summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2025-01-20Merge pull request #4302 from HollyGurza/T681Daniil Baturin
T681: Fix QoS DSCP filter
2025-01-20nhrp: T2326: Fixed opmode command help strings (#4304)aapostoliuk
Fixed opmode command help strings
2025-01-19Merge pull request #4308 from indrajitr/kea-ctrl-agent-overrideChristian Breunig
dhcp: T5840: Merge systemd service overrides for kea-ctrl-agent
2025-01-19wireguard: T4930: drop unused WireGuardOperational().show_interface() methodChristian Breunig
Method is not referenced in the code base, remove dead code.
2025-01-19wireguard: T4930: use get_config_dict() rather then individual config queriesChristian Breunig
Extend ConfigTreeQuery().get_config_dict() with arguments to read in default CLI values, too. This removes the need for hardcoded default values at multiple places like: if max_dns_retry is None: max_dns_retry = 3 in this case.
2025-01-19Debian: T4930: restart vyos-domain-resolver service if runningChristian Breunig
2025-01-19wireguard: T4930: fix dict key (-/_) when working with config dictChristian Breunig
Retrieving the config dict sets key_mangling(), thus we need to look for host_name instead of host-name.
2025-01-19wireguard: T4930: add mnemonic for WIREGUARD_REKEY_AFTER_TIMEChristian Breunig
WireGuard performs a handshake every WIREGUARD_REKEY_AFTER_TIME if data is being transmitted between the peers. If no data is transmitted, the handshake will not be initiated unless new data begins to flow. Each handshake generates a new session key, and the key is rotated at least every 120 seconds or upon data transmission after a prolonged silence.
2025-01-19wireguard: T4930: use common error message patternChristian Breunig
2025-01-19smoketest: T4930: add wireguard testcase for peer host-nameChristian Breunig
2025-01-19smoketest: T4930: derive WireGuard test cases from BasicInterfaceTestChristian Breunig
2025-01-19wireguard: T4930: allow peers via FQDNsskaje
* set interfaces wireguard wgXX peer YY hostname <fqdn>
2025-01-18Merge pull request #4303 from xeluior/ssh-agentChristian Breunig
remote: T7048: merge git environment with the os environment
2025-01-17Merge pull request #4309 from aapostoliuk/T2326-fix-2-circinusDaniil Baturin
nhrp: T2326: Fixed network-id migration
2025-01-17nhrp: T2326: Fixed network-id migrationaapostoliuk
Fixed network-id migration. Every tunnel should have its own nhrp network-id.
2025-01-16ruff: T6583: Reformat to comply with code styleIndrajit Raychaudhuri
2025-01-16dhcp: T7052: Rename and simplify functions for consistencyIndrajit Raychaudhuri
2025-01-16dhcp: T7052: Refactor kea dhcp op-mode functions to vyos.keaIndrajit Raychaudhuri
Relocate the kea dhcp op-mode functions to kea helper functions in vyos.kea. This allows the functions to be reused by other scripts, not just op-mode wrappers. This moves the source of truth for the op-mode commands to the actual running kea instance, rather than VyOS config path. Also, apply some minor code cleanup and make some of the mappings consistent across the functions.
2025-01-16ruff: T6583: Reformat to comply with code styleIndrajit Raychaudhuri
2025-01-16dhcp: T5840: Merge systemd service overrides for kea-ctrl-agentIndrajit Raychaudhuri
Default systemd service for kea-ctrl-agent expects `/etc/kea/kea-api-password` which is not used in VyOS. The systemd unit override to remove the condition does not need to be in a separate (templated and dynamic) override file and can be merged into the existing static override file.
2025-01-15T7046: add wrappers for reference tree cache utilsJohn Estabrook
2025-01-15T7046: normalize formattingJohn Estabrook
2025-01-15remote: T7048: merge git environment with the os environmentRobert Gingras
allows utilizing ssh-agent and other environment-variable-based behavior customizations
2025-01-13Merge pull request #4299 from c-po/radius-smoketestChristian Breunig
T7038: T7039: fix broken RADIUS IPv6 source address and add smoketests
2025-01-13Merge pull request #4301 from sarthurdev/T7041Christian Breunig
kea: T7041: Check lease hostname string is not empty
2025-01-13Merge pull request #4217 from aapostoliuk/T2326-circinusChristian Breunig
nhrp: T2326: NHRP migration to FRR
2025-01-13T681: Fix QoS DSCP filterkhramshinr
The left shift operation aligns the DSCP/TOS value with its bit position in the IP header. TC expects a DSCP value with this shift
2025-01-12kea: T7041: Check lease hostname string is not emptysarthurdev
2025-01-11Merge pull request #4300 from jestabro/configd-inspect-by-astJohn Estabrook
T7042: drop use of inspect module in favor of ast for source analysis
2025-01-11radius: T7039: fix broken IPv6 source addressChristian Breunig
When configuring RADIUS to use IPv6 as connection to the server with an optional source-address set system login radius server 2001:db8::4 key '9LMVCtPYpG' set system login radius source-address '2001:db8::1' It will error out: pam_radius_auth(sshd:auth): Failed looking up source IP address [2001:db8::1] for server [2001:db8::4]:1812 (error=System error) The source address is not allowed to be in [] - thus the brackets need to be removed.
