vyatta-cfg-system (0.17.13) unstable; urgency=low + + * Bugfix 5413: Determine system version from vyatta-version package. + + -- Bob Gilligan Fri, 05 Mar 2010 13:07:33 -0800 + +vyatta-cfg-system (0.17.12) unstable; urgency=low + + * Bugfix 5404: Handle RAID re-sync on image-installed systems. + + -- Bob Gilligan Wed, 03 Mar 2010 18:09:55 -0800 + +vyatta-cfg-system (0.17.11) unstable; urgency=low + + * Bugfix 5377: strict-dad must be applied before interfaces are + configured + + -- Bob Gilligan Mon, 01 Mar 2010 14:19:23 -0800 + +vyatta-cfg-system (0.17.10) unstable; urgency=low + + * Bugfix 5217: Don't use the "-#" option to curl. It runs slow on + serial ports. + + -- Bob Gilligan Thu, 25 Feb 2010 11:50:19 -0800 + +vyatta-cfg-system (0.17.9) unstable; urgency=low + + * Bugfix 5377: Add parameter to control behavior when DAD fails. + + -- Bob Gilligan Tue, 23 Feb 2010 15:53:53 -0800 + +vyatta-cfg-system (0.17.8) unstable; urgency=low + + [ Stephen Hemminger ] + * Handle empty set of public keys + + [ Stig Thormodsrud ] + * Fix 5157: dhcpclient doesn't work when alternative mac address + specified on bootup + + -- Stig Thormodsrud Sun, 21 Feb 2010 20:21:32 -0800 + +vyatta-cfg-system (0.17.7) unstable; urgency=low + + * Fix Bug 5064 can't delete bridge group and membership in one commit + + -- Mohit Mehta Thu, 18 Feb 2010 17:28:54 -0800 + +vyatta-cfg-system (0.17.6) unstable; urgency=low + + * UNRELEASED + + -- An-Cheng Huang Wed, 17 Feb 2010 16:13:35 -0800 + +vyatta-cfg-system (0.17.5) unstable; urgency=low + + * Handle DSA keys + * Add support for options in keyfile + + -- Stephen Hemminger Wed, 17 Feb 2010 12:52:02 -0800 + +vyatta-cfg-system (0.17.4) unstable; urgency=low + + * Speed up VIF creation + * Check current status (not configured value) when enabling vlan + device + * Use template to do syntax checks on ethernet device name + + -- Stephen Hemminger Tue, 16 Feb 2010 17:37:10 -0800 + +vyatta-cfg-system (0.17.3) unstable; urgency=low + + * Don't allow format strings in snmp-community + * Add syntax check for vif name where non-vif expected + * Use die function for failures + + -- Stephen Hemminger Tue, 16 Feb 2010 13:58:55 -0800 + +vyatta-cfg-system (0.17.2) unstable; urgency=low + + * Bugfix 5327: Don't try to save config from images with none. + + -- Bob Gilligan Tue, 16 Feb 2010 11:57:24 -0800 + +vyatta-cfg-system (0.17.1) unstable; urgency=low + + * use more specific version before which modprobe files in vyatta-cfg + r2b replaced + + -- Mohit Mehta Fri, 12 Feb 2010 13:53:27 -0800 + +vyatta-cfg-system (0.16.43) unstable; urgency=low + + * fix bug 5334 services start automatically on boot up post upgrade to + kenwood + + -- Mohit Mehta Fri, 12 Feb 2010 11:29:49 -0800 + +vyatta-cfg-system (0.16.42) unstable; urgency=low + + * Bugfix 5117: Preserve config files from previous image + installation. + + -- Bob Gilligan Thu, 11 Feb 2010 16:06:16 -0800 + +vyatta-cfg-system (0.16.41) unstable; urgency=low + + * Fix bug 5325 vyatta-cfg-system fails to upgrade during full-upgrade + VC5 to VC6 + + -- Mohit Mehta Wed, 10 Feb 2010 12:21:52 -0800 + +vyatta-cfg-system (0.16.40) unstable; urgency=low + + * Remove vyatta-ofr on upgrade + * Remove IPv6 address_flush sysctl + + -- Stephen Hemminger Tue, 09 Feb 2010 15:17:46 -0800 + +vyatta-cfg-system (0.16.39) unstable; urgency=low + + * add dependency on vyatta-biosdevname + + -- An-Cheng Huang Mon, 08 Feb 2010 12:53:02 -0800 + +vyatta-cfg-system (0.16.38) unstable; urgency=low + + * Bugfix 5225: Include the OS version number in the grub menu entry. + + -- Bob Gilligan Mon, 08 Feb 2010 12:04:44 -0800 + +vyatta-cfg-system (0.16.37) unstable; urgency=low + + * Bugfix 5120: Use biosdevname to generate the canonical name for an + interface. + + -- Bob Gilligan Fri, 05 Feb 2010 16:49:36 -0800 + +vyatta-cfg-system (0.16.36) unstable; urgency=low + + * Force vyatta-cfg/vyatta-cfg-system version synchronization + + -- Stephen Hemminger Fri, 05 Feb 2010 12:31:10 -0800 + +vyatta-cfg-system (0.16.35) unstable; urgency=low + + * Set system host-name and time-zone first + + -- Stephen Hemminger Wed, 03 Feb 2010 14:39:44 -0800 + +vyatta-cfg-system (0.16.34) unstable; urgency=low + + * Change owner of created authorized key file + * Move modprobe.d/no-copybreak from vyatta-cfg + + -- Stephen Hemminger Wed, 03 Feb 2010 13:37:20 -0800 + +vyatta-cfg-system (0.16.33) unstable; urgency=low + + * Fix password-authentication setup in sshd + * Bug in handling local key file + * Run login update as root + + -- Stephen Hemminger Tue, 02 Feb 2010 15:12:07 -0800 + +vyatta-cfg-system (0.16.32) unstable; urgency=low + + * Add help for system ip arp + * Add help string for system ip neighbor + * Static host-name mapping changes + * Don't remove users home directory + + -- Stephen Hemminger Tue, 02 Feb 2010 10:52:39 -0800 + +vyatta-cfg-system (0.16.31) unstable; urgency=low + + * Allow local user (non vbash) accounts + * Make message clearer + + -- Stephen Hemminger Wed, 27 Jan 2010 18:21:04 -0800 + +vyatta-cfg-system (0.16.30) unstable; urgency=low + + * Don't delete non-user accounts + + -- Stephen Hemminger Wed, 27 Jan 2010 09:39:33 -0800 + +vyatta-cfg-system (0.16.29) unstable; urgency=low + + * Don't allow vyatta configured accounts to overlap internal accounts + * Reindent user account module + * Change function names in User.pm + * Refactor user update + * Add additional check that new user doesn't exist in NSS + * Get rid of protected-users file + + -- Stephen Hemminger Tue, 26 Jan 2010 18:30:04 -0800 + +vyatta-cfg-system (0.16.28) unstable; urgency=low + + * Bugfix 5229: Save old config info when installing on pre-existing + RAID group. + + -- Bob Gilligan Tue, 26 Jan 2010 16:25:04 -0800 + +vyatta-cfg-system (0.16.27) unstable; urgency=low + + * Bugfix 5220: Use correct path to config directory on installed + image. + + -- Bob Gilligan Tue, 26 Jan 2010 14:19:59 -0800 + +vyatta-cfg-system (0.16.26) unstable; urgency=low + + * Bugfix 5232: Correctly handle case where user doesn't want to save + SSH keys + + -- Bob Gilligan Tue, 26 Jan 2010 12:03:23 -0800 + +vyatta-cfg-system (0.16.25) unstable; urgency=low + + [ Stephen Hemminger ] + * Fix typo in PermitRoot setup. + + -- Stig Thormodsrud Mon, 25 Jan 2010 21:24:55 -0800 + +vyatta-cfg-system (0.16.24) unstable; urgency=low + + * Bugfix 5240: Prevent re-installation of same version on running + systems + + -- Bob Gilligan Mon, 25 Jan 2010 17:23:21 -0800 + +vyatta-cfg-system (0.16.23) unstable; urgency=low + + * Remove duplicate crontab and stop munging /etc/crontab. + + -- Stig Thormodsrud Mon, 25 Jan 2010 15:13:09 -0800 + +vyatta-cfg-system (0.16.22) unstable; urgency=low + + * Fix allow-root for telnet/ssh + + -- Stephen Hemminger Sun, 24 Jan 2010 22:27:33 -0800 + +vyatta-cfg-system (0.16.21) unstable; urgency=low + + * Set IPV6 parameters in rl-system.init + + -- Stephen Hemminger Thu, 21 Jan 2010 11:24:44 -0800 + +vyatta-cfg-system (0.16.20) unstable; urgency=low + + [ Stephen Hemminger ] + * Fix typo in install-image + + [ Bob Gilligan ] + * Bugfix 5162: Make disabling flow control work at boot time. + + -- Bob Gilligan Tue, 19 Jan 2010 17:37:10 -0800 + +vyatta-cfg-system (0.16.19) unstable; urgency=low + + [ Jon Andersson ] + * Restiction on filtering of udev rules + + -- Stig Thormodsrud Tue, 19 Jan 2010 17:01:50 -0800 + +vyatta-cfg-system (0.16.18) unstable; urgency=low + + [ Stephen Hemminger ] + * Restrict radius-server timeout value + + [ Robert Bays ] + * fix bug 5226: Hostname does not allow number as first char + + [ Stephen Hemminger ] + * Change how IPV4/IPV6 configuration values are done + + -- Stephen Hemminger Tue, 19 Jan 2010 17:00:39 -0800 + +vyatta-cfg-system (0.16.17) unstable; urgency=low + + * Fix snmp trap-source + + -- Stephen Hemminger Mon, 18 Jan 2010 19:01:44 -0800 + +vyatta-cfg-system (0.16.16) unstable; urgency=low + + * Fix typo in community for trap-target + + -- Stephen Hemminger Mon, 18 Jan 2010 18:35:59 -0800 + +vyatta-cfg-system (0.16.15) unstable; urgency=low + + * Bugfix 5220: Save config information from previous image-based + install. + + -- Bob Gilligan Mon, 18 Jan 2010 18:03:59 -0800 + +vyatta-cfg-system (0.16.14) unstable; urgency=low + + * Add sysctl to control IPV6 address flush + + -- Stephen Hemminger Thu, 14 Jan 2010 14:35:01 -0800 + +vyatta-cfg-system (0.16.13) unstable; urgency=low + + * Add support for trap community and port + * Add support trap source address + + -- Stephen Hemminger Wed, 13 Jan 2010 19:54:16 -0800 + +vyatta-cfg-system (0.16.12) unstable; urgency=low + + * Don't allow installation to proceed if MD5 checksum errors are + found. + + -- Bob Gilligan Wed, 13 Jan 2010 16:55:41 -0800 + +vyatta-cfg-system (0.16.11) unstable; urgency=low + + * Switch from wget to curl since the latter supports more URL methods. + + -- Bob Gilligan Fri, 08 Jan 2010 17:15:36 -0800 + +vyatta-cfg-system (0.16.10) unstable; urgency=low + + * Updates to SNMP link state trap + + -- Stephen Hemminger Wed, 06 Jan 2010 14:37:20 -0800 + +vyatta-cfg-system (0.16.9) unstable; urgency=low + + * Validate MD5 checksums on ISO file before proceeding with + installation. + + -- Bob Gilligan Wed, 06 Jan 2010 14:32:18 -0800 + +vyatta-cfg-system (0.16.8) unstable; urgency=low + + * Do loopback before other interfaces + * Remove snmpd.conf on deletion + * Cleanup SNMP config file generation + * SNMP: Merge common code for rand hex number + * Change 'protocols snmp' to 'service snmp' + * update version + * Need to be root to remove snmpd.conf + + -- Stephen Hemminger Tue, 05 Jan 2010 18:39:32 -0800 + +vyatta-cfg-system (0.16.7) unstable; urgency=low + + * Add support for fetching ISO file based on URL. + + -- Bob Gilligan Wed, 23 Dec 2009 16:17:40 -0800 + +vyatta-cfg-system (0.16.6) unstable; urgency=low + + * Set default to only ARP if IP address matches received interface + * Handle default of auto + + -- Stephen Hemminger Wed, 23 Dec 2009 10:49:38 -0800 + +vyatta-cfg-system (0.16.5) unstable; urgency=low + + * Update snmp template + * Remove old init code + * Read Vyatta version from file + + -- Stephen Hemminger Tue, 22 Dec 2009 20:59:10 -0800 + +vyatta-cfg-system (0.16.4) unstable; urgency=low + + * Bring device to up state when removed from bond + + -- Stephen Hemminger Tue, 22 Dec 2009 14:53:03 -0800 + +vyatta-cfg-system (0.16.3) unstable; urgency=low + + * Don't allow setting speed/duplex if hardware doesn't support it + * Fix return of dhcp start client. + * Mark banner script executable + * Ignore more debian build files + + -- Stephen Hemminger Tue, 22 Dec 2009 14:02:55 -0800 + +vyatta-cfg-system (0.16.2) unstable; urgency=low + + * allow vyatta-cfg-system to replace interface files in older versions + of + + -- Mohit Mehta Tue, 22 Dec 2009 11:45:39 -0800 + +vyatta-cfg-system (0.16.1) unstable; urgency=low + + * UNRELEASED + + -- Stephen Hemminger Mon, 21 Dec 2009 13:15:00 -0800 + +vyatta-cfg-system (0.16) unstable; urgency=low + + * Sync versions with vyatta-cfg + + -- Stephen Hemminger Mon, 21 Dec 2009 13:14:45 -0800 + +vyatta-cfg-system (0.15.127) unstable; urgency=low + + * Move interface support from vyatta-cfg to vyatta-cfg-system + * Fix command-with-path-in-maintainer-script postinst:158 + /usr/sbin/dpkg-reconfigure + * Add vyatta-interfaces.pl to build + + -- Stephen Hemminger Mon, 21 Dec 2009 12:38:05 -0800 + +vyatta-cfg-system (0.15.126) unstable; urgency=low + + * User deletion update + * Block passwd command for non-root user + + -- Stephen Hemminger Fri, 18 Dec 2009 14:56:43 -0800 + +vyatta-cfg-system (0.15.125) unstable; urgency=low + + * Re-enable frame-buffer on console + * Fix install-image to save config/keys + * Ignore errors from chmod/chown if ssh keys don't exist + + -- Stephen Hemminger Mon, 14 Dec 2009 16:57:26 -0800 + +vyatta-cfg-system (0.15.124) unstable; urgency=low + + * The protected-users file does not need to be made during install + * Redefine meaning of protected-user + + -- Stephen Hemminger Wed, 09 Dec 2009 14:53:06 -0800 + +vyatta-cfg-system (0.15.123) unstable; urgency=low + + * Keep udev from borking wireless device names + * Allow root account to not exist + * Force root account to have disabled password + + -- Stephen Hemminger Tue, 08 Dec 2009 15:03:25 -0800 + +vyatta-cfg-system (0.15.122) unstable; urgency=low + + * don't block passwd with pam + * Fix configure of user + + -- Stephen Hemminger Mon, 07 Dec 2009 11:41:33 -0800 + +vyatta-cfg-system (0.15.121) unstable; urgency=low + + * Fix load user key script + * Add back public-key templates + * Fix code that generates authorized keys + + -- Stephen Hemminger Fri, 04 Dec 2009 20:25:12 -0800 + +vyatta-cfg-system (0.15.120) unstable; urgency=low + + * Oops forgot to update installed version + * Rearrange the public-key configuration schema + * Block user from changing name or password + + -- Stephen Hemminger Fri, 04 Dec 2009 15:47:22 -0800 + +vyatta-cfg-system (0.15.119) unstable; urgency=low + + * Change telnet allow-root to existance (instead of boolean) + + -- Stephen Hemminger Fri, 04 Dec 2009 09:54:03 -0800 + +vyatta-cfg-system (0.15.118) unstable; urgency=low + + * Fix some file headers that cause build warnings + * Add dependency on adduser + + -- Stephen Hemminger Thu, 03 Dec 2009 16:29:30 -0800 + +vyatta-cfg-system (0.15.117) unstable; urgency=low + + * SSH enhancements + * Require key-type to be set. + * Update .ssh/authorized_keys as part of the login update + * Set modes of created authorization key (and directory) + * Add script for loading public key + * Add script for loading public key + * Preserve ssh host keys in install-image + + -- Stephen Hemminger Thu, 03 Dec 2009 16:20:51 -0800 + +vyatta-cfg-system (0.15.116) unstable; urgency=low + + * Use ext3 all the time + + -- Stephen Hemminger Wed, 02 Dec 2009 18:18:31 -0800 + +vyatta-cfg-system (0.15.115) unstable; urgency=low + + [ Stephen Hemminger ] + * Pass more info to login scripts + * Don't lose user customization to pam-auth + * Simply Radius server update + + [ Bob Gilligan ] + * Changes related to co-ordination between kernel parameters and + radvd. + + -- Bob Gilligan Wed, 02 Dec 2009 16:48:52 -0800 + +vyatta-cfg-system (0.15.114) unstable; urgency=low + + [ Stephen Hemminger ] + * Add ability to disable password authentication + + [ Bob Gilligan ] + * Co-ordinate global and per-interface IPv6 forwarding control. + + -- Bob Gilligan Wed, 02 Dec 2009 11:50:31 -0800 + +vyatta-cfg-system (0.15.113) unstable; urgency=low + + * Avoid updating files on boot + * Get rid of warning on package update + * Save SSH keys on re-install + + -- Stephen Hemminger Tue, 01 Dec 2009 14:14:00 -0800 + +vyatta-cfg-system (0.15.112) unstable; urgency=low + + * Add sync after config save + + -- Stephen Hemminger Tue, 01 Dec 2009 09:53:35 -0800 + +vyatta-cfg-system (0.15.111) unstable; urgency=low + + * added required keyword to help text. + + -- Michael Larson Mon, 30 Nov 2009 16:40:47 -0800 + +vyatta-cfg-system (0.15.110) unstable; urgency=low + + [ Stephen Hemminger ] + * Remove Radius server on reboot + + [ Michael Larson ] + * added required keyword to help text. + + -- Michael Larson Mon, 30 Nov 2009 16:33:59 -0800 + +vyatta-cfg-system (0.15.109) unstable; urgency=low + + * added required keyword to help text. + + -- Michael Larson Mon, 30 Nov 2009 15:55:21 -0800 + +vyatta-cfg-system (0.15.108) unstable; urgency=low + + * added required keyword to help text. + + -- Michael Larson Mon, 30 Nov 2009 15:36:33 -0800 + +vyatta-cfg-system (0.15.107) unstable; urgency=low + + * Add user tss for udev + + -- Stephen Hemminger Thu, 19 Nov 2009 16:41:35 -0800 + +vyatta-cfg-system (0.15.106) unstable; urgency=low + + * Mount floppy with dirsync + + -- Stephen Hemminger Wed, 18 Nov 2009 21:25:57 -0800 + +vyatta-cfg-system (0.15.105) unstable; urgency=low + + * Don't start hostapd at boot + + -- Stephen Hemminger Tue, 17 Nov 2009 16:26:26 -0800 + +vyatta-cfg-system (0.15.104) unstable; urgency=low + + * Add start_offset value to log message when partion attempt fails. + + -- Bob Gilligan Fri, 13 Nov 2009 17:46:42 -0800 + +vyatta-cfg-system (0.15.103) unstable; urgency=low + + * Add start_offset value to log message when partion attempt fails. + + -- Bob Gilligan Fri, 13 Nov 2009 16:39:04 -0800 + +vyatta-cfg-system (0.15.102) unstable; urgency=low + + * dependency update + + -- Michael Larson Fri, 13 Nov 2009 13:45:26 -0800 + +vyatta-cfg-system (0.15.101) unstable; urgency=low + + * Remove blank line + * Show dependency on pam version + + -- Stephen Hemminger Wed, 11 Nov 2009 17:09:29 -0800 + +vyatta-cfg-system (0.15.100) unstable; urgency=low + + * copy the whole config directory during install + + -- An-Cheng Huang Tue, 10 Nov 2009 14:08:59 -0800 + +vyatta-cfg-system (0.15.99) unstable; urgency=low + + [ An-Cheng Huang ] + * use new vyatta-union arg to reduce kernel cmdline length. + + [ Robert Bays ] + * Fix library include + + -- Robert Bays Fri, 06 Nov 2009 05:53:10 -0800 + +vyatta-cfg-system (0.15.98) unstable; urgency=low + + [ Stephen Hemminger ] + * Remove blank line + * Fix pam-auth-update errors from radius + * Move user configuration information to files + * radius: only try first password if first module + + [ An-Cheng Huang ] + * move custom script to custom repo + + -- An-Cheng Huang Thu, 05 Nov 2009 15:01:40 -0800 + +vyatta-cfg-system (0.15.97) unstable; urgency=low + + * Fix 5063: committing "set interfaces ethernet <> bridge-group bridge + <>" got "invalid variable reference (invalid format)" + + -- Stig Thormodsrud Mon, 02 Nov 2009 18:31:22 -0800 + +vyatta-cfg-system (0.15.96) unstable; urgency=low + + [ An-Cheng Huang ] + * use top-level pid for progress indicator + + [ Stephen Hemminger ] + * Don't want/need --package option to pam-auth-update + * Reset PAM configuration on boot + * rename pam-radius to pam_radius.cfg + + -- Stephen Hemminger Mon, 02 Nov 2009 17:28:17 -0800 + +vyatta-cfg-system (0.15.95) unstable; urgency=low + + [ David S. Madole ] + * Add VRRP capability to bonding interfaces and vifs of bonding + interfaces. + + [ Stig Thormodsrud ] + * Convert keepalived to use Interface infrastructure. + * Add priority for bonding vrrp nodes. + * Fix interface carrier status. + * Fix 'show vrrp summary' showing last vip 1st + * Using Interface.pm infrastructure to detect vif on eth|bond + interface. + + -- Stig Thormodsrud Sun, 01 Nov 2009 14:59:29 -0800 + +vyatta-cfg-system (0.15.94) unstable; urgency=low + + [ An-Cheng Huang ] + * add unified install-image + + [ slioch ] + * added missed vrrp priorities. + + -- slioch Sat, 31 Oct 2009 14:02:41 -0700 + +vyatta-cfg-system (0.15.93) unstable; urgency=low + + * radius client: try first password only if not first + * Shut up debconf when installing pam radius + * radius-server: shutup debconf dialog + * radius: add missing space + + -- Stephen Hemminger Fri, 30 Oct 2009 13:37:15 -0700 + +vyatta-cfg-system (0.15.92) unstable; urgency=low + + * Dont start radvd on boot + + -- Stephen Hemminger Thu, 29 Oct 2009 11:16:33 -0700 + +vyatta-cfg-system (0.15.91) unstable; urgency=low + + * Fix description of vif bonding + * Use pam-auth-update to configure radius + + -- Stephen Hemminger Tue, 27 Oct 2009 18:52:45 -0700 + +vyatta-cfg-system (0.15.90) unstable; urgency=low + + * move priority after tag nodes. + + -- slioch Wed, 21 Oct 2009 09:12:23 -0700 + +vyatta-cfg-system (0.15.89) unstable; urgency=low + + * move priority after multi tags + + -- slioch Tue, 20 Oct 2009 21:22:35 -0700 + +vyatta-cfg-system (0.15.88) unstable; urgency=low + + * partial fix for bug 4903. + + -- slioch Tue, 20 Oct 2009 16:11:07 -0700 + +vyatta-cfg-system (0.15.87) unstable; urgency=low + + * add .merge-branch-exclude + * update .merge-branch-exclude + + -- An-Cheng Huang Wed, 14 Oct 2009 13:16:18 -0700 + +vyatta-cfg-system (0.15.86) unstable; urgency=low + + [ Robert Bays ] + * limit xen dom0 memory to 512meg + + -- Stephen Hemminger Tue, 13 Oct 2009 16:42:00 -0700 + +vyatta-cfg-system (0.15.85) unstable; urgency=low + + * add override mechanism for protected users + + -- An-Cheng Huang Mon, 05 Oct 2009 19:20:44 -0700 + +vyatta-cfg-system (0.15.84) unstable; urgency=low + + * use pattern instead of exec + + -- Mohit Mehta Fri, 02 Oct 2009 18:31:15 -0700 + +vyatta-cfg-system (0.15.83) unstable; urgency=low + + * Mount floppy with safer options + + -- Stephen Hemminger Thu, 01 Oct 2009 12:05:29 -0700 + +vyatta-cfg-system (0.15.82) unstable; urgency=low + + [ Stephen Hemminger ] + * Cleanup all vbash users + + [ Bob Gilligan ] + * Bugfix 4951: Add configuration parameter to blacklist the IPv6 + module. + + -- Bob Gilligan Thu, 24 Sep 2009 16:05:25 -0700 + +vyatta-cfg-system (0.15.81) unstable; urgency=low + + * Bugfix 4892: Add a config parameter to disable IPv6 + + -- Bob Gilligan Wed, 23 Sep 2009 16:27:00 -0700 + +vyatta-cfg-system (0.15.80) unstable; urgency=low + + * Bugfix 4951: Don't fail if IPv6 kernel module is not loaded. + + -- Bob Gilligan Tue, 22 Sep 2009 15:56:58 -0700 + +vyatta-cfg-system (0.15.79) unstable; urgency=low + + * allow install on old compaq smart-array + + -- Robert Bays Mon, 14 Sep 2009 09:10:18 -0700 + +vyatta-cfg-system (0.15.78) unstable; urgency=low + + * Fix Bug 4919 "service dns" branch of configuration file missing ... + + -- Mohit Mehta Fri, 11 Sep 2009 18:11:30 -0700 + +vyatta-cfg-system (0.15.77) unstable; urgency=low + + * User group fixes + * Add operators to vyattaop group + * If configuration is wrong just skip user don't die + * Delete vyatta users not in configuration + + -- Stephen Hemminger Fri, 11 Sep 2009 16:31:43 -0700 + +vyatta-cfg-system (0.15.76) unstable; urgency=low + + * Invert test for livecd + + -- Stephen Hemminger Fri, 11 Sep 2009 08:31:19 -0700 + +vyatta-cfg-system (0.15.75) unstable; urgency=low + + * Move check for livecd install to before filesystem intialization + + -- Stephen Hemminger Thu, 10 Sep 2009 15:44:25 -0700 + +vyatta-cfg-system (0.15.74) unstable; urgency=low + + * Allow null description on device + + -- Stephen Hemminger Wed, 09 Sep 2009 14:39:39 -0700 + +vyatta-cfg-system (0.15.73) unstable; urgency=low + + [ Bob Gilligan ] + * Bugfix 4916, 4917: Exit correctly when vyatta user doesn't exist. + Add timeout. + + [ Stephen Hemminger ] + * Enforce syntax checking on password + + [ Bob Gilligan ] + + -- Bob Gilligan Fri, 04 Sep 2009 02:56:14 -0700 + +vyatta-cfg-system (0.15.72) unstable; urgency=low + + * Revert "Validate encrypted password field" + + -- Stephen Hemminger Fri, 04 Sep 2009 09:35:58 -0700 + +vyatta-cfg-system (0.15.71) unstable; urgency=low + + * Don't change name of non-ethernet devices + * Validate encrypted password field + + -- Stephen Hemminger Thu, 03 Sep 2009 11:18:24 -0700 + +vyatta-cfg-system (0.15.70) unstable; urgency=low + + * Bonding: load module with MII monitor enabled + * bonding: remove primary slave last + * BONDING: handle change of bond-group + * BONDING: handle change of bond-group + * BONDING: fix error messages + * Fix bonding group setup + * Remove slaves before changing mode + + -- Stephen Hemminger Tue, 04 Aug 2009 16:27:17 -0700 + +vyatta-cfg-system (0.15.69) unstable; urgency=low + + * Fix uninitialized variable. + * Fix 4766: can't set login banners "Can't locate + Vyatta/Login/Banner.pm" + + -- Stig Thormodsrud Thu, 30 Jul 2009 16:27:16 -0700 + +vyatta-cfg-system (0.15.68) unstable; urgency=low + + * Bugfix 4700: Move processing to "end" field so that param + modifications are handled. + + -- Bob Gilligan Thu, 30 Jul 2009 14:09:49 -0700 + +vyatta-cfg-system (0.15.67) unstable; urgency=low + + [ Stig Thormodsrud ] + * Fix 4748: Pre-login message files (/etc/issue,/etc/issue.net) are + + -- Bob Gilligan Thu, 30 Jul 2009 13:59:35 -0700 + +vyatta-cfg-system (0.15.66) unstable; urgency=low + + * fix undefined array ref + + -- An-Cheng Huang Mon, 27 Jul 2009 18:06:59 -0700 + +vyatta-cfg-system (0.15.65) unstable; urgency=low + + [ Stephen Hemminger ] + * Fix User Login configurator + * Make Radius server work + * Change API for login modules + * Handle deletion of radius (or other) server + * Avoid rewriting radius config unless needed + * Fix multi-nodes for address using update tag + * Fix some more update tag + * Fix generation of syslog host targets + * Change version of system config + + [ An-Cheng Huang ] + * Use sysfs for bonding device control + + [ Stephen Hemminger ] + * Fix help/completion for xor-hash + * Remove invalid buried templates + + [ An-Cheng Huang ] + * Revert earlier change -- keep debian net.agent + + [ Stephen Hemminger ] + * Remove ability to add vif to macvlan + * Convert bonding to use sysfs instead of ifenslave + * Add ifupdown package + * move acpid and ifupdown from Suggest to Depends + * Make telnet management smarter + + [ Bob Gilligan ] + * Bugfix 4592: Generate NTP config file from Vyatta configuration + parameters. + + [ Mark O'Brien ] + * Change interface state to down, add to bond group, change state to + up. + * Added link detect to ethernet bonded vlan interfaces. + * Fix 'sh: line 1:' error ing bug 4655. + * Allow user to select round-robin mode. + + [ Stephen Hemminger ] + * Block creating vif until after slaves present + * Allow disable of bonding interface with VIF + * Revert "Allow user to select round-robin mode." + * Allow round-robin to be selected + * Fix descriptions with meta-characters + + [ An-Cheng Huang ] + * initial implementation of image install + + -- An-Cheng Huang Fri, 17 Jul 2009 15:09:47 -0700 + +vyatta-cfg-system (0.15.64) unstable; urgency=low + + * Bugfix 4708: Re-structure to avoid using "update" in non-leaf + valueless nodes. + + -- Bob Gilligan Tue, 14 Jul 2009 17:19:12 -0700 + +vyatta-cfg-system (0.15.63) unstable; urgency=low + + * Bugfix 4708: Eliminate use of "update" in non-leaf valueless nodes. + + -- Bob Gilligan Tue, 14 Jul 2009 12:12:55 -0700 + +vyatta-cfg-system (0.15.62) unstable; urgency=low + + [ Mark O'Brien ] + * Fix 'sh:1 error' in bug 4655. + + [ Mohit Mehta ] + * Fix Bug 4554 check for existing firewall ruleset fails when applying + it to a zone during boot + + -- Mohit Mehta Thu, 02 Jul 2009 12:23:33 -0700 + +vyatta-cfg-system (0.15.61) unstable; urgency=low + + * Fix Bug 4593 zone-policy can't be deleted if zone interfaces are + bridges + + -- Mohit Mehta Tue, 30 Jun 2009 18:28:55 -0700 + +vyatta-cfg-system (0.15.60) unstable; urgency=low + + * make changes to work with dhcp 4.1.0 + + -- Mohit Mehta Mon, 29 Jun 2009 10:05:35 -0700 + +vyatta-cfg-system (0.15.59) unstable; urgency=low + + * Update hooks to setup config files for installing to a Xen VM. + + -- Bob Gilligan Thu, 25 Jun 2009 17:41:38 -0700 + +vyatta-cfg-system (0.15.58) unstable; urgency=low + + * Add optional hooks to setup config files for installing to a Xen VM. + + -- Bob Gilligan Wed, 24 Jun 2009 16:19:12 -0700 + +vyatta-cfg-system (0.15.57) unstable; urgency=low + + * temporarily undo check for firewall ruleset until bug 4554 is + resolved + + -- Mohit Mehta Wed, 17 Jun 2009 20:35:37 -0700 + +vyatta-cfg-system (0.15.56) unstable; urgency=low + + * Merged from Jenner. + + -- Bob Gilligan Wed, 17 Jun 2009 16:24:28 -0700 + +vyatta-cfg-system (0.15.55) unstable; urgency=low + + * Bugfix 4490: Wait for stability after marking partition bootable. + + -- Bob Gilligan Wed, 17 Jun 2009 16:22:47 -0700 + +vyatta-cfg-system (0.15.54) unstable; urgency=low + + * Bugfix 4490: Mark root partition as "bootable" in the master boot + record (MBR). + + -- Bob Gilligan Wed, 17 Jun 2009 10:49:56 -0700 + +vyatta-cfg-system (0.15.53) unstable; urgency=low + + * Fix 4579: There is no validation for vrrp virtual-address like the + one for interfaces address. + + -- Stig Thormodsrud Sun, 14 Jun 2009 14:30:17 -0700 + +vyatta-cfg-system (0.15.52) unstable; urgency=low + + * change default-policy to default-action for zones + + -- Mohit Mehta Wed, 03 Jun 2009 16:42:45 -0700 + +vyatta-cfg-system (0.15.51) unstable; urgency=low + + [ Stephen Hemminger ] + * Tacplus no longer part of jenner + + -- An-Cheng Huang Tue, 02 Jun 2009 11:25:45 -0700 + +vyatta-cfg-system (0.15.50) unstable; urgency=low + + [ Stephen Hemminger ] + * Print error message on failure to create group/user + + [ Mohit Mehta ] + * move server,protocol to the same line in config file + + [ Stig Thormodsrud ] + * Change tunnel multicast from on/off to enable/disable. + * Fix bug preventing 'vyatta' user login. + + [ Stephen Hemminger ] + * Fix deletion of pseudo-ethernet + * Ignore patch and editor temporary files + * Change how system login update works + + -- An-Cheng Huang Mon, 01 Jun 2009 17:43:59 -0700 + +vyatta-cfg-system (0.15.48) unstable; urgency=low + + * Restore default facility for 'syslog console' + * Revert "Restore default facility for 'syslog console'" + * NTP management version 3 + + -- Stephen Hemminger Wed, 27 May 2009 10:12:45 -0700 + +vyatta-cfg-system (0.15.47) unstable; urgency=low + + [ Jon Andersson ] + * Fix 4430: Not possible to create tunnel on fluctating interfaces + * Allow multicast to be enabled on tunnel interfaces. + + [ Stig Thormodsrud ] + + -- Stig Thormodsrud Mon, 25 May 2009 14:19:19 -0700 + +vyatta-cfg-system (0.15.46) unstable; urgency=low + + * Fix install rules + * Simplify ntp.conf + * Fix post install script to adjust ntp.conf and net.agent + + -- Stephen Hemminger Sun, 24 May 2009 10:15:03 -0700 + +vyatta-cfg-system (0.15.45) unstable; urgency=low + + * Put server at end of file + * add iburst + * Fix ntp.conf management + + -- Stephen Hemminger Fri, 22 May 2009 14:38:52 -0700 + +vyatta-cfg-system (0.15.44) unstable; urgency=low + + * UNRELEASED + + -- Stephen Hemminger Fri, 22 May 2009 14:36:24 -0700 + +vyatta-cfg-system (0.15.43) unstable; urgency=low + + * Run ntp during boot + * Don't run net.agent + + -- Stephen Hemminger Fri, 22 May 2009 10:22:30 -0700 + +vyatta-cfg-system (0.15.42) unstable; urgency=low + + * Change default NTP server + * Don't flush out ntp.conf on boot + * Revert "Change default NTP server" + * Add NTP configuration file + + -- Stephen Hemminger Fri, 22 May 2009 08:13:33 -0700 + +vyatta-cfg-system (0.15.41) unstable; urgency=low + + [ Stephen Hemminger ] + * Avoid restarting NTP server if not needed + + [ Mohit Mehta ] + * Fix Bug 4416 Add the ability to configure a specific server for + DynDNS + + -- Mohit Mehta Tue, 19 May 2009 21:24:59 -0700 + +vyatta-cfg-system (0.15.40) unstable; urgency=low + + * Don't advertise loopback interface as an allowed value for zone + interfaces + + -- Mohit Mehta Fri, 15 May 2009 12:20:42 -0700 + +vyatta-cfg-system (0.15.39) unstable; urgency=low + + * Fix Bug 4395 After local-zone is set, traffic from localhost is + dropped + + -- Mohit Mehta Fri, 15 May 2009 11:02:14 -0700 + +vyatta-cfg-system (0.15.38) unstable; urgency=low + + * Allow specifying 'protocols' for syslog facility + * Reindent syslog script + + -- Stephen Hemminger Wed, 06 May 2009 17:21:16 -0700 + +vyatta-cfg-system (0.15.37) unstable; urgency=low + + * * do silent validity check when creating zone chains and adding from + zone rules + + -- Mohit Mehta Wed, 06 May 2009 16:52:59 -0700 + +vyatta-cfg-system (0.15.36) unstable; urgency=low + + * Split up system login scripts + + -- Stephen Hemminger Tue, 05 May 2009 13:51:14 -0700 + +vyatta-cfg-system (0.15.35) unstable; urgency=low + + * * restrict zone name to 20 characters + + -- Mohit Mehta Tue, 05 May 2009 11:50:15 -0700 + +vyatta-cfg-system (0.15.34) unstable; urgency=low + + * Move virtual-ethernet to pseudo-ethernet + + -- Stephen Hemminger Wed, 29 Apr 2009 12:32:41 -0700 + +vyatta-cfg-system (0.15.33) unstable; urgency=low + + [ Stig Thormodsrud ] + * Replace md5 compare with a (hopefully) lighter-weight file compare. + + [ Stephen Hemminger ] + * ntp: fix message + + -- Stephen Hemminger Tue, 28 Apr 2009 14:09:30 -0700 + +vyatta-cfg-system (0.15.32) unstable; urgency=low + + * Using perl module for move() rather than system call. + * Avoid unnecessary writing of file if it's the same contents. + + -- Stig Thormodsrud Mon, 27 Apr 2009 14:42:17 -0700 + +vyatta-cfg-system (0.15.31) unstable; urgency=low + + * Add configurable login banners. + + -- Stig Thormodsrud Sun, 26 Apr 2009 18:53:02 -0700 + +vyatta-cfg-system (0.15.30) unstable; urgency=low + + * * add jump to local-zone-out chain in OUTPUT chain for both [ip and + ip6] tables + + -- Mohit Mehta Fri, 24 Apr 2009 18:31:57 -0700 + +vyatta-cfg-system (0.15.29) unstable; urgency=low + + * Add support for virtual-ethernet + * New tacacs+ configuration templates + + -- Stephen Hemminger Fri, 24 Apr 2009 13:01:24 -0700 + +vyatta-cfg-system (0.15.28) unstable; urgency=low + + [ Justin Fletcher ] + * Allow for enterprise MIB + + [ Mohit Mehta ] + * Fix Bug 4207 dns forwarding has hardcoded ethernet assumptions + + [ Stig Thormodsrud ] + + -- Stig Thormodsrud Thu, 23 Apr 2009 13:26:49 -0700 + +vyatta-cfg-system (0.15.27) unstable; urgency=low + + * Move disable-link-detect out of vyatta-cfg-quagga to interfaces + + -- Stephen Hemminger Mon, 20 Apr 2009 09:22:39 -0700 + +vyatta-cfg-system (0.15.26) unstable; urgency=low + + * add default-policy node for zones. can be set to drop or reject + * add default-policy node for zones. can be set to drop or reject + + -- Mohit Mehta Thu, 16 Apr 2009 17:46:19 -0700 + +vyatta-cfg-system (0.15.25) unstable; urgency=low + + * add read-write union install mechanism + * handle default xen kernel + * post-install changes + + -- An-Cheng Huang Tue, 14 Apr 2009 16:27:15 -0700 + +vyatta-cfg-system (0.15.24) unstable; urgency=low + + * add local-zone in|out firewall and clean-up code + + -- Mohit Mehta Fri, 10 Apr 2009 18:41:11 -0700 + +vyatta-cfg-system (0.15.23) unstable; urgency=low + + * Fix file syslog target + + -- Stephen Hemminger Fri, 10 Apr 2009 10:13:35 -0700 + +vyatta-cfg-system (0.15.22) unstable; urgency=low + + * fix xen kernel handling for union install + + -- An-Cheng Huang Thu, 09 Apr 2009 13:49:59 -0700 + +vyatta-cfg-system (0.15.21) unstable; urgency=low + + * Resolve problems with syslog.conf + + -- Stephen Hemminger Thu, 09 Apr 2009 13:25:42 -0700 + +vyatta-cfg-system (0.15.20) unstable; urgency=low + + * Rewrite syslog management + + -- Stephen Hemminger Wed, 08 Apr 2009 15:35:47 -0700 + +vyatta-cfg-system (0.15.19) unstable; urgency=low + + * change xen kernel detection + + -- An-Cheng Huang Mon, 06 Apr 2009 11:41:23 -0700 + +vyatta-cfg-system (0.15.18) unstable; urgency=low + + * Fix "clear vrrp process". Use new perl lib hierarchy. + + -- Stig Thormodsrud Sun, 05 Apr 2009 13:14:14 -0700 + +vyatta-cfg-system (0.15.17) unstable; urgency=low + + [ Stig Thormodsrud ] + * Change "syntax" check to "commit" check for virtual interfaces. + * 0.15.16 + + [ Stephen Hemminger ] + * Update template to handle change in default syslog.conf + + -- Stephen Hemminger Wed, 01 Apr 2009 16:52:02 -0700 + +vyatta-cfg-system (0.15.16) unstable; urgency=low + + * Change "syntax" check to "commit" check for virtual interfaces. + + -- Stig Thormodsrud Wed, 01 Apr 2009 16:27:35 -0700 + +vyatta-cfg-system (0.15.15) unstable; urgency=low + + * Don't double log quagga messages + * Help text spelling fix + * Update help text to show which facility is quagga + * Use interface check program + + -- Stephen Hemminger Wed, 01 Apr 2009 08:46:51 -0700 + +vyatta-cfg-system (0.15.14) unstable; urgency=low + + * Turn off forwarding delay if STP is off + * Set forwarding-delay when STP is enabled + + -- Stephen Hemminger Tue, 31 Mar 2009 14:12:24 -0700 + +vyatta-cfg-system (0.15.13) unstable; urgency=low + + * UNRELEASED + + -- Bob Gilligan Thu, 26 Mar 2009 14:53:20 -0700 + +vyatta-cfg-system (0.15.12) unstable; urgency=low + + * Bugfix 4139: Increase minimum root filesystem size to 1 GB. + + -- Bob Gilligan Thu, 26 Mar 2009 14:11:38 -0700 + +vyatta-cfg-system (0.15.11) unstable; urgency=low + + * Revert "Split login authentication configuration into three scripts" + + -- Stephen Hemminger Thu, 26 Mar 2009 10:17:39 -0700 + +vyatta-cfg-system (0.15.10) unstable; urgency=low + + * Add "interface ethernet <> bridge-group bridge" update tag in + addition to create tag. + + -- Stig Thormodsrud Wed, 25 Mar 2009 18:22:28 -0700 + +vyatta-cfg-system (0.15.9) unstable; urgency=low + + * Change bridge check from "syntax" to "create". + + -- Stig Thormodsrud Wed, 25 Mar 2009 17:45:33 -0700 + +vyatta-cfg-system (0.15.8) unstable; urgency=low + + * move keepalived.pm to vyatta-cfg + + -- Stephen Hemminger Wed, 25 Mar 2009 16:43:25 -0700 + +vyatta-cfg-system (0.15.7) unstable; urgency=low + + [ Stephen Hemminger ] + * Fix bare file handle warning + * Split login authentication configuration into three scripts + + [ Stig Thormodsrud ] + * Change "syntax" check to "commit" check for "bridge-group bridge". + + [ Stephen Hemminger ] + * Fix update of description + + -- Stephen Hemminger Wed, 25 Mar 2009 14:19:22 -0700 + +vyatta-cfg-system (0.15.6) unstable; urgency=low + + * Change "syntax" check to a "commit" check. + + -- Stig Thormodsrud Tue, 24 Mar 2009 17:53:17 -0700 + +vyatta-cfg-system (0.15.5) unstable; urgency=low + + * Save interface description in kernel + + -- Stephen Hemminger Mon, 23 Mar 2009 12:27:42 -0700 + +vyatta-cfg-system (0.15.4) unstable; urgency=low + + [ Stephen Hemminger ] + * Change update to create on multi-nodes + + [ Mohit Mehta ] + * will help debug bug 4181 if and when it happens + + [ An-Cheng Huang ] + * use renamed tacplus package + + -- An-Cheng Huang Mon, 23 Mar 2009 11:11:38 -0700 + +vyatta-cfg-system (0.15.3-14) unstable; urgency=low + + * Fix 4190: vrrp may fail to start daemon if previous commit of vrrp + partially failed + + -- Stig Thormodsrud Thu, 12 Mar 2009 10:58:43 -0700 + +vyatta-cfg-system (0.15.3-13) unstable; urgency=low + + [ Mohit Mehta ] + * use code from Vyatta::Misc where is_dhcp_enabled() is already + defined + + [ Stephen Hemminger ] + * Fix perlcritic warning about bare file handle + * Fix delete of bonding vif + * Don't allow vif on disabled bonding interface + + -- Stephen Hemminger Wed, 11 Mar 2009 21:36:16 -0700 + +vyatta-cfg-system (0.15.3-12) unstable; urgency=low + + [ Stig Thormodsrud ] + * Fix 4183: No auto completion for group number when running 'clear + vrrp + + [ Bob Gilligan ] + * Remove per-interface firewall templates. They are generated now. + + -- Bob Gilligan Mon, 09 Mar 2009 11:16:47 -0700 + +vyatta-cfg-system (0.15.3-11) unstable; urgency=low + + [ Stig Thormodsrud ] + * Remove prefix mask on vip if present since it can't be using in + arping. + + [ Stephen Hemminger ] + * Fix path to lsof + + -- An-Cheng Huang Sat, 07 Mar 2009 23:25:55 -0800 + +vyatta-cfg-system (0.15.3-10) unstable; urgency=low + + [ Stephen Hemminger ] + * Fix perlcritic warnings + * Change sudo ability of some operator related commands + * More checking for open() of log + + [ Stig Thormodsrud ] + * Move changes file to /var/run/vrrpd and make sure the directory + exists. + * Remove unused directory. + * Specify source address with arping since we no longer require an IP + + -- Stig Thormodsrud Fri, 06 Mar 2009 18:59:46 -0800 + +vyatta-cfg-system (0.15.3-9) unstable; urgency=low + + * Fix path on hwclock cleanout + * Run through tidy for indent + * Use vyatta-interfaces.pl to show available bonding devices + * Use vyatta-interfaces.pl to check bridge validity + * Fix slave device startup + + -- Stephen Hemminger Tue, 03 Mar 2009 10:56:22 -0800 + +vyatta-cfg-system (0.15.3-8) unstable; urgency=low + + * Convert to bonding vif to use netlink. + * Change install-system to handle CF better + * Remove out of date quick-install + + -- Stephen Hemminger Mon, 02 Mar 2009 16:11:10 -0800 + +vyatta-cfg-system (0.15.3-7) unstable; urgency=low + + [ Mohit Mehta ] + * let admin user set arp paramters + + [ Stig Thormodsrud ] + * Fix 3778: vrrp should allow prefix to be included with the virtual- + address + * Fix breakage from previous cleanup commit. + * Fix 4068: 'show vrrp' last transition times are not updated when a + transition occurs on boot. + * Fix 4152: Add support for VRRP operation on unnumbered interfaces + + -- Stig Thormodsrud Sun, 01 Mar 2009 12:15:45 -0800 + +vyatta-cfg-system (0.15.3-6) unstable; urgency=low + + [ An-Cheng Huang ] + * fix logic and shell syntax + * up the bridge interface when it's created + + [ Mohit Mehta ] + * Fix Bug 2463 Allow the neighbor table threshold values to be + + -- Mohit Mehta Fri, 27 Feb 2009 19:08:52 -0800 + +vyatta-cfg-system (0.15.3-5) unstable; urgency=low + + * set default values for ipv6 accept_redirects and accept_source_route + + -- Mohit Mehta Tue, 24 Feb 2009 18:56:48 -0800 + +vyatta-cfg-system (0.15.3-4) unstable; urgency=low + + * Allow installation on virtio disk + * Don't depend on /proc/ide + + -- Stephen Hemminger Tue, 24 Feb 2009 15:41:57 -0800 + +vyatta-cfg-system (0.15.3-3) unstable; urgency=low + + [ Stephen Hemminger ] + * Take out ipt_rlsnmpstats module + + [ Mohit Mehta ] + * Fix Bug 3951 default values for kernel tunable security parameters + under firewall + + -- Mohit Mehta Thu, 19 Feb 2009 19:12:45 -0800 + +vyatta-cfg-system (0.15.3-2) unstable; urgency=low + + * fix spelling mistake + + -- Mohit Mehta Tue, 10 Feb 2009 10:10:03 -0800 + +vyatta-cfg-system (0.15.3-1) unstable; urgency=low + + [ Stephen Hemminger ] + * bridge: handle non ethernet devices in bridge + + [ Mohit Mehta ] + * permit operator-level user to issue show and clear commands for + firewall + + -- Mohit Mehta Fri, 06 Feb 2009 17:45:06 -0800 + +vyatta-cfg-system (0.15.3) unstable; urgency=low + + * Fix delete of bonding interface + * Replace bare word file handle + + -- Stephen Hemminger Mon, 26 Jan 2009 16:25:33 -0800 + +vyatta-cfg-system (0.15.2) unstable; urgency=low + + * disable bridge node should be same as disable ethernet + * Bridge/bonding update to new syntax + + -- Stephen Hemminger Mon, 12 Jan 2009 16:51:36 -0800 + +vyatta-cfg-system (0.15.1) unstable; urgency=low + + [ Rick Balocca ] + * Fix for bug http://bugzilla.vyatta.com/show_bug.cgi?id=3731 + + [ Stephen Hemminger ] + * Fix password changer to deal with update config format + * Make standalone passwd reset change vyatta not root + * Leave root account disabled + * Standalone tool now changes vyatta not root password + + [ Rick Balocca ] + * Fix typo + + [ rbalocca ] + * Fix for bug http://bugzilla.vyatta.com/show_bug.cgi?id=2426 + + [ Stephen Hemminger ] + * Mount root filesystem with noatime + * Add completion for allowed values + * Don't force rebuild of ssh_host_key on each boot + * Remove OFR from grub lines + * fix grammar of previous patch + * Don't restart sshd if not needed + * Always restart ssh + + [ Robert Bays ] + * add basic tacacs+ support + + [ Stephen Hemminger ] + * Avoid sleep in ntp restart + * Speed up boot + * Remove extra call to set hwclock on startup + * typo in last commit + * Speed up addition of users to system + + [ Mohit Mehta ] + * dhcp action scripts for linkup/down + + [ Stephen Hemminger ] + * Fix sysctl key values + + [ An-Cheng Huang ] + * add support for development build + + [ Mohit Mehta ] + * Fix Bug 3917 dhcp brings interface up for lease acquire/renew even + though interface has been disabled in CLI + + [ Stephen Hemminger ] + * Rename VyattaKeepalived to Vyatta::Keepalived + * Convert to Vyatta::Config hierarchy + + [ Bob Gilligan ] + * Bugfix 3747: Allow user to break previously existing RAID group. + + [ Stephen Hemminger ] + * VyattaConfig -> Vyatta::Config + * Add correct help for bonding modes + + [ Rick Balocca ] + * Fix for bug http://bugzilla.vyatta.com/show_bug.cgi?id=3963 + + [ Stephen Hemminger ] + * use vyatta-link-detect + * Remove OFR from grub lines + * fix grammar of previous patch + * need full path to linkdetect + + [ An-Cheng Huang ] + * update maintainer information + * "files" file should be removed before package build + + [ Stephen Hemminger ] + * Add acpid + + [ slioch ] + * removed unprintable form-feed characters. This was causing xml + validation to fail within the webgui. + + [ Mohit Mehta ] + * Fix Bug 4022 dynamic dns config fails during system boot if + interface does not exist + + [ An-Cheng Huang ] + + -- An-Cheng Huang Thu, 08 Jan 2009 09:25:28 -0800 + +vyatta-cfg-system (0.15) unstable; urgency=low + + 3.2.0 + [ Mark O'Brien ] + + + [ Bob Gilligan ] + * Bugfix 3738: Improve safety in installing onto RAID sets. + * Bugfix 3932 + + [ Stig Thormodsrud ] + * Fix 3929: Operator level user now need sudo password to run "clear + arp + + [ Bob Gilligan ] + * Bugfix 3928: Need to install vyatta-raid-event script. + + [ Stig Thormodsrud ] + * Fix 3920: Operator level users require sudo permission for nat + * Fix 3918: Operator level users require sudo permission for ipv6 + clear + + [ Stephen Hemminger ] + * Make sure install-system only run with root privledges + + [ Mohit Mehta ] + * make 'show interfaces wirelessmodem stats' work from + operator mode + + [ Stephen Hemminger ] + * Handle older format config files in password reset + + [ An-Cheng Huang ] + * fix for bug 2313: add support for "Region/City" timezone + specification. + + [ Mohit Mehta ] + * rmeove ddclient script from ppp ip-up directory as we configure + + [ Stig Thormodsrud ] + * Add config to disable ip/ipv6 forwarding. + + [ Mohit Mehta ] + * change input parameter name from dhclient_script to outside_cli to + + [ Robert Bays ] + * bug 3791: set sysObjectID and sysDescr + * bug 1587: add error message when user tries native install from non- + union media + + [ Bob Gilligan ] + * Bugfix: 3841 + + [ Stephen Hemminger ] + * Fix standalone password reset + * Allow more ethtool commands + * Make stanalone passwd reset work + + [ Mohit Mehta ] + * Fix Bug 3840 System error reported on initial SNMP commit with trap + target + + [ Stephen Hemminger ] + * Handle config file format change in standalone reset + * Fix password changer to deal with update config format + + [ An-Cheng Huang ] + * add firewall configuration to bridge interface + + [ Stephen Hemminger ] + * Fix bad tab completion on interfaces/bonding + + [ Mohit Mehta ] + * Fix Bug 3567 Debug messages are not logged by default on upgraded + system + + [ Bob Gilligan ] + * Bugfix: 3687: Only start mdadm if we have a RAID group as root + filesystem. + * Bugfix: 3775: Allow RAID-1 to be configured on disks with different + sizes + + [ Stig Thormodsrud ] + * Change telnet allow-root type from txt to bool. + + [ Stephen Hemminger ] + * Need sudo when editing ssh config file + * Fix parsing of allow-root field + * Revert "Block remote access to rpc-bind port" + * Block remote access to rpc-bind port + + [ Bob Gilligan ] + * Bugfix: 3744 + + [ An-Cheng Huang ] + * remove unused files + * use epoch in package version number + * add ssh key blacklists + + [ Stephen Hemminger ] + * Allow non-livecd union install + * install-system can only run from livecd + + [ Bob Gilligan ] + * Bugfix: 3226 + + [ Robert Bays ] + * fix ssh keygen on startup + + [ Mohit Mehta ] + * - redo internal snmpv3 user creation for linkUpDownNotifications + * Fix Bug 3751 configuring multiple global syslog facilities + overwrites previous ones in /etc/syslog.conf + + [ Stephen Hemminger ] + * Go back to simpler syslog config + * Don't allow operator to reboot system + + [ Bob Gilligan ] + * Bugfix: 3226 + + [ Stephen Hemminger ] + * Revert "Set correct mode on configuration mode" + * Set correct mode on configuration mode + + [ An-Cheng Huang ] + * fix xen grub setup + + [ slioch ] + * Revert "Change allow-root nodes to boolean" + + [ Stephen Hemminger ] + * Change allow-root nodes to boolean + + [ Mohit Mehta ] + * don't poll resolv files for nameserver changes - it messes up + statistics + + [ rbalocca ] + * Fix for bug http://bugzilla.vyatta.com/show_bug.cgi?id=3735 + + [ Bob Gilligan ] + * Bugfix: 3743 + + [ Mohit Mehta ] + * Fix Bug 3609 - "show tech-support" does not display open file + information for operator level user + + [ Bob Gilligan ] + * Bugfix: 3727 + * Bugfix: 3572 + + [ Stephen Hemminger ] + * Standalone passwd reset prompt for password + * Workaround problems with mkpasswd + + [ rbalocca ] + * Add vyatta-grub-setup + * Fix for bug http://bugzilla.vyatta.com/show_bug.cgi?id=3712 + + [ Bob Gilligan ] + * Bugfix: 3492 + * Bugfix: 3515 + * Bugfix: 3703 + + [ Stephen Hemminger ] + * No longer need to turn off SACK + * Allow any number of bridge devices + * Allow any number of tunnel devices + + [ Rick Balocca ] + * Fix for bug http://bugzilla.vyatta.com/show_bug.cgi?id=3694 + + [ Mohit Mehta ] + * Fix Bug 3607 Error setting DNS forwarding to use DHCP + + [ Stephen Hemminger ] + * Don't need to list ifenslave twice + * Add support for bonding + + [ Robert Bays ] + * expose the union option in install-system + * fix bug 3863 + * Don't kill An-Cheng's commits. + * change to native install from a USB stick + * remove complex options from union install + * changed union install to support multiple directories + + [ An-Cheng Huang ] + * add postinst hook for install-system + + [ Mohit Mehta ] + * use script for setting/deleting system nameservers + * preserve