summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2024-04-06Merge pull request #3219 from l0crian1/add-fw-description-showViacheslav Hletenko
T6188: add description to show firewall
2024-04-05Merge pull request #3255 from jestabro/remove-xml-libChristian Breunig
T6203: remove obsoleted xml lib
2024-04-05T6203: remove obsoleted xml libJohn Estabrook
The vyos.xml functionality is replaced with vyos.xml_ref.
2024-04-05T6188: Add description to detail view onlyl0crian1
For readability in console sessions, moved the description column to only be shown in the detail view. Changed wrapping in the detail view for description to 65 characters to prevent full line wrapping in console sessions.
2024-04-05Merge pull request #3252 from HollyGurza/T6204Christian Breunig
T6204: cleanup shebang lines
2024-04-05T6204: cleanup shebang lineskhramshinr
2024-04-04op-mode: T6203: replace use of vyos.xml.defaults with automatic defaultsJohn Estabrook
2024-04-04Merge pull request #3249 from c-po/ospf-T6089Christian Breunig
ospf: T6089: fix invalid "ospf passive-interface default"
2024-04-04GitHub: fix "on" trigger for unused-imports workflowChristian Breunig
2024-04-04ospf: T6089: fix invalid "ospf passive-interface default"Christian Breunig
The option "passive-interface default" was set even if it was not present in the previous version we are migrating from. Fix migration script to handle this with a conditional path.
2024-04-04Merge pull request #3244 from aapostoliuk/T6197-circinusChristian Breunig
T6197: Fixed usage ipoe interface client-subnet without pools
2024-04-04Merge pull request #3246 from c-po/spring-cleaning-2Christian Breunig
T6199: drop unused Python imports from graphql source
2024-04-04Makefile: improve "unused-imports" targetChristian Breunig
2024-04-04T6199: drop unused Python imports from graphql sourceChristian Breunig
2024-04-04Merge pull request #3238 from HollyGurza/T5943Daniil Baturin
bgp: T5943: BGP Peer-group members must be all internal or all external
2024-04-04Merge pull request #3214 from nicolas-fort/T6068-keaDaniil Baturin
T6068: dhcp-server: add command <set service dhcp-server high-availability mode>
2024-04-04T6197: Fixed usage ipoe interface client-subnet without poolsaapostoliuk
Allowed using ipoe interface client-subnet without client pools configuration.
2024-04-04Merge pull request #3242 from HollyGurza/T6166Christian Breunig
T6166: Tech support generation error for custom output location
2024-04-04T6166: Tech support generation error for custom output locationkhramshinr
2024-04-04bgp: T5943: BGP Peer-group members must be all internal or all externalkhramshinr
2024-04-03GitHub: run unused imports action only for pull requestsChristian Breunig
2024-04-03Merge pull request #3240 from c-po/spring-cleaningChristian Breunig
T6199: spring cleaning - drop unused Python imports
2024-04-03T6068: dhcp-server: add command <set service dhcp-server high-availability ↵Nicolas Fort
mode> so user can define what type of ha use: active-active or active-passive
2024-04-03GitHub: add action to check for unused importsChristian Breunig
2024-04-03T6199: drop unused Python importsChristian Breunig
found using "git ls-files *.py | xargs pylint | grep W0611"
2024-04-03T6199: replace netifaces.interfaces() with common custom helpersChristian Breunig
* Use interface_exists() outside of verify() * Use verify_interface_exists() in verify() to drop common error message
2024-04-03T6199: drop unused sphinx documentation folderChristian Breunig
2024-04-02Merge pull request #3236 from c-po/pki-verifyChristian Breunig
configverify: T6198: add common helper for PKI certificate validation
2024-04-02configverify: T6198: add common helper for PKI certificate validationChristian Breunig
The next evolutional step after adding get_config_dict(..., with_pki=True) is to add a common verification function for the recurring task of validating SSL certificate existance in e.g. EAPoL, OpenConnect, SSTP or HTTPS.
