summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2023-03-10Merge pull request #1871 from nicolas-fort/T5055Christian Breunig
T5055: Firewall: add packet-type matcher in firewall and route policy
2023-03-10container: T4959: add registry authentication optionChristian Breunig
Container registry CLI node changed from leafNode to tagNode with the same defaults. In addition we can now configure an authentication option per registry.
2023-03-10schema: T5079: extension to support defaultValues on tagNodesChristian Breunig
2023-03-10xml: bgp: T5070: split out CLI definitions to include files which can be reusedChristian Breunig
2023-03-10Merge pull request #1884 from sever-sever/T5058Christian Breunig
T5058: Fix range_to_regex list argument
2023-03-10T5058: Fix range_to_regex list argumentViacheslav Hletenko
Values of the list for the 'range_to_regex' could be not only range values as ['10-20', '22-30'] but also and not range values like ['10-20', '30', '80'] Fix if we args is list and non range values are exists in ths list % range_to_regex(['10-20', '80']) '(1\\d|20|80)'
2023-03-10Merge pull request #1876 from jestabro/codegenChristian Breunig
graphql: T5068: generate client operations for code generation tools
2023-03-10Merge pull request #1880 from ichdasich/add_bgp_nexthop_to_vrfChristian Breunig
T5070: Added show bgp martian/show bgp nexthop to bgp in vrf
2023-03-10Merge pull request #1883 from sever-sever/T4973Christian Breunig
T4973: DHCP server fix output for long leases
2023-03-10Merge pull request #1882 from aapostoliuk/T5074-sagittaChristian Breunig
util: T5074: Fixed decoding of certificate value to UTF-8 string
2023-03-10T4973: DHCP server fix output for long leasesViacheslav Hletenko
With long lease time for example lease '4294967295' seconds it is impossible to get end lease as value is 'ends never;' It cause error to get timestamp() from 'ends never' and remaining time 'lease.end - datetime.utcnow()' Set default remaining and end lease to '-' if we cannot get this info
2023-03-10util: T5074: Fixed decoding of certificate value to UTF-8 stringaapostoliuk
Fixed decoding of certificate value returned by vici to UTF-8 string.
2023-03-09xml: T4952: improve interface completion helper CLI experienceChristian Breunig
2023-03-09Merge pull request #1881 from sarthurdev/qos_fixChristian Breunig
qos: T5018: Fix issues between QoS and interface mirror/redirect
2023-03-09qos: T5018: Use configdep to fix interface mirror/redirect issuesarthurdev
This will check if mirror/redirect is present on a QoS interface and use `vyos.configdep` module to update the interface again after QoS is applied.
2023-03-09qos: T5018: Fix interface tc qdisc cleanupsarthurdev
2023-03-09Merge pull request #1877 from sever-sever/T5073Christian Breunig
T5073: IPoE-server fix parse empty range option
2023-03-09T5070: Added show bgp martian/show bgp nexthop to bgp in vrfTobias Fiebig
2023-03-09Merge pull request #1879 from sever-sever/T5063Christian Breunig
T5063: IPoE-server ethX vlan must not be used with client-subnet
2023-03-09T5063: IPoE-server ethX vlan must not be used with client-subnetViacheslav Hletenko
IPoE-server 'interface ethX vlan xxx' (aka vlan-mon) must not be used with 'interface ethX client-subnet' So instead of shared pool accel-ppp uses the same pool for each dynamically added VLAN eth1 client-subnet '192.0.2.0/24' eth1 vlan '2000-2021' It cause this issue: eth1.2000 range 192.0.2.0/24 (the first client gets address from 192.0.2.2) eth2.2001 range 192.0.2.0/24 (the first client gets address from 192.0.2.2) Only named pools with vlan option must be used.
2023-03-09T5073: IPoE-server fix parse empty range optionViacheslav Hletenko
If the 'client-subnet' is not used we must exclude it from the ipoe.config.j2 template. Otherwise we get wrong empty parameter ',range=,'
2023-03-08graphql: T5068: generate client operations for code generation toolsJohn Estabrook
2023-03-08Merge pull request #1875 from sever-sever/T5066Christian Breunig
T5066: Fix GRE tunnel variable name which checks keys
2023-03-08T5066: Fix GRE tunnel variable name which checks keysViacheslav Hletenko
2023-03-07frr: T5045: lift LimitNOFILE 1024 -> 4096Christian Breunig
Lift the amount of allowed open file descriptors for the FRR process tree. Required if there are hundreds to thousands interfaces on a system.
