Age | Commit message (Collapse) | Author |
|
T6687: add fqdn support to nat rules.
|
|
T6749: fix PR commenting permission issue with integration test workflow
|
|
|
|
validators: T6739: correctly quote ipaddrcheck arguments to avoid ipaddrcheck syntax errors when values include whitespace
|
|
to avoid ipaddrcheck syntax errors when values include whitespace
|
|
validators: T6738: Revert "validators: T6739: fix ipaddrcheck argument quoting"
|
|
|
|
validators: T6739: fix ipaddrcheck argument quoting
|
|
|
|
configd: T6608: report uncaught config script exceptions as commit error
|
|
syslog: T6719: fix the behavior of "syslog global preserve-fqdn"
|
|
|
|
bridge: T6675: VXLAN Interface configuration lost due to improper bridge detachment
|
|
T6630: ntp: support hardware timestamp offload and other mechanisms to improve accuracy
|
|
In the case of config mode script exceptions other than ConfigError,
vyos-configd would previously trigger the shim to re-run the script in
the CLI context. The use of config dependencies require this case to
return a commit error. A traceback is returned as output, consistent
with running without vyos-configd support.
|
|
ethtool: T6729: drop text based feature parsing in favour of JSON
|
|
Recent ethtool 6.10 supports JSON output for the base driver features. Remove
our old text based processing code and use the machine readable output of
ethtool.
|
|
lldp: T6727: add missing input validation for interface names
|
|
|
|
|
|
|
|
|
|
|
|
There is no input CLI validation on the interface name passed to the LLDP
service.
|
|
op-mode: T4833: Include wireguard peer name in interface summary report
|
|
http-api: T6326: return full warning/error output through api
|
|
Configuration error output is not returned in full to the http-api when
running under vyos-configd, due to an early implementation 'workaround'
of vyos-configd writing directly to the session tty. This is corrected
to return all ambient stdout (notably vyos.base.Warning) and error
messages directly to the originating caller, which may be from a session
tty or a ConfigSession instance. As the http-api runs in the latter
case, the full output is returned.
|
|
|
|
detachment
|
|
wireless: T6709: fix missing wpa_supplicant configuration
|
|
Commit 0ee8d5e35 ("ethernet: T6709: move EAPoL support to common framework")
added support to also have EAPoL on other interface types then ethernet. This
introduced a regression where the wireless interface wpa_supplicant configuration
would get deleted.
|
|
syslog: T5367: add format option to include timezone in message
|
|
T6723: firewall: extend op-mode commands
|
|
firewall ..> in order to match all chains/priorities
|
|
T6716: don't automatically set ethernet offload
|
|
Remove the lines of code that checked if the kernel had offloading
enabled and was then forcing the config to set it to "on." The
behavior now mirrors the config and offloading will only be enabled
if the config is explicitly set to enabled.
Note: the code is still present to disable the offloading, in the
config, if the kernel doesn't support it.
Note(2): Allow the previous behavior where the offload settings get set,
based on the Kernel, if the boot is a live boot.
|
|
T861: op-mode: initial parts for UEFI secure boot CLI
|
|
Deploy VyOS Secure Boot CA MOK (Machine Owner Key) into UEFI variables of
the running machine.
|
|
Support getting current system secure boot state.
In addition add optional suppor tto list all enrolled MOK (Machine Owner Keys)
in the UEFI variable store.
|
|
vyos@vyos:~$ show ver
...
Architecture: x86_64
Boot via: installed image
System type: KVM guest
Secure Boot: enabled
...
|
|
|
|
bond: T6709: add EAPoL support
|
|
op-mode: T6715: manually changing time/date is not synced into hardware clock
|
|
op-mode: T6682: Fix for show vpn ike sa peer that always shows all SAs
|
|
GitHub: T6494: add TPM tests to ISO integration workflow
|
|
When not using NTP and adjusting the current system time/date using set date
the time is not saved across a reboot into the hardware RTC. This commit
explicitly syncs the current time after a change into the systems RTC.
Most routers do not run without NTP (which is even a VyOS default) so the
priority is pretty low.
|
|
|
|
|
|
Instead of having EAPoL (Extensible Authentication Protocol over Local Area
Network) support only available for ethernet interfaces, move this to common
ground at vyos.ifconfig.interface making it available for all sorts of
interfaces by simply including the XML portion
#include <include/interface/eapol.xml.i>
|
|
|