| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
Should be added as runtime option similar to "terminal monitor" known from
other vendors.
|
|
|
|
T7089: Fix static route when using PPPoE default route
|
|
nhrp: T2326: Fixed jinja template to generate NHRP config
|
|
|
|
Removed an unnecessary command that caused an error
when creating a configuration with VRF and NHRP.
|
|
|
|
|
|
|
|
output (#4279)
* T7017: Telegraf should have .info as input for syslog
T7017: updating using vyos_defined keyword as suggested
Co-authored-by: Christian Breunig <christian@breunig.cc>
---------
Co-authored-by: Christian Breunig <christian@breunig.cc>
|
|
Default systemd service for kea-ctrl-agent expects
`/etc/kea/kea-api-password` which is not used in
VyOS.
The systemd unit override to remove the condition
does not need to be in a separate (templated and
dynamic) override file and can be merged into the
existing static override file.
|
|
T7038: T7039: fix broken RADIUS IPv6 source address and add smoketests
|
|
nhrp: T2326: NHRP migration to FRR
|
|
When configuring RADIUS to use IPv6 as connection to the server with an
optional source-address
set system login radius server 2001:db8::4 key '9LMVCtPYpG'
set system login radius source-address '2001:db8::1'
It will error out:
pam_radius_auth(sshd:auth): Failed looking up source IP address [2001:db8::1]
for server [2001:db8::4]:1812 (error=System error)
The source address is not allowed to be in [] - thus the brackets need to be
removed.
|
|
NHRP migration to FRR
|
|
Pull up all the global parameters controlling
process behavior to systemd service.
Also remove `syslog=yes`` as it is not needed with
`exec` type service.
|
|
ddclient: T5791: Keep ddclient.service in foreground
|
|
Improve config parsing for ZBF when using VRFs and interfaces attached to VRFs
|
|
interfaces attached to VRFs
|
|
Since the distributed ddclient.service is of type 'exec' now, avoid using
process forking and let systemd manage the process directly.
|
|
T6994: Add textfile collector config option
|
|
|
|
srv6: T6984: add locator format configuration
|
|
|
|
* T6949: adds blackbox exporter
* T6949: adds basic config generation
* T6949: extract shared module config options
* T6949: switch to ipv4/6 literals
* T6949: moves config file to /run
* T6949: adds dns query name option
* T6949: adds dns query type values
* T6949: adds blackbox exporter to debian/control
|
|
|
|
T6013: Add support for configuring TrustedUserCAKeys for ssh service
|
|
T6936: PPPoE-server add option combined to interface
|
|
local and remote CA keys
|
|
T6953: merges node and frr exporter under prometheus section
|
|
Add option 'combined', it allows to listen to PPP requests on
both VLANs and the base parent interface (wihtout tag)
Before it was impossible to do it from our CLI
set service pppoe-server interface eth1 combined
set service pppoe-server interface eth1 vlan '10-122'
|
|
|
|
T6934: Add preshared key for zabbix-agent monitoring service
|
|
T6918: Accept invalid PPPoE Session in stateful bridge firewall.
|
|
|
|
Migrate "set protocols static route <x.x.x.x/x> next-hop <y.y.y.y> bfd multi-hop
source <z.z.z.z> profile <NAME>" to: "set protocols static route <x.x.x.x/x>
next-hop <y.y.y.y> bfd profile bar"
FRR supports only one source IP address per BFD multi-hop session. VyOS
had CLI cupport for multiple source addresses which made no sense.
|
|
FRR 10.2 will use "[no] ip forwarding" and "[no] ipv6 forwarding" to enable or
disable IP(v6) forwarding. We no longer rely on sysctl as this was overridden
by FRR later on.
Remove code path for sysctl setting and solely rely on FRR.
|
|
tagNode
This will save an entire level for the configuration and there is no need for a
parent "multicast" node, as it will only have "route" as tagNode below.
Move set protocols static multicast route <x.x.x.x/y> to:
* set protocols static mroute <x.x.x.x/y>
|
|
With FRR 10.0 daemons started to be migrated to integrated FRR mgmtd and a
northbound interface. This led to some drawbacks in the current state how
changes to FRR are handled. The current implementation will use frr-reload.py
and specifies excatly WHICH daemon needs a config update and will only replace
this part inside FRR.
With FRR10 and mgmtd when a partial configuration is sent to mgmtd, it will
remove configuration parts from other daemons like bgpd or ospfd which have
not yet been migrated to mgmtd.
It's not possible to call frr-reload.py with daemon mgmtd - it will error out.
This commit will also change the CLI for static routes:
CLI command "set protocols static route 10.0.0.0/8 next-hop 1.2.3.4 bfd multi-hop
source 1.1.1.1" will be split into:
* set protocols static route 10.0.0.0/8 next-hop 1.2.3.4 bfd source-address 1.1.1.1
* set protocols static route 10.0.0.0/8 next-hop 1.2.3.4 bfd multi-hop
To make the XML blocks reusable, and comply with the FRR CLI - this was actually
a wrong implementation from the beginning as you can not have multiple BFD
source addresses.
CLI command "set protocols static route 10.0.0.0/8 next-hop 1.2.3.4 bfd multi-hop
source 1.1.1.1 profile bar" is changed to:
* set protocols static route 10.0.0.0/8 next-hop 1.2.3.4 bfd profile bar
CLI commands "set protocols static multicast interface-route" is moved to:
* set protocols static multicast route <x.x.x.x/x> interface
To have an identical look and feel with regular static routes.
|
|
Drop newlines added by macro statement and Jinja2 comments. Jinja2 comments
will be removed during package build on the shipped files.
|
|
|
|
|
|
|
|
|
|
tacacs: T6613: dynamically build exclude_users list to avoid TACACS traffic
|
|
static: T4214: Allow several dhcp-interfaces to the same static rote
|
|
ipoe_server: T6628: Add option to assign static IP address to end users with local auth
|
|
- Allow configure preshared key for zabbix-agent
- Added op mode command for generatre random psk secret
- Removed duplicate xml definition for psk settings
Configure authentication mode:
```
# set service monitoring zabbix-agent authentication mode
Possible completions:
pre-shared-secret Use a pre-shared secret key
```
Configure PSK Settings:
```
# set service monitoring zabbix-agent authentication psk
Possible completions:
id ID for authentication
secret pre-shared secret key
```
Generate Random PSK:
```
$ generate psk random
Possible completions:
<Enter> Execute the current command
size Key size in bytes
```
|
