summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2024-05-24load-balancing haproxy: T6391: fix typo in timeout help (#3513) (#3514)mergify[bot]
Co-authored-by: Gregor Michels <hirnpfirsich@brainpeach.de> (cherry picked from commit 609563d6acfeafbed46b1ac5e6bd497ce097e3bc) Co-authored-by: Gregor Michels <gregor.michels@web.de>
2024-05-24Merge pull request #3512 from vyos/mergify/bp/sagitta/pr-3487Daniil Baturin
reverse-proxy: T6370: Set custom HTTP headers in reverse-proxy responses (backport #3487)
2024-05-23reverse-proxy: T6370: Set custom HTTP headers in reverse-proxy responsesAlex W
(cherry picked from commit e1450096b4c667a4c33a3fcd8f67ebf6a39d441d)
2024-05-23Merge pull request #3511 from vyos/mergify/bp/sagitta/pr-3507Daniil Baturin
nat: T6345: source NAT port mapping "fully-random" is superfluous in Kernel >=5.0 (backport #3507)
2024-05-23nat: T6345: source NAT port mapping "fully-random" is superfluous in Kernel ↵Christian Breunig
>=5.0 random - In kernel 5.0 and newer this is the same as fully-random. In earlier kernels the port mapping will be randomized using a seeded MD5 hash mix using source and destination address and destination port. https://git.netfilter.org/nftables/commit/?id=fbe27464dee4588d906492749251454 (cherry picked from commit 7fe568ca1672f1dfbd2b56ee3ef7a6ab48b03070)
2024-05-23Merge pull request #3509 from vyos/mergify/bp/sagitta/pr-3505Christian Breunig
nat66: T6365: remove warnings for negated interface selections by name (backport #3505)
2024-05-23nat66: T6365: remove warnings for negated interface selections by nameChristian Breunig
(cherry picked from commit 59781ff365a5e1b15ef6c4c2481f3d3815548b9d)
2024-05-23Merge pull request #3504 from vyos/mergify/bp/sagitta/pr-3482Daniil Baturin
nat: T6365: remove warnings for negated interface selections by name (backport #3482)
2024-05-22Merge pull request #3506 from vyos/mergify/bp/sagitta/pr-3502Christian Breunig
vyos.utils.io: T6385: handle keyboard interrupts in ask_yes_no (backport #3502)
2024-05-22vyos.utils.io: T6385: handle keyboard interrupts in ask_yes_noDaniil Baturin
and return False if the user interrupts the prompt with Ctrl-C (cherry picked from commit 5a5dda14fd3d472680568f1792e9fbdb030f3995)
2024-05-22nat: T6365: use interface_exists() over netifaces.interfaces()Christian Breunig
(cherry picked from commit 645c43ba60d29ca676a4323ccc5ca16c6bd8127a)
2024-05-22nat: T6365: use string startswith() over [0] index accessChristian Breunig
(cherry picked from commit 3870247517741ce23e2fcee8aaa1d194f0ad621b)
2024-05-22nat: T6365: remove warnings for negated interface selections by nameRyazanov Alexander Mihailovich
(cherry picked from commit 03eae30b27433055ddc10f09fc134b83e9bd6cec)
2024-05-22Merge pull request #3503 from vyos/mergify/bp/sagitta/pr-3501John Estabrook
rollback-soft: T6384: tell the user to compare or commit (backport #3501)
2024-05-22rollback-soft: T6384: tell the user to compare or commitDaniil Baturin
after applying the diff (cherry picked from commit 7bba95c8052af5b0cc5908cb9e740caa01b44161)
2024-05-22Merge pull request #3499 from Giggum/sagittaChristian Breunig
dhcpv6-server: T3493: adds prefix range validation and fixes typos in…
2024-05-22Merge pull request #3495 from vyos/mergify/bp/sagitta/pr-3493Christian Breunig
T6375: Fix/Update NAT logging (backport #3493)
2024-05-22Merge pull request #3496 from vyos/mergify/bp/sagitta/pr-3494Christian Breunig
T6373: QoS Policy Limiter - classes for marked traffic do not work (backport #3494)
