summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2023-12-18Merge pull request #2652 from vyos/mergify/bp/sagitta/pr-2627Christian Breunig
T4163: Add BGP Monitoring Protocol BMP feature (backport #2627)
2023-12-18T4163: Add BGP Monitoring Protocol BMP featureViacheslav Hletenko
Add BMP feature. BMP (BGP Monitoring Protocol, RFC 7854) is used to send monitoring data from BGP routers to network management entities https://docs.frrouting.org/en/latest/bmp.html Example: set system frr bmp commit run restart bgp set protocols bgp system-as '65001' set protocols bgp neighbor 192.0.2.11 address-family ipv4-unicast set protocols bgp neighbor 192.0.2.11 remote-as '65001' set protocols bgp bmp mirror-buffer-limit '256000000' set protocols bgp bmp target foo address '127.0.0.1' set protocols bgp bmp target foo port '5000' set protocols bgp bmp target foo min-retry '1000' set protocols bgp bmp target foo max-retry '2000' set protocols bgp bmp target foo mirror set protocols bgp bmp target foo monitor ipv4-unicast post-policy set protocols bgp bmp target foo monitor ipv4-unicast pre-policy set protocols bgp bmp target foo monitor ipv6-unicast post-policy set protocols bgp bmp target foo monitor ipv6-unicast pre-policy (cherry picked from commit 5523fccf4f7d05444c36c568128e94cd7b08c34f)
2023-12-17Merge pull request #2648 from jestabro/sagitta-image-toolsChristian Breunig
image-tools: T4516: revise system image tools
2023-12-16image-tools: T5825: restore authentication for add system imageJohn Estabrook
(cherry picked from commit 7ee9297a90625609e568394c9f5ea63e8c95a54b)
2023-12-16T5827: moved sys image sort to grub version_listTrae Santiago
(cherry picked from commit d01aba1f5055cdaa43c8429a2c13580679ec12f7)
2023-12-16T5827: made show system image alphabeticalTrae Santiago
(cherry picked from commit d2b29be237b790bb1a258647adf30c8b96c0b526)
2023-12-16T5827: made show system image alphabeticalTrae Santiago
(cherry picked from commit 2f8b22685065f25183133431502322decede6371)
2023-12-16image-tools: T5821: restore vrf-aware add system imageJohn Estabrook
(cherry picked from commit 90f2d9865051b00290dd5b7328a046e823b658dc)
2023-12-16image-tools: T5806: deactive raid arraysJohn Estabrook
(cherry picked from commit e3cd779d0bd8dd8be6231c7b2028326a03e6a06c)
2023-12-16image-tools: T5819: do not echo password on image installJohn Estabrook
(cherry picked from commit cf83979636c686a459d6dc75dcd98e342c70b1b3)
2023-12-16image-tools: T5806: remove partition and disk signatures in cleanupJohn Estabrook
(cherry picked from commit ea30fc962049226e869171f69c6ab1879f9e7085)
2023-12-16image-tools: T5758: restore saving previous data on installJohn Estabrook
Restore scanning previous installations for config data and ssh host keys on install. (cherry picked from commit 32551842bb0f710f590e8c030395a3a7902aa1df)
2023-12-16image-tools: T5789: copy ssh host keys on image updateJohn Estabrook
(cherry picked from commit 393b3ccf02902e765bd5cf603d770ba8cad22e75)
2023-12-16image-tools: T5751: use revised image tools in configsessionJohn Estabrook
(cherry picked from commit 2ccb567bba6dba69a1523daf9096ba39a18b35d1)
2023-12-16image-tools: T5751: restore arg raise_error for non-interactive useJohn Estabrook
(cherry picked from commit 35f69340ef189e27b380074bb687ad58f29e9433)
2023-12-16image-tools: T5751: add arg no_prompt for non-interactive callsJohn Estabrook
(cherry picked from commit 0fae5b412a359874f1d61a5330064e87a7e6b899)
2023-12-16image-tools: T5751: normalize args using hyphen instead of underscoreJohn Estabrook
(cherry picked from commit bb578a1cab177e8cee6e4d02144d21387ba13a93)
2023-12-16image-tools: T4516: exit grub-update service if running in dockerJohn Estabrook
(cherry picked from commit 0b97bde2cb04cf5e23350798f972abcee4bfe4ee)
2023-12-16image: T4516: add raid-1 install supportJohn Estabrook
(cherry picked from commit e036f783bc85e4d2bad5f5cbfd688a03a352223e)
2023-12-16image: T4516: ensure compatibility with legacy RAID 1 installsJohn Estabrook
(cherry picked from commit bd701768796d6ebb03ca943faf96d1dbea030edd)
2023-12-16image: T4516: variable name spellingJohn Estabrook
(cherry picked from commit fc5dc00a3892fa26d03213854ea5091d6b0c2c18)
2023-12-16image: T4516: restore select entry to set/delete imageJohn Estabrook
(cherry picked from commit 9ffa3e82d951756696367578dd5e82ef0f690065)
2023-12-16image: T4516: do not prompt for confirmation when setting defaultJohn Estabrook
(cherry picked from commit 3d15cfd484e8c2732d9f10e4065f2282f1f5d334)
2023-12-16image: T4516: reword some messages and promptsJohn Estabrook
(cherry picked from commit cdc5fddfd796ccf7cfe35d2501cb1da380df53b2)
2023-12-16image: T4516: add clearer error msg on attempt to upgrade to 1.2.xJohn Estabrook
An attempt to upgrade to 1.2.x is caught, but error is of failed checksum verification; add check and message. (cherry picked from commit aae1247da61206d7a1b0b4d6ee20d36d194dbaba)
2023-12-16image: T4516: use copy of pw_reset script for install, link for compatJohn Estabrook
