summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2024-09-30Merge pull request #4024 from nicolas-fort/T6687Daniil Baturin
T6687: add fqdn support to nat rules.
2024-09-30Merge pull request #4107 from kumvijaya/currentChristian Breunig
T6749: fix PR commenting permission issue with integration test workflow
2024-09-28T6749: fix PR commenting permission issue with integration test worflowVijayakumar A
2024-09-27Merge pull request #4105 from dmbaturin/T6739-quote-ipaddrcheck-args-correctlyT6732-reusable-build-packageChristian Breunig
validators: T6739: correctly quote ipaddrcheck arguments to avoid ipaddrcheck syntax errors when values include whitespace
2024-09-27validators: T6739: correctly quote ipaddrcheck argumentsDaniil Baturin
to avoid ipaddrcheck syntax errors when values include whitespace
2024-09-27Merge pull request #4104 from vyos/revert-4099-T6739-quote-ipaddrcheck-argsChristian Breunig
validators: T6738: Revert "validators: T6739: fix ipaddrcheck argument quoting"
2024-09-27Revert "validators: T6739: fix ipaddrcheck argument quoting"Daniil Baturin
2024-09-26Merge pull request #4099 from dmbaturin/T6739-quote-ipaddrcheck-argsChristian Breunig
validators: T6739: fix ipaddrcheck argument quoting
2024-09-25validators: T6739: fix ipaddrcheck argument quotingDaniil Baturin
2024-09-25Merge pull request #3876 from jestabro/uncaught-conf-script-err-as-commit-errT6732-reusable-build-imageDaniil Baturin
configd: T6608: report uncaught config script exceptions as commit error
2024-09-24Merge pull request #4079 from nvollmar/T6719Christian Breunig
syslog: T6719: fix the behavior of "syslog global preserve-fqdn"
2024-09-24syslog: T6719: fix the behavior of "syslog global preserve-fqdn"Nicolas Vollmar
2024-09-24Merge pull request #4086 from natali-rs1985/T6675-currentChristian Breunig
bridge: T6675: VXLAN Interface configuration lost due to improper bridge detachment
2024-09-24Merge pull request #3966 from lucasec/t6630Daniil Baturin
T6630: ntp: support hardware timestamp offload and other mechanisms to improve accuracy
2024-09-22configd: T6608: report uncaught config script exceptions as commit errorJohn Estabrook
In the case of config mode script exceptions other than ConfigError, vyos-configd would previously trigger the shim to re-run the script in the CLI context. The use of config dependencies require this case to return a commit error. A traceback is returned as output, consistent with running without vyos-configd support.
2024-09-22Merge pull request #4094 from c-po/ethtoolChristian Breunig
ethtool: T6729: drop text based feature parsing in favour of JSON
2024-09-21ethtool: T6729: drop text based feature parsing in favour of JSONChristian Breunig
Recent ethtool 6.10 supports JSON output for the base driver features. Remove our old text based processing code and use the machine readable output of ethtool.
2024-09-21Merge pull request #4091 from c-po/lldp-t6727Christian Breunig
lldp: T6727: add missing input validation for interface names
2024-09-21T6630: ntp: move interface timestamping configuration under ptp nodeChristian Breunig
2024-09-21T6630: ntp: rename ptp-transport to ptp and use defaultValue for portChristian Breunig
2024-09-21T6630: ntp: add chrony "ntp over ptp" transportLucas Christian
2024-09-21T6630: ntp: add hardware timestamp offloadLucas Christian
2024-09-21T6630: ntp: add "interleave" optionLucas Christian
2024-09-21lldp: T6727: add missing input validation for interface namesChristian Breunig
There is no input CLI validation on the interface name passed to the LLDP service.
2024-09-20Merge pull request #4089 from natali-rs1985/T4833-currentChristian Breunig
op-mode: T4833: Include wireguard peer name in interface summary report
2024-09-20Merge pull request #4090 from jestabro/configd-err-outChristian Breunig
http-api: T6326: return full warning/error output through api
2024-09-20http-api: T6326: return full warning/error output through apiJohn Estabrook
Configuration error output is not returned in full to the http-api when running under vyos-configd, due to an early implementation 'workaround' of vyos-configd writing directly to the session tty. This is corrected to return all ambient stdout (notably vyos.base.Warning) and error messages directly to the originating caller, which may be from a session tty or a ConfigSession instance. As the http-api runs in the latter case, the full output is returned.
