summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2024-05-01Merge pull request #3392 from c-po/bgp-evpn-T6189Christian Breunig
bgp: T6189: L3VPN connectivity is broken after re-enabling VRF
2024-05-01Merge pull request #3390 from c-po/kernel-smoketestChristian Breunig
smoketest: T6199: remove redundant code when unpacking Kernel GZ config
2024-05-01smoketest: T6199: remove redundant code when unpacking Kernel GZ configChristian Breunig
2024-05-01bgp: T6189: explicitly call vtysh to remove VRF L3VNI configurationChristian Breunig
After e7bb65894 ("vrf: T6189: render FRR L3VNI configuration when creating VRF instance") we need to ensure that the VRF L3VNI configuration is removed in FRR prior to removing the BGP VRF instance. The reason is [1] where FRR only allows VRF BGP instance to be removed when there is NO VNI configured anymore. 1: https://github.com/FRRouting/frr/blob/064c3494527b9e84260410006768ed38e57e1de7/bgpd/bgp_vty.c#L1646-L1650
2024-05-01vrf: T6189: render FRR L3VNI configuration when creating VRF instanceChristian Breunig
When adding and removing VRF instances on the fly it was noticed that the vni statement under the VRF instance in FRR vanishes. This was caused by a race condition which was previously designed to fix another bug. The wierd design of a Python helper below the VRF tree to only generate the VNI configuration nodes is now gone and all is rendered in the proper place.
2024-05-01Merge pull request #3364 from natali-rs1985/T6234-currentDaniil Baturin
pppoe-server: T6234: PPPoE-server pado-delay refactoring
2024-05-01Merge pull request #3384 from sever-sever/T6287Daniil Baturin
T6287: Config-sync add the ability to configure API port
2024-05-01Merge pull request #3386 from sever-sever/T6056Daniil Baturin
T6056: Change static-host-mapping should not restart snmpd
2024-05-01T6056: Change static-host-mapping shold not restart snmpdViacheslav Hletenko
We have several config XML definitions that use the same python3 script `system_host-name.py` https://github.com/vyos/vyos-1x/blob/current/interface-definitions/system_name-server.xml.in https://github.com/vyos/vyos-1x/blob/current/interface-definitions/system_host-name.xml.in https://github.com/vyos/vyos-1x/blob/current/interface-definitions/system_static-host-mapping.xml.in https://github.com/vyos/vyos-1x/blob/current/interface-definitions/system_domain-name.xml.in https://github.com/vyos/vyos-1x/blob/current/interface-definitions/system_domain-search.xml.in Any change in these scripts calls to restart the `service snmpd` The service `snmpd` should be restarted only if `host-name` or `domain-name` was changed. It is a good idea to rewrite it to `get_config_dict` in the future.
2024-05-01Merge pull request #3369 from sarthurdev/T6257Christian Breunig
firewall: T6257: Show member information for dynamic groups in op-mode
2024-05-01T6287: Config-sync add the ability to configure API portViacheslav Hletenko
Add the ability to configure the API port if the API on the secondary server works on a non-default port. The primary node will connect to configured port for config-sync ``` set service config-sync secondary address '192.0.2.11' set service config-sync secondary port '8443' ```
2024-05-01Merge pull request #3382 from nvollmar/T6179Christian Breunig
haproxy: T6179: fix rule generation
2024-04-30haproxy: T6179: fix rule generationNicolas Vollmar
2024-04-30Merge pull request #3368 from sever-sever/T6267Christian Breunig
T6267: Check interface wireless module before apply config
2024-04-30Merge pull request #3379 from sever-sever/T6169Christian Breunig
T6169: DNS forwarding should allow underscore for srv record
2024-04-30T6169: DNS forwarding should allow underscore for srv recordViacheslav Hletenko
This srv recors looks valid: ``` set service dns forwarding authoritative-domain _tcp.db.mongors1.example.com records srv _mongodb entry 0 hostname 'mongors1.example.com' ``` But FQDN validator cannot validate it correctly, use regex to fix
2024-04-30Merge pull request #3374 from aapostoliuk/T6273Christian Breunig
T6273: Allowed the use of "-" and "_" in PPPoE access-concentrator name
2024-04-30T6273: Allowed the use of "-" and "_" in PPPoE access-concentrator nameaapostoliuk
Allowed the use of "-" and "_" in PPPoE access-concentrator name
2024-04-30Merge pull request #3371 from Embezzle/T4982Christian Breunig
openconnect: T4982: Support defining minimum TLS version in openconnect VPN
2024-04-30T6267: Check interface wireless module before apply configViacheslav Hletenko
Check if the wireless device/modem exists in the system and the module `ieee802111` was loaded In cases where we do not have wireless devices, it prevents the unexpected traceback ``` set interfaces wireless wlan0 address 192.0.2.5/32 commit Traceback (most recent call last): File "/usr/libexec/vyos/conf_mode/interfaces_wireless.py", line 269, in <modu> c = get_config() ^^^^^^^^^^^^ File "/usr/libexec/vyos/conf_mode/interfaces_wireless.py", line 104, in get_cg tmp = find_other_stations(conf, base, wifi['ifname']) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/libexec/vyos/conf_mode/interfaces_wireless.py", line 54, in find_os for phy in os.listdir('/sys/class/ieee80211'): ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ FileNotFoundError: [Errno 2] No such file or directory: '/sys/class/ieee80211' ```
2024-04-29openconnect: T4982: Support defining minimum TLS version in openconnect VPNAlex W
2024-04-29Merge pull request #3375 from aapostoliuk/T6272-circinusChristian Breunig
T6272: Changed interface existence verification in pppoe/ipoe to Warning
2024-04-29T6272: Changed interface existence verification in pppoe/ipoe to Warningaapostoliuk
Throwing Warning message instead of Error if interface which is used in pppoe/ipoe does not exist.
