VyOS command definitions, scripts, and utilities (mirror of https://github.com/vyos/vyos-1x.git) https://git.amelek.net/vyos/vyos-1x.git/atom?h=T7064-add-mirror-workflow-current 2024-12-30T18:25:42+00:00 2024-12-30T18:25:42+00:00 Christian Breunig christian@breunig.cc 2024-12-30T18:25:42+00:00 urn:sha1:b58576dcd6cac670211ead6c984c356d6bc98ea8 * op-mode: T6983: add "show log" and "monitor log" commands for vyos-domain-resolver * firewall: T6983: drop unused variable domain_resolver_usage_nat * T6983: introduce Python logging module in vyos-domain-resolver * T6983: treat vyos-domain-resolver as a real service 2024-12-10T20:01:22+00:00 John Estabrook jestabro@vyos.io 2024-10-24T15:50:34+00:00 urn:sha1:40f3a86e697f7f42af81556cd6c8e7d4a3498541 2024-12-10T20:01:22+00:00 John Estabrook jestabro@vyos.io 2024-10-24T15:50:34+00:00 urn:sha1:184e24b7f0a2ead380703f98822b3fb2d35bef28 Start vyconfd after migration. 2024-09-30T14:48:56+00:00 Daniil Baturin daniil@vyos.io 2024-09-30T14:48:56+00:00 urn:sha1:eb55965347e53ac1dc336fe836b370a1f3e10a85 T6687: add fqdn support to nat rules. 2024-09-16T11:35:26+00:00 Nicolas Fort nicolasfort1988@gmail.com 2024-08-30T17:54:17+00:00 urn:sha1:4c3d037f036e84c77333a400b35bb1a628a1a118 2024-09-06T16:05:23+00:00 Christian Breunig christian@breunig.cc 2024-09-06T15:57:24+00:00 urn:sha1:f67e217f2716937115a3bdf6d316b172bbec75e5 During podman upgrade and a build from the original source the UNIX socket definition for systemd got lost in translation. This commit re-adds the UNIX socket which is started on boot to interact with Podman. Example: curl --unix-socket /run/podman/podman.sock -H 'content-type: application/json' \ -sf http://localhost/containers/json 2024-07-19T04:44:53+00:00 khramshinr khramshinr@gmail.com 2024-07-08T10:38:22+00:00 urn:sha1:c509d0e6caae55106a2fbde3059652a493ed3903 2024-06-24T14:16:31+00:00 khramshinr khramshinr@gmail.com 2024-05-29T13:46:20+00:00 urn:sha1:f6131611e15a644312e3c4baf5b8f6387c2930e7 Add CLI commands Add config Add conf_mode Add systemd config Add stunnel smoketests Add log level config 2024-05-14T16:47:29+00:00 Viacheslav Hletenko v.gletenko@vyos.io 2024-05-14T16:47:29+00:00 urn:sha1:7c438caa2c21101cbefc2eec21935ab55af19c46 Remove `service upnp` as it never worked as expected, nft rules do not integrated and custom patches do not seem like a suitable solution for now. Security: UPnP has been historically associated with security risks due to its automatic and potentially unauthenticated nature. UPnP devices might be vulnerable to unauthorized access or exploitation. 2024-03-28T06:36:22+00:00 Christian Breunig christian@breunig.cc 2024-03-28T06:36:22+00:00 urn:sha1:7dbaa25a199a781aaa9f269741547e576410cb11 The current op-mode script simply calls sudo systemctl restart "dhclient@$4.service" with no additional information about a client interface at all. This results in useless dhclient processes root 47812 4.7 0.0 5848 3584 ? Ss 00:30 0:00 /sbin/dhclient -4 -d root 48121 0.0 0.0 4188 3072 ? S 00:30 0:00 \_ /bin/sh /sbin/dhclient-script root 48148 50.0 0.2 18776 11264 ? R 00:30 0:00 \_ python3 - Which also assign client leases to all local interfaces, if we receive one valid DHCPOFFER vyos@vyos:~$ show interfaces Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down Interface IP Address MAC VRF MTU S/L Description ----------- ----------------- ----------------- ------- ----- ----- ------------- eth0 - 00:50:56:bf:c5:6d default 1500 u/u eth0.10 172.16.33.102/24 00:50:56:bf:c5:6d default 1500 u/u eth1 172.16.33.131/24 00:50:56:b3:38:c5 default 1500 u/u 172.16.33.102/24 and 172.16.33.131/24 are stray DHCP addresses. This commit moved the renew command to the DHCP op-mode script to properly validate if the interface we request a renew for, has actually a dhcp address configured. In additional this exposes the renew feature to the API.