2024-05-21dhcpv6-server: T3493: adds prefix range validation and fixes typos in select ↵Giggum
ConfigError messages
2024-05-21T6373: QoS Policy Limiter - classes for marked traffic do not workkhramshinr
(cherry picked from commit e50b7afc9d5b727d04933116ccf364a2b9a48c30)
2024-05-21T6375: Fix/Update NAT loggingl0crian1
Fixed broken logging for "show log nat" Added the following commands: show log nat source show log nat source rule <ruleNum> show log nat destination nat show log nat destination nat rule <ruleNum> show log nat static show log nat static rule <ruleNum> (cherry picked from commit 5cb9b84bd9ce909460d8da7f039d9371143ede6c)
2024-05-21Merge pull request #3491 from vyos/mergify/bp/sagitta/pr-3489Christian Breunig
op-mode: T6367: fix "force commit-archive" TypeError (backport #3489)
2024-05-21op-mode: T6367: fix "force commit-archive" TypeErrorChristian Breunig
/usr/bin/config-mgmt requires an argument OR to be symbolically linked to *commit-revision or *commit-archive, for which it interprets argv[0] through the useful trickery: https://github.com/vyos/vyos-1x/blob/current/python/vyos/config_mgmt.py#L693-L700 Traceback (most recent call last): File "/usr/bin/config-mgmt", line 33, in <module> sys.exit(load_entry_point('vyos==1.3.0', 'console_scripts', 'config-mgmt')()) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/lib/python3/dist-packages/vyos/config_mgmt.py", line 746, in run func = getattr(config_mgmt, args['subcommand']) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ TypeError: attribute name must be string, not 'NoneType' (cherry picked from commit 0d6e44179bae5f73d37502884194656b34b1c4f9)
2024-05-18Merge pull request #3481 from vyos/mergify/bp/sagitta/pr-3480John Estabrook
T6354: do an explicit read from version file to avoid circular reference (backport #3480)
2024-05-18T6354: do an explicit read from version file to avoid circular referenceJohn Estabrook
(cherry picked from commit e0105ef380f1575613982f3b43c8ea3856654208)
2024-05-17Merge pull request #3478 from vyos/mergify/bp/sagitta/pr-3471John Estabrook
op mode: T6348: SNAT op-mode fails with flowtable offload entries (backport #3471)
2024-05-17Merge pull request #3477 from vyos/mergify/bp/sagitta/pr-3474John Estabrook
T6354: Get rid of the custom boot type check in version.py (backport #3474)
2024-05-17Merge pull request #3476 from vyos/mergify/bp/sagitta/pr-3472John Estabrook
T6358: Container config option to enable host pid (backport #3472)
2024-05-17op mode: T6348: SNAT op-mode fails with flowtable offload entriesNataliia Solomko
(cherry picked from commit 1cba74f91a67348bc8e8ad3e2ef4325dc9f9d6e0)
2024-05-17T6354: Get rid of the custom boot type check in version.pykhramshinr
(cherry picked from commit 783edc98f82f8718ccc856976d9a8f59bc6822e9)
2024-05-17T6358: Add config option for host process namespaceNicolas Vollmar
(cherry picked from commit f5051de4fc034bd95677ef142423e59eae47cd2f)
2024-05-17T6358: Remove duplicate host name handlingNicolas Vollmar
(cherry picked from commit 240f199cdfadbc12ce713dae74c8db3af44a398c)
2024-05-16Merge pull request #3465 from vyos/mergify/bp/sagitta/pr-3458Christian Breunig
T6335: Add/Update EVPN op commands (backport #3458)
2024-05-16T6335: Add/Update EVPN op commandsl0crian1
Converted completion helpers from python to bash for performance Previous commit: Added the following commands: show evpn show evpn es show evpn es <es-id> show evpn es detail show evpn es-evi show evpn es-evi detail show evpn es-evi vni <num> show evpn vni show evpn vni detail show evpn vni <num> Updated the following commands: show evpn access-vlan show evpn arp-cache show evpn mac show evpn next-hops show evpn rmac (cherry picked from commit 3917e3e9f985063ab7419c903f6019116224f640)