2024-04-02Merge pull request #3229 from c-po/multi-vrfChristian Breunig
T6192: allow binding SSH to multiple VRF instances
2024-04-02Merge pull request #3230 from c-po/syntax-cleanupChristian Breunig
firewall: nat: policy: vrf: nft call syntax and import cleanup
2024-04-02Merge pull request #3232 from aapostoliuk/T6196-circinusChristian Breunig
T6196: Fixed applying parameters for aggregation in BGP
2024-04-02T6196: Fixed applying parameters for aggregation in BGPaapostoliuk
Fixed using 'route-map', 'as-set' and 'summary-only' together in aggregation in BGP
2024-04-01Merge pull request #3212 from fett0/T6151fett0
bgp: T6151: Allow configuration of disable-ebgp-connected-route-check
2024-04-01init: T3355: always use full nft command name (e.g. --file over -f)Christian Breunig
2024-04-01firewall: T970: always use full nft command name (e.g. --file over -f)Christian Breunig
2024-04-01conntrack: T4309: T4903: always use full nft command name (e.g. --file over -f)Christian Breunig
2024-04-01nhrp: T2199: always use full nft command name (e.g. --file over -f)Christian Breunig
2024-04-01policy: T2199: always use full nft command name (e.g. --file over -f)Christian Breunig
2024-04-01nat: T2199: always use full nft command name (e.g. --file over -f)Christian Breunig
2024-04-01vrf: T3655: always use full nft command name (e.g. --check over -c)Christian Breunig
2024-04-01firewall: T2199: always use full nft command name (e.g. --file over -f)Christian Breunig
2024-04-01ssh: T6192: allow binding to multiple VRF instancesChristian Breunig
Currently VyOS only supports binding a service to one individual VRF. It might become handy to have the services (initially it will be VRF, NTP and SNMP) be bound to multiple VRFs. Changed VRF from leafNode to multi leafNode with defaultValue: default - which is the name of the default VRF.
2024-04-01utils: T5738: always use vyos.utils.network.interface_exists over os.path.existsChristian Breunig
2024-04-01xml: T5738: extend VRF building blocks with common constraint definitionChristian Breunig
2024-04-01 T6188:l0crian1
- modified: src/op_mode/firewall.py Changed behavior of "show firewall" for specific rule to only show rule and not also default-action
2024-04-01 modified: op-mode-definitions/firewall.xml.inl0crian1
- Added show firewall <sections> detail paths modified: src/op_mode/firewall.py - Added Description as a header to normal "show firewall" commands - Added 'detail' view which shows the output in a list key-pair format Description column was added for these commands and their subsections: show firewall statistics show firewall groups show firewall <family> Detail view was added for these commands: show firewall bridge forward filter detail show firewall bridge forward filter rule <rule#> detail show firewall bridge name <chain> detail show firewall bridge name <chain> rule <rule#> detail show firewall ipv4 forward filter detail show firewall ipv4 forward filter rule <rule#> detail show firewall ipv4 input filter detail show firewall ipv4 input filter rule <rule#> detail show firewall ipv4 output filter detail show firewall ipv4 output filter rule <rule#> detail show firewall ipv4 name <chain> detail show firewall ipv4 name <chain> rule <rule#> detail show firewall ipv6 forward filter detail show firewall ipv6 forward filter rule <rule#> detail show firewall ipv6 input filter detail show firewall ipv6 input filter rule <rule#> detail show firewall ipv6 output filter detail show firewall ipv6 output filter rule <rule#> detail show firewall ipv6 name <chain> detail show firewall ipv6 name <chain> rule <rule#> detail show firewall group detail show firewall group <group> detail
2024-04-01Merge pull request #3223 from c-po/T6193-dhcp-clientDaniil Baturin
system: T6193: invalid warning "is not a DHCP interface but uses DHCP name-server option"
2024-04-01Merge pull request #3224 from c-po/T2590-dhcpv6-clientDaniil Baturin
dhcpv6-client: T2590: fix vyos-hostsd update for nameserver and search domains
2024-04-01Merge pull request #3222 from HollyGurza/T6178Christian Breunig
T6178: Check that certificate exists during reverse-proxy commit