summaryrefslogtreecommitdiff
path: root/debian
AgeCommit message (Collapse)Author
2020-07-04Merge pull request #487 from DmitriyEshenko/1x-impl-fnmDaniil Baturin
ids: T2659: Implement fastnetmon support
2020-07-03ids: T2659: Implement fastnetmon supportDmitriyEshenko
2020-06-28T2638: FRR: New framework for configuring FRRRunar Borge
This commit adds the python module vyos.frr that support reading and modifying the frr cofiguration. Functions get_configuration() : Collects the configuration from FRR and returns it as a string reload_configuration() : uses frr-reload.py to activate a new configuration. The configuration applied will overwrite the current configuration. mark_configuration() : Does syntax check/validation and add "end" tags to the configuration The marked configuration will be returned as a string A syntax fault will render an Exception execute() : Execute a command inside vtysh configure() : Executes a command in vtysh config mode replace_section() / _replace_section() : Adds the ability to replace a section of frr code remove_section() : Removes the specified configuration block from the config For now this supports replacing complete config sub-blocks of configuration and selecting the daemon to replace inside. This should work for most daemons, but static routing will still be an issue because this is not a separate sub-config mode
2020-06-22Merge branch 'T2588' of https://github.com/thomas-mangin/vyos-1x into ↵Christian Poessinger
default-doct * 'T2588' of https://github.com/thomas-mangin/vyos-1x: xml: T2588: code to extract defaults values from xml
2020-06-22xml: T2588: code to extract defaults values from xmlThomas Mangin
2020-06-22Debian: remove duplicate build dependencyChristian Poessinger
2020-06-22Merge pull request #452 from jjakob/T2486-dns-hostsd-fixesDaniil Baturin
T2486: DNS, vyos-hostsd fixes
2020-06-18console-server: T2490: add SSH supportChristian Poessinger
A user can define a port under the SSH node per device. WHen connecting to that port and authenticating using regular credentials we will immediately drop to the serial console. This is the same as executing "connect serial-proxy <name>".
2020-06-18console-server: T2490: replace ser2net with conserverChristian Poessinger
2020-06-18console-server: T2490: initial supportChristian Poessinger
2020-06-11vyos-hostsd: T2583: add dependency on python3-voluptuousJernej Jakob
2020-06-11dhcp(v6)-server: T2583: run as 'dhcpd' userJernej Jakob
Add a 'dhcpd' system user that is a member of hostsd group and can connect to vyos-hostsd. Run dhcpd as this user.
2020-06-11vyos-hostsd: T2583: add hostsd groupJernej Jakob
To better control access from other daemons that may not be running as root, create a new group 'hostsd' to which the other daemons running users can be added. Run vyos-hostsd as root:hostsd to create the socket file with correct user and group.
2020-06-11Debian: fix warning about undefined substitution variablesChristian Poessinger
warning: Depends field of package vyos-1x: substitution variable ${shlibs:Depends} used, but is not defined warning: Depends field of package vyos-1x-vmware: substitution variable ${shlibs:Depends} used, but is not defined Remove variables from dependency list as we have explicit non architecture dependend dependencies.
2020-06-07usb: op-mode: T2560: display USB interface informationChristian Poessinger
vyos@vyos:~$ show system usb /: Bus 03.Port 1: Dev 1, Class=root_hub, Driver=ehci-pci/2p, 480M |__ Port 1: Dev 2, If 0, Class=Hub, Driver=hub/4p, 480M |__ Port 3: Dev 4, If 0, Class=Vendor Specific Class, Driver=qcserial, 480M |__ Port 3: Dev 4, If 2, Class=Vendor Specific Class, Driver=qcserial, 480M |__ Port 3: Dev 4, If 3, Class=Vendor Specific Class, Driver=qcserial, 480M |__ Port 3: Dev 4, If 8, Class=Vendor Specific Class, Driver=qmi_wwan, 480M vyos@vyos:~$ show system usb serial No USB to serial converter connected vyos@vyos:~$ show system usb serial Device Model Vendor ------ ------ ------ usb0b1.3.3.4p1.0 Quad_RS232-HS Future Technology Devices International, Ltd usb0b1.3.3.4p1.1 Quad_RS232-HS Future Technology Devices International, Ltd usb0b1.3.3.4p1.2 Quad_RS232-HS Future Technology Devices International, Ltd usb0b1.3.3.4p1.3 Quad_RS232-HS Future Technology Devices International, Ltd usb0b1.3.4p1.0 Quad_RS232-HS Future Technology Devices International, Ltd usb0b1.3.4p1.1 Quad_RS232-HS Future Technology Devices International, Ltd usb0b1.3.4p1.2 Quad_RS232-HS Future Technology Devices International, Ltd usb0b1.3.4p1.3 Quad_RS232-HS Future Technology Devices International, Ltd usb0b1.3p1.0 MC7710 Sierra Wireless, Inc. usb0b1.3p1.2 MC7710 Sierra Wireless, Inc. usb0b1.3p1.3 MC7710 Sierra Wireless, Inc. usb0b1.4p1.0 Quad_RS232-HS Future Technology Devices International, Ltd usb0b1.4p1.1 Quad_RS232-HS Future Technology Devices International, Ltd usb0b1.4p1.2 Quad_RS232-HS Future Technology Devices International, Ltd usb0b1.4p1.3 Quad_RS232-HS Future Technology Devices International, Ltd
2020-06-07op-mode: T2559: add "show environment sensors" commandChristian Poessinger
vyos@vmware:~$ show environment sensors VyOS running under hypervisor, no sensors available vyos@apu4:~$ show environment sensors ath10k_hwmon-pci-0500 temp1: N/A k10temp-pci-00c3 temp1: +54.6°C (high = +70.0°C) (crit = +105.0°C, hyst = +104.0°C) fam15h_power-pci-00c4 power1: 3.28 W (interval = 0.01 s, crit = 6.00 W)
2020-06-04Revert "add dependency on debian tshark package"Christian Poessinger
This reverts commit 44355e6525daec62120601073065f63c9f9a7993.
