summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2022-10-27Merge pull request #1620 from jestabro/ipsec_show_saJohn Estabrook
ipsec: T4778: raise UnconfiguredSubsystem if IPsec not initialized
2022-10-27ipsec: T4778: raise UnconfiguredSubsystem if IPsec not initializedJohn Estabrook
2022-10-27Merge pull request #1606 from sever-sever/T4762Daniil Baturin
T4762: Add check for show nat if nat config does not exist
2022-10-26Merge pull request #1618 from sarthurdev/T4764Christian Poessinger
nat: T4764: Remove NAT tables on node deletion
2022-10-25Merge pull request #1617 from jestabro/camel_to_snake_caseJohn Estabrook
vyos.util: T4773: add camel_to_snake_case conversion
2022-10-25nat: T4706: Verify translation address or port existssarthurdev
2022-10-25nat: T4764: Remove tables on NAT deletionsarthurdev
2022-10-25vyos.util: T4773: add camel_to_snake_case conversionJohn Estabrook
2022-10-25ci: T4748: add dot to regex char class to allow 'vyos.util: Txxx: ...'John Estabrook
2022-10-25Merge pull request #1613 from jestabro/graphql-hybrid-authJohn Estabrook
graphql: T4574: add JWT token authentication
2022-10-25graphql: T4574: set byte length of shared secret from CLIJohn Estabrook
2022-10-25graphql: T4574: extend smoketest for token authenticationJohn Estabrook
2022-10-25graphql: T4574: set token expiration time in claimsJohn Estabrook
2022-10-25graphql: T4574: add context to read token in queries/mutationsJohn Estabrook
2022-10-25graphql: T4574: read config and generate schema with/without key authJohn Estabrook
2022-10-25graphql: T4574: add mutation for requesting JWT tokenJohn Estabrook
2022-10-25graphql: T4574: add interface definitions for authentication settingsJohn Estabrook
2022-10-25graphql: T4574: reorganize directory structure for clarityJohn Estabrook
2022-10-25graphql: T4574: call all schema definition generation on initJohn Estabrook
2022-10-24Merge pull request #1614 from jestabro/op-mode-route-outputJohn Estabrook
route: T4772: return list of dicts in 'raw' output
2022-10-24route: T4772: return list of dicts in 'raw' outputJohn Estabrook
2022-10-23T4762: Add check for show nat if nat config does not existViacheslav Hletenko
Add check for 'show nat xxx' if nat configuration does not exist
2022-10-21Merge pull request #1611 from dmbaturin/field-normalization-2John Estabrook
T4765: support list and primitives in op mode output normalization
2022-10-21T4765: support list and primitives in op mode output normalizationcreate with ansible
2022-10-21Merge pull request #1610 from jestabro/migrate-graphqlJohn Estabrook
graphql: T4768: change name of api child node from 'gql' to 'graphql'
2022-10-21graphql: T4768: change name of api child node from 'gql' to 'graphql'John Estabrook
2022-10-20Merge pull request #1608 from jestabro/T4765Daniil Baturin
T4765: normalize fields only if 'raw' is true; output must be dict
2022-10-20T4765: normalize fields only if 'raw' is true; output must be dictJohn Estabrook
2022-10-20Merge pull request #1607 from dmbaturin/op-mode-field-normalizationJohn Estabrook
T4765: normalize dict fields in op mode ouputs
2022-10-20Merge pull request #1601 from sever-sever/T4720Christian Poessinger
ssh: T4720: Ability to configure SSH-server HostKeyAlgorithms
2022-10-20T4765: normalize dict fields in op mode ouputsDaniil Baturin
2022-10-20T4763: Use nat.py for show nat destination statisticsViacheslav Hletenko
Use nat.py instead of old op-mode script
2022-10-17login: 2fa: T874: fix PAM string during ISO buildChristian Poessinger
Turns out a local installation of a package using "dpkg -i" differs when assembling an ISO using live-build. The previous version worked when using "dpkg -i" but it failed hard (no login possible) during ISO build. This has been fixed by using double quotes.
2022-10-17T4720: Add smoketest for SSH NDcPPViacheslav Hletenko
2022-10-17ssh: T4720: Ability to configure SSH-server HostKeyAlgorithmsViacheslav Hletenko
Ability to configure SSH-server HostKeyAlgorithms. Specifies the host key signature algorithms that the server offers. Can accept multiple values.
2022-10-17Merge pull request #1600 from jestabro/gql-compositeJohn Estabrook
graphql: T4753: generalize system_status to composite_{query,mutation}
2022-10-17xdp: T4284: libbpf-dev/libbpf0 is only available for VyOS on amd64Christian Poessinger
2022-10-16graphql: T4753: generalize system_status to composite_{query,mutation}John Estabrook
2022-10-16xdp: T4284: migrate to Debian libbpfChristian Poessinger
In order to properly retrieve JSON information in the Smoketests for the new QoS implementation we need a recent (>6.0) version of iproute2. This requires the libbpf-dev package and this small source-code change.
2022-10-16login: 2fa: T874: fix PAM string generation on multiple package installationsChristian Poessinger
Commit da535ef5 ("login: 2fa: T874: fix Google authenticator issues") used different strings for grep and sed resulting in the same line beeing added on every installation of the package. This is only disturbing during development not during ISO build.
2022-10-14Merge pull request #1588 from dmbaturin/pr-title-checkJohn Estabrook
T4748: add a CI action to check pull request title format
2022-10-14Merge pull request #1597 from jestabro/http-api-config-dictJohn Estabrook
http-api: T4749: transition to config_dict for conf_mode http-api.py
2022-10-14Merge pull request #1598 from sever-sever/T4533Christian Poessinger
T4533: Allow basic permissions to unprivileged RADIUS users
2022-10-14login: 2fa: T874: remove unused code path for global 1fa settingsChristian Poessinger
2022-10-14login: 2fa: T874: fix Google authenticator issuesChristian Poessinger
Move default values of TOTP configuration from a global to a per user setting. This makes the entire code easier as no global configuration must be blended into the per user config dict. Also it should be possible to set the authentication window "multiple concurrent keys" individual per user. set system login user vyos authentication otp key 'gzkmajid7na2oltajs4kbuq7lq' set system login user vyos authentication plaintext-password 'vyos'
2022-10-14T4533: Allow basic permissions to unprivileged RADIUS usersViacheslav Hletenko
Unprivileged RADIUS users cannot do simple diagnostics like ping or traceroute. Allow them such tools. Ability to execute op-mode commands for them. It is not new 'operator mode' feature but it allows RADIUS users execute op-mode commands
2022-10-14http-api: T4749: transition to config_dictJohn Estabrook
2022-10-14Merge pull request #1595 from Cheeze-It/currentChristian Poessinger
isis, ospf: T4739: ISIS and OSPF segment routing being refactored
2022-10-14Merge pull request #1596 from sever-sever/T4725Christian Poessinger
T4725: Fix Regex for correctly reset IPsec peers
2022-10-14T4725: Fix Regex for correctly reset IPsec peersViacheslav Hletenko
As IPsec site-so-site was rewritten we do not need replace ':' => '-' as ':' can not be in the connection name So connection name can not use IP(v6) address as peer name And current peers/connections not required prefix 'peer_' Fix template that search correctly connection name of the peers that allow to reset them again (reset ipsec peer was broken)