summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2019-08-26openvpn: T1548: add 'show openvpn' commandChristian Poessinger
vyos@vyos:~$ show openvpn site-to-site OpenVPN status on vtun1 Client CN Remote Host Local Host TX bytes RX bytes Connected Since --------- ----------- ---------- -------- -------- --------------- None (PSK) N/A 172.18.201.10:1195 3.3 KiB 3.3 KiB N/A vyos@vyos:~$ show openvpn server OpenVPN status on vtun10 Client CN Remote Host Local Host TX bytes RX bytes Connected Since --------- ----------- ---------- -------- -------- --------------- client1 172.18.202.10:58644 172.18.201.10:1194 63.6 KiB 63.4 KiB Mon Aug 26 11:47:56 2019 client3 172.18.204.10:52641 172.18.201.10:1194 63.1 KiB 62.7 KiB Mon Aug 26 11:47:58 2019 OpenVPN status on vtun11 Client CN Remote Host Local Host TX bytes RX bytes Connected Since --------- ----------- ---------- -------- -------- --------------- client2 172.18.203.10:39472 172.18.201.10:1200 61.2 KiB 61.5 KiB Mon Aug 26 11:50:30 2019
2019-08-26openvpn: T1548: fix indention on op-mode definitionChristian Poessinger
2019-08-25Merge pull request #112 from alkersan/T1607_reset_ip_conntrack_rewriteChristian Poessinger
[op-mode] T1607 rewrite 'reset conntrack' and 'reset & show ip[v6]' to python/xml syntax
2019-08-25Merge pull request #115 from DmitriyEshenko/dummyChristian Poessinger
[dummy] T1609 migrate to vyos.interfaceconfig
2019-08-25Merge pull request #116 from jjakob/currentChristian Poessinger
T1611: check if config node exists before getting value
2019-08-24T1611: check if config node exists before getting valueJernej Jakob
2019-08-23[dummy] T1609 migrate to vyos.interfaceconfig, adding check ip-cidr, adding ↵DmitriyEshenko
vyos.interfaceconfig common ipv4/ipv6 functions
2019-08-23[op-mode] T1607 rewrite 'reset conntrack', 'reset & show ip[v6]' to ↵Dmytro Aleksandrov
python/xml syntax
2019-08-23Merge pull request #114 from DmitriyEshenko/dummyChristian Poessinger
[dummy] T1609 Fixing dummy interface state
2019-08-23[dummy] T1609 Fixing dummy interface stateDmitriyEshenko
2019-08-22T1606: change vyos-hostsd systemd target to avoid boot problemsJohn Estabrook
2019-08-22[interfaceconfig] - linkstate as property and depriccated message for ↵hagbard
get_link_state()
2019-08-21Merge branch 'current' of https://github.com/vyos/vyos-1x into currenthagbard
2019-08-21[interfaceconfig class] - moved get functionaility for mtu, mac and ifalias ↵hagbard
into its property
2019-08-21Merge pull request #108 from alkersan/currentChristian Poessinger
[op-mode] T1596 rewrite 'telnet' and 'traceroute' operations to xml style
2019-08-21Merge pull request #111 from c-po/t1601-loopbackChristian Poessinger
T1601 loopback
2019-08-21dummy: T1580: remove superfluous if statementsChristian Poessinger
2019-08-21bridge: T1556: remove superfluous if statementsChristian Poessinger
2019-08-21loopback: T1601: rewrite using XML/Python definitionsChristian Poessinger
2019-08-21T1598: redo host_name.py to use vyos-hostsd.Daniil Baturin
2019-08-21T1598: clean up vyos-hostsd state dump on clean shutdown.Daniil Baturin
2019-08-21T1598: improve autogenerated file comments.Daniil Baturin
2019-08-21T1598: handle the socket timeout exception in vyos.hostsd_clientDaniil Baturin
2019-08-20T1598: start vyos-hostsd before everything that may need it.Daniil Baturin
2019-08-20T1598: initial implementation of the hosts keeper daemon.Daniil Baturin
2019-08-20Merge pull request #110 from c-po/powerdnsChristian Poessinger
Powerdns
2019-08-20powerdns: T1595: remove 'listen-on' CLI optionChristian Poessinger
2019-08-20powerdns: T1595: add config migrator to remove 'listen-on'Christian Poessinger
2019-08-20vyos.interfaces: T1595: add method to query for interface typeChristian Poessinger
As of now we only could list the available interfaces for a given interface type. There was no reverse mapping available which told us that interface eth0.201 is an ethernet interface or vtun0 is openvpn.
