summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2025-06-19T7564: added darker ruff lint workflowkumvijaya
2025-06-19Merge pull request #4564 from factor2431/fix-wireguard-fwmarkChristian Breunig
T7554: fix wireguard fwmark parsing
2025-06-19Merge pull request #4560 from c-po/ruff-lintChristian Breunig
T7564: GitHub: remove ruff linter PR check - should be an automated review
2025-06-19T7564: GitHub: remove ruff linter PR check - should be an automated reviewChristian Breunig
Consensus amongst the developers was to rather move the hard PR check to a soft check in form of an automated review by a Bot using GitHub actions.
2025-06-19Merge pull request #4558 from natali-rs1985/T6951Daniil Baturin
firewall: T6951: Add a configuration command for ethertypes that bridge firewalls should always accept
2025-06-19Merge pull request #4566 from jestabro/static-route-migrationDaniil Baturin
migration: T6968: check for ip address as next-hop-interface
2025-06-18migration: T6968: check for ip address as next-hop-interface in 1.3.xJohn Estabrook
1.3.x did not disallow an ip address as value of: protocols static route addr next-hop-interface Consequently, the case should be checked and handled during migration.
2025-06-18T7554: fix wireguard fwmark parsingfactor2431
2025-06-17firewall: T6951: Add a configuration command for ethertypes that bridge ↵Nataliia Solomko
firewalls should always accept
2025-06-17container: T7473: fix show/monitor container log failed when log-driver is ↵opswill
journald
2025-06-17Merge pull request #4559 from natali-rs1985/T7506Christian Breunig
vrf: T7506: Do not use default table 254 for VRF
2025-06-17vrf: T7506: Do not use default table 254 for VRFNataliia Solomko
2025-06-15Merge pull request #4542 from yunzheng/T3681-remove-pppChristian Breunig
vyos-1x-vmware: T3681: Remove extra -x flag from Python bytecompile
2025-06-12Merge pull request #4552 from jestabro/reset-sectionViacheslav Hletenko
T7488: add utility for automatic rollback of section on apply stage error
2025-06-12Merge pull request #4497 from yzguy/T7432Daniil Baturin
T7432: RPKI VRF Support
2025-06-12Merge pull request #4546 from sarthurdev/T7056Daniil Baturin
openvpn: T7056: Raise error if non-TAP device is bridged
2025-06-12Merge pull request #4554 from c-po/wwan-smoketestDaniil Baturin
smoketest: T7539: improve Kernel option check for WWAN
2025-06-11smoketest: T7539: improve Kernel option check for WWANChristian Breunig
2025-06-11smoketest: T7539: improve Kernel option check for INOTIFY STACKFS patchsetChristian Breunig
2025-06-11Merge pull request #4553 from dmbaturin/T7540-reset-connectionViacheslav Hletenko
op-mode: T7540: move "clear interface connection" to "reset connection"
2025-06-11op-mode: T7540: move "clear interface connection" to "reset connection"Daniil Baturin
2025-06-10T7488: exit silently if path doesn't exist, unless debugJohn Estabrook
2025-06-10T7488: allow reloads outside of config sessionJohn Estabrook
2025-06-10T7488: add utility for automatic rollback of section on apply stage errJohn Estabrook
2025-06-10configd: T7488: allow distinction of first-order error verify vs applyJohn Estabrook
Leave hint if vyos-configd encounters an error in the generate/apply stages: this only detects 'first-order' differences, meaning those originating from the called config mode script, and not its dependencies. This is useful for supporting automatic rollback for certain cases of apply stage error.
