summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2023-01-12T4118: Add default value any for connection remote-idViacheslav Hletenko
If IPsec "peer <tag> authentication remote-id" is not set it should be "%any" by default https://docs.strongswan.org/docs/5.9/swanctl/swanctlConf.html#_connections_conn_remote Set XML default value in use it in the python vpn_ipsec.py script
2023-01-11Merge pull request #1742 from roedie/T4918John Estabrook
T4918: op_mode interfaces: Fix show interfaces
2023-01-11Merge pull request #1747 from dmbaturin/op-mode-generate-methodViacheslav Hletenko
opmode: T4564: add generate to the list of op mode functions
2023-01-11container: T4880: fix name collisionJohn Estabrook
2023-01-11Merge pull request #1748 from aapostoliuk/T4927-sagittaChristian Breunig
webproxy: T4927: Changed restart to reload-or-restart in commit
2023-01-11webproxy: T4927: Changed restart to reload-or-restart in commitaapostoliuk
Changed restart to reload-or-restart in commit. It allows to reload the config and not restart webporxy service during commit.
2023-01-10opmode: T4564: add generate to the list of op mode functionsDaniil Baturin
2023-01-10Merge pull request #1746 from dmbaturin/op-mode-unsupported-errorJohn Estabrook
opmode: T2546: add UnsupportedOperation to op mode errors
2023-01-10opmode: T2546: add UnsupportedOperation to op mode errorsDaniil Baturin
2023-01-10Merge pull request #1744 from jestabro/container-op-modeDaniil Baturin
container: T4880: expose 'add/delete container image' in HTTP-API
2023-01-10Merge pull request #1745 from sever-sever/T4906Christian Breunig
T4906: Fix show vpn ipsec connections data
2023-01-10T4906: Fix show vpn ipsec connections dataViacheslav Hletenko
We get incorrect data when shows connections As we get list of all connections we should compare the connection name with entries in list and set correct data if they match
2023-01-09container: T4880: add REST API endpoint for add/delelete/show imagesJohn Estabrook
2023-01-09container: T4880: expose add_image/delete_image functions in op-modeJohn Estabrook
Encapsulating the add/delete image commands in the op-mode script allows automatic generation of corresponding API schema definitions.
2023-01-09container: T4880: include 'add'/'delete' in standard op-mode functionsJohn Estabrook
2023-01-09Revert "strongSwan: T4593: add charon-systemd runtime dependency"Christian Poessinger
This reverts commit 36d16f531236a62b5afc6cdd5f04d20c2b1883e6.
2023-01-09Revert "strongSwan: upgrade scripts to work with package version 5.9.8"Christian Poessinger
This reverts commit 6857447bf6acba3537d5e5372cd320aef078b81e.
2023-01-07T4918: op_mode interfaces: Fix show interfacesSander Klein
`show interfaces ethernet eth0` and `show interface bonding eth0` produces the same output. While this is not a big problem it does make usage a bit odd sometimes. This commit adds the --intf_type option to all instances of interfaces.py to make output consistent.
2023-01-07Merge pull request #1741 from vfreex/ospf-fix-passive-interfaceChristian Breunig
T4920: ospf: Fix `passive-interface default` option
2023-01-07T4920: ospf: Fix `passive-interface default` optionYuxiang Zhu
`passive_interface` is a leaf node. Also adds a smoketest.
2023-01-07Merge pull request #1728 from aapostoliuk/T4877-sagittaChristian Breunig
T4877: Added more checks if "import vrf" is used in bgp
2023-01-07smoketest: ospf: extend test 09 w/ passive interfacesChristian Poessinger
2023-01-07xml: T1579: merge generic-description.xml.i and interface/description.xml.iChristian Poessinger
No need to have two distinct include blocks as one superseeds the other. Also this makes the entire behavior of "description" CLI node simpler.
2023-01-06smoketest: T4284: drop redundant qos test configChristian Poessinger
2023-01-06T4877: Added more checks if "import vrf" is used in bgpaapostoliuk
1. Fixed: If rd and route-target are used in VRF, can not use "import vrf" in the same VRF in the same AFI/SAFI. 2. Fixed: If rd and route-target is used in VRF, this VRF can not be in the list of command "import vrf" in the same AFI/SAFI but in other VRFs. 3. Fixed: Do not allow to delete vrf if it is used in import list of other vrfs. 4. Added smoketests to check "import vrf" issues.
