summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2024-01-16T5889: Fix migration scripts nat 5-to-6Viacheslav Hletenko
The current migration drop interface name for NAT where not should ``` nat { source { rule 100 { outbound-interface { name "eth0" ... } } } ``` After migration we lost interface: /home/vyos# /opt/vyatta/etc/config-migrate/migrate/nat/5-to-6 tmp.conf /home/vyos# /home/vyos# cat tmp.conf | grep "nat {" -A 10 nat { source { rule 100 { outbound-interface { interface-name "" ... } } } ``` This commit fixes it.
2024-01-15Merge pull request #2829 from c-po/ospfChristian Breunig
ospf: T5936: when migrating passive interfaces set_tag() must be set
2024-01-15ospf: T5936: when migrating passive interfaces set_tag() must be setChristian Breunig
2024-01-15Merge pull request #2825 from c-po/tmpChristian Breunig
op-mode: T5944: remove double whitespace in reboot error message
2024-01-15op-mode: T5944: remove double whitespace in reboot error messageChristian Breunig
2024-01-15Merge pull request #2823 from sever-sever/T4856Christian Breunig
T4856: Fix IPsec DHCP-client exit hook
2024-01-15Merge pull request #2824 from sever-sever/T5901Christian Breunig
T5901: Add DHCP base_path dir during first boot
2024-01-15T5901: Add DHCP base_path dir during first bootViacheslav Hletenko
We should create dhclient base_path dir `/run/dhclient` during the first boot. It fixes cloud-init boot issues ``` /etc/dhcp/dhclient-exit-hooks.d/03-vyos-dhclient-hook: line 33: /run/dhclient/dhclient_eth0.lease: No such file or directory ```
2024-01-14T4856: Fix IPsec DHCP-client exit hookViacheslav Hletenko
The script acually does not have the variable `secrets_lines` and secret lines itself does not have the marker `# dhcp:{interface}` in `to_find` Needs to rewrite this script in the future if it is required This commit fixes DHCP-client exit hook: ``` dhclient[6800]: NameError: name 'secrets_lines' is not defined root[6801]: /etc/dhcp/dhclient-exit-hooks.d/99-ipsec-dhclient-hook returned non-zero exit status 1 ```
2024-01-14Merge pull request #2821 from sever-sever/T5944John Estabrook
T5944: Fix reboot in arg
2024-01-14T5944: Fix reboot in argViacheslav Hletenko
Fix the arg for the `reboot in x` command The current arg is `--reboot_in [Minutes ...]` The expected arg is `--reboot-in [Minutes ...]`
2024-01-14Merge pull request #2819 from c-po/T591-srv6-bgp-improvementsChristian Breunig
bgp: T591: SRv6 improvements
2024-01-14bgp: T591: add VPN nexthop support per address-familyChristian Breunig
set protocols bgp address-family ipv4-unicast nexthop vpn export <ipv4-address|ipv6-address> set protocols bgp address-family ipv6-unicast nexthop vpn export <ipv4-address|ipv6-address>
2024-01-14bgp: T591: add SRv6 per address-family SID supportChristian Breunig
set protocols bgp address-family ipv4-unicast sid vpn export <auto|1-1048575> set protocols bgp address-family ipv6-unicast sid vpn export <auto|1-1048575>
2024-01-14smoketest: config: azure: add snmpv3 monitoring used in original source of ↵Christian Breunig
this test
2024-01-13Merge pull request #2817 from sarthurdev/kea6-optionsChristian Breunig
dhcpv6: T3316: Extend scope of DHCP options, bugfixes
2024-01-13dhcpv6: T3316: Add `listen-interface` as supported by Keasarthurdev
2024-01-13dhcpv6: T3316: Move options to separate node and extend scopessarthurdev
* Also migrate `address-range` to `range` tag node for consistency with dhcpv4 server syntax
2024-01-12Merge pull request #2814 from sever-sever/T5925Christian Breunig
T5925: Containers change systemd KillMode
2024-01-12Merge pull request #2812 from sever-sever/T5857Christian Breunig
T5857: Fix op-mode show interfaces wireless info unconf message
2024-01-12T5925: Containers change systemd KillModeViacheslav Hletenko
By default we use mode `none` for containers Unit uses KillMode=none. This is unsafe, as it disables systemd's process lifecycle management for the service. Please update the service to use a safer KillMode=, such as 'mixed' or 'control-group'. Support for KillMode=none is deprecated and will eventually be removed.