2024-04-29Merge pull request #3372 from jestabro/no-configdep-on-errChristian Breunig
configdep: T6276: do not call dependencies on script error
2024-04-28configdep: T6276: do not call dependencies on script errorJohn Estabrook
2024-04-26firewall: T6257: Show member information for dynamic groups in op-modesarthurdev
2024-04-25Merge pull request #3363 from sever-sever/T6263Christian Breunig
T6263: Groups 224.0.0.0/24 are reserved and cannot be joined
2024-04-25Merge pull request #3316 from HollyGurza/T4248Daniil Baturin
qos: T4248: Allow to remove the only rule from the qos class
2024-04-25pppoe-server: T6234: PPPoE-server pado-delay refactoringNataliia Solomko
2024-04-25T6263: Groups 224.0.0.0/24 are reserved and cannot be joinedViacheslav Hletenko
The join addresses within the multicast group 224.0.0.0/24 are reserved and cannot be joined FRR ``` r4(config)# interface eth2 r4(config-if)# ip igmp join 224.0.0.0 224.0.0.10 % Configuration failed. Error type: validation Error description: Groups within 224.0.0.0/24 are reserved and cannot be joined r4(config-if)# ``` Add verify check
2024-04-25Merge pull request #3361 from sever-sever/T6258Daniil Baturin
T6258: Add sysctl base-reachable-time for IPv6
2024-04-25T6258: Add sysctl base-reachable-time for IPv6Viacheslav Hletenko
Add abiilty to change `base_reachable_time_ms` option /proc/sys/net/ipv6/neigh/{ifname}/base_reachable_time_ms
2024-04-24Merge pull request #3359 from sever-sever/T5833Christian Breunig
T5833: Not all AFIs compatible with VRF add verify check
2024-04-24T5833: Not all AFIs compatible with VRF add verify checkViacheslav Hletenko
Not all FRR address-families compatibe with VRF ``` r4# conf t r4(config)# router bgp 65001 vrf bgp r4(config-router)# r4(config-router)# address-family ipv4 flowspec Only Unicast/Multicast/EVPN SAFIs supported in non-core instances. r4(config-router)# r4(config-router)# address-family ipv4 labeled-unicast Only Unicast/Multicast/EVPN SAFIs supported in non-core instances. r4(config-router)# r4(config-router)# address-family ipv4 vpn Only Unicast/Multicast/EVPN SAFIs supported in non-core instances. r4(config-router)# ``` Add verify AFI for VRF
2024-04-24Merge pull request #3345 from Embezzle/T6259Daniil Baturin
PKI: T6259: Support RFC822 names in certificate generation
2024-04-23Merge pull request #3340 from Embezzle/T6255Daniil Baturin
T6255: static-routing: don't render whitespace from static table descriptions
2024-04-23T6255: static-routing: don't render whitespace from static table descriptionsAlex W
2024-04-23Merge pull request #3354 from sever-sever/T6217Christian Breunig
T6217: Conntrack-sync change the actual name of the script
2024-04-23Merge pull request #3355 from sever-sever/T6109Christian Breunig
T6109: Fix remote logging for sudo commands
2024-04-23T6109: Fix remote logging for sudo commandsViacheslav Hletenko
This fix for bug when `sudo` commands were not send to the remote syslog server. They stop before the directive that includes all configurations `$IncludeConfig /etc/rsyslog.d/*.conf`
2024-04-23T6217: Conntrack-sync change the actual name of the scriptViacheslav Hletenko
The actual name of the script is `vyos-vrrp-conntracksync.sh`
2024-04-23Merge pull request #3342 from fsdrw08/currentChristian Breunig
T6226: add HAPROXY tcp-request related block to load-balancing reverse proxy config
2024-04-23T6226: add HAPROXY tcp-request related block to load-balancing reverse proxy ↵Windom WU
config
2024-04-23GitHub: use ubuntu-latest for labeler actionChristian Breunig
2024-04-23GitHub: adjust MergifyIo regex match to both upper and lower caseChristian Breunig
2024-04-23Merge pull request #3346 from jestabro/add-image-enospcChristian Breunig
image-tools: T6260: remove persistence image directory if no space error
2024-04-23Merge pull request #3347 from Giggum/vyos-1x_T6261Christian Breunig
connect_disconnect: T6261: correction to typo in check_ppp_running
2024-04-22connect_disconnect: T6261: correction to typo in check_ppp_running functionGinko
Connect_disconnect: T6261: correction to typo in check_ppp_running function Changes include: 1. Replaces "beeing" -> being in print statement for check_ppp_running 2. Replaces "can not" -> cannot in print statement on lines 61 and 93
2024-04-22image-tools: T6260: remove persistence image directory if no space errorJohn Estabrook
2024-04-22PKI: T6259: Support RFC822 names in certificate generationAlex W
generated by cgit v1.2.3 (git 2.39.1) at 2024-10-06 04:24:30 +0000