Age | Commit message (Collapse) | Author | |
---|---|---|---|
2024-02-12 | rpki: T6024: add migration scripts from file based keys to PKI subsystem | Christian Breunig | |
2024-02-12 | rpki: T6034: remove OpenSSH keys from /run/frr when unloaded | Christian Breunig | |
2024-02-12 | pki: T6034: add dependencies to trigger rpki re-run on openssh key update | Christian Breunig | |
2024-02-11 | rpki: T6034: move SSH authentication keys to PKI subsystem | Christian Breunig | |
2024-02-11 | pki: T6034: add OpenSSH key support | Christian Breunig | |
set pki openssh rpki private key ... set pki openssh rpki public key ... set pki openssh rpki public type 'ssh-rsa' | |||
2024-02-10 | Merge pull request #2983 from c-po/rpki-t6004 | Christian Breunig | |
rpki: T6004: add missing startup priority | |||
2024-02-10 | Merge pull request #2982 from c-po/pki-xml | Christian Breunig | |
xml: T5738: improve PKI building blocks for CLI | |||
2024-02-10 | rpki: T6004: add missing startup priority | Christian Breunig | |
2024-02-10 | xml: T5738: improve PKI building blocks for CLI | Christian Breunig | |
2024-02-09 | Merge pull request #2978 from sever-sever/T6028 | Christian Breunig | |
T6028: Fix QoS policy shaper wrong class_id_max and default_minor_id | |||
2024-02-09 | T6028: Fix QoS policy shaper wrong class_id_max and default_minor_id | Viacheslav Hletenko | |
The `class_id_max` is wrong due to `tmp.sort` of Strings If we have class 5 and class 10 we get sorted max value 5, expected 10 ``` >>> tmp = ['5', '10'] >>> tmp.sort() >>> tmp ['10', '5'] >>> >>> hex(5+1) '0x6' >>> >>> hex(10+1) '0xb' >>> ``` This way we get wrong default maximum class value: ``` tc qdisc replace dev eth1 root handle 1: htb r2q 444 default 6 ``` Expect: ``` tc qdisc replace dev eth1 root handle 1: htb r2q 444 default b ``` Fix this converting Strings to Integers and get max value. | |||
2024-02-09 | Merge pull request #2967 from sever-sever/T5703 | Daniil Baturin | |
T5703: Fix reapply QoS for connection-oriented interfaces | |||
2024-02-09 | T5703: Fix reapply QoS for connection-oriented interfaces | Viacheslav Hletenko | |
After `disconnect` and `connect` connection-oriented interfaces like PPPoE, QoS policy has to be reapplied | |||
2024-02-09 | Merge pull request #2975 from c-po/migrator-t5902 | Christian Breunig | |
https: T5902: fix migration of virtual-host port | |||
2024-02-09 | https: T5902: fix migration of virtual-host port | Christian Breunig | |
CLI source node is port and not listen-port. | |||
2024-02-08 | Merge pull request #2955 from c-po/rpki-T6023 | Christian Breunig | |
rpki: T6023: add support for CLI knobs expire-interval and retry-interval | |||
2024-02-08 | Merge pull request #2968 from natali-rs1985/T5685-current | Daniil Baturin | |
T5685: Keepalived VRRP prefix is not necessary for the virtual address | |||
2024-02-08 | T5685: Keepalived VRRP prefix is not necessary for the virtual address | Nataliia Solomko | |
2024-02-08 | Merge pull request #2950 from aapostoliuk/T5960-circinus | Daniil Baturin | |
T5960: Rewritten authentication node in PPTP to a single view | |||
2024-02-08 | Merge pull request #2969 from sever-sever/T6026 | Daniil Baturin | |
T6026: QoS hide attempts to delete qdisc from devices | |||
2024-02-08 | Merge pull request #2507 from erkin/image-tools | Daniil Baturin | |
op-mode: T4038: Python rewrite of image tools | |||
2024-02-08 | T6026: QoS hide attempts to delete qdisc from devices | Viacheslav Hletenko | |
Hide unexpected output by attempts of deleting `qdisc` from interfaces [ qos ] Error: Cannot find specified qdisc on specified device. Error: Cannot delete qdisc with handle of zero. | |||
2024-02-07 | Merge pull request #2952 from c-po/vrf | Christian Breunig | |
vrf: T5973: module is now statically compiled into the kernel | |||
2024-02-07 | Merge pull request #2957 from c-po/bgp-T6024 | Christian Breunig | |
bgp: T6024: add additional missing FRR features | |||
2024-02-07 | Merge pull request #2959 from c-po/init-T2044-rpki-part-2 | Christian Breunig | |
init: T2044: only start rpki if cache is configured | |||
2024-02-07 | Merge pull request #2960 from c-po/current | Christian Breunig | |
xml: T302: replace references to Quagga with FRRouting | |||
2024-02-07 | xml: T302: replace references to Quagga with FRRouting | Christian Breunig | |