Note that this was updated for the fix in T5739. (cherry picked from commit 424c9b19fd54598081e965c3364b082c5ef984de)
2023-12-16image: T4516: support for interoperability of legacy/new image toolsJohn Estabrook
This commit allows management of system images with either new or legacy tools: 'add/delete/rename system image' and 'set default' are translated appropriately on booting between images with the old and new tools. Consequently, the warning of the initial commit of T4516 is dropped. (cherry picked from commit 96b65e90fbfa1fe63d97929ac86fc910abb0caa9)
2023-12-16image: T4516: improve format of 'show system image details'John Estabrook
(cherry picked from commit 8efab9ee8cdb0e65dddb9d3ba97de8ddcf3666dc)
2023-12-16image: T5195: vyos.util -> vyos.utils package refactoringJohn Estabrook
(cherry picked from commit fcded7930b5426193e8490c6df2a70e300a60e31)
2023-12-16image: T4516: restore reboot reminder messageJohn Estabrook
(cherry picked from commit a604d5d56d93a6958d879b838066bbe2df131bc5)
2023-12-16image: T4516: set op-mode files executableJohn Estabrook
(cherry picked from commit d88168b8e26e46d512e3b175cd2eacecae0e596a)
2023-12-16image: T4516: do not prompt for config copy on live installJohn Estabrook
(cherry picked from commit b31092cc33685628c74845f2aa1e94f0e7879e87)
2023-12-16image: T4516: service vyos-grub-update should exit on live bootJohn Estabrook
(cherry picked from commit 7d6c262976eba624b935c96a7495cc392158b8ff)
2023-12-16image: T4516: remove unused file, replaced by vyos/system/image.pyJohn Estabrook
(cherry picked from commit 9e3b769f8402a816f6c7fa80ff12c9579c3f5243)
2023-12-16image: T4516: correct implementation of configure_authenticationJohn Estabrook
(cherry picked from commit 169c9ff01287cb558850479afb733dd53fb6ae5d)
2023-12-16image: T4516: correct permissions on creation of config directoryJohn Estabrook
(cherry picked from commit 74b00c1f6961d1bd3a59768021f154bdb64c154e)
2023-12-16image: T4516: Added system image toolszsdc
This commit adds the whole set of system image tools written from the scratch in Python that allows performing all the operations on images: * check information * perform installation and deletion * versions management Also, it contains a new service that will update the GRUB menu and keep tracking its version in the future. WARNING: The commit contains non-reversible changes. Because of boot menu changes, it will not be possible to manage images from older VyOS versions after an update. (cherry picked from commit 8f94262e8fa2477700c50303ea6e2c6ddad72adb)
2023-12-16Merge pull request #2645 from vyos/mergify/bp/sagitta/pr-2644Viacheslav Hletenko
ocserv: T5796: add CLI knob "http-security-headers" (backport #2644)
2023-12-16ocserv: T5796: add smoketest for new "http-security-headers" featureChristian Breunig
(cherry picked from commit 1c82e661e04e0979e09e487a58a801ffa9f438e8)
2023-12-16ocserv: T5796: add CLI knob "http-security-headers"fett0
OCserv manual recommended HTTP headers tobe included in the configuration. (cherry picked from commit ad65d37ddf92ec8416c84707d7d41e63346b550c) (cherry picked from commit 24f449cc099703df95646c719e9d3f308ed1a3f0)
2023-12-16Merge pull request #2597 from GurliGebis/T5775-sagitta-backportChristian Breunig
T5775: firewall: re-add state-policy to firewall. (manual backport #2539)
2023-12-15T5775: Fix collisions and adjust for 1.4Bjarke Istrup Pedersen
2023-12-15T5575: Update migration scripts for state policy parsingNicolas Fort
2023-12-15T5775: firewall: re-add state-policy to firewall. These commands are now ↵Nicolas Fort
included in <set firewall global-options state-policy> node.
2023-12-15Merge pull request #2641 from GurliGebis/T4502-sagitta-backportChristian Breunig
firewall: T4502: add offload to firewall table actions (backport #2638)
2023-12-15firewall: T4502: add offload to firewall table actionsBjarke Istrup Pedersen
2023-12-15Merge pull request #2640 from vyos/mergify/bp/sagitta/pr-2639Christian Breunig
frr: T4020: add option to define number of open file descriptors (backport #2639)
2023-12-15frr: T4020: add option to define number of open file descriptorsChristian Breunig
This allows the operator to control the number of open file descriptors each daemon is allowed to start with. The current assumed value on most operating systems is 1024. If the operator plans to run bgp with several thousands of peers then this is where we would modify FRR to allow this to happen. set system frr descriptors <n> (cherry picked from commit 892c28ccf634173d4c4952c248cb03974c560793)
2023-12-14Merge pull request #2636 from vyos/mergify/bp/sagitta/pr-2635Christian Breunig
T5749: Add a more scrict search for get_vrf method (backport #2635)
2023-12-14T5749: Add a more scrict search for get_vrf methodViacheslav Hletenko
The current implementation is wrong as it searches `master` in the iproute2 JSON output. It is a worng as it could include bridges or bonding interfaces Add the more strict search `info_slave_kind == vrf` (cherry picked from commit 2ebac5af10a36668ed3b8cfa6e5a9f61cf5d1068)