Age | Commit message (Collapse) | Author | |
---|---|---|---|
2021-08-17 | policy: T2425: add missing constraints for extended and large community lists | Christian Poessinger | |
2021-08-17 | policy: T2425: update help test for BGP communities | Christian Poessinger | |
2021-08-17 | op-mode: T1513: bgp: add "show bgp large-community-list" commnad | Christian Poessinger | |
2021-08-17 | op-mode: xml: bgp: fix large-community help string | Christian Poessinger | |
2021-08-17 | op-mode: T1513: bgp: add "show bgp large-community AA:BB:CC exat-match" | Christian Poessinger | |
2021-08-17 | op-mode: T1513: bgp: xml: provide exact-match building block | Christian Poessinger | |
2021-08-17 | xml: proxy: use port-number building block for system proxy | Christian Poessinger | |
2021-08-17 | xml: webproxy: use port-number building block for LDAP connection | Christian Poessinger | |
2021-08-17 | xml: wireguard: use port-number building block | Christian Poessinger | |
2021-08-17 | xml: syslog: use port-number building block | Christian Poessinger | |
2021-08-17 | xml: tftp: use port-number building block | Christian Poessinger | |
2021-08-17 | xml: bcast-relay: use port-number building block | Christian Poessinger | |
2021-08-17 | xml: vxlan: use port-number building block | Christian Poessinger | |
2021-08-17 | xml: include: add error message to port-number | Christian Poessinger | |
2021-08-17 | isis: T1316: use common redistribute XML building block for IPv4 and IPv6 | Christian Poessinger | |
2021-08-17 | Merge pull request #974 from sever-sever/T690 | Christian Poessinger | |
openvpn: T690: Add metric for pushed routes | |||
2021-08-16 | openvpn: T690: Add metric for pushed routes | Viacheslav | |
2021-08-16 | smoketest: conntrack: fix function name disable -> enable | Christian Poessinger | |
2021-08-16 | conntrack: T3579: bugfix when deleting non existent iptable rules | Christian Poessinger | |
We only delete iptables rules if they really exist - if we try to delete a non- existing rule a PermissionError exception is thrown. We could either ignore the error code (that is what the old Vyatta code did), or we check what we are doing beforehand. | |||
2021-08-16 | conntrack: T3579: remove debug print() | Christian Poessinger | |
2021-08-16 | ospf: T3757: verify() bugfix for interface area | Christian Poessinger | |
Commit 6f87d8c9 ("ospf: T3757: support to configure area at an interface level") did not allow the old way an area and netwokr was set-up as the if expression was missing a check if 'area' was set in both the interface and the ospf process. | |||
2021-08-15 | Merge pull request #973 from sever-sever/T3702 | Christian Poessinger | |
pbr: T3702: Fix incorrect splits for fwmark | |||
2021-08-15 | pbr: T3702: Fix incorrect splits for fwmark | Viacheslav | |
2021-08-15 | Merge pull request #972 from erkin/current | Christian Poessinger | |
smoketest: conntrack: Update smoketests for new conntrack modules syntax | |||
2021-08-15 | smoketest: ospf: add debug code for redistribution test | Christian Poessinger | |
2021-08-15 | ospf: T3236: improve Jinja2 template - always use if before a loop | Christian Poessinger | |
2021-08-15 | smoketest: ospf: fix type in testcase name #10 | Christian Poessinger | |
2021-08-15 | smoketest: ospf: T3757: test interface area configuration | Christian Poessinger | |
2021-08-15 | smoketest: conntrack: Update smoketests for new conntrack modules syntax | erkin | |
2021-08-15 | ospf: T3757: support to configure area at an interface level | Christian Poessinger | |
FRR supports configuring either network prefixes per area, or assign an interface to an area to participate in the routing process. This is already well known from other venders and supported by FRR. A valid VyOS OSPF configuration would then look like: vyos@vyos# show protocols ospf { interface dum0 { area 0 } interface eth0.201 { area 0 authentication { md5 { key-id 10 { md5-key vyos } } } dead-interval 40 hello-interval 10 priority 1 retransmit-interval 5 transmit-delay 1 } log-adjacency-changes { detail } parameters { abr-type cisco router-id 172.18.254.201 } passive-interface default passive-interface-exclude eth0.201 } | |||