2024-05-16T6335: Add/Update EVPN op commandsl0crian1
Added the following commands: show evpn show evpn es show evpn es <es-id> show evpn es detail show evpn es-evi show evpn es-evi detail show evpn es-evi vni <num> show evpn vni show evpn vni detail show evpn vni <num> Updated the following commands: show evpn access-vlan show evpn arp-cache show evpn mac show evpn next-hops show evpn rmac (cherry picked from commit c6be441c86bc8fe2e938e2bd3c85f99071cbfb49)
2024-05-16Merge pull request #3462 from nvollmar/T4519Christian Breunig
op mode: T4519: Show DUID instead of IAID_DUID
2024-05-16Merge pull request #3460 from vyos/mergify/bp/sagitta/pr-3450Daniil Baturin
T5756: L2TP RADIUS backup and weight settings (backport #3450)
2024-05-16Merge pull request #3459 from vyos/mergify/bp/sagitta/pr-3456Daniil Baturin
op mode: T6339: display build flavor and comment in "show version" (backport #3456)
2024-05-16Merge pull request #3461 from vyos/mergify/bp/sagitta/pr-3457Daniil Baturin
op mode: T3355: remove the mention of legacy non-image installations (backport #3457)
2024-05-16T4519: Switch to display DUIDNicolas Vollmar
2024-05-16op mode: T3355: remove the mention of legacy non-image installationsDaniil Baturin
They were never supported by VyOS, that was just for very old systens upgraded from Vyatta Core (cherry picked from commit d8223d50ab627d2b58e14101891bf8ffb8111234)
2024-05-16T5756: L2TP RADIUS backup and weight settingskhramshinr
(cherry picked from commit 75d553932504c55e710265776e4865a238223e1f)
2024-05-16op mode: T6339: display build flavor and comment in "show version"Daniil Baturin
(cherry picked from commit cc0573a78aac4d6ac4479fdf951d151a36b88cbc)
2024-05-15Merge pull request #3453 from vyos/mergify/bp/sagitta/pr-3452Christian Breunig
T3420: Remove service upnp (backport #3452)
2024-05-14Merge pull request #3455 from vyos/mergify/bp/sagitta/pr-3454Christian Breunig
smoketest: ospf: T4739: add timeout in ldp test (backport #3454)
2024-05-14T3420: Remove service upnpViacheslav Hletenko
Remove `service upnp` as it never worked as expected, nft rules do not integrated and custom patches do not seem like a suitable solution for now. Security: UPnP has been historically associated with security risks due to its automatic and potentially unauthenticated nature. UPnP devices might be vulnerable to unauthorized access or exploitation. (cherry picked from commit 7c438caa2c21101cbefc2eec21935ab55af19c46)
2024-05-14smoketest: ospf: T4739: add timeout in ldp testChristian Breunig
(cherry picked from commit fbc846725d7d581f54b2db48a584e4580be3ad00)
2024-05-12Merge pull request #3449 from vyos/mergify/bp/sagitta/pr-34471.4.0-epa3John Estabrook
ethernet: T6306: add support for EVPN MH uplink/core tracking (backport #3447)
2024-05-12ethernet: T6306: add support for EVPN MH uplink/core trackingChristian Breunig
When all the underlay links go down the PE no longer has access to the VxLAN +overlay. To prevent blackholing of traffic the server/ES links are protodowned on the PE. A link can be setup for uplink tracking via the following configuration: set interfaces ethernet eth0 evpn uplink (cherry picked from commit 5565f27d15c5e7378e94aae8db8a894a12e25d7b)
2024-05-12Merge pull request #3448 from vyos/mergify/bp/sagitta/pr-3442Viacheslav Hletenko
T6329: firewall: add a patch for op-mode command <show firewall group> (backport #3442)