2023-01-06smoketest: qos: T4284: we do not need static routes in qos-basic testChristian Poessinger
2023-01-06xml: T4883: allow whitespace in generic-descriptionChristian Poessinger
2023-01-06static: T4883: fix KeyError: 'table'Christian Poessinger
Commit dafb0da2 ("static: T4883: add a description field for routing tables") added an iproute2 description table but lacked checking if the key exists. This has been fixed and also converted to Jinja2 to keep the "common" style inside the routing protocols. It might feel overengineered indeed.
2023-01-05smoketest: qos: T4284: remove dscp from base configChristian Poessinger
2023-01-05qos: T4284: priority-queue and round-robin have no default bandwidthChristian Poessinger
2023-01-05static: T4883: re-use description XML building blockChristian Poessinger
2023-01-05Merge pull request #1737 from sever-sever/T1237Christian Breunig
T1237: Fix failover route install route with diff metrics
2023-01-05Merge pull request #1710 from dmbaturin/routing-table-descriptionsChristian Breunig
T4883: add a description field for routing tables
2023-01-04ssh: T2651: extend verify() when both source-address and source-interface is ↵Christian Poessinger
used We need to ensure that source-address is assigned on source-interface before applying the configuration, else SSH client will have a hard time talking to someone.
2023-01-04ssh: T2651: add source-interface support ssh-clientChristian Poessinger
2023-01-04ssh: T2651: use Debian style include directve for ssh_config.dChristian Poessinger
Commit 846e306700a ("ssh: T2651: add cli options for source address") added support for a basic SSH client option, but it grabbed the entire /etc/ssh/ssh_config file without the ability to make custom user adjustments via the /etc/ssh/ssh_config.d/ folder. This vommit places the VyOS SSH options under /etc/ssh/ssh_config.d/ leaving the common override system alive.
2023-01-04qos: T4284: bugfix fair-queue queue-limit rangeChristian Poessinger
2023-01-04qos: T4284: replace qdisc/class instead of always adding itChristian Poessinger
This makes transitions/updates faster and less error prone
2023-01-04qos: T4284: add bandwidth percentage valueChristian Poessinger
2023-01-04T1237: Fix failover route install route with diff metricsViacheslav Hletenko
If there is no route in the routing table (requires install route) it checks routing table and returns best route None But if we have 2 routes to the same dest ip but with different metrics it doesn't get None (not first route install) It cause that bast metric route cannot be installed (wrong logic) Add func "is_route_exists" and check route/gateway/metric for the required route
2023-01-04Merge pull request #1735 from sever-sever/T4904Viacheslav Hletenko
T4904: keepalived virtual-server allow multiple ports with fwmark
2023-01-03Merge pull request #1729 from jestabro/cache-diffJohn Estabrook
configdiff: T4900: cache diff_tree/diff_dict in Config instance
2023-01-03Merge pull request #1736 from sever-sever/T4907Christian Poessinger
T4907: op-mode nat add missing option verbose
2023-01-03T4907: op-mode nat add missing option verboseViacheslav Hletenko
Add missing option "verbose" for op-mode NAT
2023-01-02xml: qos: T4284: fix DSCP CLI valuesChristian Poessinger
2023-01-02T4904: keepalived virtual-server allow multiple ports with fwmarkViacheslav Hletenko
Allow multiple ports for high-availability virtual-server The current implementation allows balance only one "virtual" address and port between between several "real servers" Allow matching "fwmark" to set traffic which should be balanced Allow to set port 0 (all traffic) if we use "fwmark" Add health-check script set high-availability virtual-server 203.0.113.1 fwmark '111' set high-availability virtual-server 203.0.113.1 real-server 192.0.2.11 health-check script '/bin/true' set high-availability virtual-server 203.0.113.1 real-server 192.0.2.11 port '0'
2023-01-02Merge pull request #1725 from sever-sever/T4893Christian Poessinger
T4893: Add ppp-options ipv6-interface-id for L2TP
2023-01-02smoketest: T4284: remove qos from dialup-router-medium-vpnChristian Poessinger
qos config migration is tested using qos-basic example config file.
2023-01-01qos: T4284: migrate percentaged bandwidth to absolute value in bit/sChristian Poessinger
2023-01-01Merge pull request #1663 from c-po/t4284-qosChristian Poessinger
QoS: T4284: re-implementation using XML and Python