| Age | Commit message (Collapse) | Author |
|---|
|
libvyosconfig is both a build and a run dependency of vyos-1x.
Satisfying the build dependency within the Docker image requires
coordination of updates to vyos-build/libvyosconfig/vyos-1x on any
changes to the library; simplify this process by moving the build to a
step of the vyos-1x Makefile.
|
|
|
|
|
|
|
|
|
|
|
|
T4930: Allow WireGuard peers via DNS hostname
|
|
To simplify updating in case of supplemental interface-definitions from
addons, the reftree cache(s) are moved to an independent directory.
|
|
|
|
T7038: T7039: fix broken RADIUS IPv6 source address and add smoketests
|
|
nhrp: T2326: NHRP migration to FRR
|
|
RADIUS is pretty sensible to its configuration. Instead of manual testing,
extend the smoketest platform to ship a freeradius container and perform logins
against a locally running freeradius server in a container.
|
|
NHRP migration to FRR
|
|
When setting up vyos-1x-smoketest package, the required container images will
be fetched from the appropriate registry. During development one will re-install
the vyos-1x generated packages periodically. In the past this triggered a
re-download of the container images for every set-up of the package.
Getting image source signatures
Copying blob sha256:d3a4026919f923f4e0bb9a23a1e5c2d3c5593d31cbac8d2d6d032285b4852945
Copying config sha256:c1f39daffdeffeb97987901406e2ecef0fb2c2ca236fdfaf570d088426294d91
Writing manifest to image destination
Storing signatures
Getting image source signatures
Copying blob sha256:a0d0a0d46f8b52473982a3c466318f479767577551a53ffc9074c9fa7035982e
Copying blob sha256:064e2154c8ec1ddeb114ebc9db9a3876ee8883e9a14fe8622c31cb6f17b759f6
Copying blob sha256:7e3fbb46165bc5a98b12c136087a13992e30fe00ab4fab2bbe6c7edd657d8c5b
Copying blob sha256:80a416511ac029206f3f824a15b1c94845c410242a1e463c466a1b3081f7e20f
Copying blob sha256:339be6688c410f9851f6f09cf0c9d63819f8ca5f2bb09d93ce8c42714842f5ed
Copying config sha256:6950ba3bd4492642b6c6c0c5f5bb88a5f2a48f700974a2bdba74333a65d9324e
Writing manifest to image destination
Storing signatures
This change will download the container images only if the image is not present
on the system.
|
|
* smoketest: T7023: unify container image loading
* smoketest: T7023: add tac_plus container to live validate login
TACACS is pretty sensible to its configuration. Instead of manual testing,
extend the smoketest platform to ship a tac_plus container and perform logins
against a locally running tac_plus server in a container.
The login username/password and TACACS shared secret is generated randomly on
the fly for every testcase.
|
|
on libnss-mapuser (#4281)
Upstream 2.0.0 version from Debian has issues
|
|
* T6949: adds blackbox exporter
* T6949: adds basic config generation
* T6949: extract shared module config options
* T6949: switch to ipv4/6 literals
* T6949: moves config file to /run
* T6949: adds dns query name option
* T6949: adds dns query type values
* T6949: adds blackbox exporter to debian/control
|
|
|
|
|
|
|
|
Drop newlines added by macro statement and Jinja2 comments. Jinja2 comments
will be removed during package build on the shipped files.
|
|
|
|
As we are generating the reference tree from the XML definitions during
build, save an internal representation for vyconfd to load on startup.
|
|
|
|
|
|
cli: T6740: add a converter from set commands to config
|
|
Extend commit a0c15a159 ("T973: add basic node_exporter implementation") by
adding the required dependency to install node-exporter binary.
|
|
T973: add basic node_exporter implementation
|
|
|
|
|
|
Recent ethtool 6.10 supports JSON output for the base driver features. Remove
our old text based processing code and use the machine readable output of
ethtool.
|
|
|
|
|
|
During podman upgrade and a build from the original source the UNIX socket
definition for systemd got lost in translation.
This commit re-adds the UNIX socket which is started on boot to interact with
Podman.
Example:
curl --unix-socket /run/podman/podman.sock -H 'content-type: application/json' \
-sf http://localhost/containers/json
|
|
|
|
T6362: Create conntrack logger daemon
|
|
|
|
|
|
This fixes an error during ISO assembly:
update-alternatives: error: no alternatives for regulatory.db
dpkg: error processing archive /tmp/apt-dpkg-install-PJplR3/00-vyos-1x_1.5dev0-1880-gecaa44498_amd64.deb (--unpack):
new vyos-1x package pre-installation script subprocess returned error exit status 2
|
|
Most likely b/c of our non signed Kernel binary we do not trust the Debian
signed wireless regulatory database. Fallback to the upstream database instead.
|
|
|
|
Rather then waiting for a fully assembled ISO image to validate if there is no
incompatibility with vyos-configd - like more then one instance of Config(),
make this a build time test case for "make test"
|
|
|
|
suricata: T751: Initial support for suricata
|
|
Remove `service upnp` as it never worked as expected, nft rules do
not integrated and custom patches do not seem like a suitable
solution for now.
Security:
UPnP has been historically associated with security risks due to its automatic
and potentially unauthenticated nature.
UPnP devices might be vulnerable to unauthorized access or exploitation.
|
|
|
|
|
|
|
|
|
|
|
