Age | Commit message (Collapse) | Author | |
---|---|---|---|
2021-08-22 | ipsec: T2816: l2tp ipsec VPN must be started after strongSwan | Christian Poessinger | |
2021-08-22 | container: op-mode: T3765: add "restart container" command | Christian Poessinger | |
2021-08-22 | container: op-mode: T3765: move "connect container" command to ↵ | Christian Poessinger | |
container.xml.in file | |||
2021-08-22 | container: op-mode: T3765: add "connect container mysql-server" command | Christian Poessinger | |
2021-08-22 | ipsec: T1210: op-mode command for Windows has no "profile" option | Christian Poessinger | |
2021-08-22 | l2tp: Jinja2 add trailing newline | Christian Poessinger | |
2021-08-22 | smoketest: pppoes: adjust testcase to vyos.ifconfig.interface migration | Christian Poessinger | |
Now that the PPPoE interface also makes use of the vyos.ifconfig.interface class, we need to adjust the smoketests to reflect all those changes. TODO: Start a local PPPoE server in a namespace and connect locally for deeper testing. | |||
2021-08-22 | pppoe: T1318: set source interface next to rp-pppoe.so plugin in peer template | Christian Poessinger | |
2021-08-22 | pppoe: T3641: set "noipv6" if IPv6 is not configured in newer pppd version | Christian Poessinger | |
2021-08-21 | vyos.configverify: use build-in functions for verify_interface_exists() | Christian Poessinger | |
2021-08-21 | pppoe: T1318: bump priority by 1 so we can source from pseudo-ethernet ↵ | Christian Poessinger | |
interfaces | |||
2021-08-21 | pppoe: T1318: implement missing access-concentrator CLI option | Christian Poessinger | |
2021-08-21 | vyos.configdict: leaf_node_changed() must return empty dict when node is added | Christian Poessinger | |
vyos@vyos# show interfaces pppoe pppoe pppoe10 { + access-concentrator asdfg authentication { password bar user foo } default-route force no-peer-dns source-interface eth0.202 } vyos@vyos# python3 Python 3.9.2 (default, Feb 28 2021, 17:03:44) [GCC 10.2.1 20210110] on linux Type "help", "copyright", "credits" or "license" for more information. >>> from vyos.config import Config >>> from vyos.configdict import get_interface_dict >>> from vyos.configdict import leaf_node_changed >>> conf = Config() >>> base = ['interfaces', 'pppoe'] >>> tmp = get_interface_dict(conf, base, 'pppoe10') >>> leaf_node_changed(conf, ['access-concentrator']) >>> [''] | |||
2021-08-21 | pppoe: T3090: migrate to vyos.ifconfig library to use the full potential | Christian Poessinger | |
Now that MSS clamping is done on the "per-interface" level the entire PPPoE stuff would have needed to get a full copy in GNU BASH for this or, participate in the common library. Add a new PPP ip-up script named 99-vyos-pppoe-callback which will call the vyos.ifconfig.PPPoEIf.update() function to configure everything as done with all other interfaces. This removes duplicated code for VRF assignment and route installation when a PPPoE interface is brought up or down. | |||
2021-08-21 | pppoe: T3090: support forward disable on a PPPoE link | Christian Poessinger | |
2021-08-21 | vyos.ifconfig: provide generic get_mac_synthetic() method | Christian Poessinger | |
WireGuard, Tunnel and also PPPoE all need a ways to calculate a synthetic MAC address used for the EUI64 link-local addresses. Instead of copying the code from Tunnel to WireGuard to PPPoE, use a generic implementation. | |||
2021-08-21 | smoketest: base: abbreviate path to /proc/sys/net | Christian Poessinger | |
2021-08-21 | vyos.configdict: add note when using leaf_node_changed() | Christian Poessinger | |
2021-08-21 | route: static: T2450: add next-hop interface on dhcp routes | Christian Poessinger | |
2021-08-21 | vyos.ifconfig: bridge: remove missleading comment in update() | Christian Poessinger | |
2021-08-21 | wwan: T3620: remove superfluous import statement | Christian Poessinger | |
WWAN does no londer need to render any configuration files. | |||
2021-08-21 | xml: interfaces: use one common building block for "disable-forwarding" | Christian Poessinger | |
Both building blocks only differed in the help text, so use IP for both IPv4 and IPv6. | |||
2021-08-21 | vti: T1441: enable ipv4/ipv6 interface options | Christian Poessinger | |
Now that we are based on XFRM interfaces we can also enable specific IPv4 and IPv6 interface options. | |||
2021-08-21 | interfaces: T3090: migrate adjust-mss from "firewall options" to "interface" ↵ | Christian Poessinger | |
