| Age | Commit message (Collapse) | Author |
|---|
|
qos: T6035: QoS policy shaper queue-type random-detect requires limit avpkt (backport #3297)
|
|
Added params for configuration red on the shaper policy
(cherry picked from commit 31cd75aec6d035b36537046ae0d034c03009a3fc)
|
|
T5872: fix ipsec dhclient hook uses "exit" instead of "return" (backport #3302)
|
|
T6100: Added NAT migration from IP/Netmask to Network/Netmask (backport #3291)
|
|
Added NAT migration from IP/Netmask to Network/Netmask.
In 1.3 allowed using IP/Netmask in Nat rules.
In 1.4 and 1.5 it is prohibited. Allowed Network/Netmask.
(cherry picked from commit 52c02ade031f165da18e6fd0542f3952f2cc9bb6)
|
|
(cherry picked from commit 840ab82e8821624aae589dec1ea86cefbcf866b7)
|
|
pppoe-server: T6141: T5364: PPPoE-server add pado-delay without sessions fails (backport #3296)
|
|
T6235: Git update actions-label-merge-conflict version (backport #3300)
|
|
Update `actions-label-merge-conflict` due to `Node.js 16 actions are deprecated.`
(cherry picked from commit 7451133671989e1207299e081cd26d3f526e25f6)
|
|
T5871: ipsec remote access VPN: specify "cacerts" for client auth (backport #2708)
|
|
T6166: Tech support generation error for custom output location (backport #3242)
|
|
fails (#3296)
(cherry picked from commit 6d8336f5ad2d9c4e0f12b54681db2924d6998d2d)
|
|
(cherry picked from commit ecc83562b4d756cc50910561a3f52ec260aeb478)
|
|
T6222: VRRP show prefix for long rfc3768-compatibility interfaces allow prefix vrrp (backport #3292)
|
|
If we use rfc3768-compatibility with long interface names like
eth1.100.200 it converts the VRRP interface name name
to `<interface>v<VRID><IP version>`
For example `eth2.100.200v10v4`
The limit for interface name is 15 symbols and it causes that
interface name is ignoring by keepalived
VMAC interface name 'eth2.100.200v10v4' too long or invalid characters - ignoring
And it uses the default prefix `vrrp` for such cases.
It works fine, but such interfaces are not displayed in the op-mode
Allow prefix `vrrp` for the op-mode for `show interfaces`
(cherry picked from commit 29a20ce9f9792e23137be57358ca52ddee7ac54b)
|
|
T6214: T6213: change constraint <alpha-numeric-hyphen-underscore-dot.xml.i> (backport #3281)
|
|
firewall: T6216: replace plus symbols (allowed by IPset but not NFT) in group names with underscores (backport #3290)
|
|
errors when using character <+> in 1.3 in firewall groups and custom firewall chains.
(cherry picked from commit 36baf771b8ea52487bf6c913d2019f926acbc4f3)
|
|
in order to not allow string starting with dot character; use such constraint in firewall group definitions.
(cherry picked from commit c455a1f71674300b8a74863ddfe6e551fe8fd252)
|
|
container: T6218: fix host IPv6 link-local address for VRF networks (backport #3286)
|
|
(cherry picked from commit 6b5590ae3325320a2b6bbcb34086ddb178860160)
|
|
container: T6210: add capability sys-nice (backport #3259)
|
|
(cherry picked from commit b8f3c61ca514cacdfc2495f16869c1b1e07d2bbc)
|
|
T6199: add missing build dependency (backport #3283)
|
|
(cherry picked from commit 8e2330fed6480886cbce97cc1b541e54c5394564)
|
|
T5858: Fix op-mode format for show conntrack statistics (backport #3280)
|
|
(cherry picked from commit 13ed4f9d489dd5b8ee80c5f2fdebf1b0565e9137)
|
|
T6207: restore ability to copy config.boot.default on image install (backport #3278)
|
|
(cherry picked from commit 619e2262e77621c6110164712fed0a42f16715e3)
|
|
(cherry picked from commit 5a8be747febc13b7d3be88e8ace7ec2aa0b2ca28)
|
|
ethernet: T5862: default MTU is not acceptable in some environments (backport #3265)
|
|
There are cloud environments available where the maximum supported ethernet
MTU is e.g. 1450 bytes, thus we clamp this to the adapters maximum MTU value
or 1500 bytes - whatever is lower.