2024-01-12T5857: Fix op-mode show interfaces wireless info unconf messageViacheslav Hletenko
When a router does not have wireless interfaces the proper unconfigured message must be exist
2024-01-12Merge pull request #2809 from c-po/bgp-t5306Daniil Baturin
bgp: T5306: fix verify_remote_as() to support v6only interface with peer-group
2024-01-12bgp: T5306: fix verify_remote_as() to support v6only interface with peer-groupChristian Breunig
To test: set protocols bgp neighbor eth0 interface v6only peer-group 'fabric' set protocols bgp peer-group fabric address-family ipv4-unicast set protocols bgp peer-group fabric address-family ipv6-unicast set protocols bgp peer-group fabric capability extended-nexthop set protocols bgp peer-group fabric remote-as 'external' set protocols bgp system-as 64496
2024-01-12Merge pull request #2807 from nicolas-fort/T5922Christian Breunig
T5922: firewall: fix intra-zone filtering parsing rules; update firew…
2024-01-12Merge pull request #2806 from jestabro/serial-consoleDaniil Baturin
image-tools: T5910: explicitly set transmission speed of serial console
2024-01-12T5922: firewall: fix intra-zone filtering parsing rules; update firewall ↵Nicolas Fort
smoketest
2024-01-12Revert "syslog: T1487: store all journalctl log files also in syslog"Christian Breunig
This reverts commit 800c85a20a00278ab07bbcccd85b753b1ca31e21.
2024-01-11image-tools: T5910: explicitly set transmission speed of serial consoleJohn Estabrook
GRUB defaults to 9600 in case of serial console; explicitly set to 115200.
2024-01-11Merge pull request #2798 from c-po/ipsec-T5918Christian Breunig
T5791: T5918: use genetic pattern to detect dynamic interfaces for ipsec and dynamic dns
2024-01-11Merge pull request #2797 from c-po/syslog-t1487Christian Breunig
syslog: T1487: store all journald log files also in syslog
2024-01-11Merge pull request #2799 from nicolas-fort/T5919Christian Breunig
T5919: firewall: fix <show firewall ipv6 ..> command
2024-01-11ipsec: T5918: warn when dynamic interfaces are used to bind ipsec daemonChristian Breunig
Fix after commit 8452d8f4921 ("T5918: Fix typo in verify vpn ipsec interface") so that dynamic interfaces can be used by ipsec but a warning is issued that this will only work after they are available on the system. PPPoE interfaces are the best example for this, as they are down during system bootup and will be available anytime after the boot once we've dialed into the BRAS.
2024-01-11T5919: firewall: fix <show firewall ipv6 ..> commandNicolas Fort
2024-01-11dns: T5791: use common pattern for exclude check of dynamic interfacesChristian Breunig
This uses a more common pattern froma base class while the original code from 0a1c9bc38 ("T5791: DNS dynamic exclude check for dynamic interfaces PPPoE") is still retained.
2024-01-11syslog: T1487: store all journalctl log files also in syslogChristian Breunig
This is useful to send the journal logs to external syslog servers
2024-01-11Merge pull request #2790 from sarthurdev/T5814Christian Breunig
firewall: T5814: Retain legacy 'accept' behaviour and re-order migration
2024-01-11dhcp: dhcpv6: T3316: Add `subnet-id` so leases remain mapped to entries in ↵Simon
the lease file (#2796)
2024-01-10Merge pull request #2791 from sever-sever/T5918Christian Breunig
T5918: Fix typo in verify vpn ipsec interface
2024-01-10T5918: Fix typo in verify vpn ipsec interfaceViacheslav Hletenko
The correct CLI command is `interface` and not `interfaces` ``` set vpn ipsec interface xxx ```
2024-01-10Merge pull request #2777 from aapostoliuk/T5688-multirangeChristian Breunig
T5688: Changed 'range' to multi in 'client-ip-pool' for accell-ppp
2024-01-10Merge pull request #2787 from c-po/bgp-5913Viacheslav Hletenko
bgp: T5913: allow peer-group support for ipv4|6-labeled-unicast SAFI
2024-01-10bgp: T5913: allow peer-group support for ipv4|6-labeled-unicast SAFIChristian Breunig
2024-01-10Merge pull request #2784 from nicolas-fort/T5915Christian Breunig
T5915: firewall: re-add opmode command for zone based firewall
2024-01-10Merge pull request #2785 from sarthurdev/kea-optionsChristian Breunig
dhcp: T3316: T5787: T5912: Extend scope of DHCP options, bugfixes
2024-01-10Merge pull request #2786 from jestabro/image-annotationsChristian Breunig
image-tools: T5917: annotate image list with (running)/(default boot)
2024-01-10firewall: T5814: Retain legacy 'accept' behaviour and re-order migrationsarthurdev
Pre-1.4 firewall 'accept' action acted as a 'return'. This change ensures the migrated rules meet the expected behaviour. This commit also re-orders migrated in/out/local jumps ordered by direction instead of interface.
2024-01-10image-tools: T5917: annotate image list with (running)/(default boot)John Estabrook
2024-01-10T5915:firewall: re-add opmode command for zone based firewallNicolas Fort
2024-01-10Merge pull request #2780 from Cheeze-It/currentChristian Breunig
T5916: Added segment routing check for index size and SRGB size