2020-06-01wake-on-lan: op-mode: T2526: add CLI implementationChristian Poessinger
Wake up host vyos@vyos:~$ wake-on-lan interface eth0.201 host a:b:c:d:e:f Wake up invalid host vyos@vyos:~$ wake-on-lan interface eth0.201 host a:b:c:d:e:f:f etherwake: The Magic Packet host address must be specified as - a station address, 00:11:22:33:44:55, or - a hostname with a known 'ethers' entry.
2020-05-30Debian: remove vyos-qat-kernel-modules & vyos-qat-utilities dependenciesChristian Poessinger
2020-05-22nat: T2460: migrate to new Python implementationChristian Poessinger
2020-05-21nat: T2460: add src/op_mode/show_nat_translations.pyThomas Mangin
2020-05-21macsec: T2023: generate secure channel keys in operation modeChristian Poessinger
2020-05-17dhcpv6-pd: T421: migrate from ISC dhclient to wide-dhcpv6-clientChristian Poessinger
ISC does not support running the client on PPP(oE) interfaces which makes it unusable for DHCPv6 Prefix Delegation tasks. Internet Systems Consortium DHCP Client 4.4.1 Copyright 2004-2018 Internet Systems Consortium. All rights reserved. For info, please visit https://www.isc.org/software/dhcp/ Unsupported device type 512 for "pppoe0"
2020-05-16Debian: add required dependency on systemdChristian Poessinger
2020-05-16nat: T2198: migrate "show nat" commands to XML and PythonChristian Poessinger
- "show nat source|destination statistics" is now implemented in Python - "show nat source|destination rules" needs a new implementation, see T2459 - "show nat source|destination translations" has been copied over from the old repo and is here until it is rewritten, this was not possible for "rules" as there would have been too much dependencies. This one only requires libxml-simple-perl
2020-05-16nat: T2198: make use of jmespath when walking nftables JSON outputChristian Poessinger
2020-05-16nat: T2198: automatically determine handler numbersChristian Poessinger
When instantiating NAT it is required to isntall some nftable jump targets. The targets need to be added after a specific other target thus we need to dynamically query the handler number. This is done by get_handler() which could be moved to vyos.util at a later point in time so it can be reused for a firewall rewrite.
2020-05-16nat: T2198: move from iptables to nftablesChristian Poessinger
2020-05-16nat: T2198: initial XML and Python representationChristian Poessinger
2020-05-09T2267: Versioning: Update version tag from GIT repoRunar Borge
This commit will update the version field of the generated deb package from the git repo version tag. the tag needs to be in the format "vyos/<version>" eg. "vyos/1.2.5" 1.2.5 is then used as the version The version field will be one of the following syntaxes: on a commit: - <version>-<commits from tag>-g<commit id> eg. 1.2.5-4-g23232343 on a commit with unstaged changes: - <version>-<commits from tag>-g<commit id>+dirty eg. 1.2.5-4-g23232343+dirty This will make it clear what state the repo was in when the package was generated. It is possible to remove the number and commit id on the tagged commit, but i've decided to use the same format for all commits tagged or not. as for now the tagged commit will be sufixed with -0-g<commit id> if no valid tag is recieved from `git describe`, the script uses a 0.0 version number. The changelog is also updated to reflext that we dont use it and refers to the Git Changelog and vyos release-notes
2020-05-07T2431: use native versions of validate-value and numeric validator.Daniil Baturin
2020-05-06http api: T2395: add waitress as production WSGI serverJohn Estabrook
2020-05-06http api: T2395: replace bottle with flask as microframeworkJohn Estabrook
2020-04-26salt: T2382: run as user minionChristian Poessinger
2020-04-26salt: T2382: add missing dependency on salt-minionChristian Poessinger
2020-04-23interfaces: T2362: sysctl to not generate IPv6 link-local addreses by defaultJernej Jakob
2020-04-13dhcpv6-relay: T2185: migrate from SysVinit to systemdChristian Poessinger
2020-04-09Debian: T640: explicitly add easy-rsaChristian Poessinger
easy-rsa is used by e.g. OpenVPN installation and was dropped when enabling "--apt-recommends false" in VyOS build system. Dependency has been explicitly added.