level Getting rid of "set firewall options" and move it from: set firewall options interface ethX adjust-mss 1400 set firewall options interface ethX adjust-mss6 1400 to: set interfaces ethernet ethX ip adjust-mss 1400 set interfaces ethernet ethX ipv6 adjust-mss 1400 In addition add an extra option called clamp-mss-to-pmtu instead of a value. | |||
2021-08-21 | T1950: fix permissions on component-versions.json file | John Estabrook | |
2021-08-21 | udev: T2490: fix substitution error reported by udev | Christian Poessinger | |
2021-08-21 | op-mode: nhrp: T3599: check if process is running instead of checking PID file | Christian Poessinger | |
2021-08-21 | nhrp: T3599: move PID file to /run/opennhrp | Christian Poessinger | |
2021-08-21 | Debian: disable time consuming dh_strip_nondeterminism | Christian Poessinger | |
Skip dh_strip_nondeterminism - this is very time consuming and we have no non deterministic output (yet). | |||
2021-08-20 | T1950: write component versions to json file during migration | John Estabrook | |
2021-08-20 | bgp: T3759: add IPv4/IPv6 unicast AFI route-map for VPN import/export | Christian Poessinger | |
This adds the following new commands: set protocols bgp address-family ipv4-unicast route-map vpn export foo-map-out set protocols bgp address-family ipv4-unicast route-map vpn import foo-map-in set protocols bgp address-family ipv6-unicast route-map vpn export foo-map-out set protocols bgp address-family ipv6-unicast route-map vpn import foo-map-in | |||
2021-08-20 | bgp: T3759: fix DOS -> UNIX line endings on route-target building blocks | Christian Poessinger | |
2021-08-20 | bgp: T3759: create common export/import building block for re-usable route-maps | Christian Poessinger | |
2021-08-20 | smoketest: bgp: movo test for "solo" option to regular neighbor testcase | Christian Poessinger | |
2021-08-20 | smoketest: bgp: add support to extract only given SAFI from FRR | Christian Poessinger | |
2021-08-20 | xml: remove superfluous "interface" prefix from interface includes | Christian Poessinger | |
2021-08-20 | ipsec: T1210: add missing if clause around unique key | Christian Poessinger | |
2021-08-19 | Revert "xml: T1962: Add script to process syntaxVersion tags during build" | John Estabrook | |
This reverts commit 0ecc2c26f7ac939e4e23c14f5027ac7592c25761. | |||
2021-08-19 | xml: T3768: drop early XML syntaxVersion implementation | John Estabrook | |
2021-08-19 | T3768: Revert "T1950: Add support for reading component versions ..." | John Estabrook | |
This reverts commit 29e438755c8bd2b9598a2016a3c42891f0cbfa1d. | |||
2021-08-19 | op-mode: bgp: T3759: add "show bgp ipv4|ipv6 vpn" commands | Christian Poessinger | |
2021-08-19 | xml: T3474: add syntaxVersion processing to python xml lib | John Estabrook | |
2021-08-19 | smoketest: ipsec: T3764: extend testcases for IKE/ESP lifetime | Christian Poessinger | |
2021-08-19 | ipsec: dmvpn: T3764: bugfix mixed up IKE/ESP lifetime variable | Christian Poessinger | |
IKE lifetime is life_time, and ESP lifetime is rekey_time. | |||
2021-08-19 | ipsec: T3764: add additional quantifier for IKE and ESP lifetime | Christian Poessinger | |
Commit 7a873eb6 ("ipsec: T3764: bugfix missing IKE and ESP lifetime values") re-added the lost in translation IKE/ESP rekey values. But it did not specify the unit, which is s(econd). | |||
2021-08-19 | ipsec: T3764: bugfix missing IKE and ESP lifetime values | Christian Poessinger | |
During the migration the IKE and ESP key/re-key lifetime settings got lost in translation. This is now fixed and the values/defaults correspond to VyOS 1.3. | |||
2021-08-18 | Debian: containers: T2216: add missing dependency on uidmap | Christian Poessinger | |
Fixes the following error: vyos@vyos:~$ podman logs 2511d118563f WARN[0000] The cgroupv2 manager is set to systemd but there is no systemd user session available WARN[0000] For using systemd, you may need to login using an user session WARN[0000] Alternatively, you can enable lingering with: `loginctl enable-linger 1002` (possibly as root) WARN[0000] Falling back to --cgroup-manager=cgroupfs Error: cannot find newuidmap: exec: "newuidmap": executable file not found in $PATH | |||
2021-08-18 | bgp: evpn: T1513: VNI rt and rd are only supported under EVPN VRF | Christian Poessinger | |
2021-08-18 | bgp: evpn: T1513: fix indention when writing address-family config | Christian Poessinger | |
2021-08-18 | bgp: T3759: add l3vpn "route-target vpn" commands | Christian Poessinger | |
Add the following new commands: * set protocols bgp address-family ipv4-unicast route-target vpn both 1.1.1.1:100 * set protocols bgp address-family ipv4-unicast route-target vpn export 1.1.1.1:100 * set protocols bgp address-family ipv4-unicast route-target vpn import 1.1.1.1:100 |