2025-06-10Merge pull request #4550 from ↵Daniil Baturin
dmbaturin/T7527-eliminate-embedded-op-mode-shell-snippets op-mode: T7527: move assorted embedded shel snippets to script files
2025-06-10Merge pull request #4551 from dmbaturin/T7538-remove-show-login-levelDaniil Baturin
op-mode: T7538: remove the obsolete "show login level" command
2025-06-10Merge pull request #4527 from cblackburn-igl/currentDaniil Baturin
T7492: Fix modem connection code
2025-06-10Merge pull request #4536 from ig0rb/fix/T7510-ospf-nssa-translation-errorDaniil Baturin
T7510: ospfd.frr.j2 ospf nssa translation error - fix template
2025-06-10op-mode: T7527: move assorted embedded shel snippets to script filesDaniil Baturin
2025-06-09Merge pull request #4526 from jestabro/config-mgmt-contextJohn Estabrook
T7365: add commit hooks and cli integration
2025-06-09op-mode: T7538: remove the obsolete "show login level" commandDaniil Baturin
2025-06-09T7374: update hash for vyconf_cli toolJohn Estabrook
2025-06-09T7374: add links for vyconf_cli.pyJohn Estabrook
2025-06-09T7374: add environment variable vyconf_bin_dirJohn Estabrook
2025-06-09T7374: add python cli script to compliment executable vyconf_cliJohn Estabrook
For certain commands, notably 'commit', a python script is preferable to the more responsive executable vyconf_cli. Criteria are (1) longer running process, not benefiting from a compiled tool (2) convenience of integration with the ecosystem, for example pre-/post-commit hooks.
2025-06-09T7365: add env var used by post-commit scriptsJohn Estabrook
2025-06-09T7365: call commit hooks in vyconf sessionJohn Estabrook
2025-06-09T7352: add check for privileges in utilityJohn Estabrook
2025-06-09Merge pull request #4549 from yzguy/T7532Daniil Baturin
T7532: container sysctl parameter values are quoted
2025-06-09Merge pull request #4548 from c-po/T7202-conntrackDaniil Baturin
conntrack: T7208: nf_conntrack_buckets defaults and behavior
2025-06-09Merge pull request #4544 from opswill/firewall-featureViacheslav Hletenko
T7523: firewall: Accepting invalid traffic for pppoe discovery and wol
2025-06-08T7510: add commit warnings about invalid use of OSPF area-typesChristian Breunig
To keep existing CLI behavior use a Warning() to prompt the user for an invalid configuration. It is not possible to have more the one area-type defined per area logically - the CLI does support it. In addition the backbone area cannot be of type STUB or NSSA. CLI configuration should be cleaned up using a migrator in the future.
2025-06-08T7510: add smoketests for OSPF nssa translationChristian Breunig
2025-06-08T7510: ospfd.frr.j2 ospf nssa translation error - fix templateig0rb
2025-06-07T7532: container sysctl parameter values are quotedAdam Smith
2025-06-07conntrack: T7208: nf_conntrack_buckets defaults and behaviorChristian Breunig
Previously, we used a lower limit of 1 and a default value of 32768 for the nf_conntrack_buckets (conntrack hash-size) sysctl option. However, the Linux kernel enforces an internal minimum of 1024. A configuration migrator will now adjust the lower limit to 1024 if necessary. The former default value of 32768 was passed as a kernel module option, which only took effect after the second system reboot. This was due to the option being rendered but not applied during the first boot. This behavior has been changed so that the value is now configurable at runtime and takes effect immediately. Additionally, since VyOS 1.4 increased the hardware requirements to 4GB of RAM, we now align the default value of nf_conntrack_buckets with the kernel's default for systems with more than 1GB of RAM to 65536 entries. Previously, we only supported half that amount.
2025-06-05openvpn: T7056: Raise error if non-TAP device is bridgedsarthurdev
2025-06-05Merge pull request #4545 from sever-sever/T7524Daniil Baturin
T7524: Fix binary path for gwlbtun
2025-06-05T7524: Fix binary path for gwlbtunViacheslav Hletenko
Fix the gwlbtun binary path ``` r14 (gwlbtun)[8378]: aws-gwlbtun.service: Failed to locate executable /usr/bin/gwlbtun: No such file or directory ``` path ``` vyos@r14# sudo whereis gwlbtun gwlbtun: /usr/sbin/gwlbtun ```
generated by cgit v1.2.3 (git 2.39.1) at 2026-01-20 04:33:05 +0000