2024-09-20op-mode: T4833: Include wireguard peer name in interface summary reportNataliia Solomko
2024-09-20bridge: T6675: VXLAN Interface configuration lost due to improper bridge ↵Nataliia Solomko
detachment
2024-09-19Merge pull request #4087 from c-po/wifi-fixChristian Breunig
wireless: T6709: fix missing wpa_supplicant configuration
2024-09-19wireless: T6709: fix missing wpa_supplicant configurationChristian Breunig
Commit 0ee8d5e35 ("ethernet: T6709: move EAPoL support to common framework") added support to also have EAPoL on other interface types then ethernet. This introduced a regression where the wireless interface wpa_supplicant configuration would get deleted.
2024-09-19Merge pull request #4061 from c-po/syslog-T5367Daniil Baturin
syslog: T5367: add format option to include timezone in message
2024-09-18Merge pull request #4084 from nicolas-fort/T6723Christian Breunig
T6723: firewall: extend op-mode commands
2024-09-18T6723: firewall: extend op-mode commands <show firewall ..> and a <show log ↵Nicolas Fort
firewall ..> in order to match all chains/priorities
2024-09-17Merge pull request #4077 from dvlogic/dont_auto_enable_offloadChristian Breunig
T6716: don't automatically set ethernet offload
2024-09-17T6716: don't automatically set ethernet offloadDave Vogel
Remove the lines of code that checked if the kernel had offloading enabled and was then forcing the config to set it to "on." The behavior now mirrors the config and offloading will only be enabled if the config is explicitly set to enabled. Note: the code is still present to disable the offloading, in the config, if the kernel doesn't support it. Note(2): Allow the previous behavior where the offload settings get set, based on the Kernel, if the boot is a live boot.
2024-09-16Merge pull request #4020 from c-po/secure-bootChristian Breunig
T861: op-mode: initial parts for UEFI secure boot CLI
2024-09-16T861: op-mode: add "install mok" CLI commandChristian Breunig
Deploy VyOS Secure Boot CA MOK (Machine Owner Key) into UEFI variables of the running machine.
2024-09-16T861: op-mode: add "show secure-boot [keys]" CLI commandChristian Breunig
Support getting current system secure boot state. In addition add optional suppor tto list all enrolled MOK (Machine Owner Keys) in the UEFI variable store.
2024-09-16T861: op-mode: "show version" will display secure boot stateChristian Breunig
vyos@vyos:~$ show ver ... Architecture: x86_64 Boot via: installed image System type: KVM guest Secure Boot: enabled ...
2024-09-16T6687: add fqdn support to nat rules.Nicolas Fort
2024-09-16Merge pull request #4069 from c-po/eapol-bondChristian Breunig
bond: T6709: add EAPoL support
2024-09-16Merge pull request #4071 from c-po/date-time-T6715Christian Breunig
op-mode: T6715: manually changing time/date is not synced into hardware clock
2024-09-15Merge pull request #4057 from natali-rs1985/T6682-currentDaniil Baturin
op-mode: T6682: Fix for show vpn ike sa peer that always shows all SAs
2024-09-15Merge pull request #4070 from c-po/smoketest-tpmChristian Breunig
GitHub: T6494: add TPM tests to ISO integration workflow
2024-09-15op-mode: T6715: manually changing time/date is not synced into hardware clockChristian Breunig
When not using NTP and adjusting the current system time/date using set date the time is not saved across a reboot into the hardware RTC. This commit explicitly syncs the current time after a change into the systems RTC. Most routers do not run without NTP (which is even a VyOS default) so the priority is pretty low.
2024-09-15GitHub: T6494: add TPM tests to ISO integration workflowChristian Breunig
2024-09-15bond: T6709: add EAPoL supportChristian Breunig
2024-09-14ethernet: T6709: move EAPoL support to common frameworkChristian Breunig
Instead of having EAPoL (Extensible Authentication Protocol over Local Area Network) support only available for ethernet interfaces, move this to common ground at vyos.ifconfig.interface making it available for all sorts of interfaces by simply including the XML portion #include <include/interface/eapol.xml.i>
2024-09-14T861: add dependency to enable UEFI secure boot supportChristian Breunig