system name-servers order in /etc/resolv.conf as configured + in CLI + * - change forced update wait time from 2 weeks to 4 weeks if no + change in IP as per the free service provided by dyndns + * - remove ddclient cache before restarting + + [ Robert Bays ] + * fixes to install-system and grub-setup for xen hypervisor and + device.map + + [ Mohit Mehta ] + * - use apt per interface ddclient files + + [ Bob Gilligan ] + * Account for size of diag partition when calculating disk size, which + is needed + + [ Mohit Mehta ] + * first attempt at implementing CLI support for Dynamic DNS + * better worded warning when no name-servers set under 'system name- + server' + * released interface should be flagged as a warning rather than a + commit failed + + [ Robert Bays ] + * add functioanlity for binary images to install system + + [ Mohit Mehta ] + * prompt warning for no nameservers if no nameservers set and no + interface set to use dhcp + + [ Stephen Hemminger ] + * Add support for aufs + + [ Mohit Mehta ] + * polish up DNS forwarding error messages + * show bridge interfaces in allowed values as well if configured to + use dhcp + * move from a 'ignore-interface' model to a 'listen-on' model for DNS + forwarding + * - get ddclient package for Dynamic DNS + + [ An-Cheng Huang ] + * remove 2nd timeout to avoid 64-bit boot problem + + [ Bob Gilligan ] + * Update install-system and grub-setup to handle RAID-1 configuration. + + [ Rick Balocca ] + * Merge from "hollywood" + + [ rbalocca ] + * Merge from "hollywood" + + [ Bob Gilligan ] + * Add mdadm package to support RAID-1 configurations. + + [ Mohit Mehta ] + * - servers being used for dns forwarding written to dnsmasq.conf with + more info in comments + * log dnsmasq output to /var/log/dnsmasq.log on start-up and whilst + running (i.e. when sent a signal to log) + * tighten the checks for checking the existence or removal or + nameservers + * tighten regex pattern to get dhclient resolv files + + [ Stig Thormodsrud ] + * Change udevtrigger to udevadm trigger. + + [ Mohit Mehta ] + * remove earlier added dnsmasq options + * update dns forwarding nameservers on dhcp lease updates + * any change in system name-servers should be communicated to dnsmasq + * configure dnsmasq to use dns-servers as specified in CLI + * use config rather than /etc/resolv.conf to get system set + nameservers + * code to specify DNS forwarding nameservers (system, dhcp, explicitly + specified) using CLI + * tighten syntax check + * change 'service dns forward' to 'service dns forwarding' + * this better detects the interfaces in /proc/net/dev + + [ Rick Balocca ] + * Script cleanup + + [ Mohit Mehta ] + * change DNS forwarding CLI from 'service dns-forwarding' to 'service + dns forward' + * add missing comma + + [ Mark O'Brien ] + * control: added ifenslave-2.6 to debian control file + + [ rbalocca ] + * Fix for http://bugzilla.vyatta.com/show_bug.cgi?id=3542 + + [ Mohit Mehta ] + * add command for user to enter interfaces on which not to listen for + DNS queries + * - add ability to set cache-size for DNS forwarding from CLI + + [ Rick Balocca ] + * Cleanup + * Additional fixes for http://bugzilla.vyatta.com/show_bug.cgi?id=3520 + + [ rbalocca ] + * Fixes for: http://bugzilla.vyatta.com/show_bug.cgi?id=3520 + http://bugzilla.vyatta.com/show_bug.cgi?id=3519 + http://bugzilla.vyatta.com/show_bug.cgi?d for: + http://bugzilla.vyatta.com/show_bug.cgi?id=3520 + http://bugzilla.vyatta.com/show_bug.cgi?id=3519 + http://bugzilla.vyatta.com/show_bug.cgi?id=3518 and perhaps others + + [ Mohit Mehta ] + * First parts of DNS forwarding stuff + + [ Stig Thormodsrud ] + * Add IPv6 address to comp_help for bridge/tunnel + * Enable IPv6 forwarding. + + [ Stephen Hemminger ] + * Get rid of debian build warning + + [ Rick Balocca ] + * Fix for http://bugzilla.vyatta.com/show_bug.cgi?id=3225 + * Partial fix for http://bugzilla.vyatta.com/show_bug.cgi?id=3225 + + [ Bob Gilligan ] + * Bugfix: 3519 + + [ rbalocca ] + * Since this packages changes the bash-completion conf file, it must + be installed after bash-completion + + [ Mohit Mehta ] + * add dnsmasq package to be included in the build + + [ rbalocca ] + * The postinst was printing a '?' + + [ An-Cheng Huang ] + * fix for bug 3459: make bash-completion use "builtin set". + + [ Mark O'Brien ] + + -- Mark O'Brien Tue, 25 Nov 2008 19:09:21 -0800 + +vyatta-cfg-system (0.14) unstable; urgency=low + + 3.1.4 + [ Mark O'Brien ] + + + [ Robert Bays ] + * fix ssh keygen on startup + + [ An-Cheng Huang ] + * remove unused files + * use epoch in package version number + * add ssh key blacklists + + [ Mark O'Brien ] + + -- Mark O'Brien Tue, 14 Oct 2008 17:30:18 -0700 + +vyatta-cfg-system (0.13) unstable; urgency=low + + 3.1.3 + [ Mark O'Brien ] + + + [ Bob Gilligan ] + * Bugfix: 1292 + * Bugfix: 1292 + + [ rbalocca ] + * More spaces (bugs http://bugzilla.vyatta.com/show_bug.cgi?id=3549 + and http://bugzilla.vyatta.com/show_bug.cgi?id=3552) + * Fixes for bugs: http://bugzilla.vyatta.com/show_bug.cgi?id=3549 and + http://bugzilla.vyatta.com/show_bug.cgi?id=3552 + + [ Rick Balocca ] + * Merge from islavista + * Fix for http://bugzilla.vyatta.com/show_bug.cgi?id=3520 + + [ Mark O'Brien ] + + -- Mark O'Brien Tue, 19 Aug 2008 17:48:26 -0700 + +vyatta-cfg-system (0.12) unstable; urgency=low + + 3.1.2 + [ Mark O'Brien ] + + + [ Mohit Mehta ] + * => Modified vyatta_update_resolv.pl to update (i.e. add and remove) + 'name-server' and 'domain-name-server' options + + [ root ] + * Fix 3359: changing telnet setting drops other telnet sessions. + + [ Stig Thormodsrud ] + * Fix 3460: vrrp authentication error msg is wrong + + [ Stephen Hemminger ] + * purge any old entries from sudoers + * Don't add ide=nodma twice + + [ rbalocca ] + * Remove debugging + * Fix for bug http://bugzilla.vyatta.com/show_bug.cgi?id=2807 + + [ Robert Bays ] + * fix for bug 3095 + + [ Stephen Hemminger ] + * Modify upgrade procedure for /etc/sudoers + + [ An-Cheng Huang ] + * fix for bug 3417: use UUID in grub config file + + [ Stephen Hemminger ] + * Fix problem if install-system run twice + + [ Bob Gilligan ] + * Bugfix: 1592 + + [ Stephen Hemminger ] + * Missing -e causes sudoers problem + * Can't use logger in standalone + * get rid of extra fi from last commit + * Change syslogging of authorization related commands + * Use logger to write system log + * Make standalone password reset work + * Handle multiple slashes in passwd + + [ Mark O'Brien ] + + -- Mark O'Brien Wed, 23 Jul 2008 21:35:54 -0700 + +vyatta-cfg-system (0.11) unstable; urgency=low + + 3.1.1 + [ Mark O'Brien ] + + + [ Stig Thormodsrud ] + * Fix 3379: tunnel interfaces are artificially limited to tun0-tun9 + * Add cli to enable proxy arp on a interface. + + [ Bob Gilligan ] + * Bugfix: 1292 + + [ Stephen Hemminger ] + * translate slash in password + * Spellin fixes + + [ Auto Build ] + * Remove dependency on grub-pc + + [ rbalocca ] + * Insist on vyatta-keepalived + * Additional dependencies + + [ Bob Gilligan ] + * Bugfix: 3259 + + [ Stig Thormodsrud ] + * Add module version for vrrp. + * Fix 2030: Enhancement: VRRP preemption hold down timer + + [ Stephen Hemminger ] + * Prompt for vyatta and root password + * Use tr command rather than awk + * Use UUID to find root filesystem + * Surpress messages by default + * Add passwd sync script + + [ Mark O'Brien ] + + -- Mark O'Brien Sat, 28 Jun 2008 11:22:12 -0700 + +vyatta-cfg-system (0.10) unstable; urgency=low + + 3.1.0 + [ Mark O'Brien ] + + + [ An-Cheng Huang ] + * fix for bug 3032: rename pre-glendale config files during install- + system. + + [ Robert Bays ] + * fix bug 3039 + + [ Stephen Hemminger ] + * Turn off framebuffer (by default) + + [ Stig Thormodsrud ] + * Fix 1818: Add disable option to vrrp. + + [ Stephen Hemminger ] + * Enable vga framebuffer on console + * Allow operator to run wanpipemon + + [ Bob Gilligan ] + * Bugfix: 3305 + + [ Stig Thormodsrud ] + * Fix 3328: operator can't issue "show vrrp". + + [ Stephen Hemminger ] + * wrong option to useradd + * Put vyatta users in the users group + + [ Stig Thormodsrud ] + * Fix 787: Add a command to force vrrp state transition to backup + + [ Stephen Hemminger ] + * Switch back to snmpd + * Remove shell template (not ready yet). + + [ Robert Bays ] + * fix for bugs 3294 and 3296 + + [ Stephen Hemminger ] + * Turn off TCP SACK + * Pull in vyatta version of snmpd + + [ Mohit Mehta ] + * Fix Bug 3094 SMUX port is open to outside connections + + [ Stephen Hemminger ] + * Allow any user to be in config file + * Rework how user accounts are managed + * re-indent login script + * Add GPL license + + [ Tom Grennan ] + * add libnetaddr-ip-perl dependency + + [ Stig Thormodsrud ] + * Fix 2705: Add "clear vrrp process" command. + * Fix vrrp snoop_for_master() to also work with AH authentication. + * Make vrrp pcap filter more specific. + * Fix 3273: "show vrrp summary" output doesn't line-up when using + vlans + * Fix 3155: setting the third vrrp member with the highest priority + doesn't change (update) the backup + + [ rbalocca ] + * Add vyatta-busybox to dependencies + * Ignore derived files + + [ rbays ] + * update install-system to work with xen setup + + [ Stig Thormodsrud ] + * Fix 3251: vrrp should also send a gratuitous arp reply on master + transition + * Fix 3144: VRRP backup obtains VIP resulting in a duplicate IP + situation. + * Change dependancy from keepalived to vyatta-keepalived. + + [ rbays ] + * fix install system to use the correct kernels in grub.cfg + + [ An-Cheng Huang ] + * fix typo in rl-system.init + + [ Stephen Hemminger ] + * Move sysctl configuration to /etc/vyatta-sysctl.conf + + [ Stig Thormodsrud ] + * Set initial vrrp state based on existing state if available. + + [ rbalocca ] + * Convert to our method of changelog creation + + [ Mohit Mehta ] + * Modifications to send link up/down traps to configured trap-target + * Modifications for enabling net-snmp's interaction with quagga for + bgp, ospf and rip mib traversals + + [ Stephen Hemminger ] + * watchlink is no longer used + + [ rbalocca ] + * Pretty print the grub.cfg file + * Partitions in grub-pc now start at 1 (instead of 0) + * Update install-system to use grub-pc + * Revert "remove deprecated install scripts" + * config.boot.default is not moved to the top level repo (build- + iso.git) + + [ Mohit Mehta ] + * Fix Bug 3172 set interfaces tunnel <> key <> allowed after tunnel + creation + + [ Stig Thormodsrud ] + * Fix 3148: can't delete bridge interface + + [ Mohit Mehta ] + * Fix Bug 3164 set interfaces tunnel tun0 remote-ip <> doesn't take + effect after committing + + [ rbalocca ] + * Merge from glendale + + [ Mohit Mehta ] + * Bug 3069 Help strings should be standardized + * Bug 3069 Help strings should be standardized + * Fix Bug 3069 Help strings should be standardized + * Fix Bug 1059 Feature Request: integrate 'tcpdump' and 'tethereal' + into Vyatta CLI + + [ An-Cheng Huang ] + * fix dependencies + + [ Stephen Hemminger ] + * Allow operator to run ntpdate + + [ Mohit Mehta ] + * Fix Bug 2778 VRRP: add ability to run scripts on state transition + + [ Tom Grennan ] + * consolidate proc/sys flag settings to livecd/install hook + * remove deprecated install scripts + + [ Mohit Mehta ] + * Fix Bug 802 VRRP - add "show vrrp summary" command (TC 3.2.5.7.2) + + [ Stig Thormodsrud ] + * Add tshark dependency on vyatta-cfg-system. + + [ Stephen Hemminger ] + * Fix format of date from rl-system.init + + [ Mark O'Brien ] + + -- Mark O'Brien Tue, 17 Jun 2008 09:26:27 -0700 + +vyatta-cfg-system (0.9) unstable; urgency=low + + 3.0.5 + + + -- Mark O'Brien Tue, 06 May 2008 12:43:15 -0700 + +vyatta-cfg-system (0.8) unstable; urgency=low + + 3.0.4 + [ Mark O'Brien ] + + + [ An-Cheng Huang ] + * fix for bug 3225: only insert sudoers if not present. + + [ Stig Thormodsrud ] + * Mimic the transaction mechanism to only restart the vrrp daemon + once/commit. + + [ rbalocca ] + * config.boot.default is not moved to the top level repo (build- + iso.git) + + [ Mark O'Brien ] + + -- Mark O'Brien Mon, 05 May 2008 16:40:35 -0700 + +vyatta-cfg-system (0.7) unstable; urgency=low + + 3.0.3 + [ Mark O'Brien ] + + + [ Stephen Hemminger ] + * watchlink is no longer used + + [ rbalocca ] + * Indicate the VC4.0.2 release candidate in the changelog + + [ Mark O'Brien ] + + -- Mark O'Brien Tue, 29 Apr 2008 16:42:17 -0700 + +vyatta-cfg-system (0.6) unstable; urgency=low + + VC4.0.2 + + + -- Mark O'Brien Sat, 19 Apr 2008 11:56:03 -0700 + +vyatta-cfg-system (0.5) unstable; urgency=low + + VC4.0.2 release candidate + [ Mark O'Brien ] + + + [ Stig Thormodsrud ] + * Fix 3148: can't delete bridge interface + + [ rbalocca ] + * Remove vestigal version file from vyatta-cfg-system + + [ Mark O'Brien ] + + -- Mark O'Brien Wed, 16 Apr 2008 09:50:05 -0700 + +vyatta-cfg-system (0.4) unstable; urgency=low + + 3.0.2 + [ Mark O'Brien ] + + + [ An-Cheng Huang ] + * fix for bug 3032: rename pre-glendale config files during install- + system. + * fix for bug 3087: add proper dependency to ensure install order. + + [ Bob Gilligan ] + * Bugfix: 3021 + + [ Mark O'Brien ] + * Update version file to 3.0.1 + * 3.0.1 + + [ Michael Larson ] + * up proc limit for rmem_max to support zebra netlink buffer size + increase. + + [ Mohit Mehta ] + * Fix Bug 3027 Unable to configure SNMP community client address + + [ Robert Bays ] + * fix bug 3039 + + [ Stephen Hemminger ] + * Allow operator to run ntpdate + + [ Stig Thormodsrud ] + * Add vrrp vip addresses to watchlink exclude file. + * Fix 3086: VRRP only allows up to 20 virtual IPs + + [ rbalocca ] + * Fix debian dependencies + * Line up the colons with the one from the copyright notice (in show + version) + * Set dependencies on either bash or vyatta-bash + * Move the copyright dates over (bug 3028) + + [ Mark O'Brien ] + + -- Mark O'Brien Fri, 04 Apr 2008 18:00:34 -0700 + +vyatta-cfg-system (0.3) unstable; urgency=low + + VC4.0.1 + [ Mark O'Brien ] + + + [ An-Cheng Huang ] + * fix for bug 2083: add radius authentication support. + + [ Mark O'Brien ] + * Update version file to VC4.0.1 + + [ Mohit Mehta ] + * Fix Bug 2707 Missing from Glendale + * CLI tab enhancement at "set interfaces ethernet <> address" + + [ Robert Bays ] + * fixes for bugs 2499, 2967 + + [ Stephen Hemminger ] + * add operator and admin to linux group adm + * add option to disable root login over ssh + * fix ssh allow-root template + * put operator in operator group + * add explicit list of commands in sudoers + * don't allow illegal hostnames + * allow numbers in hostname + * allow non-root to clear nat counters + * Replace VPL with GPLv2 + * Changes for license/copyright + * Update to GPLv2 + * Move init-floppy to /opt/vyatta/sbin + * Allow operator to set date. + + [ Stig Thormodsrud ] + * Fix 2877: Bridge group can not be assiged to vif sub interfaceZ + * Fix parse error in /etc/sudoers + * Fix 2880 SNMP configuration file issues + * Fix 2695 GRE tunnel doesn't work with "key" + + [ rbalocca ] + * Fix for bug #2934 + * Fix for bug #2542 ( http://bugzilla.vyatta.com/show_bug.cgi?id=2542 + ) + * Fix for bug #2921 ( http://bugzilla.vyatta.com/show_bug.cgi?id=2921 + ) + * Revert "Fix for bug #2921 ( + http://bugzilla.vyatta.com/show_bug.cgi?id=2921 )" + * Improve the package repository template + * Fix for bug #2969 ( http://bugzilla.vyatta.com/show_bug.cgi?id=2969 + ) + * Update copyright for "show version" + + [ Mark O'Brien ] + + -- Mark O'Brien Tue, 18 Mar 2008 19:03:58 -0700 + +vyatta-cfg-system (0.2) unstable; urgency=low + + vc4.0.0 + [ Mark O'Brien ] + + + [ An-Cheng Huang ] + * clean up temp file in delete fail case + * convert templates to new syntax + * add commit check for user password + * revise the password check + * fix for bug 2768: add "dynamic" keyword to server entry. + * template cleanup and fix for bug 2785: update /etc/mailname with + hostname. + * prevent ':' in full name (separator in passwd) + * allow empty full-name + * fix for bug 2547: don't require/output ':' after "hw-id". + * fix for bug 2855: change help text + * debian's latest update to "bash" (3.1dfsg-9) broke the completion + mechanism. + * fix for bug 2764: rename user level + * use vyattacfg for config files + + [ Mark O'Brien ] + * Updated syslog help with severity information. + * Update version file to vc4.0.0 + + [ Michael Larson ] + * bump up rmem_max limit to 223232 (in conjunction with fix for zebra) + + [ Stig Thormodsrud ] + * update tunnel help strings with defaults + * add a few missing help strings + * - Fix 2745: bridge-group cost - syntax error + * Fix 2819 Plain-text authentication should be identified as such. + * Fix syntax error in "interface bridge <> priority". + + [ Tom Grennan ] + * source /etc/default/vyatta instead of configuring install-system + * remove stale CONFIG_PARTITION comments + + [ rbalocca ] + * Add version file + * Update version file to 4.0.0 + * 4.0.0 + * vyatta-cfg-system postinst was clobbering version file + * These files will be changed by autobuild-git-eureak + * Missing version file in Makefile.am + + [ Mark O'Brien ] + + -- Mark O'Brien Mon, 25 Feb 2008 17:38:40 -0800 + +vyatta-cfg-system (0.1) unstable; urgency=low + + * Initial Release. + + -- An-Cheng Huang Thu, 18 Oct 2007 11:03:18 -0700 diff --git a/scripts/vyatta-address b/scripts/vyatta-address index afe60191..072f27e6 100755 --- a/scripts/vyatta-address +++ b/scripts/vyatta-address @@ -28,10 +28,10 @@ case $1 in delete) # Get current address from interface when using DHCP if [[ "$3" = "dhcp" ]]; then - lease_file=/var/lib/dhcp3/dhclient_"$2".leases; + lease_file=/var/lib/dhcp/dhclient_"$2".leases; ip_address=$(sed -n 's/^\s\sfixed-address\s\(.*\);/\1/p' $lease_file | sed -n '$p'); elif [[ "$3" = "dhcpv6" ]]; then - lease_file=/var/lib/dhcp3/dhclient_v6_"$2".leases; + lease_file=/var/lib/dhcp/dhclient_v6_"$2".leases; ip_address=$(sed -n 's/^\s\s\s\siaaddr\s\(.*\)\s{/\1/p' $lease_file | sed -n '$p'); else ip_address=$3; diff --git a/scripts/vyatta-dhcp-helper.pl b/scripts/vyatta-dhcp-helper.pl index 40291654..6febbaf9 100644 --- a/scripts/vyatta-dhcp-helper.pl +++ b/scripts/vyatta-dhcp-helper.pl @@ -18,7 +18,7 @@ sub get_dhcp_router { if (!Vyatta::Misc::is_dhcp_enabled($dhcp_iface,0)) { return "127.0.0.1"; } - my $lease = "/var/lib/dhcp3/dhclient_${dhcp_iface}_lease"; + my $lease = "/var/lib/dhcp/dhclient_${dhcp_iface}_lease"; my $router = `grep new_routers= $lease | cut -d"'" -f2`; my @r = split(/,/, $router); $router = $r[0]; diff --git a/scripts/vyatta-dhcpv6-client.pl b/scripts/vyatta-dhcpv6-client.pl index 384d4d62..74cc4db2 100755 --- a/scripts/vyatta-dhcpv6-client.pl +++ b/scripts/vyatta-dhcpv6-client.pl @@ -98,9 +98,9 @@ GetOptions("start" => \$start_flag, die "Error: Interface name must be specified with --ifname parameter.\n" unless $ifname; -my $pidfile = "/var/lib/dhcp3/dhclient_v6_$ifname.pid"; -my $leasefile = "/var/lib/dhcp3/dhclient_v6_$ifname.leases"; -my $conffile = "/var/lib/dhcp3/dhclient_v6_$ifname.conf"; +my $pidfile = "/var/lib/dhcp/dhclient_v6_$ifname.pid"; +my $leasefile = "/var/lib/dhcp/dhclient_v6_$ifname.leases"; +my $conffile = "/var/lib/dhcp/dhclient_v6_$ifname.conf"; my $cmdname = "/sbin/dhclient"; if ($release_flag) { diff --git a/scripts/vyatta-interfaces.pl b/scripts/vyatta-interfaces.pl index d04ad395..a91a66e8 100755 --- a/scripts/vyatta-interfaces.pl +++ b/scripts/vyatta-interfaces.pl @@ -363,15 +363,15 @@ sub dhcp { unlink($release_file); } elsif ($request eq "start") { print "Starting DHCP client on $intf ...\n"; - touch("/var/lib/dhcp3/$intf"); + touch("/var/lib/dhcp/$intf"); run_dhclient($intf); } elsif ($request eq "stop") { print "Stopping DHCP client on $intf ...\n"; stop_dhclient($intf); - unlink("/var/lib/dhcp3/dhclient_$intf\_lease"); - unlink("/var/lib/dhcp3/$intf"); + unlink("/var/lib/dhcp/dhclient_$intf\_lease"); + unlink("/var/lib/dhcp/$intf"); unlink("/var/run/vyatta/dhclient/dhclient_release_$intf"); - unlink("/var/lib/dhcp3/dhclient_$intf\.conf"); + unlink("/var/lib/dhcp/dhclient_$intf\.conf"); } else { die "Unknown DHCP request: $request\n"; } diff --git a/scripts/vyatta-update-tunnel.pl b/scripts/vyatta-update-tunnel.pl index d4c652d0..de5019ab 100644 --- a/scripts/vyatta-update-tunnel.pl +++ b/scripts/vyatta-update-tunnel.pl @@ -10,7 +10,7 @@ GetOptions("interface=s" => \$iface, "tunnel=s" => \$tunnel, "option=s" => \$option ); -my $FILE_DHCP_HOOK = "/etc/dhcp3/dhclient-exit-hooks.d/tunnel-$tunnel"; +my $FILE_DHCP_HOOK = "/etc/dhcp/dhclient-exit-hooks.d/tunnel-$tunnel"; my $dhcp_hook = ''; if ($option eq 'create') { $dhcp_hook =< Date: Wed, 24 Feb 2016 07:31:02 -0500 Subject: remove reference to dmvpn.secrets and chang dmvpn.conf to swanctl.conf --- templates/interfaces/tunnel/node.tag/local-ip/node.def | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'templates') diff --git a/templates/interfaces/tunnel/node.tag/local-ip/node.def b/templates/interfaces/tunnel/node.tag/local-ip/node.def index 03d134e9..4a1cbc15 100644 --- a/templates/interfaces/tunnel/node.tag/local-ip/node.def +++ b/templates/interfaces/tunnel/node.tag/local-ip/node.def @@ -17,8 +17,7 @@ update:if ! /opt/vyatta/sbin/local_ip $VAR(@) sudo ip tunnel cha $VAR(../@) local $VAR(@) if [ -e "/opt/vyatta/sbin/dmvpn-config.pl" ]; then sudo /opt/vyatta/sbin/dmvpn-config.pl \ - --config_file='/etc/dmvpn.conf' \ - --secrets_file='/etc/dmvpn.secrets' \ + --config_file='/etc/swanctl/swanctl.conf' \ --init_script='/etc/init.d/ipsec' \ --tunnel_context --tun_id=$VAR(../@) || exit 1 fi -- cgit v1.2.3 From 250ce3efbd6b8a56c40cd329d43531ebf45e117d Mon Sep 17 00:00:00 2001 From: Kim Hagen Date: Tue, 6 Sep 2016 15:25:59 +0200 Subject: Some devices use ethernet switch chips which use 'lan' interfaces, this will add the option to also configure these in VyOS. --- sysconf/netdevice | 1 + templates/interfaces/ethernet/node.def | 16 ++++++++++++++-- 2 files changed, 15 insertions(+), 2 deletions(-) (limited to 'templates') diff --git a/sysconf/netdevice b/sysconf/netdevice index 71fc310d..43634748 100644 --- a/sysconf/netdevice +++ b/sysconf/netdevice @@ -1,6 +1,7 @@ # device name to CLI path matching lo loopback eth ethernet +lan ethernet ifb input peth pseudo-ethernet br bridge diff --git a/templates/interfaces/ethernet/node.def b/templates/interfaces/ethernet/node.def index bdbdb0d5..2af57e0a 100644 --- a/templates/interfaces/ethernet/node.def +++ b/templates/interfaces/ethernet/node.def @@ -4,13 +4,18 @@ type: txt help: Ethernet interface name allowed: /opt/vyatta/sbin/vyatta-interfaces.pl --show=ethernet val_help: ; Ethernet interface name -syntax:expression: pattern $VAR(@) "^eth[0-9]+$" \ +syntax:expression: pattern $VAR(@) "^(eth|lan)[0-9]+$" \ ; "interface ethernet $VAR(@): not a valid name" syntax:expression: exec \ "if [ ! -d /sys/class/net/$VAR(@) ]; then \ echo \"interface ethernet $VAR(@): does not exist\"; exit 1; \ + fi + + if ip link show | awk '{print $2 }' | grep -ao \"lan[0-9]@$VAR(@)\" > /dev/null 2>&1 ; then \ + echo \"interface ethernet $VAR(@): is a switch master interface and not configurable, please use 'lan' interfaces\"; + exit 1; \ fi" begin: rm -f /tmp/speed-duplex.$VAR(@) @@ -26,7 +31,14 @@ begin: rm -f /tmp/speed-duplex.$VAR(@) create: if ! cli-shell-api exists interfaces ethernet $VAR(@) disable; - then ip link set $VAR(@) up + then + case "$VAR(@)" in + *lan*) + masterint=$(ip link show $VAR(@) | awk 'NR==1{print $2 }' | grep -ao "eth[0-9]") + ip link set $masterint up + ;; + esac + ip link set $VAR(@) up fi /opt/vyatta/sbin/vyatta-link-detect $VAR(@) on -- cgit v1.2.3 From 1415826ef3805ac970e128e42fd45496dd06d497 Mon Sep 17 00:00:00 2001 From: Date: Thu, 6 Oct 2016 15:51:44 -0300 Subject: Add support for proxy-arp-pvlan for vlan interfaces Added support for proxy-arp pvlan on vif / vif-c / vif-c-s interfaces --- .../ethernet/node.tag/vif-s/node.tag/ip/proxy-arp-pvlan/node.def | 3 +++ .../node.tag/vif-s/node.tag/vif-c/node.tag/ip/proxy-arp-pvlan/node.def | 3 +++ .../ethernet/node.tag/vif/node.tag/ip/proxy-arp-pvlan/node.def | 3 +++ 3 files changed, 9 insertions(+) create mode 100644 templates/interfaces/ethernet/node.tag/vif-s/node.tag/ip/proxy-arp-pvlan/node.def create mode 100644 templates/interfaces/ethernet/node.tag/vif-s/node.tag/vif-c/node.tag/ip/proxy-arp-pvlan/node.def create mode 100644 templates/interfaces/ethernet/node.tag/vif/node.tag/ip/proxy-arp-pvlan/node.def (limited to 'templates') diff --git a/templates/interfaces/ethernet/node.tag/vif-s/node.tag/ip/proxy-arp-pvlan/node.def b/templates/interfaces/ethernet/node.tag/vif-s/node.tag/ip/proxy-arp-pvlan/node.def new file mode 100644 index 00000000..e1ab1f00 --- /dev/null +++ b/templates/interfaces/ethernet/node.tag/vif-s/node.tag/ip/proxy-arp-pvlan/node.def @@ -0,0 +1,3 @@ +help: Enable private VLAN proxy ARP on this interface +create:expression: "sudo sh -c \"echo 1 > /proc/sys/net/ipv4/conf/$VAR(../../../@).