(cherry picked from commit 8296cc727066e739c178918a91cfc11d20d26fe1)
|
|
In order to lower the Ethernet default MTU we need to drop the common
defaultValue from the XML mtu-68-16000.xml.i building block. Per interface
default MTU is later overloaded by XML.
(cherry picked from commit e86761fa1307596c721c3ddf3a61d263e8f5177b)
|
|
login: T5875: fix corner case for KeyError: 'getpwuid(): uid not found: XXXX' (backport #3270)
|
|
Commit 1b364428f ("login: T5875: restore home directory permissions only when
needed") added logic to chown the users home directory if it's UID changes.
This might happen when a user account is deleted and re-added to the system.
Under rar e circumstances it was possible that the implementation triggered
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
KeyError: 'getpwuid(): uid not found: XXXX'
This has been fixed by re-arranging the code path with an additional try/except
if the PW database information could not be retrieved leading to an implicit
chown() of the home directory to the user beeing added.
(cherry picked from commit 1165bb497ec2d6d1b3b12d6c03435b0210efe9e5)
|
|
ipoe: T6205: error in migration script logic while renaming mac-address to mac node (backport #3263)
|
|
container: T6208: fix AttributeError: 'ConfigDict' object has no attribute 'upper' (backport #3272)
|
|
'upper'
Commit b30faa43c (container: T6208: rename "cap-add" CLI node to "capability")
added an AttributeError referencing an out of scope variable.
This has been fixed.
(cherry picked from commit 2463bd292f14e46fdb26116791a89ca2eb651d17)
|
|
Commit a5ccc06c0 ("ipoe: T6205: error in migration script logic while renaming
mac-address to mac node") added a conditional path into the config which could
result in the migrated config not beeing written if precondition was not met.
(cherry picked from commit 2bbded1e485614d40b2e95165629487537fd1757)
|
|
container: T6208: rename "cap-add" CLI node to "capability" (backport #3269)
|
|
Containers have the ability to add Linux system capabilities to them, this is
done using the "set container name <name> cap-add" command.
The CLI node sounds off and rather should be "set container name <name>
capability" instead as we use and pass a capability to a container and not
add/invent new ones.
(cherry picked from commit b30faa43c28b592febd83a7fd3a58247de6b27bc)
|
|
mac node
The problem was introduced in [1] but the config migrator part unfortunately
was added to the wrong version [2]. As IPoE config version 0 was only active
during the 1.3 development cycle and VyOS 1.3.0 was already released with config
version 1 we can safely drop the migrator 0-to-1 and move the code to 1-to-2 to
properly support upgrades from VyOS 1.3 -> 1.4 or newer.
1: https://github.com/vyos/vyos-1x/commit/05df2a5f021f0c7aab7c06db645d210858b6e98d#diff-08291bf77870abe3af8bbe3e8ce4bbf344fd0498b2c5c75a75aa7235d381c88eL168
2: https://github.com/vyos/vyos-1x/commit/05df2a5f021f0c7aab7c06db645d210858b6e98d#diff-b8bb58b75607d3653e74d82eff02442f9f3ab82698f160ba37858f7cdf6c79ccR44-R46
(cherry picked from commit a5ccc06c08d3a9696f1c03c8d0c7de78ce1fd3c5)
|
|
T6203: remove obsoleted xml lib (backport #3255)
|
|
T6199: start validating smoketests against real CLI defaultValues (backport #3266)
|
|
T6188: add description to show firewall (backport #3219)
|
|
conntrack-sync: T1244: Support for StartupResync in conntrackd (backport #3254)
|
|
T6199: remove unused Python imports from migration scripts (backport #3260)
|
|
Use vyos.xml_ref.default_value to query XML default values and take them into
account when validating properly applied defaults in individual smoketests
instead of using hardcoded values like 443 for https port.
(cherry picked from commit d9d2e9c8ead29c173fefd1b565d191a85baaa071)
|
|
(cherry picked from commit 4c5afe0ba7853cf3fc4626933ecde70b321e9d67)
|
|
For readability in console sessions, moved the description column to only be shown in the detail view.
Changed wrapping in the detail view for description to 65 characters to prevent full line wrapping in console sessions.
(cherry picked from commit 4dba82c7517f4a93b9727d22104e4a339bad127a)
|
