summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2021-08-06http-api: T2768: example using GraphQL for high-level config operationsJohn Estabrook
2021-08-06vyos.template: T2720: allow setting template directoryJohn Estabrook
2021-08-06frr: T3694: temporary disable VRF VNI assignmentChristian Poessinger
Somehow we hit a priority inversion here as we need to remove the VRF assigned VNI before we can remove a BGP bound VRF instance. Maybe move this to an individual helper script that set's up the VNI for the given VRF after any routing protocol (in our case this was triggered by running "make testc" when building an ISO image by the bgp-rpki config).
2021-08-06frr: T2175: remove no longer required loop when removing VRF VNIChristian Poessinger
This is a completing commit to a55585a833 ("frr: T2175: remove no longer required loop when removing routing protocols") that was missed out previously.
2021-08-06Merge pull request #955 from sever-sever/T548-currChristian Poessinger
migration: T548: Rename quagga scripts for correct seq
2021-08-06migration: T548: Rename quagga scripts for correct seqViacheslav
Rename quagga migration scripts for correct sequences between 1.3 and 1.4 branches 7-to-8 in 1.3 uses the same migration as 8-to-9 in 1.4 This PR fix it
2021-08-06Merge pull request #953 from runborg/T3721Christian Poessinger
T3721: arm64: fastnetmon 1.2 is amd64 only (arm64 blocker)
2021-08-04ipsec: T3718: fix default processing of ike dh-group proposalsChristian Poessinger
IKE dh-group defaults to 2 (modp1024).
2021-08-04T3721: arm64: fastnetmon 1.2 is amd64 only until a propper arm64 build can ↵Runar Borge
be created
2021-08-04configquery: T3402: remove restriction of query to active configJohn Estabrook
2021-08-04configquery: T3402: fix importsJohn Estabrook
2021-08-03isis: T1316: rename Jinja2 template to match other FRR daemonsChristian Poessinger
2021-08-03isis: T3693: bugfix Jinja2 templateChristian Poessinger
Commit 472c9568 ("isis: T3693: Adding IPv6 redistribution to ISIS") did not pass rendering, am exception got thrown: jinja2.exceptions.UndefinedError: 'dict object' has no attribute 'protocol' This commit fixes the templateing code.
2021-08-03configquery: T3402: add op-mode get_config_dictJohn Estabrook
2021-08-03configquery: T3402: add class using configtree to list tag node valuesJohn Estabrook
The class ConfigTreeActiveQuery uses configtree to access tag node values; note that this will only report saved configuration data.
2021-08-02Merge pull request #952 from sever-sever/T1594-currChristian Poessinger
l2tpv3: T1594: Fix timeout before set l2tpv3 interface
2021-08-02l2tpv3: T1594: Fix timeout before set l2tpv3 interfaceViacheslav
In some cases, we need to wait until local address is assigned. And only then l2tpv3 tunnel can be configured. For example when ipv6 address is in "tentative" state or we wait for some routing daemon/route for a remote address.
2021-08-01op-mode: bgp: T1513: extend "show bgp" command treeChristian Poessinger
Add the following new commands: * show bgp mac hash * show bgp martian next-hop * show bgp memory * show bgp next-hop * show bgp next-hop detail * show bgp next-hop ip * show bgp next-hop ip detail * show bgp statistics * show bgp statistics-all * show bgp wide * show bgp cidr-only * show bgp cidr-only wide * show bgp ipv4 wide * show bgp ipv6 wide
2021-08-01ping: T3707: add UnicodeError exception when invalid IP address is passedChristian Poessinger
2021-08-01Merge pull request #943 from Cheeze-It/currentChristian Poessinger
isis: T3693: Adding IPv6 redistribution to ISIS
2021-07-31isis: T3693: Adding IPv6 redistribution to ISISCheeze_It
In this commit we add the ability to redistribute into ISIS for IPv6 address family.
2021-07-31bgp: vrf: T3694: cannot delete default BGP instance when VRF BGP instance existsChristian Poessinger
2021-07-31sysctl: T3716: remove IPv4/6 routes from FIB when link goes downChristian Poessinger
For more information see: * https://programmersought.com/article/62242485344/ * https://www.spinics.net/lists/netdev/msg332453.html * https://github.com/FRRouting/frr/blob/master/doc/user/Useful_Sysctl_Settings.md
2021-07-31sysctl: T671: add missing net.ipv6.route.skip_notify_on_dev_down settingChristian Poessinger
Recommended by FRR best deafults https://github.com/FRRouting/frr/blob/master/doc/user/Useful_Sysctl_Settings.md
2021-07-30Merge pull request #949 from sever-sever/T1176-currChristian Poessinger
bgp: T1176: Add solo option for neighbor
2021-07-30router-advert: T2745: use template common coding style in for loopsChristian Poessinger
2021-07-30bgp: T1176: Add solo option for neighborViacheslav
2021-07-30Merge pull request #947 from bstepler/T3694Christian Poessinger
configd: T3694: always set script.argv
2021-07-30vyos.util: drop custom implementations in favor of is_systemd_service_running()Christian Poessinger
Commit f520182b ("vyos.util: add is_systemd_service_running() helper function") added a new helper function that can be used to check if a systemd service is running. Drop all custom implementations in favor of this library call.
