summaryrefslogtreecommitdiff
path: root/interface-definitions
AgeCommit message (Collapse)Author
2020-08-22dhcpv6-pd: T2677: optimize CLI interface for PD configurationChristian Poessinger
The current CLI did not support multiple prefix-delegations per interface. Some ISPs only send one /64 to a client per prefix-delegation request, but they allow the customer to request multiple prefixes. The 'dhcpv6-options prefix-delegation' node has been renamed and converted to a tag node named 'dhcpv6-options pd'. The tag node specifies a PD request (>=0). In the past the user needed to know what prefix will be assigned and required to calculate the sla-len by himself. The 'sla-len' node was dropped and is now calculated in the background from the 'dhcpv6-options pd 0 length' node. It is no longer mandatory to supply the 'sla-id' node, if sla-id is not specified it is 'guessed' by counting upwards. Example configuration: ---------------------- ethernet eth1 { address dhcpv6 dhcpv6-options { pd 0 { length 56 interface eth2 { address 1 } } } } This will request a /56 assignment from the ISP and will delegate a /64 network to interface eth2. VyOS will use the interface address ::1 on the delegate interface (eth2) as its local address.
2020-08-19mpls-ldp: T915: Add discovery hello timerssever-sever
2020-08-18anyconnect: T2036: add anyconnect VPN supportEshenko Dmitriy
2020-08-18lcd: T2564: add support for Lanner, Watchguard, Symantec boxesChristian Poessinger
2020-08-16Merge pull request #523 from jjakob/increase-max-nat-rule-number-T2764Christian Poessinger
nat: T2764: increase maximum rule number to 999999
2020-08-15lcd: T2564: flatten CLI interfaceChristian Poessinger
* set system lcd device <device> * set system lcd model <modeml> Both device and model have completion helpers for supported interfaces and LCD displays.
2020-08-12Merge branch 'system-display' of https://github.com/fmertz/vyos-1x into ↵Christian Poessinger
t2564-lcd * 'system-display' of https://github.com/fmertz/vyos-1x: system display: T2564: Added test model system display: T2564: Dictionary code update system display: T2564: Conf files to /run system display: T2564: Changed "duration" to "time" system display: T2564: py code cleanup system display: T2564: Replace "config (enabled|disabled)" with "display disabled" system display: T2564: Lowercase model names system display: T2564 Extend VyOS to support appliance LCDs
2020-08-06nat: T2764: increase maximum rule number to 999999Jernej Jakob
2020-08-04ssh: T2651: add cli options for source addressChristian Poessinger
When running SSH from the VyOS system the source IP address can be set by: set system options ssh-client source-address x.x.x.x
2020-08-04cleanup: convert multiple files from DOS to UNIX line endingChristian Poessinger
2020-08-03lldp: T393: improve all completion helperChristian Poessinger
2020-08-02accel-ppp: T2756: make RADIUS accounting port configurableChristian Poessinger
Make the port used for RADIUS accounting user configurable. This is now valid for the following services which are based on Accel-PPP: * ipoe-server * pppoe-server * l2tp * pptp * sstp
2020-07-30router-advert: T2745: migrate to get_config_dict()Christian Poessinger
2020-07-29mdns-repeater: T2742: migrate to get_config_dict()Christian Poessinger
2020-07-26wireguard: ifconfig: T2653: move to get_config_dict()Christian Poessinger
The current VyOS CLI parser code written in Python contains a ton of duplicates which I can also hold myself accountable for - or maybe mainly me - depends on the angle of judge.
2020-07-26wireguard: T2734: fwmark is a 32bit value - fix validatorChristian Poessinger
2020-07-26vxlan: ifconfig: T2653: move to get_interface_dict()Christian Poessinger
The current VyOS CLI parser code written in Python contains a ton of duplicates which I can also hold myself accountable for - or maybe mainly me - depends on the angle of judge.
