| Age | Commit message (Collapse) | Author |
|---|
|
interfaces defined
|
|
T6342: extend schema to handle documentation in xml
|
|
T4930: Allow WireGuard peers via DNS hostname
|
|
T6641: Add vyos-network-event-logger Service
|
|
smoketest: T6911: fix wrong router-id in loaded config validation
|
|
Change some values from the defaults in the used smoketest config for
basic-vyos-no-ntp to make it a litte bit more interesting for the underlaying
config load subsystem.
|
|
An errornous OSPF router-id slipped through in the config load test validation.
|
|
ntp: T6911: fix migration script to not allow empty "service ntp" CLI node
|
|
With T3008 we moved from ntpd to chrony. This came with a restructuring of the
CLI (mainly moving ntp out of system to services). In addition the definition
of a server was made mandatory.
The bug itself manifests at a more crucial point - config migration
vyos-router[1265]: Migration script error: /opt/vyatta/etc/config-migrate/migrate/ntp/1-to-2:
[Errno 1] failed to run command: ['/opt/vyatta/etc/config-migrate/migrate/ntp/1-to-2',
'/opt/vyatta/etc/config/config.boot']
vyos-router[1265]: returned: - op: copy old_path: ['system', 'ntp'] new_path: ['service', 'ntp']
vyos-router[1265]: - op: delete path: ['system', 'ntp']
The fix is that we will no longer migrate an empty ntp CLI node from the old
syntax to the new.
|
|
T7065: pr mirror to trigger only when the pullrequest is merged
|
|
|
|
T7064: added pr mirror related workflows to current
|
|
|
|
|
|
The service parses and logs network events for improved monitoring and diagnostics.
Supported event types include:
- `RTM_NEWROUTE`, `RTM_DELROUTE`
- `RTM_NEWLINK`, `RTM_DELLINK`
- `RTM_NEWADDR`, `RTM_DELADDR`
- `RTM_NEWNEIGH`, `RTM_DELNEIGH`, `RTM_GETNEIGH`
- `RTM_NEWRULE`, `RTM_DELRULE`
Added operational mode commands for filtered log retrieval:
- `show log network-event <event-type> <interface>`: Retrieve logs filtered by event type and interface.
- `show interfaces <type> <name> event-log <event-type>`: Display interface-specific logs filtered by event type.
|
|
T7046: add wrappers for reference tree utilities
|
|
To simplify updating in case of supplemental interface-definitions from
addons, the reftree cache(s) are moved to an independent directory.
|
|
dhcp: T7052: Refactor kea dhcp op-mode functions to vyos.kea
|
|
output (#4279)
* T7017: Telegraf should have .info as input for syslog
T7017: updating using vyos_defined keyword as suggested
Co-authored-by: Christian Breunig <christian@breunig.cc>
---------
Co-authored-by: Christian Breunig <christian@breunig.cc>
|
|
T681: Fix QoS DSCP filter
|
|
Fixed opmode command help strings
|
|
dhcp: T5840: Merge systemd service overrides for kea-ctrl-agent
|
|
Method is not referenced in the code base, remove dead code.
|
|
Extend ConfigTreeQuery().get_config_dict() with arguments to read in default
CLI values, too. This removes the need for hardcoded default values at
multiple places like:
if max_dns_retry is None:
max_dns_retry = 3
in this case.
|
|
|
|
Retrieving the config dict sets key_mangling(), thus we need to look for
host_name instead of host-name.
|
|
WireGuard performs a handshake every WIREGUARD_REKEY_AFTER_TIME if data is
being transmitted between the peers. If no data is transmitted, the handshake
will not be initiated unless new data begins to flow. Each handshake generates
a new session key, and the key is rotated at least every 120 seconds or upon
data transmission after a prolonged silence.
|
|
|
|
|
|
|
|
* set interfaces wireguard wgXX peer YY hostname <fqdn>
|
|
remote: T7048: merge git environment with the os environment
|
|
nhrp: T2326: Fixed network-id migration
|
|
Fixed network-id migration.
Every tunnel should have its own nhrp network-id.
|
|
|
|
|
|
Relocate the kea dhcp op-mode functions to kea helper
functions in vyos.kea. This allows the functions to
be reused by other scripts, not just op-mode wrappers.
This moves the source of truth for the op-mode
commands to the actual running kea instance,
rather than VyOS config path.
Also, apply some minor code cleanup and make some
of the mappings consistent across the functions.
|
|
|
|
Default systemd service for kea-ctrl-agent expects
`/etc/kea/kea-api-password` which is not used in
VyOS.
The systemd unit override to remove the condition
does not need to be in a separate (templated and
dynamic) override file and can be merged into the
existing static override file.
|
|
|
|
|
|
allows utilizing ssh-agent and other environment-variable-based behavior
customizations
|
|
T7038: T7039: fix broken RADIUS IPv6 source address and add smoketests
|
|
kea: T7041: Check lease hostname string is not empty
|
|
nhrp: T2326: NHRP migration to FRR
|
|
The left shift operation aligns the DSCP/TOS value with its bit position in the IP header.
TC expects a DSCP value with this shift
|
|
|
|
T7042: drop use of inspect module in favor of ast for source analysis
|
|
When configuring RADIUS to use IPv6 as connection to the server with an
optional source-address
set system login radius server 2001:db8::4 key '9LMVCtPYpG'
set system login radius source-address '2001:db8::1'
It will error out:
pam_radius_auth(sshd:auth): Failed looking up source IP address [2001:db8::1]
for server [2001:db8::4]:1812 (error=System error)
The source address is not allowed to be in [] - thus the brackets need to be
removed.
|
|
RADIUS is pretty sensible to its configuration. Instead of manual testing,
extend the smoketest platform to ship a freeradius container and perform logins
against a locally running freeradius server in a container.
|