$VAR(../../@)/proxy_arp_pvlan\" " +delete:expression: "sudo sh -c \"echo 0 > /proc/sys/net/ipv4/conf/$VAR(../../../@).$VAR(../../@)/proxy_arp_pvlan\" " diff --git a/templates/interfaces/ethernet/node.tag/vif-s/node.tag/vif-c/node.tag/ip/proxy-arp-pvlan/node.def b/templates/interfaces/ethernet/node.tag/vif-s/node.tag/vif-c/node.tag/ip/proxy-arp-pvlan/node.def new file mode 100644 index 00000000..ce1dcc41 --- /dev/null +++ b/templates/interfaces/ethernet/node.tag/vif-s/node.tag/vif-c/node.tag/ip/proxy-arp-pvlan/node.def @@ -0,0 +1,3 @@ +help: Enable private VLAN proxy ARP on this interface +create:expression: "sudo sh -c \"echo 1 > /proc/sys/net/ipv4/conf/$VAR(../../../../@).$VAR(../../../@).$VAR(../../@)/proxy_arp_pvlan\" " +delete:expression: "sudo sh -c \"echo 0 > /proc/sys/net/ipv4/conf/$VAR(../../../../@).$VAR(../../../@).$VAR(../../@)/proxy_arp_pvlan\" " diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/ip/proxy-arp-pvlan/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/ip/proxy-arp-pvlan/node.def new file mode 100644 index 00000000..a6cf9494 --- /dev/null +++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/ip/proxy-arp-pvlan/node.def @@ -0,0 +1,3 @@ +help: Enable private VLAN proxy ARP on this interface +create:expression: "sudo sh -c \"echo 1 > /proc/sys/net/ipv4/conf/$VAR(../../@)/proxy_arp_pvlan\" " +delete:expression: "sudo sh -c \"echo 0 > /proc/sys/net/ipv4/conf/$VAR(../../@)/proxy_arp_pvlan\" " -- cgit v1.2.3 From 1f52ca7fceabea209f13a2d95deed5cb2330aaae Mon Sep 17 00:00:00 2001 From: Diego Garcia del Rio Date: Thu, 6 Oct 2016 16:02:53 -0300 Subject: fix path for fiv pvlan command --- .../ethernet/node.tag/vif/node.tag/ip/proxy-arp-pvlan/node.def | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'templates') diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/ip/proxy-arp-pvlan/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/ip/proxy-arp-pvlan/node.def index a6cf9494..49bec357 100644 --- a/templates/interfaces/ethernet/node.tag/vif/node.tag/ip/proxy-arp-pvlan/node.def +++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/ip/proxy-arp-pvlan/node.def @@ -1,3 +1,3 @@ help: Enable private VLAN proxy ARP on this interface -create:expression: "sudo sh -c \"echo 1 > /proc/sys/net/ipv4/conf/$VAR(../../@)/proxy_arp_pvlan\" " -delete:expression: "sudo sh -c \"echo 0 > /proc/sys/net/ipv4/conf/$VAR(../../@)/proxy_arp_pvlan\" " +create:expression: "sudo sh -c \"echo 1 > /proc/sys/net/ipv4/conf/$VAR(../../../@).$VAR(../../@)/proxy_arp_pvlan\" " +delete:expression: "sudo sh -c \"echo 0 > /proc/sys/net/ipv4/conf/$VAR(../../../@).$VAR(../../@)/proxy_arp_pvlan\" " -- cgit v1.2.3 From 4a03838ea877a3a867b283ba85956795e769d563 Mon Sep 17 00:00:00 2001 From: brennen Date: Mon, 21 Nov 2016 10:59:44 -0800 Subject: Add flag for DNSmasq to query all dns servers. This feature, when used properly, can massively increase DNS performance. See: http://ma.ttwagner.com/make-dns-fly-with-dnsmasq-all-servers/ --- scripts/dns-forwarding/vyatta-dns-forwarding.pl | 4 ++++ templates/service/dns/forwarding/query-all-servers/node.def | 1 + 2 files changed, 5 insertions(+) create mode 100644 templates/service/dns/forwarding/query-all-servers/node.def (limited to 'templates') diff --git a/scripts/dns-forwarding/vyatta-dns-forwarding.pl b/scripts/dns-forwarding/vyatta-dns-forwarding.pl index 46e038b5..807afa28 100755 --- a/scripts/dns-forwarding/vyatta-dns-forwarding.pl +++ b/scripts/dns-forwarding/vyatta-dns-forwarding.pl @@ -95,6 +95,10 @@ sub dnsforwarding_get_values { $output .= "cache-size=$cache_size\n"; } + if (defined $query_all_servers) { + $output .= "all-servers\n"; + } + if (defined $ignore_hosts_file) { $output .= "no-hosts\n"; } diff --git a/templates/service/dns/forwarding/query-all-servers/node.def b/templates/service/dns/forwarding/query-all-servers/node.def new file mode 100644 index 00000000..90e8e7ec --- /dev/null +++ b/templates/service/dns/forwarding/query-all-servers/node.def @@ -0,0 +1 @@ +help: Query all DNS servers, respond and cache fastest result -- cgit v1.2.3 From 689c132a3f97a2f260ca765330869a81292be217 Mon Sep 17 00:00:00 2001 From: Helge Sychla Date: Fri, 3 Feb 2017 15:10:23 +0100 Subject: Allow full integer range for GRE tunnel key Fixes T262 modified: templates/interfaces/tunnel/node.tag/parameters/ip/key/node.def --- templates/interfaces/tunnel/node.tag/parameters/ip/key/node.def | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'templates') diff --git a/templates/interfaces/tunnel/node.tag/parameters/ip/key/node.def b/templates/interfaces/tunnel/node.tag/parameters/ip/key/node.def index b9ed181e..1142d2de 100644 --- a/templates/interfaces/tunnel/node.tag/parameters/ip/key/node.def +++ b/templates/interfaces/tunnel/node.tag/parameters/ip/key/node.def @@ -1,8 +1,8 @@ type: u32 help: Tunnel key -syntax:expression: $VAR(@) >= 0 && $VAR(@) <= 999999; \ - "Must be between 0-999999 for $VAR(../../../@)" -val_help: u32:0-999999; Tunnel key +syntax:expression: $VAR(@) >= 0 && $VAR(@) <= 4294967295; \ + "Must be between 0-4294967295 for $VAR(../../../@)" +val_help: u32:0-4294967295; Tunnel key syntax:expression: exec " \ if [ -n \"`ip tunnel show $VAR(../../../@) | grep $VAR(../../../@) `\" ]; then \ -- cgit v1.2.3 From d4b1e8ae5fd681f809f7ae92947269767315447a Mon Sep 17 00:00:00 2001 From: Kim Date: Fri, 24 Feb 2017 22:32:17 +0100 Subject: Update priority to load l2tpv3 in bridge-group with loopback address as local ip --- templates/interfaces/l2tpv3/node.def | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'templates') diff --git a/templates/interfaces/l2tpv3/node.def b/templates/interfaces/l2tpv3/node.def index fb3d1475..4fce9536 100644 --- a/templates/interfaces/l2tpv3/node.def +++ b/templates/interfaces/l2tpv3/node.def @@ -1,5 +1,5 @@ tag: -priority: 460 +priority: 800 type: txt help: L2TPv3 interface val_help: ; L2TPv3 interface name -- cgit v1.2.3 From 5ffc3d04434de0e463393c8e6d624072990c6a7e Mon Sep 17 00:00:00 2001 From: Kim Hagen Date: Thu, 27 Apr 2017 16:38:52 +0200 Subject: snmpd would not start when V3 was configured Updated all snmpd daemon commands to systemd type. --- scripts/snmp/vyatta-snmp-v3.pl | 19 ++++++++++--------- scripts/snmp/vyatta-snmp.pl | 11 ++++++----- templates/service/snmp/node.def | 2 +- 3 files changed, 17 insertions(+), 15 deletions(-) (limited to 'templates') diff --git a/scripts/snmp/vyatta-snmp-v3.pl b/scripts/snmp/vyatta-snmp-v3.pl index 5cd1ab87..a2d738eb 100755 --- a/scripts/snmp/vyatta-snmp-v3.pl +++ b/scripts/snmp/vyatta-snmp-v3.pl @@ -27,7 +27,10 @@ use Socket; use Socket6; my $snmp_v3_level = 'service snmp v3'; -my $snmp_init = 'invoke-rc.d snmpd'; +my $snmp_restart = 'systemctl restart snmpd.service'; +my $snmp_stop = 'systemctl stop snmpd.service'; +my $snmp_start = 'systemctl start snmpd.service'; +my $snmp_reload = 'systemctl reload snmpd.service'; my $snmpd_conf = '/etc/snmp/snmpd.conf'; my $snmpd_usr_conf = '/usr/share/snmp/snmpd.conf'; my $snmpd_var_conf = '/var/lib/snmp/snmpd.conf'; @@ -35,7 +38,7 @@ my $snmpd_conf_tmp = "/tmp/snmpd.conf.$$"; my $snmpd_usr_conf_tmp = "/tmp/snmpd.usr.conf.$$"; my $snmpd_var_conf_tmp = "/tmp/snmpd.var.conf.$$"; my $versionfile = '/opt/vyatta/etc/version'; -my $local_agent = 'unix:/var/run/snmpd.socket'; +my $local_agent = 'unix:/run/snmpd.socket'; my $oldEngineID = ""; my $setserialno = ""; @@ -53,7 +56,7 @@ sub randhex { } sub snmpd_running { - open( my $pidf, '<', "/var/run/snmpd.pid" ) + open( my $pidf, '<', "/run/snmpd.pid" ) or return; my $pid = <$pidf>; close $pidf; @@ -77,9 +80,7 @@ sub check_snmp_exit_code { } sub snmpd_stop { - system( -"start-stop-daemon --stop --exec /usr/sbin/snmpd --oknodo -R 2 > /dev/null 2>&1" - ); + system("$snmp_stop > /dev/null 2>&1"); if ( check_snmp_exit_code($?) ) { print "ERROR: Can not stop snmpd!\n"; exit(1); @@ -87,7 +88,7 @@ sub snmpd_stop { } sub snmpd_start { - system("$snmp_init start > /dev/null 2>&1"); + system("$snmp_start > /dev/null 2>&1"); if ( check_snmp_exit_code($?) ) { print "ERROR: Can not start snmpd!\n"; exit(1); @@ -95,7 +96,7 @@ sub snmpd_start { } sub snmpd_update { - system("$snmp_init reload > /dev/null 2>&1"); + system("$snmp_reload > /dev/null 2>&1"); if ( check_snmp_exit_code($?) ) { print "ERROR: Can not reload snmpd!\n"; exit(1); @@ -103,7 +104,7 @@ sub snmpd_update { } sub snmpd_restart { - system("$snmp_init restart > /dev/null 2>&1"); + system("$snmp_restart > /dev/null 2>&1"); if ( check_snmp_exit_code($?) ) { print "ERROR: Can not restart snmpd!\n"; exit(1); diff --git a/scripts/snmp/vyatta-snmp.pl b/scripts/snmp/vyatta-snmp.pl index 90f710e8..d744f2ad 100755 --- a/scripts/snmp/vyatta-snmp.pl +++ b/scripts/snmp/vyatta-snmp.pl @@ -36,20 +36,21 @@ use Socket; use Socket6; my $mibdir = '/opt/vyatta/share/snmp/mibs'; -my $snmp_init = 'invoke-rc.d snmpd'; +my $snmp_start = 'systemctl start snmpd.service'; +my $snmp_stop = 'systemctl stop snmpd.service'; my $snmp_conf = '/etc/snmp/snmpd.conf'; my $snmp_client = '/etc/snmp/snmp.conf'; my $snmp_tmp = "/tmp/snmpd.conf.$$"; my $snmp_snmpv3_user_conf = '/usr/share/snmp/snmpd.conf'; my $snmp_snmpv3_createuser_conf = '/var/lib/snmp/snmpd.conf'; my $versionfile = '/opt/vyatta/etc/version'; -my $local_agent = 'unix:/var/run/snmpd.socket'; +my $local_agent = 'unix:/run/snmpd.socket'; my $password_file = '/config/snmp/superuser_pass'; my $snmp_level = 'service snmp'; sub snmp_running { - open (my $pidf, '<', "/var/run/snmpd.pid") + open (my $pidf, '<', "/run/snmpd.pid") or return; my $pid = <$pidf>; close $pidf; @@ -61,12 +62,12 @@ sub snmp_running { } sub snmp_stop { - system("$snmp_init stop > /dev/null 2>&1"); + system("$snmp_stop > /dev/null 2>&1"); } sub snmp_start { # we must stop snmpd first for creating vyatta user - system("$snmp_init stop > /dev/null 2>&1"); + system("$snmp_stop > /dev/null 2>&1"); open (my $fh, '>', $snmp_tmp) or die "Couldn't open $snmp_tmp - $!"; diff --git a/templates/service/snmp/node.def b/templates/service/snmp/node.def index 9fb161dc..7c8c372b 100644 --- a/templates/service/snmp/node.def +++ b/templates/service/snmp/node.def @@ -22,6 +22,6 @@ end:if [ -f "/tmp/snmp.$PPID" ] then sudo /opt/vyatta/sbin/vyatta-snmp-v3.pl --update-snmp; else - sudo invoke-rc.d snmpd start > /dev/null 2>&1; + sudo systemctl start snmpd.service > /dev/null 2>&1; fi fi -- cgit v1.2.3 From 23fab8056330696c4aa26ba0ac7ded5dc405cb90 Mon Sep 17 00:00:00 2001 From: Ewald van Geffen Date: Sat, 29 Apr 2017 23:04:55 +0200 Subject: T167: "set service ssh allow-root" does not function --- templates/service/ssh/allow-root/node.def | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'templates') diff --git a/templates/service/ssh/allow-root/node.def b/templates/service/ssh/allow-root/node.def index c1e6abf2..2f8e4354 100644 --- a/templates/service/ssh/allow-root/node.def +++ b/templates/service/ssh/allow-root/node.def @@ -1,5 +1,5 @@ help: Enable root login over ssh -create: sudo sed -i -e '/^PermitRootLogin/s/no/yes/' /etc/ssh/sshd_config +create: sudo sed -i -e '/^PermitRootLogin/s/no\|without-password\|yes/yes/' /etc/ssh/sshd_config -delete: sudo sed -i -e '/^PermitRootLogin/s/yes/no/' /etc/ssh/sshd_config +delete: sudo sed -i -e '/^PermitRootLogin/s/no\|without-password\|yes/no/' /etc/ssh/sshd_config -- cgit v1.2.3 From 11fffae1e985ed22d3ab6c437413e8c999b27ea9 Mon Sep 17 00:00:00 2001 From: Daniil Baturin Date: Thu, 12 Oct 2017 07:57:16 +0200 Subject: T198: fix typos in the l2tpv3 script. Thanks to Thomas Courbon! --- templates/interfaces/l2tpv3/node.def | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'templates') diff --git a/templates/interfaces/l2tpv3/node.def b/templates/interfaces/l2tpv3/node.def index 4fce9536..03c677ad 100644 --- a/templates/interfaces/l2tpv3/node.def +++ b/templates/interfaces/l2tpv3/node.def @@ -48,9 +48,9 @@ create: delete: ip link set $VAR(@) down - if [ -n "$VAR(./tunnel-id@/)" ] && [ -n "$VAR(./session-id@/)" ] ; then + if [ -n "$VAR(./tunnel-id/@)" ] && [ -n "$VAR(./session-id/@)" ] ; then ip l2tp del session $VAR(./tunnel-id/@) session_id $VAR(./session-id/@) fi - if [ -n "$VAR(./tunnel-id@/)" ] ; then + if [ -n "$VAR(./tunnel-id/@)" ] ; then ip l2tp del tunnel tunnel_id $VAR(./tunnel-id/@) fi -- cgit v1.2.3 From 5d1cc381b7fe904d0fd21941607b742d4d071206 Mon Sep 17 00:00:00 2001 From: Marcel Gisselmann Date: Wed, 18 Oct 2017 13:10:56 +0200 Subject: Add ecc support to openssh --- scripts/vyatta-load-user-key.pl | 4 ++-- .../user/node.tag/authentication/public-keys/node.tag/type/node.def | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) (limited to 'templates') diff --git a/scripts/vyatta-load-user-key.pl b/scripts/vyatta-load-user-key.pl index 5c34b6ab..651a08b1 100755 --- a/scripts/vyatta-load-user-key.pl +++ b/scripts/vyatta-load-user-key.pl @@ -103,7 +103,7 @@ sub geturl { sub validate_keytype { my ($keytype) = @_; - if ($keytype eq 'ssh-rsa' || $keytype eq 'ssh-dss') { + if ($keytype eq 'ssh-rsa' || $keytype eq 'ssh-dss' || $keytype eq 'ecdsa-sha2-nistp256' || $keytype eq 'ecdsa-sha2-nistp384' || $keytype eq 'ecdsa-sha2-nistp521' || $keytype eq 'ssh-ed25519') { return 1; } return 0; @@ -135,7 +135,7 @@ sub getkeys { my $comment; $comment = join(' ', @fields); - die "Unknown key type $keytype : must be ssh-rsa or ssh-dss\n" + die "Unknown key type $keytype : must be one of ssh-rsa, ssh-dss, ecdsa-sha2-nistp* or ssh-ed25519\n" unless validate_keytype $keytype; my $cmd diff --git a/templates/system/login/user/node.tag/authentication/public-keys/node.tag/type/node.def b/templates/system/login/user/node.tag/authentication/public-keys/node.tag/type/node.def index 5ad1c58b..bf789e06 100644 --- a/templates/system/login/user/node.tag/authentication/public-keys/node.tag/type/node.def +++ b/templates/system/login/user/node.tag/authentication/public-keys/node.tag/type/node.def @@ -1,4 +1,4 @@ type: txt help: Public key type -allowed: echo "ssh-dss ssh-rsa" -syntax:expression: $VAR(@) in "ssh-rsa", "ssh-dss" ; "Unknown key type" +allowed: echo "ssh-dss ssh-rsa ecdsa-sha2-nistp256 ecdsa-sha2-nistp384 ecdsa-sha2-nistp521 ssh-ed25519" +syntax:expression: $VAR(@) in "ssh-rsa", "ssh-dss", "ecdsa-sha2-nistp256", "ecdsa-sha2-nistp384", "ecdsa-sha2-nistp521", "ssh-ed25519"; "Unknown key type" -- cgit v1.2.3 From f7e60e7beb90b193aebd2edf43a5cbd7cc1b475d Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Thu, 2 Nov 2017 16:58:39 +0100 Subject: T437: Fixed system option "Ctrl-Alt-Delete action" broken --- debian/vyatta-cfg-system.postinst.in | 2 +- templates/system/options/ctrl-alt-del-action/node.def | 16 ++++++++-------- 2 files changed, 9 insertions(+), 9 deletions(-) (limited to 'templates') diff --git a/debian/vyatta-cfg-system.postinst.in b/debian/vyatta-cfg-system.postinst.in index 8888aa60..60ed8eeb 100755 --- a/debian/vyatta-cfg-system.postinst.in +++ b/debian/vyatta-cfg-system.postinst.in @@ -188,7 +188,7 @@ if [ -e /etc/default/mdadm ]; then fi # Disable reboot on ctrl-alt-delete -sed -i -e '/^ca/s/\/sbin\/shutdown .*$/\/bin\/echo "Ctrl\-Alt\-Del disabled."/' /etc/inittab +ln -sf /dev/null /lib/systemd/system/ctrl-alt-del.target # remove unnecessary ddclient script in /etc/ppp/ip-up.d/ # this logs unnecessary messages trying to start ddclient diff --git a/templates/system/options/ctrl-alt-del-action/node.def b/templates/system/options/ctrl-alt-del-action/node.def index 3bbf2a81..a853b151 100644 --- a/templates/system/options/ctrl-alt-del-action/node.def +++ b/templates/system/options/ctrl-alt-del-action/node.def @@ -12,15 +12,15 @@ syntax:expression: $VAR(@) in "ignore", "reboot", "poweroff"; "Value must be ign end: if [ $VAR(@) == "ignore" ]; then - sudo sh -c "sed -i -e 's/^ca.*/ca:12345:ctrlaltdel:/' \ - /etc/inittab" + sudo sh -c "ln -sf /dev/null \ + /lib/systemd/system/ctrl-alt-del.target" elif [ $VAR(@) == "reboot" ]; then - sudo sh -c "sed -i -e 's/^ca.*/ca:12345:ctrlaltdel:\/sbin\/reboot/' \ - /etc/inittab" + sudo sh -c "ln -sf /lib/systemd/system/reboot.target \ + /lib/systemd/system/ctrl-alt-del.target" elif [ $VAR(@) == "poweroff" ]; then - sudo sh -c "sed -i -e 's/^ca.*/ca:12345:ctrlaltdel:\/sbin\/shutdown -h now/' \ - /etc/inittab" + sudo sh -c "ln -sf /lib/systemd/system/poweroff.target \ + /lib/systemd/system/ctrl-alt-del.target" fi - # Reload /etc/inittab for change to take effect - sudo /sbin/init q + # Reload systemd daemon for change to take effect + sudo /bin/systemctl daemon-reload -- cgit v1.2.3 From 890dda04895996e19cb579a322c979d410d7757d Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Thu, 2 Nov 2017 17:14:39 +0100 Subject: T438: Remove long broken popularity contest --- templates/system/options/enable-popularity-contest/node.def | 9 --------- 1 file changed, 9 deletions(-) delete mode 100644 templates/system/options/enable-popularity-contest/node.def (limited to 'templates') diff --git a/templates/system/options/enable-popularity-contest/node.def b/templates/system/options/enable-popularity-contest/node.def deleted file mode 100644 index 3f048352..00000000 --- a/templates/system/options/enable-popularity-contest/node.def +++ /dev/null @@ -1,9 +0,0 @@ -help: Send anonymous system statistic to VyOS maintainers - -create: - sudo sh -c 'echo "#!/bin/sh" > /etc/cron.weekly/01vyos-popcon' - sudo sh -c 'echo "/opt/vyatta/bin/vyos-popcon.pl 2>&1 >/var/log/popcon.log" >> /etc/cron.weekly/01vyos-popcon' - sudo sh -c 'chmod +x /etc/cron.weekly/01vyos-popcon' - -delete: - sudo rm -f /etc/cron.weekly/01vyos-popcon -- cgit v1.2.3 From 8917a36fc2384efc4fbe41ca4578d7f4191bf6d5 Mon Sep 17 00:00:00 2001 From: Daniil Baturin Date: Sat, 4 Nov 2017 04:14:37 +0100 Subject: T444: missing keyword in ip l2tp del command. --- templates/interfaces/l2tpv3/node.def | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'templates') diff --git a/templates/interfaces/l2tpv3/node.def b/templates/interfaces/l2tpv3/node.def index 03c677ad..973256bf 100644 --- a/templates/interfaces/l2tpv3/node.def +++ b/templates/interfaces/l2tpv3/node.def @@ -49,7 +49,7 @@ create: delete: ip link set $VAR(@) down if [ -n "$VAR(./tunnel-id/@)" ] && [ -n "$VAR(./session-id/@)" ] ; then - ip l2tp del session $VAR(./tunnel-id/@) session_id $VAR(./session-id/@) + ip l2tp del session tunnel_id $VAR(./tunnel-id/@) session_id $VAR(./session-id/@) fi if [ -n "$VAR(./tunnel-id/@)" ] ; then ip l2tp del tunnel tunnel_id $VAR(./tunnel-id/@) -- cgit v1.2.3 From 7ddab704b12dc447a2d8e2acb9178a0d90f63b78 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sat, 9 Dec 2017 15:28:24 +0100 Subject: T414: Remove 'telnet' service Telnet remote logins have been deprecated for decades. As Debian 'jessie' busybox no longer has a telnetd applet, this service is no longer available. --- Makefile.am | 1 - debian/changelog | 6 ++ scripts/system/vyatta_update_telnet | 84 ------------------------ templates/service/telnet/allow-root/node.def | 3 - templates/service/telnet/listen-address/node.def | 7 -- templates/service/telnet/node.def | 8 --- templates/service/telnet/port/node.def | 9 --- 7 files changed, 6 insertions(+), 112 deletions(-) delete mode 100755 scripts/system/vyatta_update_telnet delete mode 100644 templates/service/telnet/allow-root/node.def delete mode 100644 templates/service/telnet/listen-address/node.def delete mode 100644 templates/service/telnet/node.def delete mode 100644 templates/service/telnet/port/node.def (limited to 'templates') diff --git a/Makefile.am b/Makefile.am index 169df296..9dfc957c 100644 --- a/Makefile.am +++ b/Makefile.am @@ -56,7 +56,6 @@ sbin_SCRIPTS += scripts/system/vyatta_update_sysctl.pl sbin_SCRIPTS += scripts/system/vyatta_update_syslog.pl sbin_SCRIPTS += scripts/system/vyatta_update_console.pl sbin_SCRIPTS += scripts/system/vyatta_update_ntp.pl -sbin_SCRIPTS += scripts/system/vyatta_update_telnet sbin_SCRIPTS += scripts/system/irq-affinity.pl sbin_SCRIPTS += scripts/snmp/vyatta-snmp.pl sbin_SCRIPTS += scripts/snmp/vyatta-snmp-v3.pl diff --git a/debian/changelog b/debian/changelog index 2d7dc77f..8d4ebc05 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +vyatta-cfg-system (0.20.44+vyos2+current4) unstable; urgency=medium + + * T414: Remove telnetd service + + -- Christian Poessinger Sat, 09 Dec 2017 15:29:45 +0100 + vyatta-cfg-system (0.20.44+vyos2+current3) unstable; urgency=medium [ Kim Hagen ] diff --git a/scripts/system/vyatta_update_telnet b/scripts/system/vyatta_update_telnet deleted file mode 100755 index f50eef79..00000000 --- a/scripts/system/vyatta_update_telnet +++ /dev/null @@ -1,84 +0,0 @@ -#! /bin/bash -# Script to control telnet daemon parameters -# and block changes when logged in over telnet - -# Block changes to telnet daemon when logged in over telnet -pid=$(who -um | awk -F " " '{print $7}') -if [ -n "$pid" ]; then - if ps --pid $(ps --pid $pid -o ppid=) -o cmd= | grep -q telnetd - then - echo "Please configure telnet settings via ssh or console." - exit 1 - fi -fi - -usage() { - echo "Usage: $0 enable " - echo " $0 disable" - echo " $0 allow-root {true|false}" - exit 1; -} - -allow-root() { - case "$1" in - true) ;; - false) ;; - *) echo "Expect true or false" - usage ;; - esac - - sudo sed -i -e '/^# Pseudo-terminal (telnet)/,$d' /etc/securetty - - if [ $1 = "false" ]; then - return - fi - - sudo sh -c "cat >>/etc/securetty" < 0 && $VAR(@) <= 65535 ; \ - "Port number must be in range 1 to 65535" -commit:expression: exec "sudo /opt/vyatta/sbin/is_port_available.pl $VAR(@)"; \ - "Port $VAR(@) is already in use!" -- cgit v1.2.3 From 9703bda9c3e6d7172851ba4420679364fb3e62f0 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Thu, 28 Dec 2017 00:39:54 +0100 Subject: T297: Fix DNS Forwarding server does not allow IPv6 address in name-server --- debian/changelog | 6 ++++++ templates/service/dns/forwarding/name-server/node.def | 6 ++++-- 2 files changed, 10 insertions(+), 2 deletions(-) (limited to 'templates') diff --git a/debian/changelog b/debian/changelog index d1169cde..0675e402 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +vyatta-cfg-system (0.20.44+vyos2+current7) unstable; urgency=medium + + * T297: Fix DNS Forwarding server does not allow IPv6 address in name-server + + -- Christian Poessinger Thu, 28 Dec 2017 00:39:04 +0100 + vyatta-cfg-system (0.20.44+vyos2+current6) unstable; urgency=medium * T496: remove diagnostic partition for RAID1 installs diff --git a/templates/service/dns/forwarding/name-server/node.def b/templates/service/dns/forwarding/name-server/node.def index 3ed4c459..ac7e45b6 100644 --- a/templates/service/dns/forwarding/name-server/node.def +++ b/templates/service/dns/forwarding/name-server/node.def @@ -1,3 +1,5 @@ multi: -type: ipv4 -help: DNS server to forward queries +type: ipv4,ipv6 +help: Domain Name Server (DNS) +val_help: ipv4; Domain Name Server (DNS) address +val_help: ipv6; Domain Name Server (DNS) address -- cgit v1.2.3 From 9177a5ac53f02dfd321d4068105cb74d562e12de Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sun, 31 Dec 2017 15:33:03 +0100 Subject: T507: fix regex to avoid multiple MAC lines in sshd_config --- templates/service/ssh/macs/node.def | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'templates') diff --git a/templates/service/ssh/macs/node.def b/templates/service/ssh/macs/node.def index ee6c60e1..f9bf4176 100644 --- a/templates/service/ssh/macs/node.def +++ b/templates/service/ssh/macs/node.def @@ -1,10 +1,11 @@ type: txt -help: Specifies the available MAC (message authentication code) algorithms. The MAC algorithm is used in protocol version 2 for data integrity protection. Multiple algorithms must be comma-separated. See 'man sshd_config' for supported MACs. +help: Allowed message authentication algorithms +comp_help: Specifies the available MAC (message authentication code) algorithms. The MAC algorithm is used in protocol version 2 for data integrity protection. Multiple algorithms must be comma-separated. See 'ssh -Q mac' for supported MACs. create: sudo sed -i -e '$ a \ MACs $VAR(@)' /etc/ssh/sshd_config delete: sudo sed -i -e '/^MACs $VAR(@)$/d' /etc/ssh/sshd_config -update: sudo sed -i -e '/^MACs/c \ -MACs $VAR(@)' /etc/ssh/sshd_config \ No newline at end of file +update: sudo sed -i -e '/^MACs.