2024-02-07 | init: T2044: only start rpki if cache is configured | Christian Breunig | |
This extends commit 9199c87cf ("init: T2044: always start/stop rpki during system boot") to check the bootup configuration if an RPKI cache is defined. Only start RPKI if this is the case. | |||
2024-02-07 | Merge pull request #2944 from HollyGurza/T3843-current | Christian Breunig | |
vpn: T3843: l2tp configuration not cleared after delete | |||
2024-02-07 | bgp: T6024: add additional missing FRR features | Christian Breunig | |
* set protocols bgp parameters labeled-unicast <explicit-null | ipv4-explicit-null | ipv6-explicit-null> * set protocols bgp parameters allow-martian-nexthop * set protocols bgp parameters no-hard-administrative-reset" | |||
2024-02-07 | rpki: T6023: add support for CLI knobs expire-interval and retry-interval | Christian Breunig | |
2024-02-07 | Merge pull request #2953 from sever-sever/T6021 | Christian Breunig | |
T6021: Fix QoS shaper r2q calculation | |||
2024-02-07 | T5960: Rewritten authentication node in PPTP to a single view | aapostoliuk | |
Rewritten authentication node in accel-ppp services to a single view. In particular - PPTP authentication. | |||
2024-02-07 | vrf: T5973: module is now statically compiled into the kernel | Christian Breunig | |
Always enable VRF strict_mode | |||
2024-02-07 | T6021: Fix QoS shaper r2q calculation | Viacheslav Hletenko | |
The current calculation `r2q` is wrong as it uses `Floor division` but expecting `division` This way `math.ceil` calculate wrong value as we expect round a number upward to its nearest integer For example for speed 710 mbits expected value `444` but we get `443` ``` from math import ceil MAXQUANTUM = 200000 speed = 710000000 speed_bps = int(speed) // 8 >>> speed_bps // MAXQUANTUM 443 >>> speed_bps / MAXQUANTUM 443.75 >>> >>> >>> ceil(speed_bps // MAXQUANTUM) 443 >>> ceil(speed_bps / MAXQUANTUM) 444 >>> ``` | |||
2024-02-06 | Merge pull request #2941 from jestabro/cleanup-wait | John Estabrook | |
image-tools: T6016: wait for umount in cleanup function | |||
2024-02-06 | Merge pull request #2946 from sever-sever/T5921 | Christian Breunig | |
T5921: Fix OpenConnect verify for local users | |||
2024-02-06 | T5921: Fix OpenConnect verify for local users | Viacheslav Hletenko | |
Fix verify error for the VPN OpenConnect configuration with local authentication and without any user File "/usr/libexec/vyos/conf_mode/vpn_openconnect.py", line 94, in verify if not ocserv["authentication"]["local_users"]: KeyError: 'local_users' | |||
2024-02-06 | vpn: T3843: l2tp configuration not cleared after delete | khramshinr | |
vpn: T5926: IPSEC does not apply after l2tp configuration was changed added dependency between l2tp and ipsec conf added test for apply config to swanctl | |||
2024-02-06 | Merge pull request #2943 from vyos/mergify/bp/current/pr-2942 | Daniil Baturin | |
op-mode:T6015:Fix for charon file generated by ipsec debug script (backport #2942) | |||
2024-02-06 | op-mode:T6015:Fix the charon file generated by ipsec debug script | srividya0208 | |
(cherry picked from commit 0c9c496961dc88110da53943a14dd88086ea920d) | |||
2024-02-05 | image-tools: T6016: wait for umount in cleanup function | John Estabrook | |
2024-02-06 | Merge pull request #2936 from c-po/rpki-T6011 | Daniil Baturin | |
rpki: T6011: known-hosts-file is no longer supported by FRR | |||
2024-02-06 | Merge pull request #2935 from c-po/rpki | Daniil Baturin | |
init: T2044: always start/stop rpki during system boot | |||
2024-02-05 | Merge pull request #2937 from jestabro/overhead-advisory-update | John Estabrook | |
T6018: adjust smoketest for update to FastAPI web framework | |||
2024-02-05 | T6018: adjust smoketest for update to FastAPI web framework | John Estabrook | |
2024-02-03 | rpki: T6011: known-hosts-file is no longer supported by FRR | Christian Breunig | |
2024-02-03 | init: T2044: always start/stop rpki during system boot | Christian Breunig | |
2024-02-03 | Merge pull request #2932 from c-po/ipsec-T5998 | Christian Breunig | |
ipsec: T5998: add replay-windows setting | |||
2024-02-03 | ipsec: T5998: add replay-windows setting | Christian Breunig | |
The replay_window for child SA will always be 32 (hence enabled). Add a CLI node to explicitly change this. * set vpn ipsec site-to-site peer <name> replay-window <0-2040> |