summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2024-03-07config: T4919: mount/unmount encrypted config on VyOS start/stopsarthurdev
Re-implements https://github.com/vyos/vyatta-cfg/pull/54
2024-03-07config: T4919: Add support for encrypted config file with TPMsarthurdev
2024-02-18Merge pull request #3030 from c-po/smoketest-t6043Christian Breunig
smoketest: T6043: proper cleanup after testcase
2024-02-18smoketest: T6043: proper cleanup after testcaseChristian Breunig
This extends commit dbe8c613b ("bridge: T6043: do not call vxlan dependency if interface does not exist (yet)") with a proper cleanup of additional interfaces created during the testrun.
2024-02-18Merge pull request #3026 from c-po/bridge-T6043Christian Breunig
bridge: T6043: do not call vxlan dependency if interface does not exist (yet)
2024-02-17Merge pull request #3027 from c-po/nht-T5581Daniil Baturin
op-mode: T5581: add "show ipv6 nht" command
2024-02-17op-mode: T5581: add "show ipv6 nht" commandChristian Breunig
This improves the implementation to support both IPv4 and IPv6
2024-02-17bridge: T6043: do not call vxlan dependency if interface does not exist (yet)Christian Breunig
In order to keep the proper priority list during system startup and on initial setup/commit for this feature the dependent VXLAN code should not be called, if the interface in question does not exist (yet).
2024-02-17Merge pull request #3024 from jestabro/pxe-bootJohn Estabrook
image-tools: T6041: fix logic of is_live_boot to allow for PXE boot
2024-02-17image-tools: T6041: fix logic of is_live_boot to allow for PXE bootJohn Estabrook
2024-02-17Merge pull request #3019 from c-po/login-T5972Christian Breunig
login: T5972: add possibility to disable individual local user accounts
2024-02-17Merge pull request #3021 from aapostoliuk/T3722-circinusChristian Breunig
T3722: Fixed L-Time in 'show vpn ike sa' command
2024-02-16T3722: Fixed L-Time in 'show vpn ike sa' commandaapostoliuk
Fixed L-Time in 'show vpn ike sa' command
2024-02-16login: T5972: add possibility to disable individual local user accountsChristian Breunig
* set system login user <name> disable
2024-02-16Merge pull request #3016 from c-po/nhtChristian Breunig
T6001: add option to disable next-hop-tracking resolve-via-default
2024-02-16T6001: add option to disable next-hop-tracking resolve-via-default in VRF ↵Christian Breunig
context * set vrf name <name> ip nht no-resolve-via-default * set vrf name <name> ipv6 nht no-resolve-via-default
2024-02-16T6001: add option to disable next-hop-tracking resolve-via-defaultChristian Breunig
* set system ip nht no-resolve-via-default * set system ipv6 nht no-resolve-via-default
2024-02-16T5150: rename smoketest config egb-igp-route-maps -> egp-igp-route-mapsChristian Breunig
EDB should be EGP for exterior gateway protocol
2024-02-15Merge pull request #3012 from sarthurdev/T5993Christian Breunig
dhcpv6-server: T5993: Extend interface migrator to check VLAN/QinQ
2024-02-15Merge pull request #3011 from c-po/rpki-smoketestsDaniil Baturin
rpki: T6034: extend config migration testcase
2024-02-15Merge pull request #3004 from aapostoliuk/T6029-circinusDaniil Baturin
T6029: Rewritten Accel-PPP services to an identical feature set
2024-02-15T6029: Rewritten Accel-PPP services to an identical feature setaapostoliuk
Removed dhcp-interface option (l2tp) Added wins-server (sstp) Added description (ipoe, pppoe, sstp, pptp) Added exteded-script (l2tp, sstp, pptp) Added shaper (ipoe, pptp, sstp, l2tp) Added limits (ipoe, pptp, sstp, l2tp) Added snmp ( ipoe, pptp,sstp, l2tp) Refactoring and reformated code.
