summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2024-02-12rpki: T6034: remove OpenSSH keys from /run/frr when unloadedChristian Breunig
2024-02-12pki: T6034: add dependencies to trigger rpki re-run on openssh key updateChristian Breunig
2024-02-11rpki: T6034: move SSH authentication keys to PKI subsystemChristian Breunig
2024-02-11pki: T6034: add OpenSSH key supportChristian Breunig
set pki openssh rpki private key ... set pki openssh rpki public key ... set pki openssh rpki public type 'ssh-rsa'
2024-02-10Merge pull request #2983 from c-po/rpki-t6004Christian Breunig
rpki: T6004: add missing startup priority
2024-02-10Merge pull request #2982 from c-po/pki-xmlChristian Breunig
xml: T5738: improve PKI building blocks for CLI
2024-02-10rpki: T6004: add missing startup priorityChristian Breunig
2024-02-10xml: T5738: improve PKI building blocks for CLIChristian Breunig
2024-02-09Merge pull request #2978 from sever-sever/T6028Christian Breunig
T6028: Fix QoS policy shaper wrong class_id_max and default_minor_id
2024-02-09T6028: Fix QoS policy shaper wrong class_id_max and default_minor_idViacheslav Hletenko
The `class_id_max` is wrong due to `tmp.sort` of Strings If we have class 5 and class 10 we get sorted max value 5, expected 10 ``` >>> tmp = ['5', '10'] >>> tmp.sort() >>> tmp ['10', '5'] >>> >>> hex(5+1) '0x6' >>> >>> hex(10+1) '0xb' >>> ``` This way we get wrong default maximum class value: ``` tc qdisc replace dev eth1 root handle 1: htb r2q 444 default 6 ``` Expect: ``` tc qdisc replace dev eth1 root handle 1: htb r2q 444 default b ``` Fix this converting Strings to Integers and get max value.
2024-02-09Merge pull request #2967 from sever-sever/T5703Daniil Baturin
T5703: Fix reapply QoS for connection-oriented interfaces
2024-02-09T5703: Fix reapply QoS for connection-oriented interfacesViacheslav Hletenko
After `disconnect` and `connect` connection-oriented interfaces like PPPoE, QoS policy has to be reapplied
2024-02-09Merge pull request #2975 from c-po/migrator-t5902Christian Breunig
https: T5902: fix migration of virtual-host port
2024-02-09https: T5902: fix migration of virtual-host portChristian Breunig
CLI source node is port and not listen-port.
2024-02-08Merge pull request #2955 from c-po/rpki-T6023Christian Breunig
rpki: T6023: add support for CLI knobs expire-interval and retry-interval
2024-02-08Merge pull request #2968 from natali-rs1985/T5685-currentDaniil Baturin
T5685: Keepalived VRRP prefix is not necessary for the virtual address
2024-02-08T5685: Keepalived VRRP prefix is not necessary for the virtual addressNataliia Solomko
2024-02-08Merge pull request #2950 from aapostoliuk/T5960-circinusDaniil Baturin
T5960: Rewritten authentication node in PPTP to a single view
2024-02-08Merge pull request #2969 from sever-sever/T6026Daniil Baturin
T6026: QoS hide attempts to delete qdisc from devices
2024-02-08Merge pull request #2507 from erkin/image-toolsDaniil Baturin
op-mode: T4038: Python rewrite of image tools
2024-02-08T6026: QoS hide attempts to delete qdisc from devicesViacheslav Hletenko
Hide unexpected output by attempts of deleting `qdisc` from interfaces [ qos ] Error: Cannot find specified qdisc on specified device. Error: Cannot delete qdisc with handle of zero.
2024-02-07Merge pull request #2952 from c-po/vrfChristian Breunig
vrf: T5973: module is now statically compiled into the kernel
2024-02-07Merge pull request #2957 from c-po/bgp-T6024Christian Breunig
bgp: T6024: add additional missing FRR features
2024-02-07Merge pull request #2959 from c-po/init-T2044-rpki-part-2Christian Breunig
init: T2044: only start rpki if cache is configured
2024-02-07Merge pull request #2960 from c-po/currentChristian Breunig
xml: T302: replace references to Quagga with FRRouting
2024-02-07xml: T302: replace references to Quagga with FRRoutingChristian Breunig
2024-02-07init: T2044: only start rpki if cache is configuredChristian Breunig
This extends commit 9199c87cf ("init: T2044: always start/stop rpki during system boot") to check the bootup configuration if an RPKI cache is defined. Only start RPKI if this is the case.
