summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2019-08-17openvpn: T1548: add op-mode command for resettingChristian Poessinger
vyos@vyos:~$ reset openvpn interface vtun10
2019-08-17openvpn: T1548: add op-mode command for resetting clientChristian Poessinger
vyos@vyos:~$ run reset openvpn client client1
2019-08-17openvpn: T1548: fix file ownership of client configuration fileChristian Poessinger
2019-08-17openvpn: T1548: add op-mode command for key generationChristian Poessinger
2019-08-16openvpn: T1548: initial rewrite with XML and PythonChristian Poessinger
2019-08-07Validator: add file-exists as replacement to Vyatta check_file_in_config_dirChristian Poessinger
Verify if a file exists or not on the system. Can be called by: <constraint> <validator name="file-exists" argument="--directory /config/auth"/> </constraint> The --directory option is used to ensure a given file path lies under this (mandatory) directory. A directory can be mandatory when the optional argument -e, --error is used. This will return '1' instead of '0'.
2019-08-07XML: WireGuard: run interfacedefinition through XML lintChristian Poessinger
2019-08-07Validator: rename cidr -> ip-cidr to match existing patternsChristian Poessinger
2019-08-07Merge pull request #97 from c-po/bridge-fixesChristian Poessinger
Bridge fixes
2019-08-07[bridge] T1156: rename 'br_name' to 'intf' for indexing python dictionary ↵Christian Poessinger
interface name
2019-08-07[bridge] T1156: add missing if statement in config-migrationChristian Poessinger
Fixes: Traceback (most recent call last): File "/opt/vyatta/etc/config-migrate/migrate/interfaces/0-to-1", line 27, in <module> for br in config.list_nodes(base): File "/usr/lib/python3/dist-packages/vyos/configtree.py", line 255, in list_nodes raise ConfigTreeError("Path [{}] doesn't exist".format(path_str)) vyos.configtree.ConfigTreeError: Path [b'interfaces bridge'] doesn't exist
2019-08-05T1431: add showConfig operation to the HTTP API.Daniil Baturin
2019-08-05[vyos.configsession] Return the output of the external process from ↵Daniil Baturin
__run_command.
2019-08-05Merge pull request #96 from c-po/t1156-bridgeChristian Poessinger
2019-08-05[bridge] T1156: add XML completion helpers for interface address (dhcp and ↵Christian Poessinger
dhcpv6)
2019-08-05[bridge] T1156: support adding interface addressesChristian Poessinger
2019-08-05[bridge] T1156: add XML address constraintsChristian Poessinger
2019-08-05[bridge] T1156: remove priority of address nodeChristian Poessinger
2019-08-05Python/VyOS validate: extend is_intf_addr_assigned()Christian Poessinger
Verify if the given IPv4/IPv6 address is assigned to specific interface. It can check both a single IP address (e.g. 192.0.2.1 or a assigned CIDR address 192.0.2.1/24. Used testbench: =============== 20: br0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000 inet 192.0.2.1/24 brd 192.0.2.255 scope global br0 inet 192.0.3.1/24 brd 192.0.3.255 scope global br0 inet6 2001:db8:2::ffff/64 scope global tentative inet6 2001:db8:1::ffff/64 scope global tentative is_intf_addr_assigned('br0', '192.0.2.1/24') -> True is_intf_addr_assigned('br0', '192.0.2.1') -> True is_intf_addr_assigned('br0', '2001:db8:2::ffff/64') -> True is_intf_addr_assigned('br0', '2001:db8:2::ffff') -> True is_intf_addr_assigned('br0', '192.0.100.1/24') -> False is_intf_addr_assigned('br0', '192.0.100.1') -> False is_intf_addr_assigned('br0', '2001:db8:100::ffff/64') -> False is_intf_addr_assigned('br0', '2001:db8:100::ffff') -> False
2019-08-05Python/VyOS validate: add helper to check if an address belongs to a given ↵Christian Poessinger
interface
2019-08-04Python/VyOS validate: improve logic on is_ipv4() and is_ipv6()Christian Poessinger
Previosly the check failed when a network statement was passed which contained host bits set e.g. 192.0.2.1/24. This no longer is an issue b/c this is a valid v4 address. Address is now split on / and validated.
2019-08-04[bridge] T1156: add missing 'pass' statementsChristian Poessinger
2019-08-04[bridge] T1156: validate if supplied MAC address is validChristian Poessinger
2019-08-04[bridge] T1156: remove helper script bridge_has_members.pyChristian Poessinger
Bridge member interface is now handled completely inside the bridge node and no longer spread accross different interface definitions.
2019-08-04[bridge] T1156: rename igmp-snooping node to igmpChristian Poessinger
2019-08-03[bridge] T1156: interfaces can be assigned to any one bridge onlyChristian Poessinger
2019-08-03[bridge] T1156: support adding and removing bridge member interfacesChristian Poessinger
This is the new syntax bridge br0 { member { interface eth0 { cost 10 } interface eth1 { cost 11 } } }
2019-08-02[list-interfaces] support listing interfaces which can be bridgedChristian Poessinger
2019-08-02[bridge] T1156: add configuration migration scriptChristian Poessinger
2019-08-02[bridge] T1156: first working implementation using Python and XMLChristian Poessinger
2019-08-02T786: Rename tagNode environment variable VALUE to VYOS_TAGNODE_VALUEChristian Poessinger
2019-08-02WireGuard: rename wireguard.py -> interface-wireguard.pyChristian Poessinger
2019-08-02WireGuard: rename wireguard.xml -> interfaces-wireguard.xmlChristian Poessinger
2019-07-31Merge pull request #95 from DmitriyEshenko/l2tphagbard-01
T1555 Implementation shared-secret for LNS. Implementation command di…
2019-07-31T1555 Implementation shared-secret for LNS. Implementation command disabling ↵DmitriyEshenko
ccp.
2019-07-31[SSTP] - T853: adding show commands for session and statshagbard
2019-07-30Merge pull request #94 from hagbard-01/sstphagbard-01
[SSTP] - T853: accel-ppp: SSTP implementation
2019-07-30[SSTP] - T853: accel-ppp: SSTP implementationhagbard
2019-07-26T1546 fix syntax l2tp radius source-address and migrate other radius optionsDmitriyEshenko
2019-07-25Merge pull request #93 from DmitriyEshenko/patch-5Christian Poessinger
T1541 Fix: adding additional check
2019-07-25T1541 Fix: adding additional checkEshenko Dmitriy
2019-07-25[accel-l2tp] - T834: l2tp implementationhagbard
- node.def deletion for show remote-access - IPSec interface checking for L2TP - IPSec x509 for l2tp - verification of outside-address to warning since it was optional in the previous config
2019-07-22[wireguard] fixing value help typohagbard
2019-07-22[pppoe] typo fixedhagbard
2019-07-21T1537: add missing help for 'set service dns'Christian Poessinger
2019-07-19Merge pull request #91 from jjakob/currentChristian Poessinger
T1376: improve show_dhcp and show_dhcpv6
2019-07-19T1376: improve show_dhcp and show_dhcpv6Jernej Jakob
2019-07-19[VRRP] T1362: quote VRRP password strings to avoid config parse errors.Daniil Baturin
2019-07-19[DHCPv6 server] T1440: add subnet uniqueness check to DHCPv6.Daniil Baturin
2019-07-18T1440: in IPv4 DHCP, print the subnet rather than a dict dumpDaniil Baturin
when a non-unique subnet is found.