2019-08-20powerdns: T1524: support setting allow-from networkChristian Poessinger
Netmasks (both IPv4 and IPv6) that are allowed to use the server. The default allows access only from RFC 1918 private IP addresses. Due to the aggressive nature of the internet these days, it is highly recommended to not open up the recursor for the entire internet. Questions from IP addresses not listed here are ignored and do not get an answer. https://docs.powerdns.com/recursor/settings.html#allow-from Imagine an ISP network with non RFC1918 IP adresses - they can't make use of PowerDNS recursor. As of now VyOS hat allow-from set to 0.0.0.0/0 and ::/0 which created an open resolver. If there is no allow-from statement a config-migrator will add the appropriate nodes to the configuration, resulting in: service { dns { forwarding { allow-from 0.0.0.0/0 allow-from ::/0 cache-size 0 ignore-hosts-file listen-address 192.0.2.1 } } }
2019-08-20vyos.configtree: add help for set methodChristian Poessinger
2019-08-19Merge pull request #109 from c-po/t1580-dummyChristian Poessinger
T1580 dummy
2019-08-19Python: configinterface: remove debug print() statementsChristian Poessinger
2019-08-19dummy: T1580: rewrite in new style XML/PythonChristian Poessinger
2019-08-19dummy: T1580: Python: support {add,remove}_interface in vyos.configinterfaceChristian Poessinger
2019-08-19openvpn: T1548: remove authy 2fa providerChristian Poessinger
According to https://github.com/twilio/authy-openvpn commit 3e5dc73: > This plugin is no longer actively maintained. If you're interested in becoming a maintainer, we welcome forks of this project. In addition this plugin was always missing in the current branch ov VyOS and did not make it into VyOS 1.2 (crux) If 2FA for OpenVPN is required we should probably opt for Google Authenticator or if possible a U2F device.
2019-08-19T1596 rewrite 'telnet' and 'traceroute' operations to xml styleDmytro Aleksandrov
2019-08-18Merge pull request #106 from alkersan/currentDaniil Baturin
[op-mode] T1590 xml-style rewrite of 'show system' operations
2019-08-18openvpn: T1548: support creating L2 bridgesChristian Poessinger
2019-08-18[bridge] T1156: increase bridge priority - bridge interfaces after all ↵Christian Poessinger
member interfaces are configured
2019-08-17openvpn: T1548: add 'show interfaces openvpn' op-mode commandChristian Poessinger
2019-08-17openvpn: T1548: fix generated topology statement for 'server point-to-point'Christian Poessinger
2019-08-17openvpn: T1548: don't generate config if instance is disabledChristian Poessinger
2019-08-17openvpn: T1548: fix generated client subnet mask for topology 'server'Christian Poessinger
2019-08-17openvpn: T1548: widen generated folder permission to 755Christian Poessinger
2019-08-17openvpn: T1548: add description to generated config fileChristian Poessinger
2019-08-17openvpn: T1548: fix enable/disable of entire interfaceChristian Poessinger
2019-08-17openvpn: T1548: 'disabled' leafNode must be valuelessChristian Poessinger
2019-08-17Merge pull request #107 from c-po/t1548-openvpnChristian Poessinger
T1548 openvpn
2019-08-17openvpn: T1548: remove debug outputChristian Poessinger