2024-02-07Merge pull request #2944 from HollyGurza/T3843-currentChristian Breunig
vpn: T3843: l2tp configuration not cleared after delete
2024-02-07bgp: T6024: add additional missing FRR featuresChristian Breunig
* set protocols bgp parameters labeled-unicast <explicit-null | ipv4-explicit-null | ipv6-explicit-null> * set protocols bgp parameters allow-martian-nexthop * set protocols bgp parameters no-hard-administrative-reset"
2024-02-07rpki: T6023: add support for CLI knobs expire-interval and retry-intervalChristian Breunig
2024-02-07Merge pull request #2953 from sever-sever/T6021Christian Breunig
T6021: Fix QoS shaper r2q calculation
2024-02-07T5960: Rewritten authentication node in PPTP to a single viewaapostoliuk
Rewritten authentication node in accel-ppp services to a single view. In particular - PPTP authentication.
2024-02-07vrf: T5973: module is now statically compiled into the kernelChristian Breunig
Always enable VRF strict_mode
2024-02-07T6021: Fix QoS shaper r2q calculationViacheslav Hletenko
The current calculation `r2q` is wrong as it uses `Floor division` but expecting `division` This way `math.ceil` calculate wrong value as we expect round a number upward to its nearest integer For example for speed 710 mbits expected value `444` but we get `443` ``` from math import ceil MAXQUANTUM = 200000 speed = 710000000 speed_bps = int(speed) // 8 >>> speed_bps // MAXQUANTUM 443 >>> speed_bps / MAXQUANTUM 443.75 >>> >>> >>> ceil(speed_bps // MAXQUANTUM) 443 >>> ceil(speed_bps / MAXQUANTUM) 444 >>> ```
2024-02-06Merge pull request #2941 from jestabro/cleanup-waitJohn Estabrook
image-tools: T6016: wait for umount in cleanup function
2024-02-06Merge pull request #2946 from sever-sever/T5921Christian Breunig
T5921: Fix OpenConnect verify for local users
2024-02-06T5921: Fix OpenConnect verify for local usersViacheslav Hletenko
Fix verify error for the VPN OpenConnect configuration with local authentication and without any user File "/usr/libexec/vyos/conf_mode/vpn_openconnect.py", line 94, in verify if not ocserv["authentication"]["local_users"]: KeyError: 'local_users'
2024-02-06vpn: T3843: l2tp configuration not cleared after deletekhramshinr
vpn: T5926: IPSEC does not apply after l2tp configuration was changed added dependency between l2tp and ipsec conf added test for apply config to swanctl
2024-02-06Merge pull request #2943 from vyos/mergify/bp/current/pr-2942Daniil Baturin
op-mode:T6015:Fix for charon file generated by ipsec debug script (backport #2942)
2024-02-06op-mode:T6015:Fix the charon file generated by ipsec debug scriptsrividya0208
(cherry picked from commit 0c9c496961dc88110da53943a14dd88086ea920d)
2024-02-05image-tools: T6016: wait for umount in cleanup functionJohn Estabrook
2024-02-06Merge pull request #2936 from c-po/rpki-T6011Daniil Baturin
rpki: T6011: known-hosts-file is no longer supported by FRR
2024-02-06Merge pull request #2935 from c-po/rpkiDaniil Baturin
init: T2044: always start/stop rpki during system boot
2024-02-05Merge pull request #2937 from jestabro/overhead-advisory-updateJohn Estabrook
T6018: adjust smoketest for update to FastAPI web framework
2024-02-05T6018: adjust smoketest for update to FastAPI web frameworkJohn Estabrook
2024-02-03rpki: T6011: known-hosts-file is no longer supported by FRRChristian Breunig
2024-02-03init: T2044: always start/stop rpki during system bootChristian Breunig
2024-02-03Merge pull request #2932 from c-po/ipsec-T5998Christian Breunig
ipsec: T5998: add replay-windows setting
2024-02-03ipsec: T5998: add replay-windows settingChristian Breunig
The replay_window for child SA will always be 32 (hence enabled). Add a CLI node to explicitly change this. * set vpn ipsec site-to-site peer <name> replay-window <0-2040>
2024-02-03Merge pull request #2931 from c-po/configdict-bugfixViacheslav Hletenko
configdict: T5894: preserve old behavior when dealing with PKI
generated by cgit v1.2.3 (git 2.39.1) at 2024-10-04 14:24:18 +0000