2023-03-07Merge pull request #1868 from jestabro/literalDaniil Baturin
op-mode: T5051: use Literal types to provide op-mode CLI choices and API enums
2023-03-07Merge pull request #1872 from sever-sever/T5057Christian Breunig
T5057: Fix IPoE regex Jinja2 for interface
2023-03-07Merge pull request #1870 from sever-sever/T5058Christian Breunig
T5058: Extend template filter range_to_regex to allow list as arg
2023-03-07T5057: Fix IPoE regex Jinja2 for interfaceViacheslav Hletenko
Fix incorrect regex '\d+' when used vlan ranges For example 'ipoe-server interface eth1 vlan 2000-3000' - replace 'interface=re:eth1\.\d+' => 'interface=re:^eth1\.(200\d|20[1-9]\d|2[1-9]\d{2}|3000)$'
2023-03-06T5055: Firewall: add packet-type matcher in firewall and route policyNicolas Fort
2023-03-06T5058: Extend template filter range_to_regex to allow list as argViacheslav Hletenko
Extend template filter 'range_to_regex' Allow list of ranges as argument % range_to_regex(['11-12', '14-15']) '(1[1-2]|1[4-5])'
2023-03-06Merge pull request #1869 from sever-sever/T5056Christian Breunig
T5056: Fix IPoE server template for vlan-mon
2023-03-06T5056: Fix IPoE server template for vlan-monViacheslav Hletenko
After rewriting IPoE server for config.dict the ipoe.config.j2 template wasn't changed for 'vlan-mon' section Fix it
2023-03-06qos: T4989: bugfix dialer interface - speed detectionChristian Breunig
Not all interfaces have valid entries in the speed file. PPPoE interfaces have the appropriate speed file, but you can not read it: cat: /sys/class/net/pppoe7/speed: Invalid argument
2023-03-05op-mode: T5051: use typing.Literal in op-mode scriptsJohn Estabrook
2023-03-05op-mode: T5051: interpret Literal types as enumsJohn Estabrook
2023-03-05op-mode: T5051: add support for Literal arg typesJohn Estabrook
2023-03-04Merge pull request #1862 from jestabro/schema-generateChristian Breunig
graphql: T5040: generate schema on installation, rather than dynamically
2023-03-03graphql: T5040: use path from defaultsJohn Estabrook
2023-03-02Merge pull request #1865 from jbordongit/T4916-sagittaChristian Breunig
ipsec: T4916: Fixed migrations script
2023-03-03ipsec: T4916: Fixed migrations scriptjbordongit
* removed unused `re` from imports * replaced `return_value()` to `return_values()` for `remote-address` because this is a multi-value configuration node
2023-03-02Merge pull request #1864 from jestabro/system-login-errorChristian Breunig
login: T5039: catch error on 'my_set' for auth plaintext-password
2023-03-02Merge pull request #1863 from sarthurdev/T5039Christian Breunig
login: T5039: Support hashing rounds in `encrypted-password` values
2023-03-02login: T5039: catch error on 'my_set' for auth plaintext-passwordJohn Estabrook
2023-03-02login: T5039: Support hashing rounds in `encrypted-password` valuessarthurdev
Since glibc 2.7, the SHA-256 and SHA-512 implementations support a user-supplied number of hashing rounds, defaulting to 5000. If the "$id$" characters in the salt are followed by "rounds=xxx$", where xxx is an integer, then the result has the form $id$rounds=yyy$salt$encrypted where yyy is the number of hashing rounds actually used. The number of rounds actually used is 1000 if xxx is less than 1000, 999999999 if xxx is greater than 999999999, and is equal to xxx otherwise.
2023-03-01qos: T4989: bugfix missing firewall mark supportChristian Breunig
2023-03-01graphql: T5040: adjust smoketest for nullable keyJohn Estabrook
Since 'key' field is no longer required, a missing key will register an error in the resolver, instead of being rejected as bad request.
2023-03-01graphql: T5040: generate schema in vyos-1x.postinstJohn Estabrook
2023-03-01graphql: T5040: fail gracefully if not on live system; needed for importJohn Estabrook
For type introspection of op-mode scripts, scripts are loaded as modules. For generation of schema from type introspection, it is useful to load scripts during package installation, hence to fail gracefully if not on live system.
2023-03-01graphql: T5040: use nullable key field to allow schema static generationJohn Estabrook
Schema had been dynamically generated, based on configuration setting for authentication. Add nullable field 'key' for static generation of schema regardless of key/token use.