*$/c \ +MACs $VAR(@)' /etc/ssh/sshd_config -- cgit v1.2.3 From fd332e6dd8e155d0e73ad8264b75f681b82089f8 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sun, 31 Dec 2017 15:33:34 +0100 Subject: T507: fix regex to avoid multiple Cipher lines in sshd_config --- templates/service/ssh/ciphers/node.def | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'templates') diff --git a/templates/service/ssh/ciphers/node.def b/templates/service/ssh/ciphers/node.def index 7eab846e..0394b8e4 100644 --- a/templates/service/ssh/ciphers/node.def +++ b/templates/service/ssh/ciphers/node.def @@ -25,5 +25,5 @@ Ciphers $VAR(@)' /etc/ssh/sshd_config delete: sudo sed -i -e '/^Ciphers $VAR(@)$/d' /etc/ssh/sshd_config -update: sudo sed -i -e '/^Ciphers/c \ +update: sudo sed -i -e '/^Ciphers.*$/c \ Ciphers $VAR(@)' /etc/ssh/sshd_config -- cgit v1.2.3 From 39c3c6b0cb5a2b34cadcad857bc70577f1fefba3 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sun, 31 Dec 2017 15:33:56 +0100 Subject: T507: Add new OpenSSH ciphers --- templates/service/ssh/ciphers/node.def | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) (limited to 'templates') diff --git a/templates/service/ssh/ciphers/node.def b/templates/service/ssh/ciphers/node.def index 0394b8e4..b5e5af68 100644 --- a/templates/service/ssh/ciphers/node.def +++ b/templates/service/ssh/ciphers/node.def @@ -1,21 +1,26 @@ type: txt help: Allowed ciphers val_help: txt; Cipher string -val_help: 3des-cbc; 3DES CBC +val_help: aes128-gcm@openssh.com; AES 128 GCM +val_help: aes256-gcm@openssh.com; AES 256 GCM +val_help: chacha20-poly1305@openssh.com; ChaCha20 Poly1305 +val_help: 3des-cbc; 3DES CBC (weak) val_help: aes128-cbc; AES 128 CBC val_help: aes192-cbc; AES 192 CBC val_help: aes256-cbc; AES 256 CBC val_help: aes128-ctr; AES 128 CTR val_help: aes192-ctr; AES 192 CTR val_help: aes256-ctr; AES 256 CTR -val_help: arcfour128; AC4 128 -val_help: arcfour256; AC4 256 -val_help: arcfour; AC4 +val_help: arcfour128; AC4 128 (broken) +val_help: arcfour256; AC4 256 (broken) +val_help: arcfour; AC4 (broken) val_help: blowfish-cbc; Blowfish CBC val_help: cast128-cbc; CAST 128 CBC comp_help: Multiple ciphers can be specified as a comma-separated list. -syntax:expression: pattern $VAR(@) "^((3des-cbc|aes128-cbc|aes192-cbc|aes256-cbc|aes128-ctr|aes192-ctr|\ +syntax:expression: pattern $VAR(@) "^((aes128-gcm@openssh.com|\ +aes256-gcm@openssh.com|chacha20-poly1305@openssh.com|\ +3des-cbc|aes128-cbc|aes192-cbc|aes256-cbc|aes128-ctr|aes192-ctr|\ aes256-ctr|arcfour128|arcfour256|arcfour|\ blowfish-cbc|cast128-cbc)(,|$))+$"; \ "$VAR(@) is not a valid cipher list" -- cgit v1.2.3 From ed9ab6155a9ae94a9b9bb214c42fb8dad6dfbf04 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sun, 31 Dec 2017 15:34:42 +0100 Subject: T507: Add support for key exchange algorithms --- templates/service/ssh/key-exchange/node.def | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 templates/service/ssh/key-exchange/node.def (limited to 'templates') diff --git a/templates/service/ssh/key-exchange/node.def b/templates/service/ssh/key-exchange/node.def new file mode 100644 index 00000000..a3c91b0b --- /dev/null +++ b/templates/service/ssh/key-exchange/node.def @@ -0,0 +1,11 @@ +type: txt +help: Allowed key exchange algorithms +comp_help: Specifies the available KEX (key exchange) algorithms. The KEX algorithm is used in protocol version 2 for key negotiation upon session creation. Multiple algorithms must be comma-separated. See 'ssh -Q kex' for supported KEX algorithms. + +create: sudo sed -i -e '$ a \ +KexAlgorithms $VAR(@)' /etc/ssh/sshd_config + +delete: sudo sed -i -e '/^KexAlgorithms $VAR(@)$/d' /etc/ssh/sshd_config + +update: sudo sed -i -e '/^KexAlgorithms.*$/c \ +KexAlgorithms $VAR(@)' /etc/ssh/sshd_config -- cgit v1.2.3 From 6f63930251beed98bb6d20567631db235dab1d16 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sun, 31 Dec 2017 15:35:29 +0100 Subject: T507: Add support for SSHd loglevel configuration --- templates/service/ssh/loglevel/node.def | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100644 templates/service/ssh/loglevel/node.def (limited to 'templates') diff --git a/templates/service/ssh/loglevel/node.def b/templates/service/ssh/loglevel/node.def new file mode 100644 index 00000000..f66ec068 --- /dev/null +++ b/templates/service/ssh/loglevel/node.def @@ -0,0 +1,19 @@ +type: txt +help: Log Level +val_help: QUIET; stay silent +val_help: FATAL; log fatals only +val_help: ERROR; log errors and fatals only +val_help: INFO; default log level +val_help: VERBOSE; enable logging of failed login attempts +comp_help: Gives the verbosity level that is used when logging messages from sshd(8). The default is INFO. + +syntax:expression: pattern $VAR(@) "^((QUIET|FATAL|ERROR|INFO|VERBOSE)(,|$))+$"; \ +"$VAR(@) is not a valid log level" + +create: sudo sed -i -e '/^LogLevel.*$/c \ +LogLevel $VAR(@)' /etc/ssh/sshd_config + +delete: sudo sed -i -e '/^LogLevel $VAR(@)$/d' /etc/ssh/sshd_config + +update: sudo sed -i -e '/^LogLevel.*$/c \ +LogLevel $VAR(@)' /etc/ssh/sshd_config -- cgit v1.2.3 From 33346b68ed7155478fd435af963c2eeaf63a5f8a Mon Sep 17 00:00:00 2001 From: Alain Lamar Date: Mon, 1 Jan 2018 12:43:23 +0100 Subject: T122: Add config nodes for user/group access controls in sshd_config --- templates/service/ssh/allow-groups/node.def | 11 +++++++++++ templates/service/ssh/allow-users/node.def | 11 +++++++++++ templates/service/ssh/deny-groups/node.def | 11 +++++++++++ templates/service/ssh/deny-users/node.def | 11 +++++++++++ templates/service/ssh/sshd-option/node.def | 8 ++++++++ 5 files changed, 52 insertions(+) create mode 100644 templates/service/ssh/allow-groups/node.def create mode 100644 templates/service/ssh/allow-users/node.def create mode 100644 templates/service/ssh/deny-groups/node.def create mode 100644 templates/service/ssh/deny-users/node.def create mode 100644 templates/service/ssh/sshd-option/node.def (limited to 'templates') diff --git a/templates/service/ssh/allow-groups/node.def b/templates/service/ssh/allow-groups/node.def new file mode 100644 index 00000000..2d6aa75b --- /dev/null +++ b/templates/service/ssh/allow-groups/node.def @@ -0,0 +1,11 @@ +type: txt +help: Configure sshd_config access control for allowed groups. +comp_help: The SSH user and group access control directives (allow/deny) are processed in the following order: DenyUsers, AllowUsers, DenyGroups, and finally AllowGroups. Multiple groups can be specified as a comma-separated list. + +create: sudo sed -i -e '$ a \ +AllowGroups $VAR(@)' /etc/ssh/sshd_config + +delete: sudo sed -i -e '/^AllowGroups $VAR(@)$/d' /etc/ssh/sshd_config + +update: sudo sed -i -e '/^AllowGroups.*$/c \ +AllowGroups $VAR(@)' /etc/ssh/sshd_config diff --git a/templates/service/ssh/allow-users/node.def b/templates/service/ssh/allow-users/node.def new file mode 100644 index 00000000..2052bf69 --- /dev/null +++ b/templates/service/ssh/allow-users/node.def @@ -0,0 +1,11 @@ +type: txt +help: Configure sshd_config access control for allowed users. +comp_help: The SSH user and group access control directives (allow/deny) are processed in the following order: DenyUsers, AllowUsers, DenyGroups, and finally AllowGroups. Multiple users can be specified as a comma-separated list. + +create: sudo sed -i -e '$ a \ +AllowUsers $VAR(@)' /etc/ssh/sshd_config + +delete: sudo sed -i -e '/^AllowUsers $VAR(@)$/d' /etc/ssh/sshd_config + +update: sudo sed -i -e '/^AllowUsers.*$/c \ +AllowUsers $VAR(@)' /etc/ssh/sshd_config diff --git a/templates/service/ssh/deny-groups/node.def b/templates/service/ssh/deny-groups/node.def new file mode 100644 index 00000000..c2c8dcab --- /dev/null +++ b/templates/service/ssh/deny-groups/node.def @@ -0,0 +1,11 @@ +type: txt +help: Configure sshd_config access control for disallowed groups. +comp_help: The SSH user and group access control directives (allow/deny) are processed in the following order: DenyUsers, AllowUsers, DenyGroups, and finally AllowGroups. Multiple groups can be specified as a comma-separated list. + +create: sudo sed -i -e '$ a \ +DenyGroups $VAR(@)' /etc/ssh/sshd_config + +delete: sudo sed -i -e '/^DenyGroups $VAR(@)$/d' /etc/ssh/sshd_config + +update: sudo sed -i -e '/^DenyGroups.*$/c \ +DenyGroups $VAR(@)' /etc/ssh/sshd_config diff --git a/templates/service/ssh/deny-users/node.def b/templates/service/ssh/deny-users/node.def new file mode 100644 index 00000000..a6426f90 --- /dev/null +++ b/templates/service/ssh/deny-users/node.def @@ -0,0 +1,11 @@ +type: txt +help: Configure sshd_config access control for disallowed users. +comp_help: The SSH user and group access control directives (allow/deny) are processed in the following order: DenyUsers, AllowUsers, DenyGroups, and finally AllowGroups. Multiple users can be specified as a comma-separated list. + +create: sudo sed -i -e '$ a \ +DenyUsers $VAR(@)' /etc/ssh/sshd_config + +delete: sudo sed -i -e '/^DenyUsers $VAR(@)$/d' /etc/ssh/sshd_config + +update: sudo sed -i -e '/^DenyUsers.*$/c \ +DenyUsers $VAR(@)' /etc/ssh/sshd_config diff --git a/templates/service/ssh/sshd-option/node.def b/templates/service/ssh/sshd-option/node.def new file mode 100644 index 00000000..7f6ec7ec --- /dev/null +++ b/templates/service/ssh/sshd-option/node.def @@ -0,0 +1,8 @@ +multi: +type: txt +help: Additional options for sshd_config + +create: sudo sed -i -e '$ a \ +$VAR(@)' /etc/ssh/sshd_config + +delete: sudo sed -i -e '/^$VAR(@)$/d' /etc/ssh/sshd_config -- cgit v1.2.3 From 082dd8fa2190bb4a0df818b827736766a77cf0bc Mon Sep 17 00:00:00 2001 From: Alain Lamar Date: Tue, 2 Jan 2018 19:09:58 +0100 Subject: T122: Add a new node to store access control configurations --- templates/service/ssh/access-control/node.def | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 templates/service/ssh/access-control/node.def (limited to 'templates') diff --git a/templates/service/ssh/access-control/node.def b/templates/service/ssh/access-control/node.def new file mode 100644 index 00000000..8f6ca6e7 --- /dev/null +++ b/templates/service/ssh/access-control/node.def @@ -0,0 +1,2 @@ +help: SSH user/group access controls +comp_help: The SSH user and group access control directives (allow/deny) are processed in the following order: DenyUsers, AllowUsers, DenyGroups, and finally AllowGroups. Multiple users can be specified as a comma-separated list. -- cgit v1.2.3 From 7a628be1675cca0218c14794a7a07321545ca057 Mon Sep 17 00:00:00 2001 From: Alain Lamar Date: Tue, 2 Jan 2018 19:11:24 +0100 Subject: T122: Added a config node to implement sshd_config's AllowUsers --- templates/service/ssh/access-control/allow-users/node.def | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 templates/service/ssh/access-control/allow-users/node.def (limited to 'templates') diff --git a/templates/service/ssh/access-control/allow-users/node.def b/templates/service/ssh/access-control/allow-users/node.def new file mode 100644 index 00000000..2052bf69 --- /dev/null +++ b/templates/service/ssh/access-control/allow-users/node.def @@ -0,0 +1,11 @@ +type: txt +help: Configure sshd_config access control for allowed users. +comp_help: The SSH user and group access control directives (allow/deny) are processed in the following order: DenyUsers, AllowUsers, DenyGroups, and finally AllowGroups. Multiple users can be specified as a comma-separated list. + +create: sudo sed -i -e '$ a \ +AllowUsers $VAR(@)' /etc/ssh/sshd_config + +delete: sudo sed -i -e '/^AllowUsers $VAR(@)$/d' /etc/ssh/sshd_config + +update: sudo sed -i -e '/^AllowUsers.*$/c \ +AllowUsers $VAR(@)' /etc/ssh/sshd_config -- cgit v1.2.3 From f76f756b8c031226c37a3851074cc26f506ccf2b Mon Sep 17 00:00:00 2001 From: Alain Lamar Date: Tue, 2 Jan 2018 19:12:09 +0100 Subject: T122: Added a config node to implement sshd_config's AllowGroups --- templates/service/ssh/access-control/allow-groups/node.def | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 templates/service/ssh/access-control/allow-groups/node.def (limited to 'templates') diff --git a/templates/service/ssh/access-control/allow-groups/node.def b/templates/service/ssh/access-control/allow-groups/node.def new file mode 100644 index 00000000..2d6aa75b --- /dev/null +++ b/templates/service/ssh/access-control/allow-groups/node.def @@ -0,0 +1,11 @@ +type: txt +help: Configure sshd_config access control for allowed groups. +comp_help: The SSH user and group access control directives (allow/deny) are processed in the following order: DenyUsers, AllowUsers, DenyGroups, and finally AllowGroups. Multiple groups can be specified as a comma-separated list. + +create: sudo sed -i -e '$ a \ +AllowGroups $VAR(@)' /etc/ssh/sshd_config + +delete: sudo sed -i -e '/^AllowGroups $VAR(@)$/d' /etc/ssh/sshd_config + +update: sudo sed -i -e '/^AllowGroups.*$/c \ +AllowGroups $VAR(@)' /etc/ssh/sshd_config -- cgit v1.2.3 From f56e7154b9dfb36305cfb0c36998d245c26ad343 Mon Sep 17 00:00:00 2001 From: Alain Lamar Date: Tue, 2 Jan 2018 19:12:27 +0100 Subject: T122: Added a config node to implement sshd_config's DenyUsers --- templates/service/ssh/access-control/deny-users/node.def | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 templates/service/ssh/access-control/deny-users/node.def (limited to 'templates') diff --git a/templates/service/ssh/access-control/deny-users/node.def b/templates/service/ssh/access-control/deny-users/node.def new file mode 100644 index 00000000..a6426f90 --- /dev/null +++ b/templates/service/ssh/access-control/deny-users/node.def @@ -0,0 +1,11 @@ +type: txt +help: Configure sshd_config access control for disallowed users. +comp_help: The SSH user and group access control directives (allow/deny) are processed in the following order: DenyUsers, AllowUsers, DenyGroups, and finally AllowGroups. Multiple users can be specified as a comma-separated list. + +create: sudo sed -i -e '$ a \ +DenyUsers $VAR(@)' /etc/ssh/sshd_config + +delete: sudo sed -i -e '/^DenyUsers $VAR(@)$/d' /etc/ssh/sshd_config + +update: sudo sed -i -e '/^DenyUsers.*$/c \ +DenyUsers $VAR(@)' /etc/ssh/sshd_config -- cgit v1.2.3 From ccbfc90fdb6239d30613fb28b76144c03c2d9809 Mon Sep 17 00:00:00 2001 From: Alain Lamar Date: Tue, 2 Jan 2018 19:12:43 +0100 Subject: T122: Added a config node to implement sshd_config's DenyGroups --- templates/service/ssh/access-control/deny-groups/node.def | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 templates/service/ssh/access-control/deny-groups/node.def (limited to 'templates') diff --git a/templates/service/ssh/access-control/deny-groups/node.def b/templates/service/ssh/access-control/deny-groups/node.def new file mode 100644 index 00000000..c2c8dcab --- /dev/null +++ b/templates/service/ssh/access-control/deny-groups/node.def @@ -0,0 +1,11 @@ +type: txt +help: Configure sshd_config access control for disallowed groups. +comp_help: The SSH user and group access control directives (allow/deny) are processed in the following order: DenyUsers, AllowUsers, DenyGroups, and finally AllowGroups. Multiple groups can be specified as a comma-separated list. + +create: sudo sed -i -e '$ a \ +DenyGroups $VAR(@)' /etc/ssh/sshd_config + +delete: sudo sed -i -e '/^DenyGroups $VAR(@)$/d' /etc/ssh/sshd_config + +update: sudo sed -i -e '/^DenyGroups.*$/c \ +DenyGroups $VAR(@)' /etc/ssh/sshd_config -- cgit v1.2.3 From c4b7a6a89d8309ffef66c7ddf9a74e03eef6c83f Mon Sep 17 00:00:00 2001 From: Alain Lamar Date: Tue, 2 Jan 2018 19:17:20 +0100 Subject: T122: Undo the multiple-features-in-one-commit commit --- templates/service/ssh/allow-groups/node.def | 11 ----------- templates/service/ssh/allow-users/node.def | 11 ----------- templates/service/ssh/deny-groups/node.def | 11 ----------- templates/service/ssh/deny-users/node.def | 11 ----------- templates/service/ssh/sshd-option/node.def | 8 -------- 5 files changed, 52 deletions(-) delete mode 100644 templates/service/ssh/allow-groups/node.def delete mode 100644 templates/service/ssh/allow-users/node.def delete mode 100644 templates/service/ssh/deny-groups/node.def delete mode 100644 templates/service/ssh/deny-users/node.def delete mode 100644 templates/service/ssh/sshd-option/node.def (limited to 'templates') diff --git a/templates/service/ssh/allow-groups/node.def b/templates/service/ssh/allow-groups/node.def deleted file mode 100644 index 2d6aa75b..00000000 --- a/templates/service/ssh/allow-groups/node.def +++ /dev/null @@ -1,11 +0,0 @@ -type: txt -help: Configure sshd_config access control for allowed groups. -comp_help: The SSH user and group access control directives (allow/deny) are processed in the following order: DenyUsers, AllowUsers, DenyGroups, and finally AllowGroups. Multiple groups can be specified as a comma-separated list. - -create: sudo sed -i -e '$ a \ -AllowGroups $VAR(@)' /etc/ssh/sshd_config - -delete: sudo sed -i -e '/^AllowGroups $VAR(@)$/d' /etc/ssh/sshd_config - -update: sudo sed -i -e '/^AllowGroups.*$/c \ -AllowGroups $VAR(@)' /etc/ssh/sshd_config diff --git a/templates/service/ssh/allow-users/node.def b/templates/service/ssh/allow-users/node.def deleted file mode 100644 index 2052bf69..00000000 --- a/templates/service/ssh/allow-users/node.def +++ /dev/null @@ -1,11 +0,0 @@ -type: txt -help: Configure sshd_config access control for allowed users. -comp_help: The SSH user and group access control directives (allow/deny) are processed in the following order: DenyUsers, AllowUsers, DenyGroups, and finally AllowGroups. Multiple users can be specified as a comma-separated list. - -create: sudo sed -i -e '$ a \ -AllowUsers $VAR(@)' /etc/ssh/sshd_config - -delete: sudo sed -i -e '/^AllowUsers $VAR(@)$/d' /etc/ssh/sshd_config - -update: sudo sed -i -e '/^AllowUsers.*$/c \ -AllowUsers $VAR(@)' /etc/ssh/sshd_config diff --git a/templates/service/ssh/deny-groups/node.def b/templates/service/ssh/deny-groups/node.def deleted file mode 100644 index c2c8dcab..00000000 --- a/templates/service/ssh/deny-groups/node.def +++ /dev/null @@ -1,11 +0,0 @@ -type: txt -help: Configure sshd_config access control for disallowed groups. -comp_help: The SSH user and group access control directives (allow/deny) are processed in the following order: DenyUsers, AllowUsers, DenyGroups, and finally AllowGroups. Multiple groups can be specified as a comma-separated list. - -create: sudo sed -i -e '$ a \ -DenyGroups $VAR(@)' /etc/ssh/sshd_config - -delete: sudo sed -i -e '/^DenyGroups $VAR(@)$/d' /etc/ssh/sshd_config - -update: sudo sed -i -e '/^DenyGroups.*$/c \ -DenyGroups $VAR(@)' /etc/ssh/sshd_config diff --git a/templates/service/ssh/deny-users/node.def b/templates/service/ssh/deny-users/node.def deleted file mode 100644 index a6426f90..00000000 --- a/templates/service/ssh/deny-users/node.def +++ /dev/null @@ -1,11 +0,0 @@ -type: txt -help: Configure sshd_config access control for disallowed users. -comp_help: The SSH user and group access control directives (allow/deny) are processed in the following order: DenyUsers, AllowUsers, DenyGroups, and finally AllowGroups. Multiple users can be specified as a comma-separated list. - -create: sudo sed -i -e '$ a \ -DenyUsers $VAR(@)' /etc/ssh/sshd_config - -delete: sudo sed -i -e '/^DenyUsers $VAR(@)$/d' /etc/ssh/sshd_config - -update: sudo sed -i -e '/^DenyUsers.*$/c \ -DenyUsers $VAR(@)' /etc/ssh/sshd_config diff --git a/templates/service/ssh/sshd-option/node.def b/templates/service/ssh/sshd-option/node.def deleted file mode 100644 index 7f6ec7ec..00000000 --- a/templates/service/ssh/sshd-option/node.def +++ /dev/null @@ -1,8 +0,0 @@ -multi: -type: txt -help: Additional options for sshd_config - -create: sudo sed -i -e '$ a \ -$VAR(@)' /etc/ssh/sshd_config - -delete: sudo sed -i -e '/^$VAR(@)$/d' /etc/ssh/sshd_config -- cgit v1.2.3 From 3f248ff90ecb28ae15dcf8e8191e79ca7889f69d Mon Sep 17 00:00:00 2001 From: Daniil Baturin Date: Tue, 20 Feb 2018 06:36:24 +0100 Subject: Rename the "client" NTP option to "allow-clients" to make it more clear what it does (fixes T553). --- scripts/system/vyatta_update_ntp.pl | 4 ++-- templates/system/ntp/allow-clients/address/node.def | 6 ++++++ templates/system/ntp/allow-clients/node.def | 1 + templates/system/ntp/client/address/node.def | 6 ------ templates/system/ntp/client/node.def | 1 - 5 files changed, 9 insertions(+), 9 deletions(-) create mode 100644 templates/system/ntp/allow-clients/address/node.def create mode 100644 templates/system/ntp/allow-clients/node.def delete mode 100644 templates/system/ntp/client/address/node.def delete mode 100644 templates/system/ntp/client/node.def (limited to 'templates') diff --git a/scripts/system/vyatta_update_ntp.pl b/scripts/system/vyatta_update_ntp.pl index eaaae14a..78a617bc 100755 --- a/scripts/system/vyatta_update_ntp.pl +++ b/scripts/system/vyatta_update_ntp.pl @@ -78,10 +78,10 @@ my @clients; if ($dhclient_script == 1) { @servers = $cfg->listOrigNodes("server"); - @clients = $cfg->returnOrigValues("client address"); + @clients = $cfg->returnOrigValues("allow-clients address"); } else { @servers = $cfg->listNodes("server"); - @clients = $cfg->returnValues("client address"); + @clients = $cfg->returnValues("allow-clients address"); } if (scalar(@servers) > 0) { diff --git a/templates/system/ntp/allow-clients/address/node.def b/templates/system/ntp/allow-clients/address/node.def new file mode 100644 index 00000000..a48a2b5a --- /dev/null +++ b/templates/system/ntp/allow-clients/address/node.def @@ -0,0 +1,6 @@ +multi: +type: ipv4net,ipv6net +help: IP address + +val_help: ipv4net; IP address and prefix length +val_help: ipv6net; IPv6 address and prefix length diff --git a/templates/system/ntp/allow-clients/node.def b/templates/system/ntp/allow-clients/node.def new file mode 100644 index 00000000..8228130e --- /dev/null +++ b/templates/system/ntp/allow-clients/node.def @@ -0,0 +1 @@ +help: Network Time Protocol (NTP) server options diff --git a/templates/system/ntp/client/address/node.def b/templates/system/ntp/client/address/node.def deleted file mode 100644 index a48a2b5a..00000000 --- a/templates/system/ntp/client/address/node.def +++ /dev/null @@ -1,6 +0,0 @@ -multi: -type: ipv4net,ipv6net -help: IP address - -val_help: ipv4net; IP address and prefix length -val_help: ipv6net; IPv6 address and prefix length diff --git a/templates/system/ntp/client/node.def b/templates/system/ntp/client/node.def deleted file mode 100644 index dd849f8f..00000000 --- a/templates/system/ntp/client/node.def +++ /dev/null @@ -1 +0,0 @@ -help: Network Time Protocol (NTP) client -- cgit v1.2.3 From d0af07c4b5f56b8faf2340c97676c2ff1b6a0933 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Wed, 21 Feb 2018 11:28:30 +0100 Subject: T546: Add support for IPv6 address in 'service dns forwarding domain' --- templates/service/dns/forwarding/domain/node.tag/server/node.def | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'templates') diff --git a/templates/service/dns/forwarding/domain/node.tag/server/node.def b/templates/service/dns/forwarding/domain/node.tag/server/node.def index 8f40a299..e616c0aa 100644 --- a/templates/service/dns/forwarding/domain/node.tag/server/node.def +++ b/templates/service/dns/forwarding/domain/node.tag/server/node.def @@ -1,3 +1,5 @@ multi: -type: ipv4 -help: DNS server to forward queries +type: ipv4,ipv6 +help: Domain Name Server (DNS) to forward queries +val_help: ipv4; Domain Name Server (DNS) address +val_help: ipv6; Domain Name Server (DNS) address -- cgit v1.2.3 From d8dd509656e24d0050050ed067021e4b45e07d59 Mon Sep 17 00:00:00 2001 From: Daniil Baturin Date: Wed, 28 Feb 2018 13:32:24 +0100 Subject: T507: add autocompletion or SSH key exchange algorithms --- templates/service/ssh/key-exchange/node.def | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'templates') diff --git a/templates/service/ssh/key-exchange/node.def b/templates/service/ssh/key-exchange/node.def index a3c91b0b..00df581a 100644 --- a/templates/service/ssh/key-exchange/node.def +++ b/templates/service/ssh/key-exchange/node.def @@ -1,6 +1,7 @@ type: txt -help: Allowed key exchange algorithms -comp_help: Specifies the available KEX (key exchange) algorithms. The KEX algorithm is used in protocol version 2 for key negotiation upon session creation. Multiple algorithms must be comma-separated. See 'ssh -Q kex' for supported KEX algorithms. +help: Key exchange algorithms + +allowed: ssh -Q kex | perl -ne '$_=~s/\n/ /;print' create: sudo sed -i -e '$ a \ KexAlgorithms $VAR(@)' /etc/ssh/sshd_config -- cgit v1.2.3 From 