2020-07-26pseudo-ethernet: ifconfig: T2733: support MTU configurationChristian Poessinger
2020-07-26Merge branch 'current' of https://github.com/vyos/vyos-1x into currentDaniil Baturin
2020-07-26Fix a typo in BFD command help.Daniil Baturin
2020-07-25l2tpv3: ifconfig: T2653: move implementation to get_interface_dict()Christian Poessinger
The current VyOS CLI parser code written in Python contains a ton of duplicates which I can also hold myself accountable for - or maybe mainly me - depends on the angle of judge.
2020-07-25wireless: ifconfig: T2653: move to get_config_dict()Christian Poessinger
The current VyOS CLI parser code written in Python contains a ton of duplicates which I can also hold myself accountable for - or maybe mainly me - depends on the angle of judge.
2020-07-25bonding: ifconfig: T2653: move to get_config_dict()Christian Poessinger
The current VyOS CLI parser code written in Python contains a ton of duplicates which I can also hold myself accountable for - or maybe mainly me - depends on the angle of judge.
2020-07-25pseudo-ethernet: ifconfig: T2653: move to get_config_dict()Christian Poessinger
The current VyOS CLI parser code written in Python contains a ton of duplicates which I can also hold myself accountable for - or maybe mainly me - depends on the angle of judge. While providing a new update() method in vyos.ifconfig.interfaces() this is extended for pdeudo-ethernet interfaces in the derived class.
2020-07-25bridge: ifconfig: T2653: move to get_config_dict()Christian Poessinger
The current VyOS CLI parser code written in Python contains a ton of duplicates which I can also hold myself accountable for - or maybe mainly me - depends on the angle of judge. While providing a new update() method in vyos.ifconfig.interfaces() this is extended for bridge interfaces in the derived bridge class. Signed-off-by: Christian Poessinger <christian@poessinger.com>
2020-07-25ethernet: ifconfig: T2653: move to get_config_dict()Christian Poessinger
The current VyOS CLI parser code written in Python contains a ton of duplicates which I can also hold myself accountable for - or maybe mainly me - depends on the angle of judge. While providing a new update() method in vyos.ifconfig.interfaces() this is extended for ethernet based interfaces which also supports 802.1q, 802.1ad VLANs. This commit migrates the existing codebase for an ethernet based interfaces and implements the missing parts for VLANs. Adding or migrating other interfaces (e.g. bridge or bond) will become much easier as they must reuse the entire functionality - we now walk towards a single codepath. Thanks for all who made this combined effort possible! Signed-off-by: Christian Poessinger <christian@poessinger.com>
2020-07-25ifconfig: T2653: set arp-cache-timeout default value of 30msChristian Poessinger
2020-07-15http-client: T2651: support specifying source-interface/address for curlChristian Poessinger
Please note that either interface or address can be configured. system { options { http-client { source-interface eth0 source-address 1.1.1.1 } } }
2020-07-15xml: T2651: provide general source-interface include fileChristian Poessinger
2020-07-12nat: T2699: rename interface includeChristian Poessinger
2020-07-11snmp: T2687: precalculate snmpv3 encrypted keysChristian Poessinger
As of now when adding new credentials for any SNMPv3 user we submit the credential either plaintext or encrypted. A plaintext credential will be hashed by SNMPd in the background and then passed back into the CLI so it's not stored in cleartext. This feels like the wrong way in changing the CLI content with data produced by a 3rd party daemon which implements the service. It feels like the tail wiggles the entire dog. This should be changed in the following way: - After retrieving the plaintext password from CLI, use Python to hash the key in advance - Re-populate the encrypted key into the CLI and drop the plaintext one - Generate service configuration and continue startup of SNMPd This also fixes a race condition when SNMPd started up but not properly provided the hasehd keys in the configuration resulting in a ConfigurationError. Now as we also support binding SNMPd to a VRF this fixes a deadlock situation on bootup as we can only bind late to the VRF and require up to 5 restarts of the service - but the service will never start.
