summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2021-08-15ospf: T3757: support to configure area at an interface levelChristian Poessinger
FRR supports configuring either network prefixes per area, or assign an interface to an area to participate in the routing process. This is already well known from other venders and supported by FRR. A valid VyOS OSPF configuration would then look like: vyos@vyos# show protocols ospf { interface dum0 { area 0 } interface eth0.201 { area 0 authentication { md5 { key-id 10 { md5-key vyos } } } dead-interval 40 hello-interval 10 priority 1 retransmit-interval 5 transmit-delay 1 } log-adjacency-changes { detail } parameters { abr-type cisco router-id 172.18.254.201 } passive-interface default passive-interface-exclude eth0.201 }
2021-08-15conntrack: T3275: bugfix XML generationChristian Poessinger
This commit fixes an error introduced by 43fcc0db0 ("conntrack: T3275: migrate 'disable' syntax to 'enable' syntax for the new default behavior") as the <valueless/> option can only be used on leafNodes. THis triggered the following build error: ValueError: <valueless/> is only allowed in <leafNode>
2021-08-15wireguard: T3756: fix generated qr code headerBoris Manojlovic
2021-08-15Merge pull request #944 from sever-sever/T3702Christian Poessinger
pbr: T3702: Add rules match fwmark
2021-08-15Merge pull request #970 from jack9603301/T3648Christian Poessinger
op-mode: nat: T3648: Modify the operation mode script implementation of NAT to fix the existing problem
2021-08-15conntrack: T3275: migrate 'disable' syntax to 'enable' syntax for the new ↵Lulu Cathrinus Grimalkin
default behavior
2021-08-14smoketest: shim: wait for commit to be completedChristian Poessinger
This completes commit e7d841d285 ("smoketest: shim: remove superfluous sleep() in getFRRconfig()").
2021-08-14smoketest: shim: remove superfluous sleep() in getFRRconfig()Christian Poessinger
The sleep was intended to handle a FRR issue where the config was/is somehow now available in vtysh even with the commit was done. This rather feels like a race-condition and is fixed in the subsequent commit.
2021-08-14vyos.util: T1503: use build in methods to determine current user for ↵Christian Poessinger
commit_in_progress()
2021-08-14op-mode: ipsec: T3745: "show vpn ipse sa" improve sortingChristian Poessinger
2021-08-14op-mode: vpn: use over absolute pathChristian Poessinger
2021-08-14op-mode: combine two "show vpn" definitionsChristian Poessinger
2021-08-14ospf: T3236: use proper daemon named template fileChristian Poessinger
2021-08-14op-mode: nat: T3648: Modify the operation mode script implementation of NAT ↵jack9603301
to fix the existing problem
2021-08-13vyos.util: "harden" is_systemd_service_running() functionChristian Poessinger
Inspired by the comments of https://unix.stackexchange.com/a/435317 use a more robust approach. A service can be "active" but not "running" (e.g. restarting with a configuration error). We can now test if a systemd unit is "activated" and if it is "running" at all. >>> from vyos.util import is_systemd_service_active >>> from vyos.util import is_systemd_service_running >>> is_systemd_service_active('ssh') True >>> is_systemd_service_running('sshd') False >>> is_systemd_service_running('ssh') True
2021-08-13vrf: T3734: T3728: vni must be configured with a higher priority then bgpdChristian Poessinger
When removing bgp (vrf) instances the assigned VRF vni must be deleted from FRR prior the removal of the bgp settings (T3734). This is now done by moving the CLI command "set vrf name red vni 1000" to a dedicated Python script with a priority higher then bgp.
2021-08-13Merge pull request #969 from sarthurdev/T3752Christian Poessinger
pki: T3752: Fix file output for certificate requests
2021-08-13Merge pull request #968 from sever-sever/T3738Christian Poessinger
openvpn: T3738: Disable authentication option for server mode
2021-08-13pki: T3752: Fix file output for certificate requestssarthurdev
2021-08-13xml: T3234: update instead of overwrite on repeated pathJohn Estabrook
2021-08-13openvpn: T3738: Disable authentication option for server modeViacheslav
2021-08-13Merge pull request #914 from sever-sever/T3673Christian Poessinger
policy: T3673: Add set large-comm-list for route-map
2021-08-13Merge pull request #967 from sever-sever/T3708-currChristian Poessinger
isis: T3708: Fix errors in MTU calculation
2021-08-13policy: T3673: Add set large-comm-list-delete for route-mapViacheslav
2021-08-13isis: T3708: Fix errors in MTU calculationViacheslav
2021-08-13nginx: T3740: use bracketize_ipv6 Jinja2 filter on server addressChristian Poessinger
2021-08-12Merge pull request #966 from kroy-the-rabbit/T3749John Estabrook
T3749: Moving some counters into the proper loop
2021-08-12T3749: Moving some counters into the proper loopKroy
2021-08-12login: T3746: inform users about pending rebootsChristian Poessinger
2021-08-12Merge pull request #963 from FileGo/T3744Christian Poessinger
dns: T3744: fixed dns fwd statistics formatting
2021-08-12dns: T3744: fixed dns fwd statistics formattingFileGo
2021-08-11Merge pull request #962 from jestabro/T3732John Estabrook
T3732: merge leafNodes containing a defaultValue with default-less leafNodes of same path
2021-08-11xml: T3732: merge leafNode with defaultValue with leafNode(s) of same pathJohn Estabrook
2021-08-11bgp: T3739: add common route-distinguisher XML building blockChristian Poessinger
2021-08-11GitHub: fix typo in PR templateChristian Poessinger
2021-08-11xml: T3732: simplifications for merging defaultValue and default-less nodesJohn Estabrook
2021-08-11smoketest: ospf: add logger to passive-interface testChristian Poessinger
2021-08-11accel-ppp: T3731: eliminate service name from error messageChristian Poessinger
VyOS will automatically append the subsystem name (pppoe-server or sstp) when something goes wrong. No need to hardcode this into the error string a second time.
2021-08-10Merge pull request #961 from sarthurdev/T3727Christian Poessinger
ipsec: T3727: Fix ESP proposals not being set from tunnel esp-group
2021-08-10ipsec: T3727: Fix ESP proposals not being set from tunnel esp-groupsarthurdev
2021-08-10Merge pull request #960 from sever-sever/T3709Christian Poessinger
snmp: T3709: Allow enable oid ipCidrRouteTable
2021-08-10snmp: T3709: Allow enable oid ipCidrRouteTableViacheslav
2021-08-10pki: wireguard: T3642: strip private keyChristian Poessinger
Extend regex used by the "| strip-private" modifier to remove the WireGuard private key portion from stdout.
2021-08-09ipsec: T3720: assigning vti secondary address caused interface in A/D stateChristian Poessinger
2021-08-08pki: wireguard: T3642: add alias "generate wireguard key-pair" commandChristian Poessinger
Triggers the same code as "generate pki wireguard key-pair" which makes it easier for users switching from 1.3 -> 1.4.
2021-08-08ipsec: l2tp: T2816: remove duplicate 3des-sha1-modp1024 proposalChristian Poessinger
2021-08-08Debian: T3641: drop dead symlink file in /etc/init.dChristian Poessinger
2021-08-08Debian: add missing runtime dependency on ndisc6Christian Poessinger
2021-08-08smoketest: rpki: remporary disable SSH based connection testing due to FRR bugChristian Poessinger
see: https://github.com/FRRouting/frr/issues/7978
2021-08-08Merge pull request #956 from Cheeze-It/currentChristian Poessinger
PING: T3634: Fixing do not fragment to Ping