VyOS command definitions, scripts, and utilities (mirror of https://github.com/vyos/vyos-1x.git) https://git.amelek.net/vyos/vyos-1x.git/atom?h=equuleus 2022-05-01T12:00:52+00:00 2022-05-01T12:00:52+00:00 Daniil Baturin daniil@vyos.io 2022-05-01T12:00:52+00:00 urn:sha1:f64b7cb6e6c9e80912daed095a90a4fd2581c79f 2022-02-15T12:08:04+00:00 Viacheslav Hletenko v.gletenko@vyos.io 2022-02-09T16:07:55+00:00 urn:sha1:4552dbcf38b01596270c649c07b980f37b627fc2 Local-address should be checked/executed only if it exists in the openvpn configuration, dictionary, jinja2 template (cherry picked from commit 230ac0a202acd7ae9ad9bccb9e777ee5a0e0b7b7) 2021-11-17T19:41:14+00:00 zsdc taras@vyos.io 2021-10-04T07:40:31+00:00 urn:sha1:50a1b4a1170182864760613216b68322f165a749 Custom OpenVPN options moved back to the command line from a configuration file. This should keep full compatibility with the `crux` branch, and allows to avoid mistakes with parsing options that contain `--` in the middle. The only smart part of this - handling a `push` option. Because of internal changes in OpenVPN, previously it did not require an argument in the double-quotes, but after version update in `equuleus` and `sagitta` old syntax became invalid. So, all the `push` options are processed to add quotes. The solution is still not complete, because if a single config line contains `push` with other options, it will not work, but it is better than nothing. (cherry picked from commit 3fd2ff423b6c6e992b2ed531c7ba99fb9e1a2123) 2021-09-27T12:04:51+00:00 Viacheslav v.gletenko@vyos.io 2021-09-27T12:04:31+00:00 urn:sha1:96681d8bf1ede069b573a4cbe3a2493c374d048e Some OpenVPN clients doesnt support option gateway and metric. Set metric option only when 'metric' was added in config explicity. 2021-09-09T07:14:36+00:00 Christian Poessinger christian@poessinger.com 2021-09-08T12:35:20+00:00 urn:sha1:c593bf7f597735b4b95c3923bb6ea6fc2c2ae346 (cherry picked from commit 2647edc30f1e02840cae62fde8b44345d35ac720) 2021-09-03T16:50:02+00:00 Viacheslav v.gletenko@vyos.io 2021-09-03T16:50:02+00:00 urn:sha1:213b6dd23ad6e327652878aa3b1d7ff66b8cd0b7 2021-06-25T19:06:42+00:00 Christian Poessinger christian@poessinger.com 2021-06-24T19:27:57+00:00 urn:sha1:de065cb9c423a7248dbdbafc70f1bf7b944dbca8 (cherry picked from commit c8ef5e8bdce01bbf05297df39e6c6223d0b2a2ea) 2021-06-25T19:06:40+00:00 Christian Poessinger christian@poessinger.com 2021-06-24T19:26:19+00:00 urn:sha1:5187acf7babeb542757ced8435c6ded9bebab518 Executing iproute2 commands as unprivileged member of the openvpn group is now handled via a sudoers file. (cherry picked from commit 9c8facc69c09163b74bc428f1dbf8be030766758) 2021-06-25T17:41:00+00:00 Christian Poessinger christian@poessinger.com 2021-06-25T17:38:50+00:00 urn:sha1:23cb8c338ad3de4ead79dbad79a0195c91862fcc (cherry picked from commit 6b7b19c93f90839549dd668116c4da2f38cfdc66) VyOS 1.3 will ship OpenVPN 2.5.1 and thus it is the perfect timing to still remove this option before introducing it in a new LTS release. 2021-01-17T17:41:14+00:00 Christian Poessinger christian@poessinger.com 2021-01-17T17:39:21+00:00 urn:sha1:4c288cf08078bf7806dd34f103819e686bd11ad7 The CLI statement "set interfaces openvpn vtun10 openvpn-option '--tun-mtu 1500 --fragment 1300 --mssfix'" will render in vtun10.conf to: --tun-mtu 1500 --fragment 1300 --mssfix On startup OpenVPN complains about: openvpn-vtun10: Options error: Unrecognized option or missing or extra parameter(s) in vtun10.conf:76: tun-mtu (2.4.7) The options must be split on -- to a new configuration line. (cherry picked from commit f8a8ee02d0ede240f555ffa558665df686df24a8)