2021-07-30vyos.util: add is_systemd_service_running() helper functionChristian Poessinger
Test is a specified systemd service is actually running. Returns True if service is running, false otherwise.
2021-07-29configd: T3694: always set script.argvBrandon Stepler
Several scripts imported by vyos-configd (including src/conf_mode/protocols_static.py) rely on argv for operating on VRFs. Always setting script.argv in src/services/vyos-configd ensures those scripts will operate on the default VRF when called with no arguments. Otherwise, a stale argv might cause those scripts to operate on the last modified VRF instead of the default VRF.
2021-07-29ipsec: T1210: add op-mode command to print Windows connection profileChristian Poessinger
2021-07-29Merge pull request #945 from DmitriyEshenko/1x-29072021-01Daniil Baturin
dhcp-server: T2432: Run dhcpd in group vyattacfg to allow recreate le…
2021-07-29dhcp-server: T2432: Run dhcpd in group vyattacfg to allow recreate lease filesDmitriyEshenko
2021-07-27ipsec: T3705: bugfix for VTI interfaces no honoring default-esp-groupChristian Poessinger
2021-07-26smoketest: config: azure: also utilize "default-esp-group" featureChristian Poessinger
2021-07-26ipsec: T1210: remote-access connections only work with IKEv2Christian Poessinger
2021-07-26ipsec: T1210: extend support for iOS profile generationChristian Poessinger
$ generate ipsec mac-ios-profile <connection> remote <ip>
2021-07-25tunnel: T3366: re-order migration scriptsChristian Poessinger
The migrator from 20-to-21 is required as 19-to-20 on VyOS 1.3 - thus simply rename/reorder the two migrators to not break things the hard way when upgrading from 1.3 -> 1.4.
2021-07-25ifconfig: T2653: obey conding styleChristian Poessinger
2021-07-25xml: tunnel: use source-interface building blockChristian Poessinger
2021-07-25ipsec: T1210: add RADIUS authentication for remote-access IKEv2 VPNChristian Poessinger
set vpn ipsec remote-access connection rw authentication client-mode 'eap-radius' set vpn ipsec remote-access connection rw authentication id '192.0.2.1' set vpn ipsec remote-access connection rw authentication server-mode 'x509' set vpn ipsec remote-access connection rw authentication x509 ca-certificate 'CAcert_Class_3_Root' set vpn ipsec remote-access connection rw authentication x509 certificate 'vyos' set vpn ipsec remote-access connection rw esp-group 'ESP-RW' set vpn ipsec remote-access connection rw ike-group 'IKE-RW' set vpn ipsec remote-access connection rw local-address '192.0.2.1' set vpn ipsec remote-access connection rw pool 'ra-rw-ipv4' set vpn ipsec remote-access connection rw unique 'never' set vpn ipsec remote-access pool ra-rw-ipv4 name-server '192.0.2.2' set vpn ipsec remote-access pool ra-rw-ipv4 prefix '192.168.22.0/24' set vpn ipsec remote-access radius nas-identifier 'fooo' set vpn ipsec remote-access radius server 172.16.100.10 key 'secret'
2021-07-25xml: add building block for RADIUS nas-identifierChristian Poessinger
2021-07-25ipsec: T1210: move DHCP server configuration unter remote-access nodeChristian Poessinger
As this is only related to remote-access, keeping it under "options" simply feels wrong.
2021-07-23Merge pull request #939 from sarthurdev/pki_fileChristian Poessinger
pki: T3642: Add ability to write generated certificates/keys to files
2021-07-23frr: T2175: remove no longer required loop when removing routing protocolsChristian Poessinger
2021-07-23login: T3699: verify system username does not conflict with Linux base usersChristian Poessinger
(cherry picked from commit 7292631373ea50f9908796ef2eda32e672d1df2e)
2021-07-23pki: T3642: Add ability to write generated certificates/keys to specified ↵sarthurdev
filenames
2021-07-22op-mode: xml: rename definition file for "generate wireguard" commandChristian Poessinger
2021-07-22pki: wireguard: T3642: remove obsolete op-mode scriptChristian Poessinger
As the keys are now stored inside the CLI configuration and no longer in a file on the filesystem, this command is no longer required. Also there are dedicated CLI commands available to display the additional Wireguard information. - show interfaces wireguard wg10 - show interfaces wireguard wg10 summary
generated by cgit v1.2.3 (git 2.39.1) at 2024-10-01 18:33:19 +0000