2020-03-28wwan: T1988: add support for Sierra Wireless MC7710 modemChristian Poessinger
2020-03-28wwan: T1988: initial XML/Python representationChristian Poessinger
2020-03-24router-advert: T1831: new implementation using XML and PythonChristian Poessinger
2020-03-22wireless: T2151: calculate locally administered MAC address per SSIDChristian Poessinger
According to http://wiki.stocksy.co.uk/wiki/Multiple_SSIDs_with_hostapd every SSID served by access-point should run on its own, locally administered MAC address. Take the phy's interface MAC address as base and calculate a per interface locally administered MAC address.
2020-03-21Debian: Changelog: 1.3.0-17 for vyos-1x-vmware dependencyChristian Poessinger
2020-03-21Debian: vyos-1x-vmware needs a dependency on vyos-1xChristian Poessinger
2020-03-07pppoe: T1318: add ip-pre-up scriptChristian Poessinger
ppp already supports ip-pre-up script but none was being supplied. Need ip-pre-up to handle renames and firewall properly. Script imported from old VyOS PPP fork repository at https://github.com/vyos/ppp-debian
2020-03-01syslog: T2086: move sudo session open/close log entries to auth.logChristian Poessinger
2020-02-23pppoe: T1318: add first version of new XML/Python implementationChristian Poessinger
vyos@vyos# show interfaces pppoe pppoe pppoe0 { default-route force link eth2.7 mtu 400 name-server auto password 12345678 user-id vyos@vyos.io }
2020-02-13Debian: add missing dependency on isc-dhcp-clientChristian Poessinger
Commit e39f2ea ("dhclient-script: T1987: Multiple fixes in dhclient-script") added the dhclient script but it missed the dependency.
2020-02-12dhclient-script: T1987: Multiple fixes in dhclient-scriptzsdc
This changeset contains multiple changes in structure, logic, and bugfixes for dhclient-script. It should provide better compatibility with new Debian versions and flexibility in controlling and changing VyOS-related functions. 1. Structure change: * All VyOS-related functionality was moved from dhclient-script itself to separated hook files. * Old vyatta-dhclient-hook was moved from vyatta-cfg to vyos-1x. * This change allows discard dhclient-script replacing and use the original one from Debian without any changes. So, we do not need to track all changes in upstream so carefully. * To provide compatibility between original dhclient-script and VyOS, two internal commands/functions are repaced in hooks: ip and make_resolv_conf. So, in all places where used ${ip} or make_resolv_conf, actually using VyOS-tuned functions instead original. * `ip` function is a wrapper, which automatically chooses what to use: transparently pass a command to /usr/sbin/ip, change a route in kernel table or FRRouting config via vtysh. * `make_resolv_conf` function main logic was copied from current VyOS implementation and use vyos-hostsd-client for making changes 2. Added: * Logging. Now is possible to log all changes, what is doing by dhclient-script. Logs can be saved to the journal and displayed in stderr (for debugging purposes). By default, logging to the journal is enabled (at least for some time) to provide a way to collect enough information in case if some bug in this new implementation will be found. This can be changed in the 01-vyos-logging file. 3. Fixed/Changed: * If DHCP lease was expired, released or dhclient was stopped, dhclient-script will try to delete default route from this lease. * Instead of blindly killing all dhclients in case if FRRouting daemon is not running, now used more intelligent logic: * dhclients are stopping natively (with all triggers processing), instead of killing; * dhclient-script will not kill parent dhclient process. This allows to fix the problem when systemd inform about failing to rise up interfaces at early boot stages (used in Cloud-init images); * dhclient-script will not touch dhclients, which are not related to the current interface or IP protocol version. * For getting FRRouting daemon status used native way via watchfrr.sh, instead of the previous trick with vtysh accessibility. * before adding a new route to FRRouting configuration, this route will be deleted from the kernel (if it is presented there). This allows to properly replace routes, added at early boot stages, when FRR not available. * Routes in FRRouting are adding with "tag 210". This allows protecting static routes, added via CLI, from deletion when old routes are deleting by DHCP. * DNS servers will be reconfigured only when $new_domain_name_servers are not the same as $old_domain_name_servers. Previously, this was done during each RENEW procedure. * Replacing MTU for preconfigured one was changed to Python (via vyos.config). The previous version with vyatta-interfaces.pl was obsoleted and seems to be broken.
2020-02-05Merge branch 't1948-system-login' of github.com:c-po/vyos-1x into currentChristian Poessinger
* 't1948-system-login' of github.com:c-po/vyos-1x: radius: T1948: add libnss-mapname support radius: T1948: rename server dictionary radius: T1948: supply PAM configuration template user: T1948: fix system user creation ogin: user: radius: T1948: use discrete configuration for each system login: T1948: remove obsolete config nodes "group" and "level" login: T1948: SSH keys can only be added after user has been created login: T1948: initial support for RADIUS configuration login: T1948: support for SSH keys login: T1948: add/remove local users login: T1948: initial rewrite in XML/Python options: T1919: remove broken comment