2021-08-15 | conntrack: T3275: bugfix XML generation | Christian Poessinger | |
This commit fixes an error introduced by 43fcc0db0 ("conntrack: T3275: migrate 'disable' syntax to 'enable' syntax for the new default behavior") as the <valueless/> option can only be used on leafNodes. THis triggered the following build error: ValueError: <valueless/> is only allowed in <leafNode> | |||
2021-08-15 | wireguard: T3756: fix generated qr code header | Boris Manojlovic | |
2021-08-15 | Merge pull request #944 from sever-sever/T3702 | Christian Poessinger | |
pbr: T3702: Add rules match fwmark | |||
2021-08-15 | Merge pull request #970 from jack9603301/T3648 | Christian Poessinger | |
op-mode: nat: T3648: Modify the operation mode script implementation of NAT to fix the existing problem | |||
2021-08-15 | conntrack: T3275: migrate 'disable' syntax to 'enable' syntax for the new ↵ | Lulu Cathrinus Grimalkin | |
default behavior | |||
2021-08-14 | smoketest: shim: wait for commit to be completed | Christian Poessinger | |
This completes commit e7d841d285 ("smoketest: shim: remove superfluous sleep() in getFRRconfig()"). | |||
2021-08-14 | smoketest: shim: remove superfluous sleep() in getFRRconfig() | Christian Poessinger | |
The sleep was intended to handle a FRR issue where the config was/is somehow now available in vtysh even with the commit was done. This rather feels like a race-condition and is fixed in the subsequent commit. | |||
2021-08-14 | vyos.util: T1503: use build in methods to determine current user for ↵ | Christian Poessinger | |
commit_in_progress() | |||
2021-08-14 | op-mode: ipsec: T3745: "show vpn ipse sa" improve sorting | Christian Poessinger | |
2021-08-14 | op-mode: vpn: use over absolute path | Christian Poessinger | |
2021-08-14 | op-mode: combine two "show vpn" definitions | Christian Poessinger | |
2021-08-14 | ospf: T3236: use proper daemon named template file | Christian Poessinger | |
2021-08-14 | op-mode: nat: T3648: Modify the operation mode script implementation of NAT ↵ | jack9603301 | |
to fix the existing problem | |||
2021-08-13 | vyos.util: "harden" is_systemd_service_running() function | Christian Poessinger | |
Inspired by the comments of https://unix.stackexchange.com/a/435317 use a more robust approach. A service can be "active" but not "running" (e.g. restarting with a configuration error). We can now test if a systemd unit is "activated" and if it is "running" at all. >>> from vyos.util import is_systemd_service_active >>> from vyos.util import is_systemd_service_running >>> is_systemd_service_active('ssh') True >>> is_systemd_service_running('sshd') False >>> is_systemd_service_running('ssh') True | |||
2021-08-13 | vrf: T3734: T3728: vni must be configured with a higher priority then bgpd | Christian Poessinger | |
When removing bgp (vrf) instances the assigned VRF vni must be deleted from FRR prior the removal of the bgp settings (T3734). This is now done by moving the CLI command "set vrf name red vni 1000" to a dedicated Python script with a priority higher then bgp. | |||
2021-08-13 | Merge pull request #969 from sarthurdev/T3752 | Christian Poessinger | |
pki: T3752: Fix file output for certificate requests | |||
2021-08-13 | Merge pull request #968 from sever-sever/T3738 | Christian Poessinger | |
openvpn: T3738: Disable authentication option for server mode | |||
2021-08-13 | pki: T3752: Fix file output for certificate requests | sarthurdev | |
2021-08-13 | xml: T3234: update instead of overwrite on repeated path | John Estabrook | |
2021-08-13 | openvpn: T3738: Disable authentication option for server mode | Viacheslav | |