summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2022-08-18T3896: Drop cserv local user req, add groupconfigRageLtMan
From ocserv documentation: ``` If the groupconfig option is set, then config-per-user will be overriden, and all configuration will be read from radius. That also includes the Acct-Interim-Interval, and Session-Timeout values. ``` Implement yes/no configuration and parameter handling during jinja rendering. Fix bug wherein openconnect-server configuration requires creation of local user accounts even when RADIUS authentication is used. Testing: Set the groupconfig=yes param and observed change in generated /run/ocserv/ocserv.conf. Removed the local users via `delete vpn openconnect authentication local-users` and observed commit & service operation
2022-08-16Merge pull request #1475 from sever-sever/T4613Christian Poessinger
upnp: T4613: Verify listen key in dictionary
2022-08-16Merge pull request #1474 from DaniilHarun/currentChristian Poessinger
T4619: Replacing instead of adding a static arp entry
2022-08-16upnp: T4613: Verify listen key in dictionaryViacheslav Hletenko
There is no check if 'listen' is exist in the dictionary, fix it Fix odd ValueHelp format
2022-08-16T4619: Replacing instead of adding a static arp entryDaniilHarun
2022-08-16Merge pull request #1462 from sever-sever/T4596Christian Poessinger
ocserv: T4596: Rewrite show openconnect sessions op-mode
2022-08-16Debian: T4584: remove version number from hostap package requirementChristian Poessinger
2022-08-16Merge pull request #1471 from mkorobeinikov/currentChristian Poessinger
dhcp-relay: T4601: restart dhcp relay-agent
2022-08-16dhcp-relay: T4601: restart dhcp relay-agentmkorobeinikov
The command "restart dhcp relay-agent" doesn't restart "isc-dhcp-relay" service.
2022-08-15ocserv: openconnect: T4614: add support for split-dnsChristian Poessinger
set vpn openconnect network-settings split-dns <domain>
2022-08-15smoketest: ocserv: implement config file validationChristian Poessinger
2022-08-15ocserv: T4333: migrate to new vyos_defined Jinja2 testChristian Poessinger
2022-08-15Merge pull request #1468 from sever-sever/T4609Christian Poessinger
container: T4609: Fix restart container
2022-08-15container: T4609: Fix restart containerViacheslav Hletenko
Add 2 dashes for arg "name"
2022-08-15Merge pull request #1465 from sever-sever/T4595Christian Poessinger
dmvpn: T4595: Fix dpd profile options
2022-08-11Merge pull request #1464 from sever-sever/T4603Christian Poessinger
l2tp: T4603: Add RADIUS nas-ip-address option
2022-08-10dmvpn: T4595: Fix dpd profile optionsViacheslav Hletenko
Fix template for configuration DMVPN IKE profile dead-peer-detection delay and dead-peer-detecion timeout options
2022-08-10l2tp: T4603: Add RADIUS nas-ip-address optionViacheslav Hletenko
Add l2tp authentication radius nas-ip-address option which will be sent in NAS-IP-Address Radius attribute
2022-08-08Merge pull request #1461 from nicolas-fort/nat66-excludeChristian Poessinger
nat66: T4598: Add exclude options in nat66
2022-08-08nat66: T4598: add file nat-exclue.xml.i, which is invoked by nat66.xml.in ↵Nicolas Fort
and nat-rule.xml.i
2022-08-06ocserv: T4596: Rewrite show openconnect sessions op-modeViacheslav Hletenko
Rewrite "show openconnect-server sessions" to vyos.opmode format Ability to get raw and formatted output Ability to get data via API
2022-08-05Merge pull request #1460 from sever-sever/T4597Christian Poessinger
ocserv: T4597: Check bind port before openconnect commit
2022-08-05nat66: T4598: Add exclude options in nat66Nicolas Fort
2022-08-05ocserv: T4597: Check bind port before openconnect commitViacheslav Hletenko
Check if openconnect listen port is available and not used by another service
2022-08-05Merge pull request #1459 from dmbaturin/genop-exnViacheslav Hletenko
T2719: add an exception hierarchy for op mode errors
2022-08-05bgp: T4257: bugfixes after renaming "local-as" to "system-as"Christian Poessinger
2022-08-04Merge https://github.com/Cheeze-It/vyos-1x into currentChristian Poessinger
* https://github.com/Cheeze-It/vyos-1x: bgp: T4257: Changing BGP "local-as" to "system-as"
2022-08-04macsec: T4537: macsec_csindex can be set even without encryptionChristian Poessinger
2022-08-04smoketest: macsec: T4537: validate macsec_csindex for both AES-GCM-128 and ↵Christian Poessinger
AES-GCM-256
2022-08-04T2719: add an exception hierarchy for op mode errorsDaniil Baturin
2022-08-04Merge pull request #1457 from sever-sever/T4586Christian Poessinger
nat66: T4586: Add SNAT destination prefix and DNAT address
2022-08-04macsec: T4592: can not create two interfaces using the same source-interfaceChristian Poessinger
2022-08-04vyos.config.configdict: T4592: only print interface name, not interface dict ↵Christian Poessinger
on error
2022-08-04smoketest: macsec: T4537: verify macsec_csindexChristian Poessinger
2022-08-03Merge pull request #1369 from nicolas-fort/T4480Daniil Baturin
T4480: webproxy: Add safe-ports and ssl-safe-ports for acl squid config
2022-08-03nat66: T4586: Add SNAT destination prefix and DNAT addressViacheslav Hletenko
Ability to configure SNAT destination prefix and DNAT source address Add option "!" - not address/prefix for NAT66
2022-08-03validators: T4586: Add IPv6 exclude validators for address/prefixViacheslav Hletenko
Add IPV6 exclude validators: - ipv6-address-exclude - ipv6-prefix-exclude Will use in nat66 source/destination
2022-08-02Merge pull request #1456 from sever-sever/T4585Christian Poessinger
containers: T4585: Add option restart to containers.py
2022-08-02containers: T4585: Add option restart to containers.pyViacheslav Hletenko
Add option restart to `containers.py`
2022-08-02Merge pull request #1455 from sever-sever/T4544Christian Poessinger
graphql: T4544: Add overwritten scripts op-mode-standardized.json
2022-08-02graphql: T4544: Add overwritten scripts op-mode-standardized.jsonViacheslav Hletenko
Add overwritten scripts to 'op-mode-standardized.json'
2022-08-02Merge pull request #1454 from sever-sever/T4585Christian Poessinger
container: T4585: Rewrite show container
2022-08-02container: T4585: Rewrite show containerViacheslav Hletenko
Rewrite op-mode: - show container - show container network - show container image to the new vyos.opmode format
2022-08-02macsec: T4537: add mussing macsec_csindex option to support GCM-AES-256Christian Poessinger
2022-08-02hostap: T4584: add Debian specific options to systemd unit filesChristian Poessinger
2022-08-01macsec: T4537: remove debug falg "-d" from systemd service fileChristian Poessinger
2022-08-01macsec: T4537: supply PID path via systemd service file to daemonChristian Poessinger
2022-08-01macsec: T4391: bugfix config pathChristian Poessinger
After commit 85d6c8f7c62 ("vyos.configdict: T4391: enable get_interface_dict() to be used with ConfigTreeQuery()") we also need to use the full path when working with Config() as previous calls to get_interface_dict() no longer change the level of Config().
2022-08-01op-mode: macsec: T4537: add "show|monitor log macsec" CLI commandsChristian Poessinger
2022-08-01macsec: T4537: restart wpa_supplicant on errorChristian Poessinger