70f95999744fbb6606aebbc87ba9b326cf453728 Mon Sep 17 00:00:00 2001 From: Kim Date: Thu, 5 Apr 2018 14:12:05 +0200 Subject: Add help for baud rate. --- templates/system/console/device/node.tag/speed/node.def | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'templates') diff --git a/templates/system/console/device/node.tag/speed/node.def b/templates/system/console/device/node.tag/speed/node.def index e7515dca..3a117301 100644 --- a/templates/system/console/device/node.tag/speed/node.def +++ b/templates/system/console/device/node.tag/speed/node.def @@ -1,5 +1,5 @@ type: u32 -help: Console baud rate +help: Console baud rate. New rate will take effect on reboot. allowed: echo 1200 2400 4800 9600 19200 38400 57600 115200 syntax:expression: $VAR(@) in 1200, 2400, 4800, 9600, 19200, 38400, \ 57600, 115200 ; "unknown baud rate" -- cgit v1.2.3 From df78ae1e4411c15f27f5f29b172b71504c444637 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Fri, 16 Mar 2018 20:09:27 +0100 Subject: Remove dns forwarding templates in favor of vyos-1x --- templates/service/dns/forwarding/cache-size/node.def | 5 ----- templates/service/dns/forwarding/dhcp/node.def | 8 -------- templates/service/dns/forwarding/domain/node.def | 4 ---- .../service/dns/forwarding/domain/node.tag/server/node.def | 5 ----- templates/service/dns/forwarding/ignore-hosts-file/node.def | 1 - templates/service/dns/forwarding/listen-on/node.def | 5 ----- templates/service/dns/forwarding/name-server/node.def | 5 ----- templates/service/dns/forwarding/node.def | 10 ---------- templates/service/dns/forwarding/query-all-servers/node.def | 1 - templates/service/dns/forwarding/system/node.def | 2 -- 10 files changed, 46 deletions(-) delete mode 100644 templates/service/dns/forwarding/cache-size/node.def delete mode 100644 templates/service/dns/forwarding/dhcp/node.def delete mode 100644 templates/service/dns/forwarding/domain/node.def delete mode 100644 templates/service/dns/forwarding/domain/node.tag/server/node.def delete mode 100644 templates/service/dns/forwarding/ignore-hosts-file/node.def delete mode 100644 templates/service/dns/forwarding/listen-on/node.def delete mode 100644 templates/service/dns/forwarding/name-server/node.def delete mode 100644 templates/service/dns/forwarding/node.def delete mode 100644 templates/service/dns/forwarding/query-all-servers/node.def delete mode 100644 templates/service/dns/forwarding/system/node.def (limited to 'templates') diff --git a/templates/service/dns/forwarding/cache-size/node.def b/templates/service/dns/forwarding/cache-size/node.def deleted file mode 100644 index 9285dbbd..00000000 --- a/templates/service/dns/forwarding/cache-size/node.def +++ /dev/null @@ -1,5 +0,0 @@ -type: u32 -default:150 -help: DNS forwarding cache size -syntax:expression: ($VAR(@) >=0 && $VAR(@) < 10001) ; "Cache size must be between 0 and 10000" -val_help: u32:0-10000; DNS forwarding cache size diff --git a/templates/service/dns/forwarding/dhcp/node.def b/templates/service/dns/forwarding/dhcp/node.def deleted file mode 100644 index f19b000e..00000000 --- a/templates/service/dns/forwarding/dhcp/node.def +++ /dev/null @@ -1,8 +0,0 @@ -multi: -type: txt -help: Use nameservers received from DHCP server for specified interface -commit:expression: exec "/opt/vyatta/sbin/vyatta-dns-forwarding.pl --dhcp-interface $VAR(@)" -allowed: - local -a array ; - array=( /var/lib/dhcp/eth* /var/lib/dhcp/br* ) ; - echo -n ${array[@]##*/} diff --git a/templates/service/dns/forwarding/domain/node.def b/templates/service/dns/forwarding/domain/node.def deleted file mode 100644 index bdd82752..00000000 --- a/templates/service/dns/forwarding/domain/node.def +++ /dev/null @@ -1,4 +0,0 @@ -tag: -type: txt -help: DNS domain to forward to a local server -commit:expression: $VAR(./server/) != ""; "Error: No server configured for the domain $VAR(@)" diff --git a/templates/service/dns/forwarding/domain/node.tag/server/node.def b/templates/service/dns/forwarding/domain/node.tag/server/node.def deleted file mode 100644 index e616c0aa..00000000 --- a/templates/service/dns/forwarding/domain/node.tag/server/node.def +++ /dev/null @@ -1,5 +0,0 @@ -multi: -type: ipv4,ipv6 -help: Domain Name Server (DNS) to forward queries -val_help: ipv4; Domain Name Server (DNS) address -val_help: ipv6; Domain Name Server (DNS) address diff --git a/templates/service/dns/forwarding/ignore-hosts-file/node.def b/templates/service/dns/forwarding/ignore-hosts-file/node.def deleted file mode 100644 index 08a89ca8..00000000 --- a/templates/service/dns/forwarding/ignore-hosts-file/node.def +++ /dev/null @@ -1 +0,0 @@ -help: Do not use local /etc/hosts file in name resolution diff --git a/templates/service/dns/forwarding/listen-on/node.def b/templates/service/dns/forwarding/listen-on/node.def deleted file mode 100644 index 3d1c748f..00000000 --- a/templates/service/dns/forwarding/listen-on/node.def +++ /dev/null @@ -1,5 +0,0 @@ -multi: -type: txt -help: Interface to listen for DNS queries [REQUIRED] -allowed: /opt/vyatta/sbin/vyatta-interfaces.pl --show=all -commit:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --dev=$VAR(@) --warn" diff --git a/templates/service/dns/forwarding/name-server/node.def b/templates/service/dns/forwarding/name-server/node.def deleted file mode 100644 index ac7e45b6..00000000 --- a/templates/service/dns/forwarding/name-server/node.def +++ /dev/null @@ -1,5 +0,0 @@ -multi: -type: ipv4,ipv6 -help: Domain Name Server (DNS) -val_help: ipv4; Domain Name Server (DNS) address -val_help: ipv6; Domain Name Server (DNS) address diff --git a/templates/service/dns/forwarding/node.def b/templates/service/dns/forwarding/node.def deleted file mode 100644 index ae7a9d3c..00000000 --- a/templates/service/dns/forwarding/node.def +++ /dev/null @@ -1,10 +0,0 @@ -priority: 918 -help: DNS forwarding -commit:expression: $VAR(./listen-on) != ""; "At least one interface must be configured for DNS forwarding parameter 'listen-on'" -delete:expression: "touch /tmp/dnsmasq.$PPID" -end:expression: "if [ -f \"/tmp/dnsmasq.$PPID\" ]; then \ - sudo /opt/vyatta/sbin/vyatta-dns-forwarding.pl --stop-dnsforwarding \ - rm /tmp/dnsmasq.$PPID; \ - else \ - sudo /opt/vyatta/sbin/vyatta-dns-forwarding.pl --update-dnsforwarding; \ - fi; " diff --git a/templates/service/dns/forwarding/query-all-servers/node.def b/templates/service/dns/forwarding/query-all-servers/node.def deleted file mode 100644 index 90e8e7ec..00000000 --- a/templates/service/dns/forwarding/query-all-servers/node.def +++ /dev/null @@ -1 +0,0 @@ -help: Query all DNS servers, respond and cache fastest result diff --git a/templates/service/dns/forwarding/system/node.def b/templates/service/dns/forwarding/system/node.def deleted file mode 100644 index a37676de..00000000 --- a/templates/service/dns/forwarding/system/node.def +++ /dev/null @@ -1,2 +0,0 @@ -help: DNS forwarding to system nameservers -commit:expression: exec "/opt/vyatta/sbin/vyatta-dns-forwarding.pl --system-nameserver" -- cgit v1.2.3 From 9f5c33ea3fb6101c7ce49abe3762d4d497c37ce9 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Mon, 7 May 2018 22:41:31 +0200 Subject: T623: Rewrite NTP subsystem in new XML style interface definition --- Makefile.am | 1 - scripts/system/vyatta_update_ntp.pl | 115 --------------------- scripts/system/vyatta_update_resolv.pl | 15 --- scripts/vyatta-system-nameservers | 10 -- .../system/ntp/allow-clients/address/node.def | 6 -- templates/system/ntp/allow-clients/node.def | 1 - templates/system/ntp/node.def | 16 --- templates/system/ntp/server/node.def | 3 - .../system/ntp/server/node.tag/dynamic/node.def | 2 - .../system/ntp/server/node.tag/noselect/node.def | 1 - .../system/ntp/server/node.tag/preempt/node.def | 1 - .../system/ntp/server/node.tag/prefer/node.def | 1 - 12 files changed, 172 deletions(-) delete mode 100755 scripts/system/vyatta_update_ntp.pl delete mode 100644 templates/system/ntp/allow-clients/address/node.def delete mode 100644 templates/system/ntp/allow-clients/node.def delete mode 100644 templates/system/ntp/node.def delete mode 100644 templates/system/ntp/server/node.def delete mode 100644 templates/system/ntp/server/node.tag/dynamic/node.def delete mode 100644 templates/system/ntp/server/node.tag/noselect/node.def delete mode 100644 templates/system/ntp/server/node.tag/preempt/node.def delete mode 100644 templates/system/ntp/server/node.tag/prefer/node.def (limited to 'templates') diff --git a/Makefile.am b/Makefile.am index 77088eaa..cfddd656 100644 --- a/Makefile.am +++ b/Makefile.am @@ -54,7 +54,6 @@ sbin_SCRIPTS += scripts/system/vyatta_update_resolv.pl sbin_SCRIPTS += scripts/system/vyatta_update_sysctl.pl sbin_SCRIPTS += scripts/system/vyatta_update_syslog.pl sbin_SCRIPTS += scripts/system/vyatta_update_console.pl -sbin_SCRIPTS += scripts/system/vyatta_update_ntp.pl sbin_SCRIPTS += scripts/system/irq-affinity.pl sbin_SCRIPTS += scripts/snmp/vyatta-snmp.pl sbin_SCRIPTS += scripts/snmp/vyatta-snmp-v3.pl diff --git a/scripts/system/vyatta_update_ntp.pl b/scripts/system/vyatta_update_ntp.pl deleted file mode 100755 index 78a617bc..00000000 --- a/scripts/system/vyatta_update_ntp.pl +++ /dev/null @@ -1,115 +0,0 @@ -#! /usr/bin/perl - -# **** License **** -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License version 2 as -# published by the Free Software Foundation. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# This code was originally developed by Vyatta, Inc. -# Portions created by Vyatta are Copyright (C) 2007 Vyatta, Inc. -# All Rights Reserved. -# -# **** End License **** - -# Filter ntp.conf - remove old servers and add current ones - -use strict; -use lib "/opt/vyatta/share/perl5"; -use Vyatta::Config; -use NetAddr::IP; -use Getopt::Long; - -my $dhclient_script = 0; - -GetOptions("dhclient-script=i" => \$dhclient_script, -); - -sub ntp_format { - my ($cidr_or_host) = @_; - my $ip = NetAddr::IP->new($cidr_or_host); - if (defined($ip)) { - my $address = $ip->addr(); - my $mask = $ip->mask(); - - if ( - ($ip->version() == 6 && $ip->masklen() == 128) - || ($ip->version() == 4 && $ip->masklen() == 32) - ) { - return "$address"; - } else { - return "$address mask $mask"; - } - } else { - return undef; - } -} - -my @ntp; -if (-e '/etc/ntp.conf') { - open (my $file, '<', '/etc/ntp.conf') - or die("$0: Error! Unable to open '/etc/ntp.conf' for input: $!\n"); - @ntp = <$file>; - close ($file); -} - -open (my $output, '>', '/etc/ntp.conf') - or die("$0: Error! Unable to open '/etc/ntp.conf' for output: $!\n"); - -my $cfg = new Vyatta::Config; -$cfg->setLevel("system ntp"); - -foreach my $line (@ntp) { - if ($line =~ /^# VyOS CLI configuration options/) { - print $output $line; - print $output "\n"; - last; - } else { - print $output $line; - } -} - -my @servers; -my @clients; - -if ($dhclient_script == 1) { - @servers = $cfg->listOrigNodes("server"); - @clients = $cfg->returnOrigValues("allow-clients address"); -} else { - @servers = $cfg->listNodes("server"); - @clients = $cfg->returnValues("allow-clients address"); -} - -if (scalar(@servers) > 0) { - print $output "# Servers\n\n"; - foreach my $server (@servers) { - my $server_addr = ntp_format($server); - if (defined($server_addr)) { - print $output "server $server_addr iburst"; - for my $property (qw(dynamic noselect preempt prefer)) { - if ($dhclient_script == 1) { - print $output " $property" if ($cfg->existsOrig("server $server $property")); - } else { - print $output " $property" if ($cfg->exists("server $server $property")); - } - } - print $output "\nrestrict $server_addr nomodify notrap nopeer noquery\n"; - } - } - print $output "\n"; -} - -if (scalar(@clients) > 0) { - print $output "# Clients\n\n"; - foreach my $client (@clients) { - my $address = ntp_format($client); - print $output "restrict $address nomodify notrap nopeer\n"; - } - print $output "\n"; -} - -exit 0; diff --git a/scripts/system/vyatta_update_resolv.pl b/scripts/system/vyatta_update_resolv.pl index 51617fce..de09a760 100755 --- a/scripts/system/vyatta_update_resolv.pl +++ b/scripts/system/vyatta_update_resolv.pl @@ -30,7 +30,6 @@ use Vyatta::Config; my $dhclient_script = 0; my $config_mode = 0; -my $ntp_config = 0; GetOptions("dhclient-script=i" => \$dhclient_script, "config-mode=i" => \$config_mode, @@ -45,7 +44,6 @@ my $disable_dhcp_nameservers = undef; if ($config_mode == 1) { $disable_dhcp_nameservers = $vc->exists('disable-dhcp-nameservers'); - $ntp_config = $vc->exists('ntp server'); } else { $disable_dhcp_nameservers = $vc->existsOrig('disable-dhcp-nameservers'); } @@ -53,7 +51,6 @@ if ($config_mode == 1) { if ($dhclient_script == 1) { @search_domains = $vc->returnOrigValues('domain-search domain'); $domain_name = $vc->returnOrigValue('domain-name'); - $ntp_config = $vc->existsOrig('ntp server'); } else { @search_domains = $vc->returnValues('domain-search domain'); $domain_name = $vc->returnValue('domain-name'); @@ -132,7 +129,6 @@ if ($domain_name && length($domain_name) > 0) { if (($dhclient_script == 1) || ($config_mode == 1)) { my @current_dhcp_nameservers; - my $restart_ntp = 0; # code below to add new name-servers received from dhcp client, but only if disable-dhcp-nameservers # hasn't been enabled. @@ -168,7 +164,6 @@ if (($dhclient_script == 1) || ($config_mode == 1)) { or die "$! error trying to overwrite"; print $rf "#nameserver written by vyatta_update_resolv.pl (dhcp)\nnameserver\t$ns\n"; close $rf; - $restart_ntp = 1; } } } @@ -206,7 +201,6 @@ if (($dhclient_script == 1) || ($config_mode == 1)) { $cmd = "sed -i -n '/nameserver\t$dhcpnameserver/".'{n;x;d;};x;1d;p;${x;p;}'."' /etc/resolv.conf"; } system($cmd); - $restart_ntp = 1; } } else { for my $dhcpnameserver (@dhcp_nameservers_in_resolvconf) { @@ -225,18 +219,9 @@ if (($dhclient_script == 1) || ($config_mode == 1)) { $cmd = "sed -i -n '/nameserver\t$dhcpnameserver/".'{n;x;d;};x;1d;p;${x;p;}'."' /etc/resolv.conf"; } system($cmd); - $restart_ntp = 1; } } } - if ($restart_ntp == 1) { - # this corresponds to what is done in name-server/node.def as a fix for bug 1300 - if ($ntp_config == 1) { - system("sudo /opt/vyatta/sbin/vyatta_update_ntp.pl --dhclient-script $dhclient_script"); - my $cmd_ntp_restart = "if [ -f /etc/ntp.conf ] && grep -q '^server' /etc/ntp.conf; then /usr/sbin/invoke-rc.d ntp restart >&/dev/null; fi &"; - system($cmd_ntp_restart); - } - } } # The following will re-write '/etc/resolv.conf' line by line, diff --git a/scripts/vyatta-system-nameservers b/scripts/vyatta-system-nameservers index 99019fd1..9c688e80 100755 --- a/scripts/vyatta-system-nameservers +++ b/scripts/vyatta-system-nameservers @@ -36,14 +36,6 @@ restart_dnsmasq () { fi } -restart_ntp () { - # restart ntp if ntp is configured - if [ -f /etc/ntp.conf ] && grep -q "^server" /etc/ntp.conf; then - sudo /opt/vyatta/sbin/vyatta_update_ntp.pl - /usr/sbin/invoke-rc.d ntp restart >&/dev/null - fi -} - update_system_nameservers () { nameserver=$1 touch /etc/resolv.conf @@ -70,7 +62,6 @@ update_system_nameservers () { mv -f /etc/resolv_tmp.conf /etc/resolv.conf fi restart_dnsmasq - restart_ntp } delete_system_nameserver () { @@ -79,7 +70,6 @@ delete_system_nameserver () { # remove specified nameserver sed -i "/$nameserver$/d" /etc/resolv.conf restart_dnsmasq - restart_ntp } # diff --git a/templates/system/ntp/allow-clients/address/node.def b/templates/system/ntp/allow-clients/address/node.def deleted file mode 100644 index a48a2b5a..00000000 --- a/templates/system/ntp/allow-clients/address/node.def +++ /dev/null @@ -1,6 +0,0 @@ -multi: -type: ipv4net,ipv6net -help: IP address - -val_help: ipv4net; IP address and prefix length -val_help: ipv6net; IPv6 address and prefix length diff --git a/templates/system/ntp/allow-clients/node.def b/templates/system/ntp/allow-clients/node.def deleted file mode 100644 index 8228130e..00000000 --- a/templates/system/ntp/allow-clients/node.def +++ /dev/null @@ -1 +0,0 @@ -help: Network Time Protocol (NTP) server options diff --git a/templates/system/ntp/node.def b/templates/system/ntp/node.def deleted file mode 100644 index 38e67e05..00000000 --- a/templates/system/ntp/node.def +++ /dev/null @@ -1,16 +0,0 @@ -priority: 400 -help: Network Time Protocol (NTP) configuration - -end: - sudo /opt/vyatta/sbin/vyatta_update_ntp.pl - if grep -q '^server' /etc/ntp.conf - then - if pgrep -f -u ntp /usr/sbin/ntpd > /dev/null - then - sudo /usr/sbin/invoke-rc.d ntp force-reload - else - sudo /usr/sbin/invoke-rc.d ntp start - fi - else - sudo /usr/sbin/invoke-rc.d ntp stop - fi diff --git a/templates/system/ntp/server/node.def b/templates/system/ntp/server/node.def deleted file mode 100644 index 383bd992..00000000 --- a/templates/system/ntp/server/node.def +++ /dev/null @@ -1,3 +0,0 @@ -tag: -type: txt -help: Network Time Protocol (NTP) server diff --git a/templates/system/ntp/server/node.tag/dynamic/node.def b/templates/system/ntp/server/node.tag/dynamic/node.def deleted file mode 100644 index 2d68de16..00000000 --- a/templates/system/ntp/server/node.tag/dynamic/node.def +++ /dev/null @@ -1,2 +0,0 @@ -help: Allow server to be configured even if not reachable - diff --git a/templates/system/ntp/server/node.tag/noselect/node.def b/templates/system/ntp/server/node.tag/noselect/node.def deleted file mode 100644 index e2e061b5..00000000 --- a/templates/system/ntp/server/node.tag/noselect/node.def +++ /dev/null @@ -1 +0,0 @@ -help: Marks the server as unused diff --git a/templates/system/ntp/server/node.tag/preempt/node.def b/templates/system/ntp/server/node.tag/preempt/node.def deleted file mode 100644 index ca89efa1..00000000 --- a/templates/system/ntp/server/node.tag/preempt/node.def +++ /dev/null @@ -1 +0,0 @@ -help: Specifies the association as preemptable rather than the default persistent diff --git a/templates/system/ntp/server/node.tag/prefer/node.def b/templates/system/ntp/server/node.tag/prefer/node.def deleted file mode 100644 index 4855fd41..00000000 --- a/templates/system/ntp/server/node.tag/prefer/node.def +++ /dev/null @@ -1 +0,0 @@ -help: Marks the server as preferred -- cgit v1.2.3 From 58bcf1639e1656643e3470e25fbbea0a707355a9 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sun, 13 May 2018 14:17:44 +0200 Subject: T631: Rewrite SSH configuration as XML interface definition --- .../ssh/access-control/allow-groups/node.def | 11 ------- .../ssh/access-control/allow-users/node.def | 11 ------- .../ssh/access-control/deny-groups/node.def | 11 ------- .../service/ssh/access-control/deny-users/node.def | 11 ------- templates/service/ssh/access-control/node.def | 2 -- templates/service/ssh/allow-root/node.def | 5 ---- templates/service/ssh/ciphers/node.def | 34 ---------------------- .../service/ssh/disable-host-validation/node.def | 6 ---- .../ssh/disable-password-authentication/node.def | 5 ---- templates/service/ssh/key-exchange/node.def | 12 -------- templates/service/ssh/listen-address/node.def | 10 ------- templates/service/ssh/loglevel/node.def | 19 ------------ templates/service/ssh/macs/node.def | 11 ------- templates/service/ssh/node.def | 8 ----- templates/service/ssh/port/node.def | 7 ----- 15 files changed, 163 deletions(-) delete mode 100644 templates/service/ssh/access-control/allow-groups/node.def delete mode 100644 templates/service/ssh/access-control/allow-users/node.def delete mode 100644 templates/service/ssh/access-control/deny-groups/node.def delete mode 100644 templates/service/ssh/access-control/deny-users/node.def delete mode 100644 templates/service/ssh/access-control/node.def delete mode 100644 templates/service/ssh/allow-root/node.def delete mode 100644 templates/service/ssh/ciphers/node.def delete mode 100644 templates/service/ssh/disable-host-validation/node.def delete mode 100644 templates/service/ssh/disable-password-authentication/node.def delete mode 100644 templates/service/ssh/key-exchange/node.def delete mode 100644 templates/service/ssh/listen-address/node.def delete mode 100644 templates/service/ssh/loglevel/node.def delete mode 100644 templates/service/ssh/macs/node.def delete mode 100644 templates/service/ssh/node.def delete mode 100644 templates/service/ssh/port/node.def (limited to 'templates') diff --git a/templates/service/ssh/access-control/allow-groups/node.def b/templates/service/ssh/access-control/allow-groups/node.def deleted file mode 100644 index 2d6aa75b..00000000 --- a/templates/service/ssh/access-control/allow-groups/node.def +++ /dev/null @@ -1,11 +0,0 @@ -type: txt -help: Configure sshd_config access control for allowed groups. -comp_help: The SSH user and group access control directives (allow/deny) are processed in the following order: DenyUsers, AllowUsers, DenyGroups, and finally AllowGroups. Multiple groups can be specified as a comma-separated list. - -create: sudo sed -i -e '$ a \ -AllowGroups $VAR(@)' /etc/ssh/sshd_config - -delete: sudo sed -i -e '/^AllowGroups $VAR(@)$/d' /etc/ssh/sshd_config - -update: sudo sed -i -e '/^AllowGroups.*$/c \ -AllowGroups $VAR(@)' /etc/ssh/sshd_config diff --git a/templates/service/ssh/access-control/allow-users/node.def b/templates/service/ssh/access-control/allow-users/node.def deleted file mode 100644 index 2052bf69..00000000 --- a/templates/service/ssh/access-control/allow-users/node.def +++ /dev/null @@ -1,11 +0,0 @@ -type: txt -help: Configure sshd_config access control for allowed users. -comp_help: The SSH user and group access control directives (allow/deny) are processed in the following order: DenyUsers, AllowUsers, DenyGroups, and finally AllowGroups. Multiple users can be specified as a comma-separated list. - -create: sudo sed -i -e '$ a \ -AllowUsers $VAR(@)' /etc/ssh/sshd_config - -delete: sudo sed -i -e '/^AllowUsers $VAR(@)$/d' /etc/ssh/sshd_config - -update: sudo sed -i -e '/^AllowUsers.*$/c \ -AllowUsers $VAR(@)' /etc/ssh/sshd_config diff --git a/templates/service/ssh/access-control/deny-groups/node.def b/templates/service/ssh/access-control/deny-groups/node.def deleted file mode 100644 index c2c8dcab..00000000 --- a/templates/service/ssh/access-control/deny-groups/node.def +++ /dev/null @@ -1,11 +0,0 @@ -type: txt -help: Configure sshd_config access control for disallowed groups. -comp_help: The SSH user and group access control directives (allow/deny) are processed in the following order: DenyUsers, AllowUsers, DenyGroups, and finally AllowGroups. Multiple groups can be specified as a comma-separated list. - -create: sudo sed -i -e '$ a \ -DenyGroups $VAR(@)' /etc/ssh/sshd_config - -delete: sudo sed -i -e '/^DenyGroups $VAR(@)$/d' /etc/ssh/sshd_config - -update: sudo sed -i -e '/^DenyGroups.*$/c \ -DenyGroups $VAR(@)' /etc/ssh/sshd_config diff --git a/templates/service/ssh/access-control/deny-users/node.def b/templates/service/ssh/access-control/deny-users/node.def deleted file mode 100644 index a6426f90..00000000 --- a/templates/service/ssh/access-control/deny-users/node.def +++ /dev/null @@ -1,11 +0,0 @@ -type: txt -help: Configure sshd_config access control for disallowed users. -comp_help: The SSH user and group access control directives (allow/deny) are processed in the following order: DenyUsers, AllowUsers, DenyGroups, and finally AllowGroups. Multiple users can be specified as a comma-separated list. - -create: sudo sed -i -e '$ a \ -DenyUsers $VAR(@)' /etc/ssh/sshd_config - -delete: sudo sed -i -e '/^DenyUsers $VAR(@)$/d' /etc/ssh/sshd_config - -update: sudo sed -i -e '/^DenyUsers.