2020-07-11snmp: T2687: enforce beginning and end of string match for regexChristian Poessinger
Match the full input string in regex validation. Previosly "sha123456" was allowed by the validator but we only support "sha".
2020-07-07ssh: T2691: bugfix loglevel config migrationChristian Poessinger
When migrating the conf from VyOS 1.2 to 1.3 a configuration error could appear if the user specified "info" as loglevel instead of "INFO". There was no input validation done in 1.2 but this is now enforced in 1.3. In VyOS 1.3 loglevel will be always lowercase on the CLI and when migrating the config this is transformed. Also VyOS 1.2 accpeted any arbitrary loglevel. If an invalid loglevel is found it will be set to info.
2020-07-05system display: T2564: Added test modelfmertz
* data/templates/system-display/LCDd.conf.tmpl * interface-definitions/system-display.xml.in May need to ba backed out, test code only for USB CrystalFontz CF533
2020-07-05system display: T2564: Changed "duration" to "time"fmertz
* data/templates/system-display/LCDd.conf.tmpl duration to time * interface-definitions/system-display.xml.in duration to time
2020-07-05system display: T2564: Replace "config (enabled|disabled)" with "display ↵fmertz
disabled" * interface-definitions/system-display.xml.in system disply disabled * src/conf_mode/system-display.py system display disabled
2020-07-05system display: T2564: Lowercase model namesfmertz
* data/templates/system-display/LCDd.conf.tmpl Lowercase sdec ezio * interface-definitions/system-display.xml.in Lowercase sdec ezio
2020-07-05system display: T2564 Extend VyOS to support appliance LCDsfmertz
Added support for system LCDs under CLI system display +data/templates/system-display/LCDd.conf.tmpl template for LCDd server configuration file +data/templates/system-display/lcdproc.conf.tmpl template for lcdproc client configuration file +interface-definitions/system-display.xml.in CLI for system display +src/conf_mode/system-display.py processing code for system display +src/systemd/lcdproc.service systemd service definition file for lcdproc client CLI: system display model (SDEC|EZIO) system display config (enabled|disabled) system display show host (cpu|cpu-all|cpu-hist|disk|load-hist|memory|proc|uptime) network interface <intName> alias <alias> units (bps|Bps|pps) clock (big|mini|date-time) title <name> system display duration <s> system display hello <string> system display bye <string>
2020-07-05Merge pull request #489 from DmitriyEshenko/fix-fnm-07042020Christian Poessinger
ids: T2659: Add priority after bgp for correct service starting
2020-07-05ids: T2659: Add priority after bgp for correct service startingDmitriyEshenko
2020-07-04vrf: T31: lower startup priority to 60Christian Poessinger
VRFs should be created as early as possible.
2020-07-04Merge pull request #487 from DmitriyEshenko/1x-impl-fnmDaniil Baturin
ids: T2659: Implement fastnetmon support
2020-07-01ifconfig: T2653: move pppoe interface to get_config_dict()Christian Poessinger
2020-06-29ids: T2659: Fastnetmon conf_modesever-sever
2020-06-27ifconfig: T2653: move wirelessmodem (WWAN) interface to get_config_dict()Christian Poessinger
2020-06-27xml: include: mtu: add default MTU 1500 bytesChristian Poessinger
2020-06-27pppoe: T1318: use MTU include fileChristian Poessinger
2020-06-27ifconfig: T2653: move macsec interface to get_config_dict()Christian Poessinger
2020-06-23ssh: T2635: migrate to get_config_dict()Christian Poessinger
Jinja template contains some workarounds like {% if port is string %}, this depends of the resolution of https://phabricator.vyos.net/T2636
2020-06-23Merge pull request #472 from thomas-mangin/T2633Christian Poessinger
tunnel: T2633: add support for ip (arp) commands