| Age | Commit message (Collapse) | Author |
|---|
|
T7334: pr mirror trigger workflow added with label creation permission for default github token
|
|
default github token
|
|
* firewall: T7370: Add conntrack log commands
Added the following commands:
show log conntrack
show log conntrack event new
show log conntrack event update
show log conntrack event destroy
* firewall: T7370: Add conntrack log commands
Added the following commands:
show log conntrack
show log conntrack event new
show log conntrack event update
show log conntrack event destroy
* firewall: T7370: Add conntrack log commands
Added the following commands:
show log conntrack
show log conntrack event new
show log conntrack event update
show log conntrack event destroy
* Fix capitalization
---------
Co-authored-by: l0crian1 <ryan.claridge13@gmail.com>
Co-authored-by: Daniil Baturin <daniil@baturin.org>
|
|
firewall: T7369: Match global state policies in show firewall
|
|
grub: T7327: honor "system option kernel" settings during image upgrade
|
|
T7343: IPsec add traffic-selector handling for VTI interfaces
|
|
dhcpv6-client: T6113: add proper startup/shutdown order for systemd units
|
|
Allow to set traffic-selector for VTI interfaces
We can set several local and remote IPv4 and IPv6 prefixes
```
set vpn ipsec site-to-site peer P1 vti traffic-selector local prefix 0.0.0.0/0
set vpn ipsec site-to-site peer P1 vti traffic-selector local prefix :/0
set vpn ipsec site-to-site peer P1 vti traffic-selector remote prefix 192.0.2.0/24
```
|
|
Global state policies were not matched when typing "show firewall"
|
|
Global state policies were not matched when typing "show firewall"
|
|
When running dhcp6c on top of a PPPoE interface, properly honor the dependency
chain with systemd. On shutdown we need to stop the wide-dhcpv6-client prior
to shutting down the ppp portion of the interface.
|
|
When performing an image upgrade and Linux Kernel command-line option that
should be passed via GRUB to the Linux Kernel are missing on the first boot.
This is because when generating the GRUB command-line via the op-mode scripts
the CLI nodes defining the options are not honored.
This commit re-implements the code-path in op-mode which generates the strings
passed via GRUB to the Linux Kernel command-line.
NOTE: If (for a yet unknown reason) a Kernel command-line option string changes
during a major - or minor - upgrade of the Linux Kernel, we will need to adapt
that logic and possibly call a helper from within the NEW updated image rootfs.
Thus we can ship future information back into the past like the "Grays Sports
Almanac" from Back to the Future Part II.
|
|
|
|
kea: T7281: Add ping-check, use built-in option for classless static routes
|
|
ids: T7241: remove Fastnetmon from the base system
|
|
T7353: T7360: netplug: behavior change 1.3.8 -> 1.4 when interface with DHCP address looses carrier
|
|
T7321: Replace legacy operations in configsession.py with vyconf client operations
|
|
|
|
When an interface goes down - e.g. cable unplugged - the DHCPv6 assigned IPv6
address is not removed from said interface. We should provide the same behavior
as with IPv4. IPv6 address should be removed and dhcpv6 client restarted once
the interface goes operational up again.
|
|
The initial rewrite of vyos-netplug-dhcp-client by me tried to outsmart the
DHCP client implementation by re-using vyos.ifconfig.Interface(). This added
a regression where an interface loosing it's carrier no longer deconfigured
it's IP address. This was a change in behavior form VyOS 1.3.
In addition a bug is fixed as when a VLANs interface parent looses it's carrier
we now also stop the DHCP client process.
This script is now back to simply starting/stopping the DHCP client process.
|
|
* dhcp-server: T7310: add support for option 138 CAPWAP AC to KEA
* kea: T7310: Update data/templates/dhcp-server/kea-dhcp4.conf.j2
Co-authored-by: Simon <965089+sarthurdev@users.noreply.github.com>
* kea: T7310: Update python/vyos/kea.py
Co-authored-by: Simon <965089+sarthurdev@users.noreply.github.com>
* kea: T7310: add smoketest for capwap-ac-v4
* kea: T7310: Update python/vyos/kea.py
Co-authored-by: Simon <965089+sarthurdev@users.noreply.github.com>
---------
Co-authored-by: David Vølker <davvol@davvol.dk>
Co-authored-by: Simon <965089+sarthurdev@users.noreply.github.com>
|
|
firewall: T7333: Use separate cache keys per inet family
|
|
vyos-router: T7356: unset ANSI bold control character during boot
|
|
T7359: confirm image name is available before proceeding with image installation
|
|
It will eventually be moved to an addon
|
|
T7355: cleanup unused Python3 imports
|
|
|
|
|
|
|
|
|
|
Remove legacy windows static route on option 249
|
|
An attempt to reuse the name of an existing installed image should
prompt the user to re-enter a name, rather than allowing the
installation to fail.
|
|
With the Debian Upgrade from buster to bookworm during the 1.3 -> 1.4 cycle we
inherited a non nice looking ANSI bold setting on the terminal. The ANSI
bold control character is reset "\033[0m" in this commit.
|
|
Netplug daemon is started last after all interfaces got initialized to
properly monitor them for up/down events
|
|
vyos-grub-update service must have been started prior reaching systemd
vyos.target.
|
|
Some unused import statements sneaked into the codebase.
This is about cleaning them up
|
|
|
|
netplug: T7346: only call interface helpers if interface is not removed
|
|
|
|
|
|
Encapsulation of standard config session functions, to replace legacy
versions in configsession.py.
|
|
|
|
|
|
|
|
debian: T7336: update RADIUS library dependency names
|
|
When an interface is removed from the system also netplug is triggered. It
makes no sense to call vyos.ifconfig.Interface() and update it's configuration
when the interface was just recently removed.
This would in fact re-add an interface temporarily in it's worst case.
|
|
dns: T7277: fix service/dns/forwarding/dhcp not parsed
|
|
T7302: add vyos-commitd support for commit dry-run
|
|
T7254: op-mode: Add spanning-tree op-mode commands
|
|
T7311: syslog: Fix duplicate kernel log entries
|