2025-01-11smoketest: T7038: add freeradius container to live validate login via RADIUSChristian Breunig
RADIUS is pretty sensible to its configuration. Instead of manual testing, extend the smoketest platform to ship a freeradius container and perform logins against a locally running freeradius server in a container.
2025-01-10T7042: drop use of inspect module in favor of ast for source analysisJohn Estabrook
This avoids importing the config mode script as a module, with requisite dependencies, which may be inconvenient.
2025-01-10Merge pull request #4291 from c-po/tacacs-smoketest-improvementChristian Breunig
Debian: T7023: download smoketest container images only once
2025-01-09Merge pull request #4283 from indrajitr/ddclient-update-20250106Christian Breunig
ddclient: T5791: Relocate process params to ExecStart
2025-01-09nhrp: T2326: NHRP migration to FRRaapostoliuk
NHRP migration to FRR
2025-01-09ddclient: T5791: Relocate process params to ExecStartIndrajit Raychaudhuri
Pull up all the global parameters controlling process behavior to systemd service. Also remove `syslog=yes`` as it is not needed with `exec` type service.
2025-01-09Merge pull request #4296 from c-po/xml-cleanupChristian Breunig
xml: T5738: reuse existing alpha-numeric-hyphen-underscore building block
2025-01-09xml: T5738: reuse existing alpha-numeric-hyphen-underscore building blockChristian Breunig
2025-01-09Merge pull request #4293 from indrajitr/haproxy-backend-completionChristian Breunig
haproxy: T5222: Enable backend completion in service ruleset
2025-01-09Merge pull request #4294 from indrajitr/xml-reuse-rexexpChristian Breunig
xml: T5738: Reuse predefined regex constraint
2025-01-09Merge pull request #4295 from c-po/smoketest-T7033Christian Breunig
smoketest: T7033: nat source group test should use an existing interface
2025-01-09smoketest: T7033: nat source group test should use an existing interfaceChristian Breunig
2025-01-09xml: T5738: Reuse predefined regex constraintIndrajit Raychaudhuri
2025-01-09haproxy: T5222: Enable backend completion in service rulesetIndrajit Raychaudhuri
Enable completion for backend in haproxy service ruleset like so: ``` set load-balancing haproxy service NAME rule 10 set backend ```
2025-01-08Merge pull request #4290 from jestabro/wildcard-transcludeDaniil Baturin
xml: T7029: allow wildcard in include directive
2025-01-08T6342: extend schema to handle documentation in the xml interface definitionrebortg
2025-01-08Debian: T7023: download smoketest container images only onceChristian Breunig
When setting up vyos-1x-smoketest package, the required container images will be fetched from the appropriate registry. During development one will re-install the vyos-1x generated packages periodically. In the past this triggered a re-download of the container images for every set-up of the package. Getting image source signatures Copying blob sha256:d3a4026919f923f4e0bb9a23a1e5c2d3c5593d31cbac8d2d6d032285b4852945 Copying config sha256:c1f39daffdeffeb97987901406e2ecef0fb2c2ca236fdfaf570d088426294d91 Writing manifest to image destination Storing signatures Getting image source signatures Copying blob sha256:a0d0a0d46f8b52473982a3c466318f479767577551a53ffc9074c9fa7035982e Copying blob sha256:064e2154c8ec1ddeb114ebc9db9a3876ee8883e9a14fe8622c31cb6f17b759f6 Copying blob sha256:7e3fbb46165bc5a98b12c136087a13992e30fe00ab4fab2bbe6c7edd657d8c5b Copying blob sha256:80a416511ac029206f3f824a15b1c94845c410242a1e463c466a1b3081f7e20f Copying blob sha256:339be6688c410f9851f6f09cf0c9d63819f8ca5f2bb09d93ce8c42714842f5ed Copying config sha256:6950ba3bd4492642b6c6c0c5f5bb88a5f2a48f700974a2bdba74333a65d9324e Writing manifest to image destination Storing signatures This change will download the container images only if the image is not present on the system.
2025-01-08Merge pull request #4286 from c-po/T7024-vrf-upChristian Breunig
vrf: T7024: instance name "up" and "down" are reserved and should not be used
2025-01-08xml: T7029: allow wildcard in include directiveJohn Estabrook
2025-01-08Merge pull request #4284 from indrajitr/simplify-T7016Daniil Baturin
T7016: Simplify logic for force deleting dynamic IPv4 address from interface
generated by cgit v1.2.3 (git 2.39.1) at 2025-03-21 16:12:51 +0000