*$/c \ -DenyUsers $VAR(@)' /etc/ssh/sshd_config diff --git a/templates/service/ssh/access-control/node.def b/templates/service/ssh/access-control/node.def deleted file mode 100644 index 8f6ca6e7..00000000 --- a/templates/service/ssh/access-control/node.def +++ /dev/null @@ -1,2 +0,0 @@ -help: SSH user/group access controls -comp_help: The SSH user and group access control directives (allow/deny) are processed in the following order: DenyUsers, AllowUsers, DenyGroups, and finally AllowGroups. Multiple users can be specified as a comma-separated list. diff --git a/templates/service/ssh/allow-root/node.def b/templates/service/ssh/allow-root/node.def deleted file mode 100644 index 2f8e4354..00000000 --- a/templates/service/ssh/allow-root/node.def +++ /dev/null @@ -1,5 +0,0 @@ -help: Enable root login over ssh - -create: sudo sed -i -e '/^PermitRootLogin/s/no\|without-password\|yes/yes/' /etc/ssh/sshd_config - -delete: sudo sed -i -e '/^PermitRootLogin/s/no\|without-password\|yes/no/' /etc/ssh/sshd_config diff --git a/templates/service/ssh/ciphers/node.def b/templates/service/ssh/ciphers/node.def deleted file mode 100644 index b5e5af68..00000000 --- a/templates/service/ssh/ciphers/node.def +++ /dev/null @@ -1,34 +0,0 @@ -type: txt -help: Allowed ciphers -val_help: txt; Cipher string -val_help: aes128-gcm@openssh.com; AES 128 GCM -val_help: aes256-gcm@openssh.com; AES 256 GCM -val_help: chacha20-poly1305@openssh.com; ChaCha20 Poly1305 -val_help: 3des-cbc; 3DES CBC (weak) -val_help: aes128-cbc; AES 128 CBC -val_help: aes192-cbc; AES 192 CBC -val_help: aes256-cbc; AES 256 CBC -val_help: aes128-ctr; AES 128 CTR -val_help: aes192-ctr; AES 192 CTR -val_help: aes256-ctr; AES 256 CTR -val_help: arcfour128; AC4 128 (broken) -val_help: arcfour256; AC4 256 (broken) -val_help: arcfour; AC4 (broken) -val_help: blowfish-cbc; Blowfish CBC -val_help: cast128-cbc; CAST 128 CBC -comp_help: Multiple ciphers can be specified as a comma-separated list. - -syntax:expression: pattern $VAR(@) "^((aes128-gcm@openssh.com|\ -aes256-gcm@openssh.com|chacha20-poly1305@openssh.com|\ -3des-cbc|aes128-cbc|aes192-cbc|aes256-cbc|aes128-ctr|aes192-ctr|\ -aes256-ctr|arcfour128|arcfour256|arcfour|\ -blowfish-cbc|cast128-cbc)(,|$))+$"; \ -"$VAR(@) is not a valid cipher list" - -create: sudo sed -i -e '$ a \ -Ciphers $VAR(@)' /etc/ssh/sshd_config - -delete: sudo sed -i -e '/^Ciphers $VAR(@)$/d' /etc/ssh/sshd_config - -update: sudo sed -i -e '/^Ciphers.*$/c \ -Ciphers $VAR(@)' /etc/ssh/sshd_config diff --git a/templates/service/ssh/disable-host-validation/node.def b/templates/service/ssh/disable-host-validation/node.def deleted file mode 100644 index fff28dbd..00000000 --- a/templates/service/ssh/disable-host-validation/node.def +++ /dev/null @@ -1,6 +0,0 @@ -help: Don't validate the remote host name with DNS - -update: sudo sed -i -e '/^UseDNS/s/yes/no/' /etc/ssh/sshd_config - -delete: sudo sed -i -e '/^UseDNS/s/no/yes/' /etc/ssh/sshd_config - diff --git a/templates/service/ssh/disable-password-authentication/node.def b/templates/service/ssh/disable-password-authentication/node.def deleted file mode 100644 index 59abacfc..00000000 --- a/templates/service/ssh/disable-password-authentication/node.def +++ /dev/null @@ -1,5 +0,0 @@ -help: Don't allow unknown user to login with password - -update: sudo sed -i -e '/^PasswordAuthentication/s/yes/no/' /etc/ssh/sshd_config - -delete: sudo sed -i -e '/^PasswordAuthentication/s/no/yes/' /etc/ssh/sshd_config diff --git a/templates/service/ssh/key-exchange/node.def b/templates/service/ssh/key-exchange/node.def deleted file mode 100644 index 00df581a..00000000 --- a/templates/service/ssh/key-exchange/node.def +++ /dev/null @@ -1,12 +0,0 @@ -type: txt -help: Key exchange algorithms - -allowed: ssh -Q kex | perl -ne '$_=~s/\n/ /;print' - -create: sudo sed -i -e '$ a \ -KexAlgorithms $VAR(@)' /etc/ssh/sshd_config - -delete: sudo sed -i -e '/^KexAlgorithms $VAR(@)$/d' /etc/ssh/sshd_config - -update: sudo sed -i -e '/^KexAlgorithms.*$/c \ -KexAlgorithms $VAR(@)' /etc/ssh/sshd_config diff --git a/templates/service/ssh/listen-address/node.def b/templates/service/ssh/listen-address/node.def deleted file mode 100644 index aeff03f2..00000000 --- a/templates/service/ssh/listen-address/node.def +++ /dev/null @@ -1,10 +0,0 @@ -multi: -type: ipv4,ipv6 -help: Local addresses SSH service should listen on -val_help: ipv4: IP address to listen for incoming connections -val_help: ipv6: IPv6 address to listen for incoming connections - -create: sudo sed -i -e '/^Port/a \ -ListenAddress $VAR(@)' /etc/ssh/sshd_config - -delete: sudo sed -i -e '/^ListenAddress $VAR(@)$/d' /etc/ssh/sshd_config diff --git a/templates/service/ssh/loglevel/node.def b/templates/service/ssh/loglevel/node.def deleted file mode 100644 index f66ec068..00000000 --- a/templates/service/ssh/loglevel/node.def +++ /dev/null @@ -1,19 +0,0 @@ -type: txt -help: Log Level -val_help: QUIET; stay silent -val_help: FATAL; log fatals only -val_help: ERROR; log errors and fatals only -val_help: INFO; default log level -val_help: VERBOSE; enable logging of failed login attempts -comp_help: Gives the verbosity level that is used when logging messages from sshd(8). The default is INFO. - -syntax:expression: pattern $VAR(@) "^((QUIET|FATAL|ERROR|INFO|VERBOSE)(,|$))+$"; \ -"$VAR(@) is not a valid log level" - -create: sudo sed -i -e '/^LogLevel.*$/c \ -LogLevel $VAR(@)' /etc/ssh/sshd_config - -delete: sudo sed -i -e '/^LogLevel $VAR(@)$/d' /etc/ssh/sshd_config - -update: sudo sed -i -e '/^LogLevel.*$/c \ -LogLevel $VAR(@)' /etc/ssh/sshd_config diff --git a/templates/service/ssh/macs/node.def b/templates/service/ssh/macs/node.def deleted file mode 100644 index f9bf4176..00000000 --- a/templates/service/ssh/macs/node.def +++ /dev/null @@ -1,11 +0,0 @@ -type: txt -help: Allowed message authentication algorithms -comp_help: Specifies the available MAC (message authentication code) algorithms. The MAC algorithm is used in protocol version 2 for data integrity protection. Multiple algorithms must be comma-separated. See 'ssh -Q mac' for supported MACs. - -create: sudo sed -i -e '$ a \ -MACs $VAR(@)' /etc/ssh/sshd_config - -delete: sudo sed -i -e '/^MACs $VAR(@)$/d' /etc/ssh/sshd_config - -update: sudo sed -i -e '/^MACs.*$/c \ -MACs $VAR(@)' /etc/ssh/sshd_config diff --git a/templates/service/ssh/node.def b/templates/service/ssh/node.def deleted file mode 100644 index 7117a2fd..00000000 --- a/templates/service/ssh/node.def +++ /dev/null @@ -1,8 +0,0 @@ -priority: 500 # After syslog and logins -help: Secure SHell (SSH) protocol -delete:sudo /usr/sbin/invoke-rc.d ssh stop - sudo sh -c "echo 'SSHD_OPTS=' > /etc/default/ssh" -end: if [ -z "$VAR(port/@)" ]; then exit 0; fi - STR="SSHD_OPTS=\"-p $VAR(port/@)\"" - sudo sh -c "echo '$STR' > /etc/default/ssh" - sudo /usr/sbin/invoke-rc.d ssh restart diff --git a/templates/service/ssh/port/node.def b/templates/service/ssh/port/node.def deleted file mode 100644 index d4f53378..00000000 --- a/templates/service/ssh/port/node.def +++ /dev/null @@ -1,7 +0,0 @@ -type: u32 -default: 22 -help: Port for SSH service -val_help: u32:1-65535; Numeric IP port - -syntax:expression: $VAR(@) > 0 && $VAR(@) <= 65535 ; \ - "Port number must be in range 1 to 65535" -- cgit v1.2.3 From ea256dc7956a3fbe5947c0ad9da9e90dd2320327 Mon Sep 17 00:00:00 2001 From: Daniil Baturin Date: Wed, 16 May 2018 06:41:40 +0200 Subject: T574: remove the old system host-name/domain-name commands, moving to vyos-1x. --- scripts/system/vyatta_update_hosts.pl | 114 ---------------------------------- templates/system/domain-name/node.def | 12 ---- templates/system/host-name/node.def | 12 ---- 3 files changed, 138 deletions(-) delete mode 100755 scripts/system/vyatta_update_hosts.pl delete mode 100644 templates/system/domain-name/node.def delete mode 100644 templates/system/host-name/node.def (limited to 'templates') diff --git a/scripts/system/vyatta_update_hosts.pl b/scripts/system/vyatta_update_hosts.pl deleted file mode 100755 index 22b141ab..00000000 --- a/scripts/system/vyatta_update_hosts.pl +++ /dev/null @@ -1,114 +0,0 @@ -#!/usr/bin/perl -w -# -# Module: vyatta_update_hosts.pl -# -# **** License **** -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License version 2 as -# published by the Free Software Foundation. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# This code was originally developed by Vyatta, Inc. -# Portions created by Vyatta are Copyright (C) 2012-2013 Vyatta, Inc. -# All Rights Reserved. -# -# Description: -# Script to update '/etc/hosts' on commit of 'system host-name' and -# 'system domain-name' config. -# -# **** End License **** -# - -use strict; -use English; -use lib "/opt/vyatta/share/perl5/"; - -use File::Temp qw(tempfile); -use Vyatta::File qw(touch); -use Vyatta::Config; -use Getopt::Long; - -my $HOSTS_CFG = '/etc/hosts'; -my $HOSTS_TMPL = "/tmp/hosts.XXXXXX"; -my $HOSTNAME_CFG = '/etc/hostname'; -my $MAILNAME_CFG = '/etc/mailname'; -my $restart_services = 1; - -sub set_hostname { - my ( $hostname ) = @_; - system("hostname $hostname"); - open (my $f, '>', $HOSTNAME_CFG) - or die("$0: Error! Unable to open $HOSTNAME_CFG for output: $!\n"); - print $f "$hostname\n"; - close ($f); -} - -sub set_mailname { - my ( $mailname ) = @_; - open (my $f, '>', $MAILNAME_CFG) - or die("$0: Error! Unable to open $MAILNAME_CFG for output: $!\n"); - print $f "$mailname\n"; - close ($f); -} - -if ($EUID != 0) { - printf("This program must be run by root.\n"); - exit 1; -} - -GetOptions("restart-services!" => \$restart_services); - -my $vc = new Vyatta::Config(); - -$vc->setLevel('system'); -my $host_name = $vc->returnValue('host-name'); -my $domain_name = $vc->returnValue('domain-name'); -my $mail_name; -my $hosts_line = "127.0.1.1\t "; - -if (! defined $host_name) { - $host_name = 'vyatta'; -} -$mail_name = $host_name; - -if (defined $domain_name) { - $mail_name .= '.' . $domain_name; - $hosts_line .= $host_name . '.' . $domain_name; -} -$hosts_line .= " $host_name\t #vyatta entry\n"; - -my ($out, $tempname) = tempfile($HOSTS_TMPL, UNLINK => 1) - or die "Can't create temp file: $!"; - -if (! -e $HOSTS_CFG) { - touch $HOSTS_CFG; -} -open (my $in, '<', $HOSTS_CFG) - or die("$0: Error! Unable to open '$HOSTS_CFG' for input: $!\n"); - -while (my $line = <$in>) { - if ($line =~ m:^127.0.1.1:) { - next; - } - print $out $line; -} -print $out $hosts_line; - -close ($in); -close ($out); - -system("cp $tempname $HOSTS_CFG") == 0 - or die "Can't copy $tempname to $HOSTS_CFG: $!"; - -set_hostname $host_name; -set_mailname $mail_name; - -# Restart services that use the system hostname; -# add more ase needed. -if ($restart_services) { - system("invoke-rc.d rsyslog restart"); -} diff --git a/templates/system/domain-name/node.def b/templates/system/domain-name/node.def deleted file mode 100644 index 4866ddf8..00000000 --- a/templates/system/domain-name/node.def +++ /dev/null @@ -1,12 +0,0 @@ -priority: 400 -type: txt -help: System domain name - -# Allow letter-number-hyphen in label (but can not start or end with hyphen) -syntax:expression: exec "/opt/vyatta/sbin/vyatta_check_domainname.pl $VAR(../host-name).$VAR(@)" - -update: sudo /opt/vyatta/sbin/vyatta_update_resolv.pl - sudo /opt/vyatta/sbin/vyatta_update_hosts.pl --no-restart-services - -delete: sudo /opt/vyatta/sbin/vyatta_update_resolv.pl - sudo /opt/vyatta/sbin/vyatta_update_hosts.pl --no-restart-services diff --git a/templates/system/host-name/node.def b/templates/system/host-name/node.def deleted file mode 100644 index 00798bef..00000000 --- a/templates/system/host-name/node.def +++ /dev/null @@ -1,12 +0,0 @@ -priority: 100 -type: txt -help: System host name (default: vyos) -default: "vyos" -syntax:expression: pattern $VAR(@) "^[[:alnum:]][-.[:alnum:]]*[[:alnum:]]$" - ; "invalid host name $VAR(@)" - -syntax:expression: pattern $VAR(@) "^.{1,63}$" ; "invalid host-name length" - -update: sudo /opt/vyatta/sbin/vyatta_update_hosts.pl - -delete: sudo /opt/vyatta/sbin/vyatta_update_hosts.pl -- cgit v1.2.3 From c7f0ea5d37da2c7e555e6f0aae1390c84a682c0e Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Mon, 4 Jun 2018 20:23:37 +0200 Subject: T652: Rewrite service snmp in new style XML interface definition Perl scripts will be removed when op mode commands are implemented. --- templates/service/snmp/community/node.def | 5 ---- .../snmp/community/node.tag/authorization/node.def | 8 ------ .../snmp/community/node.tag/client/node.def | 3 --- .../snmp/community/node.tag/network/node.def | 4 --- templates/service/snmp/contact/node.def | 6 ----- templates/service/snmp/description/node.def | 6 ----- templates/service/snmp/listen-address/node.def | 3 --- .../snmp/listen-address/node.tag/port/node.def | 7 ----- templates/service/snmp/location/node.def | 6 ----- templates/service/snmp/node.def | 27 ------------------- templates/service/snmp/smux-peer/node.def | 4 --- templates/service/snmp/trap-source/node.def | 2 -- templates/service/snmp/trap-target/node.def | 3 --- .../snmp/trap-target/node.tag/community/node.def | 2 -- .../snmp/trap-target/node.tag/port/node.def | 6 ----- templates/service/snmp/v3/engineid/node.def | 3 --- templates/service/snmp/v3/group/node.def | 8 ------ .../service/snmp/v3/group/node.tag/mode/node.def | 8 ------ .../snmp/v3/group/node.tag/seclevel/node.def | 7 ----- .../service/snmp/v3/group/node.tag/view/node.def | 11 -------- templates/service/snmp/v3/node.def | 30 ---------------------- templates/service/snmp/v3/trap-target/node.def | 14 ---------- .../node.tag/auth/encrypted-key/node.def | 3 --- .../snmp/v3/trap-target/node.tag/auth/node.def | 4 --- .../node.tag/auth/plaintext-key/node.def | 3 --- .../v3/trap-target/node.tag/auth/type/node.def | 8 ------ .../snmp/v3/trap-target/node.tag/engineid/node.def | 3 --- .../snmp/v3/trap-target/node.tag/port/node.def | 7 ----- .../node.tag/privacy/encrypted-key/node.def | 3 --- .../snmp/v3/trap-target/node.tag/privacy/node.def | 4 --- .../node.tag/privacy/plaintext-key/node.def | 3 --- .../v3/trap-target/node.tag/privacy/type/node.def | 8 ------ .../snmp/v3/trap-target/node.tag/protocol/node.def | 8 ------ .../snmp/v3/trap-target/node.tag/type/node.def | 8 ------ .../snmp/v3/trap-target/node.tag/user/node.def | 4 --- templates/service/snmp/v3/tsm/local-key/node.def | 14 ---------- templates/service/snmp/v3/tsm/node.def | 3 --- templates/service/snmp/v3/tsm/port/node.def | 7 ----- templates/service/snmp/v3/user/node.def | 7 ----- .../v3/user/node.tag/auth/encrypted-key/node.def | 2 -- .../service/snmp/v3/user/node.tag/auth/node.def | 3 --- .../v3/user/node.tag/auth/plaintext-key/node.def | 6 ----- .../snmp/v3/user/node.tag/auth/type/node.def | 8 ------ .../snmp/v3/user/node.tag/engineid/node.def | 3 --- .../service/snmp/v3/user/node.tag/group/node.def | 11 -------- .../service/snmp/v3/user/node.tag/mode/node.def | 8 ------ .../user/node.tag/privacy/encrypted-key/node.def | 2 -- .../service/snmp/v3/user/node.tag/privacy/node.def | 3 --- .../user/node.tag/privacy/plaintext-key/node.def | 6 ----- .../snmp/v3/user/node.tag/privacy/type/node.def | 8 ------ .../service/snmp/v3/user/node.tag/tsm-key/node.def | 14 ---------- templates/service/snmp/v3/view/node.def | 6 ----- .../service/snmp/v3/view/node.tag/oid/node.def | 4 --- .../v3/view/node.tag/oid/node.tag/exclude/node.def | 1 - .../v3/view/node.tag/oid/node.tag/mask/node.def | 4 --- 55 files changed, 359 deletions(-) delete mode 100644 templates/service/snmp/community/node.def delete mode 100644 templates/service/snmp/community/node.tag/authorization/node.def delete mode 100644 templates/service/snmp/community/node.tag/client/node.def delete mode 100644 templates/service/snmp/community/node.tag/network/node.def delete mode 100644 templates/service/snmp/contact/node.def delete mode 100644 templates/service/snmp/description/node.def delete mode 100644 templates/service/snmp/listen-address/node.def delete mode 100644 templates/service/snmp/listen-address/node.tag/port/node.def delete mode 100644 templates/service/snmp/location/node.def delete mode 100644 templates/service/snmp/node.def delete mode 100644 templates/service/snmp/smux-peer/node.def delete mode 100644 templates/service/snmp/trap-source/node.def delete mode 100644 templates/service/snmp/trap-target/node.def delete mode 100644 templates/service/snmp/trap-target/node.tag/community/node.def delete mode 100644 templates/service/snmp/trap-target/node.tag/port/node.def delete mode 100644 templates/service/snmp/v3/engineid/node.def delete mode 100644 templates/service/snmp/v3/group/node.def delete mode 100644 templates/service/snmp/v3/group/node.tag/mode/node.def delete mode 100644 templates/service/snmp/v3/group/node.tag/seclevel/node.def delete mode 100644 templates/service/snmp/v3/group/node.tag/view/node.def delete mode 100644 templates/service/snmp/v3/node.def delete mode 100644 templates/service/snmp/v3/trap-target/node.def delete mode 100644 templates/service/snmp/v3/trap-target/node.tag/auth/encrypted-key/node.def delete mode 100644 templates/service/snmp/v3/trap-target/node.tag/auth/node.def delete mode 100644 templates/service/snmp/v3/trap-target/node.tag/auth/plaintext-key/node.def delete mode 100644 templates/service/snmp/v3/trap-target/node.tag/auth/type/node.def delete mode 100644 templates/service/snmp/v3/trap-target/node.tag/engineid/node.def delete mode 100644 templates/service/snmp/v3/trap-target/node.tag/port/node.def delete mode 100644 templates/service/snmp/v3/trap-target/node.tag/privacy/encrypted-key/node.def delete mode 100644 templates/service/snmp/v3/trap-target/node.tag/privacy/node.def delete mode 100644 templates/service/snmp/v3/trap-target/node.tag/privacy/plaintext-key/node.def delete mode 100644 templates/service/snmp/v3/trap-target/node.tag/privacy/type/node.def delete mode 100644 templates/service/snmp/v3/trap-target/node.tag/protocol/node.def delete mode 100644 templates/service/snmp/v3/trap-target/node.tag/type/node.def delete mode 100644 templates/service/snmp/v3/trap-target/node.tag/user/node.def delete mode 100644 templates/service/snmp/v3/tsm/local-key/node.def delete mode 100644 templates/service/snmp/v3/tsm/node.def delete mode 100644 templates/service/snmp/v3/tsm/port/node.def delete mode 100644 templates/service/snmp/v3/user/node.def delete mode 100644 templates/service/snmp/v3/user/node.tag/auth/encrypted-key/node.def delete mode 100644 templates/service/snmp/v3/user/node.tag/auth/node.def delete mode 100644 templates/service/snmp/v3/user/node.tag/auth/plaintext-key/node.def delete mode 100644 templates/service/snmp/v3/user/node.tag/auth/type/node.def delete mode 100644 templates/service/snmp/v3/user/node.tag/engineid/node.def delete mode 100644 templates/service/snmp/v3/user/node.tag/group/node.def delete mode 100644 templates/service/snmp/v3/user/node.tag/mode/node.def delete mode 100644 templates/service/snmp/v3/user/node.tag/privacy/encrypted-key/node.def delete mode 100644 templates/service/snmp/v3/user/node.tag/privacy/node.def delete mode 100644 templates/service/snmp/v3/user/node.tag/privacy/plaintext-key/node.def delete mode 100644 templates/service/snmp/v3/user/node.tag/privacy/type/node.def delete mode 100644 templates/service/snmp/v3/user/node.tag/tsm-key/node.def delete mode 100644 templates/service/snmp/v3/view/node.def delete mode 100644 templates/service/snmp/v3/view/node.tag/oid/node.def delete mode 100644 templates/service/snmp/v3/view/node.tag/oid/node.tag/exclude/node.def delete mode 100644 templates/service/snmp/v3/view/node.tag/oid/node.tag/mask/node.def (limited to 'templates') diff --git a/templates/service/snmp/community/node.def b/templates/service/snmp/community/node.def deleted file mode 100644 index d7e3ade7..00000000 --- a/templates/service/snmp/community/node.def +++ /dev/null @@ -1,5 +0,0 @@ -tag: -type: txt -help: Community name [REQUIRED] -syntax:expression: pattern $VAR(@) "^[^%]+$" ; \ - "Community string may not contain %" diff --git a/templates/service/snmp/community/node.tag/authorization/node.def b/templates/service/snmp/community/node.tag/authorization/node.def deleted file mode 100644 index 3d306d59..00000000 --- a/templates/service/snmp/community/node.tag/authorization/node.def +++ /dev/null @@ -1,8 +0,0 @@ -type: txt -default: "ro" -allowed: echo ro rw -help: Authorization type (rw or ro) (default: ro) -syntax:expression: $VAR(@) in "ro", "rw"; "Authorization type must be either rw or ro" - - - diff --git a/templates/service/snmp/community/node.tag/client/node.def b/templates/service/snmp/community/node.tag/client/node.def deleted file mode 100644 index 37493268..00000000 --- a/templates/service/snmp/community/node.tag/client/node.def +++ /dev/null @@ -1,3 +0,0 @@ -multi: -type: ipv4,ipv6 -help: IP address of SNMP client allowed to contact system diff --git a/templates/service/snmp/community/node.tag/network/node.def b/templates/service/snmp/community/node.tag/network/node.def deleted file mode 100644 index d9afa4e5..00000000 --- a/templates/service/snmp/community/node.tag/network/node.def +++ /dev/null @@ -1,4 +0,0 @@ -multi: -type: ipv4net,ipv6net -help: Subnet of SNMP client(s) allowed to contact system -syntax:expression: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --check-prefix-boundry $VAR(@)" diff --git a/templates/service/snmp/contact/node.def b/templates/service/snmp/contact/node.def deleted file mode 100644 index 63a368cc..00000000 --- a/templates/service/snmp/contact/node.def +++ /dev/null @@ -1,6 +0,0 @@ -type: txt -help: Contact information - -syntax:expression: pattern $VAR(@) "^[[:print:]]{1,255}$" ; \ - "Contact information is limited to 255 characters or less" - diff --git a/templates/service/snmp/description/node.def b/templates/service/snmp/description/node.def deleted file mode 100644 index cd88099a..00000000 --- a/templates/service/snmp/description/node.def +++ /dev/null @@ -1,6 +0,0 @@ -type: txt -help: Description information - -syntax:expression: pattern $VAR(@) "^[[:print:]]{1,255}$" ; \ - "Description is limited to 255 characters or less" - diff --git a/templates/service/snmp/listen-address/node.def b/templates/service/snmp/listen-address/node.def deleted file mode 100644 index 9a9c591f..00000000 --- a/templates/service/snmp/listen-address/node.def +++ /dev/null @@ -1,3 +0,0 @@ -tag: -type: ipv4,ipv6 -help: IP address to listen for incoming SNMP requests diff --git a/templates/service/snmp/listen-address/node.tag/port/node.def b/templates/service/snmp/listen-address/node.tag/port/node.def deleted file mode 100644 index b37939bd..00000000 --- a/templates/service/snmp/listen-address/node.tag/port/node.def +++ /dev/null @@ -1,7 +0,0 @@ -type: u32 -default: 161 -help: Port for SNMP service - -val_help: u32:1-65535; Numeric IP port -syntax:expression: $VAR(@) > 0 && $VAR(@) <= 65535 ; \ - "Port number must be in range 1 to 65535" diff --git a/templates/service/snmp/location/node.def b/templates/service/snmp/location/node.def deleted file mode 100644 index 903b405f..00000000 --- a/templates/service/snmp/location/node.def +++ /dev/null @@ -1,6 +0,0 @@ -type: txt -help: Location information - -syntax:expression: pattern $VAR(@) "^[[:print:]]{1,255}$" ; \ - "Location is limited to 255 characters or less" - diff --git a/templates/service/snmp/node.def b/templates/service/snmp/node.def deleted file mode 100644 index 7c8c372b..00000000 --- a/templates/service/snmp/node.def +++ /dev/null @@ -1,27 +0,0 @@ -priority: 980 -help: Simple Network Management Protocol (SNMP) -commit:expression: $VAR(community/) != "" || $VAR(community6/) != "" || $VAR(v3/) != "" \ - ; "must configure a community or community6 or v3" - -create: if [ ! -d "/config/snmp" ]; then sudo mkdir /config/snmp ; fi -delete: touch /tmp/snmp.$PPID -end:if [ -f "/tmp/snmp.$PPID" ] - then - sudo /opt/vyatta/sbin/vyatta-snmp.pl --stop-snmp; - rm /tmp/snmp.