2024-02-15eigrp: T2472: remove smoketestChristian Breunig
Commit 0eb4168aa ("eigrp: T2472: improve code for later tests") added a basic smoketest for EIGRP, which is also run by the CI hence not having a +x bit at all. This just deletes the basic smoketest testing for ASN and EIGRP router-id. We can revert it once it's fixed in FRR upstream. https://github.com/FRRouting/frr/pull/14765
2024-02-14rpki: T6034: extend config migration testcaseChristian Breunig
2024-02-14eigrp: T2472: improve code for later testsChristian Breunig
2024-02-14dhcpv6-server: T5993: Extend interface migrator to check VLAN/QinQsarthurdev
Updates smoketest config to test migrator change
2024-02-13Merge pull request #3005 from sever-sever/T6019Christian Breunig
T6019: Fix smoketest test_system_conntrack custom timeout
2024-02-13T6019: Fix smoketest test_system_conntrack custom timeoutViacheslav Hletenko
After updateing netfilter in the commit https://github.com/vyos/vyos-build/commit/b31f5fe934bcb37534d49acdb5f7756bf05422e8 The nftables format for conntrack timeouts is different. Fix this.
2024-02-13Merge pull request #2998 from sarthurdev/T5992Christian Breunig
dhcpv6-server: T5992: Fix op-mode DHCP lease output + updates
2024-02-13Merge pull request #2999 from sever-sever/T5928Christian Breunig
T5928: Change firewall priority to 319
2024-02-13Merge pull request #3000 from sever-sever/T5064Christian Breunig
T5064: Firewall fix RegEx for for domain-group
2024-02-13Merge pull request #2987 from c-po/evpn-macvrf-sooChristian Breunig
bgp: T6032: add EVPN MAC-VRF Site-of-Origin support
2024-02-13T5064: Firewall fix RegEx for for domain-groupViacheslav Hletenko
Improve RegEx for firewall domain-groups. This domain group looks good, but the current RegEx validation fils: ``` set firewall group domain-group a_aa ```
2024-02-13T5928: Smoketest change firewall flowtable test to use VLANViacheslav Hletenko
2024-02-13T5928: Change firewall priority to 319Viacheslav Hletenko
Change the firewall priority to 319, after interface ethernet configuration For example if we use VLANs and the vlan interface must be created before we can use it in the firewall/flowtable The current priority ``` 199 firewall 300 interfaces/dummy 300 interfaces/loopback 300 interfaces/virtual-ethernet 310 interfaces/bridge 310 interfaces/input 318 interfaces/ethernet ... ```
2024-02-13Merge pull request #2988 from c-po/pki-rpki-t6034Christian Breunig
rpki: T6034: move file based SSH keys for authentication to PKI subsystem
2024-02-13Merge pull request #2997 from sarthurdev/T5993Christian Breunig
dhcpv6-server: T5993: Add subnet `interface` node, link subnet to locally connected interfaces
2024-02-13dhcp: dhcpv6: T3316: Add op-mode for showing DHCP(v6) static-mappingssarthurdev
2024-02-13dhcpv6-server: T3316: Display delegated prefix length in lease outputsarthurdev
2024-02-13dhcpv6-server: T5992: Fix op-mode Kea DHCP lease outputsarthurdev
Due to Kea's lease file cleanup, the CSV file content is inconsistent. This commit makes changes to use the Kea control socket to fetch current lease information.
2024-02-13dhcpv6-server: T5993: Add subnet `interface` node, link subnet to locally ↵sarthurdev
connected interfaces Prior dhcpd behaviour implicitly handled requests for locally connected subnets. Kea requires an explicit link between subnets and an interface.
2024-02-12rpki: T6034: Add missing sections to configtestsarthurdev
2024-02-12Merge pull request #2993 from sarthurdev/T5981Christian Breunig
ipsec: T5981: Strip '@' from migrated peer PKI name
2024-02-12Merge pull request #2994 from c-po/init-T2044Christian Breunig
init: T2044: fix "binary operator expected" when two or more RPKI caches are defined
2024-02-12init: T2044: fix "binary operator expected" when two or more RPKI caches are ↵Christian Breunig
defined Fix commit 9b8e11e07 ("init: T2044: only start rpki if cache is configured") which showed a disturbing error on tty0 after boot that a "binary operator expected" when checking for RPKI caches when multiple results got returned.
2024-02-12rpki: T6024: add migration scripts from file based keys to PKI subsystemChristian Breunig
2024-02-12rpki: T6034: remove OpenSSH keys from /run/frr when unloadedChristian Breunig
2024-02-12pki: T6034: add dependencies to trigger rpki re-run on openssh key updateChristian Breunig
2024-02-12ipsec: T5981: Strip '@' from migrated peer namesarthurdev
2024-02-12Merge pull request #2991 from nicolas-fort/T6019Christian Breunig
T6019: fix smoketest after upgrading nftables and libnftnl packages.