$PPID; - sudo rm -f /etc/snmp/snmpd.conf; - else - if [ -n "$VAR(v3/)" ]; then - sudo /opt/vyatta/sbin/vyatta-snmp-v3.pl --check-config; - if [ $? != 0 ]; then - exit 1; - fi - fi - sudo /opt/vyatta/sbin/vyatta-snmp.pl --update-snmp; - if [ -n "$VAR(v3/)" ] - then - sudo /opt/vyatta/sbin/vyatta-snmp-v3.pl --update-snmp; - else - sudo systemctl start snmpd.service > /dev/null 2>&1; - fi - fi diff --git a/templates/service/snmp/smux-peer/node.def b/templates/service/snmp/smux-peer/node.def deleted file mode 100644 index 638e9367..00000000 --- a/templates/service/snmp/smux-peer/node.def +++ /dev/null @@ -1,4 +0,0 @@ -multi: -type: txt -help: Register a subtree for SMUX-based processing -val_help: oid; Object Identifier diff --git a/templates/service/snmp/trap-source/node.def b/templates/service/snmp/trap-source/node.def deleted file mode 100644 index a4b2617f..00000000 --- a/templates/service/snmp/trap-source/node.def +++ /dev/null @@ -1,2 +0,0 @@ -type: ipv4,ipv6 -help: SNMP trap source address diff --git a/templates/service/snmp/trap-target/node.def b/templates/service/snmp/trap-target/node.def deleted file mode 100644 index cf0c963c..00000000 --- a/templates/service/snmp/trap-target/node.def +++ /dev/null @@ -1,3 +0,0 @@ -tag: -type: ipv4,ipv6 -help: Address of trap target diff --git a/templates/service/snmp/trap-target/node.tag/community/node.def b/templates/service/snmp/trap-target/node.tag/community/node.def deleted file mode 100644 index 3b4068a8..00000000 --- a/templates/service/snmp/trap-target/node.tag/community/node.def +++ /dev/null @@ -1,2 +0,0 @@ -type: txt -help: Community used when sending trap information diff --git a/templates/service/snmp/trap-target/node.tag/port/node.def b/templates/service/snmp/trap-target/node.tag/port/node.def deleted file mode 100644 index d5ee579a..00000000 --- a/templates/service/snmp/trap-target/node.tag/port/node.def +++ /dev/null @@ -1,6 +0,0 @@ -type: u32 -help: Destination port used for trap notification - -val_help: u32:1-65535; Numeric IP port -syntax:expression: $VAR(@) > 0 && $VAR(@) <= 65535 ; \ - "Port number must be in range 1 to 65535" diff --git a/templates/service/snmp/v3/engineid/node.def b/templates/service/snmp/v3/engineid/node.def deleted file mode 100644 index f8de80cc..00000000 --- a/templates/service/snmp/v3/engineid/node.def +++ /dev/null @@ -1,3 +0,0 @@ -type: txt -help: Specifies the EngineID as a hex value (e.g., 0xff42) -syntax:expression: pattern $VAR(@) "^(0x){0,1}([0-9a-f][0-9a-f]){1,18}$" ; "id must contain an even number (from 2 to 36) of hex digits" diff --git a/templates/service/snmp/v3/group/node.def b/templates/service/snmp/v3/group/node.def deleted file mode 100644 index 95d0413c..00000000 --- a/templates/service/snmp/v3/group/node.def +++ /dev/null @@ -1,8 +0,0 @@ -tag: -type: txt -help: Specifies the group with name groupname -syntax:expression: pattern $VAR(@) "^[^\(\)\|\&-]+$" ; "illegal characters in name" -syntax:expression: exec "/opt/vyatta/sbin/vyatta_check_snmp_name.pl $VAR(@)" -commit:expression: $VAR(view/) != "" ; "must specify view" -commit:expression: $VAR(mode/) != "" ; "must specify mode" -commit:expression: $VAR(seclevel/) != "" ; "must specify security level" diff --git a/templates/service/snmp/v3/group/node.tag/mode/node.def b/templates/service/snmp/v3/group/node.tag/mode/node.def deleted file mode 100644 index a6d36de5..00000000 --- a/templates/service/snmp/v3/group/node.tag/mode/node.def +++ /dev/null @@ -1,8 +0,0 @@ -type: txt -default: "ro" -help: Defines the read/write access -syntax:expression: $VAR(@) in "ro", "rw" -allowed: echo ro rw - -val_help: ro; -val_help: rw; diff --git a/templates/service/snmp/v3/group/node.tag/seclevel/node.def b/templates/service/snmp/v3/group/node.tag/seclevel/node.def deleted file mode 100644 index 2b0aa67b..00000000 --- a/templates/service/snmp/v3/group/node.tag/seclevel/node.def +++ /dev/null @@ -1,7 +0,0 @@ -type: txt -help: Defines security level -syntax:expression: $VAR(@) in "auth", "priv" -allowed: echo auth priv - -val_help: priv; -val_help: auth; diff --git a/templates/service/snmp/v3/group/node.tag/view/node.def b/templates/service/snmp/v3/group/node.tag/view/node.def deleted file mode 100644 index af7d33c9..00000000 --- a/templates/service/snmp/v3/group/node.tag/view/node.def +++ /dev/null @@ -1,11 +0,0 @@ -type: txt -help: Defines the name of view -allowed: list=`cli-shell-api listNodes service snmp v3 view` - echo $list -syntax:expression:exec "regex=\"(^| )$VAR(@)( |$)\"; \ - if [[ \"$VAR(/service/snmp/v3/view/@@)\" =~ $regex ]] ; \ - then \ - exit 0; \ - else \ - exit 1; \ - fi" ; "You must create \"$VAR(@)\" view first" diff --git a/templates/service/snmp/v3/node.def b/templates/service/snmp/v3/node.def deleted file mode 100644 index f89d2328..00000000 --- a/templates/service/snmp/v3/node.def +++ /dev/null @@ -1,30 +0,0 @@ -help: Simple Network Management Protocol (SNMP) v3 - -create: if [ ! -d "/config/snmp/tls" ]; then - sudo mkdir /config/snmp/tls ; - if [ -d "/etc/snmp/tls" ] ; then - sudo mv /etc/snmp/tls/* /config/snmp/tls > /dev/null 2>&1; - sudo chmod -R 600 /config/snmp/tls; - sudo rmdir /etc/snmp/tls > /dev/null 2>&1; - sudo rm /etc/snmp/tls > /dev/null 2>&1; - fi - sudo ln -s /config/snmp/tls /etc/snmp/tls; - fi - lnk=`readlink /etc/snmp/tls` - if [ "$lnk" != "/config/snmp/tls" ]; then - sudo rm -f /etc/snmp/tls; - sudo ln -s /config/snmp/tls /etc/snmp/tls; - fi - -begin: if [ -d "/config/snmp/tls" ]; then - sudo chown -R snmp /config/snmp/tls; - sudo chmod -R 600 /config/snmp/tls; - fi - -delete: touch /tmp/snmp-v3.$PPID - -end:if [ -f "/tmp/snmp-v3.$PPID" ] - then - sudo /opt/vyatta/sbin/vyatta-snmp-v3.pl --delete-snmp - rm /tmp/snmp-v3.$PPID - fi \ No newline at end of file diff --git a/templates/service/snmp/v3/trap-target/node.def b/templates/service/snmp/v3/trap-target/node.def deleted file mode 100644 index 6c2717a8..00000000 --- a/templates/service/snmp/v3/trap-target/node.def +++ /dev/null @@ -1,14 +0,0 @@ -tag: -type: txt -help: Defines SNMP target for inform or traps for IP -syntax:expression: exec "/opt/vyatta/sbin/valid_address $VAR(@)/20" -commit:expression: $VAR(type/) != ""; "must specify type" -commit:expression: $VAR(auth/) != ""; "must specify auth" -commit:expression: $VAR(protocol/) != ""; "must specify protocol" -commit:expression: $VAR(user/) != ""; "must specify user" -commit:expression: $VAR(port/) != ""; "must specify port" -commit:expression: $VAR(type/@) == "inform" || ( $VAR(type/@) == "trap" && $VAR(engineid/) != "" ); \ - "must specify engineid if type is 'trap'" - -val_help: ; IP address of trap target -val_help: ; IPv6 address of trap target \ No newline at end of file diff --git a/templates/service/snmp/v3/trap-target/node.tag/auth/encrypted-key/node.def b/templates/service/snmp/v3/trap-target/node.tag/auth/encrypted-key/node.def deleted file mode 100644 index 2365b055..00000000 --- a/templates/service/snmp/v3/trap-target/node.tag/auth/encrypted-key/node.def +++ /dev/null @@ -1,3 +0,0 @@ -type: txt -help: Defines the encrypted password for authentication -syntax:expression: pattern $VAR(@) "^0x[0-9a-f]*$" ; "key must start from '0x' and contain hex digits" \ No newline at end of file diff --git a/templates/service/snmp/v3/trap-target/node.tag/auth/node.def b/templates/service/snmp/v3/trap-target/node.tag/auth/node.def deleted file mode 100644 index 5c7df0ef..00000000 --- a/templates/service/snmp/v3/trap-target/node.tag/auth/node.def +++ /dev/null @@ -1,4 +0,0 @@ -help: Defines the authentication -commit:expression: $VAR(type/) != "" ; "must specify type" -commit:expression: $VAR(encrypted-key/) != "" || $VAR(plaintext-key/) != "" ; "must specify encrypted-key or plaintext-key" -commit:expression: !($VAR(encrypted-key/) != "" && $VAR(plaintext-key/) != "") ; "must specify only one of encrypted-key and plaintext-key" \ No newline at end of file diff --git a/templates/service/snmp/v3/trap-target/node.tag/auth/plaintext-key/node.def b/templates/service/snmp/v3/trap-target/node.tag/auth/plaintext-key/node.def deleted file mode 100644 index 34563e73..00000000 --- a/templates/service/snmp/v3/trap-target/node.tag/auth/plaintext-key/node.def +++ /dev/null @@ -1,3 +0,0 @@ -type: txt -help: Defines the clear text password for authentication -syntax:expression: pattern $VAR(@) "^.{8,}$" ; "key must contain 8 or more characters" diff --git a/templates/service/snmp/v3/trap-target/node.tag/auth/type/node.def b/templates/service/snmp/v3/trap-target/node.tag/auth/type/node.def deleted file mode 100644 index 5a2ffc52..00000000 --- a/templates/service/snmp/v3/trap-target/node.tag/auth/type/node.def +++ /dev/null @@ -1,8 +0,0 @@ -type: txt -default: "md5" -help: Defines the protocol using for authentication -syntax:expression: $VAR(@) in "md5", "sha" -allowed: echo md5 sha - -val_help: md5; Message Digest 5 -val_help: sha; Secure Hash Algorithm \ No newline at end of file diff --git a/templates/service/snmp/v3/trap-target/node.tag/engineid/node.def b/templates/service/snmp/v3/trap-target/node.tag/engineid/node.def deleted file mode 100644 index 45d522ea..00000000 --- a/templates/service/snmp/v3/trap-target/node.tag/engineid/node.def +++ /dev/null @@ -1,3 +0,0 @@ -type: txt -help: Defines the engineID. (needs for trap) -syntax:expression: pattern $VAR(@) "^(0x){0,1}([0-9a-f][0-9a-f]){1,18}$" ; "id must contain from 2 to 36 hex digits" \ No newline at end of file diff --git a/templates/service/snmp/v3/trap-target/node.tag/port/node.def b/templates/service/snmp/v3/trap-target/node.tag/port/node.def deleted file mode 100644 index b38cd1e5..00000000 --- a/templates/service/snmp/v3/trap-target/node.tag/port/node.def +++ /dev/null @@ -1,7 +0,0 @@ -type: u32 -default: 162 -help: Specifies the TCP/UDP port of a destination for SNMP traps/informs. - -val_help: u32:1-65535; Numeric IP port -syntax:expression: $VAR(@) > 0 && $VAR(@) <= 65535 ; \ - "Port number must be in range 1 to 65535" diff --git a/templates/service/snmp/v3/trap-target/node.tag/privacy/encrypted-key/node.def b/templates/service/snmp/v3/trap-target/node.tag/privacy/encrypted-key/node.def deleted file mode 100644 index 4e762b9f..00000000 --- a/templates/service/snmp/v3/trap-target/node.tag/privacy/encrypted-key/node.def +++ /dev/null @@ -1,3 +0,0 @@ -type: txt -help: Defines the encrypted key for privacy protocol -syntax:expression: pattern $VAR(@) "^0x[0-9a-f]*$" ; "key must start from '0x' and contain hex digits" \ No newline at end of file diff --git a/templates/service/snmp/v3/trap-target/node.tag/privacy/node.def b/templates/service/snmp/v3/trap-target/node.tag/privacy/node.def deleted file mode 100644 index 900cfc9d..00000000 --- a/templates/service/snmp/v3/trap-target/node.tag/privacy/node.def +++ /dev/null @@ -1,4 +0,0 @@ -help: Defines the privacy -commit:expression: $VAR(type/) != "" ; "must specify type" -commit:expression: $VAR(encrypted-key/) != "" || $VAR(plaintext-key/) != "" ; "must specify encrypted-key or plaintext-key" -commit:expression: !($VAR(encrypted-key/) != "" && $VAR(plaintext-key/) != "") ; "must specify only one of encrypted-key and plaintext-key" diff --git a/templates/service/snmp/v3/trap-target/node.tag/privacy/plaintext-key/node.def b/templates/service/snmp/v3/trap-target/node.tag/privacy/plaintext-key/node.def deleted file mode 100644 index a2442637..00000000 --- a/templates/service/snmp/v3/trap-target/node.tag/privacy/plaintext-key/node.def +++ /dev/null @@ -1,3 +0,0 @@ -type: txt -help: Defines the clear text key for privacy protocol -syntax:expression: pattern $VAR(@) "^.{8,}$" ; "key must contain 8 or more characters" diff --git a/templates/service/snmp/v3/trap-target/node.tag/privacy/type/node.def b/templates/service/snmp/v3/trap-target/node.tag/privacy/type/node.def deleted file mode 100644 index bbfd5331..00000000 --- a/templates/service/snmp/v3/trap-target/node.tag/privacy/type/node.def +++ /dev/null @@ -1,8 +0,0 @@ -type: txt -default: "des" -help: Defines the protocol for privacy -syntax:expression: $VAR(@) in "des", "aes" -allowed: echo des aes - -val_help: des; Data Encryption Standard -val_help: aes; Advanced Encryption Standard \ No newline at end of file diff --git a/templates/service/snmp/v3/trap-target/node.tag/protocol/node.def b/templates/service/snmp/v3/trap-target/node.tag/protocol/node.def deleted file mode 100644 index ce96ca38..00000000 --- a/templates/service/snmp/v3/trap-target/node.tag/protocol/node.def +++ /dev/null @@ -1,8 +0,0 @@ -type: txt -default: "udp" -help: Defines protocol for notification between TCP and UDP -syntax:expression: $VAR(@) in "tcp", "udp" -allowed: echo tcp udp - -val_help: tcp; -val_help: udp; \ No newline at end of file diff --git a/templates/service/snmp/v3/trap-target/node.tag/type/node.def b/templates/service/snmp/v3/trap-target/node.tag/type/node.def deleted file mode 100644 index f678ae69..00000000 --- a/templates/service/snmp/v3/trap-target/node.tag/type/node.def +++ /dev/null @@ -1,8 +0,0 @@ -type: txt -default: "inform" -help: Specifies the type of notification between inform and trap -syntax:expression: $VAR(@) in "inform", "trap" -allowed: echo inform trap - -val_help: inform; -val_help: trap; \ No newline at end of file diff --git a/templates/service/snmp/v3/trap-target/node.tag/user/node.def b/templates/service/snmp/v3/trap-target/node.tag/user/node.def deleted file mode 100644 index a0ed8cbf..00000000 --- a/templates/service/snmp/v3/trap-target/node.tag/user/node.def +++ /dev/null @@ -1,4 +0,0 @@ -type: txt -help: Defines username for authentication -allowed: list=`cli-shell-api listNodes service snmp v3 user` - echo $list diff --git a/templates/service/snmp/v3/tsm/local-key/node.def b/templates/service/snmp/v3/tsm/local-key/node.def deleted file mode 100644 index a630dff8..00000000 --- a/templates/service/snmp/v3/tsm/local-key/node.def +++ /dev/null @@ -1,14 +0,0 @@ -type: txt -help: Defines the server certificate fingerprint or key-file name. -allowed: if sudo [ -d /etc/snmp/tls/certs ]; then - sudo ls /etc/snmp/tls/certs 2> /dev/null - else - sudo ls /config/snmp/tls/certs 2> /dev/null - fi -syntax:expression: pattern $VAR(@) "^[0-9A-F]{2}(:[0-9A-F]{2}){19}$" || - exec "if sudo [ -f /etc/snmp/tls/certs/$VAR(@) -o -f /config/snmp/tls/certs/$VAR(@) ]; \ - then \ - exit 0; \ - else \ - exit 1; \ - fi" ; "value can be finger print key or filename in /config/snmp/tls/certs/ folder" \ No newline at end of file diff --git a/templates/service/snmp/v3/tsm/node.def b/templates/service/snmp/v3/tsm/node.def deleted file mode 100644 index 3d12f21d..00000000 --- a/templates/service/snmp/v3/tsm/node.def +++ /dev/null @@ -1,3 +0,0 @@ -help: Specifies that the snmpd uses encryption. -commit:expression: $VAR(port/) != "" ; "must specify port" -commit:expression: $VAR(local-key/) != "" ; "must specify local-key" \ No newline at end of file diff --git a/templates/service/snmp/v3/tsm/port/node.def b/templates/service/snmp/v3/tsm/port/node.def deleted file mode 100644 index 86fd6cca..00000000 --- a/templates/service/snmp/v3/tsm/port/node.def +++ /dev/null @@ -1,7 +0,0 @@ -type: u32 -default: 10161 -help: Defines the port for tsm. - -val_help: u32:1-65535; Numeric IP port -syntax:expression: $VAR(@) > 0 && $VAR(@) <= 65535 ; \ - "Port number must be in range 1 to 65535" diff --git a/templates/service/snmp/v3/user/node.def b/templates/service/snmp/v3/user/node.def deleted file mode 100644 index 32e0f61f..00000000 --- a/templates/service/snmp/v3/user/node.def +++ /dev/null @@ -1,7 +0,0 @@ -tag: -type: txt -help: Specifies the user with name username -syntax:expression: pattern $VAR(@) "^[^\(\)\|\&-]+$" ; "illegal characters in name" -syntax:expression: exec "/opt/vyatta/sbin/vyatta_check_snmp_name.pl $VAR(@)" -commit:expression: $VAR(auth/) != "" || $VAR(tsm-key/) != ""; "must specify auth or tsm-key" -commit:expression: $VAR(mode/) != ""; "must specify mode" diff --git a/templates/service/snmp/v3/user/node.tag/auth/encrypted-key/node.def b/templates/service/snmp/v3/user/node.tag/auth/encrypted-key/node.def deleted file mode 100644 index 3cf6bd31..00000000 --- a/templates/service/snmp/v3/user/node.tag/auth/encrypted-key/node.def +++ /dev/null @@ -1,2 +0,0 @@ -type: txt -help: Defines the encrypted key for authentication protocol diff --git a/templates/service/snmp/v3/user/node.tag/auth/node.def b/templates/service/snmp/v3/user/node.tag/auth/node.def deleted file mode 100644 index 68959a8e..00000000 --- a/templates/service/snmp/v3/user/node.tag/auth/node.def +++ /dev/null @@ -1,3 +0,0 @@ -help: Specifies the auth -commit:expression: $VAR(type/) != "" ; "must specify type" -commit:expression: $VAR(plaintext-key/) != "" || $VAR(encrypted-key/) != "" ; "must specify plaintext-key or encrypted-key" \ No newline at end of file diff --git a/templates/service/snmp/v3/user/node.tag/auth/plaintext-key/node.def b/templates/service/snmp/v3/user/node.tag/auth/plaintext-key/node.def deleted file mode 100644 index 7be1bc65..00000000 --- a/templates/service/snmp/v3/user/node.tag/auth/plaintext-key/node.def +++ /dev/null @@ -1,6 +0,0 @@ -type: txt -help: Defines the key in the clear text for authentication protocol -syntax:expression: pattern $VAR(@) "^.{8,}$" ; "key must contain 8 or more characters" - -update:expression: $VAR(../encrypted-key/@) = "" && $VAR(../../engineid/@) = "" -update:expression: $VAR(../../../engineid/@) != "" || $VAR(../../../engineid/@) = "" diff --git a/templates/service/snmp/v3/user/node.tag/auth/type/node.def b/templates/service/snmp/v3/user/node.tag/auth/type/node.def deleted file mode 100644 index 5a2ffc52..00000000 --- a/templates/service/snmp/v3/user/node.tag/auth/type/node.def +++ /dev/null @@ -1,8 +0,0 @@ -type: txt -default: "md5" -help: Defines the protocol using for authentication -syntax:expression: $VAR(@) in "md5", "sha" -allowed: echo md5 sha - -val_help: md5; Message Digest 5 -val_help: sha; Secure Hash Algorithm \ No newline at end of file diff --git a/templates/service/snmp/v3/user/node.tag/engineid/node.def b/templates/service/snmp/v3/user/node.tag/engineid/node.def deleted file mode 100644 index 84cf1443..00000000 --- a/templates/service/snmp/v3/user/node.tag/engineid/node.def +++ /dev/null @@ -1,3 +0,0 @@ -type: txt -help: Specifies the EngineID -syntax:expression: pattern $VAR(@) "^(0x){0,1}([0-9a-f][0-9a-f]){1,18}$" ; "id must contain from 2 to 36 hex digits" diff --git a/templates/service/snmp/v3/user/node.tag/group/node.def b/templates/service/snmp/v3/user/node.tag/group/node.def deleted file mode 100644 index 66543579..00000000 --- a/templates/service/snmp/v3/user/node.tag/group/node.def +++ /dev/null @@ -1,11 +0,0 @@ -type: txt -help: Specifies group for user name -allowed: list=`cli-shell-api listNodes service snmp v3 group` - echo $list -syntax:expression:exec "regex=\"(^| )$VAR(@)( |$)\"; \ - if [[ \"$VAR(/service/snmp/v3/group/@@)\" =~ $regex ]] ; \ - then \ - exit 0; \ - else \ - exit 1; \ - fi" ; "You must create \"$VAR(@)\" group first" diff --git a/templates/service/snmp/v3/user/node.tag/mode/node.def b/templates/service/snmp/v3/user/node.tag/mode/node.def deleted file mode 100644 index 9855f5fb..00000000 --- a/templates/service/snmp/v3/user/node.tag/mode/node.def +++ /dev/null @@ -1,8 +0,0 @@ -type: txt -default: "ro" -help: Specifies the mode for access rights of user, read only or write -syntax:expression: $VAR(@) in "ro", "rw" -allowed: echo ro rw - -val_help: ro; -val_help: rw; diff --git a/templates/service/snmp/v3/user/node.tag/privacy/encrypted-key/node.def b/templates/service/snmp/v3/user/node.tag/privacy/encrypted-key/node.def deleted file mode 100644 index 8feef111..00000000 --- a/templates/service/snmp/v3/user/node.tag/privacy/encrypted-key/node.def +++ /dev/null @@ -1,2 +0,0 @@ -type: txt -help: Defines the encrypted key for privacy protocol diff --git a/templates/service/snmp/v3/user/node.tag/privacy/node.def b/templates/service/snmp/v3/user/node.tag/privacy/node.def deleted file mode 100644 index 94bf850c..00000000 --- a/templates/service/snmp/v3/user/node.tag/privacy/node.def +++ /dev/null @@ -1,3 +0,0 @@ -help: Specifies the privacy -commit:expression: $VAR(type/) != "" ; "must specify type" -commit:expression: $VAR(plaintext-key/) != "" || $VAR(encrypted-key/) != "" ; "must specify plaintext-key or encrypted-key" \ No newline at end of file diff --git a/templates/service/snmp/v3/user/node.tag/privacy/plaintext-key/node.def b/templates/service/snmp/v3/user/node.tag/privacy/plaintext-key/node.def deleted file mode 100644 index a9543530..00000000 --- a/templates/service/snmp/v3/user/node.tag/privacy/plaintext-key/node.def +++ /dev/null @@ -1,6 +0,0 @@ -type: txt -help: Defines the key in the clear text for protocol for privacy -syntax:expression: pattern $VAR(@) "^.{8,}$" ; "key must contain 8 or more characters" - -update:expression: $VAR(../encrypted-key/@) = "" && $VAR(../../engineid/@) = "" -update:expression: $VAR(../../../engineid/@) != "" || $VAR(../../../engineid/@) = "" \ No newline at end of file diff --git a/templates/service/snmp/v3/user/node.tag/privacy/type/node.def b/templates/service/snmp/v3/user/node.tag/privacy/type/node.def deleted file mode 100644 index bbfd5331..00000000 --- a/templates/service/snmp/v3/user/node.tag/privacy/type/node.def +++ /dev/null @@ -1,8 +0,0 @@ -type: txt -default: "des" -help: Defines the protocol for privacy -syntax:expression: $VAR(@) in "des", "aes" -allowed: echo des aes - -val_help: des; Data Encryption Standard -val_help: aes; Advanced Encryption Standard \ No newline at end of file diff --git a/templates/service/snmp/v3/user/node.tag/tsm-key/node.def b/templates/service/snmp/v3/user/node.tag/tsm-key/node.def deleted file mode 100644 index b41be079..00000000 --- a/templates/service/snmp/v3/user/node.tag/tsm-key/node.def +++ /dev/null @@ -1,14 +0,0 @@ -type: txt -help: Specifies finger print or file name of TSM certificate. -allowed: if sudo [ -d /etc/snmp/tls/certs ]; then - sudo ls /etc/snmp/tls/certs 2> /dev/null - else - sudo ls /config/snmp/tls/certs 2> /dev/null - fi -syntax:expression: pattern $VAR(@) "^[0-9A-F]{2}(:[0-9A-F]{2}){19}$" || - exec "if sudo [ -f /etc/snmp/tls/certs/$VAR(@) -o -f /config/snmp/tls/certs/$VAR(@) ]; \ - then \ - exit 0; \ - else \ - exit 1; \ - fi" ; "value can be finger print key or filename in /etc/snmp/tls/certs folder" \ No newline at end of file diff --git a/templates/service/snmp/v3/view/node.def b/templates/service/snmp/v3/view/node.def deleted file mode 100644 index 1fa589ae..00000000 --- a/templates/service/snmp/v3/view/node.def +++ /dev/null @@ -1,6 +0,0 @@ -tag: -type: txt -help: Specifies the view with name viewname -syntax:expression: pattern $VAR(@) "^[^\(\)\|\&-]+$" ; "illegal characters in name" -syntax:expression: exec "/opt/vyatta/sbin/vyatta_check_snmp_name.pl $VAR(@)" -commit:expression: $VAR(oid/) != ""; "must configure an oid" diff --git a/templates/service/snmp/v3/view/node.tag/oid/node.def b/templates/service/snmp/v3/view/node.tag/oid/node.def deleted file mode 100644 index ca2a5c5d..00000000 --- a/templates/service/snmp/v3/view/node.tag/oid/node.def +++ /dev/null @@ -1,4 +0,0 @@ -tag: -type: txt -help: Specifies the oid -syntax:expression: pattern $VAR(@) "^[0-9]+(\\.[0-9]+)*$" ; "oid must start from a number" diff --git a/templates/service/snmp/v3/view/node.tag/oid/node.tag/exclude/node.def b/templates/service/snmp/v3/view/node.tag/oid/node.tag/exclude/node.def deleted file mode 100644 index df3611cb..00000000 --- a/templates/service/snmp/v3/view/node.tag/oid/node.tag/exclude/node.def +++ /dev/null @@ -1 +0,0 @@ -help: Exclude is optional argument. diff --git a/templates/service/snmp/v3/view/node.tag/oid/node.tag/mask/node.def b/templates/service/snmp/v3/view/node.tag/oid/node.tag/mask/node.def deleted file mode 100644 index bc500afe..00000000 --- a/templates/service/snmp/v3/view/node.tag/oid/node.tag/mask/node.def +++ /dev/null @@ -1,4 +0,0 @@ -type: txt -help: Defines a bit-mask that is indicating which subidentifiers of the associated subtree OID should be regarded as significant. -syntax:expression: pattern $VAR(@) "^[0-9a-f]{2}([\\.:][0-9a-f]{2})*$" ; \ - "MASK is a list of hex octets, separated by '.' or ':'" \ No newline at end of file -- cgit v1.2.3 From e26ce5c3908a5db1643d6fc455f473bef0113b56 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sun, 10 Jun 2018 11:00:25 +0200 Subject: T313: Typo fix in 'set system sysctl custom' --- templates/system/sysctl/custom/node.def | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'templates') diff --git a/templates/system/sysctl/custom/node.def b/templates/system/sysctl/custom/node.def index f03a3e13..a072b2ba 100644 --- a/templates/system/sysctl/custom/node.def +++ b/templates/system/sysctl/custom/node.def @@ -2,4 +2,4 @@ tag: priority: 318 type: txt help: Define specific sysctl options to modify -val_help: ; Name of sysctl option you want to modufy +val_help: ; Name of sysctl option you want to modify -- cgit v1.2.3 From e7ccdd3f38d11616916a17fbdb90243d40df50e1 Mon Sep 17 00:00:00 2001 From: Shafer Stockton Date: Wed, 13 Jun 2018 20:13:08 -0700 Subject: dnsmasq is gone, restart the correct process also prevents additions from failing at commit --- templates/system/static-host-mapping/host-name/node.def | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'templates') diff --git a/templates/system/static-host-mapping/host-name/node.def b/templates/system/static-host-mapping/host-name/node.def index 09bc9dbe..9d815965 100644 --- a/templates/system/static-host-mapping/host-name/node.def +++ b/templates/system/static-host-mapping/host-name/node.def @@ -12,10 +12,10 @@ end: sudo sh -c " touch /etc/hosts sed -i '/ $VAR(@) .*#vyatta entry/d' /etc/hosts if [ -z \"$VAR(./inet/@)\" ]; then - if cli-shell-api existsActive service dns forwarding; then /etc/init.d/dnsmasq restart >&/dev/null; fi + if cli-shell-api existsActive service dns forwarding; then /etc/init.d/pdns-recursor restart >&/dev/null; fi exit 0 fi declare -a aliases=( $VAR(alias/@@) ) echo -e \"$VAR(inet/@)\\t $VAR(@) \${aliases[*]} \\t #vyatta entry\" >> /etc/hosts - if cli-shell-api existsActive service dns forwarding; then /etc/init.d/dnsmasq restart >&/dev/null; fi" + if cli-shell-api existsActive service dns forwarding; then /etc/init.d/pdns-recursor restart >&/dev/null; fi" -- cgit v1.2.3